- 10 Sep, 2013 1 commit
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120912 Reviewed by Geoffrey Garen. Source/JavaScriptCore: Add support for ES6 WeakMap. Add the cluster of boilerplate classes around the core WeakMapData class. WeakMapData is a simple object->value hash table that uses a combo of WeakReferenceHarvester to conditionally keep the weak value reference live, and UnconditionalFinalizer to clean the dead keys from the table post-GC. * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * runtime/CommonIdentifiers.h: * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::weakMapDataStructure): * runtime/JSWeakMap.cpp: Added. (JSC::JSWeakMap::finishCreation): (JSC::JSWeakMap::visitChildren): * runtime/JSWeakMap.h: Added. (JSC::JSWeakMap::createStructure): (JSC::JSWeakMap::create): (JSC::JSWeakMap::weakMapData): (JSC::JSWeakMap::JSWeakMap): * runtime/WeakMapConstructor.cpp: Added. (JSC::WeakMapConstructor::finishCreation): (JSC::constructWeakMap): (JSC::WeakMapConstructor::getConstructData): (JSC::WeakMapConstructor::getCallData): * runtime/WeakMapConstructor.h: Added. (JSC::WeakMapConstructor::create): (JSC::WeakMapConstructor::createStructure): (JSC::WeakMapConstructor::WeakMapConstructor): * runtime/WeakMapData.cpp: Added. (JSC::WeakMapData::WeakMapData): (JSC::WeakMapData::finishCreation): (JSC::WeakMapData::destroy): (JSC::WeakMapData::visitChildren): (JSC::WeakMapData::set): (JSC::WeakMapData::get): (JSC::WeakMapData::remove): (JSC::WeakMapData::contains): (JSC::WeakMapData::clear): (JSC::WeakMapData::DeadKeyCleaner::visitWeakReferences): (JSC::WeakMapData::DeadKeyCleaner::finalizeUnconditionally): * runtime/WeakMapData.h: Added. (JSC::WeakMapData::create): (JSC::WeakMapData::createStructure): (JSC::WeakMapData::DeadKeyCleaner::DeadKeyCleaner): * runtime/WeakMapPrototype.cpp: Added. (JSC::WeakMapPrototype::finishCreation): (JSC::getWeakMapData): (JSC::protoFuncWeakMapClear): (JSC::protoFuncWeakMapDelete): (JSC::protoFuncWeakMapGet): (JSC::protoFuncWeakMapHas): (JSC::protoFuncWeakMapSet): * runtime/WeakMapPrototype.h: Added. (JSC::WeakMapPrototype::create): (JSC::WeakMapPrototype::createStructure): (JSC::WeakMapPrototype::WeakMapPrototype): LayoutTests: Basic tests. * js/basic-weakmap-expected.txt: Added. * js/basic-weakmap.html: Added. * js/script-tests/basic-weakmap.js: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155473 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 05 Sep, 2013 1 commit
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120801 Reviewed by Gavin Barraclough. Add an iterator macro that lists all the "simple" ES types (e.g. type consists of instance, constructor, and prototype classes). So that we don't need to have every new type litter JSGlobalObject.{cpp,h} with members, accessors, and manual GC visiting. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155177 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 30 Aug, 2013 1 commit
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120549 Reviewed by Filip Pizlo. Source/JavaScriptCore: We simply reuse the MapData type from JSMap making the it much simpler. * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/CommonIdentifiers.h: * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::setStructure): * runtime/JSSet.cpp: Added. (JSC::JSSet::visitChildren): (JSC::JSSet::finishCreation): * runtime/JSSet.h: Added. (JSC::JSSet::createStructure): (JSC::JSSet::create): (JSC::JSSet::mapData): (JSC::JSSet::JSSet): * runtime/SetConstructor.cpp: Added. (JSC::SetConstructor::finishCreation): (JSC::callSet): (JSC::constructSet): (JSC::SetConstructor::getConstructData): (JSC::SetConstructor::getCallData): * runtime/SetConstructor.h: Added. (JSC::SetConstructor::create): (JSC::SetConstructor::createStructure): (JSC::SetConstructor::SetConstructor): * runtime/SetPrototype.cpp: Added. (JSC::SetPrototype::finishCreation): (JSC::getMapData): (JSC::setProtoFuncAdd): (JSC::setProtoFuncClear): (JSC::setProtoFuncDelete): (JSC::setProtoFuncForEach): (JSC::setProtoFuncHas): (JSC::setProtoFuncSize): * runtime/SetPrototype.h: Added. (JSC::SetPrototype::create): (JSC::SetPrototype::createStructure): (JSC::SetPrototype::SetPrototype): LayoutTests: Add tests * fast/js/basic-set-expected.txt: Added. * fast/js/basic-set.html: Added. * fast/js/script-tests/basic-set.js: Added. (set new): (otherString.string_appeared_here.set add): (try.set forEach): (set forEach): (set gc): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154916 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 29 Aug, 2013 2 commits
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120333 Reviewed by Geoffrey Garen. Source/JavaScriptCore: Implement support for the ES6 Map type and related classes. * JavaScriptCore.xcodeproj/project.pbxproj: * heap/CopyToken.h: Add a new token to track copying the backing store * runtime/CommonIdentifiers.h: Add new identifiers * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Add new structures and prototypes * runtime/JSMap.cpp: Added. * runtime/JSMap.h: Added. New JSMap class to represent a Map instance * runtime/MapConstructor.cpp: Added. * runtime/MapConstructor.h: Added. The Map constructor * runtime/MapData.cpp: Added. * runtime/MapData.h: Added. The most interesting data structure. The roughly corresponds to the ES6 notion of MapData. It provides the core JSValue->JSValue map implementation. We implement it using 2 hashtables and a flat table. Due to the different semantics of string comparisons vs. all others we need have one map keyed by String and the other by generic JSValue. The actual table is represented more or less exactly as described in the ES6 draft - a single contiguous list of key/value pairs. The entire map could be achieved with just this table, however we need the HashMaps in order to maintain O(1) lookup. Deleted values are simply cleared as the draft says, however the implementation compacts the storage on copy as long as the are no active iterators. * runtime/MapPrototype.cpp: Added. * runtime/MapPrototype.h: Added. Implement Map prototype functions * runtime/VM.cpp: Add new structures. LayoutTests: Tests * fast/js/basic-map-expected.txt: Added. * fast/js/basic-map.html: Added. * fast/js/script-tests/basic-map.js: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154861 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
weinig@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * Source/autotools/SetupWebKitFeatures.m4: * Source/cmake/WebKitFeatures.cmake: * Source/cmakeconfig.h.cmake: Source/JavaScriptCore: Add ENABLE guards for Promises https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * Configurations/FeatureDefines.xcconfig: * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: * runtime/JSPromise.cpp: * runtime/JSPromise.h: * runtime/JSPromiseCallback.cpp: * runtime/JSPromiseCallback.h: * runtime/JSPromiseConstructor.cpp: * runtime/JSPromiseConstructor.h: * runtime/JSPromisePrototype.cpp: * runtime/JSPromisePrototype.h: * runtime/JSPromiseResolver.cpp: * runtime/JSPromiseResolver.h: * runtime/JSPromiseResolverConstructor.cpp: * runtime/JSPromiseResolverConstructor.h: * runtime/JSPromiseResolverPrototype.cpp: * runtime/JSPromiseResolverPrototype.h: Source/WebCore: Add ENABLE guards for Promises https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * Configurations/FeatureDefines.xcconfig: Source/WebKit/mac: Add ENABLE gaurds for Promises https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * Configurations/FeatureDefines.xcconfig: Source/WebKit2: Add ENABLE gaurds for Promises https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * Configurations/FeatureDefines.xcconfig: Source/WTF: Add ENABLE guards for Promises https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * wtf/FeatureDefines.h: Tools: Add ENABLE guards for Promises https://bugs.webkit.org/show_bug.cgi?id=120488 Reviewed by Andreas Kling. * Scripts/webkitperl/FeatureList.pm: * qmake/mkspecs/features/features.pri: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154847 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 26 Aug, 2013 1 commit
-
-
weinig@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120260 Reviewed by Darin Adler. Source/JavaScriptCore: Add an initial implementation of Promises - http://dom.spec.whatwg.org/#promises. - Despite Promises being defined in the DOM, the implementation is being put in JSC in preparation for the Promises eventually being defined in ECMAScript. * CMakeLists.txt: * DerivedSources.make: * DerivedSources.pri: * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: Add new files. * jsc.cpp: Update jsc's GlobalObjectMethodTable to stub out the new QueueTaskToEventLoop callback. This mean's you can't quite use Promises with with the command line tool yet. * interpreter/CallFrame.h: (JSC::ExecState::promisePrototypeTable): (JSC::ExecState::promiseConstructorTable): (JSC::ExecState::promiseResolverPrototypeTable): * runtime/VM.cpp: (JSC::VM::VM): (JSC::VM::~VM): * runtime/VM.h: Add supporting code for the new static lookup tables. * runtime/CommonIdentifiers.h: Add 3 new identifiers, "Promise", "PromiseResolver", and "then". * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): Add supporting code Promise and PromiseResolver's constructors and structures. * runtime/JSGlobalObject.h: (JSC::TaskContext::~TaskContext): Add a new callback to the GlobalObjectMethodTable to post a task on the embedder's runloop. (JSC::JSGlobalObject::promisePrototype): (JSC::JSGlobalObject::promiseResolverPrototype): (JSC::JSGlobalObject::promiseStructure): (JSC::JSGlobalObject::promiseResolverStructure): (JSC::JSGlobalObject::promiseCallbackStructure): (JSC::JSGlobalObject::promiseWrapperCallbackStructure): Add supporting code Promise and PromiseResolver's constructors and structures. * runtime/JSPromise.cpp: Added. * runtime/JSPromise.h: Added. * runtime/JSPromiseCallback.cpp: Added. * runtime/JSPromiseCallback.h: Added. * runtime/JSPromiseConstructor.cpp: Added. * runtime/JSPromiseConstructor.h: Added. * runtime/JSPromisePrototype.cpp: Added. * runtime/JSPromisePrototype.h: Added. * runtime/JSPromiseResolver.cpp: Added. * runtime/JSPromiseResolver.h: Added. * runtime/JSPromiseResolverConstructor.cpp: Added. * runtime/JSPromiseResolverConstructor.h: Added. * runtime/JSPromiseResolverPrototype.cpp: Added. * runtime/JSPromiseResolverPrototype.h: Added. Add Promise implementation. Source/WebCore: Add an initial implementation of Promises - http://dom.spec.whatwg.org/#promises. - Despite Promises being defined in the DOM, the implementation is being put in JSC in preparation for the Promises eventually being defined in ECMAScript. Tests: fast/js/Promise-already-fulfilled.html fast/js/Promise-already-rejected.html fast/js/Promise-already-resolved.html fast/js/Promise-catch-in-workers.html fast/js/Promise-catch.html fast/js/Promise-chain.html fast/js/Promise-exception.html fast/js/Promise-fulfill-in-workers.html fast/js/Promise-fulfill.html fast/js/Promise-init-in-workers.html fast/js/Promise-init.html fast/js/Promise-reject-in-workers.html fast/js/Promise-reject.html fast/js/Promise-resolve-chain.html fast/js/Promise-resolve-in-workers.html fast/js/Promise-resolve-with-then-exception.html fast/js/Promise-resolve-with-then-fulfill.html fast/js/Promise-resolve-with-then-reject.html fast/js/Promise-resolve.html fast/js/Promise-simple-fulfill-inside-callback.html fast/js/Promise-simple-fulfill.html fast/js/Promise-simple-in-workers.html fast/js/Promise-simple.html fast/js/Promise-static-fulfill.html fast/js/Promise-static-reject.html fast/js/Promise-static-resolve.html fast/js/Promise-then-in-workers.html fast/js/Promise-then-without-callbacks-in-workers.html fast/js/Promise-then-without-callbacks.html fast/js/Promise-then.html fast/js/Promise-types.html fast/js/Promise.html * GNUmakefile.list.am: * Target.pri: * UseJSC.cmake: * WebCore.vcxproj/WebCore.vcxproj: * WebCore.vcxproj/WebCore.vcxproj.filters: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSBindingsAllInOne.cpp: Add new files. * bindings/js/JSDOMGlobalObjectTask.cpp: Added. (WebCore::JSGlobalObjectCallback::create): (WebCore::JSGlobalObjectCallback::~JSGlobalObjectCallback): (WebCore::JSGlobalObjectCallback::call): (WebCore::JSGlobalObjectCallback::JSGlobalObjectCallback): (WebCore::JSGlobalObjectTask::JSGlobalObjectTask): (WebCore::JSGlobalObjectTask::~JSGlobalObjectTask): (WebCore::JSGlobalObjectTask::performTask): * bindings/js/JSDOMGlobalObjectTask.h: Added. (WebCore::JSGlobalObjectTask::create): Add a new task type to be used with the GlobalObjectMethodTable's new QueueTaskToEventLoop callback. * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::queueTaskToEventLoop): * bindings/js/JSDOMWindowBase.h: Implement the GlobalObjectMethodTable callback, QueueTaskToEventLoop. * bindings/js/JSMainThreadExecState.h: All using JSMainThreadExecState as a simple RAII object. * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::JSWorkerGlobalScopeBase): (WebCore::JSWorkerGlobalScopeBase::allowsAccessFrom): (WebCore::JSWorkerGlobalScopeBase::supportsProfiling): (WebCore::JSWorkerGlobalScopeBase::supportsRichSourceInfo): (WebCore::JSWorkerGlobalScopeBase::shouldInterruptScript): (WebCore::JSWorkerGlobalScopeBase::javaScriptExperimentsEnabled): (WebCore::JSWorkerGlobalScopeBase::queueTaskToEventLoop): * bindings/js/JSWorkerGlobalScopeBase.h: Add a GlobalObjectMethodTable and implement QueueTaskToEventLoop. Forward the other callbacks to JSGlobalObject so they retain their existing behavior. LayoutTests: Add tests adapted from the Mozilla and Blink projects. * fast/js/Promise-already-fulfilled-expected.txt: Added. * fast/js/Promise-already-fulfilled.html: Added. * fast/js/Promise-already-rejected-expected.txt: Added. * fast/js/Promise-already-rejected.html: Added. * fast/js/Promise-already-resolved-expected.txt: Added. * fast/js/Promise-already-resolved.html: Added. * fast/js/Promise-catch-expected.txt: Added. * fast/js/Promise-catch-in-workers-expected.txt: Added. * fast/js/Promise-catch-in-workers.html: Added. * fast/js/Promise-catch.html: Added. * fast/js/Promise-chain-expected.txt: Added. * fast/js/Promise-chain.html: Added. * fast/js/Promise-exception-expected.txt: Added. * fast/js/Promise-exception.html: Added. * fast/js/Promise-expected.txt: Added. * fast/js/Promise-fulfill-expected.txt: Added. * fast/js/Promise-fulfill-in-workers-expected.txt: Added. * fast/js/Promise-fulfill-in-workers.html: Added. * fast/js/Promise-fulfill.html: Added. * fast/js/Promise-init-expected.txt: Added. * fast/js/Promise-init-in-workers-expected.txt: Added. * fast/js/Promise-init-in-workers.html: Added. * fast/js/Promise-init.html: Added. * fast/js/Promise-reject-expected.txt: Added. * fast/js/Promise-reject-in-workers-expected.txt: Added. * fast/js/Promise-reject-in-workers.html: Added. * fast/js/Promise-reject.html: Added. * fast/js/Promise-resolve-chain-expected.txt: Added. * fast/js/Promise-resolve-chain.html: Added. * fast/js/Promise-resolve-expected.txt: Added. * fast/js/Promise-resolve-in-workers-expected.txt: Added. * fast/js/Promise-resolve-in-workers.html: Added. * fast/js/Promise-resolve-with-then-exception-expected.txt: Added. * fast/js/Promise-resolve-with-then-exception.html: Added. * fast/js/Promise-resolve-with-then-fulfill-expected.txt: Added. * fast/js/Promise-resolve-with-then-fulfill.html: Added. * fast/js/Promise-resolve-with-then-reject-expected.txt: Added. * fast/js/Promise-resolve-with-then-reject.html: Added. * fast/js/Promise-resolve.html: Added. * fast/js/Promise-simple-expected.txt: Added. * fast/js/Promise-simple-fulfill-expected.txt: Added. * fast/js/Promise-simple-fulfill-inside-callback-expected.txt: Added. * fast/js/Promise-simple-fulfill-inside-callback.html: Added. * fast/js/Promise-simple-fulfill.html: Added. * fast/js/Promise-simple-in-workers-expected.txt: Added. * fast/js/Promise-simple-in-workers.html: Added. * fast/js/Promise-simple.html: Added. * fast/js/Promise-static-fulfill-expected.txt: Added. * fast/js/Promise-static-fulfill.html: Added. * fast/js/Promise-static-reject-expected.txt: Added. * fast/js/Promise-static-reject.html: Added. * fast/js/Promise-static-resolve-expected.txt: Added. * fast/js/Promise-static-resolve.html: Added. * fast/js/Promise-then-expected.txt: Added. * fast/js/Promise-then-in-workers-expected.txt: Added. * fast/js/Promise-then-in-workers.html: Added. * fast/js/Promise-then-without-callbacks-expected.txt: Added. * fast/js/Promise-then-without-callbacks-in-workers-expected.txt: Added. * fast/js/Promise-then-without-callbacks-in-workers.html: Added. * fast/js/Promise-then-without-callbacks.html: Added. * fast/js/Promise-then.html: Added. * fast/js/Promise-types-expected.txt: Added. * fast/js/Promise-types.html: Added. * fast/js/Promise.html: Added. * fast/js/resources/Promise-catch-in-workers.js: Added. * fast/js/resources/Promise-fulfill-in-workers.js: Added. * fast/js/resources/Promise-init-in-workers.js: Added. * fast/js/resources/Promise-reject-in-workers.js: Added. * fast/js/resources/Promise-resolve-in-workers.js: Added. * fast/js/resources/Promise-simple-in-workers.js: Added. * fast/js/resources/Promise-then-in-workers.js: Added. * fast/js/resources/Promise-then-without-callbacks-in-workers.js: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154629 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 22 Aug, 2013 1 commit
-
-
barraclough@apple.com authored
Remove putDirectVirtual Reviewed by Sam Weinig. This could most generously be described as 'vestigial'. No performance impact. * API/JSObjectRef.cpp: (JSObjectSetProperty): - changed to use defineOwnProperty * debugger/DebuggerActivation.cpp: * debugger/DebuggerActivation.h: - remove putDirectVirtual * interpreter/Interpreter.cpp: (JSC::Interpreter::execute): - changed to use defineOwnProperty * runtime/ClassInfo.h: * runtime/JSActivation.cpp: * runtime/JSActivation.h: * runtime/JSCell.cpp: * runtime/JSCell.h: * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: * runtime/JSObject.cpp: * runtime/JSObject.h: * runtime/JSProxy.cpp: * runtime/JSProxy.h: * runtime/JSSymbolTableObject.cpp: * runtime/JSSymbolTableObject.h: - remove putDirectVirtual * runtime/PropertyDescriptor.h: (JSC::PropertyDescriptor::PropertyDescriptor): - added constructor for convenience git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154459 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 21 Aug, 2013 2 commits
-
-
barraclough@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=120144 Reviewed by Sam Weinig. Add methods to JSGlobalObject to declare vars, consts, and functions. * runtime/Executable.cpp: (JSC::ProgramExecutable::initializeGlobalProperties): * runtime/Executable.h: - Moved declaration code to JSGlobalObject * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::addGlobalVar): - internal implementation of addVar, addConst, addFunction * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::addVar): (JSC::JSGlobalObject::addConst): (JSC::JSGlobalObject::addFunction): - Added methods to declare vars, consts, and functions git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154434 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
barraclough@apple.com authored
PropertyDescriptor argument to define methods should be const Rubber stamped by Sam Weinig. This should never be modified, and this way we can use rvalues. Source/JavaScriptCore: * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::defineOwnProperty): * debugger/DebuggerActivation.h: * runtime/Arguments.cpp: (JSC::Arguments::defineOwnProperty): * runtime/Arguments.h: * runtime/ClassInfo.h: * runtime/JSArray.cpp: (JSC::JSArray::defineOwnProperty): * runtime/JSArray.h: * runtime/JSArrayBuffer.cpp: (JSC::JSArrayBuffer::defineOwnProperty): * runtime/JSArrayBuffer.h: * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::defineOwnProperty): * runtime/JSArrayBufferView.h: * runtime/JSCell.cpp: (JSC::JSCell::defineOwnProperty): * runtime/JSCell.h: * runtime/JSFunction.cpp: (JSC::JSFunction::defineOwnProperty): * runtime/JSFunction.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::::defineOwnProperty): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::defineOwnProperty): * runtime/JSGlobalObject.h: * runtime/JSObject.cpp: (JSC::JSObject::putIndexedDescriptor): (JSC::JSObject::defineOwnIndexedProperty): (JSC::putDescriptor): (JSC::JSObject::defineOwnNonIndexProperty): (JSC::JSObject::defineOwnProperty): * runtime/JSObject.h: * runtime/JSProxy.cpp: (JSC::JSProxy::defineOwnProperty): * runtime/JSProxy.h: * runtime/RegExpMatchesArray.h: (JSC::RegExpMatchesArray::defineOwnProperty): * runtime/RegExpObject.cpp: (JSC::RegExpObject::defineOwnProperty): * runtime/RegExpObject.h: * runtime/StringObject.cpp: (JSC::StringObject::defineOwnProperty): * runtime/StringObject.h: - make PropertyDescriptor const Source/WebCore: * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::defineOwnProperty): * bindings/js/JSLocationCustom.cpp: (WebCore::JSLocation::defineOwnProperty): (WebCore::JSLocationPrototype::defineOwnProperty): * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): - make PropertyDescriptor const git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154422 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 20 Aug, 2013 1 commit
-
-
barraclough@apple.com authored
Remove getOwnPropertyDescriptor trap Reviewed by Geoff Garen. All implementations of this method are now called via the method table, and equivalent in behaviour. Remove all duplicate implementations (and the method table trap), and add a single member function implementation on JSObject. Source/JavaScriptCore: * API/JSCallbackObject.h: * API/JSCallbackObjectFunctions.h: * debugger/DebuggerActivation.cpp: * debugger/DebuggerActivation.h: * runtime/Arguments.cpp: * runtime/Arguments.h: * runtime/ArrayConstructor.cpp: * runtime/ArrayConstructor.h: * runtime/ArrayPrototype.cpp: * runtime/ArrayPrototype.h: * runtime/BooleanPrototype.cpp: * runtime/BooleanPrototype.h: - remove getOwnPropertyDescriptor * runtime/ClassInfo.h: - remove getOwnPropertyDescriptor from MethodTable * runtime/DateConstructor.cpp: * runtime/DateConstructor.h: * runtime/DatePrototype.cpp: * runtime/DatePrototype.h: * runtime/ErrorPrototype.cpp: * runtime/ErrorPrototype.h: * runtime/JSActivation.cpp: * runtime/JSActivation.h: * runtime/JSArray.cpp: * runtime/JSArray.h: * runtime/JSArrayBuffer.cpp: * runtime/JSArrayBuffer.h: * runtime/JSArrayBufferView.cpp: * runtime/JSArrayBufferView.h: * runtime/JSCell.cpp: * runtime/JSCell.h: * runtime/JSDataView.cpp: * runtime/JSDataView.h: * runtime/JSDataViewPrototype.cpp: * runtime/JSDataViewPrototype.h: * runtime/JSFunction.cpp: * runtime/JSFunction.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: * runtime/JSNotAnObject.cpp: * runtime/JSNotAnObject.h: * runtime/JSONObject.cpp: * runtime/JSONObject.h: - remove getOwnPropertyDescriptor * runtime/JSObject.cpp: (JSC::JSObject::propertyIsEnumerable): - switch to call new getOwnPropertyDescriptor member function (JSC::JSObject::getOwnPropertyDescriptor): - new, based on imlementation from GET_OWN_PROPERTY_DESCRIPTOR_IMPL (JSC::JSObject::defineOwnNonIndexProperty): - switch to call new getOwnPropertyDescriptor member function * runtime/JSObject.h: * runtime/JSProxy.cpp: * runtime/JSProxy.h: * runtime/NamePrototype.cpp: * runtime/NamePrototype.h: * runtime/NumberConstructor.cpp: * runtime/NumberConstructor.h: * runtime/NumberPrototype.cpp: * runtime/NumberPrototype.h: - remove getOwnPropertyDescriptor * runtime/ObjectConstructor.cpp: (JSC::objectConstructorGetOwnPropertyDescriptor): (JSC::objectConstructorSeal): (JSC::objectConstructorFreeze): (JSC::objectConstructorIsSealed): (JSC::objectConstructorIsFrozen): - switch to call new getOwnPropertyDescriptor member function * runtime/ObjectConstructor.h: - remove getOwnPropertyDescriptor * runtime/PropertyDescriptor.h: - remove GET_OWN_PROPERTY_DESCRIPTOR_IMPL * runtime/RegExpConstructor.cpp: * runtime/RegExpConstructor.h: * runtime/RegExpMatchesArray.cpp: * runtime/RegExpMatchesArray.h: * runtime/RegExpObject.cpp: * runtime/RegExpObject.h: * runtime/RegExpPrototype.cpp: * runtime/RegExpPrototype.h: * runtime/StringConstructor.cpp: * runtime/StringConstructor.h: * runtime/StringObject.cpp: * runtime/StringObject.h: - remove getOwnPropertyDescriptor Source/WebCore: * WebCore.exp.in: * bindings/js/JSDOMWindowCustom.cpp: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateConstructorDeclaration): (GenerateConstructorHelperMethods): * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: * bindings/scripts/test/JS/JSTestActiveDOMObject.h: * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: * bindings/scripts/test/JS/JSTestCustomNamedGetter.h: * bindings/scripts/test/JS/JSTestEventConstructor.cpp: * bindings/scripts/test/JS/JSTestEventConstructor.h: * bindings/scripts/test/JS/JSTestEventTarget.cpp: * bindings/scripts/test/JS/JSTestEventTarget.h: * bindings/scripts/test/JS/JSTestException.cpp: * bindings/scripts/test/JS/JSTestException.h: * bindings/scripts/test/JS/JSTestInterface.cpp: * bindings/scripts/test/JS/JSTestInterface.h: * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: * bindings/scripts/test/JS/JSTestMediaQueryListListener.h: * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: * bindings/scripts/test/JS/JSTestNamedConstructor.h: * bindings/scripts/test/JS/JSTestNode.cpp: * bindings/scripts/test/JS/JSTestNode.h: * bindings/scripts/test/JS/JSTestObj.cpp: * bindings/scripts/test/JS/JSTestObj.h: * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: * bindings/scripts/test/JS/JSTestTypedefs.cpp: * bindings/scripts/test/JS/JSTestTypedefs.h: * bridge/jsc/BridgeJSC.h: (JSC::Bindings::Instance::getOwnPropertySlot): * bridge/objc/objc_runtime.h: * bridge/objc/objc_runtime.mm: * bridge/runtime_array.cpp: * bridge/runtime_array.h: * bridge/runtime_method.cpp: * bridge/runtime_method.h: * bridge/runtime_object.cpp: * bridge/runtime_object.h: - remove getOwnPropertyDescriptor Source/WebKit2: * WebProcess/Plugins/Netscape/JSNPObject.cpp: * WebProcess/Plugins/Netscape/JSNPObject.h: - remove getOwnPropertyDescriptor git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154373 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 15 Aug, 2013 1 commit
-
-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=119064 .: Reviewed by Oliver Hunt. Automake work courtesy of Zan Dobersek <zdobersek@igalia.com>. * Source/autotools/symbols.filter: Source/JavaScriptCore: Reviewed by Oliver Hunt. Typed arrays were previously deficient in several major ways: - They were defined separately in WebCore and in the jsc shell. The two implementations were different, and the jsc shell one was basically wrong. The WebCore one was quite awful, also. - Typed arrays were not visible to the JIT except through some weird hooks. For example, the JIT could not ask "what is the Structure that this typed array would have if I just allocated it from this global object". Also, it was difficult to wire any of the typed array intrinsics, because most of the functionality wasn't visible anywhere in JSC. - Typed array allocation was brain-dead. Allocating a typed array involved two JS objects, two GC weak handles, and three malloc allocations. - Neutering. It involved keeping tabs on all native views but not the view wrappers, even though the native views can autoneuter just by asking the buffer if it was neutered anytime you touch them; while the JS view wrappers are the ones that you really want to reach out to. - Common case-ing. Most typed arrays have one buffer and one view, and usually nobody touches the buffer. Yet we created all of that stuff anyway, using data structures optimized for the case where you had a lot of views. - Semantic goofs. Typed arrays should, in the future, behave like ES features rather than DOM features, for example when it comes to exceptions. Firefox already does this and I agree with them. This patch cleanses our codebase of these sins: - Typed arrays are almost entirely defined in JSC. Only the lifecycle management of native references to buffers is left to WebCore. - Allocating a typed array requires either two GC allocations (a cell and a copied storage vector) or one GC allocation, a malloc allocation, and a weak handle (a cell and a malloc'd storage vector, plus a finalizer for the latter). The latter is only used for oversize arrays. Remember that before it was 7 allocations no matter what. - Typed arrays require just 4 words of overhead: Structure*, Butterfly*, mode/length, void* vector. Before it was a lot more than that - remember, there were five additional objects that did absolutely nothing for anybody. - Native views aren't tracked by the buffer, or by the wrappers. They are transient. In the future we'll probably switch to not even having them be malloc'd. - Native array buffers have an efficient way of tracking all of their JS view wrappers, both for neutering, and for lifecycle management. The GC special-cases native array buffers. This saves a bunch of grief; for example it means that a JS view wrapper can refer to its buffer via the butterfly, which would be dead by the time we went to finalize. - Typed array semantics now match Firefox, which also happens to be where the standards are going. The discussion on webkit-dev seemed to confirm that Chrome is also heading in this direction. This includes making Uint8ClampedArray not a subtype of Uint8Array, and getting rid of ArrayBufferView as a JS-visible construct. This is up to a 10x speed-up on programs that allocate a lot of typed arrays. It's a 1% speed-up on Octane. It also opens up a bunch of possibilities for further typed array optimizations in the JSC JITs, including inlining typed array allocation, inlining more of the accessors, reducing the cost of type checks, etc. An additional property of this patch is that typed arrays are mostly implemented using templates. This deduplicates a bunch of code, but does mean that we need some hacks for exporting s_info's of template classes. See JSGenericTypedArrayView.h and JSTypedArrays.cpp. Those hacks are fairly low-impact compared to code duplication. Automake work courtesy of Zan Dobersek <zdobersek@igalia.com>. * CMakeLists.txt: * DerivedSources.make: * GNUmakefile.list.am: * JSCTypedArrayStubs.h: Removed. * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * bytecode/ByValInfo.h: (JSC::hasOptimizableIndexingForClassInfo): (JSC::jitArrayModeForClassInfo): (JSC::typedArrayTypeForJITArrayMode): * bytecode/SpeculatedType.cpp: (JSC::speculationFromClassInfo): * dfg/DFGArrayMode.cpp: (JSC::DFG::toTypedArrayType): * dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::typedArrayType): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray): (JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray): (JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray): (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage): (JSC::DFG::SpeculativeJIT::compileGetArrayLength): * dfg/DFGSpeculativeJIT.h: * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * heap/CopyToken.h: * heap/DeferGC.h: (JSC::DeferGCForAWhile::DeferGCForAWhile): (JSC::DeferGCForAWhile::~DeferGCForAWhile): * heap/GCIncomingRefCounted.h: Added. (JSC::GCIncomingRefCounted::GCIncomingRefCounted): (JSC::GCIncomingRefCounted::~GCIncomingRefCounted): (JSC::GCIncomingRefCounted::numberOfIncomingReferences): (JSC::GCIncomingRefCounted::incomingReferenceAt): (JSC::GCIncomingRefCounted::singletonFlag): (JSC::GCIncomingRefCounted::hasVectorOfCells): (JSC::GCIncomingRefCounted::hasAnyIncoming): (JSC::GCIncomingRefCounted::hasSingleton): (JSC::GCIncomingRefCounted::singleton): (JSC::GCIncomingRefCounted::vectorOfCells): * heap/GCIncomingRefCountedInlines.h: Added. (JSC::::addIncomingReference): (JSC::::filterIncomingReferences): * heap/GCIncomingRefCountedSet.h: Added. (JSC::GCIncomingRefCountedSet::size): * heap/GCIncomingRefCountedSetInlines.h: Added. (JSC::::GCIncomingRefCountedSet): (JSC::::~GCIncomingRefCountedSet): (JSC::::addReference): (JSC::::sweep): (JSC::::removeAll): (JSC::::removeDead): * heap/Heap.cpp: (JSC::Heap::addReference): (JSC::Heap::extraSize): (JSC::Heap::size): (JSC::Heap::capacity): (JSC::Heap::collect): (JSC::Heap::decrementDeferralDepth): (JSC::Heap::decrementDeferralDepthAndGCIfNeeded): * heap/Heap.h: * interpreter/CallFrame.h: (JSC::ExecState::dataViewTable): * jit/JIT.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jsc.cpp: (GlobalObject::finishCreation): * runtime/ArrayBuffer.cpp: (JSC::ArrayBuffer::transfer): * runtime/ArrayBuffer.h: (JSC::ArrayBuffer::createAdopted): (JSC::ArrayBuffer::ArrayBuffer): (JSC::ArrayBuffer::gcSizeEstimateInBytes): (JSC::ArrayBuffer::pin): (JSC::ArrayBuffer::unpin): (JSC::ArrayBufferContents::tryAllocate): * runtime/ArrayBufferView.cpp: (JSC::ArrayBufferView::ArrayBufferView): (JSC::ArrayBufferView::~ArrayBufferView): (JSC::ArrayBufferView::setNeuterable): * runtime/ArrayBufferView.h: (JSC::ArrayBufferView::isNeutered): (JSC::ArrayBufferView::buffer): (JSC::ArrayBufferView::baseAddress): (JSC::ArrayBufferView::byteOffset): (JSC::ArrayBufferView::verifySubRange): (JSC::ArrayBufferView::clampOffsetAndNumElements): (JSC::ArrayBufferView::calculateOffsetAndLength): * runtime/ClassInfo.h: * runtime/CommonIdentifiers.h: * runtime/DataView.cpp: Added. (JSC::DataView::DataView): (JSC::DataView::create): (JSC::DataView::wrap): * runtime/DataView.h: Added. (JSC::DataView::byteLength): (JSC::DataView::getType): (JSC::DataView::get): (JSC::DataView::set): * runtime/Float32Array.h: * runtime/Float64Array.h: * runtime/GenericTypedArrayView.h: Added. (JSC::GenericTypedArrayView::data): (JSC::GenericTypedArrayView::set): (JSC::GenericTypedArrayView::setRange): (JSC::GenericTypedArrayView::zeroRange): (JSC::GenericTypedArrayView::zeroFill): (JSC::GenericTypedArrayView::length): (JSC::GenericTypedArrayView::byteLength): (JSC::GenericTypedArrayView::item): (JSC::GenericTypedArrayView::checkInboundData): (JSC::GenericTypedArrayView::getType): * runtime/GenericTypedArrayViewInlines.h: Added. (JSC::::GenericTypedArrayView): (JSC::::create): (JSC::::createUninitialized): (JSC::::subarray): (JSC::::wrap): * runtime/IndexingHeader.h: (JSC::IndexingHeader::arrayBuffer): (JSC::IndexingHeader::setArrayBuffer): * runtime/Int16Array.h: * runtime/Int32Array.h: * runtime/Int8Array.h: * runtime/JSArrayBuffer.cpp: Added. (JSC::JSArrayBuffer::JSArrayBuffer): (JSC::JSArrayBuffer::finishCreation): (JSC::JSArrayBuffer::create): (JSC::JSArrayBuffer::createStructure): (JSC::JSArrayBuffer::getOwnPropertySlot): (JSC::JSArrayBuffer::getOwnPropertyDescriptor): (JSC::JSArrayBuffer::put): (JSC::JSArrayBuffer::defineOwnProperty): (JSC::JSArrayBuffer::deleteProperty): (JSC::JSArrayBuffer::getOwnNonIndexPropertyNames): * runtime/JSArrayBuffer.h: Added. (JSC::JSArrayBuffer::impl): (JSC::toArrayBuffer): * runtime/JSArrayBufferConstructor.cpp: Added. (JSC::JSArrayBufferConstructor::JSArrayBufferConstructor): (JSC::JSArrayBufferConstructor::finishCreation): (JSC::JSArrayBufferConstructor::create): (JSC::JSArrayBufferConstructor::createStructure): (JSC::constructArrayBuffer): (JSC::JSArrayBufferConstructor::getConstructData): (JSC::JSArrayBufferConstructor::getCallData): * runtime/JSArrayBufferConstructor.h: Added. * runtime/JSArrayBufferPrototype.cpp: Added. (JSC::arrayBufferProtoFuncSlice): (JSC::JSArrayBufferPrototype::JSArrayBufferPrototype): (JSC::JSArrayBufferPrototype::finishCreation): (JSC::JSArrayBufferPrototype::create): (JSC::JSArrayBufferPrototype::createStructure): * runtime/JSArrayBufferPrototype.h: Added. * runtime/JSArrayBufferView.cpp: Added. (JSC::JSArrayBufferView::ConstructionContext::ConstructionContext): (JSC::JSArrayBufferView::JSArrayBufferView): (JSC::JSArrayBufferView::finishCreation): (JSC::JSArrayBufferView::getOwnPropertySlot): (JSC::JSArrayBufferView::getOwnPropertyDescriptor): (JSC::JSArrayBufferView::put): (JSC::JSArrayBufferView::defineOwnProperty): (JSC::JSArrayBufferView::deleteProperty): (JSC::JSArrayBufferView::getOwnNonIndexPropertyNames): (JSC::JSArrayBufferView::finalize): * runtime/JSArrayBufferView.h: Added. (JSC::JSArrayBufferView::sizeOf): (JSC::JSArrayBufferView::ConstructionContext::operator!): (JSC::JSArrayBufferView::ConstructionContext::structure): (JSC::JSArrayBufferView::ConstructionContext::vector): (JSC::JSArrayBufferView::ConstructionContext::length): (JSC::JSArrayBufferView::ConstructionContext::mode): (JSC::JSArrayBufferView::ConstructionContext::butterfly): (JSC::JSArrayBufferView::mode): (JSC::JSArrayBufferView::vector): (JSC::JSArrayBufferView::length): (JSC::JSArrayBufferView::offsetOfVector): (JSC::JSArrayBufferView::offsetOfLength): (JSC::JSArrayBufferView::offsetOfMode): * runtime/JSArrayBufferViewInlines.h: Added. (JSC::JSArrayBufferView::slowDownAndWasteMemoryIfNecessary): (JSC::JSArrayBufferView::buffer): (JSC::JSArrayBufferView::impl): (JSC::JSArrayBufferView::neuter): (JSC::JSArrayBufferView::byteOffset): * runtime/JSCell.cpp: (JSC::JSCell::slowDownAndWasteMemory): (JSC::JSCell::getTypedArrayImpl): * runtime/JSCell.h: * runtime/JSDataView.cpp: Added. (JSC::JSDataView::JSDataView): (JSC::JSDataView::create): (JSC::JSDataView::createUninitialized): (JSC::JSDataView::set): (JSC::JSDataView::typedImpl): (JSC::JSDataView::getOwnPropertySlot): (JSC::JSDataView::getOwnPropertyDescriptor): (JSC::JSDataView::slowDownAndWasteMemory): (JSC::JSDataView::getTypedArrayImpl): (JSC::JSDataView::createStructure): * runtime/JSDataView.h: Added. * runtime/JSDataViewPrototype.cpp: Added. (JSC::JSDataViewPrototype::JSDataViewPrototype): (JSC::JSDataViewPrototype::create): (JSC::JSDataViewPrototype::createStructure): (JSC::JSDataViewPrototype::getOwnPropertySlot): (JSC::JSDataViewPrototype::getOwnPropertyDescriptor): (JSC::getData): (JSC::setData): (JSC::dataViewProtoFuncGetInt8): (JSC::dataViewProtoFuncGetInt16): (JSC::dataViewProtoFuncGetInt32): (JSC::dataViewProtoFuncGetUint8): (JSC::dataViewProtoFuncGetUint16): (JSC::dataViewProtoFuncGetUint32): (JSC::dataViewProtoFuncGetFloat32): (JSC::dataViewProtoFuncGetFloat64): (JSC::dataViewProtoFuncSetInt8): (JSC::dataViewProtoFuncSetInt16): (JSC::dataViewProtoFuncSetInt32): (JSC::dataViewProtoFuncSetUint8): (JSC::dataViewProtoFuncSetUint16): (JSC::dataViewProtoFuncSetUint32): (JSC::dataViewProtoFuncSetFloat32): (JSC::dataViewProtoFuncSetFloat64): * runtime/JSDataViewPrototype.h: Added. * runtime/JSFloat32Array.h: Added. * runtime/JSFloat64Array.h: Added. * runtime/JSGenericTypedArrayView.h: Added. (JSC::JSGenericTypedArrayView::byteLength): (JSC::JSGenericTypedArrayView::byteSize): (JSC::JSGenericTypedArrayView::typedVector): (JSC::JSGenericTypedArrayView::canGetIndexQuickly): (JSC::JSGenericTypedArrayView::canSetIndexQuickly): (JSC::JSGenericTypedArrayView::getIndexQuicklyAsNativeValue): (JSC::JSGenericTypedArrayView::getIndexQuicklyAsDouble): (JSC::JSGenericTypedArrayView::getIndexQuickly): (JSC::JSGenericTypedArrayView::setIndexQuicklyToNativeValue): (JSC::JSGenericTypedArrayView::setIndexQuicklyToDouble): (JSC::JSGenericTypedArrayView::setIndexQuickly): (JSC::JSGenericTypedArrayView::canAccessRangeQuickly): (JSC::JSGenericTypedArrayView::typedImpl): (JSC::JSGenericTypedArrayView::createStructure): (JSC::JSGenericTypedArrayView::info): (JSC::toNativeTypedView): * runtime/JSGenericTypedArrayViewConstructor.h: Added. * runtime/JSGenericTypedArrayViewConstructorInlines.h: Added. (JSC::::JSGenericTypedArrayViewConstructor): (JSC::::finishCreation): (JSC::::create): (JSC::::createStructure): (JSC::constructGenericTypedArrayView): (JSC::::getConstructData): (JSC::::getCallData): * runtime/JSGenericTypedArrayViewInlines.h: Added. (JSC::::JSGenericTypedArrayView): (JSC::::create): (JSC::::createUninitialized): (JSC::::validateRange): (JSC::::setWithSpecificType): (JSC::::set): (JSC::::getOwnPropertySlot): (JSC::::getOwnPropertyDescriptor): (JSC::::put): (JSC::::defineOwnProperty): (JSC::::deleteProperty): (JSC::::getOwnPropertySlotByIndex): (JSC::::putByIndex): (JSC::::deletePropertyByIndex): (JSC::::getOwnNonIndexPropertyNames): (JSC::::getOwnPropertyNames): (JSC::::visitChildren): (JSC::::copyBackingStore): (JSC::::slowDownAndWasteMemory): (JSC::::getTypedArrayImpl): * runtime/JSGenericTypedArrayViewPrototype.h: Added. * runtime/JSGenericTypedArrayViewPrototypeInlines.h: Added. (JSC::genericTypedArrayViewProtoFuncSet): (JSC::genericTypedArrayViewProtoFuncSubarray): (JSC::::JSGenericTypedArrayViewPrototype): (JSC::::finishCreation): (JSC::::create): (JSC::::createStructure): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::arrayBufferPrototype): (JSC::JSGlobalObject::arrayBufferStructure): (JSC::JSGlobalObject::typedArrayStructure): * runtime/JSInt16Array.h: Added. * runtime/JSInt32Array.h: Added. * runtime/JSInt8Array.h: Added. * runtime/JSTypedArrayConstructors.cpp: Added. * runtime/JSTypedArrayConstructors.h: Added. * runtime/JSTypedArrayPrototypes.cpp: Added. * runtime/JSTypedArrayPrototypes.h: Added. * runtime/JSTypedArrays.cpp: Added. * runtime/JSTypedArrays.h: Added. * runtime/JSUint16Array.h: Added. * runtime/JSUint32Array.h: Added. * runtime/JSUint8Array.h: Added. * runtime/JSUint8ClampedArray.h: Added. * runtime/Operations.h: * runtime/Options.h: * runtime/SimpleTypedArrayController.cpp: Added. (JSC::SimpleTypedArrayController::SimpleTypedArrayController): (JSC::SimpleTypedArrayController::~SimpleTypedArrayController): (JSC::SimpleTypedArrayController::toJS): * runtime/SimpleTypedArrayController.h: Added. * runtime/Structure.h: (JSC::Structure::couldHaveIndexingHeader): * runtime/StructureInlines.h: (JSC::Structure::hasIndexingHeader): * runtime/TypedArrayAdaptors.h: Added. (JSC::IntegralTypedArrayAdaptor::toNative): (JSC::IntegralTypedArrayAdaptor::toJSValue): (JSC::IntegralTypedArrayAdaptor::toDouble): (JSC::FloatTypedArrayAdaptor::toNative): (JSC::FloatTypedArrayAdaptor::toJSValue): (JSC::FloatTypedArrayAdaptor::toDouble): (JSC::Uint8ClampedAdaptor::toNative): (JSC::Uint8ClampedAdaptor::toJSValue): (JSC::Uint8ClampedAdaptor::toDouble): (JSC::Uint8ClampedAdaptor::clamp): * runtime/TypedArrayController.cpp: Added. (JSC::TypedArrayController::TypedArrayController): (JSC::TypedArrayController::~TypedArrayController): * runtime/TypedArrayController.h: Added. * runtime/TypedArrayDescriptor.h: Removed. * runtime/TypedArrayInlines.h: Added. * runtime/TypedArrayType.cpp: Added. (JSC::classInfoForType): (WTF::printInternal): * runtime/TypedArrayType.h: Added. (JSC::toIndex): (JSC::isTypedView): (JSC::elementSize): (JSC::isInt): (JSC::isFloat): (JSC::isSigned): (JSC::isClamped): * runtime/TypedArrays.h: Added. * runtime/Uint16Array.h: * runtime/Uint32Array.h: * runtime/Uint8Array.h: * runtime/Uint8ClampedArray.h: * runtime/VM.cpp: (JSC::VM::VM): (JSC::VM::~VM): * runtime/VM.h: Source/WebCore: Reviewed by Oliver Hunt. Typed arrays are now implemented in JavaScriptCore, and WebCore is merely a client of them. There is only one layering violation: WebCore installs a WebCoreTypedArrayController on VM, which makes the ArrayBuffer<->JSArrayBuffer relationship resemble DOM wrappers. By default, JSC makes the ownership go one way; the JSArrayBuffer keeps the ArrayBuffer alive but if ArrayBuffer is kept alive from native code then the JSArrayByffer may die. WebCoreTypedArrayController will keep the JSArrayBuffer alive if the ArrayBuffer is in the opaque root set. To make non-JSDOMWrappers behave like DOM wrappers, a bunch of code is changed to make most references to wrappers refer to JSObject* rather than JSDOMWrapper*. Array buffer views are now transient; the JS array buffer view wrappers don't own them or keep them alive. This required a bunch of changes to make bindings code use RefPtr<ArrayBufferView> to hold onto their views. Also there is a bunch of new code to make JSC-provided array buffers and views obey the toJS/to<ClassName> idiom for wrapping and unwrapping. Finally, the DataView API is now completely different: the JSDataView provides the same user-visible JS API but using its own internal magic; the C++ code that uses DataView now uses a rather different API that is not aware of usual DOM semantics, since it's in JSC and not WebCore. It's equally useful for all of WebCore's purposes, but some code had to change to adapt the new conventions. Some tests have been changed or rebased due to changes in behavior, that bring us into conformance with where the standards are going and allow us to match Firefox behavior. Automake work and some additional GTK changes courtesy of Zan Dobersek <zdobersek@igalia.com>. Additional Qt changes courtesy of Arunprasad Rajkumar <arurajku@cisco.com>. * CMakeLists.txt: * DerivedSources.make: * ForwardingHeaders/runtime/DataView.h: Added. * ForwardingHeaders/runtime/JSArrayBuffer.h: Added. * ForwardingHeaders/runtime/JSArrayBufferView.h: Added. * ForwardingHeaders/runtime/JSDataView.h: Added. * ForwardingHeaders/runtime/JSTypedArrays.h: Added. * ForwardingHeaders/runtime/TypedArrayController.h: Added. * ForwardingHeaders/runtime/TypedArrayInlines.h: Added. * ForwardingHeaders/runtime/TypedArrays.h: Added. * GNUmakefile.list.am: * Modules/webaudio/RealtimeAnalyser.h: * Target.pri: * UseJSC.cmake: * WebCore.exp.in: * WebCore.vcxproj/WebCore.vcxproj: * WebCore.xcodeproj/project.pbxproj: * bindings/js/DOMWrapperWorld.h: * bindings/js/JSArrayBufferCustom.cpp: Removed. * bindings/js/JSArrayBufferViewHelper.h: Removed. * bindings/js/JSAudioContextCustom.cpp: * bindings/js/JSBindingsAllInOne.cpp: * bindings/js/JSBlobCustom.cpp: * bindings/js/JSCSSRuleCustom.cpp: (WebCore::toJS): * bindings/js/JSCSSValueCustom.cpp: (WebCore::toJS): * bindings/js/JSCryptoCustom.cpp: (WebCore::JSCrypto::getRandomValues): * bindings/js/JSDOMBinding.h: (WebCore::wrapperOwner): (WebCore::wrapperContext): (WebCore::getInlineCachedWrapper): (WebCore::setInlineCachedWrapper): (WebCore::clearInlineCachedWrapper): (WebCore::getCachedWrapper): (WebCore::cacheWrapper): (WebCore::uncacheWrapper): (WebCore::wrap): (WebCore::toJS): (WebCore::toArrayBufferView): (WebCore::toInt8Array): (WebCore::toInt16Array): (WebCore::toInt32Array): (WebCore::toUint8Array): (WebCore::toUint8ClampedArray): (WebCore::toUint16Array): (WebCore::toUint32Array): (WebCore::toFloat32Array): (WebCore::toFloat64Array): (WebCore::toDataView): * bindings/js/JSDataViewCustom.cpp: Removed. * bindings/js/JSDictionary.cpp: * bindings/js/JSDictionary.h: * bindings/js/JSDocumentCustom.cpp: (WebCore::JSDocument::location): (WebCore::toJS): * bindings/js/JSEventCustom.cpp: (WebCore::toJS): * bindings/js/JSFileReaderCustom.cpp: * bindings/js/JSHTMLCollectionCustom.cpp: (WebCore::toJS): * bindings/js/JSHTMLTemplateElementCustom.cpp: (WebCore::JSHTMLTemplateElement::content): * bindings/js/JSImageDataCustom.cpp: (WebCore::toJS): * bindings/js/JSInjectedScriptHostCustom.cpp: * bindings/js/JSMessageEventCustom.cpp: * bindings/js/JSMessagePortCustom.cpp: * bindings/js/JSSVGPathSegCustom.cpp: (WebCore::toJS): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::toJS): * bindings/js/JSTrackCustom.cpp: (WebCore::toJS): * bindings/js/JSWebGLRenderingContextCustom.cpp: * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::send): * bindings/js/SerializedScriptValue.cpp: (WebCore::SerializedScriptValue::transferArrayBuffers): * bindings/js/WebCoreJSClientData.h: (WebCore::initNormalWorldClientData): * bindings/js/WebCoreTypedArrayController.cpp: Added. (WebCore::WebCoreTypedArrayController::WebCoreTypedArrayController): (WebCore::WebCoreTypedArrayController::~WebCoreTypedArrayController): (WebCore::WebCoreTypedArrayController::toJS): (WebCore::WebCoreTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): (WebCore::WebCoreTypedArrayController::JSArrayBufferOwner::finalize): * bindings/js/WebCoreTypedArrayController.h: Added. (WebCore::WebCoreTypedArrayController::wrapperOwner): * bindings/scripts/CodeGenerator.pm: (ForAllParents): (ParseInterface): (SkipIncludeHeader): (IsTypedArrayType): (IsWrapperType): * bindings/scripts/CodeGeneratorJS.pm: (AddIncludesForType): (GenerateHeader): (GenerateImplementation): (GenerateParametersCheck): (GetNativeType): (JSValueToNative): (NativeToJSValue): (GenerateConstructorDefinition): (GenerateConstructorHelperMethods): * fileapi/WebKitBlobBuilder.cpp: (WebCore::BlobBuilder::append): * fileapi/WebKitBlobBuilder.h: * html/canvas/ArrayBuffer.idl: Removed. * html/canvas/ArrayBufferView.idl: Removed. * html/canvas/DataView.cpp: Removed. * html/canvas/DataView.h: Removed. * html/canvas/DataView.idl: Removed. * html/canvas/Float32Array.idl: Removed. * html/canvas/Float64Array.idl: Removed. * html/canvas/Int16Array.idl: Removed. * html/canvas/Int32Array.idl: Removed. * html/canvas/Int8Array.idl: Removed. * html/canvas/Uint16Array.idl: Removed. * html/canvas/Uint32Array.idl: Removed. * html/canvas/Uint8Array.idl: Removed. * html/canvas/Uint8ClampedArray.idl: Removed. * html/canvas/WebGLRenderingContext.cpp: (WebCore::WebGLRenderingContext::readPixels): (WebCore::WebGLRenderingContext::validateTexFuncData): * page/Crypto.cpp: * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource): (WebCore::MediaPlayerPrivateAVFoundationObjC::extractKeyURIKeyIDAndCertificateFromInitData): * platform/graphics/filters/FECustomFilter.h: * platform/graphics/filters/FEGaussianBlur.cpp: * platform/graphics/filters/FilterEffect.cpp: * testing/MockCDM.cpp: Source/WebKit2: Reviewed by Oliver Hunt. You don't need to include JSUint8Array anymore if you just want to unwrap one; JSDOMBinding gives you all of the things you need. * WebProcess/InjectedBundle/InjectedBundle.cpp: Source/WTF: Reviewed by Oliver Hunt. - Added the notion of a reference counted object that can be marked Deferred, which is like a special-purpose upref. - Added a common byte flipper. Automake work courtesy of Zan Dobersek <zdobersek@igalia.com>. * GNUmakefile.list.am: * WTF.xcodeproj/project.pbxproj: * wtf/DeferrableRefCounted.h: Added. (WTF::DeferrableRefCountedBase::ref): (WTF::DeferrableRefCountedBase::hasOneRef): (WTF::DeferrableRefCountedBase::refCount): (WTF::DeferrableRefCountedBase::isDeferred): (WTF::DeferrableRefCountedBase::DeferrableRefCountedBase): (WTF::DeferrableRefCountedBase::~DeferrableRefCountedBase): (WTF::DeferrableRefCountedBase::derefBase): (WTF::DeferrableRefCountedBase::setIsDeferredBase): (WTF::DeferrableRefCounted::deref): (WTF::DeferrableRefCounted::setIsDeferred): (WTF::DeferrableRefCounted::DeferrableRefCounted): (WTF::DeferrableRefCounted::~DeferrableRefCounted): * wtf/FlipBytes.h: Added. (WTF::needToFlipBytesIfLittleEndian): (WTF::flipBytes): (WTF::flipBytesIfLittleEndian): LayoutTests: Reviewed by Oliver Hunt. * fast/canvas/webgl/array-set-invalid-arguments-expected.txt: * fast/canvas/webgl/array-set-out-of-bounds-expected.txt: * fast/canvas/webgl/array-unit-tests-expected.txt: * fast/canvas/webgl/array-unit-tests.html: * fast/canvas/webgl/data-view-crash-expected.txt: * fast/canvas/webgl/script-tests/arraybuffer-transfer-of-control.js: (checkView): * fast/dom/call-a-constructor-as-a-function-expected.txt: * fast/dom/call-a-constructor-as-a-function.html: * fast/js/constructor-length.html: * fast/js/global-constructors-attributes-dedicated-worker-expected.txt: * fast/js/global-constructors-attributes-expected.txt: * fast/js/global-constructors-attributes-shared-worker-expected.txt: * fast/js/regress/ArrayBuffer-Int8Array-alloc-expected.txt: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-huge-long-lived-expected.txt: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-huge-long-lived.html: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-large-long-lived-expected.txt: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-large-long-lived.html: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-long-lived-buffer-expected.txt: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-long-lived-buffer.html: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-long-lived-expected.txt: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc-long-lived.html: Added. * fast/js/regress/ArrayBuffer-Int8Array-alloc.html: Added. * fast/js/regress/Int32Array-Int8Array-view-alloc-expected.txt: Added. * fast/js/regress/Int32Array-Int8Array-view-alloc.html: Added. * fast/js/regress/Int32Array-alloc-expected.txt: Added. * fast/js/regress/Int32Array-alloc-huge-expected.txt: Added. * fast/js/regress/Int32Array-alloc-huge-long-lived-expected.txt: Added. * fast/js/regress/Int32Array-alloc-huge-long-lived.html: Added. * fast/js/regress/Int32Array-alloc-huge.html: Added. * fast/js/regress/Int32Array-alloc-large-expected.txt: Added. * fast/js/regress/Int32Array-alloc-large-long-lived-expected.txt: Added. * fast/js/regress/Int32Array-alloc-large-long-lived.html: Added. * fast/js/regress/Int32Array-alloc-large.html: Added. * fast/js/regress/Int32Array-alloc-long-lived-expected.txt: Added. * fast/js/regress/Int32Array-alloc-long-lived.html: Added. * fast/js/regress/Int32Array-alloc.html: Added. * fast/js/regress/script-tests/ArrayBuffer-Int8Array-alloc-huge-long-lived.js: Added. * fast/js/regress/script-tests/ArrayBuffer-Int8Array-alloc-large-long-lived.js: Added. * fast/js/regress/script-tests/ArrayBuffer-Int8Array-alloc-long-lived-buffer.js: Added. * fast/js/regress/script-tests/ArrayBuffer-Int8Array-alloc-long-lived.js: Added. * fast/js/regress/script-tests/ArrayBuffer-Int8Array-alloc.js: Added. * fast/js/regress/script-tests/Int32Array-Int8Array-view-alloc.js: Added. * fast/js/regress/script-tests/Int32Array-alloc-huge-long-lived.js: Added. * fast/js/regress/script-tests/Int32Array-alloc-huge.js: Added. * fast/js/regress/script-tests/Int32Array-alloc-large-long-lived.js: Added. * fast/js/regress/script-tests/Int32Array-alloc-large.js: Added. * fast/js/regress/script-tests/Int32Array-alloc-long-lived.js: Added. * fast/js/regress/script-tests/Int32Array-alloc.js: Added. * platform/mac/fast/js/constructor-length-expected.txt: * webgl/resources/webgl_test_files/conformance/typedarrays/array-unit-tests.html: * webgl/resources/webgl_test_files/conformance/typedarrays/data-view-test.html: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154127 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 13 Aug, 2013 1 commit
-
-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=119770 Reviewed by Mark Hahnenberg. Source/JavaScriptCore: * API/JSCallbackConstructor.cpp: (JSC::JSCallbackConstructor::finishCreation): * API/JSCallbackConstructor.h: (JSC::JSCallbackConstructor::createStructure): * API/JSCallbackFunction.cpp: (JSC::JSCallbackFunction::finishCreation): * API/JSCallbackFunction.h: (JSC::JSCallbackFunction::createStructure): * API/JSCallbackObject.cpp: (JSC::::createStructure): * API/JSCallbackObject.h: (JSC::JSCallbackObject::visitChildren): * API/JSCallbackObjectFunctions.h: (JSC::::asCallbackObject): (JSC::::finishCreation): * API/JSObjectRef.cpp: (JSObjectGetPrivate): (JSObjectSetPrivate): (JSObjectGetPrivateProperty): (JSObjectSetPrivateProperty): (JSObjectDeletePrivateProperty): * API/JSValueRef.cpp: (JSValueIsObjectOfClass): * API/JSWeakObjectMapRefPrivate.cpp: * API/ObjCCallbackFunction.h: (JSC::ObjCCallbackFunction::createStructure): * JSCTypedArrayStubs.h: * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::CallLinkStatus): (JSC::CallLinkStatus::function): (JSC::CallLinkStatus::internalFunction): * bytecode/CodeBlock.h: (JSC::baselineCodeBlockForInlineCallFrame): * bytecode/SpeculatedType.cpp: (JSC::speculationFromClassInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::visitChildren): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedProgramCodeBlock::visitChildren): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedFunctionExecutable::createStructure): (JSC::UnlinkedProgramCodeBlock::createStructure): (JSC::UnlinkedEvalCodeBlock::createStructure): (JSC::UnlinkedFunctionCodeBlock::createStructure): * debugger/Debugger.cpp: * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::visitChildren): * debugger/DebuggerActivation.h: (JSC::DebuggerActivation::createStructure): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::functionName): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::isStringPrototypeMethodSane): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): * dfg/DFGGraph.h: (JSC::DFG::Graph::isInternalFunctionConstant): * dfg/DFGOperations.cpp: * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileNewStringObject): * dfg/DFGThunks.cpp: (JSC::DFG::virtualForThunkGenerator): * interpreter/Interpreter.cpp: (JSC::loadVarargs): * jsc.cpp: (GlobalObject::createStructure): * profiler/LegacyProfiler.cpp: (JSC::LegacyProfiler::createCallIdentifier): * runtime/Arguments.cpp: (JSC::Arguments::visitChildren): * runtime/Arguments.h: (JSC::Arguments::createStructure): (JSC::asArguments): (JSC::Arguments::finishCreation): * runtime/ArrayConstructor.cpp: (JSC::arrayConstructorIsArray): * runtime/ArrayConstructor.h: (JSC::ArrayConstructor::createStructure): * runtime/ArrayPrototype.cpp: (JSC::ArrayPrototype::finishCreation): (JSC::arrayProtoFuncConcat): (JSC::attemptFastSort): * runtime/ArrayPrototype.h: (JSC::ArrayPrototype::createStructure): * runtime/BooleanConstructor.h: (JSC::BooleanConstructor::createStructure): * runtime/BooleanObject.cpp: (JSC::BooleanObject::finishCreation): * runtime/BooleanObject.h: (JSC::BooleanObject::createStructure): (JSC::asBooleanObject): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::finishCreation): (JSC::booleanProtoFuncToString): (JSC::booleanProtoFuncValueOf): * runtime/BooleanPrototype.h: (JSC::BooleanPrototype::createStructure): * runtime/DateConstructor.cpp: (JSC::constructDate): * runtime/DateConstructor.h: (JSC::DateConstructor::createStructure): * runtime/DateInstance.cpp: (JSC::DateInstance::finishCreation): * runtime/DateInstance.h: (JSC::DateInstance::createStructure): (JSC::asDateInstance): * runtime/DatePrototype.cpp: (JSC::formateDateInstance): (JSC::DatePrototype::finishCreation): (JSC::dateProtoFuncToISOString): (JSC::dateProtoFuncToLocaleString): (JSC::dateProtoFuncToLocaleDateString): (JSC::dateProtoFuncToLocaleTimeString): (JSC::dateProtoFuncGetTime): (JSC::dateProtoFuncGetFullYear): (JSC::dateProtoFuncGetUTCFullYear): (JSC::dateProtoFuncGetMonth): (JSC::dateProtoFuncGetUTCMonth): (JSC::dateProtoFuncGetDate): (JSC::dateProtoFuncGetUTCDate): (JSC::dateProtoFuncGetDay): (JSC::dateProtoFuncGetUTCDay): (JSC::dateProtoFuncGetHours): (JSC::dateProtoFuncGetUTCHours): (JSC::dateProtoFuncGetMinutes): (JSC::dateProtoFuncGetUTCMinutes): (JSC::dateProtoFuncGetSeconds): (JSC::dateProtoFuncGetUTCSeconds): (JSC::dateProtoFuncGetMilliSeconds): (JSC::dateProtoFuncGetUTCMilliseconds): (JSC::dateProtoFuncGetTimezoneOffset): (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): (JSC::dateProtoFuncGetYear): * runtime/DatePrototype.h: (JSC::DatePrototype::createStructure): * runtime/Error.h: (JSC::StrictModeTypeErrorFunction::createStructure): * runtime/ErrorConstructor.h: (JSC::ErrorConstructor::createStructure): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::finishCreation): * runtime/ErrorInstance.h: (JSC::ErrorInstance::createStructure): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::finishCreation): * runtime/ErrorPrototype.h: (JSC::ErrorPrototype::createStructure): * runtime/ExceptionHelpers.cpp: (JSC::isTerminatedExecutionException): * runtime/ExceptionHelpers.h: (JSC::TerminatedExecutionError::createStructure): * runtime/Executable.cpp: (JSC::EvalExecutable::visitChildren): (JSC::ProgramExecutable::visitChildren): (JSC::FunctionExecutable::visitChildren): (JSC::ExecutableBase::hashFor): * runtime/Executable.h: (JSC::ExecutableBase::createStructure): (JSC::NativeExecutable::createStructure): (JSC::EvalExecutable::createStructure): (JSC::ProgramExecutable::createStructure): (JSC::FunctionExecutable::compileFor): (JSC::FunctionExecutable::compileOptimizedFor): (JSC::FunctionExecutable::createStructure): * runtime/FunctionConstructor.h: (JSC::FunctionConstructor::createStructure): * runtime/FunctionPrototype.cpp: (JSC::functionProtoFuncToString): (JSC::functionProtoFuncApply): (JSC::functionProtoFuncBind): * runtime/FunctionPrototype.h: (JSC::FunctionPrototype::createStructure): * runtime/GetterSetter.cpp: (JSC::GetterSetter::visitChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::createStructure): * runtime/InternalFunction.cpp: (JSC::InternalFunction::finishCreation): * runtime/InternalFunction.h: (JSC::InternalFunction::createStructure): (JSC::asInternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::createStructure): * runtime/JSActivation.cpp: (JSC::JSActivation::visitChildren): (JSC::JSActivation::argumentsGetter): * runtime/JSActivation.h: (JSC::JSActivation::createStructure): (JSC::asActivation): * runtime/JSArray.h: (JSC::JSArray::createStructure): (JSC::asArray): (JSC::isJSArray): * runtime/JSBoundFunction.cpp: (JSC::JSBoundFunction::finishCreation): (JSC::JSBoundFunction::visitChildren): * runtime/JSBoundFunction.h: (JSC::JSBoundFunction::createStructure): * runtime/JSCJSValue.cpp: (JSC::JSValue::dumpInContext): * runtime/JSCJSValueInlines.h: (JSC::JSValue::isFunction): * runtime/JSCell.h: (JSC::jsCast): (JSC::jsDynamicCast): * runtime/JSCellInlines.h: (JSC::allocateCell): * runtime/JSFunction.cpp: (JSC::JSFunction::finishCreation): (JSC::JSFunction::visitChildren): (JSC::skipOverBoundFunctions): (JSC::JSFunction::callerGetter): * runtime/JSFunction.h: (JSC::JSFunction::createStructure): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::visitChildren): (JSC::slowValidateCell): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::createStructure): * runtime/JSNameScope.cpp: (JSC::JSNameScope::visitChildren): * runtime/JSNameScope.h: (JSC::JSNameScope::createStructure): * runtime/JSNotAnObject.h: (JSC::JSNotAnObject::createStructure): * runtime/JSONObject.cpp: (JSC::JSONObject::finishCreation): (JSC::unwrapBoxedPrimitive): (JSC::Stringifier::Stringifier): (JSC::Stringifier::appendStringifiedValue): (JSC::Stringifier::Holder::Holder): (JSC::Walker::walk): (JSC::JSONProtoFuncStringify): * runtime/JSONObject.h: (JSC::JSONObject::createStructure): * runtime/JSObject.cpp: (JSC::getCallableObjectSlow): (JSC::JSObject::visitChildren): (JSC::JSObject::copyBackingStore): (JSC::JSFinalObject::visitChildren): (JSC::JSObject::ensureInt32Slow): (JSC::JSObject::ensureDoubleSlow): (JSC::JSObject::ensureContiguousSlow): (JSC::JSObject::ensureArrayStorageSlow): * runtime/JSObject.h: (JSC::JSObject::finishCreation): (JSC::JSObject::createStructure): (JSC::JSNonFinalObject::createStructure): (JSC::JSFinalObject::createStructure): (JSC::isJSFinalObject): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::visitChildren): * runtime/JSPropertyNameIterator.h: (JSC::JSPropertyNameIterator::createStructure): * runtime/JSProxy.cpp: (JSC::JSProxy::visitChildren): * runtime/JSProxy.h: (JSC::JSProxy::createStructure): * runtime/JSScope.cpp: (JSC::JSScope::visitChildren): * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildren): * runtime/JSString.h: (JSC::JSString::createStructure): (JSC::isJSString): * runtime/JSSymbolTableObject.cpp: (JSC::JSSymbolTableObject::visitChildren): * runtime/JSVariableObject.h: * runtime/JSWithScope.cpp: (JSC::JSWithScope::visitChildren): * runtime/JSWithScope.h: (JSC::JSWithScope::createStructure): * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::visitChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::createStructure): * runtime/MathObject.cpp: (JSC::MathObject::finishCreation): * runtime/MathObject.h: (JSC::MathObject::createStructure): * runtime/NameConstructor.h: (JSC::NameConstructor::createStructure): * runtime/NameInstance.h: (JSC::NameInstance::createStructure): (JSC::NameInstance::finishCreation): * runtime/NamePrototype.cpp: (JSC::NamePrototype::finishCreation): (JSC::privateNameProtoFuncToString): * runtime/NamePrototype.h: (JSC::NamePrototype::createStructure): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::visitChildren): * runtime/NativeErrorConstructor.h: (JSC::NativeErrorConstructor::createStructure): (JSC::NativeErrorConstructor::finishCreation): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::finishCreation): * runtime/NumberConstructor.h: (JSC::NumberConstructor::createStructure): * runtime/NumberObject.cpp: (JSC::NumberObject::finishCreation): * runtime/NumberObject.h: (JSC::NumberObject::createStructure): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::finishCreation): * runtime/NumberPrototype.h: (JSC::NumberPrototype::createStructure): * runtime/ObjectConstructor.h: (JSC::ObjectConstructor::createStructure): * runtime/ObjectPrototype.cpp: (JSC::ObjectPrototype::finishCreation): * runtime/ObjectPrototype.h: (JSC::ObjectPrototype::createStructure): * runtime/PropertyMapHashTable.h: (JSC::PropertyTable::createStructure): * runtime/PropertyTable.cpp: (JSC::PropertyTable::visitChildren): * runtime/RegExp.h: (JSC::RegExp::createStructure): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::finishCreation): (JSC::RegExpConstructor::visitChildren): (JSC::constructRegExp): * runtime/RegExpConstructor.h: (JSC::RegExpConstructor::createStructure): (JSC::asRegExpConstructor): * runtime/RegExpMatchesArray.cpp: (JSC::RegExpMatchesArray::visitChildren): * runtime/RegExpMatchesArray.h: (JSC::RegExpMatchesArray::createStructure): * runtime/RegExpObject.cpp: (JSC::RegExpObject::finishCreation): (JSC::RegExpObject::visitChildren): * runtime/RegExpObject.h: (JSC::RegExpObject::createStructure): (JSC::asRegExpObject): * runtime/RegExpPrototype.cpp: (JSC::regExpProtoFuncTest): (JSC::regExpProtoFuncExec): (JSC::regExpProtoFuncCompile): (JSC::regExpProtoFuncToString): * runtime/RegExpPrototype.h: (JSC::RegExpPrototype::createStructure): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::createStructure): * runtime/SparseArrayValueMap.h: * runtime/StrictEvalActivation.h: (JSC::StrictEvalActivation::createStructure): * runtime/StringConstructor.h: (JSC::StringConstructor::createStructure): * runtime/StringObject.cpp: (JSC::StringObject::finishCreation): * runtime/StringObject.h: (JSC::StringObject::createStructure): (JSC::asStringObject): * runtime/StringPrototype.cpp: (JSC::StringPrototype::finishCreation): (JSC::stringProtoFuncReplace): (JSC::stringProtoFuncToString): (JSC::stringProtoFuncMatch): (JSC::stringProtoFuncSearch): (JSC::stringProtoFuncSplit): * runtime/StringPrototype.h: (JSC::StringPrototype::createStructure): * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::get): (JSC::Structure::visitChildren): * runtime/Structure.h: (JSC::Structure::typeInfo): (JSC::Structure::previousID): (JSC::Structure::outOfLineSize): (JSC::Structure::totalStorageCapacity): (JSC::Structure::materializePropertyMapIfNecessary): (JSC::Structure::materializePropertyMapIfNecessaryForPinning): * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildren): * runtime/StructureChain.h: (JSC::StructureChain::createStructure): * runtime/StructureInlines.h: (JSC::Structure::get): * runtime/StructureRareData.cpp: (JSC::StructureRareData::createStructure): (JSC::StructureRareData::visitChildren): * runtime/StructureRareData.h: * runtime/SymbolTable.h: (JSC::SharedSymbolTable::createStructure): * runtime/VM.cpp: (JSC::VM::VM): (JSC::StackPreservingRecompiler::operator()): (JSC::VM::releaseExecutableMemory): * runtime/WriteBarrier.h: (JSC::validateCell): * testRegExp.cpp: (GlobalObject::createStructure): Source/WebCore: No new tests because no new behavior. * bindings/js/IDBBindingUtilities.cpp: (WebCore::createIDBKeyFromValue): * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitChildren): * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::visitChildren): * bindings/js/JSAudioTrackListCustom.cpp: (WebCore::JSAudioTrackList::visitChildren): * bindings/js/JSBlobCustom.cpp: (WebCore::JSBlobConstructor::constructJSBlob): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitChildren): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitChildren): (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames): * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::toHTMLCanvasStyle): * bindings/js/JSCanvasRenderingContextCustom.cpp: (WebCore::JSCanvasRenderingContext::visitChildren): * bindings/js/JSDOMBinding.cpp: (WebCore::valueToDate): * bindings/js/JSDOMBinding.h: (WebCore::DOMConstructorObject::createStructure): (WebCore::getDOMStructure): (WebCore::toRefPtrNativeArray): (WebCore::getStaticValueSlotEntryWithoutCaching): * bindings/js/JSDOMFormDataCustom.cpp: (WebCore::toHTMLFormElement): (WebCore::JSDOMFormData::append): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::finishCreation): (WebCore::JSDOMGlobalObject::scriptExecutionContext): (WebCore::JSDOMGlobalObject::visitChildren): * bindings/js/JSDOMGlobalObject.h: (WebCore::JSDOMGlobalObject::info): (WebCore::JSDOMGlobalObject::createStructure): (WebCore::getDOMConstructor): * bindings/js/JSDOMStringListCustom.cpp: (WebCore::toDOMStringList): * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::finishCreation): (WebCore::toJSDOMWindow): * bindings/js/JSDOMWindowBase.h: (WebCore::JSDOMWindowBase::createStructure): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitChildren): (WebCore::JSDOMWindow::getOwnPropertySlot): (WebCore::JSDOMWindow::getOwnPropertyDescriptor): (WebCore::toDOMWindow): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::finishCreation): * bindings/js/JSDOMWindowShell.h: (WebCore::JSDOMWindowShell::createStructure): * bindings/js/JSEventTargetCustom.cpp: (WebCore::toEventTarget): * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::getOwnPropertySlotDelegate): (WebCore::JSHistory::getOwnPropertyDescriptorDelegate): * bindings/js/JSImageConstructor.cpp: (WebCore::JSImageConstructor::finishCreation): * bindings/js/JSImageConstructor.h: (WebCore::JSImageConstructor::createStructure): * bindings/js/JSInjectedScriptHostCustom.cpp: (WebCore::JSInjectedScriptHost::isHTMLAllCollection): (WebCore::JSInjectedScriptHost::type): (WebCore::JSInjectedScriptHost::functionDetails): * bindings/js/JSInspectorFrontendHostCustom.cpp: (WebCore::populateContextMenuItems): * bindings/js/JSLocationCustom.cpp: (WebCore::JSLocation::getOwnPropertySlotDelegate): (WebCore::JSLocation::getOwnPropertyDescriptorDelegate): (WebCore::JSLocation::putDelegate): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::pushEventHandlerScope): (WebCore::JSNode::visitChildren): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::JSNodeFilter::visitChildren): (WebCore::toNodeFilter): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitChildren): * bindings/js/JSPluginElementFunctions.h: (WebCore::pluginElementCustomGetOwnPropertySlot): (WebCore::pluginElementCustomGetOwnPropertyDescriptor): * bindings/js/JSSVGElementInstanceCustom.cpp: (WebCore::JSSVGElementInstance::visitChildren): * bindings/js/JSSharedWorkerCustom.cpp: (WebCore::JSSharedWorker::visitChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitChildren): * bindings/js/JSTextTrackCueCustom.cpp: (WebCore::JSTextTrackCue::visitChildren): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::visitChildren): * bindings/js/JSTextTrackListCustom.cpp: (WebCore::JSTextTrackList::visitChildren): * bindings/js/JSTrackCustom.cpp: (WebCore::toTrack): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitChildren): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::visitChildren): * bindings/js/JSVideoTrackListCustom.cpp: (WebCore::JSVideoTrackList::visitChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitChildren): (WebCore::JSWebGLRenderingContext::getAttachedShaders): (WebCore::JSWebGLRenderingContext::getProgramParameter): (WebCore::JSWebGLRenderingContext::getShaderParameter): (WebCore::JSWebGLRenderingContext::getUniform): (WebCore::dataFunctionf): (WebCore::dataFunctioni): (WebCore::dataFunctionMatrix): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::finishCreation): (WebCore::toJSDedicatedWorkerGlobalScope): (WebCore::toJSSharedWorkerGlobalScope): * bindings/js/JSWorkerGlobalScopeBase.h: (WebCore::JSWorkerGlobalScopeBase::createStructure): * bindings/js/JSWorkerGlobalScopeCustom.cpp: (WebCore::JSWorkerGlobalScope::visitChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitChildren): (WebCore::JSXMLHttpRequest::send): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitChildren): * bindings/js/ScriptDebugServer.cpp: (WebCore::ScriptDebugServer::dispatchDidPause): * bindings/js/ScriptState.cpp: (WebCore::domWindowFromScriptState): (WebCore::scriptExecutionContextFromScriptState): * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::isArray): (WebCore::CloneSerializer::dumpArrayBufferView): (WebCore::CloneSerializer::dumpIfTerminal): (WebCore::CloneSerializer::serialize): (WebCore::CloneDeserializer::CloneDeserializer): (WebCore::CloneDeserializer::readArrayBufferView): * bindings/objc/DOM.mm: (+[DOMNode _nodeFromJSWrapper:]): * bindings/objc/DOMUtility.mm: (JSC::createDOMWrapper): * bindings/objc/WebScriptObject.mm: (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]): * bindings/scripts/CodeGeneratorJS.pm: (GenerateGetOwnPropertySlotBody): (GenerateGetOwnPropertyDescriptorBody): (GenerateHeader): (GenerateParametersCheckExpression): (GenerateImplementation): (GenerateParametersCheck): (GenerateConstructorDeclaration): (GenerateConstructorHelperMethods): * bindings/scripts/test/JS/JSFloat64Array.cpp: (WebCore::JSFloat64ArrayConstructor::finishCreation): (WebCore::JSFloat64Array::finishCreation): (WebCore::JSFloat64Array::getOwnPropertySlot): (WebCore::JSFloat64Array::getOwnPropertyDescriptor): (WebCore::JSFloat64Array::getOwnPropertySlotByIndex): (WebCore::JSFloat64Array::put): (WebCore::JSFloat64Array::putByIndex): (WebCore::JSFloat64Array::getOwnPropertyNames): (WebCore::jsFloat64ArrayPrototypeFunctionFoo): (WebCore::jsFloat64ArrayPrototypeFunctionSet): (WebCore::JSFloat64Array::getByIndex): (WebCore::toFloat64Array): * bindings/scripts/test/JS/JSFloat64Array.h: (WebCore::JSFloat64Array::createStructure): (WebCore::JSFloat64ArrayPrototype::createStructure): (WebCore::JSFloat64ArrayConstructor::createStructure): * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: (WebCore::JSTestActiveDOMObjectConstructor::finishCreation): (WebCore::JSTestActiveDOMObject::finishCreation): (WebCore::JSTestActiveDOMObject::getOwnPropertySlot): (WebCore::JSTestActiveDOMObject::getOwnPropertyDescriptor): (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunction): (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage): (WebCore::toTestActiveDOMObject): * bindings/scripts/test/JS/JSTestActiveDOMObject.h: (WebCore::JSTestActiveDOMObject::createStructure): (WebCore::JSTestActiveDOMObjectPrototype::createStructure): (WebCore::JSTestActiveDOMObjectConstructor::createStructure): * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: (WebCore::JSTestCustomNamedGetterConstructor::finishCreation): (WebCore::JSTestCustomNamedGetter::finishCreation): (WebCore::JSTestCustomNamedGetter::getOwnPropertySlot): (WebCore::JSTestCustomNamedGetter::getOwnPropertyDescriptor): (WebCore::JSTestCustomNamedGetter::getOwnPropertySlotByIndex): (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction): (WebCore::toTestCustomNamedGetter): * bindings/scripts/test/JS/JSTestCustomNamedGetter.h: (WebCore::JSTestCustomNamedGetter::createStructure): (WebCore::JSTestCustomNamedGetterPrototype::createStructure): (WebCore::JSTestCustomNamedGetterConstructor::createStructure): * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructorConstructor::finishCreation): (WebCore::JSTestEventConstructor::finishCreation): (WebCore::JSTestEventConstructor::getOwnPropertySlot): (WebCore::JSTestEventConstructor::getOwnPropertyDescriptor): (WebCore::toTestEventConstructor): * bindings/scripts/test/JS/JSTestEventConstructor.h: (WebCore::JSTestEventConstructor::createStructure): (WebCore::JSTestEventConstructorPrototype::createStructure): (WebCore::JSTestEventConstructorConstructor::createStructure): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTargetConstructor::finishCreation): (WebCore::JSTestEventTarget::finishCreation): (WebCore::JSTestEventTarget::getOwnPropertySlot): (WebCore::JSTestEventTarget::getOwnPropertyDescriptor): (WebCore::JSTestEventTarget::getOwnPropertySlotByIndex): (WebCore::JSTestEventTarget::getOwnPropertyNames): (WebCore::jsTestEventTargetPrototypeFunctionItem): (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener): (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener): (WebCore::jsTestEventTargetPrototypeFunctionDispatchEvent): (WebCore::JSTestEventTarget::visitChildren): (WebCore::JSTestEventTarget::indexGetter): (WebCore::toTestEventTarget): * bindings/scripts/test/JS/JSTestEventTarget.h: (WebCore::JSTestEventTarget::createStructure): (WebCore::JSTestEventTargetPrototype::createStructure): (WebCore::JSTestEventTargetConstructor::createStructure): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestExceptionConstructor::finishCreation): (WebCore::JSTestException::finishCreation): (WebCore::JSTestException::getOwnPropertySlot): (WebCore::JSTestException::getOwnPropertyDescriptor): (WebCore::toTestException): * bindings/scripts/test/JS/JSTestException.h: (WebCore::JSTestException::createStructure): (WebCore::JSTestExceptionPrototype::createStructure): (WebCore::JSTestExceptionConstructor::createStructure): * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::JSTestInterfaceConstructor::finishCreation): (WebCore::JSTestInterface::finishCreation): (WebCore::JSTestInterface::getOwnPropertySlot): (WebCore::JSTestInterface::getOwnPropertyDescriptor): (WebCore::JSTestInterface::put): (WebCore::JSTestInterface::putByIndex): (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod1): (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2): (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod3): (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod1): (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2): (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod3): (WebCore::toTestInterface): * bindings/scripts/test/JS/JSTestInterface.h: (WebCore::JSTestInterface::createStructure): (WebCore::JSTestInterfacePrototype::createStructure): (WebCore::JSTestInterfaceConstructor::createStructure): * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation): (WebCore::JSTestMediaQueryListListener::finishCreation): (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot): (WebCore::JSTestMediaQueryListListener::getOwnPropertyDescriptor): (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod): (WebCore::toTestMediaQueryListListener): * bindings/scripts/test/JS/JSTestMediaQueryListListener.h: (WebCore::JSTestMediaQueryListListener::createStructure): (WebCore::JSTestMediaQueryListListenerPrototype::createStructure): (WebCore::JSTestMediaQueryListListenerConstructor::createStructure): * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: (WebCore::JSTestNamedConstructorConstructor::finishCreation): (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation): (WebCore::JSTestNamedConstructor::finishCreation): (WebCore::JSTestNamedConstructor::getOwnPropertySlot): (WebCore::JSTestNamedConstructor::getOwnPropertyDescriptor): (WebCore::toTestNamedConstructor): * bindings/scripts/test/JS/JSTestNamedConstructor.h: (WebCore::JSTestNamedConstructor::createStructure): (WebCore::JSTestNamedConstructorPrototype::createStructure): (WebCore::JSTestNamedConstructorConstructor::createStructure): (WebCore::JSTestNamedConstructorNamedConstructor::createStructure): * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNodeConstructor::finishCreation): (WebCore::JSTestNode::finishCreation): (WebCore::JSTestNode::getOwnPropertySlot): (WebCore::JSTestNode::getOwnPropertyDescriptor): (WebCore::JSTestNode::visitChildren): * bindings/scripts/test/JS/JSTestNode.h: (WebCore::JSTestNode::createStructure): (WebCore::JSTestNodePrototype::createStructure): (WebCore::JSTestNodeConstructor::createStructure): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObjConstructor::finishCreation): (WebCore::JSTestObj::finishCreation): (WebCore::JSTestObj::getOwnPropertySlot): (WebCore::JSTestObj::getOwnPropertyDescriptor): (WebCore::JSTestObj::put): (WebCore::jsTestObjPrototypeFunctionVoidMethod): (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionByteMethod): (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionOctetMethod): (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionLongMethod): (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionObjMethod): (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg): (WebCore::jsTestObjPrototypeFunctionMethodReturningSequence): (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArg): (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows): (WebCore::jsTestObjPrototypeFunctionSerializedValue): (WebCore::jsTestObjPrototypeFunctionOptionsObject): (WebCore::jsTestObjPrototypeFunctionMethodWithException): (WebCore::jsTestObjPrototypeFunctionCustomMethod): (WebCore::jsTestObjPrototypeFunctionCustomMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionAddEventListener): (WebCore::jsTestObjPrototypeFunctionRemoveEventListener): (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoid): (WebCore::jsTestObjPrototypeFunctionWithScriptStateObj): (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoidException): (WebCore::jsTestObjPrototypeFunctionWithScriptStateObjException): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces): (WebCore::jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArg): (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg): (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalString): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefined): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullString): (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArg): (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArg): (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackAndOptionalArg): (WebCore::jsTestObjPrototypeFunctionConditionalMethod1): (WebCore::jsTestObjPrototypeFunctionConditionalMethod2): (WebCore::jsTestObjPrototypeFunctionConditionalMethod3): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod): (WebCore::jsTestObjPrototypeFunctionClassMethodWithClamp): (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequence): (WebCore::jsTestObjPrototypeFunctionStringArrayFunction): (WebCore::jsTestObjPrototypeFunctionDomStringListFunction): (WebCore::jsTestObjPrototypeFunctionGetSVGDocument): (WebCore::jsTestObjPrototypeFunctionConvert1): (WebCore::jsTestObjPrototypeFunctionConvert2): (WebCore::jsTestObjPrototypeFunctionConvert4): (WebCore::jsTestObjPrototypeFunctionConvert5): (WebCore::jsTestObjPrototypeFunctionMutablePointFunction): (WebCore::jsTestObjPrototypeFunctionImmutablePointFunction): (WebCore::jsTestObjPrototypeFunctionOrange): (WebCore::jsTestObjPrototypeFunctionStrictFunction): (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod): (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod): (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod): (WebCore::JSTestObj::visitChildren): (WebCore::toTestObj): * bindings/scripts/test/JS/JSTestObj.h: (WebCore::JSTestObj::createStructure): (WebCore::JSTestObjPrototype::createStructure): (WebCore::JSTestObjConstructor::createStructure): * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors): (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation): (WebCore::JSTestOverloadedConstructors::finishCreation): (WebCore::JSTestOverloadedConstructors::getOwnPropertySlot): (WebCore::JSTestOverloadedConstructors::getOwnPropertyDescriptor): (WebCore::toTestOverloadedConstructors): * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: (WebCore::JSTestOverloadedConstructors::createStructure): (WebCore::JSTestOverloadedConstructorsPrototype::createStructure): (WebCore::JSTestOverloadedConstructorsConstructor::createStructure): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation): (WebCore::JSTestSerializedScriptValueInterface::finishCreation): (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot): (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertyDescriptor): (WebCore::JSTestSerializedScriptValueInterface::put): (WebCore::JSTestSerializedScriptValueInterface::visitChildren): (WebCore::toTestSerializedScriptValueInterface): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: (WebCore::JSTestSerializedScriptValueInterface::createStructure): (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure): (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure): * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefsConstructor::finishCreation): (WebCore::JSTestTypedefs::finishCreation): (WebCore::JSTestTypedefs::getOwnPropertySlot): (WebCore::JSTestTypedefs::getOwnPropertyDescriptor): (WebCore::JSTestTypedefs::put): (WebCore::jsTestTypedefsPrototypeFunctionFunc): (WebCore::jsTestTypedefsPrototypeFunctionSetShadow): (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArg): (WebCore::jsTestTypedefsPrototypeFunctionNullableArrayArg): (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClamp): (WebCore::jsTestTypedefsPrototypeFunctionImmutablePointFunction): (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction): (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction2): (WebCore::jsTestTypedefsPrototypeFunctionMethodWithException): (WebCore::toTestTypedefs): * bindings/scripts/test/JS/JSTestTypedefs.h: (WebCore::JSTestTypedefs::createStructure): (WebCore::JSTestTypedefsPrototype::createStructure): (WebCore::JSTestTypedefsConstructor::createStructure): * bridge/c/CRuntimeObject.cpp: (JSC::Bindings::CRuntimeObject::finishCreation): * bridge/c/CRuntimeObject.h: (JSC::Bindings::CRuntimeObject::createStructure): * bridge/c/c_instance.cpp: (JSC::Bindings::CRuntimeMethod::createStructure): (JSC::Bindings::CRuntimeMethod::finishCreation): (JSC::Bindings::CInstance::invokeMethod): * bridge/c/c_utility.cpp: (JSC::Bindings::convertValueToNPVariant): * bridge/objc/ObjCRuntimeObject.h: (JSC::Bindings::ObjCRuntimeObject::createStructure): * bridge/objc/objc_instance.mm: (ObjCRuntimeMethod::finishCreation): (ObjcInstance::invokeMethod): * bridge/objc/objc_runtime.h: (JSC::Bindings::ObjcFallbackObjectImp::createStructure): * bridge/objc/objc_runtime.mm: (JSC::Bindings::ObjcFallbackObjectImp::finishCreation): (JSC::Bindings::callObjCFallbackObject): * bridge/qt/qt_instance.cpp: (JSC::Bindings::QtRuntimeObject::createStructure): (JSC::Bindings::QtInstance::getInstance): * bridge/qt/qt_pixmapruntime.cpp: (JSC::Bindings::assignToHTMLImageElement): (JSC::Bindings::QtPixmapRuntime::toQt): * bridge/qt/qt_runtime.cpp: (JSC::Bindings::isJSUint8Array): (JSC::Bindings::isJSArray): (JSC::Bindings::isJSDate): (JSC::Bindings::isQtObject): (JSC::Bindings::unwrapBoxedPrimitive): (JSC::Bindings::convertQVariantToValue): * bridge/runtime_array.cpp: (JSC::RuntimeArray::finishCreation): * bridge/runtime_array.h: (JSC::RuntimeArray::createStructure): * bridge/runtime_method.cpp: (JSC::RuntimeMethod::finishCreation): (JSC::callRuntimeMethod): * bridge/runtime_method.h: (JSC::RuntimeMethod::createStructure): * bridge/runtime_object.cpp: (JSC::Bindings::RuntimeObject::finishCreation): (JSC::Bindings::callRuntimeObject): (JSC::Bindings::callRuntimeConstructor): * bridge/runtime_object.h: (JSC::Bindings::RuntimeObject::createStructure): Source/WebKit/mac: * Plugins/Hosted/NetscapePluginInstanceProxy.mm: (WebKit::getObjectID): (WebKit::NetscapePluginInstanceProxy::retainLocalObject): (WebKit::NetscapePluginInstanceProxy::releaseLocalObject): * Plugins/Hosted/ProxyInstance.mm: (WebKit::ProxyRuntimeMethod::finishCreation): (WebKit::ProxyInstance::invokeMethod): * Plugins/Hosted/ProxyRuntimeObject.h: (WebKit::ProxyRuntimeObject::createStructure): * WebView/WebView.mm: (aeDescFromJSValue): Source/WebKit/qt: * Api/qwebelement.cpp: (convertJSValueToWebElementVariant): * WebCoreSupport/DumpRenderTreeSupportQt.cpp: (convertJSValueToNodeVariant): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154038 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 02 Aug, 2013 1 commit
-
-
barraclough@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=119460 Reviewed by Geoff Garen. This constructor was unsafe if getValue is subsequently called, and the property is a getter. Simplest to just remove it. * runtime/Arguments.cpp: (JSC::Arguments::defineOwnProperty): * runtime/JSActivation.cpp: (JSC::JSActivation::getOwnPropertyDescriptor): * runtime/JSFunction.cpp: (JSC::JSFunction::getOwnPropertyDescriptor): (JSC::JSFunction::getOwnNonIndexPropertyNames): (JSC::JSFunction::put): (JSC::JSFunction::defineOwnProperty): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::defineOwnProperty): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::hasOwnPropertyForWrite): * runtime/JSNameScope.cpp: (JSC::JSNameScope::put): * runtime/JSONObject.cpp: (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::JSObject::hasProperty): (JSC::JSObject::hasOwnProperty): (JSC::JSObject::reifyStaticFunctionsForDelete): * runtime/Lookup.h: (JSC::getStaticPropertyDescriptor): (JSC::getStaticFunctionDescriptor): (JSC::getStaticValueDescriptor): * runtime/ObjectConstructor.cpp: (JSC::defineProperties): * runtime/PropertySlot.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153673 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 31 Jul, 2013 1 commit
-
-
barraclough@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=119343 Reviewed by Geoff Garen. Source/JavaScriptCore: JSValue::get is implemented to: 1) Check if the value is a cell – if not, synthesize a prototype to search, 2) call getOwnPropertySlot on the cell, 3) if this returns false, cast to JSObject to get the prototype, and walk the prototype chain. By all rights this should crash when passed a string and accessing a property that does not exist, because the string is a cell, getOwnPropertySlot should return false, and the cast to JSObject should be unsafe. To work around this, JSString::getOwnPropertySlot actually implements 'get' functionality - searching the prototype chain, and faking out a return value of undefined if no property is found. This is a huge hazard, since fixing JSString::getOwnPropertySlot or calling getOwnPropertySlot on cells from elsewhere would introduce bugs. Fortunately it is only ever called in this one place. The fix here is to move getOwnPropertySlot onto JSObjecte and end this madness - cells don't have property slots anyway. Interesting changes are in JSCJSValueInlines.h, JSString.cpp - the rest is pretty much all JSCell -> JSObject. Source/WebCore: * WebCore.exp.in: * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::getOwnPropertySlot): (WebCore::JSDOMWindow::getOwnPropertySlotByIndex): * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateConstructorDeclaration): (GenerateConstructorHelperMethods): * bridge/objc/objc_runtime.h: * bridge/objc/objc_runtime.mm: (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlot): * bridge/runtime_array.cpp: (JSC::RuntimeArray::getOwnPropertySlot): (JSC::RuntimeArray::getOwnPropertySlotByIndex): * bridge/runtime_array.h: * bridge/runtime_method.cpp: (JSC::RuntimeMethod::getOwnPropertySlot): * bridge/runtime_method.h: * bridge/runtime_object.cpp: (JSC::Bindings::RuntimeObject::getOwnPropertySlot): * bridge/runtime_object.h: - getOwnPropertySlot, JSCell -> JSObject Source/WebKit2: * WebProcess/Plugins/Netscape/JSNPObject.cpp: (WebKit::JSNPObject::getOwnPropertySlot): * WebProcess/Plugins/Netscape/JSNPObject.h: - getOwnPropertySlot, JSCell -> JSObject git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153532 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 24 Jul, 2013 3 commits
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=117906 Source/JavaScriptCore: Reviewed by Mark Hahnenberg. This does the obvious thing, but also makes sure that out-of-bounds accesses don't fall off into a C call, but try to do the fast thing if the prototype chain is sane. We ought to probably do this for other array accesses in the future, as well, since it's so darn easy. * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::executeEffects): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileGetByValOnString): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::callOperation): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::objectPrototypeIsSane): (JSC): (JSC::JSGlobalObject::arrayPrototypeChainIsSane): (JSC::JSGlobalObject::stringPrototypeChainIsSane): * runtime/JSGlobalObject.h: (JSGlobalObject): LayoutTests: Reviewed by Mark Hahnenberg. The out-of-bounds benchmark that isn't insane speeds up by 22x in this patch. * fast/js/regress/script-tests/string-get-by-val-out-of-bounds-insane.js: Added. (foo): * fast/js/regress/script-tests/string-get-by-val-out-of-bounds.js: Added. (foo): * fast/js/regress/string-get-by-val-out-of-bounds-expected.txt: Added. * fast/js/regress/string-get-by-val-out-of-bounds-insane-expected.txt: Added. * fast/js/regress/string-get-by-val-out-of-bounds-insane.html: Added. * fast/js/regress/string-get-by-val-out-of-bounds.html: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153244 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=117375 Reviewed by Filip Pizlo. Source/JavaScriptCore: This patch has two goals: (1) Simplicity. * Net removes 15 opcodes. * Net removes 2,000 lines of code. * Removes setPair() from the DFG: All DFG nodes have 1 result register now. (2) Performance. * 2%-3% speedup on SunSpider (20% in LLInt and Baseline JIT) * 2% speedup on v8-spider * 10% speedup on js-regress-hashmap* * Amusing 2X speedup on js-regress-poly-stricteq The bytecode now separates the scope chain resolution opcode from the scope access opcode. OLD: get_scoped_var r0, 1, 0 inc r0 put_scoped_var 1, 0, r0 NEW: resolve_scope r0, x(@id0) get_from_scope r1, r0, x(@id0) inc r1 put_to_scope r0, x(@id0), r1 Also, we link non-local variable resolution opcodes at CodeBlock link time instead of time of first opcode execution. This means that we can represent all possible non-local variable resolutions using just three opcodes, and any optimizations in these opcodes naturally apply across-the-board. * API/JSCTestRunnerUtils.cpp: (JSC::numberOfDFGCompiles): * GNUmakefile.list.am: * JavaScriptCore.gypi: * JavaScriptCore.order: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: Build! * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): Updated for removed things. (JSC::CodeBlock::CodeBlock): Always provide the full scope chain when creating a CodeBlock, so we can perform non-local variable resolution. Added code to perform linking for these opcodes. This is where we figure out which non-local variable resolutions are optimizable, and how. (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::noticeIncomingCall): (JSC::CodeBlock::optimizeAfterWarmUp): (JSC::CodeBlock::optimizeAfterLongWarmUp): (JSC::CodeBlock::optimizeSoon): Updated for removed things. * bytecode/CodeBlock.h: (JSC::CodeBlock::needsActivation): (JSC::GlobalCodeBlock::GlobalCodeBlock): (JSC::ProgramCodeBlock::ProgramCodeBlock): (JSC::EvalCodeBlock::EvalCodeBlock): (JSC::FunctionCodeBlock::FunctionCodeBlock): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::getSlow): Updated for interface changes. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFor): Treat global object access as optimizable even though the global object has a custom property access callback. This is what we've always done since, otherwise, we can't optimize globals. (In future, we probably want to figure out a more targeted policy than "any property access callback means no optimization".) * bytecode/GlobalResolveInfo.h: Removed. * bytecode/Instruction.h: * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFor): Like GetByIdStatus. * bytecode/ResolveGlobalStatus.cpp: Removed. * bytecode/ResolveGlobalStatus.h: Removed. * bytecode/ResolveOperation.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::codeBlockFor): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: Don't provide a scope chain to unlinked code blocks. Giving a scope to an unscoped compilation unit invites programming errors. * bytecode/Watchpoint.h: (JSC::WatchpointSet::addressOfIsInvalidated): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::resolveCallee): (JSC::BytecodeGenerator::local): (JSC::BytecodeGenerator::constLocal): (JSC::BytecodeGenerator::resolveType): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitPopScope): (JSC::BytecodeGenerator::pushFinallyContext): (JSC::BytecodeGenerator::emitComplexPopScopes): (JSC::BytecodeGenerator::popTryAndEmitCatch): (JSC::BytecodeGenerator::emitPushNameScope): (JSC::BytecodeGenerator::isArgumentNumber): * bytecompiler/BytecodeGenerator.h: (JSC::Local::Local): (JSC::Local::operator bool): (JSC::Local::get): (JSC::Local::isReadOnly): (JSC::BytecodeGenerator::scopeDepth): (JSC::BytecodeGenerator::shouldOptimizeLocals): (JSC::BytecodeGenerator::canOptimizeNonLocals): Refactored the bytecode generator to resolve all variables within local scope, as if there were no non-local scope. This helps provide a separation of concerns: unlinked bytecode is always scope-free, and the linking stage links in the provided scope. * bytecompiler/NodesCodegen.cpp: (JSC::ResolveNode::isPure): (JSC::ResolveNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::DeleteResolveNode::emitBytecode): (JSC::TypeOfResolveNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::ConstDeclNode::emitCodeSingle): (JSC::ForInNode::emitBytecode): A bunch of this codegen is no longer necessary, since it's redundant with the linking stage. * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::ByteCodeParser): (JSC::DFG::ByteCodeParser::cellConstantWithStructureCheck): (JSC::DFG::ByteCodeParser::handlePutByOffset): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::parseBlock): Updated for interface changes. Notably, we can reuse existing DFG nodes -- but the mapping between bytecode and DFG nodes has changed, and some nodes and corner cases have been removed. * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::scopedVarLoadElimination): (JSC::DFG::CSEPhase::varInjectionWatchpointElimination): (JSC::DFG::CSEPhase::globalVarStoreElimination): (JSC::DFG::CSEPhase::scopedVarStoreElimination): (JSC::DFG::CSEPhase::getLocalLoadElimination): (JSC::DFG::CSEPhase::setLocalStoreElimination): (JSC::DFG::CSEPhase::performNodeCSE): Added CSE for var injection watchpoints. Even though watchpoints are "free", they're quite common inside code that's subject to var injection, so I figured we'd save a little memory. * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: Removed detection for old forms. * dfg/DFGDriver.h: (JSC::DFG::tryCompile): (JSC::DFG::tryCompileFunction): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: * dfg/DFGNode.h: (JSC::DFG::Node::convertToStructureTransitionWatchpoint): (JSC::DFG::Node::hasVarNumber): (JSC::DFG::Node::hasIdentifierNumberForCheck): (JSC::DFG::Node::hasRegisterPointer): (JSC::DFG::Node::hasHeapPrediction): * dfg/DFGNodeType.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate): * dfg/DFGRepatch.h: (JSC::DFG::dfgResetGetByID): (JSC::DFG::dfgResetPutByID): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::callOperation): Removed some unneeded things, and updated for renames. * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): The two primary changes here are: (1) Use a watchpoint for var injection instead of looping over the scope chain and checking. This is more efficient and much easier to model in code generation. (2) I've eliminated the notion of an optimized global assignment that needs to check for whether it should fire a watchpiont. Instead, we fire pre-emptively at the point of optimization. This removes a bunch of edge cases, and it seems like a more honest representation of the fact that our new optimization contradicts our old one. * dfg/DFGTypeCheckHoistingPhase.cpp: (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks): (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks): * heap/DFGCodeBlocks.cpp: (JSC::DFGCodeBlocks::jettison): * interpreter/CallFrame.h: (JSC::ExecState::trueCallFrame): Removed stuff that's unused now, and fixed the build. * interpreter/Interpreter.cpp: (JSC::eval): (JSC::getBytecodeOffsetForCallFrame): (JSC::getCallerInfo): (JSC::Interpreter::throwException): Updated exception scope tracking to match the rest of our linking strategy: The unlinked bytecode compiles exception scope as if non-local scope did not exist, and we add in non-local scope at link time. This means that we can restore the right scope depth based on a simple number, without checking the contents of the scope chain. (JSC::Interpreter::execute): Make sure to establish the full scope chain before linking eval code. We now require the full scope chain at link time, in order to link non-local variable resolution opcodes. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_add): * jit/JITCode.cpp: * jit/JITOpcodes.cpp: (JSC::JIT::emitSlow_op_bitxor): (JSC::JIT::emitSlow_op_bitor): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emitSlow_op_to_primitive): (JSC::JIT::emit_op_strcat): (JSC::JIT::emitSlow_op_create_this): (JSC::JIT::emitSlow_op_to_this): * jit/JITPropertyAccess.cpp: (JSC::JIT::emitVarInjectionCheck): (JSC::JIT::emitResolveClosure): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emitSlow_op_resolve_scope): (JSC::JIT::emitLoadWithStructureCheck): (JSC::JIT::emitGetGlobalProperty): (JSC::JIT::emitGetGlobalVar): (JSC::JIT::emitGetClosureVar): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emitPutGlobalProperty): (JSC::JIT::emitPutGlobalVar): (JSC::JIT::emitPutClosureVar): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_init_global_const): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emitVarInjectionCheck): (JSC::JIT::emitResolveClosure): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emitSlow_op_resolve_scope): (JSC::JIT::emitLoadWithStructureCheck): (JSC::JIT::emitGetGlobalProperty): (JSC::JIT::emitGetGlobalVar): (JSC::JIT::emitGetClosureVar): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emitPutGlobalProperty): (JSC::JIT::emitPutGlobalVar): (JSC::JIT::emitPutClosureVar): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_init_global_const): * jit/JITStubs.cpp: (JSC::DEFINE_STUB_FUNCTION): * jit/JITStubs.h: Re-wrote baseline JIT codegen for our new variable resolution model. * llint/LLIntData.cpp: (JSC::LLInt::Data::performAssertions): * llint/LLIntSlowPaths.cpp: * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Ditto for LLInt. * offlineasm/x86.rb: Fixed a pre-existing encoding bug for a syntactic form that we never used before. * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncToString): (JSC::arrayProtoFuncToLocaleString): (JSC::arrayProtoFuncJoin): (JSC::arrayProtoFuncConcat): (JSC::arrayProtoFuncPop): (JSC::arrayProtoFuncPush): (JSC::arrayProtoFuncReverse): (JSC::arrayProtoFuncShift): (JSC::arrayProtoFuncSlice): (JSC::arrayProtoFuncSort): (JSC::arrayProtoFuncSplice): (JSC::arrayProtoFuncUnShift): (JSC::arrayProtoFuncFilter): (JSC::arrayProtoFuncMap): (JSC::arrayProtoFuncEvery): (JSC::arrayProtoFuncForEach): (JSC::arrayProtoFuncSome): (JSC::arrayProtoFuncReduce): (JSC::arrayProtoFuncReduceRight): (JSC::arrayProtoFuncIndexOf): (JSC::arrayProtoFuncLastIndexOf): Fixed some pre-existing bugs in 'this' value conversion, which I made much more common by removing special cases in bytecode generation. These functions need to invoke toThis() because they observe the 'this' value. Also, toLocaleString() is specified to accept non-array 'this' values. (Most other host functions don't need this fix because they perform strict 'this' checking, which never coerces unexpected types.) * runtime/CodeCache.cpp: (JSC::CodeCache::getCodeBlock): (JSC::CodeCache::getProgramCodeBlock): (JSC::CodeCache::getEvalCodeBlock): * runtime/CodeCache.h: Don't supply a scope to the unlinked code cache. Unlinked code is supposed to be scope-free, so let's have the compiler help verify that. * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/CommonSlowPaths.h: * runtime/Executable.cpp: (JSC::EvalExecutable::create): (JSC::EvalExecutable::compileInternal): (JSC::ProgramExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::compileForCallInternal): (JSC::FunctionExecutable::compileForConstructInternal): * runtime/Executable.h: (JSC::EvalExecutable::numVariables): (JSC::EvalExecutable::numberOfFunctionDecls): * runtime/ExecutionHarness.h: (JSC::prepareForExecutionImpl): (JSC::prepareFunctionForExecutionImpl): (JSC::installOptimizedCode): Fiddled with executable initialization so that we can always generate a full scope chain before we go to link a code block. We need this because code block linking now depends on the scope chain to link non-local variable resolution opcodes. * runtime/JSActivation.h: * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::JSGlobalObject): (JSC::JSGlobalObject::createEvalCodeBlock): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::varInjectionWatchpoint): * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncEval): * runtime/JSNameScope.h: * runtime/JSScope.cpp: (JSC::abstractAccess): (JSC::JSScope::objectAtScope): (JSC::JSScope::depth): (JSC::JSScope::resolve): (JSC::JSScope::abstractResolve): Updated to match changes explained above. * runtime/JSScope.h: (JSC::makeType): (JSC::needsVarInjectionChecks): (JSC::ResolveOp::ResolveOp): (JSC::ResolveModeAndType::ResolveModeAndType): (JSC::ResolveModeAndType::mode): (JSC::ResolveModeAndType::type): (JSC::ResolveModeAndType::operand): Removed the old variable resolution state machine, since it's unused now. Added logic for performing abstract variable resolution at link time. This is used by codeblock linking. * runtime/ObjectPrototype.cpp: (JSC::objectProtoFuncValueOf): (JSC::objectProtoFuncHasOwnProperty): (JSC::objectProtoFuncIsPrototypeOf): (JSC::objectProtoFuncDefineGetter): (JSC::objectProtoFuncDefineSetter): (JSC::objectProtoFuncLookupGetter): (JSC::objectProtoFuncLookupSetter): (JSC::objectProtoFuncPropertyIsEnumerable): (JSC::objectProtoFuncToLocaleString): (JSC::objectProtoFuncToString): Fixed some pre-existing bugs in 'this' value conversion, which I made much more common by removing special cases in bytecode generation. These functions need to invoke toThis() because they observe the 'this' value. * runtime/StringPrototype.cpp: (JSC::checkObjectCoercible): (JSC::stringProtoFuncReplace): (JSC::stringProtoFuncCharAt): (JSC::stringProtoFuncCharCodeAt): (JSC::stringProtoFuncConcat): (JSC::stringProtoFuncIndexOf): (JSC::stringProtoFuncLastIndexOf): (JSC::stringProtoFuncMatch): (JSC::stringProtoFuncSearch): (JSC::stringProtoFuncSlice): (JSC::stringProtoFuncSplit): (JSC::stringProtoFuncSubstr): (JSC::stringProtoFuncSubstring): (JSC::stringProtoFuncToLowerCase): (JSC::stringProtoFuncToUpperCase): (JSC::stringProtoFuncLocaleCompare): (JSC::stringProtoFuncBig): (JSC::stringProtoFuncSmall): (JSC::stringProtoFuncBlink): (JSC::stringProtoFuncBold): (JSC::stringProtoFuncFixed): (JSC::stringProtoFuncItalics): (JSC::stringProtoFuncStrike): (JSC::stringProtoFuncSub): (JSC::stringProtoFuncSup): (JSC::stringProtoFuncFontcolor): (JSC::stringProtoFuncFontsize): (JSC::stringProtoFuncAnchor): (JSC::stringProtoFuncLink): (JSC::trimString): Fixed some pre-existing bugs in 'this' value conversion, which I made much more common by removing special cases in bytecode generation. These functions need to invoke toThis() because they observe the 'this' value. * runtime/StructureRareData.cpp: * runtime/VM.cpp: (JSC::VM::~VM): * runtime/WriteBarrier.h: (JSC::WriteBarrierBase::slot): Modified to reduce casting in client code. LayoutTests: This patch removed special-case 'this' resolution from bytecode, making some pre-existing edge cases in 'this' value treatment much more common. I updated the test results below, and added some tests, to match bug fixes for these cases. * fast/js/script-tests/array-functions-non-arrays.js: * fast/js/array-functions-non-arrays-expected.txt: As specified, it's not an error to pass a non-array to toLocaleString. Our new result matches Firefox and Chrome. * fast/js/array-prototype-properties-expected.txt: Updated for slightly clearer error message. * fast/js/basic-strict-mode-expected.txt: Updated for slightly more standard error message. * fast/js/object-prototype-toString-expected.txt: Added. * fast/js/object-prototype-toString.html: Added. This test demonstrates why we now fail a Sputnik test below, while Firefox and Chrome pass it. (The test doesn't test what it thinks it tests, and this test verifies that we get right what it does think it tests.) * fast/js/string-prototype-function-this-expected.txt: Added. * fast/js/string-prototype-function-this.html: Added. This test shows that we CheckObjectCoercible in string prototype functions. (We used to get this wrong, but Sputnik tests made it seem like we got it right because they didn't test the dynamic scope case.) * sputnik/Conformance/11_Expressions/11.1_Primary_Expressions/11.1.1_The_this_Keyword/S11.1.1_A2-expected.txt: * sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.3_Array_prototype_toLocaleString/S15.4.4.3_A2_T1-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.11_String.prototype.replace/S15.5.4.11_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.12_String.prototype.search/S15.5.4.12_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.13_String.prototype.slice/S15.5.4.13_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.14_String.prototype.split/S15.5.4.14_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.15_String.prototype.substring/S15.5.4.15_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.6_String.prototype.concat/S15.5.4.6_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.7_String.prototype.indexOf/S15.5.4.7_A1_T3-expected.txt: * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.8_String.prototype.lastIndexOf/S15.5.4.8_A1_T3-expected.txt: Updated to show failing results. Firefox and Chrome also fail these tests, and the ES5 spec seems to mandate failure. Because these tests resolve a String.prototype function at global scope, the 'this' value for the call is an environment record. Logically, an environment record converts to 'undefined' at the call site, and should then fail the CheckObjectCoercible test. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153221 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
oliver@apple.com authored
Reviewed by Oliver Hunt. Source/JavaScriptCore: Rationalized 'this' value conversion https://bugs.webkit.org/show_bug.cgi?id=115542 This fixes a bunch of Sputnik tests, and some bad pointer access. The new model is that the callee always performs 'this' value conversion. My ultimate goal is to break up resolve_with_this into single-result opcodes. This step avoids having to add a special form of convert_this that distinguishes callers vs callees. Only the callee knows whether it uses 'this' and/or whether 'this' conversion should use StrictMode, so it's most natural to perform convert_this in the callee. * API/JSCallbackFunction.cpp: (JSC::JSCallbackFunction::call): Perform 'this' value conversion for our callee, since it may observe 'this'. * API/JSCallbackObjectFunctions.h: (JSC::::call): Ditto. * API/JSContextRef.cpp: (JSGlobalContextCreateInGroup): Use a proxy 'this' object in global scope even when we're not in the browser. This eliminates some odd cases where API clients used to be able to get a direct reference to an environment record. Now, any reference to an environment record unambiguously means that the VM resolved that record in the scope chain. (JSContextGetGlobalObject): Removed an incorrect comment. Now that JSC participates in the proxy 'this' object scheme, the behavior is not WebCore-only. * API/JSObjectRef.cpp: (JSObjectSetPrototype): (JSObjectCallAsFunction): Don't perform 'this' value conversion in the caller; the callee will do it if needed. * JavaScriptCore.order: Order! * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: What are the chances that this will work? * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): Renamed convert_this to to_this, to match our other conversion opcodes. * bytecode/CodeOrigin.h: (CodeOrigin): (InlineCallFrame): (JSC::CodeOrigin::codeOriginOwner): Use the more precise type for our executable, so compilation can discover where we're in strict mode. * bytecode/Opcode.h: (JSC::padOpcodeName): Updated for rename. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): Always emit to_this when 'this' is in use -- strict mode still needs to convert environment records to 'undefined'. * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGCapabilities.h: (JSC::DFG::canCompileOpcode): Updated for renames. * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): Tightened up this code to consider strict mode (a new requirement) and to consider the global object (which was always a requirement). * dfg/DFGGraph.h: (JSC::DFG::Graph::globalThisObjectFor): (JSC::DFG::Graph::executableFor): * dfg/DFGNodeType.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): Ditto. * interpreter/Interpreter.cpp: (JSC::eval): (JSC::Interpreter::execute): (JSC::Interpreter::executeCall): * interpreter/Interpreter.h: Don't ASSERT about 'this' -- it's our job to fix it up if needed. * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): * jit/JIT.h: (JIT): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_to_this): (JSC::JIT::emitSlow_op_to_this): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): (JSC::JIT::emitSlow_op_to_this): * jit/JITStubs.cpp: (JSC::DEFINE_STUB_FUNCTION): * jit/JITStubs.h: Removed special-case code for various kinds of conversions. The baseline fast path is now final objects only. It hurt my brain to think through how to keep the other fast paths working, and our benchmarks do not object. * llint/LLIntData.cpp: (JSC::LLInt::Data::performAssertions): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: (LLInt): * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Updated for renames. Removed some special case code, as in the JIT above. * profiler/ProfileGenerator.cpp: (JSC::ProfileGenerator::addParentForConsoleStart): * runtime/CallData.cpp: (JSC::call): * runtime/ClassInfo.h: (MethodTable): * runtime/Completion.cpp: (JSC::evaluate): * runtime/DatePrototype.cpp: (JSC::dateProtoFuncToJSON): The callee performs 'this' conversion, not the caller. * runtime/GetterSetter.cpp: (JSC::callGetter): (JSC::callSetter): * runtime/GetterSetter.h: Added helper functions for invoking getters and setters from C++ code, since this was duplicated in a bunch of places. * runtime/JSActivation.cpp: (JSC::JSActivation::toThis): * runtime/JSActivation.h: (JSActivation): * runtime/JSCJSValue.cpp: (JSC::JSValue::toThisSlowCase): (JSC::JSValue::putToPrimitive): * runtime/JSCJSValue.h: (JSValue): * runtime/JSCJSValueInlines.h: (JSC::JSValue::toThis): * runtime/JSCell.cpp: (JSC::JSCell::toThis): * runtime/JSCell.h: (JSCell): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::toThis): * runtime/JSGlobalObject.h: (JSGlobalObject): Filled out runtime support for converting 'this' values as needed, according to the appropriate strictness, using helper functions where getter/setter code was duplicated. * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncProtoGetter): (JSC::globalFuncProtoSetter): Perform 'this' value conversion, since we observe 'this'. * runtime/JSNameScope.cpp: (JSC::JSNameScope::toThis): * runtime/JSNameScope.h: (JSNameScope): Same as JSActivation. * runtime/JSObject.cpp: (JSC::JSObject::put): (JSC::JSObject::setPrototypeWithCycleCheck): Bug fix. Don't peform 'this' value conversion in this helper function. The __proto__ setter does this for us, since it's the function that logically observes 'this' -- and we can ASSERT so. Also, the previous code used "globalExec()->thisValue()", which is a read past the beginning of a buffer! I don't think this ever worked on purpose. (JSC::JSObject::toThis): (JSC::JSObject::fillGetterPropertySlot): * runtime/JSObject.h: (JSC::JSObject::inlineGetOwnPropertySlot): * runtime/JSScope.cpp: (JSC::JSScope::resolveWithThis): * runtime/JSString.cpp: (JSC::JSString::toThis): * runtime/JSString.h: (JSString): * runtime/PropertySlot.cpp: (JSC::PropertySlot::functionGetter): * runtime/PropertySlot.h: (JSC): (JSC::PropertySlot::setGetterSlot): (JSC::PropertySlot::setCacheableGetterSlot): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayEntry::get): (JSC::SparseArrayEntry::put): * runtime/StrictEvalActivation.cpp: (JSC::StrictEvalActivation::toThis): * runtime/StrictEvalActivation.h: (StrictEvalActivation): Ditto. Source/WebCore: Rationalized 'this' value conversion https://bugs.webkit.org/show_bug.cgi?id=115542 Source/WebKit/mac: Rationalized 'this' value conversion https://bugs.webkit.org/show_bug.cgi?id=115542 Source/WebKit2: Rationalized 'this' value conversion https://bugs.webkit.org/show_bug.cgi?id=115542 LayoutTests: Rationalized 'this' value conversion https://bugs.webkit.org/show_bug.cgi?id=115542 git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153145 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 09 May, 2013 1 commit
