1. 05 Jul, 2012 1 commit
    • fpizlo@apple.com's avatar
      Inline property storage should not be wasted when it is exhausted · d68b1f84
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=90347
      
      Reviewed by Gavin Barraclough.
              
      Previously, if we switched an object from using inline storage to out-of-line
      storage, we would abandon the inline storage. This would have two main implications:
      (i) all accesses to the object, even for properties that were previously in inline
      storage, must now take an extra indirection; and (ii) we waste a non-trivial amount
      of space since we must allocate additional out-of-line storage to hold properties
      that would have fit in the inline storage. There's also the copying cost when
      switching to out-of-line storage - we must copy all inline properties into ouf-of-line
      storage.
              
      This patch changes the way that object property storage works so that we can use both
      inline and out-of-line storage concurrently. This is accomplished by introducing a
      new notion of property offset. This PropertyOffset is a 32-bit signed integer and it
      behaves as follows:
              
      offset == -1: invalid offset, indicating a property that does not exist.
              
      0 <= offset <= inlineStorageCapacity: offset into inline storage.
              
      inlineStorageCapacity < offset: offset into out-of-line storage.
              
      Because non-final objects don't have inline storage, the only valid PropertyOffsets
      for those objects' properties are -1 or > inlineStorageCapacity.
              
      This now means that the decision to use inline or out-of-line storage for an access is
      made based on the offset, rather than the structure. It also means that any access
      where the offset is a variable must have an extra branch, unless the type of the
      object is also known (if it's known to be a non-final object then we can just assert
      that the offset is >= inlineStorageCapacity).
              
      This looks like a big Kraken speed-up and a slight V8 speed-up.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * assembler/ARMv7Assembler.h:
      (ARMv7Assembler):
      (JSC::ARMv7Assembler::ldrWide8BitImmediate):
      (JSC::ARMv7Assembler::replaceWithLoad):
      (JSC::ARMv7Assembler::replaceWithAddressComputation):
      * assembler/AbstractMacroAssembler.h:
      (AbstractMacroAssembler):
      (ConvertibleLoadLabel):
      (JSC::AbstractMacroAssembler::ConvertibleLoadLabel::ConvertibleLoadLabel):
      (JSC::AbstractMacroAssembler::ConvertibleLoadLabel::isSet):
      (JSC::AbstractMacroAssembler::labelIgnoringWatchpoints):
      (JSC::AbstractMacroAssembler::replaceWithLoad):
      (JSC::AbstractMacroAssembler::replaceWithAddressComputation):
      * assembler/CodeLocation.h:
      (JSC):
      (CodeLocationCommon):
      (CodeLocationConvertibleLoad):
      (JSC::CodeLocationConvertibleLoad::CodeLocationConvertibleLoad):
      (JSC::CodeLocationCommon::convertibleLoadAtOffset):
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      * assembler/LinkBuffer.h:
      (LinkBuffer):
      (JSC::LinkBuffer::locationOf):
      * assembler/MacroAssemblerARMv7.h:
      (MacroAssemblerARMv7):
      (JSC::MacroAssemblerARMv7::convertibleLoadPtr):
      * assembler/MacroAssemblerX86.h:
      (JSC::MacroAssemblerX86::convertibleLoadPtr):
      (MacroAssemblerX86):
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::convertibleLoadPtr):
      (MacroAssemblerX86_64):
      * assembler/RepatchBuffer.h:
      (RepatchBuffer):
      (JSC::RepatchBuffer::replaceWithLoad):
      (JSC::RepatchBuffer::replaceWithAddressComputation):
      (JSC::RepatchBuffer::setLoadInstructionIsActive):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::replaceWithLoad):
      (X86Assembler):
      (JSC::X86Assembler::replaceWithAddressComputation):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::printGetByIdOp):
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::finalizeUnconditionally):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::offset):
      (GetByIdStatus):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (JSC::PutByIdStatus::PutByIdStatus):
      (JSC::PutByIdStatus::offset):
      (PutByIdStatus):
      * bytecode/ResolveGlobalStatus.cpp:
      (JSC):
      (JSC::computeForStructure):
      * bytecode/ResolveGlobalStatus.h:
      (JSC::ResolveGlobalStatus::ResolveGlobalStatus):
      (JSC::ResolveGlobalStatus::offset):
      (ResolveGlobalStatus):
      * bytecode/StructureSet.h:
      (StructureSet):
      * bytecode/StructureStubInfo.h:
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::PropertyAccessRecord::PropertyAccessRecord):
      (PropertyAccessRecord):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::dfgRepatchByIdSelfAccess):
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::tryBuildGetByIDProtoList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryCachePutByID):
      (JSC::DFG::tryBuildPutByIdList):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::tryCacheGetByID):
      (JSC::Interpreter::privateExecute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::PropertyStubCompilationInfo::copyToStubInfo):
      * jit/JIT.h:
      (JSC::PropertyStubCompilationInfo::PropertyStubCompilationInfo):
      (JSC::JIT::compileGetByIdProto):
      (JSC::JIT::compileGetByIdSelfList):
      (JSC::JIT::compileGetByIdProtoList):
      (JSC::JIT::compileGetByIdChainList):
      (JSC::JIT::compileGetByIdChain):
      (JSC::JIT::compilePutByIdTransition):
      (JIT):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::emit_op_get_by_pname):
      * jit/JITStubs.cpp:
      (JSC::JITThunks::tryCacheGetByID):
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/x86.rb:
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::functionNameOffset):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitChildren):
      (JSC):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::put):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectLocation):
      (JSC::JSObject::hasInlineStorage):
      (JSC::JSObject::inlineStorageUnsafe):
      (JSC::JSObject::inlineStorage):
      (JSC::JSObject::outOfLineStorage):
      (JSC::JSObject::locationForOffset):
      (JSC::JSObject::offsetForLocation):
      (JSC::JSObject::getDirectOffset):
      (JSC::JSObject::putDirectOffset):
      (JSC::JSObject::putUndefinedAtDirectOffset):
      (JSC::JSObject::addressOfOutOfLineStorage):
      (JSC::JSObject::finishCreation):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSFinalObject):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSObject::offsetOfOutOfLineStorage):
      (JSC::JSObject::setOutOfLineStorage):
      (JSC::JSObject::JSObject):
      (JSC):
      (JSC::JSCell::fastGetOwnProperty):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::offsetRelativeToPatchedStorage):
      (JSC::indexRelativeToBase):
      (JSC::offsetRelativeToBase):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::getOffset):
      (JSC::JSPropertyNameIterator::finishCreation):
      * runtime/JSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      * runtime/Operations.h:
      (JSC::normalizePrototypeChain):
      * runtime/Options.cpp:
      (JSC):
      (JSC::Options::initialize):
      * runtime/PropertyMapHashTable.h:
      (PropertyMapEntry):
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (PropertyTable):
      (JSC::PropertyTable::PropertyTable):
      (JSC::PropertyTable::getDeletedOffset):
      (JSC::PropertyTable::addDeletedOffset):
      (JSC::PropertyTable::nextOffset):
      (JSC):
      (JSC::PropertyTable::sizeInMemory):
      * runtime/PropertyOffset.h: Added.
      (JSC):
      (JSC::checkOffset):
      (JSC::validateOffset):
      (JSC::isValidOffset):
      (JSC::isInlineOffset):
      (JSC::isOutOfLineOffset):
      (JSC::offsetInInlineStorage):
      (JSC::offsetInOutOfLineStorage):
      (JSC::offsetInRespectiveStorage):
      (JSC::numberOfOutOfLineSlotsForLastOffset):
      (JSC::numberOfSlotsForLastOffset):
      (JSC::nextPropertyOffsetFor):
      (JSC::firstPropertyOffsetFor):
      * runtime/PropertySlot.h:
      (JSC::PropertySlot::cachedOffset):
      (JSC::PropertySlot::setValue):
      (JSC::PropertySlot::setCacheableGetterSlot):
      (JSC::PropertySlot::clearOffset):
      * runtime/PutPropertySlot.h:
      (JSC::PutPropertySlot::setExistingProperty):
      (JSC::PutPropertySlot::setNewProperty):
      (JSC::PutPropertySlot::cachedOffset):
      (PutPropertySlot):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::nextOutOfLineStorageCapacity):
      (JSC::Structure::growOutOfLineCapacity):
      (JSC::Structure::suggestedNewOutOfLineStorageCapacity):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::copyPropertyTableForPinning):
      (JSC::Structure::get):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::remove):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::putWillGrowOutOfLineStorage):
      (JSC::Structure::previousID):
      (JSC::Structure::outOfLineCapacity):
      (JSC::Structure::outOfLineSizeForKnownFinalObject):
      (JSC::Structure::outOfLineSizeForKnownNonFinalObject):
      (JSC::Structure::outOfLineSize):
      (JSC::Structure::hasInlineStorage):
      (JSC::Structure::inlineCapacity):
      (JSC::Structure::inlineSizeForKnownFinalObject):
      (JSC::Structure::inlineSize):
      (JSC::Structure::totalStorageSize):
      (JSC::Structure::totalStorageCapacity):
      (JSC::Structure::firstValidOffset):
      (JSC::Structure::lastValidOffset):
      (JSC::Structure::isValidOffset):
      (JSC::Structure::isEmpty):
      (JSC::Structure::transitionCount):
      (JSC::Structure::get):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121925 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d68b1f84
  2. 26 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG::operationNewArray is unnecessarily slow, and may use the wrong array · 6c89cd3f
      fpizlo@apple.com authored
      prototype when inlined
      https://bugs.webkit.org/show_bug.cgi?id=89821
      
      Source/JavaScriptCore: 
      
      Reviewed by Geoffrey Garen.
              
      Fixes all array allocations to use the right structure, and hence the right prototype. Adds
      inlining of new Array(...) with a non-zero number of arguments. Optimizes allocations of
      empty arrays.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
      (CCallHelpers):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * runtime/JSArray.h:
      (JSC):
      (JSC::constructArray):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSC::constructArray):
      
      LayoutTests: 
      
      Rubber stamped by Geoffrey Garen.
      
      * fast/js/dfg-cross-global-object-inline-new-array-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-elements-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-elements.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-size-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-size.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array.html: Added.
      * fast/js/script-tests/cross-global-object-inline-global-var.js:
      (done):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal-with-variables.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-elements.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-size.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array.js: Added.
      (foo):
      (done):
      (doit):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121280 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c89cd3f
  3. 25 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      Value profiling should use tier-up threshold randomization to get more coverage · 3745dbcf
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89802
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      This patch causes both LLInt and Baseline JIT code to take the OSR slow path several
      times before actually doing OSR. If we take the OSR slow path before the execution
      count threshold is reached, then we just call CodeBlock::updateAllPredictions() to
      compute the current latest least-upper-bound SpecType of all values seen in each
      ValueProfile.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
      (JSC):
      (JSC::CodeBlock::updateAllPredictions):
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::llintExecuteCounter):
      (JSC::CodeBlock::jitExecuteCounter):
      (CodeBlock):
      (JSC::CodeBlock::updateAllPredictions):
      * bytecode/ExecutionCounter.cpp:
      (JSC::ExecutionCounter::setThreshold):
      (JSC::ExecutionCounter::status):
      (JSC):
      * bytecode/ExecutionCounter.h:
      (JSC::ExecutionCounter::count):
      (ExecutionCounter):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGOperations.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::weakRandomInteger):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/WeakRandom.h:
      (WeakRandom):
      (JSC::WeakRandom::seedUnsafe):
      
      LayoutTests: 
      
      Reviewed by Gavin Barraclough.
              
      * fast/js/dfg-store-unexpected-value-into-argument-and-osr-exit-expected.txt: Added.
      * fast/js/dfg-store-unexpected-value-into-argument-and-osr-exit.html: Added.
      * fast/js/script-tests/dfg-store-unexpected-value-into-argument-and-osr-exit.js: Added.
      (foo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121215 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3745dbcf
  4. 07 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG should inline prototype chain accesses, and do the right things if the · fd598b9b
      fpizlo@apple.com authored
      specific function optimization is available
      https://bugs.webkit.org/show_bug.cgi?id=88594
      
      Reviewed by Gavin Barraclough.
              
      Looks like a 3% win on V8.
      
      * bytecode/CodeBlock.h:
      (JSC::Structure::prototypeForLookup):
      (JSC):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::isSimple):
      (JSC::GetByIdStatus::chain):
      (JSC::GetByIdStatus::specificValue):
      (GetByIdStatus):
      * bytecode/StructureSet.h:
      (StructureSet):
      (JSC::StructureSet::singletonStructure):
      * bytecode/StructureStubInfo.h:
      (JSC::StructureStubInfo::initGetByIdProto):
      (JSC::StructureStubInfo::initGetByIdChain):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleGetById):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::tryCacheGetByID):
      * jit/JITStubs.cpp:
      (JSC::JITThunks::tryCacheGetByID):
      * runtime/JSGlobalObject.h:
      (JSC::Structure::prototypeForLookup):
      (JSC):
      * runtime/Structure.h:
      (Structure):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119779 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fd598b9b
  5. 06 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      Global object variable accesses should not require an extra load · 26af9b61
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88385
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough and Geoffrey Garen.
              
      Previously, if you wanted to access a global variable, you'd first have
      to load the register array from the appropriate global object and then
      either load or store at an offset to the register array. This is because
      JSGlobalObject inherited from JSVariableObject, and JSVariableObject is
      designed with the pessimistic assumption that its register array may
      point into the call stack. This is never the case for global objects.
      Hence, even though the global object may add more registers at any time,
      it does not need to store them in a contiguous array. It can use a
      SegmentedVector or similar.
              
      This patch refactors global objects and variable objects as follows:
              
      - The functionality to track variables in an indexable array using a
        SymbolTable to map names to indices is moved into JSSymbolTableObject,
        which is now a supertype of JSVariableObject. JSVariableObject is now
        just a holder for a registers array and implements the registerAt()
        method that is left abstract in JSSymbolTableObject. Because all users
        of JSVariableObject know whether they are a JSStaticScopeObject,
        JSActivation, or JSGlobalObject, this "abstract" method is not virtual;
        instead the utility methods that would call registerAt() are now
        template functions that require you to know statically what subtype of
        JSSymbolTableObject you're using (JSVariableObject or something else),
        so that registerAt() can be statically bound.
              
      - A new class is added called JSSegmentedVariableObject, which only
        differs from JSVariableObject in how it allocates registers. It uses a
        SegmentedVector instead of manually managing a pointer to a contiguous
        slab of registers. This changes the interface somewhat; for example
        with JSVariableObject if you wanted to add a register you had to do
        it yourself since the JSVariableObject didn't know how the registers
        array ought to be allocated. With JSSegmentedVariableObject you can
        just call addRegisters(). JSSegmentedVariableObject preserves the
        invariant that once you get a pointer into a register, that pointer
        will continue to be valid so long as the JSSegmentedVariableObject is
        alive. This allows the JITs and interpreters to skip the extra load.
              
      - JSGlobalObject now inherits from JSSegmentedVariableObject. For now
        (and possibly forever) it is the only subtype of this new class.
              
      - The bytecode format is changed so that get_global_var and
        put_global_var have a pointer to the register directly rather than
        having an index. A convenience method is provided in
        JSSegmentedVariableObject to get the index given a a pointer, which is
        used for assertions and debug dumps.
              
      This appears to be a 1% across the board win.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      * bytecode/Instruction.h:
      (Instruction):
      (JSC::Instruction::Instruction):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::ResolveResult::registerPointer):
      (JSC):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::retrieveLastUnaryOp):
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::resolveConstDecl):
      (JSC::BytecodeGenerator::emitGetStaticVar):
      (JSC::BytecodeGenerator::emitPutStaticVar):
      * bytecompiler/BytecodeGenerator.h:
      (ResolveResult):
      (BytecodeGenerator):
      * dfg/DFGAssemblyHelpers.h:
      (AssemblyHelpers):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::globalVarLoadElimination):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::globalObjectFor):
      (Graph):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasVarNumber):
      (Node):
      (JSC::DFG::Node::hasRegisterPointer):
      (JSC::DFG::Node::registerPointer):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * heap/Heap.h:
      (Heap):
      (JSC::Heap::isWriteBarrierEnabled):
      (JSC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_global_var):
      (JSC::JIT::emit_op_put_global_var):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_global_var):
      (JSC::JIT::emit_op_put_global_var):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/JSGlobalObject.cpp:
      (JSC):
      (JSC::JSGlobalObject::put):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::defineOwnProperty):
      (JSC::JSGlobalObject::visitChildren):
      (JSC::JSGlobalObject::addStaticGlobals):
      (JSC::JSGlobalObject::getOwnPropertySlot):
      (JSC::JSGlobalObject::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC):
      (JSC::JSGlobalObject::hasOwnPropertyForWrite):
      * runtime/JSSegmentedVariableObject.cpp: Added.
      (JSC):
      (JSC::JSSegmentedVariableObject::findRegisterIndex):
      (JSC::JSSegmentedVariableObject::addRegisters):
      (JSC::JSSegmentedVariableObject::visitChildren):
      * runtime/JSSegmentedVariableObject.h: Added.
      (JSC):
      (JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::registerAt):
      (JSC::JSSegmentedVariableObject::assertRegisterIsInThisObject):
      (JSC::JSSegmentedVariableObject::JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::finishCreation):
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::put):
      (JSC::JSStaticScopeObject::putDirectVirtual):
      (JSC::JSStaticScopeObject::getOwnPropertySlot):
      * runtime/JSSymbolTableObject.cpp: Added.
      (JSC):
      (JSC::JSSymbolTableObject::destroy):
      (JSC::JSSymbolTableObject::deleteProperty):
      (JSC::JSSymbolTableObject::getOwnPropertyNames):
      (JSC::JSSymbolTableObject::putDirectVirtual):
      (JSC::JSSymbolTableObject::isDynamicScope):
      * runtime/JSSymbolTableObject.h: Added.
      (JSC):
      (JSSymbolTableObject):
      (JSC::JSSymbolTableObject::symbolTable):
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      (JSC::symbolTableGet):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/JSVariableObject.cpp:
      (JSC):
      * runtime/JSVariableObject.h:
      (JSVariableObject):
      (JSC::JSVariableObject::JSVariableObject):
      (JSC::JSVariableObject::finishCreation):
      (JSC):
      * runtime/WriteBarrier.h:
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough and Geoffrey Garen.
      
      Updated JSDOMWindowBase.cpp to use the new symbol table API. this->symbolTableFoo(...)
      becomes symbolTableFoo(this, ...).
                      
      No new tests because no change in behavior.
      
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::updateDocument):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119655 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      26af9b61
  6. 31 May, 2012 1 commit
    • arv@chromium.org's avatar
      Make DOM Exceptions Errors · 31fddbcd
      arv@chromium.org authored
      https://bugs.webkit.org/show_bug.cgi?id=85078
      
      Reviewed by Oliver Hunt.
      
      WebIDL mandates that exceptions should have Error.prototype on its prototype chain.
      
      For JSC we have access to the Error.prototype from the binding code.
      
      For V8 we set a field in the WrapperTypeInfo and when the constructor function is created we
      set the prototype as needed.
      
