1 2008-10-17 Marco Barisione <marco.barisione@collabora.co.uk>
3 Reviewed by Sam Weinig. Landed by Jan Alonzo.
5 https://bugs.webkit.org/show_bug.cgi?id=21603
6 [GTK] Minor fixes to GOwnPtr
17 (WTF::GOwnPtr::~GOwnPtr):
18 (WTF::GOwnPtr::outPtr):
20 (WTF::GOwnPtr::clear):
23 2008-10-17 Maciej Stachowiak <mjs@apple.com>
25 Reviewed by Cameron Zwarich.
27 - speed up transitions that resize the property storage a fair bit
29 ~3% speedup on v8 RayTrace benchmark, ~1% on DeltaBlue
32 (JSC::resizePropertyStorage): renamed from transitionObject, and reduced to just resize
33 the object's property storage with one inline call.
34 (JSC::CTI::privateCompilePutByIdTransition): Use a separate function for property storage
35 resize, but still do all the rest of the work in assembly in that case, and pass the known
36 compile-time constants of old and new size rather than structureIDs, saving a bunch of
37 redundant memory access.
39 (JSC::JSObject::allocatePropertyStorage): Just call the inline version.
41 (JSC::JSObject::allocatePropertyStorageInline): Inline version of allocatePropertyStorage
42 * masm/X86Assembler.h:
43 (JSC::X86Assembler::):
44 (JSC::X86Assembler::pushl_i32): Add code to assmeble push of a constant; code originally by Cameron Zwarich.
46 2008-10-17 Cameron Zwarich <zwarich@apple.com>
48 Reviewed by Maciej Stachowiak.
50 Remove some C style casts.
52 * masm/X86Assembler.h:
53 (JSC::JITCodeBuffer::putIntUnchecked):
54 (JSC::X86Assembler::link):
55 (JSC::X86Assembler::linkAbsoluteAddress):
56 (JSC::X86Assembler::getRelocatedAddress):
58 2008-10-17 Cameron Zwarich <zwarich@apple.com>
60 Rubber-stamped by Maciej Stachowiak.
62 Remove some C style casts.
65 (JSC::CTI::patchGetByIdSelf):
66 (JSC::CTI::patchPutByIdReplace):
68 (JSC::Machine::tryCTICachePutByID):
69 (JSC::Machine::tryCTICacheGetByID):
70 (JSC::Machine::cti_op_put_by_id):
71 (JSC::Machine::cti_op_put_by_id_fail):
72 (JSC::Machine::cti_op_get_by_id):
73 (JSC::Machine::cti_op_get_by_id_fail):
75 2008-10-17 Maciej Stachowiak <mjs@apple.com>
77 Reviewed by Cameron Zwarich.
79 - Avoid restoring the caller's 'r' value in op_ret
80 https://bugs.webkit.org/show_bug.cgi?id=21319
82 This patch stops writing the call frame at call and return points;
83 instead it does so immediately before any CTI call.
85 0.5% speedup or so on the v8 benchmark
88 (JSC::CTI::emitCTICall):
89 (JSC::CTI::compileOpCall):
90 (JSC::CTI::emitSlowScriptCheck):
91 (JSC::CTI::compileBinaryArithOpSlowCase):
92 (JSC::CTI::privateCompileMainPass):
93 (JSC::CTI::privateCompileSlowCases):
94 (JSC::CTI::privateCompile):
97 2008-10-17 Cameron Zwarich <zwarich@apple.com>
99 Reviewed by Sam Weinig.
101 Make WREC require CTI because it won't actually compile otherwise.
105 2008-10-16 Maciej Stachowiak <mjs@apple.com>
107 Reviewed by Geoff Garen.
109 - fixed <rdar://problem/5806316> JavaScriptCore should not force building with gcc 4.0
110 - use gcc 4.2 when building with Xcode 3.1 or newer on Leopard, even though this is not the default
112 This time there is no performance regression; we can avoid having
113 to use the fastcall calling convention for CTI functions by using
114 varargs to prevent the compiler from moving things around on the
117 * Configurations/DebugRelease.xcconfig:
118 * JavaScriptCore.xcodeproj/project.pbxproj:
123 2008-10-16 Maciej Stachowiak <mjs@apple.com>
125 Reviewed by Oliver Hunt.
127 - fix for REGRESSION: r37631 causing crashes on buildbot
128 https://bugs.webkit.org/show_bug.cgi?id=21682
131 (JSC::Heap::collect): Avoid crashing when a GC occurs while no global objects are live.
133 2008-10-16 Sam Weinig <sam@webkit.org>
135 Reviewed by Maciej Stachowiak.
137 Fix for https://bugs.webkit.org/show_bug.cgi?id=21683
138 Don't create intermediate StructureIDs for builtin objects
140 First step in reduce number of StructureIDs created when initializing the
143 - In order to avoid creating the intermediate StructureIDs use the new putDirectWithoutTransition
144 and putDirectFunctionWithoutTransition to add properties to JSObjects without transitioning
145 the StructureID. This patch just implements this strategy for ObjectPrototype but alone
146 reduces the number of StructureIDs create for about:blank by 10, from 142 to 132.
148 * kjs/JSGlobalObject.cpp:
149 (JSC::JSGlobalObject::reset):
151 (JSC::JSObject::putDirectFunctionWithoutTransition):
153 (JSC::JSObject::putDirectWithoutTransition):
154 * kjs/ObjectPrototype.cpp:
155 (JSC::ObjectPrototype::ObjectPrototype):
156 * kjs/ObjectPrototype.h:
157 * kjs/StructureID.cpp:
158 (JSC::StructureID::addPropertyWithoutTransition):
161 2008-10-16 Maciej Stachowiak <mjs@apple.com>
163 Reviewed by Cameron Zwarich.
165 - fix for: REGRESSION: over 100 StructureIDs leak loading about:blank (result of fix for bug 21633)
167 Apparent slight progression (< 0.5%) on v8 benchmarks and SunSpider.
169 * kjs/StructureID.cpp:
170 (JSC::StructureID::~StructureID): Don't deref this object's parent's pointer to
171 itself from the destructor; that doesn't even make sense.
172 (JSC::StructureID::addPropertyTransition): Don't refer the single transition;
173 the rule is that parent StructureIDs are ref'd but child ones are not. Refing
174 the child creates a cycle.
176 2008-10-15 Alexey Proskuryakov <ap@webkit.org>
178 Reviewed by Darin Adler.
180 https://bugs.webkit.org/show_bug.cgi?id=21609
181 Make MessagePorts protect their peers across heaps
183 * JavaScriptCore.exp:
184 * kjs/JSGlobalObject.cpp:
185 (JSC::JSGlobalObject::markCrossHeapDependentObjects):
186 * kjs/JSGlobalObject.h:
188 (JSC::Heap::collect):
189 Before GC sweep phase, a function supplied by global object is now called for all global
190 objects in the heap, making it possible to implement cross-heap dependencies.
192 2008-10-15 Alexey Proskuryakov <ap@webkit.org>
194 Reviewed by Darin Adler.
196 https://bugs.webkit.org/show_bug.cgi?id=21610
197 run-webkit-threads --threaded crashes in StructureID destructor
199 * kjs/StructureID.cpp:
200 (JSC::StructureID::StructureID):
201 (JSC::StructureID::~StructureID):
202 Protect access to a static (debug-only) HashSet with a lock.
204 2008-10-15 Sam Weinig <sam@webkit.org>
206 Reviewed by Goeffrey Garen.
208 Add function to dump statistics for StructureIDs.
210 * kjs/StructureID.cpp:
211 (JSC::StructureID::dumpStatistics):
212 (JSC::StructureID::StructureID):
213 (JSC::StructureID::~StructureID):
216 2008-10-15 Cameron Zwarich <zwarich@apple.com>
218 Reviewed by Maciej Stachowiak.
220 Bug 21633: Avoid using a HashMap when there is only a single transition
221 <https://bugs.webkit.org/show_bug.cgi?id=21633>
223 This is a 0.8% speedup on SunSpider and between a 0.5% and 1.0% speedup
224 on the V8 benchmark suite, depending on which harness we use. It will
225 also slightly reduce the memory footprint of a StructureID.
227 * kjs/StructureID.cpp:
228 (JSC::StructureID::StructureID):
229 (JSC::StructureID::~StructureID):
230 (JSC::StructureID::addPropertyTransition):
232 (JSC::StructureID::):
234 2008-10-15 Csaba Osztrogonac <oszi@inf.u-szeged.hu>
236 Reviewed by Geoffrey Garen.
238 1.40% speedup on SunSpider, 1.44% speedup on V8. (Linux)
243 (JSC::fastIsNumber): ALWAYS_INLINE modifier added.
245 2008-10-15 Geoffrey Garen <ggaren@apple.com>
247 Reviewed by Cameron Zwarich.
249 Fixed https://bugs.webkit.org/show_bug.cgi?id=21345
250 Start the debugger without reloading the inspected page
252 * JavaScriptCore.exp: New symbols.
253 * JavaScriptCore.xcodeproj/project.pbxproj: New files.
256 (JSC::EvalCodeCache::get): Updated for tweak to parsing API.
258 * kjs/CollectorHeapIterator.h: Added. An iterator for the object heap,
259 which we use to find all the live functions and recompile them.
261 * kjs/DebuggerCallFrame.cpp:
262 (JSC::DebuggerCallFrame::evaluate): Updated for tweak to parsing API.
264 * kjs/FunctionConstructor.cpp:
265 (JSC::constructFunction): Updated for tweak to parsing API.
267 * kjs/JSFunction.cpp:
268 (JSC::JSFunction::JSFunction): Try to validate our SourceCode in debug
269 builds by ASSERTing that it's syntactically valid. This doesn't catch
270 all SourceCode bugs, but it catches a lot of them.
272 * kjs/JSGlobalObjectFunctions.cpp:
273 (JSC::globalFuncEval): Updated for tweak to parsing API.
276 (JSC::Parser::parse):
278 (JSC::Parser::parse): Tweaked the parser to make it possible to parse
279 without an ExecState, and to allow the client to specify a debugger to
280 notify (or not) about the source we parse. This allows the inspector
281 to recompile even though no JavaScript is executing, then notify the
282 debugger about all source code when it's done.
285 (prettyPrintScript): Updated for tweak to parsing API.
288 (JSC::SourceCode::isNull): Added to help with ASSERTs.
291 (JSC::Heap::heapAllocate):
293 (JSC::Heap::primaryHeapBegin):
294 (JSC::Heap::primaryHeapEnd):
296 (JSC::): Moved a bunch of declarations around to enable compilation of
297 CollectorHeapIterator.
299 * kjs/interpreter.cpp:
300 (JSC::Interpreter::checkSyntax):
301 (JSC::Interpreter::evaluate): Updated for tweak to parsing API.
304 (JSC::Lexer::sourceCode): BUG FIX: Calculate SourceCode ranges relative
305 to the SourceCode range in which we're lexing, otherwise nested functions
306 that are compiled individually get SourceCode ranges that don't reflect
310 (JSC::FunctionBodyNode::FunctionBodyNode):
311 (JSC::FunctionBodyNode::finishParsing):
312 (JSC::FunctionBodyNode::create):
313 (JSC::FunctionBodyNode::copyParameters):
315 (JSC::ScopeNode::setSource):
316 (JSC::FunctionBodyNode::parameterCount): Added some helper functions for
317 copying one FunctionBodyNode's parameters to another. The recompiler uses
318 these when calling "finishParsing".
320 2008-10-15 Joerg Bornemann <joerg.bornemann@trolltech.com>
322 Reviewed by Darin Adler.
324 - part of https://bugs.webkit.org/show_bug.cgi?id=20746
325 Fix compilation on Windows CE.
327 str(n)icmp, strdup and vsnprintf are not available on Windows CE,
328 they are called _str(n)icmp, etc. instead
330 * wtf/StringExtras.h: Added inline function implementations.
332 2008-10-15 Gabor Loki <loki@inf.u-szeged.hu>
334 Reviewed by Cameron Zwarich.
336 <https://bugs.webkit.org/show_bug.cgi?id=20912>
337 Use simple uint32_t multiplication on op_mul if both operands are
338 immediate number and they are between zero and 0x7FFF.
341 (JSC::Machine::privateExecute):
343 2008-10-09 Darin Fisher <darin@chromium.org>
345 Reviewed by Sam Weinig.
347 Make pan scrolling a platform configurable option.
348 https://bugs.webkit.org/show_bug.cgi?id=21515
350 * wtf/Platform.h: Add ENABLE_PAN_SCROLLING
352 2008-10-14 Maciej Stachowiak <mjs@apple.com>
354 Rubber stamped by Sam Weinig.
356 - revert r37572 and r37581 for now
358 Turns out GCC 4.2 is still a (small) regression, we'll have to do
359 more work to turn it on.
361 * Configurations/DebugRelease.xcconfig:
362 * JavaScriptCore.xcodeproj/project.pbxproj:
366 (JSC::Machine::cti_op_convert_this):
367 (JSC::Machine::cti_op_end):
368 (JSC::Machine::cti_op_add):
369 (JSC::Machine::cti_op_pre_inc):
370 (JSC::Machine::cti_timeout_check):
371 (JSC::Machine::cti_register_file_check):
372 (JSC::Machine::cti_op_loop_if_less):
373 (JSC::Machine::cti_op_loop_if_lesseq):
374 (JSC::Machine::cti_op_new_object):
375 (JSC::Machine::cti_op_put_by_id):
376 (JSC::Machine::cti_op_put_by_id_second):
377 (JSC::Machine::cti_op_put_by_id_generic):
378 (JSC::Machine::cti_op_put_by_id_fail):
379 (JSC::Machine::cti_op_get_by_id):
380 (JSC::Machine::cti_op_get_by_id_second):
381 (JSC::Machine::cti_op_get_by_id_generic):
382 (JSC::Machine::cti_op_get_by_id_fail):
383 (JSC::Machine::cti_op_instanceof):
384 (JSC::Machine::cti_op_del_by_id):
385 (JSC::Machine::cti_op_mul):
386 (JSC::Machine::cti_op_new_func):
387 (JSC::Machine::cti_op_call_JSFunction):
388 (JSC::Machine::cti_vm_compile):
389 (JSC::Machine::cti_op_push_activation):
390 (JSC::Machine::cti_op_call_NotJSFunction):
391 (JSC::Machine::cti_op_create_arguments):
392 (JSC::Machine::cti_op_tear_off_activation):
393 (JSC::Machine::cti_op_tear_off_arguments):
394 (JSC::Machine::cti_op_ret_profiler):
395 (JSC::Machine::cti_op_ret_scopeChain):
396 (JSC::Machine::cti_op_new_array):
397 (JSC::Machine::cti_op_resolve):
398 (JSC::Machine::cti_op_construct_JSConstruct):
399 (JSC::Machine::cti_op_construct_NotJSConstruct):
400 (JSC::Machine::cti_op_get_by_val):
401 (JSC::Machine::cti_op_resolve_func):
402 (JSC::Machine::cti_op_sub):
403 (JSC::Machine::cti_op_put_by_val):
404 (JSC::Machine::cti_op_put_by_val_array):
405 (JSC::Machine::cti_op_lesseq):
406 (JSC::Machine::cti_op_loop_if_true):
407 (JSC::Machine::cti_op_negate):
408 (JSC::Machine::cti_op_resolve_base):
409 (JSC::Machine::cti_op_resolve_skip):
410 (JSC::Machine::cti_op_resolve_global):
411 (JSC::Machine::cti_op_div):
412 (JSC::Machine::cti_op_pre_dec):
413 (JSC::Machine::cti_op_jless):
414 (JSC::Machine::cti_op_not):
415 (JSC::Machine::cti_op_jtrue):
416 (JSC::Machine::cti_op_post_inc):
417 (JSC::Machine::cti_op_eq):
418 (JSC::Machine::cti_op_lshift):
419 (JSC::Machine::cti_op_bitand):
420 (JSC::Machine::cti_op_rshift):
421 (JSC::Machine::cti_op_bitnot):
422 (JSC::Machine::cti_op_resolve_with_base):
423 (JSC::Machine::cti_op_new_func_exp):
424 (JSC::Machine::cti_op_mod):
425 (JSC::Machine::cti_op_less):
426 (JSC::Machine::cti_op_neq):
427 (JSC::Machine::cti_op_post_dec):
428 (JSC::Machine::cti_op_urshift):
429 (JSC::Machine::cti_op_bitxor):
430 (JSC::Machine::cti_op_new_regexp):
431 (JSC::Machine::cti_op_bitor):
432 (JSC::Machine::cti_op_call_eval):
433 (JSC::Machine::cti_op_throw):
434 (JSC::Machine::cti_op_get_pnames):
435 (JSC::Machine::cti_op_next_pname):
436 (JSC::Machine::cti_op_push_scope):
437 (JSC::Machine::cti_op_pop_scope):
438 (JSC::Machine::cti_op_typeof):
439 (JSC::Machine::cti_op_is_undefined):
440 (JSC::Machine::cti_op_is_boolean):
441 (JSC::Machine::cti_op_is_number):
442 (JSC::Machine::cti_op_is_string):
443 (JSC::Machine::cti_op_is_object):
444 (JSC::Machine::cti_op_is_function):
445 (JSC::Machine::cti_op_stricteq):
446 (JSC::Machine::cti_op_nstricteq):
447 (JSC::Machine::cti_op_to_jsnumber):
448 (JSC::Machine::cti_op_in):
449 (JSC::Machine::cti_op_push_new_scope):
450 (JSC::Machine::cti_op_jmp_scopes):
451 (JSC::Machine::cti_op_put_by_index):
452 (JSC::Machine::cti_op_switch_imm):
453 (JSC::Machine::cti_op_switch_char):
454 (JSC::Machine::cti_op_switch_string):
455 (JSC::Machine::cti_op_del_by_val):
456 (JSC::Machine::cti_op_put_getter):
457 (JSC::Machine::cti_op_put_setter):
458 (JSC::Machine::cti_op_new_error):
459 (JSC::Machine::cti_op_debug):
460 (JSC::Machine::cti_vm_throw):
462 * masm/X86Assembler.h:
463 (JSC::X86Assembler::emitRestoreArgumentReference):
464 (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
467 2008-10-14 Alexey Proskuryakov <ap@webkit.org>
469 Reviewed by Darin Adler.
471 https://bugs.webkit.org/show_bug.cgi?id=20256
472 Array.push and other standard methods disappear
474 * kjs/JSGlobalData.cpp:
475 (JSC::JSGlobalData::JSGlobalData):
476 (JSC::JSGlobalData::~JSGlobalData):
477 Don't use static hash tables even on platforms that don't enable JSC_MULTIPLE_THREADS -
478 these tables reference IdentifierTable, which is always per-GlobalData.
480 2008-10-14 Maciej Stachowiak <mjs@apple.com>
482 Reviewed by Cameron Zwarich.
484 - always use CTI_ARGUMENTS and CTI_ARGUMENTS_FASTCALL
486 This is a small regression for GCC 4.0, but simplifies the code
487 for future improvements and lets us focus on GCC 4.2+ and MSVC.
