e8f5fb91882e7ee1a429e17fe7c0741ff7907e9f
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
2
3         Reviewed by Oliver Hunt.
4
5         Let's just have one way to get the system page size, bokay?
6         https://bugs.webkit.org/show_bug.cgi?id=61384
7
8         * CMakeListsEfl.txt:
9         * CMakeListsWinCE.txt:
10         * GNUmakefile.list.am:
11         * JavaScriptCore.exp:
12         * JavaScriptCore.gypi:
13         * JavaScriptCore.pro:
14         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: MarkStack[Platform].cpp
15         is gone completely now, since it only existed to provide a duplicate way
16         to access the system page size.
17
18         * heap/MarkStack.cpp:
19         (JSC::MarkStack::reset):
20         * heap/MarkStack.h:
21         (JSC::::MarkStackArray):
22         (JSC::::shrinkAllocation): Use WTF::pageSize.
23
24         * heap/MarkStackPosix.cpp:
25         * heap/MarkStackSymbian.cpp:
26         * heap/MarkStackWin.cpp: Removed now-empty files.
27
28         * jit/ExecutableAllocator.cpp:
29         (JSC::ExecutableAllocator::reprotectRegion):
30         * jit/ExecutableAllocator.h:
31         (JSC::ExecutableAllocator::ExecutableAllocator):
32         (JSC::ExecutablePool::ExecutablePool):
33         (JSC::ExecutablePool::poolAllocate):
34         * jit/ExecutableAllocatorFixedVMPool.cpp: Use WTF::pageSize.
35
36         * wscript: Removed now-empty files.
37
38         * wtf/PageBlock.cpp:
39         (WTF::systemPageSize): Integrated questionable Symbian page size rule
40         from ExecutableAllocator, because that seems like what the original
41         author should have done.
42
43 2011-05-24  Oliver Hunt  <oliver@apple.com>
44
45         Reviewed by Gavin Barraclough.
46
47         Interpreter crashes with gc validation enabled due to failure to mark initial cache structure
48         https://bugs.webkit.org/show_bug.cgi?id=61385
49
50         The interpreter uses the structure slot of get_by_id and put_by_id to hold
51         the initial structure it encountered so that it can identify whether a
52         given access is stable.
53
54         When marking though we only visit the slot when we've decided to cache, and
55         so this value could die.  This was "safe" as the value was only used for a
56         pointer compare, but it was incorrect.  We now just mark the slot like we
57         should have been doing already.
58
59         * bytecode/CodeBlock.cpp:
60         (JSC::CodeBlock::visitStructures):
61
62 2011-05-24  Adam Roben  <aroben@apple.com>
63
64         Windows build fix
65
66         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed now-inline functions.
67
68 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
69
70         Windows build fix: update the #if OS(WINDOWS) section to match my last patch.
71
72         * heap/MarkStack.h:
73         (JSC::::shrinkAllocation):
74
75 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
76
77         Rubber-stamped by Oliver Hunt.
78
79         Split out function definitions and class definitions from class
80         declarations in MarkStack.h, for readability.
81
82         * heap/MarkStack.h:
83         (JSC::MarkStack::MarkStack):
84         (JSC::MarkStack::~MarkStack):
85         (JSC::MarkStack::addOpaqueRoot):
86         (JSC::MarkStack::containsOpaqueRoot):
87         (JSC::MarkStack::opaqueRootCount):
88         (JSC::MarkSet::MarkSet):
89         (JSC::MarkStack::allocateStack):
90         (JSC::MarkStack::releaseStack):
91         (JSC::MarkStack::pageSize):
92         (JSC::::MarkStackArray):
93         (JSC::::~MarkStackArray):
94         (JSC::::expand):
95         (JSC::::append):
96         (JSC::::removeLast):
97         (JSC::::last):
98         (JSC::::isEmpty):
99         (JSC::::size):
100         (JSC::::shrinkAllocation):
101
102 2011-05-24  Oliver Hunt  <oliver@apple.com>
103
104         Reviewed by Geoffrey Garen.
105
106         Avoid creating unnecessary identifiers and strings in the syntax checker
107         https://bugs.webkit.org/show_bug.cgi?id=61378
108
109         Selectively tell the lexer that there are some places it does not need to
110         do the real work of creating Identifiers for IDENT and STRING tokens.
111
112         Make parseString and parseIdentifier templatized on whether they should
113         do real work, or merely validate the tokens.
114
115         SunSpider --parse-only reports ~5-8% win depending on hardware.
116
117         * parser/ASTBuilder.h:
118         (JSC::ASTBuilder::createDotAccess):
119         * parser/JSParser.cpp:
120         (JSC::JSParser::next):
121         (JSC::JSParser::consume):
122         (JSC::JSParser::parseVarDeclarationList):
123         (JSC::JSParser::parseConstDeclarationList):
124         (JSC::JSParser::parseExpression):
125         (JSC::JSParser::parseAssignmentExpression):
126         (JSC::JSParser::parseConditionalExpression):
127         (JSC::JSParser::parseBinaryExpression):
128         (JSC::JSParser::parseProperty):
129         (JSC::JSParser::parseObjectLiteral):
130         (JSC::JSParser::parseArrayLiteral):
131         (JSC::JSParser::parseArguments):
132         (JSC::JSParser::parseMemberExpression):
133         * parser/Lexer.cpp:
134         (JSC::Lexer::parseIdentifier):
135         (JSC::Lexer::parseString):
136         (JSC::Lexer::lex):
137         * parser/Lexer.h:
138         * parser/SyntaxChecker.h:
139         (JSC::SyntaxChecker::createDotAccess):
140         (JSC::SyntaxChecker::createProperty):
141
142 2011-05-23  Michael Saboff  <msaboff@apple.com>
143
144         Reviewed by Mark Rowe.
145
146         Safari often freezes when clicking "Return free memory" in Caches dialog
147         https://bugs.webkit.org/show_bug.cgi?id=61325
148
149         There are two fixes and improvement in instrumentation code used to find 
150         one of the problems.
151         Changed ReleaseFreeList() to set the "decommitted" bit when releasing
152         pages to the system and moving Spans from the normal list to the returned 
153         list.
154         Added a "not making forward progress" check to TCMalloc_PageHeap::scavenge
155         to eliminate an infinite loop if we can't meet the pagesToRelease target.
156         Added a check for the decommitted bit being set properly in 
157         TCMalloc_PageHeap::CheckList.
158
159         * wtf/FastMalloc.cpp:
160         (WTF::TCMalloc_PageHeap::scavenge):
161         (WTF::TCMalloc_PageHeap::Check):
162         (WTF::TCMalloc_PageHeap::CheckList):
163         (WTF::ReleaseFreeList):
164
165 2011-05-23  Gavin Barraclough  <barraclough@apple.com>
166
167         Reviewed by Geoff Garen.
168
169         https://bugs.webkit.org/show_bug.cgi?id=61306
170
171         The begin characters optimization currently has issues (#61129),
172         and does not appear to still be a performance win. The prudent
173         next step seems to be to disable while we ascertain whether this
174         is still a useful performance optimization.
175
176         * yarr/YarrInterpreter.cpp:
177         (JSC::Yarr::Interpreter::matchDisjunction):
178         (JSC::Yarr::Interpreter::interpret):
179         * yarr/YarrInterpreter.h:
180         (JSC::Yarr::BytecodePattern::BytecodePattern):
181         * yarr/YarrPattern.cpp:
182         (JSC::Yarr::YarrPatternConstructor::YarrPatternConstructor):
183         (JSC::Yarr::YarrPattern::compile):
184         (JSC::Yarr::YarrPattern::YarrPattern):
185         * yarr/YarrPattern.h:
186         (JSC::Yarr::YarrPattern::reset):
187
188 2011-05-23  Matthew Delaney  <mdelaney@apple.com>
189
190         Reviewed by Simon Fraser.
191
192         Remove safeFloatToInt() in FloatRect.cpp and replace with working version of clampToInteger()
193         https://bugs.webkit.org/show_bug.cgi?id=58216
194
195         * wtf/MathExtras.h:
196         (clampToInteger):
197         (clampToPositiveInteger):
198
199 2011-05-23  Ruben  <chromium@hybridsource.org>
200
201         Reviewed by Tony Chang.
202
203         Chromium gyp patch to use new POSIX defines toolkit_uses_gtk and os_posix
204         https://bugs.webkit.org/show_bug.cgi?id=61219
205
206         * JavaScriptCore.gyp/JavaScriptCore.gyp:
207
208 2011-05-23  Thouraya ANDOLSI  <thouraya.andolsi@st.com>
209
210         Reviewed by Gavin Barraclough.
211
212         [SH4] AssemblerLabel does not name a type
213         https://bugs.webkit.org/show_bug.cgi?id=59927
214
215         SH4Assembler.h file shoold be included before AbstractMacroAssembler.h.
216
217         * assembler/MacroAssemblerSH4.h:
218
219 2011-05-23  Ryuan Choi  <ryuan.choi@samsung.com>
220
221         Rubber stamped by Eric Seidel.
222
223         [CMAKE] Refactoring wtf related code.
224         https://bugs.webkit.org/show_bug.cgi?id=60146
225
226         Move wtf-files to Source/JavaScriptCore/wtf/CMakeLists.txt.
227
228         * CMakeLists.txt:
229         * CMakeListsEfl.txt:
230         * wtf/CMakeLists.txt:
231         * wtf/CMakeListsEfl.txt:
232
233 2011-05-22  Adam Barth  <abarth@webkit.org>
234
235         Enable strict PassOwnPtr for everyone.  I expect this patch will need
236         some followups to make the GTK and EFL bots green again.
237
238         * wtf/PassOwnPtr.h:
239
240 2011-05-20  Oliver Hunt  <oliver@apple.com>
241
242         Reviewed by Gavin Barraclough.
243
244         Reduce size of inline cache path of get_by_id on ARMv7
245         https://bugs.webkit.org/show_bug.cgi?id=61221
246
247         This reduces the code size of get_by_id by 20 bytes
248
249         * assembler/ARMv7Assembler.h:
250         (JSC::ARMv7Assembler::ldrCompact):
251         (JSC::ARMv7Assembler::repatchCompact):
252         (JSC::ARMv7Assembler::setUInt7ForLoad):
253         * assembler/MacroAssemblerARMv7.h:
254         (JSC::MacroAssemblerARMv7::load32WithCompactAddressOffsetPatch):
255         * jit/JIT.h:
256
257 2011-05-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>
258
259         Reviewed by Oliver Hunt.
260
261         Zombies should "live" forever
262         https://bugs.webkit.org/show_bug.cgi?id=61170
263
264         Reusing zombie cells could still hide garbage
265         collected cell related bugs.
266
267         * JavaScriptCore.pro:
268         * heap/MarkedBlock.cpp:
269         (JSC::MarkedBlock::clearMarks):
270         * heap/MarkedBlock.h:
271         * heap/MarkedSpace.cpp:
272         (JSC::MarkedSpace::destroy):
273         * runtime/JSCell.h:
274         (JSC::JSCell::JSValue::isZombie):
275         * runtime/JSZombie.h:
276         (JSC::JSZombie::~JSZombie):
277         * runtime/WriteBarrier.h:
278         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
279
280 2011-05-20  Brady Eidson  <beidson@apple.com>
281
282         Reviewed by Sam Weinig.
283
284         <rdar://problem/9472883> and https://bugs.webkit.org/show_bug.cgi?id=61203
285         Horrendous bug in callOnMainThreadAndWait
286
287         * wtf/MainThread.cpp:
288         (WTF::dispatchFunctionsFromMainThread): Before signaling the background thread with the
289           syncFlag condition, reacquire the mutex first.
290
291 2011-05-20  Oliver Hunt  <oliver@apple.com>
292
293         Reviewed by Sam Weinig.
294
295         Remove unnecessary double->int conversion at the end of op_div
296         https://bugs.webkit.org/show_bug.cgi?id=61198
297
298         We don't attempt this conversion on 64bit, removing it actually speeds
299         up sunspider and v8 slightly, and it reduces code size.
300
301         * jit/JITArithmetic32_64.cpp:
302         (JSC::JIT::emit_op_div):
303
304 2011-05-19  Evan Martin  <evan@chromium.org>
305
306         Reviewed by Tony Chang.
307
308         [chromium] remove <(library) variable
309         https://bugs.webkit.org/show_bug.cgi?id=61158
310
311         This was for a build experiment; we can just use the correct value now.
312
313         * JavaScriptCore.gyp/JavaScriptCore.gyp:
314
315 2011-05-20  Oliver Hunt  <oliver@apple.com>
316
317         Reviewed by Sam Weinig.
318
319         Interpreter uses wrong bytecode offset for determining exception handler
320         https://bugs.webkit.org/show_bug.cgi?id=61191
321
322         The bytecode offset given for the returnPC from the JIT is
323         actually the offset for the start of the instruction triggering
324         the call, whereas in the interpreter it is the actual return
325         VPC.  This means if the next instruction following a call was
326         in an exception region we would incorrectly redirect to its
327         handler.  Long term we want to completely redo how exceptions
328         are handled anyway so the simplest and lowest risk fix here is
329         to simply subtract one from the return vPC so that we have an
330         offset in the triggering instruction.
331
332         It turns out this is caught by a couple of tests already.
333
334         * interpreter/Interpreter.cpp:
335         (JSC::Interpreter::unwindCallFrame):
336
337 2011-05-20  Xan Lopez  <xlopez@igalia.com>
338
339         Reviewed by Oliver Hunt.
340
341         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
342         https://bugs.webkit.org/show_bug.cgi?id=42756
343
344         Use the MAP_NORESERVE flag for mmap on Linux to skip the kernel
345         check of the available memory. This should give us an
346         overcommit-like behavior in most systems, which is what we want.
347
348         * wtf/OSAllocatorPosix.cpp:
349         (WTF::OSAllocator::reserveAndCommit): pass MAP_NORSERVE to mmap.
350
351 2011-05-19  Gabor Loki  <loki@webkit.org>
352
353         Fix ARM build after r86919
354
355         * assembler/ARMAssembler.h:
356         (JSC::ARMAssembler::nop):
357
358 2011-05-19  Oliver Hunt  <oliver@apple.com>
359
360         Reviewed by Gavin Barraclough.
361
362         Randomise code starting location a little
363         https://bugs.webkit.org/show_bug.cgi?id=61161
364
365         Add a nop() function to the Assemblers so that we
366         can randomise code offsets slightly at no real cost.
367
368         * assembler/ARMAssembler.h:
369         (JSC::ARMAssembler::nop):
370         * assembler/ARMv7Assembler.h:
371         (JSC::ARMv7Assembler::nop):
372         * assembler/MacroAssemblerARM.h:
373         (JSC::MacroAssemblerARM::nop):
374         * assembler/MacroAssemblerARMv7.h:
375         (JSC::MacroAssemblerARMv7::nop):
376         * assembler/MacroAssemblerMIPS.h:
377         (JSC::MacroAssemblerMIPS::nop):
378         * assembler/MacroAssemblerSH4.h:
379         (JSC::MacroAssemblerSH4::nop):
380         * assembler/MacroAssemblerX86Common.h:
381         (JSC::MacroAssemblerX86Common::nop):
382         * assembler/X86Assembler.h:
383         (JSC::X86Assembler::nop):
384         * jit/JIT.cpp:
385         (JSC::JIT::JIT):
386         (JSC::JIT::privateCompile):
387         * jit/JIT.h:
388         * runtime/WeakRandom.h:
389         (JSC::WeakRandom::getUint32):
390
391 2011-05-19  Oliver Hunt  <oliver@apple.com>
392
393         Fix windows build.
394
395         * wtf/OSAllocatorWin.cpp:
396         (WTF::OSAllocator::reserveUncommitted):
397         (WTF::OSAllocator::reserveAndCommit):
398
399 2011-05-19  Oliver Hunt  <oliver@apple.com>
400
401         Reviewed by Gavin Barraclough.
402
403         Add guard pages to each end of the memory region used by the fixedvm allocator
404         https://bugs.webkit.org/show_bug.cgi?id=61150
405
406         Add mechanism to notify the OSAllocator that pages at either end of an
407         allocation should be considered guard pages.  Update PageReservation,
408         PageAllocation, etc to handle this.
409
410         * JavaScriptCore.exp:
411         * jit/ExecutableAllocatorFixedVMPool.cpp:
412         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
413         * wtf/OSAllocator.h:
414         * wtf/OSAllocatorPosix.cpp:
415         (WTF::OSAllocator::reserveUncommitted):
416         (WTF::OSAllocator::reserveAndCommit):
417         * wtf/PageAllocation.h:
418         (WTF::PageAllocation::PageAllocation):
419         * wtf/PageAllocationAligned.h:
420         (WTF::PageAllocationAligned::PageAllocationAligned):
421         * wtf/PageBlock.h:
422         (WTF::PageBlock::PageBlock):
423         * wtf/PageReservation.h:
424         (WTF::PageReservation::reserve):
425         (WTF::PageReservation::reserveWithGuardPages):
426             Add a new function to make a reservation that will add guard
427             pages to the ends of an allocation.
428         (WTF::PageReservation::PageReservation):
429
430 2011-05-19  Oliver Hunt  <oliver@apple.com>
431
432         Reviewed by Geoffrey Garen.
433
434         Make Executables release their JIT code as soon as they become dead
435         https://bugs.webkit.org/show_bug.cgi?id=61134
436
437         Add an ability to clear an Executable's jit code without requiring
438         it to be destroyed, and then call that from a finalizer.
439
440         * heap/Weak.h:
441         (JSC::Weak::Weak):
442         (JSC::Weak::leak):
443         * jit/JITCode.h:
444         (JSC::JITCode::clear):
445         * runtime/Executable.cpp:
446         (JSC::ExecutableFinalizer::finalize):
447         (JSC::ExecutableBase::executableFinalizer):
448         * runtime/Executable.h:
449         (JSC::ExecutableBase::ExecutableBase):
450         (JSC::ExecutableBase::clearExecutableCode):
451
452 2011-05-19  Adam Roben  <aroben@apple.com>
453
454         Remove a redundant and broken data export
455
456         Data can't be exported from JavaScriptCore.dll by listing it in the .def file. The
457         JS_EXPORTDATA macro must be used instead. (In this case it was already being used, leading
458         to a linker warning about multiple definitions.)
459
460         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed JSGlobalData::s_info.
461
462 2011-05-18  Oliver Hunt  <oliver@apple.com>
463
464         Reviewed by Gavin Barraclough.
465
466         Some tests crashing in JSC::MarkStack::validateValue beneath ScriptController::clearWindowShell on SnowLeopard Intel Release (WebKit2 Tests)
467         https://bugs.webkit.org/show_bug.cgi?id=61064
468
469         Switch NonFinalObject to using WriteBarrier<> rather than WriteBarrierBase<>
470         for its inline storage.  This resolves the problem of GC occurring before
471         a subclass has initialised its anonymous storage.
472
473         * runtime/JSObject.h:
474
475 2011-05-18  Adam Barth  <abarth@webkit.org>
476
477         Reviewed by Sam Weinig.
478
479         Delete WTFURL
480         https://bugs.webkit.org/show_bug.cgi?id=61084
481
482         It's been a year and we've failed to complete this project.  It's time
483         to throw in the towel.
484
485         * JavaScriptCore.xcodeproj/project.pbxproj:
486         * wtf/url: Removed.
487         * wtf/url/api: Removed.
488         * wtf/url/api/ParsedURL.cpp: Removed.
489         * wtf/url/api/ParsedURL.h: Removed.
490         * wtf/url/api/URLString.h: Removed.
491         * wtf/url/src: Removed.
492         * wtf/url/src/RawURLBuffer.h: Removed.
493         * wtf/url/src/URLBuffer.h: Removed.
494         * wtf/url/src/URLCharacterTypes.cpp: Removed.
495         * wtf/url/src/URLCharacterTypes.h: Removed.
496         * wtf/url/src/URLComponent.h: Removed.
497         * wtf/url/src/URLEscape.cpp: Removed.
498         * wtf/url/src/URLEscape.h: Removed.
499         * wtf/url/src/URLParser.h: Removed.
500         * wtf/url/src/URLQueryCanonicalizer.h: Removed.
501         * wtf/url/src/URLSegments.cpp: Removed.
502         * wtf/url/src/URLSegments.h: Removed.
503         * wtf/url/wtfurl.gyp: Removed.
504
505 2011-05-18  Oliver Hunt  <oliver@apple.com>
506
507         Reviewed by Sam Weinig.
508
509         JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
510         https://bugs.webkit.org/show_bug.cgi?id=61090
511
512         Remove the Structure-free JSGlobalObject constructor and instead always
513         pass the structure into the JSGlobalObject constructor.
514         Stop DebuggerActivation creating a new structure every time, and simply
515         use a single shared structure held by the GlobalData.
516
517         * API/JSContextRef.cpp:
518         * debugger/DebuggerActivation.cpp:
519         (JSC::DebuggerActivation::DebuggerActivation):
520         * jsc.cpp:
521         (GlobalObject::GlobalObject):
522         (functionRun):
523         (jscmain):
524         * runtime/JSGlobalData.cpp:
525         (JSC::JSGlobalData::JSGlobalData):
526         (JSC::JSGlobalData::clearBuiltinStructures):
527         * runtime/JSGlobalData.h:
528         * runtime/JSGlobalObject.h:
529
530 2011-05-18  Oliver Hunt  <oliver@apple.com>
531
532         Reviewed by Adam Roben.
533
534         Disable gc validation in release builds
535         https://bugs.webkit.org/show_bug.cgi?id=60680
536
537         Add back the NDEBUG check
538
539         * wtf/Platform.h:
540
541 2011-05-17  Geoffrey Garen  <ggaren@apple.com>
542
543         Rolled out attempts to fix EFL build because they're not enough -- the
544         build script needs to be fixed.
545
546         * runtime/BooleanPrototype.cpp:
547         * runtime/DateConstructor.cpp:
548         * runtime/ErrorPrototype.cpp:
549
550 2011-05-17  Geoffrey Garen  <ggaren@apple.com>
551
552         More attempts to work around the EFL build system being borken.
553
554         * runtime/DateConstructor.cpp:
555         * runtime/ErrorPrototype.cpp:
556
557 2011-05-17  Geoffrey Garen  <ggaren@apple.com>
558
559         Try to fix the EFL build.
560
561         * runtime/BooleanPrototype.cpp:
562
563 2011-05-16  Geoffrey Garen  <ggaren@apple.com>
564
565         Rolling back in r86653 with build fixed.
566
567         Reviewed by Gavin Barraclough and Oliver Hunt.
568
569         Global object initialization is expensive
570         https://bugs.webkit.org/show_bug.cgi?id=60933
571         
572         Changed a bunch of globals to allocate their properties lazily, and changed
573         the global object to allocate a bunch of its globals lazily.