      Updated test: fast/dom/DOMException/prototype-object.html
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      (JSC::JSGlobalObject::errorPrototype):
      
      Source/WebCore:
      
      * ForwardingHeaders/runtime/ErrorPrototype.h: Added.
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      * bindings/scripts/CodeGeneratorV8.pm:
      (GenerateNamedConstructorCallback):
      (GenerateImplementation):
      * bindings/scripts/test/JS/JSTestException.cpp:
      (WebCore::JSTestException::createPrototype):
      * bindings/scripts/test/JS/JSTestException.h:
      * bindings/scripts/test/V8/V8Float64Array.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestEventTarget.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestException.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestInterface.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestNode.cpp:
      (WebCore):
      * bindings/scripts/test/V8/V8TestObj.cpp:
      (WebCore):
      (WebCore::V8TestObj::installPerContextProperties):
      * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
      (WebCore):
      * bindings/v8/NPV8Object.cpp:
      (WebCore::npObjectTypeInfo):
      * bindings/v8/V8BindingPerContextData.cpp:
      (WebCore):
      (WebCore::V8BindingPerContextData::init):
      (WebCore::V8BindingPerContextData::createWrapperFromCacheSlowCase):
      (WebCore::V8BindingPerContextData::constructorForTypeSlowCase):
      * bindings/v8/V8BindingPerContextData.h:
      (V8BindingPerContextData):
      * bindings/v8/V8HiddenPropertyName.h:
      (WebCore):
      * bindings/v8/WrapperTypeInfo.h:
      (WebCore):
      (WrapperTypeInfo):
      * bindings/v8/custom/V8HTMLImageElementConstructor.cpp:
      (WebCore):
      
      LayoutTests:
      
      * fast/dom/DOMException/prototype-object-expected.txt:
      * fast/dom/DOMException/prototype-object.html:
      * fast/dom/DOMException/resources/prototype-object.js: Removed.
      * platform/chromium-win/fast/dom/NamedNodeMap-setNamedItem-crash-expected.txt: Removed.
      * platform/chromium-win/fast/dom/timer-clear-interval-in-handler-and-generate-error-expected.txt: Removed.
      * platform/chromium-win/svg/filters/feBlend-invalid-mode-expected.txt: Removed.
      * platform/chromium/dom/xhtml/level3/core/documentnormalizedocument10-expected.txt: Added.
      * platform/chromium/dom/xhtml/level3/core/documentsetxmlversion03-expected.txt: Added.
      * platform/chromium/fast/dom/DOMException/prototype-object-expected.txt:
      * platform/chromium/fast/dom/NamedNodeMap-setNamedItem-crash-expected.txt: Renamed from LayoutTests/platform/chromium-mac/fast/dom/NamedNodeMap-setNamedItem-crash-expected.txt.
      * platform/chromium/fast/dom/timer-clear-interval-in-handler-and-generate-error-expected.txt: Renamed from LayoutTests/platform/chromium-mac/fast/dom/timer-clear-interval-in-handler-and-generate-error-expected.txt.
      * platform/chromium/svg/filters/feBlend-invalid-mode-expected.txt: Renamed from LayoutTests/platform/chromium-mac/svg/filters/feBlend-invalid-mode-expected.txt.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119124 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      31fddbcd
  7. 22 May, 2012 1 commit
    • barraclough@apple.com's avatar
      Disable private names by default in WebCore · 6e5e896c
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=87088
      
      Reviewed by Geoff Garen.
      
      r117859 introduced a preliminary implementation of ES6-like private name objects to JSC.
      These are probably not yet ready to be web-facing, so disabling by default in WebCore.
      Opting-in for JSC & DumpRenderTree so that we can still run the fast/js/names.html test.
      
      Source/JavaScriptCore: 
      
      * jsc.cpp:
      (GlobalObject):
      (GlobalObject::javaScriptExperimentsEnabled):
          - Implemented new trap to opt-in to private names support.
      * runtime/JSGlobalObject.cpp:
      (JSC):
      (JSC::JSGlobalObject::reset):
          - Only add the Name property to the global object if experiments are enabled.
      * runtime/JSGlobalObject.h:
      (GlobalObjectMethodTable):
          - Added new trap to enabled experiments.
      (JSGlobalObject):
      (JSC::JSGlobalObject::finishCreation):
          - Set the global object's m_experimentsEnabled state on construction.
      (JSC::JSGlobalObject::javaScriptExperimentsEnabled):
          - Defaults to off.
      
      Source/WebCore: 
      
      * WebCore.exp.in:
          - Added export.
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore):
      (WebCore::JSDOMWindowBase::javaScriptExperimentsEnabled):
          - Override default from JSC, enable based on corresponding Setting.
      * bindings/js/JSDOMWindowBase.h:
      (JSDOMWindowBase):
          - Added declaration for javaScriptExperimentsEnabled. 
      * page/Settings.cpp:
      (WebCore::Settings::Settings):
      (WebCore::Settings::setJavaScriptExperimentsEnabled):
      (WebCore):
      * page/Settings.h:
      (Settings):
      (WebCore::Settings::javaScriptExperimentsEnabled):
          - Added Setting, reflecting WebPreference.
      
      Source/WebKit/mac: 
      
      * WebView/WebPreferenceKeysPrivate.h:
      * WebView/WebPreferences.mm:
      (+[WebPreferences initialize]):
      (-[WebPreferences setJavaScriptExperimentsEnabled:]):
      (-[WebPreferences javaScriptExperimentsEnabled]):
      * WebView/WebPreferencesPrivate.h:
      * WebView/WebView.mm:
      (-[WebView _preferencesChanged:]):
          - Added JavaScriptExperimentsEnabled to WebPreferences.
      
      Source/WebKit2: 
      
      * Shared/WebPreferencesStore.h:
      (WebKit):
      * UIProcess/API/C/WKPreferences.cpp:
      (WKPreferencesSetJavaScriptExperimentsEnabled):
      (WKPreferencesGetJavaScriptExperimentsEnabled):
      * UIProcess/API/C/WKPreferences.h:
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::updatePreferences):
          - Added JavaScriptExperimentsEnabled to WebPreferences.
      
      Tools: 
      
      * DumpRenderTree/mac/DumpRenderTree.mm:
      (resetDefaultsToConsistentValues):
          - Enable private name support in DRT.
      * WebKitTestRunner/TestController.cpp:
      (WTR::TestController::resetStateToConsistentValues):
          - Enable private name support in WKTR.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@118018 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6e5e896c
  8. 21 May, 2012 1 commit
    • barraclough@apple.com's avatar
      Add support for private names · 6c9b264e
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=86509
      
      Reviewed by Oliver Hunt.
      
      The spec isn't final, but we can start adding support to allow property maps
      to contain keys that aren't identifiers.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlot):
      (JSC::::put):
      (JSC::::deleteProperty):
      (JSC::::getStaticValue):
      (JSC::::staticFunctionGetter):
      (JSC::::callbackGetter):
          - Only expose public named properties over the JSC API.
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
          - Added new files to build system.
      * dfg/DFGOperations.cpp:
      (JSC::DFG::operationPutByValInternal):
          - Added support for property access with name objects.
      * interpreter/CallFrame.h:
      (JSC::ExecState::privateNamePrototypeTable):
          - Added hash table for NamePrototype
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
          - Added support for property access with name objects.
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
          - Added support for property access with name objects.
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::getByVal):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::opIn):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::symbolTableGet):
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::symbolTablePutWithAttributes):
          - Added support for property access with name objects.
      * runtime/JSGlobalData.cpp:
      (JSC):
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
          - Added hash table for NamePrototype
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::privateNameStructure):
      (JSC::JSGlobalObject::symbolTableHasProperty):
          - Added new global properties.
      * runtime/JSType.h:
      * runtime/JSTypeInfo.h:
      (JSC::TypeInfo::isName):
          - Added type for NameInstances, for fast isName check.
      * runtime/JSVariableObject.cpp:
      (JSC::JSVariableObject::deleteProperty):
      (JSC::JSVariableObject::symbolTableGet):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::symbolTableGet):
      (JSC::JSVariableObject::symbolTablePut):
      (JSC::JSVariableObject::symbolTablePutWithAttributes):
          - symbol table lookup should take a PropertyName.
      * runtime/Lookup.cpp:
      (JSC::setUpStaticFunctionSlot):
      * runtime/Lookup.h:
      (JSC::HashTable::entry):
          - entry lookup should take a PropertyName.
      * runtime/NameConstructor.cpp: Added.
      (JSC):
      (JSC::NameConstructor::NameConstructor):
      (JSC::NameConstructor::finishCreation):
      (JSC::constructPrivateName):
      (JSC::NameConstructor::getConstructData):
      (JSC::NameConstructor::getCallData):
      * runtime/NameConstructor.h: Added.
      (JSC):
      (NameConstructor):
      (JSC::NameConstructor::create):
      (JSC::NameConstructor::createStructure):
          - Added constructor.
      * runtime/NameInstance.cpp: Added.
      (JSC):
      (JSC::NameInstance::NameInstance):
      (JSC::NameInstance::destroy):
      * runtime/NameInstance.h: Added.
      (JSC):
      (NameInstance):
      (JSC::NameInstance::createStructure):
      (JSC::NameInstance::create):
      (JSC::NameInstance::privateName):
      (JSC::NameInstance::nameString):
      (JSC::NameInstance::finishCreation):
      (JSC::isName):
          - Added instance.
      * runtime/NamePrototype.cpp: Added.
      (JSC):
      (JSC::NamePrototype::NamePrototype):
      (JSC::NamePrototype::finishCreation):
      (JSC::NamePrototype::getOwnPropertySlot):
      (JSC::NamePrototype::getOwnPropertyDescriptor):
      (JSC::privateNameProtoFuncToString):
      * runtime/NamePrototype.h: Added.
      (JSC):
      (NamePrototype):
      (JSC::NamePrototype::create):
      (JSC::NamePrototype::createStructure):
          - Added prototype.
      * runtime/PrivateName.h: Added.
      (JSC):
      (PrivateName):
      (JSC::PrivateName::PrivateName):
      (JSC::PrivateName::uid):
          - A private name object holds a StringImpl that can be used as a unique key in a property map.
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyTable::find):
      (JSC::PropertyTable::findWithString):
          - Strings should only match keys in the table that are identifiers.
      * runtime/PropertyName.h:
      (JSC::PropertyName::PropertyName):
      (PropertyName):
      (JSC::PropertyName::uid):
      (JSC::PropertyName::publicName):
      (JSC::PropertyName::asIndex):
      (JSC::operator==):
      (JSC::operator!=):
          - replaced impl() & ustring() with uid() [to get the raw impl] and publicName() [impl or null, if not an identifier].
      * runtime/Structure.cpp:
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::attributeChangeTransition):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::remove):
      (JSC::Structure::getPropertyNamesFromStructure):
      * runtime/Structure.h:
      (JSC::Structure::get):
          - call uid() to get a PropertyName raw impl, for use as a key.
      
      Source/WebCore: 
      
      Test: fast/js/names.html
      
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::cssPropertyIDForJSCSSPropertyName):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::findAtomicString):
      (WebCore::objectToStringFunctionGetter):
      * bindings/js/JSDOMBinding.h:
      (WebCore::propertyNameToString):
      (WebCore::propertyNameToAtomicString):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::nonCachingStaticFunctionGetter):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::nonCachingStaticBackFunctionGetter):
      (WebCore::nonCachingStaticForwardFunctionGetter):
      (WebCore::nonCachingStaticGoFunctionGetter):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::nonCachingStaticReplaceFunctionGetter):
      (WebCore::nonCachingStaticReloadFunctionGetter):
      (WebCore::nonCachingStaticAssignFunctionGetter):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CInstance::getMethod):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::methodsNamed):
      (JavaClass::fieldNamed):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      * bridge/objc/objc_class.mm:
      (JSC::Bindings::ObjcClass::methodsNamed):
      (JSC::Bindings::ObjcClass::fieldNamed):
      (JSC::Bindings::ObjcClass::fallbackObject):
      * bridge/objc/objc_instance.mm:
      (ObjcInstance::setValueOfUndefinedField):
      (ObjcInstance::getValueOfUndefinedField):
          - Removed PropertyName::impl(), call publicName() to get the string associated with a name.
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyClass::methodsNamed):
      (WebKit::ProxyClass::fieldNamed):
      (WebKit::ProxyInstance::getMethod):
      (WebKit::ProxyInstance::methodsNamed):
      (WebKit::ProxyInstance::fieldNamed):
          - Removed PropertyName::impl(), call publicName() to get the string associated with a name.
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::npIdentifierFromIdentifier):
      (WebKit::JSNPObject::methodGetter):
          - Removed PropertyName::impl(), call publicName() to get the string associated with a name.
      
      Source/WTF: 
      
      * wtf/text/StringImpl.h:
      (WTF::StringImpl::StringImpl):
      (StringImpl):
      (WTF::StringImpl::createEmptyUnique):
      (WTF::StringImpl::isEmptyUnique):
          - Allow empty string impls to be allocated, which can be used as unique keys.
      
      LayoutTests: 
      
      * fast/js/names-expected.txt: Added.
      * fast/js/names.html: Added.
      * fast/js/script-tests/names.js: Added.
          - Added test cases.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@117859 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c9b264e
  9. 11 May, 2012 1 commit
    • barraclough@apple.com's avatar
      Introduce PropertyName class · 38d3c75b
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=86241
      
      Reviewed by Geoff Garen.
      
      Replace 'const Identifier&' arguments to functions accessing object properties with a new 'PropertyName' type.
      This change paves the way to allow for properties keyed by values that are not Identifiers.
      
      This change is largely a mechanical find & replace.
      It also changes JSFunction's constructor to take a UString& instead of an Identifier&
      (since in some cases we can no longer guarantee that we'lll have an Identifier), and
      unifies Identifier's methods to obtain array indices onto PropertyName.
      
      The new PropertyName class retains the ability to support .impl() and .ustring(), but
      in a future patch we may need to rework this, since not all PropertyNames should be
      equal based on their string representation.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      * API/JSCallbackFunction.h:
      (JSCallbackFunction):
      (JSC::JSCallbackFunction::create):
      * API/JSCallbackObject.h:
      (JSCallbackObject):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlot):
      (JSC::::getOwnPropertyDescriptor):
      (JSC::::put):
      (JSC::::deleteProperty):
      (JSC::::getStaticValue):
      (JSC::::staticFunctionGetter):
      (JSC::::callbackGetter):
      * API/JSObjectRef.cpp:
      (JSObjectMakeFunctionWithCallback):
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::getOwnPropertySlot):
      (JSC::DebuggerActivation::put):
      (JSC::DebuggerActivation::putDirectVirtual):
      (JSC::DebuggerActivation::deleteProperty):
      (JSC::DebuggerActivation::getOwnPropertyDescriptor):
      (JSC::DebuggerActivation::defineOwnProperty):
      * debugger/DebuggerActivation.h:
      (DebuggerActivation):
      * jsc.cpp:
      (GlobalObject::addFunction):
      (GlobalObject::addConstructableFunction):
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlot):
      (JSC::Arguments::getOwnPropertyDescriptor):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      (JSC::Arguments::defineOwnProperty):
      * runtime/Arguments.h:
      (Arguments):
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::finishCreation):
      (JSC::ArrayConstructor::getOwnPropertySlot):
      (JSC::ArrayConstructor::getOwnPropertyDescriptor):
      * runtime/ArrayConstructor.h:
      (ArrayConstructor):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::getOwnPropertySlot):
      (JSC::ArrayPrototype::getOwnPropertyDescriptor):
      (JSC::putProperty):
      * runtime/ArrayPrototype.h:
      (ArrayPrototype):
      * runtime/BooleanConstructor.cpp:
      (JSC::BooleanConstructor::finishCreation):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::getOwnPropertySlot):
      (JSC::BooleanPrototype::getOwnPropertyDescriptor):
      * runtime/BooleanPrototype.h:
      (BooleanPrototype):
      * runtime/ClassInfo.h:
      (MethodTable):
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::finishCreation):
      (JSC::DateConstructor::getOwnPropertySlot):
      (JSC::DateConstructor::getOwnPropertyDescriptor):
      * runtime/DateConstructor.h:
      (DateConstructor):
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::getOwnPropertySlot):
      (JSC::DatePrototype::getOwnPropertyDescriptor):
      * runtime/DatePrototype.h:
      (DatePrototype):
      * runtime/Error.h:
      (JSC::StrictModeTypeErrorFunction::create):
      * runtime/ErrorConstructor.cpp:
      (JSC::ErrorConstructor::finishCreation):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::getOwnPropertySlot):
      (JSC::ErrorPrototype::getOwnPropertyDescriptor):
      * runtime/ErrorPrototype.h:
      (ErrorPrototype):
      * runtime/FunctionConstructor.cpp:
      (JSC::FunctionConstructor::finishCreation):
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::finishCreation):
      (JSC::FunctionPrototype::addFunctionProperties):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::create):
      (FunctionPrototype):
      * runtime/Identifier.cpp:
      (JSC):
      * runtime/Identifier.h:
      (Identifier):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::finishCreation):
      * runtime/InternalFunction.h:
      (InternalFunction):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::symbolTableGet):
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::symbolTablePutWithAttributes):
      (JSC::JSActivation::getOwnPropertySlot):
      (JSC::JSActivation::put):
      (JSC::JSActivation::putDirectVirtual):
      (JSC::JSActivation::deleteProperty):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSActivation):
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      * runtime/JSArray.h:
      (JSArray):
      (JSC):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::create):
      (JSC::JSBoundFunction::finishCreation):
      * runtime/JSBoundFunction.h:
      (JSBoundFunction):
      * runtime/JSCell.cpp:
      (JSC::JSCell::getOwnPropertySlot):
      (JSC::JSCell::put):
      (JSC::JSCell::deleteProperty):
      (JSC::JSCell::putDirectVirtual):
      (JSC::JSCell::defineOwnProperty):
      (JSC::JSCell::getOwnPropertyDescriptor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::create):
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::argumentsGetter):
      (JSC::JSFunction::callerGetter):
      (JSC::JSFunction::lengthGetter):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::put):
      (JSC::JSFunction::deleteProperty):
      (JSC::JSFunction::defineOwnProperty):
      (JSC::getCalculatedDisplayName):
      * runtime/JSFunction.h:
      (JSFunction):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::put):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::defineOwnProperty):
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::createThrowTypeError):
      (JSC::JSGlobalObject::getOwnPropertySlot):
      (JSC::JSGlobalObject::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::hasOwnPropertyForWrite):
      (JSC::JSGlobalObject::symbolTableHasProperty):
      * runtime/JSNotAnObject.cpp:
      (JSC::JSNotAnObject::getOwnPropertySlot):
      (JSC::JSNotAnObject::getOwnPropertyDescriptor):
      (JSC::JSNotAnObject::put):
      (JSC::JSNotAnObject::deleteProperty):
      * runtime/JSNotAnObject.h:
      (JSNotAnObject):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::getOwnPropertySlot):
      (JSC::JSONObject::getOwnPropertyDescriptor):
      * runtime/JSONObject.h:
      (JSONObject):
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
      (JSC::JSObject::putDirectVirtual):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::hasProperty):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::hasOwnProperty):
      (JSC::callDefaultValueFunction):
      (JSC::JSObject::findPropertyHashEntry):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::JSObject::getPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectLocation):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::getOwnPropertySlot):
      (JSC::JSCell::fastGetOwnPropertySlot):
      (JSC::JSObject::getPropertySlot):
      (JSC::JSObject::get):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::putOwnDataProperty):
      (JSC::JSObject::putDirect):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::JSValue::get):
      (JSC::JSValue::put):
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::put):
      (JSC::JSStaticScopeObject::putDirectVirtual):
      (JSC::JSStaticScopeObject::getOwnPropertySlot):
      * runtime/JSStaticScopeObject.h:
      (JSStaticScopeObject):
      * runtime/JSString.cpp:
      (JSC::JSString::getOwnPropertySlot):
      (JSC::JSString::getStringPropertyDescriptor):
      * runtime/JSString.h:
      (JSString):
      (JSC::JSString::getStringPropertySlot):
      * runtime/JSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      * runtime/JSValue.h:
      (JSC):
      (JSValue):
      * runtime/JSVariableObject.cpp:
      (JSC::JSVariableObject::deleteProperty):
      (JSC::JSVariableObject::symbolTableGet):
      (JSC::JSVariableObject::putDirectVirtual):
      * runtime/JSVariableObject.h:
      (JSVariableObject):
      (JSC::JSVariableObject::symbolTableGet):
      (JSC::JSVariableObject::symbolTablePut):
      (JSC::JSVariableObject::symbolTablePutWithAttributes):
      * runtime/Lookup.cpp:
      (JSC::setUpStaticFunctionSlot):
      * runtime/Lookup.h:
      (JSC::HashTable::entry):
      (JSC):
      (JSC::getStaticPropertySlot):
      (JSC::getStaticPropertyDescriptor):
      (JSC::getStaticFunctionSlot):
      (JSC::getStaticFunctionDescriptor):
      (JSC::getStaticValueSlot):
      (JSC::getStaticValueDescriptor):
      (JSC::lookupPut):
      * runtime/MathObject.cpp:
      (JSC::MathObject::getOwnPropertySlot):
      (JSC::MathObject::getOwnPropertyDescriptor):
      * runtime/MathObject.h:
      (MathObject):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC):
      (JSC::NumberConstructor::finishCreation):
      (JSC::NumberConstructor::getOwnPropertySlot):
      (JSC::NumberConstructor::getOwnPropertyDescriptor):
      (JSC::NumberConstructor::put):
      (JSC::numberConstructorNaNValue):
      (JSC::numberConstructorNegInfinity):
      (JSC::numberConstructorPosInfinity):
      (JSC::numberConstructorMaxValue):
      (JSC::numberConstructorMinValue):
      * runtime/NumberConstructor.h:
      (NumberConstructor):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::getOwnPropertySlot):
      (JSC::NumberPrototype::getOwnPropertyDescriptor):
      * runtime/NumberPrototype.h:
      (NumberPrototype):
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::finishCreation):
      (JSC::ObjectConstructor::getOwnPropertySlot):
      (JSC::ObjectConstructor::getOwnPropertyDescriptor):
      * runtime/ObjectConstructor.h:
      (ObjectConstructor):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::put):
      (JSC::ObjectPrototype::defineOwnProperty):
      (JSC::ObjectPrototype::getOwnPropertySlot):
      (JSC::ObjectPrototype::getOwnPropertyDescriptor):
      * runtime/ObjectPrototype.h:
      (ObjectPrototype):
      * runtime/PropertySlot.h:
      (PropertySlot):
      (JSC::PropertySlot::getValue):
      * runtime/RegExpConstructor.cpp:
      (JSC):
      (JSC::RegExpConstructor::finishCreation):
      (JSC::RegExpConstructor::getOwnPropertySlot):
      (JSC::RegExpConstructor::getOwnPropertyDescriptor):
      (JSC::regExpConstructorDollar1):
      (JSC::regExpConstructorDollar2):
      (JSC::regExpConstructorDollar3):
      (JSC::regExpConstructorDollar4):
      (JSC::regExpConstructorDollar5):
      (JSC::regExpConstructorDollar6):
      (JSC::regExpConstructorDollar7):
      (JSC::regExpConstructorDollar8):
      (JSC::regExpConstructorDollar9):
      (JSC::regExpConstructorInput):
      (JSC::regExpConstructorMultiline):
      (JSC::regExpConstructorLastMatch):
      (JSC::regExpConstructorLastParen):
      (JSC::regExpConstructorLeftContext):
      (JSC::regExpConstructorRightContext):
      (JSC::RegExpConstructor::put):
      * runtime/RegExpConstructor.h:
      (RegExpConstructor):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::getOwnPropertySlot):
      (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
      (JSC::RegExpMatchesArray::put):
      (JSC::RegExpMatchesArray::deleteProperty):
      (JSC::RegExpMatchesArray::defineOwnProperty):
      * runtime/RegExpObject.cpp:
      (JSC):
      (JSC::RegExpObject::getOwnPropertySlot):
      (JSC::RegExpObject::getOwnPropertyDescriptor):
      (JSC::RegExpObject::deleteProperty):
      (JSC::RegExpObject::defineOwnProperty):
      (JSC::regExpObjectGlobal):
      (JSC::regExpObjectIgnoreCase):
      (JSC::regExpObjectMultiline):
      (JSC::regExpObjectSource):
      (JSC::RegExpObject::put):
      * runtime/RegExpObject.h:
      (RegExpObject):
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::getOwnPropertySlot):
      (JSC::RegExpPrototype::getOwnPropertyDescriptor):
      * runtime/RegExpPrototype.h:
      (RegExpPrototype):
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::deleteProperty):
      * runtime/StrictEvalActivation.h:
      (StrictEvalActivation):
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::finishCreation):
      (JSC::StringConstructor::getOwnPropertySlot):
      (JSC::StringConstructor::getOwnPropertyDescriptor):
      * runtime/StringConstructor.h:
      (StringConstructor):
      * runtime/StringObject.cpp:
      (JSC::StringObject::getOwnPropertySlot):
      (JSC::StringObject::getOwnPropertyDescriptor):
      (JSC::StringObject::put):
      (JSC::StringObject::defineOwnProperty):
      (JSC::StringObject::deleteProperty):
      * runtime/StringObject.h:
      (StringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::getOwnPropertySlot):
      (JSC::StringPrototype::getOwnPropertyDescriptor):
      * runtime/StringPrototype.h:
      (StringPrototype):
      * runtime/Structure.cpp:
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::despecifyFunctionTransition):
      (JSC::Structure::attributeChangeTransition):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::remove):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::get):
      
