1. 25 Aug, 2010 1 commit
  2. 18 Aug, 2010 1 commit
    • barraclough@apple.com's avatar
      Bug 44146 - Remove toDouble/toUInt32 methods from UString. · 794f4617
      barraclough@apple.com authored
      Reviewed by Sam Weinig.
      
      JavaScriptCore: 
      
      These methods all implement JavaScript language specific behaviour, and as such
      are not suited to being on a generic string object.  They are also inefficient
      and incorrectly used, refactor & cleanup.  Uses of these methods really divide
      out into two cases.
      
      ToNumber:
      Uses of toDouble from JSString and from parseFloat are implementing ecma's
      ToNumber conversion from strings (see ecma-262 9.3.1), so UString::toDouble
      should largely just be moved out to a global jsToNumber function.  ToNumber is
      capable of recognizing either decimal or hexadecimal numbers, but parseFloat
      should only recognize decimal values.  This is currently handled by testing for
      hexadecimal before calling toDouble, which should unnecessary - instead we can
      just split out the two parts to the grammar into separate functions. Also,
      strtod recognizes a set of literals (nan, inf, and infinity - all with any
      capitalization) - which are not defined by any of the specs we are implementing.
      To handle this we need to perform additional work in toDouble to convert the
      unsupported cases of infinities back to NaNs.  Instead we should simply remove
      support for this literals from strtod.  This should provide a more desirable
      behaviour for all clients of strtod.
      
      Indexed properties:
      Uses of the toStrictUInt32 methods are were all converting property names to
      indices, and all uses of toUInt32 were incorrect; in all cases we should have
      been calling toUInt32.  This error results in some incorrect behaviour in the
      DOM (accessing property "0 " of a NodeList should fail; it currently does not).
      Move this method onto Identifier (our canonical property name), and make it
      always perform a strict conversion. Add a layout test to check NodeList does
      convert indexed property names correctly.
      
      * JavaScriptCore.exp:
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlot):
      (JSC::Arguments::getOwnPropertyDescriptor):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      * runtime/Identifier.cpp:
      (JSC::Identifier::toUInt32):
      * runtime/Identifier.h:
      (JSC::Identifier::toUInt32):
      * runtime/JSArray.cpp:
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      * runtime/JSArray.h:
      (JSC::Identifier::toArrayIndex):
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::getOwnPropertySlot):
      (JSC::JSByteArray::getOwnPropertyDescriptor):
      (JSC::JSByteArray::put):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::isInfinity):
      (JSC::jsHexIntegerLiteral):
      (JSC::jsStrDecimalLiteral):
      (JSC::jsToNumber):
      (JSC::parseFloat):
      * runtime/JSGlobalObjectFunctions.h:
      * runtime/JSString.cpp:
      (JSC::JSString::getPrimitiveNumber):
      (JSC::JSString::toNumber):
      (JSC::JSString::getStringPropertyDescriptor):
      * runtime/JSString.h:
      (JSC::JSString::getStringPropertySlot):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::put):
      * runtime/StringObject.cpp:
      (JSC::StringObject::deleteProperty):
      * runtime/UString.cpp:
      * runtime/UString.h:
      * wtf/dtoa.cpp:
      (WTF::strtod):
      
      WebCore: 
      
      These methods all implement JavaScript language specific behaviour, and as such
      are not suited to being on a generic string object.  They are also inefficient
      and incorrectly used, refactor & cleanup.  Uses of these methods really divide
      out into two cases.
      
      ToNumber:
      Uses of toDouble from JSString and from parseFloat are implementing ecma's
      ToNumber conversion from strings (see ecma-262 9.3.1), so UString::toDouble
      should largely just be moved out to a global jsToNumber function.  ToNumber is
      capable of recognizing either decimal or hexadecimal numbers, but parseFloat
      should only recognize decimal values.  This is currently handled by testing for
      hexadecimal before calling toDouble, which should unnecessary - instead we can
      just split out the two parts to the grammar into separate functions. Also,
      strtod recognizes a set of literals (nan, inf, and infinity - all with any
      capitalization) - which are not defined by any of the specs we are implementing.
      To handle this we need to perform additional work in toDouble to convert the
      unsupported cases of infinities back to NaNs.  Instead we should simply remove
      support for this literals from strtod.  This should provide a more desirable
      behaviour for all clients of strtod.
      
      Indexed properties:
      Uses of the toStrictUInt32 methods are were all converting property names to
      indices, and all uses of toUInt32 were incorrect; in all cases we should have
      been calling toUInt32.  This error results in some incorrect behaviour in the
      DOM (accessing property "0 " of a NodeList should fail; it currently does not).
      Move this method onto Identifier (our canonical property name), and make it
      always perform a strict conversion. Add a layout test to check NodeList does
      convert indexed property names correctly.
      
      Test: fast/dom/NodeList/nodelist-item-with-index.html
      
      * WebCore.xcodeproj/project.pbxproj:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      * bindings/js/JSHTMLAllCollectionCustom.cpp:
      (WebCore::callHTMLAllCollection):
      (WebCore::JSHTMLAllCollection::item):
      * bindings/js/JSHTMLCollectionCustom.cpp:
      (WebCore::callHTMLCollection):
      (WebCore::JSHTMLCollection::item):
      * bindings/js/JSNodeListCustom.cpp:
      (WebCore::callNodeList):
      * bindings/scripts/CodeGeneratorJS.pm:
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::getOwnPropertySlot):
      (JSC::RuntimeArray::getOwnPropertyDescriptor):
      (JSC::RuntimeArray::put):
      
      LayoutTests: 
      
      Test that indexing into nodelists works correctly, particularly
      wrt indices passed as strings that contain whitespace.
      
      * fast/dom/NodeList/nodelist-item-with-index-expected.txt: Added.
      * fast/dom/NodeList/nodelist-item-with-index.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65588 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      794f4617
  3. 13 Aug, 2010 3 commits
    • loki@webkit.org's avatar
      Avoid increasing required alignment of target type warning on ARM · 7534a3fa
      loki@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=38045
      
      Reviewed by Gavin Barraclough.
      
      The reinterpret_cast<Type1*>([pointer to Type2]) expressions - where
      sizeof(Type1) > sizeof(Type2) - cause the following warning on ARM:
      increases required alignment of target type warnings.
      Casting the type of [pointer to Type2] object to void* bypasses the
      warning.
      
      * JavaScriptCore/assembler/ARMAssembler.cpp:
      (JSC::ARMAssembler::executableCopy):
      * JavaScriptCore/assembler/AssemblerBuffer.h:
      (JSC::AssemblerBuffer::putShortUnchecked):
      (JSC::AssemblerBuffer::putIntUnchecked):
      (JSC::AssemblerBuffer::putInt64Unchecked):
      * JavaScriptCore/interpreter/RegisterFile.h:
      (JSC::RegisterFile::RegisterFile):
      (JSC::RegisterFile::grow):
      * JavaScriptCore/jit/JITStubs.cpp:
      * JavaScriptCore/pcre/pcre_compile.cpp:
      (jsRegExpCompile):
      * JavaScriptCore/runtime/JSArray.cpp:
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::increaseVectorLength):
      (JSC::JSArray::increaseVectorPrefixLength):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      * JavaScriptCore/wtf/FastMalloc.cpp:
      (WTF::PageHeapAllocator::New):
      (WTF::TCMalloc_Central_FreeList::Populate):
      * wtf/MD5.cpp:
      (WTF::reverseBytes):
      (WTF::MD5::addBytes):
      (WTF::MD5::checksum):
      * JavaScriptCore/wtf/StdLibExtras.h:
      (isPointerTypeAlignmentOkay):
      (reinterpret_cast_ptr):
      * JavaScriptCore/wtf/Vector.h:
      (WTF::VectorBuffer::inlineBuffer):
      * JavaScriptCore/wtf/qt/StringQt.cpp:
      (WTF::String::String):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65311 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7534a3fa
    • barraclough@apple.com's avatar
      Unify UString::UTF8String() & String::utf8() methods, · 3158a387
      barraclough@apple.com authored
      remove UString::cost() & make atArrayIndex a free function.
      
      Reviewed by Sam Weinig
      
      JavaScriptCore: 
      
      * JavaScriptCore.exp:
      * bytecode/CodeBlock.cpp:
      (JSC::constantName):
      (JSC::idName):
      (JSC::CodeBlock::registerName):
      (JSC::regexpName):
      (JSC::printGlobalResolveInfo):
      (JSC::printStructureStubInfo):
      (JSC::CodeBlock::printStructure):
      (JSC::CodeBlock::printStructures):
      * jsc.cpp:
      (functionPrint):
      (functionDebug):
      (runInteractive):
      (fillBufferWithContentsOfFile):
      * pcre/pcre_exec.cpp:
      (Histogram::~Histogram):
      * profiler/CallIdentifier.h:
      (JSC::CallIdentifier::c_str):
      * profiler/Profile.cpp:
      (JSC::Profile::debugPrintDataSampleStyle):
      * profiler/ProfileGenerator.cpp:
      (JSC::ProfileGenerator::willExecute):
      (JSC::ProfileGenerator::didExecute):
      * profiler/ProfileNode.cpp:
      (JSC::ProfileNode::debugPrintData):
      (JSC::ProfileNode::debugPrintDataSampleStyle):
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlot):
      (JSC::Arguments::getOwnPropertyDescriptor):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      * runtime/DateConversion.cpp:
      (JSC::parseDate):
      * runtime/Identifier.h:
      (JSC::Identifier::toStrictUInt32):
      * runtime/JSArray.cpp:
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      * runtime/JSArray.h:
      (JSC::toArrayIndex):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::encode):
      (JSC::parseInt):
      (JSC::globalFuncJSCPrint):
      * runtime/JSString.h:
      (JSC::RopeBuilder::JSString):
      * runtime/UString.cpp:
      (JSC::UString::toDouble):
      (JSC::putUTF8Triple):
      (JSC::UString::utf8):
      * runtime/UString.h:
      (JSC::UString::~UString):
      (JSC::UString::isNull):
      (JSC::UString::isEmpty):
      (JSC::UString::impl):
      * wtf/text/WTFString.cpp:
      (WTF::String::utf8):
      * wtf/text/WTFString.h:
      (WTF::String::~String):
      (WTF::String::swap):
      (WTF::String::isNull):
      (WTF::String::isEmpty):
      (WTF::String::impl):
      (WTF::String::length):
      (WTF::String::String):
      (WTF::String::isHashTableDeletedValue):
      
      WebCore: 
      
      * WebCore.xcodeproj/project.pbxproj:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      * bridge/NP_jsobject.cpp:
      (_NPN_Enumerate):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/jni/JNIBridge.cpp:
      (JavaParameter::JavaParameter):
      (JavaMethod::JavaMethod):
      (JavaMethod::signature):
      (JavaMethod::methodID):
      * bridge/jni/JNIBridge.h:
      (JSC::Bindings::JavaString::utf8):
      (JSC::Bindings::JavaParameter::type):
      (JSC::Bindings::JavaMethod::returnType):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::call):
      (JavaJSObject::eval):
      (JavaJSObject::getMember):
      (JavaJSObject::setMember):
      (JavaJSObject::removeMember):
      (JavaJSObject::convertJObjectToValue):
      * bridge/jni/jsc/JNIBridgeJSC.cpp:
      (JavaField::JavaField):
      (JavaField::valueFromInstance):
      (JavaField::setValueToInstance):
      * bridge/jni/jsc/JNIBridgeJSC.h:
      (JSC::Bindings::JavaField::type):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaInstance::invokeMethod):
      * bridge/jni/jsc/JavaStringJSC.h:
      (JSC::Bindings::JavaStringImpl::utf8):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::getOwnPropertySlot):
      (JSC::RuntimeArray::getOwnPropertyDescriptor):
      (JSC::RuntimeArray::put):
      
      WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::enumerate):
      
      WebKit/wx: 
      
      * WebFrame.cpp:
      (wxWebFrame::RunScript):
      
      WebKit2: 
      
      * WebProcess/Plugins/JSNPObject.cpp:
      (WebKit::npIdentifierFromIdentifier):
      * WebProcess/Plugins/NPJSObject.cpp:
      (WebKit::NPJSObject::enumerate):
      * WebProcess/Plugins/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65305 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3158a387
    • ossy@webkit.org's avatar
      2010-08-12 Sheriff Bot <webkit.review.bot@gmail.com> · eb7ea4be
      ossy@webkit.org authored
              Unreviewed, rolling out r65295.
              http://trac.webkit.org/changeset/65295
              https://bugs.webkit.org/show_bug.cgi?id=43950
      
              It broke 4 sputnik tests (Requested by Ossy on #webkit).
      