574         
575         This reduces the footprint of a global object from 287 objects with 58
576         functions for 24K to 173 objects with 20 functions for 15K.
577
578         Large patch, but it's all mechanical.
579
580         * DerivedSources.make:
581         * JavaScriptCore.exp: Build!
582
583         * create_hash_table: Added a special case for fromCharCode, since it uses
584         a custom "thunk generator".
585
586         * heap/Heap.cpp:
587         (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
588         overcount objects that were owned through more than one mechanism because
589         it was getting in the way of counting the results for this patch.
590
591         * interpreter/CallFrame.h:
592         (JSC::ExecState::arrayConstructorTable):
593         (JSC::ExecState::arrayPrototypeTable):
594         (JSC::ExecState::booleanPrototypeTable):
595         (JSC::ExecState::dateConstructorTable):
596         (JSC::ExecState::errorPrototypeTable):
597         (JSC::ExecState::globalObjectTable):
598         (JSC::ExecState::numberConstructorTable):
599         (JSC::ExecState::numberPrototypeTable):
600         (JSC::ExecState::objectPrototypeTable):
601         (JSC::ExecState::regExpPrototypeTable):
602         (JSC::ExecState::stringConstructorTable): Added new tables.
603
604         * runtime/ArrayConstructor.cpp:
605         (JSC::ArrayConstructor::ArrayConstructor):
606         (JSC::ArrayConstructor::getOwnPropertySlot):
607         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
608         * runtime/ArrayConstructor.h:
609         (JSC::ArrayConstructor::createStructure):
610         * runtime/ArrayPrototype.cpp:
611         (JSC::ArrayPrototype::getOwnPropertySlot):
612         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
613         * runtime/ArrayPrototype.h:
614         * runtime/BooleanPrototype.cpp:
615         (JSC::BooleanPrototype::BooleanPrototype):
616         (JSC::BooleanPrototype::getOwnPropertySlot):
617         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
618         * runtime/BooleanPrototype.h:
619         (JSC::BooleanPrototype::createStructure):
620         * runtime/DateConstructor.cpp:
621         (JSC::DateConstructor::DateConstructor):
622         (JSC::DateConstructor::getOwnPropertySlot):
623         (JSC::DateConstructor::getOwnPropertyDescriptor):
624         * runtime/DateConstructor.h:
625         (JSC::DateConstructor::createStructure):
626         * runtime/ErrorPrototype.cpp:
627         (JSC::ErrorPrototype::ErrorPrototype):
628         (JSC::ErrorPrototype::getOwnPropertySlot):
629         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
630         * runtime/ErrorPrototype.h:
631         (JSC::ErrorPrototype::createStructure): Standardized these objects
632         to use static tables for function properties.
633
634         * runtime/JSGlobalData.cpp:
635         (JSC::JSGlobalData::JSGlobalData):
636         (JSC::JSGlobalData::~JSGlobalData):
637         * runtime/JSGlobalData.h: Added new tables.
638
639         * runtime/JSGlobalObject.cpp:
640         (JSC::JSGlobalObject::reset):
641         (JSC::JSGlobalObject::addStaticGlobals):
642         (JSC::JSGlobalObject::getOwnPropertySlot):
643         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
644         * runtime/JSGlobalObject.h:
645         * runtime/JSGlobalObjectFunctions.cpp:
646         * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
647         static table for its global functions. This required uninlining some
648         things to avoid a circular header dependency. However, those things
649         probably shouldn't have been inlined in the first place.
650         
651         Even more global object properties can be made lazy, but that requires
652         more in-depth changes.
653
654         * runtime/MathObject.cpp:
655         * runtime/NumberConstructor.cpp:
656         (JSC::NumberConstructor::getOwnPropertySlot):
657         (JSC::NumberConstructor::getOwnPropertyDescriptor):
658         * runtime/NumberPrototype.cpp:
659         (JSC::NumberPrototype::NumberPrototype):
660         (JSC::NumberPrototype::getOwnPropertySlot):
661         (JSC::NumberPrototype::getOwnPropertyDescriptor):
662         * runtime/NumberPrototype.h:
663         (JSC::NumberPrototype::createStructure):
664         * runtime/ObjectPrototype.cpp:
665         (JSC::ObjectPrototype::ObjectPrototype):
666         (JSC::ObjectPrototype::put):
667         (JSC::ObjectPrototype::getOwnPropertySlot):
668         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
669         * runtime/ObjectPrototype.h:
670         (JSC::ObjectPrototype::createStructure):
671         * runtime/RegExpPrototype.cpp:
672         (JSC::RegExpPrototype::RegExpPrototype):
673         (JSC::RegExpPrototype::getOwnPropertySlot):
674         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
675         * runtime/RegExpPrototype.h:
676         (JSC::RegExpPrototype::createStructure):
677         * runtime/StringConstructor.cpp:
678         (JSC::StringConstructor::StringConstructor):
679         (JSC::StringConstructor::getOwnPropertySlot):
680         (JSC::StringConstructor::getOwnPropertyDescriptor):
681         * runtime/StringConstructor.h:
682         (JSC::StringConstructor::createStructure): Standardized these objects
683         to use static tables for function properties.
684
685 2011-05-17  Sam Weinig  <sam@webkit.org>
686
687         Reviewed by Oliver Hunt.
688
689         JSGlobalContextRelease should not trigger a synchronous garbage collection
690         https://bugs.webkit.org/show_bug.cgi?id=60990
691
692         * API/JSContextRef.cpp:
693         Change synchronous call to collectAllGarbage to a call to trigger the
694         activityCallback.
695
696 2011-05-16  Oliver Hunt  <oliver@apple.com>
697
698         Reviewed by Gavin Barraclough.
699
700         Reduce code size for inline cache
701         https://bugs.webkit.org/show_bug.cgi?id=60942
702
703         This patch introduces the concept of a "compact" address that
704         allows individual architectures to control the maximum offset
705         used for the inline path of get_by_id.  This reduces the code
706         size of get_by_id by 3 bytes on x86 and x86_64 and slightly
707         improves performance on v8 tests.
708
709         * assembler/ARMAssembler.h:
710         (JSC::ARMAssembler::repatchCompact):
711         * assembler/ARMv7Assembler.h:
712         (JSC::ARMv7Assembler::repatchCompact):
713         * assembler/AbstractMacroAssembler.h:
714         (JSC::AbstractMacroAssembler::DataLabelCompact::DataLabelCompact):
715         (JSC::AbstractMacroAssembler::differenceBetween):
716         (JSC::AbstractMacroAssembler::repatchCompact):
717         * assembler/CodeLocation.h:
718         (JSC::CodeLocationDataLabelCompact::CodeLocationDataLabelCompact):
719         (JSC::CodeLocationCommon::dataLabelCompactAtOffset):
720         * assembler/LinkBuffer.h:
721         (JSC::LinkBuffer::locationOf):
722         * assembler/MIPSAssembler.h:
723         (JSC::MIPSAssembler::repatchCompact):
724         * assembler/MacroAssembler.h:
725         (JSC::MacroAssembler::loadPtrWithCompactAddressOffsetPatch):
726         * assembler/MacroAssemblerARM.h:
727         (JSC::MacroAssemblerARM::load32WithCompactAddressOffsetPatch):
728         * assembler/MacroAssemblerARMv7.h:
729         (JSC::MacroAssemblerARMv7::load32WithCompactAddressOffsetPatch):
730         * assembler/MacroAssemblerMIPS.h:
731         (JSC::MacroAssemblerMIPS::load32WithCompactAddressOffsetPatch):
732         * assembler/MacroAssemblerSH4.h:
733         (JSC::MacroAssemblerSH4::load32WithAddressOffsetPatch):
734         * assembler/MacroAssemblerX86.h:
735         (JSC::MacroAssemblerX86::repatchCompact):
736         * assembler/MacroAssemblerX86Common.h:
737         (JSC::MacroAssemblerX86Common::loadCompactWithAddressOffsetPatch):
738         * assembler/MacroAssemblerX86_64.h:
739         (JSC::MacroAssemblerX86_64::loadPtrWithCompactAddressOffsetPatch):
740         * assembler/RepatchBuffer.h:
741         (JSC::RepatchBuffer::repatch):
742         * assembler/SH4Assembler.h:
743         (JSC::SH4Assembler::repatchCompact):
744         * assembler/X86Assembler.h:
745         (JSC::X86Assembler::movl_mr_disp8):
746         (JSC::X86Assembler::movq_mr_disp8):
747         (JSC::X86Assembler::repatchCompact):
748         (JSC::X86Assembler::setInt8):
749         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp8):
750         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp8):
751         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
752         * jit/JIT.h:
753         * jit/JITPropertyAccess.cpp:
754         (JSC::JIT::compileGetByIdHotPath):
755         (JSC::JIT::emit_op_put_by_id):
756         (JSC::JIT::patchGetByIdSelf):
757         * jit/JITPropertyAccess32_64.cpp:
758         (JSC::JIT::compileGetByIdHotPath):
759         (JSC::JIT::emit_op_put_by_id):
760         (JSC::JIT::patchGetByIdSelf):
761         * jit/JITStubs.cpp:
762         (JSC::JITThunks::tryCacheGetByID):
763
764 2011-05-16  Sheriff Bot  <webkit.review.bot@gmail.com>
765
766         Unreviewed, rolling out r86653.
767         http://trac.webkit.org/changeset/86653
768         https://bugs.webkit.org/show_bug.cgi?id=60944
769
770         "Caused regressions on Windows, OSX and EFL" (Requested by
771         yutak on #webkit).
772
773         * DerivedSources.make:
774         * DerivedSources.pro:
775         * GNUmakefile.am:
776         * GNUmakefile.list.am:
777         * JavaScriptCore.exp:
778         * JavaScriptCore.gypi:
779         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
780         * create_hash_table:
781         * heap/Heap.cpp:
782         (JSC::TypeCounter::operator()):
783         * interpreter/CallFrame.h:
784         (JSC::ExecState::arrayTable):
785         (JSC::ExecState::numberTable):
786         * runtime/ArrayConstructor.cpp:
787         (JSC::ArrayConstructor::ArrayConstructor):
788         * runtime/ArrayConstructor.h:
789         * runtime/ArrayPrototype.cpp:
790         (JSC::ArrayPrototype::getOwnPropertySlot):
791         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
792         * runtime/ArrayPrototype.h:
793         * runtime/BooleanPrototype.cpp:
794         (JSC::BooleanPrototype::BooleanPrototype):
795         * runtime/BooleanPrototype.h:
796         * runtime/DateConstructor.cpp:
797         (JSC::DateConstructor::DateConstructor):
798         * runtime/DateConstructor.h:
799         * runtime/ErrorPrototype.cpp:
800         (JSC::ErrorPrototype::ErrorPrototype):
801         * runtime/ErrorPrototype.h:
802         * runtime/JSGlobalData.cpp:
803         (JSC::JSGlobalData::JSGlobalData):
804         (JSC::JSGlobalData::~JSGlobalData):
805         * runtime/JSGlobalData.h:
806         * runtime/JSGlobalObject.cpp:
807         (JSC::JSGlobalObject::reset):
808         * runtime/JSGlobalObject.h:
809         (JSC::JSGlobalObject::addStaticGlobals):
810         (JSC::JSGlobalObject::getOwnPropertySlot):
811         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
812         * runtime/JSGlobalObjectFunctions.cpp:
813         (JSC::globalFuncJSCPrint):
814         * runtime/JSGlobalObjectFunctions.h:
815         * runtime/MathObject.cpp:
816         * runtime/NumberConstructor.cpp:
817         (JSC::NumberConstructor::getOwnPropertySlot):
818         (JSC::NumberConstructor::getOwnPropertyDescriptor):
819         * runtime/NumberPrototype.cpp:
820         (JSC::NumberPrototype::NumberPrototype):
821         * runtime/NumberPrototype.h:
822         * runtime/ObjectPrototype.cpp:
823         (JSC::ObjectPrototype::ObjectPrototype):
824         (JSC::ObjectPrototype::put):
825         (JSC::ObjectPrototype::getOwnPropertySlot):
826         * runtime/ObjectPrototype.h:
827         * runtime/RegExpPrototype.cpp:
828         (JSC::RegExpPrototype::RegExpPrototype):
829         * runtime/RegExpPrototype.h:
830         * runtime/StringConstructor.cpp:
831         (JSC::StringConstructor::StringConstructor):
832         * runtime/StringConstructor.h:
833
834 2011-05-16  Geoffrey Garen  <ggaren@apple.com>
835
836         Reviewed by Geoffrey Garen.
837
838         Global object initialization is expensive
839         https://bugs.webkit.org/show_bug.cgi?id=60933
840         
841         Changed a bunch of globals to allocate their properties lazily, and changed
842         the global object to allocate a bunch of its globals lazily.
843         
844         This reduces the footprint of a global object from 287 objects with 58
845         functions for 24K to 173 objects with 20 functions for 15K.
846
847         Large patch, but it's all mechanical.
848
849         * DerivedSources.make:
850         * JavaScriptCore.exp: Build!
851
852         * create_hash_table: Added a special case for fromCharCode, since it uses
853         a custom "thunk generator".
854
855         * heap/Heap.cpp:
856         (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
857         overcount objects that were owned through more than one mechanism because
858         it was getting in the way of counting the results for this patch.
859
860         * interpreter/CallFrame.h:
861         (JSC::ExecState::arrayConstructorTable):
862         (JSC::ExecState::arrayPrototypeTable):
863         (JSC::ExecState::booleanPrototypeTable):
864         (JSC::ExecState::dateConstructorTable):
865         (JSC::ExecState::errorPrototypeTable):
866         (JSC::ExecState::globalObjectTable):
867         (JSC::ExecState::numberConstructorTable):
868         (JSC::ExecState::numberPrototypeTable):
869         (JSC::ExecState::objectPrototypeTable):
870         (JSC::ExecState::regExpPrototypeTable):
871         (JSC::ExecState::stringConstructorTable): Added new tables.
872
873         * runtime/ArrayConstructor.cpp:
874         (JSC::ArrayConstructor::ArrayConstructor):
875         (JSC::ArrayConstructor::getOwnPropertySlot):
876         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
877         * runtime/ArrayConstructor.h:
878         (JSC::ArrayConstructor::createStructure):
879         * runtime/ArrayPrototype.cpp:
880         (JSC::ArrayPrototype::getOwnPropertySlot):
881         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
882         * runtime/ArrayPrototype.h:
883         * runtime/BooleanPrototype.cpp:
884         (JSC::BooleanPrototype::BooleanPrototype):
885         (JSC::BooleanPrototype::getOwnPropertySlot):
886         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
887         * runtime/BooleanPrototype.h:
888         (JSC::BooleanPrototype::createStructure):
889         * runtime/DateConstructor.cpp:
890         (JSC::DateConstructor::DateConstructor):
891         (JSC::DateConstructor::getOwnPropertySlot):
892         (JSC::DateConstructor::getOwnPropertyDescriptor):
893         * runtime/DateConstructor.h:
894         (JSC::DateConstructor::createStructure):
895         * runtime/ErrorPrototype.cpp:
896         (JSC::ErrorPrototype::ErrorPrototype):
897         (JSC::ErrorPrototype::getOwnPropertySlot):
898         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
899         * runtime/ErrorPrototype.h:
900         (JSC::ErrorPrototype::createStructure): Standardized these objects
901         to use static tables for function properties.
902
903         * runtime/JSGlobalData.cpp:
904         (JSC::JSGlobalData::JSGlobalData):
905         (JSC::JSGlobalData::~JSGlobalData):
906         * runtime/JSGlobalData.h: Added new tables.
907
908         * runtime/JSGlobalObject.cpp:
909         (JSC::JSGlobalObject::reset):
910         (JSC::JSGlobalObject::addStaticGlobals):
911         (JSC::JSGlobalObject::getOwnPropertySlot):
912         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
913         * runtime/JSGlobalObject.h:
914         * runtime/JSGlobalObjectFunctions.cpp:
915         * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
916         static table for its global functions. This required uninlining some
917         things to avoid a circular header dependency. However, those things
918         probably shouldn't have been inlined in the first place.
919         
920         Even more global object properties can be made lazy, but that requires
921         more in-depth changes.
922
923         * runtime/MathObject.cpp:
924         * runtime/NumberConstructor.cpp:
925         (JSC::NumberConstructor::getOwnPropertySlot):
926         (JSC::NumberConstructor::getOwnPropertyDescriptor):
927         * runtime/NumberPrototype.cpp:
928         (JSC::NumberPrototype::NumberPrototype):
929         (JSC::NumberPrototype::getOwnPropertySlot):
930         (JSC::NumberPrototype::getOwnPropertyDescriptor):
931         * runtime/NumberPrototype.h:
932         (JSC::NumberPrototype::createStructure):
933         * runtime/ObjectPrototype.cpp:
934         (JSC::ObjectPrototype::ObjectPrototype):
935         (JSC::ObjectPrototype::put):
936         (JSC::ObjectPrototype::getOwnPropertySlot):
937         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
938         * runtime/ObjectPrototype.h:
939         (JSC::ObjectPrototype::createStructure):
940         * runtime/RegExpPrototype.cpp:
941         (JSC::RegExpPrototype::RegExpPrototype):
942         (JSC::RegExpPrototype::getOwnPropertySlot):
943         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
944         * runtime/RegExpPrototype.h:
945         (JSC::RegExpPrototype::createStructure):
946         * runtime/StringConstructor.cpp:
947         (JSC::StringConstructor::StringConstructor):
948         (JSC::StringConstructor::getOwnPropertySlot):
949         (JSC::StringConstructor::getOwnPropertyDescriptor):
950         * runtime/StringConstructor.h:
951         (JSC::StringConstructor::createStructure): Standardized these objects
952         to use static tables for function properties.
953
954 2011-05-16  David Kilzer  <ddkilzer@apple.com>
955
956         <http://webkit.org/b/60913> C++ exceptions should not be enabled when building with llvm-gcc-4.2
957         <rdar://problem/9446430>
958
959         Reviewed by Mark Rowe.
960
961         * Configurations/Base.xcconfig: Fixed typo.
962
963 2011-05-16  Oliver Hunt  <oliver@apple.com>
964
965         Reviewed by Geoffrey Garen.
966
967         JSWeakObjectMap finalisation may occur while gc is in inconsistent state
968         https://bugs.webkit.org/show_bug.cgi?id=60908
969         <rdar://problem/9409491>
970
971         We need to ensure that we have called all the weak map finalizers while
972         the global object (and hence global context) is still in a consistent
973         state.  The best way to achieve this is to simply use a weak handle and
974         finalizer on the global object.
975
976         * JavaScriptCore.exp:
977         * runtime/JSGlobalObject.cpp:
978         (JSC::JSGlobalObject::WeakMapFinalizer::finalize):
979         * runtime/JSGlobalObject.h:
980         (JSC::JSGlobalObject::registerWeakMap):
981
982 2011-05-16  Siddharth Mathur  <siddharth.mathur@nokia.com>
983
984         Reviewed by Laszlo Gombos.
985
986         [Qt][WK2][Symbian] Shared memory implementation for Symbian
987         https://bugs.webkit.org/show_bug.cgi?id=55875
988
989         * wtf/Platform.h: Exclude Symbian OS from USE(UNIX_DOMAIN_SOCKETS) users
990
991 2011-05-16  Gavin Barraclough  <barraclough@apple.com>
992
993         Rubber stamped by Geoff Garen.
994
995         https://bugs.webkit.org/show_bug.cgi?id=60866
996         Evaluation order broken for empty alternatives in subpatterns
997
998         Reverting https://bugs.webkit.org/show_bug.cgi?id=51395
999
1000         * yarr/YarrPattern.cpp:
1001         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
1002
1003 2011-05-15  Gavin Barraclough  <barraclough@apple.com>
1004
1005         Reviewed by Geoff Garen & Michael Saboff.
1006
1007         https://bugs.webkit.org/show_bug.cgi?id=60860
1008         Simplify backtracking in YARR JIT
1009
1010         YARR JIT currently performs a single pass of code generation over the pattern,
1011         with special handling to allow the code generation for some backtracking code
1012         out of line. We can simplify things by moving to a common mechanism whereby all
1013         forwards matching code is generated in one pass, and all backtracking code is
1014         generated in another. Backtracking code can be generated in reverse order, to
1015         optimized the common fall-through case.
1016
1017         To make it easier to walk over the pattern, we can first convert to a more
1018         byte-code like format before JIT generating. In time we should unify this with
1019         the YARR interpreter to more closely unify the two.
1020
1021         * yarr/YarrJIT.cpp:
1022         (JSC::Yarr::YarrGenerator::jumpIfNoAvailableInput):
1023         (JSC::Yarr::YarrGenerator::YarrOp::YarrOp):
1024         (JSC::Yarr::YarrGenerator::BacktrackingState::BacktrackingState):
1025         (JSC::Yarr::YarrGenerator::BacktrackingState::append):
1026         (JSC::Yarr::YarrGenerator::BacktrackingState::fallthrough):
1027         (JSC::Yarr::YarrGenerator::BacktrackingState::link):
1028         (JSC::Yarr::YarrGenerator::BacktrackingState::linkTo):
1029         (JSC::Yarr::YarrGenerator::BacktrackingState::takeBacktracksToJumpList):
1030         (JSC::Yarr::YarrGenerator::BacktrackingState::isEmpty):
1031         (JSC::Yarr::YarrGenerator::BacktrackingState::linkDataLabels):
1032         (JSC::Yarr::YarrGenerator::BacktrackingState::ReturnAddressRecord::ReturnAddressRecord):
1033         (JSC::Yarr::YarrGenerator::generateAssertionBOL):
1034         (JSC::Yarr::YarrGenerator::backtrackAssertionBOL):
1035         (JSC::Yarr::YarrGenerator::generateAssertionEOL):
1036         (JSC::Yarr::YarrGenerator::backtrackAssertionEOL):
1037         (JSC::Yarr::YarrGenerator::matchAssertionWordchar):
1038         (JSC::Yarr::YarrGenerator::generateAssertionWordBoundary):
1039         (JSC::Yarr::YarrGenerator::backtrackAssertionWordBoundary):
1040         (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
1041         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterOnce):
1042         (JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
1043         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterFixed):
1044         (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
1045         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1046         (JSC::Yarr::YarrGenerator::generatePatternCharacterNonGreedy):
1047         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
1048         (JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
1049         (JSC::Yarr::YarrGenerator::backtrackCharacterClassOnce):
1050         (JSC::Yarr::YarrGenerator::generateCharacterClassFixed):
1051         (JSC::Yarr::YarrGenerator::backtrackCharacterClassFixed):
1052         (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy):
1053         (JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy):
1054         (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy):
1055         (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):
1056         (JSC::Yarr::YarrGenerator::generateTerm):
1057         (JSC::Yarr::YarrGenerator::backtrackTerm):
1058         (JSC::Yarr::YarrGenerator::generate):
1059         (JSC::Yarr::YarrGenerator::backtrack):
1060         (JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
1061         (JSC::Yarr::YarrGenerator::opCompileParentheticalAssertion):
1062         (JSC::Yarr::YarrGenerator::opCompileAlternative):
1063         (JSC::Yarr::YarrGenerator::opCompileBody):
1064         (JSC::Yarr::YarrGenerator::YarrGenerator):
1065         (JSC::Yarr::YarrGenerator::compile):
1066
1067 2011-05-15  Adam Barth  <abarth@webkit.org>
1068
1069         Enable strict PassOwnPtr on Qt.  (Build fixes to follow.)
1070
1071         * wtf/PassOwnPtr.h:
1072
1073 2011-05-15  Geoffrey Garen  <ggaren@apple.com>
1074
1075         Reviewed by Maciej Stachowiak.
1076
1077         Partial fix for <rdar://problem/9417875> REGRESSION: SunSpider ~17% slower
1078         in browser than on command line
1079         
1080         This patch fixes a few issues in generated code that could unreasonably
1081         prolong object lifetimes.