      Source/WebCore: 
      
      * WebCore.exp.in:
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::cssPropertyIDForJSCSSPropertyName):
      (WebCore::JSCSSStyleDeclaration::getOwnPropertySlotDelegate):
      (WebCore::JSCSSStyleDeclaration::getOwnPropertyDescriptorDelegate):
      (WebCore::JSCSSStyleDeclaration::putDelegate):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::findAtomicString):
      (WebCore::objectToStringFunctionGetter):
      * bindings/js/JSDOMBinding.h:
      (WebCore):
      (WebCore::propertyNameToString):
      (WebCore::propertyNameToAtomicString):
      * bindings/js/JSDOMMimeTypeArrayCustom.cpp:
      (WebCore::JSDOMMimeTypeArray::canGetItemsForName):
      (WebCore::JSDOMMimeTypeArray::nameGetter):
      * bindings/js/JSDOMPluginArrayCustom.cpp:
      (WebCore::JSDOMPluginArray::canGetItemsForName):
      (WebCore::JSDOMPluginArray::nameGetter):
      * bindings/js/JSDOMPluginCustom.cpp:
      (WebCore::JSDOMPlugin::canGetItemsForName):
      (WebCore::JSDOMPlugin::nameGetter):
      * bindings/js/JSDOMStringMapCustom.cpp:
      (WebCore::JSDOMStringMap::canGetItemsForName):
      (WebCore::JSDOMStringMap::nameGetter):
      (WebCore::JSDOMStringMap::deleteProperty):
      (WebCore::JSDOMStringMap::putDelegate):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::nonCachingStaticFunctionGetter):
      (WebCore::childFrameGetter):
      (WebCore::namedItemGetter):
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      (WebCore::JSDOMWindow::put):
      (WebCore::JSDOMWindow::deleteProperty):
      (WebCore::JSDOMWindow::defineOwnProperty):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertySlot):
      (WebCore::JSDOMWindowShell::getOwnPropertyDescriptor):
      (WebCore::JSDOMWindowShell::put):
      (WebCore::JSDOMWindowShell::putDirectVirtual):
      (WebCore::JSDOMWindowShell::defineOwnProperty):
      (WebCore::JSDOMWindowShell::deleteProperty):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      * bindings/js/JSHTMLAllCollectionCustom.cpp:
      (WebCore::getNamedItems):
      (WebCore::callHTMLAllCollection):
      (WebCore::JSHTMLAllCollection::canGetItemsForName):
      (WebCore::JSHTMLAllCollection::nameGetter):
      (WebCore::JSHTMLAllCollection::item):
      * bindings/js/JSHTMLAppletElementCustom.cpp:
      (WebCore::JSHTMLAppletElement::getOwnPropertySlotDelegate):
      (WebCore::JSHTMLAppletElement::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHTMLAppletElement::putDelegate):
      * bindings/js/JSHTMLCollectionCustom.cpp:
      (WebCore::getNamedItems):
      (WebCore::JSHTMLCollection::canGetItemsForName):
      (WebCore::JSHTMLCollection::nameGetter):
      * bindings/js/JSHTMLDocumentCustom.cpp:
      (WebCore::JSHTMLDocument::canGetItemsForName):
      (WebCore::JSHTMLDocument::nameGetter):
      * bindings/js/JSHTMLEmbedElementCustom.cpp:
      (WebCore::JSHTMLEmbedElement::getOwnPropertySlotDelegate):
      (WebCore::JSHTMLEmbedElement::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHTMLEmbedElement::putDelegate):
      * bindings/js/JSHTMLFormElementCustom.cpp:
      (WebCore::JSHTMLFormElement::canGetItemsForName):
      (WebCore::JSHTMLFormElement::nameGetter):
      * bindings/js/JSHTMLFrameSetElementCustom.cpp:
      (WebCore::JSHTMLFrameSetElement::canGetItemsForName):
      (WebCore::JSHTMLFrameSetElement::nameGetter):
      * bindings/js/JSHTMLObjectElementCustom.cpp:
      (WebCore::JSHTMLObjectElement::getOwnPropertySlotDelegate):
      (WebCore::JSHTMLObjectElement::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHTMLObjectElement::putDelegate):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::nonCachingStaticBackFunctionGetter):
      (WebCore::nonCachingStaticForwardFunctionGetter):
      (WebCore::nonCachingStaticGoFunctionGetter):
      (WebCore::JSHistory::getOwnPropertySlotDelegate):
      (WebCore::JSHistory::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHistory::putDelegate):
      (WebCore::JSHistory::deleteProperty):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::nonCachingStaticReplaceFunctionGetter):
      (WebCore::nonCachingStaticReloadFunctionGetter):
      (WebCore::nonCachingStaticAssignFunctionGetter):
      (WebCore::JSLocation::getOwnPropertySlotDelegate):
      (WebCore::JSLocation::getOwnPropertyDescriptorDelegate):
      (WebCore::JSLocation::putDelegate):
      (WebCore::JSLocation::deleteProperty):
      (WebCore::JSLocation::defineOwnProperty):
      (WebCore::JSLocationPrototype::putDelegate):
      (WebCore::JSLocationPrototype::defineOwnProperty):
      * bindings/js/JSNamedNodeMapCustom.cpp:
      (WebCore::JSNamedNodeMap::canGetItemsForName):
      (WebCore::JSNamedNodeMap::nameGetter):
      * bindings/js/JSNodeListCustom.cpp:
      (WebCore::JSNodeList::canGetItemsForName):
      (WebCore::JSNodeList::nameGetter):
      * bindings/js/JSPluginElementFunctions.cpp:
      (WebCore::runtimeObjectPropertyGetter):
      (WebCore::runtimeObjectCustomGetOwnPropertySlot):
      (WebCore::runtimeObjectCustomGetOwnPropertyDescriptor):
      (WebCore::runtimeObjectCustomPut):
      * bindings/js/JSPluginElementFunctions.h:
      (WebCore):
      * bindings/js/JSStorageCustom.cpp:
      (WebCore::JSStorage::canGetItemsForName):
      (WebCore::JSStorage::nameGetter):
      (WebCore::JSStorage::deleteProperty):
      (WebCore::JSStorage::putDelegate):
      * bindings/js/JSStyleSheetListCustom.cpp:
      (WebCore::JSStyleSheetList::canGetItemsForName):
      (WebCore::JSStyleSheetList::nameGetter):
      * bindings/js/JSWorkerContextCustom.cpp:
      (WebCore::JSWorkerContext::getOwnPropertySlotDelegate):
      (WebCore::JSWorkerContext::getOwnPropertyDescriptorDelegate):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateGetOwnPropertySlotBody):
      (GenerateGetOwnPropertyDescriptorBody):
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorDefinition):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/c/c_class.h:
      (CClass):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::create):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      (JSC::Bindings::CInstance::getMethod):
      * bridge/c/c_instance.h:
      (CInstance):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::methodsNamed):
      (JavaClass::fieldNamed):
      * bridge/jni/jsc/JavaClassJSC.h:
      (JavaClass):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaRuntimeMethod::create):
      (JavaRuntimeMethod::finishCreation):
      * bridge/jni/jsc/JavaInstanceJSC.h:
      (JavaInstance):
      * bridge/jsc/BridgeJSC.h:
      (Class):
      (JSC::Bindings::Class::fallbackObject):
      (JSC::Bindings::Instance::setValueOfUndefinedField):
      (Instance):
      (JSC::Bindings::Instance::getOwnPropertySlot):
      (JSC::Bindings::Instance::getOwnPropertyDescriptor):
      (JSC::Bindings::Instance::put):
      * bridge/objc/objc_class.h:
      (ObjcClass):
      * bridge/objc/objc_class.mm:
      (JSC::Bindings::ObjcClass::methodsNamed):
      (JSC::Bindings::ObjcClass::fieldNamed):
      (JSC::Bindings::ObjcClass::fallbackObject):
      * bridge/objc/objc_instance.h:
      (ObjcInstance):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::create):
      (ObjCRuntimeMethod::finishCreation):
      (ObjcInstance::setValueOfUndefinedField):
      (ObjcInstance::getValueOfUndefinedField):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::create):
      (JSC::Bindings::ObjcFallbackObjectImp::propertyName):
      (ObjcFallbackObjectImp):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlot):
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertyDescriptor):
      (JSC::Bindings::ObjcFallbackObjectImp::put):
      (JSC::Bindings::callObjCFallbackObject):
      (JSC::Bindings::ObjcFallbackObjectImp::deleteProperty):
      (JSC::Bindings::ObjcFallbackObjectImp::defaultValue):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::lengthGetter):
      (JSC::RuntimeArray::getOwnPropertySlot):
      (JSC::RuntimeArray::getOwnPropertyDescriptor):
      (JSC::RuntimeArray::put):
      (JSC::RuntimeArray::deleteProperty):
      * bridge/runtime_array.h:
      (RuntimeArray):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      (JSC::RuntimeMethod::lengthGetter):
      (JSC::RuntimeMethod::getOwnPropertySlot):
      (JSC::RuntimeMethod::getOwnPropertyDescriptor):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::create):
      (RuntimeMethod):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::fallbackObjectGetter):
      (JSC::Bindings::RuntimeObject::fieldGetter):
      (JSC::Bindings::RuntimeObject::methodGetter):
      (JSC::Bindings::RuntimeObject::getOwnPropertySlot):
      (JSC::Bindings::RuntimeObject::getOwnPropertyDescriptor):
      (JSC::Bindings::RuntimeObject::put):
      (JSC::Bindings::RuntimeObject::deleteProperty):
      * bridge/runtime_object.h:
      (RuntimeObject):
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/ProxyInstance.h:
      (ProxyInstance):
      * Plugins/Hosted/ProxyInstance.mm:
      (ProxyClass):
      (WebKit::ProxyClass::methodsNamed):
      (WebKit::ProxyClass::fieldNamed):
      (WebKit::ProxyRuntimeMethod::create):
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::getMethod):
      (WebKit::ProxyInstance::methodsNamed):
      (WebKit::ProxyInstance::fieldNamed):
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::finishCreation):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::create):
      (JSNPMethod):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::npIdentifierFromIdentifier):
      (WebKit::JSNPObject::getOwnPropertySlot):
      (WebKit::JSNPObject::getOwnPropertyDescriptor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::propertyGetter):
      (WebKit::JSNPObject::methodGetter):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (JSNPObject):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@116828 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      38d3c75b
  10. 28 Apr, 2012 1 commit
    • ggaren@apple.com's avatar
      Clarified JSGlobalData (JavaScript VM) lifetime · c143e90f
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=85142
      
      Reviewed by Anders Carlsson.
      
      Source/JavaScriptCore: 
      
      This was so confusing that I didn't feel like I could reason about 
      memory lifetime in the heap without fixing it.
      
      The rules are:
      
      (1) JSGlobalData owns the virtual machine and all memory in it.
      
      (2) Deleting a JSGlobalData frees the virtual machine and all memory 
      in it.
      
      (Caveat emptor: if you delete the virtual machine while you're running 
      JIT code or accessing GC objects, you're gonna have a bad time.)
      
      (I opted not to make arbitrary sub-objects keep the virtual machine 
      alive automatically because:
      
              (a) doing that right would be complex and slow;
      
              (b) in the case of an exiting thread or process, there's no 
              clear way to give the garbage collector a chance to try again 
              later; 
      
              (c) continuing to run the garbage collector after we've been 
              asked to shut down the virtual machine seems rude;
      
              (d) we've never really supported that feature, anyway.)
      
      (3) Normal ref-counting will do. No need to call a battery of 
      specialty functions to tear down a JSGlobalData. Its foibles 
      notwithstanding, C++ does in fact know how to execute destructors in 
      order.
      
      * API/JSContextRef.cpp:
      (JSGlobalContextCreate): Removed compatibility shim for older 
      operating systems because it's no longer used.
      
      (JSGlobalContextRelease): Now that we can rely on JSGlobalData to "do 
      the right thing", this code is much simpler. We still have one special 
      case to notify the garbage collector if we're removing the last 
      reference to the global object, since this can improve memory behavior.
      
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::freeAllBlocks):
      * heap/CopiedSpace.h:
      (CopiedSpace): Renamed "destroy" => "freeAllBlocks" because true 
      destruction-time behaviors should be limited to our C++ destructor.
      
      * heap/Heap.cpp:
      (JSC::Heap::~Heap):
      (JSC):
      (JSC::Heap::lastChanceToFinalize):
      * heap/Heap.h:
      (Heap):
      (JSC::Heap::heap): Renamed "destroy" => "lastChanceToFinalize" because 
      true destruction-time behaviors should be limited to our C++ 
      destructor.
      
      Reorganized the code, putting code that must run before any objects 
      get torn down into lastChanceToFinalize, and code that just tears down 
      objects into our destructor.
      
      * heap/Local.h:
      (JSC::LocalStack::LocalStack):
      (JSC::LocalStack::push):
      (LocalStack): See rule (2).
      
      * jsc.cpp:
      (functionQuit):
      (main):
      (printUsageStatement):
      (parseArguments):
      (jscmain):
      * testRegExp.cpp:
      (main):
      (printUsageStatement):
      (parseArguments):
      (realMain): See rule (3).
      
      I removed the feature of ensuring orderly tear-down when calling quit()
      or running in --help mode because it didn't seem very useful and 
      making it work with Windows structured exception handling and 
      NO_RETURN didn't seem like a fun way to spend a Saturday.
      
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData): Moved heap to be the first data 
      member in JSGlobalData to ensure that it's destructed last, so other 
      objects that reference it destruct without crashing. This allowed me 
      to remove clearBuiltinStructures() altogether, and helped guarantee 
      rule (3).
      
      (JSC::JSGlobalData::~JSGlobalData): Explicitly call 
      lastChanceToFinalize() at the head of our destructor to ensure that 
      all pending finalizers run while the virtual machine is still in a 
      valid state. Trying to resurrect (re-ref) the virtual machine at this 
      point is not valid, but all other operations are.
      
