4113085a2e8626d44ece740fa982cc3dc96ff90b
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2013-05-15  Oliver Hunt  <oliver@apple.com>
2
3         RefCountedArray needs to use vector initialisers for its backing store
4         https://bugs.webkit.org/show_bug.cgi?id=116194
5
6         Reviewed by Gavin Barraclough.
7
8         Use an out of line function to clear the exception stack to avoid
9         needing to include otherwise unnecessary headers all over the place.
10
11         Everything else is just being updated to use that.
12
13         * bytecompiler/BytecodeGenerator.cpp:
14         * interpreter/CallFrame.h:
15         (JSC::ExecState::clearSupplementaryExceptionInfo):
16         * interpreter/Interpreter.cpp:
17         (JSC::Interpreter::addStackTraceIfNecessary):
18         (JSC::Interpreter::throwException):
19         * runtime/JSGlobalObject.cpp:
20         (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
21         * runtime/VM.cpp:
22         (JSC):
23         (JSC::VM::clearExceptionStack):
24         * runtime/VM.h:
25         (VM):
26         (JSC::VM::exceptionStack):
27
28 2013-05-15  Commit Queue  <commit-queue@webkit.org>
29
30         Unreviewed, rolling out r150051.
31         http://trac.webkit.org/changeset/150051
32         https://bugs.webkit.org/show_bug.cgi?id=116186
33
34         Broke all JSC tests on Mac and the author is unresponsive
35         (Requested by rniwa on #webkit).
36
37         * JavaScriptCore.xcodeproj/project.pbxproj:
38
39 2013-05-15  Julien Brianceau  <jbrianceau@nds.com>
40
41         Remove savedTimeoutReg from JITStackFrame for sh4 base JIT.
42         https://bugs.webkit.org/show_bug.cgi?id=116143
43
44         Reviewed by Geoffrey Garen.
45
46         Since r148119, timeoutCheckRegister is removed from baseline JIT.
47         So we don't need to save r8 register in JITStackFrame anymore for sh4.
48
49         * jit/JITStubs.cpp:
50         * jit/JITStubs.h:
51         (JITStackFrame):
52
53 2013-05-15  Nico Weber  <thakis@chromium.org>
54
55         WebKit doesn't support MSVS2003 any more, remove preprocessor checks for older versions.
56         https://bugs.webkit.org/show_bug.cgi?id=116157
57
58         Reviewed by Anders Carlsson.
59
60         Also remove a gcc3.2 workaround.
61
62         Merges parts of these two commits by the talented Nico Weber:
63         https://chromium.googlesource.com/chromium/blink/+/3677e2f47348daeff405a40b6f90fbdf0654c2f5
64         https://chromium.googlesource.com/chromium/blink/+/0fcd96c448dc30be1416dcc15713c53710c1a312
65
66         * os-win32/inttypes.h:
67
68 2013-05-13  Alvaro Lopez Ortega  <alvaro@alobbs.com>
69
70         Nightly build's jsc doesn't work without DYLD_FRAMEWORK...
71         https://bugs.webkit.org/show_bug.cgi?id=79065
72
73         Reviewed by Darin Adler.
74
75         Fixes the build process so the depencencies of the jsc binary are
76         modified before its copied to its target directory. In this way
77         jsc should always use relative reference to the JavaScriptCore
78         libraries.
79
80         * JavaScriptCore.xcodeproj/project.pbxproj: Fixes the commands in
81         the "Copy Into Framework" target.
82
83 2013-05-13  Mark Hahnenberg  <mhahnenberg@apple.com>
84
85         Objective-C API: scanExternalObjectGraph should not create new JSVirtualMachine wrappers
86         https://bugs.webkit.org/show_bug.cgi?id=116074
87
88         If scanExternalObjectGraph creates a new JSVirtualMachine wrapper during collection, when the 
89         scanExternalObjectGraph call finishes and the autorelease pool is drained we will dealloc the 
90         JSVirtualMachine which will cause us to try to take the API lock for the corresponding VM. 
91         If this happens on a GC thread other than the "main" thread, we will deadlock. The solution 
92         is to just check the VM cache, and if there is no JSVirtualMachine wrapper, return early.
93
94         Reviewed by Darin Adler.
95
96         * API/JSVirtualMachine.mm:
97         (scanExternalObjectGraph):
98
99 2013-05-13  Benjamin Poulain  <benjamin@webkit.org>
100
101         Improve stringProtoFuncLastIndexOf for the prefix case
102         https://bugs.webkit.org/show_bug.cgi?id=115952
103
104         Reviewed by Geoffrey Garen.
105
106         * runtime/StringPrototype.cpp:
107         (JSC::stringProtoFuncLastIndexOf):
108         Use the optimized string search when possible.
109
110         On Joseph Pecoraro's tests, this gives a ~30% speed improvement.
111
112 2013-05-13  Zalan Bujtas  <zalan@apple.com>
113
114         WebProcess consuming very high CPU on linkedin.com
115         https://bugs.webkit.org/show_bug.cgi?id=115601
116
117         Reviewed by Andreas Kling.
118
119         Disable WEB_TIMING_MINIMAL.
120         Turn off window.performance and performance.now(). Some JS frameworks expect
121         additional Web Timing APIs, when performance.now() is available.
122
123         * Configurations/FeatureDefines.xcconfig:
124
125 2013-05-12  Anders Carlsson  <andersca@apple.com>
126
127         Stop including UnusedParam.h
128         https://bugs.webkit.org/show_bug.cgi?id=116003
129
130         Reviewed by Sam Weinig.
131
132         UnusedParam.h is empty now so there's no need to include it anymore.
133
134         * API/APICast.h:
135         * API/tests/JSNode.c:
136         * API/tests/JSNodeList.c:
137         * API/tests/minidom.c:
138         * API/tests/testapi.c:
139         * assembler/AbstractMacroAssembler.h:
140         * assembler/MacroAssemblerCodeRef.h:
141         * bytecode/CodeBlock.cpp:
142         * heap/HandleStack.h:
143         * interpreter/JSStackInlines.h:
144         * jit/CompactJITCodeMap.h:
145         * jit/ExecutableAllocator.h:
146         * parser/SourceProvider.h:
147         * runtime/DatePrototype.cpp:
148         * runtime/JSNotAnObject.cpp:
149         * runtime/JSSegmentedVariableObject.h:
150         * runtime/JSVariableObject.h:
151         * runtime/Options.cpp:
152         * runtime/PropertyOffset.h:
153
154 2013-05-11  Martin Robinson  <mrobinson@igalia.com>
155
156         [GTK] Add a basic cmake build for WTF and JavaScriptCore
157         https://bugs.webkit.org/show_bug.cgi?id=115967
158
159         Reviewed by Laszlo Gombos.
160
161         * PlatformGTK.cmake: Added.
162         * shell/PlatformGTK.cmake: Added.
163
164 2013-05-10  Laszlo Gombos  <l.gombos@samsung.com>
165
166         Remove USE(OS_RANDOMNESS)
167         https://bugs.webkit.org/show_bug.cgi?id=108095
168
169         Reviewed by Darin Adler.
170
171         Remove the USE(OS_RANDOMNESS) guard as it is turned on for all
172         ports.
173
174         * jit/JIT.cpp:
175         (JSC::JIT::JIT):
176
177 2013-05-10  Mark Hahnenberg  <mhahnenberg@apple.com>
178
179         Rename StructureCheckHoistingPhase to TypeCheckHoistingPhase
180         https://bugs.webkit.org/show_bug.cgi?id=115938
181
182         We're going to add some more types of check hoisting soon, so let's have the right name here.
183
184         Rubber stamped by Filip Pizlo.
185         
186         * CMakeLists.txt:
187         * GNUmakefile.list.am:
188         * JavaScriptCore.xcodeproj/project.pbxproj:
189         * Target.pri:
190         * dfg/DFGDriver.cpp:
191         (JSC::DFG::compile):
192         * dfg/DFGStructureCheckHoistingPhase.cpp: Removed.
193         * dfg/DFGStructureCheckHoistingPhase.h: Removed.
194         * dfg/DFGTypeCheckHoistingPhase.cpp: Copied from Source/JavaScriptCore/dfg/DFGStructureCheckHoistingPhase.cpp.
195         (JSC::DFG::TypeCheckHoistingPhase::TypeCheckHoistingPhase):
196         (JSC::DFG::performTypeCheckHoisting):
197         * dfg/DFGTypeCheckHoistingPhase.h: Copied from Source/JavaScriptCore/dfg/DFGStructureCheckHoistingPhase.h.
198
199 2013-05-09  Christophe Dumez  <ch.dumez@sisa.samsung.com>
200
201         Unreviewed build fix after r149836.
202
203         It broke at least EFL and GTK builds. Move new static members initialization
204         outside the class. Those need to have a definition outside the class because
205         their address is used (e.g. CodeCacheMap::nonGlobalWorkingSetMaxEntries).
206
207         * runtime/CodeCache.cpp:
208         (JSC):
209         * runtime/CodeCache.h:
210         (CodeCacheMap):
211
212 2013-05-08  Oliver Hunt  <oliver@apple.com>
213
214         Code cache stores bogus var references for functions in eval code
215         https://bugs.webkit.org/show_bug.cgi?id=115747
216
217         Reviewed by Mark Hahnenberg.
218
219         Non-global eval now uses a per-CodeBlock cache, and only use it
220         when we're at the top of a function's scope.  This means that we
221         will no longer cache the parsing of a single string across
222         multiple functions, and we won't cache when we're nested inside
223         constructs like |with| and |catch| where previously we would, which
224         is good because caching in those cases is unsound.