1082
1083         * heap/Heap.cpp:
1084         (JSC::Heap::collectAllGarbage): Throw away all function code before doing
1085         a major collection. We want to clear polymorphic caches, since they can
1086         keep alive large object graphs that have gone "stale". For the same reason,
1087         but to a lesser extent, we also want to clear linked functions and other
1088         one-off caches.
1089
1090         This has the side-benefit of reducing memory footprint from run-once
1091         functions, and of allowing predictions and caches that have failed to
1092         re-specialize.
1093
1094         Eventually, if compilation costs rise far enough, we may want a more
1095         limited strategy for de-specializing code without throwing it away
1096         completely, but this works for now, and it's the simplest solution.
1097
1098         * jit/JITStubs.cpp:
1099         (JSC::JITThunks::hostFunctionStub):
1100         * jit/JITStubs.h:
1101         * runtime/JSFunction.cpp: Made the host function stub cache weak --
1102         otherwise it's effectively a memory leak that can seriously fragment the
1103         GC and JIT heaps.
1104
1105         (JSC::JSFunction::JSFunction):
1106         (JSC::JSFunction::visitChildren): Cleared up some comments that confused
1107         me when working with this code.
1108
1109 2011-05-13  Oliver Hunt  <oliver@apple.com>
1110
1111         Reviewed by Geoffrey Garen.
1112
1113         Make GC validation more aggressive
1114         https://bugs.webkit.org/show_bug.cgi?id=60802
1115
1116         This patch makes the checks performed under GC_VALIDATION
1117         much more aggressive, and adds the checks to more places
1118         in order to allow us to catch GC bugs much closer to the
1119         point of failure.
1120
1121         * JavaScriptCore.exp:
1122         * JavaScriptCore.xcodeproj/project.pbxproj:
1123         * debugger/DebuggerActivation.cpp:
1124         (JSC::DebuggerActivation::visitChildren):
1125         * heap/MarkedBlock.cpp:
1126         (JSC::MarkedBlock::MarkedBlock):
1127         * heap/MarkedSpace.cpp:
1128         * runtime/Arguments.cpp:
1129         (JSC::Arguments::visitChildren):
1130         * runtime/Executable.cpp:
1131         (JSC::EvalExecutable::visitChildren):
1132         (JSC::ProgramExecutable::visitChildren):
1133         (JSC::FunctionExecutable::visitChildren):
1134         * runtime/Executable.h:
1135         * runtime/GetterSetter.cpp:
1136         (JSC::GetterSetter::visitChildren):
1137         * runtime/GetterSetter.h:
1138         * runtime/JSAPIValueWrapper.h:
1139         (JSC::JSAPIValueWrapper::createStructure):
1140         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1141         * runtime/JSActivation.cpp:
1142         (JSC::JSActivation::visitChildren):
1143         * runtime/JSArray.cpp:
1144         (JSC::JSArray::visitChildren):
1145         * runtime/JSCell.cpp:
1146         (JSC::slowValidateCell):
1147         * runtime/JSCell.h:
1148         (JSC::JSCell::JSCell::unvalidatedStructure):
1149         (JSC::JSCell::JSCell::JSCell):
1150         * runtime/JSFunction.cpp:
1151         (JSC::JSFunction::visitChildren):
1152         * runtime/JSGlobalObject.cpp:
1153         (JSC::JSGlobalObject::visitChildren):
1154         (JSC::slowValidateCell):
1155         * runtime/JSONObject.h:
1156         * runtime/JSObject.cpp:
1157         (JSC::JSObject::visitChildren):
1158         * runtime/JSPropertyNameIterator.cpp:
1159         (JSC::JSPropertyNameIterator::visitChildren):
1160         * runtime/JSPropertyNameIterator.h:
1161         * runtime/JSStaticScopeObject.cpp:
1162         (JSC::JSStaticScopeObject::visitChildren):
1163         * runtime/JSString.h:
1164         (JSC::RopeBuilder::JSString):
1165         * runtime/JSWrapperObject.cpp:
1166         (JSC::JSWrapperObject::visitChildren):
1167         * runtime/NativeErrorConstructor.cpp:
1168         (JSC::NativeErrorConstructor::visitChildren):
1169         * runtime/PropertyMapHashTable.h:
1170         (JSC::PropertyMapEntry::PropertyMapEntry):
1171         * runtime/RegExpObject.cpp:
1172         (JSC::RegExpObject::visitChildren):
1173         * runtime/ScopeChain.cpp:
1174         (JSC::ScopeChainNode::visitChildren):
1175         * runtime/ScopeChain.h:
1176         (JSC::ScopeChainNode::ScopeChainNode):
1177         * runtime/Structure.cpp:
1178         (JSC::Structure::Structure):
1179         (JSC::Structure::addPropertyTransition):
1180         (JSC::Structure::visitChildren):
1181         * runtime/Structure.h:
1182         (JSC::JSCell::classInfo):
1183         * runtime/StructureChain.cpp:
1184         (JSC::StructureChain::visitChildren):
1185         * runtime/StructureChain.h:
1186         * runtime/WriteBarrier.h:
1187         (JSC::validateCell):
1188         (JSC::JSCell):
1189         (JSC::JSGlobalObject):
1190         (JSC::WriteBarrierBase::set):
1191         (JSC::WriteBarrierBase::setMayBeNull):
1192         (JSC::WriteBarrierBase::setEarlyValue):
1193         (JSC::WriteBarrierBase::get):
1194         (JSC::WriteBarrierBase::operator*):
1195         (JSC::WriteBarrierBase::operator->):
1196         (JSC::WriteBarrierBase::unvalidatedGet):
1197         (JSC::WriteBarrier::WriteBarrier):
1198         * wtf/Assertions.h:
1199
1200 2011-05-13  Oliver Hunt  <oliver@apple.com>
1201
1202         Reviewed by Geoffrey Garen.
1203
1204         Make GC validation more aggressive
1205         https://bugs.webkit.org/show_bug.cgi?id=60802
1206
1207         This patch makes the checks performed under GC_VALIDATION
1208         much more aggressive, and adds the checks to more places
1209         in order to allow us to catch GC bugs much closer to the
1210         point of failure.
1211
1212         * JavaScriptCore.exp:
1213         * JavaScriptCore.xcodeproj/project.pbxproj:
1214         * debugger/DebuggerActivation.cpp:
1215         (JSC::DebuggerActivation::visitChildren):
1216         * heap/MarkedBlock.cpp:
1217         (JSC::MarkedBlock::MarkedBlock):
1218         * heap/MarkedSpace.cpp:
1219         * runtime/Arguments.cpp:
1220         (JSC::Arguments::visitChildren):
1221         * runtime/Executable.cpp:
1222         (JSC::EvalExecutable::visitChildren):
1223         (JSC::ProgramExecutable::visitChildren):
1224         (JSC::FunctionExecutable::visitChildren):
1225         * runtime/Executable.h:
1226         * runtime/GetterSetter.cpp:
1227         (JSC::GetterSetter::visitChildren):
1228         * runtime/GetterSetter.h:
1229         * runtime/JSAPIValueWrapper.h:
1230         (JSC::JSAPIValueWrapper::createStructure):
1231         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1232         * runtime/JSActivation.cpp:
1233         (JSC::JSActivation::visitChildren):
1234         * runtime/JSArray.cpp:
1235         (JSC::JSArray::visitChildren):
1236         * runtime/JSCell.cpp:
1237         (JSC::slowValidateCell):
1238         * runtime/JSCell.h:
1239         (JSC::JSCell::JSCell::unvalidatedStructure):
1240         (JSC::JSCell::JSCell::JSCell):
1241         * runtime/JSFunction.cpp:
1242         (JSC::JSFunction::visitChildren):
1243         * runtime/JSGlobalObject.cpp:
1244         (JSC::JSGlobalObject::visitChildren):
1245         (JSC::slowValidateCell):
1246         * runtime/JSONObject.h:
1247         * runtime/JSObject.cpp:
1248         (JSC::JSObject::visitChildren):
1249         * runtime/JSPropertyNameIterator.cpp:
1250         (JSC::JSPropertyNameIterator::visitChildren):
1251         * runtime/JSPropertyNameIterator.h:
1252         * runtime/JSStaticScopeObject.cpp:
1253         (JSC::JSStaticScopeObject::visitChildren):
1254         * runtime/JSString.h:
1255         (JSC::RopeBuilder::JSString):
1256         * runtime/JSWrapperObject.cpp:
1257         (JSC::JSWrapperObject::visitChildren):
1258         * runtime/NativeErrorConstructor.cpp:
1259         (JSC::NativeErrorConstructor::visitChildren):
1260         * runtime/PropertyMapHashTable.h:
1261         (JSC::PropertyMapEntry::PropertyMapEntry):
1262         * runtime/RegExpObject.cpp:
1263         (JSC::RegExpObject::visitChildren):
1264         * runtime/ScopeChain.cpp:
1265         (JSC::ScopeChainNode::visitChildren):
1266         * runtime/ScopeChain.h:
1267         (JSC::ScopeChainNode::ScopeChainNode):
1268         * runtime/Structure.cpp:
1269         (JSC::Structure::Structure):
1270         (JSC::Structure::addPropertyTransition):
1271         (JSC::Structure::visitChildren):
1272         * runtime/Structure.h:
1273         (JSC::JSCell::classInfo):
1274         * runtime/StructureChain.cpp:
1275         (JSC::StructureChain::visitChildren):
1276         * runtime/StructureChain.h:
1277         * runtime/WriteBarrier.h:
1278         (JSC::validateCell):
1279         (JSC::JSCell):
1280         (JSC::JSGlobalObject):
1281         (JSC::WriteBarrierBase::set):
1282         (JSC::WriteBarrierBase::setMayBeNull):
1283         (JSC::WriteBarrierBase::setEarlyValue):
1284         (JSC::WriteBarrierBase::get):
1285         (JSC::WriteBarrierBase::operator*):
1286         (JSC::WriteBarrierBase::operator->):
1287         (JSC::WriteBarrierBase::unvalidatedGet):
1288         (JSC::WriteBarrier::WriteBarrier):
1289         * wtf/Assertions.h:
1290
1291 2011-05-14  Csaba Osztrogonác  <ossy@webkit.org>
1292
1293         Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt.
1294
1295         Make GC validation more aggressive
1296         https://bugs.webkit.org/show_bug.cgi?id=60802
1297
1298         * JavaScriptCore.exp:
1299         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1300         * JavaScriptCore.xcodeproj/project.pbxproj:
1301         * debugger/DebuggerActivation.cpp:
1302         (JSC::DebuggerActivation::visitChildren):
1303         * heap/MarkedBlock.cpp:
1304         (JSC::MarkedBlock::MarkedBlock):
1305         * heap/MarkedSpace.cpp:
1306         * runtime/Arguments.cpp:
1307         (JSC::Arguments::visitChildren):
1308         * runtime/Executable.cpp:
1309         (JSC::EvalExecutable::visitChildren):
1310         (JSC::ProgramExecutable::visitChildren):
1311         (JSC::FunctionExecutable::visitChildren):
1312         * runtime/Executable.h:
1313         (JSC::ProgramExecutable::createStructure):
1314         (JSC::FunctionExecutable::createStructure):
1315         * runtime/GetterSetter.cpp:
1316         (JSC::GetterSetter::visitChildren):
1317         * runtime/GetterSetter.h:
1318         (JSC::GetterSetter::createStructure):
1319         * runtime/JSAPIValueWrapper.h:
1320         (JSC::JSAPIValueWrapper::createStructure):
1321         * runtime/JSActivation.cpp:
1322         (JSC::JSActivation::visitChildren):
1323         * runtime/JSArray.cpp:
1324         (JSC::JSArray::visitChildren):
1325         * runtime/JSCell.cpp:
1326         * runtime/JSCell.h:
1327         (JSC::JSCell::JSCell::JSCell):
1328         * runtime/JSFunction.cpp:
1329         (JSC::JSFunction::visitChildren):
1330         * runtime/JSGlobalObject.cpp:
1331         (JSC::JSGlobalObject::visitChildren):
1332         * runtime/JSONObject.h:
1333         (JSC::JSONObject::createStructure):
1334         * runtime/JSObject.cpp:
1335         (JSC::JSObject::visitChildren):
1336         * runtime/JSPropertyNameIterator.cpp:
1337         (JSC::JSPropertyNameIterator::visitChildren):
1338         * runtime/JSPropertyNameIterator.h:
1339         * runtime/JSStaticScopeObject.cpp:
1340         (JSC::JSStaticScopeObject::visitChildren):
1341         * runtime/JSString.h:
1342         (JSC::RopeBuilder::createStructure):
1343         * runtime/JSWrapperObject.cpp:
1344         (JSC::JSWrapperObject::visitChildren):
1345         * runtime/NativeErrorConstructor.cpp:
1346         (JSC::NativeErrorConstructor::visitChildren):
1347         * runtime/PropertyMapHashTable.h:
1348         (JSC::PropertyMapEntry::PropertyMapEntry):
1349         * runtime/RegExpObject.cpp:
1350         (JSC::RegExpObject::visitChildren):
1351         * runtime/ScopeChain.cpp:
1352         (JSC::ScopeChainNode::visitChildren):
1353         * runtime/ScopeChain.h:
1354         (JSC::ScopeChainNode::ScopeChainNode):
1355         * runtime/Structure.cpp:
1356         (JSC::Structure::Structure):
1357         (JSC::Structure::addPropertyTransition):
1358         (JSC::Structure::visitChildren):
1359         * runtime/Structure.h:
1360         (JSC::Structure::createStructure):
1361         (JSC::JSCell::classInfo):
1362         * runtime/StructureChain.cpp:
1363         (JSC::StructureChain::visitChildren):
1364         * runtime/StructureChain.h:
1365         * runtime/WriteBarrier.h:
1366         (JSC::WriteBarrierBase::set):
1367         (JSC::WriteBarrierBase::get):
1368         (JSC::WriteBarrierBase::operator*):
1369         (JSC::WriteBarrierBase::operator->):
1370         (JSC::WriteBarrier::WriteBarrier):
1371         * wtf/Assertions.h:
1372
1373 2011-05-13  Oliver Hunt  <oliver@apple.com>
1374
1375         Reviewed by Geoffrey Garen.
1376
1377         Make GC validation more aggressive
1378         https://bugs.webkit.org/show_bug.cgi?id=60802
1379
1380         This patch makes the checks performed under GC_VALIDATION
1381         much more aggressive, and adds the checks to more places
1382         in order to allow us to catch GC bugs much closer to the
1383         point of failure.
1384
1385         * JavaScriptCore.exp:
1386         * JavaScriptCore.xcodeproj/project.pbxproj:
1387         * debugger/DebuggerActivation.cpp:
1388         (JSC::DebuggerActivation::visitChildren):
1389         * heap/MarkedBlock.cpp:
1390         (JSC::MarkedBlock::MarkedBlock):
1391         * heap/MarkedSpace.cpp:
1392         * runtime/Arguments.cpp:
1393         (JSC::Arguments::visitChildren):
1394         * runtime/Executable.cpp:
1395         (JSC::EvalExecutable::visitChildren):
1396         (JSC::ProgramExecutable::visitChildren):
1397         (JSC::FunctionExecutable::visitChildren):
1398         * runtime/Executable.h:
1399         * runtime/GetterSetter.cpp:
1400         (JSC::GetterSetter::visitChildren):
1401         * runtime/GetterSetter.h:
1402         * runtime/JSAPIValueWrapper.h:
1403         (JSC::JSAPIValueWrapper::createStructure):
1404         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1405         * runtime/JSActivation.cpp:
1406         (JSC::JSActivation::visitChildren):
1407         * runtime/JSArray.cpp:
1408         (JSC::JSArray::visitChildren):
1409         * runtime/JSCell.cpp:
1410         (JSC::slowValidateCell):
1411         * runtime/JSCell.h:
1412         (JSC::JSCell::JSCell::unvalidatedStructure):
1413         (JSC::JSCell::JSCell::JSCell):
1414         * runtime/JSFunction.cpp:
1415         (JSC::JSFunction::visitChildren):
1416         * runtime/JSGlobalObject.cpp:
1417         (JSC::JSGlobalObject::visitChildren):
1418         (JSC::slowValidateCell):
1419         * runtime/JSONObject.h:
1420         * runtime/JSObject.cpp:
1421         (JSC::JSObject::visitChildren):
1422         * runtime/JSPropertyNameIterator.cpp:
1423         (JSC::JSPropertyNameIterator::visitChildren):
1424         * runtime/JSPropertyNameIterator.h:
1425         * runtime/JSStaticScopeObject.cpp:
1426         (JSC::JSStaticScopeObject::visitChildren):
1427         * runtime/JSString.h:
1428         (JSC::RopeBuilder::JSString):
1429         * runtime/JSWrapperObject.cpp:
1430         (JSC::JSWrapperObject::visitChildren):
1431         * runtime/NativeErrorConstructor.cpp:
1432         (JSC::NativeErrorConstructor::visitChildren):
1433         * runtime/PropertyMapHashTable.h:
1434         (JSC::PropertyMapEntry::PropertyMapEntry):
1435         * runtime/RegExpObject.cpp:
1436         (JSC::RegExpObject::visitChildren):
1437         * runtime/ScopeChain.cpp:
1438         (JSC::ScopeChainNode::visitChildren):
1439         * runtime/ScopeChain.h:
1440         (JSC::ScopeChainNode::ScopeChainNode):
1441         * runtime/Structure.cpp:
1442         (JSC::Structure::Structure):
1443         (JSC::Structure::addPropertyTransition):
1444         (JSC::Structure::visitChildren):
1445         * runtime/Structure.h:
1446         (JSC::JSCell::classInfo):
1447         * runtime/StructureChain.cpp:
1448         (JSC::StructureChain::visitChildren):
1449         * runtime/StructureChain.h:
1450         * runtime/WriteBarrier.h:
1451         (JSC::validateCell):
1452         (JSC::JSCell):
1453         (JSC::JSGlobalObject):
1454         (JSC::WriteBarrierBase::set):
1455         (JSC::WriteBarrierBase::setMayBeNull):
1456         (JSC::WriteBarrierBase::setEarlyValue):
1457         (JSC::WriteBarrierBase::get):
1458         (JSC::WriteBarrierBase::operator*):
1459         (JSC::WriteBarrierBase::operator->):
1460         (JSC::WriteBarrierBase::unvalidatedGet):
1461         (JSC::WriteBarrier::WriteBarrier):
1462         * wtf/Assertions.h:
1463
1464 2011-05-01  Holger Hans Peter Freyther  <holger@moiji-mobile.com>
1465
1466         Reviewed by Steve Block.
1467
1468         [android] OS(ANDROID) does not imply PLATFORM(ANDROID)
1469         https://bugs.webkit.org/show_bug.cgi?id=59888
1470
1471         It is possible to build QtWebKit and others for OS(ANDROID). Let
1472         the buildsystem decide which platform is to be build.
1473
1474         * wtf/Platform.h:
1475
1476 2011-05-12  Maciej Stachowiak  <mjs@apple.com>
1477
1478         Reviewed by Darin Adler.
1479
1480         XMLDocumentParserLibxml2 should play nice with strict OwnPtrs
1481         https://bugs.webkit.org/show_bug.cgi?id=59394
1482
1483         This portion of the change introduces a PassTraits template, which
1484         is used to enable takeFirst() to work for a Deque holding OwnPtrs,
1485         and optimize it for a Deque holding RefPtrs. In the future it can
1486         be deployed elsewhere to make our data structures work better with
1487         our smart pointers.
1488
1489         * GNUmakefile.list.am:
1490         * JavaScriptCore.gypi:
1491         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1492         * JavaScriptCore.xcodeproj/project.pbxproj:
1493         * wtf/CMakeLists.txt:
1494         * wtf/Deque.h:
1495         (WTF::::takeFirst):
1496         * wtf/PassTraits.h: Added.
1497         (WTF::PassTraits::transfer):
1498
1499 2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
1500
1501         Not reviewed.
1502
1503         Revert r86334, it broke the win build. WinCE build is fixed even without this patch. WinCairo remains broken atm, everything else works.
1504
1505         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1506
1507 2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
1508
1509         Not reviewed.
1510
1511         String operator+ reallocates unnecessarily when concatting > 2 strings
1512         https://bugs.webkit.org/show_bug.cgi?id=58420
1513
1514         Try to fix WinCE/WinCairo linking by exporting three symbols, not sure whether it's correct though. Win worked just fine before.
1515
1516         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1517
1518 2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
1519
1520         Reviewed by Darin Adler.
1521
1522         String operator+ reallocates unnecessarily when concatting > 2 strings
1523         https://bugs.webkit.org/show_bug.cgi?id=58420
1524
1525         Provide a faster String append operator.
1526         Up until now, "String operator+(const String& a, const String& b)" copied String a into a temporary
1527         object, and used a.append(b), which reallocates a new buffer of aLength+bLength. When concatting
1528         N strings using operator+, this leads to N-1 reallocations.
1529
1530         Replace this with a flexible operator+ implementation, that avoids these reallocations.
1531         When concatting a 'String' with any string type (char*, UChar, Vector<char>, String, AtomicString, etc..)
1532         a StringAppend<String, T> object is created, which holds the intermediate string objects, and delays
1533         creation of the final string, until operator String() is invoked.
1534
1535         template<typename T>
1536         StringAppend<String, T> operator+(const String& string1, T string2)
1537         {
1538             return StringAppend<String, T>(string1, string2);
1539         }
1540
1541         template<typename U, typename V, typename W>
1542         StringAppend<U, StringAppend<V, W> > operator+(U string1, const StringAppend<V, W>& string2)
1543         {
1544             return StringAppend<U, StringAppend<V, W> >(string1, string2);
1545         }
1546
1547         When concatting three strings - "String a, b, c; String result = a + b + c;" following happens:
1548         first a StringAppend<String, String> object is created by operator+(const String& string1, String string2).
