1. 09 Sep, 2012 2 commits
    • paroga@webkit.org's avatar
      Add StringBuilder::appendNumber() and use it · 4d255977
      paroga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96030
      
      Reviewed by Eric Seidel.
      
      Also fix a bunch of append() vs. appendLiteral() issues in the surrounding code.
      
      Source/JavaScriptCore:
      
      * API/JSContextRef.cpp:
      (JSContextCreateBacktrace):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * interpreter/Interpreter.h:
      (JSC::StackFrame::toString):
      
      Source/WebCore:
      
      * Modules/websockets/WebSocketHandshake.cpp:
      (WebCore::hostName):
      * bindings/v8/ScriptController.cpp:
      (WebCore::resourceString):
      * css/FontFeatureValue.cpp:
      (WebCore::FontFeatureValue::customCssText):
      * dom/Position.cpp:
      (WebCore::Position::formatForDebugger):
      * dom/Range.cpp:
      (WebCore::Range::formatForDebugger):
      * html/FormController.cpp:
      (WebCore::FormKeyGenerator::formKey):
      * html/HTMLAnchorElement.cpp:
      (WebCore::appendServerMapMousePosition):
      * html/canvas/CanvasRenderingContext2D.cpp:
      (WebCore::CanvasRenderingContext2D::font):
      * inspector/IdentifiersFactory.cpp:
      (WebCore::IdentifiersFactory::addProcessIdPrefixTo):
      * page/FrameTree.cpp:
      (WebCore::FrameTree::uniqueChildName):
      * page/SecurityOrigin.cpp:
      (WebCore::SecurityOrigin::toRawString):
      * platform/Decimal.cpp:
      (WebCore::Decimal::toString):
      * platform/network/ProxyServer.cpp:
      (WebCore::appendProxyServerString):
      * platform/text/TextStream.cpp:
      (WebCore::TextStream::operator<<):
      * platform/text/TextStream.h:
      * rendering/RenderTreeAsText.cpp:
      (WebCore::nodePosition):
      * xml/XMLErrors.cpp:
      (WebCore::XMLErrors::appendErrorMessage):
      
      Source/WTF:
      
      * wtf/DateMath.cpp:
      (WTF::makeRFC2822DateString):
      * wtf/text/StringBuilder.cpp:
      (WTF::StringBuilder::appendNumber):
      * wtf/text/StringBuilder.h:
      (StringBuilder):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128014 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4d255977
    • paroga@webkit.org's avatar
      Make the String initialization on the function side of String::number() · 93e6a741
      paroga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=95940
      
      Reviewed by Benjamin Poulain.
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      Source/WebKit2:
      
      * win/WebKit2.def:
      * win/WebKit2CFLite.def:
      
      Source/WTF:
      
      Un-Inline String::number() to make the String initialization done on the function side
      instead of being on the caller side.
      
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/CMakeLists.txt:
      * wtf/text/IntegerToStringConversion.cpp: Removed.
      * wtf/text/IntegerToStringConversion.h:
      (WTF::numberToStringImpl):
      (WTF::numberToStringSigned):
      (WTF::numberToStringUnsigned):
      * wtf/text/WTFString.cpp:
      (WTF::String::number):
      * wtf/text/WTFString.h:
      
      Tools:
      
      * TestWebKitAPI/Tests/WTF/IntegerToStringConversion.cpp:
      (testBoundaries):
      (testNumbers):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127991 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      93e6a741
  2. 31 Aug, 2012 2 commits
  3. 30 Aug, 2012 4 commits
    • ggaren@apple.com's avatar
      Second step toward fixing the Windows build: Add new symbols. · 453907a4
      ggaren@apple.com authored
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127207 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      453907a4
    • ggaren@apple.com's avatar
      First step toward fixing the Windows build: Remove old symbols. · 4faafb27
      ggaren@apple.com authored
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127204 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4faafb27
    • ggaren@apple.com's avatar
      Use one object instead of two for closures, eliminating ScopeChainNode · b11e7874
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=95501
      
      Reviewed by Filip Pizlo.
      
      ../JavaScriptCore: 
      
      This patch removes ScopeChainNode, and moves all the data and related
      functions that used to be in ScopeChainNode into JSScope.
      
      Most of this patch is mechanical changes to use a JSScope* where we used
      to use a ScopeChainNode*. I've only specifically commented about items
      that were non-mechanical.
      
      * runtime/Completion.cpp:
      (JSC::evaluate):
      * runtime/Completion.h: Don't require an explicit scope chain argument
      when evaluating code. Clients never wanted anything other than the
      global scope, and other arbitrary scopes probably wouldn't work
      correctly, anyway.
      
      * runtime/JSScope.cpp:
      * runtime/JSScope.h:
      (JSC::JSScope::JSScope): JSScope now requires the data we used to pass to
      ScopeChainNode, so it can link itself into the scope chain correctly.
      
      * runtime/JSWithScope.h:
      (JSC::JSWithScope::create):
      (JSC::JSWithScope::JSWithScope): JSWithScope gets an extra constructor
      for specifically supplying your own scope chain. The DOM needs this
      interface for setting up the scope chain for certain event handlers.
      Other clients always just push the JSWithScope to the head of the current
      scope chain.
      
      ../WebCore: 
      
      Mechanical changes to update for JSC interface changes.
      
      ../WebKit/mac: 
      
      Mechanical change to update for JSC interface change.
      
      ../WebKit/qt: 
      
      Mechanical change to update for JSC interface change.
      
      * Api/qwebelement.cpp:
      (QWebElement::evaluateJavaScript):
      
      ../WebKit2: 
      
      Mechanical changes to update for JSC interface change.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127202 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b11e7874
    • benjamin@webkit.org's avatar
      Replace JSC::UString by WTF::String · cff06e46
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=95271
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-08-30
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      Having JSC::UString and WTF::String increase the complexity of working on WebKit, and
      add useless conversions in the bindings. It also cause some code bloat.
      
      The performance advantages of UString have been ported over in previous patches. This patch
      is the last step: getting rid of UString.
      
      In addition to the simplified code, this also reduce the binary size by 15kb on x86_64.
      
      * API/OpaqueJSString.cpp:
      (OpaqueJSString::ustring):
      * runtime/Identifier.h:
      (JSC::Identifier::ustring):
      To avoid changing everything at once, the function named ustring() were kept as is. They
      will be renamed in a follow up patch.
      
      * runtime/JSString.h:
      (JSC::JSString::string):
      (JSC::JSValue::toWTFString):
      (JSC::inlineJSValueNotStringtoString):
      (JSC::JSValue::toWTFStringInline):
      Since JSValue::toString() already exist (and return the JSString), the direct accessor is renamed
      to ::toWTFString(). We may change ::string() to ::jsString() and ::toWTFString() to ::toString()
      in the future.
      
      * runtime/StringPrototype.cpp:
      (JSC::substituteBackreferencesSlow): Replace the use of UString::getCharacters<>() by String::getCharactersWithUpconvert<>().
      
      Source/WebCore: 
      
      Update the code to use String instead of UString.
      
      On x86_64, this reduces the binary size by 22kb.
      
      Since it is no longer possible to differenciate JSC::jsString() and WebCore::jsString() by the input
      types, WebCore::jsString() is renated to WebCore::jsStringWithCache().
      
      Since the cache is using a PtrHash, JSC::jsString() is used in place of the old WebCore::jsString() when
      the string is generated locally. This is because the cache can never match in those cases.
      
      Source/WebKit/blackberry: 
      
      Replace UString by String.
      
      * WebCoreSupport/ClientExtension.cpp:
      * WebCoreSupport/PagePopupBlackBerry.cpp:
      (WebCore::PagePopupBlackBerry::installDomFunction):
      
      Source/WebKit/efl: 
      
      Replace UString by String.
      
      * WebCoreSupport/DumpRenderTreeSupportEfl.cpp:
      (DumpRenderTreeSupportEfl::sendWebIntentResponse):
      * ewk/ewk_frame.cpp:
      (ewk_frame_script_execute):
      
      Source/WebKit/gtk: 
      
      Replace UString by String.
      
      * gdom/ConvertToGCharPrivate.h:
      (copyAsGchar):
      
      Source/WebKit/mac: 
      
      Get rid of UString, replace it by String, and simplify the code when possible.
      
      On x86_64, this reduces the binary size by 7kb.
      
      * Plugins/Hosted/NetscapePluginHostProxy.mm:
      (identifierFromIdentifierRep):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      (WebKit::NetscapePluginInstanceProxy::moveGlobalExceptionToExecState):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::create):
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::getPropertyNames):
      (WebKit::ProxyInstance::methodsNamed):
      (WebKit::ProxyInstance::fieldNamed):
      * WebView/WebFrame.mm:
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:forceUserGesture:]):
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]):
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame functionName]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebScriptDebugger.h:
      (WTF):
      (JSC):
      (WebScriptDebugger):
      * WebView/WebScriptDebugger.mm:
      (toNSURL):
      (WebScriptDebugger::sourceParsed):
      * WebView/WebView.mm:
      (aeDescFromJSValue):
      
      Source/WebKit/qt: 
      
      Replace UString by String.
      
      * Api/qwebelement.cpp:
      (QWebElement::evaluateJavaScript):
      
      Source/WebKit/win: 
      
      Replace UString by String.
      
      * WebFrame.cpp:
      (WebFrame::stringByEvaluatingJavaScriptInScriptWorld):
      * WebView.cpp:
      (WebView::stringByEvaluatingJavaScriptFromString):
      
      Source/WebKit/wx: 
      
      Update the #includes to use the correct types.
      
      * WebFrame.cpp:
      * WebView.cpp:
      
      Source/WebKit2: 
      
      Update to code to switch from UString to String.
      
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::finishCreation):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::create):
      (JSNPMethod):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::npIdentifierFromIdentifier):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::evaluate):
      (WebKit::NPRuntimeObjectMap::moveGlobalExceptionToExecState):
      
      Source/WTF: 
      
      * wtf/Platform.h: Useless edit to force a full build. This is needed for some bots for some reason.
      * wtf/text/WTFString.h: Export a symbol that was exported on UString and needed in WebCore.
      
      Add String::getCharactersWithUpconvert<>(), which is similar to String::getCharacters<>() but with the same
      behaviors as UString::getCharacters<>().
      
      String::getCharactersWithUpconvert<>() is useful when manipulating multiple strings, it allow writting code
      using 16bits characters if any of the input String is not 8bit.
      
      Tools: 
      
      Get rid of UString.
      
      * DumpRenderTree/efl/WorkQueueItemEfl.cpp:
      * gdb/webkit.py:
      (WTFStringPrinter.to_string):
      (JSCIdentifierPrinter.to_string):
      (JSCJSStringPrinter.to_string):
      (add_pretty_printers):
      
      Websites/webkit.org: 
      
      Update the coding style to avoid mentioning a class that no longer exist.
      
      * coding/coding-style.html:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127191 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cff06e46
  4. 29 Aug, 2012 1 commit
  5. 24 Aug, 2012 1 commit
    • benjamin@webkit.org's avatar
      Unify Number to StringImpl conversion · 2cc62bc6
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=94879
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-08-24
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * runtime/UString.cpp:
      * runtime/UString.h:
      (JSC::UString::number):
      Update UString to directly use the common NumberToString implementation.
      
      Source/WebKit2: 
      
      * win/WebKit2.def: Update the exported symbols.
      
      Source/WTF: 
      
      Previously, UString::number() and String::number() used different implementations.
      
      WTF::String::number() was simply forwarding to String::format().
      UString::number() had an optimized version of the conversion.
      
      This patch replace both implementation by a new version, faster than the two previous versions.
      
      The new functions numberToStringImpl improvements are:
      -about 3 times faster than String::number().
      -14% faster than UString::number() on signed numbers.
      -9% faster than UString::number() on unsigned numbers.
      
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/CMakeLists.txt:
      * wtf/text/IntegerToStringConversion.cpp: Added.
      (WTF::numberToStringImplSigned):
      (WTF::numberToStringImpl):
      (WTF::numberToStringImplUnsigned):
      * wtf/text/IntegerToStringConversion.h: Added.
      * wtf/text/WTFString.cpp:
      (WTF::String::format):
      * wtf/text/WTFString.h:
      (WTF::String::number):
      
      Tools: 
      
      Add testing for the new IntegerToStringConversion.
      
      * TestWebKitAPI/CMakeLists.txt:
      * TestWebKitAPI/GNUmakefile.am:
      * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
      * TestWebKitAPI/Tests/WTF/IntegerToStringConversion.cpp: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@126658 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2cc62bc6
  6. 23 Aug, 2012 2 commits
    • mhahnenberg@apple.com's avatar
      Change behavior of MasqueradesAsUndefined to better accommodate DFG changes · 3b9069ce
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=93884
      
      Reviewed by Filip Pizlo.
      
      Source/JavaScriptCore: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of  
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines,  
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined  
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject).  
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not  
      masquerade as undefined within frame B, but it will continue to masquerade in frame A. 
      
      There are two primary changes that are taking place here. One is to thread the ExecState* through  
      JSValue::toBoolean and JSCell::toBoolean so that JSCell::toBoolean can check the object's  
      JSGlobalObject to compare it to the lexical JSGlobalObject of the currently running code. If the two  
      are distinct, then the object cannot MasqueradeAsUndefined. 
      
      The other change is to perform this comparison of JSGlobalObjects everywhere where the MasqueradesAsUndefined 
      flag in the Structure is checked. For C++ code, this check has been factored into its own function in  
      Structure::masqueradesAsUndefined. We only perform this check in the DFG if the current JSGlobalObject has  
      had a MasqueradesAsUndefined object allocated within its context. This conditional compilation is managed  
      through the use of a WatchpointSet in each JSGlobalObject and alternate create() functions for JS DOM wrappers 
      that are MasqueradesAsUndefined.
      
      * API/JSValueRef.cpp:
      (JSValueToBoolean):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * bytecode/Watchpoint.h:
      (WatchpointSet):
      * debugger/DebuggerCallFrame.h:
      (JSC::DebuggerCallFrame::callFrame):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::run):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_is_undefined):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_is_undefined):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncSome):
      * runtime/BooleanConstructor.cpp:
      (JSC::constructBoolean):
      (JSC::callBooleanConstructor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::masqueradesAsUndefinedWatchpoint):
      * runtime/JSString.h:
      (JSC::JSCell::toBoolean):
      (JSC::JSValue::toBoolean):
      * runtime/JSValue.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::toPropertyDescriptor):
      * runtime/Operations.cpp:
      (JSC::jsTypeStringForValue):
      (JSC::jsIsObjectType):
      * runtime/Operations.h:
      (JSC):
      (JSC::JSValue::equalSlowCaseInline):
      * runtime/RegExpConstructor.cpp:
      (JSC::setRegExpConstructorMultiline):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncToString):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::globalObjectOffset):
      (JSC::Structure::masqueradesAsUndefined):
      (JSC):
      
      Source/WebCore: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of  
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines,  
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined  
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject).  
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not  
      masquerade as undefined within frame B, but it will continue to masquerade in frame A. 
      
      Test: fast/js/document-all-between-frames.html
      
      All of the changes in WebCore are simply passing the additional ExecState argument to JSValue::toBoolean. 
      
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::addEventListener):
      (WebCore::JSDOMWindow::removeEventListener):
      * bindings/js/JSDataViewCustom.cpp:
      (WebCore::getDataViewMember):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent):
      * bindings/js/JSDeviceOrientationEventCustom.cpp:
      (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSHTMLCanvasElementCustom.cpp:
      (WebCore::JSHTMLCanvasElement::getContext):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::open):
      * bindings/js/JavaScriptCallFrame.cpp:
      (WebCore::JavaScriptCallFrame::exec):
      (WebCore):
      * bindings/js/JavaScriptCallFrame.h:
      (JavaScriptCallFrame):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::hasBreakpoint):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::dumpIfTerminal):
      * bindings/scripts/CodeGeneratorJS.pm: Also add the custom create function for MasqueradesAsUndefined JS DOM wrappers. 
      (GenerateEventListenerCall):
      (GenerateHeader):
      (JSValueToNative):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::create):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::setJSTestObjCreate):
      (WebCore::setJSTestObjReflectedBooleanAttr):
      (WebCore::setJSTestObjReflectedCustomBooleanAttr):
      (WebCore::jsTestObjPrototypeFunctionAddEventListener):
      (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::convertValueToJObject):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertValueToQVariant):
      
      Source/WebKit/mac: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of  
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines,  
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined  
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject).  
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not  
      masquerade as undefined within frame B, but it will continue to masquerade in frame A. 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::addValueToArray): Passing ExecState to toBoolean call.
      
      Source/WebKit2: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of  
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines,  
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined  
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject).  
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not  
      masquerade as undefined within frame B, but it will continue to masquerade in frame A.
      
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant): Passing ExecState to toBoolean call.
      
      LayoutTests: 
      
      Added a test that uses a variety of ways of checking whether something is correctly 
      masquerading as undefined (or not) in a subframe.
      
      * fast/js/document-all-between-frames-expected.txt: Added.
      * fast/js/document-all-between-frames.html: Added.
      * fast/js/resources/document-all-between-frames-subframe.html: Added.
      * platform/chromium/TestExpectations: Chromium treats document.all differently, so skip our new test.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@126494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3b9069ce
    • commit-queue@webkit.org's avatar
      Serialization of JavaScript values does not appear to respect new HTML5 Structured Clone semantics · 8ef2f563
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=65292
      
      Patch by Christophe Dumez <christophe.dumez@intel.com> on 2012-08-23
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore:
      
      Add function to construct a StringObject from a JSValue.
      Similar functions already exist for NumberObject and
      BooleanObject for example.
      
      Export several symbols so address linking errors in
      WebCore.
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * runtime/BooleanObject.h:
      (BooleanObject):
      * runtime/NumberObject.h:
      (NumberObject):
      (JSC):
      * runtime/StringObject.cpp:
      (JSC::constructString):
      (JSC):
      * runtime/StringObject.h:
      (JSC):
      
      Source/WebCore:
      
      JSC now correctly serialize Boolean, Number and String objects as per
      the structured clone algorithm specification. This patch reduces the
      delta with the V8 implementation of SerializedScriptValue.
      
      No new tests, already tested by fast/dom/Window/window-postmessage-clone.html
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore):
      (WebCore::CloneSerializer::dumpStringObject):
      (CloneSerializer):
      (WebCore::CloneSerializer::dumpIfTerminal):
      (WebCore::CloneDeserializer::readTerminal):
      
      LayoutTests:
      
      Update expected results for fast/dom/Window/window-postmessage-clone.html
      now that String, Boolean and Number object are correctly serialized with
      JSC.
      
