1. 05 Aug, 2013 2 commits
    • oliver@apple.com's avatar
      Move TypedArray implementation into JSC · df606084
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=119489
      
      Reviewed by Filip Pizlo.
      
      Source/JavaScriptCore:
      
      Move TypedArray implementation into JSC in advance of re-implementation
      
      * GNUmakefile.list.am:
      * JSCTypedArrayStubs.h:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * runtime/ArrayBuffer.cpp: Renamed from Source/WTF/wtf/ArrayBuffer.cpp.
      (JSC::ArrayBuffer::transfer):
      (JSC::ArrayBuffer::addView):
      (JSC::ArrayBuffer::removeView):
      * runtime/ArrayBuffer.h: Renamed from Source/WTF/wtf/ArrayBuffer.h.
      (JSC::ArrayBufferContents::ArrayBufferContents):
      (JSC::ArrayBufferContents::data):
      (JSC::ArrayBufferContents::sizeInBytes):
      (JSC::ArrayBufferContents::transfer):
      (JSC::ArrayBufferContents::copyTo):
      (JSC::ArrayBuffer::isNeutered):
      (JSC::ArrayBuffer::~ArrayBuffer):
      (JSC::ArrayBuffer::clampValue):
      (JSC::ArrayBuffer::create):
      (JSC::ArrayBuffer::createUninitialized):
      (JSC::ArrayBuffer::ArrayBuffer):
      (JSC::ArrayBuffer::data):
      (JSC::ArrayBuffer::byteLength):
      (JSC::ArrayBuffer::slice):
      (JSC::ArrayBuffer::sliceImpl):
      (JSC::ArrayBuffer::clampIndex):
      (JSC::ArrayBufferContents::tryAllocate):
      (JSC::ArrayBufferContents::~ArrayBufferContents):
      * runtime/ArrayBufferView.cpp: Renamed from Source/WTF/wtf/ArrayBufferView.cpp.
      (JSC::ArrayBufferView::ArrayBufferView):
      (JSC::ArrayBufferView::~ArrayBufferView):
      (JSC::ArrayBufferView::neuter):
      * runtime/ArrayBufferView.h: Renamed from Source/WTF/wtf/ArrayBufferView.h.
      (JSC::ArrayBufferView::buffer):
      (JSC::ArrayBufferView::baseAddress):
      (JSC::ArrayBufferView::byteOffset):
      (JSC::ArrayBufferView::setNeuterable):
      (JSC::ArrayBufferView::isNeuterable):
      (JSC::ArrayBufferView::verifySubRange):
      (JSC::ArrayBufferView::clampOffsetAndNumElements):
      (JSC::ArrayBufferView::setImpl):
      (JSC::ArrayBufferView::setRangeImpl):
      (JSC::ArrayBufferView::zeroRangeImpl):
      (JSC::ArrayBufferView::calculateOffsetAndLength):
      * runtime/Float32Array.h: Renamed from Source/WTF/wtf/Float32Array.h.
      (JSC::Float32Array::set):
      (JSC::Float32Array::getType):
      (JSC::Float32Array::create):
      (JSC::Float32Array::createUninitialized):
      (JSC::Float32Array::Float32Array):
      (JSC::Float32Array::subarray):
      * runtime/Float64Array.h: Renamed from Source/WTF/wtf/Float64Array.h.
      (JSC::Float64Array::set):
      (JSC::Float64Array::getType):
      (JSC::Float64Array::create):
      (JSC::Float64Array::createUninitialized):
      (JSC::Float64Array::Float64Array):
