1. 13 Sep, 2012 2 commits
    • loislo@chromium.org's avatar
      [Qt][Win] REGRESSION(r128400): It broke the build · 4ef04bfb
      loislo@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96617
      
      Patch by Filip Pizlo <fpizlo@apple.com> on 2012-09-13
      Reviewed by Simon Hausmann.
      
      Source/JavaScriptCore:
      
      Changed "JSC::Array" to "JSC::ArrayClass" because it's not used often enough
      for the brevity to be beneficial, and because "Array" causes too much namespace
      pollution.
      
      * runtime/IndexingType.h:
      (JSC):
      * runtime/JSArray.cpp:
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSObject.cpp:
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::inSparseIndexingMode):
      (JSC::JSObject::ensureArrayStorage):
      
      Source/WebCore:
      
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::createStructure):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128428 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4ef04bfb
    • fpizlo@apple.com's avatar
      Testing whether indexing type is ArrayWithArrayStorage should not compare... · 6f88333e
      fpizlo@apple.com authored
      Testing whether indexing type is ArrayWithArrayStorage should not compare against ArrayWithArrayStorage
      https://bugs.webkit.org/show_bug.cgi?id=96611
      
      Reviewed by Gavin Barraclough.
      
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::tryCacheGetByID):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128425 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6f88333e
  2. 12 Sep, 2012 5 commits
    • fpizlo@apple.com's avatar
      JSC should have property butterflies · d8dd0535
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=91933
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      This changes the JSC object model. Previously, all objects had fast lookup for
      named properties. Integer indexed properties were only fast if you used a
      JSArray. With this change, all objects have fast indexed properties. This is
      accomplished without any space overhead by using a bidirectional object layout,
      aka butterflies. Each JSObject has a m_butterfly pointer where previously it
      had a m_outOfLineStorage pointer. To the left of the location pointed to by
      m_butterfly, we place all named out-of-line properties. To the right, we place
      all indexed properties along with indexing meta-data. Though, some indexing
      meta-data is placed in the 8-byte word immediately left of the pointed-to
      location; this is in anticipation of the indexing meta-data being small enough
      in the common case that m_butterfly always points to the first indexed
      property.
              
      This is performance neutral, except on tests that use indexed properties on
      plain objects, where the speed-up is in excess of an order of magnitude.
              
      One notable aspect of what this change brings is that it allows indexing
      storage to morph over time. Currently this is only used to allow all non-array
      objects to start out without any indexed storage. But it could be used for
      some kinds of array type inference in the future.
      