      * fast/dom/Window/window-postmessage-clone-expected.txt:
      * platform/gtk/fast/dom/Window/window-postmessage-clone-expected.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@126464 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8ef2f563
  7. 15 Aug, 2012 2 commits
    • commit-queue@webkit.org's avatar
      Unreviewed, rolling out r125687. · 45974062
      commit-queue@webkit.org authored
      http://trac.webkit.org/changeset/125687
      https://bugs.webkit.org/show_bug.cgi?id=94147
      
      It broke the whole world (Requested by Ossy_night on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-08-15
      
      Source/JavaScriptCore:
      
      * API/JSValueRef.cpp:
      (JSValueToBoolean):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * bytecode/Watchpoint.h:
      (WatchpointSet):
      * debugger/DebuggerCallFrame.h:
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::run):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_is_undefined):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_is_undefined):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncSome):
      * runtime/BooleanConstructor.cpp:
      (JSC::constructBoolean):
      (JSC::callBooleanConstructor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      * runtime/JSString.h:
      (JSC::JSCell::toBoolean):
      (JSC::JSValue::toBoolean):
      * runtime/JSValue.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::toPropertyDescriptor):
      * runtime/Operations.cpp:
      (JSC::jsTypeStringForValue):
      (JSC::jsIsObjectType):
      * runtime/Operations.h:
      (JSC):
      (JSC::JSValue::equalSlowCaseInline):
      * runtime/RegExpConstructor.cpp:
      (JSC::setRegExpConstructorMultiline):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncToString):
      * runtime/Structure.h:
      
      Source/WebCore:
      
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::addEventListener):
      (WebCore::JSDOMWindow::removeEventListener):
      * bindings/js/JSDataViewCustom.cpp:
      (WebCore::getDataViewMember):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent):
      * bindings/js/JSDeviceOrientationEventCustom.cpp:
      (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSDirectoryEntryCustom.cpp:
      (WebCore::JSDirectoryEntry::getFile):
      (WebCore::JSDirectoryEntry::getDirectory):
      * bindings/js/JSDirectoryEntrySyncCustom.cpp:
      (WebCore::getFlags):
      * bindings/js/JSHTMLCanvasElementCustom.cpp:
      (WebCore::JSHTMLCanvasElement::getContext):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::open):
      * bindings/js/JavaScriptCallFrame.cpp:
      * bindings/js/JavaScriptCallFrame.h:
      (JavaScriptCallFrame):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::hasBreakpoint):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateEventListenerCall):
      (GenerateHeader):
      (JSValueToNative):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::create):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::setJSTestObjCreate):
      (WebCore::setJSTestObjReflectedBooleanAttr):
      (WebCore::setJSTestObjReflectedCustomBooleanAttr):
      (WebCore::jsTestObjPrototypeFunctionAddEventListener):
      (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::convertValueToJObject):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertValueToQVariant):
      
      Source/WebKit/mac:
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      
      Source/WebKit2:
      
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      
      LayoutTests:
      
      * fast/js/document-all-between-frames-expected.txt: Removed.
      * fast/js/document-all-between-frames.html: Removed.
      * fast/js/resources/document-all-between-frames-subframe.html: Removed.
      * platform/chromium/TestExpectations:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@125711 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      45974062
    • mhahnenberg@apple.com's avatar
      Change behavior of MasqueradesAsUndefined to better accommodate DFG changes · 35d5455b
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=93884
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of 
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines, 
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined 
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject). 
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not 
      masquerade as undefined within frame B, but it will continue to masquerade in frame A.
      
      There are two primary changes that are taking place here. One is to thread the ExecState* through 
      JSValue::toBoolean and JSCell::toBoolean so that JSCell::toBoolean can check the object's 
      JSGlobalObject to compare it to the lexical JSGlobalObject of the currently running code. If the two 
      are distinct, then the object cannot MasqueradeAsUndefined.
      
      The other change is to perform this comparison of JSGlobalObjects everywhere where the MasqueradesAsUndefined
      flag in the Structure is checked. For C++ code, this check has been factored into its own function in 
      Structure::masqueradesAsUndefined. We only perform this check in the DFG if the current JSGlobalObject has 
      had a MasqueradesAsUndefined object allocated within its context. This conditional compilation is managed 
      through the use of a WatchpointSet in each JSGlobalObject and alternate create() functions for JS DOM wrappers
      that are MasqueradesAsUndefined.
      
      * API/JSValueRef.cpp:
      (JSValueToBoolean):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * bytecode/Watchpoint.h:
      (WatchpointSet):
      * debugger/DebuggerCallFrame.h:
      (JSC::DebuggerCallFrame::callFrame):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::run):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_is_undefined):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_is_undefined):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncSome):
      * runtime/BooleanConstructor.cpp:
      (JSC::constructBoolean):
      (JSC::callBooleanConstructor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::masqueradesAsUndefinedWatchpoint):
      * runtime/JSString.h:
      (JSC::JSCell::toBoolean):
      (JSC::JSValue::toBoolean):
      * runtime/JSValue.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::toPropertyDescriptor):
      * runtime/Operations.cpp:
      (JSC::jsTypeStringForValue):
      (JSC::jsIsObjectType):
      * runtime/Operations.h:
      (JSC):
      (JSC::JSValue::equalSlowCaseInline):
      * runtime/RegExpConstructor.cpp:
      (JSC::setRegExpConstructorMultiline):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncToString):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::globalObjectOffset):
      (JSC::Structure::masqueradesAsUndefined):
      (JSC):
      
      Source/WebCore: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of 
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines, 
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined 
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject). 
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not 
      masquerade as undefined within frame B, but it will continue to masquerade in frame A.
      
      Test: fast/js/document-all-between-frames.html
      
      All of the changes in WebCore are simply passing the additional ExecState argument to JSValue::toBoolean.
      
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::addEventListener):
      (WebCore::JSDOMWindow::removeEventListener):
      * bindings/js/JSDataViewCustom.cpp:
      (WebCore::getDataViewMember):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent):
      * bindings/js/JSDeviceOrientationEventCustom.cpp:
      (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSDirectoryEntryCustom.cpp:
      (WebCore::JSDirectoryEntry::getFile):
      (WebCore::JSDirectoryEntry::getDirectory):
      * bindings/js/JSDirectoryEntrySyncCustom.cpp:
      (WebCore::getFlags):
      * bindings/js/JSHTMLCanvasElementCustom.cpp:
      (WebCore::JSHTMLCanvasElement::getContext):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::open):
      * bindings/js/JavaScriptCallFrame.cpp:
      (WebCore::JavaScriptCallFrame::exec):
      (WebCore):
      * bindings/js/JavaScriptCallFrame.h:
      (JavaScriptCallFrame):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::hasBreakpoint):
      * bindings/scripts/CodeGeneratorJS.pm: Also add the custom create function for MasqueradesAsUndefined JS DOM wrappers.
      (GenerateEventListenerCall):
      (GenerateHeader):
      (JSValueToNative):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::create):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::setJSTestObjCreate):
      (WebCore::setJSTestObjReflectedBooleanAttr):
      (WebCore::setJSTestObjReflectedCustomBooleanAttr):
      (WebCore::jsTestObjPrototypeFunctionAddEventListener):
      (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::convertValueToJObject):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertValueToQVariant):
      
      Source/WebKit/mac: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of 
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines, 
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined 
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject). 
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not 
      masquerade as undefined within frame B, but it will continue to masquerade in frame A.
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::addValueToArray): Passing ExecState to toBoolean call.
      
      Source/WebKit2: 
      
      With some upcoming changes to the DFG to remove uses of ClassInfo, we will be changing the behavior of 
      MasqueradesAsUndefined. In order to make this change consistent across all of our execution engines, 
      we will make this change to MasqueradesAsUndefined as a separate patch. After this patch, MasqueradesAsUndefined 
      objects will only masquerade as undefined in their original context (i.e. their original JSGlobalObject). 
      For example, if an object that masquerades as undefined in frame A is passed to frame B, it will not 
      masquerade as undefined within frame B, but it will continue to masquerade in frame A.
      
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant): Passing ExecState to toBoolean call.
      
      LayoutTests: 
      
      Added a test that uses a variety of ways of checking whether something is correctly 
      masquerading as undefined (or not) in a subframe.
      
      * fast/js/document-all-between-frames-expected.txt: Added.
      * fast/js/document-all-between-frames.html: Added.
      * fast/js/resources/document-all-between-frames-subframe.html: Added.
      * platform/chromium/TestExpectations: Chromium treats document.all differently, so skip our new test.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@125687 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      35d5455b
  8. 11 Aug, 2012 1 commit
    • benjamin@webkit.org's avatar
      Do the DecimalNumber to String conversion on 8 bits · 8e69866a
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=93683
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-08-11
      Reviewed by Andreas Kling.
      
      Source/WebCore: 
      
      Numbers converted to string for CSS are unlikely to ever be concatenated with a 16bits string.
      This patch change the conversion to be done to 8bits string in order to reduce memory allocations.
      
      * css/CSSPrimitiveValue.cpp:
      (WebCore::formatNumber):
      * inspector/InspectorValues.cpp:
      (WebCore::InspectorBasicValue::writeJSON):
      * platform/graphics/Color.cpp:
      (WebCore::Color::serialized): Instead of allocating a static WTF::String, we can simply append the
      string literal to the output vector.
      
      Source/WTF: 
      
      Modify DecimalNumber to do the conversion to string on LChar instead of UChar.
      
      * wtf/DecimalNumber.cpp:
      (WTF::DecimalNumber::toStringDecimal):
      (WTF::DecimalNumber::toStringExponential):
      * wtf/DecimalNumber.h:
      (DecimalNumber):
      * wtf/dtoa.h:
      * wtf/text/StringBuffer.h:
      (WTF::StringBuffer::operator[]): StringBuffer::operator[] was incorrectly typed to UChar, making
      the method impossible to instanciate with LChar.
      * wtf/text/WTFString.h:
      (String):
      (WTF::String::adopt): String::adopt() is modified to work with both LChar and UChar. StringImpl
      already support that.
      (WTF::appendNumber): Add support for any type that can instanciate the template.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@125357 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8e69866a
  9. 02 Aug, 2012 1 commit
  10. 01 Aug, 2012 1 commit
    • paroga@webkit.org's avatar
      Replace WTF::getCurrentLocalTime() with GregorianDateTime::setToCurrentLocalTime() · f3f2e131
      paroga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=92286
      
      Reviewed by Geoffrey Garen.
      
      Add a method to GregorianDateTime to set its values to the current locale time.
      Replacing all occurrences of getCurrentLocalTime with the new function allows
      us to remove getCurrentLocalTime in a next step.
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      Source/WebCore:
      
      * html/FTPDirectoryDocument.cpp:
      (WebCore::processFileDateString):
      * loader/archive/mhtml/MHTMLArchive.cpp:
      (WebCore::MHTMLArchive::generateMHTMLData):
      
      Source/WTF:
      
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/CMakeLists.txt:
      * wtf/DateMath.cpp:
      (WTF::dayInYear):
      * wtf/DateMath.h:
      (WTF):
      * wtf/GregorianDateTime.cpp: Added.
      (WTF):
      (WTF::GregorianDateTime::setToCurrentLocalTime):
      * wtf/GregorianDateTime.h:
      (GregorianDateTime):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@124365 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f3f2e131
  11. 31 Jul, 2012 1 commit
  12. 27 Jul, 2012 1 commit
    • jer.noble@apple.com's avatar
      Support a rational time class for use by media elements. · 50ecb28a
      jer.noble@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88787
      
      Source/JavaScriptCore:
      
      Re-export WTF::MediaTime from JavaScriptCore.
      
      Reviewed by Eric Carlson.
      
      * JavaScriptCore.order:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      Source/WTF:
      
      Reviewed by Eric Carlson.
      
      Add a new MediaTime class which implements rational math operations.
      
      Add common constructors and assignment operators:
      * wtf/MediaTime.cpp: Added.
      (WTF::MediaTime::MediaTime):
      (WTF::MediaTime::~MediaTime):
      (WTF::MediaTime::operator=):
      
      Add common math operators:
      * wtf/MediaTime.cpp:
      (WTF::MediaTime::operator+):
      (WTF::MediaTime::operator-):
      (WTF::MediaTime::operator<):
      (WTF::MediaTime::operator>):
      (WTF::MediaTime::operator==):
      (WTF::MediaTime::operator>=):
      (WTF::MediaTime::operator<=):
      
      Add functions to check the MeiaTime time type flags:
      * wtf/MediaTime.h:
      (WTF::MediaTime::isValid):
      (WTF::MediaTime::isInvalid):
      (WTF::MediaTime::hasBeenRounde):
      (WTF::MediaTime::isPositiveInfinite):
      (WTF::MediaTime::isNegativeInfinite):
      (WTF::MediaTime::isIndefinite):
      
      Add constants for commonly used MediaTime values:
      (WTF::MediaTime::zeroTime):
      (WTF::MediaTime::invalidTime):
      (WTF::MediaTime::positiveInfiniteTime):
      (WTF::MediaTime::negativeInfiniteTime):
      (WTF::MediaTime::indefiniteTime):
      
      Add explicit conversion functions to convert to and from floating point values.
      * wtf/MediaTime.cpp:
      (WTF::MediaTime::createWithFloat):
      (WTF::MediaTime::createWithDouble):
      (WTF::MediaTime::toFloat):
      (WTF::MediaTime::toDouble):
      
      Add some useful exported functions:
      * wtf/MediaTime.cpp:
      (WTF::MediaTime::compare): Master function for the comparison operators above.
      (WTF::MediaTime::setTimeScale): Rescale the time value to a new time scale.
      (WTF::abs): Return an absolute value for the current MediaTime.
      
      Static utility functions to implement the above:
      * wtf/MediaTime.cpp:
      (WTF::greatestCommonDivisor):
      (WTF::leastCommonMultiple):
      (WTF::signum):
      
      Windows-only implementations of isinf and signbit:
      * wtf/MediaTime.cpp:
      (std::isinf):
      (std::signbit):
      
      Add the new class to platform build files:
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      
      Tools:
      
      Add unit tests for the WTF::MediaTime class.
      
      Reviewed by Eric Carlson.
      
      * TestWebKitAPI/GNUmakefile.am:
      * TestWebKitAPI/TestWebKitAPI.gypi:
      * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
      * TestWebKitAPI/Tests/WTF/MediaTime.cpp: Added.
      * TestWebKitAPI/win/TestWebKitAPI.vcproj:
      (WTF::operator<<):
      (TestWebKitAPI):
      (TestWebKitAPI::TEST):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@123878 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      50ecb28a
  13. 24 Jul, 2012 1 commit
  14. 18 Jul, 2012 1 commit
    • oliver@apple.com's avatar
      dumpCallFrame is broken in ToT · a08210bc
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=91444
      
      Reviewed by Gavin Barraclough.
      
      Various changes have been made to the SF calling convention, but
      dumpCallFrame has not been updated to reflect these changes.
      That resulted in both bogus information, as well as numerous
      assertions of sadness.
      
      This patch makes dumpCallFrame actually work again and adds the
      wonderful feature of telling you the name of the variable that a
      register reflects, or what value it contains.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::nameForRegister):
          A really innefficient mechanism for finding the name of a local register.
          This should only ever be used by debug code so this should be okay.
      * bytecode/CodeBlock.h:
      (CodeBlock):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::generate):
          Debug builds no longer throw away a functions symbol table, this allows
          us to actually perform a register# to name mapping
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
          We weren't propogating the bytecode offset here leading to assertions
          in debug builds when dumping bytecode of DFG compiled code.
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::Interpreter::dumpRegisters):
           Rework to actually be correct.
      (JSC::getCallerInfo):
           Return the byteocde offset as well now, given we have to determine it
           anyway.
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      * interpreter/Interpreter.h:
      (Interpreter):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      (functionDumpCallFrame):
           Give debug builds of JSC a method for calling dumpCallFrame so we can
           inspect a callframe without requiring us to break in a debugger.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@123042 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a08210bc
  15. 16 Jul, 2012 2 commits
    • fpizlo@apple.com's avatar
      Unreviewed, roll out 122790 because it broke the Windows build. I'm not · 68bef1d1
      fpizlo@apple.com authored
      sure what to do with exported symbols that are predicated on NDEBUG.
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * bytecode/CodeBlock.cpp:
      (JSC):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::generate):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::Interpreter::dumpRegisters):
      (JSC::getCallerInfo):
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      * interpreter/Interpreter.h:
      (Interpreter):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@122795 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      68bef1d1
    • oliver@apple.com's avatar
      dumpCallFrame is broken in ToT · 0acb42b9
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=91444
      
      Reviewed by Gavin Barraclough.
      
      Various changes have been made to the SF calling convention, but
      dumpCallFrame has not been updated to reflect these changes.
      That resulted in both bogus information, as well as numerous
      assertions of sadness.
      
      This patch makes dumpCallFrame actually work again and adds the
      wonderful feature of telling you the name of the variable that a
      register reflects, or what value it contains.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::nameForRegister):
          A really innefficient mechanism for finding the name of a local register.
          This should only ever be used by debug code so this should be okay.
      * bytecode/CodeBlock.h:
      (CodeBlock):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::generate):
          Debug builds no longer throw away a functions symbol table, this allows
          us to actually perform a register# to name mapping
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
          We weren't propogating the bytecode offset here leading to assertions
          in debug builds when dumping bytecode of DFG compiled code.
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::Interpreter::dumpRegisters):
           Rework to actually be correct.
      (JSC::getCallerInfo):
           Return the byteocde offset as well now, given we have to determine it
           anyway.
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      * interpreter/Interpreter.h:
      (Interpreter):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      (functionDumpCallFrame):
           Give debug builds of JSC a method for calling dumpCallFrame so we can
           inspect a callframe without requiring us to break in a debugger.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@122790 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0acb42b9
  16. 13 Jul, 2012 1 commit
    • wangxianzhu@chromium.org's avatar
      Move WebCore/platform/text/Base64 to WTF/wtf/text · d62b6c81
      wangxianzhu@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=91162
      
      Reviewed by Adam Barth.
      
      Source/WebCore:
      
      No new tests. Files moving only.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * Modules/websockets/WebSocketHandshake.cpp:
      (WebCore::generateSecWebSocketKey):
      (WebCore::WebSocketHandshake::getExpectedWebSocketAccept):
      * Target.pri:
      * WebCore.gypi:
      * WebCore.order:
      * WebCore.vcproj/WebCore.vcproj:
      * WebCore.xcodeproj/project.pbxproj:
      * fileapi/FileReaderLoader.cpp:
      (WebCore::FileReaderLoader::convertToDataURL):
      * inspector/DOMPatchSupport.cpp:
      (WebCore::DOMPatchSupport::createDigest):
      * inspector/InspectorFileSystemAgent.cpp:
      (WebCore):
      * inspector/InspectorPageAgent.cpp:
      (WebCore::InspectorPageAgent::cachedResourceContent):
      (WebCore::InspectorPageAgent::sharedBufferContent):
      * loader/archive/mhtml/MHTMLArchive.cpp:
      (WebCore::MHTMLArchive::generateMHTMLData):
      * loader/archive/mhtml/MHTMLParser.cpp:
      (WebCore::MHTMLParser::parseNextPart):
      * page/DOMWindow.cpp:
      (WebCore::DOMWindow::btoa):
      (WebCore::DOMWindow::atob):
      * page/Page.cpp:
      (WebCore::Page::userStyleSheetLocationChanged):
      * platform/graphics/cairo/ImageBufferCairo.cpp:
      (WebCore::ImageBuffer::toDataURL):
      * platform/graphics/cg/ImageBufferCG.cpp:
      (WebCore::CGImageToDataURL):
      * platform/graphics/gtk/ImageBufferGtk.cpp:
      (WebCore::ImageBuffer::toDataURL):
      * platform/graphics/skia/FontCustomPlatformData.cpp:
      (WebCore::createUniqueFontName):
      * platform/graphics/skia/ImageBufferSkia.cpp:
      (WebCore::ImageBuffer::toDataURL):
      (WebCore::ImageDataToDataURL):
      * platform/graphics/win/FontCustomPlatformData.cpp:
      (WebCore::createUniqueFontName):
      * platform/graphics/wince/FontCustomPlatformData.cpp:
      (WebCore::createUniqueFontName):
      * platform/graphics/wince/ImageBufferWinCE.cpp:
      * platform/graphics/wx/ImageBufferWx.cpp:
      * platform/network/DataURL.cpp:
      (WebCore::handleDataURL):
      * platform/network/cf/ResourceHandleCFNet.cpp:
      (WebCore::applyBasicAuthorizationHeader):
      * platform/network/mac/ResourceHandleMac.mm:
      (WebCore::applyBasicAuthorizationHeader):
      * platform/network/soup/ResourceHandleSoup.cpp:
      * platform/win/SSLKeyGeneratorWin.cpp:
      (WebCore::WebCore::signedPublicKeyAndChallengeString):
      
      Source/WebKit/blackberry:
      
      * Api/WebKitTextCodec.cpp:
      (BlackBerry::WebKit::base64DecodePolicyForWTF):
      (BlackBerry::WebKit::base64Decode):
      (BlackBerry::WebKit::base64EncodePolicyForWTF):
      (BlackBerry::WebKit::base64Encode):
      * Api/WebSettings.cpp:
      (BlackBerry::WebKit::WebSettings::setUserStyleSheetString):
      * WebCoreSupport/FrameLoaderClientBlackBerry.cpp:
      
      Source/WTF:
      
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/CMakeLists.txt:
      * wtf/text/Base64.cpp: Renamed from Source/WebCore/platform/text/Base64.cpp.
      (WTF):
      (WTF::base64Encode):
      (WTF::base64Decode):
      (WTF::base64DecodeInternal):
      * wtf/text/Base64.h: Renamed from Source/WebCore/platform/text/Base64.h.
      (WTF):
      (WTF::base64Encode):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@122652 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d62b6c81
  17. 05 Jul, 2012 1 commit
    • fpizlo@apple.com's avatar
      Inline property storage should not be wasted when it is exhausted · d68b1f84
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=90347
      
      Reviewed by Gavin Barraclough.
              
