1. 06 Oct, 2008 4 commits
    • mjs@apple.com's avatar
      JavaScriptCore: · 6c3268ce
      mjs@apple.com authored
      2008-10-06  Maciej Stachowiak  <mjs@apple.com>
      
              Not reviewed. Build fix.
              
              - revert toBoolean changes (r37333 and r37335); need to make WebCore work with these
      
              * API/JSValueRef.cpp:
              (JSValueToBoolean):
              * ChangeLog:
              * JavaScriptCore.exp:
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * VM/Machine.cpp:
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_loop_if_true):
              (JSC::Machine::cti_op_not):
              (JSC::Machine::cti_op_jtrue):
              * kjs/ArrayPrototype.cpp:
              (JSC::arrayProtoFuncFilter):
              (JSC::arrayProtoFuncEvery):
              (JSC::arrayProtoFuncSome):
              * kjs/BooleanConstructor.cpp:
              (JSC::constructBoolean):
              (JSC::callBooleanConstructor):
              * kjs/GetterSetter.h:
              * kjs/JSCell.h:
              (JSC::JSValue::toBoolean):
              * kjs/JSNumberCell.cpp:
              (JSC::JSNumberCell::toBoolean):
              * kjs/JSNumberCell.h:
              * kjs/JSObject.cpp:
              (JSC::JSObject::toBoolean):
              * kjs/JSObject.h:
              * kjs/JSString.cpp:
              (JSC::JSString::toBoolean):
              * kjs/JSString.h:
              * kjs/JSValue.h:
              * kjs/RegExpConstructor.cpp:
              (JSC::setRegExpConstructorMultiline):
              * kjs/RegExpObject.cpp:
              (JSC::RegExpObject::match):
              * kjs/RegExpPrototype.cpp:
              (JSC::regExpProtoFuncToString):
      
      JavaScriptGlue:
      
      2008-10-06  Maciej Stachowiak  <mjs@apple.com>
      
              Not reviewed. Build fix.
      
              - revert toBoolean changes (r37333 and r37335); need to make WebCore work with these
      
              * JSUtils.cpp:
              (KJSValueToCFTypeInternal):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37337 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c3268ce
    • mjs@apple.com's avatar
      2008-10-06 Maciej Stachowiak <mjs@apple.com> · d2c36fec
      mjs@apple.com authored
              Reviewed by Sam Weinig.
              
              - optimize op_jtrue, op_loop_if_true and op_not in various ways
              https://bugs.webkit.org/show_bug.cgi?id=21404
              
              1) Make JSValue::toBoolean nonvirtual and completely inline by
              making use of the StructureID type field.
              
              2) Make JSValue::toBoolean not take an ExecState; doesn't need it.
              
              3) Make op_not, op_loop_if_true and op_jtrue not read the
              ExecState (toBoolean doesn't need it any more) and not check
              exceptions (toBoolean can't throw).
      
              * API/JSValueRef.cpp:
              (JSValueToBoolean):
              * JavaScriptCore.exp:
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * VM/Machine.cpp:
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_loop_if_true):
              (JSC::Machine::cti_op_not):
              (JSC::Machine::cti_op_jtrue):
              * kjs/ArrayPrototype.cpp:
              (JSC::arrayProtoFuncFilter):
              (JSC::arrayProtoFuncEvery):
              (JSC::arrayProtoFuncSome):
              * kjs/BooleanConstructor.cpp:
              (JSC::constructBoolean):
              (JSC::callBooleanConstructor):
              * kjs/GetterSetter.h:
              * kjs/JSCell.h:
              (JSC::JSValue::toBoolean):
              * kjs/JSNumberCell.cpp:
              * kjs/JSNumberCell.h:
              (JSC::JSNumberCell::toBoolean):
              * kjs/JSObject.cpp:
              * kjs/JSObject.h:
              (JSC::JSObject::toBoolean):
              (JSC::JSCell::toBoolean):
              * kjs/JSString.cpp:
              * kjs/JSString.h:
              (JSC::JSString::toBoolean):
              * kjs/JSValue.h:
              * kjs/RegExpConstructor.cpp:
              (JSC::setRegExpConstructorMultiline):
              * kjs/RegExpObject.cpp:
              (JSC::RegExpObject::match):
              * kjs/RegExpPrototype.cpp:
              (JSC::regExpProtoFuncToString):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37333 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d2c36fec
    • mjs@apple.com's avatar
      2008-10-05 Maciej Stachowiak <mjs@apple.com> · 1d94015c
      mjs@apple.com authored
              Reviewed by Cameron Zwarich.
              
              - fix releas-only test failures caused by the fix to bug 21375
      
              * VM/Machine.cpp:
              (JSC::Machine::unwindCallFrame): Update ExecState while unwinding call frames;
              it now matters more to have a still-valid ExecState, since dynamicGlobalObject
              will make use of the ExecState's scope chain.
              * VM/Machine.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37325 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1d94015c
    • cwzwarich@webkit.org's avatar
      2008-10-05 Cameron Zwarich <zwarich@apple.com> · a3b5f8a7
      cwzwarich@webkit.org authored
              Reviewed by Oliver Hunt.
      
              Bug 21364: Remove the branch in op_ret for OptionalCalleeActivation and OptionalCalleeArguments
              <https://bugs.webkit.org/show_bug.cgi?id=21364>
      
              Use information from the parser to detect whether an activation is
              needed or 'arguments' is used, and emit explicit instructions to tear
              them off before op_ret. This allows a branch to be removed from op_ret
              and simplifies some other code. This does cause a small change in the
              behaviour of 'f.arguments'; it is no longer live when 'arguments' is not
              mentioned in the lexical scope of the function.
      
              It should now be easy to remove the OptionaCalleeActivation slot in the
              call frame, but this will be done in a later patch.
      
              JavaScriptCore:
      
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::emitReturn):
              * VM/CodeGenerator.h:
              * VM/Machine.cpp:
              (JSC::Machine::unwindCallFrame):
              (JSC::Machine::privateExecute):
              (JSC::Machine::retrieveArguments):
              (JSC::Machine::cti_op_create_arguments):
              (JSC::Machine::cti_op_tear_off_activation):
              (JSC::Machine::cti_op_tear_off_arguments):
              * VM/Machine.h:
              * VM/Opcode.h:
              * kjs/Arguments.cpp:
              (JSC::Arguments::mark):
              * kjs/Arguments.h:
              (JSC::Arguments::isTornOff):
              (JSC::Arguments::Arguments):
              (JSC::Arguments::copyRegisters):
              (JSC::JSActivation::copyRegisters):
              * kjs/JSActivation.cpp:
              (JSC::JSActivation::argumentsGetter):
              * kjs/JSActivation.h:
      
              LayoutTests:
      
              * fast/js/function-dot-arguments-expected.txt:
              * fast/js/resources/function-dot-arguments.js:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37324 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a3b5f8a7
  2. 05 Oct, 2008 1 commit
    • mjs@apple.com's avatar
      2008-10-05 Maciej Stachowiak <mjs@apple.com> · 05456d94
      mjs@apple.com authored
              Reviewed by Oliver Hunt.
              
              - fixed "REGRESSION (r37297): fast/js/deep-recursion-test takes too long and times out"
              https://bugs.webkit.org/show_bug.cgi?id=21375
              
              The problem is that dynamicGlobalObject had become O(N) in number
              of call frames, but unwinding the stack for an exception called it
              for every call frame, resulting in O(N^2) behavior for an
              exception thrown from inside deep recursion.
      
              Instead of doing it that way, stash the dynamic global object in JSGlobalData.
              
              * JavaScriptCore.exp:
              * VM/Machine.cpp:
              (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): Helper class to temporarily
              store and later restore a dynamicGlobalObject in JSGlobalData.
              (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
              (JSC::Machine::execute): In each version, establish a DynamicGlobalObjectScope.
              For ProgramNode, always establish set new dynamicGlobalObject, for FunctionBody and Eval,
              only if none is currently set.
              * VM/Machine.h:
              * kjs/ExecState.h:
              * kjs/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData): Ininitalize new dynamicGlobalObject field to 0.
              * kjs/JSGlobalData.h:
              * kjs/JSGlobalObject.h:
              (JSC::ExecState::dynamicGlobalObject): Moved here from ExecState for benefit of inlining.
              Return lexical global object if this is a globalExec(), otherwise look in JSGlobalData
              for the one stashed there.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37323 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      05456d94
  3. 04 Oct, 2008 3 commits
    • darin@apple.com's avatar
      JavaScriptCore: · d3f46409
      darin@apple.com authored
      2008-10-04  Darin Adler  <darin@apple.com>
      
              Reviewed by Cameron Zwarich.
      
              - https://bugs.webkit.org/show_bug.cgi?id=21295
                Bug 21295: Replace ExecState with a call frame Register pointer
      
              10% faster on Richards; other v8 benchmarks faster too.
              A wash on SunSpider.
      
              This does the minimum necessary to get the speedup. Next step in
              cleaning this up is to replace ExecState with a CallFrame class,
              and be more judicious about when to pass a call frame and when
              to pass a global data pointer, global object pointer, or perhaps
              something else entirely.
      
              * VM/CTI.cpp: Remove the debug-only check of the exception in
              ctiVMThrowTrampoline -- already checked in the code the trampoline
              jumps to, so not all that useful. Removed the exec argument from
              ctiTrampoline. Removed emitDebugExceptionCheck -- no longer needed.
              (JSC::CTI::emitCall): Removed code to set ExecState::m_callFrame.
              (JSC::CTI::privateCompileMainPass): Removed code in catch to extract
              the exception from ExecState::m_exception; instead, the code that
              jumps into catch will make sure the exception is already in eax.
              * VM/CTI.h: Removed exec from the ctiTrampoline. Also removed the
              non-helpful "volatile". Temporarily left ARG_exec in as a synonym
              for ARG_r; I'll change that on a future cleanup pass when introducing
              more use of the CallFrame type.
              (JSC::CTI::execute): Removed the ExecState* argument.
      
              * VM/ExceptionHelpers.cpp:
              (JSC::InterruptedExecutionError::InterruptedExecutionError): Take
              JSGlobalData* instead of ExecState*.
              (JSC::createInterruptedExecutionException): Ditto.
              * VM/ExceptionHelpers.h: Ditto. Also removed an unneeded include.
      
              * VM/Machine.cpp:
              (JSC::slideRegisterWindowForCall): Removed the exec and
              exceptionValue arguments. Changed to return 0 when there's a stack
              overflow rather than using a separate exception argument to cut
              down on memory accesses in the calling convention.
              (JSC::Machine::unwindCallFrame): Removed the exec argument when
              constructing a DebuggerCallFrame. Also removed code to set
              ExecState::m_callFrame.
              (JSC::Machine::throwException): Removed the exec argument when
              construction a DebuggerCallFrame.
              (JSC::Machine::execute): Updated to use the register instead of
              ExecState and also removed various uses of ExecState.
              (JSC::Machine::debug):
              (JSC::Machine::privateExecute): Put globalData into a local
              variable so it can be used throughout the interpreter. Changed
              the VM_CHECK_EXCEPTION to get the exception in globalData instead
              of through ExecState.
              (JSC::Machine::retrieveLastCaller): Turn exec into a registers
              pointer by calling registers() instead of by getting m_callFrame.
              (JSC::Machine::callFrame): Ditto.
              Tweaked exception macros. Made new versions for when you know
              you have an exception. Get at global exception with ARG_globalData.
              Got rid of the need to pass in the return value type.
              (JSC::Machine::cti_op_add): Update to use new version of exception
              macros.
              (JSC::Machine::cti_op_pre_inc): Ditto.
              (JSC::Machine::cti_timeout_check): Ditto.
              (JSC::Machine::cti_op_instanceof): Ditto.
              (JSC::Machine::cti_op_new_func): Ditto.
              (JSC::Machine::cti_op_call_JSFunction): Optimized by using the
              ARG values directly instead of through local variables -- this gets
              rid of code that just shuffles things around in the stack frame.
              Also get rid of ExecState and update for the new way exceptions are
              handled in slideRegisterWindowForCall.
              (JSC::Machine::cti_vm_compile): Update to make exec out of r since
              they are both the same thing now.
              (JSC::Machine::cti_op_call_NotJSFunction): Ditto.
              (JSC::Machine::cti_op_init_arguments): Ditto.
              (JSC::Machine::cti_op_resolve): Ditto.
              (JSC::Machine::cti_op_construct_JSConstruct): Ditto.
              (JSC::Machine::cti_op_construct_NotJSConstruct): Ditto.
              (JSC::Machine::cti_op_resolve_func): Ditto.
              (JSC::Machine::cti_op_put_by_val): Ditto.
              (JSC::Machine::cti_op_put_by_val_array): Ditto.
              (JSC::Machine::cti_op_resolve_skip): Ditto.
              (JSC::Machine::cti_op_resolve_global): Ditto.
              (JSC::Machine::cti_op_post_inc): Ditto.
              (JSC::Machine::cti_op_resolve_with_base): Ditto.
              (JSC::Machine::cti_op_post_dec): Ditto.
              (JSC::Machine::cti_op_call_eval): Ditto.
              (JSC::Machine::cti_op_throw): Ditto. Also rearranged to return
              the exception value as the return value so it can be used by
              op_catch.
              (JSC::Machine::cti_op_push_scope): Ditto.
              (JSC::Machine::cti_op_in): Ditto.
              (JSC::Machine::cti_op_del_by_val): Ditto.
              (JSC::Machine::cti_vm_throw): Ditto. Also rearranged to return
              the exception value as the return value so it can be used by
              op_catch.
      