492 (JSC::Machine::cti_op_convert_this):
493 (JSC::Machine::cti_op_end):
494 (JSC::Machine::cti_op_add):
495 (JSC::Machine::cti_op_pre_inc):
496 (JSC::Machine::cti_timeout_check):
497 (JSC::Machine::cti_register_file_check):
498 (JSC::Machine::cti_op_loop_if_less):
499 (JSC::Machine::cti_op_loop_if_lesseq):
500 (JSC::Machine::cti_op_new_object):
501 (JSC::Machine::cti_op_put_by_id):
502 (JSC::Machine::cti_op_put_by_id_second):
503 (JSC::Machine::cti_op_put_by_id_generic):
504 (JSC::Machine::cti_op_put_by_id_fail):
505 (JSC::Machine::cti_op_get_by_id):
506 (JSC::Machine::cti_op_get_by_id_second):
507 (JSC::Machine::cti_op_get_by_id_generic):
508 (JSC::Machine::cti_op_get_by_id_fail):
509 (JSC::Machine::cti_op_instanceof):
510 (JSC::Machine::cti_op_del_by_id):
511 (JSC::Machine::cti_op_mul):
512 (JSC::Machine::cti_op_new_func):
513 (JSC::Machine::cti_op_call_JSFunction):
514 (JSC::Machine::cti_vm_compile):
515 (JSC::Machine::cti_op_push_activation):
516 (JSC::Machine::cti_op_call_NotJSFunction):
517 (JSC::Machine::cti_op_create_arguments):
518 (JSC::Machine::cti_op_tear_off_activation):
519 (JSC::Machine::cti_op_tear_off_arguments):
520 (JSC::Machine::cti_op_ret_profiler):
521 (JSC::Machine::cti_op_ret_scopeChain):
522 (JSC::Machine::cti_op_new_array):
523 (JSC::Machine::cti_op_resolve):
524 (JSC::Machine::cti_op_construct_JSConstruct):
525 (JSC::Machine::cti_op_construct_NotJSConstruct):
526 (JSC::Machine::cti_op_get_by_val):
527 (JSC::Machine::cti_op_resolve_func):
528 (JSC::Machine::cti_op_sub):
529 (JSC::Machine::cti_op_put_by_val):
530 (JSC::Machine::cti_op_put_by_val_array):
531 (JSC::Machine::cti_op_lesseq):
532 (JSC::Machine::cti_op_loop_if_true):
533 (JSC::Machine::cti_op_negate):
534 (JSC::Machine::cti_op_resolve_base):
535 (JSC::Machine::cti_op_resolve_skip):
536 (JSC::Machine::cti_op_resolve_global):
537 (JSC::Machine::cti_op_div):
538 (JSC::Machine::cti_op_pre_dec):
539 (JSC::Machine::cti_op_jless):
540 (JSC::Machine::cti_op_not):
541 (JSC::Machine::cti_op_jtrue):
542 (JSC::Machine::cti_op_post_inc):
543 (JSC::Machine::cti_op_eq):
544 (JSC::Machine::cti_op_lshift):
545 (JSC::Machine::cti_op_bitand):
546 (JSC::Machine::cti_op_rshift):
547 (JSC::Machine::cti_op_bitnot):
548 (JSC::Machine::cti_op_resolve_with_base):
549 (JSC::Machine::cti_op_new_func_exp):
550 (JSC::Machine::cti_op_mod):
551 (JSC::Machine::cti_op_less):
552 (JSC::Machine::cti_op_neq):
553 (JSC::Machine::cti_op_post_dec):
554 (JSC::Machine::cti_op_urshift):
555 (JSC::Machine::cti_op_bitxor):
556 (JSC::Machine::cti_op_new_regexp):
557 (JSC::Machine::cti_op_bitor):
558 (JSC::Machine::cti_op_call_eval):
559 (JSC::Machine::cti_op_throw):
560 (JSC::Machine::cti_op_get_pnames):
561 (JSC::Machine::cti_op_next_pname):
562 (JSC::Machine::cti_op_push_scope):
563 (JSC::Machine::cti_op_pop_scope):
564 (JSC::Machine::cti_op_typeof):
565 (JSC::Machine::cti_op_is_undefined):
566 (JSC::Machine::cti_op_is_boolean):
567 (JSC::Machine::cti_op_is_number):
568 (JSC::Machine::cti_op_is_string):
569 (JSC::Machine::cti_op_is_object):
570 (JSC::Machine::cti_op_is_function):
571 (JSC::Machine::cti_op_stricteq):
572 (JSC::Machine::cti_op_nstricteq):
573 (JSC::Machine::cti_op_to_jsnumber):
574 (JSC::Machine::cti_op_in):
575 (JSC::Machine::cti_op_push_new_scope):
576 (JSC::Machine::cti_op_jmp_scopes):
577 (JSC::Machine::cti_op_put_by_index):
578 (JSC::Machine::cti_op_switch_imm):
579 (JSC::Machine::cti_op_switch_char):
580 (JSC::Machine::cti_op_switch_string):
581 (JSC::Machine::cti_op_del_by_val):
582 (JSC::Machine::cti_op_put_getter):
583 (JSC::Machine::cti_op_put_setter):
584 (JSC::Machine::cti_op_new_error):
585 (JSC::Machine::cti_op_debug):
586 (JSC::Machine::cti_vm_throw):
588 * masm/X86Assembler.h:
589 (JSC::X86Assembler::emitRestoreArgumentReference):
590 (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
593 2008-10-13 Maciej Stachowiak <mjs@apple.com>
595 Reviewed by Cameron Zwarich.
597 - make Machine::getArgumentsData an Arguments method and inline it
603 (JSC::Machine::getArgumentsData):
605 2008-10-13 Alp Toker <alp@nuanti.com>
607 Fix autotools dist build target by listing recently added header
608 files only. Not reviewed.
612 2008-10-13 Maciej Stachowiak <mjs@apple.com>
614 Rubber stamped by Mark Rowe.
616 - fixed <rdar://problem/5806316> JavaScriptCore should not force building with gcc 4.0
617 - use gcc 4.2 when building with Xcode 3.1 or newer on Leopard, even though this is not the default
619 * Configurations/DebugRelease.xcconfig:
620 * JavaScriptCore.xcodeproj/project.pbxproj:
622 2008-10-13 Cameron Zwarich <zwarich@apple.com>
624 Reviewed by Geoff Garen.
626 Bug 21541: Move RegisterFile growth check to callee
627 <https://bugs.webkit.org/show_bug.cgi?id=21541>
629 Move the RegisterFile growth check to the callee in the common case,
630 where some of the information is known statically at JIT time. There is
631 still a check in the caller in the case where the caller provides too
634 This is a 2.1% speedup on the V8 benchmark, including a 5.1% speedup on
635 the Richards benchmark, a 4.1% speedup on the DeltaBlue benchmark, and a
636 1.4% speedup on the Earley-Boyer benchmark. It is also a 0.5% speedup on
640 (JSC::CTI::privateCompile):
642 (JSC::Machine::cti_register_file_check):
643 (JSC::Machine::cti_op_call_JSFunction):
644 (JSC::Machine::cti_op_construct_JSConstruct):
647 * masm/X86Assembler.h:
648 (JSC::X86Assembler::):
649 (JSC::X86Assembler::cmpl_mr):
650 (JSC::X86Assembler::emitUnlinkedJg):
652 2008-10-13 Sam Weinig <sam@webkit.org>
654 Reviewed by Dan Bernstein.
656 Fix for https://bugs.webkit.org/show_bug.cgi?id=21577
657 5 false positive StructureID leaks
659 - Add leak ignore set to StructureID to selectively ignore leaking some StructureIDs.
660 - Add create method to JSGlolalData to be used when the data will be intentionally
661 leaked and ignore all leaks caused the StructureIDs stored in it.
663 * JavaScriptCore.exp:
664 * kjs/JSGlobalData.cpp:
665 (JSC::JSGlobalData::createLeaked):
666 * kjs/JSGlobalData.h:
667 * kjs/StructureID.cpp:
668 (JSC::StructureID::StructureID):
669 (JSC::StructureID::~StructureID):
670 (JSC::StructureID::startIgnoringLeaks):
671 (JSC::StructureID::stopIgnoringLeaks):
674 2008-10-13 Marco Barisione <marco.barisione@collabora.co.uk>
676 Reviewed by Darin Adler. Landed by Jan Alonzo.
678 WebKit GTK Port needs a smartpointer to handle g_free (GFreePtr?)
679 http://bugs.webkit.org/show_bug.cgi?id=20483
681 Add a GOwnPtr smart pointer (similar to OwnPtr) to handle memory
682 allocated by GLib and start the conversion to use it.
685 * wtf/GOwnPtr.cpp: Added.
692 * wtf/GOwnPtr.h: Added.
694 (WTF::GOwnPtr::GOwnPtr):
695 (WTF::GOwnPtr::~GOwnPtr):
697 (WTF::GOwnPtr::release):
698 (WTF::GOwnPtr::rawPtr):
700 (WTF::GOwnPtr::clear):
701 (WTF::GOwnPtr::operator*):
702 (WTF::GOwnPtr::operator->):
703 (WTF::GOwnPtr::operator!):
704 (WTF::GOwnPtr::operator UnspecifiedBoolType):
705 (WTF::GOwnPtr::swap):
711 * wtf/ThreadingGtk.cpp:
712 (WTF::Mutex::~Mutex):
714 (WTF::Mutex::tryLock):
715 (WTF::Mutex::unlock):
716 (WTF::ThreadCondition::~ThreadCondition):
717 (WTF::ThreadCondition::wait):
718 (WTF::ThreadCondition::timedWait):
719 (WTF::ThreadCondition::signal):
720 (WTF::ThreadCondition::broadcast):
722 2008-10-12 Gabriella Toth <gtoth@inf.u-szeged.hu>
724 Reviewed by Darin Adler.
726 - part of https://bugs.webkit.org/show_bug.cgi?id=21055
727 Bug 21055: not invoked functions
729 * kjs/nodes.cpp: Deleted a function that is not invoked:
730 statementListInitializeVariableAccessStack.
732 2008-10-12 Darin Adler <darin@apple.com>
734 Reviewed by Sam Weinig.
736 * wtf/unicode/icu/UnicodeIcu.h: Fixed indentation to match WebKit coding style.
737 * wtf/unicode/qt4/UnicodeQt4.h: Ditto.
739 2008-10-12 Darin Adler <darin@apple.com>
741 Reviewed by Sam Weinig.
743 - https://bugs.webkit.org/show_bug.cgi?id=21556
744 Bug 21556: non-ASCII digits are allowed in places where only ASCII should be
746 * wtf/unicode/icu/UnicodeIcu.h: Removed isDigit, digitValue, and isFormatChar.
747 * wtf/unicode/qt4/UnicodeQt4.h: Ditto.
749 2008-10-12 Anders Carlsson <andersca@apple.com>
751 Reviewed by Darin Adler.
753 Make the append method that takes a Vector more strict - it now requires the elements
754 of the vector to be appended same type as the elements of the Vector they're being appended to.
756 This would cause problems when dealing with Vectors containing other Vectors.
761 2008-10-11 Cameron Zwarich <zwarich@apple.com>
763 Reviewed by Sam Weinig.
765 Clean up RegExpMatchesArray.h to match our coding style.
767 * kjs/RegExpMatchesArray.h:
768 (JSC::RegExpMatchesArray::getOwnPropertySlot):
769 (JSC::RegExpMatchesArray::put):
770 (JSC::RegExpMatchesArray::deleteProperty):
771 (JSC::RegExpMatchesArray::getPropertyNames):
773 2008-10-11 Cameron Zwarich <zwarich@apple.com>
775 Reviewed by Sam Weinig.
777 Bug 21525: 55 StructureID leaks on Wikitravel's main page
778 <https://bugs.webkit.org/show_bug.cgi?id=21525>
780 Bug 21533: Simple JavaScript code leaks StructureIDs
781 <https://bugs.webkit.org/show_bug.cgi?id=21533>
783 StructureID::getEnumerablePropertyNames() ends up calling back to itself
784 via JSObject::getPropertyNames(), which causes the PropertyNameArray to
785 be cached twice. This leads to a memory leak in almost every use of
786 JSObject::getPropertyNames() on an object. The fix here is based on a
787 suggestion of Sam Weinig.
789 This patch also fixes every StructureID leaks that occurs while running
790 the Mozilla MemBuster test.
792 * kjs/PropertyNameArray.h:
793 (JSC::PropertyNameArray::PropertyNameArray):
794 (JSC::PropertyNameArray::setCacheable):
795 (JSC::PropertyNameArray::cacheable):
796 * kjs/StructureID.cpp:
797 (JSC::StructureID::getEnumerablePropertyNames):
799 2008-10-10 Oliver Hunt <oliver@apple.com>
801 Reviewed by Cameron Zwarich.
803 Use fastcall calling convention on GCC > 4.0
805 Results in a 2-3% improvement in GCC 4.2 performance, so
806 that it is no longer a regression vs. GCC 4.0
812 2008-10-10 Sam Weinig <sam@webkit.org>
814 Reviewed by Darin Adler.
816 - Add a workaround for a bug in ceil in Darwin libc.
817 - Remove old workarounds for JS math functions that are not needed
820 The math functions are heavily tested by fast/js/math.html.
822 * kjs/MathObject.cpp:
823 (JSC::mathProtoFuncAbs): Remove workaround.
824 (JSC::mathProtoFuncCeil): Ditto.
825 (JSC::mathProtoFuncFloor): Ditto.
827 (wtf_ceil): Add ceil workaround for darwin.
829 2008-10-10 Sam Weinig <sam@webkit.org>
831 Reviewed by Darin Adler
833 Add Assertions to JSObject constructor.
836 (JSC::JSObject::JSObject):
838 2008-10-10 Sam Weinig <sam@webkit.org>
840 Reviewed by Cameron Zwarich.
842 Remove now unused m_getterSetterFlag variable from PropertyMap.
844 * kjs/PropertyMap.cpp:
845 (JSC::PropertyMap::operator=):
847 (JSC::PropertyMap::PropertyMap):
849 2008-10-09 Sam Weinig <sam@webkit.org>
851 Reviewed by Maciej Stachowiak.
853 Add leaks checking to StructureID.
855 * kjs/StructureID.cpp:
856 (JSC::StructureID::StructureID):
857 (JSC::StructureID::~StructureID):
859 2008-10-09 Alp Toker <alp@nuanti.com>
861 Reviewed by Mark Rowe.
863 https://bugs.webkit.org/show_bug.cgi?id=20760
864 Implement support for x86 Linux in CTI
866 Prepare to enable CTI/WREC on supported architectures.
868 Make it possible to use the CTI_ARGUMENT workaround with GCC as well
869 as MSVC by fixing some preprocessor conditionals.
871 Note that CTI/WREC no longer requires CTI_ARGUMENT on Linux so we
872 don't actually enable it except when building with MSVC. GCC on Win32
875 Adapt inline ASM code to use the global symbol underscore prefix only
876 on Darwin and to call the properly mangled Machine::cti_vm_throw
877 symbol name depending on CTI_ARGUMENT.
879 Also avoid global inclusion of the JIT infrastructure headers
880 throughout WebCore and WebKit causing recompilation of about ~1500
881 source files after modification to X86Assembler.h, CTI.h, WREC.h,
882 which are only used deep inside JavaScriptCore.
890 (JSC::RegExp::RegExp):
891 (JSC::RegExp::~RegExp):
892 (JSC::RegExp::match):
894 * masm/X86Assembler.h:
895 (JSC::X86Assembler::emitConvertToFastCall):
896 (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
897 (JSC::X86Assembler::emitRestoreArgumentReference):
899 2008-10-09 Gavin Barraclough <barraclough@apple.com>
901 Reviewed by Cameron Zwarich.
903 Fix for bug #21160, x=0;1/(x*-1) == -Infinity
907 (JSC::CTI::emitFastArithDeTagImmediate):
908 (JSC::CTI::emitFastArithDeTagImmediateJumpIfZero):
909 (JSC::CTI::compileBinaryArithOp):
910 (JSC::CTI::compileBinaryArithOpSlowCase):
911 (JSC::CTI::privateCompileMainPass):
912 (JSC::CTI::privateCompileSlowCases):
914 * masm/X86Assembler.h:
915 (JSC::X86Assembler::):
916 (JSC::X86Assembler::emitUnlinkedJs):
918 2008-10-09 Cameron Zwarich <zwarich@apple.com>
920 Reviewed by Oliver Hunt.
922 Bug 21459: REGRESSION (r37324): Safari crashes inside JavaScriptCore while browsing hulu.com
923 <https://bugs.webkit.org/show_bug.cgi?id=21459>
925 After r37324, an Arguments object does not mark an associated activation
926 object. This change was made because Arguments no longer directly used
927 the activation object in any way. However, if an activation is torn off,
928 then the backing store of Arguments becomes the register array of the
929 activation object. Arguments directly marks all of the arguments, but
930 the activation object is being collected, which causes its register
931 array to be freed and new memory to be allocated in its place.
933 Unfortunately, it does not seem possible to reproduce this issue in a
937 (JSC::Arguments::mark):
939 (JSC::Arguments::setActivation):
940 (JSC::Arguments::Arguments):
941 (JSC::JSActivation::copyRegisters):
943 2008-10-09 Ariya Hidayat <ariya.hidayat@trolltech.com>
949 * wtf/AlwaysInline.h:
951 2008-10-08 Cameron Zwarich <zwarich@apple.com>
953 Reviewed by Maciej Stachowiak.
955 Bug 21497: REGRESSION (r37433): Bytecode JSC tests are severely broken
956 <https://bugs.webkit.org/show_bug.cgi?id=21497>
958 Fix a typo in r37433 that causes the failure of a large number of JSC
959 tests with the bytecode interpreter enabled.
962 (JSC::Machine::privateExecute):
964 2008-10-08 Mark Rowe <mrowe@apple.com>
969 (JSC::): Update type of argument to ctiTrampoline.
971 2008-10-08 Darin Adler <darin@apple.com>
973 Reviewed by Cameron Zwarich.
975 - https://bugs.webkit.org/show_bug.cgi?id=21403
976 Bug 21403: use new CallFrame class rather than Register* for call frame manipulation
978 Add CallFrame as a synonym for ExecState. Arguably, some day we should switch every
979 client over to the new name.
981 Use CallFrame* consistently rather than Register* or ExecState* in low-level code such
982 as Machine.cpp and CTI.cpp. Similarly, use callFrame rather than r as its name and use
983 accessor functions to get at things in the frame.