      Previously, if we switched an object from using inline storage to out-of-line
      storage, we would abandon the inline storage. This would have two main implications:
      (i) all accesses to the object, even for properties that were previously in inline
      storage, must now take an extra indirection; and (ii) we waste a non-trivial amount
      of space since we must allocate additional out-of-line storage to hold properties
      that would have fit in the inline storage. There's also the copying cost when
      switching to out-of-line storage - we must copy all inline properties into ouf-of-line
      storage.
              
      This patch changes the way that object property storage works so that we can use both
      inline and out-of-line storage concurrently. This is accomplished by introducing a
      new notion of property offset. This PropertyOffset is a 32-bit signed integer and it
      behaves as follows:
              
      offset == -1: invalid offset, indicating a property that does not exist.
              
      0 <= offset <= inlineStorageCapacity: offset into inline storage.
              
      inlineStorageCapacity < offset: offset into out-of-line storage.
              
      Because non-final objects don't have inline storage, the only valid PropertyOffsets
      for those objects' properties are -1 or > inlineStorageCapacity.
              
      This now means that the decision to use inline or out-of-line storage for an access is
      made based on the offset, rather than the structure. It also means that any access
      where the offset is a variable must have an extra branch, unless the type of the
      object is also known (if it's known to be a non-final object then we can just assert
      that the offset is >= inlineStorageCapacity).
              
      This looks like a big Kraken speed-up and a slight V8 speed-up.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * assembler/ARMv7Assembler.h:
      (ARMv7Assembler):
      (JSC::ARMv7Assembler::ldrWide8BitImmediate):
      (JSC::ARMv7Assembler::replaceWithLoad):
      (JSC::ARMv7Assembler::replaceWithAddressComputation):
      * assembler/AbstractMacroAssembler.h:
      (AbstractMacroAssembler):
      (ConvertibleLoadLabel):
      (JSC::AbstractMacroAssembler::ConvertibleLoadLabel::ConvertibleLoadLabel):
      (JSC::AbstractMacroAssembler::ConvertibleLoadLabel::isSet):
      (JSC::AbstractMacroAssembler::labelIgnoringWatchpoints):
      (JSC::AbstractMacroAssembler::replaceWithLoad):
      (JSC::AbstractMacroAssembler::replaceWithAddressComputation):
      * assembler/CodeLocation.h:
      (JSC):
      (CodeLocationCommon):
      (CodeLocationConvertibleLoad):
      (JSC::CodeLocationConvertibleLoad::CodeLocationConvertibleLoad):
      (JSC::CodeLocationCommon::convertibleLoadAtOffset):
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      * assembler/LinkBuffer.h:
      (LinkBuffer):
      (JSC::LinkBuffer::locationOf):
      * assembler/MacroAssemblerARMv7.h:
      (MacroAssemblerARMv7):
      (JSC::MacroAssemblerARMv7::convertibleLoadPtr):
      * assembler/MacroAssemblerX86.h:
      (JSC::MacroAssemblerX86::convertibleLoadPtr):
      (MacroAssemblerX86):
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::convertibleLoadPtr):
      (MacroAssemblerX86_64):
      * assembler/RepatchBuffer.h:
      (RepatchBuffer):
      (JSC::RepatchBuffer::replaceWithLoad):
      (JSC::RepatchBuffer::replaceWithAddressComputation):
      (JSC::RepatchBuffer::setLoadInstructionIsActive):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::replaceWithLoad):
      (X86Assembler):
      (JSC::X86Assembler::replaceWithAddressComputation):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::printGetByIdOp):
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::finalizeUnconditionally):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::offset):
      (GetByIdStatus):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (JSC::PutByIdStatus::PutByIdStatus):
      (JSC::PutByIdStatus::offset):
      (PutByIdStatus):
      * bytecode/ResolveGlobalStatus.cpp:
      (JSC):
      (JSC::computeForStructure):
      * bytecode/ResolveGlobalStatus.h:
      (JSC::ResolveGlobalStatus::ResolveGlobalStatus):
      (JSC::ResolveGlobalStatus::offset):
      (ResolveGlobalStatus):
      * bytecode/StructureSet.h:
      (StructureSet):
      * bytecode/StructureStubInfo.h:
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::PropertyAccessRecord::PropertyAccessRecord):
      (PropertyAccessRecord):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::dfgRepatchByIdSelfAccess):
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::tryBuildGetByIDProtoList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryCachePutByID):
      (JSC::DFG::tryBuildPutByIdList):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::tryCacheGetByID):
      (JSC::Interpreter::privateExecute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::PropertyStubCompilationInfo::copyToStubInfo):
      * jit/JIT.h:
      (JSC::PropertyStubCompilationInfo::PropertyStubCompilationInfo):
      (JSC::JIT::compileGetByIdProto):
      (JSC::JIT::compileGetByIdSelfList):
      (JSC::JIT::compileGetByIdProtoList):
      (JSC::JIT::compileGetByIdChainList):
      (JSC::JIT::compileGetByIdChain):
      (JSC::JIT::compilePutByIdTransition):
      (JIT):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::emit_op_get_by_pname):
      * jit/JITStubs.cpp:
      (JSC::JITThunks::tryCacheGetByID):
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/x86.rb:
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::functionNameOffset):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitChildren):
      (JSC):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::put):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectLocation):
      (JSC::JSObject::hasInlineStorage):
      (JSC::JSObject::inlineStorageUnsafe):
      (JSC::JSObject::inlineStorage):
      (JSC::JSObject::outOfLineStorage):
      (JSC::JSObject::locationForOffset):
      (JSC::JSObject::offsetForLocation):
      (JSC::JSObject::getDirectOffset):
      (JSC::JSObject::putDirectOffset):
      (JSC::JSObject::putUndefinedAtDirectOffset):
      (JSC::JSObject::addressOfOutOfLineStorage):
      (JSC::JSObject::finishCreation):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSFinalObject):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSObject::offsetOfOutOfLineStorage):
      (JSC::JSObject::setOutOfLineStorage):
      (JSC::JSObject::JSObject):
      (JSC):
      (JSC::JSCell::fastGetOwnProperty):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::offsetRelativeToPatchedStorage):
      (JSC::indexRelativeToBase):
      (JSC::offsetRelativeToBase):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::getOffset):
      (JSC::JSPropertyNameIterator::finishCreation):
      * runtime/JSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      * runtime/Operations.h:
      (JSC::normalizePrototypeChain):
      * runtime/Options.cpp:
      (JSC):
      (JSC::Options::initialize):
      * runtime/PropertyMapHashTable.h:
      (PropertyMapEntry):
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (PropertyTable):
      (JSC::PropertyTable::PropertyTable):
      (JSC::PropertyTable::getDeletedOffset):
      (JSC::PropertyTable::addDeletedOffset):
      (JSC::PropertyTable::nextOffset):
      (JSC):
      (JSC::PropertyTable::sizeInMemory):
      * runtime/PropertyOffset.h: Added.
      (JSC):
      (JSC::checkOffset):
      (JSC::validateOffset):
      (JSC::isValidOffset):
      (JSC::isInlineOffset):
      (JSC::isOutOfLineOffset):
      (JSC::offsetInInlineStorage):
      (JSC::offsetInOutOfLineStorage):
      (JSC::offsetInRespectiveStorage):
      (JSC::numberOfOutOfLineSlotsForLastOffset):
      (JSC::numberOfSlotsForLastOffset):
      (JSC::nextPropertyOffsetFor):
      (JSC::firstPropertyOffsetFor):
      * runtime/PropertySlot.h:
      (JSC::PropertySlot::cachedOffset):
      (JSC::PropertySlot::setValue):
      (JSC::PropertySlot::setCacheableGetterSlot):
      (JSC::PropertySlot::clearOffset):
      * runtime/PutPropertySlot.h:
      (JSC::PutPropertySlot::setExistingProperty):
      (JSC::PutPropertySlot::setNewProperty):
      (JSC::PutPropertySlot::cachedOffset):
      (PutPropertySlot):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::nextOutOfLineStorageCapacity):
      (JSC::Structure::growOutOfLineCapacity):
      (JSC::Structure::suggestedNewOutOfLineStorageCapacity):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::copyPropertyTableForPinning):
      (JSC::Structure::get):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::remove):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::putWillGrowOutOfLineStorage):
      (JSC::Structure::previousID):
      (JSC::Structure::outOfLineCapacity):
      (JSC::Structure::outOfLineSizeForKnownFinalObject):
      (JSC::Structure::outOfLineSizeForKnownNonFinalObject):
      (JSC::Structure::outOfLineSize):
      (JSC::Structure::hasInlineStorage):
      (JSC::Structure::inlineCapacity):
      (JSC::Structure::inlineSizeForKnownFinalObject):
      (JSC::Structure::inlineSize):
      (JSC::Structure::totalStorageSize):
      (JSC::Structure::totalStorageCapacity):
      (JSC::Structure::firstValidOffset):
      (JSC::Structure::lastValidOffset):
      (JSC::Structure::isValidOffset):
      (JSC::Structure::isEmpty):
      (JSC::Structure::transitionCount):
      (JSC::Structure::get):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121925 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d68b1f84
  18. 03 Jul, 2012 1 commit
    • commit-queue@webkit.org's avatar
      Add ability to symbolically set and dump JSC VM options. · fbda60c5
      commit-queue@webkit.org authored
      See comments in runtime/Options.h for details on how the options work.
      https://bugs.webkit.org/show_bug.cgi?id=90420
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-07-03
      Reviewed by Filip Pizlo.
      
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      * assembler/LinkBuffer.h:
      (JSC):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::reoptimizationRetryCounter):
      (JSC::CodeBlock::countReoptimization):
      (JSC::CodeBlock::counterValueForOptimizeAfterWarmUp):
      (JSC::CodeBlock::counterValueForOptimizeAfterLongWarmUp):
      (JSC::CodeBlock::optimizeSoon):
      (JSC::CodeBlock::exitCountThresholdForReoptimization):
      (JSC::CodeBlock::exitCountThresholdForReoptimizationFromLoop):
      * bytecode/ExecutionCounter.h:
      (JSC::ExecutionCounter::clippedThreshold):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::mightCompileEval):
      (JSC::DFG::mightCompileProgram):
      (JSC::DFG::mightCompileFunctionForCall):
      (JSC::DFG::mightCompileFunctionForConstruct):
      (JSC::DFG::mightInlineFunctionForCall):
      (JSC::DFG::mightInlineFunctionForConstruct):
      * dfg/DFGCommon.h:
      (JSC::DFG::shouldShowDisassembly):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::shouldUseDoubleFormatAccordingToVote):
      * heap/MarkStack.cpp:
      (JSC::MarkStackSegmentAllocator::allocate):
      (JSC::MarkStackSegmentAllocator::shrinkReserve):
      (JSC::MarkStackArray::MarkStackArray):
      (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
      (JSC::SlotVisitor::donateKnownParallel):
      (JSC::SlotVisitor::drain):
      (JSC::SlotVisitor::drainFromShared):
      * heap/MarkStack.h:
      (JSC::MarkStack::mergeOpaqueRootsIfProfitable):
      (JSC::MarkStack::addOpaqueRoot):
      * heap/SlotVisitor.h:
      (JSC::SlotVisitor::donate):
      * jit/JIT.cpp:
      (JSC::JIT::emitOptimizationCheck):
      * jsc.cpp:
      (printUsageStatement):
      (parseArguments):
      * runtime/InitializeThreading.cpp:
      (JSC::initializeThreadingOnce):
      * runtime/JSGlobalData.cpp:
      (JSC::enableAssembler):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      * runtime/Options.cpp:
      (JSC):
      (JSC::overrideOptionWithHeuristic):
      (JSC::Options::initialize):
      (JSC::Options::setOption):
      (JSC::Options::dumpAllOptions):
      (JSC::Options::dumpOption):
      * runtime/Options.h:
      (JSC):
      (Options):
      (EntryInfo):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121798 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fbda60c5
  19. 28 Jun, 2012 1 commit
    • tkent@chromium.org's avatar
      Classify form control states by their owner forms · b53db041
      tkent@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=89950
      
      Reviewed by Hajime Morita.
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      Expose WTF::StringBuilder::canShrink()
      
      Source/WebCore:
      
      To improve robustness of the form state restore feature, we classify
      form control states by their owner forms. Owner forms are identified by
      their action URLs and index numbers in forms with the same action URLs.
      
      Implementation approach:
      Extend FormElementKey class to have "formKey" string, which is a
      combination of the action URL and an index number, or a fixed string for
      no form owner.
      FormKeyGenerator class is responsible to generate the "formKey" strings
      
      Test: fast/forms/state-restore-per-form.html
      
      * html/FormController.cpp:
      (FormKeyGenerator):
      (WebCore::FormKeyGenerator::create): A factory function.
      (WebCore::FormKeyGenerator::FormKeyGenerator): A private constructor.
      (WebCore::createKey):
      A helper for formKey(). This makes strings like "<action URL> #<index>".
      (WebCore::FormKeyGenerator::formKey):
      Returns a formKey for the specified HTMLFormElement*.
      (WebCore::FormKeyGenerator::willDeleteForm):
      Unregister HTMLFormElement*. This function is necessary because form
      restore feature works during parsing and a script might delete form
      elements.
      (WebCore::formStateSignature): Bump the version.
      (WebCore::FormController::formElementsState):
      Records a formKey string for each of control state.
      (WebCore::FormController::setStateForNewFormElements):
      Loads formKeys from stateVector, and uses them for FormElementKey.
      (WebCore::FormController::takeStateForFormElement):
      - Construct and destruct FormKeyGenerator if needed.
      - Passing a formKey for the specified form control to FormElementKey.
      (WebCore::FormController::willDeleteForm):
      Delegate to FormKeyGenerator::willDeleteForm.
      
      (WebCore::FormElementKey::FormElementKey): Add formKey argument and member.
      (WebCore::FormElementKey::operator=): ditto.
      (WebCore::FormElementKey::ref): ditto.
      (WebCore::FormElementKey::deref): ditto.
      * html/FormController.h:
      (FormElementKey): Add formKey argument and member.
      (FormController): Add a FormKeyGenerator member which is used during restoring.
      
      * html/HTMLFormElement.cpp:
      (WebCore::HTMLFormElement::~HTMLFormElement): Notify the death to FormController.
      
      LayoutTests:
      
      * fast/forms/resources/state-restore-per-form-back.html: Added.
      * fast/forms/state-restore-per-form-expected.txt:
      Added. This contains some FAIL lines. They are expected and will
      be fixed in webkit.org/b/89962.
      * fast/forms/state-restore-per-form.html: Added.
      * fast/forms/state-restore-broken-state-expected.txt:
      Updated for the serialization format change.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121420 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b53db041
  20. 27 Jun, 2012 1 commit
    • mhahnenberg@apple.com's avatar
      JSLock should be per-JSGlobalData · e16f8096
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89123
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      * API/APIShims.h:
      (APIEntryShimWithoutLock):
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock): Added an extra parameter to the constructor to 
      determine whether we should ref the JSGlobalData or not. We want to ref all the time except for in the 
      HeapTimer class because timerDidFire could run after somebody has started to tear down that particular 
      JSGlobalData, so we wouldn't want to resurrect the ref count of that JSGlobalData from 0 back to 1 after 
      its destruction has begun. 
      (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
      (JSC::APIEntryShim::APIEntryShim):
      (APIEntryShim):
      (JSC::APIEntryShim::~APIEntryShim):
      (JSC::APIEntryShim::init): Factored out common initialization code for the various APIEntryShim constructors.
      Also moved the timeoutChecker stop and start here because we need to start after we've grabbed the API lock
      and before we've released it, which can only done in APIEntryShim.
      (JSC::APICallbackShim::~APICallbackShim): We no longer need to synchronize here.
      * API/JSContextRef.cpp:
      (JSGlobalContextCreate):
      (JSGlobalContextCreateInGroup):
      (JSGlobalContextRelease):
      (JSContextCreateBacktrace):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::tryAllocateSlowCase):
      * heap/Heap.cpp:
      (JSC::Heap::protect):
      (JSC::Heap::unprotect):
      (JSC::Heap::collect):
      (JSC::Heap::setActivityCallback):
      (JSC::Heap::activityCallback):
      (JSC::Heap::sweeper):
      * heap/Heap.h: Changed m_activityCallback and m_sweeper to be raw pointers rather than OwnPtrs because they 
      are now responsible for their own lifetime. Also changed the order of declaration of the GCActivityCallback
      and the IncrementalSweeper to make sure they're the last things that get initialized during construction to 
      prevent any issues with uninitialized memory in the JSGlobalData/Heap they might care about.
      (Heap):
      * heap/HeapTimer.cpp: Refactored to allow for thread-safe operation and shutdown.
      (JSC::HeapTimer::~HeapTimer):
      (JSC::HeapTimer::invalidate):
      (JSC):
      (JSC::HeapTimer::didStartVMShutdown): Called at the beginning of ~JSGlobalData. If we're on the same thread 
      that the HeapTimer is running on, we kill the HeapTimer ourselves. If not, then we set some state in the 
      HeapTimer and schedule it to fire immediately so that it can notice and kill itself.
      (JSC::HeapTimer::timerDidFire): We grab our mutex and check our JSGlobalData pointer. If it has been zero-ed
      out, then we know the VM has started to shutdown and we should kill ourselves. Otherwise, grab the APIEntryShim,
      but without ref-ing the JSGlobalData (we don't want to bring the JSGlobalData's ref-count from 0 to 1) in case 
      we were interrupted between releasing our mutex and trying to grab the APILock.
      * heap/HeapTimer.h:
      (HeapTimer):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::doWork): We no longer need the API shim here since HeapTimer::timerDidFire handles 
      all of that for us. 
      (JSC::IncrementalSweeper::create):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::allocateSlowCase):
      * heap/WeakBlock.cpp:
      (JSC::WeakBlock::reap):
      * jsc.cpp:
      (functionGC):
      (functionReleaseExecutableMemory):
      (jscmain):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/GCActivityCallback.h:
      (DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::create):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData): Signals to the two HeapTimers (GCActivityCallback and IncrementalSweeper)
      that the VM has started shutting down. It then waits until the HeapTimer is done with whatever activity 
      it needs to do before continuing with any further destruction. Also asserts that we do not currently hold the 
      APILock because this could potentially cause deadlock when we try to signal to the HeapTimers using their mutexes.
      (JSC::JSGlobalData::sharedInstance): Protect the initialization for the shared instance with the GlobalJSLock.
      (JSC::JSGlobalData::sharedInstanceInternal):
      * runtime/JSGlobalData.h: Change to be ThreadSafeRefCounted so that we don't have to worry about refing and 
      de-refing JSGlobalDatas on separate threads since we don't do it that often anyways.
      (JSGlobalData):
      (JSC::JSGlobalData::apiLock):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::~JSGlobalObject):
      (JSC::JSGlobalObject::init):
      * runtime/JSLock.cpp:
      (JSC):
      (JSC::GlobalJSLock::GlobalJSLock): For accessing the shared instance.
      (JSC::GlobalJSLock::~GlobalJSLock):
      (JSC::JSLockHolder::JSLockHolder): MutexLocker for JSLock. Also refs the JSGlobalData to keep it alive so that 
      it can successfully unlock it later without it disappearing from underneath it.
      (JSC::JSLockHolder::~JSLockHolder):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::~JSLock):
      (JSC::JSLock::lock): Uses the spin lock for guarding the lock count and owner thread fields. Uses the mutex for 
      actually waiting for long periods. 
      (JSC::JSLock::unlock):
      (JSC::JSLock::currentThreadIsHoldingLock):
      (JSC::JSLock::dropAllLocks):
      (JSC::JSLock::dropAllLocksUnconditionally):
      (JSC::JSLock::grabAllLocks):
      (JSC::JSLock::DropAllLocks::DropAllLocks):
      (JSC::JSLock::DropAllLocks::~DropAllLocks):
      * runtime/JSLock.h:
      (JSC):
      (GlobalJSLock):
      (JSLockHolder):
      (JSLock):
      (DropAllLocks):
      * runtime/WeakGCMap.h:
      (JSC::WeakGCMap::set):
      * testRegExp.cpp:
      (realMain):
      