      * API/JSCallbackObject.h:
      (JSCallbackObject):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlotByIndex):
      (JSC):
      (JSC::::getOwnNonIndexPropertyNames):
      * API/JSObjectRef.cpp:
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/ArrayProfile.h:
      (JSC):
      (JSC::arrayModeFromStructure):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitDirectPutById):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGAdjacencyList.h:
      (JSC::DFG::AdjacencyList::AdjacencyList):
      (AdjacencyList):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::fromObserved):
      (JSC::DFG::modeAlreadyChecked):
      (JSC::DFG::modeToString):
      * dfg/DFGArrayMode.h:
      (DFG):
      (JSC::DFG::modeUsesButterfly):
      (JSC::DFG::modeIsJSArray):
      (JSC::DFG::isInBoundsAccess):
      (JSC::DFG::modeSupportsLength):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::addNode):
      (FixupPhase):
      (JSC::DFG::FixupPhase::checkArray):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::byValIsPure):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::Node):
      (Node):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryBuildPutByIdList):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
      (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGStructureCheckHoistingPhase.cpp:
      (JSC::DFG::StructureCheckHoistingPhase::run):
      * heap/CopiedSpace.h:
      (CopiedSpace):
      * jit/JIT.h:
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      (JSC::JIT::emitAllocateBasicStorage):
      (JSC::JIT::emitAllocateJSArray):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_array):
      (JSC::JIT::emitSlow_op_new_array):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/Arguments.cpp:
      (JSC::Arguments::deletePropertyByIndex):
      (JSC::Arguments::defineOwnProperty):
      * runtime/ArrayConstructor.cpp:
      * runtime/ArrayConventions.h: Added.
      (JSC):
      (JSC::isDenseEnoughForVector):
      (JSC::indexingHeaderForArray):
      (JSC::baseIndexingHeaderForArray):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::create):
      (JSC):
      (JSC::ArrayPrototype::ArrayPrototype):
      (JSC::arrayProtoFuncToString):
      (JSC::arrayProtoFuncJoin):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncForEach):
      (JSC::arrayProtoFuncSome):
      (JSC::arrayProtoFuncReduce):
      (JSC::arrayProtoFuncReduceRight):
      * runtime/ArrayPrototype.h:
      (ArrayPrototype):
      (JSC::ArrayPrototype::createStructure):
      * runtime/ArrayStorage.h: Added.
      (JSC):
      (ArrayStorage):
      (JSC::ArrayStorage::ArrayStorage):
      (JSC::ArrayStorage::from):
      (JSC::ArrayStorage::butterfly):
      (JSC::ArrayStorage::indexingHeader):
      (JSC::ArrayStorage::length):
      (JSC::ArrayStorage::setLength):
      (JSC::ArrayStorage::vectorLength):
      (JSC::ArrayStorage::setVectorLength):
      (JSC::ArrayStorage::copyHeaderFromDuringGC):
      (JSC::ArrayStorage::inSparseMode):
      (JSC::ArrayStorage::lengthOffset):
      (JSC::ArrayStorage::vectorLengthOffset):
      (JSC::ArrayStorage::numValuesInVectorOffset):
      (JSC::ArrayStorage::vectorOffset):
      (JSC::ArrayStorage::indexBiasOffset):
      (JSC::ArrayStorage::sparseMapOffset):
      (JSC::ArrayStorage::sizeFor):
      * runtime/Butterfly.h: Added.
      (JSC):
      (Butterfly):
      (JSC::Butterfly::Butterfly):
      (JSC::Butterfly::totalSize):
      (JSC::Butterfly::fromBase):
      (JSC::Butterfly::offsetOfIndexingHeader):
      (JSC::Butterfly::offsetOfPublicLength):
      (JSC::Butterfly::offsetOfVectorLength):
      (JSC::Butterfly::indexingHeader):
      (JSC::Butterfly::propertyStorage):
      (JSC::Butterfly::indexingPayload):
      (JSC::Butterfly::arrayStorage):
      (JSC::Butterfly::offsetOfPropertyStorage):
      (JSC::Butterfly::indexOfPropertyStorage):
      (JSC::Butterfly::base):
      * runtime/ButterflyInlineMethods.h: Added.
      (JSC):
      (JSC::Butterfly::createUninitialized):
      (JSC::Butterfly::create):
      (JSC::Butterfly::createUninitializedDuringCollection):
      (JSC::Butterfly::base):
      (JSC::Butterfly::growPropertyStorage):
      (JSC::Butterfly::growArrayRight):
      (JSC::Butterfly::resizeArray):
      (JSC::Butterfly::unshift):
      (JSC::Butterfly::shift):
      * runtime/ClassInfo.h:
      (MethodTable):
      (JSC):
      * runtime/IndexingHeader.h: Added.
      (JSC):
      (IndexingHeader):
      (JSC::IndexingHeader::offsetOfIndexingHeader):
      (JSC::IndexingHeader::offsetOfPublicLength):
      (JSC::IndexingHeader::offsetOfVectorLength):
      (JSC::IndexingHeader::IndexingHeader):
      (JSC::IndexingHeader::vectorLength):
      (JSC::IndexingHeader::setVectorLength):
      (JSC::IndexingHeader::publicLength):
      (JSC::IndexingHeader::setPublicLength):
      (JSC::IndexingHeader::from):
      (JSC::IndexingHeader::fromEndOf):
      (JSC::IndexingHeader::propertyStorage):
      (JSC::IndexingHeader::arrayStorage):
      (JSC::IndexingHeader::butterfly):
      * runtime/IndexingHeaderInlineMethods.h: Added.
      (JSC):
      (JSC::IndexingHeader::preCapacity):
      (JSC::IndexingHeader::indexingPayloadSizeInBytes):
      * runtime/IndexingType.h: Added.
      (JSC):
      (JSC::hasIndexingHeader):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::visitChildren):
      (JSC::JSActivation::getOwnNonIndexPropertyNames):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::tearOff):
      * runtime/JSArray.cpp:
      (JSC):
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::setLengthWritable):
      (JSC::JSArray::defineOwnProperty):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      (JSC::JSArray::getOwnNonIndexPropertyNames):
      (JSC::JSArray::unshiftCountSlowCase):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      (JSC::JSArray::JSArray):
      (JSC::JSArray::length):
      (JSC::JSArray::createStructure):
      (JSC::JSArray::isLengthWritable):
      (JSC::createArrayButterfly):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSBoundFunction.cpp:
      (JSC::boundFunctionCall):
      (JSC::boundFunctionConstruct):
      (JSC::JSBoundFunction::finishCreation):
      * runtime/JSCell.cpp:
      (JSC::JSCell::getOwnNonIndexPropertyNames):
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::getOwnNonIndexPropertyNames):
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSFunction.h:
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::walk):
      * runtime/JSObject.cpp:
      (JSC):
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::visitChildren):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::put):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::createInitialArrayStorage):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::getOwnNonIndexPropertyNames):
      (JSC::JSObject::preventExtensions):
      (JSC::JSObject::fillGetterPropertySlot):
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::allocateSparseIndexMap):
      (JSC::JSObject::deallocateSparseIndexMap):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::checkIndexingConsistency):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::putDirectMayBeIndex):
      (JSC::JSObject::defineOwnNonIndexProperty):
      (JSC::JSObject::defineOwnProperty):
      (JSC::JSObject::getOwnPropertySlotSlow):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSObject):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::putDirectIndex):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::completeInitialization):
      (JSC::JSObject::inSparseIndexingMode):
      (JSC::JSObject::butterfly):
      (JSC::JSObject::outOfLineStorage):
      (JSC::JSObject::offsetForLocation):
      (JSC::JSObject::indexingShouldBeSparse):
      (JSC::JSObject::butterflyOffset):
      (JSC::JSObject::butterflyAddress):
      (JSC::JSObject::arrayStorage):
      (JSC::JSObject::arrayStorageOrZero):
      (JSC::JSObject::ensureArrayStorage):
      (JSC::JSObject::checkIndexingConsistency):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC):
      (JSC::JSObject::setButterfly):
      (JSC::JSObject::setButterflyWithoutChangingStructure):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::offsetInButterfly):
      (JSC::offsetRelativeToPatchedStorage):
      (JSC::indexRelativeToBase):
      (JSC::offsetRelativeToBase):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSSymbolTableObject.cpp:
      (JSC::JSSymbolTableObject::getOwnNonIndexPropertyNames):
      * runtime/JSSymbolTableObject.h:
      (JSSymbolTableObject):
      * runtime/JSTypeInfo.h:
      (JSC):
      (JSC::TypeInfo::interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero):
      (JSC::TypeInfo::overridesGetPropertyNames):
      * runtime/LiteralParser.cpp:
      (JSC::::parse):
      * runtime/ObjectConstructor.cpp:
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      (JSC):
      * runtime/ObjectPrototype.h:
      (ObjectPrototype):
      * runtime/PropertyOffset.h:
      (JSC::offsetInOutOfLineStorage):
      * runtime/PropertyStorage.h: Added.
      (JSC):
      * runtime/PutDirectIndexMode.h: Added.
      (JSC):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::RegExpMatchesArray):
      (JSC):
      (JSC::RegExpMatchesArray::create):
      (JSC::RegExpMatchesArray::finishCreation):
      * runtime/RegExpMatchesArray.h:
      (RegExpMatchesArray):
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::getOwnNonIndexPropertyNames):
      * runtime/RegExpObject.h:
      (RegExpObject):
      * runtime/Reject.h: Added.
      (JSC):
      (JSC::reject):
      * runtime/SparseArrayValueMap.cpp: Added.
      (JSC):
      * runtime/SparseArrayValueMap.h: Added.
      (JSC):
      (SparseArrayEntry):
      (JSC::SparseArrayEntry::SparseArrayEntry):
      (SparseArrayValueMap):
      (JSC::SparseArrayValueMap::sparseMode):
      (JSC::SparseArrayValueMap::setSparseMode):
      (JSC::SparseArrayValueMap::lengthIsReadOnly):
      (JSC::SparseArrayValueMap::setLengthIsReadOnly):
      (JSC::SparseArrayValueMap::find):
      (JSC::SparseArrayValueMap::remove):
      (JSC::SparseArrayValueMap::notFound):
      (JSC::SparseArrayValueMap::isEmpty):
      (JSC::SparseArrayValueMap::contains):
      (JSC::SparseArrayValueMap::size):
      (JSC::SparseArrayValueMap::begin):
      (JSC::SparseArrayValueMap::end):
      * runtime/SparseArrayValueMapInlineMethods.h: Added.
      (JSC):
      (JSC::SparseArrayValueMap::SparseArrayValueMap):
      (JSC::SparseArrayValueMap::~SparseArrayValueMap):
      (JSC::SparseArrayValueMap::finishCreation):
      (JSC::SparseArrayValueMap::create):
      (JSC::SparseArrayValueMap::destroy):
      (JSC::SparseArrayValueMap::createStructure):
      (JSC::SparseArrayValueMap::add):
      (JSC::SparseArrayValueMap::putEntry):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::SparseArrayEntry::get):
      (JSC::SparseArrayEntry::getNonSparseMode):
      (JSC::SparseArrayValueMap::visitChildren):
      * runtime/StorageBarrier.h: Removed.
      * runtime/StringObject.cpp:
      (JSC::StringObject::putByIndex):
      (JSC):
      (JSC::StringObject::deletePropertyByIndex):
      * runtime/StringObject.h:
      (StringObject):
      * runtime/StringPrototype.cpp:
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::nonPropertyTransition):
      (JSC):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::indexingType):
      (JSC::Structure::indexingTypeIncludingHistory):
      (JSC::Structure::indexingTypeOffset):
      (JSC::Structure::create):
      * runtime/StructureTransitionTable.h:
      (JSC):
      (JSC::toAttributes):
      (JSC::newIndexingType):
      (JSC::StructureTransitionTable::Hash::hash):
      * tests/mozilla/js1_6/Array/regress-304828.js:
      
      Source/WebCore: 
      
      Teach the DOM that to intercept get/put on indexed properties, you now have
      to override getOwnPropertySlotByIndex and putByIndex.
      
      No new tests because no new behavior. One test was rebased because indexed
      property iteration order now matches other engines (indexed properties always
      come first).
      
      * bindings/js/ArrayValue.cpp:
      (WebCore::ArrayValue::get):
      * bindings/js/JSBlobCustom.cpp:
      (WebCore::JSBlobConstructor::constructJSBlob):
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::JSCanvasRenderingContext2D::setWebkitLineDash):
      * bindings/js/JSDOMStringListCustom.cpp:
      (WebCore::toDOMStringList):
      * bindings/js/JSDOMStringMapCustom.cpp:
      (WebCore::JSDOMStringMap::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
      (WebCore):
      (WebCore::JSDOMWindow::putByIndex):
      (WebCore::JSDOMWindow::deletePropertyByIndex):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertySlotByIndex):
      (WebCore):
      (WebCore::JSDOMWindowShell::putByIndex):
      (WebCore::JSDOMWindowShell::deletePropertyByIndex):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSStorageCustom.cpp:
      (WebCore::JSStorage::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSWebSocketCustom.cpp:
      (WebCore::JSWebSocketConstructor::constructJSWebSocket):
      * bindings/js/ScriptValue.cpp:
      (WebCore::jsToInspectorValue):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::serialize):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::RuntimeArray):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::createStructure):
      (RuntimeArray):
      
      LayoutTests: 
      
      Modify the JSON test to indicate that iterating over properties now returns
      indexed properties first. This is a behavior change that makes us more
      compliant with other implementations.
              
      Also check in new expected file for the edge cases of indexed property access
      with prototype accessors. This changeset introduces a known regression in that
      department, which is tracked here: https://bugs.webkit.org/show_bug.cgi?id=96596
      
      * fast/js/resources/JSON-stringify.js:
      * platform/mac/fast/js/primitive-property-access-edge-cases-expected.txt: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128400 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d8dd0535
    • commit-queue@webkit.org's avatar
      Refactor Opcodes to distinguish between core and extension opcodes. · 0206200c
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96466.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-12
      Reviewed by Filip Pizlo.
      