      (JSC::Float64Array::subarray):
      * runtime/Int16Array.h: Renamed from Source/WTF/wtf/Int16Array.h.
      (JSC::Int16Array::getType):
      (JSC::Int16Array::create):
      (JSC::Int16Array::createUninitialized):
      (JSC::Int16Array::Int16Array):
      (JSC::Int16Array::subarray):
      * runtime/Int32Array.h: Renamed from Source/WTF/wtf/Int32Array.h.
      (JSC::Int32Array::getType):
      (JSC::Int32Array::create):
      (JSC::Int32Array::createUninitialized):
      (JSC::Int32Array::Int32Array):
      (JSC::Int32Array::subarray):
      * runtime/Int8Array.h: Renamed from Source/WTF/wtf/Int8Array.h.
      (JSC::Int8Array::getType):
      (JSC::Int8Array::create):
      (JSC::Int8Array::createUninitialized):
      (JSC::Int8Array::Int8Array):
      (JSC::Int8Array::subarray):
      * runtime/IntegralTypedArrayBase.h: Renamed from Source/WTF/wtf/IntegralTypedArrayBase.h.
      (JSC::IntegralTypedArrayBase::set):
      (JSC::IntegralTypedArrayBase::IntegralTypedArrayBase):
      * runtime/TypedArrayBase.h: Renamed from Source/WTF/wtf/TypedArrayBase.h.
      (JSC::TypedArrayBase::data):
      (JSC::TypedArrayBase::set):
      (JSC::TypedArrayBase::setRange):
      (JSC::TypedArrayBase::zeroRange):
      (JSC::TypedArrayBase::length):
      (JSC::TypedArrayBase::byteLength):
      (JSC::TypedArrayBase::item):
      (JSC::TypedArrayBase::checkInboundData):
      (JSC::TypedArrayBase::TypedArrayBase):
      (JSC::TypedArrayBase::create):
      (JSC::TypedArrayBase::createUninitialized):
      (JSC::TypedArrayBase::subarrayImpl):
      (JSC::TypedArrayBase::neuter):
      * runtime/Uint16Array.h: Renamed from Source/WTF/wtf/Uint16Array.h.
      (JSC::Uint16Array::getType):
      (JSC::Uint16Array::create):
      (JSC::Uint16Array::createUninitialized):
      (JSC::Uint16Array::Uint16Array):
      (JSC::Uint16Array::subarray):
      * runtime/Uint32Array.h: Renamed from Source/WTF/wtf/Uint32Array.h.
      (JSC::Uint32Array::getType):
      (JSC::Uint32Array::create):
      (JSC::Uint32Array::createUninitialized):
      (JSC::Uint32Array::Uint32Array):
      (JSC::Uint32Array::subarray):
      * runtime/Uint8Array.h: Renamed from Source/WTF/wtf/Uint8Array.h.
      (JSC::Uint8Array::getType):
      (JSC::Uint8Array::create):
      (JSC::Uint8Array::createUninitialized):
      (JSC::Uint8Array::Uint8Array):
      (JSC::Uint8Array::subarray):
      * runtime/Uint8ClampedArray.h: Renamed from Source/WTF/wtf/Uint8ClampedArray.h.
      (JSC::Uint8ClampedArray::getType):
      (JSC::Uint8ClampedArray::create):
      (JSC::Uint8ClampedArray::createUninitialized):
      (JSC::Uint8ClampedArray::zeroFill):
      (JSC::Uint8ClampedArray::set):
      (JSC::Uint8ClampedArray::Uint8ClampedArray):
      (JSC::Uint8ClampedArray::subarray):
      * runtime/VM.h:
      