      Changed a null to a 0xbbadbeef to clarify just how bad this beef is.
      
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::init):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::globalData): See rule (3).
      
      Source/WebCore: 
      
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::~WorkerScriptController): Slightly 
      simpler than before. We can't just rely on our default destructor 
      because we need to hold the JSLock when we tear down the VM.
      
      * bridge/NP_jsobject.cpp:
      (_NPN_InvokeDefault):
      (_NPN_Invoke):
      (_NPN_Evaluate):
      (_NPN_Construct): Don't RefPtr<> the JSGlobalData because it makes it 
      seem like you know something the rest of our code doesn't know. The 
      plugin JSGlobalData is immortal, anyway.
      
      I also removed some timeout checker related code because that feature 
      doesn't work anymore, so it was effectively dead code.
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::invoke):
      (WebKit::NetscapePluginInstanceProxy::invokeDefault):
      (WebKit::NetscapePluginInstanceProxy::construct):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@115579 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c143e90f
  11. 05 Apr, 2012 1 commit
    • oliver@apple.com's avatar
      Replace static_cast with jsCast when casting JSCell subclasses in JSC · 0c59caf6
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=83307
      
      Reviewed by Gavin Barraclough.
      
      Replace all usage of static_cast<JSCell subtype*> with jsCast<> in JavaScriptCore.
      This results in assertions when unsafe casts are performed, but simply leaves
      a static_cast<> in release builds.
      
      * API/APICast.h:
      (toJS):
      * API/JSCallbackConstructor.cpp:
      (JSC::constructJSCallback):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::call):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::asCallbackObject):
      (JSC::::finishCreation):
      (JSC::::construct):
      (JSC::::call):
      * API/JSObjectRef.cpp:
      (JSObjectGetPrivate):
      (JSObjectSetPrivate):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      * API/JSValueRef.cpp:
      (JSValueIsObjectOfClass):
      * API/JSWeakObjectMapRefPrivate.cpp:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::resolveConstDecl):
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::finishCreation):
      * dfg/DFGOperations.cpp:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/Executable.h:
      (JSC::isHostFunction):
      * runtime/JSActivation.h:
      (JSC::asActivation):
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      * runtime/JSArray.h:
      (JSC::asArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::boundFunctionCall):
      (JSC::boundFunctionConstruct):
      * runtime/JSByteArray.h:
      (JSC::asByteArray):
      * runtime/JSCell.cpp:
      (JSC::JSCell::toObject):
      * runtime/JSCell.h:
      (JSC::jsCast):
      * runtime/JSGlobalObject.h:
      (JSC::asGlobalObject):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncEval):
      * runtime/JSObject.cpp:
      (JSC::JSObject::setPrototypeWithCycleCheck):
      (JSC::JSObject::allowsAccessFrom):
      (JSC::JSObject::toThisObject):
      (JSC::JSObject::unwrappedObject):
      * runtime/JSObject.h:
      (JSC::asObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC::Register::propertyNameIterator):
      * runtime/JSString.h:
      (JSC::asString):
      (JSC::JSValue::toString):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncSubstr):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@113363 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0c59caf6
  12. 21 Feb, 2012 2 commits
    • fpizlo@apple.com's avatar
      JSC should be a triple-tier VM · 7bbcaab7
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=75812
      <rdar://problem/10079694>
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      Implemented an interpreter that uses the JIT's calling convention. This
      interpreter is called LLInt, or the Low Level Interpreter. JSC will now
      will start by executing code in LLInt and will only tier up to the old
      JIT after the code is proven hot.
              
      LLInt is written in a modified form of our macro assembly. This new macro
      assembly is compiled by an offline assembler (see offlineasm), which
      implements many modern conveniences such as a Turing-complete CPS-based
      macro language and direct access to relevant C++ type information
      (basically offsets of fields and sizes of structs/classes).
              
      Code executing in LLInt appears to the rest of the JSC world "as if" it
      were executing in the old JIT. Hence, things like exception handling and
      cross-execution-engine calls just work and require pretty much no
      additional overhead.
              
      This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
      V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
      V8, and Kraken, but appear to get a double-digit improvement on real-world
      websites due to a huge reduction in the amount of JIT'ing.
              
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
      * bytecode/BytecodeConventions.h: Added.
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::computeFromLLInt):
      (JSC):
      (JSC::CallLinkStatus::computeFor):
      * bytecode/CallLinkStatus.h:
      (JSC::CallLinkStatus::isSet):
      (JSC::CallLinkStatus::operator!):
      (CallLinkStatus):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC):
      (CodeBlock):
      (JSC::CodeBlock::baselineVersion):
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::jitCompile):
      (JSC::CodeBlock::hasOptimizedReplacement):
      (JSC::CodeBlock::addPropertyAccessInstruction):
      (JSC::CodeBlock::addGlobalResolveInstruction):
      (JSC::CodeBlock::addLLIntCallLinkInfo):
      (JSC::CodeBlock::addGlobalResolveInfo):
      (JSC::CodeBlock::numberOfMethodCallLinkInfos):
      (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::addFrequentExitSite):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::wasSeenInJIT):
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      (Instruction):
      * bytecode/LLIntCallLinkInfo.h: Added.
      (JSC):
      (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
      (LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::isLinked):
      (JSC::LLIntCallLinkInfo::unlink):
      * bytecode/MethodCallLinkStatus.cpp:
      (JSC::MethodCallLinkStatus::computeFor):
      * bytecode/Opcode.cpp:
      (JSC):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (PutByIdStatus):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitConstruct):
      (JSC::BytecodeGenerator::emitCatch):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      (JSC):
      (JSC::Heap::firstAllocatorWithoutDestructors):
      (Heap):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * heap/MarkedAllocator.h:
      (JSC):
      (MarkedAllocator):
      * heap/MarkedSpace.h:
      (JSC):
      (MarkedSpace):
      (JSC::MarkedSpace::firstAllocator):
      * interpreter/CallFrame.cpp:
      (JSC):
      (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallerFrame):
      * interpreter/CallFrame.h:
      (JSC::ExecState::hasReturnPC):
      (JSC::ExecState::clearReturnPC):
      (ExecState):
      (JSC::ExecState::bytecodeOffsetForNonDFGCode):
      (JSC::ExecState::currentVPC):
      (JSC::ExecState::setCurrentVPC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::privateExecute):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC):
      (Interpreter):
      (JSC::Interpreter::getOpcode):
      (JSC::Interpreter::getOpcodeID):
      (JSC::Interpreter::classicEnabled):
      * interpreter/RegisterFile.h:
      (JSC):
      (RegisterFile):
      * jit/ExecutableAllocator.h:
      (JSC):
      * jit/HostCallReturnValue.cpp: Added.
      (JSC):
      (JSC::getHostCallReturnValueWithExecState):
      * jit/HostCallReturnValue.h: Added.
      (JSC):
      (JSC::initializeHostCallReturnValue):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::isOptimizingJIT):
      (JITCode):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::JITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::jitThrow):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      (JSC):
      * jit/JSInterfaceJIT.h:
      * llint: Added.
      * llint/LLIntCommon.h: Added.
      * llint/LLIntData.cpp: Added.
      (LLInt):
      (JSC::LLInt::Data::Data):
      (JSC::LLInt::Data::performAssertions):
      (JSC::LLInt::Data::~Data):
      * llint/LLIntData.h: Added.
      (JSC):
      (LLInt):
      (Data):
      (JSC::LLInt::Data::exceptionInstructions):
      (JSC::LLInt::Data::opcodeMap):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp: Added.
      (LLInt):
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp: Added.
      (LLInt):
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrowForThrownException):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntExceptions.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntOfflineAsmConfig.h: Added.
      * llint/LLIntOffsetsExtractor.cpp: Added.
      (JSC):
      (LLIntOffsetsExtractor):
      (JSC::LLIntOffsetsExtractor::dummy):
      (main):
      * llint/LLIntSlowPaths.cpp: Added.
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::resolveGlobal):
      (JSC::LLInt::getByVal):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      (JSC::LLInt::genericCall):
      * llint/LLIntSlowPaths.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntThunks.cpp: Added.
      (LLInt):
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h: Added.
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm: Added.
      * llint/LowLevelInterpreter.cpp: Added.
      * llint/LowLevelInterpreter.h: Added.
      * offlineasm: Added.
      * offlineasm/armv7.rb: Added.
      * offlineasm/asm.rb: Added.
      * offlineasm/ast.rb: Added.
      * offlineasm/backends.rb: Added.
      * offlineasm/generate_offset_extractor.rb: Added.
      * offlineasm/instructions.rb: Added.
      * offlineasm/offset_extractor_constants.rb: Added.
      * offlineasm/offsets.rb: Added.
      * offlineasm/opt.rb: Added.
      * offlineasm/parser.rb: Added.
      * offlineasm/registers.rb: Added.
      * offlineasm/self_hash.rb: Added.
      * offlineasm/settings.rb: Added.
      * offlineasm/transform.rb: Added.
      * offlineasm/x86.rb: Added.
      * runtime/CodeSpecializationKind.h: Added.
      (JSC):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      (CommonSlowPaths):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC):
      (JSC::EvalExecutable::jitCompile):
      (JSC::samplingDescription):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      * runtime/JSCell.h:
      (JSC):
      (JSCell):
      * runtime/JSFunction.h:
      (JSC):
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      * runtime/JSObject.h:
      (JSC):
      (JSObject):
      (JSFinalObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC):
      (JSPropertyNameIterator):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      * runtime/JSTypeInfo.h:
      (JSC):
      (TypeInfo):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/JSValue.h:
      (LLInt):
      (JSValue):
      * runtime/JSVariableObject.h:
      (JSC):
      (JSVariableObject):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/ScopeChain.h:
      (JSC):
      (ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC):
      (Structure):
      * runtime/StructureChain.h:
      (JSC):
      (StructureChain):
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (SentinelLinkedList):
      (WTF::SentinelLinkedList::isEmpty):
      * wtf/text/StringImpl.h:
      (JSC):
      (StringImpl):
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough.
              
      No new tests, because there is no change in behavior.
      
      * CMakeLists.txt:
      
      Source/WebKit: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
              
      * CMakeLists.txt:
      
      Tools: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108444 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7bbcaab7
    • aroben@apple.com's avatar
      Roll out r108309, r108323, and r108326 · e089d623
      aroben@apple.com authored
      They broke the 32-bit Lion build.
      
      Original bugs is <http://webkit.org/b/75812> <rdar://problem/10079694>.
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      * bytecode/BytecodeConventions.h: Removed.
      * bytecode/CallLinkStatus.cpp:
      * bytecode/CallLinkStatus.h:
      * bytecode/CodeBlock.cpp:
      * bytecode/CodeBlock.h:
      * bytecode/GetByIdStatus.cpp:
      * bytecode/GetByIdStatus.h:
      * bytecode/Instruction.h:
      * bytecode/LLIntCallLinkInfo.h: Removed.
      * bytecode/MethodCallLinkStatus.cpp:
      * bytecode/Opcode.cpp:
      * bytecode/Opcode.h:
      * bytecode/PutByIdStatus.cpp:
      * bytecode/PutByIdStatus.h:
      * bytecompiler/BytecodeGenerator.cpp:
      * dfg/DFGByteCodeParser.cpp:
      * dfg/DFGCapabilities.h:
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      * heap/MarkStack.cpp:
      * heap/MarkedAllocator.h:
      * heap/MarkedSpace.h:
      * interpreter/CallFrame.cpp:
      * interpreter/CallFrame.h:
      * interpreter/Interpreter.cpp:
      * interpreter/Interpreter.h:
      * interpreter/RegisterFile.h:
      * jit/ExecutableAllocator.h:
      * jit/HostCallReturnValue.cpp: Removed.
      * jit/HostCallReturnValue.h: Removed.
      * jit/JIT.cpp:
      * jit/JITCode.h:
      * jit/JITDriver.h:
      * jit/JITExceptions.cpp:
      * jit/JITInlineMethods.h:
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      * jit/JSInterfaceJIT.h:
      * llint/LLIntCommon.h: Removed.
      * llint/LLIntData.cpp: Removed.
      * llint/LLIntData.h: Removed.
      * llint/LLIntEntrypoints.cpp: Removed.
      * llint/LLIntEntrypoints.h: Removed.
      * llint/LLIntExceptions.cpp: Removed.
      * llint/LLIntExceptions.h: Removed.
      * llint/LLIntOfflineAsmConfig.h: Removed.
      * llint/LLIntOffsetsExtractor.cpp: Removed.
      * llint/LLIntSlowPaths.cpp: Removed.
      * llint/LLIntSlowPaths.h: Removed.
      * llint/LLIntThunks.cpp: Removed.
      * llint/LLIntThunks.h: Removed.
      * llint/LowLevelInterpreter.asm: Removed.
      * llint/LowLevelInterpreter.cpp: Removed.
      * llint/LowLevelInterpreter.h: Removed.
      * offlineasm/armv7.rb: Removed.
      * offlineasm/asm.rb: Removed.
      * offlineasm/ast.rb: Removed.
      * offlineasm/backends.rb: Removed.
      * offlineasm/generate_offset_extractor.rb: Removed.
      * offlineasm/instructions.rb: Removed.
      * offlineasm/offset_extractor_constants.rb: Removed.
      * offlineasm/offsets.rb: Removed.
      * offlineasm/opt.rb: Removed.
      * offlineasm/parser.rb: Removed.
      * offlineasm/registers.rb: Removed.
      * offlineasm/self_hash.rb: Removed.
      * offlineasm/settings.rb: Removed.
      * offlineasm/transform.rb: Removed.
      * offlineasm/x86.rb: Removed.
      * runtime/CodeSpecializationKind.h: Removed.
      * runtime/CommonSlowPaths.h:
      * runtime/Executable.cpp:
      * runtime/Executable.h:
      * runtime/ExecutionHarness.h: Removed.
      * runtime/JSArray.h:
      * runtime/JSCell.h:
      * runtime/JSFunction.h:
      * runtime/JSGlobalData.cpp:
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.h:
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSString.h:
      * runtime/JSTypeInfo.h:
      * runtime/JSValue.cpp:
      * runtime/JSValue.h:
      * runtime/JSVariableObject.h:
      * runtime/Options.cpp:
      * runtime/Options.h:
      * runtime/ScopeChain.h:
      * runtime/Structure.cpp:
      * runtime/Structure.h:
      * runtime/StructureChain.h:
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      * wtf/text/StringImpl.h:
      
      Source/WebCore:
      
      * CMakeLists.txt:
      
      Source/WebKit:
      
      * CMakeLists.txt:
      
      Tools:
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e089d623
  13. 20 Feb, 2012 2 commits
    • fpizlo@apple.com's avatar
      JSC should be a triple-tier VM · 091129f4
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=75812
      <rdar://problem/10079694>
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      Implemented an interpreter that uses the JIT's calling convention. This
      interpreter is called LLInt, or the Low Level Interpreter. JSC will now
      will start by executing code in LLInt and will only tier up to the old
      JIT after the code is proven hot.
              
      LLInt is written in a modified form of our macro assembly. This new macro
      assembly is compiled by an offline assembler (see offlineasm), which
      implements many modern conveniences such as a Turing-complete CPS-based
      macro language and direct access to relevant C++ type information
      (basically offsets of fields and sizes of structs/classes).
              
      Code executing in LLInt appears to the rest of the JSC world "as if" it
      were executing in the old JIT. Hence, things like exception handling and
      cross-execution-engine calls just work and require pretty much no
      additional overhead.
              
      This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
      V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
      V8, and Kraken, but appear to get a double-digit improvement on real-world
      websites due to a huge reduction in the amount of JIT'ing.
              
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
      * bytecode/BytecodeConventions.h: Added.
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::computeFromLLInt):
      (JSC):
      (JSC::CallLinkStatus::computeFor):
      * bytecode/CallLinkStatus.h:
      (JSC::CallLinkStatus::isSet):
      (JSC::CallLinkStatus::operator!):
      (CallLinkStatus):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC):
      (CodeBlock):
      (JSC::CodeBlock::baselineVersion):
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::jitCompile):
      (JSC::CodeBlock::hasOptimizedReplacement):
      (JSC::CodeBlock::addPropertyAccessInstruction):
      (JSC::CodeBlock::addGlobalResolveInstruction):
      (JSC::CodeBlock::addLLIntCallLinkInfo):
      (JSC::CodeBlock::addGlobalResolveInfo):
      (JSC::CodeBlock::numberOfMethodCallLinkInfos):
      (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::addFrequentExitSite):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::wasSeenInJIT):
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      (Instruction):
      * bytecode/LLIntCallLinkInfo.h: Added.
      (JSC):
      (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
      (LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::isLinked):
      (JSC::LLIntCallLinkInfo::unlink):
      * bytecode/MethodCallLinkStatus.cpp:
      (JSC::MethodCallLinkStatus::computeFor):
      * bytecode/Opcode.cpp:
      (JSC):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (PutByIdStatus):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitConstruct):
      (JSC::BytecodeGenerator::emitCatch):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      (JSC):
      (JSC::Heap::firstAllocatorWithoutDestructors):
      (Heap):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * heap/MarkedAllocator.h:
      (JSC):
      (MarkedAllocator):
      * heap/MarkedSpace.h:
      (JSC):
      (MarkedSpace):
      (JSC::MarkedSpace::firstAllocator):
      * interpreter/CallFrame.cpp:
      (JSC):
      (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallerFrame):
      * interpreter/CallFrame.h:
      (JSC::ExecState::hasReturnPC):
      (JSC::ExecState::clearReturnPC):
      (ExecState):
      (JSC::ExecState::bytecodeOffsetForNonDFGCode):
      (JSC::ExecState::currentVPC):
      (JSC::ExecState::setCurrentVPC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::privateExecute):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC):
      (Interpreter):
      (JSC::Interpreter::getOpcode):
      (JSC::Interpreter::getOpcodeID):
      (JSC::Interpreter::classicEnabled):
      * interpreter/RegisterFile.h:
      (JSC):
      (RegisterFile):
      * jit/ExecutableAllocator.h:
      (JSC):
      * jit/HostCallReturnValue.cpp: Added.
      (JSC):
      (JSC::getHostCallReturnValueWithExecState):
      * jit/HostCallReturnValue.h: Added.
      (JSC):
      (JSC::initializeHostCallReturnValue):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::isOptimizingJIT):
      (JITCode):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::JITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::jitThrow):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      (JSC):
      * jit/JSInterfaceJIT.h:
      * llint: Added.
      * llint/LLIntCommon.h: Added.
      * llint/LLIntData.cpp: Added.
      (LLInt):
      (JSC::LLInt::Data::Data):
      (JSC::LLInt::Data::performAssertions):
      (JSC::LLInt::Data::~Data):
      * llint/LLIntData.h: Added.
      (JSC):
      (LLInt):
      (Data):
      (JSC::LLInt::Data::exceptionInstructions):
      (JSC::LLInt::Data::opcodeMap):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp: Added.
      (LLInt):
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp: Added.
      (LLInt):
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrowForThrownException):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntExceptions.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntOfflineAsmConfig.h: Added.
      * llint/LLIntOffsetsExtractor.cpp: Added.
      (JSC):
      (LLIntOffsetsExtractor):
      (JSC::LLIntOffsetsExtractor::dummy):
      (main):
      * llint/LLIntSlowPaths.cpp: Added.
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::resolveGlobal):
      (JSC::LLInt::getByVal):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      (JSC::LLInt::genericCall):
      * llint/LLIntSlowPaths.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntThunks.cpp: Added.
      (LLInt):
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h: Added.
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm: Added.
      * llint/LowLevelInterpreter.cpp: Added.
      * llint/LowLevelInterpreter.h: Added.
      * offlineasm: Added.
      * offlineasm/armv7.rb: Added.
      * offlineasm/asm.rb: Added.
      * offlineasm/ast.rb: Added.
      * offlineasm/backends.rb: Added.
      * offlineasm/generate_offset_extractor.rb: Added.
      * offlineasm/instructions.rb: Added.
      * offlineasm/offset_extractor_constants.rb: Added.
      * offlineasm/offsets.rb: Added.
      * offlineasm/opt.rb: Added.
      * offlineasm/parser.rb: Added.
      * offlineasm/registers.rb: Added.
      * offlineasm/self_hash.rb: Added.
      * offlineasm/settings.rb: Added.
      * offlineasm/transform.rb: Added.
      * offlineasm/x86.rb: Added.
      * runtime/CodeSpecializationKind.h: Added.
      (JSC):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      (CommonSlowPaths):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC):
      (JSC::EvalExecutable::jitCompile):
      (JSC::samplingDescription):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      * runtime/JSCell.h:
      (JSC):
      (JSCell):
      * runtime/JSFunction.h:
      (JSC):
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      * runtime/JSObject.h:
      (JSC):
      (JSObject):
      (JSFinalObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC):
      (JSPropertyNameIterator):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      * runtime/JSTypeInfo.h:
      (JSC):
      (TypeInfo):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/JSValue.h:
      (LLInt):
      (JSValue):
      * runtime/JSVariableObject.h:
      (JSC):
      (JSVariableObject):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/ScopeChain.h:
      (JSC):
      (ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC):
      (Structure):
      * runtime/StructureChain.h:
      (JSC):
      (StructureChain):
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (SentinelLinkedList):
      (WTF::SentinelLinkedList::isEmpty):
      * wtf/text/StringImpl.h:
      (JSC):
      (StringImpl):
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough.
              