      * bytecode/Opcode.h:
      (JSC): Added FOR_EACH_CORE_OPCODE_ID() macro.
      * llint/LowLevelInterpreter.h:
      (JSC): Auto-generate llint opcode aliases using the
          FOR_EACH_CORE_OPCODE_ID() macro.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128369 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0206200c
    • ggaren@apple.com's avatar
      2012-09-11 Geoffrey Garen <ggaren@apple.com> · 51bbe0a2
      ggaren@apple.com authored
              Second step to fixing the Windows build: Add new symbols.
      
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128268 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      51bbe0a2
    • ggaren@apple.com's avatar
      2012-09-11 Geoffrey Garen <ggaren@apple.com> · c5397949
      ggaren@apple.com authored
              First step to fixing the Windows build: Remove old symbols.
      
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128266 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c5397949
    • ggaren@apple.com's avatar
      Don't allocate a backing store just for a function's name · 0030e138
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96468
      
      Reviewed by Oliver Hunt.
      
      Treat function.name like function.length etc., and use a custom getter.
      This saves space in closures.
      
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::functionName):
      * debugger/DebuggerCallFrame.h:
      (DebuggerCallFrame): Updated for interface change.
      
      * runtime/Executable.h:
      (JSC::JSFunction::JSFunction): Do a little inlining.
      
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::finishCreation): Gone now. That's the point of the patch.
      
      (JSC::JSFunction::name):
      (JSC::JSFunction::displayName):
      (JSC::JSFunction::nameGetter):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::getOwnPropertyNames):
      (JSC::JSFunction::put):
      (JSC::JSFunction::deleteProperty):
      (JSC::JSFunction::defineOwnProperty): Added custom accessors for .name
      just like .length and others.
      
      * runtime/JSFunction.h:
      (JSC::JSFunction::create):
      (JSFunction): Updated for interface changes.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128265 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0030e138
  3. 11 Sep, 2012 10 commits
    • mhahnenberg@apple.com's avatar
      IncrementalSweeper should not sweep/free Zapped blocks · 86f589c0
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96464
      
      Reviewed by Filip Pizlo.
      
      This is not beneficial in terms of performance because there isn't any way a block can emerge
      in the Zapped state from a call to Heap::collect() unless we run an eager sweep on it, in which
      case we've already run all the destructors we possibly can. This also causes bugs since we don't
      take zapped-ness into account when determining whether or not a block is empty to free it. The
      incremental sweeper can then accidentally free blocks that it thinks are empty but are in fact
      zapped with still-live objects in them.
      
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::needsSweeping): It is only valid to sweep a block if it is in the Marked state.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128262 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      86f589c0
    • ggaren@apple.com's avatar
      JSActivation should inline allocate its registers, and eliminate · 06a8bb6e
      ggaren@apple.com authored
      'arguments' registers in the common case
      https://bugs.webkit.org/show_bug.cgi?id=96427
      
      Reviewed by Filip Pizlo.
      
      This cuts the size class for simple closures down to 64 bytes.
      
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator): Set the usesNonStrictEval
      flag, which is new. Use a more specific test for whether a function
      uses 'arguments', so we can avoid allocating, initializing, and tearing
      off those registers in the common case. Distinguish between capturing
      arguments and not, so we can avoid allocating space for arguments in
      the torn-off object.
      
      We can make this even more general in the future, with some bytecode
      generator refactoring.
      
      (JSC::BytecodeGenerator::resolve): Updated for new interface.
      
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      (JSC::BytecodeGenerator::symbolTable): Updated some types.
      
      * heap/Heap.cpp:
      (JSC::Heap::isValidAllocation): Allow large allocations, now that they
      are both supported and used.
      
      * heap/Heap.h:
      (Heap): Added a new form of allocateCell that specifies the full size
      of the allocation, to allow for extra space on the end.
      
      * interpreter/CallFrame.h:
      (JSC::ExecState::argumentOffset):
      (JSC::ExecState::argumentOffsetIncludingThis):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::unwindCallFrame): Refactored this code to be more
      specific about tearing off 'arguments' vs activations. This is something
      I forgot in my last patch, and it is required now that we can have
      acitvations without 'arguments' registers.
      
      * runtime/Arguments.h:
      (JSC::Arguments::setRegisters): No need for setRegisters anymore because
      the activation object's storage doesn't change.
      
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::JSActivation): Initialize our storage manually because
      it's not declared to the C++ compiler.
      
      (JSC::JSActivation::visitChildren): No copyAndAppend because our storage
      is not out-of-line anymore.
      
      (JSC::JSActivation::symbolTableGet):
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::getOwnPropertyNames):
      (JSC::JSActivation::symbolTablePutWithAttributes):
      (JSC::JSActivation::getOwnPropertySlot):
      (JSC::JSActivation::getOwnPropertyDescriptor):
      (JSC::JSActivation::argumentsGetter): Refactored isTornOff() testing to
      avoid using a data member and to avoid hard-coding any offset assumptions.
      
      * runtime/JSActivation.h:
      (JSC):
      (JSActivation):
      (JSC::JSActivation::create):
      (JSC::JSActivation::isDynamicScope):
      (JSC::JSActivation::captureStart):
      (JSC::JSActivation::storageSize):
      (JSC::JSActivation::storageSizeInBytes):
      (JSC::JSActivation::registerOffset):
      (JSC::JSActivation::tearOff):
      (JSC::JSActivation::isTornOff):
      (JSC::JSActivation::storage):
      (JSC::JSActivation::allocationSize):
      (JSC::JSActivation::isValid): New helper functions for doing the math
      on our inline storage. Note that in the "AllOfTheThings" tear-off case,
      the number of things is not known at compile time, so we store the
      number in the argument count register. We can't just copy the raw contents
      of the register beacuse we need a value that is safe for precise marking,
      and the value in the register file has an invalid tag.
      
      * runtime/JSCell.h:
      (JSC::allocateCell): New function for allocating with extra storage
      on the end.
      
      * runtime/JSSymbolTableObject.h:
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      (JSVariableObject): Make it easier for subclasses to use their symbol
      tables during construction, by passing the table as a constructor argument.
      
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::usesNonStrictEval):
      (JSC::SharedSymbolTable::setUsesNonStrictEval):
      (SharedSymbolTable):
      (JSC::SharedSymbolTable::captureMode):
      (JSC::SharedSymbolTable::setCaptureMode):
      (JSC::SharedSymbolTable::captureStart):
      (JSC::SharedSymbolTable::setCaptureStart):
      (JSC::SharedSymbolTable::captureEnd):
      (JSC::SharedSymbolTable::setCaptureEnd):
      (JSC::SharedSymbolTable::parameterCountIncludingThis):
      (JSC::SharedSymbolTable::setParameterCountIncludingThis):
      (JSC::SharedSymbolTable::SharedSymbolTable): Added data members to more
      precisely describe what kind of capture is in play, and to avoid having
      data members in the activation. We expect N activations per symbol table,
      so this can be a big savings in heavy closure usage.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128260 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      06a8bb6e
    • ryuan.choi@samsung.com's avatar
      Fix build break with LLINT on 32bit machine after r128219 · 22896bd5
      ryuan.choi@samsung.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96461
      
      Unreviewed build fix.
      
      
      * llint/LowLevelInterpreter32_64.asm: Fixed typo.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128259 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      22896bd5
    • msaboff@apple.com's avatar
      Build fixed for http://trac.webkit.org/changeset/128243 · 1fd84272
      msaboff@apple.com authored
      Rubber stamped by Stephanie Lewis.
      
      Added missing include file needed by 96422.
      
      * icu/unicode/unorm2.h: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128250 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1fd84272
    • msaboff@apple.com's avatar
      Build fixed for http://trac.webkit.org/changeset/128243 · b0ed152f
      msaboff@apple.com authored
      Rubber stamped by Stephanie Lewis.
      
      Added missing include file needed by 96422.
      
      * icu/unicode/ptypes.h: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128246 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b0ed152f
    • msaboff@apple.com's avatar
      Update ICU header files to more recent version · ac39e697
      msaboff@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96422
      
      Reviewed by Geoff Garen.
      