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::constantName):
              (JSC::idName):
              (JSC::CodeBlock::registerName):
              (JSC::regexpName):
              (JSC::printGlobalResolveInfo):
              (JSC::printStructureStubInfo):
              (JSC::CodeBlock::printStructure):
              (JSC::CodeBlock::printStructures):
              * jsc.cpp:
              (functionPrint):
              (functionDebug):
              (runInteractive):
              (fillBufferWithContentsOfFile):
              * pcre/pcre_exec.cpp:
              (Histogram::~Histogram):
              * profiler/CallIdentifier.h:
              (JSC::CallIdentifier::c_str):
              * profiler/Profile.cpp:
              (JSC::Profile::debugPrintDataSampleStyle):
              * profiler/ProfileGenerator.cpp:
              (JSC::ProfileGenerator::willExecute):
              (JSC::ProfileGenerator::didExecute):
              * profiler/ProfileNode.cpp:
              (JSC::ProfileNode::debugPrintData):
              (JSC::ProfileNode::debugPrintDataSampleStyle):
              * runtime/Arguments.cpp:
              (JSC::Arguments::getOwnPropertySlot):
              (JSC::Arguments::getOwnPropertyDescriptor):
              (JSC::Arguments::put):
              (JSC::Arguments::deleteProperty):
              * runtime/DateConversion.cpp:
              (JSC::parseDate):
              * runtime/Identifier.h:
              (JSC::Identifier::Identifier):
              (JSC::Identifier::toArrayIndex):
              * runtime/JSArray.cpp:
              (JSC::JSArray::getOwnPropertySlot):
              (JSC::JSArray::getOwnPropertyDescriptor):
              (JSC::JSArray::put):
              (JSC::JSArray::deleteProperty):
              * runtime/JSArray.h:
              * runtime/JSGlobalObjectFunctions.cpp:
              (JSC::encode):
              (JSC::parseInt):
              (JSC::globalFuncJSCPrint):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              * runtime/UString.cpp:
              (JSC::UString::toDouble):
              (JSC::UString::UTF8String):
              * runtime/UString.h:
              (JSC::UString::isNull):
              (JSC::UString::isEmpty):
              (JSC::UString::impl):
              (JSC::UString::cost):
              (JSC::UString::~UString):
              (JSC::UString::toArrayIndex):
              * wtf/text/WTFString.cpp:
              (WTF::String::utf8):
              * wtf/text/WTFString.h:
              (WTF::String::String):
              (WTF::String::isHashTableDeletedValue):
              (WTF::String::length):
              (WTF::String::operator[]):
              (WTF::String::isNull):
              (WTF::String::isEmpty):
              (WTF::String::impl):
      2010-08-12  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r65295.
              http://trac.webkit.org/changeset/65295
              https://bugs.webkit.org/show_bug.cgi?id=43950
      
              It broke 4 sputnik tests (Requested by Ossy on #webkit).
      
              * WebFrame.cpp:
              (wxWebFrame::RunScript):
      2010-08-12  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r65295.
              http://trac.webkit.org/changeset/65295
              https://bugs.webkit.org/show_bug.cgi?id=43950
      
              It broke 4 sputnik tests (Requested by Ossy on #webkit).
      
              * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
              (WebKit::NetscapePluginInstanceProxy::enumerate):
      2010-08-12  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r65295.
              http://trac.webkit.org/changeset/65295
              https://bugs.webkit.org/show_bug.cgi?id=43950
      
              It broke 4 sputnik tests (Requested by Ossy on #webkit).
      
              * WebCore.xcodeproj/project.pbxproj:
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::getOwnPropertySlot):
              (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
              * bridge/NP_jsobject.cpp:
              (_NPN_Enumerate):
              * bridge/c/c_utility.cpp:
              (JSC::Bindings::convertValueToNPVariant):
              * bridge/jni/JNIBridge.cpp:
              (JavaParameter::JavaParameter):
              (JavaMethod::JavaMethod):
              (JavaMethod::signature):
              (JavaMethod::methodID):
              * bridge/jni/JNIBridge.h:
              (JSC::Bindings::JavaString::UTF8String):
              (JSC::Bindings::JavaParameter::type):
              (JSC::Bindings::JavaMethod::returnType):
              * bridge/jni/jni_jsobject.mm:
              (JavaJSObject::call):
              (JavaJSObject::eval):
              (JavaJSObject::getMember):
              (JavaJSObject::setMember):
              (JavaJSObject::removeMember):
              (JavaJSObject::convertJObjectToValue):
              * bridge/jni/jsc/JNIBridgeJSC.cpp:
              (JavaField::JavaField):
              (JavaField::valueFromInstance):
              (JavaField::setValueToInstance):
              * bridge/jni/jsc/JNIBridgeJSC.h:
              (JSC::Bindings::JavaField::type):
              * bridge/jni/jsc/JavaInstanceJSC.cpp:
              (JavaInstance::invokeMethod):
              * bridge/jni/jsc/JavaStringJSC.h:
              (JSC::Bindings::JavaStringImpl::UTF8String):
              * bridge/runtime_array.cpp:
              (JSC::RuntimeArray::getOwnPropertySlot):
              (JSC::RuntimeArray::getOwnPropertyDescriptor):
              (JSC::RuntimeArray::put):
      2010-08-12  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r65295.
              http://trac.webkit.org/changeset/65295
              https://bugs.webkit.org/show_bug.cgi?id=43950
      
              It broke 4 sputnik tests (Requested by Ossy on #webkit).
      
              * WebProcess/Plugins/JSNPObject.cpp:
              (WebKit::npIdentifierFromIdentifier):
              * WebProcess/Plugins/NPJSObject.cpp:
              (WebKit::NPJSObject::enumerate):
              * WebProcess/Plugins/NPRuntimeObjectMap.cpp:
              (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65302 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      eb7ea4be
  4. 12 Aug, 2010 1 commit
    • barraclough@apple.com's avatar
      Unify UString::UTF8String() & String::utf8() methods, · d22274e7
      barraclough@apple.com authored
      remove UString::cost() & make atArrayIndex a free function.
      
      Reviewed by Sam Weinig
      
      JavaScriptCore: 
      
      * JavaScriptCore.exp:
      * bytecode/CodeBlock.cpp:
      (JSC::constantName):
      (JSC::idName):
      (JSC::CodeBlock::registerName):
      (JSC::regexpName):
      (JSC::printGlobalResolveInfo):
      (JSC::printStructureStubInfo):
      (JSC::CodeBlock::printStructure):
      (JSC::CodeBlock::printStructures):
      * jsc.cpp:
      (functionPrint):
      (functionDebug):
      (runInteractive):
      (fillBufferWithContentsOfFile):
      * pcre/pcre_exec.cpp:
      (Histogram::~Histogram):
      * profiler/CallIdentifier.h:
      (JSC::CallIdentifier::c_str):
      * profiler/Profile.cpp:
      (JSC::Profile::debugPrintDataSampleStyle):
      * profiler/ProfileGenerator.cpp:
      (JSC::ProfileGenerator::willExecute):
      (JSC::ProfileGenerator::didExecute):
      * profiler/ProfileNode.cpp:
      (JSC::ProfileNode::debugPrintData):
      (JSC::ProfileNode::debugPrintDataSampleStyle):
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlot):
      (JSC::Arguments::getOwnPropertyDescriptor):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      * runtime/DateConversion.cpp:
      (JSC::parseDate):
      * runtime/Identifier.h:
      (JSC::Identifier::toStrictUInt32):
      * runtime/JSArray.cpp:
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      * runtime/JSArray.h:
      (JSC::toArrayIndex):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::encode):
      (JSC::parseInt):
      (JSC::globalFuncJSCPrint):
      * runtime/JSString.h:
      (JSC::RopeBuilder::JSString):
      * runtime/UString.cpp:
      (JSC::UString::toDouble):
      (JSC::putUTF8Triple):
      (JSC::UString::utf8):
      * runtime/UString.h:
      (JSC::UString::~UString):
      (JSC::UString::isNull):
      (JSC::UString::isEmpty):
      (JSC::UString::impl):
      * wtf/text/WTFString.cpp:
      (WTF::String::utf8):
      * wtf/text/WTFString.h:
      (WTF::String::~String):
      (WTF::String::swap):
      (WTF::String::isNull):
      (WTF::String::isEmpty):
      (WTF::String::impl):
      (WTF::String::length):
      (WTF::String::String):
      (WTF::String::isHashTableDeletedValue):
      
      WebCore: 
      
      * WebCore.xcodeproj/project.pbxproj:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      * bridge/NP_jsobject.cpp:
      (_NPN_Enumerate):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/jni/JNIBridge.cpp:
      (JavaParameter::JavaParameter):
      (JavaMethod::JavaMethod):
      (JavaMethod::signature):
      (JavaMethod::methodID):
      * bridge/jni/JNIBridge.h:
      (JSC::Bindings::JavaString::utf8):
      (JSC::Bindings::JavaParameter::type):
      (JSC::Bindings::JavaMethod::returnType):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::call):
      (JavaJSObject::eval):
      (JavaJSObject::getMember):
      (JavaJSObject::setMember):
      (JavaJSObject::removeMember):
      (JavaJSObject::convertJObjectToValue):
      * bridge/jni/jsc/JNIBridgeJSC.cpp:
      (JavaField::JavaField):
      (JavaField::valueFromInstance):
      (JavaField::setValueToInstance):
      * bridge/jni/jsc/JNIBridgeJSC.h:
      (JSC::Bindings::JavaField::type):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaInstance::invokeMethod):
      * bridge/jni/jsc/JavaStringJSC.h:
      (JSC::Bindings::JavaStringImpl::utf8):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::getOwnPropertySlot):
      (JSC::RuntimeArray::getOwnPropertyDescriptor):
      (JSC::RuntimeArray::put):
      
      WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::enumerate):
      
      WebKit/wx: 
      
      * WebFrame.cpp:
      (wxWebFrame::RunScript):
      
      WebKit2: 
      
      * WebProcess/Plugins/JSNPObject.cpp:
      (WebKit::npIdentifierFromIdentifier):
      * WebProcess/Plugins/NPJSObject.cpp:
      (WebKit::NPJSObject::enumerate):
      * WebProcess/Plugins/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65295 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d22274e7
  5. 07 Aug, 2010 1 commit
    • eric@webkit.org's avatar
      2010-08-07 Michael Saboff <msaboff@apple.com> · 29a10d7c
      eric@webkit.org authored
              Reviewed by Geoffrey Garen.
      
