1 2008-09-24 Maciej Stachowiak <mjs@apple.com>
3 Reviewed by Oliver Hunt.
5 - inline JIT fast case of op_neq
6 - remove extra level of function call indirection from slow cases of eq and neq
11 (JSC::CTI::privateCompileMainPass):
12 (JSC::CTI::privateCompileSlowCases):
14 (JSC::Machine::privateExecute):
15 (JSC::Machine::cti_op_eq):
16 (JSC::Machine::cti_op_neq):
21 (JSC::equalSlowCaseInline):
23 2008-09-24 Sam Weinig <sam@webkit.org>
25 Reviewed by Darin Adler.
27 Fix for https://bugs.webkit.org/show_bug.cgi?id=21080
28 <rdar://problem/6243534>
29 Crash below Function.apply when using a runtime array as the argument list
31 Test: plugins/bindings-array-apply-crash.html
33 * kjs/FunctionPrototype.cpp:
34 (JSC::functionProtoFuncApply): Revert to the slow case if the object inherits from
35 JSArray (via ClassInfo) but is not a JSArray.
37 2008-09-24 Kevin McCullough <kmccullough@apple.com>
42 (JSC::statementListEmitCode):
44 2008-09-24 Kevin McCullough <kmccullough@apple.com>
48 Bug 21031: Breakpoints in the condition of loops only breaks the first
50 - Now when setting breakpoints in the condition of a loop (for, while,
51 for in, and do while) will successfully break each time throught the
53 - For 'for' loops we need a little more complicated behavior that cannot
54 be accomplished without some more significant changes:
55 https://bugs.webkit.org/show_bug.cgi?id=21073
58 (JSC::statementListEmitCode): We don't want to blindly emit a debug hook
59 at the first line of loops, instead let the loop emit the debug hooks.
60 (JSC::DoWhileNode::emitCode):
61 (JSC::WhileNode::emitCode):
62 (JSC::ForNode::emitCode):
63 (JSC::ForInNode::emitCode):
65 (JSC::StatementNode::):
70 2008-09-24 Geoffrey Garen <ggaren@apple.com>
72 Reviewed by Darin Adler.
74 Fixed <rdar://problem/5605532> Need a SPI for telling JS the size of
75 the objects it retains
77 * API/tests/testapi.c: Test the new SPI a little.
79 * API/JSSPI.cpp: Add the new SPI.
80 * API/JSSPI.h: Add the new SPI.
81 * JavaScriptCore.exp: Add the new SPI.
82 * JavaScriptCore.xcodeproj/project.pbxproj: Add the new SPI.
84 2008-09-24 Geoffrey Garen <ggaren@apple.com>
86 Reviewed by Darin Adler.
88 * API/JSBase.h: Filled in some missing function names.
90 2008-09-24 Geoffrey Garen <ggaren@apple.com>
92 Reviewed by Cameron Zwarich.
94 Fixed https://bugs.webkit.org/show_bug.cgi?id=21057
95 Crash in RegisterID::deref() running fast/canvas/canvas-putImageData.html
97 * VM/CodeGenerator.h: Changed declaration order to ensure the
98 m_lastConstant, which is a RefPtr that points into m_calleeRegisters,
99 has its destructor called before the destructor for m_calleeRegisters.
101 2008-09-24 Darin Adler <darin@apple.com>
103 Reviewed by Sam Weinig.
105 - https://bugs.webkit.org/show_bug.cgi?id=21047
106 speed up ret_activation with inlining
108 About 1% on v8-raytrace.
110 * JavaScriptCore.exp: Removed JSVariableObject::setRegisters.
112 * kjs/JSActivation.cpp: Moved copyRegisters to the header to make it inline.
113 * kjs/JSActivation.h:
114 (JSC::JSActivation::copyRegisters): Moved here. Also removed the registerArraySize
115 argument to setRegisters, since the object doesn't need to store the number of
118 * kjs/JSGlobalObject.cpp:
119 (JSC::JSGlobalObject::reset): Removed unnecessary clearing left over from when we
120 used this on objects that weren't brand new. These days, this function is really
121 just part of the constructor.
123 * kjs/JSGlobalObject.h: Added registerArraySize to JSGlobalObjectData, since
124 JSVariableObjectData no longer needs it. Added a setRegisters override here
125 that handles storing the size.
127 * kjs/JSStaticScopeObject.h: Removed code to set registerArraySize, since it
130 * kjs/JSVariableObject.cpp: Moved copyRegisterArray and setRegisters to the
131 header to make them inline.
132 * kjs/JSVariableObject.h: Removed registerArraySize from JSVariableObjectData,
133 since it was only used for the global object.
134 (JSC::JSVariableObject::copyRegisterArray): Moved here ot make it inline.
135 (JSC::JSVariableObject::setRegisters): Moved here to make it inline. Also
136 removed the code to set registerArraySize and changed an if statement into
137 an assert to save an unnnecessary branch.
139 2008-09-24 Maciej Stachowiak <mjs@apple.com>
141 Reviewed by Oliver Hunt.
143 - inline PropertyMap::getOffset to speed up polymorphic lookups
145 ~1.5% speedup on v8 benchmark
146 no effect on SunSpider
148 * JavaScriptCore.exp:
149 * kjs/PropertyMap.cpp:
151 (JSC::PropertyMap::getOffset):
153 2008-09-24 Jan Michael Alonzo <jmalonzo@webkit.org>
155 Reviewed by Alp Toker.
157 https://bugs.webkit.org/show_bug.cgi?id=20992
158 Build fails on GTK+ Mac OS
160 * wtf/ThreadingGtk.cpp: Remove platform ifdef as suggested by
162 (WTF::initializeThreading):
164 2008-09-23 Oliver Hunt <oliver@apple.com>
166 Reviewed by Maciej Stachowiak.
168 Bug 19968: Slow Script at www.huffingtonpost.com
169 <https://bugs.webkit.org/show_bug.cgi?id=19968>
171 Finally found the cause of this accursed issue. It is triggered
172 by synchronous creation of a new global object from JS. The new
173 global object resets the timer state in this execution group's
174 Machine, taking timerCheckCount to 0. Then when JS returns the
175 timerCheckCount is decremented making it non-zero. The next time
176 we execute JS we will start the timeout counter, however the non-zero
177 timeoutCheckCount means we don't reset the timer information. This
178 means that the timeout check is now checking the cumulative time
179 since the creation of the global object rather than the time since
180 JS was last entered. At this point the slow script dialog is guaranteed
181 to eventually be displayed incorrectly unless a page is loaded
182 asynchronously (which will reset everything into a sane state).
184 The fix for this is rather trivial -- the JSGlobalObject constructor
185 should not be resetting the machine timer state.
188 (JSC::Machine::Machine):
189 Now that we can't rely on the GlobalObject initialising the timeout
190 state, we do it in the Machine constructor.
193 (JSC::Machine::stopTimeoutCheck):
194 Add assertions to guard against this happening.
196 * kjs/JSGlobalObject.cpp:
197 (JSC::JSGlobalObject::init):
198 Don't reset the timeout state.
200 2008-09-23 Geoffrey Garen <ggaren@apple.com>
202 Reviewed by Oliver Hunt.
204 Fixed https://bugs.webkit.org/show_bug.cgi?id=21038 | <rdar://problem/6240812>
205 Uncaught exceptions in regex replace callbacks crash webkit
207 This was a combination of two problems:
209 (1) the replace function would continue execution after an exception
212 (2) In some cases, the Machine would return 0 in the case of an exception,
213 despite the fact that a few clients dereference the Machine's return
214 value without first checking for an exception.
217 (JSC::Machine::execute):
219 ^ Return jsNull() instead of 0 in the case of an exception, since some
220 clients depend on using our return value.
222 ^ ASSERT that execution does not continue after an exception has been
223 thrown, to help catch problems like this in the future.
225 * kjs/StringPrototype.cpp:
226 (JSC::stringProtoFuncReplace):
228 ^ Stop execution if an exception has been thrown.
230 2008-09-23 Geoffrey Garen <ggaren@apple.com>
232 Try to fix the windows build.
235 (JSC::CTI::compileOpCall):
236 (JSC::CTI::privateCompileMainPass):
238 2008-09-23 Alp Toker <alp@nuanti.com>
244 2008-09-23 Geoffrey Garen <ggaren@apple.com>
246 Reviewed by Darin Adler.
248 * wtf/Platform.h: Removed duplicate #if.
250 2008-09-23 Geoffrey Garen <ggaren@apple.com>
252 Reviewed by Darin Adler.
254 Changed the layout of the call frame from
256 { header, parameters, locals | constants, temporaries }
260 { parameters, header | locals, constants, temporaries }
262 This simplifies function entry+exit, and enables a number of future
265 13.5% speedup on empty call benchmark for bytecode; 23.6% speedup on
266 empty call benchmark for CTI.
268 SunSpider says no change. SunSpider --v8 says 1% faster.
272 Added a bit of abstraction for calculating whether a register is a
273 constant, since this patch changes that calculation:
274 (JSC::CTI::isConstant):
275 (JSC::CTI::getConstant):
276 (JSC::CTI::emitGetArg):
277 (JSC::CTI::emitGetPutArg):
278 (JSC::CTI::getConstantImmediateNumericArg):
280 Updated for changes to callframe header location:
281 (JSC::CTI::emitPutToCallFrameHeader):
282 (JSC::CTI::emitGetFromCallFrameHeader):
283 (JSC::CTI::printOpcodeOperandTypes):
285 Renamed to spite Oliver:
286 (JSC::CTI::emitInitRegister):
288 Added an abstraction for emitting a call through a register, so that
289 calls through registers generate exception info, too:
290 (JSC::CTI::emitCall):
292 Updated to match the new callframe header layout, and to support calls
293 through registers, which have no destination address:
294 (JSC::CTI::compileOpCall):
295 (JSC::CTI::privateCompileMainPass):
296 (JSC::CTI::privateCompileSlowCases):
297 (JSC::CTI::privateCompile):
302 (JSC::CallRecord::CallRecord):
306 Updated for new register layout:
308 (JSC::CodeBlock::dump):
312 Updated CodeBlock to track slightly different information about the
313 register frame, and tweaked the style of an ASSERT_NOT_REACHED.
314 (JSC::CodeBlock::CodeBlock):
315 (JSC::CodeBlock::getStubInfo):
317 * VM/CodeGenerator.cpp:
319 Added some abstraction around constant register allocation, since this
320 patch changes it, changed codegen to account for the new callframe
321 layout, and added abstraction around register fetching code
322 that used to assume that all local registers lived at negative indices,
323 since vars now live at positive indices:
324 (JSC::CodeGenerator::generate):
325 (JSC::CodeGenerator::addVar):
326 (JSC::CodeGenerator::addGlobalVar):
327 (JSC::CodeGenerator::allocateConstants):
328 (JSC::CodeGenerator::CodeGenerator):
329 (JSC::CodeGenerator::addParameter):
330 (JSC::CodeGenerator::registerFor):
331 (JSC::CodeGenerator::constRegisterFor):
332 (JSC::CodeGenerator::newRegister):
333 (JSC::CodeGenerator::newTemporary):
334 (JSC::CodeGenerator::highestUsedRegister):
335 (JSC::CodeGenerator::addConstant):
337 ASSERT that our caller referenced the registers it passed to us.
338 Otherwise, we might overwrite them with parameters:
339 (JSC::CodeGenerator::emitCall):
340 (JSC::CodeGenerator::emitConstruct):
342 * VM/CodeGenerator.h:
344 Added some abstraction for getting a RegisterID for a given index,
345 since the rules are a little weird:
346 (JSC::CodeGenerator::registerFor):
350 Utility function to transform a machine return PC to a virtual machine
351 return VPC, for the sake of stack unwinding, since both PCs are stored
352 in the same location now:
355 Tweaked to account for new call frame:
356 (JSC::Machine::initializeCallFrame):
358 Tweaked to account for registerOffset supplied by caller:
359 (JSC::slideRegisterWindowForCall):
361 Tweaked to account for new register layout:
362 (JSC::scopeChainForCall):
363 (JSC::Machine::callEval):
364 (JSC::Machine::dumpRegisters):
365 (JSC::Machine::unwindCallFrame):
366 (JSC::Machine::execute):
368 Changed op_call and op_construct to implement the new calling convention:
369 (JSC::Machine::privateExecute):
371 Tweaked to account for the new register layout:
372 (JSC::Machine::retrieveArguments):
373 (JSC::Machine::retrieveCaller):
374 (JSC::Machine::retrieveLastCaller):
375 (JSC::Machine::callFrame):
376 (JSC::Machine::getArgumentsData):
378 Changed CTI call helpers to implement the new calling convention:
379 (JSC::Machine::cti_op_call_JSFunction):
380 (JSC::Machine::cti_op_call_NotJSFunction):
381 (JSC::Machine::cti_op_ret_activation):
382 (JSC::Machine::cti_op_ret_profiler):
383 (JSC::Machine::cti_op_construct_JSConstruct):
384 (JSC::Machine::cti_op_construct_NotJSConstruct):
385 (JSC::Machine::cti_op_call_eval):
391 Renamed op_initialise_locals to op_init, because this opcode
392 doesn't initialize all locals, and it doesn't initialize only locals.
393 Also, to spite Oliver.
397 New call frame enumeration values:
398 (JSC::RegisterFile::):
400 Simplified the calculation of whether a RegisterID is a temporary,
401 since we can no longer assume that all positive non-constant registers
404 (JSC::RegisterID::RegisterID):
405 (JSC::RegisterID::setTemporary):
406 (JSC::RegisterID::isTemporary):
408 Renamed firstArgumentIndex to firstParameterIndex because the assumption
409 that this variable pertained to the actual arguments supplied by the
410 caller caused me to write some buggy code:
412 (JSC::ArgumentsData::ArgumentsData):
413 (JSC::Arguments::Arguments):
414 (JSC::Arguments::fillArgList):
415 (JSC::Arguments::getOwnPropertySlot):
416 (JSC::Arguments::put):
418 Updated for new call frame layout:
419 * kjs/DebuggerCallFrame.cpp:
420 (JSC::DebuggerCallFrame::functionName):
421 (JSC::DebuggerCallFrame::type):
422 * kjs/DebuggerCallFrame.h:
424 Changed the activation object to account for the fact that a call frame
425 header now sits between parameters and local variables. This change
426 requires all variable objects to do their own marking, since they
427 now use their register storage differently:
428 * kjs/JSActivation.cpp:
429 (JSC::JSActivation::mark):
430 (JSC::JSActivation::copyRegisters):
431 (JSC::JSActivation::createArgumentsObject):
432 * kjs/JSActivation.h:
434 Updated global object to use the new interfaces required by the change
435 to JSActivation above:
436 * kjs/JSGlobalObject.cpp:
437 (JSC::JSGlobalObject::reset):
438 (JSC::JSGlobalObject::mark):
439 (JSC::JSGlobalObject::copyGlobalsFrom):
440 (JSC::JSGlobalObject::copyGlobalsTo):
441 * kjs/JSGlobalObject.h:
442 (JSC::JSGlobalObject::addStaticGlobals):
444 Updated static scope object to use the new interfaces required by the
445 change to JSActivation above:
446 * kjs/JSStaticScopeObject.cpp:
447 (JSC::JSStaticScopeObject::mark):
448 (JSC::JSStaticScopeObject::~JSStaticScopeObject):
449 * kjs/JSStaticScopeObject.h:
450 (JSC::JSStaticScopeObject::JSStaticScopeObject):
451 (JSC::JSStaticScopeObject::d):
453 Updated variable object to use the new interfaces required by the
454 change to JSActivation above:
455 * kjs/JSVariableObject.cpp:
456 (JSC::JSVariableObject::copyRegisterArray):
457 (JSC::JSVariableObject::setRegisters):
458 * kjs/JSVariableObject.h:
460 Changed the bit twiddling in symbol table not to assume that all indices
461 are negative, since they can be positive now:
463 (JSC::SymbolTableEntry::SymbolTableEntry):
464 (JSC::SymbolTableEntry::isNull):
465 (JSC::SymbolTableEntry::getIndex):
466 (JSC::SymbolTableEntry::getAttributes):
467 (JSC::SymbolTableEntry::setAttributes):
468 (JSC::SymbolTableEntry::isReadOnly):
469 (JSC::SymbolTableEntry::pack):
470 (JSC::SymbolTableEntry::isValidIndex):
472 Changed call and construct nodes to ref their functions and/or bases,
473 so that emitCall/emitConstruct doesn't overwrite them with parameters.
474 Also, updated for rename to registerFor:
476 (JSC::ResolveNode::emitCode):
477 (JSC::NewExprNode::emitCode):
478 (JSC::EvalFunctionCallNode::emitCode):
479 (JSC::FunctionCallValueNode::emitCode):
480 (JSC::FunctionCallResolveNode::emitCode):
481 (JSC::FunctionCallBracketNode::emitCode):
482 (JSC::FunctionCallDotNode::emitCode):
483 (JSC::PostfixResolveNode::emitCode):
484 (JSC::DeleteResolveNode::emitCode):
485 (JSC::TypeOfResolveNode::emitCode):
486 (JSC::PrefixResolveNode::emitCode):
487 (JSC::ReadModifyResolveNode::emitCode):
488 (JSC::AssignResolveNode::emitCode):
489 (JSC::ConstDeclNode::emitCodeSingle):
490 (JSC::ForInNode::emitCode):
492 Added abstraction for getting exception info out of a call through a
494 * masm/X86Assembler.h:
495 (JSC::X86Assembler::emitCall):
497 Removed duplicate #if:
500 2008-09-23 Kevin McCullough <kmccullough@apple.com>
504 Bug 21030: The JS debugger breaks on the do of a do-while not the while
505 (where the conditional statement is)
506 https://bugs.webkit.org/show_bug.cgi?id=21030
507 Now the statementListEmitCode detects if a do-while node is being
508 emited and emits the debug hook on the last line instead of the first.