              * kjs/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::functionName): Pass globalData.
              (JSC::DebuggerCallFrame::evaluate): Eliminated code to make a
              new ExecState.
              * kjs/DebuggerCallFrame.h: Removed ExecState argument from
              constructor.
      
              * kjs/ExecState.h: Eliminated all data members and made ExecState
              inherit privately from Register instead. Also added a typedef to
              the future name for this class, which is CallFrame. It's just a
              Register* that knows it's a pointer at a call frame. The new class
              can't be constructed or copied. Changed all functions to use
              the this pointer instead of m_callFrame. Changed exception-related
              functions to access an exception in JSGlobalData. Removed functions
              used by CTI to pass the return address to the throw machinery --
              this is now done directly with a global in the global data.
      
              * kjs/FunctionPrototype.cpp:
              (JSC::functionProtoFuncToString): Pass globalData instead of exec.
      
              * kjs/InternalFunction.cpp:
              (JSC::InternalFunction::name): Take globalData instead of exec.
              * kjs/InternalFunction.h: Ditto.
      
              * kjs/JSGlobalData.cpp: Initialize the new exception global to 0.
              * kjs/JSGlobalData.h: Declare two new globals. One for the current
              exception and another for the return address used by CTI to
              implement the throw operation.
      
              * kjs/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::init): Removed code to set up globalExec,
              which is now the same thing as globalCallFrame.
              (JSC::JSGlobalObject::reset): Get globalExec from our globalExec
              function so we don't have to repeat the logic twice.
              (JSC::JSGlobalObject::mark): Removed code to mark the exception;
              the exception is now stored in JSGlobalData and marked there.
              (JSC::JSGlobalObject::globalExec): Return a pointer to the end
              of the global call frame.
              * kjs/JSGlobalObject.h: Removed the globalExec data member.
      
              * kjs/JSObject.cpp:
              (JSC::JSObject::putDirectFunction): Pass globalData instead of exec.
      
              * kjs/collector.cpp:
              (JSC::Heap::collect): Mark the global exception.
      
              * profiler/ProfileGenerator.cpp:
              (JSC::ProfileGenerator::addParentForConsoleStart): Pass globalData
              instead of exec to createCallIdentifier.
      
              * profiler/Profiler.cpp:
              (JSC::Profiler::willExecute): Pass globalData instead of exec to
              createCallIdentifier.
              (JSC::Profiler::didExecute): Ditto.
              (JSC::Profiler::createCallIdentifier): Take globalData instead of
              exec.
              (JSC::createCallIdentifierFromFunctionImp): Ditto.
              * profiler/Profiler.h: Change interface to take a JSGlobalData
              instead of an ExecState.
      
      WebKit/mac:
      
      2008-10-04  Darin Adler  <darin@apple.com>
      
              Reviewed by Cameron Zwarich.
      
              - https://bugs.webkit.org/show_bug.cgi?id=21295
                Bug 21295: Replace ExecState with a call frame Register pointer
      
              * WebView/WebScriptDebugger.mm:
              (WebScriptDebugger::WebScriptDebugger): Remove 0 passed for ExecState.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37297 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d3f46409
    • cwzwarich@webkit.org's avatar
      2008-10-04 Cameron Zwarich <zwarich@apple.com> · 2f316b4c
      cwzwarich@webkit.org authored
              Reviewed by Darin Adler.
      
              Bug 21369: Add opcode documentation for all undocumented opcodes
              <https://bugs.webkit.org/show_bug.cgi?id=21369>
      
              This patch adds opcode documentation for all undocumented opcodes, and
              it also renames op_init_arguments to op_create_arguments.
      
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::CodeGenerator):
              * VM/Machine.cpp:
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_create_arguments):
              * VM/Machine.h:
              * VM/Opcode.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37294 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2f316b4c
    • mjs@apple.com's avatar
      JavaScriptCore: · 8b246d6d
      mjs@apple.com authored
      2008-10-03  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Cameron Zwarich.
              
              - "this" object in methods called on primitives should be wrapper object
              https://bugs.webkit.org/show_bug.cgi?id=21362
      
              I changed things so that functions which use "this" do a fast
              version of toThisObject conversion if needed. Currently we miss
              the conversion entirely, at least for primitive types. Using
              TypeInfo and the primitive check, I made the fast case bail out
              pretty fast.
              
              This is inexplicably an 1.007x SunSpider speedup (and a wash on V8 benchmarks).
           
              Also renamed some opcodes for clarity:
              
              init ==> enter
              init_activation ==> enter_with_activation
              
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              (JSC::CTI::privateCompileSlowCases):
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::generate):
              (JSC::CodeGenerator::CodeGenerator):
              * VM/Machine.cpp:
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_convert_this):
              * VM/Machine.h:
              * VM/Opcode.h:
              * kjs/JSActivation.cpp:
              (JSC::JSActivation::JSActivation):
              * kjs/JSActivation.h:
              (JSC::JSActivation::createStructureID):
              * kjs/JSCell.h:
              (JSC::JSValue::needsThisConversion):
              * kjs/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              * kjs/JSGlobalData.h:
              * kjs/JSNumberCell.h:
              (JSC::JSNumberCell::createStructureID):
              * kjs/JSStaticScopeObject.h:
              (JSC::JSStaticScopeObject::JSStaticScopeObject):
              (JSC::JSStaticScopeObject::createStructureID):
              * kjs/JSString.h:
              (JSC::JSString::createStructureID):
              * kjs/JSValue.h:
              * kjs/TypeInfo.h:
              (JSC::TypeInfo::needsThisConversion):
              * kjs/nodes.h:
              (JSC::ScopeNode::usesThis):
      
      WebCore:
      
      2008-10-03  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Cameron Zwarich.
      
              - "this" object in methods called on primitives should be wrapper object
              https://bugs.webkit.org/show_bug.cgi?id=21362
      
              Updated so toThis conversion for the split window is handled properly.
      
              * bindings/scripts/CodeGeneratorJS.pm:
      
      LayoutTests:
      
      2008-10-03  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Cameron Zwarich.
              
              - test case for: "this" object in methods called on primitives should be wrapper object
      
              * fast/js/primitive-method-this-expected.txt: Added.
              * fast/js/primitive-method-this.html: Added.
              * fast/js/resources/primitive-method-this.js: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37285 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8b246d6d
  4. 03 Oct, 2008 2 commits
    • cwzwarich@webkit.org's avatar
      2008-10-03 Cameron Zwarich <zwarich@apple.com> · fde1c9a7
      cwzwarich@webkit.org authored
              Reviewed by Maciej Stachowiak.
      
              Bug 21343: REGRESSSION (r37160): ecma_3/ExecutionContexts/10.1.3-1.js and js1_4/Functions/function-001.js fail on 64-bit
              <https://bugs.webkit.org/show_bug.cgi?id=21343>
      
              A fix was landed for this issue in r37253, and the ChangeLog assumes
              that it is a compiler bug, but it turns out that it is a subtle issue
              with mixing signed and unsigned 32-bit values in a 64-bit environment.
              In order to properly fix this bug, we should convert our signed offsets
              into the register file to use ptrdiff_t.
      
              This may not be the only instance of this issue, but I will land this
              fix first and look for more later.
      
              * VM/Machine.cpp:
              (JSC::Machine::getArgumentsData):
              * VM/Machine.h:
              * kjs/Arguments.cpp:
              (JSC::Arguments::getOwnPropertySlot):
              * kjs/Arguments.h:
              (JSC::Arguments::init):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37268 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fde1c9a7
    • darin@apple.com's avatar
      JavaScriptCore: · 3d73fee8
      darin@apple.com authored
      2008-10-03  Darin Adler  <darin@apple.com>
      
              Reviewed by Geoff Garen.
      
              - next step of https://bugs.webkit.org/show_bug.cgi?id=21295
                Turn ExecState into a call frame pointer.
      
              Remove m_globalObject and m_globalData from ExecState.
      
              SunSpider says this is a wash (slightly faster but not statistically
              significant); which is good enough since it's a preparation step and
              not supposed to be a spedup.
      
              * API/JSCallbackFunction.cpp:
              (JSC::JSCallbackFunction::JSCallbackFunction):
              * kjs/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              * kjs/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              * kjs/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * kjs/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * kjs/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * kjs/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              * kjs/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              * kjs/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              * kjs/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              * kjs/PrototypeFunction.cpp:
              (JSC::PrototypeFunction::PrototypeFunction):
              * kjs/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              * kjs/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              Pass JSGlobalData* instead of ExecState* to the InternalFunction
              constructor.
      
              * API/OpaqueJSString.cpp: Added now-needed include.
      
              * JavaScriptCore.exp: Updated.
      
              * VM/CTI.cpp:
              (JSC::CTI::emitSlowScriptCheck): Changed to use ARGS_globalData
              instead of ARGS_exec.
      
              * VM/CTI.h: Added a new argument to the CTI, the global data pointer.
              While it's possible to get to the global data pointer using the
              ExecState pointer, it's slow enough that it's better to just keep
              it around in the CTI arguments.
      
              * VM/CodeBlock.h: Moved the CodeType enum here from ExecState.h.
      
              * VM/Machine.cpp:
              (JSC::Machine::execute): Pass fewer arguments when constructing
              ExecState, and pass the global data pointer when invoking CTI.
              (JSC::Machine::firstCallFrame): Added. Used to get the dynamic global
              object, which is in the scope chain of the first call frame.
              (JSC::Machine::cti_op_add): Use globalData instead of exec when
              possible, to keep fast cases fast, since it's now more expensive to
              get to it through the exec pointer.
              (JSC::Machine::cti_timeout_check): Ditto.
              (JSC::Machine::cti_op_put_by_id_second): Ditto.
              (JSC::Machine::cti_op_get_by_id_second): Ditto.
              (JSC::Machine::cti_op_mul): Ditto.
              (JSC::Machine::cti_vm_compile): Ditto.
              (JSC::Machine::cti_op_get_by_val): Ditto.
              (JSC::Machine::cti_op_sub): Ditto.
              (JSC::Machine::cti_op_put_by_val): Ditto.
              (JSC::Machine::cti_op_put_by_val_array): Ditto.
              (JSC::Machine::cti_op_negate): Ditto.
              (JSC::Machine::cti_op_div): Ditto.
              (JSC::Machine::cti_op_pre_dec): Ditto.
              (JSC::Machine::cti_op_post_inc): Ditto.
              (JSC::Machine::cti_op_lshift): Ditto.
              (JSC::Machine::cti_op_bitand): Ditto.
              (JSC::Machine::cti_op_rshift): Ditto.
              (JSC::Machine::cti_op_bitnot): Ditto.
              (JSC::Machine::cti_op_mod): Ditto.
              (JSC::Machine::cti_op_post_dec): Ditto.
              (JSC::Machine::cti_op_urshift): Ditto.
              (JSC::Machine::cti_op_bitxor): Ditto.
              (JSC::Machine::cti_op_bitor): Ditto.
              (JSC::Machine::cti_op_call_eval): Ditto.
              (JSC::Machine::cti_op_throw): Ditto.
              (JSC::Machine::cti_op_is_string): Ditto.
              (JSC::Machine::cti_op_debug): Ditto.
              (JSC::Machine::cti_vm_throw): Ditto.
      