      Source/WebCore:
      
      Update WebCore for new location of TypedArray implementation.
      
      * ForwardingHeaders/runtime/ArrayBuffer.h: Added.
      * ForwardingHeaders/runtime/ArrayBufferView.h: Added.
      * ForwardingHeaders/runtime/Float32Array.h: Added.
      * ForwardingHeaders/runtime/Float64Array.h: Added.
      * ForwardingHeaders/runtime/Int16Array.h: Added.
      * ForwardingHeaders/runtime/Int32Array.h: Added.
      * ForwardingHeaders/runtime/Int8Array.h: Added.
      * ForwardingHeaders/runtime/IntegralTypedArrayBase.h: Added.
      * ForwardingHeaders/runtime/TypedArrayBase.h: Added.
      * ForwardingHeaders/runtime/Uint16Array.h: Added.
      * ForwardingHeaders/runtime/Uint32Array.h: Added.
      * ForwardingHeaders/runtime/Uint8Array.h: Added.
      * ForwardingHeaders/runtime/Uint8ClampedArray.h: Added.
      * Modules/webaudio/AnalyserNode.h:
      (WebCore::AnalyserNode::getFloatFrequencyData):
      (WebCore::AnalyserNode::getByteFrequencyData):
      (WebCore::AnalyserNode::getByteTimeDomainData):
      * Modules/webaudio/AsyncAudioDecoder.cpp:
      * Modules/webaudio/AsyncAudioDecoder.h:
      (WebCore::AsyncAudioDecoder::DecodingTask::audioData):
      * Modules/webaudio/AudioBuffer.h:
      * Modules/webaudio/AudioContext.cpp:
      * Modules/webaudio/AudioParam.h:
      * Modules/webaudio/AudioParamTimeline.h:
      * Modules/webaudio/PeriodicWave.h:
      * Modules/webaudio/RealtimeAnalyser.cpp:
      * Modules/webaudio/RealtimeAnalyser.h:
      * Modules/webaudio/ScriptProcessorNode.cpp:
      * Modules/webaudio/WaveShaperProcessor.h:
      * Modules/websockets/ThreadableWebSocketChannel.h:
      * Modules/websockets/WebSocket.cpp:
      * Modules/websockets/WebSocket.h:
      * Modules/websockets/WebSocketChannel.cpp:
      * Modules/websockets/WebSocketChannel.h:
      * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
      * Modules/websockets/WorkerThreadableWebSocketChannel.h:
      * WebCore.exp.in:
      * bindings/js/JSArrayBufferCustom.cpp:
      * bindings/js/JSArrayBufferViewHelper.h:
      * bindings/js/JSAudioContextCustom.cpp:
      * bindings/js/JSCryptoCustom.cpp:
      * bindings/js/JSDictionary.h:
      * bindings/js/JSFileReaderCustom.cpp:
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::SerializedScriptValue::transferArrayBuffers):
      * bindings/js/SerializedScriptValue.h:
      * bindings/scripts/CodeGeneratorJS.pm:
      (AddIncludesForType):
      (GenerateHeader):
      (NativeToJSValue):
      * dom/MessageEvent.h:
      * fileapi/FileReader.cpp:
      * fileapi/FileReader.h:
      * fileapi/FileReaderLoader.cpp:
      * fileapi/FileReaderLoader.h:
      * fileapi/FileReaderSync.cpp:
      * fileapi/FileReaderSync.h:
      * fileapi/WebKitBlobBuilder.cpp:
      * fileapi/WebKitBlobBuilder.h:
      * html/HTMLMediaElement.cpp:
      * html/ImageData.h:
      * html/canvas/ArrayBuffer.idl:
      * html/canvas/ArrayBufferView.idl:
      * html/canvas/CanvasRenderingContext2D.cpp:
      * html/canvas/DataView.h:
      * html/canvas/Float32Array.idl:
      * html/canvas/Float64Array.idl:
      * html/canvas/Int16Array.idl:
      * html/canvas/Int32Array.idl:
      * html/canvas/Int8Array.idl:
      * html/canvas/Uint16Array.idl:
      * html/canvas/Uint32Array.idl:
      * html/canvas/Uint8Array.idl:
      * html/canvas/Uint8ClampedArray.idl:
      * html/canvas/WebGLBuffer.h:
      (WebCore::WebGLBuffer::elementArrayBuffer):
      * html/canvas/WebGLGetInfo.cpp:
      * html/canvas/WebGLGetInfo.h:
      * html/canvas/WebGLRenderingContext.cpp:
      * html/canvas/WebGLRenderingContext.h:
      * inspector/InspectorMemoryAgent.cpp:
      * page/Crypto.cpp:
      * page/Crypto.h:
      * platform/graphics/GraphicsContext3D.cpp:
      * platform/graphics/ImageBuffer.h:
      * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
      * platform/graphics/cg/ImageBufferDataCG.h:
      * platform/graphics/filters/FEBlend.cpp:
      * platform/graphics/filters/FEColorMatrix.cpp:
      * platform/graphics/filters/FEComponentTransfer.cpp:
      * platform/graphics/filters/FEComposite.cpp:
      * platform/graphics/filters/FEConvolveMatrix.cpp:
      * platform/graphics/filters/FECustomFilter.cpp:
      * platform/graphics/filters/FEDisplacementMap.cpp:
      * platform/graphics/filters/FEDropShadow.cpp:
      * platform/graphics/filters/FEGaussianBlur.cpp:
      * platform/graphics/filters/FELighting.h:
      * platform/graphics/filters/FEMorphology.cpp:
      * platform/graphics/filters/FETurbulence.cpp:
      * platform/graphics/filters/FilterEffect.cpp:
      * platform/graphics/filters/FilterEffect.h:
      * platform/graphics/mac/GraphicsContext3DMac.mm:
      * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
      * testing/Internals.h:
      * xml/XMLHttpRequest.cpp:
      * xml/XMLHttpRequest.h:
      (WebCore::XMLHttpRequest::optionalResponseArrayBuffer):
      