225
226         * bytecode/EvalCodeCache.h:
227         (JSC):
228         (JSC::EvalCodeCache::getSlow):
229         (JSC::EvalCodeCache::get):
230         * bytecode/UnlinkedCodeBlock.h:
231         (JSC::UnlinkedCodeBlock::codeCacheForEval):
232         (UnlinkedCodeBlock):
233         (RareData):
234         * debugger/Debugger.cpp:
235         (JSC::evaluateInGlobalCallFrame):
236         * debugger/DebuggerCallFrame.cpp:
237         (JSC::DebuggerCallFrame::evaluate):
238         * interpreter/Interpreter.cpp:
239         (JSC::eval):
240         * runtime/CodeCache.cpp:
241         (JSC::CodeCache::CodeCache):
242         (JSC::CodeCache::generateBytecode):
243         (JSC):
244         (JSC::CodeCache::getCodeBlock):
245         * runtime/CodeCache.h:
246         (JSC::CodeCacheMap::CodeCacheMap):
247         (CodeCacheMap):
248         (JSC::CodeCacheMap::canPruneQuickly):
249         (JSC::CodeCacheMap::prune):
250         (JSC::CodeCache::create):
251         (CodeCache):
252         * runtime/Executable.cpp:
253         (JSC::EvalExecutable::EvalExecutable):
254         (JSC::EvalExecutable::compileInternal):
255         * runtime/Executable.h:
256         (JSC::EvalExecutable::create):
257         (EvalExecutable):
258         * runtime/JSGlobalObject.cpp:
259         (JSC::JSGlobalObject::createEvalCodeBlock):
260         * runtime/JSGlobalObject.h:
261         (JSGlobalObject):
262         * runtime/JSGlobalObjectFunctions.cpp:
263         (JSC::globalFuncEval):
264         * runtime/VM.cpp:
265         (JSC::VM::VM):
266         * runtime/VM.h:
267         (VM):
268
269 2013-05-08  Mark Hahnenberg  <mhahnenberg@apple.com>
270
271         DFGArrayMode::fromObserved is too liberal when it sees different Array and NonArray shapes
272         https://bugs.webkit.org/show_bug.cgi?id=115805
273
274         Reviewed by Geoffrey Garen.
275
276         It checks the observed ArrayModes to see if we have seen any ArrayWith* first. If so, it assumes it's 
277         an Array::Array, even if we've also observed any NonArrayWith* in the ArrayProfile. This leads to the 
278         code generated by jumpSlowForUnwantedArrayMode to check the indexing type against (shape | IsArray) 
279         instead of just shape, which can cause us to exit a lot in the case that we saw a NonArray.
280
281         To fix this we need to add a case that checks for both ArrayWith* and NonArrayWith* cases first, which 
282         should then use Array::PossiblyArray, then do the checks we were already doing.
283
284         * bytecode/ArrayProfile.h:
285         (JSC::hasSeenArray):
286         (JSC::hasSeenNonArray):
287         * dfg/DFGArrayMode.cpp:
288         (JSC::DFG::ArrayMode::fromObserved):
289
290 2013-05-09  Joe Mason  <jmason@blackberry.com>
291
292         [BlackBerry] Set up logging buffer on start of jsc executable
293         https://bugs.webkit.org/show_bug.cgi?id=114688
294
295         Reviewed by Rob Buis.
296
297         Internal PR: 322715
298         Internally Reviewed By: Jeff Rogers
299
300         * jsc.cpp:
301         (main): call BB::Platform::setupApplicationLogging
302
303 2013-05-08  Michael Saboff  <msaboff@apple.com>
304
305         JSC: There should be a disassembler for ARM Thumb 2
306         https://bugs.webkit.org/show_bug.cgi?id=115827
307
308         Reviewed by Filip Pizlo.
309
310         Added a new disassembler for ARMv7 Thumb2 instructions for use by the JSC debugging
311         and profiling code.  The opcode coverage is currently not complete.  It covers all
312         of the integer instructions JSC currently emits, but only a limited number of
313         floating point opcodes.  Currently that is just the 64 bit vmov and vmsr instructions.
314
315         The disassembler is structured as a base opcode class ARMv7DOpcode with sub-classes
316         for each instruction group.  There is a public format method that does the bulk of
317         the disassembly work.  There are two broad sub-classes, ARMv7D16BitOpcode and
318         ARMv7D32BitOpcode, for the 16 bit and 32 bit opcodes.  There are sub-classes under
319         those two classes for individual and related groups of opcodes.  Instructions are
320         "dispatched" to the right subclass via two arrays of linked lists in the inner classes
321         OpcodeGroup.  There is one such inner class for each ARMv7D16BitOpcode and ARMv7D32BitOpcode.
322         Each OpcodeGroup has a mask and a pattern that it applies to the instruction to determine
323         that it matches a particular group.  OpcodeGroup uses a static method to reinterpret_cast
324         the Opcode object to the right base class for the instruction group for formatting.
325         The cast eliminates the need of allocating an object for each decoded instruction.
326         Unknown instructions are formatted as ".word 1234" or ".long 12345678" depending whether
327         the instruction is 16 or 32 bit.
328
329         * JavaScriptCore.xcodeproj/project.pbxproj:
330         * disassembler/ARMv7: Added.
331         * disassembler/ARMv7/ARMv7DOpcode.cpp: Added.
332         (ARMv7Disassembler):
333         (OpcodeGroupInitializer):
334         (JSC::ARMv7Disassembler::ARMv7DOpcode::init):
335         (JSC::ARMv7Disassembler::ARMv7DOpcode::startITBlock):
336         (JSC::ARMv7Disassembler::ARMv7DOpcode::saveITConditionAt):
337         (JSC::ARMv7Disassembler::ARMv7DOpcode::fetchOpcode):
338         (JSC::ARMv7Disassembler::ARMv7DOpcode::disassemble):
339         (JSC::ARMv7Disassembler::ARMv7DOpcode::bufferPrintf):
340         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendInstructionName):
341         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendRegisterName):
342         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendRegisterList):
343         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendFPRegisterName):
344         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::init):
345         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::doDisassemble):
346         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::defaultFormat):
347         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddRegisterT2::format):
348         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSPPlusImmediate::format):
349         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::format):
350         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::format):
351         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::format):
352         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchConditionalT1::format):
353         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchExchangeT1::format):
354         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchT2::format):
355         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareImmediateT1::format):
356         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT1::format):
357         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT2::format):
358         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::format):
359         (JSC::ARMv7Disassembler::ARMv7DOpcodeGeneratePCRelativeAddress::format):
360         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadFromLiteralPool::format):
361         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::format):
362         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::format):
363         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::format):
364         (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::format):
365         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::format):
366         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscBreakpointT1::format):
367         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscByteHalfwordOps::format):
368         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::format):
369         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscHint16::format):
370         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscIfThenT1::format):
371         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::format):
372         (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveImmediateT1::format):
373         (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveRegisterT1::format):
374         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::init):
375         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::doDisassemble):
376         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::defaultFormat):
377         (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::format):
378         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::format):
379         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::appendModifiedImmediate):
380         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::format):
381         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::appendImmShift):
382         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::format):
383         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::format):
384         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::appendFPRegister):
385         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegShift::format):
386         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::format):
387         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegParallel::format):
388         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegMisc::format):
389         (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::format):
390         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadRegister::format):
391         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::format):
392         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadUnsignedImmediate::format):
393         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::format):
394         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::format):
395         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataPushPopSingle::format):
396         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate12::format):
397         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::format):
398         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleRegister::format):
399         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::format):
400         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::format):
401         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMSR::format):
402         * disassembler/ARMv7/ARMv7DOpcode.h: Added.
403         (ARMv7Disassembler):
404         (ARMv7DOpcode):
405         (JSC::ARMv7Disassembler::ARMv7DOpcode::ARMv7DOpcode):
406         (JSC::ARMv7Disassembler::ARMv7DOpcode::is32BitInstruction):
407         (JSC::ARMv7Disassembler::ARMv7DOpcode::isFPInstruction):
408         (JSC::ARMv7Disassembler::ARMv7DOpcode::conditionName):
409         (JSC::ARMv7Disassembler::ARMv7DOpcode::shiftName):
410         (JSC::ARMv7Disassembler::ARMv7DOpcode::inITBlock):
411         (JSC::ARMv7Disassembler::ARMv7DOpcode::startingITBlock):
412         (JSC::ARMv7Disassembler::ARMv7DOpcode::endITBlock):
413         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendInstructionNameNoITBlock):
414         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendSeparator):
415         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendCharacter):
416         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendString):
417         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendShiftType):
418         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendSignedImmediate):
419         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendUnsignedImmediate):
420         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendPCRelativeOffset):
421         (JSC::ARMv7Disassembler::ARMv7DOpcode::appendShiftAmount):
422         (ARMv7D16BitOpcode):
423         (OpcodeGroup):
424         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::OpcodeGroup):
425         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::setNext):
426         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::next):
427         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::matches):
428         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::format):
429         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::rm):
430         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::rd):
431         (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::opcodeGroupNumber):
432         (ARMv7DOpcodeAddRegisterT2):
433         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddRegisterT2::rdn):
434         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddRegisterT2::rm):
435         (ARMv7DOpcodeAddSPPlusImmediate):
436         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSPPlusImmediate::rd):
437         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSPPlusImmediate::immediate8):
438         (ARMv7DOpcodeAddSubtract):
439         (ARMv7DOpcodeAddSubtractT1):
440         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::opName):
441         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::op):
442         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::rm):
443         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::rn):
444         (ARMv7DOpcodeAddSubtractImmediate3):
445         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::opName):
446         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::op):
447         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::immediate3):
448         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::rn):
449         (ARMv7DOpcodeAddSubtractImmediate8):
450         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::opName):
451         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::op):
452         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::rdn):
453         (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::immediate8):
454         (ARMv7DOpcodeBranchConditionalT1):
455         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchConditionalT1::condition):
456         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchConditionalT1::offset):
457         (ARMv7DOpcodeBranchExchangeT1):
458         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchExchangeT1::opName):
459         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchExchangeT1::rm):
460         (ARMv7DOpcodeBranchT2):
461         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchT2::immediate11):
462         (ARMv7DOpcodeCompareImmediateT1):
463         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareImmediateT1::rn):
464         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareImmediateT1::immediate8):
465         (ARMv7DOpcodeCompareRegisterT1):
466         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT1::rn):
467         (ARMv7DOpcodeCompareRegisterT2):
468         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT2::rn):
469         (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT2::rm):
470         (ARMv7DOpcodeDataProcessingRegisterT1):
471         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::opName):
472         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::op):
473         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::rm):
474         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::rdn):
475         (ARMv7DOpcodeGeneratePCRelativeAddress):
476         (JSC::ARMv7Disassembler::ARMv7DOpcodeGeneratePCRelativeAddress::rd):
477         (JSC::ARMv7Disassembler::ARMv7DOpcodeGeneratePCRelativeAddress::immediate8):
478         (ARMv7DOpcodeLoadFromLiteralPool):
479         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadFromLiteralPool::rt):
480         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadFromLiteralPool::immediate8):
481         (ARMv7DOpcodeLoadStoreRegisterImmediate):
482         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::opName):
483         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::op):
484         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::immediate5):
485         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::rn):
486         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::rt):