      No new tests, because there is no change in behavior.
      
      * CMakeLists.txt:
      
      Source/WebKit: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
              
      * CMakeLists.txt:
      
      Tools: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108309 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      091129f4
    • barraclough@apple.com's avatar
      Move special __proto__ property to Object.prototype · 4f5c0c0f
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=78409
      
      Reviewed by Oliver Hunt.
      
      Re-implement this as a regular accessor property.  This has three key benefits:
      1) It makes it possible for objects to be given properties named __proto__.
      2) Object.prototype.__proto__ can be deleted, preventing object prototypes from being changed.
      3) This largely removes the magic used the implement __proto__, it can just be made a regular accessor property.
      
      Source/JavaScriptCore: 
      
      * parser/Parser.cpp:
      (JSC::::parseFunctionInfo):
          - No need to prohibit functions named __proto__.
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
          - Add __proto__ accessor to Object.prototype.
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncProtoGetter):
      (JSC::globalFuncProtoSetter):
          - Definition of the __proto__ accessor functions.
      * runtime/JSGlobalObjectFunctions.h:
          - Declaration of the __proto__ accessor functions.
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
          - Remove the special handling for __proto__, there is still a check to allow for a fast guard for accessors excluding __proto__.
      (JSC::JSObject::putDirectAccessor):
          - Track on the structure whether an object contains accessors other than one for __proto__.
      (JSC::JSObject::defineOwnProperty):
          - No need to prohibit definition of own properties named __proto__.
      * runtime/JSObject.h:
      (JSC::JSObject::inlineGetOwnPropertySlot):
          - Remove the special handling for __proto__.
      (JSC::JSValue::get):
          - Remove the special handling for __proto__.
      * runtime/JSString.cpp:
      (JSC::JSString::getOwnPropertySlot):
          - Remove the special handling for __proto__.
      * runtime/JSValue.h:
      (JSValue):
          - Made synthesizePrototype public (this may be needed by the __proto__ getter).
      * runtime/ObjectConstructor.cpp:
      (JSC::objectConstructorGetPrototypeOf):
          - Perform the security check & call prototype() directly.
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
          - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
      * runtime/Structure.h:
      (JSC::Structure::hasGetterSetterPropertiesExcludingProto):
      (JSC::Structure::setHasGetterSetterProperties):
      (Structure):
          - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
      
      Source/WebCore: 
      
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::allowsAccessFrom):
      (WebCore):
          - expose allowsAccessFrom check to JSC.
      * bindings/js/JSDOMWindowBase.h:
      (JSDOMWindowBase):
          - expose allowsAccessFrom check to JSC.
      
      LayoutTests: 
      
      * fast/js/Object-getOwnPropertyNames-expected.txt:
      * fast/js/cyclic-prototypes-expected.txt:
      * fast/js/parser-syntax-check-expected.txt:
      * fast/js/preventExtensions-expected.txt:
      * fast/js/prototypes-expected.txt:
          - Update results
      * fast/js/script-tests/Object-getOwnPropertyNames.js:
          - __proto__ is now a property of Object Prototype.
      * fast/js/script-tests/cyclic-prototypes.js:
          - setting an object's prototype to null removes __proto__ setter, future usage won't set prototype.
      * fast/js/script-tests/parser-syntax-check.js:
          - Allow functions named __proto__
      * fast/js/script-tests/preventExtensions.js:
          - Setting __proto__ should not throw.
      * fast/js/script-tests/prototypes.js:
          - Objects may contained own properties named __proto__, add new test cases.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108259 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4f5c0c0f
  14. 06 Feb, 2012 1 commit
    • barraclough@apple.com's avatar
      Remove JSObject defineGetter/defineSetter lookupGetter/lookupSetter · 81aa89f0
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=77451
      
      Reviewed by Sam Weinig.
      
      These can now all be implemented in terms of defineOwnProperty & getPropertyDescriptor.
      Also remove initializeGetterSetterProperty, since this is equivalent to putDirectAccessor.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.exp:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::defineOwnProperty):
      * debugger/DebuggerActivation.h:
      (DebuggerActivation):
      * runtime/ClassInfo.h:
      (MethodTable):
      (JSC):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::finishCreation):
      * runtime/JSCell.cpp:
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::defineOwnProperty):
      (JSC):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      * runtime/JSObject.cpp:
      (JSC):
      * runtime/JSObject.h:
      (JSObject):
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncDefineGetter):
      (JSC::objectProtoFuncDefineSetter):
      (JSC::objectProtoFuncLookupGetter):
      (JSC::objectProtoFuncLookupSetter):
      
      Source/WebCore: 
      
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore):
      (WebCore::JSDOMWindow::defineOwnProperty):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::defineOwnProperty):
      (WebCore::JSLocationPrototype::defineOwnProperty):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      * page/DOMWindow.idl:
      * page/Location.idl:
      
      Source/WebKit/qt: 
      
      * Api/qwebframe.cpp:
      (QWebFramePrivate::addQtSenderToGlobalObject):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@106783 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      81aa89f0
  15. 13 Jan, 2012 1 commit
    • morrita@google.com's avatar
      JavaScriptCore: Mark all exported symbols in the header file automatically. · f0dd2d91
      morrita@google.com authored
      https://bugs.webkit.org/show_bug.cgi?id=72855
      
      Reviewed by Darin Adler.
      
      Added WTF_EXPORT_PRIVATE and JS_EXPORT_PRIVATE based on JavaScriptCore.exp files.
      The change is generated by a tool calledListExportables (https://github.com/omo/ListExportables)
      
      * API/OpaqueJSString.h:
      * bytecode/CodeBlock.h:
      * bytecode/SamplingTool.h:
      * debugger/Debugger.h:
      * debugger/DebuggerActivation.h:
      * debugger/DebuggerCallFrame.h:
      * heap/AllocationSpace.h:
      * heap/HandleHeap.h:
      * heap/Heap.h:
      * heap/MachineStackMarker.h:
      * heap/MarkStack.h:
      * heap/VTableSpectrum.h:
      * heap/WriteBarrierSupport.h:
      * parser/Nodes.h:
      * parser/ParserArena.h:
      * profiler/Profile.h:
      * runtime/ArgList.h:
      * runtime/CallData.h:
      * runtime/Completion.h:
      * runtime/ConstructData.h:
      * runtime/DateInstance.h:
      * runtime/Error.h:
      * runtime/ExceptionHelpers.h:
      * runtime/FunctionConstructor.h:
      * runtime/Identifier.h:
      * runtime/InitializeThreading.h:
      * runtime/InternalFunction.h:
      * runtime/JSArray.h:
      * runtime/JSByteArray.h:
      * runtime/JSCell.h:
      * runtime/JSFunction.h:
      * runtime/JSGlobalData.cpp:
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.h:
      * runtime/JSGlobalThis.h:
      * runtime/JSLock.h:
      * runtime/JSObject.h:
      * runtime/JSString.h:
      * runtime/JSValue.h:
      * runtime/JSVariableObject.h:
      * runtime/Lookup.h:
      * runtime/MemoryStatistics.h:
      * runtime/ObjectPrototype.h:
      * runtime/Options.h:
      * runtime/PropertyDescriptor.h:
      * runtime/PropertyNameArray.h:
      * runtime/PropertySlot.h:
      * runtime/RegExp.h:
      * runtime/RegExpObject.h:
      * runtime/SamplingCounter.h:
      * runtime/SmallStrings.h:
      * runtime/StringObject.h:
      * runtime/Structure.h:
      * runtime/TimeoutChecker.h:
      * runtime/UString.h:
      * runtime/WriteBarrier.h:
      * wtf/ArrayBufferView.h:
      * wtf/ByteArray.h:
      * wtf/CryptographicallyRandomNumber.h:
      * wtf/CurrentTime.h:
      * wtf/DateMath.h:
      * wtf/DecimalNumber.h:
      * wtf/FastMalloc.cpp:
      * wtf/FastMalloc.h:
      * wtf/MD5.h:
      * wtf/MainThread.h:
      * wtf/MetaAllocator.h:
      * wtf/MetaAllocatorHandle.h:
      * wtf/OSAllocator.h:
      * wtf/PageBlock.h:
      * wtf/RandomNumber.h:
      * wtf/RefCountedLeakCounter.h:
      * wtf/SHA1.h:
      * wtf/Threading.cpp:
      * wtf/Threading.h:
      * wtf/ThreadingPrimitives.h:
      * wtf/WTFThreadData.h:
      * wtf/dtoa.h:
      * wtf/text/AtomicString.h:
      * wtf/text/CString.h:
      * wtf/text/StringBuilder.h:
      * wtf/text/StringImpl.h:
      * wtf/text/WTFString.h:
      * wtf/unicode/Collator.h:
      * wtf/unicode/UTF8.h:
      * yarr/Yarr.h:
      * yarr/YarrPattern.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@104900 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f0dd2d91
  16. 12 Jan, 2012 1 commit
  17. 03 Jan, 2012 2 commits
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=75140 · 535d8bb7
      barraclough@apple.com authored
      Reviewed by Sam Weinig.
      
      Simplify JSArray creation - remove ArgsList/JSValue* create methods
      (this functionality can be implemented in terms of tryCreateUninitialized).
      
      * JavaScriptCore.exp:
      * runtime/ArrayConstructor.cpp:
          - use constructArray/constructEmptyArray instead of calling JSArray::create directly
      (JSC::constructArrayWithSizeQuirk):
      * runtime/JSArray.cpp:
      * runtime/JSArray.h:
          - removed ArgsList/JSValue* create methods
      * runtime/JSGlobalObject.h:
      (JSC::constructEmptyArray):
      (JSC::constructArray):
          - changed to be implemented in terms of JSArray::tryCreateUninitialized
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@103960 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      535d8bb7
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=75429 · bfdffec8
      barraclough@apple.com authored
      ThrowTypeError should be a singleton object
      
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      Per section 13.2.3 of the spec.
      We could change setAccessorDescriptor to be able to share the global
      GetterSetter object, rather than storing the accessor functions and
      creating a new GetterSetter in defineProperty - but this won't be a
      small change to PropertyDescriptors (and would probably mean making
      GetterSetter objects immutable?) - so I'll leave that for another
      patch.
      
      * JavaScriptCore.exp:
          - don't export setAccessorDescriptor
      * runtime/Arguments.cpp:
      (JSC::Arguments::createStrictModeCallerIfNecessary):
      (JSC::Arguments::createStrictModeCalleeIfNecessary):
          - call throwTypeErrorGetterSetter instead of createTypeErrorFunction
      * runtime/Error.cpp:
      * runtime/Error.h:
          - remove createTypeErrorFunction
      * runtime/JSFunction.cpp:
      * runtime/JSFunction.h:
          - remove unused createDescriptorForThrowingProperty
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::visitChildren):
          - removed m_strictModeTypeErrorFunctionStructure.
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::internalFunctionStructure):
          - removed m_strictModeTypeErrorFunctionStructure.
      * runtime/PropertyDescriptor.cpp:
      (JSC::PropertyDescriptor::setAccessorDescriptor):
          - changed to take a GetterSetter
      * runtime/PropertyDescriptor.h:
          - changed to take a GetterSetter
      
      LayoutTests: 
      
      Per section 13.2.3 of the spec.
      
      * fast/js/basic-strict-mode-expected.txt:
          - ThrowTypeError is a singleton, so cannot generate
            property-specific error messages.
      * fast/js/script-tests/strict-throw-type-error.js: Added.
      * fast/js/strict-throw-type-error-expected.txt: Added.
      * fast/js/strict-throw-type-error.html: Added.
          - added test case that ThrowTypeError is a singleton
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@103958 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bfdffec8
  18. 29 Dec, 2011 1 commit
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=75140 · 907d1a40
      barraclough@apple.com authored
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      Start cleaning up JSArray construction. JSArray has a set of create methods,
      one of which (currently) takes a 'creation mode' enum parameter. Based on that
      parameter, the constructor does one of two completely different things. If the
      parameter is 'CreateInitialized' it creates an array, setting the length, but
      does not eagerly allocate a storage vector of the specified length. A small
      (BASE_VECTOR_LEN sized) initial vector will be allocated, and cleared, property
      access to the vector will read the hole value (return undefined). The alternate
      usage of this method ('CreateCompact') does something very different. It tries
      to create an array of the requested length, and also allocates a storage vector
      large enough to hold all properties. It does not clear the storage vector,
      leaving the memory uninitialized and requiring the user to call a method
      'uncheckedSetIndex' to initialize values in the vector.
      
      This patch factors out these two behaviours, moving the 'CreateCompact' mode
      into its own method, 'tryCreateUninitialized' (matching the naming for this
      functionality in the string classes). 'tryCreateUninitialized' may return 0 if
      memory allocation fails during construction of the object. The construction
      pattern changes such that values added during initialization will be marked if
      a GC is triggered during array allocation. 'CreateInitialized' no longer need
      be passed to create a normal, fully constructed array with a length, and this
      method is merged with the version of 'create' that does not take an initial
      length (length parameter defaults to 0).
      
      * JavaScriptCore.exp:
      * runtime/ArrayConstructor.cpp:
      (JSC::constructArrayWithSizeQuirk):
          - removed 'CreateInitialized' argument
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncSplice):
          - changed to call 'tryCreateUninitialized'
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncBind):
          - changed to call 'tryCreateUninitialized'
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
          - initialize m_storage to null; if construction fails, make destruction safe
      (JSC::JSArray::finishCreation):
          - merge versions of this method, takes an initialLength parameter defaulting to zero
      (JSC::JSArray::tryFinishCreationUninitialized):
          - version of 'finishCreation' that tries to eagerly allocate storage; may fail & return 0
      (JSC::JSArray::~JSArray):
          - check for null m_storage, in case array construction failed.
      (JSC::JSArray::increaseVectorPrefixLength):
      * runtime/JSArray.h:
      (JSC::JSArray::create):
          - merge versions of this method, takes an initialLength parameter defaulting to zero
      (JSC::JSArray::tryCreateUninitialized):
          - version of 'create' that tries to eagerly allocate storage; may fail & return 0
      (JSC::JSArray::initializeIndex):
      (JSC::JSArray::completeInitialization):
          - used in conjunction with 'tryCreateUninitialized' to initialize the array
      * runtime/JSGlobalObject.h:
      (JSC::constructEmptyArray):
          - removed 'CreateInitialized' argument
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpMatchesArray::finishCreation):
          - removed 'CreateInitialized' argument
      
      LayoutTests: 
      
      Added test case.
      
      * fast/js/script-tests/array-splice.js:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@103823 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      907d1a40
  19. 19 Dec, 2011 1 commit
    • ggaren@apple.com's avatar
      Placement new does an unnecessary NULL check · 215589e0
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=74676
      
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      We can define our own version, which skips the NULL check.
              
      Not a measurable speedup, but code inspection shows better code generated,
      and I believe this is a step toward turning off -fomit-frame-pointer.
      
      * API/JSCallbackConstructor.h:
      (JSC::JSCallbackConstructor::create):
      * API/JSCallbackFunction.h:
      (JSC::JSCallbackFunction::create): Use the NotNull version of placement
      new to skip the NULL check.
      
      * API/JSCallbackObject.h: Removed a conflicting, unnecessaray placement new.
      
      (JSC::JSCallbackObject::create):
      * debugger/DebuggerActivation.h:
      (JSC::DebuggerActivation::create):
      * heap/HandleHeap.cpp:
      (JSC::HandleHeap::grow):
      * heap/HandleHeap.h:
      (JSC::HandleHeap::allocate):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::create):
      (JSC::MarkedBlock::recycle):
      * jit/JITCode.h:
      (JSC::JITCode::clear):
      * jsc.cpp:
      (GlobalObject::create):
      * profiler/CallIdentifier.h:
      * runtime/Arguments.h:
      (JSC::Arguments::create):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::create):
      * runtime/ArrayPrototype.h:
      (JSC::ArrayPrototype::create):
      * runtime/BooleanConstructor.h:
      (JSC::BooleanConstructor::create):
      * runtime/BooleanObject.h:
      (JSC::BooleanObject::create):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::create):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::create):
      * runtime/DateInstance.h:
      (JSC::DateInstance::create):
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::create):
      * runtime/Error.h:
      (JSC::StrictModeTypeErrorFunction::create):
      * runtime/ErrorConstructor.h:
      (JSC::ErrorConstructor::create):
      * runtime/ErrorInstance.h:
      (JSC::ErrorInstance::create):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::create):
      * runtime/ExceptionHelpers.h:
      (JSC::InterruptedExecutionError::create):
      (JSC::TerminatedExecutionError::create):
      * runtime/Executable.h:
      (JSC::NativeExecutable::create):
      (JSC::EvalExecutable::create):
      (JSC::ProgramExecutable::create):
      (JSC::FunctionExecutable::create):
      * runtime/FunctionConstructor.h:
      (JSC::FunctionConstructor::create):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::create):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::create):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::create):
      * runtime/JSActivation.h:
      (JSC::JSActivation::create):
      * runtime/JSArray.h:
      (JSC::JSArray::create):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::create):
      * runtime/JSByteArray.h:
      (JSC::JSByteArray::create): Use the NotNull version of placement
      new to skip the NULL check.
      
      * runtime/JSCell.h: Removed a conflicting, unnecessaray placement new.
      