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=115747 Reviewed by Mark Hahnenberg. Source/JavaScriptCore: Non-global eval now uses a per-CodeBlock cache, and only use it when we're at the top of a function's scope. This means that we will no longer cache the parsing of a single string across multiple functions, and we won't cache when we're nested inside constructs like |with| and |catch| where previously we would, which is good because caching in those cases is unsound. * bytecode/EvalCodeCache.h: (JSC): (JSC::EvalCodeCache::getSlow): (JSC::EvalCodeCache::get): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::codeCacheForEval): (UnlinkedCodeBlock): (RareData): * debugger/Debugger.cpp: (JSC::evaluateInGlobalCallFrame): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * interpreter/Interpreter.cpp: (JSC::eval): * runtime/CodeCache.cpp: (JSC::CodeCache::CodeCache): (JSC::CodeCache::generateBytecode): (JSC): (JSC::CodeCache::getCodeBlock): * runtime/CodeCache.h: (JSC::CodeCacheMap::CodeCacheMap): (CodeCacheMap): (JSC::CodeCacheMap::canPruneQuickly): (JSC::CodeCacheMap::prune): (JSC::CodeCache::create): (CodeCache): * runtime/Executable.cpp: (JSC::EvalExecutable::EvalExecutable): (JSC::EvalExecutable::compileInternal): * runtime/Executable.h: (JSC::EvalExecutable::create): (EvalExecutable): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::createEvalCodeBlock): * runtime/JSGlobalObject.h: (JSGlobalObject): * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncEval): * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: (VM): LayoutTests: Many tests * fast/js/eval-cache-scoped-lookup-expected.txt: Added. * fast/js/eval-cache-scoped-lookup.html: Added. * fast/js/script-tests/eval-cache-scoped-lookup.js: Added. (first): (a.string_appeared_here.second): (third): (fifth): (sixth): (seventh): (eighth): (nineth): (tenth): (eleventh): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149836 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 18 Apr, 2013 1 commit
-
-
ggaren@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=114777 Reviewed by Phil Pizlo. ../JavaScriptCore: * API/APICast.h: (JSC): (toJS): (toRef): * API/APIShims.h: (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock): (APIEntryShimWithoutLock): (JSC::APIEntryShim::APIEntryShim): (APIEntryShim): (JSC::APIEntryShim::~APIEntryShim): (JSC::APICallbackShim::APICallbackShim): (JSC::APICallbackShim::~APICallbackShim): (APICallbackShim): * API/JSAPIWrapperObject.h: (JSAPIWrapperObject): * API/JSAPIWrapperObject.mm: (JSC::::createStructure): (JSC::JSAPIWrapperObject::JSAPIWrapperObject): (JSC::JSAPIWrapperObject::finishCreation): (JSC::JSAPIWrapperObject::visitChildren): * API/JSBase.cpp: (JSGarbageCollect): (JSReportExtraMemoryCost): (JSSynchronousGarbageCollectForDebugging): * API/JSCallbackConstructor.cpp: (JSC::JSCallbackConstructor::JSCallbackConstructor): (JSC::JSCallbackConstructor::finishCreation): * API/JSCallbackConstructor.h: (JSC::JSCallbackConstructor::createStructure): * API/JSCallbackFunction.cpp: (JSC::JSCallbackFunction::finishCreation): (JSC::JSCallbackFunction::create): * API/JSCallbackFunction.h: (JSCallbackFunction): (JSC::JSCallbackFunction::createStructure): * API/JSCallbackObject.cpp: (JSC::::create): (JSC::::createStructure): * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSCallbackObject): (JSC::JSCallbackObject::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::::JSCallbackObject): (JSC::::finishCreation): (JSC::::put): (JSC::::staticFunctionGetter): * API/JSClassRef.cpp: (OpaqueJSClassContextData::OpaqueJSClassContextData): (OpaqueJSClass::contextData): (OpaqueJSClass::prototype): * API/JSClassRef.h: (OpaqueJSClassContextData): * API/JSContext.mm: (-[JSContext setException:]): (-[JSContext initWithGlobalContextRef:]): (+[JSContext contextWithGlobalContextRef:]): * API/JSContextRef.cpp: (JSContextGroupCreate): (JSContextGroupRelease): (JSGlobalContextCreate): (JSGlobalContextCreateInGroup): (JSGlobalContextRetain): (JSGlobalContextRelease): (JSContextGetGroup): (JSContextCreateBacktrace): * API/JSObjectRef.cpp: (JSObjectMake): (JSObjectMakeConstructor): (JSObjectMakeFunction): (JSObjectSetPrototype): (JSObjectHasProperty): (JSObjectGetProperty): (JSObjectSetProperty): (JSObjectDeleteProperty): (JSObjectGetPrivateProperty): (JSObjectSetPrivateProperty): (JSObjectDeletePrivateProperty): (OpaqueJSPropertyNameArray::OpaqueJSPropertyNameArray): (OpaqueJSPropertyNameArray): (JSObjectCopyPropertyNames): (JSPropertyNameArrayRelease): (JSPropertyNameAccumulatorAddName): * API/JSScriptRef.cpp: (OpaqueJSScript::create): (OpaqueJSScript::vm): (OpaqueJSScript::OpaqueJSScript): (OpaqueJSScript): (parseScript): * API/JSVirtualMachine.mm: (scanExternalObjectGraph): * API/JSVirtualMachineInternal.h: (JSC): * API/JSWrapperMap.mm: (makeWrapper): * API/ObjCCallbackFunction.h: (JSC::ObjCCallbackFunction::createStructure): * API/ObjCCallbackFunction.mm: (JSC::ObjCCallbackFunction::create): * API/OpaqueJSString.cpp: (OpaqueJSString::identifier): * API/OpaqueJSString.h: (JSC): (OpaqueJSString): * GNUmakefile.list.am: * JSCTypedArrayStubs.h: (JSC): * JavaScriptCore.order: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: * JavaScriptCore.xcodeproj/project.pbxproj: * KeywordLookupGenerator.py: (Trie.printSubTreeAsC): * Target.pri: * assembler/ARMAssembler.cpp: (JSC::ARMAssembler::executableCopy): * assembler/ARMAssembler.h: (ARMAssembler): * assembler/AssemblerBuffer.h: (JSC::AssemblerBuffer::executableCopy): * assembler/AssemblerBufferWithConstantPool.h: (JSC::AssemblerBufferWithConstantPool::executableCopy): * assembler/LinkBuffer.cpp: (JSC::LinkBuffer::linkCode): * assembler/LinkBuffer.h: (JSC): (JSC::LinkBuffer::LinkBuffer): (LinkBuffer): * assembler/MIPSAssembler.h: (JSC::MIPSAssembler::executableCopy): * assembler/SH4Assembler.h: (JSC::SH4Assembler::executableCopy): * assembler/X86Assembler.h: (JSC::X86Assembler::executableCopy): (JSC::X86Assembler::X86InstructionFormatter::executableCopy): * bytecode/CallLinkInfo.cpp: (JSC::CallLinkInfo::unlink): * bytecode/CallLinkInfo.h: (CallLinkInfo): * bytecode/CodeBlock.cpp: (JSC::dumpStructure): (JSC::CodeBlock::printStructures): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::~CodeBlock): (JSC::CodeBlock::visitStructures): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::createActivation): (JSC::CodeBlock::unlinkCalls): (JSC::CodeBlock::unlinkIncomingCalls): (JSC::CodeBlock::findClosureCallForReturnPC): (JSC::ProgramCodeBlock::jettisonImpl): (JSC::EvalCodeBlock::jettisonImpl): (JSC::FunctionCodeBlock::jettisonImpl): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::usesOpcode): * bytecode/CodeBlock.h: (JSC::CodeBlock::appendWeakReference): (JSC::CodeBlock::appendWeakReferenceTransition): (JSC::CodeBlock::setJITCode): (JSC::CodeBlock::setGlobalData): (JSC::CodeBlock::vm): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::addConstant): (JSC::CodeBlock::setConstantRegisters): (CodeBlock): (JSC::CodeBlock::WeakReferenceTransition::WeakReferenceTransition): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::getSlow): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeForChain): (JSC::GetByIdStatus::computeFor): * bytecode/GetByIdStatus.h: (GetByIdStatus): * bytecode/Instruction.h: (JSC::Instruction::Instruction): * bytecode/ObjectAllocationProfile.h: (JSC::ObjectAllocationProfile::initialize): (JSC::ObjectAllocationProfile::possibleDefaultPropertyCount): * bytecode/PolymorphicAccessStructureList.h: (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set): (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList): * bytecode/PolymorphicPutByIdList.h: (JSC::PutByIdAccess::transition): (JSC::PutByIdAccess::replace): * bytecode/PreciseJumpTargets.cpp: (JSC::computePreciseJumpTargets): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: (JSC): (PutByIdStatus): * bytecode/ResolveGlobalStatus.cpp: (JSC::computeForStructure): * bytecode/SamplingTool.cpp: (JSC::SamplingTool::notifyOfScope): * bytecode/SamplingTool.h: (JSC::ScriptSampleRecord::ScriptSampleRecord): (SamplingTool): * bytecode/StructureStubInfo.h: (JSC::StructureStubInfo::initGetByIdSelf): (JSC::StructureStubInfo::initGetByIdProto): (JSC::StructureStubInfo::initGetByIdChain): (JSC::StructureStubInfo::initPutByIdTransition): (JSC::StructureStubInfo::initPutByIdReplace): * bytecode/UnlinkedCodeBlock.cpp: (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::link): (JSC::UnlinkedFunctionExecutable::fromGlobalCode): (JSC::UnlinkedFunctionExecutable::codeBlockFor): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedFunctionExecutable::create): (UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::finishCreation): (JSC::UnlinkedFunctionExecutable::createStructure): (JSC::UnlinkedCodeBlock::addRegExp): (JSC::UnlinkedCodeBlock::addConstant): (JSC::UnlinkedCodeBlock::addFunctionDecl): (JSC::UnlinkedCodeBlock::addFunctionExpr): (JSC::UnlinkedCodeBlock::vm): (UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::finishCreation): (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock): (JSC::UnlinkedProgramCodeBlock::create): (JSC::UnlinkedProgramCodeBlock::addFunctionDeclaration): (JSC::UnlinkedProgramCodeBlock::UnlinkedProgramCodeBlock): (JSC::UnlinkedProgramCodeBlock::createStructure): (JSC::UnlinkedEvalCodeBlock::create): (JSC::UnlinkedEvalCodeBlock::UnlinkedEvalCodeBlock): (JSC::UnlinkedEvalCodeBlock::createStructure): (JSC::UnlinkedFunctionCodeBlock::create): (JSC::UnlinkedFunctionCodeBlock::UnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionCodeBlock::createStructure): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::addConstant): (JSC::BytecodeGenerator::emitLoad): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::addStringConstant): (JSC::BytecodeGenerator::expectedFunctionForIdentifier): (JSC::BytecodeGenerator::emitThrowReferenceError): (JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded): * bytecompiler/BytecodeGenerator.h: (BytecodeGenerator): (JSC::BytecodeGenerator::vm): (JSC::BytecodeGenerator::propertyNames): (JSC::BytecodeGenerator::makeFunction): * bytecompiler/NodesCodegen.cpp: (JSC::RegExpNode::emitBytecode): (JSC::ArrayNode::toArgumentList): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::InstanceOfNode::emitBytecode): * debugger/Debugger.cpp: (JSC::Debugger::recompileAllJSFunctions): (JSC::evaluateInGlobalCallFrame): * debugger/Debugger.h: (JSC): * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): (JSC::DebuggerActivation::finishCreation): * debugger/DebuggerActivation.h: (JSC::DebuggerActivation::create): (JSC::DebuggerActivation::createStructure): (DebuggerActivation): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::executeEffects): * dfg/DFGAssemblyHelpers.h: (JSC::DFG::AssemblyHelpers::AssemblyHelpers): (JSC::DFG::AssemblyHelpers::vm): (JSC::DFG::AssemblyHelpers::debugCall): (JSC::DFG::AssemblyHelpers::emitExceptionCheck): (AssemblyHelpers): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::ByteCodeParser): (ByteCodeParser): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): (JSC::DFG::ByteCodeParser::parseCodeBlock): * dfg/DFGByteCodeParser.h: (JSC): * dfg/DFGCCallHelpers.h: (JSC::DFG::CCallHelpers::CCallHelpers): * dfg/DFGCapabilities.cpp: (JSC::DFG::canHandleOpcodes): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants): * dfg/DFGDisassembler.cpp: (JSC::DFG::Disassembler::reportToProfiler): * dfg/DFGDriver.cpp: (JSC::DFG::compile): * dfg/DFGDriver.h: (JSC): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::isStringPrototypeMethodSane): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::Graph): * dfg/DFGGraph.h: (Graph): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::linkOSRExits): (JSC::DFG::JITCompiler::link): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): * dfg/DFGOSRExitCompiler.cpp: * dfg/DFGOSRExitCompiler32_64.cpp: (JSC::DFG::OSRExitCompiler::compileExit): * dfg/DFGOSRExitCompiler64.cpp: (JSC::DFG::OSRExitCompiler::compileExit): * dfg/DFGOperations.cpp: (JSC::DFG::putByVal): (JSC::DFG::operationPutByValInternal): (JSC::getHostCallReturnValueWithExecState): * dfg/DFGPhase.h: (JSC::DFG::Phase::vm): * dfg/DFGRepatch.cpp: (JSC::DFG::generateProtoChainAccessStub): (JSC::DFG::tryCacheGetByID): (JSC::DFG::tryBuildGetByIDList): (JSC::DFG::tryBuildGetByIDProtoList): (JSC::DFG::emitPutReplaceStub): (JSC::DFG::emitPutTransitionStub): (JSC::DFG::tryCachePutByID): (JSC::DFG::tryBuildPutByIdList): (JSC::DFG::linkSlowFor): (JSC::DFG::dfgLinkFor): (JSC::DFG::dfgLinkSlowFor): (JSC::DFG::dfgLinkClosureCall): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::typedArrayDescriptor): (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality): (JSC::DFG::SpeculativeJIT::compileGetByValOnString): (JSC::DFG::SpeculativeJIT::compileFromCharCode): (JSC::DFG::SpeculativeJIT::compileMakeRope): (JSC::DFG::SpeculativeJIT::compileStringEquality): (JSC::DFG::SpeculativeJIT::compileToStringOnCell): (JSC::DFG::SpeculativeJIT::speculateObject): (JSC::DFG::SpeculativeJIT::speculateObjectOrOther): (JSC::DFG::SpeculativeJIT::speculateString): (JSC::DFG::SpeculativeJIT::speculateStringOrStringObject): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::prepareForExternalCall): (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage): (JSC::DFG::SpeculativeJIT::emitAllocateJSObject): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compileObjectEquality): (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality): (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality): (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot): (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compileObjectEquality): (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality): (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality): (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot): (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGThunks.cpp: (JSC::DFG::osrExitGenerationThunkGenerator): (JSC::DFG::throwExceptionFromCallSlowPathGenerator): (JSC::DFG::slowPathFor): (JSC::DFG::linkForThunkGenerator): (JSC::DFG::linkCallThunkGenerator): (JSC::DFG::linkConstructThunkGenerator): (JSC::DFG::linkClosureCallThunkGenerator): (JSC::DFG::virtualForThunkGenerator): (JSC::DFG::virtualCallThunkGenerator): (JSC::DFG::virtualConstructThunkGenerator): * dfg/DFGThunks.h: (JSC): (DFG): * heap/BlockAllocator.h: (JSC): * heap/CopiedSpace.cpp: (JSC::CopiedSpace::tryAllocateSlowCase): (JSC::CopiedSpace::tryReallocate): * heap/CopiedSpaceInlines.h: (JSC::CopiedSpace::tryAllocate): * heap/GCThreadSharedData.cpp: (JSC::GCThreadSharedData::GCThreadSharedData): (JSC::GCThreadSharedData::reset): * heap/GCThreadSharedData.h: (JSC): (GCThreadSharedData): * heap/HandleSet.cpp: (JSC::HandleSet::HandleSet): (JSC::HandleSet::~HandleSet): (JSC::HandleSet::grow): * heap/HandleSet.h: (JSC): (HandleSet): (JSC::HandleSet::vm): * heap/Heap.cpp: (JSC::Heap::Heap): (JSC): (JSC::Heap::lastChanceToFinalize): (JSC::Heap::protect): (JSC::Heap::unprotect): (JSC::Heap::stack): (JSC::Heap::getConservativeRegisterRoots): (JSC::Heap::markRoots): (JSC::Heap::deleteAllCompiledCode): (JSC::Heap::collect): (JSC::Heap::isValidAllocation): * heap/Heap.h: (JSC): (Heap): (JSC::Heap::vm): * heap/HeapTimer.cpp: (JSC::HeapTimer::HeapTimer): (JSC::HeapTimer::timerDidFire): (JSC::HeapTimer::timerEvent): * heap/HeapTimer.h: (JSC): (HeapTimer): * heap/IncrementalSweeper.cpp: (JSC::IncrementalSweeper::IncrementalSweeper): (JSC::IncrementalSweeper::sweepNextBlock): (JSC::IncrementalSweeper::willFinishSweeping): (JSC::IncrementalSweeper::create): * heap/IncrementalSweeper.h: (IncrementalSweeper): * heap/Local.h: (Local): (JSC::::Local): (JSC::LocalStack::LocalStack): (JSC::LocalStack::push): (LocalStack): * heap/LocalScope.h: (JSC): (LocalScope): (JSC::LocalScope::LocalScope): * heap/MachineStackMarker.cpp: (JSC::MachineThreads::addCurrentThread): * heap/MarkedAllocator.cpp: (JSC::MarkedAllocator::allocateSlowCase): * heap/MarkedBlock.cpp: (JSC::MarkedBlock::MarkedBlock): * heap/MarkedBlock.h: (JSC::MarkedBlock::vm): * heap/SlotVisitor.cpp: (JSC::SlotVisitor::SlotVisitor): (JSC::SlotVisitor::setup): * heap/Strong.h: (JSC): (Strong): (JSC::Strong::operator=): * heap/StrongInlines.h: (JSC::::Strong): (JSC::::set): * heap/SuperRegion.h: (JSC): * heap/WeakSet.cpp: * heap/WeakSet.h: (WeakSet): (JSC::WeakSet::WeakSet): (JSC::WeakSet::vm): * interpreter/AbstractPC.cpp: (JSC::AbstractPC::AbstractPC): * interpreter/AbstractPC.h: (JSC): (AbstractPC): * interpreter/CachedCall.h: (JSC::CachedCall::CachedCall): * interpreter/CallFrame.h: (ExecState): (JSC::ExecState::clearException): (JSC::ExecState::clearSupplementaryExceptionInfo): (JSC::ExecState::exception): (JSC::ExecState::hadException): (JSC::ExecState::propertyNames): (JSC::ExecState::emptyList): (JSC::ExecState::interpreter): (JSC::ExecState::heap): (JSC::ExecState::arrayConstructorTable): (JSC::ExecState::arrayPrototypeTable): (JSC::ExecState::booleanPrototypeTable): (JSC::ExecState::dateTable): (JSC::ExecState::dateConstructorTable): (JSC::ExecState::errorPrototypeTable): (JSC::ExecState::globalObjectTable): (JSC::ExecState::jsonTable): (JSC::ExecState::mathTable): (JSC::ExecState::numberConstructorTable): (JSC::ExecState::numberPrototypeTable): (JSC::ExecState::objectConstructorTable): (JSC::ExecState::privateNamePrototypeTable): (JSC::ExecState::regExpTable): (JSC::ExecState::regExpConstructorTable): (JSC::ExecState::regExpPrototypeTable): (JSC::ExecState::stringConstructorTable): (JSC::ExecState::abstractReturnPC): * interpreter/CallFrameClosure.h: (CallFrameClosure): * interpreter/Interpreter.cpp: (JSC): (JSC::eval): (JSC::loadVarargs): (JSC::Interpreter::Interpreter): (JSC::Interpreter::dumpRegisters): (JSC::Interpreter::unwindCallFrame): (JSC::appendSourceToError): (JSC::getCallerInfo): (JSC::Interpreter::getStackTrace): (JSC::Interpreter::addStackTraceIfNecessary): (JSC::Interpreter::throwException): (JSC::Interpreter::execute): (JSC::Interpreter::executeCall): (JSC::Interpreter::executeConstruct): (JSC::Interpreter::prepareForRepeatCall): (JSC::Interpreter::retrieveArgumentsFromVMCode): (JSC::Interpreter::retrieveCallerFromVMCode): * interpreter/Interpreter.h: (JSC): (JSC::TopCallFrameSetter::TopCallFrameSetter): (JSC::TopCallFrameSetter::~TopCallFrameSetter): (TopCallFrameSetter): (JSC::NativeCallFrameTracer::NativeCallFrameTracer): (Interpreter): * interpreter/JSStack.cpp: (JSC::JSStack::JSStack): * interpreter/JSStack.h: (JSC): * jit/ClosureCallStubRoutine.cpp: (JSC::ClosureCallStubRoutine::ClosureCallStubRoutine): * jit/ClosureCallStubRoutine.h: (ClosureCallStubRoutine): * jit/ExecutableAllocator.cpp: (JSC::ExecutableAllocator::ExecutableAllocator): (JSC::ExecutableAllocator::allocate): * jit/ExecutableAllocator.h: (JSC): (ExecutableAllocator): * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::ExecutableAllocator::ExecutableAllocator): (JSC::ExecutableAllocator::allocate): * jit/GCAwareJITStubRoutine.cpp: (JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine): (JSC::MarkingGCAwareJITStubRoutineWithOneObject::MarkingGCAwareJITStubRoutineWithOneObject): (JSC::createJITStubRoutine): * jit/GCAwareJITStubRoutine.h: (GCAwareJITStubRoutine): (MarkingGCAwareJITStubRoutineWithOneObject): (JSC): * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::privateCompile): (JSC::JIT::linkFor): (JSC::JIT::linkSlowCall): * jit/JIT.h: (JSC::JIT::compile): (JSC::JIT::compileClosureCall): (JSC::JIT::compileGetByIdProto): (JSC::JIT::compileGetByIdSelfList): (JSC::JIT::compileGetByIdProtoList): (JSC::JIT::compileGetByIdChainList): (JSC::JIT::compileGetByIdChain): (JSC::JIT::compilePutByIdTransition): (JSC::JIT::compileGetByVal): (JSC::JIT::compilePutByVal): (JSC::JIT::compileCTINativeCall): (JSC::JIT::compilePatchGetArrayLength): (JIT): * jit/JITCall.cpp: (JSC::JIT::compileLoadVarargs): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::privateCompileClosureCall): * jit/JITCall32_64.cpp: (JSC::JIT::compileLoadVarargs): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::privateCompileClosureCall): * jit/JITCode.h: (JSC): (JSC::JITCode::execute): * jit/JITDriver.h: (JSC::jitCompileIfAppropriate): (JSC::jitCompileFunctionIfAppropriate): * jit/JITExceptions.cpp: (JSC::genericThrow): (JSC::jitThrow): * jit/JITExceptions.h: (JSC): * jit/JITInlines.h: (JSC::JIT::emitLoadCharacterString): (JSC::JIT::updateTopCallFrame): * jit/JITOpcodes.cpp: (JSC::JIT::privateCompileCTINativeCall): (JSC::JIT::emit_op_new_object): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_convert_this): (JSC::JIT::emitSlow_op_convert_this): * jit/JITOpcodes32_64.cpp: (JSC::JIT::privateCompileCTINativeCall): (JSC::JIT::emit_op_new_object): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_convert_this): (JSC::JIT::emitSlow_op_convert_this): * jit/JITPropertyAccess.cpp: (JSC::JIT::stringGetByValStubGenerator): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::compileGetByIdHotPath): (JSC::JIT::privateCompilePutByIdTransition): (JSC::JIT::privateCompilePatchGetArrayLength): (JSC::JIT::privateCompileGetByIdProto): (JSC::JIT::privateCompileGetByIdSelfList): (JSC::JIT::privateCompileGetByIdProtoList): (JSC::JIT::privateCompileGetByIdChainList): (JSC::JIT::privateCompileGetByIdChain): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompilePutByVal): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::stringGetByValStubGenerator): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::compileGetByIdHotPath): (JSC::JIT::privateCompilePutByIdTransition): (JSC::JIT::privateCompilePatchGetArrayLength): (JSC::JIT::privateCompileGetByIdProto): (JSC::JIT::privateCompileGetByIdSelfList): (JSC::JIT::privateCompileGetByIdProtoList): (JSC::JIT::privateCompileGetByIdChainList): (JSC::JIT::privateCompileGetByIdChain): * jit/JITStubs.cpp: (JSC::ctiTrampoline): (JSC): (JSC::performPlatformSpecificJITAssertions): (JSC::tryCachePutByID): (JSC::tryCacheGetByID): (JSC::returnToThrowTrampoline): (JSC::throwExceptionFromOpCall): (JSC::DEFINE_STUB_FUNCTION): (JSC::getPolymorphicAccessStructureListSlot): (JSC::jitCompileFor): (JSC::lazyLinkFor): (JSC::putByVal): * jit/JITStubs.h: (JSC): (JITStackFrame): * jit/JITThunks.cpp: (JSC::JITThunks::ctiNativeCall): (JSC::JITThunks::ctiNativeConstruct): (JSC::JITThunks::ctiStub): (JSC::JITThunks::hostFunctionStub): * jit/JITThunks.h: (JSC): (JITThunks): * jit/JITWriteBarrier.h: (JSC): (JSC::JITWriteBarrierBase::set): (JSC::JITWriteBarrier::set): * jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadJSStringArgument): (JSC::SpecializedThunkJIT::finalize): * jit/ThunkGenerator.h: (JSC): * jit/ThunkGenerators.cpp: (JSC::generateSlowCaseFor): (JSC::linkForGenerator): (JSC::linkCallGenerator): (JSC::linkConstructGenerator): (JSC::linkClosureCallGenerator): (JSC::virtualForGenerator): (JSC::virtualCallGenerator): (JSC::virtualConstructGenerator): (JSC::stringLengthTrampolineGenerator): (JSC::nativeForGenerator): (JSC::nativeCallGenerator): (JSC::nativeConstructGenerator): (JSC::stringCharLoad): (JSC::charToString): (JSC::charCodeAtThunkGenerator): (JSC::charAtThunkGenerator): (JSC::fromCharCodeThunkGenerator): (JSC::sqrtThunkGenerator): (JSC::floorThunkGenerator): (JSC::ceilThunkGenerator): (JSC::roundThunkGenerator): (JSC::expThunkGenerator): (JSC::logThunkGenerator): (JSC::absThunkGenerator): (JSC::powThunkGenerator): * jit/ThunkGenerators.h: (JSC): * jsc.cpp: (GlobalObject): (GlobalObject::create): (GlobalObject::createStructure): (GlobalObject::finishCreation): (GlobalObject::addFunction): (GlobalObject::addConstructableFunction): (functionDumpCallFrame): (functionJSCStack): (functionReleaseExecutableMemory): (functionRun): (main): (runWithScripts): (jscmain): * llint/LLIntData.cpp: (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC): (Data): (JSC::LLInt::Data::performAssertions): * llint/LLIntEntrypoints.cpp: (JSC::LLInt::getFunctionEntrypoint): (JSC::LLInt::getEvalEntrypoint): (JSC::LLInt::getProgramEntrypoint): * llint/LLIntEntrypoints.h: (JSC): (LLInt): (JSC::LLInt::getEntrypoint): * llint/LLIntExceptions.cpp: (JSC::LLInt::interpreterThrowInCaller): (JSC::LLInt::returnToThrow): (JSC::LLInt::callToThrow): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (LLInt): (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::shouldJIT): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): * llint/LLIntThunks.cpp: (JSC::LLInt::generateThunkWithJumpTo): (JSC::LLInt::functionForCallEntryThunkGenerator): (JSC::LLInt::functionForConstructEntryThunkGenerator): (JSC::LLInt::functionForCallArityCheckThunkGenerator): (JSC::LLInt::functionForConstructArityCheckThunkGenerator): (JSC::LLInt::evalEntryThunkGenerator): (JSC::LLInt::programEntryThunkGenerator): * llint/LLIntThunks.h: (JSC): (LLInt): * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/cloop.rb: * parser/ASTBuilder.h: (JSC::ASTBuilder::ASTBuilder): (JSC::ASTBuilder::createSourceElements): (JSC::ASTBuilder::createCommaExpr): (JSC::ASTBuilder::createLogicalNot): (JSC::ASTBuilder::createUnaryPlus): (JSC::ASTBuilder::createVoid): (JSC::ASTBuilder::thisExpr): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createObjectLiteral): (JSC::ASTBuilder::createArray): (JSC::ASTBuilder::createNumberExpr): (JSC::ASTBuilder::createString): (JSC::ASTBuilder::createBoolean): (JSC::ASTBuilder::createNull): (JSC::ASTBuilder::createBracketAccess): (JSC::ASTBuilder::createDotAccess): (JSC::ASTBuilder::createRegExp): (JSC::ASTBuilder::createNewExpr): (JSC::ASTBuilder::createConditionalExpr): (JSC::ASTBuilder::createAssignResolve): (JSC::ASTBuilder::createFunctionExpr): (JSC::ASTBuilder::createFunctionBody): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createArguments): (JSC::ASTBuilder::createArgumentsList): (JSC::ASTBuilder::createProperty): (JSC::ASTBuilder::createPropertyList): (JSC::ASTBuilder::createElementList): (JSC::ASTBuilder::createFormalParameterList): (JSC::ASTBuilder::createClause): (JSC::ASTBuilder::createClauseList): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::createBlockStatement): (JSC::ASTBuilder::createExprStatement): (JSC::ASTBuilder::createIfStatement): (JSC::ASTBuilder::createForLoop): (JSC::ASTBuilder::createForInLoop): (JSC::ASTBuilder::createEmptyStatement): (JSC::ASTBuilder::createVarStatement): (JSC::ASTBuilder::createReturnStatement): (JSC::ASTBuilder::createBreakStatement): (JSC::ASTBuilder::createContinueStatement): (JSC::ASTBuilder::createTryStatement): (JSC::ASTBuilder::createSwitchStatement): (JSC::ASTBuilder::createWhileStatement): (JSC::ASTBuilder::createDoWhileStatement): (JSC::ASTBuilder::createLabelStatement): (JSC::ASTBuilder::createWithStatement): (JSC::ASTBuilder::createThrowStatement): (JSC::ASTBuilder::createDebugger): (JSC::ASTBuilder::createConstStatement): (JSC::ASTBuilder::appendConstDecl): (JSC::ASTBuilder::addVar): (JSC::ASTBuilder::combineCommaNodes): (JSC::ASTBuilder::Scope::Scope): (JSC::ASTBuilder::createNumber): (ASTBuilder): (JSC::ASTBuilder::makeTypeOfNode): (JSC::ASTBuilder::makeDeleteNode): (JSC::ASTBuilder::makeNegateNode): (JSC::ASTBuilder::makeBitwiseNotNode): (JSC::ASTBuilder::makeMultNode): (JSC::ASTBuilder::makeDivNode): (JSC::ASTBuilder::makeModNode): (JSC::ASTBuilder::makeAddNode): (JSC::ASTBuilder::makeSubNode): (JSC::ASTBuilder::makeLeftShiftNode): (JSC::ASTBuilder::makeRightShiftNode): (JSC::ASTBuilder::makeURightShiftNode): (JSC::ASTBuilder::makeBitOrNode): (JSC::ASTBuilder::makeBitAndNode): (JSC::ASTBuilder::makeBitXOrNode): (JSC::ASTBuilder::makeFunctionCallNode): (JSC::ASTBuilder::makeBinaryNode): (JSC::ASTBuilder::makeAssignNode): (JSC::ASTBuilder::makePrefixNode): (JSC::ASTBuilder::makePostfixNode): * parser/Lexer.cpp: (JSC::Keywords::Keywords): (JSC::::Lexer): (JSC::::parseIdentifier): (JSC::::parseIdentifierSlowCase): * parser/Lexer.h: (JSC::Keywords::isKeyword): (JSC::Keywords::getKeyword): (Keywords): (Lexer): (JSC::::makeIdentifier): (JSC::::makeRightSizedIdentifier): (JSC::::makeIdentifierLCharFromUChar): (JSC::::makeLCharIdentifier): * parser/NodeConstructors.h: (JSC::ParserArenaFreeable::operator new): (JSC::ParserArenaDeletable::operator new): (JSC::ParserArenaRefCounted::ParserArenaRefCounted): (JSC::PropertyNode::PropertyNode): (JSC::ContinueNode::ContinueNode): (JSC::BreakNode::BreakNode): (JSC::ForInNode::ForInNode): * parser/Nodes.cpp: (JSC::ScopeNode::ScopeNode): (JSC::ProgramNode::ProgramNode): (JSC::ProgramNode::create): (JSC::EvalNode::EvalNode): (JSC::EvalNode::create): (JSC::FunctionBodyNode::FunctionBodyNode): (JSC::FunctionBodyNode::create): * parser/Nodes.h: (ParserArenaFreeable): (ParserArenaDeletable): (ParserArenaRefCounted): (ArrayNode): (ForInNode): (ContinueNode): (BreakNode): (ScopeNode): (ProgramNode): (EvalNode): (FunctionBodyNode): * parser/Parser.cpp: (JSC::::Parser): (JSC::::parseInner): (JSC::::parseSourceElements): (JSC::::parseTryStatement): (JSC::::parseFunctionBody): (JSC::::parseFunctionInfo): (JSC::::parseAssignmentExpression): (JSC::::parseProperty): (JSC::::parsePrimaryExpression): (JSC::::parseMemberExpression): (JSC::::parseUnaryExpression): * parser/Parser.h: (JSC): (JSC::Scope::Scope): (JSC::Scope::declareVariable): (JSC::Scope::declareParameter): (Scope): (Parser): (JSC::Parser::pushScope): (JSC::::parse): (JSC::parse): * parser/ParserArena.h: (IdentifierArena): (JSC::IdentifierArena::makeIdentifier): (JSC::IdentifierArena::makeIdentifierLCharFromUChar): (JSC::IdentifierArena::makeNumericIdentifier): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::SyntaxChecker): (JSC::SyntaxChecker::createProperty): (JSC::SyntaxChecker::createGetterOrSetterProperty): * profiler/LegacyProfiler.cpp: (JSC::LegacyProfiler::startProfiling): (JSC::LegacyProfiler::stopProfiling): * profiler/LegacyProfiler.h: (JSC): * profiler/ProfilerBytecode.cpp: (JSC::Profiler::Bytecode::toJS): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): (JSC::Profiler::BytecodeSequence::addSequenceProperties): * profiler/ProfilerBytecodes.cpp: (JSC::Profiler::Bytecodes::toJS): * profiler/ProfilerCompilation.cpp: (JSC::Profiler::Compilation::toJS): * profiler/ProfilerCompiledBytecode.cpp: (JSC::Profiler::CompiledBytecode::toJS): * profiler/ProfilerDatabase.cpp: (JSC::Profiler::Database::Database): (JSC::Profiler::Database::toJS): (JSC::Profiler::Database::toJSON): * profiler/ProfilerDatabase.h: (Database): * profiler/ProfilerOSRExit.cpp: (JSC::Profiler::OSRExit::toJS): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::toJS): * profiler/ProfilerProfiledBytecodes.cpp: (JSC::Profiler::ProfiledBytecodes::toJS): * runtime/ArgList.h: (MarkedArgumentBuffer): * runtime/Arguments.cpp: (JSC::Arguments::putByIndex): (JSC::Arguments::put): (JSC::Arguments::deleteProperty): (JSC::Arguments::defineOwnProperty): (JSC::Arguments::tearOff): (JSC::Arguments::didTearOffActivation): (JSC::Arguments::tearOffForInlineCallFrame): * runtime/Arguments.h: (JSC::Arguments::create): (JSC::Arguments::createStructure): (Arguments): (JSC::Arguments::Arguments): (JSC::Arguments::trySetArgument): (JSC::Arguments::finishCreation): * runtime/ArrayConstructor.cpp: (JSC::ArrayConstructor::finishCreation): * runtime/ArrayConstructor.h: (JSC::ArrayConstructor::createStructure): * runtime/ArrayPrototype.cpp: (JSC::ArrayPrototype::ArrayPrototype): (JSC::ArrayPrototype::finishCreation): (JSC::arrayProtoFuncSort): (JSC::arrayProtoFuncSplice): * runtime/ArrayPrototype.h: (JSC::ArrayPrototype::createStructure): * runtime/BatchedTransitionOptimizer.h: (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer): (BatchedTransitionOptimizer): * runtime/BooleanConstructor.cpp: (JSC::BooleanConstructor::finishCreation): (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanConstructor.h: (JSC::BooleanConstructor::createStructure): * runtime/BooleanObject.cpp: (JSC::BooleanObject::BooleanObject): (JSC::BooleanObject::finishCreation): * runtime/BooleanObject.h: (BooleanObject): (JSC::BooleanObject::create): (JSC::BooleanObject::createStructure): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): (JSC::BooleanPrototype::finishCreation): (JSC::booleanProtoFuncToString): * runtime/BooleanPrototype.h: (JSC::BooleanPrototype::createStructure): * runtime/Butterfly.h: (JSC): (Butterfly): * runtime/ButterflyInlines.h: (JSC::Butterfly::createUninitialized): (JSC::Butterfly::create): (JSC::Butterfly::growPropertyStorage): (JSC::Butterfly::createOrGrowArrayRight): (JSC::Butterfly::growArrayRight): (JSC::Butterfly::resizeArray): * runtime/CodeCache.cpp: (JSC::CodeCache::getCodeBlock): (JSC::CodeCache::getProgramCodeBlock): (JSC::CodeCache::getEvalCodeBlock): (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/CodeCache.h: (JSC): (JSC::SourceCodeValue::SourceCodeValue): (CodeCache): * runtime/CommonIdentifiers.cpp: (JSC): (JSC::CommonIdentifiers::CommonIdentifiers): * runtime/CommonIdentifiers.h: (CommonIdentifiers): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::opIn): * runtime/Completion.cpp: (JSC::checkSyntax): (JSC::evaluate): * runtime/DateConstructor.cpp: (JSC::DateConstructor::finishCreation): * runtime/DateConstructor.h: (JSC::DateConstructor::createStructure): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): (JSC::DateInstance::finishCreation): (JSC::DateInstance::calculateGregorianDateTime): (JSC::DateInstance::calculateGregorianDateTimeUTC): * runtime/DateInstance.h: (DateInstance): (JSC::DateInstance::create): (JSC::DateInstance::createStructure): * runtime/DatePrototype.cpp: (JSC::DatePrototype::finishCreation): (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): (JSC::dateProtoFuncToJSON): * runtime/DatePrototype.h: (JSC::DatePrototype::createStructure): * runtime/Error.cpp: (JSC::createError): (JSC::createEvalError): (JSC::createRangeError): (JSC::createReferenceError): (JSC::createSyntaxError): (JSC::createTypeError): (JSC::createURIError): (JSC::addErrorInfo): (JSC::throwError): * runtime/Error.h: (JSC): (JSC::StrictModeTypeErrorFunction::create): (JSC::StrictModeTypeErrorFunction::createStructure): * runtime/ErrorConstructor.cpp: (JSC::ErrorConstructor::finishCreation): * runtime/ErrorConstructor.h: (JSC::ErrorConstructor::createStructure): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorInstance.h: (JSC::ErrorInstance::createStructure): (JSC::ErrorInstance::create): (ErrorInstance): (JSC::ErrorInstance::finishCreation): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::ErrorPrototype): (JSC::ErrorPrototype::finishCreation): * runtime/ErrorPrototype.h: (JSC::ErrorPrototype::createStructure): * runtime/ExceptionHelpers.cpp: (JSC::createInterruptedExecutionException): (JSC::createTerminatedExecutionException): * runtime/ExceptionHelpers.h: (JSC): (JSC::InterruptedExecutionError::InterruptedExecutionError): (JSC::InterruptedExecutionError::create): (JSC::InterruptedExecutionError::createStructure): (JSC::TerminatedExecutionError::TerminatedExecutionError): (JSC::TerminatedExecutionError::create): (JSC::TerminatedExecutionError::createStructure): * runtime/Executable.cpp: (JSC::jettisonCodeBlock): (JSC::EvalExecutable::EvalExecutable): (JSC::ProgramExecutable::ProgramExecutable): (JSC::FunctionExecutable::FunctionExecutable): (JSC::EvalExecutable::compileOptimized): (JSC::EvalExecutable::compileInternal): (JSC::EvalExecutable::jettisonOptimizedCode): (JSC::ProgramExecutable::checkSyntax): (JSC::ProgramExecutable::compileOptimized): (JSC::ProgramExecutable::jettisonOptimizedCode): (JSC::ProgramExecutable::initializeGlobalProperties): (JSC::FunctionExecutable::compileOptimizedForCall): (JSC::FunctionExecutable::compileOptimizedForConstruct): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::jettisonOptimizedCodeForCall): (JSC::FunctionExecutable::jettisonOptimizedCodeForConstruct): (JSC::FunctionExecutable::fromGlobalCode): * runtime/Executable.h: (JSC::ExecutableBase::ExecutableBase): (JSC::ExecutableBase::finishCreation): (JSC::ExecutableBase::createStructure): (JSC::NativeExecutable::create): (JSC::NativeExecutable::createStructure): (JSC::NativeExecutable::finishCreation): (JSC::NativeExecutable::NativeExecutable): (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::finishCreation): (JSC::EvalExecutable::compile): (EvalExecutable): (JSC::EvalExecutable::create): (JSC::EvalExecutable::createStructure): (JSC::ProgramExecutable::create): (ProgramExecutable): (JSC::ProgramExecutable::compile): (JSC::ProgramExecutable::createStructure): (JSC::FunctionExecutable::create): (JSC::FunctionExecutable::compileForCall): (FunctionExecutable): (JSC::FunctionExecutable::compileForConstruct): (JSC::FunctionExecutable::jettisonOptimizedCodeFor): (JSC::FunctionExecutable::createStructure): (JSC::JSFunction::JSFunction): * runtime/ExecutionHarness.h: (JSC::prepareForExecution): (JSC::prepareFunctionForExecution): * runtime/FunctionConstructor.cpp: (JSC::FunctionConstructor::finishCreation): * runtime/FunctionConstructor.h: (JSC::FunctionConstructor::createStructure): * runtime/FunctionPrototype.cpp: (JSC::FunctionPrototype::finishCreation): (JSC::FunctionPrototype::addFunctionProperties): (JSC::functionProtoFuncBind): * runtime/FunctionPrototype.h: (JSC::FunctionPrototype::createStructure): * runtime/GCActivityCallback.cpp: (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback): (JSC::DefaultGCActivityCallback::doWork): (JSC::DefaultGCActivityCallback::didAllocate): * runtime/GCActivityCallback.h: (JSC::GCActivityCallback::GCActivityCallback): * runtime/GCActivityCallbackBlackBerry.cpp: (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback): (JSC::DefaultGCActivityCallback::doWork): (JSC::DefaultGCActivityCallback::didAllocate): * runtime/GetterSetter.h: (JSC::GetterSetter::GetterSetter): (JSC::GetterSetter::create): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setSetter): (JSC::GetterSetter::createStructure): * runtime/Identifier.cpp: (JSC::Identifier::add): (JSC::Identifier::add8): (JSC::Identifier::addSlowCase): (JSC::Identifier::from): (JSC::Identifier::checkCurrentIdentifierTable): * runtime/Identifier.h: (JSC::Identifier::Identifier): (JSC::Identifier::createLCharFromUChar): (Identifier): (JSC::Identifier::add): * runtime/InternalFunction.cpp: (JSC::InternalFunction::InternalFunction): (JSC::InternalFunction::finishCreation): (JSC::InternalFunction::name): (JSC::InternalFunction::displayName): * runtime/InternalFunction.h: (JSC::InternalFunction::createStructure): (InternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::createStructure): (JSC::JSAPIValueWrapper::finishCreation): (JSC::JSAPIValueWrapper::JSAPIValueWrapper): * runtime/JSActivation.cpp: (JSC::JSActivation::symbolTablePut): (JSC::JSActivation::symbolTablePutWithAttributes): (JSC::JSActivation::getOwnPropertySlot): (JSC::JSActivation::put): (JSC::JSActivation::putDirectVirtual): (JSC::JSActivation::argumentsGetter): * runtime/JSActivation.h: (JSActivation): (JSC::JSActivation::create): (JSC::JSActivation::createStructure): (JSC::JSActivation::JSActivation): (JSC::JSActivation::tearOff): * runtime/JSArray.cpp: (JSC::createArrayButterflyInDictionaryIndexingMode): (JSC::JSArray::setLengthWritable): (JSC::JSArray::unshiftCountSlowCase): (JSC::JSArray::setLength): (JSC::JSArray::push): (JSC::JSArray::shiftCountWithAnyIndexingType): (JSC::JSArray::unshiftCountWithArrayStorage): (JSC::JSArray::unshiftCountWithAnyIndexingType): (JSC::ContiguousTypeAccessor::setWithValue): (JSC::JSArray::sortCompactedVector): (JSC::JSArray::sortVector): * runtime/JSArray.h: (JSC::JSArray::JSArray): (JSArray): (JSC::JSArray::shiftCountForShift): (JSC::JSArray::unshiftCountForShift): (JSC::JSArray::createStructure): (JSC::createContiguousArrayButterfly): (JSC::createArrayButterfly): (JSC): (JSC::JSArray::create): (JSC::JSArray::tryCreateUninitialized): (JSC::constructArray): * runtime/JSBoundFunction.cpp: (JSC::JSBoundFunction::create): (JSC::JSBoundFunction::JSBoundFunction): * runtime/JSBoundFunction.h: (JSC::JSBoundFunction::createStructure): * runtime/JSCJSValue.cpp: (JSC::JSValue::putToPrimitive): (JSC::JSValue::toStringSlowCase): * runtime/JSCJSValue.h: (JSC): * runtime/JSCell.h: (JSCell): * runtime/JSCellInlines.h: (JSC::JSCell::JSCell): (JSC::JSCell::finishCreation): (JSC::allocateCell): (JSC::JSCell::setStructure): (JSC::JSCell::fastGetOwnProperty): * runtime/JSDateMath.cpp: (JSC::getDSTOffset): (JSC::getUTCOffset): (JSC::parseDate): * runtime/JSDestructibleObject.h: (JSC::JSDestructibleObject::JSDestructibleObject): * runtime/JSFunction.cpp: (JSC::JSFunction::create): (JSC::JSFunction::JSFunction): (JSC::JSFunction::finishCreation): (JSC::JSFunction::createAllocationProfile): (JSC::JSFunction::name): (JSC::JSFunction::displayName): (JSC::JSFunction::getOwnPropertySlot): (JSC::JSFunction::deleteProperty): * runtime/JSFunction.h: (JSFunction): (JSC::JSFunction::create): (JSC::JSFunction::setScope): (JSC::JSFunction::createStructure): * runtime/JSGlobalData.cpp: Removed. * runtime/JSGlobalData.h: Removed. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::JSGlobalObject): (JSC::JSGlobalObject::~JSGlobalObject): (JSC::JSGlobalObject::setGlobalThis): (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::putDirectVirtual): (JSC::JSGlobalObject::reset): (JSC): (JSC::JSGlobalObject::haveABadTime): (JSC::JSGlobalObject::createThrowTypeError): (JSC::JSGlobalObject::resetPrototype): (JSC::JSGlobalObject::addStaticGlobals): (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): (JSC::JSGlobalObject::createProgramCodeBlock): (JSC::JSGlobalObject::createEvalCodeBlock): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::create): (JSGlobalObject): (JSC::JSGlobalObject::finishCreation): (JSC::JSGlobalObject::vm): (JSC::JSGlobalObject::createStructure): (JSC::ExecState::dynamicGlobalObject): (JSC::constructEmptyArray): (DynamicGlobalObjectScope): * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncProtoSetter): * runtime/JSLock.cpp: (JSC::JSLockHolder::JSLockHolder): (JSC::JSLockHolder::init): (JSC::JSLockHolder::~JSLockHolder): (JSC::JSLock::JSLock): (JSC::JSLock::willDestroyGlobalData): (JSC::JSLock::lock): (JSC::JSLock::unlock): (JSC::JSLock::DropAllLocks::DropAllLocks): (JSC::JSLock::DropAllLocks::~DropAllLocks): * runtime/JSLock.h: (JSC): (JSLockHolder): (JSLock): (JSC::JSLock::vm): (DropAllLocks): * runtime/JSNameScope.h: (JSC::JSNameScope::createStructure): (JSC::JSNameScope::finishCreation): (JSC::JSNameScope::JSNameScope): * runtime/JSNotAnObject.h: (JSC::JSNotAnObject::JSNotAnObject): (JSC::JSNotAnObject::create): (JSC::JSNotAnObject::createStructure): * runtime/JSONObject.cpp: (JSC::JSONObject::JSONObject): (JSC::JSONObject::finishCreation): (Holder): (JSC::Stringifier::Stringifier): (JSC::Stringifier::stringify): (JSC::Stringifier::toJSON): (JSC::Stringifier::appendStringifiedValue): (JSC::Stringifier::Holder::Holder): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::Walker): (JSC::Walker::walk): (JSC::JSONProtoFuncParse): (JSC::JSONProtoFuncStringify): (JSC::JSONStringify): * runtime/JSONObject.h: (JSC::JSONObject::createStructure): * runtime/JSObject.cpp: (JSC::JSObject::put): (JSC::JSObject::putByIndex): (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists): (JSC::JSObject::enterDictionaryIndexingMode): (JSC::JSObject::notifyPresenceOfIndexedAccessors): (JSC::JSObject::createInitialIndexedStorage): (JSC::JSObject::createInitialUndecided): (JSC::JSObject::createInitialInt32): (JSC::JSObject::createInitialDouble): (JSC::JSObject::createInitialContiguous): (JSC::JSObject::createArrayStorage): (JSC::JSObject::createInitialArrayStorage): (JSC::JSObject::convertUndecidedToInt32): (JSC::JSObject::convertUndecidedToDouble): (JSC::JSObject::convertUndecidedToContiguous): (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements): (JSC::JSObject::convertUndecidedToArrayStorage): (JSC::JSObject::convertInt32ToDouble): (JSC::JSObject::convertInt32ToContiguous): (JSC::JSObject::convertInt32ToArrayStorage): (JSC::JSObject::genericConvertDoubleToContiguous): (JSC::JSObject::convertDoubleToContiguous): (JSC::JSObject::rageConvertDoubleToContiguous): (JSC::JSObject::convertDoubleToArrayStorage): (JSC::JSObject::convertContiguousToArrayStorage): (JSC::JSObject::convertUndecidedForValue): (JSC::JSObject::convertInt32ForValue): (JSC::JSObject::setIndexQuicklyToUndecided): (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex): (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex): (JSC::JSObject::ensureInt32Slow): (JSC::JSObject::ensureDoubleSlow): (JSC::JSObject::ensureContiguousSlow): (JSC::JSObject::rageEnsureContiguousSlow): (JSC::JSObject::ensureArrayStorageSlow): (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode): (JSC::JSObject::switchToSlowPutArrayStorage): (JSC::JSObject::putDirectVirtual): (JSC::JSObject::setPrototype): (JSC::JSObject::setPrototypeWithCycleCheck): (JSC::JSObject::putDirectAccessor): (JSC::JSObject::deleteProperty): (JSC::JSObject::getPropertySpecificValue): (JSC::JSObject::getOwnNonIndexPropertyNames): (JSC::JSObject::seal): (JSC::JSObject::freeze): (JSC::JSObject::preventExtensions): (JSC::JSObject::reifyStaticFunctionsForDelete): (JSC::JSObject::removeDirect): (JSC::JSObject::putIndexedDescriptor): (JSC::JSObject::defineOwnIndexedProperty): (JSC::JSObject::allocateSparseIndexMap): (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes): (JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage): (JSC::JSObject::putByIndexBeyondVectorLength): (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage): (JSC::JSObject::putDirectIndexBeyondVectorLength): (JSC::JSObject::putDirectNativeFunction): (JSC::JSObject::increaseVectorLength): (JSC::JSObject::ensureLengthSlow): (JSC::JSObject::growOutOfLineStorage): (JSC::JSObject::getOwnPropertyDescriptor): (JSC::putDescriptor): (JSC::JSObject::putDirectMayBeIndex): (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope): (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope): (DefineOwnPropertyScope): (JSC::JSObject::defineOwnNonIndexProperty): * runtime/JSObject.h: (JSObject): (JSC::JSObject::putByIndexInline): (JSC::JSObject::putDirectIndex): (JSC::JSObject::setIndexQuickly): (JSC::JSObject::initializeIndex): (JSC::JSObject::getDirect): (JSC::JSObject::getDirectOffset): (JSC::JSObject::putDirect): (JSC::JSObject::isSealed): (JSC::JSObject::isFrozen): (JSC::JSObject::flattenDictionaryObject): (JSC::JSObject::ensureInt32): (JSC::JSObject::ensureDouble): (JSC::JSObject::ensureContiguous): (JSC::JSObject::rageEnsureContiguous): (JSC::JSObject::ensureArrayStorage): (JSC::JSObject::finishCreation): (JSC::JSObject::createStructure): (JSC::JSObject::ensureLength): (JSC::JSNonFinalObject::createStructure): (JSC::JSNonFinalObject::JSNonFinalObject): (JSC::JSNonFinalObject::finishCreation): (JSC::JSFinalObject::createStructure): (JSC::JSFinalObject::finishCreation): (JSC::JSFinalObject::JSFinalObject): (JSC::JSFinalObject::create): (JSC::JSObject::setButterfly): (JSC::JSObject::JSObject): (JSC::JSObject::inlineGetOwnPropertySlot): (JSC::JSObject::putDirectInternal): (JSC::JSObject::setStructureAndReallocateStorageIfNecessary): (JSC::JSObject::putOwnDataProperty): (JSC::JSObject::putDirectWithoutTransition): (JSC): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::JSPropertyNameIterator): (JSC::JSPropertyNameIterator::create): * runtime/JSPropertyNameIterator.h: (JSC::JSPropertyNameIterator::createStructure): (JSC::JSPropertyNameIterator::setCachedStructure): (JSC::JSPropertyNameIterator::setCachedPrototypeChain): (JSC::JSPropertyNameIterator::finishCreation): (JSC::StructureRareData::setEnumerationCache): * runtime/JSProxy.cpp: (JSC::JSProxy::setTarget): * runtime/JSProxy.h: (JSC::JSProxy::create): (JSC::JSProxy::createStructure): (JSC::JSProxy::JSProxy): (JSC::JSProxy::finishCreation): (JSProxy): * runtime/JSScope.cpp: (JSC::executeResolveOperations): (JSC::JSScope::resolveContainingScopeInternal): (JSC::JSScope::resolveWithBase): (JSC::JSScope::resolveWithThis): (JSC::JSScope::resolvePut): * runtime/JSScope.h: (JSScope): (JSC::JSScope::JSScope): (JSC::JSScope::vm): (JSC::ExecState::vm): * runtime/JSSegmentedVariableObject.h: (JSC::JSSegmentedVariableObject::JSSegmentedVariableObject): (JSC::JSSegmentedVariableObject::finishCreation): * runtime/JSString.cpp: (JSC::JSRopeString::RopeBuilder::expand): (JSC::StringObject::create): * runtime/JSString.h: (JSC): (JSString): (JSC::JSString::JSString): (JSC::JSString::finishCreation): (JSC::JSString::create): (JSC::JSString::createHasOtherOwner): (JSC::JSString::createStructure): (JSRopeString): (JSC::JSRopeString::RopeBuilder::RopeBuilder): (JSC::JSRopeString::RopeBuilder::append): (RopeBuilder): (JSC::JSRopeString::JSRopeString): (JSC::JSRopeString::finishCreation): (JSC::JSRopeString::append): (JSC::JSRopeString::createNull): (JSC::JSRopeString::create): (JSC::jsEmptyString): (JSC::jsSingleCharacterString): (JSC::jsSingleCharacterSubstring): (JSC::jsNontrivialString): (JSC::jsString): (JSC::jsSubstring): (JSC::jsSubstring8): (JSC::jsOwnedString): (JSC::jsStringBuilder): (JSC::inlineJSValueNotStringtoString): * runtime/JSStringJoiner.cpp: (JSC::JSStringJoiner::build): * runtime/JSSymbolTableObject.h: (JSC::JSSymbolTableObject::JSSymbolTableObject): (JSC::JSSymbolTableObject::finishCreation): (JSC::symbolTablePut): (JSC::symbolTablePutWithAttributes): * runtime/JSVariableObject.h: (JSC::JSVariableObject::JSVariableObject): * runtime/JSWithScope.h: (JSC::JSWithScope::create): (JSC::JSWithScope::createStructure): (JSC::JSWithScope::JSWithScope): * runtime/JSWrapperObject.h: (JSWrapperObject): (JSC::JSWrapperObject::createStructure): (JSC::JSWrapperObject::JSWrapperObject): (JSC::JSWrapperObject::setInternalValue): * runtime/LiteralParser.cpp: (JSC::::tryJSONPParse): (JSC::::makeIdentifier): (JSC::::parse): * runtime/Lookup.cpp: (JSC::HashTable::createTable): (JSC::setUpStaticFunctionSlot): * runtime/Lookup.h: (JSC::HashTable::initializeIfNeeded): (JSC::HashTable::entry): (JSC::HashTable::begin): (JSC::HashTable::end): (HashTable): (JSC::lookupPut): * runtime/MathObject.cpp: (JSC::MathObject::MathObject): (JSC::MathObject::finishCreation): (JSC::mathProtoFuncSin): * runtime/MathObject.h: (JSC::MathObject::createStructure): * runtime/MemoryStatistics.cpp: * runtime/MemoryStatistics.h: * runtime/NameConstructor.cpp: (JSC::NameConstructor::finishCreation): (JSC::constructPrivateName): * runtime/NameConstructor.h: (JSC::NameConstructor::createStructure): * runtime/NameInstance.cpp: (JSC::NameInstance::NameInstance): * runtime/NameInstance.h: (JSC::NameInstance::createStructure): (JSC::NameInstance::create): (NameInstance): (JSC::NameInstance::finishCreation): * runtime/NamePrototype.cpp: (JSC::NamePrototype::NamePrototype): (JSC::NamePrototype::finishCreation): * runtime/NamePrototype.h: (JSC::NamePrototype::createStructure): * runtime/NativeErrorConstructor.h: (JSC::NativeErrorConstructor::createStructure): (JSC::NativeErrorConstructor::finishCreation): * runtime/NativeErrorPrototype.cpp: (JSC::NativeErrorPrototype::finishCreation): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::finishCreation): (JSC::constructWithNumberConstructor): * runtime/NumberConstructor.h: (JSC::NumberConstructor::createStructure): * runtime/NumberObject.cpp: (JSC::NumberObject::NumberObject): (JSC::NumberObject::finishCreation): (JSC::constructNumber): * runtime/NumberObject.h: (NumberObject): (JSC::NumberObject::create): (JSC::NumberObject::createStructure): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): (JSC::NumberPrototype::finishCreation): (JSC::integerValueToString): (JSC::numberProtoFuncToString): * runtime/NumberPrototype.h: (JSC::NumberPrototype::createStructure): * runtime/ObjectConstructor.cpp: (JSC::ObjectConstructor::finishCreation): (JSC::objectConstructorGetOwnPropertyDescriptor): (JSC::objectConstructorSeal): (JSC::objectConstructorFreeze): (JSC::objectConstructorPreventExtensions): (JSC::objectConstructorIsSealed): (JSC::objectConstructorIsFrozen): * runtime/ObjectConstructor.h: (JSC::ObjectConstructor::createStructure): (JSC::constructEmptyObject): * runtime/ObjectPrototype.cpp: (JSC::ObjectPrototype::ObjectPrototype): (JSC::ObjectPrototype::finishCreation): (JSC::objectProtoFuncToString): * runtime/ObjectPrototype.h: (JSC::ObjectPrototype::createStructure): * runtime/Operations.cpp: (JSC::jsTypeStringForValue): * runtime/Operations.h: (JSC): (JSC::jsString): (JSC::jsStringFromArguments): (JSC::normalizePrototypeChainForChainAccess): (JSC::normalizePrototypeChain): * runtime/PropertyMapHashTable.h: (JSC::PropertyMapEntry::PropertyMapEntry): (JSC::PropertyTable::createStructure): (PropertyTable): (JSC::PropertyTable::copy): * runtime/PropertyNameArray.h: (JSC::PropertyNameArray::PropertyNameArray): (JSC::PropertyNameArray::vm): (JSC::PropertyNameArray::addKnownUnique): (PropertyNameArray): * runtime/PropertyTable.cpp: (JSC::PropertyTable::create): (JSC::PropertyTable::clone): (JSC::PropertyTable::PropertyTable): * runtime/PrototypeMap.cpp: (JSC::PrototypeMap::emptyObjectStructureForPrototype): * runtime/RegExp.cpp: (JSC::RegExp::RegExp): (JSC::RegExp::finishCreation): (JSC::RegExp::createWithoutCaching): (JSC::RegExp::create): (JSC::RegExp::compile): (JSC::RegExp::compileIfNecessary): (JSC::RegExp::match): (JSC::RegExp::compileMatchOnly): (JSC::RegExp::compileIfNecessaryMatchOnly): * runtime/RegExp.h: (JSC): (RegExp): (JSC::RegExp::createStructure): * runtime/RegExpCache.cpp: (JSC::RegExpCache::lookupOrCreate): (JSC::RegExpCache::RegExpCache): (JSC::RegExpCache::addToStrongCache): * runtime/RegExpCache.h: (RegExpCache): * runtime/RegExpCachedResult.cpp: (JSC::RegExpCachedResult::lastResult): (JSC::RegExpCachedResult::setInput): * runtime/RegExpCachedResult.h: (JSC::RegExpCachedResult::RegExpCachedResult): (JSC::RegExpCachedResult::record): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::RegExpConstructor): (JSC::RegExpConstructor::finishCreation): (JSC::constructRegExp): * runtime/RegExpConstructor.h: (JSC::RegExpConstructor::createStructure): (RegExpConstructor): (JSC::RegExpConstructor::performMatch): * runtime/RegExpMatchesArray.cpp: (JSC::RegExpMatchesArray::RegExpMatchesArray): (JSC::RegExpMatchesArray::create): (JSC::RegExpMatchesArray::finishCreation): (JSC::RegExpMatchesArray::reifyAllProperties): * runtime/RegExpMatchesArray.h: (RegExpMatchesArray): (JSC::RegExpMatchesArray::createStructure): * runtime/RegExpObject.cpp: (JSC::RegExpObject::RegExpObject): (JSC::RegExpObject::finishCreation): (JSC::RegExpObject::match): * runtime/RegExpObject.h: (JSC::RegExpObject::create): (JSC::RegExpObject::setRegExp): (JSC::RegExpObject::setLastIndex): (JSC::RegExpObject::createStructure): * runtime/RegExpPrototype.cpp: (JSC::regExpProtoFuncCompile): * runtime/RegExpPrototype.h: (JSC::RegExpPrototype::createStructure): * runtime/SmallStrings.cpp: (JSC::SmallStrings::initializeCommonStrings): (JSC::SmallStrings::createEmptyString): (JSC::SmallStrings::createSingleCharacterString): (JSC::SmallStrings::initialize): * runtime/SmallStrings.h: (JSC): (JSC::SmallStrings::singleCharacterString): (SmallStrings): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::SparseArrayValueMap): (JSC::SparseArrayValueMap::finishCreation): (JSC::SparseArrayValueMap::create): (JSC::SparseArrayValueMap::createStructure): (JSC::SparseArrayValueMap::putDirect): (JSC::SparseArrayEntry::put): * runtime/SparseArrayValueMap.h: * runtime/StrictEvalActivation.cpp: (JSC::StrictEvalActivation::StrictEvalActivation): * runtime/StrictEvalActivation.h: (JSC::StrictEvalActivation::create): (JSC::StrictEvalActivation::createStructure): * runtime/StringConstructor.cpp: (JSC::StringConstructor::finishCreation): * runtime/StringConstructor.h: (JSC::StringConstructor::createStructure): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): (JSC::StringObject::finishCreation): (JSC::constructString): * runtime/StringObject.h: (JSC::StringObject::create): (JSC::StringObject::createStructure): (StringObject): * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): (JSC::StringPrototype::finishCreation): (JSC::removeUsingRegExpSearch): (JSC::replaceUsingRegExpSearch): (JSC::stringProtoFuncMatch): (JSC::stringProtoFuncSearch): (JSC::stringProtoFuncSplit): * runtime/StringPrototype.h: (JSC::StringPrototype::createStructure): * runtime/StringRecursionChecker.h: (JSC::StringRecursionChecker::performCheck): (JSC::StringRecursionChecker::~StringRecursionChecker): * runtime/Structure.cpp: (JSC::StructureTransitionTable::add): (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::despecifyDictionaryFunction): (JSC::Structure::addPropertyTransition): (JSC::Structure::removePropertyTransition): (JSC::Structure::changePrototypeTransition): (JSC::Structure::despecifyFunctionTransition): (JSC::Structure::attributeChangeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::toCacheableDictionaryTransition): (JSC::Structure::toUncacheableDictionaryTransition): (JSC::Structure::sealTransition): (JSC::Structure::freezeTransition): (JSC::Structure::preventExtensionsTransition): (JSC::Structure::takePropertyTableOrCloneIfPinned): (JSC::Structure::nonPropertyTransition): (JSC::Structure::isSealed): (JSC::Structure::isFrozen): (JSC::Structure::flattenDictionaryStructure): (JSC::Structure::addPropertyWithoutTransition): (JSC::Structure::removePropertyWithoutTransition): (JSC::Structure::allocateRareData): (JSC::Structure::cloneRareDataFrom): (JSC::Structure::copyPropertyTable): (JSC::Structure::copyPropertyTableForPinning): (JSC::Structure::get): (JSC::Structure::despecifyFunction): (JSC::Structure::despecifyAllFunctions): (JSC::Structure::putSpecificValue): (JSC::Structure::createPropertyMap): (JSC::Structure::getPropertyNamesFromStructure): (JSC::Structure::prototypeChainMayInterceptStoreTo): * runtime/Structure.h: (Structure): (JSC::Structure::finishCreation): (JSC::Structure::setPrototypeWithoutTransition): (JSC::Structure::setGlobalObject): (JSC::Structure::setObjectToStringValue): (JSC::Structure::materializePropertyMapIfNecessary): (JSC::Structure::materializePropertyMapIfNecessaryForPinning): (JSC::Structure::setPreviousID): * runtime/StructureChain.cpp: (JSC::StructureChain::StructureChain): * runtime/StructureChain.h: (JSC::StructureChain::create): (JSC::StructureChain::createStructure): (JSC::StructureChain::finishCreation): (StructureChain): * runtime/StructureInlines.h: (JSC::Structure::create): (JSC::Structure::createStructure): (JSC::Structure::get): (JSC::Structure::setEnumerationCache): (JSC::Structure::prototypeChain): (JSC::Structure::propertyTable): * runtime/StructureRareData.cpp: (JSC::StructureRareData::createStructure): (JSC::StructureRareData::create): (JSC::StructureRareData::clone): (JSC::StructureRareData::StructureRareData): * runtime/StructureRareData.h: (StructureRareData): * runtime/StructureRareDataInlines.h: (JSC::StructureRareData::setPreviousID): (JSC::StructureRareData::setObjectToStringValue): * runtime/StructureTransitionTable.h: (StructureTransitionTable): (JSC::StructureTransitionTable::setSingleTransition): * runtime/SymbolTable.h: (JSC::SharedSymbolTable::create): (JSC::SharedSymbolTable::createStructure): (JSC::SharedSymbolTable::SharedSymbolTable): * runtime/VM.cpp: Copied from Source/JavaScriptCore/runtime/JSGlobalData.cpp. (JSC::VM::VM): (JSC::VM::~VM): (JSC::VM::createContextGroup): (JSC::VM::create): (JSC::VM::createLeaked): (JSC::VM::sharedInstanceExists): (JSC::VM::sharedInstance): (JSC::VM::sharedInstanceInternal): (JSC::VM::getHostFunction): (JSC::VM::ClientData::~ClientData): (JSC::VM::resetDateCache): (JSC::VM::startSampling): (JSC::VM::stopSampling): (JSC::VM::discardAllCode): (JSC::VM::dumpSampleData): (JSC::VM::addSourceProviderCache): (JSC::VM::clearSourceProviderCaches): (JSC::VM::releaseExecutableMemory): (JSC::releaseExecutableMemory): (JSC::VM::gatherConservativeRoots): (JSC::VM::addRegExpToTrace): (JSC::VM::dumpRegExpTrace): * runtime/VM.h: Copied from Source/JavaScriptCore/runtime/JSGlobalData.h. (VM): (JSC::VM::isSharedInstance): (JSC::VM::usingAPI): (JSC::VM::isInitializingObject): (JSC::VM::setInitializingObjectClass): (JSC::WeakSet::heap): * runtime/WriteBarrier.h: (JSC): (JSC::WriteBarrierBase::set): (JSC::WriteBarrierBase::setMayBeNull): (JSC::WriteBarrierBase::setEarlyValue): (JSC::WriteBarrier::WriteBarrier): * testRegExp.cpp: (GlobalObject): (GlobalObject::create): (GlobalObject::createStructure): (GlobalObject::finishCreation): (main): (testOneRegExp): (parseRegExpLine): (runFromFiles): (realMain): * yarr/YarrInterpreter.h: (BytecodePattern): * yarr/YarrJIT.cpp: (YarrGenerator): (JSC::Yarr::YarrGenerator::compile): (JSC::Yarr::jitCompile): * yarr/YarrJIT.h: (JSC): ../WebCore: * ForwardingHeaders/runtime/JSGlobalData.h: Removed. * ForwardingHeaders/runtime/VM.h: Copied from Source/WebCore/ForwardingHeaders/runtime/JSGlobalData.h. * WebCore.exp.in: * WebCore.order: * WebCore.vcxproj/WebCore.vcxproj: * WebCore.vcxproj/WebCore.vcxproj.filters: * bindings/js/DOMObjectHashTableMap.cpp: (WebCore::DOMObjectHashTableMap::mapFor): * bindings/js/DOMObjectHashTableMap.h: (JSC): (DOMObjectHashTableMap): * bindings/js/DOMWrapperWorld.cpp: (WebCore::DOMWrapperWorld::DOMWrapperWorld): (WebCore::DOMWrapperWorld::~DOMWrapperWorld): (WebCore::normalWorld): (WebCore::mainThreadNormalWorld): * bindings/js/DOMWrapperWorld.h: (WebCore::DOMWrapperWorld::create): (WebCore::DOMWrapperWorld::vm): (DOMWrapperWorld): (WebCore): * bindings/js/GCController.cpp: (WebCore::collect): (WebCore::GCController::garbageCollectSoon): (WebCore::GCController::garbageCollectNow): (WebCore::GCController::setJavaScriptGarbageCollectorTimerEnabled): (WebCore::GCController::discardAllCompiledCode): * bindings/js/IDBBindingUtilities.cpp: (WebCore::get): (WebCore::set): (WebCore::deserializeIDBValue): (WebCore::deserializeIDBValueBuffer): (WebCore::idbKeyToScriptValue): * bindings/js/JSCallbackData.h: (WebCore::JSCallbackData::JSCallbackData): * bindings/js/JSCustomSQLStatementErrorCallback.cpp: (WebCore::JSSQLStatementErrorCallback::handleEvent): * bindings/js/JSCustomXPathNSResolver.cpp: (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver): (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI): * bindings/js/JSDOMBinding.cpp: (WebCore::getHashTableForGlobalData): (WebCore::reportException): (WebCore::cacheDOMStructure): * bindings/js/JSDOMBinding.h: (WebCore::DOMConstructorObject::createStructure): (WebCore::DOMConstructorWithDocument::finishCreation): (WebCore::getDOMStructure): (WebCore::setInlineCachedWrapper): (WebCore): (WebCore::jsStringWithCache): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::JSDOMGlobalObject): (WebCore::JSDOMGlobalObject::finishCreation): * bindings/js/JSDOMGlobalObject.h: (JSDOMGlobalObject): (WebCore::JSDOMGlobalObject::createStructure): (WebCore::getDOMConstructor): * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::JSDOMWindowBase): (WebCore::JSDOMWindowBase::finishCreation): (WebCore::JSDOMWindowBase::updateDocument): (WebCore::JSDOMWindowBase::commonVM): * bindings/js/JSDOMWindowBase.h: (JSDOMWindowBase): (WebCore::JSDOMWindowBase::createStructure): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::setLocation): (WebCore::DialogHandler::dialogCreated): (WebCore::DialogHandler::returnValue): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::JSDOMWindowShell): (WebCore::JSDOMWindowShell::finishCreation): (WebCore::JSDOMWindowShell::setWindow): * bindings/js/JSDOMWindowShell.h: (JSDOMWindowShell): (WebCore::JSDOMWindowShell::create): (WebCore::JSDOMWindowShell::createStructure): * bindings/js/JSDOMWrapper.h: (WebCore::JSDOMWrapper::JSDOMWrapper): * bindings/js/JSDeviceMotionEventCustom.cpp: (WebCore::createAccelerationObject): (WebCore::createRotationRateObject): * bindings/js/JSDictionary.cpp: (WebCore::JSDictionary::convertValue): * bindings/js/JSDictionary.h: (WebCore::JSDictionary::JSDictionary): * bindings/js/JSErrorHandler.cpp: (WebCore::JSErrorHandler::handleEvent): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::handleEvent): * bindings/js/JSEventListener.h: (WebCore::JSEventListener::setWrapper): (WebCore::JSEventListener::jsFunction): * bindings/js/JSHTMLDocumentCustom.cpp: (WebCore::JSHTMLDocument::all): (WebCore::JSHTMLDocument::setAll): * bindings/js/JSHTMLTemplateElementCustom.cpp: (WebCore::JSHTMLTemplateElement::content): * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::state): * bindings/js/JSImageConstructor.cpp: (WebCore::JSImageConstructor::finishCreation): * bindings/js/JSImageConstructor.h: (WebCore::JSImageConstructor::createStructure): * bindings/js/JSImageDataCustom.cpp: (WebCore::toJS): * bindings/js/JSInjectedScriptHostCustom.cpp: (WebCore::InjectedScriptHost::nodeAsScriptValue): (WebCore::JSInjectedScriptHost::functionDetails): (WebCore::getJSListenerFunctions): (WebCore::JSInjectedScriptHost::getEventListeners): (WebCore::JSInjectedScriptHost::inspect): * bindings/js/JSLazyEventListener.cpp: (WebCore::JSLazyEventListener::initializeJSFunction): * bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::data): (WebCore::handleInitMessageEvent): * bindings/js/JSMutationCallback.cpp: (WebCore::JSMutationCallback::call): * bindings/js/JSMutationObserverCustom.cpp: (WebCore::JSMutationObserverConstructor::constructJSMutationObserver): * bindings/js/JSNodeFilterCondition.cpp: (WebCore::JSNodeFilterCondition::JSNodeFilterCondition): * bindings/js/JSNodeFilterCondition.h: (WebCore::JSNodeFilterCondition::create): (JSNodeFilterCondition): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::toNodeFilter): * bindings/js/JSPopStateEventCustom.cpp: (WebCore::cacheState): * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp: (WebCore::JSRequestAnimationFrameCallback::handleEvent): * bindings/js/JSSQLResultSetRowListCustom.cpp: (WebCore::JSSQLResultSetRowList::item): * bindings/js/JSWorkerContextBase.cpp: (WebCore::JSWorkerContextBase::JSWorkerContextBase): (WebCore::JSWorkerContextBase::finishCreation): * bindings/js/JSWorkerContextBase.h: (WebCore::JSWorkerContextBase::createStructure): (JSWorkerContextBase): * bindings/js/PageScriptDebugServer.cpp: (WebCore::PageScriptDebugServer::recompileAllJSFunctions): * bindings/js/ScheduledAction.cpp: (WebCore::ScheduledAction::ScheduledAction): (WebCore::ScheduledAction::executeFunctionInContext): * bindings/js/ScheduledAction.h: (WebCore::ScheduledAction::ScheduledAction): * bindings/js/ScriptCachedFrameData.cpp: (WebCore::ScriptCachedFrameData::ScriptCachedFrameData): (WebCore::ScriptCachedFrameData::restore): (WebCore::ScriptCachedFrameData::clear): * bindings/js/ScriptCallStackFactory.cpp: (WebCore::createScriptCallStack): (WebCore::createScriptArguments): * bindings/js/ScriptController.cpp: (WebCore::ScriptController::createWindowShell): (WebCore::ScriptController::evaluateInWorld): (WebCore::ScriptController::createWorld): (WebCore::ScriptController::getAllWorlds): (WebCore::ScriptController::clearWindowShell): (WebCore::ScriptController::initScript): (WebCore::ScriptController::updateDocument): (WebCore::ScriptController::cacheableBindingRootObject): (WebCore::ScriptController::bindingRootObject): (WebCore::ScriptController::clearScriptObjects): (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): * bindings/js/ScriptControllerMac.mm: (WebCore::ScriptController::windowScriptObject): * bindings/js/ScriptDebugServer.cpp: (WebCore::ScriptDebugServer::dispatchDidPause): * bindings/js/ScriptEventListener.cpp: (WebCore::eventListenerHandlerBody): (WebCore::eventListenerHandler): (WebCore::eventListenerHandlerLocation): * bindings/js/ScriptFunctionCall.cpp: (WebCore::ScriptFunctionCall::call): (WebCore::ScriptCallback::call): * bindings/js/ScriptGCEvent.cpp: (WebCore::ScriptGCEvent::getHeapSize): * bindings/js/ScriptObject.cpp: (WebCore::ScriptObject::ScriptObject): (WebCore::ScriptGlobalObject::set): * bindings/js/ScriptState.h: (WebCore): * bindings/js/ScriptValue.cpp: (WebCore::ScriptValue::deserialize): * bindings/js/ScriptValue.h: (WebCore::ScriptValue::ScriptValue): * bindings/js/ScriptWrappable.h: (JSC): (ScriptWrappable): * bindings/js/ScriptWrappableInlines.h: (WebCore::ScriptWrappable::setWrapper): * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneDeserializer::readTerminal): (WebCore::SerializedScriptValue::deserializeForInspector): (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed): * bindings/js/WebCoreJSClientData.h: (WebCoreJSClientData): (WebCore::initNormalWorldClientData): * bindings/js/WorkerScriptController.cpp: (WebCore::WorkerScriptController::WorkerScriptController): (WebCore::WorkerScriptController::~WorkerScriptController): (WebCore::WorkerScriptController::initScript): (WebCore::WorkerScriptController::evaluate): (WebCore::WorkerScriptController::scheduleExecutionTermination): (WebCore::WorkerScriptController::isExecutionTerminating): (WebCore::WorkerScriptController::disableEval): * bindings/js/WorkerScriptController.h: (JSC): (WebCore::WorkerScriptController::vm): (WorkerScriptController): * bindings/js/WorkerScriptDebugServer.cpp: (WebCore::WorkerScriptDebugServer::recompileAllJSFunctions): * bindings/objc/WebScriptObject.mm: (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]): * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateCallbackImplementation): (JSValueToNative): (GenerateConstructorDeclaration): (GenerateConstructorHelperMethods): * bindings/scripts/test/JS/JSFloat64Array.cpp: (WebCore::getJSFloat64ArrayConstructorTable): (WebCore::JSFloat64ArrayConstructor::finishCreation): (WebCore::getJSFloat64ArrayPrototypeTable): (WebCore::getJSFloat64ArrayTable): (WebCore::JSFloat64Array::finishCreation): (WebCore::JSFloat64Array::createPrototype): * bindings/scripts/test/JS/JSFloat64Array.h: (WebCore::JSFloat64Array::create): (WebCore::JSFloat64Array::createStructure): (JSFloat64Array): (WebCore::JSFloat64ArrayPrototype::create): (WebCore::JSFloat64ArrayPrototype::createStructure): (WebCore::JSFloat64ArrayPrototype::JSFloat64ArrayPrototype): (WebCore::JSFloat64ArrayConstructor::createStructure): * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: (WebCore::JSTestActiveDOMObjectConstructor::finishCreation): (WebCore::JSTestActiveDOMObject::finishCreation): (WebCore::JSTestActiveDOMObject::createPrototype): * bindings/scripts/test/JS/JSTestActiveDOMObject.h: (WebCore::JSTestActiveDOMObject::create): (WebCore::JSTestActiveDOMObject::createStructure): (JSTestActiveDOMObject): (WebCore::JSTestActiveDOMObjectPrototype::create): (WebCore::JSTestActiveDOMObjectPrototype::createStructure): (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype): (WebCore::JSTestActiveDOMObjectConstructor::createStructure): * bindings/scripts/test/JS/JSTestCallback.cpp: (WebCore::JSTestCallback::callbackWithNoParam): (WebCore::JSTestCallback::callbackWithClass1Param): (WebCore::JSTestCallback::callbackWithClass2Param): (WebCore::JSTestCallback::callbackWithStringList): (WebCore::JSTestCallback::callbackWithBoolean): (WebCore::JSTestCallback::callbackRequiresThisToPass): * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: (WebCore::JSTestCustomNamedGetterConstructor::finishCreation): (WebCore::JSTestCustomNamedGetter::finishCreation): (WebCore::JSTestCustomNamedGetter::createPrototype): * bindings/scripts/test/JS/JSTestCustomNamedGetter.h: (WebCore::JSTestCustomNamedGetter::create): (WebCore::JSTestCustomNamedGetter::createStructure): (JSTestCustomNamedGetter): (WebCore::JSTestCustomNamedGetterPrototype::create): (WebCore::JSTestCustomNamedGetterPrototype::createStructure): (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype): (WebCore::JSTestCustomNamedGetterConstructor::createStructure): * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructorConstructor::finishCreation): (WebCore::JSTestEventConstructor::finishCreation): (WebCore::JSTestEventConstructor::createPrototype): * bindings/scripts/test/JS/JSTestEventConstructor.h: (WebCore::JSTestEventConstructor::create): (WebCore::JSTestEventConstructor::createStructure): (JSTestEventConstructor): (WebCore::JSTestEventConstructorPrototype::create): (WebCore::JSTestEventConstructorPrototype::createStructure): (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype): (WebCore::JSTestEventConstructorConstructor::createStructure): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTargetConstructor::finishCreation): (WebCore::JSTestEventTarget::finishCreation): (WebCore::JSTestEventTarget::createPrototype): * bindings/scripts/test/JS/JSTestEventTarget.h: (WebCore::JSTestEventTarget::create): (WebCore::JSTestEventTarget::createStructure): (JSTestEventTarget): (WebCore::JSTestEventTargetPrototype::create): (WebCore::JSTestEventTargetPrototype::createStructure): (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype): (WebCore::JSTestEventTargetConstructor::createStructure): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestExceptionConstructor::finishCreation): (WebCore::JSTestException::finishCreation): (WebCore::JSTestException::createPrototype): * bindings/scripts/test/JS/JSTestException.h: (WebCore::JSTestException::create): (WebCore::JSTestException::createStructure): (JSTestException): (WebCore::JSTestExceptionPrototype::create): (WebCore::JSTestExceptionPrototype::createStructure): (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype): (WebCore::JSTestExceptionConstructor::createStructure): * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::JSTestInterfaceConstructor::finishCreation): (WebCore::JSTestInterface::finishCreation): (WebCore::JSTestInterface::createPrototype): * bindings/scripts/test/JS/JSTestInterface.h: (WebCore::JSTestInterface::create): (WebCore::JSTestInterface::createStructure): (JSTestInterface): (WebCore::JSTestInterfacePrototype::create): (WebCore::JSTestInterfacePrototype::createStructure): (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype): (WebCore::JSTestInterfaceConstructor::createStructure): * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation): (WebCore::JSTestMediaQueryListListener::finishCreation): (WebCore::JSTestMediaQueryListListener::createPrototype): (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod): * bindings/scripts/test/JS/JSTestMediaQueryListListener.h: (WebCore::JSTestMediaQueryListListener::create): (WebCore::JSTestMediaQueryListListener::createStructure): (JSTestMediaQueryListListener): (WebCore::JSTestMediaQueryListListenerPrototype::create): (WebCore::JSTestMediaQueryListListenerPrototype::createStructure): (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype): (WebCore::JSTestMediaQueryListListenerConstructor::createStructure): * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: (WebCore::JSTestNamedConstructorConstructor::finishCreation): (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation): (WebCore::JSTestNamedConstructor::finishCreation): (WebCore::JSTestNamedConstructor::createPrototype): * bindings/scripts/test/JS/JSTestNamedConstructor.h: (WebCore::JSTestNamedConstructor::create): (WebCore::JSTestNamedConstructor::createStructure): (JSTestNamedConstructor): (WebCore::JSTestNamedConstructorPrototype::create): (WebCore::JSTestNamedConstructorPrototype::createStructure): (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype): (WebCore::JSTestNamedConstructorConstructor::createStructure): (WebCore::JSTestNamedConstructorNamedConstructor::createStructure): * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNodeConstructor::finishCreation): (WebCore::JSTestNode::finishCreation): (WebCore::JSTestNode::createPrototype): * bindings/scripts/test/JS/JSTestNode.h: (WebCore::JSTestNode::create): (WebCore::JSTestNode::createStructure): (JSTestNode): (WebCore::JSTestNodePrototype::create): (WebCore::JSTestNodePrototype::createStructure): (WebCore::JSTestNodePrototype::JSTestNodePrototype): (WebCore::JSTestNodeConstructor::createStructure): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObjConstructor::finishCreation): (WebCore::JSTestObj::finishCreation): (WebCore::JSTestObj::createPrototype): (WebCore::jsTestObjCachedAttribute1): (WebCore::jsTestObjCachedAttribute2): (WebCore::setJSTestObjConditionalAttr4Constructor): (WebCore::setJSTestObjConditionalAttr5Constructor): (WebCore::setJSTestObjConditionalAttr6Constructor): (WebCore::setJSTestObjAnyAttribute): (WebCore::setJSTestObjReplaceableAttribute): * bindings/scripts/test/JS/JSTestObj.h: (WebCore::JSTestObj::create): (WebCore::JSTestObj::createStructure): (JSTestObj): (WebCore::JSTestObjPrototype::create): (WebCore::JSTestObjPrototype::createStructure): (WebCore::JSTestObjPrototype::JSTestObjPrototype): (WebCore::JSTestObjConstructor::createStructure): * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation): (WebCore::JSTestOverloadedConstructors::finishCreation): (WebCore::JSTestOverloadedConstructors::createPrototype): * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: (WebCore::JSTestOverloadedConstructors::create): (WebCore::JSTestOverloadedConstructors::createStructure): (JSTestOverloadedConstructors): (WebCore::JSTestOverloadedConstructorsPrototype::create): (WebCore::JSTestOverloadedConstructorsPrototype::createStructure): (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype): (WebCore::JSTestOverloadedConstructorsConstructor::createStructure): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation): (WebCore::JSTestSerializedScriptValueInterface::finishCreation): (WebCore::JSTestSerializedScriptValueInterface::createPrototype): (WebCore::jsTestSerializedScriptValueInterfaceCachedValue): (WebCore::jsTestSerializedScriptValueInterfaceCachedReadonlyValue): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: (WebCore::JSTestSerializedScriptValueInterface::create): (WebCore::JSTestSerializedScriptValueInterface::createStructure): (JSTestSerializedScriptValueInterface): (WebCore::JSTestSerializedScriptValueInterfacePrototype::create): (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure): (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype): (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure): * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefsConstructor::finishCreation): (WebCore::JSTestTypedefs::finishCreation): (WebCore::JSTestTypedefs::createPrototype): * bindings/scripts/test/JS/JSTestTypedefs.h: (WebCore::JSTestTypedefs::create): (WebCore::JSTestTypedefs::createStructure): (JSTestTypedefs): (WebCore::JSTestTypedefsPrototype::create): (WebCore::JSTestTypedefsPrototype::createStructure): (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype): (WebCore::JSTestTypedefsConstructor::createStructure): * bridge/c/CRuntimeObject.h: (JSC::Bindings::CRuntimeObject::createStructure): * bridge/c/c_instance.cpp: (JSC::Bindings::CRuntimeMethod::create): (JSC::Bindings::CRuntimeMethod::createStructure): (JSC::Bindings::CRuntimeMethod::finishCreation): * bridge/jsc/BridgeJSC.cpp: (JSC::Bindings::Instance::createRuntimeObject): * bridge/objc/ObjCRuntimeObject.h: (JSC::Bindings::ObjCRuntimeObject::createStructure): * bridge/objc/objc_instance.mm: (ObjCRuntimeMethod::create): (ObjCRuntimeMethod::createStructure): (ObjCRuntimeMethod::finishCreation): * bridge/objc/objc_runtime.h: (JSC::Bindings::ObjcFallbackObjectImp::createStructure): * bridge/objc/objc_runtime.mm: (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp): (JSC::Bindings::ObjcFallbackObjectImp::finishCreation): * bridge/qt/qt_instance.cpp: (JSC::Bindings::QtRuntimeObject::createStructure): (JSC::Bindings::QtInstance::~QtInstance): (JSC::Bindings::QtInstance::getQtInstance): * bridge/runtime_array.cpp: (JSC::RuntimeArray::RuntimeArray): (JSC::RuntimeArray::finishCreation): * bridge/runtime_array.h: (JSC::RuntimeArray::create): (JSC::RuntimeArray::createStructure): (RuntimeArray): * bridge/runtime_method.cpp: (JSC::RuntimeMethod::finishCreation): * bridge/runtime_method.h: (JSC::RuntimeMethod::create): (JSC::RuntimeMethod::createStructure): (RuntimeMethod): * bridge/runtime_object.cpp: (JSC::Bindings::RuntimeObject::RuntimeObject): (JSC::Bindings::RuntimeObject::finishCreation): * bridge/runtime_object.h: (JSC::Bindings::RuntimeObject::createStructure): * bridge/runtime_root.cpp: (JSC::Bindings::RootObject::RootObject): (JSC::Bindings::RootObject::gcProtect): (JSC::Bindings::RootObject::gcUnprotect): (JSC::Bindings::RootObject::updateGlobalObject): (JSC::Bindings::RootObject::addRuntimeObject): * bridge/runtime_root.h: (RootObject): * dom/Node.cpp: * dom/Node.h: (JSC): * dom/ScriptExecutionContext.cpp: (WebCore::ScriptExecutionContext::vm): * dom/ScriptExecutionContext.h: (JSC): (ScriptExecutionContext): * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::createImageBuffer): * html/HTMLImageLoader.cpp: (WebCore::HTMLImageLoader::notifyFinished): * inspector/ScriptArguments.cpp: (WebCore::ScriptArguments::ScriptArguments): * loader/icon/IconDatabaseBase.cpp: (WebCore): (WebCore::iconDatabase): (WebCore::setGlobalIconDatabase): * platform/qt/MemoryUsageSupportQt.cpp: (WebCore::memoryUsageKB): (WebCore::actualMemoryUsageKB): * platform/win/ClipboardUtilitiesWin.cpp: (WebCore::createGlobalData): * plugins/PluginView.cpp: (WebCore::PluginView::start): (WebCore::PluginView::stop): (WebCore::PluginView::performRequest): (WebCore::PluginView::npObject): (WebCore::PluginView::privateBrowsingStateChanged): * plugins/blackberry/PluginViewBlackBerry.cpp: (WebCore::PluginView::dispatchNPEvent): (WebCore::PluginView::setNPWindowIfNeeded): (WebCore::PluginView::platformStart): (WebCore::PluginView::getWindowInfo): * plugins/efl/PluginViewEfl.cpp: (WebCore::PluginView::dispatchNPEvent): * plugins/gtk/PluginViewGtk.cpp: (WebCore::PluginView::dispatchNPEvent): (WebCore::PluginView::handleKeyboardEvent): (WebCore::PluginView::handleMouseEvent): (WebCore::PluginView::setNPWindowIfNeeded): (WebCore::PluginView::platformStart): * plugins/mac/PluginViewMac.mm: (WebCore::PluginView::platformStart): * plugins/qt/PluginViewQt.cpp: (WebCore::PluginView::dispatchNPEvent): (WebCore::PluginView::setNPWindowIfNeeded): * plugins/win/PluginViewWin.cpp: (WebCore::PluginView::dispatchNPEvent): (WebCore::PluginView::handleKeyboardEvent): (WebCore::PluginView::handleMouseEvent): (WebCore::PluginView::setNPWindowRect): * testing/js/WebCoreTestSupport.cpp: (WebCoreTestSupport::injectInternalsObject): * xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::dropProtection): ../WebKit/blackberry: * Api/BlackBerryGlobal.cpp: (BlackBerry::WebKit::clearMemoryCaches): * WebKitSupport/AboutData.cpp: * WebKitSupport/DumpRenderTreeSupport.cpp: (DumpRenderTreeSupport::javaScriptObjectsCount): ../WebKit/efl: * WebCoreSupport/DumpRenderTreeSupportEfl.cpp: (DumpRenderTreeSupportEfl::javaScriptObjectsCount): ../WebKit/gtk: * WebCoreSupport/DumpRenderTreeSupportGtk.cpp: (DumpRenderTreeSupportGtk::gcCountJavascriptObjects): ../WebKit/mac: * Misc/WebCoreStatistics.mm: (+[WebCoreStatistics javaScriptObjectsCount]): (+[WebCoreStatistics javaScriptGlobalObjectsCount]): (+[WebCoreStatistics javaScriptProtectedObjectsCount]): (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]): (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]): (+[WebCoreStatistics javaScriptObjectTypeCounts]): (+[WebCoreStatistics shouldPrintExceptions]): (+[WebCoreStatistics setShouldPrintExceptions:]): (+[WebCoreStatistics memoryStatistics]): (+[WebCoreStatistics javaScriptReferencedObjectsCount]): * Plugins/Hosted/NetscapePluginHostProxy.mm: (identifierFromIdentifierRep): * Plugins/Hosted/NetscapePluginInstanceProxy.h: (LocalObjectMap): * Plugins/Hosted/NetscapePluginInstanceProxy.mm: (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::idForObject): (WebKit::NetscapePluginInstanceProxy::getWindowNPObject): (WebKit::NetscapePluginInstanceProxy::getPluginElementNPObject): (WebKit::NetscapePluginInstanceProxy::evaluate): (WebKit::NetscapePluginInstanceProxy::addValueToArray): * Plugins/Hosted/ProxyInstance.mm: (WebKit::ProxyRuntimeMethod::create): (WebKit::ProxyRuntimeMethod::createStructure): (WebKit::ProxyRuntimeMethod::finishCreation): (WebKit::ProxyInstance::getPropertyNames): * Plugins/Hosted/ProxyRuntimeObject.h: (WebKit::ProxyRuntimeObject::create): (WebKit::ProxyRuntimeObject::createStructure): * Plugins/WebNetscapePluginStream.mm: (WebNetscapePluginStream::wantsAllStreams): * Plugins/WebNetscapePluginView.mm: (-[WebNetscapePluginView sendEvent:isDrawRect:]): (-[WebNetscapePluginView privateBrowsingModeDidChange]): (-[WebNetscapePluginView setWindowIfNecessary]): (-[WebNetscapePluginView createPluginScriptableObject]): (-[WebNetscapePluginView getFormValue:]): (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]): (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]): (-[WebNetscapePluginView loadPluginRequest:]): (-[WebNetscapePluginView _printedPluginBitmap]): * Plugins/WebPluginController.mm: (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]): (-[WebPluginController stopOnePlugin:]): (-[WebPluginController destroyOnePlugin:]): (-[WebPluginController startAllPlugins]): (-[WebPluginController addPlugin:]): * WebKit.order: * WebView/WebScriptDebugDelegate.mm: (-[WebScriptCallFrame scopeChain]): (-[WebScriptCallFrame evaluateWebScript:]): * WebView/WebScriptDebugger.mm: (WebScriptDebugger::WebScriptDebugger): ../WebKit/qt: * WebCoreSupport/DumpRenderTreeSupportQt.cpp: (DumpRenderTreeSupportQt::javaScriptObjectsCount): * WebCoreSupport/QWebFrameAdapter.cpp: (QWebFrameAdapter::addToJavaScriptWindowObject): ../WebKit/win: * WebCoreStatistics.cpp: (WebCoreStatistics::javaScriptObjectsCount): (WebCoreStatistics::javaScriptGlobalObjectsCount): (WebCoreStatistics::javaScriptProtectedObjectsCount): (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount): (WebCoreStatistics::javaScriptProtectedObjectTypeCounts): * WebJavaScriptCollector.cpp: (WebJavaScriptCollector::objectCount): ../WebKit2: * Shared/linux/WebMemorySamplerLinux.cpp: (WebKit::WebMemorySampler::sampleWebKit): * Shared/mac/WebMemorySampler.mac.mm: (WebKit::WebMemorySampler::sampleWebKit): * WebProcess/InjectedBundle/InjectedBundle.cpp: (WebKit::InjectedBundle::javaScriptObjectsCount): * WebProcess/Plugins/Netscape/JSNPMethod.cpp: (WebKit::JSNPMethod::finishCreation): * WebProcess/Plugins/Netscape/JSNPMethod.h: (WebKit::JSNPMethod::create): (JSNPMethod): (WebKit::JSNPMethod::createStructure): * WebProcess/Plugins/Netscape/JSNPObject.cpp: (WebKit::JSNPObject::JSNPObject): (WebKit::JSNPObject::finishCreation): (WebKit::JSNPObject::callMethod): (WebKit::JSNPObject::callObject): (WebKit::JSNPObject::callConstructor): (WebKit::JSNPObject::put): (WebKit::JSNPObject::deleteProperty): (WebKit::JSNPObject::getOwnPropertyNames): (WebKit::JSNPObject::propertyGetter): * WebProcess/Plugins/Netscape/JSNPObject.h: (WebKit::JSNPObject::create): (WebKit::JSNPObject::createStructure): * WebProcess/Plugins/Netscape/NPJSObject.cpp: (WebKit::NPJSObject::create): (WebKit::NPJSObject::initialize): * WebProcess/Plugins/Netscape/NPJSObject.h: (JSC): (NPJSObject): * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp: (WebKit::NPRuntimeObjectMap::getOrCreateNPObject): (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant): (WebKit::NPRuntimeObjectMap::evaluate): * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.h: (JSC): (NPRuntimeObjectMap): * WebProcess/Plugins/PluginView.cpp: (WebKit::PluginView::windowScriptNPObject): (WebKit::PluginView::pluginElementNPObject): * WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::runJavaScriptInMainFrame): * WebProcess/WebProcess.cpp: (WebKit::WebProcess::getWebCoreStatistics): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148696 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 22 Mar, 2013 1 commit
-
-
mhahnenberg@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=113086 Reviewed by Geoffrey Garen. opaqueJSClassData stores cached prototypes for JSClassRefs in the C API. It doesn't make sense to share these prototypes within a JSGlobalData across JSGlobalObjects, and in fact doing so will cause a leak of the original JSGlobalObject that these prototypes were created in. Therefore we should move this cache to JSGlobalObject where it belongs and where it won't cause memory leaks. * API/JSBase.cpp: Needed to add an extern "C" so that testapi.c can use the super secret GC function. * API/JSClassRef.cpp: We now grab the cached context data from the global object rather than the global data. (OpaqueJSClass::contextData): * API/JSClassRef.h: Remove this header because it's unnecessary and causes circular dependencies. * API/tests/testapi.c: Added a new test that makes sure that using the same JSClassRef in two different contexts doesn't cause leaks of the original global object. (leakFinalize): (nestedAllocateObject): This is a hack to bypass the conservative scan of the GC, which was unnecessarily marking objects and keeping them alive, ruining the test result. (testLeakingPrototypesAcrossContexts): (main): * API/tests/testapi.mm: extern "C" this so we can continue using it here. * runtime/JSGlobalData.cpp: Remove JSClassRef related stuff. (JSC::JSGlobalData::~JSGlobalData): * runtime/JSGlobalData.h: (JSGlobalData): * runtime/JSGlobalObject.h: Add the stuff that JSGlobalData had. We add it to JSGlobalObjectRareData so that clients who don't use the C API don't have to pay the memory cost of this extra HashMap. (JSGlobalObject): (JSGlobalObjectRareData): (JSC::JSGlobalObject::opaqueJSClassData): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146682 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 21 Mar, 2013 1 commit
-
-
mhahnenberg@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=112856 Reviewed by Geoffrey Garen. Through a very convoluted path that involves the caching of prototypes on the JSClassRef, we can leak JSGlobalObjects when inserting an Objective-C object into multiple independent JSContexts. * API/JSAPIWrapperObject.cpp: Removed. * API/JSAPIWrapperObject.h: (JSAPIWrapperObject): * API/JSAPIWrapperObject.mm: Copied from Source/JavaScriptCore/API/JSAPIWrapperObject.cpp. Made this an Objective-C++ file so that we can call release on the wrappedObject. Also added a WeakHandleOwner for JSAPIWrapperObjects. This will also be used in a future patch for https://bugs.webkit.org/show_bug.cgi?id=112608. (JSAPIWrapperObjectHandleOwner): (jsAPIWrapperObjectHandleOwner): (JSAPIWrapperObjectHandleOwner::finalize): This finalize replaces the old finalize that was done through the C API. (JSC::JSAPIWrapperObject::finishCreation): Allocate the WeakImpl. Balanced in finalize. (JSC::JSAPIWrapperObject::setWrappedObject): We now do the retain of the wrappedObject here rather than in random places scattered around JSWrapperMap.mm * API/JSObjectRef.cpp: Added some ifdefs for platforms that don't support the Obj-C API. (JSObjectGetPrivate): Ditto. (JSObjectSetPrivate): Ditto. (JSObjectGetPrivateProperty): Ditto. (JSObjectSetPrivateProperty): Ditto. (JSObjectDeletePrivateProperty): Ditto. * API/JSValueRef.cpp: Ditto. (JSValueIsObjectOfClass): Ditto. * API/JSWrapperMap.mm: Remove wrapperClass(). (objectWithCustomBrand): Change to no longer use a parent class, which was only used to give the ability to finalize wrapper objects. (-[JSObjCClassInfo initWithContext:forClass:superClassInfo:]): Change to no longer use wrapperClass(). (-[JSObjCClassInfo allocateConstructorAndPrototypeWithSuperClassInfo:]): Ditto. (tryUnwrapObjcObject): We now check if the object inherits from JSAPIWrapperObject. * API/tests/testapi.mm: Added a test that exports an Objective-C object to two different JSContexts and makes sure that the first one is collected properly by using a weak JSManagedValue for the wrapper in the first JSContext. * CMakeLists.txt: Build file modifications. * GNUmakefile.list.am: Ditto. * JavaScriptCore.gypi: Ditto. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto. * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: Ditto. * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: Ditto. * JavaScriptCore.xcodeproj/project.pbxproj: Ditto. * runtime/JSGlobalObject.cpp: More ifdefs for unsupported platforms. (JSC::JSGlobalObject::reset): Ditto. (JSC::JSGlobalObject::visitChildren): Ditto. * runtime/JSGlobalObject.h: Ditto. (JSGlobalObject): Ditto. (JSC::JSGlobalObject::objcCallbackFunctionStructure): Ditto. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 14 Mar, 2013 1 commit
-
-
mhahnenberg@apple.com authored
Objective-C API: Objective-C functions exposed to JavaScript have the wrong type (object instead of function) https://bugs.webkit.org/show_bug.cgi?id=105892 Reviewed by Geoffrey Garen. Changed ObjCCallbackFunction to subclass JSCallbackFunction which already has all of the machinery to call functions using the C API. Since ObjCCallbackFunction is now a JSCell, we changed the old implementation of ObjCCallbackFunction to be the internal implementation and keep track of all the proper data so that we don't have to put all of that in the header, which will now be included from C++ files (e.g. JSGlobalObject.cpp). * API/JSCallbackFunction.cpp: Change JSCallbackFunction to allow subclassing. Originally it was internally passing its own Structure up the chain of constructors, but we now want to be able to pass other Structures as well. (JSC::JSCallbackFunction::JSCallbackFunction): (JSC::JSCallbackFunction::create): * API/JSCallbackFunction.h: (JSCallbackFunction): * API/JSWrapperMap.mm: Changed interface to tryUnwrapBlock. (tryUnwrapObjcObject): * API/ObjCCallbackFunction.h: (ObjCCallbackFunction): Moved into the JSC namespace, just like JSCallbackFunction. (JSC::ObjCCallbackFunction::createStructure): Overridden so that the correct ClassInfo gets used since we have a destructor. (JSC::ObjCCallbackFunction::impl): Getter for the internal impl. * API/ObjCCallbackFunction.mm: (JSC::ObjCCallbackFunctionImpl::ObjCCallbackFunctionImpl): What used to be ObjCCallbackFunction is now ObjCCallbackFunctionImpl. It handles the Objective-C specific parts of managing callback functions. (JSC::ObjCCallbackFunctionImpl::~ObjCCallbackFunctionImpl): (JSC::objCCallbackFunctionCallAsFunction): Same as the old one, but now it casts to ObjCCallbackFunction and grabs the impl rather than using JSObjectGetPrivate. (JSC::ObjCCallbackFunction::ObjCCallbackFunction): New bits to allow being part of the JSCell hierarchy. (JSC::ObjCCallbackFunction::create): (JSC::ObjCCallbackFunction::destroy): (JSC::ObjCCallbackFunctionImpl::call): Handles the actual invocation, just like it used to. (objCCallbackFunctionForInvocation): (tryUnwrapBlock): Changed to check the ClassInfo for inheritance directly, rather than going through the C API call. * API/tests/testapi.mm: Added new test to make sure that doing Function.prototype.toString.call(f) won't result in an error when f is an Objective-C method or block underneath the covers. * runtime/JSGlobalObject.cpp: Added new Structure for ObjCCallbackFunction. (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSGlobalObject): (JSC::JSGlobalObject::objcCallbackFunctionStructure): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145848 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 07 Mar, 2013 1 commit
-
-
mhahnenberg@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=111088 Reviewed by Geoffrey Garen. JSManagedValue is like a special kind of weak value. When you create a JSManagedValue, you can supply an Objective-C object as its "owner". As long as the Objective-C owner object remains alive and its wrapper remains accessible to the JSC garbage collector (e.g. by being marked by the global object), the reference to the JavaScript value is strong. As soon as the Objective-C owner is deallocated or its wrapper becomes inaccessible to the garbage collector, the reference becomes weak. If you do not supply an owner or you use the weakValueWithValue: convenience class method, the returned JSManagedValue behaves as a normal weak reference. This new class allows clients to maintain references to JavaScript values in the Objective-C heap without creating reference cycles/leaking memory. * API/JSAPIWrapperObject.cpp: Added. (JSC): (JSC::::createStructure): (JSC::JSAPIWrapperObject::JSAPIWrapperObject): This is a special JSObject for the Objective-C API that knows for the purposes of garbage collection/marking that it wraps an opaque Objective-C object. (JSC::JSAPIWrapperObject::visitChildren): We add the pointer to the wrapped Objective-C object to the set of opaque roots so that the weak handle owner for JSManagedValues can find it later. * API/JSAPIWrapperObject.h: Added. (JSC): (JSAPIWrapperObject): (JSC::JSAPIWrapperObject::wrappedObject): (JSC::JSAPIWrapperObject::setWrappedObject): * API/JSBase.cpp: (JSSynchronousGarbageCollect): * API/JSBasePrivate.h: * API/JSCallbackObject.cpp: (JSC): * API/JSCallbackObject.h: (JSC::JSCallbackObject::destroy): Moved this to the header so that we don't get link errors with JSAPIWrapperObject. * API/JSContext.mm: (-[JSContext initWithVirtualMachine:]): We weren't adding manually allocated/initialized JSVirtualMachine objects to the global cache of virtual machines. The init methods handle this now rather than contextWithGlobalContextRef, since not everyone is guaranteed to use the latter. (-[JSContext initWithGlobalContextRef:]): (+[JSContext contextWithGlobalContextRef:]): * API/JSManagedValue.h: Added. * API/JSManagedValue.mm: Added. (JSManagedValueHandleOwner): (managedValueHandleOwner): (+[JSManagedValue weakValueWithValue:]): (+[JSManagedValue managedValueWithValue:owner:]): (-[JSManagedValue init]): We explicitly call the ARC entrypoints to initialize/get the weak owner field since we don't use ARC when building our framework. (-[JSManagedValue initWithValue:]): (-[JSManagedValue initWithValue:owner:]): (-[JSManagedValue dealloc]): (-[JSManagedValue value]): (-[JSManagedValue weakOwner]): (JSManagedValueHandleOwner::isReachableFromOpaqueRoots): If the Objective-C owner is still alive (i.e. loading the weak field returns non-nil) and that value was added to the set of opaque roots by the wrapper for that Objective-C owner, then the the JSObject to which the JSManagedObject refers is still alive. * API/JSObjectRef.cpp: We have to add explicit checks for the JSAPIWrapperObject, just like the other types of JSCallbackObjects. (JSObjectGetPrivate): (JSObjectSetPrivate): (JSObjectGetPrivateProperty): (JSObjectSetPrivateProperty): (JSObjectDeletePrivateProperty): * API/JSValue.mm: (objectToValueWithoutCopy): * API/JSValueRef.cpp: (JSValueIsObjectOfClass): * API/JSVirtualMachine.mm: (-[JSVirtualMachine initWithContextGroupRef:]): (+[JSVirtualMachine virtualMachineWithContextGroupRef:]): * API/JSWrapperMap.mm: (wrapperFinalize): (makeWrapper): This is our own internal version of JSObjectMake which creates JSAPIWrapperObjects, the Obj-C API version of JSCallbackObjects. (createObjectWithCustomBrand): (-[JSObjCClassInfo wrapperForObject:]): (tryUnwrapObjcObject): * API/JavaScriptCore.h: * API/tests/testapi.mm: Added new tests for the strong and weak uses of JSManagedValue in the context of an onclick handler for an Objective-C object inserted into a JSContext. (-[TextXYZ setWeakOnclick:]): (-[TextXYZ setOnclick:]): (-[TextXYZ weakOnclick]): (-[TextXYZ onclick]): (-[TextXYZ click]): * CMakeLists.txt: Various build system additions. * GNUmakefile.list.am: * JavaScriptCore.gypi: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/JSGlobalObject.cpp: Added the new canonical Structure for the JSAPIWrapperObject class. (JSC::JSGlobalObject::reset): (JSC): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSGlobalObject): (JSC::JSGlobalObject::objcWrapperObjectStructure): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145119 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 06 Mar, 2013 1 commit
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=111497 Reviewed by Geoffrey Garen. This reverts the get/put_scoped_var part of the great non-local variable resolution refactoring. This still leaves all the lazy variable resolution logic as it's necessary for global property resolution, and i don't want to make the patch bigger than it already is. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): * bytecode/CodeBlock.h: (CodeBlock): * bytecode/Opcode.h: (JSC): (JSC::padOpcodeName): * bytecode/UnlinkedCodeBlock.cpp: (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::codeBlockFor): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC): (UnlinkedFunctionExecutable): (UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::usesGlobalObject): (JSC::UnlinkedCodeBlock::setGlobalObjectRegister): (JSC::UnlinkedCodeBlock::globalObjectRegister): * bytecompiler/BytecodeGenerator.cpp: (JSC::ResolveResult::checkValidity): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitLoadGlobalObject): (JSC): (JSC::BytecodeGenerator::resolve): (JSC::BytecodeGenerator::resolveConstDecl): (JSC::BytecodeGenerator::emitResolve): (JSC::BytecodeGenerator::emitResolveBase): (JSC::BytecodeGenerator::emitResolveBaseForPut): (JSC::BytecodeGenerator::emitResolveWithBaseForPut): (JSC::BytecodeGenerator::emitResolveWithThis): (JSC::BytecodeGenerator::emitGetStaticVar): (JSC::BytecodeGenerator::emitPutStaticVar): * bytecompiler/BytecodeGenerator.h: (JSC::ResolveResult::lexicalResolve): (JSC::ResolveResult::isStatic): (JSC::ResolveResult::depth): (JSC::ResolveResult::index): (ResolveResult): (JSC::ResolveResult::ResolveResult): (BytecodeGenerator): * bytecompiler/NodesCodegen.cpp: (JSC::ResolveNode::isPure): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::TypeOfResolveNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::ConstDeclNode::emitCodeSingle): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGCapabilities.cpp: (JSC::DFG::debugFail): * dfg/DFGCapabilities.h: (JSC::DFG::canCompileOpcode): (JSC::DFG::canInlineOpcode): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): * jit/JIT.h: (JIT): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_scoped_var): (JSC): (JSC::JIT::emit_op_put_scoped_var): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_get_scoped_var): (JSC): (JSC::JIT::emit_op_put_scoped_var): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * runtime/CodeCache.cpp: (JSC::CodeCache::getCodeBlock): (JSC::CodeCache::getProgramCodeBlock): (JSC::CodeCache::getEvalCodeBlock): * runtime/CodeCache.h: (JSC): (CodeCache): * runtime/Executable.cpp: (JSC::EvalExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::createEvalCodeBlock): * runtime/JSGlobalObject.h: (JSGlobalObject): * runtime/Options.cpp: (JSC::Options::initialize): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145000 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 21 Feb, 2013 1 commit
-
-
mhahnenberg@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=106059 Source/JavaScriptCore: Reviewed by Geoffrey Garen. * API/JSBase.h: Renamed enable flag for API. * API/JSBlockAdaptor.h: Using new flag. * API/JSBlockAdaptor.mm: Ditto. * API/JSContext.h: Add convenience C API conversion function for JSGlobalContextRef. * API/JSContext.mm: (-[JSContext JSGlobalContextRef]): Implementation of C API convenience function. (-[JSContext initWithVirtualMachine:]): We don't use the m_apiData field any more. (-[JSContext initWithGlobalContextRef:]): init method for allocating new JSContexts given a JSGlobalContextRef. (-[JSContext dealloc]): No more m_apiData. (-[JSContext wrapperForObjCObject:]): Renamed wrapperForObject. (-[JSContext wrapperForJSObject:]): Fetches or allocates the JSValue for the specified JSValueRef in this JSContext. (+[JSContext contextWithGlobalContextRef:]): Helper function to grab the lightweight JSContext wrapper for a given JSGlobalContextRef from the global wrapper cache or allocate a new one if there isn't already one. * API/JSContextInternal.h: New flag, new method declaration for initWithGlobalContextRef. * API/JSExport.h: New flag. * API/JSValue.h: New flag and new C API convenience method. * API/JSValue.mm: (-[JSValue JSValueRef]): Implementation of the C API convenience method. (objectToValueWithoutCopy): (+[JSValue valueWithValue:inContext:]): We now ask the JSContext for an Objective-C JSValue wrapper, which it can cache in its internal JSWrapperMap. * API/JSValueInternal.h: * API/JSVirtualMachine.h: * API/JSVirtualMachine.mm: Added global cache that maps JSContextGroupRef -> JSVirtualMachine lightweight wrappers. (wrapperCacheLock): (initWrapperCache): (+[JSVMWrapperCache addWrapper:forJSContextGroupRef:]): (+[JSVMWrapperCache wrapperForJSContextGroupRef:]): (-[JSVirtualMachine init]): (-[JSVirtualMachine initWithContextGroupRef:]): (-[JSVirtualMachine dealloc]): (+[JSVirtualMachine virtualMachineWithContextGroupRef:]): (-[JSVirtualMachine contextForGlobalContextRef:]): (-[JSVirtualMachine addContext:forGlobalContextRef:]): * API/JSVirtualMachineInternal.h: * API/JSWrapperMap.h: * API/JSWrapperMap.mm: (-[JSObjCClassInfo allocateConstructorAndPrototypeWithSuperClassInfo:]): We use the JSObjectSetPrototype C API call because setting the __proto__ property causes all sorts of bad things to happen behind the scenes, which can cause crashes based on when it gets called. (-[JSWrapperMap initWithContext:]): (-[JSWrapperMap jsWrapperForObject:]): (-[JSWrapperMap objcWrapperForJSValueRef:]): * API/JavaScriptCore.h: * API/ObjCCallbackFunction.h: * API/ObjCCallbackFunction.mm: (ObjCCallbackFunction::ObjCCallbackFunction): We never actually should have retained the target in the case that we had a block as a callback. Blocks are initially allocated on the stack and are only moved to the heap if we call their copy method. Retaining the block on the stack was a bad idea because if that stack frame ever went away and we called the block later, we'd crash and burn. (ObjCCallbackFunction::setContext): We need a new setter for when the weak reference to a JSContext inside an ObjCCallbackFunction disappears, we can allocate a new one in its place. (ObjCCallbackFunction): (objCCallbackFunctionCallAsFunction): Reset the callback's context if it's ever destroyed. (objCCallbackFunctionForInvocation): Again, don't set the __proto__ property because it uses black magic that can cause us to crash depending on when this is called. (objCCallbackFunctionForBlock): Here is where we copy the block to the heap when we're first creating the callback object for it. * API/tests/testapi.c: (main): * API/tests/testapi.mm: We're going to get rid of the automatic block conversion, since that is causing leaks. I changed it here in this test just so that it wouldn't mask any other potential leaks. Also modified some of the tests since JSContexts are just lightweight wrappers now, we're not guaranteed to get the same pointer back from the call to [JSValue context] as the one that the value was created in. (-[TestObject callback:]): * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): No more m_apiData. * runtime/JSGlobalData.h: Ditto. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::JSGlobalObject): Ditto. * runtime/JSGlobalObject.h: Source/WebCore: Reviewed by Geoffrey Garen. * WebCore.exp.in: * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::setWindow): Since we're basically abandoning a JSDOMWindow here, we call garbageCollectSoon(). * bindings/js/JSDOMWindowShell.h: * bindings/js/ScriptController.h: New function to get the JSContext for the global object of the current main world. * bindings/js/ScriptControllerMac.mm: (WebCore::ScriptController::javaScriptContext): Ditto. * bindings/objc/WebScriptObject.h: Added ifdef guards. Also new convenience conversion function for the JSC Obj-C API. * bindings/objc/WebScriptObject.mm: JSC::JSValue and JSValue conflict with one another, so we have to be more specific. (-[WebScriptObject _globalContextRef]): Useful helper function for getting the JSGlobalContextRef of a particular WebScriptObject. (-[WebScriptObject callWebScriptMethod:withArguments:]): (-[WebScriptObject evaluateWebScript:]): (-[WebScriptObject valueForKey:]): (-[WebScriptObject webScriptValueAtIndex:]): (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]): (-[WebScriptObject JSValue]): Implementation of convenience WebScriptObject conversion function to new Objective-C API. * bindings/objc/WebScriptObjectPrivate.h: Source/WebKit/mac: Reviewed by Geoffrey Garen. Addition of appropriate delegate callbacks and support to the WebKit API. * WebCoreSupport/WebFrameLoaderClient.mm: * WebView/WebDelegateImplementationCaching.h: (WebFrameLoadDelegateImplementationCache): * WebView/WebFrame.h: * WebView/WebFrame.mm: (-[WebFrame _stringByEvaluatingJavaScriptFromString:forceUserGesture:]): (-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]): (-[WebFrame _javaScriptContextForScriptWorld:]): (-[WebFrame javaScriptContext]): * WebView/WebFrameLoadDelegate.h: * WebView/WebFramePrivate.h: * WebView/WebScriptDebugDelegate.mm: (-[WebScriptCallFrame _convertValueToObjcValue:JSC::]): (-[WebScriptCallFrame exception]): (-[WebScriptCallFrame evaluateWebScript:]): * WebView/WebScriptWorld.h: * WebView/WebScriptWorld.mm: (+[WebScriptWorld scriptWorldForJavaScriptContext:]): * WebView/WebView.mm: (-[WebView _cacheFrameLoadDelegateImplementations]): (aeDescFromJSValue): (-[WebView aeDescByEvaluatingJavaScriptFromString:]): (-[WebView _computedStyleIncludingVisitedInfo:forElement:]): Source/WTF: Reviewed by Geoffrey Garen. * wtf/FeatureDefines.h: Added enable flag for JSC Objective-C API so it can be used in export files. Tools: Reviewed by Geoffrey Garen. Added new tests for the WebKit API portion of the JSC Objective-C API. * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: * TestWebKitAPI/Tests/mac/JSContextBackForwardCache1.html: Added. * TestWebKitAPI/Tests/mac/JSContextBackForwardCache2.html: Added. * TestWebKitAPI/Tests/mac/WebViewDidCreateJavaScriptContext.mm: Added. (-[MyConsole log:]): (-[MyConsole printHelloWorld]): (-[MyConsole add:to:]): (-[DidCreateJavaScriptContextFrameLoadDelegate webView:didFinishLoadForFrame:]): (-[DidCreateJavaScriptContextFrameLoadDelegate webView:didCreateJavaScriptContext:forFrame:]): (TestWebKitAPI): (TestWebKitAPI::TEST): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143637 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 18 Feb, 2013 1 commit
-
-
fpizlo@apple.com authored
Rubber stamped by Mark Hahnenberg. * runtime/JSGlobalObject.h: * runtime/JSGlobalObjectFunctions.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143171 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 17 Feb, 2013 1 commit
-
-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=110024 Source/JavaScriptCore: Rubber stamped by Mark Hahnenberg and Sam Weinig. This was supposed to be easy. But, initially, there was a Structure inline method in CodeBlock.h, and moving that into StructureInlines.h meant that Operations.h included CodeBlock.h. This would cause WebCore build failures, because CodeBlock.h transitively included the JSC parser (via many, many paths), and the JSC parser defines tokens using enumeration elements that CSSGrammar.cpp (generated by bison) would #define. For example, bison would give CSSGrammar.cpp a #define FUNCTION 123, and would do so before including anything interesting. The JSC parser would have an enum that included FUNCTION as an element. Hence the JSC parser included into CSSGrammar.cpp would have a token element called FUNCTION declared in an enumeration, but FUNCTION was #define'd to 123, leading to a parser error. Wow. So I removed all transitive include paths from CodeBlock.h to the JSC Parser. I believe I was able to do so without out-of-lining anything interesting or performance critical. This is probably a purely good thing to have done: it will be nice to be able to make changes to the parser without having to compile the universe. Of course, doing this caused a bunch of other things to not compile, since a bunch of headers relied on things being implicitly included for them when they transitively included the parser. I fixed a lot of that. Finally, I ended up removing the method that depended on CodeBlock.h from StructureInlines.h, and putting it in Structure.cpp. That might seem like all of this was a waste of time, except that I suspect it was a worthwhile forcing function for cleaning up a bunch of cruft. * API/JSCallbackFunction.cpp: * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * bytecode/CodeBlock.h: (JSC): * bytecode/EvalCodeCache.h: * bytecode/SamplingTool.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::parameterCount): (JSC): * bytecode/UnlinkedCodeBlock.h: (UnlinkedFunctionExecutable): * bytecompiler/BytecodeGenerator.h: * bytecompiler/Label.h: (JSC): * dfg/DFGByteCodeParser.cpp: * dfg/DFGByteCodeParser.h: * dfg/DFGFPRInfo.h: * dfg/DFGRegisterBank.h: * heap/HandleStack.cpp: * jit/JITWriteBarrier.h: * parser/Nodes.h: (JSC): * parser/Parser.h: * parser/ParserError.h: Added. (JSC): (JSC::ParserError::ParserError): (ParserError): (JSC::ParserError::toErrorObject): * parser/ParserModes.h: * parser/SourceProvider.cpp: Added. (JSC): (JSC::SourceProvider::SourceProvider): (JSC::SourceProvider::~SourceProvider): * parser/SourceProvider.h: (JSC): (SourceProvider): * runtime/ArrayPrototype.cpp: * runtime/DatePrototype.cpp: * runtime/Executable.h: * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: (JSC): * runtime/Operations.h: * runtime/Structure.cpp: (JSC::Structure::prototypeForLookup): (JSC): * runtime/Structure.h: (JSC): * runtime/StructureInlines.h: Added. (JSC): (JSC::Structure::create): (JSC::Structure::createStructure): (JSC::Structure::get): (JSC::Structure::masqueradesAsUndefined): (JSC::SlotVisitor::internalAppend): (JSC::Structure::transitivelyTransitionedFrom): (JSC::Structure::setEnumerationCache): (JSC::Structure::enumerationCache): (JSC::Structure::prototypeForLookup): (JSC::Structure::prototypeChain): (JSC::Structure::isValid): * runtime/StructureRareData.cpp: Source/WebCore: Rubber stamped by Sam Weinig. No new tests because no new behavior. Just rewiring includes. * ForwardingHeaders/parser/SourceProviderCache.h: Added. * loader/cache/CachedScript.cpp: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143147 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 01 Feb, 2013 2 commits
-
-