              Revert JSArray to point to the beginning of the contained ArrayStorage
              struct.  This is described in
              https://bugs.webkit.org/show_bug.cgi?id=43526.
      
              * jit/JITPropertyAccess.cpp:
              (JSC::JIT::emit_op_get_by_val):
              (JSC::JIT::emit_op_put_by_val):
              (JSC::JIT::privateCompilePatchGetArrayLength):
              * jit/JITPropertyAccess32_64.cpp:
              (JSC::JIT::emit_op_get_by_val):
              (JSC::JIT::emit_op_put_by_val):
              (JSC::JIT::privateCompilePatchGetArrayLength):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              (JSC::JSArray::~JSArray):
              (JSC::JSArray::getOwnPropertySlot):
              (JSC::JSArray::getOwnPropertyDescriptor):
              (JSC::JSArray::put):
              (JSC::JSArray::putSlowCase):
              (JSC::JSArray::deleteProperty):
              (JSC::JSArray::getOwnPropertyNames):
              (JSC::JSArray::getNewVectorLength):
              (JSC::JSArray::increaseVectorLength):
              (JSC::JSArray::increaseVectorPrefixLength):
              (JSC::JSArray::setLength):
              (JSC::JSArray::pop):
              (JSC::JSArray::push):
              (JSC::JSArray::shiftCount):
              (JSC::JSArray::unshiftCount):
              (JSC::JSArray::sortNumeric):
              (JSC::JSArray::sort):
              (JSC::JSArray::fillArgList):
              (JSC::JSArray::copyToRegisters):
              (JSC::JSArray::compactForSorting):
              (JSC::JSArray::subclassData):
              (JSC::JSArray::setSubclassData):
              (JSC::JSArray::checkConsistency):
              * runtime/JSArray.h:
              (JSC::JSArray::length):
              (JSC::JSArray::canGetIndex):
              (JSC::JSArray::getIndex):
              (JSC::JSArray::setIndex):
              (JSC::JSArray::uncheckedSetIndex):
              (JSC::JSArray::markChildrenDirect):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64937 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      29a10d7c
  6. 05 Aug, 2010 1 commit
  7. 03 Aug, 2010 3 commits
    • barraclough@apple.com's avatar
      Fix for https://bugs.webkit.org/show_bug.cgi?id=43314. The prior code · 1c5ba287
      barraclough@apple.com authored
      was using the wrong "length" value to move array contents when adding
      space to the beginning of an array for an unshift() or similar
      operation.  Instead of using m_vectorLength, the length of the
      allocated JSValue array, the code was using m_length, the declared
      length of the array.  These two values do not need to match.
      
      Patch by Michael Saboff <msaboff@apple.com> on 2010-08-03
      Reviewed by Gavin Barraclough.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * runtime/JSArray.cpp:
      (JSC::JSArray::increaseVectorPrefixLength):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64620 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1c5ba287
    • ggaren@apple.com's avatar
      Fixed a crash seen on the GTK 64bit buildbot. · 652ada99
      ggaren@apple.com authored
              
      Reviewed by Oliver Hunt.
      
      When JSArray is allocated for the vptr stealing hack, it's not allocated
      in the heap, so the JSArray constructor can't safely call Heap::heap().
              
      Since this was subtle enough to confuse smart people, I've changed JSArray
      to have an explicit vptr stealing constructor.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      * runtime/JSArray.h:
      (JSC::JSArray::):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::storeVPtrs):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64602 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      652ada99
    • barraclough@apple.com's avatar
      Change to keep returned pointer from malloc family functions to · 35490124
      barraclough@apple.com authored
      quiet memory leak detect.  The pointer is saved in the new m_allocBase
      member of the ArrayStorage structure.  This fixes the issue found in 
      https://bugs.webkit.org/show_bug.cgi?id=43229.
      
      Patch by Michael Saboff <msaboff@apple.com> on 2010-08-03
      Reviewed by Gavin Barraclough.
      
      As part of this change, we use m_allocBase when reallocating and
      freeing the memory associated with ArrayStorage.
      
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      (JSC::JSArray::~JSArray):
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::increaseVectorLength):
      (JSC::JSArray::increaseVectorPrefixLength):
      * runtime/JSArray.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64588 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      35490124
  8. 29 Jul, 2010 1 commit
    • barraclough@apple.com's avatar
      Changed the handling for removing and adding elements at the front · a3812102
      barraclough@apple.com authored
      of an array.  The code now keeps a bias that indicates the amount of
      JSValue sized holes are prior to the ArrayStorage block.  This means
      that shift operations are now memmove's of the header part of
      the ArrayStorage and unshift operations are similar, but may require a
      realloc first to create the space.  Similar operations are performed
      for special cases of splice and slice.
      Also optimized the new Array(size) case so that we don't allocate and
      initialize array elements until the JS code starts using elements.
      The array growth code is slightly more aggressive for initial growth
      based on size growth of any previous array.
      
      Patch by Michael Saboff <msaboff@apple.com> on 2010-07-29
      Reviewed by Gavin Barraclough.
      
      * Configurations/JavaScriptCore.xcconfig:
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      (JSC::JSArray::~JSArray):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::deleteProperty):
      (JSC::JSArray::getOwnPropertyNames):
      (JSC::JSArray::getNewVectorLength):
      (JSC::JSArray::increaseVectorLength):
      (JSC::JSArray::increaseVectorPrefixLength):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToRegisters):
      (JSC::JSArray::compactForSorting):
      (JSC::JSArray::subclassData):
      (JSC::JSArray::setSubclassData):
      (JSC::JSArray::checkConsistency):
      * runtime/JSArray.h:
      (JSC::JSArray::length):
      (JSC::JSArray::canGetIndex):
      (JSC::JSArray::getIndex):
      (JSC::JSArray::setIndex):
      (JSC::JSArray::uncheckedSetIndex):
      (JSC::JSArray::arrayStorage):
      (JSC::JSArray::setArrayStorage):
      (JSC::JSArray::markChildrenDirect):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64320 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a3812102
  9. 27 Jul, 2010 2 commits
    • barraclough@apple.com's avatar
      Temporarily rolling out http://trac.webkit.org/changeset/64177, · 616284aa
      barraclough@apple.com authored
      this seems to give QT ARM/Win a headache (specifically, looks
      like structure layour differs, objects get too large - 
      "..\..\..\JavaScriptCore\runtime\ArrayPrototype.cpp:41:"
      "error: size of array 'dummyclass_fits_in_cell' is negative").
      
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/JSArray.cpp:
      (JSC::increasedVectorLength):
      (JSC::JSArray::JSArray):
      (JSC::JSArray::~JSArray):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::deleteProperty):
      (JSC::JSArray::getOwnPropertyNames):
      (JSC::JSArray::increaseVectorLength):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToRegisters):
      (JSC::JSArray::compactForSorting):
      (JSC::JSArray::subclassData):
      (JSC::JSArray::setSubclassData):
      (JSC::JSArray::checkConsistency):
      * runtime/JSArray.h:
      (JSC::JSArray::length):
      (JSC::JSArray::canGetIndex):
      (JSC::JSArray::getIndex):
      (JSC::JSArray::setIndex):
      (JSC::JSArray::uncheckedSetIndex):
      (JSC::JSArray::markChildrenDirect):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64184 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      616284aa
    • barraclough@apple.com's avatar
      Changed the handling for removing and adding elements at the front · 49f6f58f
      barraclough@apple.com authored
      of an array.  The code now keeps a bias that indicates the amount of
      JSValue sized holes are prior to the ArrayStorage block.  This means
      that shift operations are now memmove's of the header part of
      the ArrayStorage and unshift operations are similar, but may require a
      realloc first to create the space.  Similar operations are performed
      for special cases of splice and slice.
      Also optimized the new Array(size) case so that we don't allocate and
      initialize array elements until the JS code starts using elements.
      The array growth code is slightly more aggressive for initial growth
      based on size growth of any previous array.
      
      Patch by Michael Saboff <msaboff@apple.com> on 2010-07-27
      Reviewed by Gavin Barraclough.
      
      * Configurations/JavaScriptCore.xcconfig:
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      (JSC::JSArray::~JSArray):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::deleteProperty):
      (JSC::JSArray::getOwnPropertyNames):
      (JSC::JSArray::getNewVectorLength):
      (JSC::JSArray::increaseVectorLength):
      (JSC::JSArray::increaseVectorPrefixLength):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToRegisters):
      (JSC::JSArray::compactForSorting):
      (JSC::JSArray::subclassData):
      (JSC::JSArray::setSubclassData):
      (JSC::JSArray::checkConsistency):
      * runtime/JSArray.h:
      (JSC::JSArray::length):
      (JSC::JSArray::canGetIndex):
      (JSC::JSArray::getIndex):
      (JSC::JSArray::setIndex):
      (JSC::JSArray::uncheckedSetIndex):
      (JSC::JSArray::arrayStorage):
      (JSC::JSArray::setArrayStorage):
      (JSC::JSArray::markChildrenDirect):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@64177 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      49f6f58f
  10. 13 Jul, 2010 1 commit
    • andreas.kling@nokia.com's avatar
      2010-07-13 Andreas Kling <andreas.kling@nokia.com> · d9acc42f
      andreas.kling@nokia.com authored
              Reviewed by Darin Adler.
      
              Avoid slow-path for put() in Array.splice()
              https://bugs.webkit.org/show_bug.cgi?id=41920
      
              Defer creation of the returned array until its final size is known
              to avoid growing it while adding elements.
      
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray): Add two modes of creation, CreateInitialized (old)
              and CreateCompact (which should only be used when constructing arrays whose
              size and contents are known at the time of creation.)
              (JSC::JSArray::setLength): Skip first consistency check if in CreateCompact
              initialization mode. (Only applies to non-empty arrays.)
              (JSC::JSArray::checkConsistency): Build fix (JSValue::type() is gone)
              * runtime/JSArray.h:
              (JSC::JSArray::uncheckedSetIndex): Added for fast initialization of compact
              arrays. Does no bounds or other sanity checking.
              * runtime/ArrayPrototype.cpp:
              (JSC::arrayProtoFuncSplice): Optimized creation of the returned JSArray.
              * runtime/ArrayConstructor.cpp:
              (JSC::constructArrayWithSizeQuirk): Pass CreateInitialized to ctor.
              * runtime/JSGlobalObject.h:
              (JSC::constructEmptyArray): Pass CreateInitialized to ctor.
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpMatchesArray::RegExpMatchesArray): Pass CreateInitialized to ctor.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@63268 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d9acc42f
  11. 07 Jul, 2010 1 commit
    • darin@apple.com's avatar
      2010-07-07 Darin Adler <darin@apple.com> · 3948d96e
      darin@apple.com authored
              Reviewed by Adam Barth.
      
