<rdar://problem/9366557> Various crashes due to bad DFG codegen at canalplus.fr
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-05-03  Geoffrey Garen  <ggaren@apple.com>
2
3         Reviewed by Darin Adler.
4
5         <rdar://problem/9366557> Various crashes due to bad DFG codegen at canalplus.fr
6
7         * dfg/DFGSpeculativeJIT.cpp:
8         (JSC::DFG::SpeculativeJIT::checkArgumentTypes): Removed a stray line of
9         code that accidentally survived the conversion to a switch statement,
10         causing a lot of important code not to run most of the time.
11
12         Since this is not a trivial finger-picking mistake, I will not call it a
13         typo.
14
15 2011-05-04  Adam Roben  <aroben@apple.com>
16
17         Another attempted build fix
18
19         * wtf/OwnPtr.h:
20         (WTF::OwnPtr::operator==):
21         (WTF::OwnPtr::operator!=):
22         * wtf/PassOwnPtr.h:
23         (WTF::PassOwnPtr::operator==):
24         (WTF::PassOwnPtr::operator!=):
25         Added a return statement. And made a tweak based on a suggestion from Anders Carlsson.
26
27 2011-05-04  Adam Roben  <aroben@apple.com>
28
29         Try to fix Leopard, Qt, and probably others
30
31         * wtf/OwnPtr.h:
32         (WTF::OwnPtr::operator==):
33         (WTF::OwnPtr::operator!=):
34         * wtf/PassOwnPtr.h:
35         (WTF::PassOwnPtr::operator==):
36         (WTF::PassOwnPtr::operator!=):
37         Try to get the compiler not to instantiate these function templates unnecessarily.
38
39 2011-05-03  Adam Roben  <aroben@apple.com>
40
41         Disallow equality comparisons between [Pass]OwnPtrs
42
43         If you have two OwnPtrs that are equal, you've already lost. (Unless you're doing something
44         really sneaky, in which case you should stop!)
45
46         Fixes <http://webkit.org/b/60053> Testing OwnPtrs for equality should cause a compiler error
47
48         Reviewed by Anders Carlsson and Antti Koivisto.
49
50         * wtf/OwnPtr.h:
51         (WTF::OwnPtr::operator==):
52         (WTF::OwnPtr::operator!=):
53         * wtf/PassOwnPtr.h:
54         (WTF::PassOwnPtr::operator==):
55         (WTF::PassOwnPtr::operator!=):
56         Added private equality operators that fail to compile when used. (When not used, the
57         compiler will skip over them because they are function templates.)
58
59 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
60
61         Reviewed by Gavin Barraclough.
62
63         JITArithmetic.cpp produces a warning on a unused variable.
64         https://bugs.webkit.org/show_bug.cgi?id=60060
65
66         Just properly use what we already have converted.
67
68         * jit/JITArithmetic.cpp:
69         (JSC::JIT::emitSlow_op_add):
70         (JSC::JIT::emitSlow_op_mul):
71
72 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
73
74         Reviewed by Geoffrey Garen.
75
76         JITPropertyAccess produces a unused but set variable warning in gcc 4.6.0.
77         https://bugs.webkit.org/show_bug.cgi?id=60050
78
79         This patch fix a compilation warning. The new warning scenario -Wunused-but-set-variable
80         in gcc 4.6.0 is included in -Wall and therefore stops the compilation when warnings are treated
81         as errors. The patch introduces a new macro ASSERT_JIT_OFFSET_UNUSED and ASSERT_WITH_MESSAGE_UNUSED
82         which copy the idea of ASSERT_UNUSED.
83
84         * jit/JIT.h:
85         * jit/JITPropertyAccess.cpp:
86         (JSC::JIT::emit_op_method_check):
87         (JSC::JIT::compileGetByIdHotPath):
88         (JSC::JIT::emit_op_put_by_id):
89         * wtf/Assertions.h:
90         (assertWithMessageUnused):
91
92 2011-04-29  Jer Noble  <jer.noble@apple.com>
93
94         Reviewed by Eric Seidel.
95
96         Implement FULLSCREEN_API on Windows, Part 4: Enable it
97         https://bugs.webkit.org/show_bug.cgi?id=59798
98
99         * wtf/Platform.h: Set ENABLE_FULLSCREEN_API on win.
100
101 2011-05-03  Alexis Menard  <alexis.menard@openbossa.org>
102
103         Reviewed by Eric Seidel.
104
105         Unused but set variable warning in MacroAssemberX86_64
106         https://bugs.webkit.org/show_bug.cgi?id=59482
107
108         * assembler/MacroAssemblerX86_64.h:
109         (JSC::MacroAssemblerX86_64::call):
110         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
111         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
112
113 2011-05-03  Oliver Hunt  <oliver@apple.com>
114
115         Reviewed by Geoffrey Garen.
116
117         Make malloc validation useful
118         https://bugs.webkit.org/show_bug.cgi?id=57502
119
120         Reland this patch (rolled out in 82905) without
121         turning it on by default.
122
123         * JavaScriptCore.exp:
124         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
125         * wtf/FastMalloc.cpp:
126         (WTF::tryFastMalloc):
127         (WTF::fastMalloc):
128         (WTF::tryFastCalloc):
129         (WTF::fastCalloc):
130         (WTF::fastFree):
131         (WTF::tryFastRealloc):
132         (WTF::fastRealloc):
133         (WTF::fastMallocSize):
134         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
135         (WTF::TCMalloc_PageHeap::scheduleScavenger):
136         (WTF::TCMalloc_PageHeap::suspendScavenger):
137         (WTF::TCMalloc_PageHeap::signalScavenger):
138         (WTF::TCMallocStats::malloc):
139         (WTF::TCMallocStats::free):
140         (WTF::TCMallocStats::fastCalloc):
141         (WTF::TCMallocStats::tryFastCalloc):
142         (WTF::TCMallocStats::calloc):
143         (WTF::TCMallocStats::fastRealloc):
144         (WTF::TCMallocStats::tryFastRealloc):
145         (WTF::TCMallocStats::realloc):
146         (WTF::TCMallocStats::fastMallocSize):
147         * wtf/FastMalloc.h:
148         (WTF::Internal::fastMallocValidationHeader):
149         (WTF::Internal::fastMallocValidationSuffix):
150         (WTF::Internal::fastMallocMatchValidationType):
151         (WTF::Internal::setFastMallocMatchValidationType):
152         (WTF::fastMallocMatchValidateFree):
153         (WTF::fastMallocValidate):
154
155 2011-05-03  Xan Lopez  <xlopez@igalia.com>
156
157         Reviewed by Anders Carlsson.
158
159         Compile error with GCC 4.6.0, tries to assign unsigned& to bitfield
160         https://bugs.webkit.org/show_bug.cgi?id=59261
161
162         Use unary '+' to force proper type detection in template arguments
163         with GCC 4.6.0. See bug report for more details.
164
165         * runtime/Structure.cpp:
166         (JSC::StructureTransitionTable::remove): Use '+' to force precise type detection.
167         (JSC::StructureTransitionTable::add): ditto.
168         * runtime/Structure.h:
169         (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer): ditto.
170
171 2011-05-03  Jessie Berlin  <jberlin@apple.com>
172
173         Rubber-stamped by Adam Roben.
174
175         Revert r85550 and r85575.
176
177         Variables cannot be exported via the .def file. Instead, they should be annotated with
178         JS_EXPORTDATA.
179
180         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
181         * runtime/Structure.cpp:
182         (JSC::Structure::materializePropertyMap):
183         * runtime/Structure.h:
184         (JSC::Structure::typeInfo):
185         (JSC::Structure::previousID):
186         (JSC::Structure::propertyStorageCapacity):
187         (JSC::Structure::propertyStorageSize):
188         (JSC::Structure::get):
189         (JSC::Structure::materializePropertyMapIfNecessary):
190
191 2011-05-02  Adam Roben  <aroben@apple.com>
192
193         Allow implicit conversion from nullptr_t to PassOwnPtr
194
195         This makes it a lot easier to write code that just wants a null PassOwnPtr, especially in
196         strict PassOwnPtr mode.
197
198         Fixes <http://webkit.org/b/59964> Implicit conversion from std::nullptr_t to PassOwnPtr
199         doesn't work, but should
200
201         Reviewed by Adam Barth.
202
203         * wtf/PassOwnPtr.h:
204         (WTF::PassOwnPtr::PassOwnPtr): Added a non-explicit constructor that takes a nullptr_t.
205
206         * wtf/MessageQueue.h:
207         (WTF::::waitForMessageFilteredWithTimeout):
208         (WTF::::tryGetMessage):
209         Use the new implicit conversion.
210
211 2011-05-02  Jessie Berlin  <jberlin@apple.com>
212
213         Rubber-stamped by Oliver Hunt.
214
215         Remove an assertion that Windows was hitting on launch.
216
217         * runtime/Structure.cpp:
218         (JSC::Structure::materializePropertyMap):
219         * runtime/Structure.h:
220         (JSC::Structure::typeInfo):
221         (JSC::Structure::previousID):
222         (JSC::Structure::propertyStorageCapacity):
223         (JSC::Structure::propertyStorageSize):
224         (JSC::Structure::get):
225         (JSC::Structure::materializePropertyMapIfNecessary):
226
227 2011-05-02  Mark Rowe  <mrowe@apple.com>
228
229         Reviewed by Geoff Garen.
230
231         <rdar://problem/9371948> JavaScriptCore should build with GCC 4.2
232
233         * Configurations/CompilerVersion.xcconfig:
234
235 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
236
237         ARMv7 build fix.
238
239         * assembler/AbstractMacroAssembler.h:
240         (JSC::AbstractMacroAssembler::Jump::link):
241         (JSC::AbstractMacroAssembler::Jump::linkTo):
242
243 2011-05-02  Oliver Hunt  <oliver@apple.com>
244
245         Windows build fix.
246
247         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
248
249 2011-05-02  Michael Saboff  <msaboff@apple.com>
250
251         Reviewed by Geoffrey Garen.
252
253         crash in JSC::RegExp::match
254         https://bugs.webkit.org/show_bug.cgi?id=58922
255
256         Cleared chained backtrack data label when linking label even if that 
257         label doesn't chain itself.  This is needed so that subsequent 
258         backtrack data labels point to the next outer paren and not within 
259         the current paren.
260
261         * yarr/YarrJIT.cpp:
262         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
263
264 2011-05-02  Geoffrey Garen  <ggaren@apple.com>
265
266         Reviewed by Oliver Hunt.
267
268         Tiny bit of heap cleanup.
269
270         * heap/MarkedBlock.h:
271         (JSC::MarkedBlock::contains): Tightened up an assertion and a comment.
272
273         * heap/MarkedSpace.h:
274         (JSC::MarkedSpace::globalData):
275         (JSC::MarkedSpace::highWaterMark):
276         (JSC::MarkedSpace::setHighWaterMark): Moved inlines out of the class
277         definition, for better clarity.
278
279 2011-05-02  Oliver Hunt  <oliver@apple.com>
280
281         Reviewed by Gavin Barraclough.
282
283         Correct marking of interpreter data in mixed mode builds
284         https://bugs.webkit.org/show_bug.cgi?id=59962
285
286         We had a few places in mixed mode builds where we would not
287         track data used by the interpreter for marking.  This patch
288         corrects the problem and adds a number of assertions to catch
289         live Structures being collected.
290
291         * JavaScriptCore.exp:
292         * assembler/ARMv7Assembler.h:
293         (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
294         * bytecode/CodeBlock.cpp:
295         (JSC::CodeBlock::dump):
296         * bytecode/CodeBlock.h:
297         (JSC::CodeBlock::addPropertyAccessInstruction):
298         (JSC::CodeBlock::addGlobalResolveInstruction):
299         (JSC::CodeBlock::addStructureStubInfo):
300         (JSC::CodeBlock::addGlobalResolveInfo):
301         * bytecompiler/BytecodeGenerator.cpp:
302         (JSC::BytecodeGenerator::emitResolve):
303         (JSC::BytecodeGenerator::emitResolveWithBase):
304         (JSC::BytecodeGenerator::emitGetById):
305         (JSC::BytecodeGenerator::emitPutById):
306         (JSC::BytecodeGenerator::emitDirectPutById):
307         * runtime/Structure.cpp:
308         (JSC::Structure::materializePropertyMap):
309         * runtime/Structure.h:
310         (JSC::Structure::typeInfo):
311         (JSC::Structure::previousID):
312         (JSC::Structure::propertyStorageCapacity):
313         (JSC::Structure::propertyStorageSize):
314         (JSC::Structure::get):
315         (JSC::Structure::materializePropertyMapIfNecessary):
316
317 2011-05-02  Xan Lopez  <xlopez@igalia.com>
318
319         Reviewed by Alexey Proskuryakov.
320
321         Use native NullPtr when using GCC 4.6.0 and C++0x
322         https://bugs.webkit.org/show_bug.cgi?id=59252
323
324         GCC 4.6.0 has nullptr support, use it when possible.
325
326         * wtf/NullPtr.cpp: include config.h to pull in Platform.h before
327         NullPtr.h, since we need the GCC_VERSION_AT_LEAST definition.
328         * wtf/NullPtr.h: check for GCC >= 4.6.0 and C++0x in order to
329         use native nullptr.
330
331 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
332
333         Reviewed by Oliver Hunt.
334
335         https://bugs.webkit.org/show_bug.cgi?id=59950
336         Clean up AssemblerBuffer to use a Vector internally.
337
338         AssemblerBuffer handles reallocing a byte array itself - stop that.
339
340         * assembler/ARMAssembler.cpp:
341         (JSC::ARMAssembler::executableCopy):
342         * assembler/AssemblerBuffer.h:
343         (JSC::AssemblerLabel::AssemblerLabel):
344         (JSC::AssemblerLabel::labelAtOffset):
345         (JSC::AssemblerBuffer::AssemblerBuffer):
346         (JSC::AssemblerBuffer::~AssemblerBuffer):
347         (JSC::AssemblerBuffer::isAvailable):
348         (JSC::AssemblerBuffer::ensureSpace):
349         (JSC::AssemblerBuffer::isAligned):
350         (JSC::AssemblerBuffer::putIntegral):
351         (JSC::AssemblerBuffer::putIntegralUnchecked):
352         (JSC::AssemblerBuffer::putByteUnchecked):
353         (JSC::AssemblerBuffer::putByte):
354         (JSC::AssemblerBuffer::putShortUnchecked):
355         (JSC::AssemblerBuffer::putShort):
356         (JSC::AssemblerBuffer::putIntUnchecked):
357         (JSC::AssemblerBuffer::putInt):
358         (JSC::AssemblerBuffer::putInt64Unchecked):
359         (JSC::AssemblerBuffer::putInt64):
360         (JSC::AssemblerBuffer::codeSize):
361         (JSC::AssemblerBuffer::label):
362         (JSC::AssemblerBuffer::executableCopy):
363         (JSC::AssemblerBuffer::rewindToLabel):
364         (JSC::AssemblerBuffer::debugOffset):
365         (JSC::AssemblerBuffer::append):
366         (JSC::AssemblerBuffer::grow):
367         * assembler/AssemblerBufferWithConstantPool.h:
368         * assembler/MacroAssemblerX86_64.h:
369         (JSC::MacroAssemblerX86_64::linkCall):
370         * assembler/X86Assembler.h:
371         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
372
373 2011-05-02  Jeff Miller  <jeffm@apple.com>
374
375         Reviewed by Alexy Proskuryakov.
376
377         Avoid potential buffer overflow in WTFLog() and WTFLogVerbose()
378         https://bugs.webkit.org/show_bug.cgi?id=59949
379
380         * wtf/Assertions.cpp: Check for 0 or empty format string in WTFLog() and WTFLogVerbose().
381
382 2011-05-02  Adam Barth  <abarth@webkit.org>
383
384         Reviewed by Alexey Proskuryakov.
385
386         StringImpl::endsWith has some insane code
387         https://bugs.webkit.org/show_bug.cgi?id=59900
388
389         * wtf/text/StringImpl.cpp:
390         (WTF::StringImpl::endsWith):
391             - m_data shadows a member variable of the same name.
392
393 2011-05-02  Gabor Loki  <loki@webkit.org>
394
395         Buildfix for ARM after r85448
396
397         * assembler/ARMAssembler.h:
398         (JSC::ARMAssembler::loadBranchTarget):
399
400 2011-05-01  Oliver Hunt  <oliver@apple.com>
401
402         Reviewed by Gavin Barraclough.
403
404         Strict-mode only reserved words not reserved
405         https://bugs.webkit.org/show_bug.cgi?id=55342
406
407         Fix line number tracking when we rollback the lexer.
408
409         * parser/JSParser.cpp:
410         (JSC::JSParser::parseSourceElements):
411
412 2011-05-01  Oliver Hunt  <oliver@apple.com>
413
414         Reviewed by Gavin Barraclough.
415
416         ES5 Strict mode does not allow getter and setter for same propId
417         https://bugs.webkit.org/show_bug.cgi?id=57295
418
419         Simplify and correct the logic for strict mode object literals.
420
421         * parser/JSParser.cpp:
422         (JSC::JSParser::parseStrictObjectLiteral):
423
424 2011-05-01  Oliver Hunt  <oliver@apple.com>
425
426         Reviewed by Gavin Barraclough.
427
428         Assigning to function identifier under strict should throw
429         https://bugs.webkit.org/show_bug.cgi?id=59289
430
431         Add logic to StaticScopeObject to ensure we don't silently consume
432         writes to constant properties.
433
434         * runtime/JSStaticScopeObject.cpp:
435         (JSC::JSStaticScopeObject::put):
436
437 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
438
439         Reviewed by Sam Weinig.
440
441         https://bugs.webkit.org/show_bug.cgi?id=59903
442         Use AssemblerLabel throughout Assembler classes, AssemblerBuffer
443
444         Creating a lable() into the AssemblerBuffer should return an AssemblerLabel,
445         not an unsigned int.
446
447         * assembler/ARMAssembler.cpp:
448         (JSC::ARMAssembler::executableCopy):
449         * assembler/ARMAssembler.h:
450         (JSC::ARMAssembler::blx):
451         (JSC::ARMAssembler::label):
452         (JSC::ARMAssembler::loadBranchTarget):
453         * assembler/ARMv7Assembler.h:
454         (JSC::ARMv7Assembler::b):
455         (JSC::ARMv7Assembler::blx):
456         (JSC::ARMv7Assembler::bx):
457         (JSC::ARMv7Assembler::label):
458         (JSC::ARMv7Assembler::ARMInstructionFormatter::label):
459         * assembler/AssemblerBuffer.h:
460         (JSC::AssemblerBuffer::label):
461         * assembler/AssemblerBufferWithConstantPool.h:
462         * assembler/MIPSAssembler.h:
463         (JSC::MIPSAssembler::label):
464         (JSC::MIPSAssembler::relocateJumps):
465         * assembler/SH4Assembler.h:
466         (JSC::SH4Assembler::loadConstant):
467         (JSC::SH4Assembler::loadConstantUnReusable):
468         (JSC::SH4Assembler::call):
469         (JSC::SH4Assembler::jmp):
470         (JSC::SH4Assembler::jne):
471         (JSC::SH4Assembler::je):
472         (JSC::SH4Assembler::label):
473         (JSC::SH4Assembler::oneShortOp):
474         * assembler/X86Assembler.h:
475         (JSC::X86Assembler::call):
476         (JSC::X86Assembler::jmp_r):
477         (JSC::X86Assembler::label):
478         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
479         (JSC::X86Assembler::X86InstructionFormatter::label):
480
481 2011-05-01  Adam Barth  <abarth@webkit.org>
482
483         Reviewed by David Levin.
484
485         Enable strict mode for OwnPtr and PassOwnPtr
486         https://bugs.webkit.org/show_bug.cgi?id=59428
487
488         * wtf/OwnPtr.h:
489
490 2011-05-01  Patrick Gansterer  <paroga@webkit.org>
491
492         Reviewed by Adam Barth.
493
494         Enable strict OwnPtr for PLATFORM(WIN)
495         https://bugs.webkit.org/show_bug.cgi?id=59881
496
497         * wtf/OwnPtr.h:
498
499 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
500
501         Reviewed by Sam Weinig.
502
503         https://bugs.webkit.org/show_bug.cgi?id=59896
504         Remove JmpSrc/JmpDst types.
505
506         The JmpSrc/JmpDst classes predate the MacroAssembler interface. Having these
507         object be per-assembler in unhelpful, causes unnecessary code duplication,
508         and prevents the AssemblerBuffer from providing a richer type for labels.