      Source/WebCore: 
      
      No new tests. Current regression tests are sufficient.
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::garbageCollectSoon):
      (WebCore::GCController::garbageCollectNow):
      (WebCore::GCController::discardAllCompiledCode):
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSCustomVoidCallback.cpp:
      (WebCore::JSCustomVoidCallback::handleEvent):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventCustom.cpp:
      (WebCore::toJS):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::InjectedScriptHost::nodeAsScriptValue):
      (WebCore::JSInjectedScriptHost::inspectedObject):
      * bindings/js/JSInjectedScriptManager.cpp:
      (WebCore::InjectedScriptManager::createInjectedScript):
      (WebCore::InjectedScriptManager::canAccessInspectedWindow):
      * bindings/js/JSLazyEventListener.cpp:
      (WebCore::JSLazyEventListener::initializeJSFunction):
      * bindings/js/JSMainThreadExecState.h:
      (WebCore::JSMainThreadExecState::evaluate):
      * bindings/js/JSMutationCallbackCustom.cpp:
      (WebCore::JSMutationCallback::handleEvent):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::acceptNode):
      * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
      (WebCore::JSRequestAnimationFrameCallback::handleEvent):
      * bindings/js/JavaScriptCallFrame.cpp:
      (WebCore::JavaScriptCallFrame::evaluate):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScriptCachedFrameData.cpp:
      (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
      (WebCore::ScriptCachedFrameData::restore):
      (WebCore::ScriptCachedFrameData::clear):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::evaluateInWorld):
      (WebCore::ScriptController::clearWindowShell):
      (WebCore::ScriptController::initScript):
      (WebCore::ScriptController::updateDocument):
      (WebCore::ScriptController::cacheableBindingRootObject):
      (WebCore::ScriptController::bindingRootObject):
      (WebCore::ScriptController::windowScriptNPObject):
      (WebCore::ScriptController::jsObjectForPluginElement):
      (WebCore::ScriptController::clearScriptObjects):
      * bindings/js/ScriptControllerMac.mm:
      (WebCore::ScriptController::windowScriptObject):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptEventListener.cpp:
      (WebCore::eventListenerHandlerBody):
      (WebCore::eventListenerHandlerLocation):
      * bindings/js/ScriptFunctionCall.cpp:
      (WebCore::ScriptCallArgumentHandler::appendArgument):
      (WebCore::ScriptFunctionCall::call):
      (WebCore::ScriptFunctionCall::construct):
      (WebCore::ScriptCallback::call):
      * bindings/js/ScriptObject.cpp:
      (WebCore::ScriptGlobalObject::set):
      (WebCore::ScriptGlobalObject::get):
      (WebCore::ScriptGlobalObject::remove):
      * bindings/js/ScriptValue.cpp:
      (WebCore::ScriptValue::getString):
      (WebCore::ScriptValue::toInspectorValue):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::~WorkerScriptController):
      (WebCore::WorkerScriptController::initScript):
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::disableEval):
      * bindings/objc/WebScriptObject.mm:
      (_didExecute):
      (-[WebScriptObject callWebScriptMethod:withArguments:]):
      (-[WebScriptObject evaluateWebScript:]):
      (-[WebScriptObject setValue:forKey:]):
      (-[WebScriptObject valueForKey:]):
      (-[WebScriptObject removeWebScriptKey:]):
      (-[WebScriptObject hasWebScriptKey:]):
      (-[WebScriptObject stringRepresentation]):
      (-[WebScriptObject webScriptValueAtIndex:]):
      (-[WebScriptObject setWebScriptValueAtIndex:value:]):
      (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateCallbackImplementation):
      * bindings/scripts/test/JS/JSTestCallback.cpp:
      (WebCore::JSTestCallback::callbackWithNoParam):
      (WebCore::JSTestCallback::callbackWithClass1Param):
      (WebCore::JSTestCallback::callbackWithClass2Param):
      (WebCore::JSTestCallback::callbackWithStringList):
      (WebCore::JSTestCallback::callbackWithBoolean):
      (WebCore::JSTestCallback::callbackRequiresThisToPass):
      * bridge/NP_jsobject.cpp:
      (_NPN_InvokeDefault):
      (_NPN_Invoke):
      (_NPN_Evaluate):
      (_NPN_GetProperty):
      (_NPN_SetProperty):
      (_NPN_RemoveProperty):
      (_NPN_HasProperty):
      (_NPN_HasMethod):
      (_NPN_Enumerate):
      (_NPN_Construct):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::~CClass):
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CInstance::moveGlobalExceptionToExecState):
      (JSC::Bindings::CInstance::invokeMethod):
      (JSC::Bindings::CInstance::invokeDefaultMethod):
      (JSC::Bindings::CInstance::invokeConstruct):
      (JSC::Bindings::CInstance::getPropertyNames):
      * bridge/c/c_runtime.cpp:
      (JSC::Bindings::CField::valueFromInstance):
      (JSC::Bindings::CField::setValueToInstance):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      (JSC::Bindings::convertNPVariantToValue):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::call):
      (JavaJSObject::eval):
      (JavaJSObject::getMember):
      (JavaJSObject::setMember):
      (JavaJSObject::removeMember):
      (JavaJSObject::getSlot):
      (JavaJSObject::setSlot):
      (JavaJSObject::toString):
      (JavaJSObject::convertValueToJObject):
      (JavaJSObject::convertJObjectToValue):
      * bridge/jni/jni_objc.mm:
      (JSC::Bindings::dispatchJNICall):
      * bridge/jni/jsc/JNIUtilityPrivate.cpp:
      (JSC::Bindings::convertValueToJValue):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::JavaClass):
      (JavaClass::~JavaClass):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaInstance::stringValue):
      * bridge/jni/jsc/JavaMethodJSC.cpp:
      (appendClassName):
      (JavaMethod::signature):
      * bridge/jni/jsc/JavaStringJSC.h:
      (JSC::Bindings::JavaString::JavaString):
      (JSC::Bindings::JavaString::~JavaString):
      (JSC::Bindings::JavaString::utf8):
      (JSC::Bindings::JavaString::init):
      * bridge/jsc/BridgeJSC.cpp:
      (JSC::Bindings::Instance::createRuntimeObject):
      (JSC::Bindings::Instance::newRuntimeObject):
      * bridge/objc/objc_instance.mm:
      (ObjcInstance::moveGlobalExceptionToExecState):
      (ObjcInstance::invokeObjcMethod):
      (ObjcInstance::invokeDefaultMethod):
      (ObjcInstance::setValueOfUndefinedField):
      (ObjcInstance::getValueOfUndefinedField):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcField::valueFromInstance):
      (JSC::Bindings::ObjcField::setValueToInstance):
      * bridge/objc/objc_utility.mm:
      (JSC::Bindings::convertValueToObjcValue):
      (JSC::Bindings::convertNSStringToString):
      (JSC::Bindings::convertObjcValueToValue):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtInstance::~QtInstance):
      (JSC::Bindings::QtInstance::getQtInstance):
      (JSC::Bindings::QtInstance::newRuntimeObject):
      * bridge/qt/qt_pixmapruntime.cpp:
      (JSC::Bindings::QtPixmapInstance::createPixmapRuntimeObject):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertValueToQVariant):
      (JSC::Bindings::convertQVariantToValue):
      (JSC::Bindings::QtRuntimeMetaMethod::call):
      (JSC::Bindings::QtRuntimeConnectionMethod::call):
      * bridge/qt/qt_runtime_qt4.cpp:
      (JSC::Bindings::convertValueToQVariant):
      (JSC::Bindings::convertQVariantToValue):
      (JSC::Bindings::QtRuntimeMetaMethod::call):
      (JSC::Bindings::QtRuntimeConnectionMethod::call):
      * bridge/runtime_root.cpp:
      (JSC::Bindings::RootObject::gcProtect):
      (JSC::Bindings::RootObject::gcUnprotect):
      * html/HTMLCanvasElement.cpp:
      (WebCore::HTMLCanvasElement::createImageBuffer):
      * html/HTMLImageLoader.cpp:
      (WebCore::HTMLImageLoader::notifyFinished):
      * plugins/PluginView.cpp:
      (WebCore::PluginView::start):
      (WebCore::PluginView::stop):
      (WebCore::PluginView::performRequest):
      (WebCore::PluginView::npObject):
      (WebCore::PluginView::privateBrowsingStateChanged):
      * plugins/blackberry/PluginViewBlackBerry.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      (WebCore::PluginView::getWindowInfo):
      * plugins/efl/PluginViewEfl.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/gtk/PluginViewGtk.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/mac/PluginViewMac.mm:
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/qt/PluginViewQt.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/win/PluginViewWin.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowRect):
      * testing/js/WebCoreTestSupport.cpp:
      (WebCoreTestSupport::injectInternalsObject):
      (WebCoreTestSupport::resetInternalsObject):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::dropProtection):
      
      Source/WebKit/blackberry: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * Api/BlackBerryGlobal.cpp:
      (BlackBerry::WebKit::clearMemoryCaches):
      * WebCoreSupport/ClientExtension.cpp:
      * WebCoreSupport/PagePopupBlackBerry.cpp:
      (WebCore::PagePopupBlackBerry::installDomFunction):
      * WebKitSupport/DumpRenderTreeSupport.cpp:
      (DumpRenderTreeSupport::computedStyleIncludingVisitedInfo):
      
      Source/WebKit/efl: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * ewk/ewk_frame.cpp:
      (ewk_frame_script_execute):
      * ewk/ewk_view.cpp:
      (ewk_view_js_object_add):
      
      Source/WebKit/gtk: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
      (DumpRenderTreeSupportGtk::gcCountJavascriptObjects):
      
      Source/WebKit/mac: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * DOM/WebDOMOperations.mm:
      (JSC):
      * Misc/WebCoreStatistics.mm:
      (+[WebCoreStatistics javaScriptObjectsCount]):
      (+[WebCoreStatistics javaScriptGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
      (+[WebCoreStatistics javaScriptObjectTypeCounts]):
      (+[WebCoreStatistics shouldPrintExceptions]):
      (+[WebCoreStatistics setShouldPrintExceptions:]):
      (+[WebCoreStatistics memoryStatistics]):
      (+[WebCoreStatistics javaScriptReferencedObjectsCount]):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      (WebKit::NetscapePluginInstanceProxy::invoke):
      (WebKit::NetscapePluginInstanceProxy::invokeDefault):
      (WebKit::NetscapePluginInstanceProxy::construct):
      (WebKit::NetscapePluginInstanceProxy::getProperty):
      (WebKit::NetscapePluginInstanceProxy::setProperty):
      (WebKit::NetscapePluginInstanceProxy::removeProperty):
      (WebKit::NetscapePluginInstanceProxy::hasMethod):
      (WebKit::NetscapePluginInstanceProxy::enumerate):
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      (WebKit::NetscapePluginInstanceProxy::moveGlobalExceptionToExecState):
      * Plugins/WebNetscapePluginStream.mm:
      (WebNetscapePluginStream::wantsAllStreams):
      * Plugins/WebNetscapePluginView.mm:
      (-[WebNetscapePluginView sendEvent:isDrawRect:]):
      (-[WebNetscapePluginView privateBrowsingModeDidChange]):
      (-[WebNetscapePluginView setWindowIfNecessary]):
      (-[WebNetscapePluginView createPluginScriptableObject]):
      (-[WebNetscapePluginView getFormValue:]):
      (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]):
      (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]):
      (-[WebNetscapePluginView loadPluginRequest:]):
      (-[WebNetscapePluginView _printedPluginBitmap]):
      * Plugins/WebPluginController.mm:
      (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]):
      (-[WebPluginController stopOnePlugin:]):
      (-[WebPluginController destroyOnePlugin:]):
      (-[WebPluginController startAllPlugins]):
      (-[WebPluginController addPlugin:]):
      * WebView/WebFrame.mm:
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:forceUserGesture:]):
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]):
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame scopeChain]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebView.mm:
      (+[WebView _reportException:inContext:]):
      (-[WebView aeDescByEvaluatingJavaScriptFromString:]):
      (-[WebView _computedStyleIncludingVisitedInfo:forElement:]):
      
      Source/WebKit/qt: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * Api/qwebframe.cpp:
      (QWebFramePrivate::addQtSenderToGlobalObject):
      (QWebFrame::addToJavaScriptWindowObject):
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (DumpRenderTreeSupportQt::injectInternalsObject):
      (DumpRenderTreeSupportQt::resetInternalsObject):
      
      Source/WebKit/win: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * WebCoreStatistics.cpp:
      (WebCoreStatistics::javaScriptObjectsCount):
      (WebCoreStatistics::javaScriptGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectsCount):
      (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      * WebFrame.cpp:
      (WebFrame::stringByEvaluatingJavaScriptInScriptWorld):
      * WebJavaScriptCollector.cpp:
      (WebJavaScriptCollector::objectCount):
      * WebView.cpp:
      (WebView::stringByEvaluatingJavaScriptFromString):
      (WebView::reportException):
      (WebView::elementFromJS):
      
      Source/WebKit2: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * Shared/mac/WebMemorySampler.mac.mm:
      (WebKit::WebMemorySampler::sampleWebKit):
      * WebProcess/InjectedBundle/InjectedBundle.cpp:
      (WebKit::InjectedBundle::javaScriptObjectsCount):
      (WebKit::InjectedBundle::reportException):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::hasMethod):
      (WebKit::NPJSObject::invoke):
      (WebKit::NPJSObject::invokeDefault):
      (WebKit::NPJSObject::hasProperty):
      (WebKit::NPJSObject::getProperty):
      (WebKit::NPJSObject::setProperty):
      (WebKit::NPJSObject::removeProperty):
      (WebKit::NPJSObject::enumerate):
      (WebKit::NPJSObject::construct):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      (WebKit::NPRuntimeObjectMap::evaluate):
      (WebKit::NPRuntimeObjectMap::moveGlobalExceptionToExecState):
      * WebProcess/WebPage/WebFrame.cpp:
      (WebKit::WebFrame::jsWrapperForWorld):
      (WebKit::WebFrame::computedStyleIncludingVisitedInfo):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::runJavaScriptInMainFrame):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::getWebCoreStatistics):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121381 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e16f8096
  21. 25 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      Value profiling should use tier-up threshold randomization to get more coverage · 3745dbcf
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89802
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      This patch causes both LLInt and Baseline JIT code to take the OSR slow path several
      times before actually doing OSR. If we take the OSR slow path before the execution
      count threshold is reached, then we just call CodeBlock::updateAllPredictions() to
      compute the current latest least-upper-bound SpecType of all values seen in each
      ValueProfile.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
      (JSC):
      (JSC::CodeBlock::updateAllPredictions):
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::llintExecuteCounter):
      (JSC::CodeBlock::jitExecuteCounter):
      (CodeBlock):
      (JSC::CodeBlock::updateAllPredictions):
      * bytecode/ExecutionCounter.cpp:
      (JSC::ExecutionCounter::setThreshold):
      (JSC::ExecutionCounter::status):
      (JSC):
      * bytecode/ExecutionCounter.h:
      (JSC::ExecutionCounter::count):
      (ExecutionCounter):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGOperations.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::weakRandomInteger):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/WeakRandom.h:
      (WeakRandom):
      (JSC::WeakRandom::seedUnsafe):
      
      LayoutTests: 
      
      Reviewed by Gavin Barraclough.
              