              More OwnPtr work
              https://bugs.webkit.org/show_bug.cgi?id=41727
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::setPrivateProperty): Use adoptPtr.
              * API/JSCallbackObjectFunctions.h:
              (JSC::JSCallbackObject::JSCallbackObject): Ditto.
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::CodeBlock): Ditto.
              * bytecode/CodeBlock.h:
              (JSC::CodeBlock::createRareDataIfNecessary): Ditto.
              * parser/Nodes.cpp:
              (JSC::ScopeNode::ScopeNode): Ditto.
              * parser/ParserArena.cpp:
              (JSC::ParserArena::ParserArena): Ditto.
              * runtime/Arguments.h:
              (JSC::Arguments::Arguments): Ditto.
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::compile): Ditto.
              (JSC::ProgramExecutable::compile): Ditto.
              (JSC::FunctionExecutable::compileForCall): Ditto.
              (JSC::FunctionExecutable::compileForConstruct): Ditto.
              (JSC::FunctionExecutable::reparseExceptionInfo): Ditto.
              (JSC::EvalExecutable::reparseExceptionInfo): Ditto.
              * runtime/JSArray.cpp:
              (JSC::JSArray::sort): Ditto.
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor): Ditto.
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::RegExpObject): Ditto.
              * runtime/SmallStrings.cpp:
              (JSC::SmallStrings::createSingleCharacterString): Ditto.
              (JSC::SmallStrings::singleCharacterStringRep): Ditto.
      
              * wtf/unicode/icu/CollatorICU.cpp:
              (WTF::Collator::userDefault): Use adoptPtr.
              * yarr/RegexInterpreter.cpp:
              (JSC::Yarr::ByteCompiler::ByteCompiler): Ditto.
              (JSC::Yarr::ByteCompiler::compile): Ditto.
              (JSC::Yarr::ByteCompiler::regexBegin): Ditto.
              (JSC::Yarr::byteCompileRegex): Ditto.
              * yarr/RegexInterpreter.h:
              (JSC::Yarr::BytecodePattern::BytecodePattern): Ditto.
      2010-07-06  Darin Adler  <darin@apple.com>
      
              Reviewed by Adam Barth.
      
              More OwnPtr work, including making clear set the pointer to 0 before deletion
              https://bugs.webkit.org/show_bug.cgi?id=41727
      
              * WebCore.exp.in: Updated.
      
              * css/CSSSelector.h:
              (WebCore::CSSSelector::RareData::RareData): Use adoptPtr.
              (WebCore::CSSSelector::createRareData): Ditto.
              * dom/SpaceSplitString.h:
              (WebCore::SpaceSplitString::SpaceSplitString): Ditto.
              (WebCore::SpaceSplitString::set): Ditto.
              * history/CachedFrame.cpp:
              (WebCore::CachedFrame::CachedFrame): Ditto.
              (WebCore::CachedFrame::setCachedFramePlatformData): Ditto.
      
              * history/CachedFrame.h: Use PassOwnPtr.
      
              * loader/appcache/ApplicationCacheGroup.cpp:
              (WebCore::CallCacheListenerTask::create): Use adoptPtr.
              * loader/appcache/ApplicationCacheStorage.cpp:
              (WebCore::ApplicationCacheStorage::storeCopyOfCache): Ditto.
              * platform/PurgeableBuffer.h:
              (WebCore::PurgeableBuffer::create): Ditto.
              * platform/graphics/GlyphMetricsMap.h:
              (WebCore::::locatePageSlowCase): Ditto.
              * platform/graphics/GraphicsLayer.h:
              (WebCore::AnimationValue::AnimationValue): Ditto.
              (WebCore::TransformAnimationValue::TransformAnimationValue): Ditto.
              * platform/graphics/MediaPlayer.h:
              (WebCore::MediaPlayer::create): Ditto.
              * platform/graphics/SimpleFontData.h:
              (WebCore::SimpleFontData::boundsForGlyph): Ditto.
              * platform/mac/PurgeableBufferMac.cpp:
              (WebCore::PurgeableBuffer::create): Ditto.
              * rendering/InlineFlowBox.h:
              (WebCore::InlineFlowBox::setHorizontalOverflowPositions): Ditto.
              (WebCore::InlineFlowBox::setVerticalOverflowPositions): Ditto.
              * rendering/RootInlineBox.h:
              (WebCore::RootInlineBox::floats): Ditto.
              * rendering/style/RenderStyle.h:
              (WebCore::InheritedFlags::inheritAnimations): Ditto.
              (WebCore::InheritedFlags::inheritTransitions): Ditto.
      
              * rendering/style/SVGRenderStyleDefs.h: Use PassOwnPtr.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@62677 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3948d96e
  12. 02 Jul, 2010 1 commit
  13. 06 Jun, 2010 1 commit
    • barraclough@apple.com's avatar
      Bug 40214 - Clean up error construction / throwing in JSC. · 9c099f96
      barraclough@apple.com authored
              
      Reviewed by Sam Weinig.
      
      The one egregious insanity here is that creating an error requires
      a VM-entry-esqe-host call (the string argument is wrapped as a JS
      object & pushed on the RegisterFile, then unwrapped back to a
      UString).  Changing this also means you only require a global
      object, not an ExecState, to create an error.
      
      The methods to create error objects are also parameterized
      requiring a switch on the type, which can be made cleaner and
      faster by moving to a separate method per error type.  Code to add
      divot information to error had been duplicated, and is coalesced
      back into a single function.
      
      Convenience methods added to create & throw type & syntax error
      with a default error message, since this is a common case.
      
      Also, errors are currently thrown either using
      "throwError(exec, error)" or "exec->setException(error)" - unify
      on the former, since this is more commonly used.  Add
      "throwVMError(exec, error)" equivalents, as a convenience for
      cases where the result was being wrapped in "JSValue::encode(...)".
      
      JavaScriptCore: 
      
      * API/JSCallbackConstructor.cpp:
      (JSC::constructJSCallback):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::call):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlot):
      (JSC::::put):
      (JSC::::deleteProperty):
      (JSC::::construct):
      (JSC::::hasInstance):
      (JSC::::call):
      (JSC::::toNumber):
      (JSC::::toString):
      (JSC::::staticValueGetter):
      (JSC::::staticFunctionGetter):
      (JSC::::callbackGetter):
      * API/JSObjectRef.cpp:
      (JSObjectMakeError):
      * JavaScriptCore.exp:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitNewError):
      (JSC::BytecodeGenerator::emitThrowExpressionTooDeepException):
      * bytecompiler/BytecodeGenerator.h:
      * bytecompiler/NodesCodegen.cpp:
      (JSC::ThrowableExpressionData::emitThrowError):
      (JSC::RegExpNode::emitBytecode):
      (JSC::PostfixErrorNode::emitBytecode):
      (JSC::PrefixErrorNode::emitBytecode):
      (JSC::AssignErrorNode::emitBytecode):
      (JSC::ForInNode::emitBytecode):
      (JSC::ContinueNode::emitBytecode):
      (JSC::BreakNode::emitBytecode):
      (JSC::ReturnNode::emitBytecode):
      (JSC::LabelNode::emitBytecode):
      * interpreter/CallFrame.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      (functionRun):
      (functionLoad):
      (functionCheckSyntax):
      * parser/Nodes.h:
      * runtime/ArrayConstructor.cpp:
      (JSC::constructArrayWithSizeQuirk):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncToString):
      (JSC::arrayProtoFuncToLocaleString):
      (JSC::arrayProtoFuncJoin):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncForEach):
      (JSC::arrayProtoFuncSome):
      (JSC::arrayProtoFuncReduce):
      (JSC::arrayProtoFuncReduceRight):
      * runtime/BooleanPrototype.cpp:
      (JSC::booleanProtoFuncToString):
      (JSC::booleanProtoFuncValueOf):
      * runtime/DatePrototype.cpp:
      (JSC::dateProtoFuncToString):
      (JSC::dateProtoFuncToUTCString):
      (JSC::dateProtoFuncToISOString):
      (JSC::dateProtoFuncToDateString):
      (JSC::dateProtoFuncToTimeString):
      (JSC::dateProtoFuncToLocaleString):
      (JSC::dateProtoFuncToLocaleDateString):
      (JSC::dateProtoFuncToLocaleTimeString):
      (JSC::dateProtoFuncGetTime):
      (JSC::dateProtoFuncGetFullYear):
      (JSC::dateProtoFuncGetUTCFullYear):
      (JSC::dateProtoFuncToGMTString):
      (JSC::dateProtoFuncGetMonth):
      (JSC::dateProtoFuncGetUTCMonth):
      (JSC::dateProtoFuncGetDate):
      (JSC::dateProtoFuncGetUTCDate):
      (JSC::dateProtoFuncGetDay):
      (JSC::dateProtoFuncGetUTCDay):
      (JSC::dateProtoFuncGetHours):
      (JSC::dateProtoFuncGetUTCHours):
      (JSC::dateProtoFuncGetMinutes):
      (JSC::dateProtoFuncGetUTCMinutes):
      (JSC::dateProtoFuncGetSeconds):
      (JSC::dateProtoFuncGetUTCSeconds):
      (JSC::dateProtoFuncGetMilliSeconds):
      (JSC::dateProtoFuncGetUTCMilliseconds):
      (JSC::dateProtoFuncGetTimezoneOffset):
      (JSC::dateProtoFuncSetTime):
      (JSC::setNewValueFromTimeArgs):
      (JSC::setNewValueFromDateArgs):
      (JSC::dateProtoFuncSetMilliSeconds):
      (JSC::dateProtoFuncSetUTCMilliseconds):
      (JSC::dateProtoFuncSetSeconds):
      (JSC::dateProtoFuncSetUTCSeconds):
      (JSC::dateProtoFuncSetMinutes):
      (JSC::dateProtoFuncSetUTCMinutes):
      (JSC::dateProtoFuncSetHours):
      (JSC::dateProtoFuncSetUTCHours):
      (JSC::dateProtoFuncSetDate):
      (JSC::dateProtoFuncSetUTCDate):
      (JSC::dateProtoFuncSetMonth):
      (JSC::dateProtoFuncSetUTCMonth):
      (JSC::dateProtoFuncSetFullYear):
      (JSC::dateProtoFuncSetUTCFullYear):
      (JSC::dateProtoFuncSetYear):
      (JSC::dateProtoFuncGetYear):
      (JSC::dateProtoFuncToJSON):
      * runtime/Error.cpp:
      (JSC::createError):
      (JSC::createEvalError):
      (JSC::createRangeError):
      (JSC::createReferenceError):
      (JSC::createSyntaxError):
      (JSC::createTypeError):
      (JSC::createURIError):
      (JSC::addErrorSourceInfo):
      (JSC::addErrorDivotInfo):
      (JSC::addErrorInfo):
      (JSC::hasErrorInfo):
      (JSC::throwError):
      (JSC::throwTypeError):
      (JSC::throwSyntaxError):
      * runtime/Error.h:
      (JSC::throwVMError):
      (JSC::throwVMTypeError):
      * runtime/ErrorConstructor.cpp:
      (JSC::constructWithErrorConstructor):
      (JSC::callErrorConstructor):
      * runtime/ErrorConstructor.h:
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      (JSC::ErrorInstance::create):
      * runtime/ErrorInstance.h:
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::ErrorPrototype):
      * runtime/ExceptionHelpers.cpp:
      (JSC::createStackOverflowError):
      (JSC::createUndefinedVariableError):
      (JSC::createInvalidParamError):
      (JSC::createNotAConstructorError):
      (JSC::createNotAFunctionError):
      (JSC::createNotAnObjectError):
      (JSC::throwOutOfMemoryError):
      * runtime/ExceptionHelpers.h:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compile):
      (JSC::ProgramExecutable::checkSyntax):
      (JSC::ProgramExecutable::compile):
      * runtime/FunctionConstructor.cpp:
      (JSC::constructFunction):
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncToString):
      (JSC::functionProtoFuncApply):
      (JSC::functionProtoFuncCall):
      * runtime/Identifier.cpp:
      (JSC::Identifier::from):
      * runtime/Identifier.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::put):
      * runtime/JSFunction.cpp:
      (JSC::callHostFunctionAsConstructor):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::encode):
      (JSC::decode):
      (JSC::globalFuncEval):
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Walker::walk):
      (JSC::JSONProtoFuncParse):
      (JSC::JSONProtoFuncStringify):
      * runtime/JSObject.cpp:
      (JSC::throwSetterError):
      (JSC::JSObject::put):
      (JSC::JSObject::putWithAttributes):
      (JSC::JSObject::defaultValue):
      (JSC::JSObject::hasInstance):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      * runtime/JSValue.cpp:
      (JSC::JSValue::toObjectSlowCase):
      (JSC::JSValue::synthesizeObject):
      (JSC::JSValue::synthesizePrototype):
      * runtime/NativeErrorConstructor.cpp:
      (JSC::constructWithNativeErrorConstructor):
      (JSC::callNativeErrorConstructor):
      * runtime/NativeErrorConstructor.h:
      * runtime/NumberPrototype.cpp:
      (JSC::numberProtoFuncToString):
      (JSC::numberProtoFuncToLocaleString):
      (JSC::numberProtoFuncValueOf):
      (JSC::numberProtoFuncToFixed):
      (JSC::numberProtoFuncToExponential):
      (JSC::numberProtoFuncToPrecision):
      * runtime/ObjectConstructor.cpp:
      (JSC::objectConstructorGetPrototypeOf):
      (JSC::objectConstructorGetOwnPropertyDescriptor):
      (JSC::objectConstructorGetOwnPropertyNames):
      (JSC::objectConstructorKeys):
      (JSC::toPropertyDescriptor):
      (JSC::objectConstructorDefineProperty):
      (JSC::objectConstructorDefineProperties):
      (JSC::objectConstructorCreate):
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncDefineGetter):
      (JSC::objectProtoFuncDefineSetter):
      * runtime/RegExpConstructor.cpp:
      (JSC::constructRegExp):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::match):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncTest):
      (JSC::regExpProtoFuncExec):
      (JSC::regExpProtoFuncCompile):
      (JSC::regExpProtoFuncToString):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncToString):
      