487         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::scale):
488         (ARMv7DOpcodeLoadStoreRegisterImmediateWordAndByte):
489         (ARMv7DOpcodeLoadStoreRegisterImmediateHalfWord):
490         (ARMv7DOpcodeLoadStoreRegisterOffsetT1):
491         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::opName):
492         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::opB):
493         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::rm):
494         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::rn):
495         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::rt):
496         (ARMv7DOpcodeLoadStoreRegisterSPRelative):
497         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::opName):
498         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::op):
499         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::rt):
500         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::immediate8):
501         (ARMv7DOpcodeLogicalImmediateT1):
502         (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::opName):
503         (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::op):
504         (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::immediate5):
505         (ARMv7DOpcodeMiscAddSubSP):
506         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::opName):
507         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::op):
508         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::immediate7):
509         (ARMv7DOpcodeMiscByteHalfwordOps):
510         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscByteHalfwordOps::opName):
511         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscByteHalfwordOps::op):
512         (ARMv7DOpcodeMiscBreakpointT1):
513         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscBreakpointT1::immediate8):
514         (ARMv7DOpcodeMiscCompareAndBranch):
515         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::opName):
516         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::op):
517         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::immediate6):
518         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::rn):
519         (ARMv7DOpcodeMiscHint16):
520         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscHint16::opName):
521         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscHint16::opA):
522         (ARMv7DOpcodeMiscIfThenT1):
523         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscIfThenT1::firstCondition):
524         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscIfThenT1::mask):
525         (ARMv7DOpcodeMiscPushPop):
526         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::opName):
527         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::op):
528         (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::registerMask):
529         (ARMv7DOpcodeMoveImmediateT1):
530         (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveImmediateT1::rd):
531         (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveImmediateT1::immediate8):
532         (ARMv7DOpcodeMoveRegisterT1):
533         (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveRegisterT1::rd):
534         (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveRegisterT1::rm):
535         (ARMv7D32BitOpcode):
536         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::OpcodeGroup):
537         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::setNext):
538         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::next):
539         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::matches):
540         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::format):
541         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rd):
542         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rm):
543         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rn):
544         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rt):
545         (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::opcodeGroupNumber):
546         (ARMv7DOpcodeBranchRelative):
547         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::sBit):
548         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::j1):
549         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::j2):
550         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::immediate11):
551         (ARMv7DOpcodeConditionalBranchT3):
552         (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::offset):
553         (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::condition):
554         (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::immediate6):
555         (ARMv7DOpcodeBranchOrBranchLink):
556         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::offset):
557         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::immediate10):
558         (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::isBL):
559         (ARMv7DOpcodeDataProcessingLogicalAndRithmetic):
560         (ARMv7DOpcodeDataProcessingModifiedImmediate):
561         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::opName):
562         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::op):
563         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::sBit):
564         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::immediate12):
565         (ARMv7DOpcodeDataProcessingShiftedReg):
566         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::opName):
567         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::sBit):
568         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::op):
569         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::immediate5):
570         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::type):
571         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::tbBit):
572         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::tBit):
573         (ARMv7DOpcodeDataProcessingReg):
574         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingReg::op1):
575         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingReg::op2):
576         (ARMv7DOpcodeDataProcessingRegShift):
577         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegShift::opName):
578         (ARMv7DOpcodeDataProcessingRegExtend):
579         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::opExtendName):
580         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::opExtendAndAddName):
581         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::rotate):
582         (ARMv7DOpcodeDataProcessingRegParallel):
583         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegParallel::opName):
584         (ARMv7DOpcodeDataProcessingRegMisc):
585         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegMisc::opName):
586         (ARMv7DOpcodeHint32):
587         (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::opName):
588         (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::isDebugHint):
589         (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::debugOption):
590         (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::op):
591         (ARMv7DOpcodeFPTransfer):
592         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opH):
593         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opL):
594         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::rt):
595         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opC):
596         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opB):
597         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::vd):
598         (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::vn):
599         (ARMv7DOpcodeDataLoad):
600         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataLoad::opName):
601         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataLoad::op):
602         (ARMv7DOpcodeLoadRegister):
603         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadRegister::immediate2):
604         (ARMv7DOpcodeLoadSignedImmediate):
605         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::pBit):
606         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::uBit):
607         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::wBit):
608         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::immediate8):
609         (ARMv7DOpcodeLoadUnsignedImmediate):
610         (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadUnsignedImmediate::immediate12):
611         (ARMv7DOpcodeLongMultipleDivide):
612         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::opName):
613         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::smlalOpName):
614         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::smlaldOpName):
615         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::smlsldOpName):
616         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::rdLo):
617         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::rdHi):
618         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::op1):
619         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::op2):
620         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::nBit):
621         (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::mBit):
622         (ARMv7DOpcodeDataPushPopSingle):
623         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataPushPopSingle::opName):
624         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataPushPopSingle::op):
625         (ARMv7DOpcodeDataStoreSingle):
626         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataStoreSingle::opName):
627         (JSC::ARMv7Disassembler::ARMv7DOpcodeDataStoreSingle::op):
628         (ARMv7DOpcodeStoreSingleImmediate12):
629         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate12::immediate12):
630         (ARMv7DOpcodeStoreSingleImmediate8):
631         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::pBit):
632         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::uBit):
633         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::wBit):
634         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::immediate8):
635         (ARMv7DOpcodeStoreSingleRegister):
636         (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleRegister::immediate2):
637         (ARMv7DOpcodeUnmodifiedImmediate):
638         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::opName):
639         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::op):
640         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::shBit):
641         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::bitNumOrSatImmediate):
642         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::immediate5):
643         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::immediate12):
644         (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::immediate16):
645         (ARMv7DOpcodeVMOVDoublePrecision):
646         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::op):
647         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::rt2):
648         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::rt):
649         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::vm):
650         (ARMv7DOpcodeVMOVSinglePrecision):
651         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::op):
652         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::rt2):
653         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::rt):
654         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::vm):
655         (ARMv7DOpcodeVMSR):
656         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMSR::opL):
657         (JSC::ARMv7Disassembler::ARMv7DOpcodeVMSR::rt):
658         * disassembler/ARMv7Disassembler.cpp: Added.
659         (JSC::tryToDisassemble):
660
661 2013-05-07  Julien Brianceau  <jbrianceau@nds.com>
662
663         Take advantage of pre-decrement and post-increment opcodes for sh4 base JIT.
664         https://bugs.webkit.org/show_bug.cgi?id=115722
665
666         Reviewed by Oliver Hunt.
667
668         * assembler/MacroAssemblerSH4.h:
669         (JSC::MacroAssemblerSH4::load8PostInc):
670         (MacroAssemblerSH4):
671         (JSC::MacroAssemblerSH4::load16Unaligned):
672         (JSC::MacroAssemblerSH4::load16PostInc):
673         (JSC::MacroAssemblerSH4::storeDouble):
674         (JSC::MacroAssemblerSH4::load32WithUnalignedHalfWords):
675         * assembler/SH4Assembler.h:
676         (JSC::SH4Assembler::movwMemRegIn):
677         (SH4Assembler):
678         (JSC::SH4Assembler::movbMemRegIn):
679         (JSC::SH4Assembler::printInstr):
680
681 2013-05-07  Anders Carlsson  <andersca@apple.com>
682
683         Remove AlwaysInline.h from WTF
684         https://bugs.webkit.org/show_bug.cgi?id=115727
685
686         Reviewed by Brent Fulgham.
687
688         The macro that used to be in AlwaysInline.h is now in Compiler.h so there's no reason
689         to keep AlwaysInline.h around anymore.
690
691         * jit/JSInterfaceJIT.h:
692         * parser/Lexer.h:
693         * runtime/JSCJSValue.h:
694         * runtime/SymbolTable.h:
695
696 2013-05-07  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>
697
698         HashTraits<RefPtr<P> >::PeekType should be raw pointer for better performance
699         https://bugs.webkit.org/show_bug.cgi?id=115646
700
701         Reviewed by Darin Adler.
702
703         * bytecompiler/StaticPropertyAnalyzer.h:
704         (JSC::StaticPropertyAnalyzer::putById):
705             Updated accordingly to new HashMap<.., RefPtr>::get() semantics.
706
707 2013-05-06  Julien Brianceau  <jbrianceau@nds.com>
708
709         Misc bugfix and cleaning in sh4 base JIT.
710         https://bugs.webkit.org/show_bug.cgi?id=115627
711
712         Reviewed by Oliver Hunt.
713
714         Get rid of loadX(RegisterID r0, RegisterID src, RegisterID dest) functions.
715         Remove misplaced extuw() implementation from MacroAssemblerSH4.
716         Add movbRegMemr0 and movwRegMemr0 functions in SH4Assembler.
717
718         * assembler/MacroAssemblerSH4.h:
719         (JSC::MacroAssemblerSH4::add32): Skip operation when first operand is a zero immediate.
720         (JSC::MacroAssemblerSH4::sub32): Skip operation when first operand is a zero immediate.
721         (JSC::MacroAssemblerSH4::load32): Fix wrong usage of r0 register.
722         (JSC::MacroAssemblerSH4::load8Signed): Handle "base == r0" case.
723         (MacroAssemblerSH4):
724         (JSC::MacroAssemblerSH4::load16): Handle "base == r0" case.
725         (JSC::MacroAssemblerSH4::load16Unaligned): Use extuw() implementation from SH4Assembler.
726         (JSC::MacroAssemblerSH4::load16Signed): Cosmetic change.
727         (JSC::MacroAssemblerSH4::store8): Fix unhandled BaseIndex offset and handle (base == r0) case.
728         (JSC::MacroAssemblerSH4::store16): Fix unhandled BaseIndex offset and handle (base == r0) case.
729         (JSC::MacroAssemblerSH4::store32):
730         * assembler/SH4Assembler.h:
731         (JSC::SH4Assembler::movwRegMemr0):
732         (SH4Assembler):
733         (JSC::SH4Assembler::movbRegMemr0):
734         (JSC::SH4Assembler::placeConstantPoolBarrier): Cosmetic change.
735         (JSC::SH4Assembler::maxJumpReplacementSize):
736         (JSC::SH4Assembler::replaceWithJump): Correct branch range and save an opcode.
737         (JSC::SH4Assembler::printInstr):
738
739 2013-05-06  Anders Carlsson  <andersca@apple.com>
740
741         Stop using WTF::deleteAllValues in JavaScriptCore
742         https://bugs.webkit.org/show_bug.cgi?id=115670
743
744         Reviewed by Oliver Hunt.
745
746         Change the Vectors used to Vectors of OwnPtrs instead.
747
748         * heap/DFGCodeBlocks.cpp:
749         (JSC::DFGCodeBlocks::~DFGCodeBlocks):
750         (JSC::DFGCodeBlocks::deleteUnmarkedJettisonedCodeBlocks):
751
752 2013-05-06  Andras Becsi  <andras.becsi@digia.com>
753
754         Build with GCC 4.8 fails because of -Wmaybe-uninitialized
755         https://bugs.webkit.org/show_bug.cgi?id=115648
756
757         Reviewed by Michael Saboff.
758
759         Initialize values in Options::setOption since from
760         there we end up calling OptionRange::init with
761         uninitialized members.