510 This change had no effect on sunspider.
513 (JSC::statementListEmitCode):
515 (JSC::StatementNode::isDoWhile):
516 (JSC::DoWhileNode::isDoWhile):
518 2008-09-23 Maciej Stachowiak <mjs@apple.com>
520 Reviewed by Camron Zwarich.
522 - inline the fast case of instanceof
523 https://bugs.webkit.org/show_bug.cgi?id=20818
525 ~2% speedup on EarleyBoyer test.
528 (JSC::CTI::privateCompileMainPass):
529 (JSC::CTI::privateCompileSlowCases):
531 (JSC::Machine::cti_op_instanceof):
533 2008-09-23 Maciej Stachowiak <mjs@apple.com>
535 Reviewed by Cameron Zwarich.
537 - add forgotten slow case logic for !==
540 (JSC::CTI::privateCompileSlowCases):
542 2008-09-23 Maciej Stachowiak <mjs@apple.com>
544 Reviewed by Cameron Zwarich.
546 - inline the fast cases of !==, same as for ===
548 2.9% speedup on EarleyBoyer benchmark
551 (JSC::CTI::compileOpStrictEq): Factored stricteq codegen into this function,
552 and parameterized so it can do the reverse version as well.
553 (JSC::CTI::privateCompileMainPass): Use the above for stricteq and nstricteq.
555 (JSC::CTI::): Declare above stuff.
557 (JSC::Machine::cti_op_nstricteq): Removed fast cases, now handled inline.
559 2008-09-23 Cameron Zwarich <cwzwarich@uwaterloo.ca>
561 Reviewed by Oliver Hunt.
563 Bug 20989: Aguments constructor should put 'callee' and 'length' properties in a more efficient way
564 <https://bugs.webkit.org/show_bug.cgi?id=20989>
566 Make special cases for the 'callee' and 'length' properties in the
569 This is somewhere between a 7.8% speedup and a 10% speedup on the V8
570 Raytrace benchmark, depending on whether it is run alone or with the
574 (JSC::ArgumentsData::ArgumentsData):
575 (JSC::Arguments::Arguments):
576 (JSC::Arguments::mark):
577 (JSC::Arguments::getOwnPropertySlot):
578 (JSC::Arguments::put):
579 (JSC::Arguments::deleteProperty):
581 2008-09-23 Maciej Stachowiak <mjs@apple.com>
585 - speed up instanceof some more
586 https://bugs.webkit.org/show_bug.cgi?id=20818
588 ~2% speedup on EarleyBoyer
590 The idea here is to record in the StructureID whether the class
591 needs a special hasInstance or if it can use the normal logic from
594 Based on this I inlined the real work directly into
595 cti_op_instanceof and put the fastest checks up front and the
596 error handling at the end (so it should be fairly straightforward
597 to split off the beginning to be inlined if desired).
599 I only did this for CTI, not the bytecode interpreter.
601 * API/JSCallbackObject.h:
602 (JSC::JSCallbackObject::createStructureID):
605 (JSC::Machine::cti_op_instanceof):
607 (JSC::JSImmediate::isAnyImmediate):
609 (JSC::TypeInfo::overridesHasInstance):
610 (JSC::TypeInfo::flags):
612 2008-09-22 Darin Adler <darin@apple.com>
614 Reviewed by Sam Weinig.
616 - https://bugs.webkit.org/show_bug.cgi?id=21019
617 make FunctionBodyNode::ref/deref fast
619 Speeds up v8-raytrace by 7.2%.
622 (JSC::FunctionBodyNode::FunctionBodyNode): Initialize m_refCount to 0.
624 (JSC::FunctionBodyNode::ref): Call base class ref once, and thereafter use
626 (JSC::FunctionBodyNode::deref): Ditto, but the deref side.
628 2008-09-22 Darin Adler <darin@apple.com>
630 Pointed out by Sam Weinig.
633 (JSC::Arguments::fillArgList): Fix bad copy and paste. Oops!
635 2008-09-22 Darin Adler <darin@apple.com>
637 Reviewed by Cameron Zwarich.
639 - https://bugs.webkit.org/show_bug.cgi?id=20983
640 ArgumentsData should have some room to allocate some extra arguments inline
642 Speeds up v8-raytrace by 5%.
645 (JSC::ArgumentsData::ArgumentsData): Use a fixed buffer if there are 4 or fewer
647 (JSC::Arguments::Arguments): Use a fixed buffer if there are 4 or fewer
649 (JSC::Arguments::~Arguments): Delete the buffer if necessary.
650 (JSC::Arguments::mark): Update since extraArguments are now Register.
651 (JSC::Arguments::fillArgList): Added special case for the only case that's
652 actually used in the practice, when there are no parameters. There are some
653 other special cases in there too, but that's the only one that matters.
654 (JSC::Arguments::getOwnPropertySlot): Updated to use setValueSlot since there's
655 no operation to get you at the JSValue* inside a Register as a "slot".
657 2008-09-22 Sam Weinig <sam@webkit.org>
659 Reviewed by Maciej Stachowiak.
661 Patch for https://bugs.webkit.org/show_bug.cgi?id=21014
662 Speed up for..in by using StructureID to avoid calls to hasProperty
664 Speeds up fasta by 8%.
666 * VM/JSPropertyNameIterator.cpp:
667 (JSC::JSPropertyNameIterator::invalidate):
668 * VM/JSPropertyNameIterator.h:
669 (JSC::JSPropertyNameIterator::next):
670 * kjs/PropertyNameArray.h:
671 (JSC::PropertyNameArrayData::begin):
672 (JSC::PropertyNameArrayData::end):
673 (JSC::PropertyNameArrayData::setCachedStructureID):
674 (JSC::PropertyNameArrayData::cachedStructureID):
675 * kjs/StructureID.cpp:
676 (JSC::StructureID::getEnumerablePropertyNames):
677 (JSC::structureIDChainsAreEqual):
680 2008-09-22 Kelvin Sherlock <ksherlock@gmail.com>
682 Updated and tweaked by Sam Weinig.
684 Reviewed by Geoffrey Garen.
686 Bug 20020: Proposed enhancement to JavaScriptCore API
687 <https://bugs.webkit.org/show_bug.cgi?id=20020>
689 Add JSObjectMakeArray, JSObjectMakeDate, JSObjectMakeError, and JSObjectMakeRegExp
690 functions to create JavaScript Array, Date, Error, and RegExp objects, respectively.
692 * API/JSObjectRef.cpp: The functions
693 * API/JSObjectRef.h: Function prototype and documentation
694 * JavaScriptCore.exp: Added functions to exported function list
695 * API/tests/testapi.c: Added basic functionality tests.
697 * kjs/DateConstructor.cpp:
698 Replaced static JSObject* constructDate(ExecState* exec, JSObject*, const ArgList& args)
699 with JSObject* constructDate(ExecState* exec, const ArgList& args).
700 Added static JSObject* constructWithDateConstructor(ExecState* exec, JSObject*, const ArgList& args) function
702 * kjs/DateConstructor.h:
703 added prototype for JSObject* constructDate(ExecState* exec, const ArgList& args)
705 * kjs/ErrorConstructor.cpp:
706 removed static qualifier from ErrorInstance* constructError(ExecState* exec, const ArgList& args)
708 * kjs/ErrorConstructor.h:
709 added prototype for ErrorInstance* constructError(ExecState* exec, const ArgList& args)
711 * kjs/RegExpConstructor.cpp:
712 removed static qualifier from JSObject* constructRegExp(ExecState* exec, const ArgList& args)
714 * kjs/RegExpConstructor.h:
715 added prototype for JSObject* constructRegExp(ExecState* exec, const ArgList& args)
717 2008-09-22 Matt Lilek <webkit@mattlilek.com>
719 Not reviewed, Windows build fix.
722 * kjs/FunctionPrototype.cpp:
724 2008-09-22 Sam Weinig <sam@webkit.org>
726 Reviewed by Darin Adler.
728 Patch for https://bugs.webkit.org/show_bug.cgi?id=20982
729 Speed up the apply method of functions by special-casing array and 'arguments' objects
731 1% speedup on v8-raytrace.
733 Test: fast/js/function-apply.html
736 (JSC::Arguments::fillArgList):
738 * kjs/FunctionPrototype.cpp:
739 (JSC::functionProtoFuncApply):
741 (JSC::JSArray::fillArgList):
744 2008-09-22 Darin Adler <darin@apple.com>
746 Reviewed by Sam Weinig.
748 - https://bugs.webkit.org/show_bug.cgi?id=20993
749 Array.push/pop need optimized cases for JSArray
751 3% or so speedup on DeltaBlue benchmark.
753 * kjs/ArrayPrototype.cpp:
754 (JSC::arrayProtoFuncPop): Call JSArray::pop when appropriate.
755 (JSC::arrayProtoFuncPush): Call JSArray::push when appropriate.
758 (JSC::JSArray::putSlowCase): Set m_fastAccessCutoff when appropriate, getting
759 us into the fast code path.
760 (JSC::JSArray::pop): Added.
761 (JSC::JSArray::push): Added.
762 * kjs/JSArray.h: Added push and pop.
764 * kjs/operations.cpp:
765 (JSC::throwOutOfMemoryError): Don't inline this. Helps us avoid PIC branches.
767 2008-09-22 Maciej Stachowiak <mjs@apple.com>
769 Reviewed by Cameron Zwarich.
771 - speed up instanceof operator by replacing implementsHasInstance method with a TypeInfo flag
773 Partial work towards <https://bugs.webkit.org/show_bug.cgi?id=20818>
775 2.2% speedup on EarleyBoyer benchmark.
777 * API/JSCallbackConstructor.cpp:
778 * API/JSCallbackConstructor.h:
779 (JSC::JSCallbackConstructor::createStructureID):
780 * API/JSCallbackFunction.cpp:
781 * API/JSCallbackFunction.h:
782 (JSC::JSCallbackFunction::createStructureID):
783 * API/JSCallbackObject.h:
784 (JSC::JSCallbackObject::createStructureID):
785 * API/JSCallbackObjectFunctions.h:
786 (JSC::::hasInstance):
787 * API/JSValueRef.cpp:
788 (JSValueIsInstanceOfConstructor):
789 * JavaScriptCore.exp:
791 (JSC::Machine::privateExecute):
792 (JSC::Machine::cti_op_instanceof):
793 * kjs/InternalFunction.cpp:
794 * kjs/InternalFunction.h:
795 (JSC::InternalFunction::createStructureID):
799 (JSC::TypeInfo::implementsHasInstance):
801 2008-09-22 Maciej Stachowiak <mjs@apple.com>
803 Reviewed by Dave Hyatt.
805 Based on initial work by Darin Adler.
807 - replace masqueradesAsUndefined virtual method with a flag in TypeInfo
808 - use this to JIT inline code for eq_null and neq_null
809 https://bugs.webkit.org/show_bug.cgi?id=20823
811 0.5% speedup on SunSpider
812 ~4% speedup on Richards benchmark
815 (JSC::CTI::privateCompileMainPass):
817 (JSC::jsTypeStringForValue):
818 (JSC::jsIsObjectType):
819 (JSC::Machine::privateExecute):
820 (JSC::Machine::cti_op_is_undefined):
824 * kjs/StringObjectThatMasqueradesAsUndefined.h:
825 (JSC::StringObjectThatMasqueradesAsUndefined::create):
826 (JSC::StringObjectThatMasqueradesAsUndefined::createStructureID):
828 (JSC::StructureID::mutableTypeInfo):
830 (JSC::TypeInfo::TypeInfo):
831 (JSC::TypeInfo::masqueradesAsUndefined):
832 * kjs/operations.cpp:
834 * masm/X86Assembler.h:
835 (JSC::X86Assembler::):
836 (JSC::X86Assembler::setne_r):
837 (JSC::X86Assembler::setnz_r):
838 (JSC::X86Assembler::testl_i32m):
840 2008-09-22 Tor Arne Vestbø <tavestbo@trolltech.com>
844 Initialize QCoreApplication in kjs binary/Shell.cpp
846 This allows us to use QCoreApplication::instance() to
847 get the main thread in ThreadingQt.cpp
851 * wtf/ThreadingQt.cpp:
852 (WTF::initializeThreading):
854 2008-09-21 Darin Adler <darin@apple.com>
856 - blind attempt to fix non-all-in-one builds
858 * kjs/JSGlobalObject.cpp: Added includes of Arguments.h and RegExpObject.h.
860 2008-09-21 Darin Adler <darin@apple.com>
864 * kjs/StructureID.cpp:
865 (JSC::StructureID::addPropertyTransition): Use typeInfo().type() instead of m_type.
866 (JSC::StructureID::createCachedPrototypeChain): Ditto.
868 2008-09-21 Maciej Stachowiak <mjs@apple.com>
870 Reviewed by Darin Adler.
872 - introduce a TypeInfo class, for holding per-type (in the C++ class sense) date in StructureID
873 https://bugs.webkit.org/show_bug.cgi?id=20981
875 * JavaScriptCore.exp:
876 * JavaScriptCore.xcodeproj/project.pbxproj:
878 (JSC::CTI::privateCompileMainPass):
879 (JSC::CTI::privateCompilePutByIdTransition):
881 (JSC::jsIsObjectType):
882 (JSC::Machine::Machine):
883 * kjs/AllInOneFile.cpp:
885 (JSC::JSCell::isObject):
886 (JSC::JSCell::isString):
887 * kjs/JSGlobalData.cpp:
888 (JSC::JSGlobalData::JSGlobalData):
889 * kjs/JSGlobalObject.cpp:
890 (JSC::JSGlobalObject::reset):
891 * kjs/JSGlobalObject.h:
892 (JSC::StructureID::prototypeForLookup):
893 * kjs/JSNumberCell.h:
894 (JSC::JSNumberCell::createStructureID):
896 (JSC::JSObject::createInheritorID):
898 (JSC::JSObject::createStructureID):
900 (JSC::JSString::createStructureID):
901 * kjs/NativeErrorConstructor.cpp:
902 (JSC::NativeErrorConstructor::NativeErrorConstructor):
903 * kjs/RegExpConstructor.cpp:
904 * kjs/RegExpMatchesArray.h: Added.
905 (JSC::RegExpMatchesArray::getOwnPropertySlot):
906 (JSC::RegExpMatchesArray::put):
907 (JSC::RegExpMatchesArray::deleteProperty):
908 (JSC::RegExpMatchesArray::getPropertyNames):
909 * kjs/StructureID.cpp:
910 (JSC::StructureID::StructureID):
911 (JSC::StructureID::addPropertyTransition):
912 (JSC::StructureID::toDictionaryTransition):
913 (JSC::StructureID::changePrototypeTransition):
914 (JSC::StructureID::getterSetterTransition):
916 (JSC::StructureID::create):
917 (JSC::StructureID::typeInfo):
918 * kjs/TypeInfo.h: Added.
919 (JSC::TypeInfo::TypeInfo):
920 (JSC::TypeInfo::type):
922 2008-09-21 Darin Adler <darin@apple.com>
924 Reviewed by Cameron Zwarich.
926 - fix crash logging into Gmail due to recent Arguments change
929 (JSC::Arguments::Arguments): Fix window where mark() function could
930 see d->extraArguments with uninitialized contents.
931 (JSC::Arguments::mark): Check d->extraArguments for 0 to handle two
932 cases: 1) Inside the constructor before it's initialized.
933 2) numArguments <= numParameters.
935 2008-09-21 Darin Adler <darin@apple.com>
937 - fix loose end from the "duplicate constant values" patch
939 * VM/CodeGenerator.cpp:
940 (JSC::CodeGenerator::emitLoad): Add a special case for values the
941 hash table can't handle.
943 2008-09-21 Mark Rowe <mrowe@apple.com>
945 Fix the non-AllInOneFile build.
947 * kjs/Arguments.cpp: Add missing #include.
949 2008-09-21 Darin Adler <darin@apple.com>
951 Reviewed by Cameron Zwarich and Mark Rowe.
953 - fix test failure caused by my recent IndexToNameMap patch
956 (JSC::Arguments::deleteProperty): Added the accidentally-omitted
957 check of the boolean result from toArrayIndex.
959 2008-09-21 Darin Adler <darin@apple.com>
961 Reviewed by Maciej Stachowiak.
963 - https://bugs.webkit.org/show_bug.cgi?id=20975
964 inline immediate-number case of ==
966 * VM/CTI.h: Renamed emitJumpSlowCaseIfNotImm to
967 emitJumpSlowCaseIfNotImmNum, since the old name was incorrect.
969 * VM/CTI.cpp: Updated for new name.
970 (JSC::CTI::privateCompileMainPass): Added op_eq.
971 (JSC::CTI::privateCompileSlowCases): Added op_eq.
974 (JSC::Machine::cti_op_eq): Removed fast case, since it's now
977 2008-09-21 Peter Gal <galpter@inf.u-szeged.hu>
979 Reviewed by Tim Hatcher and Eric Seidel.
981 Fix the QT/Linux JavaScriptCore segmentation fault.
982 https://bugs.webkit.org/show_bug.cgi?id=20914
984 * wtf/ThreadingQt.cpp:
985 (WTF::initializeThreading): Use currentThread() if
986 platform is not a MAC (like in pre 36541 revisions)
988 2008-09-21 Darin Adler <darin@apple.com>
990 Reviewed by Sam Weinig.
992 * kjs/debugger.h: Removed some unneeded includes and declarations.