      Source/WTF:
      
      Remove TypedArray implementation from WTF
      
      * GNUmakefile.list.am:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/Forward.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153728 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      df606084
    • fpizlo@apple.com's avatar
      Copied space should be able to handle more than one copied backing store per JSCell · 05937580
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=119471
      
      Reviewed by Mark Hahnenberg.
              
      This allows a cell to call copyLater() multiple times for multiple different
      backing stores, and then have copyBackingStore() called exactly once for each
      of those. A token tells it which backing store to copy. All backing stores
      must be named using the CopyToken, an enumeration which currently cannot
      exceed eight entries.
              
      When copyBackingStore() is called, it's up to the callee to (a) use the token
      to decide what to copy and (b) call its base class's copyBackingStore() in
      case the base class had something that needed copying. The only exception is
      that JSCell never asks anything to be copied, and so if your base is JSCell
      then you don't have to do anything.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/CopiedBlock.h:
      * heap/CopiedBlockInlines.h:
      (JSC::CopiedBlock::reportLiveBytes):
      * heap/CopyToken.h: Added.
      * heap/CopyVisitor.cpp:
      (JSC::CopyVisitor::copyFromShared):
      * heap/CopyVisitor.h:
      * heap/CopyVisitorInlines.h:
      (JSC::CopyVisitor::visitItem):
      * heap/CopyWorkList.h:
      (JSC::CopyWorklistItem::CopyWorklistItem):
      (JSC::CopyWorklistItem::cell):
      (JSC::CopyWorklistItem::token):
      (JSC::CopyWorkListSegment::get):
      (JSC::CopyWorkListSegment::append):
      (JSC::CopyWorkListSegment::data):
      (JSC::CopyWorkListIterator::get):
      (JSC::CopyWorkListIterator::operator*):
      (JSC::CopyWorkListIterator::operator->):
      (JSC::CopyWorkList::append):
      * heap/SlotVisitor.h:
      * heap/SlotVisitorInlines.h:
      (JSC::SlotVisitor::copyLater):
      * runtime/ClassInfo.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::copyBackingStore):
      * runtime/JSCell.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::copyBackingStore):
      * runtime/JSObject.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153720 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      05937580
  2. 30 Jul, 2013 1 commit
    • carlosgc@webkit.org's avatar
      Unreviewed. Fix make distcheck. · 13f6daf2
      carlosgc@webkit.org authored
      Source/JavaScriptCore:
      
      * GNUmakefile.list.am: Add missing files to compilation.
      * bytecode/CodeBlock.cpp: Add a ENABLE(FTL_JIT) #if block to
      include FTL header files not included in the compilation.
      * dfg/DFGDriver.cpp: Ditto.
      * dfg/DFGPlan.cpp: Ditto.
      
      Source/ThirdParty/ANGLE:
      
      * GNUmakefile.am: Add missing header files to compilation.
      
      Source/WebCore:
      
      * GNUmakefile.list.am: Add missing header file to compilation.
      
      Source/WebKit2:
      
      * GNUmakefile.list.am: Add missing header file to compilation.
      
      Source/WTF:
      
      * GNUmakefile.list.am: Add missing files to compilation.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153460 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      13f6daf2
  3. 25 Jul, 2013 5 commits
  4. 24 Jul, 2013 9 commits
    • oliver@apple.com's avatar
      fourthTier: Refactor ObjCCallbackFunction to inherit directly from InternalFunction · 5109edb6
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=117595
      
      Reviewed by Geoffrey Garen.
      