762
763         * runtime/Options.cpp:
764
765 2013-05-06  Gabor Rapcsanyi  <rgabor@webkit.org>
766
767         JSC ARM traditional failing on Octane NavierStokes test
768         https://bugs.webkit.org/show_bug.cgi?id=115626
769
770         Reviewed by Zoltan Herczeg.
771
772         Change the ARM traditional assembler to use double precision on value
773         conversions.
774
775         * assembler/ARMAssembler.h:
776
777 2013-05-03  Michael Saboff  <msaboff@apple.com>
778
779         There should be a runtime option to constrain what functions get DFG compiled
780         https://bugs.webkit.org/show_bug.cgi?id=115576
781
782         Reviewed by Mark Hahnenberg.
783
784         Added OptionRange to Options to allow checking that something is within an option
785         or not.  The new OptionClass supports range strings in the form of [!]<low>[:<high>].
786         If only one value is given, then it will be used for both low and high.  A leading
787         '!' inverts the check.  If no range is given, then checking for a value within a range
788         will always return true.  Added the option "bytecodeRangeToDFGCompile" that takes an
789         OptionRange string to select the bytecode range of code blocks to DFG compile.
790
791         * dfg/DFGDriver.cpp:
792         (JSC::DFG::compile): Added new check for bytecode count within bytecodeRangeToDFGCompile
793         range.
794         * runtime/Options.cpp:
795         (JSC::parse): Added overloaded parse() for OptionRange.
796         (JSC::OptionRange::init): Parse range string and then initialize the range.
797         (JSC::OptionRange::isInRange): Function used by consumer to check if a value is within
798         the specified range.
799         (JSC::Options::dumpOption): Added code to dump OptionRange options.
800         * runtime/Options.h:
801         (OptionRange): New class.
802         (JSC::OptionRange::operator= ): This is really used as a default ctor for use within
803         the Option static array initialization.
804         (JSC::OptionRange::rangeString): This is used for debug.  It assumes that the char*
805         passed into OptionRange::init is valid when this function is called.
806
807 2013-05-02  Oliver Hunt  <oliver@apple.com>
808
809         Fix potential bug in lookup logic
810         https://bugs.webkit.org/show_bug.cgi?id=115522
811
812         Reviewed by Mark Hahnenberg.
813
814         Though not a problem in practise, it is technically possible
815         to inject an un-proxied global object into the scope chain
816         via the C API.  This change makes sure that the scope walk
817         in BytecodeGenerator actually limits itself to scopes that
818         are statically bindable.
819
820         * bytecompiler/BytecodeGenerator.cpp:
821         (JSC::BytecodeGenerator::resolve):
822         * runtime/JSObject.h:
823         (JSObject):
824         (JSC):
825         (JSC::JSObject::isStaticScopeObject):
826
827 2013-05-01  Roger Fong  <roger_fong@apple.com>
828
829         Set Path in makefile for AppleWin.
830
831         * JavaScriptCore.vcxproj/JavaScriptCore.make:
832
833 2013-05-01  Benjamin Poulain  <benjamin@webkit.org>
834
835         Remove the remaining wscript
836         https://bugs.webkit.org/show_bug.cgi?id=115459
837
838         Reviewed by Andreas Kling.
839
840         * wscript: Removed.
841
842 2013-04-30  Mark Lam  <mark.lam@apple.com>
843
844         JSContextGroupSetExecutionTimeLimit() should not pass a callback to the
845         VM watchdog if its client did not pass one in.
846         https://bugs.webkit.org/show_bug.cgi?id=115461.
847
848         Reviewed by Geoffrey Garen.
849
850         * API/JSContextRef.cpp:
851         (internalScriptTimeoutCallback):
852         (JSContextGroupSetExecutionTimeLimit):
853         * API/tests/testapi.c:
854         (main):
855         - Added test case when the time limit callback is 0.
856         - Also updated a check to verify that a TerminatedExecutionException is
857           thrown when the time out is cancelled.
858         - Also fixed some cosmetic typos.
859
860 2013-04-30  Geoffrey Garen  <ggaren@apple.com>
861
862         Removed op_ensure_property_exists
863         https://bugs.webkit.org/show_bug.cgi?id=115460
864
865         Reviewed by Mark Hahnenberg.
866
867         It was unused, and whatever it was once used for was not optimized.
868
869         * JavaScriptCore.order:
870         * bytecode/CodeBlock.cpp:
871         (JSC::CodeBlock::dumpBytecode):
872         * bytecode/Opcode.h:
873         (JSC::padOpcodeName):
874         * jit/JIT.cpp:
875         (JSC::JIT::privateCompileMainPass):
876         * jit/JIT.h:
877         * jit/JITOpcodes.cpp:
878         * jit/JITOpcodes32_64.cpp:
879         * jit/JITStubs.cpp:
880         * jit/JITStubs.h:
881         * llint/LLIntSlowPaths.cpp:
882         * llint/LLIntSlowPaths.h:
883         * llint/LowLevelInterpreter.asm:
884
885 2013-04-30  Oliver Hunt  <oliver@apple.com>
886
887         JSC Stack walking logic craches in the face of inlined functions triggering VM re-entry
888         https://bugs.webkit.org/show_bug.cgi?id=115449
889
890         Reviewed by Geoffrey Garen.
891
892         Rename callframeishost to something that makes sense, and fix
893         getCallerInfo to correctly handle inline functions calling into
894         the VM.
895
896         * bytecode/CodeBlock.cpp:
897         (JSC::CodeBlock::codeOriginForReturn):
898           Make this more robust in the face of incorrect stack walking
899         * interpreter/CallFrame.cpp:
900         (JSC::CallFrame::trueCallerFrame):
901           Everyone has to perform a codeblock() check before calling this
902           so we might as well just do it here.
903         * interpreter/Interpreter.cpp:
904         (JSC::getCallerInfo):
905
906 2013-04-30  Julien Brianceau  <jbrianceau@nds.com>
907
908         Bug fixing in sh4 base JIT and LLINT.
909         https://bugs.webkit.org/show_bug.cgi?id=115420
910
911         Reviewed by Oliver Hunt.
912
913         * assembler/MacroAssemblerSH4.h:
914         (JSC::MacroAssemblerSH4::lshift32):
915         (JSC::MacroAssemblerSH4::rshift32):
916         (JSC::MacroAssemblerSH4::branchMul32):
917         (JSC::MacroAssemblerSH4::urshift32):
918         (JSC::MacroAssemblerSH4::replaceWithJump):
919         (JSC::MacroAssemblerSH4::maxJumpReplacementSize):
920         * assembler/SH4Assembler.h:
921         (JSC::SH4Assembler::shldRegReg):
922         (JSC::SH4Assembler::shadRegReg):
923         (JSC::SH4Assembler::shalImm8r):
924         (SH4Assembler):
925         (JSC::SH4Assembler::sharImm8r):
926         (JSC::SH4Assembler::maxJumpReplacementSize):
927         (JSC::SH4Assembler::replaceWithJump):
928         * offlineasm/sh4.rb:
929
930 2013-04-30  Geoffrey Garen  <ggaren@apple.com>
931
932         Objective-C JavaScriptCore API should publicly support bridging to C
933         https://bugs.webkit.org/show_bug.cgi?id=115447
934
935         Reviewed by Mark Hahnenberg.
936
937         For consistency, I renamed
938
939             +[JSValue valueWithValue:] => +[JSValue valueWithJSValueRef]
940             +[JSContext contextWithGlobalContextRef] => +[JSContext contextWithJSGlobalContextRef]
941             -[JSContext globalContext] => -[JSContext JSGlobalContextRef]
942
943         I searched svn to verify that these functions don't have clients yet,
944         so we won't break anything.
945
946         I also exported as public API
947
948             +[JSValue valueWithJSValueRef:]
949             +[JSContext contextWithJSGlobalContextRef:]
950
951         It's hard to integrate with the C API without these.
952
953 2013-04-30  Commit Queue  <rniwa@webkit.org>
954
955         Unreviewed, rolling out r149349 and r149354.
956         http://trac.webkit.org/changeset/149349
957         http://trac.webkit.org/changeset/149354
958         https://bugs.webkit.org/show_bug.cgi?id=115444
959
960          The Thumb version of compileSoftModulo make invalid use of
961         registers (Requested by benjaminp on #webkit).
962
963         * CMakeLists.txt:
964         * GNUmakefile.list.am:
965         * JavaScriptCore.xcodeproj/project.pbxproj:
966         * assembler/ARMv7Assembler.h:
967         (ARMv7Assembler):
968         * assembler/AbstractMacroAssembler.h:
969         (JSC::isARMv7s):
970         (JSC):
971         * assembler/MacroAssemblerARMv7.cpp: Removed.
972         * assembler/MacroAssemblerARMv7.h:
973         (MacroAssemblerARMv7):
974         * dfg/DFGFixupPhase.cpp:
975         (JSC::DFG::FixupPhase::fixupNode):
976         * dfg/DFGOperations.cpp:
977         * dfg/DFGOperations.h:
978         * dfg/DFGSpeculativeJIT.cpp:
979         (JSC::DFG::SpeculativeJIT::compileSoftModulo):
980         (DFG):
981         (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForARMv7s):
982         * dfg/DFGSpeculativeJIT.h:
983         (JSC::DFG::SpeculativeJIT::callOperation):
984         (SpeculativeJIT):
985         * dfg/DFGSpeculativeJIT32_64.cpp:
986         (JSC::DFG::SpeculativeJIT::compile):
987
988 2013-04-30  Zalan Bujtas  <zalan@apple.com>
989
990         Animations fail to start on http://www.google.com/insidesearch/howsearchworks/thestory/
991         https://bugs.webkit.org/show_bug.cgi?id=111244
992
993         Reviewed by David Kilzer.
994         
995         Enable performance.now() as a minimal subset of Web Timing API. 
996         It returns DOMHighResTimeStamp, a monotonically increasing value representing the 
997         number of milliseconds from the start of the navigation of the current document.