      Updated ICU header files to 4.6.1.  Modifications made as part of the merge are:
      platform.h - Changed ifndef / define / endif for U_HAVE_UINT8_T, U_HAVE_UINT16_T, U_HAVE_UINT32_T,
          U_HAVE_UINT64_T, U_IS_BIG_ENDIAN and U_ENABLE_TRACING to match the existing platform.h
      putil.h (line 132) - Changes defined(U_WINDOWS) to defined(WIN32) || defined(OS2) to match existing putil.h
      ustring.h (line 945) - Wrapped macro argument cs with { (const UChar *)cs } to match existing ustring.h
      utypes.h (line 545) - Changed defined(U_WINDOWS) to defined(WIN32) to match existing utypes.h
      
      Source/JavaScriptCore: 
      
      * icu/unicode/localpointer.h: Added.
      * icu/unicode/parseerr.h:
      * icu/unicode/platform.h:
      * icu/unicode/putil.h:
      * icu/unicode/uchar.h:
      * icu/unicode/ucnv.h:
      * icu/unicode/ucnv_err.h:
      * icu/unicode/ucol.h:
      * icu/unicode/uconfig.h:
      * icu/unicode/uenum.h:
      * icu/unicode/uiter.h:
      * icu/unicode/uloc.h:
      * icu/unicode/umachine.h:
      * icu/unicode/unorm.h:
      * icu/unicode/urename.h:
      * icu/unicode/uscript.h:
      * icu/unicode/uset.h:
      * icu/unicode/ustring.h:
      * icu/unicode/utf.h:
      * icu/unicode/utf16.h:
      * icu/unicode/utf8.h:
      * icu/unicode/utypes.h:
      * icu/unicode/uvernum.h: Added.
      * icu/unicode/uversion.h:
      
      Source/WebCore: 
      
      Updated include files without any function change so no new tests.
      
      * icu/unicode/localpointer.h: Added.
      * icu/unicode/parseerr.h:
      * icu/unicode/platform.h:
      * icu/unicode/putil.h:
      * icu/unicode/ubrk.h:
      * icu/unicode/uchar.h:
      * icu/unicode/ucnv.h:
      * icu/unicode/ucnv_err.h:
      * icu/unicode/ucol.h:
      * icu/unicode/ucoleitr.h:
      * icu/unicode/uconfig.h:
      * icu/unicode/ucsdet.h:
      * icu/unicode/uenum.h:
      * icu/unicode/uidna.h:
      * icu/unicode/uiter.h:
      * icu/unicode/uloc.h:
      * icu/unicode/umachine.h:
      * icu/unicode/unorm.h:
      * icu/unicode/urename.h:
      * icu/unicode/uscript.h:
      * icu/unicode/usearch.h:
      * icu/unicode/uset.h:
      * icu/unicode/ushape.h:
      * icu/unicode/ustring.h:
      * icu/unicode/utext.h: Added.
      * icu/unicode/utf.h:
      * icu/unicode/utf16.h:
      * icu/unicode/utf8.h:
      * icu/unicode/utypes.h:
      * icu/unicode/uvernum.h: Added.
      * icu/unicode/uversion.h:
      
      Source/WebKit/mac: 
      
      * icu/unicode/localpointer.h: Added.
      * icu/unicode/parseerr.h:
      * icu/unicode/platform.h:
      * icu/unicode/putil.h:
      * icu/unicode/uchar.h:
      * icu/unicode/uconfig.h:
      * icu/unicode/uidna.h:
      * icu/unicode/uiter.h:
      * icu/unicode/umachine.h:
      * icu/unicode/unorm.h:
      * icu/unicode/urename.h:
      * icu/unicode/uscript.h:
      * icu/unicode/ustring.h:
      * icu/unicode/utf.h:
      * icu/unicode/utf16.h:
      * icu/unicode/utf8.h:
      * icu/unicode/utypes.h:
      * icu/unicode/uvernum.h: Added.
      * icu/unicode/uversion.h:
      
      Source/WTF: 
      
      * icu/unicode/localpointer.h: Added.
      * icu/unicode/parseerr.h:
      * icu/unicode/platform.h:
      * icu/unicode/putil.h:
      * icu/unicode/uchar.h:
      * icu/unicode/ucnv.h:
      * icu/unicode/ucnv_err.h:
      * icu/unicode/ucol.h:
      * icu/unicode/uconfig.h:
      * icu/unicode/uenum.h:
      * icu/unicode/uiter.h:
      * icu/unicode/uloc.h:
      * icu/unicode/umachine.h:
      * icu/unicode/unorm.h:
      * icu/unicode/urename.h:
      * icu/unicode/uscript.h:
      * icu/unicode/uset.h:
      * icu/unicode/ustring.h:
      * icu/unicode/utf.h:
      * icu/unicode/utf16.h:
      * icu/unicode/utf8.h:
      * icu/unicode/utypes.h:
      * icu/unicode/uvernum.h: Added.
      * icu/unicode/uversion.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128243 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ac39e697
    • mlilek@apple.com's avatar
      OS X port should compile with newer versions of clang · 431ac37c
      mlilek@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96434
      
      Source/JavaScriptCore: 
      
      m_identIsVarDecl is unused - remove it.
      
      Reviewed by Anders Carlsson.
      
      * parser/NodeConstructors.h:
      (JSC::ForInNode::ForInNode):
      * parser/Nodes.h:
      (ForInNode):
      
      Source/WebCore: 
      
      Reviewed by Anders Carlsson.
      
      Guard m_hasTouchEventHandler behind ENABLE(TOUCH_EVENTS).
      * html/HTMLInputElement.cpp:
      (WebCore::HTMLInputElement::HTMLInputElement):
      * html/HTMLInputElement.h:
      (HTMLInputElement):
      
      Fix uninitialized variable.
      * platform/graphics/cg/GraphicsContextCG.cpp:
      (WebCore::createLinearSRGBColorSpace):
      
      Source/WebKit/mac: 
      
      m_isTerminated is unused in the Hosted flavor of NetscapePluginStream.
      
      Reviewed by Anders Carlsson.
      
      * Plugins/Hosted/HostedNetscapePluginStream.h:
      (HostedNetscapePluginStream):
      * Plugins/Hosted/HostedNetscapePluginStream.mm:
      (WebKit::HostedNetscapePluginStream::HostedNetscapePluginStream):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128234 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      431ac37c
    • fpizlo@apple.com's avatar
      LLInt should optimize and profile array length accesses · 4cafdbd1
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96417
      
      Reviewed by Oliver Hunt.
      
      This fixes the following hole in our array profiling strategy, where the array
      is large (more than 1000 elements):
              
      for (var i = 0; i < array.length; ++i) ...
              
      The peeled use of array.length (in the array prologue) will execute only once
      before DFG optimization kicks in from the loop's OSR point. Since it executed
      only once, it executed in the LLInt. And prior to this patch, the LLInt did
      not profile array.length accesses - so the DFG will assume, based on the lack
      of profiling, that the access is in fact not an access to the JSArray length
      property. That could then impede our ability to hoist the array structure
      check, and may make us pessimistic in other ways as well, since the generic
      GetById used for the array length access will be viewed as a side-effecting
      operation.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::printGetByIdCacheStatus):
      (JSC::CodeBlock::finalizeUnconditionally):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128219 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4cafdbd1
    • rakuco@webkit.org's avatar
      [EFL] Rewrite the EFL-related Find modules · 72080605
      rakuco@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=95237
      
      Reviewed by Kenneth Rohde Christiansen.
      
      .:
      
      FindEFL.cmake had several problems which caused unnecessary trouble
      when building the EFL port under some setups:
      
      o It looked for some modules (such as ecore) more than once for no
      reason, which led to people adding libraries and include paths in
      different ways across the build system.
      
      o It depended on pkg-config being present for the searches to
      succeed.
      
      o It obtained the library definitions from pkg-config, so
      ${FOO_LIBRARIES} would be set to something like "foo;bar" which
      expanded to "-lfoo -lbar" to the linker. If a wrong -L<path> was
      passed before that, the wrong library installation would end up
      being picked up.
      
      o Due to the problem above, we also needed to set the LINK_FLAGS
      property for each target with the value of ${FOO_LDFLAGS}, which was
      also obtained from pkg-config and sort of compensated the fact that
      the libraries did not use absolute paths and added the required -L
      paths. This also included dependencies for these libraries, so we
      ended up including libraries indirectly, which is bad.
      