1549         Then operator+(String string1, const StringAppend<String, String>& string2) is invoked, which returns
1550         a StringAppend<String, StringAppend<String, String> > object.
1551         Then operator String() is invoked, which allocates a StringImpl object, once, large enough to hold the
1552         final string - it uses tryMakeString provided by StringConcatenate.h under the hoods, which guards us
1553         against too big string allocations, etc.
1554
1555         Note that the second template, defines a recursive way to concat an arbitary number of strings
1556         into a single String with just one allocation.
1557
1558         * GNUmakefile.list.am: Add StringOperators.h to build.
1559         * JavaScriptCore.exp: Export WTF::emptyString(). Remove no longer needed symbols.
1560         * JavaScriptCore.gypi: Add StringOperators.h to build.
1561         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1562         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1563         * wtf/text/AtomicString.h: Pull in StringConcatenate.h at the end of the file.
1564         * wtf/text/StringConcatenate.h: Conditionally include AtomicString.h to avoid a cyclic dependency. Pull in StringOperators.h at the end of the file.
1565         * wtf/text/StringOperators.h: Added. This is never meant to be included directly, including either WTFString.h or AtomicString.h automatically pulls in this file.
1566         (WTF::StringAppend::StringAppend):
1567         (WTF::StringAppend::operator String):
1568         (WTF::StringAppend::operator AtomicString):
1569         (WTF::StringAppend::writeTo):
1570         (WTF::StringAppend::length):
1571         (WTF::operator+):
1572         * wtf/text/WTFString.cpp: Remove operator+ implementations that use String::append(). 
1573         (WTF::emptyString): Add new shared empty string free function.
1574         * wtf/text/WTFString.h: Replace operator+ implementations by StringAppend template solution. Pull in AtomicString.h at the end of the file.
1575
1576 2011-05-12  Philippe Normand  <pnormand@igalia.com>
1577
1578         Unreviewed, GTK build fix.
1579
1580         * wtf/Platform.h:
1581
1582 2011-05-12  Keith Kyzivat  <keith.kyzivat@nokia.com>
1583
1584         Reviewed by Csaba Osztrogonác.
1585
1586         [Qt] Arm debug build failing on ARMAssembler::debugOffset()
1587         https://bugs.webkit.org/show_bug.cgi?id=60688
1588
1589         Related to svn rev 85523
1590
1591         * assembler/ARMAssembler.h:
1592         (JSC::ARMAssembler::debugOffset):
1593
1594 2011-05-11  Igor Oliveira  <igor.oliveira@openbossa.org>
1595
1596         Reviewed by Eric Seidel.
1597
1598         WebKit does not build with GCCE
1599         https://bugs.webkit.org/show_bug.cgi?id=60667
1600
1601         Allow compile WebKit with GCCE
1602
1603         * wtf/Alignment.h:
1604         * wtf/Platform.h:
1605
1606 2011-05-11  Adam Barth  <abarth@webkit.org>
1607
1608         Reviewed by Eric Seidel.
1609
1610         Enable strict PassOwnPtr on Mac
1611         https://bugs.webkit.org/show_bug.cgi?id=60684
1612
1613         This should build cleanly now.
1614
1615         * wtf/PassOwnPtr.h:
1616
1617 2011-05-11  Oliver Hunt  <oliver@apple.com>
1618
1619         Reviewed by Darin Adler.
1620
1621         Protect JSC from WebCore executing JS during JS wrapper finalization
1622         https://bugs.webkit.org/show_bug.cgi?id=60672
1623         <rdar://problem/9350997>
1624
1625         Detect when we're trying to execute JS during GC and prevent the
1626         execution from happening.  We also assert that this isn't happening
1627         as it implies incorrect behaviour of an object's destructor.
1628
1629         * JavaScriptCore.exp:
1630         * heap/Heap.cpp:
1631         * heap/Heap.h:
1632         (JSC::Heap::isBusy):
1633         * interpreter/Interpreter.cpp:
1634         (JSC::Interpreter::execute):
1635         (JSC::Interpreter::executeCall):
1636         (JSC::Interpreter::executeConstruct):
1637         * runtime/JSGlobalData.h:
1638         (JSC::JSGlobalData::isCollectorBusy):
1639
1640 2011-05-11  Oliver Hunt  <oliver@apple.com>
1641
1642         Reviewed by Gavin Barraclough.
1643
1644         Enable gc mark validation in temporarily in release builds
1645         https://bugs.webkit.org/show_bug.cgi?id=60678
1646
1647         Make it easier to turn the gc mark validation on and off, and
1648         temporarily turn it on for all builds.
1649
1650         * heap/MarkStack.cpp:
1651         * heap/MarkStack.h:
1652         (JSC::MarkStack::append):
1653         (JSC::MarkStack::internalAppend):
1654         * runtime/WriteBarrier.h:
1655         (JSC::MarkStack::appendValues):
1656         * wtf/Platform.h:
1657
1658 2011-05-11  Geoffrey Garen  <ggaren@apple.com>
1659
1660         Reviewed by Oliver Hunt.
1661
1662         <rdar://problem/9331651> REGRESSION: RPRVT grows by 1MB / sec @ dvd2blu.com
1663         
1664         SunSpider reports no change.
1665
1666         This bug was caused by changing Structure and Executable to being GC
1667         objects, and by a long-standing bug that would thrash the global object
1668         between dictionary and non-dictionary states.
1669
1670         * runtime/BatchedTransitionOptimizer.h:
1671         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): Don't
1672         eagerly transition to dictionary -- this can cause pathological dictionary
1673         churn, and it's not necessary, since objects know how to automatically
1674         transition to dictionary when necessary.
1675
1676         * runtime/Executable.cpp:
1677         (JSC::EvalExecutable::compileInternal):
1678         (JSC::ProgramExecutable::compileInternal):
1679         (JSC::FunctionExecutable::compileForCallInternal):
1680         (JSC::FunctionExecutable::compileForConstructInternal): Be sure to report
1681         extra cost from compilation, because it can be quite high. This is especially
1682         important for program code, since DOM timers can repeatedly allocate
1683         program code without allocating any other objects.
1684
1685         * runtime/JSObject.cpp:
1686         (JSC::JSObject::removeDirect): Don't transition to the uncacheable state
1687         if the thing we're trying to remove doesn't exist. This can happen during
1688         compilation, since the compiler needs to ensure that no pre-existing
1689         conflicting definitions exist for certain declarations.
1690
1691 2011-05-11  Oliver Hunt  <oliver@apple.com>
1692
1693         Reviewed by Gavin Barraclough.
1694
1695         Make mark stack validation functions do something useful in a release build
1696         https://bugs.webkit.org/show_bug.cgi?id=60645
1697
1698         Turn ASSERTs into actual if(...) CRASH(); statements.
1699
1700         * heap/MarkStack.cpp:
1701         (JSC::MarkStack::validateValue):
1702
1703 2011-05-11  Xan Lopez  <xlopez@igalia.com>
1704
1705         Reviewed by Martin Robinson.
1706
1707         Fix copy&paste error in comment.
1708
1709         * jit/JITPropertyAccess.cpp:
1710         (JSC::JIT::stringGetByValStubGenerator): the value is stored in
1711         regT2, not regT1.
1712
1713 2011-05-11  Adam Roben  <aroben@apple.com>
1714
1715         WinCE build fixes for strict PassOwnPtr
1716
1717         * wtf/unicode/CollatorDefault.cpp:
1718         (WTF::Collator::userDefault): Use adoptPtr.
1719
1720 2011-05-11  Holger Hans Peter Freyther  <holger@moiji-mobile.com>
1721
1722         Unreviewed build fix.
1723
1724         [MIPS] Fix compilation of the MIPS JIT
1725
1726         Include the MIPSAssembler.h first to indirectly include
1727         AssemblerBuffer.h before the AbstractMacroAssembler.h. This
1728         order is used for the ARM and X86 MacroAssembler*.h
1729
1730         * assembler/MacroAssemblerMIPS.h:
1731
1732 2011-05-11  Adam Roben  <aroben@apple.com>
1733
1734         Turn on strict PassOwnPtr on Windows
1735
1736         Fixes <http://webkit.org/b/60632> Windows should build with strict PassOwnPtr enabled
1737
1738         Reviewed by Adam Barth.
1739
1740         * wtf/PassOwnPtr.h:
1741
1742 2011-05-10  Stephanie Lewis  <slewis@apple.com>
1743
1744         Unreviewed.
1745
1746         Revert accidental JavaScriptCore change in http://trac.webkit.org/changeset/86130
1747
1748         * Configurations/JavaScriptCore.xcconfig:
1749
1750 2011-05-10  Adam Barth  <abarth@webkit.org>
1751
1752         Reviewed by David Levin.
1753
1754         Enable strict PassOwnPtr on Chromium
1755         https://bugs.webkit.org/show_bug.cgi?id=60502
1756
1757         Other platforms to follow.
1758
1759         * wtf/PassOwnPtr.h:
1760
1761 2011-05-10  Geoffrey Garen  <ggaren@apple.com>
1762
1763         Reviewed by Darin Adler.
1764
1765         Fixed up some #include dependencies so the WriteBarrier class can actually call Heap::writeBarrier
1766         https://bugs.webkit.org/show_bug.cgi?id=60532
1767
1768         * GNUmakefile.list.am:
1769         * JavaScriptCore.gypi:
1770         * JavaScriptCore.xcodeproj/project.pbxproj: Build!
1771
1772         * heap/Handle.h: Moved HandleTypes to its own header because that's the
1773         WebKit style, and it was necessary to resolve a circular dependency
1774         between Handle.h and WriteBarrier.h.
1775
1776         * heap/Heap.h:
1777         (JSC::Heap::writeBarrier): Added an inline no-op writeBarrier(), to
1778         verify that all the code is in the right place.
1779
1780         * heap/MarkStack.h: Moved WriteBarrier operations to WriteBarrier.h to
1781         resolve a circular dependency.
1782
1783         * runtime/ArgList.h:
1784         * runtime/JSCell.h: #include WriteBarrier.h since we don't get it for
1785         free anymore.
1786
1787         * runtime/PropertyMapHashTable.h:
1788         (JSC::PropertyTable::PropertyTable): Call the real writeBarrier()
1789         function, now that it exists.
1790
1791         * runtime/SmallStrings.h: Removed a stray #include to resolve a circular
1792         dependency.
1793
1794         * runtime/WriteBarrier.h:
1795         (JSC::WriteBarrierBase::set):
1796         (JSC::MarkStack::append):
1797         (JSC::MarkStack::appendValues): Updated to match the changes above.
1798
1799 2011-05-10  Oliver Hunt  <oliver@apple.com>
1800
1801         Build fix.
1802
1803         * heap/MarkStack.cpp:
1804         (JSC::MarkStack::validateValue):
1805
1806 2011-05-10  Oliver Hunt  <oliver@apple.com>
1807
1808         Reviewed by Gavin Barraclough.
1809
1810         Add some aggressive GC validation to debug builds.
1811         https://bugs.webkit.org/show_bug.cgi?id=60601
1812
1813         When assertions are enabled we now do some validity checking
1814         of objects being added to the mark stack.
1815
1816         * bytecode/Instruction.h:
1817         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::PolymorphicStubInfo):
1818         (JSC::PolymorphicAccessStructureList::visitAggregate):
1819         * heap/MarkStack.cpp:
1820         (JSC::MarkStack::validateSet):
1821         (JSC::MarkStack::validateValue):
1822         * heap/MarkStack.h:
1823         (JSC::MarkStack::appendValues):
1824         (JSC::MarkStack::append):
1825         (JSC::MarkStack::internalAppend):
1826
1827 2011-05-09  Darin Adler  <darin@apple.com>
1828
1829         Reviewed by Oliver Hunt.
1830
1831         http://bugs.webkit.org/show_bug.cgi?id=60509
1832         Wrong type used for return value from strlen
1833
1834         * wtf/FastMalloc.cpp:
1835         (WTF::fastStrDup): Use size_t. Also don't bother checking for failure since
1836         fastMalloc won't return if it fails.
1837
1838 2011-05-09  Adam Barth  <abarth@webkit.org>
1839
1840         Reviewed by Eric Seidel.
1841
1842         CSP should block Function constructor
1843         https://bugs.webkit.org/show_bug.cgi?id=60240
1844
1845         When eval is disabled, we need to block the use of the function
1846         constructor.  However, the WebCore JSC bindings call the function
1847         constructor directly to create inline event listeners.  To support that
1848         use, this patch adds an entrypoint that bypasses the check for whether
1849         eval is enabled.
1850
1851         * JavaScriptCore.exp:
1852         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1853         * runtime/FunctionConstructor.cpp:
1854         (JSC::constructFunction):
1855         (JSC::constructFunctionSkippingEvalEnabledCheck):
1856         * runtime/FunctionConstructor.h:
1857
1858 2011-05-09  Adam Roben  <aroben@apple.com>
1859
1860         Automatically touch WebKit.idl whenever any other WebKit1 IDL file changes
1861
1862         Fixes <http://webkit.org/b/60468> WebKit.idl needs to be manually touched whenever any other
1863         WebKit1 IDL file changes to avoid build errors
1864
1865         Reviewed by Tim Hatcher.
1866
1867         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
1868         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
1869         Updated for script rename.
1870
1871         * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py: Removed.
1872         * JavaScriptCore.vcproj/JavaScriptCore/work-around-vs-dependency-tracking-bugs.py: Renamed
1873         from react-to-vsprops-changes.py.
1874         (top level): Moved a constant here from main.
1875         (main): Moved most code from here to react_to_vsprops_changes. Added a call to the new
1876         react_to_webkit1_interface_changes function.
1877         (react_to_vsprops_changes): Moved code here from main. Updated to use the
1878         TOP_LEVEL_DIRECTORY global. Moved some code from here to mtime_of_newest_file_matching_globa
1879         and touch_if_older_than.
1880         (react_to_webkit1_interface_changes): Added. Touches WebKit.idl if any other WebKit1 IDL
1881         file has changed.
1882         (mtime_of_newest_file_matching_glob): Added. Code came from main.
1883         (touch_if_older_than): Added. Code came from main.
1884
1885 2011-05-08  Jessie Berlin  <jberlin@apple.com>
1886
1887         Reviewed by Dan Bernstein.
1888
1889         Make JSRetainPtr work with JSGlobalContextRefs.
1890         https://bugs.webkit.org/show_bug.cgi?id=60452
1891
1892         Add specialized functions for JSRetain and JSRelease when dealing with JSGlobalContextRefs.
1893
1894         * API/JSRetainPtr.h:
1895         (JSRetain):
1896         (JSRelease):
1897
1898 2011-05-07  Dawit Alemayehu  <adawit@kde.org>
1899
1900         Reviewed by Daniel Bates.
1901
1902         Fix compile with GCC 4.6.0
1903         https://bugs.webkit.org/show_bug.cgi?id=60380
1904
1905         Remove unused local variable from code.
1906
1907         * runtime/StringPrototype.cpp:
1908         (JSC::stringProtoFuncMatch):
1909
1910 2011-05-06  Alexis Menard  <alexis.menard@openbossa.org>
1911
1912         Unreviewed build fix with gcc 4.6.0 on linux and c++0x support.
1913
1914         std::tr1::has_trivial_constructor is in <tr1/memory>.
1915
1916         * wtf/TypeTraits.h:
1917
1918 2011-05-05  Jay Civelli  <jcivelli@chromium.org>
1919
1920         Reviewed by Adam Barth.
1921
1922         Added convenience methods to convert from a byte to hex ASCII digit
1923         characters and vice-versa.
1924         https://bugs.webkit.org/show_bug.cgi?id=59834
1925
1926         * wtf/ASCIICType.h:
1927         (WTF::toASCIIHexValue):
1928         (WTF::lowerNibbleToASCIIHexDigit):
1929         (WTF::upperNibbleToASCIIHexDigit):
1930
1931 2011-05-05  Alexis Menard  <alexis.menard@openbossa.org>
1932
1933         Reviewed by Benjamin Poulain.
1934
1935         [Qt] Make QtWebKit build when using gcc 4.6.0
1936         https://bugs.webkit.org/show_bug.cgi?id=60265
1937
1938         If QtWebKit is compiled with gcc 4.6.0 or later we don't want to deactivate
1939         the c++0x support because it works.
1940
1941         * JavaScriptCore.pro:
1942
1943 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
1944
1945         Reviewed by Geoffrey Garen.
1946
1947         Port MachineStackMarker.cpp to Windows x64
1948         https://bugs.webkit.org/show_bug.cgi?id=60216
1949
1950         * heap/MachineStackMarker.cpp:
1951         (JSC::getPlatformThreadRegisters): the CONTEXT struct is usable also
1952         on 64-bit Windows.
1953         (JSC::otherThreadStackPointer): return the Rsp register on Windows x64.
1954
1955 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
1956
1957         Reviewed by Martin Robinson.
1958
1959         Link libjavascriptcoregtk on Windows with winmm.dll
1960         https://bugs.webkit.org/show_bug.cgi?id=60215
1961
1962         * GNUmakefile.am:
1963
1964 2011-05-04  Tao Bai  <michaelbai@chromium.org>
1965
1966         Reviewed by David Kilzer.
1967
1968         Populate touch-icon url to FrameLoaderClient
1969         https://bugs.webkit.org/show_bug.cgi?id=59143
1970
1971         * Configurations/FeatureDefines.xcconfig:
1972
1973 2011-05-03  Geoffrey Garen  <ggaren@apple.com>
1974
1975         Reviewed by Darin Adler.
1976
1977         <rdar://problem/9366557> Various crashes due to bad DFG codegen at canalplus.fr
1978
1979         * dfg/DFGSpeculativeJIT.cpp:
1980         (JSC::DFG::SpeculativeJIT::checkArgumentTypes): Removed a stray line of
1981         code that accidentally survived the conversion to a switch statement,
1982         causing a lot of important code not to run most of the time.
1983
1984         Since this is not a trivial finger-picking mistake, I will not call it a
1985         typo.
1986
1987 2011-05-04  Adam Roben  <aroben@apple.com>
1988
1989         Another attempted build fix
1990
1991         * wtf/OwnPtr.h:
1992         (WTF::OwnPtr::operator==):
1993         (WTF::OwnPtr::operator!=):
1994         * wtf/PassOwnPtr.h:
1995         (WTF::PassOwnPtr::operator==):
1996         (WTF::PassOwnPtr::operator!=):
1997         Added a return statement. And made a tweak based on a suggestion from Anders Carlsson.
1998
1999 2011-05-04  Adam Roben  <aroben@apple.com>
2000
2001         Try to fix Leopard, Qt, and probably others
2002
2003         * wtf/OwnPtr.h:
2004         (WTF::OwnPtr::operator==):
2005         (WTF::OwnPtr::operator!=):
2006         * wtf/PassOwnPtr.h:
2007         (WTF::PassOwnPtr::operator==):
2008         (WTF::PassOwnPtr::operator!=):
2009         Try to get the compiler not to instantiate these function templates unnecessarily.
2010
2011 2011-05-03  Adam Roben  <aroben@apple.com>
2012
2013         Disallow equality comparisons between [Pass]OwnPtrs
2014
2015         If you have two OwnPtrs that are equal, you've already lost. (Unless you're doing something
2016         really sneaky, in which case you should stop!)
2017
2018         Fixes <http://webkit.org/b/60053> Testing OwnPtrs for equality should cause a compiler error
2019
2020         Reviewed by Anders Carlsson and Antti Koivisto.
2021
2022         * wtf/OwnPtr.h:
2023         (WTF::OwnPtr::operator==):
2024         (WTF::OwnPtr::operator!=):
2025         * wtf/PassOwnPtr.h:
2026         (WTF::PassOwnPtr::operator==):
2027         (WTF::PassOwnPtr::operator!=):
2028         Added private equality operators that fail to compile when used. (When not used, the
2029         compiler will skip over them because they are function templates.)
2030
2031 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
2032
2033         Reviewed by Gavin Barraclough.
2034
2035         JITArithmetic.cpp produces a warning on a unused variable.
2036         https://bugs.webkit.org/show_bug.cgi?id=60060
2037
2038         Just properly use what we already have converted.
2039
2040         * jit/JITArithmetic.cpp:
2041         (JSC::JIT::emitSlow_op_add):
2042         (JSC::JIT::emitSlow_op_mul):
2043
2044 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
2045
2046         Reviewed by Geoffrey Garen.
2047
2048         JITPropertyAccess produces a unused but set variable warning in gcc 4.6.0.
2049         https://bugs.webkit.org/show_bug.cgi?id=60050
2050
2051         This patch fix a compilation warning. The new warning scenario -Wunused-but-set-variable
2052         in gcc 4.6.0 is included in -Wall and therefore stops the compilation when warnings are treated
2053         as errors. The patch introduces a new macro ASSERT_JIT_OFFSET_UNUSED and ASSERT_WITH_MESSAGE_UNUSED
2054         which copy the idea of ASSERT_UNUSED.
2055
2056         * jit/JIT.h:
2057         * jit/JITPropertyAccess.cpp:
2058         (JSC::JIT::emit_op_method_check):
2059         (JSC::JIT::compileGetByIdHotPath):
2060         (JSC::JIT::emit_op_put_by_id):
2061         * wtf/Assertions.h:
2062         (assertWithMessageUnused):
2063
2064 2011-04-29  Jer Noble  <jer.noble@apple.com>
2065
2066         Reviewed by Eric Seidel.
2067
2068         Implement FULLSCREEN_API on Windows, Part 4: Enable it
2069         https://bugs.webkit.org/show_bug.cgi?id=59798
2070
2071         * wtf/Platform.h: Set ENABLE_FULLSCREEN_API on win.
2072
2073 2011-05-03  Alexis Menard  <alexis.menard@openbossa.org>
2074
2075         Reviewed by Eric Seidel.
2076
2077         Unused but set variable warning in MacroAssemberX86_64
2078         https://bugs.webkit.org/show_bug.cgi?id=59482
2079
2080         * assembler/MacroAssemblerX86_64.h:
2081         (JSC::MacroAssemblerX86_64::call):
2082         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
2083         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
2084
2085 2011-05-03  Oliver Hunt  <oliver@apple.com>
2086
2087         Reviewed by Geoffrey Garen.
2088
2089         Make malloc validation useful
2090         https://bugs.webkit.org/show_bug.cgi?id=57502
2091
2092         Reland this patch (rolled out in 82905) without
2093         turning it on by default.