994 2008-09-21 Darin Adler <darin@apple.com>
996 Reviewed by Sam Weinig.
998 - https://bugs.webkit.org/show_bug.cgi?id=20972
999 speed up Arguments further by eliminating the IndexToNameMap
1001 No change on SunSpider. 1.29x as fast on V8 Raytrace.
1003 * kjs/Arguments.cpp: Moved ArgumentsData in here. Eliminated the
1004 indexToNameMap and hadDeletes data members. Changed extraArguments into
1005 an OwnArrayPtr and added deletedArguments, another OwnArrayPtr.
1006 Replaced numExtraArguments with numParameters, since that's what's
1007 used more directly in hot code paths.
1008 (JSC::Arguments::Arguments): Pass in argument count instead of ArgList.
1009 Initialize ArgumentsData the new way.
1010 (JSC::Arguments::mark): Updated.
1011 (JSC::Arguments::getOwnPropertySlot): Overload for the integer form so
1012 we don't have to convert integers to identifiers just to get an argument.
1013 Integrated the deleted case with the fast case.
1014 (JSC::Arguments::put): Ditto.
1015 (JSC::Arguments::deleteProperty): Ditto.
1017 * kjs/Arguments.h: Minimized includes. Made everything private. Added
1018 overloads for the integral property name case. Eliminated mappedIndexSetter.
1019 Moved ArgumentsData into the .cpp file.
1021 * kjs/IndexToNameMap.cpp: Emptied out and prepared for deletion.
1022 * kjs/IndexToNameMap.h: Ditto.
1024 * kjs/JSActivation.cpp:
1025 (JSC::JSActivation::createArgumentsObject): Elminated ArgList.
1028 * JavaScriptCore.pri:
1029 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1030 * JavaScriptCore.xcodeproj/project.pbxproj:
1031 * JavaScriptCoreSources.bkl:
1032 * kjs/AllInOneFile.cpp:
1033 Removed IndexToNameMap.
1035 2008-09-21 Darin Adler <darin@apple.com>
1037 * VM/CodeGenerator.cpp:
1038 (JSC::CodeGenerator::emitLoad): One more tweak: Wrote this in a slightly
1041 2008-09-21 Judit Jasz <jasy@inf.u-szeged.hu>
1043 Reviewed and tweaked by Darin Adler.
1045 - https://bugs.webkit.org/show_bug.cgi?id=20645
1046 Elminate duplicate constant values in CodeBlocks.
1048 Seems to be a wash on SunSpider.
1050 * VM/CodeGenerator.cpp:
1051 (JSC::CodeGenerator::emitLoad): Use m_numberMap and m_stringMap to guarantee
1052 we emit the same JSValue* for identical numbers and strings.
1053 * VM/CodeGenerator.h: Added overload of emitLoad for const Identifier&.
1054 Add NumberMap and IdentifierStringMap types and m_numberMap and m_stringMap.
1056 (JSC::StringNode::emitCode): Call the new emitLoad and let it do the
1059 2008-09-21 Paul Pedriana <webkit@pedriana.com>
1061 Reviewed and tweaked by Darin Adler.
1063 - https://bugs.webkit.org/show_bug.cgi?id=16925
1064 Fixed lack of Vector buffer alignment for both GCC and MSVC.
1065 Since there's no portable way to do this, for now we don't support
1068 * wtf/Vector.h: Added WTF_ALIGH_ON, WTF_ALIGNED, AlignedBufferChar, and AlignedBuffer.
1069 Use AlignedBuffer insteadof an array of char in VectorBuffer.
1071 2008-09-21 Gabor Loki <loki@inf.u-szeged.hu>
1073 Reviewed by Darin Adler.
1075 - https://bugs.webkit.org/show_bug.cgi?id=19408
1076 Add lightweight constant folding to the parser for *, /, + (only for numbers), <<, >>, ~ operators.
1078 1.008x as fast on SunSpider.
1081 (makeNegateNode): Fold if expression is a number > 0.
1082 (makeBitwiseNotNode): Fold if expression is a number.
1083 (makeMultNode): Fold if expressions are both numbers.
1084 (makeDivNode): Fold if expressions are both numbers.
1085 (makeAddNode): Fold if expressions are both numbers.
1086 (makeLeftShiftNode): Fold if expressions are both numbers.
1087 (makeRightShiftNode): Fold if expressions are both numbers.
1089 2008-09-21 Maciej Stachowiak <mjs@apple.com>
1093 - speed up === operator by generating inline machine code for the fast paths
1094 https://bugs.webkit.org/show_bug.cgi?id=20820
1097 (JSC::CTI::emitJumpSlowCaseIfNotImmediateNumber):
1098 (JSC::CTI::emitJumpSlowCaseIfNotImmediateNumbers):
1099 (JSC::CTI::emitJumpSlowCaseIfNotImmediates):
1100 (JSC::CTI::emitTagAsBoolImmediate):
1101 (JSC::CTI::privateCompileMainPass):
1102 (JSC::CTI::privateCompileSlowCases):
1105 (JSC::Machine::cti_op_stricteq):
1106 * masm/X86Assembler.h:
1107 (JSC::X86Assembler::):
1108 (JSC::X86Assembler::sete_r):
1109 (JSC::X86Assembler::setz_r):
1110 (JSC::X86Assembler::movzbl_rr):
1111 (JSC::X86Assembler::emitUnlinkedJnz):
1113 2008-09-21 Cameron Zwarich <cwzwarich@uwaterloo.ca>
1115 Reviewed by Maciej Stachowiak.
1117 Free memory allocated for extra arguments in the destructor of the
1120 * kjs/Arguments.cpp:
1121 (JSC::Arguments::~Arguments):
1124 2008-09-21 Cameron Zwarich <cwzwarich@uwaterloo.ca>
1126 Reviewed by Maciej Stachowiak.
1128 Bug 20815: 'arguments' object creation is non-optimal
1129 <https://bugs.webkit.org/show_bug.cgi?id=20815>
1131 Fix our inefficient way of creating the arguments object by only
1132 creating named properties for each of the arguments after a use of the
1133 'delete' statement. This patch also speeds up access to the 'arguments'
1134 object slightly, but it still does not use the array fast path for
1135 indexed access that exists for many opcodes.
1137 This is about a 20% improvement on the V8 Raytrace benchmark, and a 1.5%
1138 improvement on the Earley-Boyer benchmark, which gives a 4% improvement
1141 * kjs/Arguments.cpp:
1142 (JSC::Arguments::Arguments):
1143 (JSC::Arguments::mark):
1144 (JSC::Arguments::getOwnPropertySlot):
1145 (JSC::Arguments::put):
1146 (JSC::Arguments::deleteProperty):
1148 (JSC::Arguments::ArgumentsData::ArgumentsData):
1149 * kjs/IndexToNameMap.h:
1150 (JSC::IndexToNameMap::size):
1151 * kjs/JSActivation.cpp:
1152 (JSC::JSActivation::createArgumentsObject):
1153 * kjs/JSActivation.h:
1154 (JSC::JSActivation::uncheckedSymbolTableGet):
1155 (JSC::JSActivation::uncheckedSymbolTableGetValue):
1156 (JSC::JSActivation::uncheckedSymbolTablePut):
1158 (JSC::JSFunction::numParameters):
1160 2008-09-20 Darin Adler <darin@apple.com>
1162 Reviewed by Mark Rowe.
1164 - fix crash seen on buildbot
1166 * kjs/JSGlobalObject.cpp:
1167 (JSC::JSGlobalObject::mark): Add back mark of arrayPrototype,
1168 deleted by accident in my recent check-in.
1170 2008-09-20 Maciej Stachowiak <mjs@apple.com>
1172 Not reviewed, build fix.
1174 - speculative fix for non-AllInOne builds
1178 2008-09-20 Maciej Stachowiak <mjs@apple.com>
1180 Reviewed by Darin Adler.
1182 - assorted optimizations to === and !== operators
1183 (work towards <https://bugs.webkit.org/show_bug.cgi?id=20820>)
1185 2.5% speedup on earley-boyer test
1188 (JSC::Machine::cti_op_stricteq): Use inline version of
1189 strictEqualSlowCase; remove unneeded exception check.
1190 (JSC::Machine::cti_op_nstricteq): ditto
1191 * kjs/operations.cpp:
1192 (JSC::strictEqual): Use strictEqualSlowCaseInline
1193 (JSC::strictEqualSlowCase): ditto
1195 (JSC::strictEqualSlowCaseInline): Version of strictEqualSlowCase that can be inlined,
1196 since the extra function call indirection is a lose for CTI.
1198 2008-09-20 Darin Adler <darin@apple.com>
1200 Reviewed by Maciej Stachowiak.
1202 - finish https://bugs.webkit.org/show_bug.cgi?id=20858
1203 make each distinct C++ class get a distinct JSC::Structure
1205 This also includes some optimizations that make the change an overall
1206 small speedup. Without those it was a bit of a slowdown.
1208 * API/JSCallbackConstructor.cpp:
1209 (JSC::JSCallbackConstructor::JSCallbackConstructor): Take a structure.
1210 * API/JSCallbackConstructor.h: Ditto.
1211 * API/JSCallbackFunction.cpp:
1212 (JSC::JSCallbackFunction::JSCallbackFunction): Pass a structure.
1213 * API/JSCallbackObject.h: Take a structure.
1214 * API/JSCallbackObjectFunctions.h:
1215 (JSC::JSCallbackObject::JSCallbackObject): Ditto.
1217 * API/JSClassRef.cpp:
1218 (OpaqueJSClass::prototype): Pass in a structure. Call setPrototype
1219 if there's a custom prototype involved.
1220 * API/JSObjectRef.cpp:
1221 (JSObjectMake): Ditto.
1222 (JSObjectMakeConstructor): Pass in a structure.
1224 * JavaScriptCore.exp: Updated.
1227 (JSC::jsLess): Added a special case for when both arguments are strings.
1228 This avoids converting both strings to with UString::toDouble.
1229 (JSC::jsLessEq): Ditto.
1230 (JSC::Machine::privateExecute): Pass in a structure.
1231 (JSC::Machine::cti_op_construct_JSConstruct): Ditto.
1232 (JSC::Machine::cti_op_new_regexp): Ditto.
1233 (JSC::Machine::cti_op_is_string): Ditto.
1234 * VM/Machine.h: Made isJSString public so it can be used in the CTI.
1236 * kjs/Arguments.cpp:
1237 (JSC::Arguments::Arguments): Pass in a structure.
1239 * kjs/JSCell.h: Mark constructor explicit.
1241 * kjs/JSGlobalObject.cpp:
1242 (JSC::markIfNeeded): Added an overload for marking structures.
1243 (JSC::JSGlobalObject::reset): Eliminate code to set data members to
1244 zero. We now do that in the constructor, and we no longer use this
1245 anywhere except in the constructor. Added code to create structures.
1246 Pass structures rather than prototypes when creating objects.
1247 (JSC::JSGlobalObject::mark): Mark the structures.
1249 * kjs/JSGlobalObject.h: Removed unneeded class declarations.
1250 Added initializers for raw pointers in JSGlobalObjectData so
1251 everything starts with a 0. Added structure data and accessor
1254 * kjs/JSImmediate.cpp:
1255 (JSC::JSImmediate::nonInlineNaN): Added.
1256 * kjs/JSImmediate.h:
1257 (JSC::JSImmediate::toDouble): Rewrote to avoid PIC branches.
1259 * kjs/JSNumberCell.cpp:
1260 (JSC::jsNumberCell): Made non-inline to avoid PIC branches
1261 in functions that call this one.
1262 (JSC::jsNaN): Ditto.
1263 * kjs/JSNumberCell.h: Ditto.
1265 * kjs/JSObject.h: Removed constructor that takes a prototype.
1266 All callers now pass structures.
1268 * kjs/ArrayConstructor.cpp:
1269 (JSC::ArrayConstructor::ArrayConstructor):
1270 (JSC::constructArrayWithSizeQuirk):
1271 * kjs/ArrayConstructor.h:
1272 * kjs/ArrayPrototype.cpp:
1273 (JSC::ArrayPrototype::ArrayPrototype):
1274 * kjs/ArrayPrototype.h:
1275 * kjs/BooleanConstructor.cpp:
1276 (JSC::BooleanConstructor::BooleanConstructor):
1277 (JSC::constructBoolean):
1278 (JSC::constructBooleanFromImmediateBoolean):
1279 * kjs/BooleanConstructor.h:
1280 * kjs/BooleanObject.cpp:
1281 (JSC::BooleanObject::BooleanObject):
1282 * kjs/BooleanObject.h:
1283 * kjs/BooleanPrototype.cpp:
1284 (JSC::BooleanPrototype::BooleanPrototype):
1285 * kjs/BooleanPrototype.h:
1286 * kjs/DateConstructor.cpp:
1287 (JSC::DateConstructor::DateConstructor):
1288 (JSC::constructDate):
1289 * kjs/DateConstructor.h:
1290 * kjs/DateInstance.cpp:
1291 (JSC::DateInstance::DateInstance):
1292 * kjs/DateInstance.h:
1293 * kjs/DatePrototype.cpp:
1294 (JSC::DatePrototype::DatePrototype):
1295 * kjs/DatePrototype.h:
1296 * kjs/ErrorConstructor.cpp:
1297 (JSC::ErrorConstructor::ErrorConstructor):
1298 (JSC::constructError):
1299 * kjs/ErrorConstructor.h:
1300 * kjs/ErrorInstance.cpp:
1301 (JSC::ErrorInstance::ErrorInstance):
1302 * kjs/ErrorInstance.h:
1303 * kjs/ErrorPrototype.cpp:
1304 (JSC::ErrorPrototype::ErrorPrototype):
1305 * kjs/ErrorPrototype.h:
1306 * kjs/FunctionConstructor.cpp:
1307 (JSC::FunctionConstructor::FunctionConstructor):
1308 * kjs/FunctionConstructor.h:
1309 * kjs/FunctionPrototype.cpp:
1310 (JSC::FunctionPrototype::FunctionPrototype):
1311 (JSC::FunctionPrototype::addFunctionProperties):
1312 * kjs/FunctionPrototype.h:
1313 * kjs/GlobalEvalFunction.cpp:
1314 (JSC::GlobalEvalFunction::GlobalEvalFunction):
1315 * kjs/GlobalEvalFunction.h:
1316 * kjs/InternalFunction.cpp:
1317 (JSC::InternalFunction::InternalFunction):
1318 * kjs/InternalFunction.h:
1319 (JSC::InternalFunction::InternalFunction):
1321 (JSC::JSArray::JSArray):
1322 (JSC::constructEmptyArray):
1323 (JSC::constructArray):
1325 * kjs/JSFunction.cpp:
1326 (JSC::JSFunction::JSFunction):
1327 (JSC::JSFunction::construct):
1329 (JSC::constructEmptyObject):
1331 (JSC::StringObject::create):
1332 * kjs/JSWrapperObject.h:
1333 * kjs/MathObject.cpp:
1334 (JSC::MathObject::MathObject):
1336 * kjs/NativeErrorConstructor.cpp:
1337 (JSC::NativeErrorConstructor::NativeErrorConstructor):
1338 (JSC::NativeErrorConstructor::construct):
1339 * kjs/NativeErrorConstructor.h:
1340 * kjs/NativeErrorPrototype.cpp:
1341 (JSC::NativeErrorPrototype::NativeErrorPrototype):
1342 * kjs/NativeErrorPrototype.h:
1343 * kjs/NumberConstructor.cpp:
1344 (JSC::NumberConstructor::NumberConstructor):
1345 (JSC::constructWithNumberConstructor):
1346 * kjs/NumberConstructor.h:
1347 * kjs/NumberObject.cpp:
1348 (JSC::NumberObject::NumberObject):
1349 (JSC::constructNumber):
1350 (JSC::constructNumberFromImmediateNumber):
1351 * kjs/NumberObject.h:
1352 * kjs/NumberPrototype.cpp:
1353 (JSC::NumberPrototype::NumberPrototype):
1354 * kjs/NumberPrototype.h:
1355 * kjs/ObjectConstructor.cpp:
1356 (JSC::ObjectConstructor::ObjectConstructor):
1357 (JSC::constructObject):
1358 * kjs/ObjectConstructor.h:
1359 * kjs/ObjectPrototype.cpp:
1360 (JSC::ObjectPrototype::ObjectPrototype):
1361 * kjs/ObjectPrototype.h:
1362 * kjs/PrototypeFunction.cpp:
1363 (JSC::PrototypeFunction::PrototypeFunction):
1364 * kjs/PrototypeFunction.h:
1365 * kjs/RegExpConstructor.cpp:
1366 (JSC::RegExpConstructor::RegExpConstructor):
1367 (JSC::RegExpMatchesArray::RegExpMatchesArray):
1368 (JSC::constructRegExp):
1369 * kjs/RegExpConstructor.h:
1370 * kjs/RegExpObject.cpp:
1371 (JSC::RegExpObject::RegExpObject):
1372 * kjs/RegExpObject.h:
1373 * kjs/RegExpPrototype.cpp:
1374 (JSC::RegExpPrototype::RegExpPrototype):
1375 * kjs/RegExpPrototype.h:
1377 (GlobalObject::GlobalObject):
1378 * kjs/StringConstructor.cpp:
1379 (JSC::StringConstructor::StringConstructor):
1380 (JSC::constructWithStringConstructor):
1381 * kjs/StringConstructor.h:
1382 * kjs/StringObject.cpp:
1383 (JSC::StringObject::StringObject):
1384 * kjs/StringObject.h:
1385 * kjs/StringObjectThatMasqueradesAsUndefined.h:
1386 (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
1387 * kjs/StringPrototype.cpp:
1388 (JSC::StringPrototype::StringPrototype):
1389 * kjs/StringPrototype.h:
1390 Take and pass structures.
1392 2008-09-19 Alp Toker <alp@nuanti.com>
1394 Build fix for the 'gold' linker and recent binutils. New behaviour
1395 requires that we link to used libraries explicitly.