509         The limited semantic meaning that they did convey is undermined by the manner
510         in which their meanings have been overloaded (use of JmpSrc for Call, JmpDst
511         for data labels).
512
513         Jumps on ARMv7 have had additional information added to the object via the
514         ARMv7 JmpSrc. This data should probably be in the instruction stream. This
515         patch does not fix the problem, and moves the data (ifdefed) to
516         AbstractMacroAssembler::Jump (which is effectively where it was before!).
517         This at least closes the hole such that no further data may be added to JmpSrc,
518         but this is unfortunate, and should be cleaned up.
519
520         * assembler/ARMAssembler.h:
521         (JSC::ARMAssembler::blx):
522         (JSC::ARMAssembler::label):
523         (JSC::ARMAssembler::align):
524         (JSC::ARMAssembler::loadBranchTarget):
525         (JSC::ARMAssembler::jmp):
526         (JSC::ARMAssembler::linkPointer):
527         (JSC::ARMAssembler::linkJump):
528         (JSC::ARMAssembler::linkCall):
529         (JSC::ARMAssembler::getRelocatedAddress):
530         (JSC::ARMAssembler::getDifferenceBetweenLabels):
531         (JSC::ARMAssembler::getCallReturnOffset):
532         * assembler/ARMv7Assembler.h:
533         (JSC::ARMv7Assembler::b):
534         (JSC::ARMv7Assembler::blx):
535         (JSC::ARMv7Assembler::bx):
536         (JSC::ARMv7Assembler::label):
537         (JSC::ARMv7Assembler::align):
538         (JSC::ARMv7Assembler::getRelocatedAddress):
539         (JSC::ARMv7Assembler::getDifferenceBetweenLabels):
540         (JSC::ARMv7Assembler::getCallReturnOffset):
541         (JSC::ARMv7Assembler::linkJump):
542         (JSC::ARMv7Assembler::linkCall):
543         (JSC::ARMv7Assembler::linkPointer):
544         * assembler/AbstractMacroAssembler.h:
545         (JSC::AbstractMacroAssembler::Label::isSet):
546         (JSC::AbstractMacroAssembler::Call::Call):
547         (JSC::AbstractMacroAssembler::Jump::Jump):
548         (JSC::AbstractMacroAssembler::Jump::link):
549         (JSC::AbstractMacroAssembler::Jump::linkTo):
550         (JSC::AbstractMacroAssembler::linkPointer):
551         (JSC::AbstractMacroAssembler::getLinkerAddress):
552         * assembler/AssemblerBuffer.h:
553         (JSC::AssemblerLabel::AssemblerLabel):
554         (JSC::AssemblerLabel::isSet):
555         * assembler/LinkBuffer.h:
556         (JSC::LinkBuffer::patch):
557         * assembler/MIPSAssembler.h:
558         (JSC::MIPSAssembler::label):
559         (JSC::MIPSAssembler::align):
560         (JSC::MIPSAssembler::getRelocatedAddress):
561         (JSC::MIPSAssembler::getDifferenceBetweenLabels):
562         (JSC::MIPSAssembler::getCallReturnOffset):
563         (JSC::MIPSAssembler::linkJump):
564         (JSC::MIPSAssembler::linkCall):
565         (JSC::MIPSAssembler::linkPointer):
566         * assembler/MacroAssemblerARMv7.h:
567         (JSC::MacroAssemblerARMv7::branchDouble):
568         (JSC::MacroAssemblerARMv7::branchDoubleZeroOrNaN):
569         (JSC::MacroAssemblerARMv7::jump):
570         (JSC::MacroAssemblerARMv7::nearCall):
571         (JSC::MacroAssemblerARMv7::call):
572         (JSC::MacroAssemblerARMv7::ret):
573         (JSC::MacroAssemblerARMv7::tailRecursiveCall):
574         (JSC::MacroAssemblerARMv7::makeBranch):
575         * assembler/MacroAssemblerMIPS.h:
576         (JSC::MacroAssemblerMIPS::nearCall):
577         (JSC::MacroAssemblerMIPS::call):
578         (JSC::MacroAssemblerMIPS::tailRecursiveCall):
579         (JSC::MacroAssemblerMIPS::branchTrue):
580         (JSC::MacroAssemblerMIPS::branchFalse):
581         (JSC::MacroAssemblerMIPS::branchEqual):
582         (JSC::MacroAssemblerMIPS::branchNotEqual):
583         * assembler/SH4Assembler.h:
584         (JSC::SH4Assembler::call):
585         (JSC::SH4Assembler::jmp):
586         (JSC::SH4Assembler::jne):
587         (JSC::SH4Assembler::je):
588         (JSC::SH4Assembler::label):
589         (JSC::SH4Assembler::align):
590         (JSC::SH4Assembler::linkJump):
591         (JSC::SH4Assembler::linkCall):
592         (JSC::SH4Assembler::linkPointer):
593         (JSC::SH4Assembler::getCallReturnOffset):
594         (JSC::SH4Assembler::getRelocatedAddress):
595         (JSC::SH4Assembler::getDifferenceBetweenLabels):
596         (JSC::SH4Assembler::patchPointer):
597         * assembler/X86Assembler.h:
598         (JSC::X86Assembler::call):
599         (JSC::X86Assembler::jmp):
600         (JSC::X86Assembler::jmp_r):
601         (JSC::X86Assembler::jne):
602         (JSC::X86Assembler::jnz):
603         (JSC::X86Assembler::je):
604         (JSC::X86Assembler::jz):
605         (JSC::X86Assembler::jl):
606         (JSC::X86Assembler::jb):
607         (JSC::X86Assembler::jle):
608         (JSC::X86Assembler::jbe):
609         (JSC::X86Assembler::jge):
610         (JSC::X86Assembler::jg):
611         (JSC::X86Assembler::ja):
612         (JSC::X86Assembler::jae):
613         (JSC::X86Assembler::jo):
614         (JSC::X86Assembler::jp):
615         (JSC::X86Assembler::js):
616         (JSC::X86Assembler::jCC):
617         (JSC::X86Assembler::label):
618         (JSC::X86Assembler::labelFor):
619         (JSC::X86Assembler::align):
620         (JSC::X86Assembler::linkJump):
621         (JSC::X86Assembler::linkCall):
622         (JSC::X86Assembler::linkPointer):
623         (JSC::X86Assembler::getCallReturnOffset):
624         (JSC::X86Assembler::getRelocatedAddress):
625         (JSC::X86Assembler::getDifferenceBetweenLabels):
626         (JSC::X86Assembler::rewindToLabel):
627         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
628         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
629         * jit/JIT.cpp:
630         (JSC::JIT::privateCompileMainPass):
631         * jit/JIT.h:
632         * jit/JITInlineMethods.h:
633         (JSC::JIT::atJumpTarget):
634         (JSC::JIT::emitGetVirtualRegister):
635         * jit/JITOpcodes.cpp:
636         (JSC::JIT::emit_op_jmp):
637         (JSC::JIT::emit_op_jfalse):
638         (JSC::JIT::emit_op_jeq_null):
639         (JSC::JIT::emit_op_jneq_null):
640         (JSC::JIT::emit_op_jneq_ptr):
641         (JSC::JIT::emit_op_jsr):
642         (JSC::JIT::emit_op_jtrue):
643         (JSC::JIT::emit_op_jmp_scopes):
644
645 2011-05-01  Chao-ying Fu  <fu@mips.com>
646
647         Reviewed by Eric Seidel.
648
649         Fix MIPS build due to the split of "Condition" enum
650         https://bugs.webkit.org/show_bug.cgi?id=59407
651
652         * assembler/MIPSAssembler.h:
653         (JSC::MIPSAssembler::debugOffset):
654         * assembler/MacroAssemblerMIPS.h:
655         (JSC::MacroAssemblerMIPS::branch32):
656         (JSC::MacroAssemblerMIPS::compare32):
657
658 2011-04-30  Adam Barth  <abarth@webkit.org>
659
660         Reviewed by Adam Barth.
661
662         Enable strict OwnPtr for GTK
663         https://bugs.webkit.org/show_bug.cgi?id=59861
664
665         * wtf/OwnPtr.h:
666
667 2011-04-30  Gavin Barraclough  <barraclough@apple.com>
668
669         ARMv7 build fix.
670
671         * assembler/AssemblerBufferWithConstantPool.h:
672
673 2011-04-30  Gavin Barraclough  <barraclough@apple.com>
674
675         Reviewed by Oliver Hunt.
676
677         Bug 59869 - AssemblerBuffer cleanup - disambiguate size()
678
679         The method size() is called on the AssemblerBuffer both to acquire
680         the complete size of the code, and to get a position to use as a
681         label into the code. Instead, add an explicit 'label' method.
682
683         * assembler/ARMAssembler.cpp:
684         (JSC::ARMAssembler::executableCopy):
685         * assembler/ARMAssembler.h:
686         (JSC::ARMAssembler::blx):
687         (JSC::ARMAssembler::codeSize):
688         (JSC::ARMAssembler::label):
689         (JSC::ARMAssembler::loadBranchTarget):
690         * assembler/ARMv7Assembler.h:
691         (JSC::ARMv7Assembler::b):
692         (JSC::ARMv7Assembler::blx):
693         (JSC::ARMv7Assembler::bx):
694         (JSC::ARMv7Assembler::label):
695         (JSC::ARMv7Assembler::codeSize):
696         (JSC::ARMv7Assembler::ARMInstructionFormatter::codeSize):
697         (JSC::ARMv7Assembler::ARMInstructionFormatter::data):
698         * assembler/AbstractMacroAssembler.h:
699         * assembler/AssemblerBuffer.h:
700         (JSC::AssemblerBuffer::codeSize):
701         (JSC::AssemblerBuffer::label):
702         * assembler/AssemblerBufferWithConstantPool.h:
703         * assembler/LinkBuffer.h:
704         (JSC::LinkBuffer::LinkBuffer):
705         (JSC::LinkBuffer::linkCode):
706         * assembler/MIPSAssembler.h:
707         (JSC::MIPSAssembler::newJmpSrc):
708         (JSC::MIPSAssembler::appendJump):
709         (JSC::MIPSAssembler::label):
710         (JSC::MIPSAssembler::codeSize):
711         (JSC::MIPSAssembler::relocateJumps):
712         * assembler/SH4Assembler.h:
713         (JSC::SH4Assembler::loadConstant):
714         (JSC::SH4Assembler::loadConstantUnReusable):
715         (JSC::SH4Assembler::call):
716         (JSC::SH4Assembler::jmp):
717         (JSC::SH4Assembler::jne):
718         (JSC::SH4Assembler::je):
719         (JSC::SH4Assembler::label):
720         (JSC::SH4Assembler::executableCopy):
721         (JSC::SH4Assembler::oneShortOp):
722         (JSC::SH4Assembler::codeSize):
723         * assembler/X86Assembler.h:
724         (JSC::X86Assembler::call):
725         (JSC::X86Assembler::jmp_r):
726         (JSC::X86Assembler::codeSize):
727         (JSC::X86Assembler::label):
728         (JSC::X86Assembler::executableCopy):
729         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
730         (JSC::X86Assembler::X86InstructionFormatter::codeSize):
731         (JSC::X86Assembler::X86InstructionFormatter::label):
732         (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
733         * dfg/DFGJITCompiler.cpp:
734         (JSC::DFG::JITCompiler::compileFunction):
735         * jit/JIT.cpp:
736         (JSC::JIT::privateCompile):
737         * jit/JITOpcodes.cpp:
738         (JSC::JIT::privateCompileCTIMachineTrampolines):
739         * jit/JITOpcodes32_64.cpp:
740         (JSC::JIT::privateCompileCTIMachineTrampolines):
741         * yarr/YarrJIT.cpp:
742         (JSC::Yarr::YarrGenerator::compile):
743
744 2011-04-29  Adam Barth  <abarth@webkit.org>
745
746         Attempt to fix the Windows build.
747
748         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
749
750 2011-04-29  Adam Barth  <abarth@webkit.org>
751
752         Reviewed by Eric Seidel.
753
754         CSP script-src should block eval
755         https://bugs.webkit.org/show_bug.cgi?id=59850
756
757         ggaren recommend a different approach to this patch, essentially
758         installing a new function for function-eval and changing the AST
759         representation of operator-eval to call function-eval.  However, I'm
760         not sure that approach is workable because the ASTBuilder doesn't know
761         about global objects, and there is added complication due to the cache.
762
763         This approach is more dynamic, adding a branch in EvalExecutable to
764         detect whether eval is current disabled in the lexical scope.  The spec
765         is slightly unclear about whether we should return undefined or throw
766         an exception.  I've asked Brandon to clarify the spec, but throwing an
767         exception seems natural.
768
769         * JavaScriptCore.exp:
770         * runtime/Executable.cpp:
771         (JSC::EvalExecutable::compileInternal):
772         * runtime/JSGlobalObject.cpp:
773         (JSC::JSGlobalObject::disableEval):
774         * runtime/JSGlobalObject.h:
775         (JSC::JSGlobalObject::JSGlobalObject):
776         (JSC::JSGlobalObject::isEvalEnabled):
777
778 2011-04-29  Gavin Barraclough  <barraclough@apple.com>
779
780         Reviewed by Oliver Hunt.
781
782         https://bugs.webkit.org/show_bug.cgi?id=59847
783         Remove linkOffset from LinkBuffer
784
785         This is redundant since removal of recompilation for exception info.
786
787         * assembler/LinkBuffer.h:
788         (JSC::LinkBuffer::LinkBuffer):
789         (JSC::LinkBuffer::linkCode):
790         * dfg/DFGJITCompiler.cpp:
791         (JSC::DFG::JITCompiler::compileFunction):
792         * jit/JIT.cpp:
793         (JSC::JIT::JIT):
794         (JSC::JIT::privateCompile):
795         * jit/JIT.h:
796         (JSC::JIT::compile):
797         (JSC::JIT::compileCTIMachineTrampolines):
798         (JSC::JIT::compileCTINativeCall):
799         * jit/JITOpcodes.cpp:
800         (JSC::JIT::privateCompileCTIMachineTrampolines):
801         * jit/JITOpcodes32_64.cpp:
802         (JSC::JIT::privateCompileCTIMachineTrampolines):
803         (JSC::JIT::privateCompileCTINativeCall):
804         * jit/JITPropertyAccess.cpp:
805         (JSC::JIT::stringGetByValStubGenerator):
806         (JSC::JIT::privateCompilePutByIdTransition):
807         (JSC::JIT::privateCompilePatchGetArrayLength):
808         (JSC::JIT::privateCompileGetByIdProto):
809         (JSC::JIT::privateCompileGetByIdSelfList):
810         (JSC::JIT::privateCompileGetByIdProtoList):
811         (JSC::JIT::privateCompileGetByIdChainList):
812         (JSC::JIT::privateCompileGetByIdChain):
813         * jit/JITPropertyAccess32_64.cpp:
814         (JSC::JIT::stringGetByValStubGenerator):
815         (JSC::JIT::privateCompilePutByIdTransition):
816         (JSC::JIT::privateCompilePatchGetArrayLength):
817         (JSC::JIT::privateCompileGetByIdProto):
818         (JSC::JIT::privateCompileGetByIdSelfList):
819         (JSC::JIT::privateCompileGetByIdProtoList):
820         (JSC::JIT::privateCompileGetByIdChainList):
821         (JSC::JIT::privateCompileGetByIdChain):
822         * jit/SpecializedThunkJIT.h:
823         (JSC::SpecializedThunkJIT::finalize):
824         * yarr/YarrJIT.cpp:
825         (JSC::Yarr::YarrGenerator::compile):
826
827 2011-04-29  Gavin Barraclough  <barraclough@apple.com>
828
829         Reviewed by Oliver Hunt & Geoff Garen.
830
831         https://bugs.webkit.org/show_bug.cgi?id=59221
832         [RegexFuzz] Regression blocking testing
833
834         Okay, so the bug here is that when, in the case of a TypeParentheticalAssertion
835         node, emitDisjunction recursively calls to itself to emit the nested disjunction
836         the value of parenthesesInputCountAlreadyChecked is bogus (doesn't take into
837         account the uncheck that has just taken place).
838
839         Also, the special handling given to countToCheck in the case of parenthetical
840         assertions is nonsense, delete it, along with the isParentheticalAssertion argument.
841
842         * yarr/YarrInterpreter.cpp:
843         (JSC::Yarr::ByteCompiler::emitDisjunction):
844
845 2011-04-29  Csaba Osztrogonác  <ossy@webkit.org>
846
847         Reviewed by Adam Barth.
848
849         Enable strict OwnPtr for Qt
850         https://bugs.webkit.org/show_bug.cgi?id=59667
851
852         * wtf/OwnPtr.h:
853
854 2011-04-29  Dean Jackson  <dino@apple.com>
855
856         Reviewed by Simon Fraser.
857
858         Add ENABLE macro for WebKitAnimation
859         https://bugs.webkit.org/show_bug.cgi?id=59729
860
861         Add new feature to toggle WebKit Animation API.
862
863         * Configurations/FeatureDefines.xcconfig:
864
865 2011-04-28  Sam Weinig  <sam@webkit.org>
866
867         Reviewed by Mark Rowe.
868
869         Install testapi.js along side testapi
870         https://bugs.webkit.org/show_bug.cgi?id=59773
871
872         * JavaScriptCore.xcodeproj/project.pbxproj:
873         Add new build phase to copy testapi.js to install path of testapi
874         on install.
875
876 2011-04-28  David Levin  <levin@chromium.org>
877
878         Reviewed by Adam Barth.
879
880         Remove IMAGE_RESIZER related code.
881         https://bugs.webkit.org/show_bug.cgi?id=59735
882
883         * Configurations/FeatureDefines.xcconfig:
884
885 2011-04-28  Gavin Barraclough  <barraclough@apple.com>
886
887         Reviewed by Oliver Hunt.
888
889         https://bugs.webkit.org/show_bug.cgi?id=59763
890         DFG JIT - Unify FPRReg & FPRegisterID
891
892         (Following on from GPRReg/RegisterID unification).