2094
2095         * JavaScriptCore.exp:
2096         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2097         * wtf/FastMalloc.cpp:
2098         (WTF::tryFastMalloc):
2099         (WTF::fastMalloc):
2100         (WTF::tryFastCalloc):
2101         (WTF::fastCalloc):
2102         (WTF::fastFree):
2103         (WTF::tryFastRealloc):
2104         (WTF::fastRealloc):
2105         (WTF::fastMallocSize):
2106         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
2107         (WTF::TCMalloc_PageHeap::scheduleScavenger):
2108         (WTF::TCMalloc_PageHeap::suspendScavenger):
2109         (WTF::TCMalloc_PageHeap::signalScavenger):
2110         (WTF::TCMallocStats::malloc):
2111         (WTF::TCMallocStats::free):
2112         (WTF::TCMallocStats::fastCalloc):
2113         (WTF::TCMallocStats::tryFastCalloc):
2114         (WTF::TCMallocStats::calloc):
2115         (WTF::TCMallocStats::fastRealloc):
2116         (WTF::TCMallocStats::tryFastRealloc):
2117         (WTF::TCMallocStats::realloc):
2118         (WTF::TCMallocStats::fastMallocSize):
2119         * wtf/FastMalloc.h:
2120         (WTF::Internal::fastMallocValidationHeader):
2121         (WTF::Internal::fastMallocValidationSuffix):
2122         (WTF::Internal::fastMallocMatchValidationType):
2123         (WTF::Internal::setFastMallocMatchValidationType):
2124         (WTF::fastMallocMatchValidateFree):
2125         (WTF::fastMallocValidate):
2126
2127 2011-05-03  Xan Lopez  <xlopez@igalia.com>
2128
2129         Reviewed by Anders Carlsson.
2130
2131         Compile error with GCC 4.6.0, tries to assign unsigned& to bitfield
2132         https://bugs.webkit.org/show_bug.cgi?id=59261
2133
2134         Use unary '+' to force proper type detection in template arguments
2135         with GCC 4.6.0. See bug report for more details.
2136
2137         * runtime/Structure.cpp:
2138         (JSC::StructureTransitionTable::remove): Use '+' to force precise type detection.
2139         (JSC::StructureTransitionTable::add): ditto.
2140         * runtime/Structure.h:
2141         (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer): ditto.
2142
2143 2011-05-03  Jessie Berlin  <jberlin@apple.com>
2144
2145         Rubber-stamped by Adam Roben.
2146
2147         Revert r85550 and r85575.
2148
2149         Variables cannot be exported via the .def file. Instead, they should be annotated with
2150         JS_EXPORTDATA.
2151
2152         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2153         * runtime/Structure.cpp:
2154         (JSC::Structure::materializePropertyMap):
2155         * runtime/Structure.h:
2156         (JSC::Structure::typeInfo):
2157         (JSC::Structure::previousID):
2158         (JSC::Structure::propertyStorageCapacity):
2159         (JSC::Structure::propertyStorageSize):
2160         (JSC::Structure::get):
2161         (JSC::Structure::materializePropertyMapIfNecessary):
2162
2163 2011-05-02  Adam Roben  <aroben@apple.com>
2164
2165         Allow implicit conversion from nullptr_t to PassOwnPtr
2166
2167         This makes it a lot easier to write code that just wants a null PassOwnPtr, especially in
2168         strict PassOwnPtr mode.
2169
2170         Fixes <http://webkit.org/b/59964> Implicit conversion from std::nullptr_t to PassOwnPtr
2171         doesn't work, but should
2172
2173         Reviewed by Adam Barth.
2174
2175         * wtf/PassOwnPtr.h:
2176         (WTF::PassOwnPtr::PassOwnPtr): Added a non-explicit constructor that takes a nullptr_t.
2177
2178         * wtf/MessageQueue.h:
2179         (WTF::::waitForMessageFilteredWithTimeout):
2180         (WTF::::tryGetMessage):
2181         Use the new implicit conversion.
2182
2183 2011-05-02  Jessie Berlin  <jberlin@apple.com>
2184
2185         Rubber-stamped by Oliver Hunt.
2186
2187         Remove an assertion that Windows was hitting on launch.
2188
2189         * runtime/Structure.cpp:
2190         (JSC::Structure::materializePropertyMap):
2191         * runtime/Structure.h:
2192         (JSC::Structure::typeInfo):
2193         (JSC::Structure::previousID):
2194         (JSC::Structure::propertyStorageCapacity):
2195         (JSC::Structure::propertyStorageSize):
2196         (JSC::Structure::get):
2197         (JSC::Structure::materializePropertyMapIfNecessary):
2198
2199 2011-05-02  Mark Rowe  <mrowe@apple.com>
2200
2201         Reviewed by Geoff Garen.
2202
2203         <rdar://problem/9371948> JavaScriptCore should build with GCC 4.2
2204
2205         * Configurations/CompilerVersion.xcconfig:
2206
2207 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
2208
2209         ARMv7 build fix.
2210
2211         * assembler/AbstractMacroAssembler.h:
2212         (JSC::AbstractMacroAssembler::Jump::link):
2213         (JSC::AbstractMacroAssembler::Jump::linkTo):
2214
2215 2011-05-02  Oliver Hunt  <oliver@apple.com>
2216
2217         Windows build fix.
2218
2219         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2220
2221 2011-05-02  Michael Saboff  <msaboff@apple.com>
2222
2223         Reviewed by Geoffrey Garen.
2224
2225         crash in JSC::RegExp::match
2226         https://bugs.webkit.org/show_bug.cgi?id=58922
2227
2228         Cleared chained backtrack data label when linking label even if that 
2229         label doesn't chain itself.  This is needed so that subsequent 
2230         backtrack data labels point to the next outer paren and not within 
2231         the current paren.
2232
2233         * yarr/YarrJIT.cpp:
2234         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
2235
2236 2011-05-02  Geoffrey Garen  <ggaren@apple.com>
2237
2238         Reviewed by Oliver Hunt.
2239
2240         Tiny bit of heap cleanup.
2241
2242         * heap/MarkedBlock.h:
2243         (JSC::MarkedBlock::contains): Tightened up an assertion and a comment.
2244
2245         * heap/MarkedSpace.h:
2246         (JSC::MarkedSpace::globalData):
2247         (JSC::MarkedSpace::highWaterMark):
2248         (JSC::MarkedSpace::setHighWaterMark): Moved inlines out of the class
2249         definition, for better clarity.
2250
2251 2011-05-02  Oliver Hunt  <oliver@apple.com>
2252
2253         Reviewed by Gavin Barraclough.
2254
2255         Correct marking of interpreter data in mixed mode builds
2256         https://bugs.webkit.org/show_bug.cgi?id=59962
2257
2258         We had a few places in mixed mode builds where we would not
2259         track data used by the interpreter for marking.  This patch
2260         corrects the problem and adds a number of assertions to catch
2261         live Structures being collected.
2262
2263         * JavaScriptCore.exp:
2264         * assembler/ARMv7Assembler.h:
2265         (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
2266         * bytecode/CodeBlock.cpp:
2267         (JSC::CodeBlock::dump):
2268         * bytecode/CodeBlock.h:
2269         (JSC::CodeBlock::addPropertyAccessInstruction):
2270         (JSC::CodeBlock::addGlobalResolveInstruction):
2271         (JSC::CodeBlock::addStructureStubInfo):
2272         (JSC::CodeBlock::addGlobalResolveInfo):
2273         * bytecompiler/BytecodeGenerator.cpp:
2274         (JSC::BytecodeGenerator::emitResolve):
2275         (JSC::BytecodeGenerator::emitResolveWithBase):
2276         (JSC::BytecodeGenerator::emitGetById):
2277         (JSC::BytecodeGenerator::emitPutById):
2278         (JSC::BytecodeGenerator::emitDirectPutById):
2279         * runtime/Structure.cpp:
2280         (JSC::Structure::materializePropertyMap):
2281         * runtime/Structure.h:
2282         (JSC::Structure::typeInfo):
2283         (JSC::Structure::previousID):
2284         (JSC::Structure::propertyStorageCapacity):
2285         (JSC::Structure::propertyStorageSize):
2286         (JSC::Structure::get):
2287         (JSC::Structure::materializePropertyMapIfNecessary):
2288
2289 2011-05-02  Xan Lopez  <xlopez@igalia.com>
2290
2291         Reviewed by Alexey Proskuryakov.
2292
2293         Use native NullPtr when using GCC 4.6.0 and C++0x
2294         https://bugs.webkit.org/show_bug.cgi?id=59252
2295
2296         GCC 4.6.0 has nullptr support, use it when possible.
2297
2298         * wtf/NullPtr.cpp: include config.h to pull in Platform.h before
2299         NullPtr.h, since we need the GCC_VERSION_AT_LEAST definition.
2300         * wtf/NullPtr.h: check for GCC >= 4.6.0 and C++0x in order to
2301         use native nullptr.
2302
2303 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
2304
2305         Reviewed by Oliver Hunt.
2306
2307         https://bugs.webkit.org/show_bug.cgi?id=59950
2308         Clean up AssemblerBuffer to use a Vector internally.
2309
2310         AssemblerBuffer handles reallocing a byte array itself - stop that.
2311
2312         * assembler/ARMAssembler.cpp:
2313         (JSC::ARMAssembler::executableCopy):
2314         * assembler/AssemblerBuffer.h:
2315         (JSC::AssemblerLabel::AssemblerLabel):
2316         (JSC::AssemblerLabel::labelAtOffset):
2317         (JSC::AssemblerBuffer::AssemblerBuffer):
2318         (JSC::AssemblerBuffer::~AssemblerBuffer):
2319         (JSC::AssemblerBuffer::isAvailable):
2320         (JSC::AssemblerBuffer::ensureSpace):
2321         (JSC::AssemblerBuffer::isAligned):
2322         (JSC::AssemblerBuffer::putIntegral):
2323         (JSC::AssemblerBuffer::putIntegralUnchecked):
2324         (JSC::AssemblerBuffer::putByteUnchecked):
2325         (JSC::AssemblerBuffer::putByte):
2326         (JSC::AssemblerBuffer::putShortUnchecked):
2327         (JSC::AssemblerBuffer::putShort):
2328         (JSC::AssemblerBuffer::putIntUnchecked):
2329         (JSC::AssemblerBuffer::putInt):
2330         (JSC::AssemblerBuffer::putInt64Unchecked):
2331         (JSC::AssemblerBuffer::putInt64):
2332         (JSC::AssemblerBuffer::codeSize):
2333         (JSC::AssemblerBuffer::label):
2334         (JSC::AssemblerBuffer::executableCopy):
2335         (JSC::AssemblerBuffer::rewindToLabel):
2336         (JSC::AssemblerBuffer::debugOffset):
2337         (JSC::AssemblerBuffer::append):
2338         (JSC::AssemblerBuffer::grow):
2339         * assembler/AssemblerBufferWithConstantPool.h:
2340         * assembler/MacroAssemblerX86_64.h:
2341         (JSC::MacroAssemblerX86_64::linkCall):
2342         * assembler/X86Assembler.h:
2343         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
2344
2345 2011-05-02  Jeff Miller  <jeffm@apple.com>
2346
2347         Reviewed by Alexy Proskuryakov.
2348
2349         Avoid potential buffer overflow in WTFLog() and WTFLogVerbose()
2350         https://bugs.webkit.org/show_bug.cgi?id=59949
2351
2352         * wtf/Assertions.cpp: Check for 0 or empty format string in WTFLog() and WTFLogVerbose().
2353
2354 2011-05-02  Adam Barth  <abarth@webkit.org>
2355
2356         Reviewed by Alexey Proskuryakov.
2357
2358         StringImpl::endsWith has some insane code
2359         https://bugs.webkit.org/show_bug.cgi?id=59900
2360
2361         * wtf/text/StringImpl.cpp:
2362         (WTF::StringImpl::endsWith):
2363             - m_data shadows a member variable of the same name.
2364
2365 2011-05-02  Gabor Loki  <loki@webkit.org>
2366
2367         Buildfix for ARM after r85448
2368
2369         * assembler/ARMAssembler.h:
2370         (JSC::ARMAssembler::loadBranchTarget):
2371
2372 2011-05-01  Oliver Hunt  <oliver@apple.com>
2373
2374         Reviewed by Gavin Barraclough.
2375
2376         Strict-mode only reserved words not reserved
2377         https://bugs.webkit.org/show_bug.cgi?id=55342
2378
2379         Fix line number tracking when we rollback the lexer.
2380
2381         * parser/JSParser.cpp:
2382         (JSC::JSParser::parseSourceElements):
2383
2384 2011-05-01  Oliver Hunt  <oliver@apple.com>
2385
2386         Reviewed by Gavin Barraclough.
2387
2388         ES5 Strict mode does not allow getter and setter for same propId
2389         https://bugs.webkit.org/show_bug.cgi?id=57295
2390
2391         Simplify and correct the logic for strict mode object literals.
2392
2393         * parser/JSParser.cpp:
2394         (JSC::JSParser::parseStrictObjectLiteral):
2395
2396 2011-05-01  Oliver Hunt  <oliver@apple.com>
2397
2398         Reviewed by Gavin Barraclough.
2399
2400         Assigning to function identifier under strict should throw
2401         https://bugs.webkit.org/show_bug.cgi?id=59289
2402
2403         Add logic to StaticScopeObject to ensure we don't silently consume
2404         writes to constant properties.
2405
2406         * runtime/JSStaticScopeObject.cpp:
2407         (JSC::JSStaticScopeObject::put):
2408
2409 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
2410
2411         Reviewed by Sam Weinig.
2412
2413         https://bugs.webkit.org/show_bug.cgi?id=59903
2414         Use AssemblerLabel throughout Assembler classes, AssemblerBuffer
2415
2416         Creating a lable() into the AssemblerBuffer should return an AssemblerLabel,
2417         not an unsigned int.
2418
2419         * assembler/ARMAssembler.cpp:
2420         (JSC::ARMAssembler::executableCopy):
2421         * assembler/ARMAssembler.h:
2422         (JSC::ARMAssembler::blx):
2423         (JSC::ARMAssembler::label):
2424         (JSC::ARMAssembler::loadBranchTarget):
2425         * assembler/ARMv7Assembler.h:
2426         (JSC::ARMv7Assembler::b):
2427         (JSC::ARMv7Assembler::blx):
2428         (JSC::ARMv7Assembler::bx):
2429         (JSC::ARMv7Assembler::label):
2430         (JSC::ARMv7Assembler::ARMInstructionFormatter::label):
2431         * assembler/AssemblerBuffer.h:
2432         (JSC::AssemblerBuffer::label):
2433         * assembler/AssemblerBufferWithConstantPool.h:
2434         * assembler/MIPSAssembler.h:
2435         (JSC::MIPSAssembler::label):
2436         (JSC::MIPSAssembler::relocateJumps):
2437         * assembler/SH4Assembler.h:
2438         (JSC::SH4Assembler::loadConstant):
2439         (JSC::SH4Assembler::loadConstantUnReusable):
2440         (JSC::SH4Assembler::call):
2441         (JSC::SH4Assembler::jmp):
2442         (JSC::SH4Assembler::jne):
2443         (JSC::SH4Assembler::je):
2444         (JSC::SH4Assembler::label):
2445         (JSC::SH4Assembler::oneShortOp):
2446         * assembler/X86Assembler.h:
2447         (JSC::X86Assembler::call):
2448         (JSC::X86Assembler::jmp_r):
2449         (JSC::X86Assembler::label):
2450         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
2451         (JSC::X86Assembler::X86InstructionFormatter::label):
2452
2453 2011-05-01  Adam Barth  <abarth@webkit.org>
2454
2455         Reviewed by David Levin.
2456
2457         Enable strict mode for OwnPtr and PassOwnPtr
2458         https://bugs.webkit.org/show_bug.cgi?id=59428
2459
2460         * wtf/OwnPtr.h:
2461
2462 2011-05-01  Patrick Gansterer  <paroga@webkit.org>
2463
2464         Reviewed by Adam Barth.
2465
2466         Enable strict OwnPtr for PLATFORM(WIN)
2467         https://bugs.webkit.org/show_bug.cgi?id=59881
2468
2469         * wtf/OwnPtr.h:
2470
2471 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
2472
2473         Reviewed by Sam Weinig.
2474
2475         https://bugs.webkit.org/show_bug.cgi?id=59896
2476         Remove JmpSrc/JmpDst types.
2477
2478         The JmpSrc/JmpDst classes predate the MacroAssembler interface. Having these
2479         object be per-assembler in unhelpful, causes unnecessary code duplication,
2480         and prevents the AssemblerBuffer from providing a richer type for labels.
2481         The limited semantic meaning that they did convey is undermined by the manner
2482         in which their meanings have been overloaded (use of JmpSrc for Call, JmpDst
2483         for data labels).
2484
2485         Jumps on ARMv7 have had additional information added to the object via the
2486         ARMv7 JmpSrc. This data should probably be in the instruction stream. This
2487         patch does not fix the problem, and moves the data (ifdefed) to
2488         AbstractMacroAssembler::Jump (which is effectively where it was before!).
2489         This at least closes the hole such that no further data may be added to JmpSrc,
2490         but this is unfortunate, and should be cleaned up.
2491
2492         * assembler/ARMAssembler.h:
2493         (JSC::ARMAssembler::blx):
2494         (JSC::ARMAssembler::label):
2495         (JSC::ARMAssembler::align):
2496         (JSC::ARMAssembler::loadBranchTarget):
2497         (JSC::ARMAssembler::jmp):
2498         (JSC::ARMAssembler::linkPointer):
2499         (JSC::ARMAssembler::linkJump):
2500         (JSC::ARMAssembler::linkCall):
2501         (JSC::ARMAssembler::getRelocatedAddress):
2502         (JSC::ARMAssembler::getDifferenceBetweenLabels):
2503         (JSC::ARMAssembler::getCallReturnOffset):
2504         * assembler/ARMv7Assembler.h:
2505         (JSC::ARMv7Assembler::b):
2506         (JSC::ARMv7Assembler::blx):
2507         (JSC::ARMv7Assembler::bx):
2508         (JSC::ARMv7Assembler::label):
2509         (JSC::ARMv7Assembler::align):
2510         (JSC::ARMv7Assembler::getRelocatedAddress):
2511         (JSC::ARMv7Assembler::getDifferenceBetweenLabels):
2512         (JSC::ARMv7Assembler::getCallReturnOffset):
2513         (JSC::ARMv7Assembler::linkJump):
2514         (JSC::ARMv7Assembler::linkCall):
2515         (JSC::ARMv7Assembler::linkPointer):
2516         * assembler/AbstractMacroAssembler.h:
2517         (JSC::AbstractMacroAssembler::Label::isSet):
2518         (JSC::AbstractMacroAssembler::Call::Call):
2519         (JSC::AbstractMacroAssembler::Jump::Jump):
2520         (JSC::AbstractMacroAssembler::Jump::link):
2521         (JSC::AbstractMacroAssembler::Jump::linkTo):
2522         (JSC::AbstractMacroAssembler::linkPointer):
2523         (JSC::AbstractMacroAssembler::getLinkerAddress):
2524         * assembler/AssemblerBuffer.h:
2525         (JSC::AssemblerLabel::AssemblerLabel):
2526         (JSC::AssemblerLabel::isSet):
2527         * assembler/LinkBuffer.h:
2528         (JSC::LinkBuffer::patch):
2529         * assembler/MIPSAssembler.h:
2530         (JSC::MIPSAssembler::label):
2531         (JSC::MIPSAssembler::align):
2532         (JSC::MIPSAssembler::getRelocatedAddress):
2533         (JSC::MIPSAssembler::getDifferenceBetweenLabels):
2534         (JSC::MIPSAssembler::getCallReturnOffset):
2535         (JSC::MIPSAssembler::linkJump):
2536         (JSC::MIPSAssembler::linkCall):
2537         (JSC::MIPSAssembler::linkPointer):
2538         * assembler/MacroAssemblerARMv7.h:
2539         (JSC::MacroAssemblerARMv7::branchDouble):
2540         (JSC::MacroAssemblerARMv7::branchDoubleZeroOrNaN):
2541         (JSC::MacroAssemblerARMv7::jump):
2542         (JSC::MacroAssemblerARMv7::nearCall):
2543         (JSC::MacroAssemblerARMv7::call):
2544         (JSC::MacroAssemblerARMv7::ret):
2545         (JSC::MacroAssemblerARMv7::tailRecursiveCall):
2546         (JSC::MacroAssemblerARMv7::makeBranch):
2547         * assembler/MacroAssemblerMIPS.h:
2548         (JSC::MacroAssemblerMIPS::nearCall):
2549         (JSC::MacroAssemblerMIPS::call):
2550         (JSC::MacroAssemblerMIPS::tailRecursiveCall):
2551         (JSC::MacroAssemblerMIPS::branchTrue):
2552         (JSC::MacroAssemblerMIPS::branchFalse):
2553         (JSC::MacroAssemblerMIPS::branchEqual):
2554         (JSC::MacroAssemblerMIPS::branchNotEqual):
2555         * assembler/SH4Assembler.h:
2556         (JSC::SH4Assembler::call):
2557         (JSC::SH4Assembler::jmp):
2558         (JSC::SH4Assembler::jne):
2559         (JSC::SH4Assembler::je):
2560         (JSC::SH4Assembler::label):
2561         (JSC::SH4Assembler::align):
2562         (JSC::SH4Assembler::linkJump):
2563         (JSC::SH4Assembler::linkCall):
2564         (JSC::SH4Assembler::linkPointer):
2565         (JSC::SH4Assembler::getCallReturnOffset):
2566         (JSC::SH4Assembler::getRelocatedAddress):
2567         (JSC::SH4Assembler::getDifferenceBetweenLabels):
2568         (JSC::SH4Assembler::patchPointer):
2569         * assembler/X86Assembler.h:
2570         (JSC::X86Assembler::call):
2571         (JSC::X86Assembler::jmp):
2572         (JSC::X86Assembler::jmp_r):
2573         (JSC::X86Assembler::jne):
2574         (JSC::X86Assembler::jnz):
2575         (JSC::X86Assembler::je):
2576         (JSC::X86Assembler::jz):
2577         (JSC::X86Assembler::jl):
2578         (JSC::X86Assembler::jb):
2579         (JSC::X86Assembler::jle):
2580         (JSC::X86Assembler::jbe):
2581         (JSC::X86Assembler::jge):
2582         (JSC::X86Assembler::jg):
2583         (JSC::X86Assembler::ja):
2584         (JSC::X86Assembler::jae):
2585         (JSC::X86Assembler::jo):
2586         (JSC::X86Assembler::jp):
2587         (JSC::X86Assembler::js):
2588         (JSC::X86Assembler::jCC):
2589         (JSC::X86Assembler::label):
2590         (JSC::X86Assembler::labelFor):
2591         (JSC::X86Assembler::align):
2592         (JSC::X86Assembler::linkJump):
2593         (JSC::X86Assembler::linkCall):
2594         (JSC::X86Assembler::linkPointer):
2595         (JSC::X86Assembler::getCallReturnOffset):
2596         (JSC::X86Assembler::getRelocatedAddress):
2597         (JSC::X86Assembler::getDifferenceBetweenLabels):
2598         (JSC::X86Assembler::rewindToLabel):
2599         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
2600         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
2601         * jit/JIT.cpp:
2602         (JSC::JIT::privateCompileMainPass):
2603         * jit/JIT.h:
2604         * jit/JITInlineMethods.h:
2605         (JSC::JIT::atJumpTarget):
2606         (JSC::JIT::emitGetVirtualRegister):
2607         * jit/JITOpcodes.cpp:
2608         (JSC::JIT::emit_op_jmp):
2609         (JSC::JIT::emit_op_jfalse):
2610         (JSC::JIT::emit_op_jeq_null):
2611         (JSC::JIT::emit_op_jneq_null):
2612         (JSC::JIT::emit_op_jneq_ptr):
2613         (JSC::JIT::emit_op_jsr):
2614         (JSC::JIT::emit_op_jtrue):
2615         (JSC::JIT::emit_op_jmp_scopes):
2616
2617 2011-05-01  Chao-ying Fu  <fu@mips.com>
2618
2619         Reviewed by Eric Seidel.
2620
2621         Fix MIPS build due to the split of "Condition" enum
2622         https://bugs.webkit.org/show_bug.cgi?id=59407
2623
2624         * assembler/MIPSAssembler.h:
2625         (JSC::MIPSAssembler::debugOffset):
2626         * assembler/MacroAssemblerMIPS.h:
2627         (JSC::MacroAssemblerMIPS::branch32):
2628         (JSC::MacroAssemblerMIPS::compare32):
2629
2630 2011-04-30  Adam Barth  <abarth@webkit.org>
2631
2632         Reviewed by Adam Barth.
2633
2634         Enable strict OwnPtr for GTK
2635         https://bugs.webkit.org/show_bug.cgi?id=59861
2636
2637         * wtf/OwnPtr.h:
2638
2639 2011-04-30  Gavin Barraclough  <barraclough@apple.com>
2640
2641         ARMv7 build fix.
2642
2643         * assembler/AssemblerBufferWithConstantPool.h:
2644
2645 2011-04-30  Gavin Barraclough  <barraclough@apple.com>
2646
2647         Reviewed by Oliver Hunt.
2648
2649         Bug 59869 - AssemblerBuffer cleanup - disambiguate size()
2650
2651         The method size() is called on the AssemblerBuffer both to acquire
2652         the complete size of the code, and to get a position to use as a
2653         label into the code. Instead, add an explicit 'label' method.