1399 2008-09-19 Sam Weinig <sam@webkit.org>
1401 Roll r36694 back in. It did not cause the crash.
1403 * JavaScriptCore.exp:
1404 * VM/JSPropertyNameIterator.cpp:
1405 (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
1406 (JSC::JSPropertyNameIterator::invalidate):
1407 * VM/JSPropertyNameIterator.h:
1408 (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1409 (JSC::JSPropertyNameIterator::create):
1411 (JSC::JSObject::getPropertyNames):
1412 * kjs/PropertyMap.cpp:
1413 (JSC::PropertyMap::getEnumerablePropertyNames):
1414 * kjs/PropertyMap.h:
1415 * kjs/PropertyNameArray.cpp:
1416 (JSC::PropertyNameArray::add):
1417 * kjs/PropertyNameArray.h:
1418 (JSC::PropertyNameArrayData::create):
1419 (JSC::PropertyNameArrayData::propertyNameVector):
1420 (JSC::PropertyNameArrayData::setCachedPrototypeChain):
1421 (JSC::PropertyNameArrayData::cachedPrototypeChain):
1422 (JSC::PropertyNameArrayData::begin):
1423 (JSC::PropertyNameArrayData::end):
1424 (JSC::PropertyNameArrayData::PropertyNameArrayData):
1425 (JSC::PropertyNameArray::PropertyNameArray):
1426 (JSC::PropertyNameArray::addKnownUnique):
1427 (JSC::PropertyNameArray::size):
1428 (JSC::PropertyNameArray::operator[]):
1429 (JSC::PropertyNameArray::begin):
1430 (JSC::PropertyNameArray::end):
1431 (JSC::PropertyNameArray::setData):
1432 (JSC::PropertyNameArray::data):
1433 (JSC::PropertyNameArray::releaseData):
1434 * kjs/StructureID.cpp:
1435 (JSC::structureIDChainsAreEqual):
1436 (JSC::StructureID::getEnumerablePropertyNames):
1437 (JSC::StructureID::clearEnumerationCache):
1438 (JSC::StructureID::createCachedPrototypeChain):
1439 * kjs/StructureID.h:
1441 2008-09-19 Sam Weinig <sam@webkit.org>
1445 * JavaScriptCore.exp:
1446 * VM/JSPropertyNameIterator.cpp:
1447 (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
1448 (JSC::JSPropertyNameIterator::invalidate):
1449 * VM/JSPropertyNameIterator.h:
1450 (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1451 (JSC::JSPropertyNameIterator::create):
1453 (JSC::JSObject::getPropertyNames):
1454 * kjs/PropertyMap.cpp:
1455 (JSC::PropertyMap::getEnumerablePropertyNames):
1456 * kjs/PropertyMap.h:
1457 * kjs/PropertyNameArray.cpp:
1458 (JSC::PropertyNameArray::add):
1459 * kjs/PropertyNameArray.h:
1460 (JSC::PropertyNameArray::PropertyNameArray):
1461 (JSC::PropertyNameArray::addKnownUnique):
1462 (JSC::PropertyNameArray::begin):
1463 (JSC::PropertyNameArray::end):
1464 (JSC::PropertyNameArray::size):
1465 (JSC::PropertyNameArray::operator[]):
1466 (JSC::PropertyNameArray::releaseIdentifiers):
1467 * kjs/StructureID.cpp:
1468 (JSC::StructureID::getEnumerablePropertyNames):
1469 * kjs/StructureID.h:
1470 (JSC::StructureID::clearEnumerationCache):
1472 2008-09-19 Oliver Hunt <oliver@apple.com>
1474 Reviewed by Maciej Stachowiak.
1476 Improve peformance of local variable initialisation.
1478 Pull local and constant initialisation out of slideRegisterWindowForCall
1479 and into its own opcode. This allows the JIT to generate the initialisation
1480 code for a function directly into the instruction stream and so avoids a few
1481 branches on function entry.
1483 Results a 1% progression in SunSpider, particularly in a number of the bitop
1484 tests where the called functions are very fast.
1487 (JSC::CTI::emitInitialiseRegister):
1488 (JSC::CTI::privateCompileMainPass):
1491 (JSC::CodeBlock::dump):
1492 * VM/CodeGenerator.cpp:
1493 (JSC::CodeGenerator::CodeGenerator):
1495 (JSC::slideRegisterWindowForCall):
1496 (JSC::Machine::privateExecute):
1499 2008-09-19 Sam Weinig <sam@webkit.org>
1501 Reviewed by Darin Adler.
1503 Patch for https://bugs.webkit.org/show_bug.cgi?id=20928
1504 Speed up JS property enumeration by caching entire PropertyNameArray
1506 1.3% speedup on Sunspider, 30% on string-fasta.
1508 * JavaScriptCore.exp:
1509 * VM/JSPropertyNameIterator.cpp:
1510 (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
1511 (JSC::JSPropertyNameIterator::invalidate):
1512 * VM/JSPropertyNameIterator.h:
1513 (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1514 (JSC::JSPropertyNameIterator::create):
1516 (JSC::JSObject::getPropertyNames):
1517 * kjs/PropertyMap.cpp:
1518 (JSC::PropertyMap::getEnumerablePropertyNames):
1519 * kjs/PropertyMap.h:
1520 * kjs/PropertyNameArray.cpp:
1521 (JSC::PropertyNameArray::add):
1522 * kjs/PropertyNameArray.h:
1523 (JSC::PropertyNameArrayData::create):
1524 (JSC::PropertyNameArrayData::propertyNameVector):
1525 (JSC::PropertyNameArrayData::setCachedPrototypeChain):
1526 (JSC::PropertyNameArrayData::cachedPrototypeChain):
1527 (JSC::PropertyNameArrayData::begin):
1528 (JSC::PropertyNameArrayData::end):
1529 (JSC::PropertyNameArrayData::PropertyNameArrayData):
1530 (JSC::PropertyNameArray::PropertyNameArray):
1531 (JSC::PropertyNameArray::addKnownUnique):
1532 (JSC::PropertyNameArray::size):
1533 (JSC::PropertyNameArray::operator[]):
1534 (JSC::PropertyNameArray::begin):
1535 (JSC::PropertyNameArray::end):
1536 (JSC::PropertyNameArray::setData):
1537 (JSC::PropertyNameArray::data):
1538 (JSC::PropertyNameArray::releaseData):
1539 * kjs/ScopeChain.cpp:
1540 (JSC::ScopeChainNode::print):
1541 * kjs/StructureID.cpp:
1542 (JSC::structureIDChainsAreEqual):
1543 (JSC::StructureID::getEnumerablePropertyNames):
1544 (JSC::StructureID::clearEnumerationCache):
1545 (JSC::StructureID::createCachedPrototypeChain):
1546 * kjs/StructureID.h:
1548 2008-09-19 Holger Hans Peter Freyther <zecke@selfish.org>
1550 Reviewed by Maciej Stachowiak.
1552 Fix a mismatched new[]/delete in JSObject::allocatePropertyStorage
1555 (JSC::JSObject::allocatePropertyStorage): Spotted by valgrind.
1557 2008-09-19 Darin Adler <darin@apple.com>
1559 Reviewed by Sam Weinig.
1561 - part 2 of https://bugs.webkit.org/show_bug.cgi?id=20858
1562 make each distinct C++ class get a distinct JSC::Structure
1564 * JavaScriptCore.exp: Exported constructEmptyObject for use in WebCore.
1566 * kjs/JSGlobalObject.h: Changed the protected constructor to take a
1567 structure instead of a prototype.
1569 * kjs/JSVariableObject.h: Removed constructor that takes a prototype.
1571 2008-09-19 Julien Chaffraix <jchaffraix@pleyo.com>
1573 Reviewed by Alexey Proskuryakov.
1575 Use the template hoisting technique on the RefCounted class. This reduces the code bloat due to
1576 non-template methods' code been copied for each instance of the template.
1577 The patch splits RefCounted between a base class that holds non-template methods and attributes
1578 and the template RefCounted class that keeps the same functionnality.
1580 On my Linux with gcc 4.3 for the Gtk port, this is:
1581 - a ~600KB save on libwebkit.so in release.
1582 - a ~1.6MB save on libwebkit.so in debug.
1584 It is a wash on Sunspider and a small win on Dromaeo (not sure it is relevant).
1585 On the whole, it should be a small win as we reduce the compiled code size and the only
1586 new function call should be inlined by the compiler.
1589 (WTF::RefCountedBase::ref): Copied from RefCounted.
1590 (WTF::RefCountedBase::hasOneRef): Ditto.
1591 (WTF::RefCountedBase::refCount): Ditto.
1592 (WTF::RefCountedBase::RefCountedBase): Ditto.
1593 (WTF::RefCountedBase::~RefCountedBase): Ditto.
1594 (WTF::RefCountedBase::derefBase): Tweaked from the RefCounted version to remove
1596 (WTF::RefCounted::RefCounted):
1597 (WTF::RefCounted::deref): Small wrapper around RefCountedBase::derefBase().
1598 (WTF::RefCounted::~RefCounted): Keep private destructor.
1600 2008-09-18 Darin Adler <darin@apple.com>
1602 Reviewed by Maciej Stachowiak.
1604 - part 1 of https://bugs.webkit.org/show_bug.cgi?id=20858
1605 make each distinct C++ class get a distinct JSC::Structure
1607 * kjs/lookup.h: Removed things here that were used only in WebCore:
1608 cacheGlobalObject, JSC_DEFINE_PROTOTYPE, JSC_DEFINE_PROTOTYPE_WITH_PROTOTYPE,
1609 and JSC_IMPLEMENT_PROTOTYPE.
1611 2008-09-18 Darin Adler <darin@apple.com>
1613 Reviewed by Maciej Stachowiak.
1615 - https://bugs.webkit.org/show_bug.cgi?id=20927
1616 simplify/streamline the code to turn strings into identifiers while parsing
1618 * kjs/grammar.y: Get rid of string from the union, and use ident for STRING as
1622 (JSC::Lexer::lex): Use makeIdentifier instead of makeUString for String.
1623 * kjs/lexer.h: Remove makeUString.
1625 * kjs/nodes.h: Changed StringNode to hold an Identifier instead of UString.
1627 * VM/CodeGenerator.cpp:
1628 (JSC::keyForCharacterSwitch): Updated since StringNode now holds an Identifier.
1629 (JSC::prepareJumpTableForStringSwitch): Ditto.
1631 (JSC::StringNode::emitCode): Ditto. The comment from here is now in the lexer.
1632 (JSC::processClauseList): Ditto.
1633 * kjs/nodes2string.cpp:
1634 (JSC::StringNode::streamTo): Ditto.
1636 2008-09-18 Sam Weinig <sam@webkit.org>
1641 (JSC::Instruction::Instruction):
1643 2008-09-18 Oliver Hunt <oliver@apple.com>
1645 Reviewed by Maciej Stachowiak.
1647 Bug 20911: REGRESSION(r36480?): Reproducible assertion failure below derefStructureIDs 64-bit JavaScriptCore
1648 <https://bugs.webkit.org/show_bug.cgi?id=20911>
1650 The problem was simply caused by the int constructor for Instruction
1651 failing to initialise the full struct in 64bit builds.
1654 (JSC::Instruction::Instruction):
1656 2008-09-18 Darin Adler <darin@apple.com>
1660 * wtf/RefCountedLeakCounter.cpp: Removed stray "static".
1662 2008-09-18 Darin Adler <darin@apple.com>
1664 Reviewed by Sam Weinig.
1666 * kjs/JSGlobalObject.h: Tiny style guideline tweak.
1668 2008-09-18 Darin Adler <darin@apple.com>
1670 Reviewed by Sam Weinig.
1672 - fix https://bugs.webkit.org/show_bug.cgi?id=20925
1673 LEAK messages appear every time I quit
1675 * JavaScriptCore.exp: Updated, and also added an export
1676 needed for future WebCore use of JSC::StructureID.
1678 * wtf/RefCountedLeakCounter.cpp:
1679 (WTF::RefCountedLeakCounter::suppressMessages): Added.
1680 (WTF::RefCountedLeakCounter::cancelMessageSuppression): Added.
1681 (WTF::RefCountedLeakCounter::RefCountedLeakCounter): Tweaked a bit.
1682 (WTF::RefCountedLeakCounter::~RefCountedLeakCounter): Added code to
1683 log the reason there was no leak checking done.
1684 (WTF::RefCountedLeakCounter::increment): Tweaked a bit.
1685 (WTF::RefCountedLeakCounter::decrement): Ditto.
1687 * wtf/RefCountedLeakCounter.h: Replaced setLogLeakMessages with two
1688 new functions, suppressMessages and cancelMessageSuppression. Also
1689 added m_ prefixes to the data member names.
1691 2008-09-18 Holger Hans Peter Freyther <zecke@selfish.org>
1693 Reviewed by Mark Rowe.
1695 https://bugs.webkit.org/show_bug.cgi?id=20437
1697 Add a proper #define to define which XML Parser implementation to use. Client
1698 code can use #if USE(QXMLSTREAM) to decide if the Qt XML StreamReader
1699 implementation is going to be used.
1703 2008-09-18 Cameron Zwarich <cwzwarich@uwaterloo.ca>
1705 Reviewed by Maciej Stachowiak.
1707 Make a Unicode non-breaking space count as a whitespace character in
1708 PCRE. This change was already made in WREC, and it fixes one of the
1709 Mozilla JS tests. Since it is now fixed in PCRE as well, we can check
1710 in a new set of expected test results.
1712 * pcre/pcre_internal.h:
1714 * tests/mozilla/expected.html:
1716 2008-09-18 Stephanie Lewis <slewis@apple.com>
1718 Reviewed by Mark Rowe and Maciej Stachowiak.
1720 add an option use arch to specify which architecture to run.
1722 * tests/mozilla/jsDriver.pl:
1724 2008-09-17 Oliver Hunt <oliver@apple.com>
1726 Correctly restore argument reference prior to SFX runtime calls.
1728 Reviewed by Steve Falkenburg.
1731 (JSC::CTI::privateCompileSlowCases):
1732 (JSC::CTI::privateCompile):
1734 2008-09-17 Cameron Zwarich <cwzwarich@uwaterloo.ca>
1736 Reviewed by Maciej Stachowiak.
1738 Bug 20876: REGRESSION (r36417, r36427): fast/js/exception-expression-offset.html fails
1739 <https://bugs.webkit.org/show_bug.cgi?id=20876>
1741 r36417 and r36427 caused an get_by_id opcode to be emitted before the
1742 instanceof and construct opcodes, in order to enable inline caching of
1743 the prototype property. Unfortunately, this regressed some tests dealing
1744 with exceptions thrown by 'instanceof' and the 'new' operator. We fix
1745 these problems by detecting whether an "is not an object" exception is
1746 thrown before op_instanceof or op_construct, and emit the proper
1747 exception in those cases.
1749 * VM/CodeGenerator.cpp:
1750 (JSC::CodeGenerator::emitConstruct):
1751 * VM/CodeGenerator.h:
1752 * VM/ExceptionHelpers.cpp:
1753 (JSC::createInvalidParamError):
1754 (JSC::createNotAConstructorError):
1755 (JSC::createNotAnObjectError):
1756 * VM/ExceptionHelpers.h:
1758 (JSC::Machine::getOpcode):
1759 (JSC::Machine::privateExecute):
1762 (JSC::NewExprNode::emitCode):
1763 (JSC::InstanceOfNode::emitCode):
1765 2008-09-17 Gavin Barraclough <barraclough@apple.com>
1767 Reviewed by Oliver Hunt.
1769 JIT generation cti_op_construct_verify.
1771 Quarter to half percent progression on v8-tests.
1772 Roughly not change on SunSpider (possible minor progression).
1775 (JSC::CTI::privateCompileMainPass):
1779 2008-09-15 Steve Falkenburg <sfalken@apple.com>
1781 Improve timer accuracy for JavaScript Date object on Windows.
1783 Use a combination of ftime and QueryPerformanceCounter.
1784 ftime returns the information we want, but doesn't have sufficient resolution.
1785 QueryPerformanceCounter has high resolution, but is only usable to measure time intervals.
1786 To combine them, we call ftime and QueryPerformanceCounter initially. Later calls will use
1787 QueryPerformanceCounter by itself, adding the delta to the saved ftime. We re-sync to
1788 correct for drift if the low-res and high-res elapsed time between calls differs by more
1789 than twice the low-resolution timer resolution.
1791 QueryPerformanceCounter may be inaccurate due to a problems with:
1792 - some PCI bridge chipsets (http://support.microsoft.com/kb/274323)
1793 - BIOS bugs (http://support.microsoft.com/kb/895980/)
1794 - BIOS/HAL bugs on multiprocessor/multicore systems (http://msdn.microsoft.com/en-us/library/ms644904.aspx)
1796 Reviewed by Darin Adler.
1799 (JSC::highResUpTime):
1800 (JSC::lowResUTCTime):
1801 (JSC::qpcAvailable):
1802 (JSC::getCurrentUTCTimeWithMicroseconds):
1804 2008-09-17 Gavin Barraclough <barraclough@apple.com>
1806 Reviewed by Geoff Garen.
1808 Implement JIT generation of CallFrame initialization, for op_call.
1810 1% sunspider 2.5% v8-tests.