              * VM/Machine.h: Added firstCallFrame.
      
              * kjs/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::evaluate): Pass fewer arguments when
              constructing ExecState.
      
              * kjs/ExecState.cpp: Deleted contents. Later we'll remove the
              file altogether.
      
              * kjs/ExecState.h: Removed m_globalObject and m_globalData.
              Moved CodeType into another header.
              (JSC::ExecState::ExecState): Take only a single argument, a
              call frame pointer.
              (JSC::ExecState::dynamicGlobalObject): Get the object from
              the first call frame since it's no longer stored.
              (JSC::ExecState::globalData): Get the global data from the
              scope chain, since we no longer store a pointer to it here.
              (JSC::ExecState::identifierTable): Ditto.
              (JSC::ExecState::propertyNames): Ditto.
              (JSC::ExecState::emptyList): Ditto.
              (JSC::ExecState::lexer): Ditto.
              (JSC::ExecState::parser): Ditto.
              (JSC::ExecState::machine): Ditto.
              (JSC::ExecState::arrayTable): Ditto.
              (JSC::ExecState::dateTable): Ditto.
              (JSC::ExecState::mathTable): Ditto.
              (JSC::ExecState::numberTable): Ditto.
              (JSC::ExecState::regExpTable): Ditto.
              (JSC::ExecState::regExpConstructorTable): Ditto.
              (JSC::ExecState::stringTable): Ditto.
              (JSC::ExecState::heap): Ditto.
      
              * kjs/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor): Pass
              JSGlobalData* instead of ExecState* to the InternalFunction
              constructor.
              (JSC::constructFunction): Pass the global data pointer when
              constructing a new scope chain.
      
              * kjs/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction): Take a JSGlobalData*
              instead of an ExecState*. Later we can change more places to
              work this way -- it's more efficient to take the type you need
              since the caller might already have it.
              * kjs/InternalFunction.h: Ditto.
      
              * kjs/JSCell.h:
              (JSC::JSCell::operator new): Added an overload that takes a
              JSGlobalData* so you can construct without an ExecState*.
      
              * kjs/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::init): Moved creation of the global scope
              chain in here, since it now requires a pointer to the global data.
              Moved the initialization of the call frame in here since it requires
              the global scope chain node. Removed the extra argument to ExecState
              when creating the global ExecState*.
              * kjs/JSGlobalObject.h: Removed initialization of globalScopeChain
              and the call frame from the JSGlobalObjectData constructor. Added
              a thisValue argument to the init function.
      
              * kjs/JSNumberCell.cpp: Added versions of jsNumberCell that take
              JSGlobalData* rather than ExecState*.
              * kjs/JSNumberCell.h:
              (JSC::JSNumberCell::operator new): Added a version that takes
              JSGlobalData*.
              (JSC::JSNumberCell::JSNumberCell): Ditto.
              (JSC::jsNumber): Ditto.
              * kjs/JSString.cpp:
              (JSC::jsString): Ditto.
              (JSC::jsSubstring): Ditto.
              (JSC::jsOwnedString): Ditto.
              * kjs/JSString.h:
              (JSC::JSString::JSString): Changed to take JSGlobalData*.
              (JSC::jsEmptyString): Added a version that takes JSGlobalData*.
              (JSC::jsSingleCharacterString): Ditto.
              (JSC::jsSingleCharacterSubstring): Ditto.
              (JSC::jsNontrivialString): Ditto.
              (JSC::JSString::getIndex): Ditto.
              (JSC::jsString): Ditto.
              (JSC::jsSubstring): Ditto.
              (JSC::jsOwnedString): Ditto.
      
              * kjs/ScopeChain.h: Added a globalData pointer to each node.
              (JSC::ScopeChainNode::ScopeChainNode): Initialize the globalData
              pointer.
              (JSC::ScopeChainNode::push): Set the global data pointer in the
              new node.
              (JSC::ScopeChain::ScopeChain): Take a globalData argument.
      
              * kjs/SmallStrings.cpp:
              (JSC::SmallStrings::createEmptyString): Take JSGlobalData* instead of
              ExecState*.
              (JSC::SmallStrings::createSingleCharacterString): Ditto.
              * kjs/SmallStrings.h:
              (JSC::SmallStrings::emptyString): Ditto.
              (JSC::SmallStrings::singleCharacterString): Ditto.
      
      WebCore:
      
      2008-10-03  Darin Adler  <darin@apple.com>
      
              Reviewed by Geoff Garen.
      
              - next step of https://bugs.webkit.org/show_bug.cgi?id=21295
                Turn ExecState into a call frame pointer.
      
              Remove m_globalObject and m_globalData from ExecState.
      
              * bindings/js/JSDOMWindowBase.cpp:
              (WebCore::JSDOMWindowBase::JSDOMWindowBaseData::JSDOMWindowBaseData):
              Removed an argument now that JSGlobalObject doesn't need it any more.
              (WebCore::JSDOMWindowBase::JSDOMWindowBase): Removed the argument from
              the JSDOMWindowBaseData constructor, and added the this argument to the
              JSGlobalObject constructor. This is because a couple key bits of
              initialization moved from the data constructor to the JSGlobalObject
              constructor.
              * bindings/js/JSDOMWindowBase.h: Ditto.
      
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
              * bridge/runtime_method.cpp:
              (JSC::RuntimeMethod::RuntimeMethod):
              Pass JSGlobalData* instead of ExecState* to the InternalFunction
              constructor.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37257 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3d73fee8
  5. 02 Oct, 2008 3 commits
    • cwzwarich@webkit.org's avatar
      2008-10-02 Cameron Zwarich <zwarich@apple.com> · 7ec515a5
      cwzwarich@webkit.org authored
              Reviewed by Geoff Garen.
      
              Bug 21317: Replace RegisterFile size and capacity information with Register pointers
              <https://bugs.webkit.org/show_bug.cgi?id=21317>
      
              This is a 2.3% speedup on the V8 DeltaBlue benchmark, a 3.3% speedup on
              the V8 Raytrace benchmark, and a 1.0% speedup on SunSpider.
      
              * VM/Machine.cpp:
              (JSC::slideRegisterWindowForCall):
              (JSC::Machine::callEval):
              (JSC::Machine::execute):
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_call_JSFunction):
              (JSC::Machine::cti_op_construct_JSConstruct):
              * VM/RegisterFile.cpp:
              (JSC::RegisterFile::~RegisterFile):
              * VM/RegisterFile.h:
              (JSC::RegisterFile::RegisterFile):
              (JSC::RegisterFile::start):
              (JSC::RegisterFile::end):
              (JSC::RegisterFile::size):
              (JSC::RegisterFile::shrink):
              (JSC::RegisterFile::grow):
              (JSC::RegisterFile::lastGlobal):
              (JSC::RegisterFile::markGlobals):
              (JSC::RegisterFile::markCallFrames):
              * kjs/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::copyGlobalsTo):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37213 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7ec515a5
    • ggaren@apple.com's avatar
      2008-10-02 Geoffrey Garen <ggaren@apple.com> · c9cad7f3
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
              
              Fixed https://bugs.webkit.org/show_bug.cgi?id=21283.
              Profiler Crashes When Started
      
              * VM/Machine.cpp:
              * VM/Machine.h:
              (JSC::makeHostCallFramePointer):
              (JSC::isHostCallFrame):
              (JSC::stripHostCallFrameBit): Moved some things to the header so
              JSGlobalObject could use them.
      
              * kjs/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): Call the
              new makeHostCallFramePointer API, since 0 no longer indicates a host
              call frame.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37191 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c9cad7f3
    • ggaren@apple.com's avatar
      JavaScriptCore: · 69e9ccfb
      ggaren@apple.com authored
      2008-10-01  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler and Cameron Zwarich.
      
              Preliminary step toward dynamic recompilation: Standardized and
              simplified the parsing interface.
              
              The main goal in this patch is to make it easy to ask for a duplicate
              compilation, and get back a duplicate result -- same source URL, same
              debugger / profiler ID, same toString behavior, etc.
              
              The basic unit of compilation and evaluation is now SourceCode, which
              encompasses a SourceProvider, a range in that provider, and a starting
              line number.
      
              A SourceProvider now encompasses a source URL, and *is* a source ID,
              since a pointer is a unique identifier.
      
              * API/JSBase.cpp:
              (JSEvaluateScript):
              (JSCheckScriptSyntax): Provide a SourceCode to the Interpreter, since
              other APIs are no longer supported.
              
              * VM/CodeBlock.h:
              (JSC::EvalCodeCache::get): Provide a SourceCode to the Interpreter, since
              other APIs are no longer supported.
              (JSC::CodeBlock::CodeBlock): ASSERT something that used to be ASSERTed
              by our caller -- this is a better bottleneck.
      
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::CodeGenerator): Updated for the fact that
              FunctionBodyNode's parameters are no longer a WTF::Vector.
      
              * kjs/Arguments.cpp:
              (JSC::Arguments::Arguments): ditto
      
              * kjs/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::evaluate): Provide a SourceCode to the Parser,
              since other APIs are no longer supported.
      
              * kjs/FunctionConstructor.cpp:
              (JSC::constructFunction): Provide a SourceCode to the Parser, since
              other APIs are no longer supported. Adopt FunctionBodyNode's new
              "finishParsing" API.
      
              * kjs/JSFunction.cpp:
              (JSC::JSFunction::lengthGetter):
              (JSC::JSFunction::getParameterName): Updated for the fact that
              FunctionBodyNode's parameters are no longer a wtf::Vector.
      
              * kjs/JSFunction.h: Nixed some cruft.
      
              * kjs/JSGlobalObjectFunctions.cpp:
              (JSC::globalFuncEval): Provide a SourceCode to the Parser, since
              other APIs are no longer supported. 
      
              * kjs/Parser.cpp:
              (JSC::Parser::parse): Require a SourceCode argument, instead of a bunch
              of broken out parameters. Stop tracking sourceId as an integer, since we
              use the SourceProvider pointer for this now. Don't clamp the
              startingLineNumber, since SourceCode does that now.
      
              * kjs/Parser.h:
              (JSC::Parser::parse): Standardized the parsing interface to require a
              SourceCode.
      
              * kjs/Shell.cpp:
              (functionRun):
              (functionLoad):
              (prettyPrintScript):
              (runWithScripts):
              (runInteractive): Provide a SourceCode to the Interpreter, since
              other APIs are no longer supported.
      
              * kjs/SourceProvider.h:
              (JSC::SourceProvider::SourceProvider):
              (JSC::SourceProvider::url):
              (JSC::SourceProvider::asId):
              (JSC::UStringSourceProvider::create):
              (JSC::UStringSourceProvider::UStringSourceProvider): Added new
              responsibilities described above.
      
              * kjs/SourceRange.h:
              (JSC::SourceCode::SourceCode):
              (JSC::SourceCode::toString):
              (JSC::SourceCode::provider):
              (JSC::SourceCode::firstLine):
              (JSC::SourceCode::data):
              (JSC::SourceCode::length): Added new responsibilities described above.
              Renamed SourceRange to SourceCode, based on review feedback. Added
              a makeSource function for convenience.
      
              * kjs/debugger.h: Provide a SourceCode to the client, since other APIs
              are no longer supported.
      
              * kjs/grammar.y: Provide startingLineNumber when creating a SourceCode.
      
              * kjs/debugger.h: Treat sourceId as intptr_t to avoid loss of precision
              on 64bit platforms.
      
              * kjs/interpreter.cpp:
              (JSC::Interpreter::checkSyntax):
              (JSC::Interpreter::evaluate):
              * kjs/interpreter.h: Require a SourceCode instead of broken out arguments.
      
              * kjs/lexer.cpp:
              (JSC::Lexer::setCode):
              * kjs/lexer.h:
              (JSC::Lexer::sourceRange): Fold together the SourceProvider and line number
              into a SourceCode. Fixed a bug where the Lexer would accidentally keep
              alive the last SourceProvider forever.
      