893
894         * dfg/DFGFPRInfo.h:
895         (JSC::DFG::FPRInfo::toRegister):
896         (JSC::DFG::FPRInfo::debugName):
897         * dfg/DFGGPRInfo.h:
898         * dfg/DFGJITCodeGenerator.cpp:
899         (JSC::DFG::JITCodeGenerator::fillDouble):
900         (JSC::DFG::JITCodeGenerator::checkConsistency):
901         * dfg/DFGJITCodeGenerator.h:
902         (JSC::DFG::JITCodeGenerator::boxDouble):
903         (JSC::DFG::JITCodeGenerator::unboxDouble):
904         (JSC::DFG::JITCodeGenerator::flushRegisters):
905         (JSC::DFG::JITCodeGenerator::isFlushed):
906         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
907         (JSC::DFG::JITCodeGenerator::setupStubArguments):
908         (JSC::DFG::JITCodeGenerator::callOperation):
909         (JSC::DFG::GPRResult::lockedResult):
910         (JSC::DFG::FPRResult::lockedResult):
911         * dfg/DFGJITCompiler.cpp:
912         (JSC::DFG::JITCompiler::fillNumericToDouble):
913         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
914         (JSC::DFG::JITCompiler::compileFunction):
915         * dfg/DFGJITCompiler.h:
916         * dfg/DFGNode.h:
917         * dfg/DFGNonSpeculativeJIT.cpp:
918         (JSC::DFG::EntryLocation::EntryLocation):
919         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
920         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
921         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
922         (JSC::DFG::NonSpeculativeJIT::compile):
923         * dfg/DFGNonSpeculativeJIT.h:
924         (JSC::DFG::NonSpeculativeJIT::silentSpillAllRegisters):
925         (JSC::DFG::NonSpeculativeJIT::silentFillAllRegisters):
926         * dfg/DFGRegisterBank.h:
927         (JSC::DFG::RegisterBank::iterator::regID):
928         (JSC::DFG::RegisterBank::iterator::debugName):
929         * dfg/DFGSpeculativeJIT.cpp:
930         (JSC::DFG::SpeculationCheck::SpeculationCheck):
931         (JSC::DFG::SpeculativeJIT::compile):
932         * dfg/DFGSpeculativeJIT.h:
933
934 2011-04-28  David Kilzer  <ddkilzer@apple.com>
935
936         Revert "<http://webkit.org/b/59705> WTF::postTimer() leaks a CFRunLoopTimerRef every time it's called"
937
938         This reverts commit r85195.  It was crashing DumpRenderTree on Lion.
939
940         * wtf/mac/MainThreadMac.mm:
941         (WTF::postTimer):
942
943 2011-04-28  Adam Barth  <abarth@webkit.org>
944
945         Reviewed by Eric Seidel.
946
947         Remove WML
948         https://bugs.webkit.org/show_bug.cgi?id=59678
949
950         Remove the WML configuration option from the Mac build system.
951
952         * Configurations/FeatureDefines.xcconfig:
953
954 2011-04-28  Sheriff Bot  <webkit.review.bot@gmail.com>
955
956         Unreviewed, rolling out r85233 and r85235.
957         http://trac.webkit.org/changeset/85233
958         http://trac.webkit.org/changeset/85235
959         https://bugs.webkit.org/show_bug.cgi?id=59754
960
961         Causes issues with jsc. (Requested by dave_levin on #webkit).
962
963         * GNUmakefile.list.am:
964         * JavaScriptCore.gypi:
965         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
966         * JavaScriptCore.xcodeproj/project.pbxproj:
967         * jit/ExecutableAllocator.h:
968         (JSC::ExecutablePool::ExecutablePool):
969         * parser/SourceProvider.h:
970         (JSC::SourceProvider::SourceProvider):
971         * runtime/RegExp.cpp:
972         (JSC::RegExp::RegExp):
973         * wtf/CMakeLists.txt:
974         * wtf/RefCounted.h:
975         (WTF::RefCountedBase::ref):
976         (WTF::RefCountedBase::hasOneRef):
977         (WTF::RefCountedBase::refCount):
978         (WTF::RefCountedBase::derefBase):
979         * wtf/SizeLimits.cpp:
980         * wtf/ThreadRestrictionVerifier.h: Removed.
981         * wtf/text/CString.h:
982         (WTF::CStringBuffer::CStringBuffer):
983
984 2011-04-28  Gavin Barraclough  <barraclough@apple.com>
985
986         Reviewed by Oliver Hunt.
987
988         Bug 59740 - DFG JIT - Unify GPRReg & RegisterID
989
990         Currently we use a mix of enum values throughout the DFG JIT to  represent
991         gpr registers - the RegisterID provided by the MacroAssembler, and the
992         GPRReg enum giving the sequential register set over which the RegisterBank
993         allocates. Unify the two.
994
995         Patch to unify FPRReg in a similar fashion will follow.
996
997         * JavaScriptCore.xcodeproj/project.pbxproj:
998         * dfg/DFGFPRInfo.h: Added.
999         (JSC::DFG::next):
1000         (JSC::DFG::FPRBankInfo::toRegister):
1001         (JSC::DFG::FPRBankInfo::toIndex):
1002         * dfg/DFGGPRInfo.h: Added.
1003         (JSC::DFG::GPRInfo::toRegister):
1004         (JSC::DFG::GPRInfo::toIndex):
1005         (JSC::DFG::GPRInfo::debugName):
1006         * dfg/DFGJITCodeGenerator.cpp:
1007         (JSC::DFG::JITCodeGenerator::fillInteger):
1008         (JSC::DFG::JITCodeGenerator::fillDouble):
1009         (JSC::DFG::JITCodeGenerator::fillJSValue):
1010         (JSC::DFG::JITCodeGenerator::dump):
1011         (JSC::DFG::JITCodeGenerator::checkConsistency):
1012         (JSC::DFG::GPRTemporary::GPRTemporary):
1013         (JSC::DFG::FPRTemporary::FPRTemporary):
1014         * dfg/DFGJITCodeGenerator.h:
1015         (JSC::DFG::JITCodeGenerator::boxDouble):
1016         (JSC::DFG::JITCodeGenerator::unboxDouble):
1017         (JSC::DFG::JITCodeGenerator::spill):
1018         (JSC::DFG::JITCodeGenerator::flushRegisters):
1019         (JSC::DFG::JITCodeGenerator::isFlushed):
1020         (JSC::DFG::JITCodeGenerator::bitOp):
1021         (JSC::DFG::JITCodeGenerator::shiftOp):
1022         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
1023         (JSC::DFG::JITCodeGenerator::setupStubArguments):
1024         (JSC::DFG::JITCodeGenerator::callOperation):
1025         (JSC::DFG::IntegerOperand::gpr):
1026         (JSC::DFG::DoubleOperand::gpr):
1027         (JSC::DFG::GPRTemporary::gpr):
1028         (JSC::DFG::FPRTemporary::gpr):
1029         (JSC::DFG::GPRResult::lockedResult):
1030         * dfg/DFGJITCompiler.cpp:
1031         (JSC::DFG::JITCompiler::fillNumericToDouble):
1032         (JSC::DFG::JITCompiler::fillInt32ToInteger):
1033         (JSC::DFG::JITCompiler::fillToJS):
1034         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
1035         (JSC::DFG::JITCompiler::compileFunction):
1036         (JSC::DFG::JITCompiler::jitAssertIsInt32):
1037         (JSC::DFG::JITCompiler::jitAssertIsJSInt32):
1038         (JSC::DFG::JITCompiler::jitAssertIsJSNumber):
1039         (JSC::DFG::JITCompiler::jitAssertIsJSDouble):
1040         * dfg/DFGJITCompiler.h:
1041         (JSC::DFG::JITCompiler::preserveReturnAddressAfterCall):
1042         (JSC::DFG::JITCompiler::restoreReturnAddressBeforeReturn):
1043         (JSC::DFG::JITCompiler::emitGetFromCallFrameHeaderPtr):
1044         (JSC::DFG::JITCompiler::emitPutToCallFrameHeader):
1045         (JSC::DFG::JITCompiler::emitPutImmediateToCallFrameHeader):
1046         (JSC::DFG::JITCompiler::addressForGlobalVar):
1047         (JSC::DFG::JITCompiler::addressFor):
1048         (JSC::DFG::JITCompiler::tagFor):
1049         (JSC::DFG::JITCompiler::payloadFor):
1050         * dfg/DFGNonSpeculativeJIT.cpp:
1051         (JSC::DFG::EntryLocation::EntryLocation):
1052         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
1053         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
1054         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
1055         (JSC::DFG::NonSpeculativeJIT::compile):
1056         * dfg/DFGNonSpeculativeJIT.h:
1057         (JSC::DFG::NonSpeculativeJIT::silentSpillGPR):
1058         (JSC::DFG::NonSpeculativeJIT::silentSpillFPR):
1059         (JSC::DFG::NonSpeculativeJIT::silentFillGPR):
1060         (JSC::DFG::NonSpeculativeJIT::silentFillFPR):
1061         (JSC::DFG::NonSpeculativeJIT::silentSpillAllRegisters):
1062         (JSC::DFG::NonSpeculativeJIT::silentFillAllRegisters):
1063         * dfg/DFGRegisterBank.h:
1064         (JSC::DFG::RegisterBank::allocate):
1065         (JSC::DFG::RegisterBank::retain):
1066         (JSC::DFG::RegisterBank::release):
1067         (JSC::DFG::RegisterBank::lock):
1068         (JSC::DFG::RegisterBank::unlock):
1069         (JSC::DFG::RegisterBank::isLocked):
1070         (JSC::DFG::RegisterBank::name):
1071         (JSC::DFG::RegisterBank::iterator::name):
1072         (JSC::DFG::RegisterBank::iterator::isLocked):
1073         (JSC::DFG::RegisterBank::iterator::release):
1074         (JSC::DFG::RegisterBank::iterator::gpr):
1075         (JSC::DFG::RegisterBank::iterator::debugName):
1076         (JSC::DFG::RegisterBank::iterator::operator++):
1077         (JSC::DFG::RegisterBank::iterator::operator!=):
1078         (JSC::DFG::RegisterBank::iterator::index):
1079         (JSC::DFG::RegisterBank::iterator::iterator):
1080         (JSC::DFG::RegisterBank::begin):
1081         (JSC::DFG::RegisterBank::end):
1082         (JSC::DFG::RegisterBank::isLockedAtIndex):
1083         (JSC::DFG::RegisterBank::nameAtIndex):
1084         (JSC::DFG::RegisterBank::releaseAtIndex):
1085         (JSC::DFG::RegisterBank::allocateInternal):
1086         (JSC::DFG::RegisterBank::MapEntry::MapEntry):
1087         * dfg/DFGScoreBoard.h:
1088         (JSC::DFG::ScoreBoard::~ScoreBoard):
1089         * dfg/DFGSpeculativeJIT.cpp:
1090         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
1091         (JSC::DFG::SpeculationCheck::SpeculationCheck):
1092         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1093         (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
1094         (JSC::DFG::SpeculativeJIT::compile):
1095         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
1096         (JSC::DFG::SpeculativeJIT::initializeVariableTypes):
1097         * dfg/DFGSpeculativeJIT.h:
1098         (JSC::DFG::SpeculateIntegerOperand::gpr):
1099
1100 2011-04-28  Oliver Hunt  <oliver@apple.com>
1101
1102         Reviewed by Gavin Barraclough.
1103
1104         Remove evil addressOfStructure() function
1105         https://bugs.webkit.org/show_bug.cgi?id=59739
1106
1107         Remove the addressOfStructure function from JSCell, and update
1108         callsites to use the same logic as testPrototype()
1109
1110         * jit/JITPropertyAccess.cpp:
1111         (JSC::JIT::privateCompileGetByIdProto):
1112         (JSC::JIT::privateCompileGetByIdProtoList):
1113         * jit/JITPropertyAccess32_64.cpp:
1114         (JSC::JIT::privateCompileGetByIdProto):
1115         (JSC::JIT::privateCompileGetByIdProtoList):
1116         * runtime/JSCell.h:
1117
1118 2011-04-28  Oliver Hunt  <oliver@apple.com>
1119
1120         Reviewed by Gavin Barraclough.
1121
1122         Clean up testPrototype()
1123         https://bugs.webkit.org/show_bug.cgi?id=59734
1124
1125         Remove direct pointer to the inside of a GC object and just do
1126         the indirect load manually.  Doesn't effect sunspider but does
1127         clean up the code quite a bit, and simplifies the handling of
1128         GC values.
1129
1130         * jit/JITPropertyAccess.cpp:
1131         (JSC::JIT::testPrototype):
1132
1133 2011-04-28  David Levin  <levin@chromium.org>
1134
1135         Build fix.
1136
1137         * wtf/RefCounted.h: Fix inverted ifdef.
1138
1139 2011-04-07  David Levin  <levin@chromium.org>
1140
1141         Reviewed by Darin Adler.
1142
1143         Add asserts to RefCounted to make sure ref/deref happens on the right thread.
1144         https://bugs.webkit.org/show_bug.cgi?id=31639
1145
1146         * GNUmakefile.list.am: Added new files to the build.
1147         * JavaScriptCore.gypi: Ditto.
1148         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1149         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1150         * jit/ExecutableAllocator.h:
1151         (JSC::ExecutablePool::ExecutablePool): Turned off checks for this
1152         due to not being able to figure out what was guarding it (bug 58091).
1153         * parser/SourceProvider.h:
1154         (JSC::SourceProvider::SourceProvider): Ditto.
1155         * runtime/RegExp.cpp:
1156         (JSC::RegExp::RegExp): Ditto.
1157         * wtf/CMakeLists.txt: Added new files to the build.
1158         * wtf/ThreadRestrictionVerifier.h: Added.
1159         Everything is done in the header to avoid the issue with exports
1160         that are only useful in debug but still needing to export them.
1161         * wtf/RefCounted.h:
1162         (WTF::RefCountedBase::ref): Added checks using the non thread safe verifier.
1163         and filed bug 58171 about making it stricter.
1164         (WTF::RefCountedBase::hasOneRef): Ditto.
1165         (WTF::RefCountedBase::refCount): Ditto.
1166         (WTF::RefCountedBase::setMutexForVerifier): Expose a way to change the checks to be based
1167         on a mutex. This is in the header to avoid adding more exports from JavaScriptCore.
1168         (WTF::RefCountedBase::deprecatedTurnOffVerifier): Temporary way to turn off verification.
1169         Filed bug 58174 to remove this method.
1170         (WTF::RefCountedBase::derefBase):
1171         * wtf/SizeLimits.cpp: Adjusted the debug size check for RefCounted.
1172         * wtf/text/CString.h:
1173         (WTF::CStringBuffer::CStringBuffer): Turned off checks for this while a fix is being
1174         done in Chromium's test_shell (bug 58093).
1175
1176 2011-04-28  Xan Lopez  <xlopez@igalia.com>
1177
1178         Unreviewed attempt to fix the build.
1179
1180         * GNUmakefile.am: add -lpthread.
1181
1182 2011-04-28  Oliver Hunt  <oliver@apple.com>
1183
1184         Reviewed by Gavin Barraclough.
1185
1186         Only need a single implementation of testPrototype
1187         https://bugs.webkit.org/show_bug.cgi?id=59724
1188
1189         Remove excess copy of identical testPrototype() code
1190
1191         * jit/JITPropertyAccess.cpp:
1192         (JSC::JIT::testPrototype):
1193         * jit/JITPropertyAccess32_64.cpp:
1194
1195 2011-04-28  Xan Lopez  <xlopez@igalia.com>
1196
1197         Reviewed by Martin Robinson.
1198
1199         [Gtk] Split JSC and WebCore builds
1200         https://bugs.webkit.org/show_bug.cgi?id=19428
1201
1202         Build JavaScriptCore as a libtool shared library instead of a
1203         private convenience library.
1204
1205         * GNUmakefile.am: define new jsc library and adapt to new name for
1206         javascriptcore target.
1207         * GNUmakefile.list.am: ditto.
1208
1209 2011-04-28  David Kilzer  <ddkilzer@apple.com>
1210
1211         <http://webkit.org/b/59705> WTF::postTimer() leaks a CFRunLoopTimerRef every time it's called
1212
1213         Reviewed by Simon Fraser.
1214
1215         * wtf/mac/MainThreadMac.mm:
1216         (WTF::postTimer): Use RetainPtr to plug the leak.
1217
1218 2011-04-27  Sam Weinig  <sam@webkit.org>
1219
1220         Reviewed by David Kilzer.
1221
1222         Add way to install testapi in production builds
1223         https://bugs.webkit.org/show_bug.cgi?id=59674
1224
1225         * Configurations/TestAPI.xcconfig: Copied from Configurations/JavaScriptCore.xcconfig.
1226         Add configuration file for TestAPI. In addition to name, we now specify an install path
1227         and allow SKIP_INSTALL to be overridden by setting FORCE_TOOL_INSTALL.
1228
1229         * JavaScriptCore.xcodeproj/project.pbxproj:
1230         Remove in-project build settings and add missing configuration files. Added missing CompilerVersion.xcconfig
1231         file.
1232
1233 2011-04-27  Adam Barth  <abarth@webkit.org>
1234
1235         Reviewed by David Levin.
1236
1237         Enable strict OwnPtrs for Chromium
1238         https://bugs.webkit.org/show_bug.cgi?id=59666
1239
1240         * wtf/OwnPtr.h:
1241
1242 2011-04-27  Oliver Hunt  <oliver@apple.com>
1243
1244         Reviewed by Geoffrey Garen.
1245
1246         Add ability to remove keys from weakmap API
1247         https://bugs.webkit.org/show_bug.cgi?id=59645
1248
1249         Add JSWeakObjectMapRemove API
1250
1251         * API/JSWeakObjectMapRefPrivate.cpp:
1252         * API/JSWeakObjectMapRefPrivate.h:
1253         * JavaScriptCore.exp:
1254
1255 2011-04-27  Adam Barth  <abarth@webkit.org>
1256
1257         Reviewed by David Levin.
1258
1259         Enable strict mode for OwnPtr
1260         https://bugs.webkit.org/show_bug.cgi?id=59428
1261
1262         This patch enables strict mode for OwnPtr on PLATFORM(MAC) only.
1263
1264         * wtf/OwnPtr.h:
1265
1266 2011-04-27  Steve Block  <steveblock@google.com>
1267
1268         Reviewed by David Levin.
1269
1270         Remove Android build system
1271         https://bugs.webkit.org/show_bug.cgi?id=48111
1272
1273         This is to avoid the maintenance burden until the Android port is
1274         fully upstreamed.
1275
1276         * Android.mk: Removed.
1277         * Android.v8.wtf.mk: Removed.
1278
1279 2011-04-27  Mark Rowe  <mrowe@apple.com>
1280
1281         Fix 32-bit build after r85036.
1282
1283         * wtf/Platform.h: USE(PLUGIN_HOST_PROCESS) is only true for 64-bit.
1284
1285 2011-04-27  Csaba Osztrogonác  <ossy@webkit.org>
1286
1287         Unreviewed buildfix after r85036.
1288
1289         Readd non-dead code.
1290
1291         * wtf/OSAllocatorPosix.cpp:
1292         (WTF::OSAllocator::reserveAndCommit):
1293
1294 2011-04-27  Adam Barth  <abarth@webkit.org>
1295
1296         Reviewed by Kenneth Russell.
1297
1298         OwnPtr assignment operator should be private
1299         https://bugs.webkit.org/show_bug.cgi?id=59487
1300
1301         Unfortunately we can't remove the copy constructor because of some
1302         detail about gcc.  (The issue is documented in a comment already.)
1303
1304         * wtf/OwnPtr.h:
1305
1306 2011-04-26  Sheriff Bot  <webkit.review.bot@gmail.com>
1307
1308         Unreviewed, rolling out r84977.
1309         http://trac.webkit.org/changeset/84977
1310         https://bugs.webkit.org/show_bug.cgi?id=59568
1311
1312         caused crashes on the SL WK2 bots (Requested by jessieberlin
1313         on #webkit).
1314
1315         * assembler/MacroAssemblerX86_64.h:
1316         (JSC::MacroAssemblerX86_64::call):
1317         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
1318         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
1319
1320 2011-04-26  Kevin Ollivier  <kevino@theolliviers.com>
1321
1322         Rubberstamped by Eric Seidel.
1323
1324         Enable waf to be used to build other ports
1325         https://bugs.webkit.org/show_bug.cgi?id=58213
1326
1327         * wscript:
1328
1329 2011-04-26  Sam Weinig  <sam@webkit.org>
1330
1331         Reviewed by David Hyatt.
1332
1333         Remove Datagrid from the tree
1334         https://bugs.webkit.org/show_bug.cgi?id=59543
1335
1336         * Configurations/FeatureDefines.xcconfig:
1337         Remove feature.
1338
1339 2011-04-26  Adrienne Walker  <enne@google.com>
1340
1341         Reviewed by Geoffrey Garen.
1342
1343         Fix incorrect use of OwnPtr<T*> in GCActivityCallback
1344         https://bugs.webkit.org/show_bug.cgi?id=59559
1345
1346         * runtime/GCActivityCallback.h:
1347
1348 2011-04-26  Xan Lopez  <xlopez@igalia.com>
1349
1350         Reviewed by Daniel Bates.
1351
1352         Unused but set variable warning in MacroAssembelX86_64
1353         https://bugs.webkit.org/show_bug.cgi?id=59482
1354
1355         * assembler/MacroAssemblerX86_64.h:
1356         (JSC::MacroAssemblerX86_64::call): do not declare the label
1357         variable if we are not going to use it.