      * API/APICallbackFunction.h: Added. New struct that allows JSCallbackFunction and
      ObjCCallbackFunction to share their host call() implementation through the magic of
      templates.
      (JSC::APICallbackFunction::call):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::getCallData): Changed to get the template-ized version of
      the host function.
      * API/JSCallbackFunction.h:
      * API/ObjCCallbackFunction.h: Now inherits directly from InternalFunction.
      * API/ObjCCallbackFunction.mm:
      (JSC::ObjCCallbackFunction::ObjCCallbackFunction):
      (JSC::ObjCCallbackFunction::getCallData): Ditto.
      * GNUmakefile.list.am: Build files!
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153233 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5109edb6
    • oliver@apple.com's avatar
      fourthTier: Re-worked non-local variable resolution · 58c86752
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=117375
      
      Reviewed by Filip Pizlo.
      
      Source/JavaScriptCore:
      
      This patch has two goals:
      
      (1) Simplicity.
      
          * Net removes 15 opcodes.
          * Net removes 2,000 lines of code.
          * Removes setPair() from the DFG: All DFG nodes have 1 result register now.
      
      (2) Performance.
      
          * 2%-3% speedup on SunSpider (20% in LLInt and Baseline JIT)
          * 2% speedup on v8-spider
          * 10% speedup on js-regress-hashmap*
          * Amusing 2X speedup on js-regress-poly-stricteq
      
      The bytecode now separates the scope chain resolution opcode from the
      scope access opcode.
      
          OLD:
              get_scoped_var  r0, 1, 0
              inc             r0
              put_scoped_var  1, 0, r0
      
          NEW:
              resolve_scope   r0, x(@id0)
              get_from_scope  r1, r0, x(@id0)
              inc             r1
              put_to_scope    r0, x(@id0), r1
      
      Also, we link non-local variable resolution opcodes at CodeBlock link
      time instead of time of first opcode execution.
      
      This means that we can represent all possible non-local variable
      resolutions using just three opcodes, and any optimizations in these
      opcodes naturally apply across-the-board.
      
      * API/JSCTestRunnerUtils.cpp:
      (JSC::numberOfDFGCompiles):
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.order:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri: Build!
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpBytecode): Updated for removed things.
      
      (JSC::CodeBlock::CodeBlock): Always provide the full scope chain when
      creating a CodeBlock, so we can perform non-local variable resolution.
      
      Added code to perform linking for these opcodes. This is where we figure
      out which non-local variable resolutions are optimizable, and how.
      
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::noticeIncomingCall):
      (JSC::CodeBlock::optimizeAfterWarmUp):
      (JSC::CodeBlock::optimizeAfterLongWarmUp):
      (JSC::CodeBlock::optimizeSoon): Updated for removed things.
      
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::needsActivation):
      (JSC::GlobalCodeBlock::GlobalCodeBlock):
      (JSC::ProgramCodeBlock::ProgramCodeBlock):
      (JSC::EvalCodeBlock::EvalCodeBlock):
      (JSC::FunctionCodeBlock::FunctionCodeBlock):
      * bytecode/EvalCodeCache.h:
      (JSC::EvalCodeCache::getSlow): Updated for interface changes.
      
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFor): Treat global object access as
      optimizable even though the global object has a custom property access
      callback. This is what we've always done since, otherwise, we can't
      optimize globals. (In future, we probably want to figure out a more
      targeted policy than "any property access callback means no
      optimization".)
      
      * bytecode/GlobalResolveInfo.h: Removed.
      * bytecode/Instruction.h:
      * bytecode/Opcode.h:
      (JSC::padOpcodeName):
      
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFor): Like GetByIdStatus.
      
      * bytecode/ResolveGlobalStatus.cpp: Removed.
      * bytecode/ResolveGlobalStatus.h: Removed.
      * bytecode/ResolveOperation.h: Removed.
      
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::generateFunctionCodeBlock):
      (JSC::UnlinkedFunctionExecutable::codeBlockFor):
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h: Don't provide a scope chain to unlinked
      code blocks. Giving a scope to an unscoped compilation unit invites
      programming errors.
      