              * kjs/nodes.cpp:
              (JSC::ScopeNode::ScopeNode):
              (JSC::ProgramNode::ProgramNode):
              (JSC::ProgramNode::create):
              (JSC::EvalNode::EvalNode):
              (JSC::EvalNode::generateCode):
              (JSC::EvalNode::create):
              (JSC::FunctionBodyNode::FunctionBodyNode):
              (JSC::FunctionBodyNode::finishParsing):
              (JSC::FunctionBodyNode::create):
              (JSC::FunctionBodyNode::generateCode):
              (JSC::ProgramNode::generateCode):
              (JSC::FunctionBodyNode::paramString):
              * kjs/nodes.h:
              (JSC::ScopeNode::):
              (JSC::ScopeNode::sourceId):
              (JSC::FunctionBodyNode::):
              (JSC::FunctionBodyNode::parameterCount):
              (JSC::FuncExprNode::):
              (JSC::FuncDeclNode::): Store a SourceCode in all ScopeNodes, since
              SourceCode is now responsible for tracking URL, ID, etc. Streamlined
              some ad hoc FunctionBodyNode fixups into a "finishParsing" function, to
              help make clear what you need to do in order to finish parsing a
              FunctionBodyNode.
      
              * wtf/Vector.h:
              (WTF::::releaseBuffer): Don't ASSERT that releaseBuffer() is only called
              when buffer is not 0, since FunctionBodyNode is more than happy
              to get back a 0 buffer, and other functions like RefPtr::release() allow
              for 0, too.
      
      JavaScriptGlue:
      
      2008-10-01  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler and Cameron Zwarich.
      
              * JSRun.cpp:
              (JSRun::Evaluate):
              (JSRun::CheckSyntax): Provide a SourceCode to the Interpreter, since
              other APIs are no longer supported.
      
      WebCore:
      
      2008-10-01  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler and Cameron Zwarich.
      
              Updated for JavaScriptCore API changes: use a SourceCode instead of
              broken out parameters; treat sourceId as intptr_t.
      
              * ForwardingHeaders/kjs/SourceRange.h: Copied from ForwardingHeaders/kjs/SourceProvider.h.
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::send):
              * bindings/js/ScriptController.cpp:
              (WebCore::ScriptController::evaluate):
              * bindings/js/StringSourceProvider.h:
              (WebCore::StringSourceProvider::create):
              (WebCore::StringSourceProvider::StringSourceProvider):
      
              (WebCore::makeSource): Added a makeSource function for convenience.
      
              * bindings/objc/WebScriptObject.mm:
              (-[WebScriptObject evaluateWebScript:]):
              * bridge/NP_jsobject.cpp:
              (_NPN_Evaluate):
              * bridge/jni/jni_jsobject.mm:
              (JavaJSObject::call):
              (JavaJSObject::eval):
              (JavaJSObject::getMember):
              (JavaJSObject::setMember):
              (JavaJSObject::removeMember):
      
              * bridge/jni/jni_runtime.h:
              (JSC::Bindings::JavaString::operator UString): Replaced the explicit
              ustring() function with an implicit operator because this class already
              holds a UString::rep.
      
              * page/Console.cpp:
              (WebCore::retrieveLastCaller):
              (WebCore::Console::trace):
              * page/InspectorController.cpp:
              (WebCore::jsStringRef):
              (WebCore::InspectorController::addBreakpoint):
              (WebCore::InspectorController::removeBreakpoint):
              (WebCore::InspectorController::didParseSource):
              (WebCore::InspectorController::failedToParseSource):
              * page/InspectorController.h:
              * page/JavaScriptCallFrame.cpp:
              (WebCore::JavaScriptCallFrame::JavaScriptCallFrame):
              * page/JavaScriptCallFrame.h:
              (WebCore::JavaScriptCallFrame::create):
              (WebCore::JavaScriptCallFrame::sourceIdentifier):
              (WebCore::JavaScriptCallFrame::update):
              * page/JavaScriptDebugListener.h:
              * page/JavaScriptDebugServer.cpp:
              (WebCore::JavaScriptDebugServer::addBreakpoint):
              (WebCore::JavaScriptDebugServer::removeBreakpoint):
              (WebCore::JavaScriptDebugServer::hasBreakpoint):
              (WebCore::dispatchDidParseSource):
              (WebCore::dispatchFailedToParseSource):
              (WebCore::JavaScriptDebugServer::sourceParsed):
              (WebCore::JavaScriptDebugServer::callEvent):
              (WebCore::JavaScriptDebugServer::atStatement):
              (WebCore::JavaScriptDebugServer::returnEvent):
              (WebCore::JavaScriptDebugServer::exception):
              (WebCore::JavaScriptDebugServer::willExecuteProgram):
              (WebCore::JavaScriptDebugServer::didExecuteProgram):
              (WebCore::JavaScriptDebugServer::didReachBreakpoint):
              * page/JavaScriptDebugServer.h:
              * page/inspector/ScriptsPanel.js: Renamed internal uses of sourceId and 
              sourceIdentifier to sourceID.
      
      WebKit/mac:
      
      2008-10-01  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler and Cameron Zwarich.
      
              Updated for JavaScriptCore API changes: use a SourceCode instead of
              broken out parameters; treat sourceId as intptr_t.
              
              We still treat sourceId as int in some cases because of DashCode. See
              <rdar://problem/6263293> WebScriptDebugDelegate should use intptr_t for
              sourceId, not int.
      
              * WebView/WebScriptDebugger.h:
              * WebView/WebScriptDebugger.mm:
              (toNSString):
              (WebScriptDebugger::sourceParsed):
              (WebScriptDebugger::callEvent):
              (WebScriptDebugger::atStatement):
              (WebScriptDebugger::returnEvent):
              (WebScriptDebugger::exception):
              (WebScriptDebugger::willExecuteProgram):
              (WebScriptDebugger::didExecuteProgram):
              (WebScriptDebugger::didReachBreakpoint):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37184 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      69e9ccfb
  6. 01 Oct, 2008 1 commit
    • cwzwarich@webkit.org's avatar
      2008-10-01 Cameron Zwarich <zwarich@apple.com> · d082d3f5
      cwzwarich@webkit.org authored
              Reviewed by Darin Adler.
      
              Bug 21123: using "arguments" in a function should not force creation of an activation object
              <https://bugs.webkit.org/show_bug.cgi?id=21123>
      
              Make the 'arguments' object not require a JSActivation. We store the
              'arguments' object in the OptionalCalleeArguments call frame slot. We
              need to be able to get the original 'arguments' object to tear it off
              when returning from a function, but 'arguments' may be assigned to in a
              number of ways.
      
              Therefore, we use the OptionalCalleeArguments slot when we want to get
              the original activation or we know that 'arguments' was not assigned a
              different value. When 'arguments' may have been assigned a new value,
              we use a new local variable that is initialized with 'arguments'. Since
              a function parameter named 'arguments' may overwrite the value of
              'arguments', we also need to be careful to look up 'arguments' in the
              symbol table, so we get the parameter named 'arguments' instead of the
              local variable that we have added for holding the 'arguments' object.
      
              This is a 19.1% win on the V8 Raytrace benchmark using the SunSpider
              harness, and a 20.7% win using the V8 harness. This amounts to a 6.5%
              total speedup on the V8 benchmark suite using the V8 harness.
      
              JavaScriptCore:
      
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              * VM/CodeBlock.h:
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::CodeGenerator):
              * VM/Machine.cpp:
              (JSC::Machine::unwindCallFrame):
              (JSC::Machine::privateExecute):
              (JSC::Machine::retrieveArguments):
              (JSC::Machine::cti_op_init_arguments):
              (JSC::Machine::cti_op_ret_activation_arguments):
              * VM/Machine.h:
              * VM/RegisterFile.h:
              (JSC::RegisterFile::):
              * kjs/Arguments.cpp:
              (JSC::Arguments::mark):
              (JSC::Arguments::fillArgList):
              (JSC::Arguments::getOwnPropertySlot):
              (JSC::Arguments::put):
              * kjs/Arguments.h:
              (JSC::Arguments::setRegisters):
              (JSC::Arguments::init):
              (JSC::Arguments::Arguments):
              (JSC::Arguments::copyRegisters):
              (JSC::JSActivation::copyRegisters):
              * kjs/JSActivation.cpp:
              (JSC::JSActivation::argumentsGetter):
              * kjs/JSActivation.h:
              (JSC::JSActivation::JSActivationData::JSActivationData):
              * kjs/grammar.y:
              * kjs/nodes.h:
              (JSC::ScopeNode::setUsesArguments):
              * masm/X86Assembler.h:
              (JSC::X86Assembler::):
              (JSC::X86Assembler::orl_mr):
      
              LayoutTests:
      
              * fast/js/arguments-expected.txt:
              * fast/js/function-dot-arguments-expected.txt:
              * fast/js/resources/arguments.js:
              * fast/js/resources/function-dot-arguments.js:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37160 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d082d3f5
  7. 30 Sep, 2008 1 commit
    • darin@apple.com's avatar
      2008-09-30 Darin Adler <darin@apple.com> · c41f8ed8
      darin@apple.com authored
              Reviewed by Geoff Garen.
      
              - https://bugs.webkit.org/show_bug.cgi?id=21214
                work on getting rid of ExecState
      
              Replaced the m_prev field of ExecState with a bit in the
              call frame pointer to indicate "host" call frames.
      
              * VM/Machine.cpp:
              (JSC::makeHostCallFramePointer): Added. Sets low bit.
              (JSC::isHostCallFrame): Added. Checks low bit.
              (JSC::stripHostCallFrameBit): Added. Clears low bit.
              (JSC::Machine::unwindCallFrame): Replaced null check that was
              formerly used to detect host call frames with an isHostCallFrame check.
              (JSC::Machine::execute): Pass in a host call frame pointer rather than
              always passing 0 when starting execution from the host. This allows us
              to follow the entire call frame pointer chain when desired, or to stop
              at the host calls when that's desired.
              (JSC::Machine::privateExecute): Replaced null check that was
              formerly used to detect host call frames with an isHostCallFrame check.
              (JSC::Machine::retrieveCaller): Ditto.
              (JSC::Machine::retrieveLastCaller): Ditto.
              (JSC::Machine::callFrame): Removed the code to walk up m_prev pointers
              and replaced it with code that uses the caller pointer and uses the
              stripHostCallFrameBit function.
      
              * kjs/ExecState.cpp: Removed m_prev.
              * kjs/ExecState.h: Ditto.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37125 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c41f8ed8
  8. 29 Sep, 2008 5 commits
    • mjs@apple.com's avatar
      2008-09-29 Maciej Stachowiak <mjs@apple.com> · aaf4f5cb
      mjs@apple.com authored
              Reviewed by Darin Adler.
              
              - optimize appending a number to a string
              https://bugs.webkit.org/show_bug.cgi?id=21203
              
              It's pretty common in real-world code (and on some of the v8
              benchmarks) to append a number to a string, so I made this one of
              the fast cases, and also added support to UString to do it
              directly without allocating a temporary UString.
              
              ~1% speedup on v8 benchmark.
      
              * VM/Machine.cpp:
              (JSC::jsAddSlowCase): Make this NEVER_INLINE because somehow otherwise
              the change is a regression.
              (JSC::jsAdd): Handle number + string special case.
              (JSC::Machine::cti_op_add): Integrate much of the logic of jsAdd to
              avoid exception check in the str + str, num + num and str + num cases.
              * kjs/ustring.cpp:
              (JSC::expandedSize): Make this a non-member function, since it needs to be 
              called in non-member functions but not outside this file.
              (JSC::expandCapacity): Ditto.
              (JSC::UString::expandCapacity): Call the non-member version. 
              (JSC::createRep): Helper to make a rep from a char*.
              (JSC::UString::UString): Use above helper.
              (JSC::concatenate): Guts of concatenating constructor for cases where first
              item is a UString::Rep, and second is a UChar* and length, or a char*.
              (JSC::UString::append): Implement for cases where first item is a UString::Rep,
              and second is an int or double. Sadly duplicates logic of UString::from(int)
              and UString::from(double).
              * kjs/ustring.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37089 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      aaf4f5cb
    • darin@apple.com's avatar
      JavaScriptCore: · 8d35fe02
      darin@apple.com authored
      2008-09-29  Darin Adler  <darin@apple.com>
      
              Reviewed by Sam Weinig.
      
              - https://bugs.webkit.org/show_bug.cgi?id=21214
                work on getting rid of ExecState
      
              * JavaScriptCore.exp: Updated since JSGlobalObject::init
              no longer takes a parameter.
      