      WebCore: 
      
      * WebCore.xcodeproj/project.pbxproj:
      * bindings/js/JSArrayBufferConstructor.h:
      (WebCore::construct):
      * bindings/js/JSArrayBufferViewHelper.h:
      (WebCore::setWebGLArrayHelper):
      * bindings/js/JSAudioConstructor.cpp:
      (WebCore::constructAudio):
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::JSCanvasRenderingContext2D::setFillColor):
      (WebCore::JSCanvasRenderingContext2D::setStrokeColor):
      (WebCore::JSCanvasRenderingContext2D::drawImage):
      (WebCore::JSCanvasRenderingContext2D::drawImageFromRect):
      (WebCore::JSCanvasRenderingContext2D::setShadow):
      (WebCore::JSCanvasRenderingContext2D::createPattern):
      (WebCore::JSCanvasRenderingContext2D::fillText):
      (WebCore::JSCanvasRenderingContext2D::strokeText):
      * bindings/js/JSClipboardCustom.cpp:
      (WebCore::JSClipboard::clearData):
      (WebCore::JSClipboard::getData):
      (WebCore::JSClipboard::setDragImage):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::setDOMException):
      (WebCore::toJSSequence):
      * bindings/js/JSDOMWrapper.cpp:
      (WebCore::DOMObject::defineOwnProperty):
      * bindings/js/JSDesktopNotificationsCustom.cpp:
      (WebCore::JSNotificationCenter::requestPermission):
      * bindings/js/JSEventSourceConstructor.cpp:
      (WebCore::constructEventSource):
      * bindings/js/JSHTMLDocumentCustom.cpp:
      (WebCore::JSHTMLDocument::open):
      * bindings/js/JSHTMLInputElementCustom.cpp:
      (WebCore::JSHTMLInputElement::selectionStart):
      (WebCore::JSHTMLInputElement::setSelectionStart):
      (WebCore::JSHTMLInputElement::selectionEnd):
      (WebCore::JSHTMLInputElement::setSelectionEnd):
      (WebCore::JSHTMLInputElement::setSelectionRange):
      * bindings/js/JSImageConstructor.cpp:
      (WebCore::constructImage):
      * bindings/js/JSJavaScriptCallFrameCustom.cpp:
      (WebCore::JSJavaScriptCallFrame::evaluate):
      * bindings/js/JSMessageChannelConstructor.cpp:
      (WebCore::JSMessageChannelConstructor::construct):
      * bindings/js/JSMessagePortCustom.cpp:
      (WebCore::fillMessagePortArray):
      * bindings/js/JSOptionConstructor.cpp:
      (WebCore::constructHTMLOptionElement):
      * bindings/js/JSSVGMatrixCustom.cpp:
      (WebCore::JSSVGMatrix::multiply):
      * bindings/js/JSSharedWorkerConstructor.cpp:
      (WebCore::constructSharedWorker):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::JSWebGLRenderingContext::bufferData):
      (WebCore::JSWebGLRenderingContext::bufferSubData):
      (WebCore::getObjectParameter):
      (WebCore::JSWebGLRenderingContext::getFramebufferAttachmentParameter):
      (WebCore::JSWebGLRenderingContext::getParameter):
      (WebCore::JSWebGLRenderingContext::getProgramParameter):
      (WebCore::JSWebGLRenderingContext::getShaderParameter):
      (WebCore::JSWebGLRenderingContext::getUniform):
      (WebCore::JSWebGLRenderingContext::texImage2D):
      (WebCore::JSWebGLRenderingContext::texSubImage2D):
      (WebCore::dataFunctionf):
      (WebCore::dataFunctioni):
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSWebSocketConstructor.cpp:
      (WebCore::constructWebSocket):
      * bindings/js/JSWebSocketCustom.cpp:
      (WebCore::JSWebSocket::send):
      * bindings/js/JSWorkerConstructor.cpp:
      (WebCore::constructWorker):
      * bindings/js/JSXMLHttpRequestConstructor.cpp:
      (WebCore::constructXMLHttpRequest):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::open):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::BaseWalker::throwStackOverflow):
      (WebCore::BaseWalker::throwInterruptedException):
      (WebCore::SerializingTreeWalker::startArray):
      (WebCore::SerializingTreeWalker::startObject):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::setException):
      * bindings/scripts/CodeGeneratorJS.pm:
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CInstance::moveGlobalExceptionToExecState):
      (JSC::Bindings::CInstance::invokeMethod):
      (JSC::Bindings::CInstance::invokeDefaultMethod):
      (JSC::Bindings::CInstance::invokeConstruct):
      * bridge/jni/jsc/JNIBridgeJSC.cpp:
      (JavaField::dispatchValueFromInstance):
      (JavaField::dispatchSetValueToInstance):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaInstance::invokeMethod):
      * bridge/objc/objc_instance.mm:
      (ObjcInstance::moveGlobalExceptionToExecState):
      (ObjcInstance::invokeMethod):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcField::valueFromInstance):
      (JSC::Bindings::ObjcField::setValueToInstance):
      (JSC::Bindings::ObjcArray::setValueAt):
      (JSC::Bindings::ObjcArray::valueAt):
      (JSC::Bindings::callObjCFallbackObject):
      * bridge/objc/objc_utility.h:
      * bridge/objc/objc_utility.mm:
      (JSC::Bindings::throwError):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::put):
      * bridge/runtime_method.cpp:
      (JSC::callRuntimeMethod):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::throwInvalidAccessError):
      
      WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::moveGlobalExceptionToExecState):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyInstance::invokeMethod):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@60762 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9c099f96
  14. 27 May, 2010 1 commit
    • eric@webkit.org's avatar
      2010-05-27 Luiz Agostini <luiz.agostini@openbossa.org> · 4ad71207
      eric@webkit.org authored
              Reviewed by Darin Adler.
      
              UTF-16 code points compare() for String objects
              https://bugs.webkit.org/show_bug.cgi?id=39701
      
              Moving compare() implementation from UString to StringImpl for it to be shared
              with String. Adding overloaded free functions codePointCompare() in StringImpl
              and WTFString. Renaming function compare in UString to codePointCompare to be
              consistent.
      
              * runtime/JSArray.cpp:
              (JSC::compareByStringPairForQSort):
              * runtime/UString.cpp:
              * runtime/UString.h:
              (JSC::codePointCompare):
              * wtf/text/StringImpl.cpp:
              (WebCore::codePointCompare):
              * wtf/text/StringImpl.h:
              * wtf/text/WTFString.cpp:
              (WebCore::codePointCompare):
              * wtf/text/WTFString.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@60332 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4ad71207
  15. 25 Feb, 2010 1 commit
  16. 12 Jan, 2010 1 commit
    • eric@webkit.org's avatar
      2010-01-12 Kent Hansen <kent.hansen@nokia.com> · c293f4c8
      eric@webkit.org authored
              Reviewed by Geoffrey Garen.
      
              [ES5] Implement Object.getOwnPropertyNames
              https://bugs.webkit.org/show_bug.cgi?id=32242
      
              Add an extra argument to getPropertyNames() and getOwnPropertyNames()
              (and all reimplementations thereof) that indicates whether non-enumerable
              properties should be added.
      