1358         (JSC::MacroAssemblerX86_64::tailRecursiveCall): ditto.
1359         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall): ditto.
1360
1361 2011-04-26  Dan Bernstein  <mitz@apple.com>
1362
1363         Reviewed by Mark Rowe.
1364
1365         Choose the compiler based on the Xcode version for Snow Leopard debug builds.
1366
1367         * Configurations/Base.xcconfig:
1368         * Configurations/CompilerVersion.xcconfig: Added.
1369
1370 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
1371
1372         Reviewed by Oliver Hunt.
1373
1374         Nixed special finalizer handling for WebCore strings
1375         https://bugs.webkit.org/show_bug.cgi?id=59425
1376         
1377         SunSpider reports no change.
1378         
1379         Not needed anymore, since weak handles have finalizers.
1380
1381         * runtime/JSString.cpp:
1382         (JSC::JSString::resolveRope):
1383         (JSC::JSString::resolveRopeSlowCase):
1384         (JSC::JSString::outOfMemory):
1385         (JSC::JSString::substringFromRope):
1386         (JSC::JSString::replaceCharacter): Updated for removal of union.
1387
1388         * runtime/JSString.h:
1389         (JSC::RopeBuilder::JSString):
1390         (JSC::RopeBuilder::~JSString):
1391         (JSC::RopeBuilder::appendStringInConstruct):
1392         (JSC::RopeBuilder::appendValueInConstructAndIncrementLength): No need for
1393         union or special constructor anymore.
1394
1395 2011-04-26  Gabor Loki  <loki@webkit.org>
1396
1397         Reviewed by Csaba Osztrogonác.
1398
1399         Speeding up SVG filters with multicore (SMP) support
1400         https://bugs.webkit.org/show_bug.cgi?id=43903
1401
1402         Some SVG filters execute a huge number of pixel manipulations, which
1403         cannot be sped up by graphics accelerators, since their algorithm is
1404         too complex. Using the power of Symmetric Multi Processing (SMP) we
1405         can split up a task to smaller (data independent) tasks, which can be
1406         executed independently.
1407
1408         The ParallelJobs framework provides a simple way for distributed
1409         programming. The framework is based on WebKit's threading infrastructure,
1410         Open Multi-Processing's (OpenMP) API, and libdispatch API.
1411
1412         * GNUmakefile.list.am:
1413         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1414         * JavaScriptCore.xcodeproj/project.pbxproj:
1415         * wtf/CMakeLists.txt:
1416         * wtf/ParallelJobs.h: Added.
1417         (WTF::ParallelJobs::ParallelJobs):
1418         (WTF::ParallelJobs::numberOfJobs):
1419         (WTF::ParallelJobs::parameterForJob):
1420         (WTF::ParallelJobs::executeJobs):
1421         * wtf/ParallelJobsGeneric.cpp: Added.
1422         (WTF::ParallelEnvironment::ThreadPrivate::tryLockFor):
1423         (WTF::ParallelEnvironment::ThreadPrivate::executeJob):
1424         (WTF::ParallelEnvironment::ThreadPrivate::waitForFinish):
1425         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
1426         * wtf/ParallelJobsGeneric.h: Added.
1427         (WTF::ParallelEnvironment::ParallelEnvironment):
1428         (WTF::ParallelEnvironment::numberOfJobs):
1429         (WTF::ParallelEnvironment::parameterForJob):
1430         (WTF::ParallelEnvironment::executeJobs):
1431         (WTF::ParallelEnvironment::ThreadPrivate::ThreadPrivate):
1432         (WTF::ParallelEnvironment::ThreadPrivate::create):
1433         * wtf/ParallelJobsLibdispatch.h: Added.
1434         (WTF::ParallelEnvironment::ParallelEnvironment):
1435         (WTF::ParallelEnvironment::numberOfJobs):
1436         (WTF::ParallelEnvironment::parameterForJob):
1437         (WTF::ParallelEnvironment::executeJobs):
1438         * wtf/ParallelJobsOpenMP.h: Added.
1439         (WTF::ParallelEnvironment::ParallelEnvironment):
1440         (WTF::ParallelEnvironment::numberOfJobs):
1441         (WTF::ParallelEnvironment::parameterForJob):
1442         (WTF::ParallelEnvironment::executeJobs):
1443         * wtf/Platform.h:
1444         * wtf/wtf.pri:
1445
1446 2011-04-26  Mihai Parparita  <mihaip@chromium.org>
1447
1448         Reviewed by Adam Barth.
1449
1450         Turn off make built-in implicit rules for derived sources makefile
1451         https://bugs.webkit.org/show_bug.cgi?id=59418
1452         
1453         We don't use any of make's built-in implicit rules, turning them off
1454         speeds up parsing of the makefile.
1455
1456         * JavaScriptCore.xcodeproj/project.pbxproj:
1457         * gyp/generate-derived-sources.sh:
1458
1459 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
1460
1461         Reviewed by Oliver Hunt.
1462
1463         Custom prototypes on DOM objects don't persist after garbage collection
1464         https://bugs.webkit.org/show_bug.cgi?id=59412
1465         
1466         SunSpider reports no change.
1467         
1468         The hasCustomProperties() check didn't check for a custom prototype.
1469
1470         * runtime/JSObject.h:
1471         (JSC::JSObject::hasCustomProperties): Changed to delegate to Structure
1472         because it is the "truth" about an object's pedigree.
1473
1474         * runtime/Structure.cpp:
1475         (JSC::Structure::Structure):
1476         * runtime/Structure.h:
1477         (JSC::Structure::didTransition): Track whether a Structure has ever
1478         transitioned for any reason. If so, we have to assume that the object
1479         holding it is custom in some way.
1480
1481 2011-04-25  Gavin Barraclough  <barraclough@apple.com>
1482
1483         Reviewed by Geoff Garen.
1484
1485         https://bugs.webkit.org/show_bug.cgi?id=59405
1486         DFG JIT - add type speculation for integer & array types, for vars & args.
1487
1488         If a var or argument is used as the base for a GetByVal or PutByVal access
1489         we are speculating that it is of type Array (we only generate code on the
1490         speculative path to perform array accesses). By typing the var or args slot
1491         as Array, and checking on entry to the function (in the case of args), and
1492         each time the local is written to, we can avoid a type check at each point
1493         the array is accessed. This will typically hoist type checks out of loops.
1494
1495         Similarly, any local that is incremented or decremented, or is the input or
1496         output or a bitwise operator, is likely to be an integer. By typing the
1497         local as int32 we can avoid speculation checks on access, and tagging when
1498         writing to the slot. All accesses can become 32bit instead of 64.
1499
1500         * dfg/DFGByteCodeParser.cpp:
1501         (JSC::DFG::ByteCodeParser::set):
1502         (JSC::DFG::ByteCodeParser::predictArray):
1503         (JSC::DFG::ByteCodeParser::predictInt32):
1504         (JSC::DFG::ByteCodeParser::parseBlock):
1505         * dfg/DFGGraph.h:
1506         (JSC::DFG::PredictionSlot::PredictionSlot):
1507         (JSC::DFG::Graph::Graph):
1508         (JSC::DFG::Graph::predict):
1509         (JSC::DFG::Graph::getPrediction):
1510         * dfg/DFGJITCompiler.cpp:
1511         (JSC::DFG::JITCompiler::compileFunction):
1512         * dfg/DFGJITCompiler.h:
1513         (JSC::DFG::JITCompiler::tagFor):
1514         (JSC::DFG::JITCompiler::payloadFor):
1515         * dfg/DFGNode.h:
1516         * dfg/DFGNonSpeculativeJIT.cpp:
1517         (JSC::DFG::NonSpeculativeJIT::compile):
1518         * dfg/DFGSpeculativeJIT.cpp:
1519         (JSC::DFG::SpeculativeJIT::compile):
1520         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
1521         (JSC::DFG::SpeculativeJIT::initializeVariableTypes):
1522         * dfg/DFGSpeculativeJIT.h:
1523         * runtime/Executable.cpp:
1524         (JSC::tryDFGCompile):
1525
1526 2011-04-25  David Levin  <levin@chromium.org>
1527
1528         Reviewed by James Robinson.
1529
1530         Fix OwnPtr strict mode violation in MessageQueue.h
1531         https://bugs.webkit.org/show_bug.cgi?id=59400
1532
1533         * wtf/MessageQueue.h:
1534         (WTF::::waitForMessage):
1535         (WTF::::waitForMessageFilteredWithTimeout):
1536         (WTF::::tryGetMessage):
1537
1538 2011-04-25  Adam Barth  <abarth@webkit.org>
1539
1540         Reviewed by Darin Adler.
1541
1542         JavaScriptCore should play nice strict OwnPtrs
1543         https://bugs.webkit.org/show_bug.cgi?id=59401
1544
1545         * dfg/DFGByteCodeParser.cpp:
1546         (JSC::DFG::ByteCodeParser::parse):
1547         * heap/Heap.cpp:
1548         (JSC::TypeCounter::TypeCounter):
1549         * jit/JITStubs.cpp:
1550         (JSC::JITThunks::JITThunks):
1551         * parser/JSParser.cpp:
1552         (JSC::JSParser::Scope::Scope):
1553         * yarr/YarrJIT.cpp:
1554         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
1555
1556 2011-04-25  Mark Rowe  <mrowe@apple.com>
1557
1558         Build fix.
1559
1560         * wtf/ListHashSet.h:
1561
1562 2011-04-25  Gavin Barraclough  <barraclough@apple.com>
1563
1564         Reviewed by Oliver Hunt.
1565
1566         Bug 59370 - DFG JIT - fix leak of BlocksBlocks
1567         (put the blocks immediately into an OwnPtr).
1568
1569         * dfg/DFGByteCodeParser.cpp:
1570         (JSC::DFG::ByteCodeParser::parse):
1571
1572 2011-04-25  James Robinson  <jamesr@chromium.org>
1573
1574         Reviewed by David Levin.
1575
1576         Fix strict OwnPtr violations in ListHashSet and RenderLayerCompositor
1577         https://bugs.webkit.org/show_bug.cgi?id=59353
1578
1579         * wtf/ListHashSet.h:
1580         (WTF::::ListHashSet):
1581
1582 2011-04-25  David Levin  <levin@chromium.org>
1583
1584         Reviewed by Adam Barth.
1585
1586         Fix PassOwnPtr issues in Structure and JSGlobalData.cpp
1587         https://bugs.webkit.org/show_bug.cgi?id=59347
1588
1589         * runtime/JSGlobalData.cpp:
1590         (JSC::JSGlobalData::JSGlobalData):
1591         * runtime/Structure.cpp:
1592         (JSC::Structure::copyPropertyTable):
1593         (JSC::Structure::createPropertyMap):
1594         * runtime/Structure.h:
1595
1596 2011-04-25  Oliver Hunt  <oliver@apple.com>
1597
1598         Reviewed by Geoffrey Garen.
1599
1600         Make ClassInfo required when creating a Structure
1601         https://bugs.webkit.org/show_bug.cgi?id=59340
1602
1603         Add ClassInfo to all those types which currently don't
1604         have it, and add an assertion to Structure::create to
1605         ensure that the provided classInfo is not null.
1606
1607         * runtime/Executable.h:
1608         (JSC::EvalExecutable::createStructure):
1609         (JSC::ProgramExecutable::createStructure):
1610         (JSC::FunctionExecutable::createStructure):
1611         * runtime/GetterSetter.cpp:
1612         * runtime/GetterSetter.h:
1613         (JSC::GetterSetter::createStructure):
1614         * runtime/JSAPIValueWrapper.cpp:
1615         * runtime/JSAPIValueWrapper.h:
1616         (JSC::JSAPIValueWrapper::createStructure):
1617         * runtime/JSCell.cpp:
1618         * runtime/JSCell.h:
1619         * runtime/JSString.cpp:
1620         * runtime/JSString.h:
1621         (JSC::RopeBuilder::createStructure):
1622         * runtime/Structure.h:
1623         (JSC::Structure::create):
1624         (JSC::JSCell::createDummyStructure):
1625
1626 2011-04-25  David Levin  <levin@chromium.org>
1627
1628         Reviewed by Adam Barth.
1629
1630         PropertyMapHashTable.h should use adoptPtr instead of implicit conversions to PassRefPtr.
1631         https://bugs.webkit.org/show_bug.cgi?id=59342
1632
1633         This patch is to prepare for the strict OwnPtr hack-a-thon.
1634
1635         * runtime/PropertyMapHashTable.h:
1636         (JSC::PropertyTable::copy):
1637
1638 2011-04-25  Thouraya ANDOLSI  <thouraya.andolsi@st.com>
1639
1640         Reviewed by Gavin Barraclough.
1641
1642         Rationalize MacroAssembler branch methods
1643         https://bugs.webkit.org/show_bug.cgi?id=58950
1644
1645         split out the 'Condition' enum into 'RelationalCondition' and 'ResultCondition' 
1646         and apply related changes (only for SH4 platforms).
1647
1648         * assembler/MacroAssemblerSH4.cpp:
1649         * assembler/MacroAssemblerSH4.h:
1650         (JSC::MacroAssemblerSH4::compare32):
1651         (JSC::MacroAssemblerSH4::branch32WithUnalignedHalfWords):
1652         (JSC::MacroAssemblerSH4::branchDouble):
1653         (JSC::MacroAssemblerSH4::branch32):
1654         (JSC::MacroAssemblerSH4::branchTest8):
1655         (JSC::MacroAssemblerSH4::branch8):
1656         (JSC::MacroAssemblerSH4::branchTruncateDoubleToInt32):
1657         (JSC::MacroAssemblerSH4::test8):
1658         (JSC::MacroAssemblerSH4::branch16):
1659         (JSC::MacroAssemblerSH4::branchTest32):
1660         (JSC::MacroAssemblerSH4::branchAdd32):
1661         (JSC::MacroAssemblerSH4::branchMul32):
1662         (JSC::MacroAssemblerSH4::branchSub32):
1663         (JSC::MacroAssemblerSH4::branchOr32):
1664         (JSC::MacroAssemblerSH4::branchConvertDoubleToInt32):
1665         (JSC::MacroAssemblerSH4::branchPtrWithPatch):
1666         (JSC::MacroAssemblerSH4::SH4Condition):
1667         * assembler/SH4Assembler.h:
1668         (JSC::SH4Assembler::cmpEqImmR0):
1669
1670 2011-04-25  Adam Barth  <abarth@webkit.org>
1671
1672         Reviewed by Eric Seidel.
1673
1674         PropertyMapHashTable should work with strict OwnPtr
1675         https://bugs.webkit.org/show_bug.cgi?id=59337
1676
1677         This patch is in preparation for the strict OwnPtr hack-a-thon.
1678
1679         * runtime/PropertyMapHashTable.h:
1680         (JSC::PropertyTable::PropertyTable):
1681         (JSC::PropertyTable::addDeletedOffset):
1682
1683 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
1684
1685         Reviewed by Sam Weinig.
1686
1687         Nixed MarkStack::deprecatedAppend, since it has no clients left.
1688
1689         * heap/MarkStack.h:
1690
1691 2011-04-23  Gavin Barraclough  <barraclough@apple.com>
1692
1693         Reviewed by Oliver Hunt.
1694
1695         Bug 59287 - DFG JIT - Handle temporaries as vars, allowing support for ?:
1696
1697         SetLocals to temporaries will only be generated if they are used within other
1698         blocks, due to the SSA based DCE.
1699
1700         * dfg/DFGByteCodeParser.cpp:
1701         (JSC::DFG::ByteCodeParser::ByteCodeParser):
1702         (JSC::DFG::ByteCodeParser::get):
1703         (JSC::DFG::ByteCodeParser::set):
1704         (JSC::DFG::ByteCodeParser::getLocal):
1705         (JSC::DFG::ByteCodeParser::setLocal):
1706         (JSC::DFG::ByteCodeParser::parseBlock):
1707         (JSC::DFG::ByteCodeParser::processPhiStack):
1708         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
1709         (JSC::DFG::ByteCodeParser::parse):
1710         * dfg/DFGGraph.h:
1711         (JSC::DFG::BasicBlock::BasicBlock):
1712
1713 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1714
1715         Reviewed by Sam Weinig & Geoff Garen.
1716
1717         Bug 59266 - DFG JIT - Add SSA style DCE
1718
1719         This works by making GetLocal nodes reference SetLocal nodes from prior blocks,
1720         via intermediate Phi nodes. Whenever we add a GetLocal to the graph, also add a
1721         matching child Phi, and add the Phi to a work queue to add references to prior
1722         definitions once we have the full CFG & can determine predecessors. This process
1723         is iterative, inserting new phis into predecessors as necessary.
1724
1725         * dfg/DFGByteCodeParser.cpp:
1726         (JSC::DFG::ByteCodeParser::getVariable):
1727         (JSC::DFG::ByteCodeParser::setVariable):
1728         (JSC::DFG::ByteCodeParser::getArgument):
1729         (JSC::DFG::ByteCodeParser::setArgument):
1730         (JSC::DFG::ByteCodeParser::parseBlock):
1731         (JSC::DFG::ByteCodeParser::processWorkQueue):
1732         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
1733         (JSC::DFG::ByteCodeParser::parse):
1734         * dfg/DFGGraph.cpp:
1735         (JSC::DFG::Graph::dump):
1736         (JSC::DFG::Graph::refChildren):
1737         * dfg/DFGGraph.h:
1738         (JSC::DFG::Graph::ref):
1739         * dfg/DFGNode.h:
1740         (JSC::DFG::Node::ref):
1741         * dfg/DFGNonSpeculativeJIT.cpp:
1742         (JSC::DFG::NonSpeculativeJIT::compile):
1743         * dfg/DFGScoreBoard.h:
1744         (JSC::DFG::ScoreBoard::~ScoreBoard):
1745         (JSC::DFG::ScoreBoard::dump):
1746         * dfg/DFGSpeculativeJIT.cpp:
1747         (JSC::DFG::SpeculativeJIT::compile):
1748
1749 2011-04-22  Vitaly Repeshko  <vitalyr@chromium.org>
1750
1751         Reviewed by Adam Barth.
1752
1753         Add missing default constructors for HashMap iterator specializations.
1754         https://bugs.webkit.org/show_bug.cgi?id=59250
1755
1756         * wtf/HashIterators.h:
1757         * wtf/HashTable.h:
1758         (WTF::HashTableConstIterator::HashTableConstIterator): Added cast
1759         to help compiler find the function template.
1760
1761 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1762
1763         Reviewed by Sam Weinig.
1764
1765         Bug 59262 - DFG JIT - reduce size of VariableRecord
1766
1767         We never need both the get & set node, only the most recent
1768         (which is always a set, if both exist).
1769
1770         * dfg/DFGByteCodeParser.cpp:
1771         (JSC::DFG::ByteCodeParser::getVariable):
1772         (JSC::DFG::ByteCodeParser::setVariable):
1773         (JSC::DFG::ByteCodeParser::getArgument):
1774         (JSC::DFG::ByteCodeParser::setArgument):
1775         (JSC::DFG::ByteCodeParser::parseBlock):
1776         * dfg/DFGGraph.h:
1777         (JSC::DFG::VariableRecord::VariableRecord):
1778
1779 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1780
1781         Reviewed by Geoffrey Garen.
1782
1783         Bug 59254 - DFG JIT - retain VariableRecords for args/var in all basic blocks,
1784         such that this information is available for DCE.  Also, since this enlarges the
1785         size of BasicBlock, make Graph hold a vector of pointers to basic blocks, not a
1786         vector of blocks.