              * VM/Machine.cpp:
              (JSC::Machine::execute): Removed m_registerFile argument
              for ExecState constructors.
      
              * kjs/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::evaluate): Removed globalThisValue
              argument for ExecState constructor.
      
              * kjs/ExecState.cpp:
              (JSC::ExecState::ExecState): Removed globalThisValue and
              registerFile arguments to constructors.
      
              * kjs/ExecState.h: Removed m_globalThisValue and
              m_registerFile data members.
      
              * kjs/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::init): Removed globalThisValue
              argument for ExecState constructor.
      
              * kjs/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObject): Got rid of parameter
              for the init function.
      
      WebCore:
      
      2008-09-29  Darin Adler  <darin@apple.com>
      
              Reviewed by Sam Weinig.
      
              - https://bugs.webkit.org/show_bug.cgi?id=21214
                work on getting rid of ExecState
      
              * bindings/js/JSDOMWindowBase.cpp:
              (WebCore::JSDOMWindowBase::JSDOMWindowBase): Removed globalThisValue argument
              for base class constructor.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37088 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8d35fe02
    • ggaren@apple.com's avatar
      2008-09-29 Geoffrey Garen <ggaren@apple.com> · bbc53aee
      ggaren@apple.com authored
              Rubber-stamped by Cameron Zwarich.
              
              Fixed https://bugs.webkit.org/show_bug.cgi?id=21225
              Machine::retrieveLastCaller should check for a NULL codeBlock
              
              In order to crash, you would need to call retrieveCaller in a situation
              where you had two host call frames in a row in the register file. I
              don't know how to make that happen, or if it's even possible, so I don't
              have a test case -- but better safe than sorry!
      
              * VM/Machine.cpp:
              (JSC::Machine::retrieveLastCaller):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37087 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bbc53aee
    • ggaren@apple.com's avatar
      JavaScriptCore: · 0c677735
      ggaren@apple.com authored
      2008-09-29  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Cameron Zwarich.
              
              Store the callee ScopeChain, not the caller ScopeChain, in the call frame
              header. Nix the "scopeChain" local variable and ExecState::m_scopeChain, and
              access the callee ScopeChain through the call frame header instead.
      
              Profit: call + return are simpler, because they don't have to update the
              "scopeChain" local variable, or ExecState::m_scopeChain.
              
              Because CTI keeps "r" in a register, reading the callee ScopeChain relative
              to "r" can be very fast, in any cases we care to optimize.
      
              0% speedup on empty function call benchmark. (5.5% speedup in bytecode.)
              0% speedup on SunSpider. (7.5% speedup on controlflow-recursive.)
              2% speedup on SunSpider --v8.
              2% speedup on v8 benchmark.
      
              * VM/CTI.cpp: Changed scope chain access to read the scope chain from
              the call frame header. Sped up op_ret by changing it not to fuss with
              the "scopeChain" local variable or ExecState::m_scopeChain.
      
              * VM/CTI.h: Updated CTI trampolines not to take a ScopeChainNode*
              argument, since that's stored in the call frame header now.
      
              * VM/Machine.cpp: Access "scopeChain" and "codeBlock" through new helper
              functions that read from the call frame header. Updated functions operating
              on ExecState::m_callFrame to account for / take advantage of the fact that
              Exec:m_callFrame is now never NULL.
              
              Fixed a bug in op_construct, where it would use the caller's default
              object prototype, rather than the callee's, when constructing a new object.
      
              * VM/Machine.h: Made some helper functions available. Removed
              ScopeChainNode* arguments to a lot of functions, since the ScopeChainNode*
              is now stored in the call frame header.
      
              * VM/RegisterFile.h: Renamed "CallerScopeChain" to "ScopeChain", since
              that's what it is now.
      
              * kjs/DebuggerCallFrame.cpp: Updated for change to ExecState signature.
      
              * kjs/ExecState.cpp:
              * kjs/ExecState.h: Nixed ExecState::m_callFrame, along with the unused
              isGlobalObject function.
      
              * kjs/JSGlobalObject.cpp:
              * kjs/JSGlobalObject.h: Gave the global object a fake call frame in
              which to store the global scope chain, since our code now assumes that
              it can always read the scope chain out of the ExecState's call frame.
      
      JavaScriptGlue:
      
      2008-09-29  Geoffrey Garen  <ggaren@apple.com>
      
              Not reviewed.
              
              Forwarding headers to fix the build.
      
              * ForwardingHeaders/kjs/CTI.h: Copied from ForwardingHeaders/kjs/ExecState.h.
              * ForwardingHeaders/kjs/ustring.h: Copied from ForwardingHeaders/kjs/ExecState.h.
              * ForwardingHeaders/masm: Added.
              * ForwardingHeaders/masm/X86Assembler.h: Added.
              * ForwardingHeaders/profiler: Added.
              * ForwardingHeaders/profiler/Profiler.h: Added.
      
      LayoutTests:
      
      2008-09-29  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Cameron Zwarich.
              
              Test case for which prototype is used when calling "new" across windows.
      
              * fast/js/construct-global-object-expected.txt: Added.
              * fast/js/construct-global-object.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37086 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0c677735
    • cwzwarich@webkit.org's avatar
      2008-09-29 Cameron Zwarich <cwzwarich@uwaterloo.ca> · 2dc01d8d
      cwzwarich@webkit.org authored
              Reviewed by Sam Weinig.
      
              Remove the isActivationObject() virtual method on JSObject and use
              StructureID information instead. This should be slightly faster, but
              isActivationObject() is only used in assertions and unwinding the stack
              for exceptions.
      
              * VM/Machine.cpp:
              (JSC::depth):
              (JSC::Machine::unwindCallFrame):
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_ret_activation):
              * kjs/JSActivation.cpp:
              * kjs/JSActivation.h:
              * kjs/JSObject.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37068 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2dc01d8d
  9. 28 Sep, 2008 1 commit
    • cwzwarich@webkit.org's avatar
      2008-09-28 Cameron Zwarich <cwzwarich@uwaterloo.ca> · 9e464cad
      cwzwarich@webkit.org authored
              Reviewed by Maciej Stachowiak.
      
              Bug 21200: Allow direct access to 'arguments' without using op_resolve
              <https://bugs.webkit.org/show_bug.cgi?id=21200>
      
              Allow fast access to the 'arguments' object by adding an extra slot to
              the callframe to store it.
      
              * JavaScriptCore.exp:
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::CodeGenerator):
              (JSC::CodeGenerator::registerFor):
              * VM/CodeGenerator.h:
              (JSC::CodeGenerator::registerFor):
              * VM/Machine.cpp:
              (JSC::Machine::initializeCallFrame):
              (JSC::Machine::dumpRegisters):
              (JSC::Machine::privateExecute):
              (JSC::Machine::retrieveArguments):
              (JSC::Machine::cti_op_call_JSFunction):
              (JSC::Machine::cti_op_create_arguments):
              (JSC::Machine::cti_op_construct_JSConstruct):
              * VM/Machine.h:
              * VM/Opcode.h:
              * VM/RegisterFile.h:
              (JSC::RegisterFile::):
              * kjs/JSActivation.cpp:
              (JSC::JSActivation::mark):
              (JSC::JSActivation::argumentsGetter):
              * kjs/JSActivation.h:
              (JSC::JSActivation::JSActivationData::JSActivationData):
              * kjs/NodeInfo.h:
              * kjs/Parser.cpp:
              (JSC::Parser::didFinishParsing):
              * kjs/Parser.h:
              (JSC::Parser::parse):
              * kjs/grammar.y:
              * kjs/nodes.cpp:
              (JSC::ScopeNode::ScopeNode):
              (JSC::ProgramNode::ProgramNode):
              (JSC::ProgramNode::create):
              (JSC::EvalNode::EvalNode):
              (JSC::EvalNode::create):
              (JSC::FunctionBodyNode::FunctionBodyNode):
              (JSC::FunctionBodyNode::create):
              * kjs/nodes.h:
              (JSC::ScopeNode::usesArguments):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37050 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9e464cad
  10. 27 Sep, 2008 1 commit
    • ggaren@apple.com's avatar
      2008-09-27 Geoffrey Garen <ggaren@apple.com> · 91ec1d80
      ggaren@apple.com authored
              Reviewed by Cameron Zwarich.
              
              Store the callee CodeBlock, not the caller CodeBlock, in the call frame
              header. Nix the "codeBlock" local variable, and access the callee
              CodeBlock through the call frame header instead.
              
              Profit: call + return are simpler, because they don't have to update the
              "codeBlock" local variable.
              
              Because CTI keeps "r" in a register, reading the callee CodeBlock relative
              to "r" can be very fast, in any cases we care to optimize. Presently,
              no such cases seem important.
              
              Also, stop writing "dst" to the call frame header. CTI doesn't use it.
              
              21.6% speedup on empty function call benchmark.
              3.8% speedup on SunSpider --v8.
              2.1% speedup on v8 benchmark.
              0.7% speedup on SunSpider (6% speedup on controlflow-recursive).
              
              Small regression in bytecode, because currently every op_ret reads the
              callee CodeBlock to check needsFullScopeChain, and bytecode does not
              keep "r" in a register. On-balance, this is probably OK, since CTI is
              our high-performance execution model. Also, this should go away once
              we make needsFullScopeChain statically determinable at parse time.
      
              * VM/CTI.cpp:
              (JSC::CTI::compileOpCall): The speedup!
              (JSC::CTI::privateCompileSlowCases): ditto
      
              * VM/CTI.h:
              (JSC::): Fixed up magic trampoline constants to account for the nixed
              "codeBlock" argument.
              (JSC::CTI::execute): Changed trampoline function not to take a "codeBlock"
              argument, since codeBlock is now stored in the call frame header.
              
              * VM/Machine.cpp: Read the callee CodeBlock from the register file. Use
              a NULL CallerRegisters in the call frame header to signal a built-in
              caller, since CodeBlock is now never NULL.
      
              * VM/Machine.h: Made some stand-alone functions Machine member functions
              so they could call the private codeBlock() accessor in the Register
              class, of which Machine is a friend. Renamed "CallerCodeBlock" to
              "CodeBlock", since it's no longer the caller's CodeBlock.
      
              * VM/RegisterFile.h: Marked some methods const to accommodate a 
              const RegisterFile* being passed around in Machine.cpp.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36997 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      91ec1d80
  11. 26 Sep, 2008 3 commits
    • barraclough@apple.com's avatar
      2008-09-26 Gavin Barraclough <barraclough@apple.com> · b8b15e2d
      barraclough@apple.com authored
              Reviewed by Maciej Stachowiak & Oliver Hunt.
      
              Add support for reusing temporary JSNumberCells.  This change is based on the observation
              that if the result of certain operations is a JSNumberCell and is consumed by a subsequent
              operation that would produce a JSNumberCell, we can reuse the object rather than allocating
              a fresh one.  E.g. given the expression ((a * b) * c), we can statically determine that
              (a * b) will have a numeric result (or else it will have thrown an exception), so the result
              will either be a JSNumberCell or a JSImmediate.
      
              This patch changes three areas of JSC:
                  * The AST now tracks type information about the result of each node.
                  * This information is consumed in bytecode compilation, and certain bytecode operations
                    now carry the statically determined type information about their operands.
                  * CTI uses the information in a number of fashions:
                      * Where an operand to certain arithmetic operations is reusable, it will plant code
                        to try to perform the operation in JIT code & reuse the cell, where appropriate.
                      * Where it can be statically determined that an operand can only be numeric (typically
                        the result of another arithmetic operation) the code will not redundantly check that
                        the JSCell is a JSNumberCell.
                      * Where either of the operands to an add are non-numeric do not plant an optimized
                        arithmetic code path, just call straight out to the C function.
      
              +6% Sunspider (10% progression on 3D, 16% progression on math, 60% progression on access-nbody),
              +1% v8-tests (improvements in raytrace & crypto)
      
              * VM/CTI.cpp: Add optimized code generation with reuse of temporary JSNumberCells.
              * VM/CTI.h:
              * kjs/JSNumberCell.h:
              * masm/X86Assembler.h:
      
              * VM/CodeBlock.cpp: Add type information to specific bytecodes.
              * VM/CodeGenerator.cpp:
              * VM/CodeGenerator.h:
              * VM/Machine.cpp:
      
              * kjs/nodes.cpp: Track static type information for nodes.
              * kjs/nodes.h:
              * kjs/ResultDescriptor.h: (Added)
              * JavaScriptCore.xcodeproj/project.pbxproj:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36976 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b8b15e2d
    • ggaren@apple.com's avatar
      2008-09-26 Geoffrey Garen <ggaren@apple.com> · e5af6d55
      ggaren@apple.com authored
              Reviewed by Darin Adler.
              