985 Eliminate other uses of ExecState* that aren't needed, replacing in some cases with
986 JSGlobalData* and in other cases eliminating them entirely.
988 * API/JSObjectRef.cpp:
989 (JSObjectMakeFunctionWithCallback):
990 (JSObjectMakeFunction):
991 (JSObjectHasProperty):
992 (JSObjectGetProperty):
993 (JSObjectSetProperty):
994 (JSObjectDeleteProperty):
995 * API/OpaqueJSString.cpp:
996 * API/OpaqueJSString.h:
998 (JSC::CTI::getConstant):
999 (JSC::CTI::emitGetArg):
1000 (JSC::CTI::emitGetPutArg):
1001 (JSC::CTI::getConstantImmediateNumericArg):
1002 (JSC::CTI::printOpcodeOperandTypes):
1004 (JSC::CTI::compileOpCall):
1005 (JSC::CTI::compileBinaryArithOp):
1006 (JSC::CTI::privateCompileMainPass):
1007 (JSC::CTI::privateCompile):
1008 (JSC::CTI::privateCompileGetByIdProto):
1009 (JSC::CTI::privateCompileGetByIdChain):
1010 (JSC::CTI::compileRegExp):
1013 * VM/CodeGenerator.cpp:
1014 (JSC::CodeGenerator::emitEqualityOp):
1015 (JSC::CodeGenerator::emitLoad):
1016 (JSC::CodeGenerator::emitUnexpectedLoad):
1017 (JSC::CodeGenerator::emitConstruct):
1018 * VM/CodeGenerator.h:
1022 (JSC::jsAddSlowCase):
1024 (JSC::jsTypeStringForValue):
1025 (JSC::Machine::resolve):
1026 (JSC::Machine::resolveSkip):
1027 (JSC::Machine::resolveGlobal):
1028 (JSC::inlineResolveBase):
1029 (JSC::Machine::resolveBase):
1030 (JSC::Machine::resolveBaseAndProperty):
1031 (JSC::Machine::resolveBaseAndFunc):
1032 (JSC::Machine::slideRegisterWindowForCall):
1034 (JSC::Machine::callEval):
1035 (JSC::Machine::dumpCallFrame):
1036 (JSC::Machine::dumpRegisters):
1037 (JSC::Machine::unwindCallFrame):
1038 (JSC::Machine::throwException):
1039 (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
1040 (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
1041 (JSC::Machine::execute):
1042 (JSC::Machine::debug):
1043 (JSC::Machine::createExceptionScope):
1044 (JSC::cachePrototypeChain):
1045 (JSC::Machine::tryCachePutByID):
1046 (JSC::Machine::tryCacheGetByID):
1047 (JSC::Machine::privateExecute):
1048 (JSC::Machine::retrieveArguments):
1049 (JSC::Machine::retrieveCaller):
1050 (JSC::Machine::retrieveLastCaller):
1051 (JSC::Machine::findFunctionCallFrame):
1052 (JSC::Machine::getArgumentsData):
1053 (JSC::Machine::tryCTICachePutByID):
1054 (JSC::Machine::getCTIArrayLengthTrampoline):
1055 (JSC::Machine::getCTIStringLengthTrampoline):
1056 (JSC::Machine::tryCTICacheGetByID):
1057 (JSC::Machine::cti_op_convert_this):
1058 (JSC::Machine::cti_op_end):
1059 (JSC::Machine::cti_op_add):
1060 (JSC::Machine::cti_op_pre_inc):
1061 (JSC::Machine::cti_timeout_check):
1062 (JSC::Machine::cti_op_loop_if_less):
1063 (JSC::Machine::cti_op_loop_if_lesseq):
1064 (JSC::Machine::cti_op_new_object):
1065 (JSC::Machine::cti_op_put_by_id):
1066 (JSC::Machine::cti_op_put_by_id_second):
1067 (JSC::Machine::cti_op_put_by_id_generic):
1068 (JSC::Machine::cti_op_put_by_id_fail):
1069 (JSC::Machine::cti_op_get_by_id):
1070 (JSC::Machine::cti_op_get_by_id_second):
1071 (JSC::Machine::cti_op_get_by_id_generic):
1072 (JSC::Machine::cti_op_get_by_id_fail):
1073 (JSC::Machine::cti_op_instanceof):
1074 (JSC::Machine::cti_op_del_by_id):
1075 (JSC::Machine::cti_op_mul):
1076 (JSC::Machine::cti_op_new_func):
1077 (JSC::Machine::cti_op_call_JSFunction):
1078 (JSC::Machine::cti_vm_compile):
1079 (JSC::Machine::cti_op_push_activation):
1080 (JSC::Machine::cti_op_call_NotJSFunction):
1081 (JSC::Machine::cti_op_create_arguments):
1082 (JSC::Machine::cti_op_tear_off_activation):
1083 (JSC::Machine::cti_op_tear_off_arguments):
1084 (JSC::Machine::cti_op_ret_profiler):
1085 (JSC::Machine::cti_op_ret_scopeChain):
1086 (JSC::Machine::cti_op_new_array):
1087 (JSC::Machine::cti_op_resolve):
1088 (JSC::Machine::cti_op_construct_JSConstruct):
1089 (JSC::Machine::cti_op_construct_NotJSConstruct):
1090 (JSC::Machine::cti_op_get_by_val):
1091 (JSC::Machine::cti_op_resolve_func):
1092 (JSC::Machine::cti_op_sub):
1093 (JSC::Machine::cti_op_put_by_val):
1094 (JSC::Machine::cti_op_put_by_val_array):
1095 (JSC::Machine::cti_op_lesseq):
1096 (JSC::Machine::cti_op_loop_if_true):
1097 (JSC::Machine::cti_op_negate):
1098 (JSC::Machine::cti_op_resolve_base):
1099 (JSC::Machine::cti_op_resolve_skip):
1100 (JSC::Machine::cti_op_resolve_global):
1101 (JSC::Machine::cti_op_div):
1102 (JSC::Machine::cti_op_pre_dec):
1103 (JSC::Machine::cti_op_jless):
1104 (JSC::Machine::cti_op_not):
1105 (JSC::Machine::cti_op_jtrue):
1106 (JSC::Machine::cti_op_post_inc):
1107 (JSC::Machine::cti_op_eq):
1108 (JSC::Machine::cti_op_lshift):
1109 (JSC::Machine::cti_op_bitand):
1110 (JSC::Machine::cti_op_rshift):
1111 (JSC::Machine::cti_op_bitnot):
1112 (JSC::Machine::cti_op_resolve_with_base):
1113 (JSC::Machine::cti_op_new_func_exp):
1114 (JSC::Machine::cti_op_mod):
1115 (JSC::Machine::cti_op_less):
1116 (JSC::Machine::cti_op_neq):
1117 (JSC::Machine::cti_op_post_dec):
1118 (JSC::Machine::cti_op_urshift):
1119 (JSC::Machine::cti_op_bitxor):
1120 (JSC::Machine::cti_op_new_regexp):
1121 (JSC::Machine::cti_op_bitor):
1122 (JSC::Machine::cti_op_call_eval):
1123 (JSC::Machine::cti_op_throw):
1124 (JSC::Machine::cti_op_get_pnames):
1125 (JSC::Machine::cti_op_next_pname):
1126 (JSC::Machine::cti_op_push_scope):
1127 (JSC::Machine::cti_op_pop_scope):
1128 (JSC::Machine::cti_op_typeof):
1129 (JSC::Machine::cti_op_to_jsnumber):
1130 (JSC::Machine::cti_op_in):
1131 (JSC::Machine::cti_op_push_new_scope):
1132 (JSC::Machine::cti_op_jmp_scopes):
1133 (JSC::Machine::cti_op_put_by_index):
1134 (JSC::Machine::cti_op_switch_imm):
1135 (JSC::Machine::cti_op_switch_char):
1136 (JSC::Machine::cti_op_switch_string):
1137 (JSC::Machine::cti_op_del_by_val):
1138 (JSC::Machine::cti_op_put_getter):
1139 (JSC::Machine::cti_op_put_setter):
1140 (JSC::Machine::cti_op_new_error):
1141 (JSC::Machine::cti_op_debug):
1142 (JSC::Machine::cti_vm_throw):
1145 * VM/RegisterFile.h:
1147 * kjs/DebuggerCallFrame.cpp:
1148 (JSC::DebuggerCallFrame::functionName):
1149 (JSC::DebuggerCallFrame::type):
1150 (JSC::DebuggerCallFrame::thisObject):
1151 (JSC::DebuggerCallFrame::evaluate):
1152 * kjs/DebuggerCallFrame.h:
1153 * kjs/ExecState.cpp:
1154 (JSC::CallFrame::thisValue):
1156 * kjs/FunctionConstructor.cpp:
1157 (JSC::constructFunction):
1158 * kjs/JSActivation.cpp:
1159 (JSC::JSActivation::JSActivation):
1160 (JSC::JSActivation::argumentsGetter):
1161 * kjs/JSActivation.h:
1162 * kjs/JSGlobalObject.cpp:
1163 (JSC::JSGlobalObject::init):
1164 * kjs/JSGlobalObjectFunctions.cpp:
1165 (JSC::globalFuncEval):
1166 * kjs/JSVariableObject.h:
1168 (JSC::Parser::parse):
1169 * kjs/RegExpConstructor.cpp:
1170 (JSC::constructRegExp):
1171 * kjs/RegExpPrototype.cpp:
1172 (JSC::regExpProtoFuncCompile):
1174 (prettyPrintScript):
1175 * kjs/StringPrototype.cpp:
1176 (JSC::stringProtoFuncMatch):
1177 (JSC::stringProtoFuncSearch):
1178 * kjs/identifier.cpp:
1179 (JSC::Identifier::checkSameIdentifierTable):
1180 * kjs/interpreter.cpp:
1181 (JSC::Interpreter::checkSyntax):
1182 (JSC::Interpreter::evaluate):
1184 (JSC::ThrowableExpressionData::emitThrowError):
1185 (JSC::RegExpNode::emitCode):
1186 (JSC::ArrayNode::emitCode):
1187 (JSC::InstanceOfNode::emitCode):
1190 (JSC::RegExp::RegExp):
1191 (JSC::RegExp::create):
1193 * profiler/HeavyProfile.h:
1194 * profiler/Profile.h:
1198 2008-10-08 Mark Rowe <mrowe@apple.com>
1200 Typed by Maciej Stachowiak, reviewed by Mark Rowe.
1202 Fix crash in fast/js/constant-folding.html with CTI disabled.
1205 (JSC::Machine::privateExecute):
1207 2008-10-08 Timothy Hatcher <timothy@apple.com>
1209 Roll out r37427 because it causes an infinite recursion loading about:blank.
1211 https://bugs.webkit.org/show_bug.cgi?id=21476
1213 2008-10-08 Darin Adler <darin@apple.com>
1215 Reviewed by Cameron Zwarich.
1217 - https://bugs.webkit.org/show_bug.cgi?id=21403
1218 Bug 21403: use new CallFrame class rather than Register* for call frame manipulation
1220 Add CallFrame as a synonym for ExecState. Arguably, some day we should switch every
1221 client over to the new name.
1223 Use CallFrame* consistently rather than Register* or ExecState* in low-level code such
1224 as Machine.cpp and CTI.cpp. Similarly, use callFrame rather than r as its name and use
1225 accessor functions to get at things in the frame.
1227 Eliminate other uses of ExecState* that aren't needed, replacing in some cases with
1228 JSGlobalData* and in other cases eliminating them entirely.
1230 * API/JSObjectRef.cpp:
1231 (JSObjectMakeFunctionWithCallback):
1232 (JSObjectMakeFunction):
1233 (JSObjectHasProperty):
1234 (JSObjectGetProperty):
1235 (JSObjectSetProperty):
1236 (JSObjectDeleteProperty):
1237 * API/OpaqueJSString.cpp:
1238 * API/OpaqueJSString.h:
1240 (JSC::CTI::getConstant):
1241 (JSC::CTI::emitGetArg):
1242 (JSC::CTI::emitGetPutArg):
1243 (JSC::CTI::getConstantImmediateNumericArg):
1244 (JSC::CTI::printOpcodeOperandTypes):
1246 (JSC::CTI::compileOpCall):
1247 (JSC::CTI::compileBinaryArithOp):
1248 (JSC::CTI::privateCompileMainPass):
1249 (JSC::CTI::privateCompile):
1250 (JSC::CTI::privateCompileGetByIdProto):
1251 (JSC::CTI::privateCompileGetByIdChain):
1252 (JSC::CTI::compileRegExp):
1255 * VM/CodeGenerator.cpp:
1256 (JSC::CodeGenerator::emitEqualityOp):
1257 (JSC::CodeGenerator::emitLoad):
1258 (JSC::CodeGenerator::emitUnexpectedLoad):
1259 (JSC::CodeGenerator::emitConstruct):
1260 * VM/CodeGenerator.h:
1264 (JSC::jsAddSlowCase):
1266 (JSC::jsTypeStringForValue):
1267 (JSC::Machine::resolve):
1268 (JSC::Machine::resolveSkip):
1269 (JSC::Machine::resolveGlobal):
1270 (JSC::inlineResolveBase):
1271 (JSC::Machine::resolveBase):
1272 (JSC::Machine::resolveBaseAndProperty):
1273 (JSC::Machine::resolveBaseAndFunc):
1274 (JSC::Machine::slideRegisterWindowForCall):
1276 (JSC::Machine::callEval):
1277 (JSC::Machine::dumpCallFrame):
1278 (JSC::Machine::dumpRegisters):
1279 (JSC::Machine::unwindCallFrame):
1280 (JSC::Machine::throwException):
1281 (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
1282 (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
1283 (JSC::Machine::execute):
1284 (JSC::Machine::debug):
1285 (JSC::Machine::createExceptionScope):
1286 (JSC::cachePrototypeChain):
1287 (JSC::Machine::tryCachePutByID):
1288 (JSC::Machine::tryCacheGetByID):
1289 (JSC::Machine::privateExecute):
1290 (JSC::Machine::retrieveArguments):
1291 (JSC::Machine::retrieveCaller):
1292 (JSC::Machine::retrieveLastCaller):
1293 (JSC::Machine::findFunctionCallFrame):
1294 (JSC::Machine::getArgumentsData):
1295 (JSC::Machine::tryCTICachePutByID):
1296 (JSC::Machine::getCTIArrayLengthTrampoline):
1297 (JSC::Machine::getCTIStringLengthTrampoline):
1298 (JSC::Machine::tryCTICacheGetByID):
1299 (JSC::Machine::cti_op_convert_this):
1300 (JSC::Machine::cti_op_end):
1301 (JSC::Machine::cti_op_add):
1302 (JSC::Machine::cti_op_pre_inc):
1303 (JSC::Machine::cti_timeout_check):
1304 (JSC::Machine::cti_op_loop_if_less):
1305 (JSC::Machine::cti_op_loop_if_lesseq):
1306 (JSC::Machine::cti_op_new_object):
1307 (JSC::Machine::cti_op_put_by_id):
1308 (JSC::Machine::cti_op_put_by_id_second):
1309 (JSC::Machine::cti_op_put_by_id_generic):
1310 (JSC::Machine::cti_op_put_by_id_fail):
1311 (JSC::Machine::cti_op_get_by_id):
1312 (JSC::Machine::cti_op_get_by_id_second):
1313 (JSC::Machine::cti_op_get_by_id_generic):
1314 (JSC::Machine::cti_op_get_by_id_fail):
1315 (JSC::Machine::cti_op_instanceof):
1316 (JSC::Machine::cti_op_del_by_id):
1317 (JSC::Machine::cti_op_mul):
1318 (JSC::Machine::cti_op_new_func):
1319 (JSC::Machine::cti_op_call_JSFunction):
1320 (JSC::Machine::cti_vm_compile):
1321 (JSC::Machine::cti_op_push_activation):
1322 (JSC::Machine::cti_op_call_NotJSFunction):
1323 (JSC::Machine::cti_op_create_arguments):
1324 (JSC::Machine::cti_op_tear_off_activation):
1325 (JSC::Machine::cti_op_tear_off_arguments):
1326 (JSC::Machine::cti_op_ret_profiler):
1327 (JSC::Machine::cti_op_ret_scopeChain):
1328 (JSC::Machine::cti_op_new_array):
1329 (JSC::Machine::cti_op_resolve):
1330 (JSC::Machine::cti_op_construct_JSConstruct):
1331 (JSC::Machine::cti_op_construct_NotJSConstruct):
1332 (JSC::Machine::cti_op_get_by_val):
1333 (JSC::Machine::cti_op_resolve_func):
1334 (JSC::Machine::cti_op_sub):
1335 (JSC::Machine::cti_op_put_by_val):
1336 (JSC::Machine::cti_op_put_by_val_array):
1337 (JSC::Machine::cti_op_lesseq):
1338 (JSC::Machine::cti_op_loop_if_true):
1339 (JSC::Machine::cti_op_negate):
1340 (JSC::Machine::cti_op_resolve_base):
1341 (JSC::Machine::cti_op_resolve_skip):
1342 (JSC::Machine::cti_op_resolve_global):
1343 (JSC::Machine::cti_op_div):
1344 (JSC::Machine::cti_op_pre_dec):
1345 (JSC::Machine::cti_op_jless):
1346 (JSC::Machine::cti_op_not):
1347 (JSC::Machine::cti_op_jtrue):
1348 (JSC::Machine::cti_op_post_inc):
1349 (JSC::Machine::cti_op_eq):
1350 (JSC::Machine::cti_op_lshift):
1351 (JSC::Machine::cti_op_bitand):
1352 (JSC::Machine::cti_op_rshift):
1353 (JSC::Machine::cti_op_bitnot):
1354 (JSC::Machine::cti_op_resolve_with_base):
1355 (JSC::Machine::cti_op_new_func_exp):
1356 (JSC::Machine::cti_op_mod):
1357 (JSC::Machine::cti_op_less):
1358 (JSC::Machine::cti_op_neq):
1359 (JSC::Machine::cti_op_post_dec):
1360 (JSC::Machine::cti_op_urshift):
1361 (JSC::Machine::cti_op_bitxor):
1362 (JSC::Machine::cti_op_new_regexp):
1363 (JSC::Machine::cti_op_bitor):
1364 (JSC::Machine::cti_op_call_eval):
1365 (JSC::Machine::cti_op_throw):
1366 (JSC::Machine::cti_op_get_pnames):
1367 (JSC::Machine::cti_op_next_pname):
1368 (JSC::Machine::cti_op_push_scope):
1369 (JSC::Machine::cti_op_pop_scope):
1370 (JSC::Machine::cti_op_typeof):
1371 (JSC::Machine::cti_op_to_jsnumber):
1372 (JSC::Machine::cti_op_in):
1373 (JSC::Machine::cti_op_push_new_scope):
1374 (JSC::Machine::cti_op_jmp_scopes):
1375 (JSC::Machine::cti_op_put_by_index):
1376 (JSC::Machine::cti_op_switch_imm):
1377 (JSC::Machine::cti_op_switch_char):
1378 (JSC::Machine::cti_op_switch_string):
1379 (JSC::Machine::cti_op_del_by_val):
1380 (JSC::Machine::cti_op_put_getter):
1381 (JSC::Machine::cti_op_put_setter):
1382 (JSC::Machine::cti_op_new_error):
1383 (JSC::Machine::cti_op_debug):
1384 (JSC::Machine::cti_vm_throw):
1387 * VM/RegisterFile.h:
1389 * kjs/DebuggerCallFrame.cpp:
1390 (JSC::DebuggerCallFrame::functionName):
1391 (JSC::DebuggerCallFrame::type):
1392 (JSC::DebuggerCallFrame::thisObject):
1393 (JSC::DebuggerCallFrame::evaluate):
1394 * kjs/DebuggerCallFrame.h:
1395 * kjs/ExecState.cpp:
1396 (JSC::CallFrame::thisValue):
1398 * kjs/FunctionConstructor.cpp:
1399 (JSC::constructFunction):
1400 * kjs/JSActivation.cpp:
1401 (JSC::JSActivation::JSActivation):
1402 (JSC::JSActivation::argumentsGetter):
1403 * kjs/JSActivation.h:
1404 * kjs/JSGlobalObject.cpp:
1405 (JSC::JSGlobalObject::init):
1406 * kjs/JSGlobalObjectFunctions.cpp:
1407 (JSC::globalFuncEval):
1408 * kjs/JSVariableObject.h:
1410 (JSC::Parser::parse):
1411 * kjs/RegExpConstructor.cpp:
1412 (JSC::constructRegExp):
1413 * kjs/RegExpPrototype.cpp:
1414 (JSC::regExpProtoFuncCompile):
1416 (prettyPrintScript):
1417 * kjs/StringPrototype.cpp:
1418 (JSC::stringProtoFuncMatch):
1419 (JSC::stringProtoFuncSearch):
1420 * kjs/identifier.cpp:
1421 (JSC::Identifier::checkSameIdentifierTable):
1422 * kjs/interpreter.cpp:
1423 (JSC::Interpreter::checkSyntax):
1424 (JSC::Interpreter::evaluate):
1426 (JSC::ThrowableExpressionData::emitThrowError):
1427 (JSC::RegExpNode::emitCode):
1428 (JSC::ArrayNode::emitCode):
1429 (JSC::InstanceOfNode::emitCode):
1432 (JSC::RegExp::RegExp):
1433 (JSC::RegExp::create):
1435 * profiler/HeavyProfile.h:
1436 * profiler/Profile.h:
1440 2008-10-08 Prasanth Ullattil <pullatti@trolltech.com>
1442 Reviewed by Oliver Hunt.
1444 Avoid endless loops when compiling without the computed goto
1447 NEXT_OPCODE expands to "continue", which will not work inside
1451 (JSC::Machine::privateExecute):
1453 2008-10-08 Maciej Stachowiak <mjs@apple.com>
1455 Reviewed by Oliver Hunt.
1457 Re-landing the following fix with the crashing bug in it fixed (r37405):
1459 - optimize away multiplication by constant 1.0
1461 2.3% speedup on v8 RayTrace benchmark
1463 Apparently it's not uncommon for JavaScript code to multiply by
1464 constant 1.0 in the mistaken belief that this converts integer to
1465 floating point and that there is any operational difference.
1468 (JSC::CTI::privateCompileMainPass): Optimize to_jsnumber for
1469 case where parameter is already number.
1470 (JSC::CTI::privateCompileSlowCases): ditto
1472 (JSC::Machine::privateExecute): ditto
1474 (makeMultNode): Transform as follows:
1475 +FOO * BAR ==> FOO * BAR
1476 FOO * +BAR ==> FOO * BAR
1479 (makeDivNode): Transform as follows:
1480 +FOO / BAR ==> FOO / BAR
1481 FOO / +BAR ==> FOO / BAR
1482 (makeSubNode): Transform as follows:
1483 +FOO - BAR ==> FOO - BAR
1484 FOO - +BAR ==> FOO - BAR
1486 (JSC::ExpressionNode::stripUnaryPlus): Helper for above
1488 (JSC::UnaryPlusNode::stripUnaryPlus): ditto
1490 2008-10-08 Maciej Stachowiak <mjs@apple.com>
1492 Reviewed by Oliver Hunt.
1494 - correctly handle appending -0 to a string, it should stringify as just 0
1499 2008-10-08 Prasanth Ullattil <pullatti@trolltech.com>
1503 Fix WebKit compilation with VC2008SP1
1505 Apply the TR1 workaround for JavaScriptCore, too.
1507 * JavaScriptCore.pro:
1509 2008-10-08 Prasanth Ullattil <pullatti@trolltech.com>
1513 Fix compilation errors on VS2008 64Bit
1515 * kjs/collector.cpp:
1516 (JSC::currentThreadStackBase):
1518 2008-10-08 André Pönitz <apoenitz@trolltech.com>
1522 Fix compilation with Qt namespaces.
1526 2008-10-07 Sam Weinig <sam@webkit.org>
1530 2008-10-07 Oliver Hunt <oliver@apple.com>
1532 Reviewed by Cameron Zwarich.
1534 Switch CTI runtime calls to the fastcall calling convention
1536 Basically this means that we get to store the argument for CTI
1537 calls in the ECX register, which saves a register->memory write
1538 and subsequent memory->register read.
1540 This is a 1.7% progression in SunSpider and 2.4% on commandline
1545 (JSC::CTI::privateCompilePutByIdTransition):
1546 (JSC::CTI::privateCompilePatchGetArrayLength):
1549 * masm/X86Assembler.h:
1550 (JSC::X86Assembler::emitRestoreArgumentReference):
1551 (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
1552 We need this to correctly reload ecx from inside certain property access
1556 2008-10-07 Maciej Stachowiak <mjs@apple.com>
1558 Reviewed by Mark Rowe.
1560 - optimize away multiplication by constant 1.0
1562 2.3% speedup on v8 RayTrace benchmark
1564 Apparently it's not uncommon for JavaScript code to multiply by
1565 constant 1.0 in the mistaken belief that this converts integer to
1566 floating point and that there is any operational difference.
1569 (JSC::CTI::privateCompileMainPass): Optimize to_jsnumber for
1570 case where parameter is already number.