1787
1788         * dfg/DFGByteCodeParser.cpp:
1789         (JSC::DFG::ByteCodeParser::ByteCodeParser):
1790         (JSC::DFG::ByteCodeParser::get):
1791         (JSC::DFG::ByteCodeParser::set):
1792         (JSC::DFG::ByteCodeParser::getVariable):
1793         (JSC::DFG::ByteCodeParser::setVariable):
1794         (JSC::DFG::ByteCodeParser::getArgument):
1795         (JSC::DFG::ByteCodeParser::setArgument):
1796         (JSC::DFG::ByteCodeParser::parseBlock):
1797         (JSC::DFG::ByteCodeParser::setupPredecessors):
1798         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
1799         (JSC::DFG::ByteCodeParser::parse):
1800         * dfg/DFGGraph.cpp:
1801         (JSC::DFG::Graph::dump):
1802         * dfg/DFGGraph.h:
1803         (JSC::DFG::VariableRecord::VariableRecord):
1804         (JSC::DFG::BasicBlock::BasicBlock):
1805         (JSC::DFG::BasicBlock::getBytecodeBegin):
1806         (JSC::DFG::Graph::blockIndexForBytecodeOffset):
1807         (JSC::DFG::Graph::blockForBytecodeOffset):
1808         * dfg/DFGNonSpeculativeJIT.cpp:
1809         (JSC::DFG::NonSpeculativeJIT::compile):
1810         * dfg/DFGSpeculativeJIT.cpp:
1811         (JSC::DFG::SpeculativeJIT::compile):
1812         * dfg/DFGSpeculativeJIT.h:
1813         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
1814
1815 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1816
1817         Errk, build fix.
1818
1819         * dfg/DFGSpeculativeJIT.cpp:
1820         (JSC::DFG::SpeculativeJIT::compile):
1821
1822 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1823
1824         Reviewed by Sam Weinig.
1825
1826         Quick cleanup to SpeculativeJIT/NonSpeculativeJIT compile loop,
1827         move out the call to checkConsistency().
1828
1829         * dfg/DFGNonSpeculativeJIT.cpp:
1830         (JSC::DFG::NonSpeculativeJIT::compile):
1831         * dfg/DFGSpeculativeJIT.cpp:
1832         (JSC::DFG::SpeculativeJIT::compile):
1833         * dfg/DFGSpeculativeJIT.h:
1834         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
1835         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
1836
1837 2011-04-21  Vitaly Repeshko  <vitalyr@chromium.org>
1838
1839         Reviewed by Adam Barth.
1840
1841         Provide default constructors for HashMap iterators.
1842         https://bugs.webkit.org/show_bug.cgi?id=59151
1843
1844         These will be used to implement an iterator over EventTarget's
1845         listeners.
1846
1847         * wtf/HashTable.h:
1848         (WTF::HashTableConstIteratorAdapter::HashTableConstIteratorAdapter):
1849         (WTF::HashTableIteratorAdapter::HashTableIteratorAdapter):
1850
1851 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1852
1853         Reviewed by Geoff Garen.
1854
1855         Bug 59232 - DFG JIT - Add predecessor links to BasicBlocks
1856
1857         These will be necessary for DCE support.
1858         Also factor allocateVirtualRegisters out into its own method.
1859
1860         * dfg/DFGByteCodeParser.cpp:
1861         (JSC::DFG::ByteCodeParser::setupPredecessors):
1862         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
1863         (JSC::DFG::ByteCodeParser::parse):
1864         * dfg/DFGGraph.h:
1865         (JSC::DFG::Graph::blockForBytecodeOffset):
1866         * dfg/DFGNode.h:
1867         (JSC::DFG::Node::isTerminal):
1868
1869 2011-04-22  Oliver Hunt  <oliver@apple.com>
1870
1871         Reviewed by Geoffrey Garen.
1872
1873         Object.create creates uncachable objects
1874         https://bugs.webkit.org/show_bug.cgi?id=59164
1875
1876         Use the prototype object's inheritorID, as we
1877         should always have done
1878
1879         * runtime/JSGlobalObject.cpp:
1880         (JSC::JSGlobalObject::reset):
1881         (JSC::JSGlobalObject::visitChildren):
1882         * runtime/JSGlobalObject.h:
1883         (JSC::JSGlobalObject::nullPrototypeObjectStructure):
1884         * runtime/ObjectConstructor.cpp:
1885         (JSC::objectConstructorCreate):
1886
1887 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
1888
1889         Reviewed by Sam Weinig.
1890
1891         Bug 59222 - DFG JIT - don't allocate virtual registers to nodes with no result
1892
1893         We currently allocate virtual registers to nodes which have no result - these are
1894         clearly unused, and may result in us allocating a larger than necessary stack frame.
1895
1896         Encapsulate Node::virtualRegister such that we can ASSERT this is only called on
1897         nodes that have results, and improve the quality of output from the consistency check.
1898
1899         * dfg/DFGByteCodeParser.cpp:
1900         (JSC::DFG::ByteCodeParser::parse):
1901         * dfg/DFGGraph.cpp:
1902         (JSC::DFG::Graph::dump):
1903         * dfg/DFGGraph.h:
1904         (JSC::DFG::Graph::ref):
1905         (JSC::DFG::Graph::deref):
1906         * dfg/DFGJITCodeGenerator.cpp:
1907         (JSC::DFG::JITCodeGenerator::fillInteger):
1908         (JSC::DFG::JITCodeGenerator::fillDouble):
1909         (JSC::DFG::JITCodeGenerator::fillJSValue):
1910         (JSC::DFG::JITCodeGenerator::dump):
1911         (JSC::DFG::JITCodeGenerator::checkConsistency):
1912         * dfg/DFGJITCodeGenerator.h:
1913         (JSC::DFG::JITCodeGenerator::canReuse):
1914         (JSC::DFG::JITCodeGenerator::isFilled):
1915         (JSC::DFG::JITCodeGenerator::isFilledDouble):
1916         (JSC::DFG::JITCodeGenerator::use):
1917         (JSC::DFG::JITCodeGenerator::integerResult):
1918         (JSC::DFG::JITCodeGenerator::noResult):
1919         (JSC::DFG::JITCodeGenerator::cellResult):
1920         (JSC::DFG::JITCodeGenerator::jsValueResult):
1921         (JSC::DFG::JITCodeGenerator::doubleResult):
1922         (JSC::DFG::JITCodeGenerator::initConstantInfo):
1923         * dfg/DFGJITCompiler.cpp:
1924         (JSC::DFG::JITCompiler::fillNumericToDouble):
1925         (JSC::DFG::JITCompiler::fillInt32ToInteger):
1926         (JSC::DFG::JITCompiler::fillToJS):
1927         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
1928         * dfg/DFGNode.h:
1929         (JSC::DFG::Node::Node):
1930         (JSC::DFG::Node::hasResult):
1931         (JSC::DFG::Node::virtualRegister):
1932         (JSC::DFG::Node::setVirtualRegister):
1933         (JSC::DFG::Node::refCount):
1934         (JSC::DFG::Node::ref):
1935         (JSC::DFG::Node::deref):
1936         (JSC::DFG::Node::adjustedRefCount):
1937         * dfg/DFGNonSpeculativeJIT.cpp:
1938         (JSC::DFG::NonSpeculativeJIT::isKnownInteger):
1939         (JSC::DFG::NonSpeculativeJIT::isKnownNumeric):
1940         (JSC::DFG::NonSpeculativeJIT::compile):
1941         * dfg/DFGScoreBoard.h:
1942         (JSC::DFG::ScoreBoard::use):
1943         * dfg/DFGSpeculativeJIT.cpp:
1944         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
1945         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1946         (JSC::DFG::SpeculativeJIT::compile):
1947
1948 2011-04-22  Sam Weinig  <sam@webkit.org>
1949
1950         Reviewed by Gavin Barraclough and Oliver Hunt.
1951
1952         Arrays should participate in global object forwarding fun
1953         https://bugs.webkit.org/show_bug.cgi?id=59215
1954
1955         * runtime/JSGlobalObject.h:
1956         (JSC::constructEmptyArray):
1957         (JSC::constructArray):
1958         Add variants of constructArray that take a global object.
1959
1960 2011-04-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1961
1962         Unreviewed, rolling out r84650 and r84654.
1963         http://trac.webkit.org/changeset/84650
1964         http://trac.webkit.org/changeset/84654
1965         https://bugs.webkit.org/show_bug.cgi?id=59218
1966
1967         Broke Windows build (Requested by bweinstein on #webkit).
1968
1969         * API/JSCallbackObjectFunctions.h:
1970         (JSC::::init):
1971         * JavaScriptCore.exp:
1972         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1973         * heap/Handle.h:
1974         (JSC::HandleBase::operator!):
1975         (JSC::HandleBase::operator UnspecifiedBoolType*):
1976         (JSC::HandleTypes::getFromSlot):
1977         * heap/HandleHeap.cpp:
1978         (JSC::HandleHeap::markStrongHandles):
1979         (JSC::HandleHeap::markWeakHandles):
1980         (JSC::HandleHeap::finalizeWeakHandles):
1981         (JSC::HandleHeap::writeBarrier):
1982         (JSC::HandleHeap::protectedGlobalObjectCount):
1983         (JSC::HandleHeap::isValidWeakNode):
1984         * heap/HandleHeap.h:
1985         (JSC::HandleHeap::copyWeak):
1986         (JSC::HandleHeap::makeWeak):
1987         (JSC::HandleHeap::Node::slot):
1988         * heap/HandleStack.cpp:
1989         (JSC::HandleStack::mark):
1990         (JSC::HandleStack::grow):
1991         * heap/HandleStack.h:
1992         (JSC::HandleStack::zapTo):
1993         (JSC::HandleStack::push):
1994         * heap/Heap.cpp:
1995         (JSC::HandleHeap::protectedObjectTypeCounts):
1996         * heap/Local.h:
1997         (JSC::::set):
1998         * heap/Strong.h:
1999         (JSC::Strong::set):
2000         * heap/Weak.h:
2001         (JSC::Weak::set):
2002         * runtime/StructureTransitionTable.h:
2003         (JSC::StructureTransitionTable::singleTransition):
2004         (JSC::StructureTransitionTable::setSingleTransition):
2005         * runtime/WeakGCMap.h:
2006         (JSC::WeakGCMap::add):
2007         (JSC::WeakGCMap::set):
2008         * runtime/WriteBarrier.h:
2009
2010 2011-04-22  Brian Weinstein  <bweinstein@apple.com>
2011
2012         Part of Windows build fix from r84650.
2013
2014         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2015
2016 2011-04-22  Oliver Hunt  <oliver@apple.com>
2017
2018         Reviewed by Geoffrey Garen.
2019
2020         Make it harder to use HandleSlot incorrectly
2021         https://bugs.webkit.org/show_bug.cgi?id=59205
2022
2023         Just add a little type fudging to make it harder to
2024         incorrectly assign through a HandleSlot.
2025
2026         * API/JSCallbackObjectFunctions.h:
2027         (JSC::::init):
2028         * JavaScriptCore.exp:
2029         * heap/Handle.h:
2030         (JSC::HandleBase::operator!):
2031         (JSC::HandleBase::operator UnspecifiedBoolType*):
2032         (JSC::HandleTypes::getFromSlot):
2033         * heap/HandleHeap.cpp:
2034         (JSC::HandleHeap::markStrongHandles):
2035         (JSC::HandleHeap::markWeakHandles):
2036         (JSC::HandleHeap::finalizeWeakHandles):
2037         (JSC::HandleHeap::writeBarrier):
2038         (JSC::HandleHeap::protectedGlobalObjectCount):
2039         (JSC::HandleHeap::isValidWeakNode):
2040         * heap/HandleHeap.h:
2041         (JSC::HandleHeap::copyWeak):
2042         (JSC::HandleHeap::makeWeak):
2043         (JSC::HandleHeap::Node::slot):
2044         * heap/HandleStack.cpp:
2045         (JSC::HandleStack::mark):
2046         (JSC::HandleStack::grow):
2047         * heap/HandleStack.h:
2048         (JSC::HandleStack::zapTo):
2049         (JSC::HandleStack::push):
2050         * heap/Heap.cpp:
2051         (JSC::HandleHeap::protectedObjectTypeCounts):
2052         * heap/Local.h:
2053         (JSC::::set):
2054         * heap/Strong.h:
2055         (JSC::Strong::set):
2056         * heap/Weak.h:
2057         (JSC::Weak::set):
2058         * runtime/StructureTransitionTable.h:
2059         (JSC::StructureTransitionTable::singleTransition):
2060         (JSC::StructureTransitionTable::setSingleTransition):
2061         * runtime/WeakGCMap.h:
2062         (JSC::WeakGCMap::add):
2063         (JSC::WeakGCMap::set):
2064         * runtime/WriteBarrier.h:
2065         (JSC::OpaqueJSValue::toJSValue):
2066         (JSC::OpaqueJSValue::toJSValueRef):
2067         (JSC::OpaqueJSValue::fromJSValue):
2068
2069 2011-04-22  Patrick Gansterer  <paroga@webkit.org>
2070
2071         Unreviewed. Build fix for ENABLE(INTERPRETER) after r84556.
2072
2073         * bytecode/CodeBlock.cpp:
2074         (JSC::CodeBlock::visitAggregate):
2075
2076 2011-04-21  Sheriff Bot  <webkit.review.bot@gmail.com>
2077
2078         Unreviewed, rolling out r84583.
2079         http://trac.webkit.org/changeset/84583
2080         https://bugs.webkit.org/show_bug.cgi?id=59173
2081
2082         "broke
2083         http://trac.webkit.org/export/84593/trunk/LayoutTests/fast/js
2084         /Object-create.html" (Requested by ggaren on #webkit).
2085
2086         * runtime/ObjectConstructor.cpp:
2087         (JSC::objectConstructorCreate):
2088
2089 2011-04-21  Maciej Stachowiak  <mjs@apple.com>
2090
2091         Reviewed by Adam Roben.
2092
2093         Add a feature define to allow <details> and <summary> to be disabled
2094         https://bugs.webkit.org/show_bug.cgi?id=59118
2095         <rdar://problem/9257045>
2096
2097         * Configurations/FeatureDefines.xcconfig:
2098
2099 2011-04-21  Oliver Hunt  <oliver@apple.com>
2100
2101         Reviewed by Geoffrey Garen.
2102
2103         Object.create creates uncachable objects
2104         https://bugs.webkit.org/show_bug.cgi?id=59164
2105
2106         Use the prototype object's inheritorID, as we
2107         should always have done
2108
2109         * runtime/ObjectConstructor.cpp:
2110         (JSC::objectConstructorCreate):
2111
2112 2011-04-21  Oliver Hunt  <oliver@apple.com>
2113
2114         Reviewed by Geoffrey Garen.
2115
2116         Start moving to a general visitor pattern for GC traversal
2117         https://bugs.webkit.org/show_bug.cgi?id=59141
2118
2119         This is just a rename:
2120             markChildren -> visitChildren
2121             markAggregate -> visitAggregate
2122             markStack -> visitor
2123             MarkStack -> typedef'd to SlotVisitor
2124
2125         * API/JSCallbackObject.h:
2126         (JSC::JSCallbackObjectData::visitChildren):
2127         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren):
2128         (JSC::JSCallbackObject::visitChildren):
2129         * JavaScriptCore.exp:
2130         * bytecode/CodeBlock.cpp:
2131         (JSC::CodeBlock::visitStructures):
2132         (JSC::EvalCodeCache::visitAggregate):
2133         (JSC::CodeBlock::visitAggregate):
2134         * bytecode/CodeBlock.h:
2135         * bytecode/EvalCodeCache.h:
2136         * bytecode/Instruction.h:
2137         (JSC::PolymorphicAccessStructureList::visitAggregate):
2138         * bytecode/StructureStubInfo.cpp:
2139         (JSC::StructureStubInfo::visitAggregate):
2140         * bytecode/StructureStubInfo.h:
2141         * debugger/DebuggerActivation.cpp:
2142         (JSC::DebuggerActivation::visitChildren):
2143         * debugger/DebuggerActivation.h:
2144         * heap/HandleHeap.cpp:
2145         (JSC::WeakHandleOwner::isReachableFromOpaqueRoots):
2146         (JSC::HandleHeap::markStrongHandles):
2147         (JSC::HandleHeap::markWeakHandles):
2148         * heap/HandleHeap.h:
2149         * heap/HandleStack.cpp:
2150         (JSC::HandleStack::mark):
2151         * heap/HandleStack.h:
2152         * heap/Heap.cpp:
2153         (JSC::Heap::markProtectedObjects):
2154         (JSC::Heap::markTempSortVectors):
2155         (JSC::Heap::markRoots):
2156         * heap/Heap.h:
2157         * heap/MarkStack.cpp:
2158         (JSC::MarkStack::visitChildren):
2159         (JSC::MarkStack::drain):
2160         * heap/MarkStack.h:
2161         (JSC::HeapRootVisitor::HeapRootVisitor):
2162         (JSC::HeapRootVisitor::mark):
2163         (JSC::HeapRootVisitor::visitor):
2164         * heap/MarkedSpace.h:
2165         * runtime/ArgList.cpp:
2166         (JSC::MarkedArgumentBuffer::markLists):
2167         * runtime/ArgList.h:
2168         * runtime/Arguments.cpp:
2169         (JSC::Arguments::visitChildren):
2170         * runtime/Arguments.h:
2171         * runtime/Executable.cpp:
2172         (JSC::EvalExecutable::visitChildren):
2173         (JSC::ProgramExecutable::visitChildren):
2174         (JSC::FunctionExecutable::visitChildren):
2175         * runtime/Executable.h:
2176         * runtime/GetterSetter.cpp:
2177         (JSC::GetterSetter::visitChildren):
2178         * runtime/GetterSetter.h:
2179         (JSC::GetterSetter::createStructure):
2180         * runtime/JSAPIValueWrapper.h:
2181         (JSC::JSAPIValueWrapper::createStructure):
2182         * runtime/JSActivation.cpp:
2183         (JSC::JSActivation::visitChildren):
2184         * runtime/JSActivation.h:
2185         * runtime/JSArray.cpp:
2186         (JSC::JSArray::visitChildren):
2187         * runtime/JSArray.h:
2188         (JSC::JSArray::visitDirect):
2189         * runtime/JSCell.h:
2190         (JSC::JSCell::JSCell::visitChildren):
2191         * runtime/JSFunction.cpp:
2192         (JSC::JSFunction::visitChildren):
2193         * runtime/JSFunction.h:
2194         * runtime/JSGlobalObject.cpp:
2195         (JSC::visitIfNeeded):
2196         (JSC::JSGlobalObject::visitChildren):
2197         * runtime/JSGlobalObject.h:
2198         * runtime/JSONObject.cpp:
2199         * runtime/JSObject.cpp:
2200         (JSC::JSObject::visitChildren):
2201         * runtime/JSObject.h:
2202         (JSC::JSObject::visitDirect):
2203         * runtime/JSPropertyNameIterator.cpp:
2204         (JSC::JSPropertyNameIterator::visitChildren):
2205         * runtime/JSPropertyNameIterator.h:
2206         (JSC::JSPropertyNameIterator::createStructure):
2207         * runtime/JSStaticScopeObject.cpp:
2208         (JSC::JSStaticScopeObject::visitChildren):
2209         * runtime/JSStaticScopeObject.h:
2210         * runtime/JSTypeInfo.h:
2211         (JSC::TypeInfo::TypeInfo):
2212         (JSC::TypeInfo::overridesVisitChildren):
2213         * runtime/JSWrapperObject.cpp:
2214         (JSC::JSWrapperObject::visitChildren):
2215         * runtime/JSWrapperObject.h:
2216         * runtime/JSZombie.h:
2217         (JSC::JSZombie::visitChildren):
2218         * runtime/NativeErrorConstructor.cpp:
2219         (JSC::NativeErrorConstructor::visitChildren):
2220         * runtime/NativeErrorConstructor.h:
2221         * runtime/RegExpObject.cpp:
2222         (JSC::RegExpObject::visitChildren):
2223         * runtime/RegExpObject.h:
2224         * runtime/ScopeChain.cpp:
2225         (JSC::ScopeChainNode::visitChildren):
2226         * runtime/ScopeChain.h:
2227         * runtime/SmallStrings.cpp:
2228         (JSC::SmallStrings::visitChildren):
2229         * runtime/SmallStrings.h:
2230         * runtime/Structure.cpp:
2231         (JSC::Structure::Structure):
2232         (JSC::Structure::visitChildren):
2233         * runtime/Structure.h:
2234         * runtime/StructureChain.cpp:
2235         (JSC::StructureChain::visitChildren):
2236         * runtime/StructureChain.h:
2237         (JSC::StructureChain::createStructure):
2238
2239 2011-04-21  Sheriff Bot  <webkit.review.bot@gmail.com>
2240
2241         Unreviewed, rolling out r84548.
2242         http://trac.webkit.org/changeset/84548
2243         https://bugs.webkit.org/show_bug.cgi?id=59144
2244
2245         Broke chromium-win build (Requested by aklein on #webkit).
2246
2247         * wtf/Platform.h:
2248
2249 2011-04-21  Adam Klein  <adamk@chromium.org>
2250
2251         Reviewed by David Levin.
2252
2253         [fileapi] Worker File API calls that create Blobs fail in debug builds due to random number generator thread assertion
2254         https://bugs.webkit.org/show_bug.cgi?id=55728
2255
2256         Enable WTF_MULTIPLE_THREADS for Chromium.
2257
2258         * wtf/Platform.h:
2259
2260 2011-04-20  Michael Saboff  <msaboff@apple.com>
2261
2262         Reviewed by Geoff Garen.
2263
2264         JSString::resolveRope inefficient for common 2 fiber case
2265         https://bugs.webkit.org/show_bug.cgi?id=58994
2266
2267         Split JSString::resolveRope into three routines.
2268         resolveRope allocates the new buffer and handles the 1 or 2
2269         fiber case with single level fibers.