      * fast/js/dfg-store-unexpected-value-into-argument-and-osr-exit-expected.txt: Added.
      * fast/js/dfg-store-unexpected-value-into-argument-and-osr-exit.html: Added.
      * fast/js/script-tests/dfg-store-unexpected-value-into-argument-and-osr-exit.js: Added.
      (foo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121215 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3745dbcf
  22. 23 Jun, 2012 1 commit
    • zandobersek@gmail.com's avatar
      Unreviewed, rolling out r121058. · a6460e15
      zandobersek@gmail.com authored
      http://trac.webkit.org/changeset/121058
      https://bugs.webkit.org/show_bug.cgi?id=89809
      
      Patch causes plugins tests to crash in GTK debug builds
      (Requested by zdobersek on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-06-23
      
      Source/JavaScriptCore: 
      
      * API/APIShims.h:
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
      (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
      (APIEntryShimWithoutLock):
      (JSC::APIEntryShim::APIEntryShim):
      (APIEntryShim):
      (JSC::APICallbackShim::~APICallbackShim):
      * API/JSContextRef.cpp:
      (JSGlobalContextCreate):
      (JSGlobalContextCreateInGroup):
      (JSGlobalContextRelease):
      (JSContextCreateBacktrace):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::tryAllocateSlowCase):
      * heap/Heap.cpp:
      (JSC::Heap::protect):
      (JSC::Heap::unprotect):
      (JSC::Heap::collect):
      (JSC::Heap::setActivityCallback):
      (JSC::Heap::activityCallback):
      (JSC::Heap::sweeper):
      * heap/Heap.h:
      (Heap):
      * heap/HeapTimer.cpp:
      (JSC::HeapTimer::~HeapTimer):
      (JSC::HeapTimer::invalidate):
      (JSC::HeapTimer::timerDidFire):
      (JSC):
      * heap/HeapTimer.h:
      (HeapTimer):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::doWork):
      (JSC::IncrementalSweeper::create):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::allocateSlowCase):
      * heap/WeakBlock.cpp:
      (JSC::WeakBlock::reap):
      * jsc.cpp:
      (functionGC):
      (functionReleaseExecutableMemory):
      (jscmain):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/GCActivityCallback.h:
      (DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::create):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      (JSC::JSGlobalData::sharedInstance):
      (JSC::JSGlobalData::sharedInstanceInternal):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::~JSGlobalObject):
      (JSC::JSGlobalObject::init):
      * runtime/JSLock.cpp:
      (JSC):
      (JSC::createJSLockCount):
      (JSC::JSLock::lockCount):
      (JSC::setLockCount):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::lock):
      (JSC::JSLock::unlock):
      (JSC::JSLock::currentThreadIsHoldingLock):
      (JSC::JSLock::DropAllLocks::DropAllLocks):
      (JSC::JSLock::DropAllLocks::~DropAllLocks):
      * runtime/JSLock.h:
      (JSC):
      (JSLock):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::~JSLock):
      (DropAllLocks):
      * runtime/WeakGCMap.h:
      (JSC::WeakGCMap::set):
      * testRegExp.cpp:
      (realMain):
      
      Source/WebCore: 
      
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::garbageCollectSoon):
      (WebCore::GCController::garbageCollectNow):
      (WebCore::GCController::discardAllCompiledCode):
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSCustomVoidCallback.cpp:
      (WebCore::JSCustomVoidCallback::handleEvent):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventCustom.cpp:
      (WebCore::toJS):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::InjectedScriptHost::nodeAsScriptValue):
      (WebCore::JSInjectedScriptHost::inspectedObject):
      * bindings/js/JSInjectedScriptManager.cpp:
      (WebCore::InjectedScriptManager::createInjectedScript):
      (WebCore::InjectedScriptManager::canAccessInspectedWindow):
      * bindings/js/JSLazyEventListener.cpp:
      (WebCore::JSLazyEventListener::initializeJSFunction):
      * bindings/js/JSMainThreadExecState.h:
      (WebCore::JSMainThreadExecState::evaluate):
      * bindings/js/JSMutationCallbackCustom.cpp:
      (WebCore::JSMutationCallback::handleEvent):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::acceptNode):
      * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
      (WebCore::JSRequestAnimationFrameCallback::handleEvent):
      * bindings/js/JavaScriptCallFrame.cpp:
      (WebCore::JavaScriptCallFrame::evaluate):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScriptCachedFrameData.cpp:
      (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
      (WebCore::ScriptCachedFrameData::restore):
      (WebCore::ScriptCachedFrameData::clear):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::evaluateInWorld):
      (WebCore::ScriptController::clearWindowShell):
      (WebCore::ScriptController::initScript):
      (WebCore::ScriptController::updateDocument):
      (WebCore::ScriptController::cacheableBindingRootObject):
      (WebCore::ScriptController::bindingRootObject):
      (WebCore::ScriptController::windowScriptNPObject):
      (WebCore::ScriptController::jsObjectForPluginElement):
      (WebCore::ScriptController::clearScriptObjects):
      * bindings/js/ScriptControllerMac.mm:
      (WebCore::ScriptController::windowScriptObject):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptEventListener.cpp:
      (WebCore::eventListenerHandlerBody):
      (WebCore::eventListenerHandlerLocation):
      * bindings/js/ScriptFunctionCall.cpp:
      (WebCore::ScriptCallArgumentHandler::appendArgument):
      (WebCore::ScriptFunctionCall::call):
      (WebCore::ScriptFunctionCall::construct):
      (WebCore::ScriptCallback::call):
      * bindings/js/ScriptObject.cpp:
      (WebCore::ScriptGlobalObject::set):
      (WebCore::ScriptGlobalObject::get):
      (WebCore::ScriptGlobalObject::remove):
      * bindings/js/ScriptValue.cpp:
      (WebCore::ScriptValue::getString):
      (WebCore::ScriptValue::toInspectorValue):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::~WorkerScriptController):
      (WebCore::WorkerScriptController::initScript):
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::disableEval):
      * bindings/objc/WebScriptObject.mm:
      (_didExecute):
      (-[WebScriptObject _setImp:originRootObject:rootObject:]):
      (-[WebScriptObject _setOriginRootObject:andRootObject:]):
      (-[WebScriptObject dealloc]):
      (-[WebScriptObject finalize]):
      (-[WebScriptObject callWebScriptMethod:withArguments:]):
      (-[WebScriptObject evaluateWebScript:]):
      (-[WebScriptObject setValue:forKey:]):
      (-[WebScriptObject valueForKey:]):
      (-[WebScriptObject removeWebScriptKey:]):
      (-[WebScriptObject hasWebScriptKey:]):
      (-[WebScriptObject stringRepresentation]):
      (-[WebScriptObject webScriptValueAtIndex:]):
      (-[WebScriptObject setWebScriptValueAtIndex:value:]):
      (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateCallbackImplementation):
      * bindings/scripts/test/JS/JSTestCallback.cpp:
      (WebCore::JSTestCallback::callbackWithNoParam):
      (WebCore::JSTestCallback::callbackWithClass1Param):
      (WebCore::JSTestCallback::callbackWithClass2Param):
      (WebCore::JSTestCallback::callbackWithStringList):
      (WebCore::JSTestCallback::callbackWithBoolean):
      (WebCore::JSTestCallback::callbackRequiresThisToPass):
      * bridge/NP_jsobject.cpp:
      (_NPN_InvokeDefault):
      (_NPN_Invoke):
      (_NPN_Evaluate):
      (_NPN_GetProperty):
      (_NPN_SetProperty):
      (_NPN_RemoveProperty):
      (_NPN_HasProperty):
      (_NPN_HasMethod):
      (_NPN_Enumerate):
      (_NPN_Construct):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::~CClass):
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CInstance::moveGlobalExceptionToExecState):
      (JSC::Bindings::CInstance::invokeMethod):
      (JSC::Bindings::CInstance::invokeDefaultMethod):
      (JSC::Bindings::CInstance::invokeConstruct):
      (JSC::Bindings::CInstance::getPropertyNames):
      * bridge/c/c_runtime.cpp:
      (JSC::Bindings::CField::valueFromInstance):
      (JSC::Bindings::CField::setValueToInstance):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      (JSC::Bindings::convertNPVariantToValue):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::call):
      (JavaJSObject::eval):
      (JavaJSObject::getMember):
      (JavaJSObject::setMember):
      (JavaJSObject::removeMember):
      (JavaJSObject::getSlot):
      (JavaJSObject::setSlot):
      (JavaJSObject::toString):
      (JavaJSObject::convertValueToJObject):
      (JavaJSObject::convertJObjectToValue):
      * bridge/jni/jni_objc.mm:
      (JSC::Bindings::dispatchJNICall):
      * bridge/jni/jsc/JNIUtilityPrivate.cpp:
      (JSC::Bindings::convertValueToJValue):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::JavaClass):
      (JavaClass::~JavaClass):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaInstance::stringValue):
      * bridge/jni/jsc/JavaMethodJSC.cpp:
      (appendClassName):
      (JavaMethod::signature):
      * bridge/jni/jsc/JavaStringJSC.h:
      (JSC::Bindings::JavaString::JavaString):
      (JSC::Bindings::JavaString::~JavaString):
      (JSC::Bindings::JavaString::utf8):
      (JSC::Bindings::JavaString::init):
      * bridge/jsc/BridgeJSC.cpp:
      (JSC::Bindings::Instance::createRuntimeObject):
      (JSC::Bindings::Instance::newRuntimeObject):
      * bridge/objc/objc_instance.mm:
      (ObjcInstance::moveGlobalExceptionToExecState):
      (ObjcInstance::invokeObjcMethod):
      (ObjcInstance::invokeDefaultMethod):
      (ObjcInstance::setValueOfUndefinedField):
      (ObjcInstance::getValueOfUndefinedField):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcField::valueFromInstance):
      (JSC::Bindings::ObjcField::setValueToInstance):
      * bridge/objc/objc_utility.mm:
      (JSC::Bindings::convertValueToObjcValue):
      (JSC::Bindings::convertNSStringToString):
      (JSC::Bindings::convertObjcValueToValue):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtInstance::~QtInstance):
      (JSC::Bindings::QtInstance::getQtInstance):
      (JSC::Bindings::QtInstance::newRuntimeObject):
      * bridge/qt/qt_pixmapruntime.cpp:
      (JSC::Bindings::QtPixmapInstance::createPixmapRuntimeObject):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertValueToQVariant):
      (JSC::Bindings::convertQVariantToValue):
      (JSC::Bindings::QtRuntimeMetaMethod::call):
      (JSC::Bindings::QtRuntimeConnectionMethod::call):
      * bridge/qt/qt_runtime_qt4.cpp:
      (JSC::Bindings::convertValueToQVariant):
      (JSC::Bindings::convertQVariantToValue):
      (JSC::Bindings::QtRuntimeMetaMethod::call):
      (JSC::Bindings::QtRuntimeConnectionMethod::call):
      * html/HTMLCanvasElement.cpp:
      (WebCore::HTMLCanvasElement::createImageBuffer):
      * html/HTMLImageLoader.cpp:
      (WebCore::HTMLImageLoader::notifyFinished):
      * plugins/PluginView.cpp:
      (WebCore::PluginView::start):
      (WebCore::PluginView::stop):
      (WebCore::PluginView::performRequest):
      (WebCore::PluginView::npObject):
      (WebCore::PluginView::privateBrowsingStateChanged):
      * plugins/blackberry/PluginViewBlackBerry.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      (WebCore::PluginView::getWindowInfo):
      * plugins/efl/PluginViewEfl.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/gtk/PluginViewGtk.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/mac/PluginViewMac.mm:
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/qt/PluginViewQt.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/win/PluginViewWin.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowRect):
      * testing/js/WebCoreTestSupport.cpp:
      (WebCoreTestSupport::injectInternalsObject):
      (WebCoreTestSupport::resetInternalsObject):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::dropProtection):
      
      Source/WebKit/blackberry: 
      
      * Api/BlackBerryGlobal.cpp:
      (BlackBerry::WebKit::clearMemoryCaches):
      * WebCoreSupport/ClientExtension.cpp:
      * WebCoreSupport/PagePopupBlackBerry.cpp:
      (WebCore::PagePopupBlackBerry::installDomFunction):
      * WebKitSupport/DumpRenderTreeSupport.cpp:
      (DumpRenderTreeSupport::computedStyleIncludingVisitedInfo):
      
      Source/WebKit/efl: 
      
      * ewk/ewk_frame.cpp:
      (ewk_frame_script_execute):
      * ewk/ewk_view.cpp:
      (ewk_view_js_object_add):
      
      Source/WebKit/gtk: 
      
      * WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
      (DumpRenderTreeSupportGtk::gcCountJavascriptObjects):
      
      Source/WebKit/mac: 
      
      * DOM/WebDOMOperations.mm:
      (JSC):
      * Misc/WebCoreStatistics.mm:
      (+[WebCoreStatistics javaScriptObjectsCount]):
      (+[WebCoreStatistics javaScriptGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
      (+[WebCoreStatistics javaScriptObjectTypeCounts]):
      (+[WebCoreStatistics shouldPrintExceptions]):
      (+[WebCoreStatistics setShouldPrintExceptions:]):
      (+[WebCoreStatistics memoryStatistics]):
      (+[WebCoreStatistics javaScriptReferencedObjectsCount]):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      (WebKit::NetscapePluginInstanceProxy::invoke):
      (WebKit::NetscapePluginInstanceProxy::invokeDefault):
      (WebKit::NetscapePluginInstanceProxy::construct):
      (WebKit::NetscapePluginInstanceProxy::getProperty):
      (WebKit::NetscapePluginInstanceProxy::setProperty):
      (WebKit::NetscapePluginInstanceProxy::removeProperty):
      (WebKit::NetscapePluginInstanceProxy::hasMethod):
      (WebKit::NetscapePluginInstanceProxy::enumerate):
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      (WebKit::NetscapePluginInstanceProxy::moveGlobalExceptionToExecState):
      * Plugins/WebNetscapePluginStream.mm:
      (WebNetscapePluginStream::wantsAllStreams):
      * Plugins/WebNetscapePluginView.mm:
      (-[WebNetscapePluginView sendEvent:isDrawRect:]):
      (-[WebNetscapePluginView privateBrowsingModeDidChange]):
      (-[WebNetscapePluginView setWindowIfNecessary]):
      (-[WebNetscapePluginView createPluginScriptableObject]):
      (-[WebNetscapePluginView getFormValue:]):
      (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]):
      (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]):
      (-[WebNetscapePluginView loadPluginRequest:]):
      (-[WebNetscapePluginView _printedPluginBitmap]):
      * Plugins/WebPluginController.mm:
      (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]):
      (-[WebPluginController stopOnePlugin:]):
      (-[WebPluginController destroyOnePlugin:]):
      (-[WebPluginController startAllPlugins]):
      (-[WebPluginController addPlugin:]):
      * WebView/WebFrame.mm:
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:forceUserGesture:]):
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]):
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame scopeChain]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebView.mm:
      (+[WebView _reportException:inContext:]):
      (-[WebView aeDescByEvaluatingJavaScriptFromString:]):
      (-[WebView _computedStyleIncludingVisitedInfo:forElement:]):
      
      Source/WebKit/qt: 
      
      * Api/qwebframe.cpp:
      (QWebFramePrivate::addQtSenderToGlobalObject):
      (QWebFrame::addToJavaScriptWindowObject):
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (DumpRenderTreeSupportQt::injectInternalsObject):
      (DumpRenderTreeSupportQt::resetInternalsObject):
      
      Source/WebKit/win: 
      
      * WebCoreStatistics.cpp:
      (WebCoreStatistics::javaScriptObjectsCount):
      (WebCoreStatistics::javaScriptGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectsCount):
      (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      * WebFrame.cpp:
      (WebFrame::stringByEvaluatingJavaScriptInScriptWorld):
      * WebJavaScriptCollector.cpp:
      (WebJavaScriptCollector::objectCount):
      * WebView.cpp:
      (WebView::stringByEvaluatingJavaScriptFromString):
      (WebView::reportException):
      (WebView::elementFromJS):
      
      Source/WebKit2: 
      
      * Shared/mac/WebMemorySampler.mac.mm:
      (WebKit::WebMemorySampler::sampleWebKit):
      * WebProcess/InjectedBundle/InjectedBundle.cpp:
      (WebKit::InjectedBundle::javaScriptObjectsCount):
      (WebKit::InjectedBundle::reportException):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::hasMethod):
      (WebKit::NPJSObject::invoke):
      (WebKit::NPJSObject::invokeDefault):
      (WebKit::NPJSObject::hasProperty):
      (WebKit::NPJSObject::getProperty):
      (WebKit::NPJSObject::setProperty):
      (WebKit::NPJSObject::removeProperty):
      (WebKit::NPJSObject::enumerate):
      (WebKit::NPJSObject::construct):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      (WebKit::NPRuntimeObjectMap::evaluate):
      (WebKit::NPRuntimeObjectMap::moveGlobalExceptionToExecState):
      * WebProcess/WebPage/WebFrame.cpp:
      (WebKit::WebFrame::jsWrapperForWorld):
      (WebKit::WebFrame::computedStyleIncludingVisitedInfo):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::runJavaScriptInMainFrame):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::getWebCoreStatistics):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121098 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a6460e15
  23. 22 Jun, 2012 1 commit
    • mhahnenberg@apple.com's avatar
      JSLock should be per-JSGlobalData · 6d9f86d9
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89123
      
      Reviewed by Gavin Barraclough.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * API/APIShims.h:
      (APIEntryShimWithoutLock):
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock): Added an extra parameter to the constructor to 
      determine whether we should ref the JSGlobalData or not. We want to ref all the time except for in the 
      HeapTimer class because timerDidFire could run after somebody has started to tear down that particular 
      JSGlobalData, so we wouldn't want to resurrect the ref count of that JSGlobalData from 0 back to 1 after 
      its destruction has begun. 
      (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock): Now derefs if it also refed.
      (JSC::APIEntryShim::APIEntryShim):
      (APIEntryShim):
      (JSC::APIEntryShim::~APIEntryShim):
      (JSC::APIEntryShim::init): Factored out common initialization code for the various APIEntryShim constructors.
      Also moved the timeoutChecker stop and start here because we need to start after we've grabbed the API lock
      and before we've released it, which can only done in APIEntryShim.
      (JSC::APICallbackShim::~APICallbackShim): We no longer need to synchronize here.
      * API/JSContextRef.cpp:
      (JSGlobalContextCreate):
      (JSGlobalContextCreateInGroup):
      (JSGlobalContextRelease):
      (JSContextCreateBacktrace):
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::tryAllocateSlowCase):
      * heap/Heap.cpp:
      (JSC::Heap::protect):
      (JSC::Heap::unprotect):
      (JSC::Heap::collect):
      (JSC::Heap::setActivityCallback):
      (JSC::Heap::activityCallback):
      (JSC::Heap::sweeper):
      * heap/Heap.h: Changed m_activityCallback and m_sweeper to be raw pointers rather than OwnPtrs because they 
      are now responsible for their own lifetime. Also changed the order of declaration of the GCActivityCallback
      and the IncrementalSweeper to make sure they're the last things that get initialized during construction to 
      prevent any issues with uninitialized memory in the JSGlobalData/Heap they might care about.
      (Heap):
      * heap/HeapTimer.cpp: Refactored to allow for thread-safe operation and shutdown.
      (JSC::HeapTimer::~HeapTimer):
      (JSC::HeapTimer::invalidate):
      (JSC):
      (JSC::HeapTimer::didStartVMShutdown): Called at the beginning of ~JSGlobalData. If we're on the same thread 
      that the HeapTimer is running on, we kill the HeapTimer ourselves. If not, then we set some state in the 
      HeapTimer and schedule it to fire immediately so that it can notice and kill itself.
      (JSC::HeapTimer::timerDidFire): We grab our mutex and check our JSGlobalData pointer. If it has been zero-ed
      out, then we know the VM has started to shutdown and we should kill ourselves. Otherwise, grab the APIEntryShim,
      but without ref-ing the JSGlobalData (we don't want to bring the JSGlobalData's ref-count from 0 to 1) in case 
      we were interrupted between releasing our mutex and trying to grab the APILock.
      * heap/HeapTimer.h: 
      (HeapTimer):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::doWork): We no longer need the API shim here since HeapTimer::timerDidFire handles 
      all of that for us. 
      (JSC::IncrementalSweeper::create):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::allocateSlowCase):
      * heap/WeakBlock.cpp:
      (JSC::WeakBlock::reap):
      * jsc.cpp:
      (functionGC):
      (functionReleaseExecutableMemory):
      (jscmain):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/GCActivityCallback.h:
      (DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::create):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData): Signals to the two HeapTimers (GCActivityCallback and IncrementalSweeper)
      that the VM has started shutting down. It then waits until the HeapTimer is done with whatever activity 
      it needs to do before continuing with any further destruction. Also asserts that we do not currently hold the 
      APILock because this could potentially cause deadlock when we try to signal to the HeapTimers using their mutexes.
      (JSC::JSGlobalData::sharedInstance): Protect the initialization for the shared instance with the GlobalJSLock.
      (JSC::JSGlobalData::sharedInstanceInternal):
      * runtime/JSGlobalData.h: Change to be ThreadSafeRefCounted so that we don't have to worry about refing and 
      de-refing JSGlobalDatas on separate threads since we don't do it that often anyways.
      (JSGlobalData):
      (JSC::JSGlobalData::apiLock):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::~JSGlobalObject):
      (JSC::JSGlobalObject::init):
      * runtime/JSLock.cpp:
      (JSC):
      (JSC::GlobalJSLock::GlobalJSLock): For accessing the shared instance.
      (JSC::GlobalJSLock::~GlobalJSLock):
      (JSC::JSLockHolder::JSLockHolder): MutexLocker for JSLock. Also refs the JSGlobalData to keep it alive so that 
      it can successfully unlock it later without it disappearing from underneath it.
      (JSC::JSLockHolder::~JSLockHolder):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::~JSLock):
      (JSC::JSLock::lock): Uses the spin lock for guarding the lock count and owner thread fields. Uses the mutex for 
      actually waiting for long periods. 
      (JSC::JSLock::unlock):
      (JSC::JSLock::currentThreadIsHoldingLock): 
      (JSC::JSLock::dropAllLocks):
      (JSC::JSLock::dropAllLocksUnconditionally):
      (JSC::JSLock::grabAllLocks):
      (JSC::JSLock::DropAllLocks::DropAllLocks):
      (JSC::JSLock::DropAllLocks::~DropAllLocks):
      * runtime/JSLock.h:
      (JSC):
      (GlobalJSLock):
      (JSLockHolder):
      (JSLock):
      (DropAllLocks):
      * runtime/WeakGCMap.h:
      (JSC::WeakGCMap::set):
      * testRegExp.cpp:
      (realMain):
      
      Source/WebCore: 
      
      No new tests. Current regression tests are sufficient.
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection. Also added a couple JSLocks to places that didn't already 
      have it that needed it.
      