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::create):
      * runtime/JSFunction.h:
      (JSC::JSFunction::create):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::create):
      * runtime/JSGlobalThis.h:
      (JSC::JSGlobalThis::create):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::create):
      * runtime/JSONObject.h:
      (JSC::JSONObject::create):
      * runtime/JSObject.h:
      (JSC::JSFinalObject::create):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSStaticScopeObject.h:
      (JSC::JSStaticScopeObject::create):
      * runtime/JSString.cpp:
      (JSC::StringObject::create):
      * runtime/JSString.h:
      (JSC::RopeBuilder::createNull):
      (JSC::RopeBuilder::create):
      (JSC::RopeBuilder::createHasOtherOwner):
      * runtime/MathObject.h:
      (JSC::MathObject::create):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::create):
      * runtime/NativeErrorPrototype.h:
      (JSC::NativeErrorPrototype::create):
      * runtime/NumberConstructor.h:
      (JSC::NumberConstructor::create):
      * runtime/NumberObject.h:
      (JSC::NumberObject::create):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::create):
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::create):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::create):
      * runtime/RegExp.cpp:
      (JSC::RegExp::createWithoutCaching):
      * runtime/RegExpConstructor.h:
      (JSC::RegExpConstructor::create):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::create):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::create):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::create):
      * runtime/ScopeChain.h:
      (JSC::ScopeChainNode::create):
      * runtime/StrictEvalActivation.h:
      (JSC::StrictEvalActivation::create):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::create):
      * runtime/StringObject.h:
      (JSC::StringObject::create):
      * runtime/StringPrototype.h:
      (JSC::StringPrototype::create):
      * runtime/Structure.h:
      (JSC::Structure::create):
      (JSC::Structure::createStructure):
      * runtime/StructureChain.h:
      (JSC::StructureChain::create):
      * testRegExp.cpp:
      (GlobalObject::create):
      * wtf/BitVector.cpp:
      (WTF::BitVector::OutOfLineBits::create): Use the NotNull version of placement
      new to skip the NULL check.
      
      * wtf/BumpPointerAllocator.h:
      (WTF::BumpPointerPool::create): Standardized spacing to make grep easier.
      
      * wtf/ByteArray.cpp:
      (WTF::ByteArray::create):
      * wtf/Deque.h:
      (WTF::::append):
      (WTF::::prepend): Use NotNull, as above.
      
      * wtf/FastAllocBase.h: Added a placement new, since this class would otherwise
      hide the name of the global placement new.
      
      (WTF::fastNew): Standardized spacing. Most of these functions don't need
      NotNull, since they check for NULL, and the optimizer can see that.
      
      * wtf/HashTable.h:
      * wtf/HashTraits.h:
      (WTF::SimpleClassHashTraits::constructDeletedValue):
      * wtf/MetaAllocator.cpp:
      (WTF::MetaAllocator::allocFreeSpaceNode): NotNull, as above.
      
      * wtf/StdLibExtras.h:
      (throw): This is our NotNull placement new. Declaring that we throw is
      the C++ way to say that operator new will not return NULL.
      
      * wtf/ThreadSpecific.h:
      (WTF::T):
      * wtf/Vector.h:
      (WTF::::append):
      (WTF::::tryAppend):
      (WTF::::uncheckedAppend):
      (WTF::::insert):
      * wtf/text/AtomicStringHash.h:
      * wtf/text/StringImpl.cpp:
      (WTF::StringImpl::createUninitialized):
      (WTF::StringImpl::reallocate):
      * wtf/text/StringImpl.h:
      (WTF::StringImpl::tryCreateUninitialized):
      * wtf/text/StringStatics.cpp:
      (WTF::AtomicString::init): Use NotNull, as above.
      
      * yarr/YarrInterpreter.cpp:
      (JSC::Yarr::Interpreter::allocDisjunctionContext):
      (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::ParenthesesDisjunctionContext):
      (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext): Standardized
      spacing for easy grep.
      
      Source/WebCore: 
      
      * bindings/js/JSImageConstructor.h:
      (WebCore::JSImageConstructor::create):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateConstructorDeclaration):
      * bridge/c/CRuntimeObject.h:
      (JSC::Bindings::CRuntimeObject::create):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::create):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaRuntimeMethod::create):
      * bridge/jni/jsc/JavaRuntimeObject.h:
      (JSC::Bindings::JavaRuntimeObject::create):
      * bridge/objc/ObjCRuntimeObject.h:
      (JSC::Bindings::ObjCRuntimeObject::create):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::create):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::create):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::create):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::create):
      * bridge/runtime_object.h:
      (JSC::Bindings::RuntimeObject::create):
      * dom/Document.h:
      (WebCore::FormElementKeyHashTraits::constructDeletedValue): Use NotNull
      placement new, as in JavaScriptCore.
      
      * platform/PODArena.h:
      (WebCore::PODArena::allocateObject): No need to check for NULL explicitly,
      since that's the built-in behavior of placement new.
      
      * platform/graphics/FontCache.cpp:
      (WebCore::FontDataCacheKeyTraits::constructDeletedValue):
      * platform/graphics/IntRectHash.h:
      * platform/graphics/IntSizeHash.h: More NotNull.
      
      * rendering/RenderObject.h: Declaring that we throw is the C++ way to say
      that operator new will not return NULL.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@103243 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      215589e0
  20. 16 Dec, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      De-virtualize destructors · c58d54d7
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=74331
      
      Reviewed by Geoffrey Garen.
      
      .: 
      
      * Source/autotools/symbols.filter: Removed symbol no longer present.
      
      Source/JavaScriptCore: 
      
      This is a megapatch which frees us from the chains of virtual destructors.
      
      In order to remove the virtual destructors, which are the last of the virtual 
      functions, from the JSCell hierarchy, we need to add the ClassInfo pointer to 
      the cell rather than to the structure because in order to be able to lazily call 
      the static destroy() functions that will replace the virtual destructors, we 
      need to be able to access the ClassInfo without the danger of the object's 
      Structure being collected before the object itself.
      
      After adding the ClassInfo to the cell, we can then begin to remove our use 
      of vptrs for optimizations within the JIT and the GC.  When we have removed 
      all of the stored vptrs from JSGlobalData, we can then also remove all of 
      the related VPtrStealingHack code.
      
      The replacement for virtual destructors will be to add a static destroy function 
      pointer to the MethodTable stored in ClassInfo.  Any subclass of JSCell that has 
      a non-trivial destructor will require its own static destroy function to static 
      call its corresponding destructor, which will now be non-virtual.  In future 
      patches we will slowly move away from destructors altogether as we make more and 
      more objects backed by GC memory rather than malloc-ed memory.  The GC will now 
      call the static destroy method rather than the virtual destructor.
      
      As we go through the hierarchy and add static destroy functions to classes, 
      we will also add a new assert, ASSERT_HAS_TRIVIAL_DESTRUCTOR, to those classes 
      to which it applies.  The future goal is to eventually have every class have that assert.
      
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::destroy): Add a destroy function to statically call 
      ~JSCallbackConstructor because it has some extra destruction logic.
      * API/JSCallbackConstructor.h:
      * API/JSCallbackFunction.cpp: Add trivial destructor assert for JSCallbackFunction.
      * API/JSCallbackObject.cpp: Add a destroy function to statically call ~JSCallbackObject 
      because it has a member OwnPtr that needs destruction.
      (JSC::::destroy):
      * API/JSCallbackObject.h:
      * JavaScriptCore.exp: Add/remove necessary symbols for JSC.
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Same for Windows symbols.
      * debugger/DebuggerActivation.cpp: DebuggerActivation, for some strange reason, didn't 
      have its own ClassInfo despite the fact that it overrides a number of MethodTable 
      methods.  Added the ClassInfo, along with an assertion that its destructor is trivial.
      * debugger/DebuggerActivation.h:
      * dfg/DFGOperations.cpp: Remove global data first argument to isJSArray, isJSByteArray, 
      isJSString, as it is no longer necessary.
      (JSC::DFG::putByVal):
      * dfg/DFGRepatch.cpp:  Ditto.  Also remove uses of jsArrayVPtr in favor of using the 
      JSArray ClassInfo pointer.
      (JSC::DFG::tryCacheGetByID):
      * dfg/DFGSpeculativeJIT.cpp:  Replace uses of the old vptrs with new ClassInfo 
      comparisons since we don't have vptrs anymore.
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
      (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
      (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
      (JSC::DFG::SpeculativeJIT::compileGetTypedArrayLength):
      (JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
      (JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray):
      (JSC::DFG::SpeculativeJIT::compare):
      (JSC::DFG::SpeculativeJIT::compileStrictEq):
      (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
      * dfg/DFGSpeculativeJIT.h: Ditto.
      (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject):
      * dfg/DFGSpeculativeJIT32_64.cpp: Ditto.
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::compileLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::emitBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp: Ditto.
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::compileLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::emitBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * heap/Heap.cpp: Remove all uses of vptrs in GC optimizations and replace them with 
      ClassInfo comparisons.
      (JSC::Heap::Heap):
      * heap/MarkStack.cpp: Ditto.
      (JSC::MarkStackThreadSharedData::markingThreadMain):
      (JSC::visitChildren):
      (JSC::SlotVisitor::drain):
      * heap/MarkStack.h: Ditto.
      (JSC::MarkStack::MarkStack):
      * heap/MarkedBlock.cpp: Ditto.
      (JSC::MarkedBlock::callDestructor):
      (JSC::MarkedBlock::specializedSweep):
      * heap/MarkedBlock.h: Ditto.
      * heap/SlotVisitor.h: Ditto.
      (JSC::SlotVisitor::SlotVisitor):
      * heap/VTableSpectrum.cpp: Now that we don't have vptrs, we can't count them.  
      We'll have to rename this class and make it use ClassInfo ptrs in a future patch.
      (JSC::VTableSpectrum::count):
      * interpreter/Interpreter.cpp: Remove all global data arguments from isJSArray, 
      etc. functions.
      (JSC::loadVarargs):
      (JSC::Interpreter::tryCacheGetByID):
      (JSC::Interpreter::privateExecute):
      * jit/JIT.h: Remove vptr argument from emitAllocateBasicJSObject 
      * jit/JITInlineMethods.h: Remove vptr planting, and add ClassInfo planting, 
      remove all vtable related code.
      (JSC::JIT::emitLoadCharacterString):
      (JSC::JIT::emitAllocateBasicJSObject):
      (JSC::JIT::emitAllocateJSFinalObject):
      (JSC::JIT::emitAllocateJSFunction):
      * jit/JITOpcodes.cpp: Replace vptr related branch code with corresponding ClassInfo.
      (JSC::JIT::privateCompileCTIMachineTrampolines):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emit_op_convert_this):
      * jit/JITOpcodes32_64.cpp: Ditto.
      (JSC::JIT::privateCompileCTIMachineTrampolines):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emitSlow_op_eq):
      (JSC::JIT::emitSlow_op_neq):
      (JSC::JIT::compileOpStrictEq):
      (JSC::JIT::emit_op_convert_this):
      * jit/JITPropertyAccess.cpp: Ditto.
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp: Ditto.
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITStubs.cpp: Remove global data argument from isJSString, etc.
      (JSC::JITThunks::tryCacheGetByID):
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/SpecializedThunkJIT.h: Replace vptr related stuff with ClassInfo stuff.
      (JSC::SpecializedThunkJIT::loadJSStringArgument):
      * runtime/ArrayConstructor.cpp: Add trivial destructor assert.
      * runtime/ArrayPrototype.cpp: Remove global data argument from isJSArray.
      (JSC::arrayProtoFuncToString):
      (JSC::arrayProtoFuncJoin):
      (JSC::arrayProtoFuncPop):
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncForEach):
      (JSC::arrayProtoFuncSome):
      (JSC::arrayProtoFuncReduce):
      (JSC::arrayProtoFuncReduceRight):
      * runtime/BooleanConstructor.cpp: Add trivial destructor assert.
      * runtime/BooleanObject.cpp: Ditto.
      * runtime/BooleanPrototype.cpp: Ditto.
      * runtime/ClassInfo.h: Add destroy function pointer to MethodTable.
      * runtime/DateConstructor.cpp: Add trivial destructor assert.
      * runtime/DateInstance.cpp: Add destroy function for DateInstance because it has a RefPtr 
      that needs destruction.
      (JSC::DateInstance::destroy):
      * runtime/DateInstance.h:
      * runtime/Error.cpp: Ditto (because of UString member).
      (JSC::StrictModeTypeErrorFunction::destroy):
      * runtime/Error.h:
      * runtime/ErrorConstructor.cpp: Add trivial destructor assert.
      * runtime/ErrorInstance.cpp: Ditto.
      * runtime/ExceptionHelpers.cpp: Ditto.
      * runtime/Executable.cpp: Add destroy functions for ExecutableBase and subclasses.
      (JSC::ExecutableBase::destroy):
      (JSC::NativeExecutable::destroy):
      (JSC::ScriptExecutable::destroy):
      (JSC::EvalExecutable::destroy):
      (JSC::ProgramExecutable::destroy):
      (JSC::FunctionExecutable::destroy):
      * runtime/Executable.h:
      * runtime/FunctionConstructor.cpp: Add trivial destructor assert.
      * runtime/FunctionPrototype.cpp: Ditto. Also remove global data first arg from isJSArray.
      (JSC::functionProtoFuncApply):
      * runtime/GetterSetter.cpp: Ditto.
      * runtime/InitializeThreading.cpp: Remove call to JSGlobalData::storeVPtrs since it no 
      longer exists.
      (JSC::initializeThreadingOnce):
      * runtime/InternalFunction.cpp: Remove vtableAnchor function, add trivial destructor assert, 
      remove first arg from isJSString.
      (JSC::InternalFunction::displayName):
      * runtime/InternalFunction.h: Remove VPtrStealingHack.
      * runtime/JSAPIValueWrapper.cpp: Add trivial destructor assert.
      * runtime/JSArray.cpp: Add static destroy to call ~JSArray.  Replace vptr checks in 
      destructor with ClassInfo checks.
      (JSC::JSArray::~JSArray):
      (JSC::JSArray::destroy):
      * runtime/JSArray.h: Remove VPtrStealingHack.  Remove globalData argument from isJSArray 
      and change them to check the ClassInfo rather than the vptrs.
      (JSC::isJSArray):
      * runtime/JSBoundFunction.cpp: Add trival destructor assert. Remove first arg from isJSArray.
      (JSC::boundFunctionCall):
      (JSC::boundFunctionConstruct):
      * runtime/JSByteArray.cpp: Add static destroy function, replace vptr checks with ClassInfo checks.
      (JSC::JSByteArray::~JSByteArray):
      (JSC::JSByteArray::destroy):
      * runtime/JSByteArray.h: Remove VPtrStealingHack code.
      (JSC::isJSByteArray):
      * runtime/JSCell.cpp: Add trivial destructor assert.  Add static destroy function.
      (JSC::JSCell::destroy):
      * runtime/JSCell.h: Remove VPtrStealingHack code.  Add function for returning the offset 
      of the ClassInfo pointer in the object for use by the JIT.  Add the ClassInfo pointer to 
      the JSCell itself, and grab it from the Structure.  Remove the vptr and setVPtr functions, 
      as they are no longer used.  Add a validatedClassInfo function to JSCell for any clients 
      that want to verify, while in Debug mode, that the ClassInfo contained in the cell is the 
      same one as that contained in the Structure.  This isn't used too often, because most of 
      the places where we compare the ClassInfo to things can be called during destruction.  
      Since the Structure is unreliable during the phase when destructors are being called, 
      we can't call validatedClassInfo.
      (JSC::JSCell::classInfoOffset):
      (JSC::JSCell::structure):
      (JSC::JSCell::classInfo):
      * runtime/JSFunction.cpp: Remove VPtrStealingHack code.  Add static destroy, remove vtableAnchor, 
      remove first arg from call to isJSString.
      (JSC::JSFunction::destroy):
      (JSC::JSFunction::displayName):
      * runtime/JSFunction.h: 
      * runtime/JSGlobalData.cpp: Remove all VPtr stealing code and storage, including storeVPtrs, 
      as these vptrs are no longer needed in the codebase.
      * runtime/JSGlobalData.h:
      (JSC::TypedArrayDescriptor::TypedArrayDescriptor): Changed the TypedArrayDescriptor to use 
      ClassInfo rather than the vptr.
      * runtime/JSGlobalObject.cpp: Add static destroy function.
      (JSC::JSGlobalObject::destroy):
      * runtime/JSGlobalObject.h:
      * runtime/JSGlobalThis.cpp: Add trivial destructor assert.
      * runtime/JSNotAnObject.cpp: Ditto.
      * runtime/JSONObject.cpp: Ditto. Remove first arg from isJSArray calls.
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::walk):
      * runtime/JSObject.cpp: 
      (JSC::JSFinalObject::destroy):
      (JSC::JSNonFinalObject::destroy):
      (JSC::JSObject::destroy):
      * runtime/JSObject.h: Add trivial destructor assert for JSObject, remove vtableAnchor 
      from JSNonFinalObject and JSFinalObject, add static destroy for JSFinalObject and 
      JSNonFinalObject, add isJSFinalObject utility function similar to isJSArray, remove all VPtrStealingHack code.
      (JSC::JSObject::finishCreation):
      (JSC::JSNonFinalObject::finishCreation):
      (JSC::JSFinalObject::finishCreation):
      (JSC::isJSFinalObject):
      * runtime/JSPropertyNameIterator.cpp: Add static destroy.
      (JSC::JSPropertyNameIterator::destroy):
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSStaticScopeObject.cpp: Ditto.
      (JSC::JSStaticScopeObject::destroy):
      * runtime/JSStaticScopeObject.h: Ditto. 
      * runtime/JSString.cpp:
      (JSC::JSString::destroy):
      * runtime/JSString.h: Ditto. Remove VPtrStealingHack code. Also remove fixupVPtr code, 
      since we no longer need to fixup vptrs.
      (JSC::jsSingleCharacterString):
      (JSC::jsSingleCharacterSubstring):
      (JSC::jsNontrivialString):
      (JSC::jsString):
      (JSC::jsSubstring8):
      (JSC::jsSubstring):
      (JSC::jsOwnedString):
      (JSC::jsStringBuilder):
      (JSC::isJSString):
      * runtime/JSVariableObject.cpp: 
      (JSC::JSVariableObject::destroy):
      * runtime/JSVariableObject.h: Ditto.
      * runtime/JSWrapperObject.cpp:
      * runtime/JSWrapperObject.h: Add trivial destructor assert.
      * runtime/MathObject.cpp: Ditto.
      * runtime/NativeErrorConstructor.cpp: Ditto.
      * runtime/NumberConstructor.cpp: Ditto.
      * runtime/NumberObject.cpp: Ditto.
      * runtime/NumberPrototype.cpp: Ditto.
      * runtime/ObjectConstructor.cpp: Ditto.
      * runtime/ObjectPrototype.cpp: Ditto.
      * runtime/Operations.h: Remove calls to fixupVPtr, remove first arg to isJSString.
      (JSC::jsString):
      (JSC::jsLess):
      (JSC::jsLessEq):
      * runtime/RegExp.cpp: Add static destroy.
      (JSC::RegExp::destroy):
      * runtime/RegExp.h:
      * runtime/RegExpConstructor.cpp: Add static destroy for RegExpConstructor and RegExpMatchesArray.
      (JSC::RegExpConstructor::destroy):
      (JSC::RegExpMatchesArray::destroy):
      * runtime/RegExpConstructor.h:
      * runtime/RegExpMatchesArray.h:
      * runtime/RegExpObject.cpp: Add static destroy.
      (JSC::RegExpObject::destroy):
      * runtime/RegExpObject.h:
      * runtime/ScopeChain.cpp: Add trivial destructor assert.
      * runtime/ScopeChain.h:
      * runtime/StrictEvalActivation.cpp: Ditto.
      * runtime/StringConstructor.cpp:
      * runtime/StringObject.cpp: Ditto. Remove vtableAnchor.
      * runtime/StringObject.h:
      * runtime/StringPrototype.cpp: Ditto.
      * runtime/Structure.cpp: Add static destroy.
      (JSC::Structure::destroy):
      * runtime/Structure.h: Move JSCell::finishCreation and JSCell constructor into Structure.h 
      because they need to have the full Structure type to access the ClassInfo to store in the JSCell.
      (JSC::JSCell::setStructure):
      (JSC::JSCell::validatedClassInfo):
      (JSC::JSCell::JSCell):
      (JSC::JSCell::finishCreation):
      * runtime/StructureChain.cpp: Add static destroy.
      (JSC::StructureChain::destroy):
      * runtime/StructureChain.h:
      * wtf/Assertions.h: Add new assertion ASSERT_HAS_TRIVIAL_DESTRUCTOR, which uses clangs 
      ability to tell us when a class has a trivial destructor. We will use this assert 
      more in future patches as we move toward having all JSC objects backed by GC memory, 
      which means moving away from using destructors/finalizers.
      