2270         resolveRopeSlowCase handles the general case.
2271         outOfMemory handles the rare out of memory exception case.
2272
2273         * runtime/JSString.cpp:
2274         (JSC::JSString::resolveRope):
2275         (JSC::JSString::resolveRopeSlowCase):
2276         (JSC::JSString::outOfMemory):
2277         * runtime/JSString.h:
2278
2279 2011-04-20  Adam Klein  <adamk@chromium.org>
2280
2281         Reviewed by David Levin.
2282
2283         Rename all uses of JSC_MULTIPLE_THREADS under wtf/... to WTF_MULTIPLE_THREADS
2284         https://bugs.webkit.org/show_bug.cgi?id=59040
2285
2286         This will be used to fix https://bugs.webkit.org/show_bug.cgi?id=55728
2287         by enabling WTF_MULTIPLE_THREADS for Chromium.
2288
2289         * wtf/CryptographicallyRandomNumber.cpp:
2290         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
2291         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
2292         * wtf/FastMalloc.cpp:
2293         * wtf/Platform.h:
2294         Enable WTF_MULTIPLE_THREADS whenever JSC_MULTIPLE_THREADS is enabled.
2295         * wtf/RandomNumber.cpp:
2296         (WTF::randomNumber):
2297         * wtf/RefCountedLeakCounter.cpp:
2298         (WTF::RefCountedLeakCounter::increment):
2299         (WTF::RefCountedLeakCounter::decrement):
2300         * wtf/dtoa.cpp:
2301         (WTF::pow5mult):
2302
2303 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2304
2305         Rubber stamped by Geoff Garen
2306
2307         Bug 59069 - DFG JIT - register allocate r8, r9, r10
2308
2309         * dfg/DFGJITCompiler.h:
2310         (JSC::DFG::JITCompiler::gprToRegisterID):
2311
2312 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2313
2314         Build fix - revert accidental change.
2315
2316         * wtf/Platform.h:
2317
2318 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2319
2320         Reviewed by Sam Weinig.
2321
2322         Add SAMPLING_FLAGS tool to DFG JIT.
2323
2324         * bytecode/SamplingTool.h:
2325         (JSC::SamplingFlags::addressOfFlags):
2326         * dfg/DFGJITCompiler.cpp:
2327         (JSC::DFG::JITCompiler::setSamplingFlag):
2328         (JSC::DFG::JITCompiler::clearSamplingFlag):
2329         * dfg/DFGJITCompiler.h:
2330         * jit/JITInlineMethods.h:
2331         (JSC::JIT::setSamplingFlag):
2332         (JSC::JIT::clearSamplingFlag):
2333         * wtf/Platform.h:
2334
2335 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2336
2337         Reviewed by Oliver Hunt.
2338
2339         Bug 59022 - DFG JIT - Optimize branch-on-relational-compare
2340
2341         If a relational compare (< or <=) is immediately followed by a branch,
2342         we can combine the two, avoiding generation of a boolean into a register.
2343
2344         * assembler/MacroAssemblerX86Common.h:
2345         (JSC::MacroAssemblerX86Common::branch32):
2346         (JSC::MacroAssemblerX86Common::invert):
2347         (JSC::MacroAssemblerX86Common::commute):
2348         * dfg/DFGNode.h:
2349         (JSC::DFG::Node::adjustedRefCount):
2350         * dfg/DFGSpeculativeJIT.cpp:
2351         (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
2352         (JSC::DFG::SpeculativeJIT::compile):
2353         * dfg/DFGSpeculativeJIT.h:
2354         (JSC::DFG::SpeculativeJIT::isJSConstantWithInt32Value):
2355         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
2356
2357 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2358
2359         ARMv7 build fix II.
2360
2361         * jit/JITOpcodes32_64.cpp:
2362         (JSC::JIT::softModulo):
2363
2364 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2365
2366         ARMv7 build fix.
2367
2368         * assembler/MacroAssemblerARM.h:
2369         (JSC::MacroAssemblerARM::test8):
2370
2371 2011-04-19  Gavin Barraclough  <barraclough@apple.com>
2372
2373         Reviewed by Oliver Hunt.
2374
2375         Rationalize MacroAssembler branch methods
2376         https://bugs.webkit.org/show_bug.cgi?id=58950
2377
2378         The MacroAssembler currently exposes x86's weird behaviour that the 'setcc'
2379         instruction only sets the low 8 bits of a register. Stop that.
2380
2381         Having done so, to clarify remove the 'set32' prefix from test & compare
2382         instructions - these methods all now set a full 32/64 bit register (Ptr size).
2383         The size in the function name should indicate the amount of data being compared.
2384
2385         Also split out the 'Condition' enum into 'RelationalCondition' and
2386         'ResultCondition'. The former is used in binary comparison, the latter is a unary
2387         condition check on the result of an operation.
2388
2389         * JavaScriptCore.xcodeproj/project.pbxproj:
2390         * assembler/MacroAssembler.h:
2391         (JSC::MacroAssembler::branchPtr):
2392         (JSC::MacroAssembler::branch32):
2393         (JSC::MacroAssembler::branch16):
2394         (JSC::MacroAssembler::branchTestPtr):
2395         (JSC::MacroAssembler::comparePtr):
2396         (JSC::MacroAssembler::branchAddPtr):
2397         (JSC::MacroAssembler::branchSubPtr):
2398         (JSC::MacroAssembler::branchTest8):
2399         * assembler/MacroAssemblerARM.h:
2400         (JSC::MacroAssemblerARM::branch8):
2401         (JSC::MacroAssemblerARM::branch32):
2402         (JSC::MacroAssemblerARM::branch32WithUnalignedHalfWords):
2403         (JSC::MacroAssemblerARM::branch16):
2404         (JSC::MacroAssemblerARM::branchTest8):
2405         (JSC::MacroAssemblerARM::branchTest32):
2406         (JSC::MacroAssemblerARM::branchAdd32):
2407         (JSC::MacroAssemblerARM::branchMul32):
2408         (JSC::MacroAssemblerARM::branchSub32):
2409         (JSC::MacroAssemblerARM::branchNeg32):
2410         (JSC::MacroAssemblerARM::branchOr32):
2411         (JSC::MacroAssemblerARM::compare32):
2412         (JSC::MacroAssemblerARM::test32):
2413         (JSC::MacroAssemblerARM::test8):
2414         (JSC::MacroAssemblerARM::branchPtrWithPatch):
2415         (JSC::MacroAssemblerARM::ARMCondition):
2416         * assembler/MacroAssemblerARMv7.h:
2417         (JSC::MacroAssemblerARMv7::branch32):
2418         (JSC::MacroAssemblerARMv7::branch32WithUnalignedHalfWords):
2419         (JSC::MacroAssemblerARMv7::branch16):
2420         (JSC::MacroAssemblerARMv7::branch8):
2421         (JSC::MacroAssemblerARMv7::branchTest32):
2422         (JSC::MacroAssemblerARMv7::branchTest8):
2423         (JSC::MacroAssemblerARMv7::branchAdd32):
2424         (JSC::MacroAssemblerARMv7::branchMul32):
2425         (JSC::MacroAssemblerARMv7::branchOr32):
2426         (JSC::MacroAssemblerARMv7::branchSub32):
2427         (JSC::MacroAssemblerARMv7::compare32):
2428         (JSC::MacroAssemblerARMv7::test32):
2429         (JSC::MacroAssemblerARMv7::test8):
2430         (JSC::MacroAssemblerARMv7::branchPtrWithPatch):
2431         (JSC::MacroAssemblerARMv7::makeBranch):
2432         (JSC::MacroAssemblerARMv7::armV7Condition):
2433         * assembler/MacroAssemblerMIPS.h:
2434         (JSC::MacroAssemblerMIPS::branch8):
2435         (JSC::MacroAssemblerMIPS::branch32):
2436         (JSC::MacroAssemblerMIPS::branch32WithUnalignedHalfWords):
2437         (JSC::MacroAssemblerMIPS::branch16):
2438         (JSC::MacroAssemblerMIPS::branchTest32):
2439         (JSC::MacroAssemblerMIPS::branchTest8):
2440         (JSC::MacroAssemblerMIPS::branchAdd32):
2441         (JSC::MacroAssemblerMIPS::branchMul32):
2442         (JSC::MacroAssemblerMIPS::branchSub32):
2443         (JSC::MacroAssemblerMIPS::branchOr32):
2444         (JSC::MacroAssemblerMIPS::compare32):
2445         (JSC::MacroAssemblerMIPS::test8):
2446         (JSC::MacroAssemblerMIPS::test32):
2447         (JSC::MacroAssemblerMIPS::branchPtrWithPatch):
2448         * assembler/MacroAssemblerX86.h:
2449         (JSC::MacroAssemblerX86::branch32):
2450         (JSC::MacroAssemblerX86::branchPtrWithPatch):
2451         * assembler/MacroAssemblerX86Common.h:
2452         (JSC::MacroAssemblerX86Common::branch8):
2453         (JSC::MacroAssemblerX86Common::branch32):
2454         (JSC::MacroAssemblerX86Common::branch32WithUnalignedHalfWords):
2455         (JSC::MacroAssemblerX86Common::branch16):
2456         (JSC::MacroAssemblerX86Common::branchTest32):
2457         (JSC::MacroAssemblerX86Common::branchTest8):
2458         (JSC::MacroAssemblerX86Common::branchAdd32):
2459         (JSC::MacroAssemblerX86Common::branchMul32):
2460         (JSC::MacroAssemblerX86Common::branchSub32):
2461         (JSC::MacroAssemblerX86Common::branchNeg32):
2462         (JSC::MacroAssemblerX86Common::branchOr32):
2463         (JSC::MacroAssemblerX86Common::compare32):
2464         (JSC::MacroAssemblerX86Common::test8):
2465         (JSC::MacroAssemblerX86Common::test32):
2466         (JSC::MacroAssemblerX86Common::x86Condition):
2467         * assembler/MacroAssemblerX86_64.h:
2468         (JSC::MacroAssemblerX86_64::comparePtr):
2469         (JSC::MacroAssemblerX86_64::branchPtr):
2470         (JSC::MacroAssemblerX86_64::branchTestPtr):
2471         (JSC::MacroAssemblerX86_64::branchAddPtr):
2472         (JSC::MacroAssemblerX86_64::branchSubPtr):
2473         (JSC::MacroAssemblerX86_64::branchPtrWithPatch):
2474         (JSC::MacroAssemblerX86_64::branchTest8):
2475         * dfg/DFGSpeculativeJIT.cpp:
2476         (JSC::DFG::SpeculativeJIT::compile):
2477         * jit/JITOpcodes.cpp:
2478         (JSC::JIT::emit_op_eq):
2479         (JSC::JIT::emit_op_neq):
2480         (JSC::JIT::compileOpStrictEq):
2481         (JSC::JIT::emit_op_eq_null):
2482         (JSC::JIT::emit_op_neq_null):
2483         * jit/JITOpcodes32_64.cpp:
2484         (JSC::JIT::emit_op_eq):
2485         (JSC::JIT::emit_op_neq):
2486         (JSC::JIT::compileOpStrictEq):
2487         (JSC::JIT::emit_op_eq_null):
2488         (JSC::JIT::emit_op_neq_null):
2489
2490 2011-04-20  Balazs Kelemen  <kbalazs@webkit.org>
2491
2492         Reviewed by Csaba Osztrogonác.
2493
2494         [Qt] Cleanup includepath adjustment for generated files
2495         https://bugs.webkit.org/show_bug.cgi?id=58869
2496
2497         * JavaScriptCore.pri:  Add the directory of generated files to the include
2498         path with absolute path to make it valid in the final build step.
2499
2500 2011-04-19  Oliver Hunt  <oliver@apple.com>
2501
2502         Reviewed by Gavin Barraclough.
2503
2504         Remove unneeded deprecated methods from MarkStack
2505         https://bugs.webkit.org/show_bug.cgi?id=58853
2506
2507         Remove deprecated methods
2508
2509         * heap/MarkStack.h:
2510
2511 2011-04-19  Mark Rowe  <mrowe@apple.com>
2512
2513         Things work best when the Xcode project refers to the file at a path that exists.
2514
2515         * JavaScriptCore.xcodeproj/project.pbxproj:
2516
2517 2011-04-19  Renata Hodovan  <reni@webkit.org>
2518
2519         Reviewed by Eric Seidel.
2520
2521         Move the alignment related macros in Vector.h to new Alignment.h.
2522         https://bugs.webkit.org/show_bug.cgi?id=56000
2523
2524         * JavaScriptCore.gypi:
2525         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
2526         * JavaScriptCore.xcodeproj/project.pbxproj:
2527         * wtf/Alignment.h: Added.
2528         * wtf/CMakeLists.txt:
2529         * wtf/Vector.h:
2530
2531 2011-04-19  Oliver Hunt  <oliver@apple.com>
2532
2533         Reviewed by Gavin Barraclough.
2534
2535         Remove DeprecatedPtr
2536         https://bugs.webkit.org/show_bug.cgi?id=58718
2537
2538         Remove the class an all functions that still exist to support it.
2539
2540         * heap/MarkStack.h:
2541         (JSC::MarkStack::append):
2542         * runtime/JSValue.h:
2543         * runtime/WriteBarrier.h:
2544
2545 2011-04-19  Jungshik Shin  <jshin@chromium.org>
2546
2547         Reviewed by David Levin
2548
2549         Add U+FEFF (Zero width no-break space) to CharacterNames.h.
2550         It's added to the list of characters to treat as zero-width
2551         in WebCore.
2552
2553         https://bugs.webkit.org/show_bug.cgi?id=48860
2554
2555         * wtf/unicode/CharacterNames.h:
2556
2557 2011-04-19  Csaba Osztrogonác  <ossy@webkit.org>
2558
2559         [Qt] REGRESSION(84176): http/tests/xmlhttprequest/event-listener-gc.html fails
2560         https://bugs.webkit.org/show_bug.cgi?id=58871
2561
2562         Unreviewed, rolling out r84176, r84178, r84186, r84212 and r84231.
2563         http://trac.webkit.org/changeset/84176 (original patch)
2564         http://trac.webkit.org/changeset/84178 (original patch - part 2)
2565         http://trac.webkit.org/changeset/84186 (build fix)
2566         http://trac.webkit.org/changeset/84212
2567         http://trac.webkit.org/changeset/84231 (skip failing test)
2568
2569         original bugs:
2570          - https://bugs.webkit.org/show_bug.cgi?id=58718
2571          - https://bugs.webkit.org/show_bug.cgi?id=58853
2572
2573         * heap/MarkStack.h:
2574         (JSC::MarkStack::deprecatedAppendValues):
2575         (JSC::MarkStack::append):
2576         (JSC::MarkStack::deprecatedAppend):
2577         * runtime/JSValue.h:
2578         * runtime/WriteBarrier.h:
2579         (JSC::DeprecatedPtr::DeprecatedPtr):
2580         (JSC::DeprecatedPtr::get):
2581         (JSC::DeprecatedPtr::operator*):
2582         (JSC::DeprecatedPtr::operator->):
2583         (JSC::DeprecatedPtr::slot):
2584         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2585         (JSC::DeprecatedPtr::operator!):
2586         (JSC::operator==):
2587
2588 2011-04-18  Oliver Hunt  <oliver@apple.com>
2589
2590         Reviewed by Gavin Barraclough.
2591
2592         Remove unneeded deprecated methods from MarkStack
2593         https://bugs.webkit.org/show_bug.cgi?id=58853
2594
2595         Remove deprecated methods
2596
2597         * heap/MarkStack.h:
2598
2599 2011-04-18  Oliver Hunt  <oliver@apple.com>
2600
2601         Reviewed by Adam Roben.
2602
2603         Off by one initialising repeat callframe
2604         https://bugs.webkit.org/show_bug.cgi?id=58838
2605         <rdar://problem/8756810>
2606
2607         If the end of a callframe made for a repeat call landed on
2608         a page boundary the following page may not have been committed
2609         which means that the off by one could lead to a crash.  However
2610         it could only happen in this case and only on windows which is
2611         why it was so hard to repro.  Alas given the steps needed to
2612         reproduce are such that it's not really possible to make a
2613         testcase.
2614
2615         This fix makes the code a little less squirrely by not trying
2616         to avoid the unnecessary initialisation of |this|.
2617
2618         * interpreter/Interpreter.cpp:
2619         (JSC::Interpreter::prepareForRepeatCall):
2620
2621 2011-04-18  Gavin Barraclough  <barraclough@apple.com>
2622
2623         Reviewed by Geoff Garen.
2624
2625         Bug 58829 - DFG JIT - Optimize add/sub immediate, multiply.
2626
2627         Add code generation for add/subtract instruction with immediate operands
2628         (where a child is a constant), and don't bail to non-speculative if an
2629         integer multiple results in a +0 result (only if it should be generating -0).
2630
2631         * dfg/DFGSpeculativeJIT.cpp:
2632         (JSC::DFG::SpeculativeJIT::compile):
2633         * dfg/DFGSpeculativeJIT.h:
2634         (JSC::DFG::SpeculativeJIT::isDoubleConstantWithInt32Value):
2635
2636 2011-04-18  Gavin Barraclough  <barraclough@apple.com>
2637
2638         Reviewed by Geoff Garen.
2639
2640         Bug 58817 - DFG JIT - if speculative compilation fails, throw away code.
2641
2642         If we detect a logical conflict, throw away generated code,
2643         and only compile through the NonSpeculativeJIT.