              * API/JSCallbackObject.h:
              * API/JSCallbackObjectFunctions.h:
              (JSC::::getOwnPropertyNames):
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::getOwnPropertyNames):
              * debugger/DebuggerActivation.h:
              * runtime/Arguments.cpp:
              (JSC::Arguments::getOwnPropertyNames):
              * runtime/Arguments.h:
              * runtime/CommonIdentifiers.h:
              * runtime/JSArray.cpp:
              (JSC::JSArray::getOwnPropertyNames):
              * runtime/JSArray.h:
              * runtime/JSByte...
      c293f4c8
  17. 11 Jan, 2010 1 commit
  18. 08 Jan, 2010 1 commit
  19. 07 Jan, 2010 1 commit
    • ap@apple.com's avatar
      Reviewed by Geoffrey Garen. · 1348bdfa
      ap@apple.com authored
              https://bugs.webkit.org/show_bug.cgi?id=33057
              REGRESSION(r49365): typeof(xhr.responseText) != "string" in Windows
      
              <rdar://problem/7296920> REGRESSION: WebKit fails to start PeaceKeeper benchmark
      
              Test: fast/js/webcore-string-comparison.html
      
              In r49365, some code was moved from JSString.cpp to JSString.h, and as a result, WebCore
              got a way to directly instantiate JSStrings over DLL borders. Since vftable for JSString was
              not exported, objects created from WebCore got a different vptr, and JavaScriptCore
              optimizations that relied on vptr of all JSString objects being equal failed.
      
              * config.h: Added a JS_EXPORTCLASS macro for exporting classes. It's currently the same as
              JS_EXPORTDATA, but it clearly needed a new name.
      
              * runtime/InitializeThreading.cpp:
              (JSC::initializeThreadingOnce):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::storeVPtrs):
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::createNonDefault):
              (JSC::JSGlobalData::create):
              (JSC::JSGlobalData::sharedInstance):
              * runtime/JSGlobalData.h:
              Store vptrs just once, no need to repeatedly pick and copy them. This makes it possible to
              assert vptr correctness in object destructors (which don't have access to JSGlobalData,
              and even Heap::heap(this) will fail for fake objects created from storeVPtrs()).
      
              * runtime/JSArray.cpp: (JSC::JSArray::~JSArray): Assert that vptr is what we expect it to be.
              It's important to assert in destructor, because MSVC changes the vptr after constructor
              is invoked.
              * runtime/JSByteArray.cpp: (JSC::JSByteArray::~JSByteArray): Ditto.
              * runtime/JSByteArray.h: Ditto.
              * runtime/JSFunction.h: Ditto.
              * runtime/JSFunction.cpp: (JSC::JSFunction::~JSFunction): Ditto.
      
              * runtime/JSCell.h: (JSC::JSCell::setVPtr): Added a method to substitute vptr for another
              one.
      
              * runtime/JSString.h: Export JSString class together with its vftable, and tell other
              libraries tp import it. This is needed on platforms that have a separate JavaScriptCore
              dynamic library - and on Mac, we already did the export via JavaScriptCore.exp.
              (JSC::JSString::~JSString): Assert tha vptr is what we expect it to be.
              (JSC::fixupVPtr): Store a previously saved primary vftable pointer (do nothing if building
              JavaScriptCore itself).
              (JSC::jsSingleCharacterString): Call fixupVPtr in case this is call across DLL boundary.
              (JSC::jsSingleCharacterSubstring): Ditto.
              (JSC::jsNontrivialString): Ditto.
              (JSC::jsString): Ditto.
              (JSC::jsSubstring): Ditto.
              (JSC::jsOwnedString): Ditto.
      
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new static
              JSGlobalData members that are used in WebCore via inline functions.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52956 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1348bdfa
  20. 14 Dec, 2009 1 commit
    • ggaren@apple.com's avatar
      JavaScriptCore: Changed GC from mark-sweep to mark-allocate. · 6a429819
      ggaren@apple.com authored
              
      Reviewed by Sam Weinig.
      
      Added WeakGCMap to keep WebCore blissfully ignorant about objects that
      have become garbage but haven't run their destructors yet.
              
      1% SunSpider speedup.
      7.6% v8 speedup (37% splay speedup).
      17% speedup on bench-alloc-nonretained.js.
      18% speedup on bench-alloc-retained.js.
      
      * API/JSBase.cpp:
      (JSGarbageCollect):
      * API/JSContextRef.cpp:
      * JavaScriptCore.exp:
      * JavaScriptCore.xcodeproj/project.pbxproj: Updated for renames and new
      files.
      
      * debugger/Debugger.cpp:
      (JSC::Debugger::recompileAllJSFunctions): Updated to use the Collector
      iterator abstraction.
      
      * jsc.cpp:
      (functionGC): Updated for rename.
      
      * runtime/Collector.cpp: Slightly reduced the number of allocations per
      collection, so that small workloads only allocate on collector block,
      rather than two.
      
      (JSC::Heap::Heap): Updated to use the new allocateBlock function.
      
      (JSC::Heap::destroy): Updated to use the new freeBlocks function.
      
      (JSC::Heap::allocateBlock): New function to initialize a block when
      allocating it.
      
      (JSC::Heap::freeBlock): Consolidated the responsibility for running
      destructors into this function.
      
      (JSC::Heap::freeBlocks): Updated to use freeBlock.
      
      (JSC::Heap::recordExtraCost): Sweep the heap in this reporting function,
      so that allocation, which is more common, doesn't have to check extraCost.
      
      (JSC::Heap::heapAllocate): Run destructors right before recycling a
      garbage cell. This has better cache utilization than a separate sweep phase.
      
      (JSC::Heap::resizeBlocks):
      (JSC::Heap::growBlocks):
      (JSC::Heap::shrinkBlocks): New set of functions for managing the size of
      the heap, now that the heap doesn't maintain any information about its
      size.
      
      (JSC::isPointerAligned):
      (JSC::isHalfCellAligned):
      (JSC::isPossibleCell):
      (JSC::isCellAligned):
      (JSC::Heap::markConservatively): Cleaned up this code a bit.
      
      (JSC::Heap::clearMarkBits):
      (JSC::Heap::markedCells): Some helper functions for examining the the mark
      bitmap.
      
      (JSC::Heap::sweep): Simplified this function by using a DeadObjectIterator.
      
      (JSC::Heap::markRoots): Reordered some operations for clarity.
      
      (JSC::Heap::objectCount):
      (JSC::Heap::addToStatistics):
      (JSC::Heap::statistics): Rewrote these functions to calculate an object
      count on demand, since the heap doesn't maintain this information by 
      itself.
      
      (JSC::Heap::reset): New function for resetting the heap once we've
      exhausted heap space.
      
      (JSC::Heap::collectAllGarbage): This function matches the old collect()
      behavior, but it's now an uncommon function used only by API.
      
      * runtime/Collector.h:
      (JSC::CollectorBitmap::count):
      (JSC::CollectorBitmap::isEmpty): Added some helper functions for managing
      the collector mark bitmap.
      
      (JSC::Heap::reportExtraMemoryCost): Changed reporting from cell equivalents
      to bytes, so it's easier to understand.
              
      * runtime/CollectorHeapIterator.h:
      (JSC::CollectorHeapIterator::CollectorHeapIterator):
      (JSC::CollectorHeapIterator::operator!=):
      (JSC::CollectorHeapIterator::operator*):
      (JSC::CollectorHeapIterator::advance):
      (JSC::::LiveObjectIterator):
      (JSC::::operator):
      (JSC::::DeadObjectIterator):
      (JSC::::ObjectIterator): New iterators for encapsulating details about
      heap layout, and what's live and dead on the heap.
      
      * runtime/JSArray.cpp:
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::increaseVectorLength): Delay reporting extra cost until
      we're fully constructed, so the heap mark phase won't visit us in an
      invalid state.
      
      * runtime/JSCell.h:
      (JSC::JSCell::):
      (JSC::JSCell::createDummyStructure):
      (JSC::JSCell::JSCell):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h: Added a dummy cell to simplify allocation logic.
      
      * runtime/JSString.h:
      (JSC::jsSubstring): Don't report extra cost for substrings, since they
      share a buffer that's already reported extra cost.
      
      * runtime/Tracing.d:
      * runtime/Tracing.h: Changed these dtrace hooks not to report object
      counts, since they're no longer cheap to compute.
      
      * runtime/UString.h: Updated for renames.
      
      * runtime/WeakGCMap.h: Added.
      (JSC::WeakGCMap::isEmpty):
      (JSC::WeakGCMap::uncheckedGet):
      (JSC::WeakGCMap::uncheckedBegin):
      (JSC::WeakGCMap::uncheckedEnd):
      (JSC::::get):
      (JSC::::take):
      (JSC::::set):
      (JSC::::uncheckedRemove): Mentioned above.
      
      * wtf/StdLibExtras.h:
      (WTF::bitCount): Added a bit population count function, so the heap can
      count live objects to fulfill statistics questions.
      
      JavaScriptGlue: Changed GC from mark-sweep to mark-allocate.
              
      Reviewed by Sam Weinig.
      
      * JavaScriptGlue.cpp:
      (JSCollect): Updated for rename. Fixed a bug where JSGlue would not check
      to avoid nested GC calls.
      
      WebCore: Changed GC from mark-sweep to mark-allocate.
      
      Reviewed by Sam Weinig.
      
      * ForwardingHeaders/runtime/WeakGCMap.h: Added.
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::gcTimerFired):
      (WebCore::GCController::garbageCollectNow): Updated for rename.
      
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::removeWrappers):
      (WebCore::hasCachedDOMObjectWrapperUnchecked):
      (WebCore::hasCachedDOMObjectWrapper):
      (WebCore::hasCachedDOMNodeWrapperUnchecked):
      (WebCore::forgetDOMObject):
      (WebCore::forgetDOMNode):
      (WebCore::isObservableThroughDOM):
      (WebCore::markDOMNodesForDocument):
      (WebCore::markDOMObjectWrapper):
      (WebCore::markDOMNodeWrapper):
      * bindings/js/JSDOMBinding.h: Changed DOM wrapper maps to be WeakGCMaps.
      Don't ASSERT that an item must be in the WeakGCMap when its destructor
      runs, since it might have been overwritten in the map first.
      
      * bindings/js/JSDocumentCustom.cpp:
      (WebCore::toJS): Changed Document from a DOM object wrapper to a DOM node
      wrapper, to simplify some code.
      
      * bindings/js/JSInspectedObjectWrapper.cpp:
      (WebCore::JSInspectedObjectWrapper::JSInspectedObjectWrapper):
      (WebCore::JSInspectedObjectWrapper::~JSInspectedObjectWrapper):
      * bindings/js/JSInspectorCallbackWrapper.cpp: Use a WeakGCMap for these
      wrappers.
      
      * bindings/js/JSNodeCustom.cpp:
      (WebCore::JSNode::markChildren): Updated for WeakGCMap and Document using
      a DOM node wrapper instead of a DOM object wrapper.
      
      * bindings/js/JSSVGPODTypeWrapper.h:
      (WebCore::JSSVGDynamicPODTypeWrapperCache::wrapperMap):
      (WebCore::JSSVGDynamicPODTypeWrapperCache::lookupOrCreateWrapper):
      (WebCore::JSSVGDynamicPODTypeWrapperCache::forgetWrapper):
      (WebCore::::~JSSVGDynamicPODTypeWrapper): Shined a small beam of sanity light
      on this code. Use hashtable-based lookup in JSSVGPODTypeWrapper.h instead
      of linear lookup through iteration, since that's what hashtables were
      invented for. Make JSSVGPODTypeWrapper.h responsible for reomving itself
      from the table, instead of its JS wrapper, to decouple these objects from
      GC, and because these objects are refCounted, not solely owned by their
      JS wrappers.
      