1813 (JSC::CTI::compileOpCall):
1815 (JSC::Machine::cti_op_call_JSFunction):
1816 (JSC::Machine::cti_op_call_NotJSFunction):
1818 2008-09-17 Gavin Barraclough <barraclough@apple.com>
1820 Reviewed by Geoff Garen.
1822 Optimizations for op_call in CTI. Move check for (ctiCode == 0) into JIT code,
1823 move copying of scopeChain for CodeBlocks that needFullScopeChain into head of
1824 functions, instead of checking prior to making the call.
1826 3% on v8-tests (4% on richards, 6% in delta-blue)
1829 (JSC::CTI::compileOpCall):
1830 (JSC::CTI::privateCompileSlowCases):
1831 (JSC::CTI::privateCompile):
1833 (JSC::Machine::execute):
1834 (JSC::Machine::cti_op_call_JSFunction):
1835 (JSC::Machine::cti_vm_compile):
1836 (JSC::Machine::cti_vm_updateScopeChain):
1837 (JSC::Machine::cti_op_construct_JSConstruct):
1840 2008-09-17 Tor Arne Vestbø <tavestbo@trolltech.com>
1842 Fix the QtWebKit/Mac build
1844 * wtf/ThreadingQt.cpp:
1845 (WTF::initializeThreading): use QCoreApplication to get the main thread
1847 2008-09-16 Cameron Zwarich <cwzwarich@uwaterloo.ca>
1849 Reviewed by Maciej Stachowiak.
1851 Bug 20857: REGRESSION (r36427): ASSERTION FAILED: m_refCount >= 0 in RegisterID::deref()
1852 <https://bugs.webkit.org/show_bug.cgi?id=20857>
1854 Fix a problem stemming from the slightly unsafe behaviour of the
1855 CodeGenerator::finalDestination() method by putting the "func" argument
1856 of the emitConstruct() method in a RefPtr in its caller. Also, add an
1857 assertion guaranteeing that this is always the case.
1859 CodeGenerator::finalDestination() is still incorrect and can cause
1860 problems with a different allocator; see bug 20340 for more details.
1862 * VM/CodeGenerator.cpp:
1863 (JSC::CodeGenerator::emitConstruct):
1865 (JSC::NewExprNode::emitCode):
1867 2008-09-16 Alice Liu <alice.liu@apple.com>
1872 (JSC::CTI::privateCompileMainPass):
1874 2008-09-16 Gavin Barraclough <barraclough@apple.com>
1876 Reviewed by Geoff Garen.
1878 CTI code generation for op_ret. The majority of the work
1879 (updating variables on the stack & on exec) can be performed
1880 directly in generated code.
1882 We still need to check, & to call out to C-code to handle
1883 activation records, profiling, and full scope chains.
1885 +1.5% Sunspider, +5/6% v8 tests.
1888 (JSC::CTI::emitPutCTIParam):
1889 (JSC::CTI::compileOpCall):
1890 (JSC::CTI::privateCompileMainPass):
1893 (JSC::Machine::cti_op_ret_activation):
1894 (JSC::Machine::cti_op_ret_profiler):
1895 (JSC::Machine::cti_op_ret_scopeChain):
1898 2008-09-16 Dimitri Glazkov <dglazkov@chromium.org>
1900 Fix the Windows build.
1902 Add some extra parentheses to stop MSVC from complaining so much.
1905 (JSC::Machine::privateExecute):
1906 (JSC::Machine::cti_op_stricteq):
1907 (JSC::Machine::cti_op_nstricteq):
1908 * kjs/operations.cpp:
1911 2008-09-15 Maciej Stachowiak <mjs@apple.com>
1913 Reviewed by Cameron Zwarich.
1915 - speed up the === and !== operators by choosing the fast cases better
1917 No effect on SunSpider but speeds up the V8 EarlyBoyer benchmark about 4%.
1920 (JSC::Machine::privateExecute):
1921 (JSC::Machine::cti_op_stricteq):
1922 (JSC::Machine::cti_op_nstricteq):
1923 * kjs/JSImmediate.h:
1924 (JSC::JSImmediate::areBothImmediate):
1925 * kjs/operations.cpp:
1927 (JSC::strictEqualSlowCase):
1930 2008-09-15 Oliver Hunt <oliver@apple.com>
1934 Coding style cleanup.
1937 (JSC::Machine::privateExecute):
1939 2008-09-15 Oliver Hunt <oliver@apple.com>
1941 Reviewed by Cameron Zwarich.
1943 Bug 20874: op_resolve does not do any form of caching
1944 <https://bugs.webkit.org/show_bug.cgi?id=20874>
1946 This patch adds an op_resolve_global opcode to handle (and cache)
1947 property lookup we can statically determine must occur on the global
1950 3% progression on sunspider, 3.2x improvement to bitops-bitwise-and, and
1951 10% in math-partial-sums
1954 (JSC::CTI::privateCompileMainPass):
1957 (JSC::CodeBlock::dump):
1958 * VM/CodeGenerator.cpp:
1959 (JSC::CodeGenerator::findScopedProperty):
1960 (JSC::CodeGenerator::emitResolve):
1962 (JSC::resolveGlobal):
1963 (JSC::Machine::privateExecute):
1964 (JSC::Machine::cti_op_resolve_global):
1968 2008-09-15 Sam Weinig <sam@webkit.org>
1970 Roll out r36462. It broke document.all.
1973 (JSC::CTI::privateCompileMainPass):
1974 (JSC::CTI::privateCompileSlowCases):
1977 (JSC::Machine::Machine):
1978 (JSC::Machine::cti_op_eq_null):
1979 (JSC::Machine::cti_op_neq_null):
1981 (JSC::Machine::isJSString):
1983 * kjs/JSWrapperObject.h:
1984 * kjs/StringObject.h:
1985 * kjs/StringObjectThatMasqueradesAsUndefined.h:
1987 2008-09-15 Cameron Zwarich <cwzwarich@uwaterloo.ca>
1989 Reviewed by Maciej Stachowiak.
1991 Bug 20863: ASSERTION FAILED: addressOffset < instructions.size() in CodeBlock::getHandlerForVPC
1992 <https://bugs.webkit.org/show_bug.cgi?id=20863>
1994 r36427 changed the number of arguments to op_construct without changing
1995 the argument index for the vPC in the call to initializeCallFrame() in
1996 the CTI case. This caused a JSC test failure. Correcting the argument
1997 index fixes the test failure.
2000 (JSC::Machine::cti_op_construct_JSConstruct):
2002 2008-09-15 Mark Rowe <mrowe@apple.com>
2008 2008-09-15 Geoffrey Garen <ggaren@apple.com>
2010 Reviewed by Maciej Stachowiak.
2012 Fixed a typo in op_get_by_id_chain that caused it to miss every time
2015 Also, a little cleanup.
2018 (JSC::Machine::privateExecute): Set up baseObject before entering the
2019 loop, so we compare against the right values.
2021 2008-09-15 Geoffrey Garen <ggaren@apple.com>
2023 Reviewed by Sam Weinig.
2025 Removed the CalledAsConstructor flag from the call frame header. Now,
2026 we use an explicit opcode at the call site to fix up constructor results.
2028 SunSpider says 0.4% faster.
2030 cti_op_construct_verify is an out-of-line function call for now, but we
2031 can fix that once StructureID holds type information like isObject.
2034 (JSC::CTI::privateCompileMainPass): Codegen for the new opcode.
2037 (JSC::CodeBlock::dump):
2039 * VM/CodeGenerator.cpp: Codegen for the new opcode. Also...
2040 (JSC::CodeGenerator::emitCall): ... don't test for known non-zero value.
2041 (JSC::CodeGenerator::emitConstruct): ... ditto.
2043 * VM/Machine.cpp: No more CalledAsConstructor
2044 (JSC::Machine::privateExecute): Implementation for the new opcode.
2045 (JSC::Machine::cti_op_ret): The speedup: no need to check whether we were
2046 called as a constructor.
2047 (JSC::Machine::cti_op_construct_verify): Implementation for the new opcode.
2050 * VM/Opcode.h: Declare new opcode.
2052 * VM/RegisterFile.h:
2053 (JSC::RegisterFile::): No more CalledAsConstructor
2055 2008-09-15 Gavin Barraclough <barraclough@apple.com>
2057 Reviewed by Geoff Garen.
2059 Inline code generation of eq_null/neq_null for CTI. Uses vptr checking for
2060 StringObjectsThatAreMasqueradingAsBeingUndefined. In the long run, the
2061 masquerading may be handled differently (through the StructureIDs - see bug
2067 (JSC::CTI::emitJumpSlowCaseIfIsJSCell):
2068 (JSC::CTI::privateCompileMainPass):
2069 (JSC::CTI::privateCompileSlowCases):
2072 (JSC::Machine::Machine):
2073 (JSC::Machine::cti_op_eq_null):
2074 (JSC::Machine::cti_op_neq_null):
2076 (JSC::Machine::doesMasqueradesAsUndefined):
2077 * kjs/JSWrapperObject.h:
2078 (JSC::JSWrapperObject::):
2079 (JSC::JSWrapperObject::JSWrapperObject):
2080 * kjs/StringObject.h:
2081 (JSC::StringObject::StringObject):
2082 * kjs/StringObjectThatMasqueradesAsUndefined.h:
2083 (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
2085 2008-09-15 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2087 Rubber-stamped by Oliver Hunt.
2089 r36427 broke CodeBlock::dump() by changing the number of arguments to
2090 op_construct without changing the code that prints it. This patch fixes
2091 it by printing the additional argument.
2093 * JavaScriptCore.xcodeproj/project.pbxproj:
2095 (JSC::CodeBlock::dump):
2097 2008-09-15 Adam Roben <aroben@apple.com>
2101 * kjs/StructureID.cpp: Removed a stray semicolon.
2103 2008-09-15 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2105 Reviewed by Maciej Stachowiak.
2107 Fix a crash in fast/js/exception-expression-offset.html caused by not
2108 updating all mentions of the length of op_construct in r36427.
2111 (JSC::Machine::cti_op_construct_NotJSConstruct):
2113 2008-09-15 Maciej Stachowiak <mjs@apple.com>
2115 Reviewed by Cameron Zwarich.
2117 - fix layout test failure introduced by fix for 20849
2119 (The failing test was fast/js/delete-then-put.html)
2122 (JSC::JSObject::removeDirect): Clear enumeration cache
2123 in the dictionary case.
2125 (JSC::JSObject::putDirect): Ditto.
2126 * kjs/StructureID.h:
2127 (JSC::StructureID::clearEnumerationCache): Inline to handle the
2130 2008-09-15 Maciej Stachowiak <mjs@apple.com>
2132 Reviewed by Cameron Zwarich.
2134 - fix JSC test failures introduced by fix for 20849
2136 * kjs/PropertyMap.cpp:
2137 (JSC::PropertyMap::getEnumerablePropertyNames): Use the correct count.
2139 2008-09-15 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2141 Reviewed by Maciej Stachowiak.
2143 Bug 20851: REGRESSION (r36410): fast/js/kde/GlobalObject.html fails
2144 <https://bugs.webkit.org/show_bug.cgi?id=20851>
2146 r36410 introduced an optimization for parseInt() that is incorrect when
2147 its argument is larger than the range of a 32-bit integer. If the
2148 argument is a number that is not an immediate integer, then the correct
2149 behaviour is to return the floor of its value, unless it is an infinite
2150 value, in which case the correct behaviour is to return 0.
2152 * kjs/JSGlobalObjectFunctions.cpp:
2153 (JSC::globalFuncParseInt):
2155 2008-09-15 Sam Weinig <sam@webkit.org>
2157 Reviewed by Maciej Stachowiak.
2159 Patch for https://bugs.webkit.org/show_bug.cgi?id=20849
2160 Cache property names for getEnumerablePropertyNames in the StructureID.
2162 ~0.5% speedup on Sunspider overall (9.7% speedup on string-fasta). ~1% speedup
2163 on the v8 test suite.
2166 (JSC::JSObject::getPropertyNames):
2167 * kjs/PropertyMap.cpp:
2168 (JSC::PropertyMap::getEnumerablePropertyNames):
2169 * kjs/PropertyMap.h:
2170 * kjs/StructureID.cpp:
2171 (JSC::StructureID::StructureID):
2172 (JSC::StructureID::getEnumerablePropertyNames):
2173 * kjs/StructureID.h:
2175 2008-09-14 Maciej Stachowiak <mjs@apple.com>
2177 Reviewed by Cameron Zwarich.
2179 - speed up JS construction by extracting "prototype" lookup so PIC applies.
2181 ~0.5% speedup on SunSpider
2182 Speeds up some of the V8 tests as well, most notably earley-boyer.
2185 (JSC::CTI::compileOpCall): Account for extra arg for prototype.
2186 (JSC::CTI::privateCompileMainPass): Account for increased size of op_construct.
2187 * VM/CodeGenerator.cpp:
2188 (JSC::CodeGenerator::emitConstruct): Emit separate lookup to get prototype property.
2190 (JSC::Machine::privateExecute): Expect prototype arg in op_construct.
2191 (JSC::Machine::cti_op_construct_JSConstruct): ditto
2192 (JSC::Machine::cti_op_construct_NotJSConstruct): ditto
2194 2008-09-10 Alexey Proskuryakov <ap@webkit.org>
2196 Reviewed by Eric Seidel.
2198 Add a protected destructor for RefCounted.
2200 It is wrong to call its destructor directly, because (1) this should be taken care of by
2201 deref(), and (2) many classes that use RefCounted have non-virtual destructors.
2203 No change in behavior.
2205 * wtf/RefCounted.h: (WTF::RefCounted::~RefCounted):
2207 2008-09-14 Gavin Barraclough <barraclough@apple.com>
2209 Reviewed by Sam Weinig.
2211 Accelerated property accesses.
2213 Inline more of the array access code into the JIT code for get/put_by_val.
2214 Accelerate get/put_by_id by speculatively inlining a disable direct access
2215 into the hot path of the code, and repatch this with the correct StructureID
2216 and property map offset once these are known. In the case of accesses to the
2217 prototype and reading the array-length a trampoline is genertaed, and the
2218 branch to the slow-case is relinked to jump to this.
2220 By repatching, we mean rewriting the x86 instruction stream. Instructions are
2221 only modified in a simple fasion - altering immediate operands, memory access
2222 deisplacements, and branch offsets.
2224 For regular get_by_id/put_by_id accesses to an object, a StructureID in an
2225 instruction's immediate operant is updateded, and a memory access operation's
2226 displacement is updated to access the correct field on the object. In the case
2227 of more complex accesses (array length and get_by_id_prototype) the offset on
2228 the branch to slow-case is updated, to now jump to a trampoline.
2230 +2.8% sunspider, +13% v8-tests
2233 (JSC::CTI::emitCall):
2234 (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
2236 (JSC::CTI::privateCompileMainPass):
2237 (JSC::CTI::privateCompileSlowCases):
2238 (JSC::CTI::privateCompile):
2239 (JSC::CTI::privateCompileGetByIdSelf):
2240 (JSC::CTI::privateCompileGetByIdProto):
2241 (JSC::CTI::privateCompileGetByIdChain):
2242 (JSC::CTI::privateCompilePutByIdReplace):
2243 (JSC::CTI::privateCompilePutByIdTransition):
2244 (JSC::CTI::privateCompileArrayLengthTrampoline):
2245 (JSC::CTI::privateCompileStringLengthTrampoline):
2246 (JSC::CTI::patchGetByIdSelf):
2247 (JSC::CTI::patchPutByIdReplace):
2248 (JSC::CTI::privateCompilePatchGetArrayLength):
2249 (JSC::CTI::privateCompilePatchGetStringLength):
2251 (JSC::CTI::compileGetByIdSelf):
2252 (JSC::CTI::compileGetByIdProto):
2253 (JSC::CTI::compileGetByIdChain):
2254 (JSC::CTI::compilePutByIdReplace):
2255 (JSC::CTI::compilePutByIdTransition):
2256 (JSC::CTI::compileArrayLengthTrampoline):
2257 (JSC::CTI::compileStringLengthTrampoline):
2258 (JSC::CTI::compilePatchGetArrayLength):
2259 (JSC::CTI::compilePatchGetStringLength):
2261 (JSC::CodeBlock::dump):
2262 (JSC::CodeBlock::~CodeBlock):
2264 (JSC::StructureStubInfo::StructureStubInfo):
2265 (JSC::CodeBlock::getStubInfo):
2267 (JSC::Machine::tryCTICachePutByID):
2268 (JSC::Machine::tryCTICacheGetByID):
2269 (JSC::Machine::cti_op_put_by_val_array):
2271 * masm/X86Assembler.h:
2272 (JSC::X86Assembler::):
2273 (JSC::X86Assembler::cmpl_i8m):
2274 (JSC::X86Assembler::emitUnlinkedJa):
2275 (JSC::X86Assembler::getRelocatedAddress):
2276 (JSC::X86Assembler::getDifferenceBetweenLabels):
2277 (JSC::X86Assembler::emitModRm_opmsib):
2279 2008-09-14 Maciej Stachowiak <mjs@apple.com>
2281 Reviewed by Cameron Zwarich.
2283 - split the "prototype" lookup for hasInstance into opcode stream so it can be cached
2285 ~5% speedup on v8 earley-boyer test
2287 * API/JSCallbackObject.h: Add a parameter for the pre-looked-up prototype.
2288 * API/JSCallbackObjectFunctions.h:
2289 (JSC::::hasInstance): Ditto.
2290 * API/JSValueRef.cpp:
2291 (JSValueIsInstanceOfConstructor): Look up and pass in prototype.