2644
2645         * assembler/AbstractMacroAssembler.h:
2646         (JSC::AbstractMacroAssembler::rewindToLabel):
2647         * assembler/AssemblerBuffer.h:
2648         (JSC::AssemblerBuffer::rewindToOffset):
2649         * assembler/MacroAssemblerX86Common.h:
2650         (JSC::MacroAssemblerX86Common::branchAdd32):
2651         (JSC::MacroAssemblerX86Common::branchSub32):
2652         * assembler/X86Assembler.h:
2653         (JSC::X86Assembler::rewindToLabel):
2654         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
2655         * dfg/DFGJITCompiler.cpp:
2656         (JSC::DFG::JITCompiler::linkSpeculationChecks):
2657         (JSC::DFG::JITCompiler::compileFunction):
2658         * dfg/DFGNode.h:
2659         * dfg/DFGNonSpeculativeJIT.cpp:
2660         (JSC::DFG::NonSpeculativeJIT::compile):
2661         * dfg/DFGSpeculativeJIT.cpp:
2662         (JSC::DFG::SpeculativeJIT::compile):
2663         * dfg/DFGSpeculativeJIT.h:
2664         (JSC::DFG::SpeculationCheckIndexIterator::SpeculationCheckIndexIterator):
2665
2666 2011-04-18  Oliver Hunt  <oliver@apple.com>
2667
2668         Reviewed by Gavin Barraclough.
2669
2670         Remove DeprecatedPtr
2671         https://bugs.webkit.org/show_bug.cgi?id=58718
2672
2673         As simple as it sounds.
2674
2675         * runtime/JSValue.h:
2676         * runtime/WriteBarrier.h:
2677
2678 2011-04-17  Cameron Zwarich  <zwarich@apple.com>
2679
2680         Reviewed by Dan Bernstein.
2681
2682         JSC no longer builds with Clang due to -Woverloaded-virtual warning
2683         https://bugs.webkit.org/show_bug.cgi?id=58760
2684
2685         Rename Structure's specificValue overload of put to putSpecificValue to avoid
2686         Clang's warning for overloading a virtual function.
2687
2688         * runtime/Structure.cpp:
2689         (JSC::Structure::addPropertyTransition):
2690         (JSC::Structure::addPropertyWithoutTransition):
2691         (JSC::Structure::putSpecificValue):
2692         * runtime/Structure.h:
2693
2694 2011-04-17  Patrick Gansterer  <paroga@webkit.org>
2695
2696         Reviewed by Adam Barth.
2697
2698         Remove WTF_PLATFORM_SGL
2699         https://bugs.webkit.org/show_bug.cgi?id=58743
2700
2701         WTF_PLATFORM_SGL and PLATFORM(SGL) are not used in the code anywhere.
2702
2703         * wtf/Platform.h:
2704
2705 2011-04-17  Patrick Gansterer  <paroga@webkit.org>
2706
2707         Reviewed by Adam Barth.
2708
2709         Rename PLATFORM(CA) to USE(CA)
2710         https://bugs.webkit.org/show_bug.cgi?id=58742
2711
2712         * wtf/Platform.h:
2713
2714 2011-04-17  Patrick Gansterer  <paroga@webkit.org>
2715
2716         Reviewed by Adam Barth.
2717
2718         Rename PLATFORM(CG) to USE(CG)
2719         https://bugs.webkit.org/show_bug.cgi?id=58729
2720
2721         * wtf/Platform.h:
2722
2723 2011-04-16  Patrick Gansterer  <paroga@webkit.org>
2724
2725         Reviewed by Eric Seidel.
2726
2727         Rename PLATFORM(CAIRO) to USE(CAIRO)
2728         https://bugs.webkit.org/show_bug.cgi?id=55192
2729
2730         * wtf/Platform.h:
2731         * wtf/gobject/GTypedefs.h:
2732
2733 2011-04-15  Sheriff Bot  <webkit.review.bot@gmail.com>
2734
2735         Unreviewed, rolling out r84067.
2736         http://trac.webkit.org/changeset/84067
2737         https://bugs.webkit.org/show_bug.cgi?id=58724
2738
2739         qt build are failing. (Requested by loislo2 on #webkit).
2740
2741         * heap/MarkStack.h:
2742         (JSC::MarkStack::append):
2743         * runtime/JSValue.h:
2744         * runtime/WriteBarrier.h:
2745         (JSC::DeprecatedPtr::DeprecatedPtr):
2746         (JSC::DeprecatedPtr::get):
2747         (JSC::DeprecatedPtr::operator*):
2748         (JSC::DeprecatedPtr::operator->):
2749         (JSC::DeprecatedPtr::slot):
2750         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2751         (JSC::DeprecatedPtr::operator!):
2752         (JSC::operator==):
2753
2754 2011-04-15  Shishir Agrawal  <shishir@chromium.org>
2755
2756         Reviewed by James Robinson.
2757
2758         Add a flag to guard Page Visibility API changes.
2759         https://bugs.webkit.org/show_bug.cgi?id=58464
2760
2761         * Configurations/FeatureDefines.xcconfig:
2762
2763 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
2764
2765         Errrk! - build fix from !x86-64.
2766
2767         * dfg/DFGNode.h:
2768
2769 2011-04-15  David Levin  <levin@chromium.org>
2770
2771         Revert of r83974.
2772
2773         JavaScriptCore shouldn't depend on ../ThirdParty/gtest/xcode/gtest.xcodeproj
2774         https://bugs.webkit.org/show_bug.cgi?id=58716
2775
2776         * JavaScriptCore.xcodeproj/project.pbxproj:
2777         * wtf/tests/RunAllWtfTests.cpp: Removed.
2778         * wtf/tests/StringTests.cpp: Removed.
2779
2780 2011-04-15  Oliver Hunt  <oliver@apple.com>
2781
2782         Reviewed by Gavin Barraclough.
2783
2784         Remove DeprecatedPtr
2785         https://bugs.webkit.org/show_bug.cgi?id=58718
2786
2787         As simple as it sounds.
2788
2789         * heap/MarkStack.h:
2790         (JSC::MarkStack::append):
2791         * runtime/JSValue.h:
2792         * runtime/WriteBarrier.h:
2793
2794 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
2795
2796         Reviewed by Oliver Hunt.
2797
2798         Add a simple tool to gather statistics on whether functions
2799         are completed through the new or old JIT.
2800
2801         * dfg/DFGNode.h:
2802         * dfg/DFGNonSpeculativeJIT.cpp:
2803         (JSC::DFG::NonSpeculativeJIT::compile):
2804         * dfg/DFGSpeculativeJIT.cpp:
2805         (JSC::DFG::SpeculativeJIT::compile):
2806         * jit/JIT.cpp:
2807         (JSC::JIT::privateCompile):
2808
2809 2011-04-15  Oliver Hunt  <oliver@apple.com>
2810
2811         GC allocate Structure
2812         https://bugs.webkit.org/show_bug.cgi?id=58483
2813
2814         Rolling r83894 r83827 r83810 r83809 r83808 back in with
2815         a workaround for the gcc bug seen by the gtk bots
2816
2817         * API/JSCallbackConstructor.cpp:
2818         (JSC::JSCallbackConstructor::JSCallbackConstructor):
2819         * API/JSCallbackConstructor.h:
2820         (JSC::JSCallbackConstructor::createStructure):
2821         * API/JSCallbackFunction.h:
2822         (JSC::JSCallbackFunction::createStructure):
2823         * API/JSCallbackObject.h:
2824         (JSC::JSCallbackObject::createStructure):
2825         * API/JSCallbackObjectFunctions.h:
2826         (JSC::::JSCallbackObject):
2827         * API/JSContextRef.cpp:
2828         * JavaScriptCore.JSVALUE32_64only.exp:
2829         * JavaScriptCore.JSVALUE64only.exp:
2830         * JavaScriptCore.exp:
2831         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2832         * bytecode/CodeBlock.cpp:
2833         (JSC::CodeBlock::~CodeBlock):
2834         (JSC::CodeBlock::markStructures):
2835         (JSC::CodeBlock::markAggregate):
2836         * bytecode/CodeBlock.h:
2837         (JSC::MethodCallLinkInfo::setSeen):
2838         (JSC::GlobalResolveInfo::GlobalResolveInfo):
2839         * bytecode/Instruction.h:
2840         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
2841         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
2842         (JSC::PolymorphicAccessStructureList::markAggregate):
2843         (JSC::Instruction::Instruction):
2844         * bytecode/StructureStubInfo.cpp:
2845         (JSC::StructureStubInfo::deref):
2846         (JSC::StructureStubInfo::markAggregate):
2847         * bytecode/StructureStubInfo.h:
2848         (JSC::StructureStubInfo::initGetByIdSelf):
2849         (JSC::StructureStubInfo::initGetByIdProto):
2850         (JSC::StructureStubInfo::initGetByIdChain):
2851         (JSC::StructureStubInfo::initPutByIdTransition):
2852         (JSC::StructureStubInfo::initPutByIdReplace):
2853         * debugger/DebuggerActivation.cpp:
2854         (JSC::DebuggerActivation::DebuggerActivation):
2855         * debugger/DebuggerActivation.h:
2856         (JSC::DebuggerActivation::createStructure):
2857         * heap/Handle.h:
2858         * heap/MarkStack.cpp:
2859         (JSC::MarkStack::markChildren):
2860         (JSC::MarkStack::drain):
2861         * heap/MarkedBlock.cpp:
2862         (JSC::MarkedBlock::MarkedBlock):
2863         (JSC::MarkedBlock::sweep):
2864         * heap/Strong.h:
2865         (JSC::Strong::Strong):
2866         (JSC::Strong::set):
2867         * interpreter/Interpreter.cpp:
2868         (JSC::Interpreter::resolveGlobal):
2869         (JSC::Interpreter::resolveGlobalDynamic):
2870         (JSC::Interpreter::tryCachePutByID):
2871         (JSC::Interpreter::uncachePutByID):
2872         (JSC::Interpreter::tryCacheGetByID):
2873         (JSC::Interpreter::uncacheGetByID):
2874         (JSC::Interpreter::privateExecute):
2875         * jit/JIT.h:
2876         * jit/JITPropertyAccess.cpp:
2877         (JSC::JIT::privateCompilePutByIdTransition):
2878         (JSC::JIT::patchMethodCallProto):
2879         (JSC::JIT::privateCompileGetByIdProto):
2880         (JSC::JIT::privateCompileGetByIdSelfList):
2881         (JSC::JIT::privateCompileGetByIdProtoList):
2882         (JSC::JIT::privateCompileGetByIdChainList):
2883         (JSC::JIT::privateCompileGetByIdChain):
2884         * jit/JITPropertyAccess32_64.cpp:
2885         (JSC::JIT::privateCompilePutByIdTransition):
2886         (JSC::JIT::patchMethodCallProto):
2887         (JSC::JIT::privateCompileGetByIdProto):
2888         (JSC::JIT::privateCompileGetByIdSelfList):
2889         (JSC::JIT::privateCompileGetByIdProtoList):
2890         (JSC::JIT::privateCompileGetByIdChainList):
2891         (JSC::JIT::privateCompileGetByIdChain):
2892         * jit/JITStubs.cpp:
2893         (JSC::JITThunks::tryCachePutByID):
2894         (JSC::JITThunks::tryCacheGetByID):
2895         (JSC::DEFINE_STUB_FUNCTION):
2896         (JSC::getPolymorphicAccessStructureListSlot):
2897         * jit/JSInterfaceJIT.h:
2898         (JSC::JSInterfaceJIT::storePtrWithWriteBarrier):
2899         * jsc.cpp:
2900         (cleanupGlobalData):
2901         * runtime/Arguments.h:
2902         (JSC::Arguments::createStructure):
2903         (JSC::Arguments::Arguments):
2904         (JSC::JSActivation::copyRegisters):
2905         * runtime/ArrayConstructor.cpp:
2906         (JSC::ArrayConstructor::ArrayConstructor):
2907         (JSC::constructArrayWithSizeQuirk):
2908         * runtime/ArrayConstructor.h:
2909         * runtime/ArrayPrototype.cpp:
2910         (JSC::ArrayPrototype::ArrayPrototype):
2911         (JSC::arrayProtoFuncSplice):
2912         * runtime/ArrayPrototype.h:
2913         (JSC::ArrayPrototype::createStructure):
2914         * runtime/BatchedTransitionOptimizer.h:
2915         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2916         * runtime/BooleanConstructor.cpp:
2917         (JSC::BooleanConstructor::BooleanConstructor):
2918         * runtime/BooleanConstructor.h:
2919         * runtime/BooleanObject.cpp:
2920         (JSC::BooleanObject::BooleanObject):
2921         * runtime/BooleanObject.h:
2922         (JSC::BooleanObject::createStructure):
2923         * runtime/BooleanPrototype.cpp:
2924         (JSC::BooleanPrototype::BooleanPrototype):
2925         * runtime/BooleanPrototype.h:
2926         * runtime/DateConstructor.cpp:
2927         (JSC::DateConstructor::DateConstructor):
2928         * runtime/DateConstructor.h:
2929         * runtime/DateInstance.cpp:
2930         (JSC::DateInstance::DateInstance):
2931         * runtime/DateInstance.h:
2932         (JSC::DateInstance::createStructure):
2933         * runtime/DatePrototype.cpp:
2934         (JSC::DatePrototype::DatePrototype):
2935         * runtime/DatePrototype.h:
2936         (JSC::DatePrototype::createStructure):
2937         * runtime/Error.cpp:
2938         (JSC::StrictModeTypeErrorFunction::StrictModeTypeErrorFunction):
2939         * runtime/ErrorConstructor.cpp:
2940         (JSC::ErrorConstructor::ErrorConstructor):
2941         * runtime/ErrorConstructor.h:
2942         * runtime/ErrorInstance.cpp:
2943         (JSC::ErrorInstance::ErrorInstance):
2944         (JSC::ErrorInstance::create):
2945         * runtime/ErrorInstance.h:
2946         (JSC::ErrorInstance::createStructure):
2947         * runtime/ErrorPrototype.cpp:
2948         (JSC::ErrorPrototype::ErrorPrototype):
2949         * runtime/ErrorPrototype.h:
2950         * runtime/ExceptionHelpers.cpp:
2951         (JSC::InterruptedExecutionError::InterruptedExecutionError):
2952         (JSC::TerminatedExecutionError::TerminatedExecutionError):
2953         * runtime/Executable.cpp:
2954         * runtime/Executable.h:
2955         (JSC::ExecutableBase::ExecutableBase):
2956         (JSC::ExecutableBase::createStructure):
2957         (JSC::NativeExecutable::createStructure):
2958         (JSC::NativeExecutable::NativeExecutable):
2959         (JSC::ScriptExecutable::ScriptExecutable):
2960         (JSC::EvalExecutable::createStructure):
2961         (JSC::ProgramExecutable::createStructure):
2962         (JSC::FunctionExecutable::createStructure):
2963         * runtime/FunctionConstructor.cpp:
2964         (JSC::FunctionConstructor::FunctionConstructor):
2965         * runtime/FunctionConstructor.h:
2966         * runtime/FunctionPrototype.cpp:
2967         (JSC::FunctionPrototype::FunctionPrototype):
2968         * runtime/FunctionPrototype.h:
2969         (JSC::FunctionPrototype::createStructure):
2970         * runtime/GetterSetter.h:
2971         (JSC::GetterSetter::GetterSetter):
2972         (JSC::GetterSetter::createStructure):
2973         * runtime/InitializeThreading.cpp:
2974         (JSC::initializeThreadingOnce):
2975         * runtime/InternalFunction.cpp:
2976         (JSC::InternalFunction::InternalFunction):
2977         * runtime/InternalFunction.h:
2978         (JSC::InternalFunction::createStructure):
2979         * runtime/JSAPIValueWrapper.h:
2980         (JSC::JSAPIValueWrapper::createStructure):
2981         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2982         * runtime/JSActivation.cpp:
2983         (JSC::JSActivation::JSActivation):
2984         * runtime/JSActivation.h:
2985         (JSC::JSActivation::createStructure):
2986         * runtime/JSArray.cpp:
2987         (JSC::JSArray::JSArray):
2988         * runtime/JSArray.h:
2989         (JSC::JSArray::createStructure):
2990         * runtime/JSByteArray.cpp:
2991         (JSC::JSByteArray::JSByteArray):
2992         (JSC::JSByteArray::createStructure):
2993         * runtime/JSByteArray.h:
2994         (JSC::JSByteArray::JSByteArray):
2995         * runtime/JSCell.cpp:
2996         (JSC::isZombie):
2997         * runtime/JSCell.h:
2998         (JSC::JSCell::JSCell::JSCell):
2999         (JSC::JSCell::JSCell::addressOfStructure):
3000         (JSC::JSCell::JSCell::structure):
3001         (JSC::JSCell::JSCell::markChildren):
3002         (JSC::JSCell::JSValue::isZombie):
3003         * runtime/JSFunction.cpp:
3004         (JSC::JSFunction::JSFunction):
3005         * runtime/JSFunction.h:
3006         (JSC::JSFunction::createStructure):
3007         * runtime/JSGlobalData.cpp:
3008         (JSC::JSGlobalData::storeVPtrs):
3009         (JSC::JSGlobalData::JSGlobalData):
3010         (JSC::JSGlobalData::clearBuiltinStructures):
3011         (JSC::JSGlobalData::createLeaked):
3012         * runtime/JSGlobalData.h:
3013         (JSC::allocateGlobalHandle):
3014         * runtime/JSGlobalObject.cpp:
3015         (JSC::JSGlobalObject::reset):
3016         (JSC::JSGlobalObject::markChildren):
3017         (JSC::JSGlobalObject::copyGlobalsFrom):
3018         * runtime/JSGlobalObject.h:
3019         (JSC::JSGlobalObject::JSGlobalObject):
3020         (JSC::JSGlobalObject::createStructure):
3021         (JSC::Structure::prototypeChain):
3022         (JSC::Structure::isValid):
3023         (JSC::constructEmptyArray):
3024         * runtime/JSNotAnObject.h:
3025         (JSC::JSNotAnObject::JSNotAnObject):
3026         (JSC::JSNotAnObject::createStructure):
3027         * runtime/JSONObject.cpp:
3028         (JSC::JSONObject::JSONObject):
3029         * runtime/JSONObject.h:
3030         (JSC::JSONObject::createStructure):
3031         * runtime/JSObject.cpp:
3032         (JSC::JSObject::defineGetter):
3033         (JSC::JSObject::defineSetter):
3034         (JSC::JSObject::seal):
3035         (JSC::JSObject::freeze):
3036         (JSC::JSObject::preventExtensions):
3037         (JSC::JSObject::removeDirect):
3038         (JSC::JSObject::createInheritorID):
3039         * runtime/JSObject.h:
3040         (JSC::JSObject::createStructure):
3041         (JSC::JSObject::JSObject):
3042         (JSC::JSNonFinalObject::createStructure):
3043         (JSC::JSNonFinalObject::JSNonFinalObject):
3044         (JSC::JSFinalObject::create):
3045         (JSC::JSFinalObject::createStructure):
3046         (JSC::JSFinalObject::JSFinalObject):
3047         (JSC::constructEmptyObject):
3048         (JSC::createEmptyObjectStructure):
3049         (JSC::JSObject::~JSObject):
3050         (JSC::JSObject::setPrototype):
3051         (JSC::JSObject::setStructure):
3052         (JSC::JSObject::inheritorID):
3053         (JSC::JSObject::putDirectInternal):
3054         (JSC::JSObject::transitionTo):
3055         (JSC::JSObject::markChildrenDirect):
3056         * runtime/JSObjectWithGlobalObject.cpp:
3057         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
3058         * runtime/JSObjectWithGlobalObject.h:
3059         (JSC::JSObjectWithGlobalObject::createStructure):
3060         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
3061         * runtime/JSPropertyNameIterator.cpp:
3062         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
3063         (JSC::JSPropertyNameIterator::create):
3064         (JSC::JSPropertyNameIterator::get):
3065         * runtime/JSPropertyNameIterator.h:
3066         (JSC::JSPropertyNameIterator::createStructure):
3067         (JSC::JSPropertyNameIterator::setCachedStructure):
3068         (JSC::Structure::setEnumerationCache):
3069         * runtime/JSStaticScopeObject.h:
3070         (JSC::JSStaticScopeObject::JSStaticScopeObject):
3071         (JSC::JSStaticScopeObject::createStructure):
3072         * runtime/JSString.h:
3073         (JSC::RopeBuilder::JSString):
3074         (JSC::RopeBuilder::createStructure):
3075         * runtime/JSType.h:
3076         * runtime/JSTypeInfo.h:
3077         (JSC::TypeInfo::TypeInfo):
3078         * runtime/JSValue.h:
3079         * runtime/JSVariableObject.h:
3080         (JSC::JSVariableObject::createStructure):
3081         (JSC::JSVariableObject::JSVariableObject):
3082         (JSC::JSVariableObject::copyRegisterArray):
3083         * runtime/JSWrapperObject.h:
3084         (JSC::JSWrapperObject::createStructure):
3085         (JSC::JSWrapperObject::JSWrapperObject):
3086         * runtime/JSZombie.cpp:
3087         * runtime/JSZombie.h:
3088         (JSC::JSZombie::JSZombie):