      Source/JavaScriptGlue: 
      
      * UserObjectImp.cpp: Add static destroy function.
      (UserObjectImp::destroy):
      * UserObjectImp.h:
      
      Source/WebCore: 
      
      No new tests.
      
      Doing everything here that was done to the JSCell hierarchy in JavaScriptCore. 
      See the ChangeLog for this commit for a more in-depth description.
      
      * WebCore.exp.in: Add/remove symbols.
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp: Remove first arg from isJSArray call.
      (WebCore::JSCanvasRenderingContext2D::setWebkitLineDash):
      * bindings/js/JSDOMBinding.cpp: Add trival destructor assert for DOMConstructorObject 
      and DOMConstructorWithDocument.
      * bindings/js/JSDOMGlobalObject.cpp: Add static destroy.  Add implementation for 
      scriptExecutionContext that dispatches to different functions in subclasses 
      depending on our current ClassInfo.  We do this so that we can get rid of the 
      virtual-ness of scriptExecutionContext, because any virtual functions will throw 
      off the layout of the object and we'll crash at runtime.
      (WebCore::JSDOMGlobalObject::destroy):
      (WebCore::JSDOMGlobalObject::scriptExecutionContext):
      * bindings/js/JSDOMGlobalObject.h:
      * bindings/js/JSDOMWindowBase.cpp: Add static destroy.
      (WebCore::JSDOMWindowBase::destroy):
      * bindings/js/JSDOMWindowBase.h: De-virtualize scriptExecutionContext.
      * bindings/js/JSDOMWindowShell.cpp: Add static destroy.
      (WebCore::JSDOMWindowShell::destroy):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/JSDOMWrapper.cpp: Add trivial destructor assert.
      * bindings/js/JSDOMWrapper.h: Add a ClassInfo to JSDOMWrapper since it now overrides 
      a MethodTable function. Remove vtableAnchor virtual function.
      * bindings/js/JSImageConstructor.cpp: Add trivial destructor assert.
      * bindings/js/JSNodeCustom.cpp: Change implementation of pushEventHandlerScope so that 
      it dispatches to the correct function depending on the 
      identity of the class as specified by the ClassInfo.  
      See JSDOMGlobalObject::scriptExecutionContext for explanation.
      (WebCore::JSNode::pushEventHandlerScope):
      * bindings/js/JSWebSocketCustom.cpp: Remove first arg to isJSArray call.
      (WebCore::JSWebSocketConstructor::constructJSWebSocket):
      * bindings/js/JSWorkerContextBase.cpp: Add static destroy.
      (WebCore::JSWorkerContextBase::destroy):
      * bindings/js/JSWorkerContextBase.h: 
      * bindings/js/ScriptValue.cpp: Remove first arg to isJSArray call.
      (WebCore::jsToInspectorValue): 
      * bindings/js/SerializedScriptValue.cpp: Ditto.
      (WebCore::CloneSerializer::isArray):
      (WebCore::CloneSerializer::getSparseIndex):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader): Remove virtual-ness of any custom pushEventHandlerScope (see 
      JSNodeCustom::pushEventHandlerScope for explanation).  Remove virtual toBoolean 
      for anybody who masquerades as undefined, since our JSObject implementation handles 
      this based on the TypeInfo in the Structure. Add trivial destructor assert for any 
      class other than DOMWindow or WorkerContexts.
      (GenerateImplementation): Change ClassInfo definitions to use Base::s_info, since 
      typing the parent class more than once is duplication of information and increases 
      the likelihood of mistakes.  Pass ClassInfo to TypeArrayDescriptors instead of vptr. 
      (GenerateConstructorDefinition): Add trivial destructor assert for all generated constructors.
      * bridge/c/CRuntimeObject.cpp: Remove empty virtual destructor.
      * bridge/c/CRuntimeObject.h: 
      * bridge/jni/jsc/JavaRuntimeObject.cpp: Ditto.
      * bridge/jni/jsc/JavaRuntimeObject.h: 
      * bridge/objc/ObjCRuntimeObject.h: Ditto.
      * bridge/objc/ObjCRuntimeObject.mm:
      * bridge/objc/objc_runtime.h: Add static destroy for ObjcFallbackObjectImp. De-virtualize 
      toBoolean in the short term.  Need longer term fix.
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::destroy):
      * bridge/qt/qt_runtime.cpp: Add static destroy to QtRuntimeMethod.
      (JSC::Bindings::QtRuntimeMethod::destroy):
      * bridge/qt/qt_runtime.h: De-virtualize ~QtRuntimeMethod.
      * bridge/runtime_array.cpp: De-virtualize destructor. Add static destroy.
      (JSC::RuntimeArray::destroy):
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp: Remove vtableAnchor. Add static destroy.
      (JSC::RuntimeMethod::destroy):
      * bridge/runtime_method.h:
      * bridge/runtime_object.cpp: Add static destroy.
      (JSC::Bindings::RuntimeObject::destroy):
      * bridge/runtime_object.h:
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/ProxyRuntimeObject.h: Remove empty virtual destructor.
      * Plugins/Hosted/ProxyRuntimeObject.mm:
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp: Add trivial destructor assert.
      * WebProcess/Plugins/Netscape/JSNPObject.cpp: Add static destroy.
      (WebKit::JSNPObject::destroy):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      * win/WebKit2.def: Add/remove necessary symbols.
      * win/WebKit2CFLite.def: Ditto.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@103083 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c58d54d7
  21. 16 Nov, 2011 2 commits
  22. 15 Nov, 2011 1 commit
    • ggaren@apple.com's avatar
      Removed a use of ArgList that baked in the assumption that arguments · f1944922
      ggaren@apple.com authored
      are forward in the regiter file.
      
      Reviewed by Sam Weinig.
      
      * dfg/DFGOperations.cpp:
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION): Use new API.
      
      * runtime/ArgList.cpp:
      (JSC::ArgList::getSlice): No need to provide an arbitrary constructor --
      getSlice can do the right thing by using its rights to private data.
      
      * runtime/ArgList.h: Removed constructor that took a forward-contiguous
      set of arguments.
      
      * runtime/JSArray.cpp:
      (JSC::JSArray::finishCreation):
      * runtime/JSArray.h:
      (JSC::JSArray::create):
      * runtime/JSGlobalObject.h:
      (JSC::constructArray): Added explicit support for creating an array from
      a pre-allocated set of values, so we could stop relying on the ArgList
      API we want to remove.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@100375 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f1944922
  23. 11 Nov, 2011 2 commits
    • mhahnenberg@apple.com's avatar
      De-virtualize supportsProfiling, supportsRichSourceInfo, shouldInterruptScript in JSGlobalObject · bc3cc922
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=72035
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      De-virtualized the methods through the use of a new method table just for JSGlobalObject and subclasses.
      
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * bytecompiler/BytecodeGenerator.cpp: Changed call sites to use the new GlobalObjectMethodTable.
      (JSC::BytecodeGenerator::BytecodeGenerator):
      * interpreter/Interpreter.cpp: Ditto.
      (JSC::Interpreter::execute):
      * runtime/JSGlobalObject.cpp: Added a static const GlobalObjectMethodTable with the correct function pointers.
      * runtime/JSGlobalObject.h: Added a field in JSGlobalObject to keep track of the current method table.
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::globalObjectMethodTable): The new struct to contain the function pointers.
      (JSC::JSGlobalObject::supportsProfiling): Made static to put in the method table.
      (JSC::JSGlobalObject::supportsRichSourceInfo): Ditto.
      (JSC::JSGlobalObject::shouldInterruptScript): Ditto.
      * runtime/TimeoutChecker.cpp: Changed call sites to use the new GlobalObjectMethodTable for lookup.
      (JSC::TimeoutChecker::didTimeOut):
      
      Source/WebCore: 
      
      No new tests.
      
      * bindings/js/JSDOMGlobalObject.cpp: Changed constructor to support passing new GlobalObjectMethodTable pointer to parent class.
      (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
      * bindings/js/JSDOMGlobalObject.h:
      * bindings/js/JSDOMWindowBase.cpp: Added static const GlobalObjectMethodTable and filled it in with the proper function pointers.
      (WebCore::JSDOMWindowBase::JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::supportsProfiling): Changed to static to put in the method table.
      (WebCore::JSDOMWindowBase::supportsRichSourceInfo): Ditto.
      (WebCore::JSDOMWindowBase::shouldInterruptScript): Ditto.
      * bindings/js/JSDOMWindowBase.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99997 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bc3cc922
    • mhahnenberg@apple.com's avatar
      De-virtualize JSGlobalObject::allowsAccessFrom · b895f407
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71969
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore: 
      
      * runtime/JSGlobalObject.h: Removed allowsAccessFrom from JSGlobalObject since it is exclusive to 
      JSDOMWindowBase and WebScriptObject.
      
      Source/WebCore: 
      
      No new tests.
      
      Since allowsAccessFrom is only used by WebScriptObject, we know that we'll always have a 
      JSDOMWindowBase, so we can simply have allowsAccessFrom to live in JSDOMWindowBase rather 
      than JSGlobalObject.
      
      * bindings/js/JSDOMWindowBase.h: De-virtualized allowsAccessFrom.
      * bindings/objc/WebScriptObject.mm:
      (-[WebScriptObject _isSafeScript]): Added a cast from a JSGlobalObject to a JSDOMWindowBase in 
      order to call the allowsAccessFrom method.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99993 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b895f407
  24. 09 Nov, 2011 3 commits
    • mhahnenberg@apple.com's avatar
      De-virtualize JSVariableObject::isDynamicScope · c3cab9ff
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71933
      
      Reviewed by Geoffrey Garen.
      
      * runtime/JSActivation.cpp:
      * runtime/JSActivation.h: Inlined and de-virtualized isDynamicScope
      (JSC::JSActivation::isDynamicScope):
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h: Inlined and de-virtualized isDynamicScope
      (JSC::JSGlobalObject::isDynamicScope):
      * runtime/JSStaticScopeObject.cpp:
      * runtime/JSStaticScopeObject.h: Inlined and de-virtualized isDynamicScope
      (JSC::JSStaticScopeObject::createStructure): Changed createStructure to use new JSType
      (JSC::JSStaticScopeObject::isDynamicScope):
      * runtime/JSType.h: Added new type for JSStaticScopeObject
      * runtime/JSVariableObject.cpp: De-virtualized and added an implementation that checks the
      object's type and calls the corresponding implementation.
      (JSC::JSVariableObject::isDynamicScope):
      * runtime/JSVariableObject.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99768 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c3cab9ff
    • mhahnenberg@apple.com's avatar
      De-virtualize JSGlobalObject::hasOwnPropertyForWrite · 4c972b5f
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71934
      
      Reviewed by Geoffrey Garen.
      
      * runtime/JSGlobalObject.h: Removed the virtual-ness of hasOwnPropertyForWrite since nobody overrides it.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99767 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4c972b5f
    • mhahnenberg@apple.com's avatar
      De-virtualize JSObject::getOwnPropertyDescriptor · 7f2f7e53
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71523
      
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      Added getOwnPropertyDescriptor to the MethodTable, changed all of the 
      virtual versions of getOwnPropertyDescriptor to static ones, and 
      changed all of the call sites to the corresponding lookup in the MethodTable.
      
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertyDescriptor):
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::getOwnPropertyDescriptor):
      * debugger/DebuggerActivation.h:
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertyDescriptor):
      * runtime/Arguments.h:
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::getOwnPropertyDescriptor):
      * runtime/ArrayConstructor.h:
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::getOwnPropertyDescriptor):
      * runtime/ArrayPrototype.h:
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::getOwnPropertyDescriptor):
      * runtime/BooleanPrototype.h:
      * runtime/ClassInfo.h:
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::getOwnPropertyDescriptor):
      * runtime/DateConstructor.h:
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::getOwnPropertyDescriptor):
      * runtime/DatePrototype.h:
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::getOwnPropertyDescriptor):
      * runtime/ErrorPrototype.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::getOwnPropertyDescriptor):
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::getOwnPropertyDescriptor):
      * runtime/JSByteArray.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::getOwnPropertyDescriptor):
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertyDescriptor):
      * runtime/JSFunction.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.h:
      * runtime/JSNotAnObject.cpp:
      (JSC::JSNotAnObject::getOwnPropertyDescriptor):
      * runtime/JSNotAnObject.h:
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::getOwnPropertyDescriptor):
      * runtime/JSONObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::vtableAnchor):
      (JSC::JSObject::propertyIsEnumerable):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::JSObject::getPropertyDescriptor):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      * runtime/JSString.cpp: Removed getOwnPropertyDescriptor, since this seems to be a relic from a 
      bygone era when getOwnPropertyDescriptor was rooted in JSCell rather than JSObject.  There were 
      no call sites for this version of getOwnPropertyDescriptor in the entire project.
      * runtime/JSString.h:
      * runtime/Lookup.h:
      (JSC::getStaticPropertyDescriptor):
      (JSC::getStaticFunctionDescriptor):
      (JSC::getStaticValueDescriptor):
      * runtime/MathObject.cpp:
      (JSC::MathObject::getOwnPropertyDescriptor):
      * runtime/MathObject.h:
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::getOwnPropertyDescriptor):
      * runtime/NumberConstructor.h:
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::getOwnPropertyDescriptor):
      * runtime/NumberPrototype.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::getOwnPropertyDescriptor):
      (JSC::objectConstructorGetOwnPropertyDescriptor):
      * runtime/ObjectConstructor.h:
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::getOwnPropertyDescriptor):
      * runtime/ObjectPrototype.h:
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::getOwnPropertyDescriptor):
      * runtime/RegExpConstructor.h:
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::getOwnPropertyDescriptor):
      * runtime/RegExpObject.h:
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::getOwnPropertyDescriptor):
      * runtime/RegExpPrototype.h:
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::getOwnPropertyDescriptor):
      * runtime/StringConstructor.h:
      * runtime/StringObject.cpp:
      (JSC::StringObject::vtableAnchor): Added to prevent a weak vtable.
      (JSC::StringObject::getOwnPropertyDescriptor):
      * runtime/StringObject.h:
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::getOwnPropertyDescriptor):
      * runtime/StringPrototype.h:
      
      Source/WebCore: 
      
      No new tests.
      
      Added getOwnPropertyDescriptor to the MethodTable, changed all of the 
      virtual versions of getOwnPropertyDescriptor to static ones, and 
      changed all of the call sites to the corresponding lookup in the MethodTable.
      
      * WebCore.exp.in:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertyDescriptor):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/JSWorkerContextCustom.cpp:
      (WebCore::JSWorkerContext::getOwnPropertyDescriptorDelegate):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateGetOwnPropertyDescriptorBody):
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorDefinition):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::getOwnPropertyDescriptor):
      (WebCore::JSTestInterface::getOwnPropertyDescriptor):
      * bindings/scripts/test/JS/JSTestInterface.h:
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertyDescriptor):
      (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertyDescriptor):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertyDescriptor):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::getOwnPropertyDescriptor):
      (WebCore::JSTestObjPrototype::getOwnPropertyDescriptor):
      (WebCore::JSTestObj::getOwnPropertyDescriptor):
      * bindings/scripts/test/JS/JSTestObj.h:
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertyDescriptor):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertyDescriptor):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertyDescriptor):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertyDescriptor):
      (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertyDescriptor):
      * bridge/qt/qt_runtime.h:
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::getOwnPropertyDescriptor):
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::vtableAnchor): Added to prevent a weak vtable.
      (JSC::RuntimeMethod::getOwnPropertyDescriptor):
      * bridge/runtime_method.h: Changed getOwnPropertyDescriptor from private to protected to allow 
      subclasses to use it in their MethodTables.
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::getOwnPropertyDescriptor):
      * bridge/runtime_object.h:
      
      Source/WebKit2: 
      
      Added getOwnPropertyDescriptor to the MethodTable, changed all of the 
      virtual versions of getOwnPropertyDescriptor to static ones, and 
      changed all of the call sites to the corresponding lookup in the MethodTable.
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::getOwnPropertyDescriptor):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99754 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7f2f7e53
  25. 07 Nov, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      De-virtualize JSObject::putWithAttributes · 14468028
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71716
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore:
      
      Added putWithAttributes to the MethodTable, changed all the virtual
      implementations of putWithAttributes to static ones, and replaced
      all call sites with corresponding lookups in the MethodTable.
      
      * API/JSObjectRef.cpp:
      (JSObjectSetProperty):
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::putWithAttributes):
      * debugger/DebuggerActivation.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      * runtime/ClassInfo.h:
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::putWithAttributes):
      * runtime/JSActivation.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::putWithAttributes):
      * runtime/JSCell.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::putWithAttributes):
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::putWithAttributes):
      (JSC::putDescriptor):
      * runtime/JSObject.h:
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::putWithAttributes):
      * runtime/JSStaticScopeObject.h:
      * runtime/JSVariableObject.cpp:
      (JSC::JSVariableObject::putWithAttributes):
      * runtime/JSVariableObject.h:
      
      Source/WebCore:
      
      No new tests.
      
      Added putWithAttributes to the MethodTable, changed all the virtual
      implementations of putWithAttributes to static ones, and replaced
      all call sites with corresponding lookups in the MethodTable.
      
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::putWithAttributes):
      * bindings/js/JSDOMWindowShell.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99497 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      14468028
  26. 01 Nov, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      De-virtualize JSObject::defineSetter · 84223e7c
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71303
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore:
      
      Added defineSetter to the MethodTable, changed all the virtual
      implementations of defineSetter to static ones, and replaced
      all call sites with corresponding lookups in the MethodTable.
      
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::defineSetter):
      * debugger/DebuggerActivation.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/ClassInfo.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::defineSetter):
      * runtime/JSCell.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::defineSetter):
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::defineSetter):
      (JSC::putDescriptor):
      * runtime/JSObject.h:
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncDefineSetter):
      
      Source/WebCore:
      
      No new tests.
      
      Added defineSetter to the MethodTable, changed all the virtual
      implementations of defineSetter to static ones, and replaced
      all call sites with corresponding lookups in the MethodTable.
      
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::defineSetter):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::defineSetter):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@99018 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      84223e7c
  27. 31 Oct, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      De-virtualize JSObject::defineGetter · 74958c7b
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=71134
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore:
      
      Added defineGetter to the MethodTable.  Replaced all virtual versions of defineGetter
      with static versions.  Replaced all call sites with lookups in the MethodTable.
      
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::defineGetter):
      * debugger/DebuggerActivation.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/ClassInfo.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::defineGetter):
      * runtime/JSCell.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::defineGetter):
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::defineGetter):
      (JSC::putDescriptor):
      * runtime/JSObject.h:
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncDefineGetter):
      
      Source/WebCore:
      
      No new tests.
      