      We have now replaced that file with a set of Find-modules which are
      much more granular, each of them responsible for looking for a
      single library and its components and setting library and include
      locations the right way (with FIND_PATH() and FIND_LIBRARY()), so
      that all the problems above are fixed.
      
      * Source/cmake/EFLHelpers.cmake: Added.
      * Source/cmake/FindEDBus.cmake: Added.
      * Source/cmake/FindEFL.cmake: Removed.
      * Source/cmake/FindEcore.cmake: Added.
      * Source/cmake/FindEdje.cmake: Added.
      * Source/cmake/FindEeze.cmake: Added.
      * Source/cmake/FindEfreet.cmake: Added.
      * Source/cmake/FindEina.cmake: Added.
      * Source/cmake/FindEvas.cmake: Added.
      * Source/cmake/OptionsEfl.cmake:
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt: Stop setting the LINK_FLAGS property.
      * PlatformEfl.cmake: Ditto.
      * shell/PlatformEfl.cmake: Ditto.
      
      Source/WebCore:
      
      * CMakeLists.txt: Stop setting the LINK_FLAGS property now that no
      port sets WebCore_LINK_FLAGS.
      * PlatformEfl.cmake: Add libraries and include directories for
      each Enlightenment Foundation Library used by the port.
      
      Source/WebKit:
      
      * PlatformEfl.cmake: Stop setting the LINK_FLAGS property and add
      libraries and include directories for each Enlightenment
      Foundation Library used by the port.
      
      Source/WebKit2:
      
      * CMakeLists.txt: Stop setting the LINK_FLAGS property.
      * PlatformEfl.cmake: Add libraries and include directories for
      each Enlightenment Foundation Library used by the port.
      
      Source/WTF:
      
      * CMakeLists.txt: Stop setting the LINK_FLAGS property.
      * PlatformEfl.cmake: Add libraries and include directories for
      each Enlightenment Foundation Library used by the port.
      
      Tools:
      
      * DumpRenderTree/efl/CMakeLists.txt: Stop setting the LINK_FLAGS
      property and include all the Enlightenment Foundation Libraries
      required by the target.
      * EWebLauncher/CMakeLists.txt: Ditto.
      * MiniBrowser/efl/CMakeLists.txt: Ditto.
      * TestWebKitAPI/PlatformEfl.cmake: Add missing include directories
      now that they are not added implicitly.
      * WebKitTestRunner/CMakeLists.txt: Stop setting the LINK_FLAGS
      property.
      * WebKitTestRunner/PlatformEfl.cmake: Stop setting the LINK_FLAGS
      property and include all the Enlightenment Foundation Libraries
      required by the target.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128191 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      72080605
    • rakuco@webkit.org's avatar
      [EFL] Unreviewed build fix after r128065. · 10e70b09
      rakuco@webkit.org authored
      * CMakeLists.txt: Link against WTF for FastMalloc symbols, which
      are needed when building with SYSTEM_MALLOC off.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128172 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      10e70b09
  4. 10 Sep, 2012 11 commits
    • mhahnenberg@apple.com's avatar
      Remove m_classInfo from JSCell · bd52e3e5
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96311
      
      Reviewed by Oliver Hunt.
      
      Now that no one is using the ClassInfo in JSCell, we can remove it for the greater good. This is a 1.5% win on v8v7 and
      a 1.7% win on kraken, and is an overall performance progression.
      
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject): Had to rearrange the order of when we take things off the free list
      and when we store the Structure in the object because we would clobber the free list otherwise. This made it not okay for
      the structure argument and the scratch register to alias one another. Also removed the store of the ClassInfo pointer in the
      object. Yay!
      (SpeculativeJIT):
      * dfg/DFGSpeculativeJIT32_64.cpp: Since it's no longer okay for for the scratch register and structure register to alias
      one another as stated above, had to add an extra temporary for passing the Structure.
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp: Ditto.
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject): Similar changes to DFG's inline allocation except that it removed the object from
      the free list first, so no changes were necessary there.
      * llint/LowLevelInterpreter.asm: Change the constants for amount of inline storage to match PropertyOffset.h and remove
      the store of the ClassInfo pointer during inline allocation.
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/JSCell.h: Remove the m_classInfo field and associated methods.
      (JSCell):
      * runtime/JSObject.h:
      (JSObject):
      * runtime/PropertyOffset.h: Expand the number of inline storage properties to take up the extra space that we're freeing
      with the removal of the ClassInfo pointer.
      (JSC):
      * runtime/Structure.h:
      (JSC):
      (JSC::JSCell::JSCell):
      (JSC::JSCell::finishCreation):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128146 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bd52e3e5
    • ggaren@apple.com's avatar
      Added large allocation support to MarkedSpace · 6159e5f9
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96214
      
      Originally reviewed by Oliver Hunt, then I added a design revision by
      suggested by Phil Pizlo.
      
      I expanded the imprecise size classes to cover up to 32KB, then added
      an mmap-based allocator for everything bigger. There's a lot of tuning
      we could do in these size classes, but currently they're almost
      completely unused, so I haven't done any tuning.
      
      Subtle point: the large allocator is a degenerate case of our free list
      logic. Its list only ever contains zero or one items.
      
      * heap/Heap.h:
      (JSC::Heap::allocateStructure): Pipe in size information.
      
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::tryAllocateHelper): Handle the case where we
      find a free item in the sweep list but the item isn't big enough. This
      can happen in the large allocator because it mixes sizes.
      
      (JSC::MarkedAllocator::tryAllocate):
      (JSC::MarkedAllocator::allocateSlowCase): More piping.
      
      (JSC::MarkedAllocator::allocateBlock): Handle the oversize case.
      
      (JSC::MarkedAllocator::addBlock): I moved the call to didAddBlock here
      because it made more sense.
      
      * heap/MarkedAllocator.h:
      (MarkedAllocator):
      (JSC::MarkedAllocator::allocate):
      * heap/MarkedSpace.cpp:
      (JSC::MarkedSpace::MarkedSpace):
      (JSC::MarkedSpace::resetAllocators):
      (JSC::MarkedSpace::canonicalizeCellLivenessData):
      (JSC::MarkedSpace::isPagedOut):
      (JSC::MarkedSpace::freeBlock):
      * heap/MarkedSpace.h:
      (MarkedSpace):
      (JSC::MarkedSpace::allocatorFor):
      (JSC::MarkedSpace::destructorAllocatorFor):
      (JSC::MarkedSpace::allocateWithoutDestructor):
      (JSC::MarkedSpace::allocateWithDestructor):
      (JSC::MarkedSpace::allocateStructure):
      (JSC::MarkedSpace::forEachBlock):
      * runtime/Structure.h:
      (JSC::Structure): More piping.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128141 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6159e5f9
    • ggaren@apple.com's avatar
      Try to fix the Windows (32-bit) build. · 3dd01f57
      ggaren@apple.com authored
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_tear_off_arguments):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_tear_off_arguments): Get operands 1 and 2, not 1 and 1. :(
      
      Also took this opportunity to rename to indicate that these values are
      not destinations anymore.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128122 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3dd01f57
    • ggaren@apple.com's avatar
      DFG misses arguments tear-off for function.arguments if 'arguments' is used · 84a6102f
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96227
      
      Reviewed by Gavin Barraclough.
      
      Source/JavaScriptCore: 
      
      We've decided not to allow function.arguments to alias the local
      'arguments' object, or a local var or function named 'arguments'.
      Aliasing complicates the implementation (cf, this bug) and can produce
      surprising behavior for web programmers.
      
      Eliminating the aliasing has the side-effect of fixing this bug.
      
      The compatibilty story: function.arguments is deprecated, was never
      specified, and throws an exception in strict mode, so we expect it to
      disappear over time. Firefox does not alias to 'arguments'; Chrome
      does, but not if you use eval or with; IE does; Safari did.
      
      * dfg/DFGByteCodeParser.cpp: Noticed a little cleanup while verifying
      this code. Use the CodeBlock method for better encapsulation.
      
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::retrieveArgumentsFromVMCode): Behavior change: don't
      alias.
      