2292 * JavaScriptCore.exp:
2294 (JSC::CTI::privateCompileMainPass): Pass along prototype.
2296 (JSC::CodeBlock::dump): Print third arg.
2297 * VM/CodeGenerator.cpp:
2298 (JSC::CodeGenerator::emitInstanceOf): Implement this, now that there
2299 is a third argument.
2300 * VM/CodeGenerator.h:
2302 (JSC::Machine::privateExecute): Pass along the prototype.
2303 (JSC::Machine::cti_op_instanceof): ditto
2305 (JSC::JSObject::hasInstance): Expect to get a pre-looked-up prototype.
2308 (JSC::InstanceOfNode::emitCode): Emit a get_by_id of the prototype
2309 property and pass that register to instanceof.
2312 2008-09-14 Gavin Barraclough <barraclough@apple.com>
2314 Reviewed by Sam Weinig.
2316 Remove unnecessary virtual function call from cti_op_call_JSFunction -
2317 ~5% on richards, ~2.5% on v8-tests, ~0.5% on sunspider.
2320 (JSC::Machine::cti_op_call_JSFunction):
2322 2008-09-14 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2324 Reviewed by Maciej Stachowiak.
2326 Bug 20827: the 'typeof' operator is slow
2327 <https://bugs.webkit.org/show_bug.cgi?id=20827>
2329 Optimize the 'typeof' operator when its result is compared to a constant
2332 This is a 5.5% speedup on the V8 Earley-Boyer test.
2335 (JSC::CTI::privateCompileMainPass):
2337 (JSC::CodeBlock::dump):
2338 * VM/CodeGenerator.cpp:
2339 (JSC::CodeGenerator::emitEqualityOp):
2340 * VM/CodeGenerator.h:
2342 (JSC::jsIsObjectType):
2343 (JSC::jsIsFunctionType):
2344 (JSC::Machine::privateExecute):
2345 (JSC::Machine::cti_op_is_undefined):
2346 (JSC::Machine::cti_op_is_boolean):
2347 (JSC::Machine::cti_op_is_number):
2348 (JSC::Machine::cti_op_is_string):
2349 (JSC::Machine::cti_op_is_object):
2350 (JSC::Machine::cti_op_is_function):
2354 (JSC::BinaryOpNode::emitCode):
2355 (JSC::EqualNode::emitCode):
2356 (JSC::StrictEqualNode::emitCode):
2359 2008-09-14 Sam Weinig <sam@webkit.org>
2361 Reviewed by Cameron Zwarich.
2363 Patch for https://bugs.webkit.org/show_bug.cgi?id=20844
2364 Speed up parseInt for numbers
2366 Sunspider reports this as 1.029x as fast overall and 1.37x as fast on string-unpack-code.
2367 No change on the v8 suite.
2369 * kjs/JSGlobalObjectFunctions.cpp:
2370 (JSC::globalFuncParseInt): Don't convert numbers to strings just to
2371 convert them back to numbers.
2373 2008-09-14 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2375 Reviewed by Oliver Hunt.
2377 Bug 20816: op_lesseq should be optimized
2378 <https://bugs.webkit.org/show_bug.cgi?id=20816>
2380 Add a loop_if_lesseq opcode that is similar to the loop_if_less opcode.
2382 This is a 9.4% speedup on the V8 Crypto benchmark.
2385 (JSC::CTI::privateCompileMainPass):
2386 (JSC::CTI::privateCompileSlowCases):
2388 (JSC::CodeBlock::dump):
2389 * VM/CodeGenerator.cpp:
2390 (JSC::CodeGenerator::emitJumpIfTrue):
2392 (JSC::Machine::privateExecute):
2393 (JSC::Machine::cti_op_loop_if_lesseq):
2397 2008-09-14 Sam Weinig <sam@webkit.org>
2399 Reviewed by Cameron Zwarich.
2401 Cleanup Sampling code.
2404 (JSC::CTI::emitCall):
2405 (JSC::CTI::privateCompileMainPass):
2407 (JSC::CTI::execute):
2408 * VM/SamplingTool.cpp:
2410 (JSC::SamplingTool::run):
2411 (JSC::SamplingTool::dump):
2412 * VM/SamplingTool.h:
2413 (JSC::SamplingTool::callingHostFunction):
2415 2008-09-13 Oliver Hunt <oliver@apple.com>
2417 Reviewed by Cameron Zwarich.
2419 Bug 20821: Cache property transitions to speed up object initialization
2420 https://bugs.webkit.org/show_bug.cgi?id=20821
2422 Implement a transition cache to improve the performance of new properties
2423 being added to objects. This is extremely beneficial in constructors and
2424 shows up as a 34% improvement on access-binary-trees in SunSpider (0.8%
2428 (JSC::CTI::privateCompileMainPass):
2430 (JSC::transitionWillNeedStorageRealloc):
2431 (JSC::CTI::privateCompilePutByIdTransition):
2433 (JSC::CTI::compilePutByIdTransition):
2435 (JSC::printPutByIdOp):
2436 (JSC::CodeBlock::printStructureIDs):
2437 (JSC::CodeBlock::dump):
2438 (JSC::CodeBlock::derefStructureIDs):
2439 (JSC::CodeBlock::refStructureIDs):
2440 * VM/CodeGenerator.cpp:
2441 (JSC::CodeGenerator::emitPutById):
2443 (JSC::cachePrototypeChain):
2444 (JSC::Machine::tryCachePutByID):
2445 (JSC::Machine::tryCacheGetByID):
2446 (JSC::Machine::privateExecute):
2447 (JSC::Machine::tryCTICachePutByID):
2448 (JSC::Machine::tryCTICacheGetByID):
2452 (JSC::JSObject::putDirect):
2453 (JSC::JSObject::transitionTo):
2454 * kjs/PutPropertySlot.h:
2455 (JSC::PutPropertySlot::PutPropertySlot):
2456 (JSC::PutPropertySlot::wasTransition):
2457 (JSC::PutPropertySlot::setWasTransition):
2458 * kjs/StructureID.cpp:
2459 (JSC::StructureID::transitionTo):
2460 (JSC::StructureIDChain::StructureIDChain):
2461 * kjs/StructureID.h:
2462 (JSC::StructureID::previousID):
2463 (JSC::StructureID::setCachedPrototypeChain):
2464 (JSC::StructureID::cachedPrototypeChain):
2465 (JSC::StructureID::propertyMap):
2466 * masm/X86Assembler.h:
2467 (JSC::X86Assembler::addl_i8m):
2468 (JSC::X86Assembler::subl_i8m):
2470 2008-09-12 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2472 Reviewed by Maciej Stachowiak.
2474 Bug 20819: JSValue::isObject() is slow
2475 <https://bugs.webkit.org/show_bug.cgi?id=20819>
2477 Optimize JSCell::isObject() and JSCell::isString() by making them
2478 non-virtual calls that rely on the StructureID type information.
2480 This is a 0.7% speedup on SunSpider and a 1.0% speedup on the V8
2483 * JavaScriptCore.exp:
2486 (JSC::JSCell::isObject):
2487 (JSC::JSCell::isString):
2492 (JSC::JSString::JSString):
2493 * kjs/StructureID.h:
2494 (JSC::StructureID::type):
2496 2008-09-11 Stephanie Lewis <slewis@apple.com>
2498 Reviewed by Oliver Hunt.
2500 Turn off PGO Optimization on CTI.cpp -> <rdar://problem/6207709>. Fixes
2501 crash on CNN and on Dromaeo.
2502 Fix Missing close tag in vcproj.
2504 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2506 2008-09-11 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2510 Correct an SVN problem with the last commit and actually add the new
2513 * wrec/CharacterClassConstructor.cpp: Added.
2515 (JSC::getCharacterClassNewline):
2516 (JSC::getCharacterClassDigits):
2517 (JSC::getCharacterClassSpaces):
2518 (JSC::getCharacterClassWordchar):
2519 (JSC::getCharacterClassNondigits):
2520 (JSC::getCharacterClassNonspaces):
2521 (JSC::getCharacterClassNonwordchar):
2522 (JSC::CharacterClassConstructor::addSorted):
2523 (JSC::CharacterClassConstructor::addSortedRange):
2524 (JSC::CharacterClassConstructor::put):
2525 (JSC::CharacterClassConstructor::flush):
2526 (JSC::CharacterClassConstructor::append):
2527 * wrec/CharacterClassConstructor.h: Added.
2528 (JSC::CharacterClassConstructor::CharacterClassConstructor):
2529 (JSC::CharacterClassConstructor::isUpsideDown):
2530 (JSC::CharacterClassConstructor::charClass):
2532 2008-09-11 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2534 Reviewed by Maciej Stachowiak.
2536 Bug 20788: Split CharacterClassConstructor into its own file
2537 <https://bugs.webkit.org/show_bug.cgi?id=20788>
2539 Split CharacterClassConstructor into its own file and clean up some
2542 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2543 * JavaScriptCore.xcodeproj/project.pbxproj:
2544 * wrec/CharacterClassConstructor.cpp: Added.
2546 (JSC::getCharacterClassNewline):
2547 (JSC::getCharacterClassDigits):
2548 (JSC::getCharacterClassSpaces):
2549 (JSC::getCharacterClassWordchar):
2550 (JSC::getCharacterClassNondigits):
2551 (JSC::getCharacterClassNonspaces):
2552 (JSC::getCharacterClassNonwordchar):
2553 (JSC::CharacterClassConstructor::addSorted):
2554 (JSC::CharacterClassConstructor::addSortedRange):
2555 (JSC::CharacterClassConstructor::put):
2556 (JSC::CharacterClassConstructor::flush):
2557 (JSC::CharacterClassConstructor::append):
2558 * wrec/CharacterClassConstructor.h: Added.
2559 (JSC::CharacterClassConstructor::CharacterClassConstructor):
2560 (JSC::CharacterClassConstructor::isUpsideDown):
2561 (JSC::CharacterClassConstructor::charClass):
2563 (JSC::WRECParser::parseCharacterClass):
2565 2008-09-10 Simon Hausmann <hausmann@webkit.org>
2567 Not reviewed but trivial one-liner for yet unused macro.
2569 Changed PLATFORM(WINCE) to PLATFORM(WIN_CE) as requested by Mark.
2571 (part of https://bugs.webkit.org/show_bug.cgi?id=20746)
2575 2008-09-10 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2577 Rubber-stamped by Oliver Hunt.
2579 Fix a typo by renaming the overloaded orl_rr that takes an immediate to
2583 (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
2584 * masm/X86Assembler.h:
2585 (JSC::X86Assembler::orl_i32r):
2587 (JSC::WRECGenerator::generatePatternCharacter):
2588 (JSC::WRECGenerator::generateCharacterClassInverted):
2590 2008-09-10 Sam Weinig <sam@webkit.org>
2592 Reviewed by Geoff Garen.
2594 Add inline property storage for JSObject.
2596 1.2% progression on Sunspider. .5% progression on the v8 test suite.
2598 * JavaScriptCore.exp:
2600 (JSC::CTI::privateCompileGetByIdProto):
2601 (JSC::CTI::privateCompileGetByIdChain):
2603 (JSC::JSObject::mark): There is no reason to check storageSize now that
2605 (JSC::JSObject::allocatePropertyStorage): Allocates/reallocates heap storage.
2607 (JSC::JSObject::offsetForLocation): m_propertyStorage is not an OwnArrayPtr
2608 now so there is no reason to .get()
2609 (JSC::JSObject::usingInlineStorage):
2610 (JSC::JSObject::JSObject): Start with m_propertyStorage pointing to the
2612 (JSC::JSObject::~JSObject): Free the heap storage if not using the inline
2614 (JSC::JSObject::putDirect): Switch to the heap storage only when we know
2615 we know that we are about to add a property that will overflow the inline
2617 * kjs/PropertyMap.cpp:
2618 (JSC::PropertyMap::createTable): Don't allocate the propertyStorage, that is
2619 now handled by JSObject.
2620 (JSC::PropertyMap::rehash): PropertyStorage is not a OwnArrayPtr anymore.
2621 * kjs/PropertyMap.h:
2622 (JSC::PropertyMap::storageSize): Rename from markingCount.
2623 * kjs/StructureID.cpp:
2624 (JSC::StructureID::addPropertyTransition): Don't resize the property storage
2625 if we are using inline storage.
2626 * kjs/StructureID.h:
2628 2008-09-10 Oliver Hunt <oliver@apple.com>
2630 Reviewed by Geoff Garen.
2632 Inline immediate number version of op_mul.
2634 Renamed mull_rr to imull_rr as that's what it's
2635 actually doing, and added imull_i32r for the constant
2636 case immediate multiply.
2638 1.1% improvement to SunSpider.
2641 (JSC::CTI::privateCompileMainPass):
2642 (JSC::CTI::privateCompileSlowCases):
2643 * masm/X86Assembler.h:
2644 (JSC::X86Assembler::):
2645 (JSC::X86Assembler::imull_rr):
2646 (JSC::X86Assembler::imull_i32r):
2648 2008-09-10 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2654 * JavaScriptCore.xcodeproj/project.pbxproj:
2656 2008-09-09 Oliver Hunt <oliver@apple.com>
2658 Reviewed by Maciej Stachowiak.
2660 Add optimised access to known properties on the global object.
2662 Improve cross scope access to the global object by emitting
2663 code to access it directly rather than by walking the scope chain.
2665 This is a 0.8% win in SunSpider and a 1.7% win in the v8 benchmarks.
2668 (JSC::CTI::privateCompileMainPass):
2669 (JSC::CTI::emitGetVariableObjectRegister):
2670 (JSC::CTI::emitPutVariableObjectRegister):
2673 (JSC::CodeBlock::dump):
2674 * VM/CodeGenerator.cpp:
2675 (JSC::CodeGenerator::findScopedProperty):
2676 (JSC::CodeGenerator::emitResolve):
2677 (JSC::CodeGenerator::emitGetScopedVar):
2678 (JSC::CodeGenerator::emitPutScopedVar):
2679 * VM/CodeGenerator.h:
2681 (JSC::Machine::privateExecute):
2684 (JSC::FunctionCallResolveNode::emitCode):
2685 (JSC::PostfixResolveNode::emitCode):
2686 (JSC::PrefixResolveNode::emitCode):
2687 (JSC::ReadModifyResolveNode::emitCode):
2688 (JSC::AssignResolveNode::emitCode):
2690 2008-09-10 Maciej Stachowiak <mjs@apple.com>
2694 - enable polymorphic inline caching of properties of primitives
2696 1.012x speedup on SunSpider.
2698 We create special structure IDs for JSString and
2699 JSNumberCell. Unlike normal structure IDs, these cannot hold the
2700 true prototype. Due to JS autoboxing semantics, the prototype used
2701 when looking up string or number properties depends on the lexical
2702 global object of the call site, not the creation site. Thus we
2703 enable StructureIDs to handle this quirk for primitives.
2705 Everything else should be straightforward.
2708 (JSC::CTI::privateCompileGetByIdProto):
2709 (JSC::CTI::privateCompileGetByIdChain):
2711 (JSC::CTI::compileGetByIdProto):
2712 (JSC::CTI::compileGetByIdChain):
2713 * VM/JSPropertyNameIterator.h:
2714 (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2716 (JSC::Machine::Machine):
2717 (JSC::cachePrototypeChain):
2718 (JSC::Machine::tryCachePutByID):
2719 (JSC::Machine::tryCacheGetByID):
2720 (JSC::Machine::privateExecute):
2721 (JSC::Machine::tryCTICachePutByID):
2722 (JSC::Machine::tryCTICacheGetByID):
2723 * kjs/GetterSetter.h:
2724 (JSC::GetterSetter::GetterSetter):
2726 * kjs/JSGlobalData.cpp:
2727 (JSC::JSGlobalData::JSGlobalData):
2728 * kjs/JSGlobalData.h:
2729 * kjs/JSGlobalObject.h:
2730 (JSC::StructureID::prototypeForLookup):
2731 * kjs/JSNumberCell.h:
2732 (JSC::JSNumberCell::JSNumberCell):
2733 (JSC::jsNumberCell):
2735 (JSC::JSObject::prototype):
2739 (JSC::jsOwnedString):
2741 (JSC::JSString::JSString):
2743 (JSC::jsSingleCharacterString):
2744 (JSC::jsSingleCharacterSubstring):
2745 (JSC::jsNontrivialString):
2746 * kjs/SmallStrings.cpp:
2747 (JSC::SmallStrings::createEmptyString):
2748 (JSC::SmallStrings::createSingleCharacterString):
2749 * kjs/StructureID.cpp:
2750 (JSC::StructureID::StructureID):
2751 (JSC::StructureID::addPropertyTransition):
2752 (JSC::StructureID::getterSetterTransition):
2753 (JSC::StructureIDChain::StructureIDChain):
2754 * kjs/StructureID.h:
2755 (JSC::StructureID::create):
2756 (JSC::StructureID::storedPrototype):
2758 2008-09-09 Joerg Bornemann <joerg.bornemann@trolltech.com>
2760 Reviewed by Sam Weinig.
2762 https://bugs.webkit.org/show_bug.cgi?id=20746
2764 Added WINCE platform macro.
2768 2008-09-09 Sam Weinig <sam@webkit.org>
2770 Reviewed by Mark Rowe.
2772 Remove unnecessary override of getOffset.
2774 Sunspider reports this as a .6% progression.
2776 * JavaScriptCore.exp:
2778 (JSC::JSObject::getDirectLocation):
2779 (JSC::JSObject::getOwnPropertySlotForWrite):
2780 (JSC::JSObject::putDirect):
2781 * kjs/PropertyMap.cpp:
2782 * kjs/PropertyMap.h:
2784 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2786 Reviewed by Maciej Stachowiak.