998         JS libraries use this API to check against the requestAnimationFrame() timestamp.
999
1000         * Configurations/FeatureDefines.xcconfig:
1001
1002 2013-04-30  Zoltan Arvai  <zarvai@inf.u-szeged.hu>
1003
1004         Unreviewed. Speculative build fix on Qt Arm and Mips after r149349.
1005
1006         * dfg/DFGSpeculativeJIT.cpp:
1007         (JSC::DFG::SpeculativeJIT::compileSoftModulo):
1008
1009 2013-04-29  Cosmin Truta  <ctruta@blackberry.com>
1010
1011         [ARM] Expand the use of integer division
1012         https://bugs.webkit.org/show_bug.cgi?id=115138
1013
1014         Reviewed by Benjamin Poulain.
1015
1016         If availability of hardware integer division isn't known at compile
1017         time, check the CPU flags and decide at runtime whether to fall back
1018         to software. Currently, this OS-specific check is implemented on QNX.
1019
1020         Moreover, use operator % instead of fmod() in the calculation of the
1021         software modulo. Even when it's software-emulated, operator % is faster
1022         than fmod(): on ARM v7 QNX, without hardware division, we noticed
1023         >3% speedup on SunSpider.
1024
1025         * CMakeLists.txt:
1026         * GNUmakefile.list.am:
1027         * JavaScriptCore.xcodeproj/project.pbxproj:
1028         * assembler/ARMv7Assembler.h:
1029         (JSC::ARMv7Assembler::sdiv): Did not compile conditionally.
1030         (JSC::ARMv7Assembler::udiv): Ditto.
1031         * assembler/AbstractMacroAssembler.h:
1032         (JSC::isARMv7s): Removed.
1033         * assembler/MacroAssemblerARMv7.cpp: Added.
1034         (JSC::isIntegerDivSupported): Added.
1035         * assembler/MacroAssemblerARMv7.h:
1036         (JSC::MacroAssemblerARMv7::supportsIntegerDiv): Added.
1037         * dfg/DFGFixupPhase.cpp:
1038         (JSC::DFG::FixupPhase::fixupNode): Checked MacroAssembler::supportsIntegerDiv() in ArithDiv case.
1039         * dfg/DFGOperations.cpp:
1040         (JSC::DFG::operationModOnInts): Added.
1041         * dfg/DFGOperations.h:
1042         (JSC::DFG::Z_DFGOperation_ZZ): Added.
1043         * dfg/DFGSpeculativeJIT.cpp:
1044         (JSC::DFG::SpeculativeJIT::compileSoftModulo): Separated the X86-specific and ARM-specific codegen
1045         from the common implementation; used operationModOnInts on ARM.
1046         (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForARM): Renamed from compileIntegerArithDivForARMv7.
1047         (JSC::DFG::SpeculativeJIT::compileArithMod): Allowed run-time detection of integer div on ARM.
1048         * dfg/DFGSpeculativeJIT.h:
1049         (JSC::DFG::SpeculativeJIT::callOperation): Added overloads with Z_DFGOperation_ZZ arguments.
1050         * dfg/DFGSpeculativeJIT32_64.cpp:
1051         (JSC::DFG::SpeculativeJIT::compile): Used compileIntegerArithDivForARM.
1052
1053 2013-04-29  Benjamin Poulain  <benjamin@webkit.org>
1054
1055         Unify the data access of StringImpl members from JavaScriptCore
1056         https://bugs.webkit.org/show_bug.cgi?id=115320
1057
1058         Reviewed by Andreas Kling.
1059
1060         DFG accesses the member infos by directly calling the methods on StringImpl,
1061         while the baseline JIT was using helper methods on ThunkHelpers.
1062
1063         Cut the middle man, and use StringImpl directly everywhere.
1064
1065         * jit/JITInlines.h:
1066         (JSC::JIT::emitLoadCharacterString):
1067         * jit/JITPropertyAccess.cpp:
1068         (JSC::JIT::stringGetByValStubGenerator):
1069         * jit/JITPropertyAccess32_64.cpp:
1070         (JSC::JIT::stringGetByValStubGenerator):
1071         * jit/JSInterfaceJIT.h:
1072         * jit/ThunkGenerators.cpp:
1073         (JSC::stringCharLoad):
1074
1075 2013-04-29  Benjamin Poulain  <bpoulain@apple.com>
1076
1077         Use push and pop for iOS math function thunks
1078         https://bugs.webkit.org/show_bug.cgi?id=115215
1079
1080         Reviewed by Filip Pizlo.
1081
1082         The iOS ABI is a little different than regular ARM ABI regarding stack alignment.
1083         The requirement is 4 bytes:
1084         "The ARM environment uses a stack that—at the point of function calls—is 4-byte aligned,
1085          grows downward, and contains local variables and a function’s parameters."
1086
1087         Subsequently, we can just use push and pop to preserve the link register.
1088
1089         * jit/ThunkGenerators.cpp:
1090
1091 2013-04-29  Brent Fulgham  <bfulgham@webkit.org>
1092
1093         [Windows, WinCairo] Get rid of last few pthread include/link references.
1094         https://bugs.webkit.org/show_bug.cgi?id=115375
1095
1096         Reviewed by Tim Horton.
1097
1098         * JavaScriptCore.vcproj/jsc/jscPostBuild.cmd:
1099         * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props:
1100         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.props:
1101         * JavaScriptCore.vcxproj/jsc/jscCommon.props:
1102         * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props:
1103         * JavaScriptCore.vcxproj/testapi/testapiCommon.props:
1104
1105 2013-04-29  Roger Fong  <roger_fong@apple.com>
1106
1107         Unreviewed. AppleWin VS2010 build fix.
1108
1109         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in:
1110
1111 2013-04-26  Mark Hahnenberg  <mhahnenberg@apple.com>
1112
1113         ~BlockAllocator should ASSERT that it has no more Regions left
1114         https://bugs.webkit.org/show_bug.cgi?id=115287
1115
1116         Reviewed by Andreas Kling.
1117
1118         * heap/BlockAllocator.cpp:
1119         (JSC::BlockAllocator::~BlockAllocator):
1120         (JSC::BlockAllocator::allRegionSetsAreEmpty):
1121         * heap/BlockAllocator.h:
1122         (RegionSet):
1123         (JSC::BlockAllocator::RegionSet::isEmpty):
1124         (BlockAllocator):
1125
1126 2013-04-29  Mark Hahnenberg  <mhahnenberg@apple.com>
1127
1128         IndexingTypes should use hex
1129         https://bugs.webkit.org/show_bug.cgi?id=115286
1130
1131         Decimal is kind of confusing/hard to read because they're used as bit masks. Hex seems more appropriate.
1132
1133         Reviewed by Geoffrey Garen.
1134
1135         * runtime/IndexingType.h:
1136
1137 2013-04-29  Carlos Garcia Campos  <cgarcia@igalia.com>
1138
1139         Unreviewed. Fix make distcheck.
1140
1141         * GNUmakefile.list.am: Add missing headers files to compilation
1142         and offlineasm/sh4.rb script.
1143
1144 2013-04-28  Dean Jackson  <dino@apple.com>
1145
1146         [Mac] Disable canvas backing store scaling (HIGH_DPI_CANVAS)
1147         https://bugs.webkit.org/show_bug.cgi?id=115310
1148
1149         Reviewed by Simon Fraser.
1150
1151         Remove ENABLE_HIGH_DPI_CANVAS_macosx.
1152
1153         * Configurations/FeatureDefines.xcconfig:
1154
1155 2013-04-27  Darin Adler  <darin@apple.com>
1156
1157         Move from constructor and member function adoptCF/NS to free function adoptCF/NS.
1158         https://bugs.webkit.org/show_bug.cgi?id=115307
1159
1160         Reviewed by Geoffrey Garen.
1161
1162         * heap/HeapTimer.cpp:
1163         (JSC::HeapTimer::HeapTimer):
1164         * runtime/VM.cpp:
1165         (JSC::enableAssembler):
1166         Use adoptCF free function.
1167
1168 2013-04-27  Anders Carlsson  <andersca@apple.com>
1169
1170         Try to fix the Windows build.
1171
1172         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def:
1173
1174 2013-04-25  Geoffrey Garen  <ggaren@apple.com>
1175
1176         Cleaned up pre/post inc/dec in bytecode
1177         https://bugs.webkit.org/show_bug.cgi?id=115222
1178
1179         Reviewed by Filip Pizlo.
1180
1181         A few related changes here:
1182
1183         (*) Removed post_inc and post_dec. The two-result form was awkward to
1184         reason about. Being explicit about the intermediate mov and to_number
1185         reduces DFG overhead, removes some fragile ASSERTs from the DFG, and
1186         fixes a const bug. Plus, we get to blow away 262 lines of code.
1187
1188         (*) Renamed pre_inc and pre_dec to inc and dec, since there's only one
1189         version now.
1190
1191         (*) Renamed to_jsnumber to to_number, to match the ECMA name.
1192
1193         (*) Tightened up the codegen and runtime support for to_number.
1194
1195
1196         * JavaScriptCore.order: Order!
1197
1198         * bytecode/CodeBlock.cpp:
1199         (JSC::CodeBlock::dumpBytecode):
1200         * bytecode/Opcode.h:
1201         (JSC::padOpcodeName):
1202         * bytecompiler/BytecodeGenerator.cpp:
1203         (JSC::BytecodeGenerator::emitInc):
1204         (JSC::BytecodeGenerator::emitDec):
1205         * bytecompiler/BytecodeGenerator.h:
1206         (JSC::BytecodeGenerator::emitToNumber):
1207         (BytecodeGenerator): Removed post_inc and post_dec.
1208
1209         * bytecompiler/NodesCodegen.cpp:
1210         (JSC::emitPreIncOrDec): Updated for rename.
1211
1212         (JSC::emitPostIncOrDec): Issue an explicit mov and to_number when needed.
1213         These are rare, and they boil away in the DFG.
1214
1215         (JSC::PostfixNode::emitResolve):
1216         (JSC::PrefixNode::emitResolve): For const, use an explicit mov instead
1217         of any special forms. This fixes a bug where we would do string
1218         add/subtract instead of number.
1219
1220         * dfg/DFGByteCodeParser.cpp:
1221         (JSC::DFG::ByteCodeParser::parseBlock):
1222         * dfg/DFGCapabilities.h:
1223         (JSC::DFG::canCompileOpcode):
1224         * jit/JIT.cpp:
1225         (JSC::JIT::privateCompileMainPass):
1226         (JSC::JIT::privateCompileSlowCases):
1227         * jit/JIT.h:
1228         * jit/JITArithmetic.cpp:
1229         (JSC::JIT::emit_op_inc):
1230         (JSC::JIT::emitSlow_op_inc):
1231         (JSC::JIT::emit_op_dec):
1232         (JSC::JIT::emitSlow_op_dec):
1233         * jit/JITArithmetic32_64.cpp:
1234         (JSC::JIT::emit_op_inc):
1235         (JSC::JIT::emitSlow_op_inc):
1236         (JSC::JIT::emit_op_dec):
1237         (JSC::JIT::emitSlow_op_dec): Removed post_inc/dec, and updated for renames.