      * bindings/scripts/CodeGeneratorJS.pm:
      * dom/Document.h: Adopted changes above.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52082 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6a429819
  21. 12 Dec, 2009 1 commit
  22. 11 Dec, 2009 1 commit
    • ggaren@apple.com's avatar
      JavaScriptCore: Changed GC from mark-sweep to mark-allocate. · cf48922a
      ggaren@apple.com authored
              
      Reviewed by Sam Weinig.
      
      Added WeakGCMap to keep WebCore blissfully ignorant about objects that
      have become garbage but haven't run their destructors yet.
              
      1% SunSpider speedup.
      7.6% v8 speedup (37% splay speedup).
      17% speedup on bench-alloc-nonretained.js.
      18% speedup on bench-alloc-retained.js.
      
      * API/JSBase.cpp:
      (JSGarbageCollect):
      * API/JSContextRef.cpp:
      * JavaScriptCore.exp:
      * JavaScriptCore.xcodeproj/project.pbxproj: Updated for renames and new
      files.
      
      * debugger/Debugger.cpp:
      (JSC::Debugger::recompileAllJSFunctions): Updated to use the Collector
      iterator abstraction.
      
      * jsc.cpp:
      (functionGC): Updated for rename.
      
      * runtime/Collector.cpp: Slightly reduced the number of allocations per
      collection, so that small workloads only allocate on collector block,
      rather than two.
      
      (JSC::Heap::Heap): Updated to use the new allocateBlock function.
      
      (JSC::Heap::destroy): Updated to use the new freeBlocks function.
      
      (JSC::Heap::allocateBlock): New function to initialize a block when
      allocating it.
      
      (JSC::Heap::freeBlock): Consolidated the responsibility for running
      destructors into this function.
      
      (JSC::Heap::freeBlocks): Updated to use freeBlock.
      
      (JSC::Heap::recordExtraCost): Sweep the heap in this reporting function,
      so that allocation, which is more common, doesn't have to check extraCost.
      
      (JSC::Heap::heapAllocate): Run destructors right before recycling a
      garbage cell. This has better cache utilization than a separate sweep phase.
      
      (JSC::Heap::resizeBlocks):
      (JSC::Heap::growBlocks):
      (JSC::Heap::shrinkBlocks): New set of functions for managing the size of
      the heap, now that the heap doesn't maintain any information about its
      size.
      
      (JSC::isPointerAligned):
      (JSC::isHalfCellAligned):
      (JSC::isPossibleCell):
      (JSC::isCellAligned):
      (JSC::Heap::markConservatively): Cleaned up this code a bit.
      
      (JSC::Heap::clearMarkBits):
      (JSC::Heap::markedCells): Some helper functions for examining the the mark
      bitmap.
      
      (JSC::Heap::sweep): Simplified this function by using a DeadObjectIterator.
      
      (JSC::Heap::markRoots): Reordered some operations for clarity.
      
      (JSC::Heap::objectCount):
      (JSC::Heap::addToStatistics):
      (JSC::Heap::statistics): Rewrote these functions to calculate an object
      count on demand, since the heap doesn't maintain this information by 
      itself.
      
      (JSC::Heap::reset): New function for resetting the heap once we've
      exhausted heap space.
      
      (JSC::Heap::collectAllGarbage): This function matches the old collect()
      behavior, but it's now an uncommon function used only by API.
      
      * runtime/Collector.h:
      (JSC::CollectorBitmap::count):
      (JSC::CollectorBitmap::isEmpty): Added some helper functions for managing
      the collector mark bitmap.
      
      (JSC::Heap::reportExtraMemoryCost): Changed reporting from cell equivalents
      to bytes, so it's easier to understand.
              
      * runtime/CollectorHeapIterator.h:
      (JSC::CollectorHeapIterator::CollectorHeapIterator):
      (JSC::CollectorHeapIterator::operator!=):
      (JSC::CollectorHeapIterator::operator*):
      (JSC::CollectorHeapIterator::advance):
      (JSC::::LiveObjectIterator):
      (JSC::::operator):
      (JSC::::DeadObjectIterator):
      (JSC::::ObjectIterator): New iterators for encapsulating details about
      heap layout, and what's live and dead on the heap.
      
      * runtime/JSArray.cpp:
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::increaseVectorLength): Delay reporting extra cost until
      we're fully constructed, so the heap mark phase won't visit us in an
      invalid state.
      
      * runtime/JSCell.h:
      (JSC::JSCell::):
      (JSC::JSCell::createDummyStructure):
      (JSC::JSCell::JSCell):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h: Added a dummy cell to simplify allocation logic.
      
      * runtime/JSString.h:
      (JSC::jsSubstring): Don't report extra cost for substrings, since they
      share a buffer that's already reported extra cost.
      
      * runtime/Tracing.d:
      * runtime/Tracing.h: Changed these dtrace hooks not to report object
      counts, since they're no longer cheap to compute.
      
      * runtime/UString.h: Updated for renames.
      
      * runtime/WeakGCMap.h: Added.
      (JSC::WeakGCMap::isEmpty):
      (JSC::WeakGCMap::uncheckedGet):
      (JSC::WeakGCMap::uncheckedBegin):
      (JSC::WeakGCMap::uncheckedEnd):
      (JSC::::get):
      (JSC::::take):
      (JSC::::set):
      (JSC::::uncheckedRemove): Mentioned above.
      
      * wtf/StdLibExtras.h:
      (WTF::bitCount): Added a bit population count function, so the heap can
      count live objects to fulfill statistics questions.
      
      JavaScriptGlue: Changed GC from mark-sweep to mark-allocate.
              
      Reviewed by Sam Weinig.
      
      * JavaScriptGlue.cpp:
      (JSCollect): Updated for rename. Fixed a bug where JSGlue would not check
      to avoid nested GC calls.
      
      WebCore: Changed GC from mark-sweep to mark-allocate.
      
      Reviewed by Sam Weinig.
      
      * ForwardingHeaders/runtime/WeakGCMap.h: Added.
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::gcTimerFired):
      (WebCore::GCController::garbageCollectNow): Updated for rename.
      
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::removeWrappers):
      (WebCore::hasCachedDOMObjectWrapperUnchecked):
      (WebCore::hasCachedDOMObjectWrapper):
      (WebCore::hasCachedDOMNodeWrapperUnchecked):
      (WebCore::forgetDOMObject):
      (WebCore::forgetDOMNode):
      (WebCore::isObservableThroughDOM):
      (WebCore::markDOMNodesForDocument):
      (WebCore::markDOMObjectWrapper):
      (WebCore::markDOMNodeWrapper):
      * bindings/js/JSDOMBinding.h: Changed DOM wrapper maps to be WeakGCMaps.
      Don't ASSERT that an item must be in the WeakGCMap when its destructor
      runs, since it might have been overwritten in the map first.
      
      * bindings/js/JSDocumentCustom.cpp:
      (WebCore::toJS): Changed Document from a DOM object wrapper to a DOM node
      wrapper, to simplify some code.
      
      * bindings/js/JSInspectedObjectWrapper.cpp:
      (WebCore::JSInspectedObjectWrapper::JSInspectedObjectWrapper):
      (WebCore::JSInspectedObjectWrapper::~JSInspectedObjectWrapper):
      * bindings/js/JSInspectorCallbackWrapper.cpp: Use a WeakGCMap for these
      wrappers.
      
      * bindings/js/JSNodeCustom.cpp:
      (WebCore::JSNode::markChildren): Updated for WeakGCMap and Document using
      a DOM node wrapper instead of a DOM object wrapper.
      
      * bindings/js/JSSVGPODTypeWrapper.h:
      (WebCore::JSSVGDynamicPODTypeWrapperCache::wrapperMap):
      (WebCore::JSSVGDynamicPODTypeWrapperCache::lookupOrCreateWrapper):
      (WebCore::JSSVGDynamicPODTypeWrapperCache::forgetWrapper):
      (WebCore::::~JSSVGDynamicPODTypeWrapper): Shined a small beam of sanity
      on this code. Use hashtable-based lookup in JSSVGPODTypeWrapper.h instead
      of linear lookup through iteration, since that's what hashtables were
      invented for. Make JSSVGPODTypeWrapper.h responsible for reomving itself
      from the table, instead of its JS wrapper, to decouple these objects from
      GC, and because these objects are refCounted, not solely owned by their
      JS wrappers.
      
      * bindings/scripts/CodeGeneratorJS.pm:
      * dom/Document.h: Adopted changes above.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52040 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cf48922a
  23. 03 Dec, 2009 1 commit
  24. 03 Oct, 2009 1 commit
    • ggaren@apple.com's avatar
      Removed the concept of a "fast access cutoff" in arrays, because it · 570483e7
      ggaren@apple.com authored
      punished some patterns of array access too much, and made things too
      complex for inlining in some cases.
              
      Patch by Geoffrey Garen <ggaren@apple.com> on 2009-10-02
      Reviewed by Sam Weinig.
      
      1.3% speedup on SunSpider.
      
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emitSlow_op_put_by_val):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitSlow_op_put_by_val):
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      (JSC::): Check m_vectorLength instead of m_fastAccessCutoff when
      getting / putting from / to an array. Inline putting past the end of
      the array.
      
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::deleteProperty):
      (JSC::JSArray::getOwnPropertyNames):
      (JSC::JSArray::increaseVectorLength):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToRegisters):
      (JSC::JSArray::compactForSorting):
      (JSC::JSArray::checkConsistency):
      * runtime/JSArray.h:
      (JSC::JSArray::canGetIndex):
      (JSC::JSArray::canSetIndex):
      (JSC::JSArray::setIndex):
      (JSC::JSArray::markChildrenDirect): Removed m_fastAccessCutoff, and
      replaced with checks for JSValue() to detect reads and writes from / to
      uninitialized parts of the array.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@49065 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      570483e7
  25. 28 Sep, 2009 1 commit
    • ggaren@apple.com's avatar
      NotNullPassRefPtr: smart pointer optimized for passing references that are not null · 6740e6f2
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=29822
              
      Patch by Geoffrey Garen <ggaren@apple.com> on 2009-09-28
      Reviewed by Darin Adler.
      
      JavaScriptCore: 
      
      Added NotNullPassRefPtr, and deployed it in all places that initialize
      JavaScript objects.
              
      2.2% speedup on bench-allocate-nonretained.js.
      