2788 Bug 20759: Remove MacroAssembler
2789 <https://bugs.webkit.org/show_bug.cgi?id=20759>
2791 Remove MacroAssembler and move its functionality to X86Assembler.
2793 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2794 * JavaScriptCore.xcodeproj/project.pbxproj:
2796 (JSC::CTI::emitGetArg):
2797 (JSC::CTI::emitGetPutArg):
2798 (JSC::CTI::emitPutArg):
2799 (JSC::CTI::emitPutCTIParam):
2800 (JSC::CTI::emitGetCTIParam):
2801 (JSC::CTI::emitPutToCallFrameHeader):
2802 (JSC::CTI::emitGetFromCallFrameHeader):
2803 (JSC::CTI::emitPutResult):
2804 (JSC::CTI::emitDebugExceptionCheck):
2805 (JSC::CTI::emitJumpSlowCaseIfNotImm):
2806 (JSC::CTI::emitJumpSlowCaseIfNotImms):
2807 (JSC::CTI::emitFastArithDeTagImmediate):
2808 (JSC::CTI::emitFastArithReTagImmediate):
2809 (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
2810 (JSC::CTI::emitFastArithImmToInt):
2811 (JSC::CTI::emitFastArithIntToImmOrSlowCase):
2812 (JSC::CTI::emitFastArithIntToImmNoCheck):
2813 (JSC::CTI::compileOpCall):
2814 (JSC::CTI::emitSlowScriptCheck):
2815 (JSC::CTI::privateCompileMainPass):
2816 (JSC::CTI::privateCompileSlowCases):
2817 (JSC::CTI::privateCompile):
2818 (JSC::CTI::privateCompileGetByIdSelf):
2819 (JSC::CTI::privateCompileGetByIdProto):
2820 (JSC::CTI::privateCompileGetByIdChain):
2821 (JSC::CTI::privateCompilePutByIdReplace):
2822 (JSC::CTI::privateArrayLengthTrampoline):
2823 (JSC::CTI::privateStringLengthTrampoline):
2824 (JSC::CTI::compileRegExp):
2826 (JSC::CallRecord::CallRecord):
2827 (JSC::JmpTable::JmpTable):
2828 (JSC::SlowCaseEntry::SlowCaseEntry):
2829 (JSC::CTI::JSRInfo::JSRInfo):
2830 * masm/MacroAssembler.h: Removed.
2831 * masm/MacroAssemblerWin.cpp: Removed.
2832 * masm/X86Assembler.h:
2833 (JSC::X86Assembler::emitConvertToFastCall):
2834 (JSC::X86Assembler::emitRestoreArgumentReference):
2836 (JSC::WRECGenerator::WRECGenerator):
2837 (JSC::WRECParser::WRECParser):
2839 2008-09-09 Sam Weinig <sam@webkit.org>
2841 Reviewed by Cameron Zwarich.
2843 Don't waste the first item in the PropertyStorage.
2845 - Fix typo (makingCount -> markingCount)
2846 - Remove undefined method declaration.
2848 No change on Sunspider.
2851 (JSC::JSObject::mark):
2852 * kjs/PropertyMap.cpp:
2853 (JSC::PropertyMap::put):
2854 (JSC::PropertyMap::remove):
2855 (JSC::PropertyMap::getOffset):
2856 (JSC::PropertyMap::insert):
2857 (JSC::PropertyMap::rehash):
2858 (JSC::PropertyMap::resizePropertyStorage):
2859 (JSC::PropertyMap::checkConsistency):
2860 * kjs/PropertyMap.h:
2861 (JSC::PropertyMap::markingCount): Fix typo.
2863 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2867 Speculative Windows build fix.
2869 * masm/MacroAssemblerWin.cpp:
2870 (JSC::MacroAssembler::emitConvertToFastCall):
2871 (JSC::MacroAssembler::emitRestoreArgumentReference):
2873 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2875 Reviewed by Maciej Stachowiak.
2877 Bug 20755: Create an X86 namespace for register names and other things
2878 <https://bugs.webkit.org/show_bug.cgi?id=20755>
2880 Create an X86 namespace to put X86 register names. Perhaps I will move
2881 opcode names here later as well.
2884 (JSC::CTI::emitGetArg):
2885 (JSC::CTI::emitGetPutArg):
2886 (JSC::CTI::emitPutArg):
2887 (JSC::CTI::emitPutArgConstant):
2888 (JSC::CTI::emitPutCTIParam):
2889 (JSC::CTI::emitGetCTIParam):
2890 (JSC::CTI::emitPutToCallFrameHeader):
2891 (JSC::CTI::emitGetFromCallFrameHeader):
2892 (JSC::CTI::emitPutResult):
2893 (JSC::CTI::emitDebugExceptionCheck):
2894 (JSC::CTI::emitJumpSlowCaseIfNotImms):
2895 (JSC::CTI::compileOpCall):
2896 (JSC::CTI::emitSlowScriptCheck):
2897 (JSC::CTI::privateCompileMainPass):
2898 (JSC::CTI::privateCompileSlowCases):
2899 (JSC::CTI::privateCompile):
2900 (JSC::CTI::privateCompileGetByIdSelf):
2901 (JSC::CTI::privateCompileGetByIdProto):
2902 (JSC::CTI::privateCompileGetByIdChain):
2903 (JSC::CTI::privateCompilePutByIdReplace):
2904 (JSC::CTI::privateArrayLengthTrampoline):
2905 (JSC::CTI::privateStringLengthTrampoline):
2906 (JSC::CTI::compileRegExp):
2908 * masm/X86Assembler.h:
2910 (JSC::X86Assembler::emitModRm_rm):
2911 (JSC::X86Assembler::emitModRm_rm_Unchecked):
2912 (JSC::X86Assembler::emitModRm_rmsib):
2914 (JSC::WRECGenerator::generateNonGreedyQuantifier):
2915 (JSC::WRECGenerator::generateGreedyQuantifier):
2916 (JSC::WRECGenerator::generateParentheses):
2917 (JSC::WRECGenerator::generateBackreference):
2918 (JSC::WRECGenerator::gernerateDisjunction):
2921 2008-09-09 Sam Weinig <sam@webkit.org>
2923 Reviewed by Geoffrey Garen.
2925 Remove unnecessary friend declaration.
2927 * kjs/PropertyMap.h:
2929 2008-09-09 Sam Weinig <sam@webkit.org>
2931 Reviewed by Geoffrey Garen.
2933 Replace uses of PropertyMap::get and PropertyMap::getLocation with
2934 PropertyMap::getOffset.
2936 Sunspider reports this as a .6% improvement.
2938 * JavaScriptCore.exp:
2940 (JSC::JSObject::put):
2941 (JSC::JSObject::deleteProperty):
2942 (JSC::JSObject::getPropertyAttributes):
2944 (JSC::JSObject::getDirect):
2945 (JSC::JSObject::getDirectLocation):
2946 (JSC::JSObject::locationForOffset):
2947 * kjs/PropertyMap.cpp:
2948 (JSC::PropertyMap::remove):
2949 (JSC::PropertyMap::getOffset):
2950 * kjs/PropertyMap.h:
2952 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
2954 Reviewed by Sam Weinig.
2956 Bug 20754: Remove emit prefix from assembler opcode methods
2957 <https://bugs.webkit.org/show_bug.cgi?id=20754>
2960 (JSC::CTI::emitGetArg):
2961 (JSC::CTI::emitGetPutArg):
2962 (JSC::CTI::emitPutArg):
2963 (JSC::CTI::emitPutArgConstant):
2964 (JSC::CTI::emitPutCTIParam):
2965 (JSC::CTI::emitGetCTIParam):
2966 (JSC::CTI::emitPutToCallFrameHeader):
2967 (JSC::CTI::emitGetFromCallFrameHeader):
2968 (JSC::CTI::emitPutResult):
2969 (JSC::CTI::emitDebugExceptionCheck):
2970 (JSC::CTI::emitCall):
2971 (JSC::CTI::emitJumpSlowCaseIfNotImm):
2972 (JSC::CTI::emitJumpSlowCaseIfNotImms):
2973 (JSC::CTI::emitFastArithDeTagImmediate):
2974 (JSC::CTI::emitFastArithReTagImmediate):
2975 (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
2976 (JSC::CTI::emitFastArithImmToInt):
2977 (JSC::CTI::emitFastArithIntToImmOrSlowCase):
2978 (JSC::CTI::emitFastArithIntToImmNoCheck):
2979 (JSC::CTI::compileOpCall):
2980 (JSC::CTI::emitSlowScriptCheck):
2981 (JSC::CTI::privateCompileMainPass):
2982 (JSC::CTI::privateCompileSlowCases):
2983 (JSC::CTI::privateCompile):
2984 (JSC::CTI::privateCompileGetByIdSelf):
2985 (JSC::CTI::privateCompileGetByIdProto):
2986 (JSC::CTI::privateCompileGetByIdChain):
2987 (JSC::CTI::privateCompilePutByIdReplace):
2988 (JSC::CTI::privateArrayLengthTrampoline):
2989 (JSC::CTI::privateStringLengthTrampoline):
2990 (JSC::CTI::compileRegExp):
2991 * masm/MacroAssemblerWin.cpp:
2992 (JSC::MacroAssembler::emitConvertToFastCall):
2993 (JSC::MacroAssembler::emitRestoreArgumentReference):
2994 * masm/X86Assembler.h:
2995 (JSC::X86Assembler::pushl_r):
2996 (JSC::X86Assembler::pushl_m):
2997 (JSC::X86Assembler::popl_r):
2998 (JSC::X86Assembler::popl_m):
2999 (JSC::X86Assembler::movl_rr):
3000 (JSC::X86Assembler::addl_rr):
3001 (JSC::X86Assembler::addl_i8r):
3002 (JSC::X86Assembler::addl_i32r):
3003 (JSC::X86Assembler::addl_mr):
3004 (JSC::X86Assembler::andl_rr):
3005 (JSC::X86Assembler::andl_i32r):
3006 (JSC::X86Assembler::cmpl_i8r):
3007 (JSC::X86Assembler::cmpl_rr):
3008 (JSC::X86Assembler::cmpl_rm):
3009 (JSC::X86Assembler::cmpl_i32r):
3010 (JSC::X86Assembler::cmpl_i32m):
3011 (JSC::X86Assembler::cmpw_rm):
3012 (JSC::X86Assembler::orl_rr):
3013 (JSC::X86Assembler::subl_rr):
3014 (JSC::X86Assembler::subl_i8r):
3015 (JSC::X86Assembler::subl_i32r):
3016 (JSC::X86Assembler::subl_mr):
3017 (JSC::X86Assembler::testl_i32r):
3018 (JSC::X86Assembler::testl_rr):
3019 (JSC::X86Assembler::xorl_i8r):
3020 (JSC::X86Assembler::xorl_rr):
3021 (JSC::X86Assembler::sarl_i8r):
3022 (JSC::X86Assembler::sarl_CLr):
3023 (JSC::X86Assembler::shl_i8r):
3024 (JSC::X86Assembler::shll_CLr):
3025 (JSC::X86Assembler::mull_rr):
3026 (JSC::X86Assembler::idivl_r):
3027 (JSC::X86Assembler::cdq):
3028 (JSC::X86Assembler::movl_mr):
3029 (JSC::X86Assembler::movzwl_mr):
3030 (JSC::X86Assembler::movl_rm):
3031 (JSC::X86Assembler::movl_i32r):
3032 (JSC::X86Assembler::movl_i32m):
3033 (JSC::X86Assembler::leal_mr):
3034 (JSC::X86Assembler::ret):
3035 (JSC::X86Assembler::jmp_r):
3036 (JSC::X86Assembler::jmp_m):
3037 (JSC::X86Assembler::call_r):
3039 (JSC::WRECGenerator::generateBacktrack1):
3040 (JSC::WRECGenerator::generateBacktrackBackreference):
3041 (JSC::WRECGenerator::generateBackreferenceQuantifier):
3042 (JSC::WRECGenerator::generateNonGreedyQuantifier):
3043 (JSC::WRECGenerator::generateGreedyQuantifier):
3044 (JSC::WRECGenerator::generatePatternCharacter):
3045 (JSC::WRECGenerator::generateCharacterClassInvertedRange):
3046 (JSC::WRECGenerator::generateCharacterClassInverted):
3047 (JSC::WRECGenerator::generateCharacterClass):
3048 (JSC::WRECGenerator::generateParentheses):
3049 (JSC::WRECGenerator::gererateParenthesesResetTrampoline):
3050 (JSC::WRECGenerator::generateAssertionBOL):
3051 (JSC::WRECGenerator::generateAssertionEOL):
3052 (JSC::WRECGenerator::generateAssertionWordBoundary):
3053 (JSC::WRECGenerator::generateBackreference):
3054 (JSC::WRECGenerator::gernerateDisjunction):
3056 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3058 Reviewed by Maciej Stachowiak.
3060 Clean up the WREC code some more.
3063 (JSC::CTI::compileRegExp):
3065 (JSC::getCharacterClassNewline):
3066 (JSC::getCharacterClassDigits):
3067 (JSC::getCharacterClassSpaces):
3068 (JSC::getCharacterClassWordchar):
3069 (JSC::getCharacterClassNondigits):
3070 (JSC::getCharacterClassNonspaces):
3071 (JSC::getCharacterClassNonwordchar):
3072 (JSC::WRECGenerator::generateBacktrack1):
3073 (JSC::WRECGenerator::generateBacktrackBackreference):
3074 (JSC::WRECGenerator::generateBackreferenceQuantifier):
3075 (JSC::WRECGenerator::generateNonGreedyQuantifier):
3076 (JSC::WRECGenerator::generateGreedyQuantifier):
3077 (JSC::WRECGenerator::generatePatternCharacter):
3078 (JSC::WRECGenerator::generateCharacterClassInvertedRange):
3079 (JSC::WRECGenerator::generateCharacterClassInverted):
3080 (JSC::WRECGenerator::generateCharacterClass):
3081 (JSC::WRECGenerator::generateParentheses):
3082 (JSC::WRECGenerator::gererateParenthesesResetTrampoline):
3083 (JSC::WRECGenerator::generateAssertionBOL):
3084 (JSC::WRECGenerator::generateAssertionEOL):
3085 (JSC::WRECGenerator::generateAssertionWordBoundary):
3086 (JSC::WRECGenerator::generateBackreference):
3087 (JSC::WRECGenerator::gernerateDisjunction):
3088 (JSC::WRECParser::parseCharacterClass):
3089 (JSC::WRECParser::parseEscape):
3090 (JSC::WRECParser::parseTerm):
3093 2008-09-09 Mark Rowe <mrowe@apple.com>
3095 Build fix, rubber-stamped by Anders Carlsson.
3097 Silence spurious build warnings about missing format attributes on functions in Assertions.cpp.
3099 * JavaScriptCore.xcodeproj/project.pbxproj:
3101 2008-09-09 Mark Rowe <mrowe@apple.com>
3103 Rubber-stamped by Oliver Hunt.
3105 Fix builds using the "debug" variant.
3107 This reverts r36130 and tweaks Identifier to export the same symbols for Debug
3108 and Release configurations.
3110 * Configurations/JavaScriptCore.xcconfig:
3111 * DerivedSources.make:
3112 * JavaScriptCore.Debug.exp: Removed.
3113 * JavaScriptCore.base.exp: Removed.
3114 * JavaScriptCore.exp: Added.
3115 * JavaScriptCore.xcodeproj/project.pbxproj:
3116 * kjs/identifier.cpp:
3117 (JSC::Identifier::addSlowCase): #ifdef the call to checkSameIdentifierTable so that
3118 there is no overhead in Release builds.
3119 (JSC::Identifier::checkSameIdentifierTable): Add empty functions for Release builds.
3121 (JSC::Identifier::add): #ifdef the calls to checkSameIdentifierTable so that there is
3122 no overhead in Release builds, and remove the inline definitions of checkSameIdentifierTable.
3124 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3126 Reviewed by Maciej Stachowiak.
3128 Clean up WREC a bit to bring it closer to our coding style guidelines.
3132 (JSC::getCharacterClass_newline):
3133 (JSC::getCharacterClass_d):
3134 (JSC::getCharacterClass_s):
3135 (JSC::getCharacterClass_w):
3136 (JSC::getCharacterClass_D):
3137 (JSC::getCharacterClass_S):
3138 (JSC::getCharacterClass_W):
3139 (JSC::CharacterClassConstructor::append):
3140 (JSC::WRECGenerator::generateNonGreedyQuantifier):
3141 (JSC::WRECGenerator::generateGreedyQuantifier):
3142 (JSC::WRECGenerator::generateCharacterClassInverted):
3143 (JSC::WRECParser::parseQuantifier):
3144 (JSC::WRECParser::parsePatternCharacterQualifier):
3145 (JSC::WRECParser::parseCharacterClassQuantifier):
3146 (JSC::WRECParser::parseBackreferenceQuantifier):
3148 (JSC::Quantifier::):
3149 (JSC::Quantifier::Quantifier):
3151 2008-09-09 Jungshik Shin <jungshik.shin@gmail.com>
3153 Reviewed by Alexey Proskuryakov.
3155 Try MIME charset names before trying IANA names
3156 ( https://bugs.webkit.org/show_bug.cgi?id=17537 )
3158 * wtf/StringExtras.h: (strcasecmp): Added.
3160 2008-09-09 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3162 Reviewed by Mark Rowe.