              Reverted the part of r36614 that used static data because static data
              is not thread-safe.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36973 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e5af6d55
    • ggaren@apple.com's avatar
      2008-09-26 Geoffrey Garen <ggaren@apple.com> · a54a889a
      ggaren@apple.com authored
              Reviewed by Maciej Stachowiak.
              
              Removed dynamic check for whether the callee needs an activation object.
              Replaced with callee code to create the activation object.
      
              0.5% speedup on SunSpider.
              No change on v8 benchmark. (Might be a speedup, but it's in range of the
              variance.)
      
              0.7% speedup on v8 benchmark in bytecode.
              1.3% speedup on empty call benchmark in bytecode.
      
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass): Added support for op_init_activation,
              the new opcode that specifies that the callee's initialization should
              create an activation object.
              (JSC::CTI::privateCompile): Removed previous code that did a similar
              thing in an ad-hoc way.
      
              * VM/CodeBlock.cpp:
              (JSC::CodeBlock::dump): Added a case for dumping op_init_activation.
      
              * VM/CodeGenerator.cpp:
              (JSC::CodeGenerator::generate): Added fixup code to change op_init to
              op_init_activation if necessary. (With a better parser, we would know
              which to use from the beginning.)
      
              * VM/Instruction.h:
              (JSC::Instruction::Instruction):
              (WTF::): Faster traits for the instruction vector. An earlier version
              of this patch relied on inserting at the beginning of the vector, and
              depended on this change for speed.
      
              * VM/Machine.cpp:
              (JSC::Machine::execute): Removed clients of setScopeChain, the old
              abstraction for dynamically checking for whether an activation object
              needed to be created.
              (JSC::Machine::privateExecute): ditto
      
              (JSC::Machine::cti_op_push_activation): Renamed this function from
              cti_vm_updateScopeChain, and made it faster by removing the call to 
              setScopeChain.
              * VM/Machine.h:
      
              * VM/Opcode.h: Declared op_init_activation.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36972 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a54a889a
  12. 24 Sep, 2008 3 commits
    • mjs@apple.com's avatar
      2008-09-24 Maciej Stachowiak <mjs@apple.com> · 8ac54692
      mjs@apple.com authored
              Reviewed by Oliver Hunt.
              
              - inline JIT fast case of op_neq
              - remove extra level of function call indirection from slow cases of eq and neq
              
              1% speedup on Richards
      
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              (JSC::CTI::privateCompileSlowCases):
              * VM/Machine.cpp:
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_eq):
              (JSC::Machine::cti_op_neq):
              * kjs/operations.cpp:
              (JSC::equal):
              (JSC::equalSlowCase):
              * kjs/operations.h:
              (JSC::equalSlowCaseInline):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36876 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8ac54692
    • oliver@apple.com's avatar
      Bug 19968: Slow Script at www.huffingtonpost.com · d6eeeaad
      oliver@apple.com authored
      <https://bugs.webkit.org/show_bug.cgi?id=19968>
      
      Reviewed by Maciej Stachowiak
      
      Finally found the cause of this accursed issue.  It is triggered
      by synchronous creation of a new global object from JS.  The new
      global object resets the timer state in this execution group's
      Machine, taking timerCheckCount to 0.  Then when JS returns the
      timerCheckCount is decremented making it non-zero.  The next time
      we execute JS we will start the timeout counter, however the non-zero
      timeoutCheckCount means we don't reset the timer information. This
      means that the timeout check is now checking the cumulative time
      since the creation of the global object rather than the time since
      JS was last entered.  At this point the slow script dialog is guaranteed
      to eventually be displayed incorrectly unless a page is loaded
      asynchronously (which will reset everything into a sane state).
      
      The fix for this is rather trivial -- the JSGlobalObject constructor
      should not be resetting the machine timer state.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36843 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d6eeeaad
    • ggaren@apple.com's avatar
      JavaScriptCore: · 6ab1d0ce
      ggaren@apple.com authored
      2008-09-23  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
              
              Fixed https://bugs.webkit.org/show_bug.cgi?id=21038 | <rdar://problem/6240812>
              Uncaught exceptions in regex replace callbacks crash webkit
              
              This was a combination of two problems:
              
              (1) the replace function would continue execution after an exception
              had been thrown.
              
              (2) In some cases, the Machine would return 0 in the case of an exception,
              despite the fact that a few clients dereference the Machine's return
              value without first checking for an exception.
              
              * VM/Machine.cpp:
              (JSC::Machine::execute):
              
              ^ Return jsNull() instead of 0 in the case of an exception, since some
              clients depend on using our return value.
              
              ^ ASSERT that execution does not continue after an exception has been
              thrown, to help catch problems like this in the future.
      
              * kjs/StringPrototype.cpp:
              (JSC::stringProtoFuncReplace):
              
              ^ Stop execution if an exception has been thrown.
      
      LayoutTests:
      
      2008-09-23  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
              
              Test for https://bugs.webkit.org/show_bug.cgi?id=21038
              Uncaught exceptions in regex replace callbacks crash webkit
      
              * fast/js/string-replace-exception-crash-expected.txt: Added.
              * fast/js/string-replace-exception-crash.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36842 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6ab1d0ce
  13. 23 Sep, 2008 4 commits
    • ggaren@apple.com's avatar
      2008-09-23 Geoffrey Garen <ggaren@apple.com> · 107bd0eb
      ggaren@apple.com authored
              Reviewed by Darin Adler.
              
              Changed the layout of the call frame from
              
              { header, parameters, locals | constants, temporaries }
              
              to
              
              { parameters, header | locals, constants, temporaries }
              
              This simplifies function entry+exit, and enables a number of future
              optimizations.
              
              13.5% speedup on empty call benchmark for bytecode; 23.6% speedup on
              empty call benchmark for CTI.
              
              SunSpider says no change. SunSpider --v8 says 1% faster.
      
              * VM/CTI.cpp:
              
              Added a bit of abstraction for calculating whether a register is a
              constant, since this patch changes that calculation:
              (JSC::CTI::isConstant):
              (JSC::CTI::getConstant):
              (JSC::CTI::emitGetArg):
              (JSC::CTI::emitGetPutArg):
              (JSC::CTI::getConstantImmediateNumericArg):
      
              Updated for changes to callframe header location:
              (JSC::CTI::emitPutToCallFrameHeader):
              (JSC::CTI::emitGetFromCallFrameHeader):
              (JSC::CTI::printOpcodeOperandTypes):
              
              Renamed to spite Oliver:
              (JSC::CTI::emitInitRegister):
              
              Added an abstraction for emitting a call through a register, so that
              calls through registers generate exception info, too:
              (JSC::CTI::emitCall):
      
              Updated to match the new callframe header layout, and to support calls
              through registers, which have no destination address:
              (JSC::CTI::compileOpCall):
              (JSC::CTI::privateCompileMainPass):
              (JSC::CTI::privateCompileSlowCases):
              (JSC::CTI::privateCompile):
      
              * VM/CTI.h:
      
              More of the above:
              (JSC::CallRecord::CallRecord):
      
              * VM/CodeBlock.cpp:
      
              Updated for new register layout:
              (JSC::registerName):
              (JSC::CodeBlock::dump):
      
              * VM/CodeBlock.h:
              
              Updated CodeBlock to track slightly different information about the
              register frame, and tweaked the style of an ASSERT_NOT_REACHED.
              (JSC::CodeBlock::CodeBlock):
              (JSC::CodeBlock::getStubInfo):
      
              * VM/CodeGenerator.cpp:
              
              Added some abstraction around constant register allocation, since this
              patch changes it, changed codegen to account for the new callframe
              layout, and added abstraction around register fetching code
              that used to assume that all local registers lived at negative indices,
              since vars now live at positive indices:
              (JSC::CodeGenerator::generate):
              (JSC::CodeGenerator::addVar):
              (JSC::CodeGenerator::addGlobalVar):
              (JSC::CodeGenerator::allocateConstants):
              (JSC::CodeGenerator::CodeGenerator):
              (JSC::CodeGenerator::addParameter):
              (JSC::CodeGenerator::registerFor):
              (JSC::CodeGenerator::constRegisterFor):
              (JSC::CodeGenerator::newRegister):
              (JSC::CodeGenerator::newTemporary):
              (JSC::CodeGenerator::highestUsedRegister):
              (JSC::CodeGenerator::addConstant):
              
              ASSERT that our caller referenced the registers it passed to us.
              Otherwise, we might overwrite them with parameters:
              (JSC::CodeGenerator::emitCall):
              (JSC::CodeGenerator::emitConstruct):
      
              * VM/CodeGenerator.h:
              
              Added some abstraction for getting a RegisterID for a given index,
              since the rules are a little weird:
              (JSC::CodeGenerator::registerFor):
      
              * VM/Machine.cpp:
      
              Utility function to transform a machine return PC to a virtual machine
              return VPC, for the sake of stack unwinding, since both PCs are stored
              in the same location now:
              (JSC::vPCForPC):
      
              Tweaked to account for new call frame:
              (JSC::Machine::initializeCallFrame):
              
              Tweaked to account for registerOffset supplied by caller:
              (JSC::slideRegisterWindowForCall):
      
              Tweaked to account for new register layout:
              (JSC::scopeChainForCall):
              (JSC::Machine::callEval):
              (JSC::Machine::dumpRegisters):
              (JSC::Machine::unwindCallFrame):
              (JSC::Machine::execute):
      
              Changed op_call and op_construct to implement the new calling convention:
              (JSC::Machine::privateExecute):
      
              Tweaked to account for the new register layout:
              (JSC::Machine::retrieveArguments):
              (JSC::Machine::retrieveCaller):
              (JSC::Machine::retrieveLastCaller):
              (JSC::Machine::callFrame):
              (JSC::Machine::getArgumentsData):
      
              Changed CTI call helpers to implement the new calling convention:
              (JSC::Machine::cti_op_call_JSFunction):
              (JSC::Machine::cti_op_call_NotJSFunction):
              (JSC::Machine::cti_op_ret_activation):
              (JSC::Machine::cti_op_ret_profiler):
              (JSC::Machine::cti_op_construct_JSConstruct):
              (JSC::Machine::cti_op_construct_NotJSConstruct):
              (JSC::Machine::cti_op_call_eval):
      
              * VM/Machine.h:
      
              * VM/Opcode.h:
              
              Renamed op_initialise_locals to op_init, because this opcode
              doesn't initialize all locals, and it doesn't initialize only locals.
              Also, to spite Oliver.
              