3089         (JSC::JSZombie::createStructure):
3090         * runtime/MathObject.cpp:
3091         (JSC::MathObject::MathObject):
3092         * runtime/MathObject.h:
3093         (JSC::MathObject::createStructure):
3094         * runtime/NativeErrorConstructor.cpp:
3095         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3096         (JSC::NativeErrorConstructor::markChildren):
3097         (JSC::constructWithNativeErrorConstructor):
3098         * runtime/NativeErrorConstructor.h:
3099         (JSC::NativeErrorConstructor::createStructure):
3100         * runtime/NativeErrorPrototype.cpp:
3101         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3102         * runtime/NativeErrorPrototype.h:
3103         * runtime/NumberConstructor.cpp:
3104         (JSC::NumberConstructor::NumberConstructor):
3105         * runtime/NumberConstructor.h:
3106         (JSC::NumberConstructor::createStructure):
3107         * runtime/NumberObject.cpp:
3108         (JSC::NumberObject::NumberObject):
3109         * runtime/NumberObject.h:
3110         (JSC::NumberObject::createStructure):
3111         * runtime/NumberPrototype.cpp:
3112         (JSC::NumberPrototype::NumberPrototype):
3113         * runtime/NumberPrototype.h:
3114         * runtime/ObjectConstructor.cpp:
3115         (JSC::ObjectConstructor::ObjectConstructor):
3116         * runtime/ObjectConstructor.h:
3117         (JSC::ObjectConstructor::createStructure):
3118         * runtime/ObjectPrototype.cpp:
3119         (JSC::ObjectPrototype::ObjectPrototype):
3120         * runtime/ObjectPrototype.h:
3121         * runtime/PropertyMapHashTable.h:
3122         (JSC::PropertyTable::PropertyTable):
3123         * runtime/RegExpConstructor.cpp:
3124         (JSC::RegExpConstructor::RegExpConstructor):
3125         (JSC::RegExpMatchesArray::RegExpMatchesArray):
3126         * runtime/RegExpConstructor.h:
3127         (JSC::RegExpConstructor::createStructure):
3128         * runtime/RegExpObject.cpp:
3129         (JSC::RegExpObject::RegExpObject):
3130         * runtime/RegExpObject.h:
3131         (JSC::RegExpObject::createStructure):
3132         * runtime/RegExpPrototype.cpp:
3133         (JSC::RegExpPrototype::RegExpPrototype):
3134         * runtime/RegExpPrototype.h:
3135         * runtime/ScopeChain.h:
3136         (JSC::ScopeChainNode::ScopeChainNode):
3137         (JSC::ScopeChainNode::createStructure):
3138         * runtime/StrictEvalActivation.cpp:
3139         (JSC::StrictEvalActivation::StrictEvalActivation):
3140         * runtime/StringConstructor.cpp:
3141         (JSC::StringConstructor::StringConstructor):
3142         * runtime/StringConstructor.h:
3143         * runtime/StringObject.cpp:
3144         (JSC::StringObject::StringObject):
3145         * runtime/StringObject.h:
3146         (JSC::StringObject::createStructure):
3147         * runtime/StringObjectThatMasqueradesAsUndefined.h:
3148         (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
3149         (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
3150         * runtime/StringPrototype.cpp:
3151         (JSC::StringPrototype::StringPrototype):
3152         * runtime/StringPrototype.h:
3153         (JSC::StringPrototype::createStructure):
3154         * runtime/Structure.cpp:
3155         (JSC::StructureTransitionTable::remove):
3156         (JSC::StructureTransitionTable::add):
3157         (JSC::Structure::Structure):
3158         (JSC::Structure::~Structure):
3159         (JSC::Structure::materializePropertyMap):
3160         (JSC::Structure::addPropertyTransitionToExistingStructure):
3161         (JSC::Structure::addPropertyTransition):
3162         (JSC::Structure::removePropertyTransition):
3163         (JSC::Structure::changePrototypeTransition):
3164         (JSC::Structure::despecifyFunctionTransition):
3165         (JSC::Structure::getterSetterTransition):
3166         (JSC::Structure::toDictionaryTransition):
3167         (JSC::Structure::toCacheableDictionaryTransition):
3168         (JSC::Structure::toUncacheableDictionaryTransition):
3169         (JSC::Structure::sealTransition):
3170         (JSC::Structure::freezeTransition):
3171         (JSC::Structure::preventExtensionsTransition):
3172         (JSC::Structure::flattenDictionaryStructure):
3173         (JSC::Structure::copyPropertyTable):
3174         (JSC::Structure::put):
3175         (JSC::Structure::markChildren):
3176         * runtime/Structure.h:
3177         (JSC::Structure::create):
3178         (JSC::Structure::setPrototypeWithoutTransition):
3179         (JSC::Structure::createStructure):
3180         (JSC::JSCell::createDummyStructure):
3181         (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer):
3182         * runtime/StructureChain.cpp:
3183         (JSC::StructureChain::StructureChain):
3184         (JSC::StructureChain::markChildren):
3185         * runtime/StructureChain.h:
3186         (JSC::StructureChain::create):
3187         (JSC::StructureChain::head):
3188         (JSC::StructureChain::createStructure):
3189         * runtime/StructureTransitionTable.h:
3190         (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::finalizerContextFor):
3191         (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::keyForFinalizer):
3192         (JSC::StructureTransitionTable::~StructureTransitionTable):
3193         (JSC::StructureTransitionTable::slot):
3194         (JSC::StructureTransitionTable::setMap):
3195         (JSC::StructureTransitionTable::singleTransition):
3196         (JSC::StructureTransitionTable::clearSingleTransition):
3197         (JSC::StructureTransitionTable::setSingleTransition):
3198         * runtime/WeakGCMap.h:
3199         (JSC::DefaultWeakGCMapFinalizerCallback::finalizerContextFor):
3200         (JSC::DefaultWeakGCMapFinalizerCallback::keyForFinalizer):
3201         (JSC::WeakGCMap::contains):
3202         (JSC::WeakGCMap::find):
3203         (JSC::WeakGCMap::remove):
3204         (JSC::WeakGCMap::add):
3205         (JSC::WeakGCMap::set):
3206         (JSC::WeakGCMap::finalize):
3207         * runtime/WriteBarrier.h:
3208         (JSC::writeBarrier):
3209         (JSC::WriteBarrierBase::set):
3210         (JSC::WriteBarrierBase::operator*):
3211         (JSC::WriteBarrierBase::operator->):
3212         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
3213
3214 2011-04-15  Fridrich Strba  <fridrich.strba@bluewin.ch>
3215
3216         Reviewed by Gavin Barraclough.
3217
3218         Correctly prefix symbols. Since gcc 4.5.0, Windows x64 symbols
3219         are not prefixed by underscore anymore. This is consistent with
3220         what MSVC does.
3221         https://bugs.webkit.org/show_bug.cgi?id=58573
3222
3223         * jit/JITStubs.cpp:
3224
3225 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
3226
3227         Reviewed by Geoff Garen.
3228
3229         Bug 58705 - DFG JIT Add support for flow control (branch, jump).
3230
3231         Add support for control flow by breaking the CodeBlock up into multiple
3232         basic blocks, generating code for each basic block in turn through the
3233         speculative JIT & then the non-speculative JIT.
3234
3235         * dfg/DFGByteCodeParser.cpp:
3236         (JSC::DFG::ByteCodeParser::setTemporary):
3237         (JSC::DFG::ByteCodeParser::addToGraph):
3238         (JSC::DFG::ByteCodeParser::parseBlock):
3239         (JSC::DFG::ByteCodeParser::parse):
3240         * dfg/DFGGraph.cpp:
3241         (JSC::DFG::Graph::dump):
3242         * dfg/DFGGraph.h:
3243         (JSC::DFG::BasicBlock::BasicBlock):
3244         (JSC::DFG::BasicBlock::getBytecodeOffset):
3245         (JSC::DFG::Graph::blockIndexForBytecodeOffset):
3246         * dfg/DFGJITCodeGenerator.h:
3247         (JSC::DFG::JITCodeGenerator::JITCodeGenerator):
3248         (JSC::DFG::JITCodeGenerator::addBranch):
3249         (JSC::DFG::JITCodeGenerator::linkBranches):
3250         (JSC::DFG::JITCodeGenerator::BranchRecord::BranchRecord):
3251         * dfg/DFGNode.h:
3252         (JSC::DFG::Node::Node):
3253         (JSC::DFG::Node::isJump):
3254         (JSC::DFG::Node::isBranch):
3255         (JSC::DFG::Node::takenBytecodeOffset):
3256         (JSC::DFG::Node::notTakenBytecodeOffset):
3257         * dfg/DFGNonSpeculativeJIT.cpp:
3258         (JSC::DFG::NonSpeculativeJIT::compile):
3259         * dfg/DFGNonSpeculativeJIT.h:
3260         * dfg/DFGSpeculativeJIT.cpp:
3261         (JSC::DFG::SpeculativeJIT::compile):
3262         * dfg/DFGSpeculativeJIT.h:
3263
3264 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
3265
3266         Reviewed by Geoff Garen.
3267
3268         Bug 58701 - DFG JIT - add GetLocal/SetLocal nodes
3269
3270         Use these for both access to arguments & local variables, adds ability
3271         to set locals, such that values will persist between basic blocks.
3272
3273         * dfg/DFGByteCodeParser.cpp:
3274         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3275         (JSC::DFG::ByteCodeParser::get):
3276         (JSC::DFG::ByteCodeParser::set):
3277         (JSC::DFG::ByteCodeParser::getVariable):
3278         (JSC::DFG::ByteCodeParser::setVariable):
3279         (JSC::DFG::ByteCodeParser::getArgument):
3280         (JSC::DFG::ByteCodeParser::setArgument):
3281         (JSC::DFG::ByteCodeParser::getThis):
3282         (JSC::DFG::ByteCodeParser::setThis):
3283         (JSC::DFG::ByteCodeParser::VariableRecord::VariableRecord):
3284         (JSC::DFG::ByteCodeParser::parseBlock):
3285         * dfg/DFGGraph.cpp:
3286         (JSC::DFG::Graph::dump):
3287         (JSC::DFG::Graph::derefChildren):
3288         * dfg/DFGGraph.h:
3289         (JSC::DFG::Graph::ref):
3290         (JSC::DFG::Graph::deref):
3291         * dfg/DFGNode.h:
3292         (JSC::DFG::Node::hasLocal):
3293         (JSC::DFG::Node::local):
3294         * dfg/DFGNonSpeculativeJIT.cpp:
3295         (JSC::DFG::NonSpeculativeJIT::compile):
3296         * dfg/DFGSpeculativeJIT.cpp:
3297         (JSC::DFG::SpeculativeJIT::compile):
3298
3299 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
3300
3301         Reviewed by Sam Weinig.
3302
3303         Bug 58696 - DFG JIT split handling of vars/temporaries
3304
3305         Presently all callee registers are treated as having single block scope,
3306         since the DFG JIT can only compile single block functions. In order to
3307         expand the JIT to support control flow we will need to change to retaining
3308         locals (but not temporaries) across basic block boundaries.
3309
3310         * dfg/DFGByteCodeParser.cpp:
3311         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3312         (JSC::DFG::ByteCodeParser::get):
3313         (JSC::DFG::ByteCodeParser::set):
3314         (JSC::DFG::ByteCodeParser::getVariable):
3315         (JSC::DFG::ByteCodeParser::setVariable):
3316         (JSC::DFG::ByteCodeParser::getTemporary):
3317         (JSC::DFG::ByteCodeParser::setTemporary):
3318         (JSC::DFG::ByteCodeParser::getArgument):
3319         (JSC::DFG::ByteCodeParser::getInt32Constant):
3320         (JSC::DFG::ByteCodeParser::getDoubleConstant):
3321         (JSC::DFG::ByteCodeParser::getJSConstant):
3322         (JSC::DFG::ByteCodeParser::constantUndefined):
3323         (JSC::DFG::ByteCodeParser::constantNull):
3324         (JSC::DFG::ByteCodeParser::one):
3325         (JSC::DFG::ByteCodeParser::parseBlock):
3326         (JSC::DFG::ByteCodeParser::parse):
3327         (JSC::DFG::parse):
3328         * dfg/DFGNode.h:
3329         * dfg/DFGScoreBoard.h:
3330         (JSC::DFG::ScoreBoard::ScoreBoard):
3331         (JSC::DFG::ScoreBoard::~ScoreBoard):
3332         (JSC::DFG::ScoreBoard::allocate):
3333         (JSC::DFG::ScoreBoard::use):
3334
3335 2011-04-15  Michael Saboff  <msaboff@apple.com>
3336
3337         Reviewed by Oliver Hunt.
3338
3339         globalObject moved to JSObjectWithGlobalObject.cpp inhibits inlining
3340         https://bugs.webkit.org/show_bug.cgi?id=58677
3341
3342         Moved JSObjectWithGlobalObject::globalObject() to 
3343         runtime/JSObjectWithGlobalObject.h to allow the compiler to inline
3344         it for a performance benefit.  An equivalent instance had been in
3345         a header file before r60057.
3346
3347         * JavaScriptCore.exp:
3348         * runtime/JSObjectWithGlobalObject.cpp:
3349         * runtime/JSObjectWithGlobalObject.h:
3350         (JSC::JSObjectWithGlobalObject::globalObject):
3351
3352 2011-04-14  Oliver Hunt  <oliver@apple.com>
3353
3354         Reviewed by Geoffrey Garen.
3355
3356         Make JSNodeFilterCondition handle its lifetime correctly
3357         https://bugs.webkit.org/show_bug.cgi?id=58622
3358
3359         Add export
3360
3361         * JavaScriptCore.exp:
3362
3363 2011-04-14  Alexey Proskuryakov  <ap@apple.com>
3364
3365         Reviewed by Dan Bernstein.
3366
3367         WebKit2: Password field input does not switch to ASCII-compatible source
3368         https://bugs.webkit.org/show_bug.cgi?id=58583
3369         <rdar://problem/9059651>
3370
3371         * wtf/Platform.h: Removed WTF_USE_CARBON_SECURE_INPUT_MODE. It's now only used by Chromium,
3372         and shouldn't be enabled on any other platforms, so there is no reason to make it
3373         configurable via Platform.h.
3374
3375 2011-04-15  Dmitry Lomov  <dslomov@google.com>
3376
3377         Reviewed by David Levin.
3378
3379         Add a sample test case for GTest framework
3380         https://bugs.webkit.org/show_bug.cgi?id=58509
3381
3382         Add an example of GTest testcase, complete with a runner, to JavaScriptCore.
3383
3384         * JavaScriptCore.xcodeproj/project.pbxproj:
3385         * wtf/tests/RunAllWtfTests.cpp: Added.
3386         (main):
3387         * wtf/tests/StringTests.cpp: Added.
3388
3389 2011-04-15  Anna Cavender  <annacc@chromium.org>
3390
3391         Reviewed by Eric Carlson.
3392
3393         Renaming TRACK feature define to VIDEO_TRACK
3394         https://bugs.webkit.org/show_bug.cgi?id=53556
3395
3396         * Configurations/FeatureDefines.xcconfig:
3397
3398 2011-04-14  Gavin Barraclough  <barraclough@apple.com>
3399
3400         Rubber stamped by Geoffrey Garen.
3401
3402         Hide DFG_JIT_RESTRICTIONS behind ARITHMETIC_OP() macro, and rename
3403         m_regressionGuard to m_parseFailed, such that it can be reused for
3404         other failure cases.
3405
3406         * dfg/DFGByteCodeParser.cpp:
3407         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3408         (JSC::DFG::ByteCodeParser::parse):
3409
3410 2011-04-14  Gavin Barraclough  <barraclough@apple.com>
3411
3412         Reviewed by Geoffrey Garen.
3413
3414         Bug 58620 - DFG JIT - loading of arguments should not be lazy
3415
3416         This optimization is overly simplistic. It only works because we never
3417         write out definitions to arguments (since we currently only compile
3418         single block functions). Revert this for now, we may want to reintroduce
3419         something like this again in the future, but it will need to be aware
3420         how to schedule definitions to arguments versus lazy loads that have not
3421         yet been performed.
3422
3423         * dfg/DFGGenerationInfo.h:
3424         (JSC::DFG::GenerationInfo::needsSpill):
3425         * dfg/DFGGraph.cpp:
3426         (JSC::DFG::Graph::dump):
3427         * dfg/DFGGraph.h:
3428         * dfg/DFGJITCodeGenerator.cpp:
3429         (JSC::DFG::JITCodeGenerator::fillInteger):
3430         (JSC::DFG::JITCodeGenerator::fillDouble):
3431         (JSC::DFG::JITCodeGenerator::fillJSValue):
3432         * dfg/DFGJITCodeGenerator.h:
3433         (JSC::DFG::JITCodeGenerator::initConstantInfo):
3434         * dfg/DFGJITCompiler.cpp:
3435         (JSC::DFG::JITCompiler::fillNumericToDouble):
3436         (JSC::DFG::JITCompiler::fillInt32ToInteger):
3437         (JSC::DFG::JITCompiler::fillToJS):
3438         * dfg/DFGNonSpeculativeJIT.cpp:
3439         (JSC::DFG::NonSpeculativeJIT::isKnownInteger):
3440         (JSC::DFG::NonSpeculativeJIT::isKnownNumeric):
3441         (JSC::DFG::NonSpeculativeJIT::compile):
3442         * dfg/DFGSpeculativeJIT.cpp:
3443         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
3444         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
3445         (JSC::DFG::SpeculativeJIT::compile):
3446
3447 2011-04-14  Gavin Barraclough  <barraclough@apple.com>
3448
3449         Reviewed by Geoffrey Garen.
3450
3451         Bug 58600 - DFG JIT bugs in ValueToInt, PutByVal
3452
3453         The bug in PutByVal is that an operand is in JSValueOperand - when this
3454         locks an integer into a register it will always retag the value without
3455         checking if the register is already locked. This is a problem where the
3456         value being stored by a PutByVal is the same as the subscript.
3457         The subscript is locked into a register first, as a strict integer.
3458         Locking the value results in the subscript being modified.
3459
3460         The bug in ValueToInt related to the function of sillentFillAllRegisters.
3461         The problem is that this method will restore all register values from
3462         prior to the call, overwriting the result of the call out. Allow a
3463         register to be passed to specifically be excluded from being preserved.
3464
3465         * assembler/ARMAssembler.h:
3466         (JSC::ARMAssembler::debugOffset):
3467         * assembler/ARMv7Assembler.h:
3468         (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
3469         * assembler/AbstractMacroAssembler.h:
3470         (JSC::AbstractMacroAssembler::debugOffset):
3471         * assembler/AssemblerBuffer.h:
3472         (JSC::AssemblerBuffer::debugOffset):
3473         * assembler/LinkBuffer.h:
3474         (JSC::LinkBuffer::debugAddress):
3475         * assembler/MIPSAssembler.h:
3476         (JSC::MIPSAssembler::debugOffset):
3477         * assembler/MacroAssemblerX86_64.h:
3478         (JSC::MacroAssemblerX86_64::orPtr):
3479         * assembler/X86Assembler.h:
3480         (JSC::X86Assembler::debugOffset):
3481         (JSC::X86Assembler::X86InstructionFormatter::debugOffset):
3482         * dfg/DFGByteCodeParser.cpp:
3483         (JSC::DFG::ByteCodeParser::parse):
3484         * dfg/DFGGenerationInfo.h:
3485         * dfg/DFGJITCodeGenerator.cpp:
3486         (JSC::DFG::JITCodeGenerator::fillJSValue):
3487         * dfg/DFGJITCodeGenerator.h:
3488         (JSC::DFG::JITCodeGenerator::isConstant):
3489         * dfg/DFGJITCompiler.cpp:
3490         (JSC::DFG::JITCompiler::compileFunction):
3491         * dfg/DFGJITCompiler.h:
3492         (JSC::DFG::JITCompiler::isConstant):
3493         * dfg/DFGNonSpeculativeJIT.cpp:
3494         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
3495         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
3496         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
3497         (JSC::DFG::NonSpeculativeJIT::isKnownInteger):