      * tests/mozilla/js1_4/Functions/function-001.js:
      (TestFunction_4): Updated test expectations for changed behavior.
      
      LayoutTests: 
      
      New test, and updated expectations.
       
      * fast/js/script-tests/function-dot-arguments.js:
      * fast/js/function-dot-arguments-expected.txt: Updated for new behavior.
      
      * fast/js/dfg-tear-off-function-dot-arguments.html:
      * fast/js/script-tests/dfg-tear-off-function-dot-arguments.js: Added. New test for bug cited here.
      
      * fast/js/function-dot-arguments-identity-expected.txt:
      * fast/js/function-dot-arguments-identity.html: Added. New test for new behavior.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128111 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      84a6102f
    • fpizlo@apple.com's avatar
      offlineasm has some impossible to implement, and unused, instructions · 5e605883
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96310
      
      Reviewed by Mark Hahnenberg.
      
      * offlineasm/armv7.rb:
      * offlineasm/instructions.rb:
      * offlineasm/x86.rb:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128100 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5e605883
    • ggaren@apple.com's avatar
      Refactored op_tear_off* to support activations that don't allocate space for 'arguments' · 63a291eb
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96231
      
      Reviewed by Gavin Barraclough.
      
      This is a step toward smaller activations.
      
      As a side-effect, this patch eliminates a load and branch from the hot path
      of activation tear-off by moving it to the cold path of arguments tear-off. Our
      optimizing assumptions are that activations are common and that reifying the
      arguments object is less common.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      * bytecode/Opcode.h:
      (JSC::padOpcodeName): Updated for new opcode lengths.
      
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::addConstantValue): Added support for JSValue()
      in the bytecode, which we use when we have 'arguments' but no activation.
      
      (JSC::BytecodeGenerator::emitReturn): Always emit tear_off_arguments
      if we've allocated the arguments registers. This allows tear_off_activation
      not to worry about the arguments object anymore.
      
      Also, pass the activation and arguments values directly to these opcodes
      instead of requiring the opcodes to infer the values through special
      registers. This gives us more flexibility to move or eliminate registers.
      
      * dfg/DFGArgumentsSimplificationPhase.cpp:
      (JSC::DFG::ArgumentsSimplificationPhase::run):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGNode.h:
      (Node): Updated for new opcode lengths.
      
      * dfg/DFGOperations.cpp: Activation tear-off doesn't worry about the
      arguments object anymore. If 'arguments' is in use and reified, it's
      responsible for aliasing back to the activation object in tear_off_arguments.
      
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): Don't pass the arguments object to
      activation tear-off; do pass the activation object to arguments tear-off.
      
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute): Ditto.
      
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_tear_off_activation):
      (JSC::JIT::emit_op_tear_off_arguments):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_tear_off_activation):
      (JSC::JIT::emit_op_tear_off_arguments):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm: Same change in a few more execution engines.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128096 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      63a291eb
    • paroga@webkit.org's avatar
      [JSC] Use StringBuilder::appendNumber() instead of String::number() · 9d9745ef
      paroga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96236
      
      Reviewed by Benjamin Poulain.
      
      * API/JSContextRef.cpp:
      (JSContextCreateBacktrace):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128091 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9d9745ef
    • mhahnenberg@apple.com's avatar
      Combine MarkStack and SlotVisitor into single class · a57e6716
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96043
      
      Reviewed by Geoff Garen.
      
      Move all of MarkStack into SlotVisitor. The remaining stuff in MarkStack.cpp actually has to do 
      with MarkStack management/allocation. Cleaned up a few of the header files while I was at it.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      * dfg/DFGCommon.h:
      * heap/GCThreadSharedData.cpp:
      * heap/GCThreadSharedData.h:
      (GCThreadSharedData):
      * heap/HeapRootVisitor.h:
      * heap/MarkStack.cpp:
      (JSC):
      * heap/MarkStack.h:
      (JSC):
      (MarkStackSegment):
      (JSC::MarkStackSegment::data):
      (JSC::MarkStackSegment::capacityFromSize):
      (JSC::MarkStackSegment::sizeFromCapacity):
      (MarkStackSegmentAllocator):
      (MarkStackArray):
      * heap/MarkStackInlineMethods.h:
      (JSC::MarkStackArray::postIncTop):
      (JSC):
      (JSC::MarkStackArray::preDecTop):
      (JSC::MarkStackArray::setTopForFullSegment):
      (JSC::MarkStackArray::setTopForEmptySegment):
      (JSC::MarkStackArray::top):
      (JSC::MarkStackArray::validatePrevious):
      (JSC::MarkStackArray::append):
      (JSC::MarkStackArray::canRemoveLast):
      (JSC::MarkStackArray::removeLast):
      (JSC::MarkStackArray::isEmpty):
      (JSC::MarkStackArray::size):
      * heap/SlotVisitor.cpp: Added.
      (JSC):
      (JSC::SlotVisitor::SlotVisitor):
      (JSC::SlotVisitor::~SlotVisitor):
      (JSC::SlotVisitor::setup):
      (JSC::SlotVisitor::reset):
      (JSC::SlotVisitor::append):
      (JSC::visitChildren):
      (JSC::SlotVisitor::donateKnownParallel):
      (JSC::SlotVisitor::drain):
      (JSC::SlotVisitor::drainFromShared):
      (JSC::SlotVisitor::mergeOpaqueRoots):
      (JSC::SlotVisitor::startCopying):
      (JSC::SlotVisitor::allocateNewSpaceSlow):
      (JSC::SlotVisitor::allocateNewSpaceOrPin):
      (JSC::JSString::tryHashConstLock):
      (JSC::JSString::releaseHashConstLock):
      (JSC::JSString::shouldTryHashConst):
      (JSC::SlotVisitor::internalAppend):
      (JSC::SlotVisitor::copyAndAppend):
      (JSC::SlotVisitor::doneCopying):
      (JSC::SlotVisitor::harvestWeakReferences):
      (JSC::SlotVisitor::finalizeUnconditionalFinalizers):
      (JSC::SlotVisitor::validate):
      * heap/SlotVisitor.h:
      (JSC):
      (SlotVisitor):
      (JSC::SlotVisitor::sharedData):
      (JSC::SlotVisitor::isEmpty):
      (JSC::SlotVisitor::visitCount):
      (JSC::SlotVisitor::resetChildCount):
      (JSC::SlotVisitor::childCount):
      (JSC::SlotVisitor::incrementChildCount):
      (ParallelModeEnabler):
      (JSC::ParallelModeEnabler::ParallelModeEnabler):
      (JSC::ParallelModeEnabler::~ParallelModeEnabler):
      * heap/SlotVisitorInlineMethods.h:
      (JSC::SlotVisitor::append):
      (JSC):
      (JSC::SlotVisitor::appendUnbarrieredPointer):
      (JSC::SlotVisitor::appendUnbarrieredValue):
      (JSC::SlotVisitor::internalAppend):
      (JSC::SlotVisitor::addWeakReferenceHarvester):
      (JSC::SlotVisitor::addUnconditionalFinalizer):
      (JSC::SlotVisitor::addOpaqueRoot):
      (JSC::SlotVisitor::containsOpaqueRoot):
      (JSC::SlotVisitor::opaqueRootCount):
      (JSC::SlotVisitor::mergeOpaqueRootsIfNecessary):
      (JSC::SlotVisitor::mergeOpaqueRootsIfProfitable):
      (JSC::SlotVisitor::donate):
      (JSC::SlotVisitor::donateAndDrain):
      * jit/JITWriteBarrier.h:
      (JSC::SlotVisitor::append):
      * jit/JumpReplacementWatchpoint.cpp:
      * runtime/JSCell.h:
      * runtime/Structure.h:
      (JSC::SlotVisitor::internalAppend):
      * runtime/WriteBarrier.h:
      (JSC):
      (JSC::SlotVisitor::append):
      (JSC::SlotVisitor::appendValues):
      * yarr/YarrJIT.cpp:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128084 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a57e6716
    • commit-queue@webkit.org's avatar
      [EFL] JIT memory usage is not retrieved · c3f4dbdc
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96095
      
      Patch by Hojong Han <hojong.han@samsung.com> on 2012-09-10
      Reviewed by Geoffrey Garen.
      
      Fill JITBytes for EFL port.
      