2654
2655         * assembler/ARMAssembler.cpp:
2656         (JSC::ARMAssembler::executableCopy):
2657         * assembler/ARMAssembler.h:
2658         (JSC::ARMAssembler::blx):
2659         (JSC::ARMAssembler::codeSize):
2660         (JSC::ARMAssembler::label):
2661         (JSC::ARMAssembler::loadBranchTarget):
2662         * assembler/ARMv7Assembler.h:
2663         (JSC::ARMv7Assembler::b):
2664         (JSC::ARMv7Assembler::blx):
2665         (JSC::ARMv7Assembler::bx):
2666         (JSC::ARMv7Assembler::label):
2667         (JSC::ARMv7Assembler::codeSize):
2668         (JSC::ARMv7Assembler::ARMInstructionFormatter::codeSize):
2669         (JSC::ARMv7Assembler::ARMInstructionFormatter::data):
2670         * assembler/AbstractMacroAssembler.h:
2671         * assembler/AssemblerBuffer.h:
2672         (JSC::AssemblerBuffer::codeSize):
2673         (JSC::AssemblerBuffer::label):
2674         * assembler/AssemblerBufferWithConstantPool.h:
2675         * assembler/LinkBuffer.h:
2676         (JSC::LinkBuffer::LinkBuffer):
2677         (JSC::LinkBuffer::linkCode):
2678         * assembler/MIPSAssembler.h:
2679         (JSC::MIPSAssembler::newJmpSrc):
2680         (JSC::MIPSAssembler::appendJump):
2681         (JSC::MIPSAssembler::label):
2682         (JSC::MIPSAssembler::codeSize):
2683         (JSC::MIPSAssembler::relocateJumps):
2684         * assembler/SH4Assembler.h:
2685         (JSC::SH4Assembler::loadConstant):
2686         (JSC::SH4Assembler::loadConstantUnReusable):
2687         (JSC::SH4Assembler::call):
2688         (JSC::SH4Assembler::jmp):
2689         (JSC::SH4Assembler::jne):
2690         (JSC::SH4Assembler::je):
2691         (JSC::SH4Assembler::label):
2692         (JSC::SH4Assembler::executableCopy):
2693         (JSC::SH4Assembler::oneShortOp):
2694         (JSC::SH4Assembler::codeSize):
2695         * assembler/X86Assembler.h:
2696         (JSC::X86Assembler::call):
2697         (JSC::X86Assembler::jmp_r):
2698         (JSC::X86Assembler::codeSize):
2699         (JSC::X86Assembler::label):
2700         (JSC::X86Assembler::executableCopy):
2701         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
2702         (JSC::X86Assembler::X86InstructionFormatter::codeSize):
2703         (JSC::X86Assembler::X86InstructionFormatter::label):
2704         (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
2705         * dfg/DFGJITCompiler.cpp:
2706         (JSC::DFG::JITCompiler::compileFunction):
2707         * jit/JIT.cpp:
2708         (JSC::JIT::privateCompile):
2709         * jit/JITOpcodes.cpp:
2710         (JSC::JIT::privateCompileCTIMachineTrampolines):
2711         * jit/JITOpcodes32_64.cpp:
2712         (JSC::JIT::privateCompileCTIMachineTrampolines):
2713         * yarr/YarrJIT.cpp:
2714         (JSC::Yarr::YarrGenerator::compile):
2715
2716 2011-04-29  Adam Barth  <abarth@webkit.org>
2717
2718         Attempt to fix the Windows build.
2719
2720         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2721
2722 2011-04-29  Adam Barth  <abarth@webkit.org>
2723
2724         Reviewed by Eric Seidel.
2725
2726         CSP script-src should block eval
2727         https://bugs.webkit.org/show_bug.cgi?id=59850
2728
2729         ggaren recommend a different approach to this patch, essentially
2730         installing a new function for function-eval and changing the AST
2731         representation of operator-eval to call function-eval.  However, I'm
2732         not sure that approach is workable because the ASTBuilder doesn't know
2733         about global objects, and there is added complication due to the cache.
2734
2735         This approach is more dynamic, adding a branch in EvalExecutable to
2736         detect whether eval is current disabled in the lexical scope.  The spec
2737         is slightly unclear about whether we should return undefined or throw
2738         an exception.  I've asked Brandon to clarify the spec, but throwing an
2739         exception seems natural.
2740
2741         * JavaScriptCore.exp:
2742         * runtime/Executable.cpp:
2743         (JSC::EvalExecutable::compileInternal):
2744         * runtime/JSGlobalObject.cpp:
2745         (JSC::JSGlobalObject::disableEval):
2746         * runtime/JSGlobalObject.h:
2747         (JSC::JSGlobalObject::JSGlobalObject):
2748         (JSC::JSGlobalObject::isEvalEnabled):
2749
2750 2011-04-29  Gavin Barraclough  <barraclough@apple.com>
2751
2752         Reviewed by Oliver Hunt.
2753
2754         https://bugs.webkit.org/show_bug.cgi?id=59847
2755         Remove linkOffset from LinkBuffer
2756
2757         This is redundant since removal of recompilation for exception info.
2758
2759         * assembler/LinkBuffer.h:
2760         (JSC::LinkBuffer::LinkBuffer):
2761         (JSC::LinkBuffer::linkCode):
2762         * dfg/DFGJITCompiler.cpp:
2763         (JSC::DFG::JITCompiler::compileFunction):
2764         * jit/JIT.cpp:
2765         (JSC::JIT::JIT):
2766         (JSC::JIT::privateCompile):
2767         * jit/JIT.h:
2768         (JSC::JIT::compile):
2769         (JSC::JIT::compileCTIMachineTrampolines):
2770         (JSC::JIT::compileCTINativeCall):
2771         * jit/JITOpcodes.cpp:
2772         (JSC::JIT::privateCompileCTIMachineTrampolines):
2773         * jit/JITOpcodes32_64.cpp:
2774         (JSC::JIT::privateCompileCTIMachineTrampolines):
2775         (JSC::JIT::privateCompileCTINativeCall):
2776         * jit/JITPropertyAccess.cpp:
2777         (JSC::JIT::stringGetByValStubGenerator):
2778         (JSC::JIT::privateCompilePutByIdTransition):
2779         (JSC::JIT::privateCompilePatchGetArrayLength):
2780         (JSC::JIT::privateCompileGetByIdProto):
2781         (JSC::JIT::privateCompileGetByIdSelfList):
2782         (JSC::JIT::privateCompileGetByIdProtoList):
2783         (JSC::JIT::privateCompileGetByIdChainList):
2784         (JSC::JIT::privateCompileGetByIdChain):
2785         * jit/JITPropertyAccess32_64.cpp:
2786         (JSC::JIT::stringGetByValStubGenerator):
2787         (JSC::JIT::privateCompilePutByIdTransition):
2788         (JSC::JIT::privateCompilePatchGetArrayLength):
2789         (JSC::JIT::privateCompileGetByIdProto):
2790         (JSC::JIT::privateCompileGetByIdSelfList):
2791         (JSC::JIT::privateCompileGetByIdProtoList):
2792         (JSC::JIT::privateCompileGetByIdChainList):
2793         (JSC::JIT::privateCompileGetByIdChain):
2794         * jit/SpecializedThunkJIT.h:
2795         (JSC::SpecializedThunkJIT::finalize):
2796         * yarr/YarrJIT.cpp:
2797         (JSC::Yarr::YarrGenerator::compile):
2798
2799 2011-04-29  Gavin Barraclough  <barraclough@apple.com>
2800
2801         Reviewed by Oliver Hunt & Geoff Garen.
2802
2803         https://bugs.webkit.org/show_bug.cgi?id=59221
2804         [RegexFuzz] Regression blocking testing
2805
2806         Okay, so the bug here is that when, in the case of a TypeParentheticalAssertion
2807         node, emitDisjunction recursively calls to itself to emit the nested disjunction
2808         the value of parenthesesInputCountAlreadyChecked is bogus (doesn't take into
2809         account the uncheck that has just taken place).
2810
2811         Also, the special handling given to countToCheck in the case of parenthetical
2812         assertions is nonsense, delete it, along with the isParentheticalAssertion argument.
2813
2814         * yarr/YarrInterpreter.cpp:
2815         (JSC::Yarr::ByteCompiler::emitDisjunction):
2816
2817 2011-04-29  Csaba Osztrogonác  <ossy@webkit.org>
2818
2819         Reviewed by Adam Barth.
2820
2821         Enable strict OwnPtr for Qt
2822         https://bugs.webkit.org/show_bug.cgi?id=59667
2823
2824         * wtf/OwnPtr.h:
2825
2826 2011-04-29  Dean Jackson  <dino@apple.com>
2827
2828         Reviewed by Simon Fraser.
2829
2830         Add ENABLE macro for WebKitAnimation
2831         https://bugs.webkit.org/show_bug.cgi?id=59729
2832
2833         Add new feature to toggle WebKit Animation API.
2834
2835         * Configurations/FeatureDefines.xcconfig:
2836
2837 2011-04-28  Sam Weinig  <sam@webkit.org>
2838
2839         Reviewed by Mark Rowe.
2840
2841         Install testapi.js along side testapi
2842         https://bugs.webkit.org/show_bug.cgi?id=59773
2843
2844         * JavaScriptCore.xcodeproj/project.pbxproj:
2845         Add new build phase to copy testapi.js to install path of testapi
2846         on install.
2847
2848 2011-04-28  David Levin  <levin@chromium.org>
2849
2850         Reviewed by Adam Barth.
2851
2852         Remove IMAGE_RESIZER related code.
2853         https://bugs.webkit.org/show_bug.cgi?id=59735
2854
2855         * Configurations/FeatureDefines.xcconfig:
2856
2857 2011-04-28  Gavin Barraclough  <barraclough@apple.com>
2858
2859         Reviewed by Oliver Hunt.
2860
2861         https://bugs.webkit.org/show_bug.cgi?id=59763
2862         DFG JIT - Unify FPRReg & FPRegisterID
2863
2864         (Following on from GPRReg/RegisterID unification).
2865
2866         * dfg/DFGFPRInfo.h:
2867         (JSC::DFG::FPRInfo::toRegister):
2868         (JSC::DFG::FPRInfo::debugName):
2869         * dfg/DFGGPRInfo.h:
2870         * dfg/DFGJITCodeGenerator.cpp:
2871         (JSC::DFG::JITCodeGenerator::fillDouble):
2872         (JSC::DFG::JITCodeGenerator::checkConsistency):
2873         * dfg/DFGJITCodeGenerator.h:
2874         (JSC::DFG::JITCodeGenerator::boxDouble):
2875         (JSC::DFG::JITCodeGenerator::unboxDouble):
2876         (JSC::DFG::JITCodeGenerator::flushRegisters):
2877         (JSC::DFG::JITCodeGenerator::isFlushed):
2878         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
2879         (JSC::DFG::JITCodeGenerator::setupStubArguments):
2880         (JSC::DFG::JITCodeGenerator::callOperation):
2881         (JSC::DFG::GPRResult::lockedResult):
2882         (JSC::DFG::FPRResult::lockedResult):
2883         * dfg/DFGJITCompiler.cpp:
2884         (JSC::DFG::JITCompiler::fillNumericToDouble):
2885         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
2886         (JSC::DFG::JITCompiler::compileFunction):
2887         * dfg/DFGJITCompiler.h:
2888         * dfg/DFGNode.h:
2889         * dfg/DFGNonSpeculativeJIT.cpp:
2890         (JSC::DFG::EntryLocation::EntryLocation):
2891         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
2892         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
2893         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
2894         (JSC::DFG::NonSpeculativeJIT::compile):
2895         * dfg/DFGNonSpeculativeJIT.h:
2896         (JSC::DFG::NonSpeculativeJIT::silentSpillAllRegisters):
2897         (JSC::DFG::NonSpeculativeJIT::silentFillAllRegisters):
2898         * dfg/DFGRegisterBank.h:
2899         (JSC::DFG::RegisterBank::iterator::regID):
2900         (JSC::DFG::RegisterBank::iterator::debugName):
2901         * dfg/DFGSpeculativeJIT.cpp:
2902         (JSC::DFG::SpeculationCheck::SpeculationCheck):
2903         (JSC::DFG::SpeculativeJIT::compile):
2904         * dfg/DFGSpeculativeJIT.h:
2905
2906 2011-04-28  David Kilzer  <ddkilzer@apple.com>
2907
2908         Revert "<http://webkit.org/b/59705> WTF::postTimer() leaks a CFRunLoopTimerRef every time it's called"
2909
2910         This reverts commit r85195.  It was crashing DumpRenderTree on Lion.
2911
2912         * wtf/mac/MainThreadMac.mm:
2913         (WTF::postTimer):
2914
2915 2011-04-28  Adam Barth  <abarth@webkit.org>
2916
2917         Reviewed by Eric Seidel.
2918
2919         Remove WML
2920         https://bugs.webkit.org/show_bug.cgi?id=59678
2921
2922         Remove the WML configuration option from the Mac build system.
2923
2924         * Configurations/FeatureDefines.xcconfig:
2925
2926 2011-04-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2927
2928         Unreviewed, rolling out r85233 and r85235.
2929         http://trac.webkit.org/changeset/85233
2930         http://trac.webkit.org/changeset/85235
2931         https://bugs.webkit.org/show_bug.cgi?id=59754
2932
2933         Causes issues with jsc. (Requested by dave_levin on #webkit).
2934
2935         * GNUmakefile.list.am:
2936         * JavaScriptCore.gypi:
2937         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
2938         * JavaScriptCore.xcodeproj/project.pbxproj:
2939         * jit/ExecutableAllocator.h:
2940         (JSC::ExecutablePool::ExecutablePool):
2941         * parser/SourceProvider.h:
2942         (JSC::SourceProvider::SourceProvider):
2943         * runtime/RegExp.cpp:
2944         (JSC::RegExp::RegExp):
2945         * wtf/CMakeLists.txt:
2946         * wtf/RefCounted.h:
2947         (WTF::RefCountedBase::ref):
2948         (WTF::RefCountedBase::hasOneRef):
2949         (WTF::RefCountedBase::refCount):
2950         (WTF::RefCountedBase::derefBase):
2951         * wtf/SizeLimits.cpp:
2952         * wtf/ThreadRestrictionVerifier.h: Removed.
2953         * wtf/text/CString.h:
2954         (WTF::CStringBuffer::CStringBuffer):
2955
2956 2011-04-28  Gavin Barraclough  <barraclough@apple.com>
2957
2958         Reviewed by Oliver Hunt.
2959
2960         Bug 59740 - DFG JIT - Unify GPRReg & RegisterID
2961
2962         Currently we use a mix of enum values throughout the DFG JIT to  represent
2963         gpr registers - the RegisterID provided by the MacroAssembler, and the
2964         GPRReg enum giving the sequential register set over which the RegisterBank
2965         allocates. Unify the two.
2966
2967         Patch to unify FPRReg in a similar fashion will follow.
2968
2969         * JavaScriptCore.xcodeproj/project.pbxproj:
2970         * dfg/DFGFPRInfo.h: Added.
2971         (JSC::DFG::next):
2972         (JSC::DFG::FPRBankInfo::toRegister):
2973         (JSC::DFG::FPRBankInfo::toIndex):
2974         * dfg/DFGGPRInfo.h: Added.
2975         (JSC::DFG::GPRInfo::toRegister):
2976         (JSC::DFG::GPRInfo::toIndex):
2977         (JSC::DFG::GPRInfo::debugName):
2978         * dfg/DFGJITCodeGenerator.cpp:
2979         (JSC::DFG::JITCodeGenerator::fillInteger):
2980         (JSC::DFG::JITCodeGenerator::fillDouble):
2981         (JSC::DFG::JITCodeGenerator::fillJSValue):
2982         (JSC::DFG::JITCodeGenerator::dump):
2983         (JSC::DFG::JITCodeGenerator::checkConsistency):
2984         (JSC::DFG::GPRTemporary::GPRTemporary):
2985         (JSC::DFG::FPRTemporary::FPRTemporary):
2986         * dfg/DFGJITCodeGenerator.h:
2987         (JSC::DFG::JITCodeGenerator::boxDouble):
2988         (JSC::DFG::JITCodeGenerator::unboxDouble):
2989         (JSC::DFG::JITCodeGenerator::spill):
2990         (JSC::DFG::JITCodeGenerator::flushRegisters):
2991         (JSC::DFG::JITCodeGenerator::isFlushed):
2992         (JSC::DFG::JITCodeGenerator::bitOp):
2993         (JSC::DFG::JITCodeGenerator::shiftOp):
2994         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
2995         (JSC::DFG::JITCodeGenerator::setupStubArguments):
2996         (JSC::DFG::JITCodeGenerator::callOperation):
2997         (JSC::DFG::IntegerOperand::gpr):
2998         (JSC::DFG::DoubleOperand::gpr):
2999         (JSC::DFG::GPRTemporary::gpr):
3000         (JSC::DFG::FPRTemporary::gpr):
3001         (JSC::DFG::GPRResult::lockedResult):
3002         * dfg/DFGJITCompiler.cpp:
3003         (JSC::DFG::JITCompiler::fillNumericToDouble):
3004         (JSC::DFG::JITCompiler::fillInt32ToInteger):
3005         (JSC::DFG::JITCompiler::fillToJS):
3006         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
3007         (JSC::DFG::JITCompiler::compileFunction):
3008         (JSC::DFG::JITCompiler::jitAssertIsInt32):
3009         (JSC::DFG::JITCompiler::jitAssertIsJSInt32):
3010         (JSC::DFG::JITCompiler::jitAssertIsJSNumber):
3011         (JSC::DFG::JITCompiler::jitAssertIsJSDouble):
3012         * dfg/DFGJITCompiler.h:
3013         (JSC::DFG::JITCompiler::preserveReturnAddressAfterCall):
3014         (JSC::DFG::JITCompiler::restoreReturnAddressBeforeReturn):
3015         (JSC::DFG::JITCompiler::emitGetFromCallFrameHeaderPtr):
3016         (JSC::DFG::JITCompiler::emitPutToCallFrameHeader):
3017         (JSC::DFG::JITCompiler::emitPutImmediateToCallFrameHeader):
3018         (JSC::DFG::JITCompiler::addressForGlobalVar):
3019         (JSC::DFG::JITCompiler::addressFor):
3020         (JSC::DFG::JITCompiler::tagFor):
3021         (JSC::DFG::JITCompiler::payloadFor):
3022         * dfg/DFGNonSpeculativeJIT.cpp:
3023         (JSC::DFG::EntryLocation::EntryLocation):
3024         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
3025         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
3026         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
3027         (JSC::DFG::NonSpeculativeJIT::compile):
3028         * dfg/DFGNonSpeculativeJIT.h:
3029         (JSC::DFG::NonSpeculativeJIT::silentSpillGPR):
3030         (JSC::DFG::NonSpeculativeJIT::silentSpillFPR):
3031         (JSC::DFG::NonSpeculativeJIT::silentFillGPR):
3032         (JSC::DFG::NonSpeculativeJIT::silentFillFPR):
3033         (JSC::DFG::NonSpeculativeJIT::silentSpillAllRegisters):
3034         (JSC::DFG::NonSpeculativeJIT::silentFillAllRegisters):
3035         * dfg/DFGRegisterBank.h:
3036         (JSC::DFG::RegisterBank::allocate):
3037         (JSC::DFG::RegisterBank::retain):
3038         (JSC::DFG::RegisterBank::release):
3039         (JSC::DFG::RegisterBank::lock):
3040         (JSC::DFG::RegisterBank::unlock):
3041         (JSC::DFG::RegisterBank::isLocked):
3042         (JSC::DFG::RegisterBank::name):
3043         (JSC::DFG::RegisterBank::iterator::name):
3044         (JSC::DFG::RegisterBank::iterator::isLocked):
3045         (JSC::DFG::RegisterBank::iterator::release):
3046         (JSC::DFG::RegisterBank::iterator::gpr):
3047         (JSC::DFG::RegisterBank::iterator::debugName):
3048         (JSC::DFG::RegisterBank::iterator::operator++):
3049         (JSC::DFG::RegisterBank::iterator::operator!=):
3050         (JSC::DFG::RegisterBank::iterator::index):
3051         (JSC::DFG::RegisterBank::iterator::iterator):
3052         (JSC::DFG::RegisterBank::begin):
3053         (JSC::DFG::RegisterBank::end):
3054         (JSC::DFG::RegisterBank::isLockedAtIndex):
3055         (JSC::DFG::RegisterBank::nameAtIndex):
3056         (JSC::DFG::RegisterBank::releaseAtIndex):
3057         (JSC::DFG::RegisterBank::allocateInternal):
3058         (JSC::DFG::RegisterBank::MapEntry::MapEntry):
3059         * dfg/DFGScoreBoard.h:
3060         (JSC::DFG::ScoreBoard::~ScoreBoard):
3061         * dfg/DFGSpeculativeJIT.cpp:
3062         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
3063         (JSC::DFG::SpeculationCheck::SpeculationCheck):
3064         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
3065         (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
3066         (JSC::DFG::SpeculativeJIT::compile):
3067         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
3068         (JSC::DFG::SpeculativeJIT::initializeVariableTypes):
3069         * dfg/DFGSpeculativeJIT.h:
3070         (JSC::DFG::SpeculateIntegerOperand::gpr):
3071
3072 2011-04-28  Oliver Hunt  <oliver@apple.com>
3073
3074         Reviewed by Gavin Barraclough.
3075
3076         Remove evil addressOfStructure() function
3077         https://bugs.webkit.org/show_bug.cgi?id=59739
3078
3079         Remove the addressOfStructure function from JSCell, and update
3080         callsites to use the same logic as testPrototype()
3081
3082         * jit/JITPropertyAccess.cpp:
3083         (JSC::JIT::privateCompileGetByIdProto):
3084         (JSC::JIT::privateCompileGetByIdProtoList):
3085         * jit/JITPropertyAccess32_64.cpp:
3086         (JSC::JIT::privateCompileGetByIdProto):
3087         (JSC::JIT::privateCompileGetByIdProtoList):
3088         * runtime/JSCell.h:
3089
3090 2011-04-28  Oliver Hunt  <oliver@apple.com>
3091
3092         Reviewed by Gavin Barraclough.
3093
3094         Clean up testPrototype()
3095         https://bugs.webkit.org/show_bug.cgi?id=59734
3096
3097         Remove direct pointer to the inside of a GC object and just do
3098         the indirect load manually.  Doesn't effect sunspider but does
3099         clean up the code quite a bit, and simplifies the handling of
3100         GC values.
3101
3102         * jit/JITPropertyAccess.cpp:
3103         (JSC::JIT::testPrototype):
3104
3105 2011-04-28  David Levin  <levin@chromium.org>
3106
3107         Build fix.
3108
3109         * wtf/RefCounted.h: Fix inverted ifdef.