mhahnenberg@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=108659 Reviewed by Oliver Hunt. Many of the fields in Structure are used in a subset of all total Structures; however, all Structures must pay the memory cost of those fields, regardless of whether they use them or not. Since we can have potentially many Structures on a single page (e.g. bing.com creates ~1500 Structures), it would be profitable to refactor Structure so that not every Structure has to pay the memory costs for these infrequently used fields. To accomplish this, we can create a new StructureRareData class to house these seldom used fields which we can allocate on demand whenever a Structure requires it. This StructureRareData can itself be a JSCell, and can do all the marking of the fields for the Structure. The StructureRareData field will be part of a union with m_previous to minimize overhead. We'll add a new field to JSTypeInfo to indicate that the Structure has a StructureRareData field. During transitions, a Structure will clone its previous Structure's StructureRareData if it has one. There could be some potential for optimizing this process, but the initial implementation will be dumb since we'd be paying these overhead costs for each Structure anyways. Initially we'll only put two fields in the StructureRareData to avoid a memory regression. Over time we'll continue to move fields from Structure to StructureRareData. Optimistically, this could potentially reduce our Structure memory footprint by up to around 75%. It could also clear the way for removing destructors from Structures (and into StructureRareData). * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * dfg/DFGRepatch.cpp: Includes for linking purposes. * jit/JITStubs.cpp: * jsc.cpp: * llint/LLIntSlowPaths.cpp: * runtime/JSCellInlines.h: Added ifdef guards. * runtime/JSGlobalData.cpp: New Structure for StructureRareData class. (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalData.h: (JSGlobalData): * runtime/JSGlobalObject.h: * runtime/JSTypeInfo.h: New flag to indicate whether or not a Structure has a StructureRareData field. (JSC::TypeInfo::flags): (JSC::TypeInfo::structureHasRareData): * runtime/ObjectPrototype.cpp: * runtime/Structure.cpp: We use a combined WriteBarrier<JSCell> field m_previousOrRareData to avoid compiler issues. (JSC::Structure::dumpStatistics): (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::addPropertyTransition): (JSC::Structure::nonPropertyTransition): (JSC::Structure::pin): (JSC::Structure::allocateRareData): Handles allocating a brand new StructureRareData field. (JSC::Structure::cloneRareDataFrom): Handles cloning a StructureRareData field from another. Used during Structure transitions. (JSC::Structure::visitChildren): We no longer have to worry about marking m_objectToStringValue. * runtime/Structure.h: (JSC::Structure::previousID): Checks the structureHasRareData flag to see where it should get the previous Structure. (JSC::Structure::objectToStringValue): Reads the value from the StructureRareData. If it doesn't exist, returns 0. (JSC::Structure::setObjectToStringValue): Ensures that we have a StructureRareData field, then forwards the function call to it. (JSC::Structure::materializePropertyMapIfNecessary): (JSC::Structure::setPreviousID): Checks for StructureRareData and forwards if necessary. (Structure): (JSC::Structure::clearPreviousID): Ditto. (JSC::Structure::create): * runtime/StructureRareData.cpp: Added. All of the basic functionality of a JSCell with the fields that we've moved from Structure and the functions required to access/modify those fields as Structure would have done. (JSC): (JSC::StructureRareData::createStructure): (JSC::StructureRareData::create): (JSC::StructureRareData::clone): (JSC::StructureRareData::StructureRareData): (JSC::StructureRareData::visitChildren): * runtime/StructureRareData.h: Added. (JSC): (StructureRareData): * runtime/StructureRareDataInlines.h: Added. (JSC): (JSC::StructureRareData::previousID): (JSC::StructureRareData::setPreviousID): (JSC::StructureRareData::clearPreviousID): (JSC::Structure::previous): Handles the ugly casting to get the value of the right type of m_previousOrRareData. (JSC::Structure::rareData): Ditto. (JSC::StructureRareData::objectToStringValue): (JSC::StructureRareData::setObjectToStringValue): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * dfg/DFGRepatch.cpp: * jit/JITStubs.cpp: * jsc.cpp: * llint/LLIntSlowPaths.cpp: * runtime/JSCellInlines.h: * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalData.h: (JSGlobalData): * runtime/JSGlobalObject.h: * runtime/JSTypeInfo.h: (JSC): (JSC::TypeInfo::flags): (JSC::TypeInfo::structureHasRareData): * runtime/ObjectPrototype.cpp: * runtime/Structure.cpp: (JSC::Structure::dumpStatistics): (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::addPropertyTransition): (JSC::Structure::nonPropertyTransition): (JSC::Structure::pin): (JSC::Structure::allocateRareData): (JSC): (JSC::Structure::cloneRareDataFrom): (JSC::Structure::visitChildren): * runtime/Structure.h: (JSC::Structure::previousID): (JSC::Structure::objectToStringValue): (JSC::Structure::setObjectToStringValue): (JSC::Structure::materializePropertyMapIfNecessary): (JSC::Structure::setPreviousID): (Structure): (JSC::Structure::clearPreviousID): (JSC::Structure::previous): (JSC::Structure::rareData): (JSC::Structure::create): * runtime/StructureRareData.cpp: Added. (JSC): (JSC::StructureRareData::createStructure): (JSC::StructureRareData::create): (JSC::StructureRareData::clone): (JSC::StructureRareData::StructureRareData): (JSC::StructureRareData::visitChildren): * runtime/StructureRareData.h: Added. (JSC): (StructureRareData): * runtime/StructureRareDataInlines.h: Added. (JSC): (JSC::StructureRareData::previousID): (JSC::StructureRareData::setPreviousID): (JSC::StructureRareData::clearPreviousID): (JSC::StructureRareData::objectToStringValue): (JSC::StructureRareData::setObjectToStringValue): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141651 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
ggaren@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=108657 Reviewed by Anders Carlsson. * runtime/JSGlobalObject.cpp: (JSC): * runtime/JSGlobalObject.h: (JSGlobalObject): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141604 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 28 Jan, 2013 1 commit
-
-
ggaren@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=108093 Reviewed by Phil Pizlo. ../JavaScriptCore: * API/JSObjectRef.cpp: * JavaScriptCore.order: * JavaScriptCore.xcodeproj/project.pbxproj: Pay the tax man. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): op_new_object and op_create_this now have an extra inferredInlineCapacity argument. This is the statically inferred inline capacity, just from analyzing source text. op_new_object also gets a pointer to an allocation profile. (For op_create_this, the profile is in the construtor function.) (JSC::CodeBlock::CodeBlock): Link op_new_object. (JSC::CodeBlock::stronglyVisitStrongReferences): Mark our profiles. * bytecode/CodeBlock.h: (CodeBlock): Removed some dead code. Added object allocation profiles. * bytecode/Instruction.h: (JSC): New union type, since an instruction operand may point to an object allocation profile now. * bytecode/ObjectAllocationProfile.h: Added. (JSC): (ObjectAllocationProfile): (JSC::ObjectAllocationProfile::offsetOfAllocator): (JSC::ObjectAllocationProfile::offsetOfStructure): (JSC::ObjectAllocationProfile::ObjectAllocationProfile): (JSC::ObjectAllocationProfile::isNull): (JSC::ObjectAllocationProfile::initialize): (JSC::ObjectAllocationProfile::structure): (JSC::ObjectAllocationProfile::inlineCapacity): (JSC::ObjectAllocationProfile::clear): (JSC::ObjectAllocationProfile::visitAggregate): (JSC::ObjectAllocationProfile::possibleDefaultPropertyCount): New class for tracking a prediction about object allocation: structure, inline capacity, allocator to use. * bytecode/Opcode.h: (JSC): (JSC::padOpcodeName): Updated instruction sizes. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC): (JSC::UnlinkedCodeBlock::addObjectAllocationProfile): (JSC::UnlinkedCodeBlock::numberOfObjectAllocationProfiles): (UnlinkedCodeBlock): Unlinked support for allocation profiles. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): Kill all remaining analyses at the end of codegen, since this is our last opportunity. (JSC::BytecodeGenerator::BytecodeGenerator): Added a static property analyzer to bytecode generation. It tracks initializing assignments and makes a guess about how many will happen. (JSC::BytecodeGenerator::newObjectAllocationProfile): (JSC): (JSC::BytecodeGenerator::emitProfiledOpcode): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitResolve): (JSC::BytecodeGenerator::emitResolveBase): (JSC::BytecodeGenerator::emitResolveBaseForPut): (JSC::BytecodeGenerator::emitResolveWithBaseForPut): (JSC::BytecodeGenerator::emitResolveWithThis): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitGetArgumentByVal): (JSC::BytecodeGenerator::emitGetByVal): Added hooks to the static property analyzer, so it can observe allocations and stores. (JSC::BytecodeGenerator::emitCreateThis): Factored this into a helper function because it was a significant amount of logic, and I wanted to add to it. (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitConstruct): Added a hook to profiled opcodes to track their stores, in case a store kills a profiled allocation. Since profiled opcodes are basically the only interesting stores we do, this is a convenient place to notice any store that might kill an allocation. * bytecompiler/BytecodeGenerator.h: (BytecodeGenerator): As above. * bytecompiler/StaticPropertyAnalysis.h: Added. (JSC): (StaticPropertyAnalysis): (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::addPropertyIndex): (JSC::StaticPropertyAnalysis::record): (JSC::StaticPropertyAnalysis::propertyIndexCount): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): Simple helper class for tracking allocations and stores. * bytecompiler/StaticPropertyAnalyzer.h: Added. (StaticPropertyAnalyzer): (JSC::StaticPropertyAnalyzer::StaticPropertyAnalyzer): (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): Helper class for observing allocations and stores and making an inline capacity guess. The heuristics here are intentionally minimal because we don't want this one class to try to re-create something like a DFG or a runtime analysis. If we discover that we need those kinds of analyses, we should just replace this class with something else. This class tracks multiple registers that alias the same object -- that happens a lot, when moving locals into temporary registers -- but it doesn't track control flow or multiple objects that alias the same register. * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::execute): Updated for rename. * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock): Updated for inline capacity and allocation profile. * dfg/DFGNode.h: (JSC::DFG::Node::hasInlineCapacity): (Node): (JSC::DFG::Node::inlineCapacity): (JSC::DFG::Node::hasFunction): Give the graph a good way to represent inline capacity for an allocation. * dfg/DFGNodeType.h: (DFG): Updated for rename. * dfg/DFGOperations.cpp: Updated for interface change. * dfg/DFGOperations.h: We pass the inline capacity to the slow case as an argument. This is the simplest way, since it's stored as a bytecode operand. * dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate): Updated for rename. * dfg/DFGRepatch.cpp: (JSC::DFG::tryCacheGetByID): Fixed a horrible off-by-one-half bug that only appears when doing an inline cached load for property number 64 on a 32-bit system. In JSVALUE32_64 land, "offsetRelativeToPatchedStorage" is the offset of the 64bit JSValue -- but we'll actually issue two loads, one for the payload at that offset, and one for the tag at that offset + 4. We need to ensure that both loads have a compact representation, or we'll corrupt the instruction stream. * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitAllocateJSArray): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::callOperation): (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage): (SpeculativeJIT): (JSC::DFG::SpeculativeJIT::emitAllocateJSObject): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): Lots of refactoring to support passing an allocator to our allocation function, and/or passing a Structure as a register instead of an immediate. * heap/MarkedAllocator.h: (DFG): (MarkedAllocator): (JSC::MarkedAllocator::offsetOfFreeListHead): Added an accessor to simplify JIT code generation of allocation from an arbitrary allocator. * jit/JIT.h: (JSC): * jit/JITInlines.h: (JSC): (JSC::JIT::emitAllocateJSObject): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_create_this): (JSC::JIT::emitSlow_op_create_this): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_create_this): (JSC::JIT::emitSlow_op_create_this): Same refactoring as done for the DFG. * jit/JITStubs.cpp: (JSC::tryCacheGetByID): Fixed the same bug mentioned above. (JSC::DEFINE_STUB_FUNCTION): Updated for interface changes. * llint/LLIntData.cpp: (JSC::LLInt::Data::performAssertions): Updated for interface changes. * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Same refactoring as for the JITs. * profiler/ProfilerBytecode.cpp: * profiler/ProfilerBytecodes.cpp: * profiler/ProfilerCompilation.cpp: * profiler/ProfilerCompiledBytecode.cpp: * profiler/ProfilerDatabase.cpp: * profiler/ProfilerOSRExit.cpp: * profiler/ProfilerOrigin.cpp: * profiler/ProfilerProfiledBytecodes.cpp: Include ObjectConstructor.h because that's where createEmptyObject() lives now. * runtime/Executable.h: (JSC::JSFunction::JSFunction): Updated for rename. * runtime/JSCellInlines.h: (JSC::allocateCell): Updated to match the allocator selection code in the JIT, so it's clearer that both are correct. * runtime/JSFunction.cpp: (JSC::JSFunction::JSFunction): (JSC::JSFunction::createAllocationProfile): (JSC::JSFunction::visitChildren): (JSC::JSFunction::getOwnPropertySlot): (JSC::JSFunction::put): (JSC::JSFunction::defineOwnProperty): (JSC::JSFunction::getConstructData): * runtime/JSFunction.h: (JSC::JSFunction::offsetOfScopeChain): (JSC::JSFunction::offsetOfExecutable): (JSC::JSFunction::offsetOfAllocationProfile): (JSC::JSFunction::allocationProfile): (JSFunction): (JSC::JSFunction::tryGetAllocationProfile): (JSC::JSFunction::addAllocationProfileWatchpoint): Changed inheritorID data member to be an ObjectAllocationProfile, which includes a pointer to the desired allocator. This simplifies JIT code, since we don't have to compute the allocator on the fly. I verified by code inspection that JSFunction is still only 64 bytes. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSGlobalObject): (JSC::JSGlobalObject::dateStructure): No direct pointer to the empty object structure anymore, because now clients need to specify how much inline capacity they want. * runtime/JSONObject.cpp: * runtime/JSObject.h: (JSC): (JSFinalObject): (JSC::JSFinalObject::defaultInlineCapacity): (JSC::JSFinalObject::maxInlineCapacity): (JSC::JSFinalObject::createStructure): A little refactoring to try to clarify where some of these constants derive from. (JSC::maxOffsetRelativeToPatchedStorage): Used for bug fix, above. * runtime/JSProxy.cpp: (JSC::JSProxy::setTarget): Ugly, but effective. * runtime/LiteralParser.cpp: * runtime/ObjectConstructor.cpp: (JSC::constructObject): (JSC::constructWithObjectConstructor): (JSC::callObjectConstructor): (JSC::objectConstructorCreate): Updated for interface changes. * runtime/ObjectConstructor.h: (JSC::constructEmptyObject): Clarified your options for how to allocate an empty object, to emphasize what things can actually vary. * runtime/PropertyOffset.h: These constants have moved because they're really higher level concepts to do with the layout of objects and the collector. PropertyOffset is just an abstract number line, independent of those things. * runtime/PrototypeMap.cpp: (JSC::PrototypeMap::emptyObjectStructureForPrototype): (JSC::PrototypeMap::clearEmptyObjectStructureForPrototype): * runtime/PrototypeMap.h: (PrototypeMap): The map key is now a pair of prototype and inline capacity, since Structure encodes inline capacity. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::addPropertyTransition): (JSC::Structure::nonPropertyTransition): (JSC::Structure::copyPropertyTableForPinning): * runtime/Structure.h: (Structure): (JSC::Structure::totalStorageSize): (JSC::Structure::transitionCount): (JSC::Structure::create): Fixed a nasty refactoring bug that only shows up after enabling variable-sized inline capacities: we were passing our type info where our inline capacity was expected. The compiler didn't notice because both have type int :(. ../WebCore: * ForwardingHeaders/runtime/ObjectConstructor.h: Added. * bindings/js/JSInjectedScriptHostCustom.cpp: * bindings/js/JSSQLResultSetRowListCustom.cpp: Include ObjectConstructor.h because that's where createEmptyObject() is located now. * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneDeserializer::deserialize): Updated for interface change. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141050 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 01 Jan, 2013 1 commit
-
-
barraclough@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=105889 Reviewed by Filip Pizlo. ../JavaScriptCore: For a detailed description of the API implemented here, see: JSContext.h APIJSValue.h JSVirtualMachine.h JSExport.h Still to do - (1) Shoud rename APIJSValue.h -> JSValue.h (but we'll have to rename JSValue.h first). (2) Numerous FIXMEs, all with separate bugs filed. * API/APIJSValue.h: Added. - this Objective-C class is used to reference a JavaScript object. * API/JSBase.h: - added JS_OBJC_API_ENABLED macro to control ObjC API support. * API/JSBlockAdaptor.h: Added. - this Objective-C class is used in creating a special NSBlock proxying a JavaScript function. * API/JSBlockAdaptor.mm: Added. (BlockArgument): (BlockArgument::~BlockArgument): (BlockArgumentBoolean): (BlockArgumentBoolean::get): (BlockArgumentNumeric): (BlockArgumentNumeric::get): (BlockArgumentId): (BlockArgumentId::get): (BlockArgumentStruct): (BlockArgumentStruct::BlockArgumentStruct): (BlockArgumentStruct::~BlockArgumentStruct): (BlockArgumentStruct::get): - decoded arguent type information of a JSBlockAdaptor. (BlockArgumentTypeDelegate): (BlockArgumentTypeDelegate::typeInteger): (BlockArgumentTypeDelegate::typeDouble): (BlockArgumentTypeDelegate::typeBool): (BlockArgumentTypeDelegate::typeVoid): (BlockArgumentTypeDelegate::typeId): (BlockArgumentTypeDelegate::typeOfClass): (BlockArgumentTypeDelegate::typeBlock): (BlockArgumentTypeDelegate::typeStruct): - delegate for use in conjunction with parseObjCType. (BlockResult): (BlockResult::~BlockResult): (BlockResultVoid): (BlockResultVoid::set): (BlockResultInteger): (BlockResultInteger::set): (BlockResultDouble): (BlockResultDouble::set): (BlockResultBoolean): (BlockResultBoolean::set): (BlockResultStruct): (BlockResultStruct::BlockResultStruct): (BlockResultStruct::~BlockResultStruct): (BlockResultStruct::set): - decoded result type information of a JSBlockAdaptor. (buildBlockSignature): - partial step in constructing a signature with stack offset information from one without. (-[JSBlockAdaptor initWithBlockSignatureFromProtocol:]): - constructor. (-[JSBlockAdaptor blockMatchesSignature:]): - check whether signature strings match, where only one contains stack frame offsets. (-[JSBlockAdaptor blockFromValue:inContext:withException:]): - use the adaptor to create a special forwarding block. * API/JSCallbackObjectFunctions.h: (JSC::::inherits): - add missing braces to multiline for statement. * API/JSContext.h: Added. - this Objective-C class is used to reference a JavaScript context. * API/JSContext.mm: Added. (-[JSContext init]): - constructor. (-[JSContext initWithVirtualMachine:]): - construct in a given VM (JSGlobalData). (-[JSContext evaluateScript:]): (-[JSContext globalObject]): - evaluate a script, global object accessor. (+[JSContext currentContext]): (+[JSContext currentThis]): (+[JSContext currentArguments]): - These methods obtain context, this, arguments from within a callback. (-[JSContext virtualMachine]): - implementation for .virtualMachine property. (-[JSContext objectForKeyedSubscript:]): (-[JSContext setObject:forKeyedSubscript:]): - support for subscript property access. (contextInternalContext): - internal accessor to m_context. (-[JSContext dealloc]): - desctructor. (-[JSContext notifyException:]): (-[JSContext valueFromNotifyException:]): (-[JSContext boolFromNotifyException:]): - internal method to record an exception was thrown. (-[JSContext beginCallbackWithData:thisValue:argumentCount:arguments:]): (-[JSContext endCallbackWithData:]): - internal methods to push/pop a callback record. (-[JSContext protect:]): (-[JSContext unprotect:]): - internal methods to add a value to a protect set (used to protect the internal property of JSValue). (-[JSContext wrapperForObject:]): - internal method to create a wrapper object. (WeakContextRef::WeakContextRef): (WeakContextRef::~WeakContextRef): (WeakContextRef::get): (WeakContextRef::set): - Helper class to implement a weak reference to a JSContext. * API/JSContextInternal.h: Added. (CallbackData): (WeakContextRef): - see API/JSContext.mm for description of internal methods. * API/JSExport.h: Added. - Provides JSExport protocol & JSExportAs macro. * API/JSValue.mm: Added. (+[JSValue valueWithObject:inContext:]): (+[JSValue valueWithBool:inContext:]): (+[JSValue valueWithDouble:inContext:]): (+[JSValue valueWithInt32:inContext:]): (+[JSValue valueWithUInt32:inContext:]): (+[JSValue valueWithNewObjectInContext:]): (+[JSValue valueWithNewArrayInContext:]): (+[JSValue valueWithNewRegularExpressionFromPattern:flags:inContext:]): (+[JSValue valueWithNewErrorFromMessage:inContext:]): (+[JSValue valueWithNullInContext:]): (+[JSValue valueWithUndefinedInContext:]): - Constructors. (-[JSValue toObject]): (-[JSValue toObjectOfClass:]): (-[JSValue toBool]): (-[JSValue toDouble]): (-[JSValue toInt32]): (-[JSValue toUInt32]): (-[JSValue toNumber]): (-[JSValue toString]): (-[JSValue toDate]): (-[JSValue toArray]): (-[JSValue toDictionary]): - Conversion to Objective-C types. (-[JSValue valueForProperty:]): (-[JSValue setValue:forProperty:]): (-[JSValue deleteProperty:]): (-[JSValue hasProperty:]): (-[JSValue defineProperty:descriptor:]): - Property access by property name. (-[JSValue valueAtIndex:]): (-[JSValue setValue:atIndex:]): - Property access by index. (-[JSValue isUndefined]): (-[JSValue isNull]): (-[JSValue isBoolean]): (-[JSValue isNumber]): (-[JSValue isString]): (-[JSValue isObject]): - Test JavaScript type. (-[JSValue isEqualToObject:]): (-[JSValue isEqualWithTypeCoercionToObject:]): (-[JSValue isInstanceOf:]): - ===, ==, instanceof operators. (-[JSValue callWithArguments:]): (-[JSValue constructWithArguments:]): (-[JSValue invokeMethod:withArguments:]): - Call & construct. (-[JSValue context]): - implementation for .context property. (-[JSValue toPoint]): (-[JSValue toRange]): (-[JSValue toRect]): (-[JSValue toSize]): (+[JSValue valueWithPoint:inContext:]): (+[JSValue valueWithRange:inContext:]): (+[JSValue valueWithRect:inContext:]): (+[JSValue valueWithSize:inContext:]): - Support for NS struct types. (-[JSValue objectForKeyedSubscript:]): (-[JSValue objectAtIndexedSubscript:]): (-[JSValue setObject:forKeyedSubscript:]): (-[JSValue setObject:atIndexedSubscript:]): - support for subscript property access. (isDate): (isArray): - internal helper functions to check for instances of JS Date, Array types. (JSContainerConvertor): (Task): (JSContainerConvertor::JSContainerConvertor): (JSContainerConvertor::isWorkListEmpty): (JSContainerConvertor::convert): (JSContainerConvertor::add): (JSContainerConvertor::take): - helper class for tracking state while converting to Array/Dictionary objects. (valueToObjectWithoutCopy): (containerValueToObject): (valueToObject): (valueToNumber): (valueToString): (valueToDate): (valueToArray): (valueToDictionary): - function for converting JavaScript values to Objective-C objects. (ObjcContainerConvertor): (ObjcContainerConvertor::ObjcContainerConvertor): (ObjcContainerConvertor::isWorkListEmpty): (ObjcContainerConvertor::convert): (ObjcContainerConvertor::add): (ObjcContainerConvertor::take): - helper class for tracking state while converting to Array/Dictionary values. (objectToValueWithoutCopy): (objectToValue): (valueInternalValue): - function for converting Objective-C objects to JavaScript values. (+[JSValue valueWithValue:inContext:]): (-[JSValue initWithValue:inContext:]): - internal constructors. (StructTagHandler): (getStructTagHandler): (+[JSValue selectorForStructToValue:]): (+[JSValue selectorForValueToStruct:]): - methods to tracking struct types that support conversion to/from JSValue. (-[JSValue dealloc]): - destructor. (-[JSValue description]): - Objective-C to-NSString conversion. (typeToValueInvocationFor): (valueToTypeInvocationFor): - create invocation objects for conversion to/from JSValue. * API/JSValueInternal.h: Added. - see API/JSValue.mm for description of internal methods. * API/JSVirtualMachine.h: Added. - this Objective-C class is used to reference a JavaScript virtual machine (JSGlobalData). * API/JSVirtualMachine.mm: Added. (-[JSVirtualMachine init]): (-[JSVirtualMachine dealloc]): - constructor & destructor. (getGroupFromVirtualMachine): - internal accessor for m_group property. * API/JSVirtualMachineInternal.h: Added. - see API/JSVirtualMachine.mm for description of internal methods. * API/JSWrapperMap.h: Added. * API/JSWrapperMap.mm: Added. (wrapperClass): - singleton root for detction (& unwrapping) of wrapper objects. (selectorToPropertyName): - default selector to property name conversion. (createObjectWithCustomBrand): - creates a JSObject with a custom NativeBrand (class name). (createRenameMap): - parse @optional properties of a JSExport protocol. (putNonEnumerable): - property put with enumerable=false. (copyMethodsToObject): - iterate methods in a protocol; add functions to a JSObject. (parsePropertyAttributes): - examine protocol property metadata. (makeSetterName): - "foo" -> "setFoo" (copyPrototypeProperties): - create properties on a Protocol object reflecting the instance methods & properties of a protocol. (-[JSObjCClassInfo initWithContext:forClass:superClassInfo:]): (-[JSObjCClassInfo dealloc]): (-[JSObjCClassInfo wrapperForObject:]): (-[JSObjCClassInfo constructor]): - cache the Protocol/Constructor objects for an Objective-C type. (-[JSWrapperMap initWithContext:]): (-[JSWrapperMap dealloc]): - constructor & desctructor. (-[JSWrapperMap classInfoForClass:]): - maps Class -> JSObjCClassInfo. (-[JSWrapperMap wrapperForObject:]): - cretae or retrieve a cached wrapper value for an object. (tryUnwrapObjcObject): - check whether a value is a wrapper object; unwrap if so. * API/JavaScriptCore.h: - Added includes for new API headers. * API/ObjCCallbackFunction.h: Added. - this class is used to wrap Objective-C instance methods, class methods & blocks as JSFunction objects. * API/ObjCCallbackFunction.mm: Added. (CallbackArgument): (CallbackArgument::~CallbackArgument): (CallbackArgumentBoolean): (CallbackArgumentBoolean::set): (CallbackArgumentInteger): (CallbackArgumentInteger::set): (CallbackArgumentDouble): (CallbackArgumentDouble::set): (CallbackArgumentJSValue): (CallbackArgumentJSValue::set): (CallbackArgumentId): (CallbackArgumentId::set): (CallbackArgumentOfClass): (CallbackArgumentOfClass::CallbackArgumentOfClass): (CallbackArgumentOfClass::~CallbackArgumentOfClass): (CallbackArgumentOfClass::set): (CallbackArgumentNSNumber): (CallbackArgumentNSNumber::set): (CallbackArgumentNSString): (CallbackArgumentNSString::set): (CallbackArgumentNSDate): (CallbackArgumentNSDate::set): (CallbackArgumentNSArray): (CallbackArgumentNSArray::set): (CallbackArgumentNSDictionary): (CallbackArgumentNSDictionary::set): (CallbackArgumentStruct): (CallbackArgumentStruct::CallbackArgumentStruct): (CallbackArgumentStruct::~CallbackArgumentStruct): (CallbackArgumentStruct::set): (CallbackArgumentBlockCallback): (CallbackArgumentBlockCallback::CallbackArgumentBlockCallback): (CallbackArgumentBlockCallback::~CallbackArgumentBlockCallback): (CallbackArgumentBlockCallback::set): - decoded arguent type information of a ObjCCallbackFunction. (ArgumentTypeDelegate): (ArgumentTypeDelegate::typeInteger): (ArgumentTypeDelegate::typeDouble): (ArgumentTypeDelegate::typeBool): (ArgumentTypeDelegate::typeVoid): (ArgumentTypeDelegate::typeId): (ArgumentTypeDelegate::typeOfClass): (ArgumentTypeDelegate::typeBlock): (ArgumentTypeDelegate::typeStruct): - delegate for use in conjunction with parseObjCType. (CallbackResult): (CallbackResult::~CallbackResult): (CallbackResultVoid): (CallbackResultVoid::get): (CallbackResultId): (CallbackResultId::get): (CallbackResultNumeric): (CallbackResultNumeric::get): (CallbackResultBoolean): (CallbackResultBoolean::get): (CallbackResultStruct): (CallbackResultStruct::CallbackResultStruct): (CallbackResultStruct::~CallbackResultStruct): (CallbackResultStruct::get): - decoded result type information of a ObjCCallbackFunction. (ResultTypeDelegate): (ResultTypeDelegate::typeInteger): (ResultTypeDelegate::typeDouble): (ResultTypeDelegate::typeBool): (ResultTypeDelegate::typeVoid): (ResultTypeDelegate::typeId): (ResultTypeDelegate::typeOfClass): (ResultTypeDelegate::typeBlock): (ResultTypeDelegate::typeStruct): - delegate for use in conjunction with parseObjCType. (ObjCCallbackFunction): (ObjCCallbackFunction::ObjCCallbackFunction): (ObjCCallbackFunction::~ObjCCallbackFunction): - constructor & destructor. (ObjCCallbackFunction::context): - accessor. (ObjCCallbackFunction::wrappedBlock): - attemmpt to unwrap a block object. (objCCallbackFunctionFinalize): (objCCallbackFunctionCallAsFunction): (objCCallbackFunctionClass): - JSClassRef used to represent ObjCCallbackFunction objects. (ObjCCallbackFunction::call): (blockSignatureContainsClass): - helper function to determine if we're running on a recent Clang. (skipNumber): - helper used in parsing signature strings. (objCCallbackFunctionForInvocation): (objCCallbackFunctionForMethod): (objCCallbackFunctionForBlock): - functions to try to create ObjCCallbackFunction instances for methods/blocks. (tryUnwrapBlock): - attemmpt to unwrap a block object. * API/ObjcRuntimeExtras.h: Added. (protocolImplementsProtocol): (forEachProtocolImplementingProtocol): (forEachMethodInClass): (forEachMethodInProtocol): (forEachPropertyInProtocol): - functions used in reflecting on Objective-C types. (skipPair): - parsing helper used by parseObjCType, scans for matching parentheses. (StringRange): (StringRange::StringRange): (StringRange::~StringRange): (StringRange::operator const char*): (StringRange::get): - Helper class - create a c string copy of a range of an existing string. (parseObjCType): - function to parse Objective-C type strings, makes callbacks to a deleagte. * API/tests/testapi.c: (main): - added call to testObjectiveCAPI (in testapi.m). * API/tests/testapi.m: Added. (+[ParentObject parentTest]): (+[TestObject testObject]): (+[TestObject classTest]): (-[TestObject getString]): (-[TestObject testArgumentTypesWithInt:double:boolean:string:number:array:dictionary:]): (-[TestObject callback:]): (-[TextXYZ test:]): - test object, used in various test vases. (checkResult): - helper function. (blockSignatureContainsClass): - helper function to determine if we're running on a recent Clang. (testObjectiveCAPI): - new test cases. * JavaScriptCore.xcodeproj/project.pbxproj: - added new files. * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalData.h: (JSGlobalData): - added m_apiData - provide convenient storage for use by the API. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::JSGlobalObject): * runtime/JSGlobalObject.h: (JSGlobalObject): - added m_apiData - provide convenient storage for use by the API. ../WTF: * wtf/WTFThreadData.cpp: (WTF::WTFThreadData::WTFThreadData): * wtf/WTFThreadData.h: (WTFThreadData): - Added m_apiData - provide convenient storage for use by the API. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138604 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 17 Nov, 2012 1 commit
-
-
fpizlo@apple.com authored
Given a PutById or GetById with a proven structure, the DFG should be able to emit a PutByOffset or GetByOffset instead https://bugs.webkit.org/show_bug.cgi?id=102327 Reviewed by Mark Hahnenberg. If the profiler tells us that a GetById or PutById may be polymorphic but our control flow analysis proves that it isn't, we should trust the control flow analysis over the profiler. This arises in cases where GetById or PutById were inlined: the inlined function may have been called from other places that led to polymorphism, but in the current inlined context, there is no polymorphism. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dump): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFor): (JSC): * bytecode/GetByIdStatus.h: (JSC::GetByIdStatus::GetByIdStatus): (GetByIdStatus): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFor): (JSC): * bytecode/PutByIdStatus.h: (JSC): (JSC::PutByIdStatus::PutByIdStatus): (PutByIdStatus): * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::execute): * dfg/DFGAbstractValue.h: (JSC::DFG::AbstractValue::bestProvenStructure): (AbstractValue): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants): (JSC::DFG::ConstantFoldingPhase::addStructureTransitionCheck): (ConstantFoldingPhase): * dfg/DFGNode.h: (JSC::DFG::Node::convertToGetByOffset): (Node): (JSC::DFG::Node::convertToPutByOffset): (JSC::DFG::Node::hasStorageResult): * runtime/JSGlobalObject.h: (JSC::Structure::prototypeChain): (JSC): (JSC::Structure::isValid): * runtime/Operations.h: (JSC::isPrototypeChainNormalized): (JSC): * runtime/Structure.h: (Structure): (JSC::Structure::transitionDidInvolveSpecificValue): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@135041 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 15 Nov, 2012 1 commit
-
-
fpizlo@apple.com authored
Rubber stamped by Mark Hahnenberg. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSGlobalObject): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@134856 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 10 Nov, 2012 1 commit
-
-
fpizlo@apple.com authored
DFG should optimize out the NaN check on loads from double arrays if the array prototype chain is having a great time https://bugs.webkit.org/show_bug.cgi?id=101718 Reviewed by Geoffrey Garen. If we're reading from a JSArray in double mode, where the array's structure is primordial (all aspects of the structure are unchanged except for indexing type), and the result of the load is used in arithmetic that is known to not distinguish between NaN and undefined, then we should not emit a NaN check. Looks like a 5% win on navier-stokes. Also fixed an OpInfo initialization goof for String ops that was revealed by this change. * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::execute): * dfg/DFGArrayMode.cpp: (JSC::DFG::arraySpeculationToString): * dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::isSaneChain): (ArrayMode): (JSC::DFG::ArrayMode::isInBounds): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleIntrinsic): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): * dfg/DFGNodeFlags.cpp: (JSC::DFG::nodeFlagsAsString): * dfg/DFGNodeFlags.h: (DFG): * dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::arrayPrototypeChainIsSane): (JSC): * runtime/JSGlobalObject.h: (JSGlobalObject): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@134168 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 08 Nov, 2012 1 commit
-