              * VM/RegisterFile.h:
              
              New call frame enumeration values:
              (JSC::RegisterFile::):
      
              Simplified the calculation of whether a RegisterID is a temporary,
              since we can no longer assume that all positive non-constant registers
              are temporaries:
              * VM/RegisterID.h:
              (JSC::RegisterID::RegisterID):
              (JSC::RegisterID::setTemporary):
              (JSC::RegisterID::isTemporary):
      
              Renamed firstArgumentIndex to firstParameterIndex because the assumption
              that this variable pertained to the actual arguments supplied by the
              caller caused me to write some buggy code:
              * kjs/Arguments.cpp:
              (JSC::ArgumentsData::ArgumentsData):
              (JSC::Arguments::Arguments):
              (JSC::Arguments::fillArgList):
              (JSC::Arguments::getOwnPropertySlot):
              (JSC::Arguments::put):
      
              Updated for new call frame layout:
              * kjs/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::functionName):
              (JSC::DebuggerCallFrame::type):
              * kjs/DebuggerCallFrame.h:
      
              Changed the activation object to account for the fact that a call frame
              header now sits between parameters and local variables. This change
              requires all variable objects to do their own marking, since they
              now use their register storage differently:
              * kjs/JSActivation.cpp:
              (JSC::JSActivation::mark):
              (JSC::JSActivation::copyRegisters):
              (JSC::JSActivation::createArgumentsObject):
              * kjs/JSActivation.h:
      
              Updated global object to use the new interfaces required by the change
              to JSActivation above:
              * kjs/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::mark):
              (JSC::JSGlobalObject::copyGlobalsFrom):
              (JSC::JSGlobalObject::copyGlobalsTo):
              * kjs/JSGlobalObject.h:
              (JSC::JSGlobalObject::addStaticGlobals):
      
              Updated static scope object to use the new interfaces required by the 
              change to JSActivation above:
              * kjs/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::mark):
              (JSC::JSStaticScopeObject::~JSStaticScopeObject):
              * kjs/JSStaticScopeObject.h:
              (JSC::JSStaticScopeObject::JSStaticScopeObject):
              (JSC::JSStaticScopeObject::d):
      
              Updated variable object to use the new interfaces required by the 
              change to JSActivation above:
              * kjs/JSVariableObject.cpp:
              (JSC::JSVariableObject::copyRegisterArray):
              (JSC::JSVariableObject::setRegisters):
              * kjs/JSVariableObject.h:
      
              Changed the bit twiddling in symbol table not to assume that all indices
              are negative, since they can be positive now:
              * kjs/SymbolTable.h:
              (JSC::SymbolTableEntry::SymbolTableEntry):
              (JSC::SymbolTableEntry::isNull):
              (JSC::SymbolTableEntry::getIndex):
              (JSC::SymbolTableEntry::getAttributes):
              (JSC::SymbolTableEntry::setAttributes):
              (JSC::SymbolTableEntry::isReadOnly):
              (JSC::SymbolTableEntry::pack):
              (JSC::SymbolTableEntry::isValidIndex):
      
              Changed call and construct nodes to ref their functions and/or bases,
              so that emitCall/emitConstruct doesn't overwrite them with parameters.
              Also, updated for rename to registerFor:
              * kjs/nodes.cpp:
              (JSC::ResolveNode::emitCode):
              (JSC::NewExprNode::emitCode):
              (JSC::EvalFunctionCallNode::emitCode):
              (JSC::FunctionCallValueNode::emitCode):
              (JSC::FunctionCallResolveNode::emitCode):
              (JSC::FunctionCallBracketNode::emitCode):
              (JSC::FunctionCallDotNode::emitCode):
              (JSC::PostfixResolveNode::emitCode):
              (JSC::DeleteResolveNode::emitCode):
              (JSC::TypeOfResolveNode::emitCode):
              (JSC::PrefixResolveNode::emitCode):
              (JSC::ReadModifyResolveNode::emitCode):
              (JSC::AssignResolveNode::emitCode):
              (JSC::ConstDeclNode::emitCodeSingle):
              (JSC::ForInNode::emitCode):
      
              Added abstraction for getting exception info out of a call through a
              register:
              * masm/X86Assembler.h:
              (JSC::X86Assembler::emitCall):
              
              Removed duplicate #if:
              * wtf/Platform.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36821 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      107bd0eb
    • mjs@apple.com's avatar
      2008-09-23 Maciej Stachowiak <mjs@apple.com> · 173d2d61
      mjs@apple.com authored
              Reviewed by Camron Zwarich.
      
              - inline the fast case of instanceof
              https://bugs.webkit.org/show_bug.cgi?id=20818
      
              ~2% speedup on EarleyBoyer test.
              
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              (JSC::CTI::privateCompileSlowCases):
              * VM/Machine.cpp:
              (JSC::Machine::cti_op_instanceof):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36808 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      173d2d61
    • mjs@apple.com's avatar
      2008-09-23 Maciej Stachowiak <mjs@apple.com> · db29af29
      mjs@apple.com authored
              Reviewed by Cameron Zwarich.
      
              - inline the fast cases of !==, same as for ===
              
              2.9% speedup on EarleyBoyer benchmark
      
              * VM/CTI.cpp:
              (JSC::CTI::compileOpStrictEq): Factored stricteq codegen into this function,
              and parameterized so it can do the reverse version as well.
              (JSC::CTI::privateCompileMainPass): Use the above for stricteq and nstricteq.
              * VM/CTI.h:
              (JSC::CTI::): Declare above stuff.
              * VM/Machine.cpp:
              (JSC::Machine::cti_op_nstricteq): Removed fast cases, now handled inline.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36805 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      db29af29
    • mjs@apple.com's avatar
      JavaScriptCore: · a6dc93d6
      mjs@apple.com authored
      2008-09-23  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Darin.
      
              - speed up instanceof some more
              https://bugs.webkit.org/show_bug.cgi?id=20818
              
              ~2% speedup on EarleyBoyer
      
              The idea here is to record in the StructureID whether the class
              needs a special hasInstance or if it can use the normal logic from
              JSObject. 
              
              Based on this I inlined the real work directly into
              cti_op_instanceof and put the fastest checks up front and the
              error handling at the end (so it should be fairly straightforward
              to split off the beginning to be inlined if desired).
      
              I only did this for CTI, not the bytecode interpreter.
              
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObject::createStructureID):
              * ChangeLog:
              * VM/Machine.cpp:
              (JSC::Machine::cti_op_instanceof):
              * kjs/JSImmediate.h:
              (JSC::JSImmediate::isAnyImmediate):
              * kjs/TypeInfo.h:
              (JSC::TypeInfo::overridesHasInstance):
              (JSC::TypeInfo::flags):
      
      WebCore:
      
      2008-09-23  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Darin.
      
              - speed up instanceof some more
              https://bugs.webkit.org/show_bug.cgi?id=20818
      
              ~2% speedup on EarleyBoyer
      
              (WebCore updates.)
              
              * bindings/js/JSQuarantinedObjectWrapper.h:
              (WebCore::JSQuarantinedObjectWrapper::createStructureID):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36802 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a6dc93d6
  14. 22 Sep, 2008 2 commits
    • mjs@apple.com's avatar
      JavaScriptCore: · 221b4757
      mjs@apple.com authored
      2008-09-22  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Cameron Zwarich.
              
              - speed up instanceof operator by replacing implementsHasInstance method with a TypeInfo flag
      
              Partial work towards <https://bugs.webkit.org/show_bug.cgi?id=20818>
              
              2.2% speedup on EarleyBoyer benchmark.
      
              * API/JSCallbackConstructor.cpp:
              * API/JSCallbackConstructor.h:
              (JSC::JSCallbackConstructor::createStructureID):
              * API/JSCallbackFunction.cpp:
              * API/JSCallbackFunction.h:
              (JSC::JSCallbackFunction::createStructureID):
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObject::createStructureID):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::hasInstance):
              * API/JSValueRef.cpp:
              (JSValueIsInstanceOfConstructor):
              * JavaScriptCore.exp:
              * VM/Machine.cpp:
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_instanceof):
              * kjs/InternalFunction.cpp:
              * kjs/InternalFunction.h:
              (JSC::InternalFunction::createStructureID):
              * kjs/JSObject.cpp:
              * kjs/JSObject.h:
              * kjs/TypeInfo.h:
              (JSC::TypeInfo::implementsHasInstance):
      
      WebCore:
      
      2008-09-22  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Cameron Zwarich.
      
              - speed up instanceof operator by replacing implementsHasInstance method with a TypeInfo flag
      
              Partial work towards <https://bugs.webkit.org/show_bug.cgi?id=20818>
              
              2.2% speedup on EarleyBoyer benchmark.
      
              * bindings/js/JSQuarantinedObjectWrapper.cpp:
              * bindings/js/JSQuarantinedObjectWrapper.h:
              (WebCore::JSQuarantinedObjectWrapper::createStructureID):
              * bindings/scripts/CodeGeneratorJS.pm:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36766 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      221b4757
    • mjs@apple.com's avatar
      JavaScriptCore: · a173abd0
      mjs@apple.com authored
      2008-09-22  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Dave Hyatt.
              
              Based on initial work by Darin Adler.
              
              - replace masqueradesAsUndefined virtual method with a flag in TypeInfo
              - use this to JIT inline code for eq_null and neq_null
              https://bugs.webkit.org/show_bug.cgi?id=20823
      
              0.5% speedup on SunSpider
              ~4% speedup on Richards benchmark
              
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              * VM/Machine.cpp:
              (JSC::jsTypeStringForValue):
              (JSC::jsIsObjectType):
              (JSC::Machine::privateExecute):
              (JSC::Machine::cti_op_is_undefined):
              * VM/Machine.h:
              * kjs/JSCell.h:
              * kjs/JSValue.h:
              * kjs/StringObjectThatMasqueradesAsUndefined.h:
              (JSC::StringObjectThatMasqueradesAsUndefined::create):
              (JSC::StringObjectThatMasqueradesAsUndefined::createStructureID):
              * kjs/StructureID.h:
              (JSC::StructureID::mutableTypeInfo):
              * kjs/TypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              (JSC::TypeInfo::masqueradesAsUndefined):
              * kjs/operations.cpp:
              (JSC::equal):
              * masm/X86Assembler.h:
              (JSC::X86Assembler::):
              (JSC::X86Assembler::setne_r):
              (JSC::X86Assembler::setnz_r):
              (JSC::X86Assembler::testl_i32m):
      
      WebCore:
      
      2008-09-22  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Dave Hyatt.
      
              Based on initial work by Darin Adler.
              
              - replace masqueradesAsUndefined virtual method with a flag in TypeInfo
              - use this to JIT inline code for eq_null and neq_null
              https://bugs.webkit.org/show_bug.cgi?id=20823
              
              * WebCore.xcodeproj/project.pbxproj:
              * WebCore.vcproj/WebCore.vcproj:
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::nameGetter):
              * bindings/js/JSHTMLAllCollection.cpp: Added.
              (WebCore::):
              * bindings/js/JSHTMLAllCollection.h:
              (WebCore::JSHTMLAllCollection::createStructureID):
              (WebCore::JSHTMLAllCollection::toBoolean):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36764 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a173abd0
  15. 21 Sep, 2008 3 commits
    • mjs@apple.com's avatar
      JavaScriptCore: · 52b6760c
      mjs@apple.com authored
      2008-09-21  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Darin.
              
              - introduce a TypeInfo class, for holding per-type (in the C++ class sense) date in StructureID
              https://bugs.webkit.org/show_bug.cgi?id=20981
      
              * JavaScriptCore.exp:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * VM/CTI.cpp:
              (JSC::CTI::privateCompileMainPass):
              (JSC::CTI::privateCompilePutByIdTransition):
              * VM/Machine.cpp:
              (JSC::jsIsObjectType):
              (JSC::Machine::Machine):
              * kjs/AllInOneFile.cpp:
              * kjs/JSCell.h:
              (JSC::JSCell::isObject):
              (JSC::JSCell::isString):
              * kjs/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              * kjs/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              * kjs/JSGlobalObject.h:
              (JSC::StructureID::prototypeForLookup):
              * kjs/JSNumberCell.h:
              (JSC::JSNumberCell::createStructureID):
              * kjs/JSObject.cpp:
              (JSC::JSObject::createInheritorID):
              * kjs/JSObject.h:
              (JSC::JSObject::createStructureID):
              * kjs/JSString.h:
              (JSC::JSString::createStructureID):
              * kjs/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              * kjs/RegExpConstructor.cpp:
              * kjs/RegExpMatchesArray.h: Added.
              (JSC::RegExpMatchesArray::getOwnPropertySlot):
              (JSC::RegExpMatchesArray::put):
              (JSC::RegExpMatchesArray::deleteProperty):
              (JSC::RegExpMatchesArray::getPropertyNames):
              * kjs/StructureID.cpp:
              (JSC::StructureID::StructureID):
              (JSC::StructureID::addPropertyTransition):
              (JSC::StructureID::toDictionaryTransition):
              (JSC::StructureID::changePrototypeTransition):
              (JSC::StructureID::getterSetterTransition):
              * kjs/StructureID.h:
              (JSC::StructureID::create):
              (JSC::StructureID::typeInfo):
              * kjs/TypeInfo.h: Added.
              (JSC::TypeInfo::TypeInfo):
              (JSC::TypeInfo::type):
      
      WebCore:
      
      2008-09-21  Maciej Stachowiak  <mjs@apple.com>
      
              Reviewed by Darin.
      
              - introduce a TypeInfo class, for holding per-type (in the C++ class sense) date in StructureID
              https://bugs.webkit.org/show_bug.cgi?id=20981
              
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::JSAudioConstructor::JSAudioConstructor):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::nameGetter):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::createDOMStructure):
              * bindings/js/JSDOMBinding.h:
              (WebCore::getDOMStructure):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSEventTargetNode.cpp:
              (WebCore::JSEventTargetNode::createPrototype):
              * bindings/js/JSHTMLOptionElementConstructor.cpp:
              (WebCore::JSHTMLOptionElementConstructor::JSHTMLOptionElementConstructor):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::JSImageConstructor::JSImageConstructor):
              * bindings/js/JSXMLHttpRequestConstructor.cpp:
              (WebCore::JSXMLHttpRequestConstructor::JSXMLHttpRequestConstructor):
              * bindings/js/JSXSLTProcessorConstructor.cpp:
              (WebCore::JSXSLTProcessorConstructor::JSXSLTProcessorConstructor):
              * bindings/scripts/CodeGeneratorJS.pm:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36755 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      52b6760c
    • darin@apple.com's avatar
      2008-09-21 Darin Adler <darin@apple.com> · 71610918
      darin@apple.com authored
              Reviewed by Maciej Stachowiak.
      
              - https://bugs.webkit.org/show_bug.cgi?id=20975
                inline immediate-number case of ==
      
              * VM/CTI.h: Renamed emitJumpSlowCaseIfNotImm to
              emitJumpSlowCaseIfNotImmNum, since the old name was incorrect.
      
              * VM/CTI.cpp: Updated for new name.
              (JSC::CTI::privateCompileMainPass): Added op_eq.
              (JSC::CTI::privateCompileSlowCases): Added op_eq.
      
              * VM/Machine.cpp:
              (JSC::Machine::cti_op_eq): Removed fast case, since it's now
              compiled.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36746 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      71610918
    • mjs@apple.com's avatar
      2008-09-21 Maciej Stachowiak <mjs@apple.com> · 4032873b
      mjs@apple.com authored
              Reviewed by Oliver.
              
              - speed up === operator by generating inline machine code for the fast paths
              https://bugs.webkit.org/show_bug.cgi?id=20820
      
              * VM/CTI.cpp:
              (JSC::CTI::emitJumpSlowCaseIfNotImmediateNumber):
              (JSC::CTI::emitJumpSlowCaseIfNotImmediateNumbers):
              (JSC::CTI::emitJumpSlowCaseIfNotImmediates):
              (JSC::CTI::emitTagAsBoolImmediate):
              (JSC::CTI::privateCompileMainPass):
              (JSC::CTI::privateCompileSlowCases):
              * VM/CTI.h:
              * VM/Machine.cpp:
              (JSC::Machine::cti_op_stricteq):
              * masm/X86Assembler.h:
              (JSC::X86Assembler::):
              (JSC::X86Assembler::sete_r):
              (JSC::X86Assembler::setz_r):
              (JSC::X86Assembler::movzbl_rr):
              (JSC::X86Assembler::emitUnlinkedJnz):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36738 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4032873b
  16. 20 Sep, 2008 2 commits
    • mjs@apple.com's avatar
      2008-09-20 Maciej Stachowiak <mjs@apple.com> · 436e591e
      mjs@apple.com authored
              Reviewed by Darin.
              
              - assorted optimizations to === and !== operators
              (work towards <https://bugs.webkit.org/show_bug.cgi?id=20820>)
              
              2.5% speedup on earley-boyer test
      
              * VM/Machine.cpp:
              (JSC::Machine::cti_op_stricteq): Use inline version of
              strictEqualSlowCase; remove unneeded exception check.
              (JSC::Machine::cti_op_nstricteq): ditto
              * kjs/operations.cpp:
              (JSC::strictEqual): Use strictEqualSlowCaseInline
              (JSC::strictEqualSlowCase): ditto
              * kjs/operations.h:
              (JSC::strictEqualSlowCaseInline): Version of strictEqualSlowCase that can be inlined,
              since the extra function call indirection is a lose for CTI.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36727 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      436e591e
    • darin@apple.com's avatar
      JavaScriptCore: · 8281d838
      darin@apple.com authored
      2008-09-20  Darin Adler  <darin@apple.com>
      
              Reviewed by Maciej Stachowiak.
      
              - finish https://bugs.webkit.org/show_bug.cgi?id=20858
                make each distinct C++ class get a distinct JSC::Structure
      
              This also includes some optimizations that make the change an overall
              small speedup. Without those it was a bit of a slowdown.
      
              * API/JSCallbackConstructor.cpp:
              (JSC::JSCallbackConstructor::JSCallbackConstructor): Take a structure.
              * API/JSCallbackConstructor.h: Ditto.
              * API/JSCallbackFunction.cpp:
              (JSC::JSCallbackFunction::JSCallbackFunction): Pass a structure.
              * API/JSCallbackObject.h: Take a structure.
              * API/JSCallbackObjectFunctions.h:
              (JSC::JSCallbackObject::JSCallbackObject): Ditto.
      
              * API/JSClassRef.cpp:
              (OpaqueJSClass::prototype): Pass in a structure. Call setPrototype
              if there's a custom prototype involved.
              * API/JSObjectRef.cpp:
              (JSObjectMake): Ditto.
              (JSObjectMakeConstructor): Pass in a structure.
      
              * JavaScriptCore.exp: Updated.
      
              * VM/Machine.cpp:
              (JSC::jsLess): Added a special case for when both arguments are strings.
              This avoids converting both strings to with UString::toDouble.
              (JSC::jsLessEq): Ditto.
              (JSC::Machine::privateExecute): Pass in a structure.
              (JSC::Machine::cti_op_construct_JSConstruct): Ditto.
              (JSC::Machine::cti_op_new_regexp): Ditto.
              (JSC::Machine::cti_op_is_string): Ditto.
              * VM/Machine.h: Made isJSString public so it can be used in the CTI.
      
              * kjs/Arguments.cpp:
              (JSC::Arguments::Arguments): Pass in a structure.
      
              * kjs/JSCell.h: Mark constructor explicit.
      
              * kjs/JSGlobalObject.cpp:
              (JSC::markIfNeeded): Added an overload for marking structures.
              (JSC::JSGlobalObject::reset): Eliminate code to set data members to
              zero. We now do that in the constructor, and we no longer use this
              anywhere except in the constructor. Added code to create structures.
              Pass structures rather than prototypes when creating objects.
              (JSC::JSGlobalObject::mark): Mark the structures.
      
              * kjs/JSGlobalObject.h: Removed unneeded class declarations.
              Added initializers for raw pointers in JSGlobalObjectData so
              everything starts with a 0. Added structure data and accessor
              functions.
      
              * kjs/JSImmediate.cpp:
              (JSC::JSImmediate::nonInlineNaN): Added.
              * kjs/JSImmediate.h:
              (JSC::JSImmediate::toDouble): Rewrote to avoid PIC branches.
      
              * kjs/JSNumberCell.cpp:
              (JSC::jsNumberCell): Made non-inline to avoid PIC branches
              in functions that call this one.
              (JSC::jsNaN): Ditto.
              * kjs/JSNumberCell.h: Ditto.
      
              * kjs/JSObject.h: Removed constructor that takes a prototype.
              All callers now pass structures.
      
              * kjs/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * kjs/ArrayConstructor.h:
              * kjs/ArrayPrototype.cpp:
              (JSC::ArrayPrototype::ArrayPrototype):
              * kjs/ArrayPrototype.h:
              * kjs/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              (JSC::constructBoolean):
              (JSC::constructBooleanFromImmediateBoolean):
              * kjs/BooleanConstructor.h:
              * kjs/BooleanObject.cpp:
              (JSC::BooleanObject::BooleanObject):
              * kjs/BooleanObject.h:
              * kjs/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * kjs/BooleanPrototype.h:
              * kjs/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              (JSC::constructDate):
              * kjs/DateConstructor.h:
              * kjs/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * kjs/DateInstance.h:
              * kjs/DatePrototype.cpp:
              (JSC::DatePrototype::DatePrototype):
              * kjs/DatePrototype.h:
              * kjs/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              (JSC::constructError):
              * kjs/ErrorConstructor.h:
              * kjs/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              * kjs/ErrorInstance.h:
              * kjs/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * kjs/ErrorPrototype.h:
              * kjs/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * kjs/FunctionConstructor.h:
              * kjs/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              (JSC::FunctionPrototype::addFunctionProperties):
              * kjs/FunctionPrototype.h:
              * kjs/GlobalEvalFunction.cpp:
              (JSC::GlobalEvalFunction::GlobalEvalFunction):
              * kjs/GlobalEvalFunction.h:
              * kjs/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * kjs/InternalFunction.h:
              (JSC::InternalFunction::InternalFunction):
              * kjs/JSArray.cpp:
              (JSC::JSArray::JSArray):
              (JSC::constructEmptyArray):
              (JSC::constructArray):
              * kjs/JSArray.h:
              * kjs/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              (JSC::JSFunction::construct):
              * kjs/JSObject.cpp:
              (JSC::constructEmptyObject):
              * kjs/JSString.cpp:
              (JSC::StringObject::create):
              * kjs/JSWrapperObject.h:
              * kjs/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * kjs/MathObject.h:
              * kjs/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              (JSC::NativeErrorConstructor::construct):
              * kjs/NativeErrorConstructor.h:
              * kjs/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * kjs/NativeErrorPrototype.h:
              * kjs/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              (JSC::constructWithNumberConstructor):
              * kjs/NumberConstructor.h:
              * kjs/NumberObject.cpp:
              (JSC::NumberObject::NumberObject):
              (JSC::constructNumber):
              (JSC::constructNumberFromImmediateNumber):
              * kjs/NumberObject.h:
              * kjs/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * kjs/NumberPrototype.h:
              * kjs/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              (JSC::constructObject):
              * kjs/ObjectConstructor.h:
              * kjs/ObjectPrototype.cpp:
              (JSC::ObjectPrototype::ObjectPrototype):
              * kjs/ObjectPrototype.h:
              * kjs/PrototypeFunction.cpp:
              (JSC::PrototypeFunction::PrototypeFunction):
              * kjs/PrototypeFunction.h:
              * kjs/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              (JSC::RegExpMatchesArray::RegExpMatchesArray):
              (JSC::constructRegExp):
              * kjs/RegExpConstructor.h:
              * kjs/RegExpObject.cpp:
              (JSC::RegExpObject::RegExpObject):
              * kjs/RegExpObject.h:
              * kjs/RegExpPrototype.cpp:
              (JSC::RegExpPrototype::RegExpPrototype):
              * kjs/RegExpPrototype.h:
              * kjs/Shell.cpp:
              (GlobalObject::GlobalObject):
              * kjs/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              (JSC::constructWithStringConstructor):
              * kjs/StringConstructor.h:
              * kjs/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * kjs/StringObject.h:
              * kjs/StringObjectThatMasqueradesAsUndefined.h:
              (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
              * kjs/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * kjs/StringPrototype.h:
              Take and pass structures.
      
      WebCore:
      
      2008-09-20  Darin Adler  <darin@apple.com>
      
              Reviewed by Maciej Stachowiak.
      
              - finish https://bugs.webkit.org/show_bug.cgi?id=20858
                make each distinct C++ class get a distinct JSC::Structure
      
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::nameGetter): Pass in a structure
              ID. Note that this makes a new structure every time -- we could
              optimize this slightly be caching and reusing a single one.
      
              * bridge/runtime_method.cpp:
              (JSC::RuntimeMethod::RuntimeMethod): Create a unique structure using
              getDOMStructure.
              * bridge/runtime_method.h:
              (JSC::RuntimeMethod::createPrototype): Added createPrototype so
              getDOMStructure will work.
      
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell): Initialize m_window to
              0; needed in case garbage collection happens while creating the
              JSDOMWindow.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36726 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8281d838
  17. 19 Sep, 2008 1 commit
    • oliver@apple.com's avatar
      Improve peformance of local variable initialisation. · ecfd2241
      oliver@apple.com authored
      Reviewed by Maciej Stachowiak
      
      Pull local and constant initialisation out of slideRegisterWindowForCall
      and into its own opcode.  This allows the JIT to generate the initialisation
      code for a function directly into the instruction stream and so avoids a few
      branches on function entry.
      
      Results a 1% progression in SunSpider, particularly in a number of the bitop
      tests where the called functions are very fast.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@36695 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ecfd2241