3110
3111 2011-04-07  David Levin  <levin@chromium.org>
3112
3113         Reviewed by Darin Adler.
3114
3115         Add asserts to RefCounted to make sure ref/deref happens on the right thread.
3116         https://bugs.webkit.org/show_bug.cgi?id=31639
3117
3118         * GNUmakefile.list.am: Added new files to the build.
3119         * JavaScriptCore.gypi: Ditto.
3120         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
3121         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3122         * jit/ExecutableAllocator.h:
3123         (JSC::ExecutablePool::ExecutablePool): Turned off checks for this
3124         due to not being able to figure out what was guarding it (bug 58091).
3125         * parser/SourceProvider.h:
3126         (JSC::SourceProvider::SourceProvider): Ditto.
3127         * runtime/RegExp.cpp:
3128         (JSC::RegExp::RegExp): Ditto.
3129         * wtf/CMakeLists.txt: Added new files to the build.
3130         * wtf/ThreadRestrictionVerifier.h: Added.
3131         Everything is done in the header to avoid the issue with exports
3132         that are only useful in debug but still needing to export them.
3133         * wtf/RefCounted.h:
3134         (WTF::RefCountedBase::ref): Added checks using the non thread safe verifier.
3135         and filed bug 58171 about making it stricter.
3136         (WTF::RefCountedBase::hasOneRef): Ditto.
3137         (WTF::RefCountedBase::refCount): Ditto.
3138         (WTF::RefCountedBase::setMutexForVerifier): Expose a way to change the checks to be based
3139         on a mutex. This is in the header to avoid adding more exports from JavaScriptCore.
3140         (WTF::RefCountedBase::deprecatedTurnOffVerifier): Temporary way to turn off verification.
3141         Filed bug 58174 to remove this method.
3142         (WTF::RefCountedBase::derefBase):
3143         * wtf/SizeLimits.cpp: Adjusted the debug size check for RefCounted.
3144         * wtf/text/CString.h:
3145         (WTF::CStringBuffer::CStringBuffer): Turned off checks for this while a fix is being
3146         done in Chromium's test_shell (bug 58093).
3147
3148 2011-04-28  Xan Lopez  <xlopez@igalia.com>
3149
3150         Unreviewed attempt to fix the build.
3151
3152         * GNUmakefile.am: add -lpthread.
3153
3154 2011-04-28  Oliver Hunt  <oliver@apple.com>
3155
3156         Reviewed by Gavin Barraclough.
3157
3158         Only need a single implementation of testPrototype
3159         https://bugs.webkit.org/show_bug.cgi?id=59724
3160
3161         Remove excess copy of identical testPrototype() code
3162
3163         * jit/JITPropertyAccess.cpp:
3164         (JSC::JIT::testPrototype):
3165         * jit/JITPropertyAccess32_64.cpp:
3166
3167 2011-04-28  Xan Lopez  <xlopez@igalia.com>
3168
3169         Reviewed by Martin Robinson.
3170
3171         [Gtk] Split JSC and WebCore builds
3172         https://bugs.webkit.org/show_bug.cgi?id=19428
3173
3174         Build JavaScriptCore as a libtool shared library instead of a
3175         private convenience library.
3176
3177         * GNUmakefile.am: define new jsc library and adapt to new name for
3178         javascriptcore target.
3179         * GNUmakefile.list.am: ditto.
3180
3181 2011-04-28  David Kilzer  <ddkilzer@apple.com>
3182
3183         <http://webkit.org/b/59705> WTF::postTimer() leaks a CFRunLoopTimerRef every time it's called
3184
3185         Reviewed by Simon Fraser.
3186
3187         * wtf/mac/MainThreadMac.mm:
3188         (WTF::postTimer): Use RetainPtr to plug the leak.
3189
3190 2011-04-27  Sam Weinig  <sam@webkit.org>
3191
3192         Reviewed by David Kilzer.
3193
3194         Add way to install testapi in production builds
3195         https://bugs.webkit.org/show_bug.cgi?id=59674
3196
3197         * Configurations/TestAPI.xcconfig: Copied from Configurations/JavaScriptCore.xcconfig.
3198         Add configuration file for TestAPI. In addition to name, we now specify an install path
3199         and allow SKIP_INSTALL to be overridden by setting FORCE_TOOL_INSTALL.
3200
3201         * JavaScriptCore.xcodeproj/project.pbxproj:
3202         Remove in-project build settings and add missing configuration files. Added missing CompilerVersion.xcconfig
3203         file.
3204
3205 2011-04-27  Adam Barth  <abarth@webkit.org>
3206
3207         Reviewed by David Levin.
3208
3209         Enable strict OwnPtrs for Chromium
3210         https://bugs.webkit.org/show_bug.cgi?id=59666
3211
3212         * wtf/OwnPtr.h:
3213
3214 2011-04-27  Oliver Hunt  <oliver@apple.com>
3215
3216         Reviewed by Geoffrey Garen.
3217
3218         Add ability to remove keys from weakmap API
3219         https://bugs.webkit.org/show_bug.cgi?id=59645
3220
3221         Add JSWeakObjectMapRemove API
3222
3223         * API/JSWeakObjectMapRefPrivate.cpp:
3224         * API/JSWeakObjectMapRefPrivate.h:
3225         * JavaScriptCore.exp:
3226
3227 2011-04-27  Adam Barth  <abarth@webkit.org>
3228
3229         Reviewed by David Levin.
3230
3231         Enable strict mode for OwnPtr
3232         https://bugs.webkit.org/show_bug.cgi?id=59428
3233
3234         This patch enables strict mode for OwnPtr on PLATFORM(MAC) only.
3235
3236         * wtf/OwnPtr.h:
3237
3238 2011-04-27  Steve Block  <steveblock@google.com>
3239
3240         Reviewed by David Levin.
3241
3242         Remove Android build system
3243         https://bugs.webkit.org/show_bug.cgi?id=48111
3244
3245         This is to avoid the maintenance burden until the Android port is
3246         fully upstreamed.
3247
3248         * Android.mk: Removed.
3249         * Android.v8.wtf.mk: Removed.
3250
3251 2011-04-27  Mark Rowe  <mrowe@apple.com>
3252
3253         Fix 32-bit build after r85036.
3254
3255         * wtf/Platform.h: USE(PLUGIN_HOST_PROCESS) is only true for 64-bit.
3256
3257 2011-04-27  Csaba Osztrogonác  <ossy@webkit.org>
3258
3259         Unreviewed buildfix after r85036.
3260
3261         Readd non-dead code.
3262
3263         * wtf/OSAllocatorPosix.cpp:
3264         (WTF::OSAllocator::reserveAndCommit):
3265
3266 2011-04-27  Adam Barth  <abarth@webkit.org>
3267
3268         Reviewed by Kenneth Russell.
3269
3270         OwnPtr assignment operator should be private
3271         https://bugs.webkit.org/show_bug.cgi?id=59487
3272
3273         Unfortunately we can't remove the copy constructor because of some
3274         detail about gcc.  (The issue is documented in a comment already.)
3275
3276         * wtf/OwnPtr.h:
3277
3278 2011-04-26  Sheriff Bot  <webkit.review.bot@gmail.com>
3279
3280         Unreviewed, rolling out r84977.
3281         http://trac.webkit.org/changeset/84977
3282         https://bugs.webkit.org/show_bug.cgi?id=59568
3283
3284         caused crashes on the SL WK2 bots (Requested by jessieberlin
3285         on #webkit).
3286
3287         * assembler/MacroAssemblerX86_64.h:
3288         (JSC::MacroAssemblerX86_64::call):
3289         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
3290         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
3291
3292 2011-04-26  Kevin Ollivier  <kevino@theolliviers.com>
3293
3294         Rubberstamped by Eric Seidel.
3295
3296         Enable waf to be used to build other ports
3297         https://bugs.webkit.org/show_bug.cgi?id=58213
3298
3299         * wscript:
3300
3301 2011-04-26  Sam Weinig  <sam@webkit.org>
3302
3303         Reviewed by David Hyatt.
3304
3305         Remove Datagrid from the tree
3306         https://bugs.webkit.org/show_bug.cgi?id=59543
3307
3308         * Configurations/FeatureDefines.xcconfig:
3309         Remove feature.
3310
3311 2011-04-26  Adrienne Walker  <enne@google.com>
3312
3313         Reviewed by Geoffrey Garen.
3314
3315         Fix incorrect use of OwnPtr<T*> in GCActivityCallback
3316         https://bugs.webkit.org/show_bug.cgi?id=59559
3317
3318         * runtime/GCActivityCallback.h:
3319
3320 2011-04-26  Xan Lopez  <xlopez@igalia.com>
3321
3322         Reviewed by Daniel Bates.
3323
3324         Unused but set variable warning in MacroAssembelX86_64
3325         https://bugs.webkit.org/show_bug.cgi?id=59482
3326
3327         * assembler/MacroAssemblerX86_64.h:
3328         (JSC::MacroAssemblerX86_64::call): do not declare the label
3329         variable if we are not going to use it.
3330         (JSC::MacroAssemblerX86_64::tailRecursiveCall): ditto.
3331         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall): ditto.
3332
3333 2011-04-26  Dan Bernstein  <mitz@apple.com>
3334
3335         Reviewed by Mark Rowe.
3336
3337         Choose the compiler based on the Xcode version for Snow Leopard debug builds.
3338
3339         * Configurations/Base.xcconfig:
3340         * Configurations/CompilerVersion.xcconfig: Added.
3341
3342 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
3343
3344         Reviewed by Oliver Hunt.
3345
3346         Nixed special finalizer handling for WebCore strings
3347         https://bugs.webkit.org/show_bug.cgi?id=59425
3348         
3349         SunSpider reports no change.
3350         
3351         Not needed anymore, since weak handles have finalizers.
3352
3353         * runtime/JSString.cpp:
3354         (JSC::JSString::resolveRope):
3355         (JSC::JSString::resolveRopeSlowCase):
3356         (JSC::JSString::outOfMemory):
3357         (JSC::JSString::substringFromRope):
3358         (JSC::JSString::replaceCharacter): Updated for removal of union.
3359
3360         * runtime/JSString.h:
3361         (JSC::RopeBuilder::JSString):
3362         (JSC::RopeBuilder::~JSString):
3363         (JSC::RopeBuilder::appendStringInConstruct):
3364         (JSC::RopeBuilder::appendValueInConstructAndIncrementLength): No need for
3365         union or special constructor anymore.
3366
3367 2011-04-26  Gabor Loki  <loki@webkit.org>
3368
3369         Reviewed by Csaba Osztrogonác.
3370
3371         Speeding up SVG filters with multicore (SMP) support
3372         https://bugs.webkit.org/show_bug.cgi?id=43903
3373
3374         Some SVG filters execute a huge number of pixel manipulations, which
3375         cannot be sped up by graphics accelerators, since their algorithm is
3376         too complex. Using the power of Symmetric Multi Processing (SMP) we
3377         can split up a task to smaller (data independent) tasks, which can be
3378         executed independently.
3379
3380         The ParallelJobs framework provides a simple way for distributed
3381         programming. The framework is based on WebKit's threading infrastructure,
3382         Open Multi-Processing's (OpenMP) API, and libdispatch API.
3383
3384         * GNUmakefile.list.am:
3385         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
3386         * JavaScriptCore.xcodeproj/project.pbxproj:
3387         * wtf/CMakeLists.txt:
3388         * wtf/ParallelJobs.h: Added.
3389         (WTF::ParallelJobs::ParallelJobs):
3390         (WTF::ParallelJobs::numberOfJobs):
3391         (WTF::ParallelJobs::parameterForJob):
3392         (WTF::ParallelJobs::executeJobs):
3393         * wtf/ParallelJobsGeneric.cpp: Added.
3394         (WTF::ParallelEnvironment::ThreadPrivate::tryLockFor):
3395         (WTF::ParallelEnvironment::ThreadPrivate::executeJob):
3396         (WTF::ParallelEnvironment::ThreadPrivate::waitForFinish):
3397         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
3398         * wtf/ParallelJobsGeneric.h: Added.
3399         (WTF::ParallelEnvironment::ParallelEnvironment):
3400         (WTF::ParallelEnvironment::numberOfJobs):
3401         (WTF::ParallelEnvironment::parameterForJob):
3402         (WTF::ParallelEnvironment::executeJobs):
3403         (WTF::ParallelEnvironment::ThreadPrivate::ThreadPrivate):
3404         (WTF::ParallelEnvironment::ThreadPrivate::create):
3405         * wtf/ParallelJobsLibdispatch.h: Added.
3406         (WTF::ParallelEnvironment::ParallelEnvironment):
3407         (WTF::ParallelEnvironment::numberOfJobs):
3408         (WTF::ParallelEnvironment::parameterForJob):
3409         (WTF::ParallelEnvironment::executeJobs):
3410         * wtf/ParallelJobsOpenMP.h: Added.
3411         (WTF::ParallelEnvironment::ParallelEnvironment):
3412         (WTF::ParallelEnvironment::numberOfJobs):
3413         (WTF::ParallelEnvironment::parameterForJob):
3414         (WTF::ParallelEnvironment::executeJobs):
3415         * wtf/Platform.h:
3416         * wtf/wtf.pri:
3417
3418 2011-04-26  Mihai Parparita  <mihaip@chromium.org>
3419
3420         Reviewed by Adam Barth.
3421
3422         Turn off make built-in implicit rules for derived sources makefile
3423         https://bugs.webkit.org/show_bug.cgi?id=59418
3424         
3425         We don't use any of make's built-in implicit rules, turning them off
3426         speeds up parsing of the makefile.
3427
3428         * JavaScriptCore.xcodeproj/project.pbxproj:
3429         * gyp/generate-derived-sources.sh:
3430
3431 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
3432
3433         Reviewed by Oliver Hunt.
3434
3435         Custom prototypes on DOM objects don't persist after garbage collection
3436         https://bugs.webkit.org/show_bug.cgi?id=59412
3437         
3438         SunSpider reports no change.
3439         
3440         The hasCustomProperties() check didn't check for a custom prototype.
3441
3442         * runtime/JSObject.h:
3443         (JSC::JSObject::hasCustomProperties): Changed to delegate to Structure
3444         because it is the "truth" about an object's pedigree.
3445
3446         * runtime/Structure.cpp:
3447         (JSC::Structure::Structure):
3448         * runtime/Structure.h:
3449         (JSC::Structure::didTransition): Track whether a Structure has ever
3450         transitioned for any reason. If so, we have to assume that the object
3451         holding it is custom in some way.
3452
3453 2011-04-25  Gavin Barraclough  <barraclough@apple.com>
3454
3455         Reviewed by Geoff Garen.
3456
3457         https://bugs.webkit.org/show_bug.cgi?id=59405
3458         DFG JIT - add type speculation for integer & array types, for vars & args.
3459
3460         If a var or argument is used as the base for a GetByVal or PutByVal access
3461         we are speculating that it is of type Array (we only generate code on the
3462         speculative path to perform array accesses). By typing the var or args slot
3463         as Array, and checking on entry to the function (in the case of args), and
3464         each time the local is written to, we can avoid a type check at each point
3465         the array is accessed. This will typically hoist type checks out of loops.
3466
3467         Similarly, any local that is incremented or decremented, or is the input or
3468         output or a bitwise operator, is likely to be an integer. By typing the
3469         local as int32 we can avoid speculation checks on access, and tagging when
3470         writing to the slot. All accesses can become 32bit instead of 64.
3471
3472         * dfg/DFGByteCodeParser.cpp:
3473         (JSC::DFG::ByteCodeParser::set):
3474         (JSC::DFG::ByteCodeParser::predictArray):
3475         (JSC::DFG::ByteCodeParser::predictInt32):
3476         (JSC::DFG::ByteCodeParser::parseBlock):
3477         * dfg/DFGGraph.h:
3478         (JSC::DFG::PredictionSlot::PredictionSlot):
3479         (JSC::DFG::Graph::Graph):
3480         (JSC::DFG::Graph::predict):
3481         (JSC::DFG::Graph::getPrediction):
3482         * dfg/DFGJITCompiler.cpp:
3483         (JSC::DFG::JITCompiler::compileFunction):
3484         * dfg/DFGJITCompiler.h:
3485         (JSC::DFG::JITCompiler::tagFor):
3486         (JSC::DFG::JITCompiler::payloadFor):
3487         * dfg/DFGNode.h:
3488         * dfg/DFGNonSpeculativeJIT.cpp:
3489         (JSC::DFG::NonSpeculativeJIT::compile):
3490         * dfg/DFGSpeculativeJIT.cpp:
3491         (JSC::DFG::SpeculativeJIT::compile):
3492         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
3493         (JSC::DFG::SpeculativeJIT::initializeVariableTypes):
3494         * dfg/DFGSpeculativeJIT.h:
3495         * runtime/Executable.cpp:
3496         (JSC::tryDFGCompile):
3497
3498 2011-04-25  David Levin  <levin@chromium.org>
3499
3500         Reviewed by James Robinson.
3501
3502         Fix OwnPtr strict mode violation in MessageQueue.h
3503         https://bugs.webkit.org/show_bug.cgi?id=59400
3504
3505         * wtf/MessageQueue.h:
3506         (WTF::::waitForMessage):
3507         (WTF::::waitForMessageFilteredWithTimeout):
3508         (WTF::::tryGetMessage):
3509
3510 2011-04-25  Adam Barth  <abarth@webkit.org>
3511
3512         Reviewed by Darin Adler.
3513
3514         JavaScriptCore should play nice strict OwnPtrs
3515         https://bugs.webkit.org/show_bug.cgi?id=59401
3516
3517         * dfg/DFGByteCodeParser.cpp:
3518         (JSC::DFG::ByteCodeParser::parse):
3519         * heap/Heap.cpp:
3520         (JSC::TypeCounter::TypeCounter):
3521         * jit/JITStubs.cpp:
3522         (JSC::JITThunks::JITThunks):
3523         * parser/JSParser.cpp:
3524         (JSC::JSParser::Scope::Scope):
3525         * yarr/YarrJIT.cpp:
3526         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
3527
3528 2011-04-25  Mark Rowe  <mrowe@apple.com>
3529
3530         Build fix.
3531
3532         * wtf/ListHashSet.h:
3533
3534 2011-04-25  Gavin Barraclough  <barraclough@apple.com>
3535
3536         Reviewed by Oliver Hunt.
3537
3538         Bug 59370 - DFG JIT - fix leak of BlocksBlocks
3539         (put the blocks immediately into an OwnPtr).
3540
3541         * dfg/DFGByteCodeParser.cpp:
3542         (JSC::DFG::ByteCodeParser::parse):
3543
3544 2011-04-25  James Robinson  <jamesr@chromium.org>
3545
3546         Reviewed by David Levin.
3547
3548         Fix strict OwnPtr violations in ListHashSet and RenderLayerCompositor
3549         https://bugs.webkit.org/show_bug.cgi?id=59353
3550
3551         * wtf/ListHashSet.h:
3552         (WTF::::ListHashSet):
3553
3554 2011-04-25  David Levin  <levin@chromium.org>
3555
3556         Reviewed by Adam Barth.
3557
3558         Fix PassOwnPtr issues in Structure and JSGlobalData.cpp
3559         https://bugs.webkit.org/show_bug.cgi?id=59347
3560
3561         * runtime/JSGlobalData.cpp:
3562         (JSC::JSGlobalData::JSGlobalData):
3563         * runtime/Structure.cpp:
3564         (JSC::Structure::copyPropertyTable):
3565         (JSC::Structure::createPropertyMap):
3566         * runtime/Structure.h:
3567
3568 2011-04-25  Oliver Hunt  <oliver@apple.com>
3569
3570         Reviewed by Geoffrey Garen.
3571
3572         Make ClassInfo required when creating a Structure
3573         https://bugs.webkit.org/show_bug.cgi?id=59340
3574
3575         Add ClassInfo to all those types which currently don't
3576         have it, and add an assertion to Structure::create to
3577         ensure that the provided classInfo is not null.