3164 Bug 20719: REGRESSION (r36135-36244): Hangs, then crashes after several seconds
3165 <https://bugs.webkit.org/show_bug.cgi?id=20719>
3166 <rdar://problem/6205787>
3168 Fix a typo in the case-insensitive matching of character patterns.
3171 (JSC::WRECGenerator::generatePatternCharacter):
3173 2008-09-09 Maciej Stachowiak <mjs@apple.com>
3175 Reviewed by Sam Weinig.
3177 - allow polymorphic inline cache to handle Math object functions and possibly other similar things
3179 1.012x speedup on SunSpider.
3181 * kjs/MathObject.cpp:
3182 (JSC::MathObject::getOwnPropertySlot):
3184 (JSC::setUpStaticFunctionSlot):
3186 (JSC::getStaticPropertySlot):
3188 2008-09-08 Sam Weinig <sam@webkit.org>
3190 Reviewed by Maciej Stachowiak and Oliver Hunt.
3192 Split storage of properties out of the PropertyMap and into the JSObject
3193 to allow sharing PropertyMap on the StructureID. In order to get this
3194 function correctly, the StructureID's transition mappings were changed to
3195 transition based on property name and attribute pairs, instead of just
3198 - Removes the single property optimization now that the PropertyMap is shared.
3199 This will be replaced by in-lining some values on the JSObject.
3201 This is a wash on Sunspider and a 6.7% win on the v8 test suite.
3203 * JavaScriptCore.base.exp:
3205 (JSC::CTI::privateCompileGetByIdSelf): Get the storage directly off the JSObject.
3206 (JSC::CTI::privateCompileGetByIdProto): Ditto.
3207 (JSC::CTI::privateCompileGetByIdChain): Ditto.
3208 (JSC::CTI::privateCompilePutByIdReplace): Ditto.
3210 (JSC::JSObject::mark): Mark the PropertyStorage.
3211 (JSC::JSObject::put): Update to get the propertyMap of the StructureID.
3212 (JSC::JSObject::deleteProperty): Ditto.
3213 (JSC::JSObject::defineGetter): Return early if the property is already a getter/setter.
3214 (JSC::JSObject::defineSetter): Ditto.
3215 (JSC::JSObject::getPropertyAttributes): Update to get the propertyMap of the StructureID
3216 (JSC::JSObject::getPropertyNames): Ditto.
3217 (JSC::JSObject::removeDirect): Ditto.
3218 * kjs/JSObject.h: Remove PropertyMap and add PropertyStorage.
3219 (JSC::JSObject::propertyStorage): return the PropertyStorage.
3220 (JSC::JSObject::getDirect): Update to get the propertyMap of the StructureID.
3221 (JSC::JSObject::getDirectLocation): Ditto.
3222 (JSC::JSObject::offsetForLocation): Compute location directly.
3223 (JSC::JSObject::hasCustomProperties): Update to get the propertyMap of the StructureID.
3224 (JSC::JSObject::hasGetterSetterProperties): Ditto.
3225 (JSC::JSObject::getDirectOffset): Get by indexing into PropertyStorage.
3226 (JSC::JSObject::putDirectOffset): Put by indexing into PropertyStorage.
3227 (JSC::JSObject::getOwnPropertySlotForWrite): Update to get the propertyMap of the StructureID.
3228 (JSC::JSObject::getOwnPropertySlot): Ditto.
3229 (JSC::JSObject::putDirect): Move putting into the StructureID unless the property already exists.
3230 * kjs/PropertyMap.cpp: Use the propertyStorage as the storage for the JSValues.
3231 (JSC::PropertyMap::checkConsistency):
3232 (JSC::PropertyMap::operator=):
3233 (JSC::PropertyMap::~PropertyMap):
3234 (JSC::PropertyMap::get):
3235 (JSC::PropertyMap::getLocation):
3236 (JSC::PropertyMap::put):
3237 (JSC::PropertyMap::getOffset):
3238 (JSC::PropertyMap::insert):
3239 (JSC::PropertyMap::expand):
3240 (JSC::PropertyMap::rehash):
3241 (JSC::PropertyMap::createTable):
3242 (JSC::PropertyMap::resizePropertyStorage): Resize the storage to match the size of the map
3243 (JSC::PropertyMap::remove):
3244 (JSC::PropertyMap::getEnumerablePropertyNames):
3245 * kjs/PropertyMap.h:
3246 (JSC::PropertyMapEntry::PropertyMapEntry):
3247 (JSC::PropertyMap::isEmpty):
3248 (JSC::PropertyMap::size):
3249 (JSC::PropertyMap::makingCount):
3250 (JSC::PropertyMap::PropertyMap):
3252 * kjs/StructureID.cpp:
3253 (JSC::StructureID::addPropertyTransition): Transitions now are based off the property name
3255 (JSC::StructureID::toDictionaryTransition): Copy the map.
3256 (JSC::StructureID::changePrototypeTransition): Copy the map.
3257 (JSC::StructureID::getterSetterTransition): Copy the map.
3258 (JSC::StructureID::~StructureID):
3259 * kjs/StructureID.h:
3260 (JSC::TransitionTableHash::hash): Custom hash for transition map.
3261 (JSC::TransitionTableHash::equal): Ditto.
3262 (JSC::TransitionTableHashTraits::emptyValue): Custom traits for transition map
3263 (JSC::TransitionTableHashTraits::constructDeletedValue): Ditto.
3264 (JSC::TransitionTableHashTraits::isDeletedValue): Ditto.
3265 (JSC::StructureID::propertyMap): Added.
3267 2008-09-08 Oliver Hunt <oliver@apple.com>
3269 Reviewed by Mark Rowe.
3271 Bug 20694: Slow Script error pops up when running Dromaeo tests
3273 Correct error in timeout logic where execution tick count would
3274 be reset to incorrect value due to incorrect offset and indirection.
3275 Codegen for the slow script dialog was factored out into a separate
3276 method (emitSlowScriptCheck) rather than having multiple copies of
3277 the same code. Also added calls to generate slow script checks
3278 for loop_if_less and loop_if_true opcodes.
3281 (JSC::CTI::emitSlowScriptCheck):
3282 (JSC::CTI::privateCompileMainPass):
3283 (JSC::CTI::privateCompileSlowCases):
3286 2008-09-08 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3288 Reviewed by Maciej Stachowiak.
3290 Remove references to the removed WRECompiler class.
3295 2008-09-08 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3297 Rubber-stamped by Mark Rowe.
3299 Fix the build with CTI enabled but WREC disabled.
3304 2008-09-08 Dan Bernstein <mitz@apple.com>
3309 (JSC::StatementNode::):
3312 2008-09-08 Kevin McCullough <kmccullough@apple.com>
3316 <rdar://problem/6134407> Breakpoints in for loops, while loops or
3317 conditions without curly braces don't break. (19306)
3318 -Statement Lists already emit debug hooks but conditionals without
3319 brackets are not lists.
3322 (KJS::IfNode::emitCode):
3323 (KJS::IfElseNode::emitCode):
3324 (KJS::DoWhileNode::emitCode):
3325 (KJS::WhileNode::emitCode):
3326 (KJS::ForNode::emitCode):
3327 (KJS::ForInNode::emitCode):
3329 (KJS::StatementNode::):
3332 2008-09-08 Maciej Stachowiak <mjs@apple.com>
3334 Reviewed by Anders Carlsson.
3336 - Cache the code generated for eval to speed up SunSpider and web sites
3337 https://bugs.webkit.org/show_bug.cgi?id=20718
3340 2.29x on date-format-tofte
3342 Lots of real sites seem to get many hits on this cache as well,
3343 including GMail, Google Spreadsheets, Slate and Digg (the last of
3344 these gets over 100 hits on initial page load).
3347 (JSC::EvalCodeCache::get):
3349 (JSC::Machine::callEval):
3350 (JSC::Machine::privateExecute):
3351 (JSC::Machine::cti_op_call_eval):
3354 2008-09-07 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3356 Reviewed by Oliver Hunt.
3358 Bug 20711: Change KJS prefix on preprocessor macros to JSC
3359 <https://bugs.webkit.org/show_bug.cgi?id=20711>
3361 * kjs/CommonIdentifiers.cpp:
3362 (JSC::CommonIdentifiers::CommonIdentifiers):
3363 * kjs/CommonIdentifiers.h:
3364 * kjs/PropertySlot.h:
3365 (JSC::PropertySlot::getValue):
3366 (JSC::PropertySlot::putValue):
3367 (JSC::PropertySlot::setValueSlot):
3368 (JSC::PropertySlot::setValue):
3369 (JSC::PropertySlot::setRegisterSlot):
3374 (JSC::ExpressionNode::):
3375 (JSC::StatementNode::):
3377 (JSC::BooleanNode::):
3378 (JSC::NumberNode::):
3379 (JSC::ImmediateNumberNode::):
3380 (JSC::StringNode::):
3381 (JSC::RegExpNode::):
3383 (JSC::ResolveNode::):
3384 (JSC::ElementNode::):
3386 (JSC::PropertyNode::):
3387 (JSC::PropertyListNode::):
3388 (JSC::ObjectLiteralNode::):
3389 (JSC::BracketAccessorNode::):
3390 (JSC::DotAccessorNode::):
3391 (JSC::ArgumentListNode::):
3392 (JSC::ArgumentsNode::):
3393 (JSC::NewExprNode::):
3394 (JSC::EvalFunctionCallNode::):
3395 (JSC::FunctionCallValueNode::):
3396 (JSC::FunctionCallResolveNode::):
3397 (JSC::FunctionCallBracketNode::):
3398 (JSC::FunctionCallDotNode::):
3399 (JSC::PrePostResolveNode::):
3400 (JSC::PostfixResolveNode::):
3401 (JSC::PostfixBracketNode::):
3402 (JSC::PostfixDotNode::):
3403 (JSC::PostfixErrorNode::):
3404 (JSC::DeleteResolveNode::):
3405 (JSC::DeleteBracketNode::):
3406 (JSC::DeleteDotNode::):
3407 (JSC::DeleteValueNode::):
3409 (JSC::TypeOfResolveNode::):
3410 (JSC::TypeOfValueNode::):
3411 (JSC::PrefixResolveNode::):
3412 (JSC::PrefixBracketNode::):
3413 (JSC::PrefixDotNode::):
3414 (JSC::PrefixErrorNode::):
3415 (JSC::UnaryPlusNode::):
3416 (JSC::NegateNode::):
3417 (JSC::BitwiseNotNode::):
3418 (JSC::LogicalNotNode::):
3424 (JSC::LeftShiftNode::):
3425 (JSC::RightShiftNode::):
3426 (JSC::UnsignedRightShiftNode::):
3428 (JSC::GreaterNode::):
3429 (JSC::LessEqNode::):
3430 (JSC::GreaterEqNode::):
3431 (JSC::ThrowableBinaryOpNode::):
3432 (JSC::InstanceOfNode::):
3435 (JSC::NotEqualNode::):
3436 (JSC::StrictEqualNode::):
3437 (JSC::NotStrictEqualNode::):
3438 (JSC::BitAndNode::):
3440 (JSC::BitXOrNode::):
3441 (JSC::LogicalOpNode::):
3442 (JSC::ConditionalNode::):
3443 (JSC::ReadModifyResolveNode::):
3444 (JSC::AssignResolveNode::):
3445 (JSC::ReadModifyBracketNode::):
3446 (JSC::AssignBracketNode::):
3447 (JSC::AssignDotNode::):
3448 (JSC::ReadModifyDotNode::):
3449 (JSC::AssignErrorNode::):
3451 (JSC::VarDeclCommaNode::):
3452 (JSC::ConstDeclNode::):
3453 (JSC::ConstStatementNode::):
3454 (JSC::EmptyStatementNode::):
3455 (JSC::DebuggerStatementNode::):
3456 (JSC::ExprStatementNode::):
3457 (JSC::VarStatementNode::):
3459 (JSC::IfElseNode::):
3460 (JSC::DoWhileNode::):
3463 (JSC::ContinueNode::):
3465 (JSC::ReturnNode::):
3470 (JSC::ParameterNode::):
3472 (JSC::ProgramNode::):
3474 (JSC::FunctionBodyNode::):
3475 (JSC::FuncExprNode::):
3476 (JSC::FuncDeclNode::):
3477 (JSC::CaseClauseNode::):
3478 (JSC::ClauseListNode::):
3479 (JSC::CaseBlockNode::):
3480 (JSC::SwitchNode::):
3482 2008-09-07 Cameron Zwarich <cwzwarich@uwaterloo.ca>
3484 Reviewed by Maciej Stachowiak.
3486 Bug 20704: Replace the KJS namespace
3487 <https://bugs.webkit.org/show_bug.cgi?id=20704>
3489 Rename the KJS namespace to JSC. There are still some uses of KJS in
3490 preprocessor macros and comments, but these will also be changed some
3491 time in the near future.
3498 * API/JSCallbackConstructor.cpp:
3499 * API/JSCallbackConstructor.h:
3500 * API/JSCallbackFunction.cpp:
3501 * API/JSCallbackFunction.h:
3502 * API/JSCallbackObject.cpp:
3503 * API/JSCallbackObject.h:
3504 * API/JSCallbackObjectFunctions.h:
3505 * API/JSClassRef.cpp:
3506 (OpaqueJSClass::staticValues):
3507 (OpaqueJSClass::staticFunctions):
3509 * API/JSContextRef.cpp:
3510 * API/JSObjectRef.cpp:
3511 * API/JSProfilerPrivate.cpp:
3512 * API/JSStringRef.cpp:
3513 * API/JSValueRef.cpp:
3515 * API/OpaqueJSString.cpp:
3516 * API/OpaqueJSString.h:
3517 * JavaScriptCore.Debug.exp:
3518 * JavaScriptCore.base.exp:
3524 * VM/CodeGenerator.cpp:
3525 * VM/CodeGenerator.h:
3526 * VM/ExceptionHelpers.cpp:
3527 * VM/ExceptionHelpers.h:
3529 * VM/JSPropertyNameIterator.cpp:
3530 * VM/JSPropertyNameIterator.h:
3538 * VM/RegisterFile.cpp:
3539 * VM/RegisterFile.h:
3542 * VM/SamplingTool.cpp:
3543 * VM/SamplingTool.h:
3544 * VM/SegmentedVector.h:
3547 * kjs/Arguments.cpp:
3549 * kjs/ArrayConstructor.cpp:
3550 * kjs/ArrayConstructor.h:
3551 * kjs/ArrayPrototype.cpp:
3552 * kjs/ArrayPrototype.h:
3553 * kjs/BatchedTransitionOptimizer.h:
3554 * kjs/BooleanConstructor.cpp:
3555 * kjs/BooleanConstructor.h:
3556 * kjs/BooleanObject.cpp:
3557 * kjs/BooleanObject.h:
3558 * kjs/BooleanPrototype.cpp:
3559 * kjs/BooleanPrototype.h:
3563 * kjs/CommonIdentifiers.cpp:
3564 * kjs/CommonIdentifiers.h:
3565 * kjs/ConstructData.cpp:
3566 * kjs/ConstructData.h:
3567 * kjs/DateConstructor.cpp:
3568 * kjs/DateConstructor.h:
3569 * kjs/DateInstance.cpp:
3570 (JSC::DateInstance::msToGregorianDateTime):
3571 * kjs/DateInstance.h:
3574 * kjs/DatePrototype.cpp:
3575 * kjs/DatePrototype.h:
3576 * kjs/DebuggerCallFrame.cpp:
3577 * kjs/DebuggerCallFrame.h:
3580 * kjs/ErrorConstructor.cpp:
3581 * kjs/ErrorConstructor.h:
3582 * kjs/ErrorInstance.cpp:
3583 * kjs/ErrorInstance.h:
3584 * kjs/ErrorPrototype.cpp:
3585 * kjs/ErrorPrototype.h:
3586 * kjs/ExecState.cpp:
3588 * kjs/FunctionConstructor.cpp:
3589 * kjs/FunctionConstructor.h:
3590 * kjs/FunctionPrototype.cpp:
3591 * kjs/FunctionPrototype.h:
3592 * kjs/GetterSetter.cpp:
3593 * kjs/GetterSetter.h:
3594 * kjs/GlobalEvalFunction.cpp:
3595 * kjs/GlobalEvalFunction.h:
3596 * kjs/IndexToNameMap.cpp:
3597 * kjs/IndexToNameMap.h:
3598 * kjs/InitializeThreading.cpp:
3599 * kjs/InitializeThreading.h:
3600 * kjs/InternalFunction.cpp:
3601 * kjs/InternalFunction.h:
3602 (JSC::InternalFunction::InternalFunction):
3603 * kjs/JSActivation.cpp:
3604 * kjs/JSActivation.h:
3609 * kjs/JSFunction.cpp:
3611 (JSC::JSFunction::JSFunction):
3612 * kjs/JSGlobalData.cpp:
3613 (JSC::JSGlobalData::JSGlobalData):
3614 * kjs/JSGlobalData.h:
3615 * kjs/JSGlobalObject.cpp:
3616 * kjs/JSGlobalObject.h:
3617 * kjs/JSGlobalObjectFunctions.cpp:
3618 * kjs/JSGlobalObjectFunctions.h:
3619 * kjs/JSImmediate.cpp:
3620 * kjs/JSImmediate.h:
3623 * kjs/JSNotAnObject.cpp:
3624 * kjs/JSNotAnObject.h:
3625 * kjs/JSNumberCell.cpp:
3626 * kjs/JSNumberCell.h:
3629 * kjs/JSStaticScopeObject.cpp:
3630 * kjs/JSStaticScopeObject.h:
3636 * kjs/JSVariableObject.cpp:
3637 * kjs/JSVariableObject.h:
3638 * kjs/JSWrapperObject.cpp:
3639 * kjs/JSWrapperObject.h: