GitLab

* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: Don't build 64-bit assembly in 32-bit build.
Also correct 'filters' file so that files appear in categories that match their on-disk locations.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155123 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120725

Source/JavaScriptCore: 

Reviewed by Geoffrey Garen.
        
Add the timeout logic directly to 'jsc' because that's easier to do than
writing shell/perl code for it.

* jsc.cpp:
(timeoutThreadMain):
(main):

Tools: 

Reviewed by Geoffrey Garen.
        
Set the timeout to 20 seconds per test for now.

* Scripts/run-javascriptcore-tests:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155098 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120723

Source/JavaScriptCore: 

Reviewed by Geoffrey Garen.
        
* runtime/TestRunnerUtils.cpp:
(JSC::numberOfDFGCompiles): This should also handle constructors.

LayoutTests: 

Reviewed by Geoffrey Garen.
        
Add dfgShouldBe(), a handy function that covers a lot of common cases.
Also convert a bunch of tests.

* fast/js/dfg-activation-register-overwritten-in-throw-expected.txt:
* fast/js/dfg-add-not-number-expected.txt:
* fast/js/dfg-allocation-profile-watch-point-exit-expected.txt:
* fast/js/dfg-arguments-alias-escape-expected.txt:
* fast/js/dfg-arguments-cross-code-origin-expected.txt:
* fast/js/dfg-arguments-mixed-alias-expected.txt:
* fast/js/dfg-arguments-strict-mode-expected.txt:
* fast/js/dfg-arguments-unexpected-escape-expected.txt:
* fast/js/dfg-array-dead-expected.txt:
* fast/js/dfg-array-length-dead-expected.txt:
* fast/js/dfg-array-pop-value-clearing-expected.txt:
* fast/js/dfg-array-push-bad-time-expected.txt:
* fast/js/dfg-array-push-slow-put-expected.txt:
* fast/js/dfg-arrayify-when-late-prevent-extensions-expected.txt:
* fast/js/dfg-arrayify-when-prevent-extensions-expected.txt:
* fast/js/dfg-bool-to-int32-reuse-expected.txt:
* fast/js/jsc-test-list:
* fast/js/resources/js-test-pre.js:
(dfgShouldBe):
* fast/js/resources/standalone-pre.js:
(dfgShouldBe):
* fast/js/script-tests/dfg-activation-register-overwritten-in-throw.js:
(g):
* fast/js/script-tests/dfg-add-not-number.js:
* fast/js/script-tests/dfg-allocation-profile-watch-point-exit.js:
(foo):
* fast/js/script-tests/dfg-arguments-alias-escape.js:
* fast/js/script-tests/dfg-arguments-cross-code-origin.js:
* fast/js/script-tests/dfg-arguments-mixed-alias.js:
* fast/js/script-tests/dfg-arguments-strict-mode.js:
* fast/js/script-tests/dfg-arguments-unexpected-escape.js:
* fast/js/script-tests/dfg-array-dead.js:
* fast/js/script-tests/dfg-array-length-dead.js:
* fast/js/script-tests/dfg-array-pop-value-clearing.js:
* fast/js/script-tests/dfg-array-push-bad-time.js:
* fast/js/script-tests/dfg-array-push-slow-put.js:
* fast/js/script-tests/dfg-arrayify-when-late-prevent-extensions.js:
* fast/js/script-tests/dfg-arrayify-when-prevent-extensions.js:
* fast/js/script-tests/dfg-bool-to-int32-reuse.js:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155096 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120697

Reviewed by Mark Hahnenberg.

Source/JavaScriptCore: 

* API/JSCTestRunnerUtils.cpp:
(JSC::numberOfDFGCompiles):
(JSC::setNeverInline):
* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* jsc.cpp:
(GlobalObject::finishCreation):
(functionNeverInlineFunction):
(functionNumberOfDFGCompiles):
* runtime/TestRunnerUtils.cpp: Added.
(JSC::getExecutable):
(JSC::numberOfDFGCompiles):
(JSC::setNeverInline):
* runtime/TestRunnerUtils.h: Added.

LayoutTests: 

* fast/js/resources/standalone-pre.js:
(testPassed):
(testFailed):
(dfgCompiled):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155090 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120706.

Reviewed by Geoffrey Garen.

Source/JavaScriptCore: 

Also did some minor refactoring:
- Renamed StackIterator::iterate() to StackVisitor::visit().
- Make StackVisitor::visit() a static method.
- Move the instantiation of the StackVisitor instance into StackVisitor::visit()
  from CallFrame::iterate().
- Removed StackIterator::resetIterator() and inline its body into the
  StackVisitor constructor since this is the only remaining caller of it.

* API/JSContextRef.cpp:
(BacktraceFunctor::operator()):
* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* interpreter/CallFrame.h:
(JSC::ExecState::iterate):
* interpreter/Interpreter.cpp:
(JSC::DumpRegisterFunctor::operator()):
(JSC::unwindCallFrame):
(JSC::getStackFrameCodeType):
(JSC::GetStackTraceFunctor::operator()):
(JSC::UnwindFunctor::operator()):
* interpreter/Interpreter.h:
* interpreter/StackIterator.cpp: Removed.
* interpreter/StackIterator.h: Removed.
* interpreter/StackVisitor.cpp: Copied from Source/JavaScriptCore/interpreter/StackIterator.cpp.
(JSC::StackVisitor::StackVisitor):
(JSC::StackVisitor::gotoNextFrame):
(JSC::StackVisitor::readFrame):
(JSC::StackVisitor::readNonInlinedFrame):
(JSC::StackVisitor::readInlinedFrame):
(JSC::StackVisitor::Frame::codeType):
(JSC::StackVisitor::Frame::functionName):
(JSC::StackVisitor::Frame::sourceURL):
(JSC::StackVisitor::Frame::toString):
(JSC::StackVisitor::Frame::arguments):
(JSC::StackVisitor::Frame::computeLineAndColumn):
(JSC::StackVisitor::Frame::retrieveExpressionInfo):
(JSC::StackVisitor::Frame::setToEnd):
(JSC::StackVisitor::Frame::print):
(DebugPrintFrameFunctor::operator()):
* interpreter/StackVisitor.h: Copied from Source/JavaScriptCore/interpreter/StackIterator.h.
(JSC::StackVisitor::visit):
* jsc.cpp:
(FunctionJSCStackFunctor::operator()):
* profiler/ProfileGenerator.cpp:
(JSC::AddParentForConsoleStartFunctor::operator()):
* runtime/JSFunction.cpp:
(JSC::RetrieveArgumentsFunctor::operator()):
(JSC::RetrieveCallerFunctionFunctor::operator()):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::GlobalFuncProtoGetterFunctor::operator()):
(JSC::GlobalFuncProtoSetterFunctor::operator()):
* runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructorGetPrototypeOfFunctor::operator()):

Source/WebCore: 

No new tests.

* ForwardingHeaders/interpreter/StackIterator.h: Removed.
* ForwardingHeaders/interpreter/StackVisitor.h: Copied from Source/WebCore/ForwardingHeaders/interpreter/StackIterator.h.
* bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::SendFunctor::operator()):
* bindings/js/ScriptCallStackFactory.cpp:
(WebCore::CreateScriptCallStackFunctor::operator()):
(WebCore::CreateScriptCallStackForConsoleFunctor::operator()):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155081 268f45cc-cd09-0410-ab3c-d52691b4dbfc

* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* WebCore.vcxproj/WebCore.vcxproj:
* WebCore.vcxproj/WebCore.vcxproj.filters:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120695.

Reviewed by Geoffrey Garen.

Source/JavaScriptCore: 

Introduce CallFrame::iterate() which instantiates a StackIterator and
invoke its iterate() method with the passed in functor. The only place
where the client code gets access to the StackIterator now is as an
argument to the client's functor.

* API/JSContextRef.cpp:
(JSContextCreateBacktrace):
* interpreter/CallFrame.cpp:
* interpreter/CallFrame.h:
(JSC::ExecState::iterate):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::dumpRegisters):
(JSC::Interpreter::getStackTrace):
(JSC::Interpreter::unwind):
* interpreter/StackIterator.cpp:
(JSC::StackIterator::StackIterator):
(DebugPrintFrameFunctor::DebugPrintFrameFunctor):
(DebugPrintFrameFunctor::operator()):
(debugPrintCallFrame):
(debugPrintStack):
* interpreter/StackIterator.h:
(JSC::StackIterator::iterate):
* jsc.cpp:
(functionJSCStack):
* profiler/ProfileGenerator.cpp:
(JSC::ProfileGenerator::addParentForConsoleStart):
* runtime/JSFunction.cpp:
(JSC::retrieveArguments):
(JSC::RetrieveCallerFunctionFunctor::operator()):
(JSC::retrieveCallerFunction):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncProtoGetter):
(JSC::globalFuncProtoSetter):
* runtime/ObjectConstructor.cpp:
(JSC::objectConstructorGetPrototypeOf):

Source/WebCore: 

No new tests.

* bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::SendFunctor::SendFunctor):
(WebCore::SendFunctor::line):
(WebCore::SendFunctor::url):
(WebCore::SendFunctor::operator()):
(WebCore::JSXMLHttpRequest::send):
* bindings/js/ScriptCallStackFactory.cpp:
(WebCore::createScriptCallStack):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

JSGenericTypedArrayViewConstructor.h is referenced twice in the XCode project build section, causing warnings
https://bugs.webkit.org/show_bug.cgi?id=120698

Reviewed by Darin Adler.

* JavaScriptCore.xcodeproj/project.pbxproj:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120639

Reviewed by Oliver Hunt.

ASSERT(!m_heap->shouldCollect()) is no longer true due to our use of the GC
deferral mechanism. We could technically be beyond our byte allocation limit,
but still not try to collect due to deferral. This patch amends shouldCollect()
to return false if GC is currently deferred.

* heap/Heap.h:
(JSC::Heap::shouldCollect):


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=112838

Source/JavaScriptCore: 

Reviewed by Mark Hahnenberg.
        
This adds the ability for the DFG to tier-up into the FTL. This works in both
of the expected tier-up modes:
        
Replacement: frequently called functions eventually have their entrypoint
replaced with one that goes into FTL-compiled code. Note, this will be a
slow-down for now since we don't yet have LLVM calling convention integration.
        
OSR entry: code stuck in hot loops gets OSR'd into the FTL from the DFG.
        
This means that if the DFG detects that a function is an FTL candidate, it
inserts execution counting code similar to the kind that the baseline JIT
would use. If you trip on a loop count in a loop header that is an OSR
candidate (it's not an inlined loop), we do OSR; otherwise we do replacement.
OSR almost always also implies future replacement.
        
OSR entry into the FTL is really cool. It uses a specialized FTL compile of
the code, where early in the DFG pipeline we replace the original root block
with an OSR entrypoint block that jumps to the pre-header of the hot loop.
The OSR entrypoint loads all live state at the loop pre-header using loads
from a scratch buffer, which gets populated by the runtime's OSR entry
preparation code (FTL::prepareOSREntry()). This approach appears to work well
with all of our subsequent optimizations, including prediction propagation,
CFA, and LICM. LLVM seems happy with it, too. Best of all, it works naturally
with concurrent compilation: when we hit the tier-up trigger we spawn a
compilation plan at the bytecode index from which we triggered; once the
compilation finishes the next trigger will try to enter, at that bytecode
index. If it can't - for example because the code has moved on to another
loop - then we just try again. Loops that get hot enough for OSR entry (about
25,000 iterations) will probably still be running when a concurrent compile
finishes, so this doesn't appear to be a big problem.
        
This immediately gives us a 70% speed-up on imaging-gaussian-blur. We could
get a bigger speed-up by adding some more intelligence and tweaking LLVM to
compile code faster. Those things will happen eventually but this is a good
start. Probably this code will see more tuning as we get more coverage in the
FTL JIT, but I'll worry about that in future patches.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::hasOptimizedReplacement):
(JSC::CodeBlock::setOptimizationThresholdBasedOnCompilationResult):
* bytecode/CodeBlock.h:
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::parse):
* dfg/DFGCFGSimplificationPhase.cpp:
(JSC::DFG::CFGSimplificationPhase::run):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDriver.cpp:
(JSC::DFG::compileImpl):
(JSC::DFG::compile):
* dfg/DFGDriver.h:
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
(JSC::DFG::Graph::killBlockAndItsContents):
(JSC::DFG::Graph::killUnreachableBlocks):
* dfg/DFGGraph.h:
* dfg/DFGInPlaceAbstractState.cpp:
(JSC::DFG::InPlaceAbstractState::initialize):
* dfg/DFGJITCode.cpp:
(JSC::DFG::JITCode::reconstruct):
(JSC::DFG::JITCode::checkIfOptimizationThresholdReached):
(JSC::DFG::JITCode::optimizeNextInvocation):
(JSC::DFG::JITCode::dontOptimizeAnytimeSoon):
(JSC::DFG::JITCode::optimizeAfterWarmUp):
(JSC::DFG::JITCode::optimizeSoon):
(JSC::DFG::JITCode::forceOptimizationSlowPathConcurrently):
(JSC::DFG::JITCode::setOptimizationThresholdBasedOnCompilationResult):
* dfg/DFGJITCode.h:
* dfg/DFGJITFinalizer.cpp:
(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):
(JSC::DFG::JITFinalizer::finalizeCommon):
* dfg/DFGLoopPreHeaderCreationPhase.cpp:
(JSC::DFG::createPreHeader):
(JSC::DFG::LoopPreHeaderCreationPhase::run):
* dfg/DFGLoopPreHeaderCreationPhase.h:
* dfg/DFGNode.h:
(JSC::DFG::Node::hasUnlinkedLocal):
(JSC::DFG::Node::unlinkedLocal):
* dfg/DFGNodeType.h:
* dfg/DFGOSREntry.cpp:
(JSC::DFG::prepareOSREntry):
* dfg/DFGOSREntrypointCreationPhase.cpp: Added.
(JSC::DFG::OSREntrypointCreationPhase::OSREntrypointCreationPhase):
(JSC::DFG::OSREntrypointCreationPhase::run):
(JSC::DFG::performOSREntrypointCreation):
* dfg/DFGOSREntrypointCreationPhase.h: Added.
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::Plan):
(JSC::DFG::Plan::compileInThread):
(JSC::DFG::Plan::compileInThreadImpl):
* dfg/DFGPlan.h:
* dfg/DFGPredictionInjectionPhase.cpp:
(JSC::DFG::PredictionInjectionPhase::run):
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGTierUpCheckInjectionPhase.cpp: Added.
(JSC::DFG::TierUpCheckInjectionPhase::TierUpCheckInjectionPhase):
(JSC::DFG::TierUpCheckInjectionPhase::run):
(JSC::DFG::performTierUpCheckInjection):
* dfg/DFGTierUpCheckInjectionPhase.h: Added.
* dfg/DFGToFTLDeferredCompilationCallback.cpp: Added.
(JSC::DFG::ToFTLDeferredCompilationCallback::ToFTLDeferredCompilationCallback):
(JSC::DFG::ToFTLDeferredCompilationCallback::~ToFTLDeferredCompilationCallback):
(JSC::DFG::ToFTLDeferredCompilationCallback::create):
(JSC::DFG::ToFTLDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::DFG::ToFTLDeferredCompilationCallback::compilationDidComplete):
* dfg/DFGToFTLDeferredCompilationCallback.h: Added.
* dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: Added.
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::ToFTLForOSREntryDeferredCompilationCallback):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::~ToFTLForOSREntryDeferredCompilationCallback):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::create):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete):
* dfg/DFGToFTLForOSREntryDeferredCompilationCallback.h: Added.
* dfg/DFGWorklist.cpp:
(JSC::DFG::globalWorklist):
* dfg/DFGWorklist.h:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLCapabilities.h:
* ftl/FTLForOSREntryJITCode.cpp: Added.
(JSC::FTL::ForOSREntryJITCode::ForOSREntryJITCode):
(JSC::FTL::ForOSREntryJITCode::~ForOSREntryJITCode):
(JSC::FTL::ForOSREntryJITCode::ftlForOSREntry):
(JSC::FTL::ForOSREntryJITCode::initializeEntryBuffer):
* ftl/FTLForOSREntryJITCode.h: Added.
(JSC::FTL::ForOSREntryJITCode::entryBuffer):
(JSC::FTL::ForOSREntryJITCode::setBytecodeIndex):
(JSC::FTL::ForOSREntryJITCode::bytecodeIndex):
(JSC::FTL::ForOSREntryJITCode::countEntryFailure):
(JSC::FTL::ForOSREntryJITCode::entryFailureCount):
* ftl/FTLJITFinalizer.cpp:
(JSC::FTL::JITFinalizer::finalizeFunction):
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::LowerDFGToLLVM::compileBlock):
(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compileExtractOSREntryLocal):
(JSC::FTL::LowerDFGToLLVM::compileGetLocal):
(JSC::FTL::LowerDFGToLLVM::addWeakReference):
* ftl/FTLOSREntry.cpp: Added.
(JSC::FTL::prepareOSREntry):
* ftl/FTLOSREntry.h: Added.
* ftl/FTLOutput.h:
(JSC::FTL::Output::crashNonTerminal):
(JSC::FTL::Output::crash):
* ftl/FTLState.cpp:
(JSC::FTL::State::State):
* interpreter/Register.h:
(JSC::Register::unboxedDouble):
* jit/JIT.cpp:
(JSC::JIT::emitEnterOptimizationCheck):
* jit/JITCode.cpp:
(JSC::JITCode::ftlForOSREntry):
* jit/JITCode.h:
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* runtime/Executable.cpp:
(JSC::ScriptExecutable::newReplacementCodeBlockFor):
* runtime/Options.h:
* runtime/VM.cpp:
(JSC::VM::ensureWorklist):
* runtime/VM.h:

LayoutTests: 

Reviewed by Mark Hahnenberg.
        
Fix marsaglia to check the result instead of printing, and add a second
version that relies on OSR entry.

* fast/js/regress/marsaglia-osr-entry-expected.txt: Added.
* fast/js/regress/marsaglia-osr-entry.html: Added.
* fast/js/regress/script-tests/marsaglia-osr-entry.js: Added.
(marsaglia):
* fast/js/regress/script-tests/marsaglia.js:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155023 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120615

Source/JavaScriptCore: 

Reviewed by Darin Adler.
        
Report the size of the instruction stream, and then remind the GC that we're
using memory when we trace.
        
This is a slight slow-down on some JSBench tests because it makes us GC a
bit more frequently. But I think it's well worth it; if we really want those
tests to GC less frequently then we can achieve that through other kinds of
tuning. It's better that the GC knows that CodeBlocks do in fact use memory;
what it does with that information is a somewhat orthogonal question.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::visitAggregate):

Source/WTF: 

Reviewed by Darin Adler.

* wtf/RefCountedArray.h:
(WTF::RefCountedArray::refCount):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155021 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120564.

Reviewed by Filip Pizlo.

Source/JavaScriptCore: 

* API/JSContextRef.cpp:
(BacktraceFunctor::BacktraceFunctor):
(BacktraceFunctor::operator()):
(JSContextCreateBacktrace):
* interpreter/CallFrame.cpp:
* interpreter/CallFrame.h:
* interpreter/Interpreter.cpp:
(JSC::DumpRegisterFunctor::DumpRegisterFunctor):
(JSC::DumpRegisterFunctor::operator()):
(JSC::Interpreter::dumpRegisters):
(JSC::unwindCallFrame):
(JSC::GetStackTraceFunctor::GetStackTraceFunctor):
(JSC::GetStackTraceFunctor::operator()):
(JSC::Interpreter::getStackTrace):
(JSC::Interpreter::stackTraceAsString):
(JSC::UnwindFunctor::UnwindFunctor):
(JSC::UnwindFunctor::operator()):
(JSC::Interpreter::unwind):
* interpreter/Interpreter.h:
* interpreter/StackIterator.cpp:
(JSC::StackIterator::numberOfFrames):
(JSC::StackIterator::gotoFrameAtIndex):
(JSC::StackIterator::gotoNextFrameWithFilter):
(JSC::StackIterator::resetIterator):
(JSC::StackIterator::Frame::print):
(debugPrintCallFrame):
(DebugPrintStackFunctor::operator()):
(debugPrintStack): Added for debugging convenience.
* interpreter/StackIterator.h:
(JSC::StackIterator::Frame::index):
(JSC::StackIterator::iterate):
* jsc.cpp:
(FunctionJSCStackFunctor::FunctionJSCStackFunctor):
(FunctionJSCStackFunctor::operator()):
(functionJSCStack):
* profiler/ProfileGenerator.cpp:
(JSC::AddParentForConsoleStartFunctor::AddParentForConsoleStartFunctor):
(JSC::AddParentForConsoleStartFunctor::foundParent):
(JSC::AddParentForConsoleStartFunctor::operator()):
(JSC::ProfileGenerator::addParentForConsoleStart):
* runtime/JSFunction.cpp:
(JSC::RetrieveArgumentsFunctor::RetrieveArgumentsFunctor):
(JSC::RetrieveArgumentsFunctor::result):
(JSC::RetrieveArgumentsFunctor::operator()):
(JSC::retrieveArguments):
(JSC::RetrieveCallerFunctionFunctor::RetrieveCallerFunctionFunctor):
(JSC::RetrieveCallerFunctionFunctor::result):
(JSC::RetrieveCallerFunctionFunctor::operator()):
(JSC::retrieveCallerFunction):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::GlobalFuncProtoGetterFunctor::GlobalFuncProtoGetterFunctor):
(JSC::GlobalFuncProtoGetterFunctor::result):
(JSC::GlobalFuncProtoGetterFunctor::operator()):
(JSC::globalFuncProtoGetter):
(JSC::GlobalFuncProtoSetterFunctor::GlobalFuncProtoSetterFunctor):
(JSC::GlobalFuncProtoSetterFunctor::allowsAccess):
(JSC::GlobalFuncProtoSetterFunctor::operator()):
(JSC::globalFuncProtoSetter):
* runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructorGetPrototypeOfFunctor::ObjectConstructorGetPrototypeOfFunctor):
(JSC::ObjectConstructorGetPrototypeOfFunctor::result):
(JSC::ObjectConstructorGetPrototypeOfFunctor::operator()):
(JSC::objectConstructorGetPrototypeOf):

Source/WebCore: 

No new tests.

* bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::SendFunctor::SendFunctor):
(WebCore::SendFunctor::hasViableFrame):
(WebCore::SendFunctor::operator()):
(WebCore::JSXMLHttpRequest::send):
* bindings/js/ScriptCallStackFactory.cpp:
(WebCore::CreateScriptCallStackFunctor::CreateScriptCallStackFunctor):
(WebCore::CreateScriptCallStackFunctor::operator()):
(WebCore::createScriptCallStack):
(WebCore::CreateScriptCallStackForConsoleFunctor::CreateScriptCallStackForConsoleFunctor):
(WebCore::CreateScriptCallStackForConsoleFunctor::operator()):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155013 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120654

Reviewed by Simon Fraser.

Source/JavaScriptCore:

Make xcode copy the required headers, and add appropriate export attributes

* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/JSMap.h:
* runtime/JSSet.h:
* runtime/MapData.h:

Source/WebCore:

Add support for cloning Map and Set.  Fairly self explanatory change.
Needed to add Forwarding headers for the JSMap, JSSet and MapData classes.

* ForwardingHeaders/runtime/JSMap.h: Added.
* ForwardingHeaders/runtime/JSSet.h: Added.
* ForwardingHeaders/runtime/MapData.h: Added.
* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneSerializer::isMap):
(WebCore::CloneSerializer::isSet):
(WebCore::CloneSerializer::startSet):
(WebCore::CloneSerializer::startMap):
(WebCore::CloneSerializer::serialize):
(WebCore::CloneDeserializer::consumeMapDataTerminationIfPossible):
(WebCore::CloneDeserializer::deserialize):

LayoutTests:

Tests!

* fast/dom/Window/script-tests/postmessage-clone.js:
(set new):
(set add.set add):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155008 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=73648

Reviewed by Oliver Hunt.

Source/JavaScriptCore: 

Based on the patch written by Jarred Nicholls.

Add JSC::JSONParse. This function will be used in XMLHttpRequest.response of type 'json'.

* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/JSONObject.cpp:
(JSC::JSONParse):
* runtime/JSONObject.h:

Source/WebCore: 

Based on the patch written by Jarred Nicholls.

Implement 'json' type for XMLHttpRequest.response. We cache the result on JSC side as a cached attribute
unlike other response types like 'document' and 'blob' for which the parsed response object is cached
in XMLHttpRequest itself. In the long run, we should do the same for other types of response types.

Also refactored the various code to share the code.

Tests: fast/xmlhttprequest/xmlhttprequest-responsetype-json-invalid.html
       fast/xmlhttprequest/xmlhttprequest-responsetype-json-utf16.html
       fast/xmlhttprequest/xmlhttprequest-responsetype-json-valid.html

* ForwardingHeaders/runtime/JSONObject.h: Added.

* bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::JSXMLHttpRequest::visitChildren):
(WebCore::JSXMLHttpRequest::response): Use JSONParse to parse the response text and cache the result.
Call didCacheResponseJSON to set the cache status and clear the original response buffer.

* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::XMLHttpRequest): Added m_responseCacheIsValid to invalidate the cache of
a json response.
(WebCore::XMLHttpRequest::responseText):
(WebCore::XMLHttpRequest::didCacheResponseJSON): Added; Updates m_responseCacheIsValid and clears the
response buffer to save memory.
(WebCore::XMLHttpRequest::responseXML):
(WebCore::XMLHttpRequest::setResponseType):
(WebCore::XMLHttpRequest::responseType):
(WebCore::XMLHttpRequest::clearResponseBuffers):
(WebCore::XMLHttpRequest::didReceiveData):

* xml/XMLHttpRequest.h:
(WebCore::XMLHttpRequest::doneWithoutErrors): Extracted from responseXML.
(WebCore::XMLHttpRequest::responseTextIgnoringResponseType): Extracted from responseText.
(WebCore::XMLHttpRequest::responseCacheIsValid): Added.
(WebCore::XMLHttpRequest::shouldDecodeResponse): Extracted from didReceiveData.
Also modified to decode when the response type is ResponseTypeJSON.

* xml/XMLHttpRequest.idl: Added CachedAttribute IDL extention on response property. This cache is
used when the response type is 'json'.

LayoutTests: 

Add regression tests for XMLHttpRequest.response of type 'json'.

Two of these tests (valid & invalid) come from Jarred Nicholls's original patch.

* fast/xmlhttprequest/resources/xmlhttprequest-responsetype-json-utf-16.json: Added.
* fast/xmlhttprequest/resources/xmlhttprequest-responsetype-json.json: Added.
* fast/xmlhttprequest/xmlhttprequest-responsetype-json-invalid-expected.txt: Added.
* fast/xmlhttprequest/xmlhttprequest-responsetype-json-invalid.html: Added.
* fast/xmlhttprequest/xmlhttprequest-responsetype-json-utf16-expected.txt: Added.
* fast/xmlhttprequest/xmlhttprequest-responsetype-json-utf16.html: Added.
* fast/xmlhttprequest/xmlhttprequest-responsetype-json-valid-expected.txt: Added.
* fast/xmlhttprequest/xmlhttprequest-responsetype-json-valid.html: Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154992 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120567

Reviewed by Oliver Hunt.
        
This is a risky change from a performance standpoint, but I believe it's
necessary. This makes all CodeBlocks get swept by GC. Nobody but the GC
can delete CodeBlocks because the GC always holds a reference to them.
Once a CodeBlock reaches just one reference (i.e. the one from the GC)
then the GC will free it only if it's not on the stack.
        
This allows me to get rid of the jettisoning logic. We need this for FTL
tier-up. Well; we don't need it, but it will help prevent a lot of bugs.
Previously, if you wanted to to replace one code block with another, you
had to remember to tell the GC that the previous code block is
"jettisoned". We would need to do this when tiering up from DFG to FTL
and when dealing with DFG-to-FTL OSR entry code blocks. There are a lot
of permutations here - tiering up to the FTL, OSR entering into the FTL,
deciding that an OSR entry code block is not relevant anymore - just to
name a few. In each of these cases we'd have to jettison the previous
code block. It smells like a huge source of future bugs.
        
So I made jettisoning implicit by making the GC always watch out for a
CodeBlock being owned solely by the GC.
        
This change is performance neutral.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::~CodeBlock):
(JSC::CodeBlock::visitAggregate):
(JSC::CodeBlock::jettison):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::setJITCode):
(JSC::CodeBlock::shouldImmediatelyAssumeLivenessDuringScan):
(JSC::CodeBlockSet::mark):
* dfg/DFGCommonData.h:
(JSC::DFG::CommonData::CommonData):
* heap/CodeBlockSet.cpp: Added.
(JSC::CodeBlockSet::CodeBlockSet):
(JSC::CodeBlockSet::~CodeBlockSet):
(JSC::CodeBlockSet::add):
(JSC::CodeBlockSet::clearMarks):
(JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced):
(JSC::CodeBlockSet::traceMarked):
* heap/CodeBlockSet.h: Added.
* heap/ConservativeRoots.cpp:
(JSC::ConservativeRoots::add):
* heap/ConservativeRoots.h:
* heap/DFGCodeBlocks.cpp: Removed.
* heap/DFGCodeBlocks.h: Removed.
* heap/Heap.cpp:
(JSC::Heap::markRoots):
(JSC::Heap::deleteAllCompiledCode):
(JSC::Heap::deleteUnmarkedCompiledCode):
* heap/Heap.h:
* interpreter/JSStack.cpp:
(JSC::JSStack::gatherConservativeRoots):
* interpreter/JSStack.h:
* runtime/Executable.cpp:
(JSC::ScriptExecutable::installCode):
* runtime/Executable.h:
* runtime/VM.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120569

Reviewed by Andy Estes.

Source/JavaScriptCore:

* API/JSValue.mm:
(valueToString): Use CFBridgingRelease.

Source/WebCore:

* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(AXTextMarkerRange):
(AXTextMarkerRangeStart):
(AXTextMarkerRangeEnd):
(textMarkerForVisiblePosition):
Use CFBridgingRelease.

* platform/mac/KURLMac.mm:
(WebCore::KURL::operator NSURL *): Use CFBridgingRelease.
(WebCore::KURL::createCFURL): Get rid of needless local variable.

* platform/mac/WebCoreNSURLExtras.mm:
(WebCore::mapHostNameWithRange):
(WebCore::URLWithData):
(WebCore::userVisibleString):
* platform/text/mac/StringImplMac.mm:
(WTF::StringImpl::operator NSString *):
Use CFBridgingRelease.

Source/WebKit/mac:

* Misc/WebNSFileManagerExtras.mm:
(-[NSFileManager _webkit_startupVolumeName]): Removed some unneeded locals.
Got rid of the pointless ref/leakRef/HardAutorelease dance, and replaced it
with a [[x copy] autorelease].

* Misc/WebNSURLExtras.mm:
(-[NSURL _web_URLWithLowercasedScheme]): Use CFBridgingRelease, and got rid
of unneeded type casts.

* Plugins/WebBasePluginPackage.mm:
(+[WebBasePluginPackage preferredLocalizationName]): Use CFBridgingRelease.
* WebView/WebPDFRepresentation.mm:
(-[WebPDFRepresentation convertPostScriptDataSourceToPDF:]): Ditto.

* WebView/WebView.mm:
(+[WebView _setCacheModel:]): Use CFBridgingRelease and got rid of unneeded
type cast.

Source/WebKit2:

* Platform/mac/StringUtilities.mm:
(WebKit::nsStringFromWebCoreString): Use CFBridgingRelease. Also
changed condition to be a little cleaner and use a constant string for empty
strings as well as null strings.

* UIProcess/API/mac/WKBrowsingContextController.mm:
(autoreleased): Switched from autorelease to CFBridgingRelease for strings,
which eliminates a type cast and makes this work under GC, although I don't
think we should compile WebKit2 for GC.

* WebProcess/WebPage/mac/WKAccessibilityWebPageObject.mm:
(-[WKAccessibilityWebPageObject accessibilityAttributeValue:forParameter:]):
Use CFBridgingRelease.

Source/WTF:

* wtf/ObjcRuntimeExtras.h: Added a FIXME about miscapitalization of ObjC.
Deleted HardAutorelease.
(wtfObjcMsgSend): Dropped the use of abbreviations in local class and argument names.
(wtfCallIMP): Ditto.

Tools:

* DumpRenderTree/mac/DumpRenderTree.mm:
(dump): Use CFBridgingRelease.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154963 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120551

Reviewed by Michael Saboff.
        
Fix the bug, and did a big clean-up of how Executable returns CodeBlocks. A lot
of the problems we have with code like CodeBlock::baselineVersion() is that we
were trying *way too hard* to side-step the fact that Executable can't return a
CodeBlock*. Previously it could only return CodeBlock&, so if it didn't have a
CodeBlock yet, you were screwed. And if you didn't know, or weren't sure, if it
did have a CodeBlock, you were really going to have a bad time. Also it really
bugs me that the methods were called generatedBytecode(). In all other contexts
if you ask for a CodeBlock, then method to call is codeBlock(). So I made all
of those changes.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::baselineVersion):
(JSC::ProgramCodeBlock::replacement):
(JSC::EvalCodeBlock::replacement):
(JSC::FunctionCodeBlock::replacement):
(JSC::CodeBlock::globalObjectFor):
* bytecode/CodeOrigin.cpp:
(JSC::InlineCallFrame::hash):
* dfg/DFGOperations.cpp:
* interpreter/Interpreter.cpp:
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):
* jit/JITCode.h:
(JSC::JITCode::isExecutableScript):
(JSC::JITCode::isLowerTier):
* jit/JITStubs.cpp:
(JSC::lazyLinkFor):
(JSC::DEFINE_STUB_FUNCTION):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::traceFunctionPrologue):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::setUpCall):
* runtime/ArrayPrototype.cpp:
(JSC::isNumericCompareFunction):
* runtime/CommonSlowPaths.h:
(JSC::CommonSlowPaths::arityCheckFor):
* runtime/Executable.cpp:
(JSC::ScriptExecutable::installCode):
* runtime/Executable.h:
(JSC::EvalExecutable::codeBlock):
(JSC::ProgramExecutable::codeBlock):
(JSC::FunctionExecutable::eitherCodeBlock):
(JSC::FunctionExecutable::codeBlockForCall):
(JSC::FunctionExecutable::codeBlockForConstruct):
(JSC::FunctionExecutable::codeBlockFor):
* runtime/FunctionExecutableDump.cpp:
(JSC::FunctionExecutableDump::dump):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154935 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120549

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

We simply reuse the MapData type from JSMap making the
it much simpler.

* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/CommonIdentifiers.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::reset):
(JSC::JSGlobalObject::visitChildren):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::setStructure):
* runtime/JSSet.cpp: Added.
(JSC::JSSet::visitChildren):
(JSC::JSSet::finishCreation):
* runtime/JSSet.h: Added.
(JSC::JSSet::createStructure):
(JSC::JSSet::create):
(JSC::JSSet::mapData):
(JSC::JSSet::JSSet):
* runtime/SetConstructor.cpp: Added.
(JSC::SetConstructor::finishCreation):
(JSC::callSet):
(JSC::constructSet):
(JSC::SetConstructor::getConstructData):
(JSC::SetConstructor::getCallData):
* runtime/SetConstructor.h: Added.
(JSC::SetConstructor::create):
(JSC::SetConstructor::createStructure):
(JSC::SetConstructor::SetConstructor):
* runtime/SetPrototype.cpp: Added.
(JSC::SetPrototype::finishCreation):
(JSC::getMapData):
(JSC::setProtoFuncAdd):
(JSC::setProtoFuncClear):
(JSC::setProtoFuncDelete):
(JSC::setProtoFuncForEach):
(JSC::setProtoFuncHas):
(JSC::setProtoFuncSize):
* runtime/SetPrototype.h: Added.
(JSC::SetPrototype::create):
(JSC::SetPrototype::createStructure):
(JSC::SetPrototype::SetPrototype):

LayoutTests:

Add tests

* fast/js/basic-set-expected.txt: Added.
* fast/js/basic-set.html: Added.
* fast/js/script-tests/basic-set.js: Added.
(set new):
(otherString.string_appeared_here.set add):
(try.set forEach):
(set forEach):
(set gc):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154916 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120505

Reviewed by Darin Adler.

Source/JavaScriptCore:

Replaces JSValue::operator bool() with a operator UnspecifiedBoolType* as
we do elsewhere.  Then fix the places where terrible type coercion was
happening.  All of the changes made had no fundamental behavioural impact
as they were coercion results that were ignored (returning undefined
after an exception).

* dfg/DFGOperations.cpp:
* interpreter/CallFrame.h:
(JSC::ExecState::hadException):
* runtime/JSCJSValue.h:
* runtime/JSCJSValueInlines.h:
(JSC::JSValue::operator UnspecifiedBoolType*):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
* runtime/PropertyDescriptor.cpp:
(JSC::PropertyDescriptor::equalTo)

Source/WTF:

Make LIKELY and UNLIKELY macros coerce to bool before
passing to expect.

* wtf/Compiler.h:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154902 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120531

Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-30
Reviewed by Darin Adler.

Changed the assert to ASSERT_NOT_REACHED, now that r154839 has landed. errorDescriptionForValue
can assert again that the parameterized JSValue is !isEmpty().

* runtime/ExceptionHelpers.cpp:
(JSC::errorDescriptionForValue):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154892 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120467

Reviewed by Darin Adler.

Source/JavaScriptCore: 

* Configurations/FeatureDefines.xcconfig:

Source/WebKit/blackberry: 

* WebCoreSupport/AboutDataEnableFeatures.in:

Source/WebKit/mac: 

* Configurations/FeatureDefines.xcconfig:

Source/WebKit2: 

* Configurations/FeatureDefines.xcconfig:

Source/WTF: 

* wtf/FeatureDefines.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154870 268f45cc-cd09-0410-ab3c-d52691b4dbfc

* Target.pri:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154866 268f45cc-cd09-0410-ab3c-d52691b4dbfc

* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
Renamed JSMapConstructor and JSMapPrototype.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154865 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120503

Reviewed by Geoffrey Garen.

Unreviewed build fix attempt for GTK, Qt Windows and CMake based ports.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* Target.pri:
* runtime/MapData.h:
(JSC::MapData::KeyType::KeyType):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154864 268f45cc-cd09-0410-ab3c-d52691b4dbfc

<https://webkit.org/b/120487>

Reviewed by Oliver Hunt.

CodeBlock::m_llintCallLinkInfos never changes size after creation, so make it a Vector
instead of a SegmentedVector. Use resizeToFit() instead of grow() since we know the
exact amount of space needed.

* bytecode/CodeBlock.h:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::shrinkToFit):


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154863 268f45cc-cd09-0410-ab3c-d52691b4dbfc

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154862 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120333

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Implement support for the ES6 Map type and related classes.

* JavaScriptCore.xcodeproj/project.pbxproj:
* heap/CopyToken.h: Add a new token to track copying the backing store
* runtime/CommonIdentifiers.h: Add new identifiers
* runtime/JSGlobalObject.cpp:
* runtime/JSGlobalObject.h:
    Add new structures and prototypes

* runtime/JSMap.cpp: Added.
* runtime/JSMap.h: Added.
    New JSMap class to represent a Map instance

* runtime/MapConstructor.cpp: Added.
* runtime/MapConstructor.h: Added.
    The Map constructor

* runtime/MapData.cpp: Added.
* runtime/MapData.h: Added.
    The most interesting data structure.  The roughly corresponds
    to the ES6 notion of MapData.  It provides the core JSValue->JSValue
    map implementation.  We implement it using 2 hashtables and a flat
    table.  Due to the different semantics of string comparisons vs.
    all others we need have one map keyed by String and the other by
    generic JSValue.  The actual table is represented more or less
    exactly as described in the ES6 draft - a single contiguous list of
    key/value pairs.  The entire map could be achieved with just this
    table, however we need the HashMaps in order to maintain O(1) lookup.

    Deleted values are simply cleared as the draft says, however the
    implementation compacts the storage on copy as long as the are no
    active iterators.

* runtime/MapPrototype.cpp: Added.
* runtime/MapPrototype.h: Added.
    Implement Map prototype functions

* runtime/VM.cpp:
    Add new structures.

LayoutTests:

Tests

* fast/js/basic-map-expected.txt: Added.
* fast/js/basic-map.html: Added.
* fast/js/script-tests/basic-map.js: Added.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154861 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120489

Reviewed by Geoffrey Garen.
        
If the baseline JIT hits an OSR entry trigger into the DFG and we already have a
DFG compilation but we've also started one or more FTL compilations, then we
shouldn't get confused. Previously we would have gotten confused because we would
see an in-process deferred compile (the FTL compile) and also an optimized
replacement (the DFG code).
        
If the baseline JIT hits an OSR entry trigger into the DFG and we previously
did two things in this order: triggered a tier-up compilation from the DFG into
the FTL, and then jettisoned the DFG code because it exited a bunch, then we
shouldn't be confused by the presence of an in-process deferred compile (the FTL
compile). Previously we would have waited for that compile to finish; but the more
sensible thing to do is to let it complete and then invalidate it, while at the
same time enqueueing a DFG compile to create a new, more valid, DFG code block.
        
If the DFG JIT hits a loop OSR entry trigger (into the FTL) and it has already
triggered an FTL compile for replacement, then it should fire off a second compile
instead of thinking that it can wait for that one to finish. Or vice-versa. We
need to allow for two FTL compiles to be enqueued at the same time (one for
replacement and one for OSR entry in a loop).
        
Then there's also the problem that DFG::compile() is almost certainly going to be
the hook for triggering both DFG compiles and the two kinds of FTL compiles, but
right now there is no way to tell it which one you want.
        
This fixes these problems and removes a bunch of potential confusion by making the
key for a compile in the DFG::Worklist be a CompilationMode (one of DFGMode,
FTLMode, or FTLForOSREntryMode). That mode is also passed to DFG::compile().
        
Awkwardly, this still leaves us in a no DFG->FTL tier-up situation - so
DFG::compile() is always passed DFGMode and then it might do an FTL compile if
possible. Fixing that is a bigger issue for a later changeset.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::checkIfOptimizationThresholdReached):
* dfg/DFGCompilationKey.cpp: Added.
(JSC::DFG::CompilationKey::dump):
* dfg/DFGCompilationKey.h: Added.
(JSC::DFG::CompilationKey::CompilationKey):
(JSC::DFG::CompilationKey::operator!):
(JSC::DFG::CompilationKey::isHashTableDeletedValue):
(JSC::DFG::CompilationKey::profiledBlock):
(JSC::DFG::CompilationKey::mode):
(JSC::DFG::CompilationKey::operator==):
(JSC::DFG::CompilationKey::hash):
(JSC::DFG::CompilationKeyHash::hash):
(JSC::DFG::CompilationKeyHash::equal):
* dfg/DFGCompilationMode.cpp: Added.
(WTF::printInternal):
* dfg/DFGCompilationMode.h: Added.
* dfg/DFGDriver.cpp:
(JSC::DFG::compileImpl):
(JSC::DFG::compile):
* dfg/DFGDriver.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::Plan):
(JSC::DFG::Plan::key):
* dfg/DFGPlan.h:
* dfg/DFGWorklist.cpp:
(JSC::DFG::Worklist::enqueue):
(JSC::DFG::Worklist::compilationState):
(JSC::DFG::Worklist::completeAllReadyPlansForVM):
(JSC::DFG::Worklist::runThread):
* dfg/DFGWorklist.h:
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154854 268f45cc-cd09-0410-ab3c-d52691b4dbfc

If you are going to exclude promises, actually exclude the build components.

* interpreter/CallFrame.h: Exclude promise declarations
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::reset): Exclude promise code.
(JSC::JSGlobalObject::visitChildren): Ditto.
* runtime/VM.cpp: Ditto.
(JSC::VM::VM):
(JSC::VM::~VM):
* runtime/VM.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154853 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* Source/autotools/SetupWebKitFeatures.m4:
* Source/cmake/WebKitFeatures.cmake:
* Source/cmakeconfig.h.cmake:

Source/JavaScriptCore: Add ENABLE guards for Promises
https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* Configurations/FeatureDefines.xcconfig:
* runtime/JSGlobalObject.cpp:
* runtime/JSGlobalObject.h:
* runtime/JSPromise.cpp:
* runtime/JSPromise.h:
* runtime/JSPromiseCallback.cpp:
* runtime/JSPromiseCallback.h:
* runtime/JSPromiseConstructor.cpp:
* runtime/JSPromiseConstructor.h:
* runtime/JSPromisePrototype.cpp:
* runtime/JSPromisePrototype.h:
* runtime/JSPromiseResolver.cpp:
* runtime/JSPromiseResolver.h:
* runtime/JSPromiseResolverConstructor.cpp:
* runtime/JSPromiseResolverConstructor.h:
* runtime/JSPromiseResolverPrototype.cpp:
* runtime/JSPromiseResolverPrototype.h:

Source/WebCore: Add ENABLE guards for Promises
https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac: Add ENABLE gaurds for Promises
https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* Configurations/FeatureDefines.xcconfig:

Source/WebKit2: Add ENABLE gaurds for Promises
https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* Configurations/FeatureDefines.xcconfig:

Source/WTF: Add ENABLE guards for Promises
https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* wtf/FeatureDefines.h:

Tools: Add ENABLE guards for Promises
https://bugs.webkit.org/show_bug.cgi?id=120488

Reviewed by Andreas Kling.

* Scripts/webkitperl/FeatureList.pm:
* qmake/mkspecs/features/features.pri:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154847 268f45cc-cd09-0410-ab3c-d52691b4dbfc

* ftl/FTLLowerDFGToLLVM.cpp:
(JSC::FTL::LowerDFGToLLVM::callCheck):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154845 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120080

Patch by Julien Brianceau <jbriance@cisco.com> on 2013-08-29
Reviewed by Michael Saboff.

* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emitSlow_op_get_argument_by_val): Revert changes introduced by r153222 in this function.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154839 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Rubber stamped by Oliver Hunt.

* dfg/DFGDriver.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154838 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120486

Reviewed by Oliver Hunt.
        
Removed the counterValueForBlah() methods and exposed the reusable scaling logic
as a adjustedCounterValue() method.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::adjustedCounterValue):
(JSC::CodeBlock::optimizeAfterWarmUp):
(JSC::CodeBlock::optimizeAfterLongWarmUp):
(JSC::CodeBlock::optimizeSoon):
* bytecode/CodeBlock.h:
* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::handleExitCounts):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154837 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120453

Reviewed by Oliver Hunt.
        
Instead of saying:
        
    codeBlock->prepareForExecution(stuff, BaselineJIT, more stuff)
        
we should just say:
        
    JIT::compile(stuff, codeBlock, more stuff);
        
And similarly for the LLInt and DFG.
        
This kills a bunch of code, since CodeBlock::prepareForExecution() is just a
wrapper that uses the JITType argument to call into the appropriate execution
engine, which is what the user wanted to do in the first place.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* bytecode/CodeBlock.cpp:
* bytecode/CodeBlock.h:
* dfg/DFGDriver.cpp:
(JSC::DFG::compileImpl):
(JSC::DFG::compile):
* dfg/DFGDriver.h:
(JSC::DFG::tryCompile):
* dfg/DFGOSRExitPreparation.cpp:
(JSC::DFG::prepareCodeOriginForOSRExit):
* dfg/DFGWorklist.cpp:
(JSC::DFG::globalWorklist):
* dfg/DFGWorklist.h:
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
* jit/JIT.h:
(JSC::JIT::compile):
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* llint/LLIntEntrypoint.cpp: Copied from Source/JavaScriptCore/llint/LLIntEntrypoints.cpp.
(JSC::LLInt::setFunctionEntrypoint):
(JSC::LLInt::setEvalEntrypoint):
(JSC::LLInt::setProgramEntrypoint):
(JSC::LLInt::setEntrypoint):
* llint/LLIntEntrypoint.h: Copied from Source/JavaScriptCore/llint/LLIntEntrypoints.h.
* llint/LLIntEntrypoints.cpp: Removed.
* llint/LLIntEntrypoints.h: Removed.
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::jitCompileAndSetHeuristics):
* runtime/Executable.cpp:
(JSC::ScriptExecutable::prepareForExecutionImpl):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154833 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120481.

Not reviewed.

* interpreter/StackIterator.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154827 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120326

Reviewed by Oliver Hunt.
        
Rolling r154804 back in after fixing no-LLInt build.
        
Previously Executable owned the code for generating JIT code; you always had
to go through Executable. But often you also had to go through CodeBlock,
because ScriptExecutable couldn't have virtual methods, but CodeBlock could.
So you'd ask CodeBlock to do something, which would dispatch through a
virtual method that would select the appropriate Executable subtype's method.
This all meant that the same code would often be duplicated, because most of
the work needed to compile something was identical regardless of code type.
But then we tried to fix this, by having templatized helpers in
ExecutionHarness.h and JITDriver.h. The result was that if you wanted to find
out what happened when you asked for something to be compiled, you'd go on a
wild ride that started with CodeBlock, touched upon Executable, and then
ricocheted into either ExecutionHarness or JITDriver (likely both).
        
Another awkwardness was that for concurrent compiles, the DFG::Worklist had
super-special inside knowledge of what JITStubs.cpp's cti_optimize would have
done once the compilation finished.
        
Also, most of the DFG JIT drivers assumed that they couldn't install the
JITCode into the CodeBlock directly - instead they would return it via a
reference, which happened to be a reference to the JITCode pointer in
Executable. This was super weird.
        
Finally, there was no notion of compiling code into a special CodeBlock that
wasn't used for handling calls into an Executable. I'd like this for FTL OSR
entry.
        
This patch solves these problems by reducing all of that complexity into just
three primitives:
        
- Executable::newCodeBlock(). This gives you a new code block, either for call
  or for construct, and either to serve as the baseline code or the optimized
  code. The new code block is then owned by the caller; Executable doesn't
  register it anywhere. The new code block has no JITCode and isn't callable,
  but it has all of the bytecode.
        
- CodeBlock::prepareForExecution(). This takes the CodeBlock's bytecode and
  produces a JITCode, and then installs the JITCode into the CodeBlock. This
  method takes a JITType, and always compiles with that JIT. If you ask for
  JITCode::InterpreterThunk then you'll get JITCode that just points to the
  LLInt entrypoints. Once this returns, it is possible to call into the
  CodeBlock if you do so manually - but the Executable still won't know about
  it so JS calls to that Executable will still be routed to whatever CodeBlock
  is associated with the Executable.
        
- Executable::installCode(). This takes a CodeBlock and makes it the code-for-
  entry for that Executable. This involves unlinking the Executable's last
  CodeBlock, if there was one. This also tells the GC about any effect on
  memory usage and does a bunch of weird data structure rewiring, since
  Executable caches some of CodeBlock's fields for the benefit of virtual call
  fast paths.
        
This functionality is then wrapped around three convenience methods:
        
- Executable::prepareForExecution(). If there is no code block for that
  Executable, then one is created (newCodeBlock()), compiled
  (CodeBlock::prepareForExecution()) and installed (installCode()).
        
- CodeBlock::newReplacement(). Asks the Executable for a new CodeBlock that
  can serve as an optimized replacement of the current one.
        
- CodeBlock::install(). Asks the Executable to install this code block.
        
This patch allows me to kill *a lot* of code and to remove a lot of
specializations for functions vs. not-functions, and a lot of places where we
pass around JITCode references and such. ExecutionHarness and JITDriver are
both gone. Overall this patch has more red than green.
        
It also allows me to work on FTL OSR entry and tier-up:
        
- FTL tier-up: this will involve DFGOperations.cpp asking the DFG::Worklist
  to do some compilation, but it will require the DFG::Worklist to do
  something different than what JITStubs.cpp would want, once the compilation
  finishes. This patch introduces a callback mechanism for that purpose.
        
- FTL OSR entry: this will involve creating a special auto-jettisoned
  CodeBlock that is used only for FTL OSR entry. The new set of primitives
  allows for this: Executable can vend you a fresh new CodeBlock, and you can
  ask that CodeBlock to compile itself with any JIT of your choosing. Or you
  can take that CodeBlock and compile it yourself. Previously the act of
  producing a CodeBlock-for-optimization and the act of compiling code for it
  were tightly coupled; now you can separate them and you can create such
  auto-jettisoned CodeBlocks that are used for a one-shot OSR entry.

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::unlinkIncomingCalls):
(JSC::CodeBlock::prepareForExecutionImpl):
(JSC::CodeBlock::prepareForExecution):
(JSC::CodeBlock::prepareForExecutionAsynchronously):
(JSC::CodeBlock::install):
(JSC::CodeBlock::newReplacement):
(JSC::FunctionCodeBlock::jettisonImpl):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::hasBaselineJITProfiling):
* bytecode/DeferredCompilationCallback.cpp: Added.
(JSC::DeferredCompilationCallback::DeferredCompilationCallback):
(JSC::DeferredCompilationCallback::~DeferredCompilationCallback):
* bytecode/DeferredCompilationCallback.h: Added.
* dfg/DFGDriver.cpp:
(JSC::DFG::tryCompile):
* dfg/DFGDriver.h:
(JSC::DFG::tryCompile):
* dfg/DFGFailedFinalizer.cpp:
(JSC::DFG::FailedFinalizer::finalize):
(JSC::DFG::FailedFinalizer::finalizeFunction):
* dfg/DFGFailedFinalizer.h:
* dfg/DFGFinalizer.h:
* dfg/DFGJITFinalizer.cpp:
(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):
* dfg/DFGJITFinalizer.h:
* dfg/DFGOSRExitPreparation.cpp:
(JSC::DFG::prepareCodeOriginForOSRExit):
* dfg/DFGOperations.cpp:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::Plan):
(JSC::DFG::Plan::compileInThreadImpl):
(JSC::DFG::Plan::notifyReady):
(JSC::DFG::Plan::finalizeWithoutNotifyingCallback):
(JSC::DFG::Plan::finalizeAndNotifyCallback):
* dfg/DFGPlan.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGWorklist.cpp:
(JSC::DFG::Worklist::completeAllReadyPlansForVM):
(JSC::DFG::Worklist::runThread):
* ftl/FTLJITFinalizer.cpp:
(JSC::FTL::JITFinalizer::finalize):
(JSC::FTL::JITFinalizer::finalizeFunction):
* ftl/FTLJITFinalizer.h:
* heap/Heap.h:
(JSC::Heap::isDeferred):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):
* jit/JITDriver.h: Removed.
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
(JSC::jitCompileFor):
(JSC::lazyLinkFor):
* jit/JITToDFGDeferredCompilationCallback.cpp: Added.
(JSC::JITToDFGDeferredCompilationCallback::JITToDFGDeferredCompilationCallback):
(JSC::JITToDFGDeferredCompilationCallback::~JITToDFGDeferredCompilationCallback):
(JSC::JITToDFGDeferredCompilationCallback::create):
(JSC::JITToDFGDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::JITToDFGDeferredCompilationCallback::compilationDidComplete):
* jit/JITToDFGDeferredCompilationCallback.h: Added.
* llint/LLIntEntrypoints.cpp:
(JSC::LLInt::setFunctionEntrypoint):
(JSC::LLInt::setEvalEntrypoint):
(JSC::LLInt::setProgramEntrypoint):
* llint/LLIntEntrypoints.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::jitCompileAndSetHeuristics):
(JSC::LLInt::setUpCall):
* runtime/ArrayPrototype.cpp:
(JSC::isNumericCompareFunction):
* runtime/CommonSlowPaths.cpp:
* runtime/CompilationResult.cpp:
(WTF::printInternal):
* runtime/CompilationResult.h:
* runtime/Executable.cpp:
(JSC::ScriptExecutable::installCode):
(JSC::ScriptExecutable::newCodeBlockFor):
(JSC::ScriptExecutable::newReplacementCodeBlockFor):
(JSC::ScriptExecutable::prepareForExecutionImpl):
* runtime/Executable.h:
(JSC::ExecutableBase::offsetOfJITCodeWithArityCheckFor):
(JSC::ExecutableBase::offsetOfNumParametersFor):
(JSC::ScriptExecutable::prepareForExecution):
(JSC::FunctionExecutable::jettisonOptimizedCodeFor):
* runtime/ExecutionHarness.h: Removed.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154824 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=119657.

Reviewed by Geoffrey Garen.

* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:
* interpreter/CallFrame.h:
- Removed references to StackIteratorPrivate.h.
* interpreter/StackIterator.cpp:
(JSC::StackIterator::numberOfFrames):
(JSC::StackIterator::gotoFrameAtIndex):
(JSC::StackIterator::gotoNextFrame):
(JSC::StackIterator::resetIterator):
(JSC::StackIterator::find):
(JSC::StackIterator::readFrame):
(JSC::StackIterator::readNonInlinedFrame):
- Reads in the current CallFrame's data for non-inlined frames.
(JSC::inlinedFrameOffset):
- Convenience function to compute the inlined frame offset based on the
  CodeOrigin. If the offset is 0, then we're looking at the physical frame.
  Otherwise, it's an inlined frame.
(JSC::StackIterator::readInlinedFrame):
- Determines the inlined frame's caller frame. Will read in the caller
  frame if it is also an inlined frame i.e. we haven't reached the
  outer most frame yet. Otherwise, will call readNonInlinedFrame() to
  read on the outer most frame.
  This is based on the old StackIterator::Frame::logicalFrame().
(JSC::StackIterator::updateFrame):
- Reads the data of the caller frame of the current one. This function
  is renamed and moved from the old StackIterator::Frame::logicalCallerFrame(),
  but is now simplified because it delegates to the readInlinedFrame()
  to get the caller for inlined frames.
(JSC::StackIterator::Frame::arguments):
- Fixed to use the inlined frame versions of Arguments::create() and
  Arguments::tearOff() when the frame is an inlined frame.
(JSC::StackIterator::Frame::print):
(debugPrintCallFrame):
(debugPrintStack):
- Because sometimes, we want to see the whole stack while debugging.
* interpreter/StackIterator.h:
(JSC::StackIterator::Frame::argumentCount):
(JSC::StackIterator::Frame::callerFrame):
(JSC::StackIterator::Frame::callee):
(JSC::StackIterator::Frame::scope):
(JSC::StackIterator::Frame::codeBlock):
(JSC::StackIterator::Frame::bytecodeOffset):
(JSC::StackIterator::Frame::inlinedFrameInfo):
(JSC::StackIterator::Frame::isJSFrame):
(JSC::StackIterator::Frame::isInlinedFrame):
(JSC::StackIterator::Frame::callFrame):
(JSC::StackIterator::Frame::Frame):
(JSC::StackIterator::Frame::~Frame):
- StackIterator::Frame now caches commonly used accessed values from
  the CallFrame. It still delegates argument queries to the CallFrame.
(JSC::StackIterator::operator*):
(JSC::StackIterator::operator->):
(JSC::StackIterator::operator!=):
(JSC::StackIterator::operator++):
(JSC::StackIterator::end):
(JSC::StackIterator::operator==):
* interpreter/StackIteratorPrivate.h: Removed.