3578
3579         * runtime/Executable.h:
3580         (JSC::EvalExecutable::createStructure):
3581         (JSC::ProgramExecutable::createStructure):
3582         (JSC::FunctionExecutable::createStructure):
3583         * runtime/GetterSetter.cpp:
3584         * runtime/GetterSetter.h:
3585         (JSC::GetterSetter::createStructure):
3586         * runtime/JSAPIValueWrapper.cpp:
3587         * runtime/JSAPIValueWrapper.h:
3588         (JSC::JSAPIValueWrapper::createStructure):
3589         * runtime/JSCell.cpp:
3590         * runtime/JSCell.h:
3591         * runtime/JSString.cpp:
3592         * runtime/JSString.h:
3593         (JSC::RopeBuilder::createStructure):
3594         * runtime/Structure.h:
3595         (JSC::Structure::create):
3596         (JSC::JSCell::createDummyStructure):
3597
3598 2011-04-25  David Levin  <levin@chromium.org>
3599
3600         Reviewed by Adam Barth.
3601
3602         PropertyMapHashTable.h should use adoptPtr instead of implicit conversions to PassRefPtr.
3603         https://bugs.webkit.org/show_bug.cgi?id=59342
3604
3605         This patch is to prepare for the strict OwnPtr hack-a-thon.
3606
3607         * runtime/PropertyMapHashTable.h:
3608         (JSC::PropertyTable::copy):
3609
3610 2011-04-25  Thouraya ANDOLSI  <thouraya.andolsi@st.com>
3611
3612         Reviewed by Gavin Barraclough.
3613
3614         Rationalize MacroAssembler branch methods
3615         https://bugs.webkit.org/show_bug.cgi?id=58950
3616
3617         split out the 'Condition' enum into 'RelationalCondition' and 'ResultCondition' 
3618         and apply related changes (only for SH4 platforms).
3619
3620         * assembler/MacroAssemblerSH4.cpp:
3621         * assembler/MacroAssemblerSH4.h:
3622         (JSC::MacroAssemblerSH4::compare32):
3623         (JSC::MacroAssemblerSH4::branch32WithUnalignedHalfWords):
3624         (JSC::MacroAssemblerSH4::branchDouble):
3625         (JSC::MacroAssemblerSH4::branch32):
3626         (JSC::MacroAssemblerSH4::branchTest8):
3627         (JSC::MacroAssemblerSH4::branch8):
3628         (JSC::MacroAssemblerSH4::branchTruncateDoubleToInt32):
3629         (JSC::MacroAssemblerSH4::test8):
3630         (JSC::MacroAssemblerSH4::branch16):
3631         (JSC::MacroAssemblerSH4::branchTest32):
3632         (JSC::MacroAssemblerSH4::branchAdd32):
3633         (JSC::MacroAssemblerSH4::branchMul32):
3634         (JSC::MacroAssemblerSH4::branchSub32):
3635         (JSC::MacroAssemblerSH4::branchOr32):
3636         (JSC::MacroAssemblerSH4::branchConvertDoubleToInt32):
3637         (JSC::MacroAssemblerSH4::branchPtrWithPatch):
3638         (JSC::MacroAssemblerSH4::SH4Condition):
3639         * assembler/SH4Assembler.h:
3640         (JSC::SH4Assembler::cmpEqImmR0):
3641
3642 2011-04-25  Adam Barth  <abarth@webkit.org>
3643
3644         Reviewed by Eric Seidel.
3645
3646         PropertyMapHashTable should work with strict OwnPtr
3647         https://bugs.webkit.org/show_bug.cgi?id=59337
3648
3649         This patch is in preparation for the strict OwnPtr hack-a-thon.
3650
3651         * runtime/PropertyMapHashTable.h:
3652         (JSC::PropertyTable::PropertyTable):
3653         (JSC::PropertyTable::addDeletedOffset):
3654
3655 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
3656
3657         Reviewed by Sam Weinig.
3658
3659         Nixed MarkStack::deprecatedAppend, since it has no clients left.
3660
3661         * heap/MarkStack.h:
3662
3663 2011-04-23  Gavin Barraclough  <barraclough@apple.com>
3664
3665         Reviewed by Oliver Hunt.
3666
3667         Bug 59287 - DFG JIT - Handle temporaries as vars, allowing support for ?:
3668
3669         SetLocals to temporaries will only be generated if they are used within other
3670         blocks, due to the SSA based DCE.
3671
3672         * dfg/DFGByteCodeParser.cpp:
3673         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3674         (JSC::DFG::ByteCodeParser::get):
3675         (JSC::DFG::ByteCodeParser::set):
3676         (JSC::DFG::ByteCodeParser::getLocal):
3677         (JSC::DFG::ByteCodeParser::setLocal):
3678         (JSC::DFG::ByteCodeParser::parseBlock):
3679         (JSC::DFG::ByteCodeParser::processPhiStack):
3680         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
3681         (JSC::DFG::ByteCodeParser::parse):
3682         * dfg/DFGGraph.h:
3683         (JSC::DFG::BasicBlock::BasicBlock):
3684
3685 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3686
3687         Reviewed by Sam Weinig & Geoff Garen.
3688
3689         Bug 59266 - DFG JIT - Add SSA style DCE
3690
3691         This works by making GetLocal nodes reference SetLocal nodes from prior blocks,
3692         via intermediate Phi nodes. Whenever we add a GetLocal to the graph, also add a
3693         matching child Phi, and add the Phi to a work queue to add references to prior
3694         definitions once we have the full CFG & can determine predecessors. This process
3695         is iterative, inserting new phis into predecessors as necessary.
3696
3697         * dfg/DFGByteCodeParser.cpp:
3698         (JSC::DFG::ByteCodeParser::getVariable):
3699         (JSC::DFG::ByteCodeParser::setVariable):
3700         (JSC::DFG::ByteCodeParser::getArgument):
3701         (JSC::DFG::ByteCodeParser::setArgument):
3702         (JSC::DFG::ByteCodeParser::parseBlock):
3703         (JSC::DFG::ByteCodeParser::processWorkQueue):
3704         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
3705         (JSC::DFG::ByteCodeParser::parse):
3706         * dfg/DFGGraph.cpp:
3707         (JSC::DFG::Graph::dump):
3708         (JSC::DFG::Graph::refChildren):
3709         * dfg/DFGGraph.h:
3710         (JSC::DFG::Graph::ref):
3711         * dfg/DFGNode.h:
3712         (JSC::DFG::Node::ref):
3713         * dfg/DFGNonSpeculativeJIT.cpp:
3714         (JSC::DFG::NonSpeculativeJIT::compile):
3715         * dfg/DFGScoreBoard.h:
3716         (JSC::DFG::ScoreBoard::~ScoreBoard):
3717         (JSC::DFG::ScoreBoard::dump):
3718         * dfg/DFGSpeculativeJIT.cpp:
3719         (JSC::DFG::SpeculativeJIT::compile):
3720
3721 2011-04-22  Vitaly Repeshko  <vitalyr@chromium.org>
3722
3723         Reviewed by Adam Barth.
3724
3725         Add missing default constructors for HashMap iterator specializations.
3726         https://bugs.webkit.org/show_bug.cgi?id=59250
3727
3728         * wtf/HashIterators.h:
3729         * wtf/HashTable.h:
3730         (WTF::HashTableConstIterator::HashTableConstIterator): Added cast
3731         to help compiler find the function template.
3732
3733 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3734
3735         Reviewed by Sam Weinig.
3736
3737         Bug 59262 - DFG JIT - reduce size of VariableRecord
3738
3739         We never need both the get & set node, only the most recent
3740         (which is always a set, if both exist).
3741
3742         * dfg/DFGByteCodeParser.cpp:
3743         (JSC::DFG::ByteCodeParser::getVariable):
3744         (JSC::DFG::ByteCodeParser::setVariable):
3745         (JSC::DFG::ByteCodeParser::getArgument):
3746         (JSC::DFG::ByteCodeParser::setArgument):
3747         (JSC::DFG::ByteCodeParser::parseBlock):
3748         * dfg/DFGGraph.h:
3749         (JSC::DFG::VariableRecord::VariableRecord):
3750
3751 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3752
3753         Reviewed by Geoffrey Garen.
3754
3755         Bug 59254 - DFG JIT - retain VariableRecords for args/var in all basic blocks,
3756         such that this information is available for DCE.  Also, since this enlarges the
3757         size of BasicBlock, make Graph hold a vector of pointers to basic blocks, not a
3758         vector of blocks.
3759
3760         * dfg/DFGByteCodeParser.cpp:
3761         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3762         (JSC::DFG::ByteCodeParser::get):
3763         (JSC::DFG::ByteCodeParser::set):
3764         (JSC::DFG::ByteCodeParser::getVariable):
3765         (JSC::DFG::ByteCodeParser::setVariable):
3766         (JSC::DFG::ByteCodeParser::getArgument):
3767         (JSC::DFG::ByteCodeParser::setArgument):
3768         (JSC::DFG::ByteCodeParser::parseBlock):
3769         (JSC::DFG::ByteCodeParser::setupPredecessors):
3770         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
3771         (JSC::DFG::ByteCodeParser::parse):
3772         * dfg/DFGGraph.cpp:
3773         (JSC::DFG::Graph::dump):
3774         * dfg/DFGGraph.h:
3775         (JSC::DFG::VariableRecord::VariableRecord):
3776         (JSC::DFG::BasicBlock::BasicBlock):
3777         (JSC::DFG::BasicBlock::getBytecodeBegin):
3778         (JSC::DFG::Graph::blockIndexForBytecodeOffset):
3779         (JSC::DFG::Graph::blockForBytecodeOffset):
3780         * dfg/DFGNonSpeculativeJIT.cpp:
3781         (JSC::DFG::NonSpeculativeJIT::compile):
3782         * dfg/DFGSpeculativeJIT.cpp:
3783         (JSC::DFG::SpeculativeJIT::compile):
3784         * dfg/DFGSpeculativeJIT.h:
3785         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
3786
3787 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3788
3789         Errk, build fix.
3790
3791         * dfg/DFGSpeculativeJIT.cpp:
3792         (JSC::DFG::SpeculativeJIT::compile):
3793
3794 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3795
3796         Reviewed by Sam Weinig.
3797
3798         Quick cleanup to SpeculativeJIT/NonSpeculativeJIT compile loop,
3799         move out the call to checkConsistency().
3800
3801         * dfg/DFGNonSpeculativeJIT.cpp:
3802         (JSC::DFG::NonSpeculativeJIT::compile):
3803         * dfg/DFGSpeculativeJIT.cpp:
3804         (JSC::DFG::SpeculativeJIT::compile):
3805         * dfg/DFGSpeculativeJIT.h:
3806         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
3807         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
3808
3809 2011-04-21  Vitaly Repeshko  <vitalyr@chromium.org>
3810
3811         Reviewed by Adam Barth.
3812
3813         Provide default constructors for HashMap iterators.
3814         https://bugs.webkit.org/show_bug.cgi?id=59151
3815
3816         These will be used to implement an iterator over EventTarget's
3817         listeners.
3818
3819         * wtf/HashTable.h:
3820         (WTF::HashTableConstIteratorAdapter::HashTableConstIteratorAdapter):
3821         (WTF::HashTableIteratorAdapter::HashTableIteratorAdapter):
3822
3823 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3824
3825         Reviewed by Geoff Garen.
3826
3827         Bug 59232 - DFG JIT - Add predecessor links to BasicBlocks
3828
3829         These will be necessary for DCE support.
3830         Also factor allocateVirtualRegisters out into its own method.
3831
3832         * dfg/DFGByteCodeParser.cpp:
3833         (JSC::DFG::ByteCodeParser::setupPredecessors):
3834         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
3835         (JSC::DFG::ByteCodeParser::parse):
3836         * dfg/DFGGraph.h:
3837         (JSC::DFG::Graph::blockForBytecodeOffset):
3838         * dfg/DFGNode.h:
3839         (JSC::DFG::Node::isTerminal):
3840
3841 2011-04-22  Oliver Hunt  <oliver@apple.com>
3842
3843         Reviewed by Geoffrey Garen.
3844
3845         Object.create creates uncachable objects
3846         https://bugs.webkit.org/show_bug.cgi?id=59164
3847
3848         Use the prototype object's inheritorID, as we
3849         should always have done
3850
3851         * runtime/JSGlobalObject.cpp:
3852         (JSC::JSGlobalObject::reset):
3853         (JSC::JSGlobalObject::visitChildren):
3854         * runtime/JSGlobalObject.h:
3855         (JSC::JSGlobalObject::nullPrototypeObjectStructure):
3856         * runtime/ObjectConstructor.cpp:
3857         (JSC::objectConstructorCreate):
3858
3859 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
3860
3861         Reviewed by Sam Weinig.
3862
3863         Bug 59222 - DFG JIT - don't allocate virtual registers to nodes with no result
3864
3865         We currently allocate virtual registers to nodes which have no result - these are
3866         clearly unused, and may result in us allocating a larger than necessary stack frame.
3867
3868         Encapsulate Node::virtualRegister such that we can ASSERT this is only called on
3869         nodes that have results, and improve the quality of output from the consistency check.
3870
3871         * dfg/DFGByteCodeParser.cpp:
3872         (JSC::DFG::ByteCodeParser::parse):
3873         * dfg/DFGGraph.cpp:
3874         (JSC::DFG::Graph::dump):
3875         * dfg/DFGGraph.h:
3876         (JSC::DFG::Graph::ref):
3877         (JSC::DFG::Graph::deref):
3878         * dfg/DFGJITCodeGenerator.cpp:
3879         (JSC::DFG::JITCodeGenerator::fillInteger):
3880         (JSC::DFG::JITCodeGenerator::fillDouble):
3881         (JSC::DFG::JITCodeGenerator::fillJSValue):
3882         (JSC::DFG::JITCodeGenerator::dump):
3883         (JSC::DFG::JITCodeGenerator::checkConsistency):
3884         * dfg/DFGJITCodeGenerator.h:
3885         (JSC::DFG::JITCodeGenerator::canReuse):
3886         (JSC::DFG::JITCodeGenerator::isFilled):
3887         (JSC::DFG::JITCodeGenerator::isFilledDouble):
3888         (JSC::DFG::JITCodeGenerator::use):
3889         (JSC::DFG::JITCodeGenerator::integerResult):
3890         (JSC::DFG::JITCodeGenerator::noResult):
3891         (JSC::DFG::JITCodeGenerator::cellResult):
3892         (JSC::DFG::JITCodeGenerator::jsValueResult):
3893         (JSC::DFG::JITCodeGenerator::doubleResult):
3894         (JSC::DFG::JITCodeGenerator::initConstantInfo):
3895         * dfg/DFGJITCompiler.cpp:
3896         (JSC::DFG::JITCompiler::fillNumericToDouble):
3897         (JSC::DFG::JITCompiler::fillInt32ToInteger):
3898         (JSC::DFG::JITCompiler::fillToJS):
3899         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
3900         * dfg/DFGNode.h:
3901         (JSC::DFG::Node::Node):
3902         (JSC::DFG::Node::hasResult):
3903         (JSC::DFG::Node::virtualRegister):
3904         (JSC::DFG::Node::setVirtualRegister):
3905         (JSC::DFG::Node::refCount):
3906         (JSC::DFG::Node::ref):
3907         (JSC::DFG::Node::deref):
3908         (JSC::DFG::Node::adjustedRefCount):
3909         * dfg/DFGNonSpeculativeJIT.cpp:
3910         (JSC::DFG::NonSpeculativeJIT::isKnownInteger):
3911         (JSC::DFG::NonSpeculativeJIT::isKnownNumeric):
3912         (JSC::DFG::NonSpeculativeJIT::compile):
3913         * dfg/DFGScoreBoard.h:
3914         (JSC::DFG::ScoreBoard::use):
3915         * dfg/DFGSpeculativeJIT.cpp:
3916         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
3917         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
3918         (JSC::DFG::SpeculativeJIT::compile):
3919
3920 2011-04-22  Sam Weinig  <sam@webkit.org>
3921
3922         Reviewed by Gavin Barraclough and Oliver Hunt.
3923
3924         Arrays should participate in global object forwarding fun
3925         https://bugs.webkit.org/show_bug.cgi?id=59215
3926
3927         * runtime/JSGlobalObject.h:
3928         (JSC::constructEmptyArray):
3929         (JSC::constructArray):
3930         Add variants of constructArray that take a global object.
3931
3932 2011-04-22  Sheriff Bot  <webkit.review.bot@gmail.com>
3933
3934         Unreviewed, rolling out r84650 and r84654.
3935         http://trac.webkit.org/changeset/84650
3936         http://trac.webkit.org/changeset/84654
3937         https://bugs.webkit.org/show_bug.cgi?id=59218
3938
3939         Broke Windows build (Requested by bweinstein on #webkit).
3940
3941         * API/JSCallbackObjectFunctions.h:
3942         (JSC::::init):
3943         * JavaScriptCore.exp:
3944         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3945         * heap/Handle.h:
3946         (JSC::HandleBase::operator!):
3947         (JSC::HandleBase::operator UnspecifiedBoolType*):
3948         (JSC::HandleTypes::getFromSlot):
3949         * heap/HandleHeap.cpp:
3950         (JSC::HandleHeap::markStrongHandles):
3951         (JSC::HandleHeap::markWeakHandles):
3952         (JSC::HandleHeap::finalizeWeakHandles):
3953         (JSC::HandleHeap::writeBarrier):
3954         (JSC::HandleHeap::protectedGlobalObjectCount):
3955         (JSC::HandleHeap::isValidWeakNode):
3956         * heap/HandleHeap.h:
3957         (JSC::HandleHeap::copyWeak):
3958         (JSC::HandleHeap::makeWeak):
3959         (JSC::HandleHeap::Node::slot):
3960         * heap/HandleStack.cpp:
3961         (JSC::HandleStack::mark):
3962         (JSC::HandleStack::grow):
3963         * heap/HandleStack.h:
3964         (JSC::HandleStack::zapTo):
3965         (JSC::HandleStack::push):
3966         * heap/Heap.cpp:
3967         (JSC::HandleHeap::protectedObjectTypeCounts):
3968         * heap/Local.h:
3969         (JSC::::set):
3970         * heap/Strong.h:
3971         (JSC::Strong::set):
3972         * heap/Weak.h:
3973         (JSC::Weak::set):
3974         * runtime/StructureTransitionTable.h:
3975         (JSC::StructureTransitionTable::singleTransition):
3976         (JSC::StructureTransitionTable::setSingleTransition):
3977         * runtime/WeakGCMap.h:
3978         (JSC::WeakGCMap::add):
3979         (JSC::WeakGCMap::set):
3980         * runtime/WriteBarrier.h:
3981
3982 2011-04-22  Brian Weinstein  <bweinstein@apple.com>
3983
3984         Part of Windows build fix from r84650.
3985
3986         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3987
3988 2011-04-22  Oliver Hunt  <oliver@apple.com>
3989
3990         Reviewed by Geoffrey Garen.
3991
3992         Make it harder to use HandleSlot incorrectly
3993         https://bugs.webkit.org/show_bug.cgi?id=59205
3994
3995         Just add a little type fudging to make it harder to
3996         incorrectly assign through a HandleSlot.
3997
3998         * API/JSCallbackObjectFunctions.h:
3999         (JSC::::init):
4000         * JavaScriptCore.exp:
4001         * heap/Handle.h:
4002         (JSC::HandleBase::operator!):
4003         (JSC::HandleBase::operator UnspecifiedBoolType*):
4004         (JSC::HandleTypes::getFromSlot):
4005         * heap/HandleHeap.cpp:
4006         (JSC::HandleHeap::markStrongHandles):
4007         (JSC::HandleHeap::markWeakHandles):
4008         (JSC::HandleHeap::finalizeWeakHandles):
4009         (JSC::HandleHeap::writeBarrier):
4010         (JSC::HandleHeap::protectedGlobalObjectCount):
4011         (JSC::HandleHeap::isValidWeakNode):
4012         * heap/HandleHeap.h:
4013         (JSC::HandleHeap::copyWeak):
4014         (JSC::HandleHeap::makeWeak):
4015         (JSC::HandleHeap::Node::slot):
4016         * heap/HandleStack.cpp:
4017         (JSC::HandleStack::mark):
4018         (JSC::HandleStack::grow):
4019         * heap/HandleStack.h:
4020         (JSC::HandleStack::zapTo):
4021         (JSC::HandleStack::push):
4022         * heap/Heap.cpp:
4023         (JSC::HandleHeap::protectedObjectTypeCounts):
4024         * heap/Local.h:
4025         (JSC::::set):
4026         * heap/Strong.h:
4027         (JSC::Strong::set):
4028         * heap/Weak.h:
4029         (JSC::Weak::set):
4030         * runtime/StructureTransitionTable.h:
4031         (JSC::StructureTransitionTable::singleTransition):
4032         (JSC::StructureTransitionTable::setSingleTransition):
4033         * runtime/WeakGCMap.h:
4034         (JSC::WeakGCMap::add):
4035         (JSC::WeakGCMap::set):
4036         * runtime/WriteBarrier.h:
4037         (JSC::OpaqueJSValue::toJSValue):
4038         (JSC::OpaqueJSValue::toJSValueRef):
4039         (JSC::OpaqueJSValue::fromJSValue):
4040
4041 2011-04-22  Patrick Gansterer  <paroga@webkit.org>
4042
4043         Unreviewed. Build fix for ENABLE(INTERPRETER) after r84556.
4044
4045         * bytecode/CodeBlock.cpp:
4046         (JSC::CodeBlock::visitAggregate):
4047
4048 2011-04-21  Sheriff Bot  <webkit.review.bot@gmail.com>
4049
4050         Unreviewed, rolling out r84583.
4051         http://trac.webkit.org/changeset/84583
4052         https://bugs.webkit.org/show_bug.cgi?id=59173
4053
4054         "broke
4055         http://trac.webkit.org/export/84593/trunk/LayoutTests/fast/js
4056         /Object-create.html" (Requested by ggaren on #webkit).
4057
4058         * runtime/ObjectConstructor.cpp:
4059         (JSC::objectConstructorCreate):
4060
4061 2011-04-21  Maciej Stachowiak  <mjs@apple.com>
4062
4063         Reviewed by Adam Roben.
4064
4065         Add a feature define to allow <details> and <summary> to be disabled
4066         https://bugs.webkit.org/show_bug.cgi?id=59118
4067         <rdar://problem/9257045>
4068
4069         * Configurations/FeatureDefines.xcconfig:
4070
4071 2011-04-21  Oliver Hunt  <oliver@apple.com>
4072
4073         Reviewed by Geoffrey Garen.
4074
4075         Object.create creates uncachable objects
4076         https://bugs.webkit.org/show_bug.cgi?id=59164
4077
4078         Use the prototype object's inheritorID, as we
4079         should always have done
4080
4081         * runtime/ObjectConstructor.cpp:
4082         (JSC::objectConstructorCreate):
4083
4084 2011-04-21  Oliver Hunt  <oliver@apple.com>
4085
4086         Reviewed by Geoffrey Garen.
4087
4088         Start moving to a general visitor pattern for GC traversal
4089         https://bugs.webkit.org/show_bug.cgi?id=59141
4090