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::JSCallbackConstructor):
      * API/JSCallbackConstructor.h:
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      (JSC::JSCallbackObject::JSCallbackObject):
      * JavaScriptCore.exp:
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::addFunctionDecl):
      (JSC::CodeBlock::addFunctionExpr):
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::ArrayConstructor):
      * runtime/ArrayConstructor.h:
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::ArrayPrototype):
      * runtime/ArrayPrototype.h:
      * runtime/BooleanConstructor.cpp:
      (JSC::BooleanConstructor::BooleanConstructor):
      * runtime/BooleanConstructor.h:
      * runtime/BooleanObject.cpp:
      (JSC::BooleanObject::BooleanObject):
      * runtime/BooleanObject.h:
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::BooleanPrototype):
      * runtime/BooleanPrototype.h:
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::DateConstructor):
      * runtime/DateConstructor.h:
      * runtime/DateInstance.cpp:
      (JSC::DateInstance::DateInstance):
      * runtime/DateInstance.h:
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::DatePrototype):
      * runtime/DatePrototype.h:
      * runtime/ErrorConstructor.cpp:
      (JSC::ErrorConstructor::ErrorConstructor):
      * runtime/ErrorConstructor.h:
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      * runtime/ErrorInstance.h:
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::ErrorPrototype):
      * runtime/ErrorPrototype.h:
      * runtime/FunctionConstructor.cpp:
      (JSC::FunctionConstructor::FunctionConstructor):
      * runtime/FunctionConstructor.h:
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::FunctionPrototype):
      * runtime/FunctionPrototype.h:
      * runtime/GlobalEvalFunction.cpp:
      (JSC::GlobalEvalFunction::GlobalEvalFunction):
      * runtime/GlobalEvalFunction.h:
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::InternalFunction):
      * runtime/InternalFunction.h:
      (JSC::InternalFunction::InternalFunction):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::JSActivation):
      * runtime/JSActivation.h:
      (JSC::JSActivation::JSActivationData::JSActivationData):
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::JSByteArray):
      * runtime/JSByteArray.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::JSFunction):
      * runtime/JSFunction.h:
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::JSGlobalObject):
      * runtime/JSONObject.h:
      (JSC::JSONObject::JSONObject):
      * runtime/JSObject.h:
      (JSC::JSObject::JSObject):
      (JSC::JSObject::setStructure):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/JSWrapperObject.h:
      (JSC::JSWrapperObject::JSWrapperObject):
      * runtime/MathObject.cpp:
      (JSC::MathObject::MathObject):
      * runtime/MathObject.h:
      * runtime/NativeErrorConstructor.cpp:
      (JSC::NativeErrorConstructor::NativeErrorConstructor):
      * runtime/NativeErrorConstructor.h:
      * runtime/NativeErrorPrototype.cpp:
      (JSC::NativeErrorPrototype::NativeErrorPrototype):
      * runtime/NativeErrorPrototype.h:
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::NumberConstructor):
      * runtime/NumberConstructor.h:
      * runtime/NumberObject.cpp:
      (JSC::NumberObject::NumberObject):
      * runtime/NumberObject.h:
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::NumberPrototype):
      * runtime/NumberPrototype.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::ObjectConstructor):
      * runtime/ObjectConstructor.h:
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      * runtime/ObjectPrototype.h:
      * runtime/PropertyNameArray.h:
      (JSC::PropertyNameArrayData::setCachedPrototypeChain):
      * runtime/PrototypeFunction.cpp:
      (JSC::PrototypeFunction::PrototypeFunction):
      * runtime/PrototypeFunction.h:
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::RegExpConstructor):
      * runtime/RegExpConstructor.h:
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::RegExpObject):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::RegExpPrototype):
      * runtime/RegExpPrototype.h:
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::StringConstructor):
      * runtime/StringConstructor.h:
      * runtime/StringObject.cpp:
      (JSC::StringObject::StringObject):
      * runtime/StringObject.h:
      * runtime/StringObjectThatMasqueradesAsUndefined.h:
      (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::StringPrototype):
      * runtime/StringPrototype.h:
      * wtf/PassRefPtr.h:
      (WTF::NotNullPassRefPtr::NotNullPassRefPtr):
      (WTF::NotNullPassRefPtr::~NotNullPassRefPtr):
      (WTF::NotNullPassRefPtr::get):
      (WTF::NotNullPassRefPtr::clear):
      (WTF::NotNullPassRefPtr::releaseRef):
      (WTF::NotNullPassRefPtr::operator*):
      (WTF::NotNullPassRefPtr::operator->):
      (WTF::NotNullPassRefPtr::operator!):
      (WTF::NotNullPassRefPtr::operator UnspecifiedBoolType):
      * wtf/RefPtr.h:
      (WTF::RefPtr::RefPtr):
      (WTF::operator==):
      
      WebCore: 
      
      Added NotNullPassRefPtr, and deployed it in all places that initialize
      JavaScript objects.
      
      * bindings/js/DOMObjectWithSVGContext.h:
      (WebCore::DOMObjectWithSVGContext::DOMObjectWithSVGContext):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::cacheDOMStructure):
      * bindings/js/JSDOMBinding.h:
      (WebCore::DOMObject::DOMObject):
      (WebCore::DOMObjectWithGlobalPointer::DOMObjectWithGlobalPointer):
      (WebCore::DOMConstructorObject::DOMConstructorObject):
      (WebCore::DOMConstructorWithDocument::DOMConstructorWithDocument):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
      * bindings/js/JSDOMGlobalObject.h:
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::JSDOMWindowBase):
      * bindings/js/JSDOMWindowBase.h:
      * bindings/js/JSHTMLAllCollection.h:
      (WebCore::JSHTMLAllCollection::JSHTMLAllCollection):
      * bindings/js/JSInspectedObjectWrapper.cpp:
      (WebCore::JSInspectedObjectWrapper::JSInspectedObjectWrapper):
      * bindings/js/JSInspectedObjectWrapper.h:
      * bindings/js/JSInspectorCallbackWrapper.cpp:
      (WebCore::JSInspectorCallbackWrapper::JSInspectorCallbackWrapper):
      * bindings/js/JSInspectorCallbackWrapper.h:
      * bindings/js/JSQuarantinedObjectWrapper.cpp:
      (WebCore::JSQuarantinedObjectWrapper::JSQuarantinedObjectWrapper):
      * bindings/js/JSQuarantinedObjectWrapper.h:
      * bindings/js/JSWorkerContextBase.cpp:
      (WebCore::JSWorkerContextBase::JSWorkerContextBase):
      * bindings/js/JSWorkerContextBase.h:
      * bindings/scripts/CodeGeneratorJS.pm:
      * bridge/runtime_object.cpp:
      (JSC::RuntimeObjectImp::RuntimeObjectImp):
      * bridge/runtime_object.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@48836 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6740e6f2
  26. 25 Sep, 2009 1 commit
    • ggaren@apple.com's avatar
      JavaScriptCore: Inlined some object creation code, including lexicalGlobalObject access · d5428d36
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=29750
              
      Patch by Geoffrey Garen <ggaren@apple.com> on 2009-09-25
      Reviewed by Darin Adler.
      
      SunSpider says 0.5% faster.
              
      0.8% speedup on bench-alloc-nonretained.js.
      2.5% speedup on v8-splay.js.
      
      * interpreter/CachedCall.h:
      (JSC::CachedCall::CachedCall):
      * interpreter/CallFrame.h:
      (JSC::ExecState::lexicalGlobalObject):
      (JSC::ExecState::globalThisValue):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::dumpRegisters):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/FunctionConstructor.cpp:
      (JSC::constructFunction):
      * runtime/ScopeChain.cpp:
      (JSC::ScopeChainNode::print):
      * runtime/ScopeChain.h:
      (JSC::ScopeChainNode::ScopeChainNode):
      (JSC::ScopeChainNode::~ScopeChainNode):
      (JSC::ScopeChainNode::push):
      (JSC::ScopeChain::ScopeChain):
      (JSC::ScopeChain::globalObject): Added a globalObject data member to ScopeChainNode.
      Replaced accessor function for globalObject() with data member. Replaced
      globalThisObject() accessor with direct access to globalThis, to match.
      
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::init):
      * runtime/JSGlobalObject.h: Inlined array and object construction.
      
      WebCore: Inlined some object creation code, including lexicalGlobalObject access
      https://bugs.webkit.org/show_bug.cgi?id=29750
      
      Patch by Geoffrey Garen <ggaren@apple.com> on 2009-09-25
      Reviewed by Darin Adler.
      
      * bindings/js/JSInspectorBackendCustom.cpp:
      (WebCore::JSInspectorBackend::currentCallFrame):
      * inspector/JavaScriptDebugServer.cpp:
      (WebCore::JavaScriptDebugServer::hasBreakpoint): Updated for JavaScriptCore
      API changes.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@48774 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d5428d36
  27. 18 Sep, 2009 1 commit
  28. 12 Sep, 2009 1 commit
    • oliver@apple.com's avatar
      [ES5] Implement Object.keys · d1f19755
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=29170
      
      Reviewed by Maciej Stachowiak.
      
      This patch basically requires two separate steps, the first is to split getPropertyNames
      into two functions -- getOwnPropertyNames and getPropertyNames, basically making them behave
      in the same way as getOwnPropertySlot and getPropertySlot.  In essence getOwnPropertyNames
      produces the list of properties on an object excluding its prototype chain and getPropertyNames
      just iterates the the object and its prototype chain calling getOwnPropertyNames at each level.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@48336 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d1f19755
  29. 26 Aug, 2009 1 commit
    • oliver@apple.com's avatar
      [ES5] Implement getOwnPropertyDescriptor · 4b4f785d
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=28724
      
      Reviewed by Gavin Barraclough.
      
      JavaScriptCore:
      Implement the core runtime support for getOwnPropertyDescriptor.
      This adds a virtual getOwnPropertyDescriptor method to every class
      that implements getOwnPropertySlot that shadows the behaviour of
      getOwnPropertySlot.  The alternative would be to make getOwnPropertySlot
      (or PropertySlots in general) provide property attribute information,
      but quick testing showed this to be a regression.
      
      WebCore:
      Implement the WebCore side of getOwnPropertyDescriptor.  This
      requires a custom implementation of getOwnPropertyDescriptor
      for every class with a custom implementation of getOwnPropertySlot.
      
      The bindings generator has been updated to generate appropriate
      versions of getOwnPropertyDescriptor for the general case where
      a custom getOwnPropertyDescriptor is not needed.  ES5 is vague
      about how getOwnPropertyDescriptor should work in the context of
      "host" functions with polymorphic [[GetOwnProperty]], so it seems
      okay that occasionally we "guess" what attributes -- eg. determining
      whether a property is writable.
      
      Test: fast/js/getOwnPropertyDescriptor.html
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@47780 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4b4f785d
  30. 21 Aug, 2009 1 commit
  31. 13 Aug, 2009 2 commits
  32. 12 Aug, 2009 1 commit
  33. 10 Aug, 2009 1 commit
    • oliver@apple.com's avatar
      Stack overflow crash in JavaScript garbage collector mark pass · 5fca29f7
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=12216
      
      Reviewed by Gavin Barraclough and Sam Weinig
      
      Make the GC mark phase iterative by using an explicit mark stack.
      To do this marking any single object is performed in multiple stages
        * The object is appended to the MarkStack, this sets the marked
          bit for the object using the new markDirect() function, and then
          returns
        * When the MarkStack is drain()ed the object is popped off the stack
          and markChildren(MarkStack&) is called on the object to collect
          all of its children.  drain() then repeats until the stack is empty.
      
      Additionally I renamed a number of methods from 'mark' to 'markAggregate'
      in order to make it more clear that marking of those object was not
      going to result in an actual recursive mark.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@47022 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5fca29f7
  34. 30 Jul, 2009 1 commit