1571 (JSC::CTI::privateCompileSlowCases): ditto
1573 (JSC::Machine::privateExecute): ditto
1575 (makeMultNode): Transform as follows:
1576 +FOO * BAR ==> FOO * BAR
1577 FOO * +BAR ==> FOO * BAR
1580 (makeDivNode): Transform as follows:
1581 +FOO / BAR ==> FOO / BAR
1582 FOO / +BAR ==> FOO / BAR
1583 (makeSubNode): Transform as follows:
1584 +FOO - BAR ==> FOO - BAR
1585 FOO - +BAR ==> FOO - BAR
1587 (JSC::ExpressionNode::stripUnaryPlus): Helper for above
1589 (JSC::UnaryPlusNode::stripUnaryPlus): ditto
1591 2008-10-07 Maciej Stachowiak <mjs@apple.com>
1593 Reviewed by Oliver Hunt.
1595 - make constant folding code more consistent
1597 Added a makeSubNode to match add, mult and div; use the makeFooNode functions always,
1598 instead of allocating nodes directly in other places in the grammar.
1602 2008-10-07 Sam Weinig <sam@webkit.org>
1604 Reviewed by Cameron Zwarich.
1606 Move hasGetterSetterProperties flag from PropertyMap to StructureID.
1609 (JSC::JSObject::put):
1610 (JSC::JSObject::defineGetter):
1611 (JSC::JSObject::defineSetter):
1613 (JSC::JSObject::hasGetterSetterProperties):
1614 (JSC::JSObject::getOwnPropertySlotForWrite):
1615 (JSC::JSObject::getOwnPropertySlot):
1616 * kjs/PropertyMap.h:
1617 * kjs/StructureID.cpp:
1618 (JSC::StructureID::StructureID):
1619 (JSC::StructureID::addPropertyTransition):
1620 (JSC::StructureID::toDictionaryTransition):
1621 (JSC::StructureID::changePrototypeTransition):
1622 (JSC::StructureID::getterSetterTransition):
1623 * kjs/StructureID.h:
1624 (JSC::StructureID::hasGetterSetterProperties):
1625 (JSC::StructureID::setHasGetterSetterProperties):
1627 2008-10-07 Sam Weinig <sam@webkit.org>
1629 Reviewed by Cameron Zwarich.
1631 Roll r37370 back in with bug fixes.
1633 - PropertyMap::storageSize() should reflect the number of keys + deletedOffsets
1634 and has nothing to do with the internal deletedSentinel count anymore.
1636 2008-10-07 Gavin Barraclough <barraclough@apple.com>
1638 Reviewed by Oliver Hunt.
1640 Move callframe initialization into JIT code, again.
1642 As a part of the restructuring the second result from functions is now
1643 returned in edx, allowing the new value of 'r' to be returned via a
1644 register, and stored to the stack from JIT code, too.
1646 4.5% progression on v8-tests. (3% in their harness)
1650 (JSC::CTI::emitCall):
1651 (JSC::CTI::compileOpCall):
1652 (JSC::CTI::privateCompileMainPass):
1653 (JSC::CTI::privateCompileSlowCases):
1654 (JSC::CTI::privateCompile):
1656 (JSC::CallRecord::CallRecord):
1658 (JSC::Machine::cti_op_call_JSFunction):
1659 (JSC::Machine::cti_op_construct_JSConstruct):
1660 (JSC::Machine::cti_op_resolve_func):
1661 (JSC::Machine::cti_op_post_inc):
1662 (JSC::Machine::cti_op_resolve_with_base):
1663 (JSC::Machine::cti_op_post_dec):
1668 2008-10-07 Mark Rowe <mrowe@apple.com>
1670 Fix typo in method name.
1675 2008-10-07 Cameron Zwarich <zwarich@apple.com>
1677 Rubber-stamped by Mark Rowe.
1681 2008-10-06 Sam Weinig <sam@webkit.org>
1683 Reviewed by Cameron Zwarich.
1685 Fix for https://bugs.webkit.org/show_bug.cgi?id=21415
1686 Improve the division between PropertyStorageArray and PropertyMap
1688 - Rework ProperyMap to store offsets in the value so that they don't
1689 change when rehashing. This allows us not to have to keep the
1690 PropertyStorageArray in sync and thus not have to pass it in.
1691 - Rename PropertyMap::getOffset -> PropertyMap::get since put/remove
1692 now also return offsets.
1693 - A Vector of deleted offsets is now needed since the storage is out of
1696 1% win on SunSpider. Wash on V8 suite.
1698 * JavaScriptCore.exp:
1700 (JSC::transitionWillNeedStorageRealloc):
1702 (JSC::Machine::privateExecute):
1703 Transition logic can be greatly simplified by the fact that
1704 the storage capacity is always known, and is correct for the
1707 (JSC::JSObject::put): Rename getOffset -> get.
1708 (JSC::JSObject::deleteProperty): Ditto.
1709 (JSC::JSObject::getPropertyAttributes): Ditto.
1710 (JSC::JSObject::removeDirect): Use returned offset to
1711 clear the value in the PropertyNameArray.
1712 (JSC::JSObject::allocatePropertyStorage): Add assert.
1714 (JSC::JSObject::getDirect): Rename getOffset -> get
1715 (JSC::JSObject::getDirectLocation): Rename getOffset -> get
1716 (JSC::JSObject::putDirect): Use propertyStorageCapacity to determine whether
1717 or not to resize. Also, since put now returns an offset (and thus
1718 addPropertyTransition does also) setting of the PropertyStorageArray is
1720 (JSC::JSObject::transitionTo):
1721 * kjs/PropertyMap.cpp:
1722 (JSC::PropertyMap::checkConsistency): PropertyStorageArray is no longer
1724 (JSC::PropertyMap::operator=): Copy the delete offsets vector.
1725 (JSC::PropertyMap::put): Instead of setting the PropertyNameArray
1726 explicitly, return the offset where the value should go.
1727 (JSC::PropertyMap::remove): Instead of removing from the PropertyNameArray
1728 explicitly, return the offset where the value should be removed.
1729 (JSC::PropertyMap::get): Switch to using the stored offset, instead
1730 of the implicit one.
1731 (JSC::PropertyMap::insert):
1732 (JSC::PropertyMap::expand): This is never called when m_table is null,
1733 so remove that branch and add it as an assertion.
1734 (JSC::PropertyMap::createTable): Consistency checks no longer take
1735 a PropertyNameArray.
1736 (JSC::PropertyMap::rehash): No need to rehash the PropertyNameArray
1737 now that it is completely out of band.
1738 * kjs/PropertyMap.h:
1739 (JSC::PropertyMapEntry::PropertyMapEntry): Store offset into PropertyNameArray.
1740 (JSC::PropertyMap::get): Switch to using the stored offset, instead
1741 of the implicit one.
1742 * kjs/StructureID.cpp:
1743 (JSC::StructureID::StructureID): Initialize the propertyStorageCapacity to
1744 JSObject::inlineStorageCapacity.
1745 (JSC::StructureID::growPropertyStorageCapacity): Grow the storage capacity as
1747 (JSC::StructureID::addPropertyTransition): Copy the storage capacity.
1748 (JSC::StructureID::toDictionaryTransition): Ditto.
1749 (JSC::StructureID::changePrototypeTransition): Ditto.
1750 (JSC::StructureID::getterSetterTransition): Ditto.
1751 * kjs/StructureID.h:
1752 (JSC::StructureID::propertyStorageCapacity): Add propertyStorageCapacity
1753 which is the current capacity for the JSObjects PropertyStorageArray.
1754 It starts at the JSObject::inlineStorageCapacity (currently 2), then
1755 when it first needs to be resized moves to the JSObject::nonInlineBaseStorageCapacity
1756 (currently 16), and after that doubles each time.
1758 2008-10-06 Cameron Zwarich <zwarich@apple.com>
1760 Reviewed by Oliver Hunt.
1762 Bug 21396: Remove the OptionalCalleeActivation call frame slot
1763 <https://bugs.webkit.org/show_bug.cgi?id=21396>
1765 Remove the OptionalCalleeActivation call frame slot. We have to be
1766 careful to store the activation object in a register, because objects
1767 in the scope chain do not get marked.
1769 This is a 0.3% speedup on both SunSpider and the V8 benchmark.
1772 (JSC::CTI::privateCompileMainPass):
1774 (JSC::CodeBlock::dump):
1775 * VM/CodeGenerator.cpp:
1776 (JSC::CodeGenerator::CodeGenerator):
1777 (JSC::CodeGenerator::emitReturn):
1778 * VM/CodeGenerator.h:
1780 (JSC::Machine::dumpRegisters):
1781 (JSC::Machine::unwindCallFrame):
1782 (JSC::Machine::privateExecute):
1783 (JSC::Machine::cti_op_call_JSFunction):
1784 (JSC::Machine::cti_op_push_activation):
1785 (JSC::Machine::cti_op_tear_off_activation):
1786 (JSC::Machine::cti_op_construct_JSConstruct):
1788 (JSC::Machine::initializeCallFrame):
1789 * VM/RegisterFile.h:
1790 (JSC::RegisterFile::):
1792 2008-10-06 Tony Chang <tony@chromium.org>
1794 Reviewed by Alexey Proskuryakov.
1796 Chromium doesn't use pthreads on windows, so make its use conditional.
1798 Also convert a WORD to a DWORD to avoid a compiler warning. This
1799 matches the other methods around it.
1801 * wtf/ThreadingWin.cpp:
1802 (WTF::wtfThreadEntryPoint):
1803 (WTF::ThreadCondition::broadcast):
1805 2008-10-06 Mark Mentovai <mark@moxienet.com>
1807 Reviewed by Tim Hatcher.
1809 Allow ENABLE_DASHBOARD_SUPPORT and ENABLE_MAC_JAVA_BRIDGE to be
1810 disabled on the Mac.
1812 https://bugs.webkit.org/show_bug.cgi?id=21333
1816 2008-10-06 Steve Falkenburg <sfalken@apple.com>
1818 https://bugs.webkit.org/show_bug.cgi?id=21416
1819 Pass 0 for size to VirtualAlloc, as documented by MSDN.
1820 Identified by Application Verifier.
1822 Reviewed by Darin Adler.
1824 * kjs/collector.cpp:
1827 2008-10-06 Kevin McCullough <kmccullough@apple.com>
1829 Reviewed by Tim Hatcheri and Oliver Hunt.
1831 https://bugs.webkit.org/show_bug.cgi?id=21412
1832 Bug 21412: Refactor user initiated profile count to be more stable
1833 - Export UString::from for use with creating the profile title.
1835 * JavaScriptCore.exp:
1837 2008-10-06 Maciej Stachowiak <mjs@apple.com>
1839 Not reviewed. Build fix.
1841 - revert toBoolean changes (r37333 and r37335); need to make WebCore work with these
1843 * API/JSValueRef.cpp:
1846 * JavaScriptCore.exp:
1848 (JSC::CodeBlock::dump):
1850 (JSC::Machine::privateExecute):
1851 (JSC::Machine::cti_op_loop_if_true):
1852 (JSC::Machine::cti_op_not):
1853 (JSC::Machine::cti_op_jtrue):
1854 * kjs/ArrayPrototype.cpp:
1855 (JSC::arrayProtoFuncFilter):
1856 (JSC::arrayProtoFuncEvery):
1857 (JSC::arrayProtoFuncSome):
1858 * kjs/BooleanConstructor.cpp:
1859 (JSC::constructBoolean):
1860 (JSC::callBooleanConstructor):
1861 * kjs/GetterSetter.h:
1863 (JSC::JSValue::toBoolean):
1864 * kjs/JSNumberCell.cpp:
1865 (JSC::JSNumberCell::toBoolean):
1866 * kjs/JSNumberCell.h:
1868 (JSC::JSObject::toBoolean):
1871 (JSC::JSString::toBoolean):
1874 * kjs/RegExpConstructor.cpp:
1875 (JSC::setRegExpConstructorMultiline):
1876 * kjs/RegExpObject.cpp:
1877 (JSC::RegExpObject::match):
1878 * kjs/RegExpPrototype.cpp:
1879 (JSC::regExpProtoFuncToString):
1881 2008-10-06 Maciej Stachowiak <mjs@apple.com>
1883 Reviewed by Sam Weinig.
1885 - optimize op_jtrue, op_loop_if_true and op_not in various ways
1886 https://bugs.webkit.org/show_bug.cgi?id=21404
1888 1) Make JSValue::toBoolean nonvirtual and completely inline by
1889 making use of the StructureID type field.
1891 2) Make JSValue::toBoolean not take an ExecState; doesn't need it.
1893 3) Make op_not, op_loop_if_true and op_jtrue not read the
1894 ExecState (toBoolean doesn't need it any more) and not check
1895 exceptions (toBoolean can't throw).
1897 * API/JSValueRef.cpp:
1899 * JavaScriptCore.exp:
1901 (JSC::CodeBlock::dump):
1903 (JSC::Machine::privateExecute):
1904 (JSC::Machine::cti_op_loop_if_true):
1905 (JSC::Machine::cti_op_not):
1906 (JSC::Machine::cti_op_jtrue):
1907 * kjs/ArrayPrototype.cpp:
1908 (JSC::arrayProtoFuncFilter):
1909 (JSC::arrayProtoFuncEvery):
1910 (JSC::arrayProtoFuncSome):
1911 * kjs/BooleanConstructor.cpp:
1912 (JSC::constructBoolean):
1913 (JSC::callBooleanConstructor):
1914 * kjs/GetterSetter.h:
1916 (JSC::JSValue::toBoolean):
1917 * kjs/JSNumberCell.cpp:
1918 * kjs/JSNumberCell.h:
1919 (JSC::JSNumberCell::toBoolean):
1922 (JSC::JSObject::toBoolean):
1923 (JSC::JSCell::toBoolean):
1926 (JSC::JSString::toBoolean):
1928 * kjs/RegExpConstructor.cpp:
1929 (JSC::setRegExpConstructorMultiline):
1930 * kjs/RegExpObject.cpp:
1931 (JSC::RegExpObject::match):
1932 * kjs/RegExpPrototype.cpp:
1933 (JSC::regExpProtoFuncToString):
1935 2008-10-06 Ariya Hidayat <ariya.hidayat@trolltech.com>
1939 Build fix for MinGW.
1941 * JavaScriptCore.pri:
1943 (JSC::highResUpTime):
1945 2008-10-05 Cameron Zwarich <zwarich@apple.com>
1947 Reviewed by Oliver Hunt.
1949 Remove ScopeNode::containsClosures() now that it is unused.
1952 (JSC::ScopeNode::containsClosures):
1954 2008-10-05 Maciej Stachowiak <mjs@apple.com>
1956 Reviewed by Cameron Zwarich.
1958 - fix releas-only test failures caused by the fix to bug 21375
1961 (JSC::Machine::unwindCallFrame): Update ExecState while unwinding call frames;
1962 it now matters more to have a still-valid ExecState, since dynamicGlobalObject
1963 will make use of the ExecState's scope chain.
1966 2008-10-05 Cameron Zwarich <zwarich@apple.com>
1968 Reviewed by Oliver Hunt.
1970 Bug 21364: Remove the branch in op_ret for OptionalCalleeActivation and OptionalCalleeArguments
1971 <https://bugs.webkit.org/show_bug.cgi?id=21364>
1973 Use information from the parser to detect whether an activation is
1974 needed or 'arguments' is used, and emit explicit instructions to tear
1975 them off before op_ret. This allows a branch to be removed from op_ret
1976 and simplifies some other code. This does cause a small change in the
1977 behaviour of 'f.arguments'; it is no longer live when 'arguments' is not
1978 mentioned in the lexical scope of the function.
1980 It should now be easy to remove the OptionaCalleeActivation slot in the
1981 call frame, but this will be done in a later patch.
1984 (JSC::CTI::privateCompileMainPass):
1986 (JSC::CodeBlock::dump):
1987 * VM/CodeGenerator.cpp:
1988 (JSC::CodeGenerator::emitReturn):
1989 * VM/CodeGenerator.h:
1991 (JSC::Machine::unwindCallFrame):
1992 (JSC::Machine::privateExecute):
1993 (JSC::Machine::retrieveArguments):
1994 (JSC::Machine::cti_op_create_arguments):
1995 (JSC::Machine::cti_op_tear_off_activation):
1996 (JSC::Machine::cti_op_tear_off_arguments):
1999 * kjs/Arguments.cpp:
2000 (JSC::Arguments::mark):
2002 (JSC::Arguments::isTornOff):
2003 (JSC::Arguments::Arguments):
2004 (JSC::Arguments::copyRegisters):
2005 (JSC::JSActivation::copyRegisters):
2006 * kjs/JSActivation.cpp:
2007 (JSC::JSActivation::argumentsGetter):
2008 * kjs/JSActivation.h:
2010 2008-10-05 Maciej Stachowiak <mjs@apple.com>
2012 Reviewed by Oliver Hunt.
2014 - fixed "REGRESSION (r37297): fast/js/deep-recursion-test takes too long and times out"
2015 https://bugs.webkit.org/show_bug.cgi?id=21375
2017 The problem is that dynamicGlobalObject had become O(N) in number
2018 of call frames, but unwinding the stack for an exception called it
2019 for every call frame, resulting in O(N^2) behavior for an
2020 exception thrown from inside deep recursion.
2022 Instead of doing it that way, stash the dynamic global object in JSGlobalData.
2024 * JavaScriptCore.exp:
2026 (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): Helper class to temporarily
2027 store and later restore a dynamicGlobalObject in JSGlobalData.
2028 (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
2029 (JSC::Machine::execute): In each version, establish a DynamicGlobalObjectScope.
2030 For ProgramNode, always establish set new dynamicGlobalObject, for FunctionBody and Eval,
2031 only if none is currently set.
2034 * kjs/JSGlobalData.cpp:
2035 (JSC::JSGlobalData::JSGlobalData): Ininitalize new dynamicGlobalObject field to 0.
2036 * kjs/JSGlobalData.h:
2037 * kjs/JSGlobalObject.h:
2038 (JSC::ExecState::dynamicGlobalObject): Moved here from ExecState for benefit of inlining.
2039 Return lexical global object if this is a globalExec(), otherwise look in JSGlobalData
2040 for the one stashed there.
2042 2008-10-05 Sam Weinig <sam@webkit.org>
2044 Reviewed by Maciej Stachowiak.
2046 Avoid an extra lookup when transitioning to an existing StructureID
2047 by caching the offset of property that caused the transition.
2049 1% win on V8 suite. Wash on SunSpider.
2051 * kjs/PropertyMap.cpp:
2052 (JSC::PropertyMap::put):
2053 * kjs/PropertyMap.h:
2054 * kjs/StructureID.cpp:
2055 (JSC::StructureID::StructureID):
2056 (JSC::StructureID::addPropertyTransition):
2057 * kjs/StructureID.h:
2058 (JSC::StructureID::setCachedTransistionOffset):
2059 (JSC::StructureID::cachedTransistionOffset):
2061 2008-10-05 Cameron Zwarich <zwarich@apple.com>
2063 Reviewed by Maciej Stachowiak.
2065 Bug 21364: Remove the branch in op_ret for OptionalCalleeActivation and OptionalCalleeArguments
2066 <https://bugs.webkit.org/show_bug.cgi?id=21364>
2068 This patch does not yet remove the branch, but it does a bit of refactoring
2069 so that a CodeGenerator now knows whether the associated CodeBlock will need
2070 a full scope before doing any code generation. This makes it possible to emit
2071 explicit tear-off instructions before every op_ret.
2074 (JSC::CodeBlock::CodeBlock):
2075 * VM/CodeGenerator.cpp:
2076 (JSC::CodeGenerator::generate):
2077 (JSC::CodeGenerator::CodeGenerator):
2078 (JSC::CodeGenerator::emitPushScope):
2079 (JSC::CodeGenerator::emitPushNewScope):
2081 (JSC::ScopeNode::needsActivation):
2083 2008-10-05 Gavin Barraclough <barraclough@apple.com>
2085 Reviewed by Cameron Zwarich.
2087 Fix for bug #21387 - using SamplingTool with CTI.
2089 (1) A repatch offset offset changes due to an additional instruction to update SamplingTool state.
2090 (2) Fix an incusion order problem due to ExecState changes.
2091 (3) Change to a MACHINE_SAMPLING macro, use of exec should now be accessing global data.
2094 (JSC::CTI::execute):
2095 * VM/SamplingTool.h:
2096 (JSC::SamplingTool::privateExecuteReturned):
2099 2008-10-04 Mark Rowe <mrowe@apple.com>
2101 Reviewed by Tim Hatcher.
2103 Add a 'Check For Weak VTables' build phase to catch weak vtables as early as possible.
2105 * JavaScriptCore.xcodeproj/project.pbxproj:
2107 2008-10-04 Sam Weinig <sam@webkit.org>
2109 Reviewed by Oliver Hunt.
2111 Fix https://bugs.webkit.org/show_bug.cgi?id=21320
2112 leaks of PropertyNameArrayData seen on buildbot
2114 - Fix RefPtr cycle by making PropertyNameArrayData's pointer back
2115 to the StructureID a weak pointer.
2117 * kjs/PropertyNameArray.h:
2118 (JSC::PropertyNameArrayData::setCachedStructureID):
2119 (JSC::PropertyNameArrayData::cachedStructureID):
2120 * kjs/StructureID.cpp:
2121 (JSC::StructureID::getEnumerablePropertyNames):
2122 (JSC::StructureID::clearEnumerationCache):
2123 (JSC::StructureID::~StructureID):
2125 2008-10-04 Darin Adler <darin@apple.com>
2127 Reviewed by Cameron Zwarich.
2129 - https://bugs.webkit.org/show_bug.cgi?id=21295
2130 Bug 21295: Replace ExecState with a call frame Register pointer
2132 10% faster on Richards; other v8 benchmarks faster too.
2133 A wash on SunSpider.
2135 This does the minimum necessary to get the speedup. Next step in
2136 cleaning this up is to replace ExecState with a CallFrame class,
2137 and be more judicious about when to pass a call frame and when
2138 to pass a global data pointer, global object pointer, or perhaps
2139 something else entirely.
2141 * VM/CTI.cpp: Remove the debug-only check of the exception in
2142 ctiVMThrowTrampoline -- already checked in the code the trampoline
2143 jumps to, so not all that useful. Removed the exec argument from
2144 ctiTrampoline. Removed emitDebugExceptionCheck -- no longer needed.
2145 (JSC::CTI::emitCall): Removed code to set ExecState::m_callFrame.
2146 (JSC::CTI::privateCompileMainPass): Removed code in catch to extract
2147 the exception from ExecState::m_exception; instead, the code that
2148 jumps into catch will make sure the exception is already in eax.
2149 * VM/CTI.h: Removed exec from the ctiTrampoline. Also removed the
2150 non-helpful "volatile". Temporarily left ARG_exec in as a synonym
2151 for ARG_r; I'll change that on a future cleanup pass when introducing
2152 more use of the CallFrame type.
2153 (JSC::CTI::execute): Removed the ExecState* argument.
2155 * VM/ExceptionHelpers.cpp:
2156 (JSC::InterruptedExecutionError::InterruptedExecutionError): Take
2157 JSGlobalData* instead of ExecState*.
2158 (JSC::createInterruptedExecutionException): Ditto.
2159 * VM/ExceptionHelpers.h: Ditto. Also removed an unneeded include.
2162 (JSC::slideRegisterWindowForCall): Removed the exec and
2163 exceptionValue arguments. Changed to return 0 when there's a stack
2164 overflow rather than using a separate exception argument to cut
2165 down on memory accesses in the calling convention.
2166 (JSC::Machine::unwindCallFrame): Removed the exec argument when
2167 constructing a DebuggerCallFrame. Also removed code to set
2168 ExecState::m_callFrame.
2169 (JSC::Machine::throwException): Removed the exec argument when
2170 construction a DebuggerCallFrame.
2171 (JSC::Machine::execute): Updated to use the register instead of
2172 ExecState and also removed various uses of ExecState.
2173 (JSC::Machine::debug):
2174 (JSC::Machine::privateExecute): Put globalData into a local
2175 variable so it can be used throughout the interpreter. Changed
2176 the VM_CHECK_EXCEPTION to get the exception in globalData instead
2177 of through ExecState.
2178 (JSC::Machine::retrieveLastCaller): Turn exec into a registers
2179 pointer by calling registers() instead of by getting m_callFrame.
2180 (JSC::Machine::callFrame): Ditto.
2181 Tweaked exception macros. Made new versions for when you know
2182 you have an exception. Get at global exception with ARG_globalData.
2183 Got rid of the need to pass in the return value type.
2184 (JSC::Machine::cti_op_add): Update to use new version of exception
2186 (JSC::Machine::cti_op_pre_inc): Ditto.
2187 (JSC::Machine::cti_timeout_check): Ditto.
2188 (JSC::Machine::cti_op_instanceof): Ditto.
2189 (JSC::Machine::cti_op_new_func): Ditto.
2190 (JSC::Machine::cti_op_call_JSFunction): Optimized by using the
2191 ARG values directly instead of through local variables -- this gets
2192 rid of code that just shuffles things around in the stack frame.
2193 Also get rid of ExecState and update for the new way exceptions are
2194 handled in slideRegisterWindowForCall.
2195 (JSC::Machine::cti_vm_compile): Update to make exec out of r since
2196 they are both the same thing now.
2197 (JSC::Machine::cti_op_call_NotJSFunction): Ditto.
2198 (JSC::Machine::cti_op_init_arguments): Ditto.
2199 (JSC::Machine::cti_op_resolve): Ditto.
2200 (JSC::Machine::cti_op_construct_JSConstruct): Ditto.
2201 (JSC::Machine::cti_op_construct_NotJSConstruct): Ditto.
2202 (JSC::Machine::cti_op_resolve_func): Ditto.
2203 (JSC::Machine::cti_op_put_by_val): Ditto.
2204 (JSC::Machine::cti_op_put_by_val_array): Ditto.
2205 (JSC::Machine::cti_op_resolve_skip): Ditto.
2206 (JSC::Machine::cti_op_resolve_global): Ditto.
2207 (JSC::Machine::cti_op_post_inc): Ditto.
2208 (JSC::Machine::cti_op_resolve_with_base): Ditto.
2209 (JSC::Machine::cti_op_post_dec): Ditto.
2210 (JSC::Machine::cti_op_call_eval): Ditto.
2211 (JSC::Machine::cti_op_throw): Ditto. Also rearranged to return
2212 the exception value as the return value so it can be used by
2214 (JSC::Machine::cti_op_push_scope): Ditto.
2215 (JSC::Machine::cti_op_in): Ditto.
2216 (JSC::Machine::cti_op_del_by_val): Ditto.
2217 (JSC::Machine::cti_vm_throw): Ditto. Also rearranged to return
2218 the exception value as the return value so it can be used by
2221 * kjs/DebuggerCallFrame.cpp:
2222 (JSC::DebuggerCallFrame::functionName): Pass globalData.
2223 (JSC::DebuggerCallFrame::evaluate): Eliminated code to make a
2225 * kjs/DebuggerCallFrame.h: Removed ExecState argument from
2228 * kjs/ExecState.h: Eliminated all data members and made ExecState
2229 inherit privately from Register instead. Also added a typedef to
2230 the future name for this class, which is CallFrame. It's just a
2231 Register* that knows it's a pointer at a call frame. The new class
2232 can't be constructed or copied. Changed all functions to use
2233 the this pointer instead of m_callFrame. Changed exception-related
2234 functions to access an exception in JSGlobalData. Removed functions
2235 used by CTI to pass the return address to the throw machinery --
2236 this is now done directly with a global in the global data.
2238 * kjs/FunctionPrototype.cpp:
2239 (JSC::functionProtoFuncToString): Pass globalData instead of exec.
2241 * kjs/InternalFunction.cpp:
2242 (JSC::InternalFunction::name): Take globalData instead of exec.
2243 * kjs/InternalFunction.h: Ditto.
2245 * kjs/JSGlobalData.cpp: Initialize the new exception global to 0.
2246 * kjs/JSGlobalData.h: Declare two new globals. One for the current
2247 exception and another for the return address used by CTI to
2248 implement the throw operation.
2250 * kjs/JSGlobalObject.cpp:
2251 (JSC::JSGlobalObject::init): Removed code to set up globalExec,
2252 which is now the same thing as globalCallFrame.
2253 (JSC::JSGlobalObject::reset): Get globalExec from our globalExec
2254 function so we don't have to repeat the logic twice.
2255 (JSC::JSGlobalObject::mark): Removed code to mark the exception;
2256 the exception is now stored in JSGlobalData and marked there.
2257 (JSC::JSGlobalObject::globalExec): Return a pointer to the end
2258 of the global call frame.
2259 * kjs/JSGlobalObject.h: Removed the globalExec data member.
2262 (JSC::JSObject::putDirectFunction): Pass globalData instead of exec.
2264 * kjs/collector.cpp:
2265 (JSC::Heap::collect): Mark the global exception.
2267 * profiler/ProfileGenerator.cpp:
2268 (JSC::ProfileGenerator::addParentForConsoleStart): Pass globalData
2269 instead of exec to createCallIdentifier.
2271 * profiler/Profiler.cpp:
2272 (JSC::Profiler::willExecute): Pass globalData instead of exec to
2273 createCallIdentifier.
2274 (JSC::Profiler::didExecute): Ditto.
2275 (JSC::Profiler::createCallIdentifier): Take globalData instead of
2277 (JSC::createCallIdentifierFromFunctionImp): Ditto.
2278 * profiler/Profiler.h: Change interface to take a JSGlobalData
2279 instead of an ExecState.
2281 2008-10-04 Cameron Zwarich <zwarich@apple.com>
2283 Reviewed by Darin Adler.
2285 Bug 21369: Add opcode documentation for all undocumented opcodes
2286 <https://bugs.webkit.org/show_bug.cgi?id=21369>
2288 This patch adds opcode documentation for all undocumented opcodes, and
2289 it also renames op_init_arguments to op_create_arguments.
2292 (JSC::CTI::privateCompileMainPass):
2294 (JSC::CodeBlock::dump):
2295 * VM/CodeGenerator.cpp:
2296 (JSC::CodeGenerator::CodeGenerator):
2298 (JSC::Machine::privateExecute):
2299 (JSC::Machine::cti_op_create_arguments):
2303 2008-10-03 Maciej Stachowiak <mjs@apple.com>
2305 Reviewed by Cameron Zwarich.
2307 - "this" object in methods called on primitives should be wrapper object
2308 https://bugs.webkit.org/show_bug.cgi?id=21362
2310 I changed things so that functions which use "this" do a fast
2311 version of toThisObject conversion if needed. Currently we miss
2312 the conversion entirely, at least for primitive types. Using
2313 TypeInfo and the primitive check, I made the fast case bail out
2316 This is inexplicably an 1.007x SunSpider speedup (and a wash on V8 benchmarks).
2318 Also renamed some opcodes for clarity:
2321 init_activation ==> enter_with_activation
2324 (JSC::CTI::privateCompileMainPass):
2325 (JSC::CTI::privateCompileSlowCases):
2327 (JSC::CodeBlock::dump):
2328 * VM/CodeGenerator.cpp:
2329 (JSC::CodeGenerator::generate):
2330 (JSC::CodeGenerator::CodeGenerator):
2332 (JSC::Machine::privateExecute):
2333 (JSC::Machine::cti_op_convert_this):
2336 * kjs/JSActivation.cpp:
2337 (JSC::JSActivation::JSActivation):
2338 * kjs/JSActivation.h:
2339 (JSC::JSActivation::createStructureID):
2341 (JSC::JSValue::needsThisConversion):
2342 * kjs/JSGlobalData.cpp:
2343 (JSC::JSGlobalData::JSGlobalData):
2344 * kjs/JSGlobalData.h:
2345 * kjs/JSNumberCell.h:
2346 (JSC::JSNumberCell::createStructureID):
2347 * kjs/JSStaticScopeObject.h:
2348 (JSC::JSStaticScopeObject::JSStaticScopeObject):
2349 (JSC::JSStaticScopeObject::createStructureID):
2351 (JSC::JSString::createStructureID):
2354 (JSC::TypeInfo::needsThisConversion):
2356 (JSC::ScopeNode::usesThis):
2358 2008-10-03 Cameron Zwarich <zwarich@apple.com>
2360 Reviewed by Maciej Stachowiak.
2362 Bug 21356: The size of the RegisterFile differs depending on 32-bit / 64-bit and Debug / Release
2363 <https://bugs.webkit.org/show_bug.cgi?id=21356>
2365 The RegisterFile decreases in size (measured in terms of numbers of
2366 Registers) as the size of a Register increases. This causes
2368 js1_5/Regress/regress-159334.js
2370 to fail in 64-bit debug builds. This fix makes the RegisterFile on all
2371 platforms the same size that it is in 32-bit Release builds.
2373 * VM/RegisterFile.h:
2374 (JSC::RegisterFile::RegisterFile):
2376 2008-10-03 Maciej Stachowiak <mjs@apple.com>
2378 Reviewed by Cameron Zwarich.
2380 - Some code cleanup to how we handle code features.
2382 1) Rename FeatureInfo typedef to CodeFeatures.
2383 2) Rename NodeFeatureInfo template to NodeInfo.
2384 3) Keep CodeFeature bitmask in ScopeNode instead of trying to break it out into individual bools.
2385 4) Rename misleadingly named "needsClosure" method to "containsClosures", which better describes the meaning
2387 5) Make setUsersArguments() not take an argument since it only goes one way.
2389 * JavaScriptCore.exp:
2391 (JSC::CodeBlock::CodeBlock):
2394 (JSC::Parser::didFinishParsing):
2396 (JSC::Parser::parse):
2399 (JSC::ScopeNode::ScopeNode):
2400 (JSC::ProgramNode::ProgramNode):
2401 (JSC::ProgramNode::create):
2402 (JSC::EvalNode::EvalNode):
2403 (JSC::EvalNode::create):
2404 (JSC::FunctionBodyNode::FunctionBodyNode):
2405 (JSC::FunctionBodyNode::create):
2407 (JSC::ScopeNode::usesEval):
2408 (JSC::ScopeNode::containsClosures):
2409 (JSC::ScopeNode::usesArguments):
2410 (JSC::ScopeNode::setUsesArguments):
2412 2008-10-03 Cameron Zwarich <zwarich@apple.com>
2414 Reviewed by Maciej Stachowiak.
2416 Bug 21343: REGRESSSION (r37160): ecma_3/ExecutionContexts/10.1.3-1.js and js1_4/Functions/function-001.js fail on 64-bit
2417 <https://bugs.webkit.org/show_bug.cgi?id=21343>
2419 A fix was landed for this issue in r37253, and the ChangeLog assumes
2420 that it is a compiler bug, but it turns out that it is a subtle issue
2421 with mixing signed and unsigned 32-bit values in a 64-bit environment.
2422 In order to properly fix this bug, we should convert our signed offsets
2423 into the register file to use ptrdiff_t.
2425 This may not be the only instance of this issue, but I will land this
2426 fix first and look for more later.
2429 (JSC::Machine::getArgumentsData):
2431 * kjs/Arguments.cpp:
2432 (JSC::Arguments::getOwnPropertySlot):
2434 (JSC::Arguments::init):
2436 2008-10-03 Darin Adler <darin@apple.com>
2438 * VM/CTI.cpp: Another Windows build fix. Change the args of ctiTrampoline.
2440 * kjs/JSNumberCell.h: A build fix for newer versions of gcc. Added
2441 declarations of JSGlobalData overloads of jsNumberCell.
2443 2008-10-03 Darin Adler <darin@apple.com>
2445 - try to fix Windows build
2447 * kjs/ScopeChain.h: Add forward declaration of JSGlobalData.
2449 2008-10-03 Darin Adler <darin@apple.com>
2451 Reviewed by Geoff Garen.
2453 - next step of https://bugs.webkit.org/show_bug.cgi?id=21295
2454 Turn ExecState into a call frame pointer.
2456 Remove m_globalObject and m_globalData from ExecState.
2458 SunSpider says this is a wash (slightly faster but not statistically
2459 significant); which is good enough since it's a preparation step and
2460 not supposed to be a spedup.
2462 * API/JSCallbackFunction.cpp:
2463 (JSC::JSCallbackFunction::JSCallbackFunction):
2464 * kjs/ArrayConstructor.cpp:
2465 (JSC::ArrayConstructor::ArrayConstructor):
2466 * kjs/BooleanConstructor.cpp:
2467 (JSC::BooleanConstructor::BooleanConstructor):
2468 * kjs/DateConstructor.cpp:
2469 (JSC::DateConstructor::DateConstructor):
2470 * kjs/ErrorConstructor.cpp:
2471 (JSC::ErrorConstructor::ErrorConstructor):
2472 * kjs/FunctionPrototype.cpp:
2473 (JSC::FunctionPrototype::FunctionPrototype):
2474 * kjs/JSFunction.cpp:
2475 (JSC::JSFunction::JSFunction):
2476 * kjs/NativeErrorConstructor.cpp:
2477 (JSC::NativeErrorConstructor::NativeErrorConstructor):
2478 * kjs/NumberConstructor.cpp:
2479 (JSC::NumberConstructor::NumberConstructor):
2480 * kjs/ObjectConstructor.cpp:
2481 (JSC::ObjectConstructor::ObjectConstructor):
2482 * kjs/PrototypeFunction.cpp:
2483 (JSC::PrototypeFunction::PrototypeFunction):
2484 * kjs/RegExpConstructor.cpp:
2485 (JSC::RegExpConstructor::RegExpConstructor):
2486 * kjs/StringConstructor.cpp:
2487 (JSC::StringConstructor::StringConstructor):
2488 Pass JSGlobalData* instead of ExecState* to the InternalFunction
2491 * API/OpaqueJSString.cpp: Added now-needed include.
2493 * JavaScriptCore.exp: Updated.
2496 (JSC::CTI::emitSlowScriptCheck): Changed to use ARGS_globalData
2497 instead of ARGS_exec.
2499 * VM/CTI.h: Added a new argument to the CTI, the global data pointer.
2500 While it's possible to get to the global data pointer using the
2501 ExecState pointer, it's slow enough that it's better to just keep
2502 it around in the CTI arguments.
2504 * VM/CodeBlock.h: Moved the CodeType enum here from ExecState.h.
2507 (JSC::Machine::execute): Pass fewer arguments when constructing
2508 ExecState, and pass the global data pointer when invoking CTI.
2509 (JSC::Machine::firstCallFrame): Added. Used to get the dynamic global
2510 object, which is in the scope chain of the first call frame.
2511 (JSC::Machine::cti_op_add): Use globalData instead of exec when
2512 possible, to keep fast cases fast, since it's now more expensive to
2513 get to it through the exec pointer.
2514 (JSC::Machine::cti_timeout_check): Ditto.
2515 (JSC::Machine::cti_op_put_by_id_second): Ditto.
2516 (JSC::Machine::cti_op_get_by_id_second): Ditto.
2517 (JSC::Machine::cti_op_mul): Ditto.
2518 (JSC::Machine::cti_vm_compile): Ditto.
2519 (JSC::Machine::cti_op_get_by_val): Ditto.
2520 (JSC::Machine::cti_op_sub): Ditto.
2521 (JSC::Machine::cti_op_put_by_val): Ditto.
2522 (JSC::Machine::cti_op_put_by_val_array): Ditto.
2523 (JSC::Machine::cti_op_negate): Ditto.
2524 (JSC::Machine::cti_op_div): Ditto.
2525 (JSC::Machine::cti_op_pre_dec): Ditto.
2526 (JSC::Machine::cti_op_post_inc): Ditto.
2527 (JSC::Machine::cti_op_lshift): Ditto.
2528 (JSC::Machine::cti_op_bitand): Ditto.
2529 (JSC::Machine::cti_op_rshift): Ditto.
2530 (JSC::Machine::cti_op_bitnot): Ditto.
2531 (JSC::Machine::cti_op_mod): Ditto.
2532 (JSC::Machine::cti_op_post_dec): Ditto.
2533 (JSC::Machine::cti_op_urshift): Ditto.
2534 (JSC::Machine::cti_op_bitxor): Ditto.
2535 (JSC::Machine::cti_op_bitor): Ditto.
2536 (JSC::Machine::cti_op_call_eval): Ditto.
2537 (JSC::Machine::cti_op_throw): Ditto.
2538 (JSC::Machine::cti_op_is_string): Ditto.
2539 (JSC::Machine::cti_op_debug): Ditto.
2540 (JSC::Machine::cti_vm_throw): Ditto.
2542 * VM/Machine.h: Added firstCallFrame.
2544 * kjs/DebuggerCallFrame.cpp:
2545 (JSC::DebuggerCallFrame::evaluate): Pass fewer arguments when
2546 constructing ExecState.
2548 * kjs/ExecState.cpp: Deleted contents. Later we'll remove the
2551 * kjs/ExecState.h: Removed m_globalObject and m_globalData.
2552 Moved CodeType into another header.
2553 (JSC::ExecState::ExecState): Take only a single argument, a
2555 (JSC::ExecState::dynamicGlobalObject): Get the object from
2556 the first call frame since it's no longer stored.
2557 (JSC::ExecState::globalData): Get the global data from the
2558 scope chain, since we no longer store a pointer to it here.
2559 (JSC::ExecState::identifierTable): Ditto.
2560 (JSC::ExecState::propertyNames): Ditto.
2561 (JSC::ExecState::emptyList): Ditto.
2562 (JSC::ExecState::lexer): Ditto.
2563 (JSC::ExecState::parser): Ditto.
2564 (JSC::ExecState::machine): Ditto.
2565 (JSC::ExecState::arrayTable): Ditto.
2566 (JSC::ExecState::dateTable): Ditto.
2567 (JSC::ExecState::mathTable): Ditto.
2568 (JSC::ExecState::numberTable): Ditto.
2569 (JSC::ExecState::regExpTable): Ditto.
2570 (JSC::ExecState::regExpConstructorTable): Ditto.
2571 (JSC::ExecState::stringTable): Ditto.
2572 (JSC::ExecState::heap): Ditto.
2574 * kjs/FunctionConstructor.cpp:
2575 (JSC::FunctionConstructor::FunctionConstructor): Pass
2576 JSGlobalData* instead of ExecState* to the InternalFunction
2578 (JSC::constructFunction): Pass the global data pointer when
2579 constructing a new scope chain.
2581 * kjs/InternalFunction.cpp:
2582 (JSC::InternalFunction::InternalFunction): Take a JSGlobalData*
2583 instead of an ExecState*. Later we can change more places to
2584 work this way -- it's more efficient to take the type you need
2585 since the caller might already have it.
2586 * kjs/InternalFunction.h: Ditto.
2589 (JSC::JSCell::operator new): Added an overload that takes a
2590 JSGlobalData* so you can construct without an ExecState*.
2592 * kjs/JSGlobalObject.cpp:
2593 (JSC::JSGlobalObject::init): Moved creation of the global scope
2594 chain in here, since it now requires a pointer to the global data.
2595 Moved the initialization of the call frame in here since it requires
2596 the global scope chain node. Removed the extra argument to ExecState
2597 when creating the global ExecState*.
2598 * kjs/JSGlobalObject.h: Removed initialization of globalScopeChain
2599 and the call frame from the JSGlobalObjectData constructor. Added
2600 a thisValue argument to the init function.
2602 * kjs/JSNumberCell.cpp: Added versions of jsNumberCell that take
2603 JSGlobalData* rather than ExecState*.
2604 * kjs/JSNumberCell.h:
2605 (JSC::JSNumberCell::operator new): Added a version that takes
2607 (JSC::JSNumberCell::JSNumberCell): Ditto.
2608 (JSC::jsNumber): Ditto.
2610 (JSC::jsString): Ditto.
2611 (JSC::jsSubstring): Ditto.
2612 (JSC::jsOwnedString): Ditto.
2614 (JSC::JSString::JSString): Changed to take JSGlobalData*.
2615 (JSC::jsEmptyString): Added a version that takes JSGlobalData*.
2616 (JSC::jsSingleCharacterString): Ditto.
2617 (JSC::jsSingleCharacterSubstring): Ditto.
2618 (JSC::jsNontrivialString): Ditto.
2619 (JSC::JSString::getIndex): Ditto.
2620 (JSC::jsString): Ditto.
2621 (JSC::jsSubstring): Ditto.
2622 (JSC::jsOwnedString): Ditto.
2624 * kjs/ScopeChain.h: Added a globalData pointer to each node.
2625 (JSC::ScopeChainNode::ScopeChainNode): Initialize the globalData
2627 (JSC::ScopeChainNode::push): Set the global data pointer in the
2629 (JSC::ScopeChain::ScopeChain): Take a globalData argument.
2631 * kjs/SmallStrings.cpp:
2632 (JSC::SmallStrings::createEmptyString): Take JSGlobalData* instead of
2634 (JSC::SmallStrings::createSingleCharacterString): Ditto.
2635 * kjs/SmallStrings.h:
2636 (JSC::SmallStrings::emptyString): Ditto.
2637 (JSC::SmallStrings::singleCharacterString): Ditto.
2639 2008-10-03 Cameron Zwarich <zwarich@apple.com>
2641 Reviewed by Geoff Garen.
2643 Bug 21343: REGRESSSION (r37160): ecma_3/ExecutionContexts/10.1.3-1.js and js1_4/Functions/function-001.js fail on 64-bit
2644 <https://bugs.webkit.org/show_bug.cgi?id=21343>
2646 Add a workaround for a bug in GCC, which affects GCC 4.0, GCC 4.2, and
2647 llvm-gcc 4.2. I put it in an #ifdef because it was a slight regression
2648 on SunSpider in 32-bit, although that might be entirely random.
2650 * kjs/Arguments.cpp:
2651 (JSC::Arguments::getOwnPropertySlot):
2653 2008-10-03 Darin Adler <darin@apple.com>
2655 Rubber stamped by Alexey Proskuryakov.
2657 * kjs/Shell.cpp: (main): Don't delete JSGlobalData. Later, we need to change
2658 this tool to use public JavaScriptCore API instead.
2660 2008-10-03 Darin Adler <darin@apple.com>
2662 Suggested by Alexey Proskuryakov.
2664 * kjs/JSGlobalData.cpp:
2665 (JSC::JSGlobalData::~JSGlobalData): Remove call to heap.destroy() because
2666 it's too late to ref the JSGlobalData object once it's already being
2667 destroyed. In practice this is not a problem because WebCore's JSGlobalData
2668 is never destroyed and JSGlobalContextRelease takes care of calling
2669 heap.destroy() in advance.
2671 2008-10-02 Oliver Hunt <oliver@apple.com>
2673 Reviewed by Maciej Stachowiak.
2675 Replace SSE3 check with an SSE2 check, and implement SSE2 check on windows.
2677 5.6% win on SunSpider on windows.
2680 (JSC::isSSE2Present):
2681 (JSC::CTI::compileBinaryArithOp):
2682 (JSC::CTI::compileBinaryArithOpSlowCase):
2684 2008-10-03 Maciej Stachowiak <mjs@apple.com>
2686 Rubber stamped by Cameron Zwarich.
2688 - fix mistaken change of | to || which caused a big perf regression on EarleyBoyer
2692 2008-10-02 Darin Adler <darin@apple.com>
2694 Reviewed by Geoff Garen.
2696 - https://bugs.webkit.org/show_bug.cgi?id=21321
2697 Bug 21321: speed up JavaScriptCore by inlining Heap in JSGlobalData
2699 1.019x as fast on SunSpider.
2702 (JSEvaluateScript): Use heap. instead of heap-> to work with the heap.
2703 (JSCheckScriptSyntax): Ditto.
2704 (JSGarbageCollect): Ditto.
2705 (JSReportExtraMemoryCost): Ditto.
2706 * API/JSContextRef.cpp:
2707 (JSGlobalContextRetain): Ditto.
2708 (JSGlobalContextRelease): Destroy the heap with the destroy function instead
2709 of the delete operator.
2710 (JSContextGetGlobalObject): Use heap. instead of heap-> to work with the heap.
2711 * API/JSObjectRef.cpp:
2712 (JSObjectMake): Use heap. instead of heap-> to work with the heap.
2713 (JSObjectMakeFunctionWithCallback): Ditto.
2714 (JSObjectMakeConstructor): Ditto.
2715 (JSObjectMakeFunction): Ditto.
2716 (JSObjectMakeArray): Ditto.
2717 (JSObjectMakeDate): Ditto.
2718 (JSObjectMakeError): Ditto.
2719 (JSObjectMakeRegExp): Ditto.
2720 (JSObjectHasProperty): Ditto.
2721 (JSObjectGetProperty): Ditto.
2722 (JSObjectSetProperty): Ditto.
2723 (JSObjectGetPropertyAtIndex): Ditto.
2724 (JSObjectSetPropertyAtIndex): Ditto.
2725 (JSObjectDeleteProperty): Ditto.
2726 (JSObjectCallAsFunction): Ditto.
2727 (JSObjectCallAsConstructor): Ditto.
2728 (JSObjectCopyPropertyNames): Ditto.
2729 (JSPropertyNameAccumulatorAddName): Ditto.
2730 * API/JSValueRef.cpp:
2731 (JSValueIsEqual): Ditto.
2732 (JSValueIsInstanceOfConstructor): Ditto.
2733 (JSValueMakeNumber): Ditto.
2734 (JSValueMakeString): Ditto.
2735 (JSValueToNumber): Ditto.
2736 (JSValueToStringCopy): Ditto.
2737 (JSValueToObject): Ditto.
2738 (JSValueProtect): Ditto.
2739 (JSValueUnprotect): Ditto.
2742 (JSC::ExecState::heap): Update to use the & operator.
2744 * kjs/JSGlobalData.cpp:
2745 (JSC::JSGlobalData::JSGlobalData): Update to initialize a heap member
2746 instead of calling new to make a heap.
2747 (JSC::JSGlobalData::~JSGlobalData): Destroy the heap with the destroy
2748 function instead of the delete operator.
2749 * kjs/JSGlobalData.h: Change from Heap* to a Heap.
2750 * kjs/JSGlobalObject.cpp:
2751 (JSC::JSGlobalObject::mark): Use the & operator here.
2752 (JSC::JSGlobalObject::operator new): Use heap. instead of heap-> to work
2755 2008-10-02 Cameron Zwarich <zwarich@apple.com>
2757 Reviewed by Geoff Garen.
2759 Bug 21317: Replace RegisterFile size and capacity information with Register pointers
2760 <https://bugs.webkit.org/show_bug.cgi?id=21317>
2762 This is a 2.3% speedup on the V8 DeltaBlue benchmark, a 3.3% speedup on
2763 the V8 Raytrace benchmark, and a 1.0% speedup on SunSpider.
2766 (JSC::slideRegisterWindowForCall):
2767 (JSC::Machine::callEval):
2768 (JSC::Machine::execute):
2769 (JSC::Machine::privateExecute):
2770 (JSC::Machine::cti_op_call_JSFunction):
2771 (JSC::Machine::cti_op_construct_JSConstruct):
2772 * VM/RegisterFile.cpp:
2773 (JSC::RegisterFile::~RegisterFile):
2774 * VM/RegisterFile.h:
2775 (JSC::RegisterFile::RegisterFile):
2776 (JSC::RegisterFile::start):
2777 (JSC::RegisterFile::end):
2778 (JSC::RegisterFile::size):
2779 (JSC::RegisterFile::shrink):
2780 (JSC::RegisterFile::grow):
2781 (JSC::RegisterFile::lastGlobal):
2782 (JSC::RegisterFile::markGlobals):
2783 (JSC::RegisterFile::markCallFrames):
2784 * kjs/JSGlobalObject.cpp:
2785 (JSC::JSGlobalObject::copyGlobalsTo):
2787 2008-10-02 Cameron Zwarich <zwarich@apple.com>
2789 Rubber-stamped by Darin Adler.
2791 Change bitwise operations introduced in r37166 to boolean operations. We
2792 only use bitwise operations over boolean operations for increasing
2793 performance in extremely hot code, but that does not apply to anything
2798 2008-10-02 Gavin Barraclough <barraclough@apple.com>
2800 Reviewed by Darin Adler.
2802 Fix for bug #21232 - should reset m_isPendingDash on flush,
2803 and should allow '\-' as beginning or end of a range (though
2804 not to specifiy a range itself).
2807 * wrec/CharacterClassConstructor.cpp:
2808 (JSC::CharacterClassConstructor::put):
2809 (JSC::CharacterClassConstructor::flush):
2810 * wrec/CharacterClassConstructor.h:
2811 (JSC::CharacterClassConstructor::flushBeforeEscapedHyphen):
2813 (JSC::WRECGenerator::generateDisjunction):
2814 (JSC::WRECParser::parseCharacterClass):
2815 (JSC::WRECParser::parseDisjunction):
2818 2008-10-02 Darin Adler <darin@apple.com>
2820 Reviewed by Sam Weinig.
2822 - remove the "static" from declarations in a header file, since we
2823 don't want them to have internal linkage
2825 * VM/Machine.h: Remove the static keyword from the constant and the
2826 three inline functions that Geoff just moved here.
2828 2008-10-02 Geoffrey Garen <ggaren@apple.com>
2830 Reviewed by Sam Weinig.
2832 Fixed https://bugs.webkit.org/show_bug.cgi?id=21283.
2833 Profiler Crashes When Started
2837 (JSC::makeHostCallFramePointer):
2838 (JSC::isHostCallFrame):
2839 (JSC::stripHostCallFrameBit): Moved some things to the header so
2840 JSGlobalObject could use them.
2842 * kjs/JSGlobalObject.h:
2843 (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): Call the
2844 new makeHostCallFramePointer API, since 0 no longer indicates a host
2847 2008-10-02 Alexey Proskuryakov <ap@webkit.org>
2849 Reviewed by Darin Adler.
2851 https://bugs.webkit.org/show_bug.cgi?id=21304
2852 Stop using a static wrapper map for WebCore JS bindings
2854 * kjs/JSGlobalData.cpp:
2855 (JSC::JSGlobalData::JSGlobalData):
2856 (JSC::JSGlobalData::~JSGlobalData):
2857 (JSC::JSGlobalData::ClientData::~ClientData):
2858 * kjs/JSGlobalData.h:
2859 Added a client data member to JSGlobalData. WebCore will use it to store bindings-related
2862 * JavaScriptCore.exp: Export virtual ClientData destructor.
2864 2008-10-02 Geoffrey Garen <ggaren@apple.com>
2868 Try to fix Qt build.
2872 2008-10-01 Geoffrey Garen <ggaren@apple.com>
2874 Reviewed by Darin Adler and Cameron Zwarich.
2876 Preliminary step toward dynamic recompilation: Standardized and
2877 simplified the parsing interface.
2879 The main goal in this patch is to make it easy to ask for a duplicate
2880 compilation, and get back a duplicate result -- same source URL, same
2881 debugger / profiler ID, same toString behavior, etc.
2883 The basic unit of compilation and evaluation is now SourceCode, which
2884 encompasses a SourceProvider, a range in that provider, and a starting
2887 A SourceProvider now encompasses a source URL, and *is* a source ID,
2888 since a pointer is a unique identifier.
2892 (JSCheckScriptSyntax): Provide a SourceCode to the Interpreter, since
2893 other APIs are no longer supported.
2896 (JSC::EvalCodeCache::get): Provide a SourceCode to the Interpreter, since
2897 other APIs are no longer supported.
2898 (JSC::CodeBlock::CodeBlock): ASSERT something that used to be ASSERTed
2899 by our caller -- this is a better bottleneck.
2901 * VM/CodeGenerator.cpp:
2902 (JSC::CodeGenerator::CodeGenerator): Updated for the fact that
2903 FunctionBodyNode's parameters are no longer a WTF::Vector.
2905 * kjs/Arguments.cpp:
2906 (JSC::Arguments::Arguments): ditto
2908 * kjs/DebuggerCallFrame.cpp:
2909 (JSC::DebuggerCallFrame::evaluate): Provide a SourceCode to the Parser,
2910 since other APIs are no longer supported.
2912 * kjs/FunctionConstructor.cpp:
2913 (JSC::constructFunction): Provide a SourceCode to the Parser, since
2914 other APIs are no longer supported. Adopt FunctionBodyNode's new
2915 "finishParsing" API.
2917 * kjs/JSFunction.cpp:
2918 (JSC::JSFunction::lengthGetter):
2919 (JSC::JSFunction::getParameterName): Updated for the fact that
2920 FunctionBodyNode's parameters are no longer a wtf::Vector.
2922 * kjs/JSFunction.h: Nixed some cruft.
2924 * kjs/JSGlobalObjectFunctions.cpp:
2925 (JSC::globalFuncEval): Provide a SourceCode to the Parser, since
2926 other APIs are no longer supported.
2929 (JSC::Parser::parse): Require a SourceCode argument, instead of a bunch
2930 of broken out parameters. Stop tracking sourceId as an integer, since we
2931 use the SourceProvider pointer for this now. Don't clamp the
2932 startingLineNumber, since SourceCode does that now.
2935 (JSC::Parser::parse): Standardized the parsing interface to require a
2941 (prettyPrintScript):
2943 (runInteractive): Provide a SourceCode to the Interpreter, since
2944 other APIs are no longer supported.
2946 * kjs/SourceProvider.h:
2947 (JSC::SourceProvider::SourceProvider):
2948 (JSC::SourceProvider::url):
2949 (JSC::SourceProvider::asId):
2950 (JSC::UStringSourceProvider::create):
2951 (JSC::UStringSourceProvider::UStringSourceProvider): Added new
2952 responsibilities described above.
2954 * kjs/SourceRange.h:
2955 (JSC::SourceCode::SourceCode):
2956 (JSC::SourceCode::toString):
2957 (JSC::SourceCode::provider):
2958 (JSC::SourceCode::firstLine):
2959 (JSC::SourceCode::data):
2960 (JSC::SourceCode::length): Added new responsibilities described above.
2961 Renamed SourceRange to SourceCode, based on review feedback. Added
2962 a makeSource function for convenience.
2964 * kjs/debugger.h: Provide a SourceCode to the client, since other APIs
2965 are no longer supported.
2967 * kjs/grammar.y: Provide startingLineNumber when creating a SourceCode.
2969 * kjs/debugger.h: Treat sourceId as intptr_t to avoid loss of precision
2972 * kjs/interpreter.cpp:
2973 (JSC::Interpreter::checkSyntax):
2974 (JSC::Interpreter::evaluate):
2975 * kjs/interpreter.h: Require a SourceCode instead of broken out arguments.
2978 (JSC::Lexer::setCode):
2980 (JSC::Lexer::sourceRange): Fold together the SourceProvider and line number
2981 into a SourceCode. Fixed a bug where the Lexer would accidentally keep
2982 alive the last SourceProvider forever.
2985 (JSC::ScopeNode::ScopeNode):
2986 (JSC::ProgramNode::ProgramNode):
2987 (JSC::ProgramNode::create):
2988 (JSC::EvalNode::EvalNode):
2989 (JSC::EvalNode::generateCode):
2990 (JSC::EvalNode::create):
2991 (JSC::FunctionBodyNode::FunctionBodyNode):
2992 (JSC::FunctionBodyNode::finishParsing):
2993 (JSC::FunctionBodyNode::create):
2994 (JSC::FunctionBodyNode::generateCode):
2995 (JSC::ProgramNode::generateCode):
2996 (JSC::FunctionBodyNode::paramString):
2999 (JSC::ScopeNode::sourceId):
3000 (JSC::FunctionBodyNode::):
3001 (JSC::FunctionBodyNode::parameterCount):
3002 (JSC::FuncExprNode::):
3003 (JSC::FuncDeclNode::): Store a SourceCode in all ScopeNodes, since
3004 SourceCode is now responsible for tracking URL, ID, etc. Streamlined
3005 some ad hoc FunctionBodyNode fixups into a "finishParsing" function, to
3006 help make clear what you need to do in order to finish parsing a
3010 (WTF::::releaseBuffer): Don't ASSERT that releaseBuffer() is only called
3011 when buffer is not 0, since FunctionBodyNode is more than happy
3012 to get back a 0 buffer, and other functions like RefPtr::release() allow
3015 2008-10-01 Cameron Zwarich <zwarich@apple.com>
3017 Reviewed by Maciej Stachowiak.
3019 Bug 21289: REGRESSION (r37160): Inspector crashes on load
3020 <https://bugs.webkit.org/show_bug.cgi?id=21289>
3022 The code in Arguments::mark() in r37160 was wrong. It marks indices in
3023 d->registers, but that makes no sense (they are local variables, not
3024 arguments). It should mark those indices in d->registerArray instead.
3026 This patch also changes Arguments::copyRegisters() to use d->numParameters
3027 instead of recomputing it.
3029 * kjs/Arguments.cpp:
3030 (JSC::Arguments::mark):
3032 (JSC::Arguments::copyRegisters):
3034 2008-09-30 Darin Adler <darin@apple.com>
3036 Reviewed by Eric Seidel.
3038 - https://bugs.webkit.org/show_bug.cgi?id=21214
3039 work on getting rid of ExecState
3041 Eliminate some unneeded uses of dynamicGlobalObject.
3043 * API/JSClassRef.cpp:
3044 (OpaqueJSClass::contextData): Changed to use a map in the global data instead
3045 of on the global object. Also fixed to use only a single hash table lookup.
3047 * API/JSObjectRef.cpp:
3048 (JSObjectMakeConstructor): Use lexicalGlobalObject rather than dynamicGlobalObject
3049 to get the object prototype.
3051 * kjs/ArrayPrototype.cpp:
3052 (JSC::arrayProtoFuncToString): Use arrayVisitedElements set in global data rather
3053 than in the global object.
3054 (JSC::arrayProtoFuncToLocaleString): Ditto.
3055 (JSC::arrayProtoFuncJoin): Ditto.
3057 * kjs/JSGlobalData.cpp:
3058 (JSC::JSGlobalData::JSGlobalData): Don't initialize opaqueJSClassData, since
3059 it's no longer a pointer.
3060 (JSC::JSGlobalData::~JSGlobalData): We still need to delete all the values, but
3061 we don't need to delete the map since it's no longer a pointer.
3063 * kjs/JSGlobalData.h: Made opaqueJSClassData a map instead of a pointer to a map.
3064 Also added arrayVisitedElements.
3066 * kjs/JSGlobalObject.h: Removed arrayVisitedElements.
3069 (functionRun): Use lexicalGlobalObject instead of dynamicGlobalObject.
3070 (functionLoad): Ditto.
3072 2008-10-01 Cameron Zwarich <zwarich@apple.com>
3076 Speculative Windows build fix.
3080 2008-10-01 Cameron Zwarich <zwarich@apple.com>
3082 Reviewed by Darin Adler.
3084 Bug 21123: using "arguments" in a function should not force creation of an activation object
3085 <https://bugs.webkit.org/show_bug.cgi?id=21123>
3087 Make the 'arguments' object not require a JSActivation. We store the
3088 'arguments' object in the OptionalCalleeArguments call frame slot. We
3089 need to be able to get the original 'arguments' object to tear it off
3090 when returning from a function, but 'arguments' may be assigned to in a
3093 Therefore, we use the OptionalCalleeArguments slot when we want to get
3094 the original activation or we know that 'arguments' was not assigned a
3095 different value. When 'arguments' may have been assigned a new value,
3096 we use a new local variable that is initialized with 'arguments'. Since
3097 a function parameter named 'arguments' may overwrite the value of
3098 'arguments', we also need to be careful to look up 'arguments' in the
3099 symbol table, so we get the parameter named 'arguments' instead of the
3100 local variable that we have added for holding the 'arguments' object.
3102 This is a 19.1% win on the V8 Raytrace benchmark using the SunSpider
3103 harness, and a 20.7% win using the V8 harness. This amounts to a 6.5%
3104 total speedup on the V8 benchmark suite using the V8 harness.
3107 (JSC::CTI::privateCompileMainPass):
3109 * VM/CodeGenerator.cpp:
3110 (JSC::CodeGenerator::CodeGenerator):
3112 (JSC::Machine::unwindCallFrame):
3113 (JSC::Machine::privateExecute):
3114 (JSC::Machine::retrieveArguments):
3115 (JSC::Machine::cti_op_init_arguments):
3116 (JSC::Machine::cti_op_ret_activation_arguments):
3118 * VM/RegisterFile.h:
3119 (JSC::RegisterFile::):
3120 * kjs/Arguments.cpp:
3121 (JSC::Arguments::mark):
3122 (JSC::Arguments::fillArgList):
3123 (JSC::Arguments::getOwnPropertySlot):
3124 (JSC::Arguments::put):
3126 (JSC::Arguments::setRegisters):
3127 (JSC::Arguments::init):
3128 (JSC::Arguments::Arguments):
3129 (JSC::Arguments::copyRegisters):
3130 (JSC::JSActivation::copyRegisters):
3131 * kjs/JSActivation.cpp:
3132 (JSC::JSActivation::argumentsGetter):
3133 * kjs/JSActivation.h:
3134 (JSC::JSActivation::JSActivationData::JSActivationData):
3137 (JSC::ScopeNode::setUsesArguments):
3138 * masm/X86Assembler.h:
3139 (JSC::X86Assembler::):
3140 (JSC::X86Assembler::orl_mr):
3142 2008-10-01 Kevin McCullough <kmccullough@apple.com>
3144 Rubberstamped by Geoff Garen.
3146 Remove BreakpointCheckStatement because it's not used anymore.
3147 No effect on sunspider or the jsc tests.
3152 2008-09-30 Oliver Hunt <oliver@apple.com>
3154 Reviewed by Geoff Garen.
3156 Improve performance of CTI on windows.
3158 Currently on platforms where the compiler doesn't allow us to safely
3159 index relative to the address of a parameter we need to actually
3160 provide a pointer to CTI runtime call arguments. This patch improves
3161 performance in this case by making the CTI logic for restoring this
3162 parameter much less conservative by only resetting it before we actually
3163 make a call, rather than between each and every SF bytecode we generate
3166 This results in a 3.6% progression on the v8 benchmark when compiled with MSVC.
3169 (JSC::CTI::emitCall):
3170 (JSC::CTI::compileOpCall):
3171 (JSC::CTI::privateCompileMainPass):
3172 (JSC::CTI::privateCompileSlowCases):
3173 (JSC::CTI::privateCompilePutByIdTransition):
3175 * masm/X86Assembler.h:
3178 2008-09-30 Maciej Stachowiak <mjs@apple.com>
3180 Reviewed by Oliver Hunt.
3182 - track uses of "this", "with" and "catch" in the parser
3184 Knowing this up front will be useful for future optimizations.
3186 Perf and correctness remain the same.
3191 2008-09-30 Sam Weinig <sam@webkit.org>
3193 Reviewed by Mark Rowe.
3195 Add WebKitAvailability macros for JSObjectMakeArray, JSObjectMakeDate, JSObjectMakeError,
3196 and JSObjectMakeRegExp
3198 * API/JSObjectRef.h:
3200 2008-09-30 Darin Adler <darin@apple.com>
3202 Reviewed by Geoff Garen.
3204 - https://bugs.webkit.org/show_bug.cgi?id=21214
3205 work on getting rid of ExecState
3207 Replaced the m_prev field of ExecState with a bit in the
3208 call frame pointer to indicate "host" call frames.
3211 (JSC::makeHostCallFramePointer): Added. Sets low bit.
3212 (JSC::isHostCallFrame): Added. Checks low bit.
3213 (JSC::stripHostCallFrameBit): Added. Clears low bit.
3214 (JSC::Machine::unwindCallFrame): Replaced null check that was
3215 formerly used to detect host call frames with an isHostCallFrame check.
3216 (JSC::Machine::execute): Pass in a host call frame pointer rather than
3217 always passing 0 when starting execution from the host. This allows us
3218 to follow the entire call frame pointer chain when desired, or to stop
3219 at the host calls when that's desired.
3220 (JSC::Machine::privateExecute): Replaced null check that was
3221 formerly used to detect host call frames with an isHostCallFrame check.
3222 (JSC::Machine::retrieveCaller): Ditto.
3223 (JSC::Machine::retrieveLastCaller): Ditto.
3224 (JSC::Machine::callFrame): Removed the code to walk up m_prev pointers
3225 and replaced it with code that uses the caller pointer and uses the
3226 stripHostCallFrameBit function.
3228 * kjs/ExecState.cpp: Removed m_prev.
3229 * kjs/ExecState.h: Ditto.
3231 2008-09-30 Cameron Zwarich <zwarich@apple.com>
3233 Reviewed by Geoff Garen.
3235 Move all detection of 'arguments' in a lexical scope to the parser, in
3236 preparation for fixing
3238 Bug 21123: using "arguments" in a function should not force creation of an activation object
3239 <https://bugs.webkit.org/show_bug.cgi?id=21123>
3241 * VM/CodeGenerator.cpp:
3242 (JSC::CodeGenerator::CodeGenerator):
3246 2008-09-30 Geoffrey Garen <ggaren@apple.com>
3251 (runWithScripts): Fixed indentation.
3253 2008-09-30 Mark Rowe <mrowe@apple.com>
3255 Rubber-stamped by Sam Weinig.
3257 Build fix. Move InternalFunction::classInfo implementation into the .cpp
3258 file to prevent the vtable for InternalFunction being generated as a weak symbol.
3259 Has no effect on SunSpider.
3261 * kjs/InternalFunction.cpp:
3262 (JSC::InternalFunction::classInfo):
3263 * kjs/InternalFunction.h:
3265 2008-09-29 Maciej Stachowiak <mjs@apple.com>
3267 Reviewed by Darin Adler.
3269 - optimize appending a number to a string
3270 https://bugs.webkit.org/show_bug.cgi?id=21203
3272 It's pretty common in real-world code (and on some of the v8
3273 benchmarks) to append a number to a string, so I made this one of
3274 the fast cases, and also added support to UString to do it
3275 directly without allocating a temporary UString.
3277 ~1% speedup on v8 benchmark.
3280 (JSC::jsAddSlowCase): Make this NEVER_INLINE because somehow otherwise
3281 the change is a regression.
3282 (JSC::jsAdd): Handle number + string special case.
3283 (JSC::Machine::cti_op_add): Integrate much of the logic of jsAdd to
3284 avoid exception check in the str + str, num + num and str + num cases.
3286 (JSC::expandedSize): Make this a non-member function, since it needs to be
3287 called in non-member functions but not outside this file.
3288 (JSC::expandCapacity): Ditto.
3289 (JSC::UString::expandCapacity): Call the non-member version.
3290 (JSC::createRep): Helper to make a rep from a char*.
3291 (JSC::UString::UString): Use above helper.
3292 (JSC::concatenate): Guts of concatenating constructor for cases where first
3293 item is a UString::Rep, and second is a UChar* and length, or a char*.
3294 (JSC::UString::append): Implement for cases where first item is a UString::Rep,
3295 and second is an int or double. Sadly duplicates logic of UString::from(int)
3296 and UString::from(double).
3299 2008-09-29 Darin Adler <darin@apple.com>
3301 Reviewed by Sam Weinig.
3303 - https://bugs.webkit.org/show_bug.cgi?id=21214
3304 work on getting rid of ExecState
3306 * JavaScriptCore.exp: Updated since JSGlobalObject::init
3307 no longer takes a parameter.
3310 (JSC::Machine::execute): Removed m_registerFile argument
3311 for ExecState constructors.
3313 * kjs/DebuggerCallFrame.cpp:
3314 (JSC::DebuggerCallFrame::evaluate): Removed globalThisValue
3315 argument for ExecState constructor.
3317 * kjs/ExecState.cpp:
3318 (JSC::ExecState::ExecState): Removed globalThisValue and
3319 registerFile arguments to constructors.
3321 * kjs/ExecState.h: Removed m_globalThisValue and
3322 m_registerFile data members.
3324 * kjs/JSGlobalObject.cpp:
3325 (JSC::JSGlobalObject::init): Removed globalThisValue
3326 argument for ExecState constructor.
3328 * kjs/JSGlobalObject.h:
3329 (JSC::JSGlobalObject::JSGlobalObject): Got rid of parameter
3330 for the init function.
3332 2008-09-29 Geoffrey Garen <ggaren@apple.com>
3334 Rubber-stamped by Cameron Zwarich.
3336 Fixed https://bugs.webkit.org/show_bug.cgi?id=21225
3337 Machine::retrieveLastCaller should check for a NULL codeBlock
3339 In order to crash, you would need to call retrieveCaller in a situation
3340 where you had two host call frames in a row in the register file. I
3341 don't know how to make that happen, or if it's even possible, so I don't
3342 have a test case -- but better safe than sorry!
3345 (JSC::Machine::retrieveLastCaller):
3347 2008-09-29 Geoffrey Garen <ggaren@apple.com>
3349 Reviewed by Cameron Zwarich.
3351 Store the callee ScopeChain, not the caller ScopeChain, in the call frame
3352 header. Nix the "scopeChain" local variable and ExecState::m_scopeChain, and
3353 access the callee ScopeChain through the call frame header instead.
3355 Profit: call + return are simpler, because they don't have to update the
3356 "scopeChain" local variable, or ExecState::m_scopeChain.
3358 Because CTI keeps "r" in a register, reading the callee ScopeChain relative
3359 to "r" can be very fast, in any cases we care to optimize.
3361 0% speedup on empty function call benchmark. (5.5% speedup in bytecode.)
3362 0% speedup on SunSpider. (7.5% speedup on controlflow-recursive.)
3363 2% speedup on SunSpider --v8.
3364 2% speedup on v8 benchmark.
3366 * VM/CTI.cpp: Changed scope chain access to read the scope chain from
3367 the call frame header. Sped up op_ret by changing it not to fuss with
3368 the "scopeChain" local variable or ExecState::m_scopeChain.
3370 * VM/CTI.h: Updated CTI trampolines not to take a ScopeChainNode*
3371 argument, since that's stored in the call frame header now.
3373 * VM/Machine.cpp: Access "scopeChain" and "codeBlock" through new helper
3374 functions that read from the call frame header. Updated functions operating
3375 on ExecState::m_callFrame to account for / take advantage of the fact that
3376 Exec:m_callFrame is now never NULL.
3378 Fixed a bug in op_construct, where it would use the caller's default
3379 object prototype, rather than the callee's, when constructing a new object.
3381 * VM/Machine.h: Made some helper functions available. Removed
3382 ScopeChainNode* arguments to a lot of functions, since the ScopeChainNode*
3383 is now stored in the call frame header.
3385 * VM/RegisterFile.h: Renamed "CallerScopeChain" to "ScopeChain", since
3386 that's what it is now.
3388 * kjs/DebuggerCallFrame.cpp: Updated for change to ExecState signature.
3390 * kjs/ExecState.cpp:
3391 * kjs/ExecState.h: Nixed ExecState::m_callFrame, along with the unused
3392 isGlobalObject function.
3394 * kjs/JSGlobalObject.cpp:
3395 * kjs/JSGlobalObject.h: Gave the global object a fake call frame in
3396 which to store the global scope chain, since our code now assumes that
3397 it can always read the scope chain out of the ExecState's call frame.
3399 2008-09-29 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3401 Reviewed by Sam Weinig.
3403 Remove the isActivationObject() virtual method on JSObject and use
3404 StructureID information instead. This should be slightly faster, but
3405 isActivationObject() is only used in assertions and unwinding the stack
3410 (JSC::Machine::unwindCallFrame):
3411 (JSC::Machine::privateExecute):
3412 (JSC::Machine::cti_op_ret_activation):
3413 * kjs/JSActivation.cpp:
3414 * kjs/JSActivation.h:
3417 2008-09-29 Peter Gal <galpeter@inf.u-szeged.hu>
3419 Reviewed and tweaked by Darin Adler.
3421 Fix build for non-all-in-one platforms.
3423 * kjs/StringPrototype.cpp: Added missing ASCIICType.h include.
3425 2008-09-29 Bradley T. Hughes <bradley.hughes@nokia.com>
3427 Reviewed by Simon Hausmann.
3429 Fix compilation with icpc
3435 2008-09-29 Thiago Macieira <thiago.macieira@nokia.com>
3437 Reviewed by Simon Hausmann.
3439 Changed copyright from Trolltech ASA to Nokia.
3441 Nokia acquired Trolltech ASA, assets were transferred on September 26th 2008.
3444 * wtf/qt/MainThreadQt.cpp:
3446 2008-09-29 Simon Hausmann <hausmann@webkit.org>
3448 Reviewed by Lars Knoll.
3450 Don't accidentially install libJavaScriptCore.a for the build inside
3453 * JavaScriptCore.pro:
3455 2008-09-28 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3457 Reviewed by Maciej Stachowiak.
3459 Bug 21200: Allow direct access to 'arguments' without using op_resolve
3460 <https://bugs.webkit.org/show_bug.cgi?id=21200>
3462 Allow fast access to the 'arguments' object by adding an extra slot to
3463 the callframe to store it.
3465 This is a 3.0% speedup on the V8 Raytrace benchmark.
3467 * JavaScriptCore.exp:
3469 (JSC::CTI::privateCompileMainPass):
3471 (JSC::CodeBlock::dump):
3472 * VM/CodeGenerator.cpp:
3473 (JSC::CodeGenerator::CodeGenerator):
3474 (JSC::CodeGenerator::registerFor):
3475 * VM/CodeGenerator.h:
3476 (JSC::CodeGenerator::registerFor):
3478 (JSC::Machine::initializeCallFrame):
3479 (JSC::Machine::dumpRegisters):
3480 (JSC::Machine::privateExecute):
3481 (JSC::Machine::retrieveArguments):
3482 (JSC::Machine::cti_op_call_JSFunction):
3483 (JSC::Machine::cti_op_create_arguments):
3484 (JSC::Machine::cti_op_construct_JSConstruct):
3487 * VM/RegisterFile.h:
3488 (JSC::RegisterFile::):
3489 * kjs/JSActivation.cpp:
3490 (JSC::JSActivation::mark):
3491 (JSC::JSActivation::argumentsGetter):
3492 * kjs/JSActivation.h:
3493 (JSC::JSActivation::JSActivationData::JSActivationData):
3496 (JSC::Parser::didFinishParsing):
3498 (JSC::Parser::parse):
3501 (JSC::ScopeNode::ScopeNode):
3502 (JSC::ProgramNode::ProgramNode):
3503 (JSC::ProgramNode::create):
3504 (JSC::EvalNode::EvalNode):
3505 (JSC::EvalNode::create):
3506 (JSC::FunctionBodyNode::FunctionBodyNode):
3507 (JSC::FunctionBodyNode::create):
3509 (JSC::ScopeNode::usesArguments):
3511 2008-09-28 Mark Rowe <mrowe@apple.com>
3513 Reviewed by Sam Weinig.
3515 Add an ASCII fast-path to toLowerCase and toUpperCase.
3517 The fast path speeds up the common case of an ASCII-only string by up to 60% while adding a less than 5% penalty
3518 to the less common non-ASCII case.
3520 This also removes stringProtoFuncToLocaleLowerCase and stringProtoFuncToLocaleUpperCase, which were identical
3521 to the non-locale variants of the functions. toLocaleLowerCase and toLocaleUpperCase now use the non-locale
3522 variants of the functions directly.
3524 * kjs/StringPrototype.cpp:
3525 (JSC::stringProtoFuncToLowerCase):
3526 (JSC::stringProtoFuncToUpperCase):
3528 2008-09-28 Mark Rowe <mrowe@apple.com>
3530 Reviewed by Cameron Zwarich.
3532 Speed up parseInt and parseFloat.
3534 Repeatedly indexing into a UString is slow, so retrieve a pointer into the underlying buffer once up front
3535 and use that instead. This is a 7% win on a parseInt/parseFloat micro-benchmark.
3537 * kjs/JSGlobalObjectFunctions.cpp:
3541 2008-09-28 Simon Hausmann <hausmann@webkit.org>
3543 Reviewed by David Hyatt.
3545 In Qt's initializeThreading re-use an existing thread identifier for the main
3546 thread if it exists.
3548 currentThread() implicitly creates new identifiers and it could be that
3549 it is called before initializeThreading().
3551 * wtf/ThreadingQt.cpp:
3552 (WTF::initializeThreading):
3554 2008-09-27 Keishi Hattori <casey.hattori@gmail.com>
3556 Added Machine::retrieveCaller to the export list.
3558 Reviewed by Kevin McCullough and Tim Hatcher.
3560 * JavaScriptCore.exp: Added Machine::retrieveCaller.
3562 2008-09-27 Anders Carlsson <andersca@apple.com>
3569 2008-09-27 Geoffrey Garen <ggaren@apple.com>
3571 Reviewed by Cameron Zwarich.
3573 https://bugs.webkit.org/show_bug.cgi?id=21175
3575 Store the callee CodeBlock, not the caller CodeBlock, in the call frame
3576 header. Nix the "codeBlock" local variable, and access the callee
3577 CodeBlock through the call frame header instead.
3579 Profit: call + return are simpler, because they don't have to update the
3580 "codeBlock" local variable.
3582 Because CTI keeps "r" in a register, reading the callee CodeBlock relative
3583 to "r" can be very fast, in any cases we care to optimize. Presently,
3584 no such cases seem important.
3586 Also, stop writing "dst" to the call frame header. CTI doesn't use it.
3588 21.6% speedup on empty function call benchmark.
3589 3.8% speedup on SunSpider --v8.
3590 2.1% speedup on v8 benchmark.
3591 0.7% speedup on SunSpider (6% speedup on controlflow-recursive).
3593 Small regression in bytecode, because currently every op_ret reads the
3594 callee CodeBlock to check needsFullScopeChain, and bytecode does not
3595 keep "r" in a register. On-balance, this is probably OK, since CTI is
3596 our high-performance execution model. Also, this should go away once
3597 we make needsFullScopeChain statically determinable at parse time.
3600 (JSC::CTI::compileOpCall): The speedup!
3601 (JSC::CTI::privateCompileSlowCases): ditto
3604 (JSC::): Fixed up magic trampoline constants to account for the nixed
3605 "codeBlock" argument.
3606 (JSC::CTI::execute): Changed trampoline function not to take a "codeBlock"
3607 argument, since codeBlock is now stored in the call frame header.
3609 * VM/Machine.cpp: Read the callee CodeBlock from the register file. Use
3610 a NULL CallerRegisters in the call frame header to signal a built-in
3611 caller, since CodeBlock is now never NULL.
3613 * VM/Machine.h: Made some stand-alone functions Machine member functions
3614 so they could call the private codeBlock() accessor in the Register
3615 class, of which Machine is a friend. Renamed "CallerCodeBlock" to
3616 "CodeBlock", since it's no longer the caller's CodeBlock.
3618 * VM/RegisterFile.h: Marked some methods const to accommodate a
3619 const RegisterFile* being passed around in Machine.cpp.
3621 2008-09-26 Jan Michael Alonzo <jmalonzo@webkit.org>
3623 Gtk build fix. Not reviewed.
3625 Narrow-down the target of the JavaScriptCore .lut.h generator so
3626 it won't try to create the WebCore .lut.hs.
3630 2008-09-26 Matt Lilek <webkit@mattlilek.com>
3632 Reviewed by Tim Hatcher.
3634 Update FEATURE_DEFINES after ENABLE_CROSS_DOCUMENT_MESSAGING was removed.
3636 * Configurations/JavaScriptCore.xcconfig:
3638 2008-09-26 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3640 Rubber-stamped by Anders Carlson.
3642 Change the name 'sc' to 'scopeChainNode' in a few places.
3645 (JSC::EvalNode::generateCode):
3646 (JSC::FunctionBodyNode::generateCode):
3647 (JSC::ProgramNode::generateCode):
3649 2008-09-26 Sam Weinig <sam@webkit.org>
3651 Reviewed by Darin Adler.
3653 Patch for https://bugs.webkit.org/show_bug.cgi?id=21152
3654 Speedup static property get/put
3656 Convert getting/setting static property values to use static functions
3657 instead of storing an integer and switching in getValueProperty/putValueProperty.
3660 (JSC::JSObject::deleteProperty):
3661 (JSC::JSObject::getPropertyAttributes):
3662 * kjs/MathObject.cpp:
3663 (JSC::MathObject::getOwnPropertySlot):
3664 * kjs/NumberConstructor.cpp:
3665 (JSC::numberConstructorNaNValue):
3666 (JSC::numberConstructorNegInfinity):
3667 (JSC::numberConstructorPosInfinity):
3668 (JSC::numberConstructorMaxValue):
3669 (JSC::numberConstructorMinValue):
3670 * kjs/PropertySlot.h:
3671 (JSC::PropertySlot::):
3672 * kjs/RegExpConstructor.cpp:
3673 (JSC::regExpConstructorDollar1):
3674 (JSC::regExpConstructorDollar2):
3675 (JSC::regExpConstructorDollar3):
3676 (JSC::regExpConstructorDollar4):
3677 (JSC::regExpConstructorDollar5):
3678 (JSC::regExpConstructorDollar6):
3679 (JSC::regExpConstructorDollar7):
3680 (JSC::regExpConstructorDollar8):
3681 (JSC::regExpConstructorDollar9):
3682 (JSC::regExpConstructorInput):
3683 (JSC::regExpConstructorMultiline):
3684 (JSC::regExpConstructorLastMatch):
3685 (JSC::regExpConstructorLastParen):
3686 (JSC::regExpConstructorLeftContext):
3687 (JSC::regExpConstructorRightContext):
3688 (JSC::setRegExpConstructorInput):
3689 (JSC::setRegExpConstructorMultiline):
3690 (JSC::RegExpConstructor::setInput):
3691 (JSC::RegExpConstructor::setMultiline):
3692 (JSC::RegExpConstructor::multiline):
3693 * kjs/RegExpConstructor.h:
3694 * kjs/RegExpObject.cpp:
3695 (JSC::regExpObjectGlobal):
3696 (JSC::regExpObjectIgnoreCase):
3697 (JSC::regExpObjectMultiline):
3698 (JSC::regExpObjectSource):
3699 (JSC::regExpObjectLastIndex):
3700 (JSC::setRegExpObjectLastIndex):
3701 * kjs/RegExpObject.h:
3702 (JSC::RegExpObject::setLastIndex):
3703 (JSC::RegExpObject::lastIndex):
3704 (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
3705 * kjs/StructureID.cpp:
3706 (JSC::StructureID::getEnumerablePropertyNames):
3707 * kjs/create_hash_table:
3711 (JSC::HashTable::createTable):
3712 (JSC::HashTable::deleteTable):
3713 (JSC::setUpStaticFunctionSlot):
3715 (JSC::HashEntry::initialize):
3716 (JSC::HashEntry::setKey):
3717 (JSC::HashEntry::key):
3718 (JSC::HashEntry::attributes):
3719 (JSC::HashEntry::function):
3720 (JSC::HashEntry::functionLength):
3721 (JSC::HashEntry::propertyGetter):
3722 (JSC::HashEntry::propertyPutter):
3723 (JSC::HashEntry::lexerValue):
3725 (JSC::HashTable::entry):
3726 (JSC::getStaticPropertySlot):
3727 (JSC::getStaticValueSlot):
3730 2008-09-26 Gavin Barraclough <barraclough@apple.com>
3732 Reviewed by Maciej Stachowiak & Oliver Hunt.
3734 Add support for reusing temporary JSNumberCells. This change is based on the observation
3735 that if the result of certain operations is a JSNumberCell and is consumed by a subsequent
3736 operation that would produce a JSNumberCell, we can reuse the object rather than allocating
3737 a fresh one. E.g. given the expression ((a * b) * c), we can statically determine that
3738 (a * b) will have a numeric result (or else it will have thrown an exception), so the result
3739 will either be a JSNumberCell or a JSImmediate.
3741 This patch changes three areas of JSC:
3742 * The AST now tracks type information about the result of each node.
3743 * This information is consumed in bytecode compilation, and certain bytecode operations
3744 now carry the statically determined type information about their operands.
3745 * CTI uses the information in a number of fashions:
3746 * Where an operand to certain arithmetic operations is reusable, it will plant code
3747 to try to perform the operation in JIT code & reuse the cell, where appropriate.
3748 * Where it can be statically determined that an operand can only be numeric (typically
3749 the result of another arithmetic operation) the code will not redundantly check that
3750 the JSCell is a JSNumberCell.
3751 * Where either of the operands to an add are non-numeric do not plant an optimized
3752 arithmetic code path, just call straight out to the C function.
3754 +6% Sunspider (10% progression on 3D, 16% progression on math, 60% progression on access-nbody),
3755 +1% v8-tests (improvements in raytrace & crypto)
3757 * VM/CTI.cpp: Add optimized code generation with reuse of temporary JSNumberCells.
3759 * kjs/JSNumberCell.h:
3760 * masm/X86Assembler.h:
3762 * VM/CodeBlock.cpp: Add type information to specific bytecodes.
3763 * VM/CodeGenerator.cpp:
3764 * VM/CodeGenerator.h:
3767 * kjs/nodes.cpp: Track static type information for nodes.
3769 * kjs/ResultDescriptor.h: (Added)
3770 * JavaScriptCore.xcodeproj/project.pbxproj:
3772 2008-09-26 Yichao Yin <yichao.yin@torchmobile.com.cn>
3774 Reviewed by George Staikos, Maciej Stachowiak.
3776 Add utility functions needed for upcoming WML code.
3779 (WTF::isASCIIPrintable):
3781 2008-09-26 Geoffrey Garen <ggaren@apple.com>
3783 Reviewed by Darin Adler.
3785 Reverted the part of r36614 that used static data because static data
3788 2008-09-26 Geoffrey Garen <ggaren@apple.com>
3790 Reviewed by Maciej Stachowiak.
3792 Removed dynamic check for whether the callee needs an activation object.
3793 Replaced with callee code to create the activation object.
3795 0.5% speedup on SunSpider.
3796 No change on v8 benchmark. (Might be a speedup, but it's in range of the
3799 0.7% speedup on v8 benchmark in bytecode.
3800 1.3% speedup on empty call benchmark in bytecode.
3803 (JSC::CTI::privateCompileMainPass): Added support for op_init_activation,
3804 the new opcode that specifies that the callee's initialization should
3805 create an activation object.
3806 (JSC::CTI::privateCompile): Removed previous code that did a similar
3807 thing in an ad-hoc way.
3810 (JSC::CodeBlock::dump): Added a case for dumping op_init_activation.
3812 * VM/CodeGenerator.cpp:
3813 (JSC::CodeGenerator::generate): Added fixup code to change op_init to
3814 op_init_activation if necessary. (With a better parser, we would know
3815 which to use from the beginning.)
3818 (JSC::Instruction::Instruction):
3819 (WTF::): Faster traits for the instruction vector. An earlier version
3820 of this patch relied on inserting at the beginning of the vector, and
3821 depended on this change for speed.
3824 (JSC::Machine::execute): Removed clients of setScopeChain, the old
3825 abstraction for dynamically checking for whether an activation object
3826 needed to be created.
3827 (JSC::Machine::privateExecute): ditto
3829 (JSC::Machine::cti_op_push_activation): Renamed this function from
3830 cti_vm_updateScopeChain, and made it faster by removing the call to
3834 * VM/Opcode.h: Declared op_init_activation.
3836 2008-09-24 Geoffrey Garen <ggaren@apple.com>
3838 Reviewed by Maciej Stachowiak.
3840 Move most of the return code back into the callee, now that the callee
3841 doesn't have to calculate anything dynamically.
3843 11.5% speedup on empty function call benchmark.
3845 SunSpider says 0.3% faster. SunSpider --v8 says no change.
3848 (JSC::CTI::compileOpCall):
3849 (JSC::CTI::privateCompileMainPass):
3850 (JSC::CTI::privateCompileSlowCases):
3852 2008-09-24 Sam Weinig <sam@webkit.org>
3854 Reviewed by Maciej Stachowiak.
3856 Remove staticFunctionGetter. There is only one remaining user of
3857 staticFunctionGetter and it can be converted to use setUpStaticFunctionSlot.
3859 * JavaScriptCore.exp:
3863 2008-09-24 Maciej Stachowiak <mjs@apple.com>
3865 Reviewed by Oliver Hunt.
3867 - inline JIT fast case of op_neq
3868 - remove extra level of function call indirection from slow cases of eq and neq
3870 1% speedup on Richards
3873 (JSC::CTI::privateCompileMainPass):
3874 (JSC::CTI::privateCompileSlowCases):
3876 (JSC::Machine::privateExecute):
3877 (JSC::Machine::cti_op_eq):
3878 (JSC::Machine::cti_op_neq):
3879 * kjs/operations.cpp:
3881 (JSC::equalSlowCase):
3883 (JSC::equalSlowCaseInline):
3885 2008-09-24 Sam Weinig <sam@webkit.org>
3887 Reviewed by Darin Adler.
3889 Fix for https://bugs.webkit.org/show_bug.cgi?id=21080
3890 <rdar://problem/6243534>
3891 Crash below Function.apply when using a runtime array as the argument list
3893 Test: plugins/bindings-array-apply-crash.html
3895 * kjs/FunctionPrototype.cpp:
3896 (JSC::functionProtoFuncApply): Revert to the slow case if the object inherits from
3897 JSArray (via ClassInfo) but is not a JSArray.
3899 2008-09-24 Kevin McCullough <kmccullough@apple.com>
3904 (JSC::statementListEmitCode):
3906 2008-09-24 Kevin McCullough <kmccullough@apple.com>
3910 Bug 21031: Breakpoints in the condition of loops only breaks the first
3912 - Now when setting breakpoints in the condition of a loop (for, while,
3913 for in, and do while) will successfully break each time throught the
3915 - For 'for' loops we need a little more complicated behavior that cannot
3916 be accomplished without some more significant changes:
3917 https://bugs.webkit.org/show_bug.cgi?id=21073
3920 (JSC::statementListEmitCode): We don't want to blindly emit a debug hook
3921 at the first line of loops, instead let the loop emit the debug hooks.
3922 (JSC::DoWhileNode::emitCode):
3923 (JSC::WhileNode::emitCode):
3924 (JSC::ForNode::emitCode):
3925 (JSC::ForInNode::emitCode):
3927 (JSC::StatementNode::):
3928 (JSC::DoWhileNode::):
3932 2008-09-24 Geoffrey Garen <ggaren@apple.com>
3934 Reviewed by Darin Adler.
3936 Fixed <rdar://problem/5605532> Need a SPI for telling JS the size of
3937 the objects it retains
3939 * API/tests/testapi.c: Test the new SPI a little.
3941 * API/JSSPI.cpp: Add the new SPI.
3942 * API/JSSPI.h: Add the new SPI.
3943 * JavaScriptCore.exp: Add the new SPI.
3944 * JavaScriptCore.xcodeproj/project.pbxproj: Add the new SPI.
3946 2008-09-24 Geoffrey Garen <ggaren@apple.com>
3948 Reviewed by Darin Adler.
3950 * API/JSBase.h: Filled in some missing function names.
3952 2008-09-24 Geoffrey Garen <ggaren@apple.com>
3954 Reviewed by Cameron Zwarich.
3956 Fixed https://bugs.webkit.org/show_bug.cgi?id=21057
3957 Crash in RegisterID::deref() running fast/canvas/canvas-putImageData.html
3959 * VM/CodeGenerator.h: Changed declaration order to ensure the
3960 m_lastConstant, which is a RefPtr that points into m_calleeRegisters,
3961 has its destructor called before the destructor for m_calleeRegisters.
3963 2008-09-24 Darin Adler <darin@apple.com>
3965 Reviewed by Sam Weinig.
3967 - https://bugs.webkit.org/show_bug.cgi?id=21047
3968 speed up ret_activation with inlining
3970 About 1% on v8-raytrace.
3972 * JavaScriptCore.exp: Removed JSVariableObject::setRegisters.
3974 * kjs/JSActivation.cpp: Moved copyRegisters to the header to make it inline.
3975 * kjs/JSActivation.h:
3976 (JSC::JSActivation::copyRegisters): Moved here. Also removed the registerArraySize
3977 argument to setRegisters, since the object doesn't need to store the number of
3980 * kjs/JSGlobalObject.cpp:
3981 (JSC::JSGlobalObject::reset): Removed unnecessary clearing left over from when we
3982 used this on objects that weren't brand new. These days, this function is really
3983 just part of the constructor.
3985 * kjs/JSGlobalObject.h: Added registerArraySize to JSGlobalObjectData, since
3986 JSVariableObjectData no longer needs it. Added a setRegisters override here
3987 that handles storing the size.
3989 * kjs/JSStaticScopeObject.h: Removed code to set registerArraySize, since it
3992 * kjs/JSVariableObject.cpp: Moved copyRegisterArray and setRegisters to the
3993 header to make them inline.
3994 * kjs/JSVariableObject.h: Removed registerArraySize from JSVariableObjectData,
3995 since it was only used for the global object.
3996 (JSC::JSVariableObject::copyRegisterArray): Moved here ot make it inline.
3997 (JSC::JSVariableObject::setRegisters): Moved here to make it inline. Also
3998 removed the code to set registerArraySize and changed an if statement into
3999 an assert to save an unnnecessary branch.
4001 2008-09-24 Maciej Stachowiak <mjs@apple.com>
4003 Reviewed by Oliver Hunt.
4005 - inline PropertyMap::getOffset to speed up polymorphic lookups
4007 ~1.5% speedup on v8 benchmark
4008 no effect on SunSpider
4010 * JavaScriptCore.exp:
4011 * kjs/PropertyMap.cpp:
4012 * kjs/PropertyMap.h:
4013 (JSC::PropertyMap::getOffset):
4015 2008-09-24 Jan Michael Alonzo <jmalonzo@webkit.org>
4017 Reviewed by Alp Toker.
4019 https://bugs.webkit.org/show_bug.cgi?id=20992
4020 Build fails on GTK+ Mac OS
4022 * wtf/ThreadingGtk.cpp: Remove platform ifdef as suggested by
4024 (WTF::initializeThreading):
4026 2008-09-23 Oliver Hunt <oliver@apple.com>
4028 Reviewed by Maciej Stachowiak.
4030 Bug 19968: Slow Script at www.huffingtonpost.com
4031 <https://bugs.webkit.org/show_bug.cgi?id=19968>
4033 Finally found the cause of this accursed issue. It is triggered
4034 by synchronous creation of a new global object from JS. The new
4035 global object resets the timer state in this execution group's
4036 Machine, taking timerCheckCount to 0. Then when JS returns the
4037 timerCheckCount is decremented making it non-zero. The next time
4038 we execute JS we will start the timeout counter, however the non-zero
4039 timeoutCheckCount means we don't reset the timer information. This
4040 means that the timeout check is now checking the cumulative time
4041 since the creation of the global object rather than the time since
4042 JS was last entered. At this point the slow script dialog is guaranteed
4043 to eventually be displayed incorrectly unless a page is loaded
4044 asynchronously (which will reset everything into a sane state).
4046 The fix for this is rather trivial -- the JSGlobalObject constructor
4047 should not be resetting the machine timer state.
4050 (JSC::Machine::Machine):
4051 Now that we can't rely on the GlobalObject initialising the timeout
4052 state, we do it in the Machine constructor.
4055 (JSC::Machine::stopTimeoutCheck):
4056 Add assertions to guard against this happening.
4058 * kjs/JSGlobalObject.cpp:
4059 (JSC::JSGlobalObject::init):
4060 Don't reset the timeout state.
4062 2008-09-23 Geoffrey Garen <ggaren@apple.com>
4064 Reviewed by Oliver Hunt.
4066 Fixed https://bugs.webkit.org/show_bug.cgi?id=21038 | <rdar://problem/6240812>
4067 Uncaught exceptions in regex replace callbacks crash webkit
4069 This was a combination of two problems:
4071 (1) the replace function would continue execution after an exception
4074 (2) In some cases, the Machine would return 0 in the case of an exception,
4075 despite the fact that a few clients dereference the Machine's return
4076 value without first checking for an exception.
4079 (JSC::Machine::execute):
4081 ^ Return jsNull() instead of 0 in the case of an exception, since some
4082 clients depend on using our return value.
4084 ^ ASSERT that execution does not continue after an exception has been
4085 thrown, to help catch problems like this in the future.
4087 * kjs/StringPrototype.cpp:
4088 (JSC::stringProtoFuncReplace):
4090 ^ Stop execution if an exception has been thrown.
4092 2008-09-23 Geoffrey Garen <ggaren@apple.com>
4094 Try to fix the windows build.
4097 (JSC::CTI::compileOpCall):
4098 (JSC::CTI::privateCompileMainPass):
4100 2008-09-23 Alp Toker <alp@nuanti.com>
4106 2008-09-23 Geoffrey Garen <ggaren@apple.com>
4108 Reviewed by Darin Adler.
4110 * wtf/Platform.h: Removed duplicate #if.
4112 2008-09-23 Geoffrey Garen <ggaren@apple.com>
4114 Reviewed by Darin Adler.
4116 Changed the layout of the call frame from
4118 { header, parameters, locals | constants, temporaries }
4122 { parameters, header | locals, constants, temporaries }
4124 This simplifies function entry+exit, and enables a number of future
4127 13.5% speedup on empty call benchmark for bytecode; 23.6% speedup on
4128 empty call benchmark for CTI.
4130 SunSpider says no change. SunSpider --v8 says 1% faster.
4134 Added a bit of abstraction for calculating whether a register is a
4135 constant, since this patch changes that calculation:
4136 (JSC::CTI::isConstant):
4137 (JSC::CTI::getConstant):
4138 (JSC::CTI::emitGetArg):
4139 (JSC::CTI::emitGetPutArg):
4140 (JSC::CTI::getConstantImmediateNumericArg):
4142 Updated for changes to callframe header location:
4143 (JSC::CTI::emitPutToCallFrameHeader):
4144 (JSC::CTI::emitGetFromCallFrameHeader):
4145 (JSC::CTI::printOpcodeOperandTypes):
4147 Renamed to spite Oliver:
4148 (JSC::CTI::emitInitRegister):
4150 Added an abstraction for emitting a call through a register, so that
4151 calls through registers generate exception info, too:
4152 (JSC::CTI::emitCall):
4154 Updated to match the new callframe header layout, and to support calls
4155 through registers, which have no destination address:
4156 (JSC::CTI::compileOpCall):
4157 (JSC::CTI::privateCompileMainPass):
4158 (JSC::CTI::privateCompileSlowCases):
4159 (JSC::CTI::privateCompile):
4164 (JSC::CallRecord::CallRecord):
4168 Updated for new register layout:
4169 (JSC::registerName):
4170 (JSC::CodeBlock::dump):
4174 Updated CodeBlock to track slightly different information about the
4175 register frame, and tweaked the style of an ASSERT_NOT_REACHED.
4176 (JSC::CodeBlock::CodeBlock):
4177 (JSC::CodeBlock::getStubInfo):
4179 * VM/CodeGenerator.cpp:
4181 Added some abstraction around constant register allocation, since this
4182 patch changes it, changed codegen to account for the new callframe
4183 layout, and added abstraction around register fetching code
4184 that used to assume that all local registers lived at negative indices,
4185 since vars now live at positive indices:
4186 (JSC::CodeGenerator::generate):
4187 (JSC::CodeGenerator::addVar):
4188 (JSC::CodeGenerator::addGlobalVar):
4189 (JSC::CodeGenerator::allocateConstants):
4190 (JSC::CodeGenerator::CodeGenerator):
4191 (JSC::CodeGenerator::addParameter):
4192 (JSC::CodeGenerator::registerFor):
4193 (JSC::CodeGenerator::constRegisterFor):
4194 (JSC::CodeGenerator::newRegister):
4195 (JSC::CodeGenerator::newTemporary):
4196 (JSC::CodeGenerator::highestUsedRegister):
4197 (JSC::CodeGenerator::addConstant):
4199 ASSERT that our caller referenced the registers it passed to us.
4200 Otherwise, we might overwrite them with parameters:
4201 (JSC::CodeGenerator::emitCall):
4202 (JSC::CodeGenerator::emitConstruct):
4204 * VM/CodeGenerator.h:
4206 Added some abstraction for getting a RegisterID for a given index,
4207 since the rules are a little weird:
4208 (JSC::CodeGenerator::registerFor):
4212 Utility function to transform a machine return PC to a virtual machine
4213 return VPC, for the sake of stack unwinding, since both PCs are stored
4214 in the same location now:
4217 Tweaked to account for new call frame:
4218 (JSC::Machine::initializeCallFrame):
4220 Tweaked to account for registerOffset supplied by caller:
4221 (JSC::slideRegisterWindowForCall):
4223 Tweaked to account for new register layout:
4224 (JSC::scopeChainForCall):
4225 (JSC::Machine::callEval):
4226 (JSC::Machine::dumpRegisters):
4227 (JSC::Machine::unwindCallFrame):
4228 (JSC::Machine::execute):
<
git://git.webkit.org / WebKit.git / blob