1238
1239         * jit/JITOpcodes.cpp:
1240         (JSC::JIT::emit_op_to_number):
1241         (JSC::JIT::emitSlow_op_to_number): Removed a test for number cells. There's
1242         no such thing!
1243
1244         * jit/JITOpcodes32_64.cpp:
1245         (JSC::JIT::emit_op_to_number): Use LowestTag to avoid making assumptions
1246         about the lowest valued tag.
1247
1248         (JSC::JIT::emitSlow_op_to_number): Updated for renames.
1249
1250         * jit/JITStubs.cpp:
1251         (JSC::DEFINE_STUB_FUNCTION):
1252         * jit/JITStubs.h:
1253         * llint/LLIntSlowPaths.cpp:
1254         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
1255         * llint/LLIntSlowPaths.h:
1256         * llint/LowLevelInterpreter32_64.asm:
1257         * llint/LowLevelInterpreter64.asm:
1258         * parser/NodeConstructors.h:
1259         (JSC::UnaryPlusNode::UnaryPlusNode): Removed post_inc/dec, and updated for renames.
1260
1261         * runtime/Operations.cpp:
1262         (JSC::jsIsObjectType): Removed a test for number cells. There's
1263         no such thing!
1264
1265 2013-04-27  Julien Brianceau  <jbrianceau@nds.com>
1266
1267         REGRESSION(r149114): cache flush for SH4 arch may flush an extra page.
1268         https://bugs.webkit.org/show_bug.cgi?id=115305
1269
1270         Reviewed by Andreas Kling.
1271
1272         * assembler/SH4Assembler.h:
1273         (JSC::SH4Assembler::cacheFlush):
1274
1275 2013-04-26  Geoffrey Garen  <ggaren@apple.com>
1276
1277         Re-landing <http://trac.webkit.org/changeset/148999>
1278
1279             Filled out more cases of branch folding in bytecode when emitting
1280             expressions into a branching context
1281             https://bugs.webkit.org/show_bug.cgi?id=115057
1282
1283             Reviewed by Phil Pizlo.
1284
1285         We can't fold the number == 1 case to boolean because all non-zero numbers
1286         down-cast to true, but only 1 is == to true.
1287
1288 2013-04-26  Filip Pizlo  <fpizlo@apple.com>
1289
1290         Correct indentation of SymbolTable.h
1291         
1292         Rubber stamped by Mark Hahnenberg.
1293
1294         * runtime/SymbolTable.h:
1295
1296 2013-04-26  Roger Fong  <roger_fong@apple.com>
1297
1298         Make Apple Windows VS2010 build results into and get dependencies from __32 suffixed folders.
1299         Make the DebugSuffix configuration use _debug dependencies.
1300
1301         * JavaScriptCore.vcxproj/JavaScriptCore.make:
1302         * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
1303         * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
1304         * JavaScriptCore.vcxproj/JavaScriptCoreCF.props:
1305         * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props:
1306         * JavaScriptCore.vcxproj/JavaScriptCoreDebug.props:
1307         * JavaScriptCore.vcxproj/JavaScriptCoreDebugCFLite.props:
1308         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGenerator.vcxproj:
1309         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGenerator.vcxproj.filters:
1310         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorBuildCmd.cmd:
1311         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorCommon.props:
1312         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorDebug.props:
1313         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPostBuild.cmd:
1314         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPreBuild.cmd:
1315         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorProduction.props:
1316         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorRelease.props:
1317         * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.make:
1318         * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.vcxproj:
1319         * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedCommon.props:
1320         * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedDebug.props:
1321         * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedProduction.props:
1322         * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedRelease.props:
1323         * JavaScriptCore.vcxproj/JavaScriptCorePostBuild.cmd:
1324         * JavaScriptCore.vcxproj/JavaScriptCorePreLink.cmd:
1325         * JavaScriptCore.vcxproj/JavaScriptCoreProduction.props:
1326         * JavaScriptCore.vcxproj/JavaScriptCoreRelease.props:
1327         * JavaScriptCore.vcxproj/JavaScriptCoreReleaseCFLite.props:
1328         * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.make:
1329         * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.vcxproj:
1330         * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh:
1331         * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.make:
1332         * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.vcxproj:
1333         * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/build-LLIntDesiredOffsets.sh:
1334         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractor.vcxproj:
1335         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.props:
1336         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorDebug.props:
1337         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorProduction.props:
1338         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorRelease.props:
1339         * JavaScriptCore.vcxproj/build-generated-files.sh:
1340         * JavaScriptCore.vcxproj/copy-files.cmd:
1341         * JavaScriptCore.vcxproj/jsc/jsc.vcxproj:
1342         * JavaScriptCore.vcxproj/jsc/jscCommon.props:
1343         * JavaScriptCore.vcxproj/jsc/jscDebug.props:
1344         * JavaScriptCore.vcxproj/jsc/jscPostBuild.cmd:
1345         * JavaScriptCore.vcxproj/jsc/jscPreLink.cmd:
1346         * JavaScriptCore.vcxproj/jsc/jscProduction.props:
1347         * JavaScriptCore.vcxproj/jsc/jscRelease.props:
1348         * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj:
1349         * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj.filters:
1350         * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props:
1351         * JavaScriptCore.vcxproj/testRegExp/testRegExpDebug.props:
1352         * JavaScriptCore.vcxproj/testRegExp/testRegExpPostBuild.cmd:
1353         * JavaScriptCore.vcxproj/testRegExp/testRegExpPreLink.cmd:
1354         * JavaScriptCore.vcxproj/testRegExp/testRegExpProduction.props:
1355         * JavaScriptCore.vcxproj/testRegExp/testRegExpRelease.props:
1356         * JavaScriptCore.vcxproj/testapi/testapi.vcxproj:
1357         * JavaScriptCore.vcxproj/testapi/testapiCommon.props:
1358         * JavaScriptCore.vcxproj/testapi/testapiCommonCFLite.props:
1359         * JavaScriptCore.vcxproj/testapi/testapiDebug.props:
1360         * JavaScriptCore.vcxproj/testapi/testapiDebugCFLite.props:
1361         * JavaScriptCore.vcxproj/testapi/testapiPreLink.cmd:
1362         * JavaScriptCore.vcxproj/testapi/testapiProduction.props:
1363         * JavaScriptCore.vcxproj/testapi/testapiRelease.props:
1364         * JavaScriptCore.vcxproj/testapi/testapiReleaseCFLite.props:
1365
1366 2013-04-26  Roger Fong  <roger_fong@apple.com>
1367
1368         Disable sub-pixel layout on mac.
1369         https://bugs.webkit.org/show_bug.cgi?id=114999.
1370
1371         Reviewed by Simon Fraser.
1372
1373         * Configurations/FeatureDefines.xcconfig:
1374
1375 2013-04-26  Oliver Hunt  <oliver@apple.com>
1376
1377         Make stack tracing more robust
1378         https://bugs.webkit.org/show_bug.cgi?id=115272
1379
1380         Reviewed by Geoffrey Garen.
1381
1382         CallFrame already handles stack walking confusion robustly,
1383         so we should make sure that the actual walk handles that as well.
1384
1385         * interpreter/Interpreter.cpp:
1386         (JSC::getCallerInfo):
1387
1388 2013-04-26  Mark Hahnenberg  <mhahnenberg@apple.com>
1389
1390         REGRESSION(r149165): It made many tests crash on 32 bit
1391         https://bugs.webkit.org/show_bug.cgi?id=115227
1392
1393         Reviewed by Csaba Osztrogonác.
1394
1395         m_reservation is uninitialized when ENABLE(SUPER_REGION) is false.
1396
1397         * heap/SuperRegion.cpp:
1398         (JSC::SuperRegion::~SuperRegion):
1399
1400 2013-04-26  Julien Brianceau  <jbrianceau@nds.com>
1401
1402         Fix SH4 build broken since r149159.
1403         https://bugs.webkit.org/show_bug.cgi?id=115229
1404
1405         Add BranchTruncateType enum in SH4 port and handle it in branchTruncateDoubleToInt32.
1406
1407         Reviewed by Allan Sandfeld Jensen.
1408
1409         * assembler/MacroAssemblerSH4.h:
1410         (JSC::MacroAssemblerSH4::branchTruncateDoubleToInt32):
1411
1412 2013-04-25  Mark Hahnenberg  <mhahnenberg@apple.com>
1413
1414         SuperRegion doesn't call deallocate() on its PageReservation
1415         https://bugs.webkit.org/show_bug.cgi?id=115208
1416
1417         Reviewed by Geoffrey Garen.
1418
1419         It should. This doesn't cause us to leak physical memory, but it does cause us to leak virtual 
1420         address space (and probably mach ports), which is also bad :-( FixedVMPoolExecutableAllocator 
1421         also has this bug, but it doesn't matter much because there's only one instance of that class 
1422         throughout the entire lifetime of the process, whereas each VM has its own SuperRegion. 
1423
1424         * heap/SuperRegion.cpp:
1425         (JSC::SuperRegion::~SuperRegion):
1426         * heap/SuperRegion.h:
1427         (SuperRegion):
1428         * jit/ExecutableAllocatorFixedVMPool.cpp:
1429         (FixedVMPoolExecutableAllocator):
1430         (JSC::FixedVMPoolExecutableAllocator::~FixedVMPoolExecutableAllocator):
1431
1432 2013-04-25  Filip Pizlo  <fpizlo@apple.com>
1433
1434         DFG doesn't support to_jsnumber
1435         https://bugs.webkit.org/show_bug.cgi?id=115129
1436
1437         Reviewed by Geoffrey Garen.
1438         
1439         Based on Oliver's patch. Implements to_jsnumber as Identity(Number:@thingy), and then does
1440         an optimization in Fixup to turn Identity(Number:) into Identity(Int32:) if the predictions
1441         tell us to. Identity is later turned into Phantom.
1442         
1443         Also fixed BackPropMask, which appeared to have NodeDoesNotExit included in it. That's
1444         wrong; NodeDoesNotExit is not a backward propagation property.