      * runtime/MemoryStatistics.cpp:
      (JSC::globalMemoryStatistics):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128071 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c3f4dbdc
    • commit-queue@webkit.org's avatar
      [CMake][EFL] Enable the LLInt · 934f4081
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=92682
      
      Patch by Thiago Marcos P. Santos <thiago.santos@intel.com> on 2012-09-10
      Reviewed by Csaba Osztrogonác.
      
      .:
      
      Added LLInt to CMake buildsystem and enabled it by default on EFL.
      Note that Ruby is not enforced: a secondary check is done when LLInt
      is enabled on the JSC's CMakeLists.txt.
      
      * CMakeLists.txt:
      * Source/cmake/OptionsEfl.cmake:
      * Source/cmake/WebKitFeatures.cmake:
      * Source/cmakeconfig.h.cmake:
      
      Source/JavaScriptCore:
      
      Generate the headers needed by LLint when LLint is enabled.
      
      * CMakeLists.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128065 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      934f4081
    • carlosgc@webkit.org's avatar
      Unreviewed. Fix make distcheck. · fce6c13a
      carlosgc@webkit.org authored
      Source/JavaScriptCore:
      
      * GNUmakefile.list.am: Add missing files.
      
      Source/WebCore:
      
      * GNUmakefile.list.am: Add missing header files.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128037 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fce6c13a
  5. 09 Sep, 2012 4 commits
    • commit-queue@webkit.org's avatar
      Source/JavaScriptCore: Fixed a few llint C++ interpreter bugs. · 88e66d6d
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96127.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-09
      Reviewed by Geoffrey Garen.
      
      * llint/LLIntCLoop.h:
          CLoop::execute()'s bootstrapOpcodeId does not need a default
          value. There is no case when this function is called without
          that parameter being specified.
      * llint/LowLevelInterpreter.asm:
          Moved the dispatchAfterCall() call to where it is needed.
          For the C_LOOP back-end, it generates unreachable code.
      * llint/LowLevelInterpreter.cpp:
          #include <wtf/Assertions.h> because LLIntAssembly.h needs it.
      (JSC):
          Fixed bug in SIGN_BIT32() macro.
          Placate a MSVC warning for t0, and t1 being uninitialized.
      (JSC::CLoop::execute):
          The bootstrapOpcodeId arg should always be specified.
          MSVC doesn't like UNUSED_PARAM() for labels. Switch to using
              the new UNUSED_LABEL() macro.
      * offlineasm/cloop.rb:
      * offlineasm/generate_offset_extractor.rb:
          Resolved a compiler warning found via MSVC.
      
      Source/WTF: Fixed ASSERT() and ASSERT_AT() macros so that they can be used in
      comma expressions. Also, added UNUSED_LABEL().
      https://bugs.webkit.org/show_bug.cgi?id=96127.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-09
      Reviewed by Geoffrey Garen.
      
      * wtf/Assertions.h:
      * wtf/UnusedParam.h: Added UNUSED_LABEL(). Removed an obsolete comment.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128015 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      88e66d6d
    • paroga@webkit.org's avatar
      Add StringBuilder::appendNumber() and use it · 4d255977
      paroga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96030
      
      Reviewed by Eric Seidel.
      
      Also fix a bunch of append() vs. appendLiteral() issues in the surrounding code.
      
      Source/JavaScriptCore:
      
      * API/JSContextRef.cpp:
      (JSContextCreateBacktrace):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * interpreter/Interpreter.h:
      (JSC::StackFrame::toString):
      
      Source/WebCore:
      
      * Modules/websockets/WebSocketHandshake.cpp:
      (WebCore::hostName):
      * bindings/v8/ScriptController.cpp:
      (WebCore::resourceString):
      * css/FontFeatureValue.cpp:
      (WebCore::FontFeatureValue::customCssText):
      * dom/Position.cpp:
      (WebCore::Position::formatForDebugger):
      * dom/Range.cpp:
      (WebCore::Range::formatForDebugger):
      * html/FormController.cpp:
      (WebCore::FormKeyGenerator::formKey):
      * html/HTMLAnchorElement.cpp:
      (WebCore::appendServerMapMousePosition):
      * html/canvas/CanvasRenderingContext2D.cpp:
      (WebCore::CanvasRenderingContext2D::font):
      * inspector/IdentifiersFactory.cpp:
      (WebCore::IdentifiersFactory::addProcessIdPrefixTo):
      * page/FrameTree.cpp:
      (WebCore::FrameTree::uniqueChildName):
      * page/SecurityOrigin.cpp:
      (WebCore::SecurityOrigin::toRawString):
      * platform/Decimal.cpp:
      (WebCore::Decimal::toString):
      * platform/network/ProxyServer.cpp:
      (WebCore::appendProxyServerString):
      * platform/text/TextStream.cpp:
      (WebCore::TextStream::operator<<):
      * platform/text/TextStream.h:
      * rendering/RenderTreeAsText.cpp:
      (WebCore::nodePosition):
      * xml/XMLErrors.cpp:
      (WebCore::XMLErrors::appendErrorMessage):
      
      Source/WTF:
      
      * wtf/DateMath.cpp:
      (WTF::makeRFC2822DateString):
      * wtf/text/StringBuilder.cpp:
      (WTF::StringBuilder::appendNumber):
      * wtf/text/StringBuilder.h:
      (StringBuilder):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128014 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4d255977
    • paroga@webkit.org's avatar
      Make the String initialization on the function side of String::number() · 93e6a741
      paroga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=95940
      
      Reviewed by Benjamin Poulain.
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      
      Source/WebKit2:
      
      * win/WebKit2.def:
      * win/WebKit2CFLite.def:
      
      Source/WTF:
      
      Un-Inline String::number() to make the String initialization done on the function side
      instead of being on the caller side.
      
      * GNUmakefile.list.am:
      * WTF.gypi:
      * WTF.pro:
      * WTF.vcproj/WTF.vcproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/CMakeLists.txt:
      * wtf/text/IntegerToStringConversion.cpp: Removed.
      * wtf/text/IntegerToStringConversion.h:
      (WTF::numberToStringImpl):
      (WTF::numberToStringSigned):
      (WTF::numberToStringUnsigned):
      * wtf/text/WTFString.cpp:
      (WTF::String::number):
      * wtf/text/WTFString.h:
      
      Tools:
      
      * TestWebKitAPI/Tests/WTF/IntegerToStringConversion.cpp:
      (testBoundaries):
      (testNumbers):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127991 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      93e6a741
    • ggaren@apple.com's avatar
      Rolled out <http://trac.webkit.org/changeset/127939> because it broke · e7996609
      ggaren@apple.com authored
      fast/js/named-function-expression.html.
      
          Refactored bytecode generator initialization to support moving captured vars around
          https://bugs.webkit.org/show_bug.cgi?id=96159
      
          Reviewed by Gavin Barraclough.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127987 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e7996609
  6. 08 Sep, 2012 1 commit
  7. 07 Sep, 2012 7 commits
    • benjamin@webkit.org's avatar
      Rename the ustring() accessor to string() · c9b7a208
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=95919
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-09-07
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      Rename ustring() to string() to make the accessor name more logical after
      r127191.
      