      Added defineGetter to the MethodTable.  Replaced all virtual versions of defineGetter
      with static versions.  Replaced all call sites with lookups in the MethodTable.
      
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::defineGetter):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::defineGetter):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::defineGetter):
      (WebCore::JSLocationPrototype::defineGetter):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      
      Source/WebKit/qt:
      
      Added defineGetter to the MethodTable.  Replaced all virtual versions of defineGetter
      with static versions.  Replaced all call sites with lookups in the MethodTable.
      
      * Api/qwebframe.cpp:
      (QWebFramePrivate::addQtSenderToGlobalObject):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@98889 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      74958c7b
  28. 28 Oct, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      De-virtualize isGlobalObject, isVariableObject, isActivationObject, and isErrorInstance in JSObject · ebc08a81
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=70968
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackObject.cpp: Added two specializations for createStructure that use different JSTypes in their
      TypeInfo.  Had to also create a specialization for JSNonFinalObject, even JSGlobalObject was the only that 
      needed it because Windows wouldn't build without it.
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * runtime/ErrorInstance.h: Removed virtual function and changed JSType provided to TypeInfo in createStructure. 
      (JSC::ErrorInstance::createStructure):
      * runtime/ErrorPrototype.h: Ditto
      (JSC::ErrorPrototype::createStructure):
      * runtime/JSActivation.h: Ditto
      (JSC::JSActivation::createStructure):
      * runtime/JSGlobalObject.h: Ditto
      (JSC::JSGlobalObject::createStructure):
      * runtime/JSObject.h: De-virtualized functions.  They now check the JSType of the object for the corresponding type.
      (JSC::JSObject::isGlobalObject):
      (JSC::JSObject::isVariableObject):
      (JSC::JSObject::isActivationObject):
      (JSC::JSObject::isErrorInstance):
      * runtime/JSType.h: Added new types for GlobalObject, VariableObject, ActivationObject, and ErrorInstance.
      * runtime/JSVariableObject.cpp: Removed virtual function.
      * runtime/JSVariableObject.h: Changed JSType provided to TypeInfo in createStructure.
      (JSC::JSVariableObject::createStructure):
      
      Source/WebCore: 
      
      No new tests.
      
      * bindings/js/JSDOMGlobalObject.h: Changed JSType provided to TypeInfo in createStructure since this 
      class inherits from JSGlobalObject. 
      (WebCore::JSDOMGlobalObject::createStructure):
      * bindings/js/JSDOMWindowBase.h: Ditto
      (WebCore::JSDOMWindowBase::createStructure):
      * bindings/js/JSWorkerContextBase.h: Ditto
      (WebCore::JSWorkerContextBase::createStructure):
      * bindings/scripts/CodeGeneratorJS.pm: Added extra check to make sure subclasses of JSGlobalObject,
      namely JSDOMWindow and JSWorkerContext, get their special JSType in their createStructure function.
      (GenerateHeader):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@98747 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ebc08a81
  29. 26 Oct, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      Remove getOwnPropertySlotVirtual · 5c103b05
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=70741
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      Removed all declarations and definitions of getOwnPropertySlotVirtual.
      Also replaced all call sites to getOwnPropertyVirtualVirtual with a 
      corresponding lookup in the MethodTable.
      
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertyDescriptor):
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::getOwnPropertySlot):
      * debugger/DebuggerActivation.h:
      * runtime/Arguments.cpp:
      * runtime/Arguments.h:
      * runtime/ArrayConstructor.cpp:
      * runtime/ArrayConstructor.h:
      * runtime/ArrayPrototype.cpp:
      * runtime/ArrayPrototype.h:
      * runtime/BooleanPrototype.cpp:
      * runtime/BooleanPrototype.h:
      * runtime/DateConstructor.cpp:
      * runtime/DateConstructor.h:
      * runtime/DatePrototype.cpp:
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::create):
      * runtime/ErrorPrototype.cpp:
      * runtime/ErrorPrototype.h:
      * runtime/JSActivation.cpp:
      * runtime/JSActivation.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::getOwnPropertySlotByIndex):
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      * runtime/JSByteArray.h:
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::getOwnPropertyNames):
      (JSC::JSFunction::put):
      * runtime/JSFunction.h:
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h:
      * runtime/JSNotAnObject.cpp:
      * runtime/JSNotAnObject.h:
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::walk):
      * runtime/JSONObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::hasOwnProperty):
      * runtime/JSObject.h:
      (JSC::JSCell::fastGetOwnPropertySlot):
      (JSC::JSObject::getPropertySlot):
      (JSC::JSValue::get):
      * runtime/JSStaticScopeObject.cpp:
      * runtime/JSStaticScopeObject.h:
      * runtime/JSString.cpp:
      (JSC::JSString::getOwnPropertySlot):
      * runtime/JSString.h:
      * runtime/MathObject.cpp:
      * runtime/MathObject.h:
      (JSC::MathObject::create):
      * runtime/NumberConstructor.cpp:
      * runtime/NumberConstructor.h:
      * runtime/NumberPrototype.cpp:
      * runtime/NumberPrototype.h:
      * runtime/ObjectConstructor.cpp:
      * runtime/ObjectConstructor.h:
      * runtime/ObjectPrototype.cpp:
      * runtime/ObjectPrototype.h:
      * runtime/RegExpConstructor.cpp:
      * runtime/RegExpConstructor.h:
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      * runtime/RegExpObject.h:
      * runtime/RegExpPrototype.cpp:
      * runtime/RegExpPrototype.h:
      * runtime/StringConstructor.cpp:
      * runtime/StringConstructor.h:
      * runtime/StringObject.cpp:
      * runtime/StringObject.h:
      * runtime/StringPrototype.cpp:
      * runtime/StringPrototype.h:
      
      Source/JavaScriptGlue: 
      
      Removed all declarations and definitions of getOwnPropertySlotVirtual.
      Also replaced all call sites to getOwnPropertyVirtualVirtual with a 
      corresponding lookup in the MethodTable.
      
      * UserObjectImp.cpp:
      * UserObjectImp.h:
      
      Source/WebCore: 
      
      No new tests.
      
      Removed all declarations and definitions of getOwnPropertySlotVirtual.
      Also replaced all call sites to getOwnPropertyVirtualVirtual with a 
      corresponding lookup in the MethodTable.
      
      * WebCore.exp.in:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::DialogHandler::returnValue):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertySlot):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::getSparseIndex):
      (WebCore::CloneSerializer::getProperty):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorDefinition):
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      * bridge/qt/qt_runtime.cpp:
      * bridge/qt/qt_runtime.h:
      * bridge/runtime_array.cpp:
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp:
      * bridge/runtime_method.h:
      * bridge/runtime_object.cpp:
      * bridge/runtime_object.h:
      
      Source/WebKit2: 
      
      Removed all declarations and definitions of getOwnPropertySlotVirtual.
      Also replaced all call sites to getOwnPropertyVirtualVirtual with a 
      corresponding lookup in the MethodTable.
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@98501 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5c103b05
  30. 25 Oct, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      Remove putVirtual · 39512785
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=70740
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore:
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      * API/JSObjectRef.cpp:
      (JSObjectSetProperty):
      (JSObjectSetPropertyAtIndex):
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::put):
      * debugger/DebuggerActivation.h:
      * dfg/DFGOperations.cpp:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      * runtime/Arguments.cpp:
      * runtime/Arguments.h:
      * runtime/ArrayPrototype.cpp:
      (JSC::putProperty):
      (JSC::arrayProtoFuncConcat):
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncReverse):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSlice):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      * runtime/JSActivation.cpp:
      * runtime/JSActivation.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::putSlowCase):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      * runtime/JSByteArray.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::put):
      (JSC::JSCell::putByIndex):
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      * runtime/JSFunction.h:
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h:
      * runtime/JSNotAnObject.cpp:
      * runtime/JSNotAnObject.h:
      * runtime/JSONObject.cpp:
      (JSC::Walker::walk):
      * runtime/JSObject.cpp:
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      (JSC::JSValue::put):
      * runtime/JSStaticScopeObject.cpp:
      * runtime/JSStaticScopeObject.h:
      * runtime/ObjectPrototype.cpp:
      * runtime/ObjectPrototype.h:
      * runtime/RegExpConstructor.cpp:
      * runtime/RegExpConstructor.h:
      * runtime/RegExpMatchesArray.h:
      * runtime/RegExpObject.cpp:
      * runtime/RegExpObject.h:
      * runtime/StringObject.cpp:
      * runtime/StringObject.h:
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncSplit):
      
      Source/JavaScriptGlue:
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * JSValueWrapper.cpp:
      (JSValueWrapper::JSObjectSetProperty):
      * UserObjectImp.cpp:
      * UserObjectImp.h:
      
      Source/WebCore:
      
      No new tests.
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * WebCore.exp.in:
      * bindings/js/JSDOMWindowCustom.cpp:
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::put):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/JSPluginElementFunctions.cpp:
      (WebCore::runtimeObjectCustomPut):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::putProperty):
      * bindings/objc/WebScriptObject.mm:
      (-[WebScriptObject setValue:forKey:]):
      (-[WebScriptObject setWebScriptValueAtIndex:value:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      * bridge/NP_jsobject.cpp:
      (_NPN_SetProperty):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::setMember):
      (JavaJSObject::setSlot):
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::convertQVariantToValue):
      * bridge/runtime_array.cpp:
      * bridge/runtime_array.h:
      * bridge/runtime_object.cpp:
      * bridge/runtime_object.h:
      * bridge/testqtbindings.cpp:
      (main):
      
      Source/WebKit/efl:
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * ewk/ewk_view.cpp:
      (ewk_view_js_object_add):
      
      Source/WebKit/mac:
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::setProperty):
      
      Source/WebKit/qt:
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * Api/qwebframe.cpp:
      (QWebFrame::addToJavaScriptWindowObject):
      
      Source/WebKit2:
      
      Removed all declarations and definitions of putVirtual.
      Also replaced all call sites to putVirtual with a
      corresponding lookup in the MethodTable.
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::setProperty):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@98415 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      39512785
  31. 19 Oct, 2011 1 commit
    • barraclough@apple.com's avatar
      Poisoning of strict caller,arguments inappropriately poisoning "in" · 69e904a8
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=63398
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      This fixes the problem by correctly implementing the spec -
      the error should actually be being thrown from a standard JS getter/setter.
      This implements spec correct behaviour for strict mode JS functions & bound
      functions, I'll follow up with a patch to do the same for arguments.
      
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::finishCreation):
          - Add the poisoned caller/arguments properties.
      * runtime/JSBoundFunction.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::put):
          - If the caller/arguments are accessed on a strict mode function, lazily add the ThrowTypeError getter.
      * runtime/JSFunction.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::createThrowTypeError):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::throwTypeErrorGetterSetter):
          - Add a ThrowTypeError type, per ES5 13.2.3.
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncThrowTypeError):
      * runtime/JSGlobalObjectFunctions.h:
          - Implementation of ThrowTypeError.
      * runtime/JSObject.cpp:
      (JSC::JSObject::initializeGetterSetterProperty):
      * runtime/JSObject.h:
          - This function adds a new property (must not exist already) that is an initialized getter/setter.
      
      LayoutTests: 
      
      * fast/js/basic-strict-mode-expected.txt:
      * fast/js/script-tests/basic-strict-mode.js:
          - Add tests.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@97905 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      69e904a8
  32. 17 Oct, 2011 1 commit
    • rniwa@webkit.org's avatar
      Rename deregister* to unregister* · 87a7574a
      rniwa@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=70272
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore:
      
      Renamed deregisterWeakMap to unregisterWeakMap.
      
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::unregisterWeakMap):
      
      Source/WebCore:
      
      Renamed deregisterHandler to unregisterHandler.
      
      * inspector/front-end/ExtensionAPI.js:
      (injectedExtensionAPI.ExtensionServerClient.prototype.unregisterHandler):
      * inspector/front-end/ExtensionServer.js:
      (WebInspector.ExtensionServer.prototype._onSetOpenResourceHandler):
      * inspector/front-end/HandlerRegistry.js:
      (get WebInspector.HandlerRegistry.prototype.unregisterHandler):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@97706 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      87a7574a
  33. 14 Oct, 2011 1 commit
    • mhahnenberg@apple.com's avatar
      Rename getOwnPropertySlot to getOwnPropertySlotVirtual · f0418c85
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=69810
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      Renamed the virtual version of getOwnPropertySlot to getOwnPropertySlotVirtual
      in preparation for when we add the static getOwnPropertySlot to the MethodTable 
      in ClassInfo.
      
      Also added a few static getOwnPropertySlot functions where they had been overlooked 
      before (especially in CodeGeneratorJS.pm).
      
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlotVirtual):
      (JSC::::getOwnPropertySlot):
      (JSC::::getOwnPropertyDescriptor):
      (JSC::::staticFunctionGetter):
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::getOwnPropertySlotVirtual):
      (JSC::DebuggerActivation::getOwnPropertySlot):
      * debugger/DebuggerActivation.h:
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlotVirtual):
      (JSC::Arguments::getOwnPropertySlot):
      * runtime/Arguments.h:
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::getOwnPropertySlotVirtual):
      (JSC::ArrayConstructor::getOwnPropertySlot):
      * runtime/ArrayConstructor.h:
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::getOwnPropertySlotVirtual):
      * runtime/ArrayPrototype.h:
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::getOwnPropertySlotVirtual):
      * runtime/BooleanPrototype.h:
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::getOwnPropertySlotVirtual):
      * runtime/DateConstructor.h:
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::getOwnPropertySlotVirtual):
      * runtime/DatePrototype.h:
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::getOwnPropertySlotVirtual):
      * runtime/ErrorPrototype.h:
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::getOwnPropertySlotVirtual):
      * runtime/JSActivation.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::getOwnPropertySlotVirtual):
      (JSC::JSArray::getOwnPropertySlot):
      * runtime/JSArray.h:
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::getOwnPropertySlotVirtual):
      * runtime/JSBoundFunction.h:
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::getOwnPropertySlotVirtual):
      * runtime/JSByteArray.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::getOwnPropertySlotVirtual):
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertySlotVirtual):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::getOwnPropertyNames):
      (JSC::JSFunction::put):
      * runtime/JSFunction.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::getOwnPropertySlotVirtual):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::hasOwnPropertyForWrite):
      * runtime/JSNotAnObject.cpp:
      (JSC::JSNotAnObject::getOwnPropertySlotVirtual):
      * runtime/JSNotAnObject.h:
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::JSONObject::getOwnPropertySlotVirtual):
      (JSC::Walker::walk):
      * runtime/JSONObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::getOwnPropertySlotVirtual):
      (JSC::JSObject::getOwnPropertySlot):
      (JSC::JSObject::hasOwnProperty):
      * runtime/JSObject.h:
      (JSC::JSObject::getOwnPropertySlotVirtual):
      (JSC::JSCell::fastGetOwnPropertySlot):
      (JSC::JSObject::getPropertySlot):
      (JSC::JSValue::get):
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::getOwnPropertySlotVirtual):
      * runtime/JSStaticScopeObject.h:
      * runtime/JSString.cpp:
      (JSC::JSString::getOwnPropertySlotVirtual):
      (JSC::JSString::getOwnPropertySlot):
      * runtime/JSString.h:
      * runtime/Lookup.h:
      (JSC::getStaticPropertySlot):
      (JSC::getStaticFunctionSlot):
      (JSC::getStaticValueSlot):
      * runtime/MathObject.cpp:
      (JSC::MathObject::getOwnPropertySlotVirtual):
      * runtime/MathObject.h:
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::getOwnPropertySlotVirtual):
      * runtime/NumberConstructor.h:
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::getOwnPropertySlotVirtual):
      * runtime/NumberPrototype.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::getOwnPropertySlotVirtual):
      * runtime/ObjectConstructor.h:
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::getOwnPropertySlotVirtual):
      * runtime/ObjectPrototype.h:
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::getOwnPropertySlotVirtual):
      * runtime/RegExpConstructor.h:
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::getOwnPropertySlotVirtual):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::getOwnPropertySlotVirtual):
      * runtime/RegExpObject.h:
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::getOwnPropertySlotVirtual):
      * runtime/RegExpPrototype.h:
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::getOwnPropertySlotVirtual):
      * runtime/StringConstructor.h:
      * runtime/StringObject.cpp:
      (JSC::StringObject::getOwnPropertySlotVirtual):
      * runtime/StringObject.h:
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::getOwnPropertySlotVirtual):
      * runtime/StringPrototype.h:
      
      Source/JavaScriptGlue: 
      
      Renamed the virtual version of getOwnPropertySlot to getOwnPropertySlotVirtual
      in preparation for when we add the static getOwnPropertySlot to the MethodTable 
      in ClassInfo.
      
      Also added a few static getOwnPropertySlot functions where they had been overlooked 
      before (especially in CodeGeneratorJS.pm).
      
      * UserObjectImp.cpp:
      (UserObjectImp::getOwnPropertySlotVirtual):
      * UserObjectImp.h:
      
      Source/WebCore: 
      
      No new tests.
      
      Renamed the virtual version of getOwnPropertySlot to getOwnPropertySlotVirtual
      in preparation for when we add the static getOwnPropertySlot to the MethodTable 
      in ClassInfo.
      
      Also added a few static getOwnPropertySlot functions where they had been overlooked 
      before (especially in CodeGeneratorJS.pm).
      
      * WebCore.exp.in:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlotVirtual):
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::DialogHandler::returnValue):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertySlotVirtual):
      (WebCore::JSDOMWindowShell::getOwnPropertySlot):
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/JSWorkerContextCustom.cpp:
      (WebCore::JSWorkerContext::getOwnPropertySlotDelegate):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::getSparseIndex):
      (WebCore::CloneSerializer::getProperty):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateGetOwnPropertySlotBody):
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorDefinition):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::getOwnPropertySlotVirtual):
      (WebCore::JSTestInterfaceConstructor::getOwnPropertySlot):
      (WebCore::JSTestInterface::getOwnPropertySlotVirtual):
      (WebCore::JSTestInterface::getOwnPropertySlot):
      * bindings/scripts/test/JS/JSTestInterface.h:
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertySlotVirtual):
      (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertySlot):
      (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertySlotVirtual):
      (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertySlot):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertySlotVirtual):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::getOwnPropertySlotVirtual):
      (WebCore::JSTestObjConstructor::getOwnPropertySlot):
      (WebCore::JSTestObjPrototype::getOwnPropertySlotVirtual):
      (WebCore::JSTestObjPrototype::getOwnPropertySlot):
      (WebCore::JSTestObj::getOwnPropertySlotVirtual):
      (WebCore::JSTestObj::getOwnPropertySlot):
      * bindings/scripts/test/JS/JSTestObj.h:
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertySlotVirtual):
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertySlot):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlotVirtual):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlotVirtual):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtInstance::getOwnPropertySlot):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertySlotVirtual):
      (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertySlotVirtual):
      * bridge/qt/qt_runtime.h:
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::getOwnPropertySlotVirtual):
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::getOwnPropertySlotVirtual):
      * bridge/runtime_method.h:
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::getOwnPropertySlotVirtual):
      * bridge/runtime_object.h:
      
      Source/WebKit2: 
      
      Renamed the virtual version of getOwnPropertySlot to getOwnPropertySlotVirtual
      in preparation for when we add the static getOwnPropertySlot to the MethodTable 
      in ClassInfo.
      
      Also added a few static getOwnPropertySlot functions where they had been overlooked 
      before (especially in CodeGeneratorJS.pm).
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::getOwnPropertySlotVirtual):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@97537 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f0418c85