1445         
1446         Also fixed Identity to be marked as CanExit (i.e. not NodeDoesNotExit).
1447         
1448         This more than doubles the FPS on ammo.
1449
1450         * dfg/DFGByteCodeParser.cpp:
1451         (JSC::DFG::ByteCodeParser::parseBlock):
1452         * dfg/DFGCapabilities.h:
1453         (JSC::DFG::canCompileOpcode):
1454         * dfg/DFGFixupPhase.cpp:
1455         (JSC::DFG::FixupPhase::fixupNode):
1456         (FixupPhase):
1457         (JSC::DFG::FixupPhase::observeUseKindOnNode):
1458         (JSC::DFG::FixupPhase::observeUseKindOnEdge):
1459         * dfg/DFGNodeFlags.h:
1460         (DFG):
1461         * dfg/DFGNodeType.h:
1462         (DFG):
1463         * dfg/DFGPredictionPropagationPhase.cpp:
1464         (JSC::DFG::PredictionPropagationPhase::propagate):
1465
1466 2013-04-24  Oliver Hunt  <oliver@apple.com>
1467
1468         Add support for Math.imul
1469         https://bugs.webkit.org/show_bug.cgi?id=115143
1470
1471         Reviewed by Filip Pizlo.
1472
1473         Add support for Math.imul, a thunk generator for Math.imul,
1474         and an intrinsic.
1475
1476         Fairly self explanatory set of changes, DFG intrinsics simply
1477         leverages the existing ValueToInt32 nodes.
1478
1479         * create_hash_table:
1480         * dfg/DFGAbstractState.cpp:
1481         (JSC::DFG::AbstractState::executeEffects):
1482         * dfg/DFGBackwardsPropagationPhase.cpp:
1483         (JSC::DFG::BackwardsPropagationPhase::propagate):
1484         * dfg/DFGByteCodeParser.cpp:
1485         (JSC::DFG::ByteCodeParser::handleIntrinsic):
1486         * dfg/DFGCSEPhase.cpp:
1487         (JSC::DFG::CSEPhase::performNodeCSE):
1488         * dfg/DFGFixupPhase.cpp:
1489         (JSC::DFG::FixupPhase::fixupNode):
1490         * dfg/DFGNodeType.h:
1491         (DFG):
1492         * dfg/DFGPredictionPropagationPhase.cpp:
1493         (JSC::DFG::PredictionPropagationPhase::propagate):
1494         * dfg/DFGSpeculativeJIT.cpp:
1495         (JSC::DFG::SpeculativeJIT::compileArithIMul):
1496         * dfg/DFGSpeculativeJIT.h:
1497         (SpeculativeJIT):
1498         * dfg/DFGSpeculativeJIT32_64.cpp:
1499         (JSC::DFG::SpeculativeJIT::compile):
1500         * dfg/DFGSpeculativeJIT64.cpp:
1501         (JSC::DFG::SpeculativeJIT::compile):
1502         * jit/ThunkGenerators.cpp:
1503         (JSC::imulThunkGenerator):
1504         (JSC):
1505         * jit/ThunkGenerators.h:
1506         (JSC):
1507         * runtime/Intrinsic.h:
1508         * runtime/MathObject.cpp:
1509         (JSC):
1510         (JSC::mathProtoFuncIMul):
1511         * runtime/VM.cpp:
1512         (JSC::thunkGeneratorForIntrinsic):
1513
1514 2013-04-25  Filip Pizlo  <fpizlo@apple.com>
1515
1516         Unreviewed, roll out http://trac.webkit.org/changeset/148999
1517         It broke http://kripken.github.io/ammo.js/examples/new/ammo.html
1518
1519         * JavaScriptCore.order:
1520         * bytecompiler/BytecodeGenerator.cpp:
1521         (JSC::BytecodeGenerator::emitNewArray):
1522         (JSC::BytecodeGenerator::emitThrowReferenceError):
1523         (JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded):
1524         * bytecompiler/BytecodeGenerator.h:
1525         (JSC::BytecodeGenerator::shouldEmitProfileHooks):
1526         (BytecodeGenerator):
1527         * bytecompiler/NodesCodegen.cpp:
1528         (JSC):
1529         (JSC::NullNode::emitBytecode):
1530         (JSC::BooleanNode::emitBytecode):
1531         (JSC::NumberNode::emitBytecode):
1532         (JSC::StringNode::emitBytecode):
1533         (JSC::IfNode::emitBytecode):
1534         (JSC::IfElseNode::emitBytecode):
1535         * parser/ASTBuilder.h:
1536         (JSC::ASTBuilder::createIfStatement):
1537         (ASTBuilder):
1538         * parser/NodeConstructors.h:
1539         (JSC):
1540         (JSC::NullNode::NullNode):
1541         (JSC::BooleanNode::BooleanNode):
1542         (JSC::NumberNode::NumberNode):
1543         (JSC::StringNode::StringNode):
1544         (JSC::IfNode::IfNode):
1545         (JSC::IfElseNode::IfElseNode):
1546         * parser/Nodes.h:
1547         (JSC::ExpressionNode::isPure):
1548         (JSC::ExpressionNode::isSubtract):
1549         (StatementNode):
1550         (NullNode):
1551         (JSC::NullNode::isNull):
1552         (BooleanNode):
1553         (JSC::BooleanNode::isPure):
1554         (NumberNode):
1555         (JSC::NumberNode::value):
1556         (JSC::NumberNode::isPure):
1557         (StringNode):
1558         (JSC::StringNode::isPure):
1559         (JSC::StringNode::isString):
1560         (BinaryOpNode):
1561         (IfNode):
1562         (JSC):
1563         (IfElseNode):
1564         (ContinueNode):
1565         (BreakNode):
1566         * parser/Parser.cpp:
1567         (JSC::::parseIfStatement):
1568         * parser/ResultType.h:
1569         (ResultType):
1570         * runtime/JSCJSValueInlines.h:
1571         (JSC::JSValue::pureToBoolean):
1572         * runtime/JSCell.h:
1573         (JSCell):
1574         * runtime/JSCellInlines.h:
1575         (JSC):
1576
1577 2013-04-25  Filip Pizlo  <fpizlo@apple.com>
1578
1579         PreciseJumpTargets should treat loop_hint as a jump target
1580         https://bugs.webkit.org/show_bug.cgi?id=115209
1581
1582         Reviewed by Mark Hahnenberg.
1583         
1584         I didn't add a test but I turned this into a release assertion. Running Octane is enough
1585         to trigger it.
1586
1587         * bytecode/PreciseJumpTargets.cpp:
1588         (JSC::computePreciseJumpTargets):
1589         * dfg/DFGByteCodeParser.cpp:
1590         (JSC::DFG::ByteCodeParser::parseBlock):
1591
1592 2013-04-25  Roman Zhuykov  <zhroma@ispras.ru>
1593
1594         Fix problems with processing negative zero on DFG.
1595         https://bugs.webkit.org/show_bug.cgi?id=113862
1596
1597         Reviewed by Filip Pizlo.
1598
1599         Fix NodeNeedsNegZero flag propagation in BackwardPropagationPhase.
1600         Function arithNodeFlags should not mask NodeNeedsNegZero flag for ArithNegate and DoubleAsInt32
1601         nodes and this flag should be always used to decide where we need to generate nezative-zero checks.
1602         Remove unnecessary negative-zero checks from integer ArithDiv on ARM.
1603         Also remove such checks from integer ArithMod on ARM and X86, and make them always to
1604         check not only "modulo_result == 0" but also "dividend < 0".
1605         Generate faster code for case when ArithMod operation divisor is constant power of 2 on ARMv7
1606         in the same way as on ARMv7s, and add negative-zero checks into this code when needed.
1607         Change speculationCheck ExitKind from Overflow to NegativeZero where applicable.
1608  
1609         This shows 30% speedup of math-spectral-norm, and 5% speedup
1610         on SunSpider overall on ARMv7 Linux.
1611
1612         * assembler/MacroAssemblerARM.h:
1613         (JSC::MacroAssemblerARM::branchConvertDoubleToInt32):
1614         * assembler/MacroAssemblerARMv7.h:
1615         (JSC::MacroAssemblerARMv7::branchConvertDoubleToInt32):
1616         * assembler/MacroAssemblerMIPS.h:
1617         (JSC::MacroAssemblerMIPS::branchConvertDoubleToInt32):
1618         * assembler/MacroAssemblerSH4.h:
1619         (JSC::MacroAssemblerSH4::branchConvertDoubleToInt32):
1620         * assembler/MacroAssemblerX86Common.h:
1621         (JSC::MacroAssemblerX86Common::branchConvertDoubleToInt32):
1622         * dfg/DFGBackwardsPropagationPhase.cpp:
1623         (JSC::DFG::BackwardsPropagationPhase::isNotNegZero):
1624         (JSC::DFG::BackwardsPropagationPhase::isNotPosZero):
1625         (JSC::DFG::BackwardsPropagationPhase::propagate):
1626         * dfg/DFGNode.h:
1627         (JSC::DFG::Node::arithNodeFlags):
1628         * dfg/DFGSpeculativeJIT.cpp:
1629         (JSC::DFG::SpeculativeJIT::compileDoubleAsInt32):
1630         (JSC::DFG::SpeculativeJIT::compileSoftModulo):
1631         (JSC::DFG::SpeculativeJIT::compileArithNegate):
1632
1633 2013-04-25  Oliver Hunt  <oliver@apple.com>
1634
1635         Stack guards are too conservative
1636         https://bugs.webkit.org/show_bug.cgi?id=115147
1637
1638         Reviewed by Mark Hahnenberg.
1639
1640         Increase stack guard to closer to old size.
1641
1642         * interpreter/Interpreter.cpp:
1643         (JSC::Interpreter::StackPolicy::StackPolicy):
1644
1645 2013-04-25  Oliver Hunt  <oliver@apple.com>
1646
1647         Stack guards are too conservative
1648         https://bugs.webkit.org/show_bug.cgi?id=115147
1649
1650         Reviewed by Geoffrey Garen.
1651
1652         Reduce the limits and simplify the decision making.
1653
1654         * interpreter/Interpreter.cpp:
1655         (JSC::Interpreter::StackPolicy::StackPolicy):
1656
1657 2013-04-25  Nick Diego Yamane  <nick.yamane@openbossa.org>
1658
1659         JSC: Fix interpreter misbehavior in builds with JIT disabled
1660         https://bugs.webkit.org/show_bug.cgi?id=115190
1661
1662         Reviewed by Oliver Hunt.
1663
1664         Commit http://trac.webkit.org/changeset/147858 modified
1665         some details on how JS stack traces are built. The method
1666         "getLineNumberForCallFrame", renamed in that changeset to
1667         "getBytecodeOffsetForCallFrame" is always returning `0' when
1668         JIT is disabled
1669
1670         How to reproduce:
1671          - Build webkit with JIT disabled
1672          - Open MiniBrowser, for example, with http://google.com
1673          - In a debug build, WebProcess will hit the following ASSERT:
1674            Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp:279 ASSERT(low);
1675
1676         * interpreter/Interpreter.cpp:
1677         (JSC::getBytecodeOffsetForCallFrame):
1678
1679 2013-04-25  Oliver Hunt  <oliver@apple.com>
1680
1681         Make checkSyntax take a VM instead of an ExecState
1682
1683         RS=Tim
1684
1685         * jsc.cpp:
1686         (runInteractive):
1687         * runtime/Completion.cpp:
1688         (JSC::checkSyntax):
1689         * runtime/Completion.h:
1690         (JSC):
1691
1692 2013-04-25  Michael Saboff  <msaboff@apple.com>
1693
1694         32 Bit: Crash due to RegExpTest nodes not setting result type to Boolean
1695         https://bugs.webkit.org/show_bug.cgi?id=115188
1696
1697         Reviewed by Geoffrey Garen.
1698
1699         Changed the RegExpTest node to set the AbstractValue to boolean, since that
1700         what it is.