      * bytecode/Watchpoint.h:
      (JSC::WatchpointSet::addressOfIsInvalidated):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::resolveCallee):
      (JSC::BytecodeGenerator::local):
      (JSC::BytecodeGenerator::constLocal):
      (JSC::BytecodeGenerator::resolveType):
      (JSC::BytecodeGenerator::emitResolveScope):
      (JSC::BytecodeGenerator::emitGetFromScope):
      (JSC::BytecodeGenerator::emitPutToScope):
      (JSC::BytecodeGenerator::emitInstanceOf):
      (JSC::BytecodeGenerator::emitPushWithScope):
      (JSC::BytecodeGenerator::emitPopScope):
      (JSC::BytecodeGenerator::pushFinallyContext):
      (JSC::BytecodeGenerator::emitComplexPopScopes):
      (JSC::BytecodeGenerator::popTryAndEmitCatch):
      (JSC::BytecodeGenerator::emitPushNameScope):
      (JSC::BytecodeGenerator::isArgumentNumber):
      * bytecompiler/BytecodeGenerator.h:
      (JSC::Local::Local):
      (JSC::Local::operator bool):
      (JSC::Local::get):
      (JSC::Local::isReadOnly):
      (JSC::BytecodeGenerator::scopeDepth):
      (JSC::BytecodeGenerator::shouldOptimizeLocals):
      (JSC::BytecodeGenerator::canOptimizeNonLocals): Refactored the bytecode
      generator to resolve all variables within local scope, as if there
      were no non-local scope. This helps provide a separation of concerns:
      unlinked bytecode is always scope-free, and the linking stage links
      in the provided scope.
      
      * bytecompiler/NodesCodegen.cpp:
      (JSC::ResolveNode::isPure):
      (JSC::ResolveNode::emitBytecode):
      (JSC::EvalFunctionCallNode::emitBytecode):
      (JSC::FunctionCallResolveNode::emitBytecode):
      (JSC::PostfixNode::emitResolve):
      (JSC::DeleteResolveNode::emitBytecode):
      (JSC::TypeOfResolveNode::emitBytecode):
      (JSC::PrefixNode::emitResolve):
      (JSC::ReadModifyResolveNode::emitBytecode):
      (JSC::AssignResolveNode::emitBytecode):
      (JSC::ConstDeclNode::emitCodeSingle):
      (JSC::ForInNode::emitBytecode): A bunch of this codegen is no longer
      necessary, since it's redundant with the linking stage.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::executeEffects):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::cellConstantWithStructureCheck):
      (JSC::DFG::ByteCodeParser::handlePutByOffset):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::parseBlock): Updated for interface changes.
      Notably, we can reuse existing DFG nodes -- but the mapping between
      bytecode and DFG nodes has changed, and some nodes and corner cases have
      been removed.
      
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::scopedVarLoadElimination):
      (JSC::DFG::CSEPhase::varInjectionWatchpointElimination):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::scopedVarStoreElimination):
      (JSC::DFG::CSEPhase::getLocalLoadElimination):
      (JSC::DFG::CSEPhase::setLocalStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE): Added CSE for var injection
      watchpoints. Even though watchpoints are "free", they're quite common
      inside code that's subject to var injection, so I figured we'd save a
      little memory.
      
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::capabilityLevel):
      * dfg/DFGCapabilities.h: Removed detection for old forms.
      
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      * dfg/DFGGraph.h:
      * dfg/DFGJITCode.cpp:
      * dfg/DFGNode.h:
      (JSC::DFG::Node::convertToStructureTransitionWatchpoint):
      (JSC::DFG::Node::hasVarNumber):
      (JSC::DFG::Node::hasIdentifierNumberForCheck):
      (JSC::DFG::Node::hasRegisterPointer):
      (JSC::DFG::Node::hasHeapPrediction):
      * dfg/DFGNodeType.h:
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGRepatch.h:
      (JSC::DFG::dfgResetGetByID):
      (JSC::DFG::dfgResetPutByID):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation): Removed some unneeded things,
      and updated for renames.
      
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): The two primary changes here are:
      
      (1) Use a watchpoint for var injection instead of looping over the scope
      chain and checking. This is more efficient and much easier to model in
      code generation.
      
      (2) I've eliminated the notion of an optimized global assignment that
      needs to check for whether it should fire a watchpiont. Instead, we
      fire pre-emptively at the point of optimization. This removes a bunch
      of edge cases, and it seems like a more honest representation of
      the fact that our new optimization contradicts our old one.
      