-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=98606 Reviewed by Oliver Hunt. Source/JavaScriptCore: This adds two new indexing types: int32 and double. It also adds array allocation profiling, which allows array allocations to converge to allocating arrays using those types to which those arrays would have been converted. 20% speed-up on navier-stokes. 40% speed-up on various Kraken DSP tests. Some slow-downs too, but a performance win overall on all benchmarks we track. * API/JSObjectRef.cpp: (JSObjectMakeArray): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * assembler/AbstractMacroAssembler.h: (JumpList): (JSC::AbstractMacroAssembler::JumpList::JumpList): * assembler/MacroAssemblerX86Common.h: (JSC::MacroAssemblerX86Common::branchDouble): * assembler/X86Assembler.h: (JSC::X86Assembler::jnp): (X86Assembler): (JSC::X86Assembler::X86InstructionFormatter::emitRex): * bytecode/ArrayAllocationProfile.cpp: Added. (JSC): (JSC::ArrayAllocationProfile::updateIndexingType): * bytecode/ArrayAllocationProfile.h: Added. (JSC): (ArrayAllocationProfile): (JSC::ArrayAllocationProfile::ArrayAllocationProfile): (JSC::ArrayAllocationProfile::selectIndexingType): (JSC::ArrayAllocationProfile::updateLastAllocation): (JSC::ArrayAllocationProfile::selectIndexingTypeFor): (JSC::ArrayAllocationProfile::updateLastAllocationFor): * bytecode/ArrayProfile.cpp: (JSC::ArrayProfile::updatedObservedArrayModes): (JSC): * bytecode/ArrayProfile.h: (JSC): (JSC::arrayModesInclude): (JSC::shouldUseSlowPutArrayStorage): (JSC::shouldUseFastArrayStorage): (JSC::shouldUseContiguous): (JSC::shouldUseDouble): (JSC::shouldUseInt32): (ArrayProfile): * bytecode/ByValInfo.h: (JSC::isOptimizableIndexingType): (JSC::jitArrayModeForIndexingType): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dump): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::updateAllPredictionsAndCountLiveness): (JSC): (JSC::CodeBlock::updateAllValueProfilePredictions): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::updateAllPredictions): (JSC::CodeBlock::shouldOptimizeNow): * bytecode/CodeBlock.h: (CodeBlock): (JSC::CodeBlock::numberOfArrayAllocationProfiles): (JSC::CodeBlock::addArrayAllocationProfile): (JSC::CodeBlock::updateAllValueProfilePredictions): (JSC::CodeBlock::updateAllArrayPredictions): * bytecode/DFGExitProfile.h: (JSC::DFG::exitKindToString): * bytecode/Instruction.h: (JSC): (JSC::Instruction::Instruction): * bytecode/Opcode.h: (JSC): (JSC::padOpcodeName): * bytecode/SpeculatedType.h: (JSC): (JSC::isRealNumberSpeculation): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC): (JSC::UnlinkedCodeBlock::addArrayAllocationProfile): (JSC::UnlinkedCodeBlock::numberOfArrayAllocationProfiles): (UnlinkedCodeBlock): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::newArrayAllocationProfile): (JSC): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): * bytecompiler/BytecodeGenerator.h: (BytecodeGenerator): * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::execute): * dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::fromObserved): (JSC::DFG::ArrayMode::refine): (DFG): (JSC::DFG::ArrayMode::alreadyChecked): (JSC::DFG::arrayTypeToString): * dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::withType): (ArrayMode): (JSC::DFG::ArrayMode::withTypeAndConversion): (JSC::DFG::ArrayMode::usesButterfly): (JSC::DFG::ArrayMode::isSpecific): (JSC::DFG::ArrayMode::supportsLength): (JSC::DFG::ArrayMode::arrayModesThatPassFiltering): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::getArrayMode): (ByteCodeParser): (JSC::DFG::ByteCodeParser::handleIntrinsic): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGCCallHelpers.h: (JSC::DFG::CCallHelpers::setupArgumentsWithExecState): (CCallHelpers): * dfg/DFGCallArrayAllocatorSlowPathGenerator.h: (JSC::DFG::CallArrayAllocatorSlowPathGenerator::generateInternal): (JSC::DFG::CallArrayAllocatorWithVariableSizeSlowPathGenerator::generateInternal): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::checkArray): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): * dfg/DFGGraph.h: (JSC::DFG::Graph::byValIsPure): * dfg/DFGNode.h: (NewArrayBufferData): (JSC::DFG::Node::hasIndexingType): (Node): (JSC::DFG::Node::indexingType): (JSC::DFG::Node::setIndexingType): * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitAllocateJSArray): (JSC::DFG::SpeculativeJIT::jumpSlowForUnwantedArrayMode): (DFG): (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::arrayify): (JSC::DFG::SpeculativeJIT::compileDoublePutByVal): (JSC::DFG::SpeculativeJIT::compileGetArrayLength): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::callOperation): (SpeculativeJIT): (SpeculateIntegerOperand): (JSC::DFG::SpeculateIntegerOperand::use): (SpeculateDoubleOperand): (JSC::DFG::SpeculateDoubleOperand::use): * dfg/DFGSpeculativeJIT32_64.cpp: (DFG): (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * jit/JIT.h: (JSC::JIT::emitInt32GetByVal): (JIT): (JSC::JIT::emitInt32PutByVal): (JSC::JIT::emitDoublePutByVal): (JSC::JIT::emitContiguousPutByVal): * jit/JITExceptions.cpp: (JSC::genericThrow): * jit/JITInlineMethods.h: (JSC::arrayProfileSaw): (JSC::JIT::chooseArrayMode): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_new_array_buffer): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitDoubleGetByVal): (JSC): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompilePutByVal): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitDoubleGetByVal): (JSC): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitSlow_op_put_by_val): * jit/JITStubs.cpp: (JSC::DEFINE_STUB_FUNCTION): * jit/JITStubs.h: (JSC): * jsc.cpp: (GlobalObject::finishCreation): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/x86.rb: * runtime/ArrayConstructor.cpp: (JSC::constructArrayWithSizeQuirk): * runtime/ArrayConstructor.h: (JSC): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncConcat): (JSC::arrayProtoFuncSlice): (JSC::arrayProtoFuncSplice): (JSC::arrayProtoFuncFilter): (JSC::arrayProtoFuncMap): * runtime/Butterfly.h: (JSC::Butterfly::contiguousInt32): (JSC::Butterfly::contiguousDouble): (JSC::Butterfly::fromContiguous): * runtime/ButterflyInlineMethods.h: (JSC::Butterfly::createUninitializedDuringCollection): * runtime/FunctionPrototype.cpp: (JSC::functionProtoFuncBind): * runtime/IndexingHeaderInlineMethods.h: (JSC::IndexingHeader::indexingPayloadSizeInBytes): * runtime/IndexingType.cpp: (JSC::leastUpperBoundOfIndexingTypes): (JSC): (JSC::leastUpperBoundOfIndexingTypeAndType): (JSC::leastUpperBoundOfIndexingTypeAndValue): (JSC::indexingTypeToString): * runtime/IndexingType.h: (JSC): (JSC::hasUndecided): (JSC::hasInt32): (JSC::hasDouble): * runtime/JSArray.cpp: (JSC::JSArray::setLength): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::shiftCountWithAnyIndexingType): (JSC::JSArray::unshiftCountWithAnyIndexingType): (JSC::compareNumbersForQSortWithInt32): (JSC): (JSC::compareNumbersForQSortWithDouble): (JSC::JSArray::sortNumericVector): (JSC::JSArray::sortNumeric): (JSC::JSArray::sortCompactedVector): (JSC::JSArray::sort): (JSC::JSArray::sortVector): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToArguments): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSArray): (JSC::createContiguousArrayButterfly): (JSC::JSArray::create): (JSC::JSArray::tryCreateUninitialized): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC): (JSC::JSGlobalObject::haveABadTime): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSGlobalObject): (JSC::JSGlobalObject::originalArrayStructureForIndexingType): (JSC::JSGlobalObject::arrayStructureForIndexingTypeDuringAllocation): (JSC::JSGlobalObject::arrayStructureForProfileDuringAllocation): (JSC::JSGlobalObject::isOriginalArrayStructure): (JSC::constructEmptyArray): (JSC::constructArray): * runtime/JSObject.cpp: (JSC::JSObject::copyButterfly): (JSC::JSObject::getOwnPropertySlotByIndex): (JSC::JSObject::putByIndex): (JSC::JSObject::enterDictionaryIndexingMode): (JSC::JSObject::createInitialIndexedStorage): (JSC): (JSC::JSObject::createInitialUndecided): (JSC::JSObject::createInitialInt32): (JSC::JSObject::createInitialDouble): (JSC::JSObject::createInitialContiguous): (JSC::JSObject::convertUndecidedToInt32): (JSC::JSObject::convertUndecidedToDouble): (JSC::JSObject::convertUndecidedToContiguous): (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements): (JSC::JSObject::convertUndecidedToArrayStorage): (JSC::JSObject::convertInt32ToDouble): (JSC::JSObject::convertInt32ToContiguous): (JSC::JSObject::convertInt32ToArrayStorage): (JSC::JSObject::convertDoubleToContiguous): (JSC::JSObject::convertDoubleToArrayStorage): (JSC::JSObject::convertContiguousToArrayStorage): (JSC::JSObject::convertUndecidedForValue): (JSC::JSObject::convertInt32ForValue): (JSC::JSObject::setIndexQuicklyToUndecided): (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex): (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex): (JSC::JSObject::ensureInt32Slow): (JSC::JSObject::ensureDoubleSlow): (JSC::JSObject::ensureContiguousSlow): (JSC::JSObject::ensureArrayStorageSlow): (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode): (JSC::JSObject::switchToSlowPutArrayStorage): (JSC::JSObject::deletePropertyByIndex): (JSC::JSObject::getOwnPropertyNames): (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes): (JSC::JSObject::putByIndexBeyondVectorLength): (JSC::JSObject::putDirectIndexBeyondVectorLength): (JSC::JSObject::getNewVectorLength): (JSC::JSObject::countElements): (JSC::JSObject::ensureLengthSlow): (JSC::JSObject::getOwnPropertyDescriptor): * runtime/JSObject.h: (JSC::JSObject::getArrayLength): (JSC::JSObject::getVectorLength): (JSC::JSObject::canGetIndexQuickly): (JSC::JSObject::getIndexQuickly): (JSC::JSObject::tryGetIndexQuickly): (JSC::JSObject::canSetIndexQuickly): (JSC::JSObject::canSetIndexQuicklyForPutDirect): (JSC::JSObject::setIndexQuickly): (JSC::JSObject::initializeIndex): (JSC::JSObject::hasSparseMap): (JSC::JSObject::inSparseIndexingMode): (JSObject): (JSC::JSObject::ensureInt32): (JSC::JSObject::ensureDouble): (JSC::JSObject::ensureLength): (JSC::JSObject::indexingData): (JSC::JSObject::currentIndexingData): (JSC::JSObject::getHolyIndexQuickly): (JSC::JSObject::relevantLength): (JSC::JSObject::currentRelevantLength): * runtime/JSValue.cpp: (JSC::JSValue::description): * runtime/LiteralParser.cpp: (JSC::::parse): * runtime/ObjectConstructor.cpp: (JSC::objectConstructorGetOwnPropertyNames): (JSC::objectConstructorKeys): * runtime/StringPrototype.cpp: (JSC::stringProtoFuncMatch): (JSC::stringProtoFuncSplit): * runtime/Structure.cpp: (JSC::Structure::nonPropertyTransition): * runtime/StructureTransitionTable.h: (JSC::newIndexingType): Source/WebCore: Just refactoring WebCore to pass 0 for the ArrayAllocationProfile*. * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::JSCanvasRenderingContext2D::webkitLineDash): * bindings/js/JSClipboardCustom.cpp: (WebCore::JSClipboard::types): * bindings/js/JSDOMBinding.cpp: (WebCore::jsArray): * bindings/js/JSDOMBinding.h: (WebCore::jsArray): * bindings/js/JSInjectedScriptHostCustom.cpp: (WebCore::getJSListenerFunctions): * bindings/js/JSJavaScriptCallFrameCustom.cpp: (WebCore::JSJavaScriptCallFrame::scopeChain): * bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::ports): * bindings/js/JSMutationCallbackCustom.cpp: (WebCore::JSMutationCallback::handleEvent): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::toJS): (WebCore::JSWebGLRenderingContext::getAttachedShaders): (WebCore::JSWebGLRenderingContext::getSupportedExtensions): * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneDeserializer::deserialize): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133953 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 06 Nov, 2012 1 commit
-
-
oliver@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 28 Oct, 2012 1 commit
-
-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=99260 Reviewed by Oliver Hunt. This change allows us to find out if an array access that has gone polymorphic is operating over known structures - i.e. the primordial array structures of the global object that the code block containing the array access belongs to. We term this state "OriginalArray" for short. The fact that the access has gone polymorphic means that the array profile will not be able to report the set of structures it had seen - but if it can tell us that all of the structures were primordial then it just so happens that we can deduce what the structure set would have been by just querying the code block's global object. This allows us to emit an ArrayifyToStructure instead of an Arrayify if we find that we need to do conversions. The fast path of an ArrayifyToStructure is exactly like the fast path of a CheckStructure and is mostly subject to the same optimizations. It also burns one fewer registers. Essentially the notion of OriginalArray is a super cheap way of getting the array profile to tell us a structure set instead of a singleton structure. Currently, the array profile can only tell us the structure seen at an array access if there was exactly one structure. If there were multiple structures, it won't tell us anything other than the array modes and other auxiliary profiling data (whether there were stores to holes, for example). With OriginalArray, we cheaply get a structure set if all of the structures were primordial for the code block's global object, since in that case the array mode set (ArrayModes) can directly tell us the structure set. In the future, we might consider adding complete structure sets to the array profiles, but I suspect that we would hit diminishing returns if we did so - it would only help if we have array accesses that are both polymorphic and are cross-global-object accesses (rare) or if the arrays had named properties or other structure transitions that are unrelated to indexing type (also rare). This also does away with Arrayify (and the new ArrayifyToStructure) returning the butterfly pointer. This turns out to be faster and easier to CSE. And, this also changes constant folding to be able to eliminate CheckStructure, ForwardCheckStructure, and ArrayifyToStructure in addition to being able to transform them into structure transition watchpoints. This is great for ArrayifyToStructure because then CSE and CFA know that there is no side effect. Converting CheckStructure and ForwardCheckStructure to also behave this way is just a matter of elegance. This has no performance impact right now. It's intended to alleviate some of the regressions seen in the early implementation of https://bugs.webkit.org/show_bug.cgi?id=98606. * bytecode/ArrayProfile.cpp: (JSC::ArrayProfile::computeUpdatedPrediction): * bytecode/ArrayProfile.h: (JSC): (JSC::ArrayProfile::ArrayProfile): (ArrayProfile): (JSC::ArrayProfile::usesOriginalArrayStructures): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::updateAllPredictionsAndCountLiveness): * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::execute): * dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::fromObserved): (JSC::DFG::ArrayMode::alreadyChecked): (JSC::DFG::arrayClassToString): * dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::withProfile): (JSC::DFG::ArrayMode::isJSArray): (ArrayMode): (JSC::DFG::ArrayMode::isJSArrayWithOriginalStructure): (JSC::DFG::ArrayMode::supportsLength): (JSC::DFG::ArrayMode::arrayModesWithIndexingShape): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::getArrayModeAndEmitChecks): (JSC::DFG::ByteCodeParser::handleGetByOffset): * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::checkStructureElimination): (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination): (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination): (JSC::DFG::CSEPhase::checkArrayElimination): (JSC::DFG::CSEPhase::getScopeRegistersLoadElimination): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::checkArray): * dfg/DFGNode.h: (JSC::DFG::Node::hasStructure): (JSC::DFG::Node::hasArrayMode): (JSC::DFG::Node::arrayMode): * dfg/DFGNodeType.h: (DFG): * dfg/DFGPredictionPropagationPhase.cpp: (JSC::DFG::PredictionPropagationPhase::propagate): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::jumpSlowForUnwantedArrayMode): (JSC::DFG::SpeculativeJIT::arrayify): * dfg/DFGSpeculativeJIT.h: (SpeculativeJIT): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::isOriginalArrayStructure): * runtime/Structure.cpp: (JSC::Structure::nonPropertyTransition): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@132759 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 09 Oct, 2012 2 commits
-
-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=97288 Reviewed by Mark Hahnenberg. Source/JavaScriptCore: This introduces a new kind of indexed property storage called Contiguous, which has the following properties: - No header bits beyond IndexedHeader. This results in a 16 byte reduction in memory usage per array versus an ArrayStorage array. It also means that the total memory usage for an empty array is now just 3 * 8 on both 32-bit and 64-bit. Of that, only 8 bytes are array-specific; the rest is our standard object header overhead. - No need for hole checks on store. This results in a ~4% speed-up on Kraken and a ~1% speed-up on V8v7. - publicLength <= vectorLength. This means that doing new Array(blah) immediately allocates room for blah elements. - No sparse map or index bias. If you ever do things to an array that would require publicLength > vectorLength, a sparse map, or index bias, then we switch to ArrayStorage mode. This seems to never happen in any benchmark we track, and is unlikely to happen very frequently on any website. * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::JumpList::append): * assembler/MacroAssembler.h: (MacroAssembler): (JSC::MacroAssembler::patchableBranchTest32): * bytecode/ByValInfo.h: Added. (JSC): (JSC::isOptimizableIndexingType): (JSC::jitArrayModeForIndexingType): (JSC::ByValInfo::ByValInfo): (ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/CodeBlock.h: (CodeBlock): (JSC::CodeBlock::getByValInfo): (JSC::CodeBlock::setNumberOfByValInfos): (JSC::CodeBlock::numberOfByValInfos): (JSC::CodeBlock::byValInfo): * bytecode/SamplingTool.h: * dfg/DFGAbstractState.cpp: (JSC::DFG::AbstractState::execute): * dfg/DFGArrayMode.cpp: (JSC::DFG::fromObserved): (JSC::DFG::modeAlreadyChecked): (JSC::DFG::modeToString): * dfg/DFGArrayMode.h: (DFG): (JSC::DFG::modeUsesButterfly): (JSC::DFG::modeIsJSArray): (JSC::DFG::isInBoundsAccess): (JSC::DFG::mayStoreToTail): (JSC::DFG::mayStoreToHole): (JSC::DFG::modeIsPolymorphic): (JSC::DFG::polymorphicIncludesContiguous): (JSC::DFG::polymorphicIncludesArrayStorage): (JSC::DFG::canCSEStorage): (JSC::DFG::modeSupportsLength): (JSC::DFG::benefitsFromStructureCheck): (JSC::DFG::isEffectful): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleIntrinsic): * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::getArrayLengthElimination): (JSC::DFG::CSEPhase::getByValLoadElimination): (JSC::DFG::CSEPhase::performNodeCSE): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::checkArray): (JSC::DFG::FixupPhase::blessArrayOperation): * dfg/DFGGraph.h: (JSC::DFG::Graph::byValIsPure): * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGRepatch.cpp: (JSC::DFG::tryCacheGetByID): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::arrayify): (JSC::DFG::SpeculativeJIT::compileGetArrayLength): (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal): (DFG): * dfg/DFGSpeculativeJIT.h: (DFG): (JSC::DFG::SpeculativeJIT::callOperation): (SpeculativeJIT): (JSC::DFG::SpeculativeJIT::putByValWillNeedExtraRegister): (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compileContiguousGetByVal): (DFG): (JSC::DFG::SpeculativeJIT::compileArrayStorageGetByVal): (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal): (JSC::DFG::SpeculativeJIT::compileArrayStoragePutByVal): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compileContiguousGetByVal): (DFG): (JSC::DFG::SpeculativeJIT::compileArrayStorageGetByVal): (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal): (JSC::DFG::SpeculativeJIT::compileArrayStoragePutByVal): (JSC::DFG::SpeculativeJIT::compile): * interpreter/Interpreter.cpp: (SamplingScope): (JSC::SamplingScope::SamplingScope): (JSC::SamplingScope::~SamplingScope): (JSC): (JSC::Interpreter::execute): * jit/JIT.cpp: (JSC::JIT::privateCompileSlowCases): (JSC::JIT::privateCompile): * jit/JIT.h: (JSC::ByValCompilationInfo::ByValCompilationInfo): (ByValCompilationInfo): (JSC): (JIT): (JSC::JIT::compileGetByVal): (JSC::JIT::compilePutByVal): * jit/JITInlineMethods.h: (JSC::JIT::emitAllocateJSArray): (JSC::JIT::emitArrayProfileStoreToHoleSpecialCase): (JSC): (JSC::arrayProfileSaw): (JSC::JIT::chooseArrayMode): * jit/JITOpcodes.cpp: (JSC::JIT::emitSlow_op_get_argument_by_val): (JSC::JIT::emit_op_new_array): (JSC::JIT::emitSlow_op_new_array): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emitSlow_op_get_argument_by_val): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::privateCompilePatchGetArrayLength): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompilePutByVal): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_get_by_val): (JSC): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitSlow_op_put_by_val): * jit/JITStubs.cpp: (JSC::getByVal): (JSC): (JSC::DEFINE_STUB_FUNCTION): (JSC::putByVal): * jit/JITStubs.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * runtime/ArrayConventions.h: (JSC::isDenseEnoughForVector): * runtime/ArrayPrototype.cpp: (JSC): (JSC::shift): (JSC::unshift): (JSC::arrayProtoFuncPush): (JSC::arrayProtoFuncShift): (JSC::arrayProtoFuncSplice): (JSC::arrayProtoFuncUnShift): * runtime/Butterfly.h: (Butterfly): (JSC::Butterfly::fromPointer): (JSC::Butterfly::pointer): (JSC::Butterfly::publicLength): (JSC::Butterfly::vectorLength): (JSC::Butterfly::setPublicLength): (JSC::Butterfly::setVectorLength): (JSC::Butterfly::contiguous): (JSC::Butterfly::fromContiguous): * runtime/ButterflyInlineMethods.h: (JSC::Butterfly::unshift): (JSC::Butterfly::shift): * runtime/IndexingHeaderInlineMethods.h: (JSC::IndexingHeader::indexingPayloadSizeInBytes): * runtime/IndexingType.cpp: Added. (JSC): (JSC::indexingTypeToString): * runtime/IndexingType.h: (JSC): (JSC::hasContiguous): * runtime/JSArray.cpp: (JSC::JSArray::setLengthWithArrayStorage): (JSC::JSArray::setLength): (JSC): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::shiftCountWithArrayStorage): (JSC::JSArray::shiftCountWithAnyIndexingType): (JSC::JSArray::unshiftCountWithArrayStorage): (JSC::JSArray::unshiftCountWithAnyIndexingType): (JSC::JSArray::sortNumericVector): (JSC::JSArray::sortNumeric): (JSC::JSArray::sortCompactedVector): (JSC::JSArray::sort): (JSC::JSArray::sortVector): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToArguments): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSC::JSArray::shiftCountForShift): (JSC::JSArray::shiftCountForSplice): (JSArray): (JSC::JSArray::shiftCount): (JSC::JSArray::unshiftCountForShift): (JSC::JSArray::unshiftCountForSplice): (JSC::JSArray::unshiftCount): (JSC::JSArray::isLengthWritable): (JSC::createContiguousArrayButterfly): (JSC): (JSC::JSArray::create): (JSC::JSArray::tryCreateUninitialized): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC): (JSC::JSGlobalObject::haveABadTime): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSGlobalObject): (JSC::JSGlobalObject::arrayStructureWithArrayStorage): (JSC::JSGlobalObject::addressOfArrayStructureWithArrayStorage): (JSC::constructEmptyArray): * runtime/JSObject.cpp: (JSC::JSObject::visitButterfly): (JSC::JSObject::getOwnPropertySlotByIndex): (JSC::JSObject::putByIndex): (JSC::JSObject::enterDictionaryIndexingMode): (JSC::JSObject::createInitialContiguous): (JSC): (JSC::JSObject::createArrayStorage): (JSC::JSObject::convertContiguousToArrayStorage): (JSC::JSObject::ensureContiguousSlow): (JSC::JSObject::ensureArrayStorageSlow): (JSC::JSObject::ensureIndexedStorageSlow): (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode): (JSC::JSObject::switchToSlowPutArrayStorage): (JSC::JSObject::setPrototype): (JSC::JSObject::deletePropertyByIndex): (JSC::JSObject::getOwnPropertyNames): (JSC::JSObject::defineOwnIndexedProperty): (JSC::JSObject::putByIndexBeyondVectorLengthContiguousWithoutAttributes): (JSC::JSObject::putByIndexBeyondVectorLength): (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage): (JSC::JSObject::putDirectIndexBeyondVectorLength): (JSC::JSObject::getNewVectorLength): (JSC::JSObject::countElementsInContiguous): (JSC::JSObject::increaseVectorLength): (JSC::JSObject::ensureContiguousLengthSlow): (JSC::JSObject::getOwnPropertyDescriptor): * runtime/JSObject.h: (JSC::JSObject::getArrayLength): (JSC::JSObject::getVectorLength): (JSC::JSObject::canGetIndexQuickly): (JSC::JSObject::getIndexQuickly): (JSC::JSObject::tryGetIndexQuickly): (JSC::JSObject::canSetIndexQuickly): (JSC::JSObject::canSetIndexQuicklyForPutDirect): (JSC::JSObject::setIndexQuickly): (JSC::JSObject::initializeIndex): (JSC::JSObject::hasSparseMap): (JSC::JSObject::inSparseIndexingMode): (JSObject): (JSC::JSObject::ensureContiguous): (JSC::JSObject::ensureIndexedStorage): (JSC::JSObject::ensureContiguousLength): (JSC::JSObject::indexingData): (JSC::JSObject::relevantLength): * runtime/JSValue.cpp: (JSC::JSValue::description): * runtime/Options.cpp: (JSC::Options::initialize): * runtime/Structure.cpp: (JSC::Structure::needsSlowPutIndexing): (JSC): (JSC::Structure::suggestedArrayStorageTransition): * runtime/Structure.h: (Structure): * runtime/StructureTransitionTable.h: (JSC::newIndexingType): Source/WTF: Moved out this helpful math utility to MathExtras, since we now use it in multiple places. * wtf/MathExtras.h: (timesThreePlusOneDividedByTwo): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130826 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
mark.lam@apple.com authored
previously deleted Interpreter::privateExecute(). https://bugs.webkit.org/show_bug.cgi?id=98717. Reviewed by Filip Pizlo. * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.order: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * Target.pri: * bytecode/BytecodeConventions.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::nameForRegister): * bytecode/CodeBlock.h: (CodeBlock): * bytecode/ValueRecovery.h: (JSC::ValueRecovery::alreadyInJSStack): (JSC::ValueRecovery::alreadyInJSStackAsUnboxedInt32): (JSC::ValueRecovery::alreadyInJSStackAsUnboxedCell): (JSC::ValueRecovery::alreadyInJSStackAsUnboxedBoolean): (JSC::ValueRecovery::alreadyInJSStackAsUnboxedDouble): (JSC::ValueRecovery::displacedInJSStack): (JSC::ValueRecovery::isAlreadyInJSStack): (JSC::ValueRecovery::virtualRegister): (JSC::ValueRecovery::dump): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::resolveCallee): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitConstruct): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::registerFor): * dfg/DFGAbstractState.h: (AbstractState): * dfg/DFGAssemblyHelpers.h: (JSC::DFG::AssemblyHelpers::emitGetFromCallFrameHeaderPtr): (JSC::DFG::AssemblyHelpers::emitPutToCallFrameHeader): (JSC::DFG::AssemblyHelpers::emitPutImmediateToCallFrameHeader): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::getDirect): (JSC::DFG::ByteCodeParser::findArgumentPositionForLocal): (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::InlineStackEntry::remapOperand): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): * dfg/DFGGenerationInfo.h: (GenerationInfo): (JSC::DFG::GenerationInfo::needsSpill): * dfg/DFGGraph.h: * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::compileEntry): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::beginCall): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): * dfg/DFGOSRExitCompiler32_64.cpp: (JSC::DFG::OSRExitCompiler::compileExit): * dfg/DFGOSRExitCompiler64.cpp: (JSC::DFG::OSRExitCompiler::compileExit): * dfg/DFGRepatch.cpp: (JSC::DFG::tryBuildGetByIDList): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compile): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor): * dfg/DFGSpeculativeJIT.h: (SpeculativeJIT): (JSC::DFG::SpeculativeJIT::spill): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::emitCall): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::fillInteger): (JSC::DFG::SpeculativeJIT::emitCall): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGThunks.cpp: (JSC::DFG::throwExceptionFromCallSlowPathGenerator): (JSC::DFG::slowPathFor): (JSC::DFG::virtualForThunkGenerator): * dfg/DFGValueSource.cpp: (JSC::DFG::ValueSource::dump): * dfg/DFGValueSource.h: (JSC::DFG::dataFormatToValueSourceKind): (JSC::DFG::valueSourceKindToDataFormat): (JSC::DFG::isInJSStack): (JSC::DFG::ValueSource::forSpeculation): (JSC::DFG::ValueSource::isInJSStack): (JSC::DFG::ValueSource::valueRecovery): * dfg/DFGVariableEventStream.cpp: (JSC::DFG::VariableEventStream::reconstruct): * heap/Heap.cpp: (JSC::Heap::stack): (JSC::Heap::getConservativeRegisterRoots): (JSC::Heap::markRoots): * heap/Heap.h: (JSC): (Heap): * interpreter/CallFrame.cpp: (JSC::CallFrame::stack): * interpreter/CallFrame.h: (JSC::ExecState::calleeAsValue): (JSC::ExecState::callee): (JSC::ExecState::codeBlock): (JSC::ExecState::scope): (JSC::ExecState::callerFrame): (JSC::ExecState::returnPC): (JSC::ExecState::hasReturnPC): (JSC::ExecState::clearReturnPC): (JSC::ExecState::bytecodeOffsetForNonDFGCode): (JSC::ExecState::setBytecodeOffsetForNonDFGCode): (JSC::ExecState::inlineCallFrame): (JSC::ExecState::codeOriginIndexForDFG): (JSC::ExecState::currentVPC): (JSC::ExecState::setCurrentVPC): (JSC::ExecState::setCallerFrame): (JSC::ExecState::setScope): (JSC::ExecState::init): (JSC::ExecState::argumentCountIncludingThis): (JSC::ExecState::offsetFor): (JSC::ExecState::setArgumentCountIncludingThis): (JSC::ExecState::setCallee): (JSC::ExecState::setCodeBlock): (JSC::ExecState::setReturnPC): (JSC::ExecState::setInlineCallFrame): (ExecState): * interpreter/Interpreter.cpp: (JSC::Interpreter::slideRegisterWindowForCall): (JSC::eval): (JSC::loadVarargs): (JSC::Interpreter::dumpRegisters): (JSC::Interpreter::throwException): (JSC::Interpreter::execute): (JSC::Interpreter::executeCall): (JSC::Interpreter::executeConstruct): (JSC::Interpreter::prepareForRepeatCall): (JSC::Interpreter::endRepeatCall): * interpreter/Interpreter.h: (JSC::Interpreter::stack): (Interpreter): (JSC::Interpreter::execute): (JSC): * interpreter/JSStack.cpp: Copied from Source/JavaScriptCore/interpreter/RegisterFile.cpp. (JSC::stackStatisticsMutex): (JSC::JSStack::~JSStack): (JSC::JSStack::growSlowCase): (JSC::JSStack::gatherConservativeRoots): (JSC::JSStack::releaseExcessCapacity): (JSC::JSStack::initializeThreading): (JSC::JSStack::committedByteCount): (JSC::JSStack::addToCommittedByteCount): * interpreter/JSStack.h: Copied from Source/JavaScriptCore/interpreter/RegisterFile.h. (JSStack): (JSC::JSStack::JSStack): (JSC::JSStack::shrink): (JSC::JSStack::grow): * interpreter/RegisterFile.cpp: Removed. * interpreter/RegisterFile.h: Removed. * interpreter/VMInspector.cpp: (JSC::VMInspector::dumpFrame): * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::privateCompile): * jit/JIT.h: (JSC): (JIT): * jit/JITCall.cpp: (JSC::JIT::compileLoadVarargs): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCall32_64.cpp: (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_ret_object_or_this): (JSC::JIT::compileLoadVarargs): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCode.h: (JSC): (JSC::JITCode::execute): * jit/JITInlineMethods.h: (JSC::JIT::emitPutToCallFrameHeader): (JSC::JIT::emitPutCellToCallFrameHeader): (JSC::JIT::emitPutIntToCallFrameHeader): (JSC::JIT::emitPutImmediateToCallFrameHeader): (JSC::JIT::emitGetFromCallFrameHeaderPtr): (JSC::JIT::emitGetFromCallFrameHeader32): (JSC::JIT::updateTopCallFrame): (JSC::JIT::unmap): * jit/JITOpcodes.cpp: (JSC::JIT::privateCompileCTIMachineTrampolines): (JSC::JIT::privateCompileCTINativeCall): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_ret_object_or_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_get_arguments_length): (JSC::JIT::emit_op_get_argument_by_val): (JSC::JIT::emit_op_resolve_global_dynamic): * jit/JITOpcodes32_64.cpp: (JSC::JIT::privateCompileCTIMachineTrampolines): (JSC::JIT::privateCompileCTINativeCall): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_get_arguments_length): (JSC::JIT::emit_op_get_argument_by_val): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_scoped_var): (JSC::JIT::emit_op_put_scoped_var): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_get_scoped_var): (JSC::JIT::emit_op_put_scoped_var): * jit/JITStubs.cpp: (JSC::ctiTrampoline): (JSC::JITThunks::JITThunks): (JSC): (JSC::DEFINE_STUB_FUNCTION): * jit/JITStubs.h: (JSC): (JITStackFrame): * jit/JSInterfaceJIT.h: * jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::SpecializedThunkJIT): (JSC::SpecializedThunkJIT::returnJSValue): (JSC::SpecializedThunkJIT::returnDouble): (JSC::SpecializedThunkJIT::returnInt32): (JSC::SpecializedThunkJIT::returnJSCell): * llint/LLIntData.cpp: (JSC::LLInt::Data::performAssertions): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::genericCall): * llint/LLIntSlowPaths.h: (LLInt): * llint/LowLevelInterpreter.asm: * runtime/Arguments.cpp: (JSC::Arguments::tearOffForInlineCallFrame): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::arityCheckFor): * runtime/InitializeThreading.cpp: (JSC::initializeThreadingOnce): * runtime/JSActivation.cpp: (JSC::JSActivation::visitChildren): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::globalExec): * runtime/JSGlobalObject.h: (JSC): (JSGlobalObject): * runtime/JSLock.cpp: (JSC): * runtime/JSVariableObject.h: (JSVariableObject): * runtime/MemoryStatistics.cpp: (JSC::globalMemoryStatistics): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130726 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 03 Oct, 2012 1 commit
-
-
mhahnenberg@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=96546 Reviewed by Geoffrey Garen. This patch gets rid of the separate Structure allocator in the MarkedSpace and adds two new destructor-only allocators. We now have separate allocators for our three types of objects: those objects with no destructors, those objects with destructors and with immortal structures, and those objects with destructors that don't have immortal structures. All of the objects of the third type (destructors without immortal structures) now inherit from a new class named JSDestructibleObject (which in turn is a subclass of JSNonFinalObject), which stores the ClassInfo for these classes at a fixed offset for safe retrieval during sweeping/destruction. Source/JavaScriptCore: * API/JSCallbackConstructor.cpp: Use JSDestructibleObject for JSCallbackConstructor. (JSC): (JSC::JSCallbackConstructor::JSCallbackConstructor): * API/JSCallbackConstructor.h: (JSCallbackConstructor): * API/JSCallbackObject.cpp: Inherit from JSDestructibleObject for normal JSCallbackObjects and use a finalizer for JSCallbackObject<JSGlobalObject>, since JSGlobalObject also uses a finalizer. (JSC): (JSC::::create): We need to move the create function for JSCallbackObject<JSGlobalObject> out of line so we can add the finalizer for it. We don't want to add the finalizer is something like finishCreation in case somebody decides to subclass this. We use this same technique for many other subclasses of JSGlobalObject. (JSC::::createStructure): * API/JSCallbackObject.h: (JSCallbackObject): (JSC): * API/JSClassRef.cpp: Change all the JSCallbackObject<JSNonFinalObject> to use JSDestructibleObject instead. (OpaqueJSClass::prototype): * API/JSObjectRef.cpp: Ditto. (JSObjectMake): (JSObjectGetPrivate): (JSObjectSetPrivate): (JSObjectGetPrivateProperty): (JSObjectSetPrivateProperty): (JSObjectDeletePrivateProperty): * API/JSValueRef.cpp: Ditto. (JSValueIsObjectOfClass): * API/JSWeakObjectMapRefPrivate.cpp: Ditto. * JSCTypedArrayStubs.h: (JSC): * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGSpeculativeJIT.h: Use the proper allocator type when doing inline allocation in the DFG. (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject): (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject): * heap/Heap.cpp: (JSC): * heap/Heap.h: Add accessors for the various types of allocators now. Also remove the isSafeToSweepStructures function since it's always safe to sweep Structures now. (JSC::Heap::allocatorForObjectWithNormalDestructor): (JSC::Heap::allocatorForObjectWithImmortalStructureDestructor): (Heap): (JSC::Heap::allocateWithNormalDestructor): (JSC): (JSC::Heap::allocateWithImmortalStructureDestructor): * heap/IncrementalSweeper.cpp: Remove all the logic to detect when it's safe to sweep Structures from the IncrementalSweeper since it's always safe to sweep Structures now. (JSC::IncrementalSweeper::IncrementalSweeper): (JSC::IncrementalSweeper::sweepNextBlock): (JSC::IncrementalSweeper::startSweeping): (JSC::IncrementalSweeper::willFinishSweeping): (JSC): * heap/IncrementalSweeper.h: (IncrementalSweeper): * heap/MarkedAllocator.cpp: Remove the logic that was preventing us from sweeping Structures if it wasn't safe. Add tracking of the specific destructor type of allocator. (JSC::MarkedAllocator::tryAllocateHelper): (JSC::MarkedAllocator::allocateBlock): * heap/MarkedAllocator.h: (JSC::MarkedAllocator::destructorType): (MarkedAllocator): (JSC::MarkedAllocator::MarkedAllocator): (JSC::MarkedAllocator::init): * heap/MarkedBlock.cpp: Add all the destructor type stuff to MarkedBlocks so that we do the right thing when sweeping. We also use the stored destructor type to determine the right thing to do in all JSCell::classInfo() calls. (JSC::MarkedBlock::create): (JSC::MarkedBlock::MarkedBlock): (JSC): (JSC::MarkedBlock::specializedSweep): (JSC::MarkedBlock::sweep): (JSC::MarkedBlock::sweepHelper): * heap/MarkedBlock.h: (JSC): (JSC::MarkedBlock::allocator): (JSC::MarkedBlock::destructorType): * heap/MarkedSpace.cpp: Add the new destructor allocators to MarkedSpace. (JSC::MarkedSpace::MarkedSpace): (JSC::MarkedSpace::resetAllocators): (JSC::MarkedSpace::canonicalizeCellLivenessData): (JSC::MarkedSpace::isPagedOut): (JSC::MarkedSpace::freeBlock): * heap/MarkedSpace.h: (MarkedSpace): (JSC::MarkedSpace::immortalStructureDestructorAllocatorFor): (JSC::MarkedSpace::normalDestructorAllocatorFor): (JSC::MarkedSpace::allocateWithImmortalStructureDestructor): (JSC::MarkedSpace::allocateWithNormalDestructor): (JSC::MarkedSpace::forEachBlock): * heap/SlotVisitor.cpp: Add include because the symbol was needed in an inlined function. * jit/JIT.h: Make sure we use the correct allocator when doing inline allocations in the baseline JIT. * jit/JITInlineMethods.h: (JSC::JIT::emitAllocateBasicJSObject): (JSC::JIT::emitAllocateJSFinalObject): (JSC::JIT::emitAllocateJSArray): * jsc.cpp: (GlobalObject::create): Add finalizer here since JSGlobalObject needs to use a finalizer instead of inheriting from JSDestructibleObject. * runtime/Arguments.cpp: Inherit from JSDestructibleObject. (JSC): * runtime/Arguments.h: (Arguments): (JSC::Arguments::Arguments): * runtime/ErrorPrototype.cpp: Added an assert to make sure we have a trivial destructor. (JSC): * runtime/Executable.h: Indicate that all of the Executable* classes have immortal Structures. (JSC): * runtime/InternalFunction.cpp: Inherit from JSDestructibleObject. (JSC): (JSC::InternalFunction::InternalFunction): * runtime/InternalFunction.h: (InternalFunction): * runtime/JSCell.h: Added two static bools, needsDestruction and hasImmortalStructure, that classes can override to indicate at compile time which part of the heap they should be allocated in. (JSC::allocateCell): Use the appropriate allocator depending on the destructor type. * runtime/JSDestructibleObject.h: Added. New class that stores the ClassInfo of any subclass so that it can be accessed safely when the object is being destroyed. (JSC): (JSDestructibleObject): (JSC::JSDestructibleObject::classInfo): (JSC::JSDestructibleObject::JSDestructibleObject): (JSC::JSCell::classInfo): Checks the current MarkedBlock to see where it should get the ClassInfo from so that it's always safe. * runtime/JSGlobalObject.cpp: JSGlobalObject now uses a finalizer instead of a destructor so that it can avoid forcing all of its relatives in the inheritance hierarchy (e.g. JSScope) to use destructors as well. (JSC::JSGlobalObject::reset): * runtime/JSGlobalObject.h: (JSGlobalObject): (JSC::JSGlobalObject::createRareDataIfNeeded): Since we always create a finalizer now, we don't have to worry about adding one for the m_rareData field when it's created. (JSC::JSGlobalObject::create): (JSC): * runtime/JSGlobalThis.h: Inherit from JSDestructibleObject. (JSGlobalThis): (JSC::JSGlobalThis::JSGlobalThis): * runtime/JSPropertyNameIterator.h: Has an immortal Structure. (JSC): * runtime/JSScope.cpp: (JSC): * runtime/JSString.h: Has an immortal Structure. (JSC): * runtime/JSWrapperObject.h: Inherit from JSDestructibleObject. (JSWrapperObject): (JSC::JSWrapperObject::JSWrapperObject): * runtime/MathObject.cpp: Cleaning up some of the inheritance stuff. (JSC): * runtime/NameInstance.h: Inherit from JSDestructibleObject. (NameInstance): * runtime/RegExp.h: Has immortal Structure. (JSC): * runtime/RegExpObject.cpp: Inheritance cleanup. (JSC): * runtime/SparseArrayValueMap.h: Has immortal Structure. (JSC): * runtime/Structure.h: Has immortal Structure. (JSC): * runtime/StructureChain.h: Ditto. (JSC): * runtime/SymbolTable.h: Ditto. (SharedSymbolTable): (JSC): Source/WebCore: No new tests. * ForwardingHeaders/runtime/JSDestructableObject.h: Added. * bindings/js/JSDOMWrapper.h: Inherits from JSDestructibleObject. (JSDOMWrapper): (WebCore::JSDOMWrapper::JSDOMWrapper): * bindings/scripts/CodeGeneratorJS.pm: Add finalizers to anything that inherits from JSGlobalObject, e.g. JSDOMWindow and JSWorkerContexts. For those classes we also need to define needsDestruction as true. (GenerateHeader): * bridge/objc/objc_runtime.h: Inherit from JSDestructibleObject. (ObjcFallbackObjectImp): * bridge/objc/objc_runtime.mm: (Bindings): (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp): * bridge/runtime_array.cpp: Use a finalizer so that JSArray isn't forced to inherit from JSDestructibleObject. (JSC): (JSC::RuntimeArray::destroy): * bridge/runtime_array.h: (JSC::RuntimeArray::create): (JSC): * bridge/runtime_object.cpp: Inherit from JSDestructibleObject. (Bindings): (JSC::Bindings::RuntimeObject::RuntimeObject): * bridge/runtime_object.h: (RuntimeObject): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