1701
1702         * dfg/DFGAbstractState.cpp:
1703         (JSC::DFG::AbstractState::executeEffects):
1704
1705 2013-04-25  Julien Brianceau  <jbrianceau@nds.com>
1706
1707         REGRESSION(r137994): Random crashes occur with SH4 JSC.
1708         https://bugs.webkit.org/show_bug.cgi?id=115167.
1709
1710         Reviewed by Oliver Hunt.
1711
1712         Since r137994, uncommited pages could be inside the area of memory in
1713         parameter of the cacheFlush function. That's why we have to flush each
1714         page separately to avoid a fail of the whole flush, if an uncommited page
1715         is in the area.
1716
1717         This patch is very similar to changeset 145194 made for ARMv7 architecture,
1718         see https://bugs.webkit.org/show_bug.cgi?id=111441 for further information.
1719
1720         * assembler/SH4Assembler.h:
1721         (JSC::SH4Assembler::cacheFlush):
1722
1723 2013-04-24  Mark Lam  <mark.lam@apple.com>
1724
1725         Add watchdog timer polling for the DFG.
1726         https://bugs.webkit.org/show_bug.cgi?id=115134.
1727
1728         Reviewed by Geoffrey Garen.
1729
1730         The strategy is to add a speculation check to the DFG generated code to
1731         test if the watchdog timer has fired or not. If the watchdog timer has
1732         fired, the generated code will do an OSR exit to the baseline JIT, and
1733         let it handle servicing the watchdog timer.
1734
1735         If the watchdog is not enabled, this speculation check will not be
1736         emitted.
1737
1738         * API/tests/testapi.c:
1739         (currentCPUTime_callAsFunction):
1740         (extendTerminateCallback):
1741         (main):
1742         - removed try/catch statements so that we can test the watchdog on the DFG.
1743         - added JS bindings to a native currentCPUTime() function so that the timeout
1744           tests can be more accurate.
1745         - also shortened the time values so that the tests can complete sooner.
1746
1747         * bytecode/ExitKind.h:
1748         * dfg/DFGAbstractState.cpp:
1749         (JSC::DFG::AbstractState::executeEffects):
1750         * dfg/DFGByteCodeParser.cpp:
1751         (JSC::DFG::ByteCodeParser::parseBlock):
1752         * dfg/DFGFixupPhase.cpp:
1753         (JSC::DFG::FixupPhase::fixupNode):
1754         * dfg/DFGNodeType.h:
1755         * dfg/DFGPredictionPropagationPhase.cpp:
1756         (JSC::DFG::PredictionPropagationPhase::propagate):
1757         * dfg/DFGSpeculativeJIT32_64.cpp:
1758         (JSC::DFG::SpeculativeJIT::compile):
1759         * dfg/DFGSpeculativeJIT64.cpp:
1760         (JSC::DFG::SpeculativeJIT::compile):
1761         * runtime/Watchdog.cpp:
1762         (JSC::Watchdog::setTimeLimit):
1763
1764 2013-04-24  Filip Pizlo  <fpizlo@apple.com>
1765
1766         Special thunks for math functions should work on ARMv7
1767         https://bugs.webkit.org/show_bug.cgi?id=115144
1768
1769         Reviewed by Gavin Barraclough and Oliver Hunt.
1770         
1771         The only hard bit here was ensuring that we implemented the very special
1772         "cheap C call" convention on ARMv7.
1773
1774         * assembler/AbstractMacroAssembler.h:
1775         (JSC::isARMv7s):
1776         (JSC):
1777         (JSC::isX86):
1778         * dfg/DFGCommon.h:
1779         * jit/SpecializedThunkJIT.h:
1780         (SpecializedThunkJIT):
1781         (JSC::SpecializedThunkJIT::callDoubleToDoublePreservingReturn):
1782         * jit/ThunkGenerators.cpp:
1783         (JSC::floorThunkGenerator):
1784         (JSC::ceilThunkGenerator):
1785         (JSC::roundThunkGenerator):
1786         (JSC::expThunkGenerator):
1787         (JSC::logThunkGenerator):
1788
1789 2013-04-24  Julien Brianceau  <jbrianceau@nds.com>
1790
1791         Misc bugfix and cleaning in sh4 base JIT.
1792         https://bugs.webkit.org/show_bug.cgi?id=115022.
1793
1794         Reviewed by Oliver Hunt.
1795
1796         Remove unused add32() and sub32() with scratchreg parameter to avoid
1797         confusion as this function prototype means another behaviour.
1798         Remove unused "void push(Address)" function which seems quite buggy.
1799
1800         * assembler/MacroAssemblerSH4.h:
1801         (JSC::MacroAssemblerSH4::and32): Cosmetic change.
1802         (JSC::MacroAssemblerSH4::lshift32): Cosmetic change.
1803         (JSC::MacroAssemblerSH4::or32): Cosmetic change.
1804         (JSC::MacroAssemblerSH4::xor32): Cosmetic change.
1805         (MacroAssemblerSH4):
1806         (JSC::MacroAssemblerSH4::load32): Cosmetic change.
1807         (JSC::MacroAssemblerSH4::load8Signed): Fix invalid offset upper limit
1808         when using r0 register and cosmetic changes.
1809         (JSC::MacroAssemblerSH4::load8): Reuse load8Signed to avoid duplication.
1810         (JSC::MacroAssemblerSH4::load16): Fix invalid offset upper limit when
1811         using r0 register, fix missing offset shift and cosmetic changes.
1812         (JSC::MacroAssemblerSH4::store32): Cosmetic change.
1813         (JSC::MacroAssemblerSH4::branchAdd32): Store result value before branch.
1814
1815 2013-04-24  Patrick Gansterer  <paroga@webkit.org>
1816
1817         [WIN] Remove pthread from Visual Studio files in JavaScriptCore
1818         https://bugs.webkit.org/show_bug.cgi?id=114864
1819
1820         Reviewed by Brent Fulgham.
1821
1822         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1823         * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.vsprops:
1824         * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
1825         * JavaScriptCore.vcproj/testRegExp/testRegExpCommon.vsprops:
1826         * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:
1827         * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props:
1828         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorCommon.props:
1829         * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.props:
1830         * JavaScriptCore.vcxproj/jsc/jscCommon.props:
1831         * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props:
1832         * JavaScriptCore.vcxproj/testapi/testapiCommon.props:
1833         * JavaScriptCore.vcxproj/testapi/testapiCommonCFLite.props:
1834
1835 2013-04-24  Filip Pizlo  <fpizlo@apple.com>
1836
1837         DFG should keep the operand to create_this alive if it's emitting code for create_this
1838         https://bugs.webkit.org/show_bug.cgi?id=115133
1839
1840         Reviewed by Mark Hahnenberg.
1841         
1842         The DFG must model bytecode liveness, or else OSR exit is going to have a really bad time.
1843
1844         * dfg/DFGByteCodeParser.cpp:
1845         (JSC::DFG::ByteCodeParser::parseBlock):
1846
1847 2013-04-24  Roger Fong  <roger_fong@apple.com>
1848
1849         Have VS2010 WebKit solution look in WebKit_Libraries/lib32 for dependencies.
1850
1851         * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPostBuild.cmd:
1852         * JavaScriptCore.vcxproj/JavaScriptCorePreLink.cmd:
1853         * JavaScriptCore.vcxproj/jsc/jscPostBuild.cmd:
1854         * JavaScriptCore.vcxproj/jsc/jscPreLink.cmd:
1855         * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj.filters:
1856         * JavaScriptCore.vcxproj/testRegExp/testRegExpPostBuild.cmd:
1857         * JavaScriptCore.vcxproj/testRegExp/testRegExpPreLink.cmd:
1858         * JavaScriptCore.vcxproj/testapi/testapiPreLink.cmd:
1859
1860 2013-04-24  Geoffrey Garen  <ggaren@apple.com>
1861
1862         32-bit build fix.
1863
1864         Unreviewed.
1865
1866         * dfg/DFGSpeculativeJIT.cpp:
1867         (JSC::DFG::SpeculativeJIT::compilePeepHoleBooleanBranch): Explicitly
1868         truncate to 32-bit to avoid compiler warnings. It's safe to truncate
1869         because the payload of a boolean is the low bits on both 64-bit and 32-bit.
1870
1871 2013-04-23  Geoffrey Garen  <ggaren@apple.com>
1872
1873         Filled out more cases of branch folding in the DFG
1874         https://bugs.webkit.org/show_bug.cgi?id=115088
1875
1876         Reviewed by Oliver Hunt.
1877
1878         No change on the benchmarks we track, but a 3X speedup on a
1879         microbenchmark that uses these techniques.
1880
1881         * dfg/DFGByteCodeParser.cpp:
1882         (JSC::DFG::ByteCodeParser::parseBlock): (!/=)= and (!/=)== can constant
1883         fold all types, not just numbers, because true constants have no
1884         side effects when type-converted at runtime.
1885
1886         * dfg/DFGFixupPhase.cpp:
1887         (JSC::DFG::FixupPhase::fixupNode):
1888         * dfg/DFGNode.h:
1889         (JSC::DFG::Node::shouldSpeculateBoolean): Added support for fixing up
1890         boolean uses, like we do for other types like number.
1891
1892         * dfg/DFGSpeculativeJIT.cpp:
1893         (JSC::DFG::SpeculativeJIT::compilePeepHoleBooleanBranch):
1894         (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
1895         (JSC::DFG::SpeculativeJIT::compare):
1896         (JSC::DFG::SpeculativeJIT::compileStrictEq):
1897         (JSC::DFG::SpeculativeJIT::compileBooleanCompare): Peephole fuse
1898         boolean compare and/or compare-branch, now that we have the types for
1899         them.
1900
1901         * dfg/DFGSpeculativeJIT.h: Updated declarations.
1902
1903 == Rolled over to ChangeLog-2013-04-24 ==