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::garbageCollectSoon):
      (WebCore::GCController::garbageCollectNow):
      (WebCore::GCController::discardAllCompiledCode):
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSCustomVoidCallback.cpp:
      (WebCore::JSCustomVoidCallback::handleEvent):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventCustom.cpp:
      (WebCore::toJS):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::InjectedScriptHost::nodeAsScriptValue):
      (WebCore::JSInjectedScriptHost::inspectedObject):
      * bindings/js/JSInjectedScriptManager.cpp:
      (WebCore::InjectedScriptManager::createInjectedScript):
      (WebCore::InjectedScriptManager::canAccessInspectedWindow):
      * bindings/js/JSLazyEventListener.cpp:
      (WebCore::JSLazyEventListener::initializeJSFunction):
      * bindings/js/JSMainThreadExecState.h:
      (WebCore::JSMainThreadExecState::evaluate):
      * bindings/js/JSMutationCallbackCustom.cpp:
      (WebCore::JSMutationCallback::handleEvent):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::acceptNode):
      * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
      (WebCore::JSRequestAnimationFrameCallback::handleEvent):
      * bindings/js/JavaScriptCallFrame.cpp:
      (WebCore::JavaScriptCallFrame::evaluate):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScriptCachedFrameData.cpp:
      (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
      (WebCore::ScriptCachedFrameData::restore):
      (WebCore::ScriptCachedFrameData::clear):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::evaluateInWorld):
      (WebCore::ScriptController::clearWindowShell):
      (WebCore::ScriptController::initScript):
      (WebCore::ScriptController::updateDocument):
      (WebCore::ScriptController::cacheableBindingRootObject):
      (WebCore::ScriptController::bindingRootObject):
      (WebCore::ScriptController::windowScriptNPObject):
      (WebCore::ScriptController::jsObjectForPluginElement):
      (WebCore::ScriptController::clearScriptObjects):
      * bindings/js/ScriptControllerMac.mm:
      (WebCore::ScriptController::windowScriptObject):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptEventListener.cpp:
      (WebCore::eventListenerHandlerBody):
      (WebCore::eventListenerHandlerLocation):
      * bindings/js/ScriptFunctionCall.cpp:
      (WebCore::ScriptCallArgumentHandler::appendArgument):
      (WebCore::ScriptFunctionCall::call):
      (WebCore::ScriptFunctionCall::construct):
      (WebCore::ScriptCallback::call):
      * bindings/js/ScriptObject.cpp:
      (WebCore::ScriptGlobalObject::set):
      (WebCore::ScriptGlobalObject::get):
      (WebCore::ScriptGlobalObject::remove):
      * bindings/js/ScriptValue.cpp:
      (WebCore::ScriptValue::getString):
      (WebCore::ScriptValue::toInspectorValue):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::~WorkerScriptController):
      (WebCore::WorkerScriptController::initScript):
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::disableEval):
      * bindings/objc/WebScriptObject.mm:
      (_didExecute):
      (-[WebScriptObject _setImp:originRootObject:rootObject:]):
      (-[WebScriptObject _setOriginRootObject:andRootObject:]):
      (-[WebScriptObject dealloc]):
      (-[WebScriptObject finalize]):
      (-[WebScriptObject callWebScriptMethod:withArguments:]):
      (-[WebScriptObject evaluateWebScript:]):
      (-[WebScriptObject setValue:forKey:]):
      (-[WebScriptObject valueForKey:]):
      (-[WebScriptObject removeWebScriptKey:]):
      (-[WebScriptObject hasWebScriptKey:]):
      (-[WebScriptObject stringRepresentation]):
      (-[WebScriptObject webScriptValueAtIndex:]):
      (-[WebScriptObject setWebScriptValueAtIndex:value:]):
      (+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateCallbackImplementation):
      * bindings/scripts/test/JS/JSTestCallback.cpp:
      (WebCore::JSTestCallback::callbackWithNoParam):
      (WebCore::JSTestCallback::callbackWithClass1Param):
      (WebCore::JSTestCallback::callbackWithClass2Param):
      (WebCore::JSTestCallback::callbackWithStringList):
      (WebCore::JSTestCallback::callbackWithBoolean):
      (WebCore::JSTestCallback::callbackRequiresThisToPass):
      * bridge/NP_jsobject.cpp:
      (_NPN_InvokeDefault):
      (_NPN_Invoke):
      (_NPN_Evaluate):
      (_NPN_GetProperty):
      (_NPN_SetProperty):
      (_NPN_RemoveProperty):
      (_NPN_HasProperty):
      (_NPN_HasMethod):
      (_NPN_Enumerate):
      (_NPN_Construct):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::~CClass):
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CInstance::moveGlobalExceptionToExecState):
      (JSC::Bindings::CInstance::invokeMethod):
      (JSC::Bindings::CInstance::invokeDefaultMethod):
      (JSC::Bindings::CInstance::invokeConstruct):
      (JSC::Bindings::CInstance::getPropertyNames):
      * bridge/c/c_runtime.cpp:
      (JSC::Bindings::CField::valueFromInstance):
      (JSC::Bindings::CField::setValueToInstance):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      (JSC::Bindings::convertNPVariantToValue):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::call):
      (JavaJSObject::eval):
      (JavaJSObject::getMember):
      (JavaJSObject::setMember):
      (JavaJSObject::removeMember):
      (JavaJSObject::getSlot):
      (JavaJSObject::setSlot):
      (JavaJSObject::toString):
      (JavaJSObject::convertValueToJObject):
      (JavaJSObject::convertJObjectToValue):
      * bridge/jni/jni_objc.mm:
      (JSC::Bindings::dispatchJNICall):
      * bridge/jni/jsc/JNIUtilityPrivate.cpp:
      (JSC::Bindings::convertValueToJValue):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::JavaClass):
      (JavaClass::~JavaClass):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaInstance::stringValue):
      * bridge/jni/jsc/JavaMethodJSC.cpp:
      (appendClassName):
      (JavaMethod::signature):
      * bridge/jni/jsc/JavaStringJSC.h:
      (JSC::Bindings::JavaString::JavaString):
      (JSC::Bindings::JavaString::~JavaString):
      (JSC::Bindings::JavaString::utf8):
      (JSC::Bindings::JavaString::init):
      * bridge/jsc/BridgeJSC.cpp:
      (JSC::Bindings::Instance::createRuntimeObject):
      (JSC::Bindings::Instance::newRuntimeObject):
      * bridge/objc/objc_instance.mm:
      (ObjcInstance::moveGlobalExceptionToExecState):
      (ObjcInstance::invokeObjcMethod):
      (ObjcInstance::invokeDefaultMethod):
      (ObjcInstance::setValueOfUndefinedField):
      (ObjcInstance::getValueOfUndefinedField):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcField::valueFromInstance):
      (JSC::Bindings::ObjcField::setValueToInstance):
      * bridge/objc/objc_utility.mm:
      (JSC::Bindings::convertValueToObjcValue):
      (JSC::Bindings::convertNSStringToString):
      (JSC::Bindings::convertObjcValueToValue):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtInstance::~QtInstance):
      (JSC::Bindings::QtInstance::getQtInstance):
      (JSC::Bindings::QtInstance::newRuntimeObject):
      * bridge/qt/qt_pixmapruntime.cpp:
      (JSC::Bindings::QtPixmapInstance::createPixmapRuntimeObject):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertValueToQVariant):
      (JSC::Bindings::convertQVariantToValue):
      (JSC::Bindings::QtRuntimeMetaMethod::call):
      (JSC::Bindings::QtRuntimeConnectionMethod::call):
      * bridge/qt/qt_runtime_qt4.cpp:
      (JSC::Bindings::convertValueToQVariant):
      (JSC::Bindings::convertQVariantToValue):
      (JSC::Bindings::QtRuntimeMetaMethod::call):
      (JSC::Bindings::QtRuntimeConnectionMethod::call):
      * html/HTMLCanvasElement.cpp:
      (WebCore::HTMLCanvasElement::createImageBuffer):
      * html/HTMLImageLoader.cpp:
      (WebCore::HTMLImageLoader::notifyFinished):
      * plugins/PluginView.cpp:
      (WebCore::PluginView::start):
      (WebCore::PluginView::stop):
      (WebCore::PluginView::performRequest):
      (WebCore::PluginView::npObject):
      (WebCore::PluginView::privateBrowsingStateChanged):
      * plugins/blackberry/PluginViewBlackBerry.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      (WebCore::PluginView::getWindowInfo):
      * plugins/efl/PluginViewEfl.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/gtk/PluginViewGtk.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/mac/PluginViewMac.mm:
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/qt/PluginViewQt.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/win/PluginViewWin.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowRect):
      * testing/js/WebCoreTestSupport.cpp:
      (WebCoreTestSupport::injectInternalsObject):
      (WebCoreTestSupport::resetInternalsObject):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::dropProtection):
      
      Source/WebKit/blackberry: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * Api/BlackBerryGlobal.cpp:
      (BlackBerry::WebKit::clearMemoryCaches):
      * WebCoreSupport/ClientExtension.cpp:
      * WebCoreSupport/PagePopupBlackBerry.cpp:
      (WebCore::PagePopupBlackBerry::installDomFunction):
      * WebKitSupport/DumpRenderTreeSupport.cpp:
      (DumpRenderTreeSupport::computedStyleIncludingVisitedInfo):
      
      Source/WebKit/efl: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * ewk/ewk_frame.cpp:
      (ewk_frame_script_execute):
      * ewk/ewk_view.cpp:
      (ewk_view_js_object_add):
      
      Source/WebKit/gtk: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
      (DumpRenderTreeSupportGtk::gcCountJavascriptObjects):
      
      Source/WebKit/mac: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * DOM/WebDOMOperations.mm:
      (JSC):
      * Misc/WebCoreStatistics.mm:
      (+[WebCoreStatistics javaScriptObjectsCount]):
      (+[WebCoreStatistics javaScriptGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
      (+[WebCoreStatistics javaScriptObjectTypeCounts]):
      (+[WebCoreStatistics shouldPrintExceptions]):
      (+[WebCoreStatistics setShouldPrintExceptions:]):
      (+[WebCoreStatistics memoryStatistics]):
      (+[WebCoreStatistics javaScriptReferencedObjectsCount]):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      (WebKit::NetscapePluginInstanceProxy::invoke):
      (WebKit::NetscapePluginInstanceProxy::invokeDefault):
      (WebKit::NetscapePluginInstanceProxy::construct):
      (WebKit::NetscapePluginInstanceProxy::getProperty):
      (WebKit::NetscapePluginInstanceProxy::setProperty):
      (WebKit::NetscapePluginInstanceProxy::removeProperty):
      (WebKit::NetscapePluginInstanceProxy::hasMethod):
      (WebKit::NetscapePluginInstanceProxy::enumerate):
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      (WebKit::NetscapePluginInstanceProxy::moveGlobalExceptionToExecState):
      * Plugins/WebNetscapePluginStream.mm:
      (WebNetscapePluginStream::wantsAllStreams):
      * Plugins/WebNetscapePluginView.mm:
      (-[WebNetscapePluginView sendEvent:isDrawRect:]):
      (-[WebNetscapePluginView privateBrowsingModeDidChange]):
      (-[WebNetscapePluginView setWindowIfNecessary]):
      (-[WebNetscapePluginView createPluginScriptableObject]):
      (-[WebNetscapePluginView getFormValue:]):
      (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]):
      (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]):
      (-[WebNetscapePluginView loadPluginRequest:]):
      (-[WebNetscapePluginView _printedPluginBitmap]):
      * Plugins/WebPluginController.mm:
      (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]):
      (-[WebPluginController stopOnePlugin:]):
      (-[WebPluginController destroyOnePlugin:]):
      (-[WebPluginController startAllPlugins]):
      (-[WebPluginController addPlugin:]):
      * WebView/WebFrame.mm:
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:forceUserGesture:]):
      (-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]):
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame scopeChain]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebView.mm:
      (+[WebView _reportException:inContext:]):
      (-[WebView aeDescByEvaluatingJavaScriptFromString:]):
      (-[WebView _computedStyleIncludingVisitedInfo:forElement:]):
      
      Source/WebKit/qt: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * Api/qwebframe.cpp:
      (QWebFramePrivate::addQtSenderToGlobalObject):
      (QWebFrame::addToJavaScriptWindowObject):
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (DumpRenderTreeSupportQt::injectInternalsObject):
      (DumpRenderTreeSupportQt::resetInternalsObject):
      
      Source/WebKit/win: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * WebCoreStatistics.cpp:
      (WebCoreStatistics::javaScriptObjectsCount):
      (WebCoreStatistics::javaScriptGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectsCount):
      (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      * WebFrame.cpp:
      (WebFrame::stringByEvaluatingJavaScriptInScriptWorld):
      * WebJavaScriptCollector.cpp:
      (WebJavaScriptCollector::objectCount):
      * WebView.cpp:
      (WebView::stringByEvaluatingJavaScriptFromString):
      (WebView::reportException):
      (WebView::elementFromJS):
      
      Source/WebKit2: 
      
      Changed all sites that used JSLock to instead use the new JSLockHolder
      and pass in the correct JS context that the code is about to interact with that 
      needs protection.
      
      * Shared/mac/WebMemorySampler.mac.mm:
      (WebKit::WebMemorySampler::sampleWebKit):
      * WebProcess/InjectedBundle/InjectedBundle.cpp:
      (WebKit::InjectedBundle::javaScriptObjectsCount):
      (WebKit::InjectedBundle::reportException):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::hasMethod):
      (WebKit::NPJSObject::invoke):
      (WebKit::NPJSObject::invokeDefault):
      (WebKit::NPJSObject::hasProperty):
      (WebKit::NPJSObject::getProperty):
      (WebKit::NPJSObject::setProperty):
      (WebKit::NPJSObject::removeProperty):
      (WebKit::NPJSObject::enumerate):
      (WebKit::NPJSObject::construct):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      (WebKit::NPRuntimeObjectMap::evaluate):
      (WebKit::NPRuntimeObjectMap::moveGlobalExceptionToExecState):
      * WebProcess/WebPage/WebFrame.cpp:
      (WebKit::WebFrame::jsWrapperForWorld):
      (WebKit::WebFrame::computedStyleIncludingVisitedInfo):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::runJavaScriptInMainFrame):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::getWebCoreStatistics):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121058 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6d9f86d9
  24. 20 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG should optimize ResolveGlobal · 3bcb211b
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89617
      
      Reviewed by Oliver Hunt.
              
      This adds inlining of ResolveGlobal accesses that are known monomorphic. It also
      adds the specific function optimization to ResolveGlobal, when it is inlined. And,
      it makes internal functions act like specific functions, since that will be the
      most common use-case of this optimization.
              
      This is only a slighy speed-up (sub 1%), since we don't yet do the obvious thing
      with this optimization, which is to completely inline common "globally resolved"
      function and constructor calls, like "new Array()".
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::globalResolveInfoForBytecodeOffset):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::numberOfGlobalResolveInfos):
      * bytecode/GlobalResolveInfo.h:
      (JSC::getGlobalResolveInfoBytecodeOffset):
      (JSC):
      * bytecode/ResolveGlobalStatus.cpp: Added.
      (JSC):
      (JSC::computeForStructure):
      (JSC::computeForLLInt):
      (JSC::ResolveGlobalStatus::computeFor):
      * bytecode/ResolveGlobalStatus.h: Added.
      (JSC):
      (ResolveGlobalStatus):
      (JSC::ResolveGlobalStatus::ResolveGlobalStatus):
      (JSC::ResolveGlobalStatus::state):
      (JSC::ResolveGlobalStatus::isSet):
      (JSC::ResolveGlobalStatus::operator!):
      (JSC::ResolveGlobalStatus::isSimple):
      (JSC::ResolveGlobalStatus::takesSlowPath):
      (JSC::ResolveGlobalStatus::structure):
      (JSC::ResolveGlobalStatus::offset):
      (JSC::ResolveGlobalStatus::specificValue):
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (DFG):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * runtime/JSObject.cpp:
      (JSC::getCallableObjectSlow):
      (JSC):
      (JSC::JSObject::put):
      (JSC::JSObject::putDirectVirtual):
      (JSC::JSObject::putDirectAccessor):
      * runtime/JSObject.h:
      (JSC):
      (JSC::getCallableObject):
      (JSC::JSObject::putOwnDataProperty):
      (JSC::JSObject::putDirect):
      (JSC::JSObject::putDirectWithoutTransition):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120897 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3bcb211b
  25. 13 Jun, 2012 3 commits
    • fpizlo@apple.com's avatar
      DFG should be able to set watchpoints on global variables · b75911b2
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88692
      
      Source/JavaScriptCore: 
      
      Reviewed by Geoffrey Garen.
              
      Rolling back in after fixing Windows build issues, and implementing
      branchTest8 for the Qt port's strange assemblers.
              
      This implements global variable constant folding by allowing the optimizing
      compiler to set a "watchpoint" on globals that it wishes to constant fold.
      If the watchpoint fires, then an OSR exit is forced by overwriting the
      machine code that the optimizing compiler generated with a jump.
              
      As such, this patch is adding quite a bit of stuff:
              
      - Jump replacement on those hardware targets supported by the optimizing
        JIT. It is now possible to patch in a jump instruction over any recorded
        watchpoint label. The jump must be "local" in the sense that it must be
        within the range of the largest jump distance supported by a one
        instruction jump.
                
      - WatchpointSets and Watchpoints. A Watchpoint is a doubly-linked list node
        that records the location where a jump must be inserted and the
        destination to which it should jump. Watchpoints can be added to a
        WatchpointSet. The WatchpointSet can be fired all at once, which plants
        all jumps. WatchpointSet also remembers if it had ever been invalidated,
        which allows for monotonicity: we typically don't want to optimize using
        watchpoints on something for which watchpoints had previously fired. The
        act of notifying a WatchpointSet has a trivial fast path in case no
        Watchpoints are registered (one-byte load+branch).
              
      - SpeculativeJIT::speculationWatchpoint(). It's like speculationCheck(),
        except that you don't have to emit branches. But, you need to know what
        WatchpointSet to add the resulting Watchpoint to. Not everything that
        you could write a speculationCheck() for will have a WatchpointSet that
        would get notified if the condition you were speculating against became
        invalid.
                
      - SymbolTableEntry now has the ability to refer to a WatchpointSet. It can
        do so without incurring any space overhead for those entries that don't
        have WatchpointSets.
                