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154821 268f45cc-cd09-0410-ab3c-d52691b4dbfc

https://bugs.webkit.org/show_bug.cgi?id=120472

Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-29
Reviewed by Filip Pizlo.

With the JIT disabled, interpreterThrowInCaller was attempting to throw an error,
but the topCallFrame was not set yet. By passing the error object into interpreterThrowInCaller
throwException can be called when topCallFrame is set.
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPathsExceptions.cpp:
(JSC::CommonSlowPaths::interpreterThrowInCaller):
* runtime/CommonSlowPathsExceptions.h:

Renamed genericThrow -> genericUnwind, because this function no longer has the ability
to throw errors. It unwinds the stack in order to report them.
* dfg/DFGOperations.cpp:
* jit/JITExceptions.cpp:
(JSC::genericUnwind):
(JSC::jitThrowNew):
(JSC::jitThrow):
* jit/JITExceptions.h:
* llint/LLIntExceptions.cpp:
(JSC::LLInt::doThrow):

LayoutTests: VM::throwException() crashes reproducibly in testapi with !ENABLE(JIT)
https://bugs.webkit.org/show_bug.cgi?id=120472

Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-29
Reviewed by Filip Pizlo.
An error that was not being reported before is now caught and being reported.
* media/track/track-cue-rendering-on-resize-expected.txt:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154817 268f45cc-cd09-0410-ab3c-d52691b4dbfc

http://trac.webkit.org/changeset/154804
https://bugs.webkit.org/show_bug.cgi?id=120477

Broke Windows build (assumes LLInt features not enabled on
this build) (Requested by bfulgham on #webkit).

* CMakeLists.txt:
* GNUmakefile.list.am:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::linkIncomingCall):
(JSC::CodeBlock::unlinkIncomingCalls):
(JSC::CodeBlock::reoptimize):
(JSC::ProgramCodeBlock::replacement):
(JSC::EvalCodeBlock::replacement):
(JSC::FunctionCodeBlock::replacement):
(JSC::ProgramCodeBlock::compileOptimized):
(JSC::ProgramCodeBlock::replaceWithDeferredOptimizedCode):
(JSC::EvalCodeBlock::compileOptimized):
(JSC::EvalCodeBlock::replaceWithDeferredOptimizedCode):
(JSC::FunctionCodeBlock::compileOptimized):
(JSC::FunctionCodeBlock::replaceWithDeferredOptimizedCode):
(JSC::ProgramCodeBlock::jitCompileImpl):
(JSC::EvalCodeBlock::jitCompileImpl):
(JSC::FunctionCodeBlock::jitCompileImpl):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::jitType):
(JSC::CodeBlock::jitCompile):
* bytecode/DeferredCompilationCallback.cpp: Removed.
* bytecode/DeferredCompilationCallback.h: Removed.
* dfg/DFGDriver.cpp:
(JSC::DFG::compile):
(JSC::DFG::tryCompile):
(JSC::DFG::tryCompileFunction):
(JSC::DFG::tryFinalizePlan):
* dfg/DFGDriver.h:
(JSC::DFG::tryCompile):
(JSC::DFG::tryCompileFunction):
(JSC::DFG::tryFinalizePlan):
* dfg/DFGFailedFinalizer.cpp:
(JSC::DFG::FailedFinalizer::finalize):
(JSC::DFG::FailedFinalizer::finalizeFunction):
* dfg/DFGFailedFinalizer.h:
* dfg/DFGFinalizer.h:
* dfg/DFGJITFinalizer.cpp:
(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):
* dfg/DFGJITFinalizer.h:
* dfg/DFGOSRExitPreparation.cpp:
(JSC::DFG::prepareCodeOriginForOSRExit):
* dfg/DFGOperations.cpp:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::Plan):
(JSC::DFG::Plan::compileInThreadImpl):
(JSC::DFG::Plan::finalize):
* dfg/DFGPlan.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGWorklist.cpp:
(JSC::DFG::Worklist::completeAllReadyPlansForVM):
(JSC::DFG::Worklist::runThread):
* ftl/FTLJITFinalizer.cpp:
(JSC::FTL::JITFinalizer::finalize):
(JSC::FTL::JITFinalizer::finalizeFunction):
* ftl/FTLJITFinalizer.h:
* heap/Heap.h:
* interpreter/Interpreter.cpp:
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):
* jit/JITDriver.h: Added.
(JSC::jitCompileIfAppropriateImpl):
(JSC::jitCompileFunctionIfAppropriateImpl):
(JSC::jitCompileIfAppropriate):
(JSC::jitCompileFunctionIfAppropriate):
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
(JSC::jitCompileFor):
(JSC::lazyLinkFor):
* jit/JITToDFGDeferredCompilationCallback.cpp: Removed.
* jit/JITToDFGDeferredCompilationCallback.h: Removed.
* llint/LLIntEntrypoints.cpp:
(JSC::LLInt::getFunctionEntrypoint):
(JSC::LLInt::getEvalEntrypoint):
(JSC::LLInt::getProgramEntrypoint):
* llint/LLIntEntrypoints.h:
(JSC::LLInt::getEntrypoint):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::jitCompileAndSetHeuristics):
(JSC::LLInt::setUpCall):
* runtime/ArrayPrototype.cpp:
(JSC::isNumericCompareFunction):
* runtime/CommonSlowPaths.cpp:
* runtime/CompilationResult.cpp:
(WTF::printInternal):
* runtime/CompilationResult.h:
* runtime/Executable.cpp:
(JSC::EvalExecutable::compileOptimized):
(JSC::EvalExecutable::jitCompile):
(JSC::EvalExecutable::compileInternal):
(JSC::EvalExecutable::replaceWithDeferredOptimizedCode):
(JSC::ProgramExecutable::compileOptimized):
(JSC::ProgramExecutable::jitCompile):
(JSC::ProgramExecutable::compileInternal):
(JSC::ProgramExecutable::replaceWithDeferredOptimizedCode):
(JSC::FunctionExecutable::compileOptimizedForCall):
(JSC::FunctionExecutable::compileOptimizedForConstruct):
(JSC::FunctionExecutable::jitCompileForCall):
(JSC::FunctionExecutable::jitCompileForConstruct):
(JSC::FunctionExecutable::produceCodeBlockFor):
(JSC::FunctionExecutable::compileForCallInternal):
(JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForCall):
(JSC::FunctionExecutable::compileForConstructInternal):
(JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForConstruct):
* runtime/Executable.h:
(JSC::ExecutableBase::offsetOfJITCodeWithArityCheckFor):
(JSC::ExecutableBase::offsetOfNumParametersFor):
(JSC::ExecutableBase::catchRoutineFor):
(JSC::EvalExecutable::compile):
(JSC::ProgramExecutable::compile):
(JSC::FunctionExecutable::compileForCall):
(JSC::FunctionExecutable::compileForConstruct):
(JSC::FunctionExecutable::compileFor):
(JSC::FunctionExecutable::compileOptimizedFor):
(JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeFor):
(JSC::FunctionExecutable::jitCompileFor):
* runtime/ExecutionHarness.h: Added.
(JSC::prepareForExecutionImpl):
(JSC::prepareFunctionForExecutionImpl):
(JSC::installOptimizedCode):
(JSC::prepareForExecution):
(JSC::prepareFunctionForExecution):
(JSC::replaceWithDeferredOptimizedCode):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154814 268f45cc-cd09-0410-ab3c-d52691b4dbfc