      * API/JSBase.cpp:
      (JSEvaluateScript):
      (JSCheckScriptSyntax):
      * API/JSObjectRef.cpp:
      (JSObjectMakeFunctionWithCallback):
      (JSObjectMakeFunction):
      (JSObjectCopyPropertyNames):
      * API/JSProfilerPrivate.cpp:
      (JSStartProfiling):
      (JSEndProfiling):
      * API/JSValueRef.cpp:
      (JSValueMakeString):
      (JSValueMakeFromJSONString):
      * API/OpaqueJSString.cpp:
      (OpaqueJSString::string):
      * API/OpaqueJSString.h:
      (OpaqueJSString):
      * bytecode/CodeBlock.cpp:
      (JSC::idName):
      (JSC::CodeBlock::dump):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitLoad):
      (JSC::BytecodeGenerator::addStringConstant):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::RegExpNode::emitBytecode):
      (JSC::processClauseList):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      (GlobalObject::addFunction):
      (GlobalObject::addConstructableFunction):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::createRegExp):
      * parser/Parser.cpp:
      (JSC::::parsePrimaryExpression):
      * parser/Parser.h:
      (JSC::Scope::declareVariable):
      (JSC::Scope::declareParameter):
      (JSC::Scope::useVariable):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::createRegExp):
      * runtime/ExceptionHelpers.cpp:
      (JSC::createUndefinedVariableError):
      * runtime/Executable.cpp:
      (JSC::FunctionExecutable::paramString):
      * runtime/Executable.h:
      (JSC::FunctionExecutable::finishCreation):
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::addFunctionProperties):
      * runtime/Identifier.h:
      (JSC::Identifier::string):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::calculatedDisplayName):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      * runtime/JSONObject.cpp:
      (JSC::PropertyNameForFunctionCall::value):
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::walk):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::finishCreation):
      * runtime/JSScope.cpp:
      (JSC::JSScope::resolveBase):
      * runtime/JSString.h:
      (JSC::inlineJSValueNotStringtoString):
      * runtime/LiteralParser.cpp:
      (JSC::::parse):
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::finishCreation):
      (JSC::objectConstructorGetOwnPropertyNames):
      (JSC::objectConstructorKeys):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::finishCreation):
      
      Source/WebCore: 
      
      * bindings/js/Dictionary.cpp:
      (WebCore::Dictionary::getOwnPropertiesAsStringHashMap):
      (WebCore::Dictionary::getOwnPropertyNames):
      * bindings/js/SerializedScriptValue.cpp:
      Simplify a few String constructions which were still using type conversion
      through StringImpl.
      
      (WebCore::CloneSerializer::write):
      (WebCore::CloneDeserializer::CachedString::string):
      (WebCore::CloneDeserializer::readFile):
      (WebCore::CloneDeserializer::readTerminal):
      (WebCore::CloneDeserializer::deserialize):
      * bridge/NP_jsobject.cpp:
      (_NPN_Enumerate):
      
      Source/WebKit/efl: 
      
      * WebCoreSupport/DumpRenderTreeSupportEfl.cpp:
      (DumpRenderTreeSupportEfl::sendWebIntentResponse):
      (DumpRenderTreeSupportEfl::deliverWebIntent):
      Aslo update the code from the UString->String conversion through StringImpl.
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::enumerate):
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::enumerate):
      
      Tools: 
      
      Update EFL's DRT.
      
      Fix some string conversion that have been made useless
      with recent changes.
      
      * DumpRenderTree/efl/EventSender.cpp:
      (keyPadNameFromJSValue):
      (keyNameFromJSValue):
      * DumpRenderTree/efl/TestRunnerEfl.cpp:
      (TestRunner::queueLoad):
      (TestRunner::addOriginAccessWhitelistEntry):
      (TestRunner::removeOriginAccessWhitelistEntry):
      (TestRunner::setUserStyleSheetLocation):
      (TestRunner::setValueForUser):
      (TestRunner::elementDoesAutoCompleteForElementWithId):
      (TestRunner::execCommand):
      (TestRunner::findString):
      (TestRunner::isCommandEnabled):
      (TestRunner::clearApplicationCacheForOrigin):
      (TestRunner::setDomainRelaxationForbiddenForURLScheme):
      (TestRunner::pauseAnimationAtTimeOnElementWithId):
      (TestRunner::pauseTransitionAtTimeOnElementWithId):
      (toInt):
      (TestRunner::overridePreference):
      (TestRunner::addUserScript):
      (TestRunner::addUserStyleSheet):
      (TestRunner::evaluateInWebInspector):
      (TestRunner::evaluateScriptInIsolatedWorld):
      (TestRunner::setTextDirection):
      * DumpRenderTree/efl/WorkQueueItemEfl.cpp:
      (LoadItem::invoke):
      (LoadHTMLStringItem::invoke):
      (ScriptItem::invoke):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127958 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c9b7a208
    • lforschler@apple.com's avatar
      Versioning. · 61e408fc
      lforschler@apple.com authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127951 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      61e408fc
    • barraclough@apple.com's avatar
      CALLFRAME_OFFSET and EXCEPTION_OFFSET are same in ctiTrampoline on ARM Thumb2 · a5e3a165
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=82013
      
      Reviewed by Geoff Garen.
      
      Neither of these values need to be stored. At all.
      
      * jit/JITStubs.cpp:
      (JSC):
      (JSC::ctiTrampoline):
      (JSC::JITThunks::JITThunks):
          - Nothing to see here. Move along.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127944 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a5e3a165
    • commit-queue@webkit.org's avatar
      Unreviewed, rolling out r127938. · c9b3da70
      commit-queue@webkit.org authored
      http://trac.webkit.org/changeset/127938
      https://bugs.webkit.org/show_bug.cgi?id=96166
      
      It broke the build (Requested by smfr on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2012-09-07
      
      Source/JavaScriptCore:
      
      * llint/LowLevelInterpreter.cpp:
      (JSC):
      (JSC::CLoop::execute):
      * offlineasm/cloop.rb:
      
      Source/WTF:
      
      * wtf/Assertions.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127941 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c9b3da70
    • ggaren@apple.com's avatar
      Refactored bytecode generator initialization to support moving captured vars around · 640e9beb
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96159
      
      Reviewed by Gavin Barraclough.
      
      This patch separates the stages of allocating registers, declaring identifiers
      in the symbol table, and initializing registers, so you can change
      allocation decisions without breaking the world.
      
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator): Call a set of helper functions
      instead of inlining all the code, to help clarity.
      
      (JSC::BytecodeGenerator::allocateCapturedVars):
      (JSC::BytecodeGenerator::allocateUncapturedVars):
      (JSC::BytecodeGenerator::allocateActivationVar):
      (JSC::BytecodeGenerator::allocateArgumentsVars):
      (JSC::BytecodeGenerator::allocateCalleeVarUndeclared):
      (JSC::BytecodeGenerator::declareParameters):
      (JSC::BytecodeGenerator::declareCallee):
      (JSC::BytecodeGenerator::initCalleeVar):
      (JSC::BytecodeGenerator::initArgumentsVars):
      (JSC::BytecodeGenerator::initActivationVar):
      (JSC::BytecodeGenerator::initThisParameter):
      (JSC::BytecodeGenerator::initFunctionDeclarations):
      (JSC::BytecodeGenerator::declareParameter):
      (JSC::BytecodeGenerator::createLazyRegisterIfNecessary):
      (JSC::BytecodeGenerator::createActivationIfNecessary): Factored these
      helper functions out from pre-existing code.
      
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::createFuncDeclStatement):
      (JSC::ASTBuilder::addVar):
      * parser/Nodes.h:
      (JSC::DeclarationStacks::VarDeclaration::VarDeclaration):
      (VarDeclaration):
      (JSC::DeclarationStacks::FunctionDeclaration::FunctionDeclaration):
      (FunctionDeclaration): Declaration stacks get a little more data now,
      to support allocating registers before putting things in the symbol
      table. I'm convinced that we should eventually just expand the symbol
      table to understand these things.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127939 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      640e9beb
    • commit-queue@webkit.org's avatar
      Source/JavaScriptCore: Fix a llint C++ interpreter bugs. · b3fcc5a4
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=96127.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-07
      Reviewed by Filip Pizlo.
      
      * llint/LowLevelInterpreter.cpp:
      (JSC):
      (JSC::CLoop::execute):
      * offlineasm/cloop.rb:
      
      Source/WTF: Fixed ASSERT() and ASSERT_AT() macros so that they can be used in
      comma expressions.
      https://bugs.webkit.org/show_bug.cgi?id=96127.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-07
      Reviewed by Filip Pizlo.
      
      * wtf/Assertions.h:
      (wtfAssert):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127938 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b3fcc5a4
    • barraclough@apple.com's avatar
      Object.prototype.__define{G,S}etter__ with non-callable second parameter... · 885da322
      barraclough@apple.com authored
      Object.prototype.__define{G,S}etter__ with non-callable second parameter should throw TypeError instead of SyntaxError
      https://bugs.webkit.org/show_bug.cgi?id=93873
      
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncDefineGetter):
          - throw TypeError instead of SyntaxError
      (JSC::objectProtoFuncDefineSetter):
          - throw TypeError instead of SyntaxError
      
      LayoutTests: 
      
      * fast/js/property-getters-and-setters-expected.txt:
          - updated results
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127930 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      885da322