      - The bytecode generator infers all global function variables to be
        watchable, and makes all stores perform the WatchpointSet's write check,
        and marks all loads as being potentially watchable (i.e. you can compile
        them to a watchpoint and a constant).
              
      Put together, this allows for fully sleazy inlining of calls to globally
      declared functions. The inline prologue will no longer contain the load of
      the function, or any checks of the function you're calling. I.e. it's
      pretty much like the kind of inlining you would see in Java or C++.
      Furthermore, the watchpointing functionality is built to be fairly general,
      and should allow setting watchpoints on all sorts of interesting things
      in the future.
              
      The sleazy inlining means that we will now sometimes inline in code paths
      that have never executed. Previously, to inline we would have either had
      to have executed the call (to read the call's inline cache) or have
      executed the method check (to read the method check's inline cache). Now,
      we might inline when the callee is a watched global variable. This
      revealed some humorous bugs. First, constant folding disagreed with CFA
      over what kinds of operations can clobber (example: code path A is dead
      but stores a String into variable X, all other code paths store 0 into
      X, and then you do CompareEq(X, 0) - CFA will say that this is a non-
      clobbering constant, but constant folding thought it was clobbering
      because it saw the String prediction). Second, inlining would crash if
      the inline callee had not been compiled. This patch fixes both bugs,
      since otherwise run-javascriptcore-tests would report regressions.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/ARMv7Assembler.h:
      (ARMv7Assembler):
      (JSC::ARMv7Assembler::ARMv7Assembler):
      (JSC::ARMv7Assembler::labelForWatchpoint):
      (JSC::ARMv7Assembler::label):
      (JSC::ARMv7Assembler::replaceWithJump):
      (JSC::ARMv7Assembler::maxJumpReplacementSize):
      * assembler/AbstractMacroAssembler.h:
      (JSC):
      (AbstractMacroAssembler):
      (Label):
      (JSC::AbstractMacroAssembler::watchpointLabel):
      (JSC::AbstractMacroAssembler::readPointer):
      * assembler/AssemblerBuffer.h:
      * assembler/MacroAssemblerARM.h:
      (JSC::MacroAssemblerARM::branchTest8):
      (MacroAssemblerARM):
      (JSC::MacroAssemblerARM::replaceWithJump):
      (JSC::MacroAssemblerARM::maxJumpReplacementSize):
      * assembler/MacroAssemblerARMv7.h:
      (JSC::MacroAssemblerARMv7::load8Signed):
      (JSC::MacroAssemblerARMv7::load16Signed):
      (MacroAssemblerARMv7):
      (JSC::MacroAssemblerARMv7::replaceWithJump):
      (JSC::MacroAssemblerARMv7::maxJumpReplacementSize):
      (JSC::MacroAssemblerARMv7::branchTest8):
      (JSC::MacroAssemblerARMv7::jump):
      (JSC::MacroAssemblerARMv7::makeBranch):
      * assembler/MacroAssemblerMIPS.h:
      (JSC::MacroAssemblerMIPS::branchTest8):
      (MacroAssemblerMIPS):
      (JSC::MacroAssemblerMIPS::replaceWithJump):
      (JSC::MacroAssemblerMIPS::maxJumpReplacementSize):
      * assembler/MacroAssemblerSH4.h:
      (JSC::MacroAssemblerSH4::branchTest8):
      (MacroAssemblerSH4):
      (JSC::MacroAssemblerSH4::replaceWithJump):
      (JSC::MacroAssemblerSH4::maxJumpReplacementSize):
      * assembler/MacroAssemblerX86.h:
      (MacroAssemblerX86):
      (JSC::MacroAssemblerX86::branchTest8):
      * assembler/MacroAssemblerX86Common.h:
      (JSC::MacroAssemblerX86Common::replaceWithJump):
      (MacroAssemblerX86Common):
      (JSC::MacroAssemblerX86Common::maxJumpReplacementSize):
      * assembler/MacroAssemblerX86_64.h:
      (MacroAssemblerX86_64):
      (JSC::MacroAssemblerX86_64::branchTest8):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::X86Assembler):
      (X86Assembler):
      (JSC::X86Assembler::cmpb_im):
      (JSC::X86Assembler::testb_im):
      (JSC::X86Assembler::labelForWatchpoint):
      (JSC::X86Assembler::label):
      (JSC::X86Assembler::replaceWithJump):
      (JSC::X86Assembler::maxJumpReplacementSize):
      (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
      * bytecode/CodeBlock.cpp:
      (JSC):
      (JSC::CodeBlock::printGetByIdCacheStatus):
      (JSC::CodeBlock::dump):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::appendOSRExit):
      (JSC::CodeBlock::appendSpeculationRecovery):
      (CodeBlock):
      (JSC::CodeBlock::appendWatchpoint):
      (JSC::CodeBlock::numberOfWatchpoints):
      (JSC::CodeBlock::watchpoint):
      (DFGData):
      * bytecode/DFGExitProfile.h:
      (JSC::DFG::exitKindToString):
      (JSC::DFG::exitKindIsCountable):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeForChain):
      * bytecode/Instruction.h:
      (Instruction):
      (JSC::Instruction::Instruction):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/Watchpoint.cpp: Added.
      (JSC):
      (JSC::Watchpoint::~Watchpoint):
      (JSC::Watchpoint::correctLabels):
      (JSC::Watchpoint::fire):
      (JSC::WatchpointSet::WatchpointSet):
      (JSC::WatchpointSet::~WatchpointSet):
      (JSC::WatchpointSet::add):
      (JSC::WatchpointSet::notifyWriteSlow):
      (JSC::WatchpointSet::fireAllWatchpoints):
      * bytecode/Watchpoint.h: Added.
      (JSC):
      (Watchpoint):
      (JSC::Watchpoint::Watchpoint):
      (JSC::Watchpoint::setDestination):
      (WatchpointSet):
      (JSC::WatchpointSet::isStillValid):
      (JSC::WatchpointSet::hasBeenInvalidated):
      (JSC::WatchpointSet::startWatching):
      (JSC::WatchpointSet::notifyWrite):
      (JSC::WatchpointSet::addressOfIsWatched):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::ResolveResult::checkValidity):
      (JSC::BytecodeGenerator::addGlobalVar):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitResolveWithThis):
      (JSC::BytecodeGenerator::emitGetStaticVar):
      (JSC::BytecodeGenerator::emitPutStaticVar):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::FunctionCallResolveNode::emitBytecode):
      (JSC::PostfixResolveNode::emitBytecode):
      (JSC::PrefixResolveNode::emitBytecode):
      (JSC::ReadModifyResolveNode::emitBytecode):
      (JSC::AssignResolveNode::emitBytecode):
      (JSC::ConstDeclNode::emitCodeSingle):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::clobberStructures):
      * dfg/DFGAbstractState.h:
      (AbstractState):
      (JSC::DFG::AbstractState::didClobber):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCCallHelpers.h:
      (CCallHelpers):
      (JSC::DFG::CCallHelpers::setupArguments):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::globalVarWatchpointElimination):
      (CSEPhase):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::run):
      * dfg/DFGCorrectableJumpPoint.h:
      (JSC::DFG::CorrectableJumpPoint::isSet):
      (CorrectableJumpPoint):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasIdentifierNumberForCheck):
      (Node):
      (JSC::DFG::Node::identifierNumberForCheck):
      (JSC::DFG::Node::hasRegisterPointer):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::OSRExit):
      * dfg/DFGOSRExit.h:
      (OSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (JSC::DFG::SpeculativeJIT::appendCall):
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::speculationWatchpoint):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * jit/JIT.h:
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_put_global_var_check):
      (JSC):
      (JSC::JIT::emitSlow_op_put_global_var_check):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_put_global_var_check):
      (JSC):
      (JSC::JIT::emitSlow_op_put_global_var_check):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (LLInt):
      * llint/LLIntSlowPaths.h:
      (LLInt):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/JSObject.cpp:
      (JSC::JSObject::removeDirect):
      * runtime/JSObject.h:
      (JSObject):
      * runtime/JSSymbolTableObject.h:
      (JSC::symbolTableGet):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/SymbolTable.cpp: Added.
      (JSC):
      (JSC::SymbolTableEntry::copySlow):
      (JSC::SymbolTableEntry::freeFatEntrySlow):
      (JSC::SymbolTableEntry::couldBeWatched):
      (JSC::SymbolTableEntry::attemptToWatch):
      (JSC::SymbolTableEntry::addressOfIsWatched):
      (JSC::SymbolTableEntry::addWatchpoint):
      (JSC::SymbolTableEntry::notifyWriteSlow):
      (JSC::SymbolTableEntry::inflateSlow):
      * runtime/SymbolTable.h:
      (JSC):
      (SymbolTableEntry):
      (Fast):
      (JSC::SymbolTableEntry::Fast::Fast):
      (JSC::SymbolTableEntry::Fast::isNull):
      (JSC::SymbolTableEntry::Fast::getIndex):
      (JSC::SymbolTableEntry::Fast::isReadOnly):
      (JSC::SymbolTableEntry::Fast::getAttributes):
      (JSC::SymbolTableEntry::Fast::isFat):
      (JSC::SymbolTableEntry::SymbolTableEntry):
      (JSC::SymbolTableEntry::~SymbolTableEntry):
      (JSC::SymbolTableEntry::operator=):
      (JSC::SymbolTableEntry::isNull):
      (JSC::SymbolTableEntry::getIndex):
      (JSC::SymbolTableEntry::getFast):
      (JSC::SymbolTableEntry::getAttributes):
      (JSC::SymbolTableEntry::isReadOnly):
      (JSC::SymbolTableEntry::watchpointSet):
      (JSC::SymbolTableEntry::notifyWrite):
      (FatEntry):
      (JSC::SymbolTableEntry::FatEntry::FatEntry):
      (JSC::SymbolTableEntry::isFat):
      (JSC::SymbolTableEntry::fatEntry):
      (JSC::SymbolTableEntry::inflate):
      (JSC::SymbolTableEntry::bits):
      (JSC::SymbolTableEntry::freeFatEntry):
      (JSC::SymbolTableEntry::pack):
      (JSC::SymbolTableEntry::isValidIndex):
      
      Source/WTF: 
      
      Reviewed by Geoffrey Garen.
              
      Added ability to set the inline capacity of segmented vectors.
              
      Also added the ability ot ASSERT_NOT_REACHED() without having to
      propagate NO_RETURN macros, which would be a show-stopper for code
      that is conditionally unreachable.
      
      * wtf/Assertions.h:
      (UNREACHABLE_FOR_PLATFORM):
      * wtf/SegmentedVector.h:
      (WTF):
      (SegmentedVectorIterator):
      (WTF::SegmentedVectorIterator::operator=):
      (WTF::SegmentedVectorIterator::SegmentedVectorIterator):
      (SegmentedVector):
      
      LayoutTests: 
      
      Rubber stamped by Geoffrey Garen.
              
      Added a test for watchpoints. Also updated the jsc-test-list to include the latest
      tests.
      
      * fast/js/dfg-call-function-hit-watchpoint-expected.txt: Added.
      * fast/js/dfg-call-function-hit-watchpoint.html: Added.
      * fast/js/jsc-test-list:
      * fast/js/script-tests/dfg-call-function-hit-watchpoint.js: Added.
      (foo):
      (bar):
      (.foo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120244 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b75911b2
    • zandobersek@gmail.com's avatar
      Unreviewed, rolling out r120172. · 88d53735
      zandobersek@gmail.com authored
      http://trac.webkit.org/changeset/120172
      https://bugs.webkit.org/show_bug.cgi?id=88976
      
      The patch causes compilation failures on Gtk, Qt and Apple Win
      bots (Requested by zdobersek on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-06-13
      
      Source/JavaScriptCore: 
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/ARMv7Assembler.h:
      (JSC::ARMv7Assembler::nop):
      (JSC::ARMv7Assembler::label):
      (JSC::ARMv7Assembler::readPointer):
      (ARMv7Assembler):
      * assembler/AbstractMacroAssembler.h:
      (JSC):
      (AbstractMacroAssembler):
      (Label):
      * assembler/AssemblerBuffer.h:
      * assembler/MacroAssemblerARM.h:
      * assembler/MacroAssemblerARMv7.h:
      (JSC::MacroAssemblerARMv7::nop):
      (JSC::MacroAssemblerARMv7::jump):
      (JSC::MacroAssemblerARMv7::makeBranch):
      * assembler/MacroAssemblerMIPS.h:
      * assembler/MacroAssemblerSH4.h:
      * assembler/MacroAssemblerX86.h:
      (MacroAssemblerX86):
      (JSC::MacroAssemblerX86::moveWithPatch):
      * assembler/MacroAssemblerX86Common.h:
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::branchTest8):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::cmpb_im):
      (JSC::X86Assembler::codeSize):
      (JSC::X86Assembler::label):
      (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::appendOSRExit):
      (JSC::CodeBlock::appendSpeculationRecovery):
      (DFGData):
      * bytecode/DFGExitProfile.h:
      (JSC::DFG::exitKindToString):
      (JSC::DFG::exitKindIsCountable):
      * bytecode/Instruction.h:
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/Watchpoint.cpp: Removed.
      * bytecode/Watchpoint.h: Removed.
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::ResolveResult::checkValidity):
      (JSC::BytecodeGenerator::addGlobalVar):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitResolveWithThis):
      (JSC::BytecodeGenerator::emitGetStaticVar):
      (JSC::BytecodeGenerator::emitPutStaticVar):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::FunctionCallResolveNode::emitBytecode):
      (JSC::PostfixResolveNode::emitBytecode):
      (JSC::PrefixResolveNode::emitBytecode):
      (JSC::ReadModifyResolveNode::emitBytecode):
      (JSC::AssignResolveNode::emitBytecode):
      (JSC::ConstDeclNode::emitCodeSingle):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::clobberStructures):
      * dfg/DFGAbstractState.h:
      (AbstractState):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::setupArguments):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::run):
      * dfg/DFGCorrectableJumpPoint.h:
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasRegisterPointer):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::OSRExit):
      * dfg/DFGOSRExit.h:
      (OSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (JSC::DFG::SpeculativeJIT::appendCallSetResult):
      (JSC::DFG::SpeculativeJIT::speculationCheck):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * jit/JIT.h:
      * jit/JITPropertyAccess.cpp:
      * jit/JITPropertyAccess32_64.cpp:
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      * llint/LLIntSlowPaths.cpp:
      * llint/LLIntSlowPaths.h:
      (LLInt):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/JSObject.cpp:
      (JSC::JSObject::removeDirect):
      * runtime/JSObject.h:
      (JSObject):
      * runtime/JSSymbolTableObject.h:
      (JSC::symbolTableGet):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/SymbolTable.cpp: Removed.
      * runtime/SymbolTable.h:
      (JSC):
      (JSC::SymbolTableEntry::isNull):
      (JSC::SymbolTableEntry::getIndex):
      (SymbolTableEntry):
      (JSC::SymbolTableEntry::getAttributes):
      (JSC::SymbolTableEntry::isReadOnly):
      (JSC::SymbolTableEntry::pack):
      (JSC::SymbolTableEntry::isValidIndex):
      
      Source/WTF: 
      
      * wtf/SegmentedVector.h:
      (WTF):
      (SegmentedVectorIterator):
      (WTF::SegmentedVectorIterator::operator=):
      (WTF::SegmentedVectorIterator::SegmentedVectorIterator):
      (SegmentedVector):
      
      LayoutTests: 
      
      * fast/js/dfg-call-function-hit-watchpoint-expected.txt: Removed.
      * fast/js/dfg-call-function-hit-watchpoint.html: Removed.
      * fast/js/jsc-test-list:
      * fast/js/script-tests/dfg-call-function-hit-watchpoint.js: Removed.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120175 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      88d53735
    • fpizlo@apple.com's avatar
      DFG should be able to set watchpoints on global variables · b6c5eeb7
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88692
      
      Source/JavaScriptCore: 
      
      Reviewed by Geoffrey Garen.
              
      This implements global variable constant folding by allowing the optimizing
      compiler to set a "watchpoint" on globals that it wishes to constant fold.
      If the watchpoint fires, then an OSR exit is forced by overwriting the
      machine code that the optimizing compiler generated with a jump.
              
      As such, this patch is adding quite a bit of stuff:
              
      - Jump replacement on those hardware targets supported by the optimizing
        JIT. It is now possible to patch in a jump instruction over any recorded
        watchpoint label. The jump must be "local" in the sense that it must be
        within the range of the largest jump distance supported by a one
        instruction jump.
                
      - WatchpointSets and Watchpoints. A Watchpoint is a doubly-linked list node
        that records the location where a jump must be inserted and the
        destination to which it should jump. Watchpoints can be added to a
        WatchpointSet. The WatchpointSet can be fired all at once, which plants
        all jumps. WatchpointSet also remembers if it had ever been invalidated,
        which allows for monotonicity: we typically don't want to optimize using
        watchpoints on something for which watchpoints had previously fired. The
        act of notifying a WatchpointSet has a trivial fast path in case no
        Watchpoints are registered (one-byte load+branch).
              
      - SpeculativeJIT::speculationWatchpoint(). It's like speculationCheck(),
        except that you don't have to emit branches. But, you need to know what
        WatchpointSet to add the resulting Watchpoint to. Not everything that
        you could write a speculationCheck() for will have a WatchpointSet that
        would get notified if the condition you were speculating against became
        invalid.
                
      - SymbolTableEntry now has the ability to refer to a WatchpointSet. It can
        do so without incurring any space overhead for those entries that don't
        have WatchpointSets.
                
      - The bytecode generator infers all global function variables to be
        watchable, and makes all stores perform the WatchpointSet's write check,
        and marks all loads as being potentially watchable (i.e. you can compile
        them to a watchpoint and a constant).
              
      Put together, this allows for fully sleazy inlining of calls to globally
      declared functions. The inline prologue will no longer contain the load of
      the function, or any checks of the function you're calling. I.e. it's
      pretty much like the kind of inlining you would see in Java or C++.
      Furthermore, the watchpointing functionality is built to be fairly general,
      and should allow setting watchpoints on all sorts of interesting things
      in the future.
              
      The sleazy inlining means that we will now sometimes inline in code paths
      that have never executed. Previously, to inline we would have either had
      to have executed the call (to read the call's inline cache) or have
      executed the method check (to read the method check's inline cache). Now,
      we might inline when the callee is a watched global variable. This
      revealed some humorous bugs. First, constant folding disagreed with CFA
      over what kinds of operations can clobber (example: code path A is dead
      but stores a String into variable X, all other code paths store 0 into
      X, and then you do CompareEq(X, 0) - CFA will say that this is a non-
      clobbering constant, but constant folding thought it was clobbering
      because it saw the String prediction). Second, inlining would crash if
      the inline callee had not been compiled. This patch fixes both bugs,
      since otherwise run-javascriptcore-tests would report regressions.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/ARMv7Assembler.h:
      (ARMv7Assembler):
      (JSC::ARMv7Assembler::ARMv7Assembler):
      (JSC::ARMv7Assembler::labelForWatchpoint):
      (JSC::ARMv7Assembler::label):
      (JSC::ARMv7Assembler::replaceWithJump):
      (JSC::ARMv7Assembler::maxJumpReplacementSize):
      * assembler/AbstractMacroAssembler.h:
      (JSC):
      (AbstractMacroAssembler):
      (Label):
      (JSC::AbstractMacroAssembler::watchpointLabel):
      * assembler/AssemblerBuffer.h:
      * assembler/MacroAssemblerARM.h:
      (JSC::MacroAssemblerARM::replaceWithJump):
      (MacroAssemblerARM):
      (JSC::MacroAssemblerARM::maxJumpReplacementSize):
      * assembler/MacroAssemblerARMv7.h:
      (MacroAssemblerARMv7):
      (JSC::MacroAssemblerARMv7::replaceWithJump):
      (JSC::MacroAssemblerARMv7::maxJumpReplacementSize):
      (JSC::MacroAssemblerARMv7::branchTest8):
      (JSC::MacroAssemblerARMv7::jump):
      (JSC::MacroAssemblerARMv7::makeBranch):
      * assembler/MacroAssemblerMIPS.h:
      (JSC::MacroAssemblerMIPS::replaceWithJump):
      (MacroAssemblerMIPS):
      (JSC::MacroAssemblerMIPS::maxJumpReplacementSize):
      * assembler/MacroAssemblerSH4.h:
      (JSC::MacroAssemblerSH4::replaceWithJump):
      (MacroAssemblerSH4):
      (JSC::MacroAssemblerSH4::maxJumpReplacementSize):
      * assembler/MacroAssemblerX86.h:
      (MacroAssemblerX86):
      (JSC::MacroAssemblerX86::branchTest8):
      * assembler/MacroAssemblerX86Common.h:
      (JSC::MacroAssemblerX86Common::replaceWithJump):
      (MacroAssemblerX86Common):
      (JSC::MacroAssemblerX86Common::maxJumpReplacementSize):
      * assembler/MacroAssemblerX86_64.h:
      (MacroAssemblerX86_64):
      (JSC::MacroAssemblerX86_64::branchTest8):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::X86Assembler):
      (X86Assembler):
      (JSC::X86Assembler::cmpb_im):
      (JSC::X86Assembler::testb_im):
      (JSC::X86Assembler::labelForWatchpoint):
      (JSC::X86Assembler::label):
      (JSC::X86Assembler::replaceWithJump):
      (JSC::X86Assembler::maxJumpReplacementSize):
      (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::appendOSRExit):
      (JSC::CodeBlock::appendSpeculationRecovery):
      (CodeBlock):
      (JSC::CodeBlock::appendWatchpoint):
      (JSC::CodeBlock::numberOfWatchpoints):
      (JSC::CodeBlock::watchpoint):
      (DFGData):
      * bytecode/DFGExitProfile.h:
      (JSC::DFG::exitKindToString):
      (JSC::DFG::exitKindIsCountable):
      * bytecode/Instruction.h:
      (Instruction):
      (JSC::Instruction::Instruction):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/Watchpoint.cpp: Added.
      (JSC):
      (JSC::Watchpoint::~Watchpoint):
      (JSC::Watchpoint::correctLabels):
      (JSC::Watchpoint::fire):
      (JSC::WatchpointSet::WatchpointSet):
      (JSC::WatchpointSet::~WatchpointSet):
      (JSC::WatchpointSet::add):
      (JSC::WatchpointSet::notifyWriteSlow):
      (JSC::WatchpointSet::fireAllWatchpoints):
      * bytecode/Watchpoint.h: Added.
      (JSC):
      (Watchpoint):
      (JSC::Watchpoint::Watchpoint):
      (JSC::Watchpoint::setDestination):
      (WatchpointSet):
      (JSC::WatchpointSet::isStillValid):
      (JSC::WatchpointSet::hasBeenInvalidated):
      (JSC::WatchpointSet::startWatching):
      (JSC::WatchpointSet::notifyWrite):
      (JSC::WatchpointSet::addressOfIsWatched):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::ResolveResult::checkValidity):
      (JSC::BytecodeGenerator::addGlobalVar):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitResolveWithThis):
      (JSC::BytecodeGenerator::emitGetStaticVar):
      (JSC::BytecodeGenerator::emitPutStaticVar):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::FunctionCallResolveNode::emitBytecode):
      (JSC::PostfixResolveNode::emitBytecode):
      (JSC::PrefixResolveNode::emitBytecode):
      (JSC::ReadModifyResolveNode::emitBytecode):
      (JSC::AssignResolveNode::emitBytecode):
      (JSC::ConstDeclNode::emitCodeSingle):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::clobberStructures):
      * dfg/DFGAbstractState.h:
      (AbstractState):
      (JSC::DFG::AbstractState::didClobber):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCCallHelpers.h:
      (CCallHelpers):
      (JSC::DFG::CCallHelpers::setupArguments):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::globalVarWatchpointElimination):
      (CSEPhase):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::run):
      * dfg/DFGCorrectableJumpPoint.h:
      (JSC::DFG::CorrectableJumpPoint::isSet):
      (CorrectableJumpPoint):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasIdentifierNumberForCheck):
      (Node):
      (JSC::DFG::Node::identifierNumberForCheck):
      (JSC::DFG::Node::hasRegisterPointer):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::OSRExit):
      * dfg/DFGOSRExit.h:
      (OSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (JSC::DFG::SpeculativeJIT::appendCall):
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::speculationWatchpoint):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * jit/JIT.h:
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_put_global_var_check):
      (JSC):
      (JSC::JIT::emitSlow_op_put_global_var_check):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_put_global_var_check):
      (JSC):
      (JSC::JIT::emitSlow_op_put_global_var_check):
      * jit/JITStubs.cpp:
      (JSC::JITThunks::JITThunks):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (LLInt):
      * llint/LLIntSlowPaths.h:
      (LLInt):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/JSObject.cpp:
      (JSC::JSObject::removeDirect):
      * runtime/JSObject.h:
      (JSObject):
      * runtime/JSSymbolTableObject.h:
      (JSC::symbolTableGet):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/SymbolTable.cpp: Added.
      (JSC):
      (JSC::SymbolTableEntry::copySlow):
      (JSC::SymbolTableEntry::freeFatEntrySlow):
      (JSC::SymbolTableEntry::couldBeWatched):
      (JSC::SymbolTableEntry::attemptToWatch):
      (JSC::SymbolTableEntry::addressOfIsWatched):
      (JSC::SymbolTableEntry::addWatchpoint):
      (JSC::SymbolTableEntry::notifyWriteSlow):
      (JSC::SymbolTableEntry::inflateSlow):
      * runtime/SymbolTable.h:
      (JSC):
      (SymbolTableEntry):
      (Fast):
      (JSC::SymbolTableEntry::Fast::Fast):
      (JSC::SymbolTableEntry::Fast::isNull):
      (JSC::SymbolTableEntry::Fast::getIndex):
      (JSC::SymbolTableEntry::Fast::isReadOnly):
      (JSC::SymbolTableEntry::Fast::getAttributes):
      (JSC::SymbolTableEntry::Fast::isFat):
      (JSC::SymbolTableEntry::SymbolTableEntry):
      (JSC::SymbolTableEntry::~SymbolTableEntry):
      (JSC::SymbolTableEntry::operator=):
      (JSC::SymbolTableEntry::isNull):
      (JSC::SymbolTableEntry::getIndex):
      (JSC::SymbolTableEntry::getFast):
      (JSC::SymbolTableEntry::getAttributes):
      (JSC::SymbolTableEntry::isReadOnly):
      (JSC::SymbolTableEntry::watchpointSet):
      (JSC::SymbolTableEntry::notifyWrite):
      (FatEntry):
      (JSC::SymbolTableEntry::FatEntry::FatEntry):
      (JSC::SymbolTableEntry::isFat):
      (JSC::SymbolTableEntry::fatEntry):
      (JSC::SymbolTableEntry::inflate):
      (JSC::SymbolTableEntry::bits):
      (JSC::SymbolTableEntry::freeFatEntry):
      (JSC::SymbolTableEntry::pack):
      (JSC::SymbolTableEntry::isValidIndex):
      
      Source/WTF: 
      
      Reviewed by Geoffrey Garen.
              
      Added ability to set the inline capacity of segmented vectors.
      
      * wtf/SegmentedVector.h:
      (WTF):
      (SegmentedVectorIterator):
      (WTF::SegmentedVectorIterator::operator=):
      (WTF::SegmentedVectorIterator::SegmentedVectorIterator):
      (SegmentedVector):
      
      LayoutTests: 
      
      Rubber stamped by Geoffrey Garen.
              
      Added a test for watchpoints. Also updated the jsc-test-list to include the latest
      tests.
      
      * fast/js/dfg-call-function-hit-watchpoint-expected.txt: Added.
      * fast/js/dfg-call-function-hit-watchpoint.html: Added.
      * fast/js/jsc-test-list:
      * fast/js/script-tests/dfg-call-function-hit-watchpoint.js: Added.
      (foo):
      (bar):
      (.foo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120172 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b6c5eeb7
  26. 08 Jun, 2012 1 commit
    • ggaren@apple.com's avatar
      Don't rely on weak pointers for eager CodeBlock finalization · d7147575
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88465
      
      Reviewed by Gavin Barraclough.
      
      This is incompatible with lazy weak pointer finalization.
      
      I considered just making CodeBlock finalization lazy-friendly, but it
      turns out that the heap is already way up in CodeBlock's business when
      it comes to finalization, so I decided to finish the job and move full
      responsibility for CodeBlock finalization into the heap.
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Maybe this
      will build.
      
      * debugger/Debugger.cpp: Updated for rename.
      
      * heap/Heap.cpp:
      (JSC::Heap::deleteAllCompiledCode): Renamed for consistency. Fixed a bug
      where we would not delete code for a code block that had been previously
      jettisoned. I don't know if this happens in practice -- I mostly did
      this to improve consistency with deleteUnmarkedCompiledCode.
      
      (JSC::Heap::deleteUnmarkedCompiledCode): New function, responsible for
      eager finalization of unmarked code blocks.
      
      (JSC::Heap::collect): Updated for rename. Updated to call
      deleteUnmarkedCompiledCode(), which takes care of jettisoned DFG code
      blocks too.
      
      (JSC::Heap::addCompiledCode): Renamed, since this points to all code
      now, not just functions.
      
      * heap/Heap.h:
      (Heap): Keep track of all user code, not just functions. This is a
      negligible additional overhead, since most code is function code.
      
      * runtime/Executable.cpp:
      (JSC::*::finalize): Removed these functions, since we don't rely on
      weak pointer finalization anymore.
      
      (JSC::FunctionExecutable::FunctionExecutable): Moved linked-list stuff
      into base class so all executables can be in the list.
      
      (JSC::EvalExecutable::clearCode):
      (JSC::ProgramExecutable::clearCode):
      (JSC::FunctionExecutable::clearCode): All we need to do is delete our
      CodeBlock -- that will delete all of its internal data structures.
      
      (JSC::FunctionExecutable::clearCodeIfNotCompiling): Factored out a helper
      function to improve clarity.
      
      * runtime/Executable.h:
      (JSC::ExecutableBase): Moved linked-list stuff
      into base class so all executables can be in the list.
      
      (JSC::NativeExecutable::create):
      (NativeExecutable):
      (ScriptExecutable):
      (JSC::ScriptExecutable::finishCreation):
      (JSC::EvalExecutable::create):
      (EvalExecutable):
      (JSC::ProgramExecutable::create):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::create): Don't use a finalizer -- the heap
      will call us back to destroy our code block.
      
      (JSC::FunctionExecutable::discardCode): Renamed to clearCodeIfNotCompiling()
      for clarity.
      
      (JSC::FunctionExecutable::isCompiling): New helper function, for clarity.
      
      (JSC::ScriptExecutable::clearCodeVirtual): New helper function, since
      the heap needs to make polymorphic calls to clear code.
      
      * runtime/JSGlobalData.cpp:
      (JSC::StackPreservingRecompiler::operator()):
      * runtime/JSGlobalObject.cpp:
      (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): Updated for
      renames.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119844 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d7147575
  27. 06 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      Global object variable accesses should not require an extra load · 26af9b61
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88385
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough and Geoffrey Garen.
              
      Previously, if you wanted to access a global variable, you'd first have
      to load the register array from the appropriate global object and then
      either load or store at an offset to the register array. This is because
      JSGlobalObject inherited from JSVariableObject, and JSVariableObject is
      designed with the pessimistic assumption that its register array may
      point into the call stack. This is never the case for global objects.
      Hence, even though the global object may add more registers at any time,
      it does not need to store them in a contiguous array. It can use a
      SegmentedVector or similar.
              
      This patch refactors global objects and variable objects as follows:
              
      - The functionality to track variables in an indexable array using a
        SymbolTable to map names to indices is moved into JSSymbolTableObject,
        which is now a supertype of JSVariableObject. JSVariableObject is now
        just a holder for a registers array and implements the registerAt()
        method that is left abstract in JSSymbolTableObject. Because all users
        of JSVariableObject know whether they are a JSStaticScopeObject,
        JSActivation, or JSGlobalObject, this "abstract" method is not virtual;
        instead the utility methods that would call registerAt() are now
        template functions that require you to know statically what subtype of
        JSSymbolTableObject you're using (JSVariableObject or something else),
        so that registerAt() can be statically bound.
              
      - A new class is added called JSSegmentedVariableObject, which only
        differs from JSVariableObject in how it allocates registers. It uses a
        SegmentedVector instead of manually managing a pointer to a contiguous
        slab of registers. This changes the interface somewhat; for example
        with JSVariableObject if you wanted to add a register you had to do
        it yourself since the JSVariableObject didn't know how the registers
        array ought to be allocated. With JSSegmentedVariableObject you can
        just call addRegisters(). JSSegmentedVariableObject preserves the
        invariant that once you get a pointer into a register, that pointer
        will continue to be valid so long as the JSSegmentedVariableObject is
        alive. This allows the JITs and interpreters to skip the extra load.
              
      - JSGlobalObject now inherits from JSSegmentedVariableObject. For now
        (and possibly forever) it is the only subtype of this new class.
              
      - The bytecode format is changed so that get_global_var and
        put_global_var have a pointer to the register directly rather than
        having an index. A convenience method is provided in
        JSSegmentedVariableObject to get the index given a a pointer, which is
        used for assertions and debug dumps.
              
      This appears to be a 1% across the board win.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      * bytecode/Instruction.h:
      (Instruction):
      (JSC::Instruction::Instruction):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::ResolveResult::registerPointer):
      (JSC):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::retrieveLastUnaryOp):
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::resolveConstDecl):
      (JSC::BytecodeGenerator::emitGetStaticVar):
      (JSC::BytecodeGenerator::emitPutStaticVar):
      * bytecompiler/BytecodeGenerator.h:
      (ResolveResult):
      (BytecodeGenerator):
      * dfg/DFGAssemblyHelpers.h:
      (AssemblyHelpers):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::globalVarLoadElimination):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::globalObjectFor):
      (Graph):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasVarNumber):
      (Node):
      (JSC::DFG::Node::hasRegisterPointer):
      (JSC::DFG::Node::registerPointer):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * heap/Heap.h:
      (Heap):
      (JSC::Heap::isWriteBarrierEnabled):
      (JSC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_global_var):
      (JSC::JIT::emit_op_put_global_var):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_global_var):
      (JSC::JIT::emit_op_put_global_var):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/JSGlobalObject.cpp:
      (JSC):
      (JSC::JSGlobalObject::put):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::defineOwnProperty):
      (JSC::JSGlobalObject::visitChildren):
      (JSC::JSGlobalObject::addStaticGlobals):
      (JSC::JSGlobalObject::getOwnPropertySlot):
      (JSC::JSGlobalObject::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC):
      (JSC::JSGlobalObject::hasOwnPropertyForWrite):
      * runtime/JSSegmentedVariableObject.cpp: Added.
      (JSC):
      (JSC::JSSegmentedVariableObject::findRegisterIndex):
      (JSC::JSSegmentedVariableObject::addRegisters):
      (JSC::JSSegmentedVariableObject::visitChildren):
      * runtime/JSSegmentedVariableObject.h: Added.
      (JSC):
      (JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::registerAt):
      (JSC::JSSegmentedVariableObject::assertRegisterIsInThisObject):
      (JSC::JSSegmentedVariableObject::JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::finishCreation):
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::put):
      (JSC::JSStaticScopeObject::putDirectVirtual):
      (JSC::JSStaticScopeObject::getOwnPropertySlot):
      * runtime/JSSymbolTableObject.cpp: Added.
      (JSC):
      (JSC::JSSymbolTableObject::destroy):
      (JSC::JSSymbolTableObject::deleteProperty):
      (JSC::JSSymbolTableObject::getOwnPropertyNames):
      (JSC::JSSymbolTableObject::putDirectVirtual):
      (JSC::JSSymbolTableObject::isDynamicScope):
      * runtime/JSSymbolTableObject.h: Added.
      (JSC):
      (JSSymbolTableObject):
      (JSC::JSSymbolTableObject::symbolTable):
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      (JSC::symbolTableGet):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/JSVariableObject.cpp:
      (JSC):
      * runtime/JSVariableObject.h:
      (JSVariableObject):
      (JSC::JSVariableObject::JSVariableObject):
      (JSC::JSVariableObject::finishCreation):
      (JSC):
      * runtime/WriteBarrier.h:
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough and Geoffrey Garen.
      
      Updated JSDOMWindowBase.cpp to use the new symbol table API. this->symbolTableFoo(...)
      becomes symbolTableFoo(this, ...).
                      
      No new tests because no change in behavior.
      
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::updateDocument):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119655 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      26af9b61
  28. 22 May, 2012 1 commit
    • ggaren@apple.com's avatar
      GC allocation trigger should be tuned to system RAM · 9a070935
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=87039
      
      Reviewed by Darin Adler.
      
      ../JavaScriptCore: 
      
      This helps avoid OOM crashes on small platforms, and helps avoid "too much GC"
      performance issues on big platforms.
      
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC::Heap::collect):
      * heap/Heap.h:
      (Heap): GC balances between a fixed minimum and a proportional multiplier,
      which are limited based on system RAM.
      
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::createContextGroup):
      (JSC::JSGlobalData::create):
      (JSC::JSGlobalData::createLeaked):
      * runtime/JSGlobalData.h:
      (JSGlobalData): Renamed HeapSize to HeapType because the exact size is
      influenced by the heap type, but not determined by it.
      
      ../WTF: 
      
      Added a helper function for measuring system RAM.
      
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/AmountOfRAM.cpp: Added.
      (WTF):
      (WTF::computeAmountOfRAM):
      (WTF::amountOfRAM):
      * wtf/AmountOfRAM.h: Added.
      (WTF):
      * wtf/CMakeLists.txt:
      * wtf/StdLibExtras.h:
      (WTF):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@118019 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9a070935
  29. 19 May, 2012 1 commit
  30. 16 May, 2012 1 commit
    • mhahnenberg@apple.com's avatar
      GC in the middle of JSObject::allocatePropertyStorage can cause badness · 921c8236
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=83839
      
      Reviewed by Geoff Garen.
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * jit/JITStubs.cpp: Making changes to use the new return value of growPropertyStorage.
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/JSObject.cpp:
      (JSC::JSObject::growPropertyStorage): Renamed to more accurately reflect that we're 
      growing our already-existing PropertyStorage.
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::setPropertyStorage): "Atomically" sets the new property storage 
      and the new structure so that we can be sure a GC never occurs when our Structure
      info is out of sync with our PropertyStorage.
      (JSC):
      (JSC::JSObject::putDirectInternal): Moved the check to see if we should 
      allocate more backing store before the actual property insertion into 
      the structure.
      (JSC::JSObject::putDirectWithoutTransition): Ditto.
      (JSC::JSObject::transitionTo): Ditto.
      * runtime/Structure.cpp:
      (JSC::Structure::suggestedNewPropertyStorageSize): Added to keep the resize policy 
      for property backing stores contained within the Structure class.
      (JSC):
      * runtime/Structure.h:
      (JSC::Structure::shouldGrowPropertyStorage): Lets clients know if another insertion 
      into the Structure would require resizing the property backing store so that they can 
      preallocate the required storage.
      (Structure):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@117343 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      921c8236