      * dfg/DFGTypeCheckHoistingPhase.cpp:
      (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
      (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
      * heap/DFGCodeBlocks.cpp:
      (JSC::DFGCodeBlocks::jettison):
      * interpreter/CallFrame.h:
      (JSC::ExecState::trueCallFrame): Removed stuff that's unused now, and
      fixed the build.
      
      * interpreter/Interpreter.cpp:
      (JSC::eval):
      (JSC::getBytecodeOffsetForCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::throwException): Updated exception scope tracking
      to match the rest of our linking strategy: The unlinked bytecode compiles
      exception scope as if non-local scope did not exist, and we add in
      non-local scope at link time. This means that we can restore the right
      scope depth based on a simple number, without checking the contents of
      the scope chain.
      
      (JSC::Interpreter::execute): Make sure to establish the full scope chain
      before linking eval code. We now require the full scope chain at link
      time, in order to link non-local variable resolution opcodes.
      
      * jit/JIT.cpp:
      (JSC::JIT::JIT):
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * jit/JIT.h:
      * jit/JITArithmetic.cpp:
      (JSC::JIT::emit_op_add):
      * jit/JITCode.cpp:
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emitSlow_op_bitxor):
      (JSC::JIT::emitSlow_op_bitor):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emitSlow_op_to_primitive):
      (JSC::JIT::emit_op_strcat):
      (JSC::JIT::emitSlow_op_create_this):
      (JSC::JIT::emitSlow_op_to_this):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emitVarInjectionCheck):
      (JSC::JIT::emitResolveClosure):
      (JSC::JIT::emit_op_resolve_scope):
      (JSC::JIT::emitSlow_op_resolve_scope):
      (JSC::JIT::emitLoadWithStructureCheck):
      (JSC::JIT::emitGetGlobalProperty):
      (JSC::JIT::emitGetGlobalVar):
      (JSC::JIT::emitGetClosureVar):
      (JSC::JIT::emit_op_get_from_scope):
      (JSC::JIT::emitSlow_op_get_from_scope):
      (JSC::JIT::emitPutGlobalProperty):
      (JSC::JIT::emitPutGlobalVar):
      (JSC::JIT::emitPutClosureVar):
      (JSC::JIT::emit_op_put_to_scope):
      (JSC::JIT::emitSlow_op_put_to_scope):
      (JSC::JIT::emit_op_init_global_const):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emitVarInjectionCheck):
      (JSC::JIT::emitResolveClosure):
      (JSC::JIT::emit_op_resolve_scope):
      (JSC::JIT::emitSlow_op_resolve_scope):
      (JSC::JIT::emitLoadWithStructureCheck):
      (JSC::JIT::emitGetGlobalProperty):
      (JSC::JIT::emitGetGlobalVar):
      (JSC::JIT::emitGetClosureVar):
      (JSC::JIT::emit_op_get_from_scope):
      (JSC::JIT::emitSlow_op_get_from_scope):
      (JSC::JIT::emitPutGlobalProperty):
      (JSC::JIT::emitPutGlobalVar):
      (JSC::JIT::emitPutClosureVar):
      (JSC::JIT::emit_op_put_to_scope):
      (JSC::JIT::emitSlow_op_put_to_scope):
      (JSC::JIT::emit_op_init_global_const):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JITStubs.h: Re-wrote baseline JIT codegen for our new variable
      resolution model.
      
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntSlowPaths.cpp:
      * llint/LLIntSlowPaths.h:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm: Ditto for LLInt.
      
      * offlineasm/x86.rb: Fixed a pre-existing encoding bug for a syntactic
      form that we never used before.
      
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncToString):
      (JSC::arrayProtoFuncToLocaleString):
      (JSC::arrayProtoFuncJoin):
      (JSC::arrayProtoFuncConcat):
      (JSC::arrayProtoFuncPop):
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncReverse):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSlice):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncForEach):
      (JSC::arrayProtoFuncSome):
      (JSC::arrayProtoFuncReduce):
      (JSC::arrayProtoFuncReduceRight):
      (JSC::arrayProtoFuncIndexOf):
      (JSC::arrayProtoFuncLastIndexOf): Fixed some pre-existing bugs in
      'this' value conversion, which I made much more common by removing
      special cases in bytecode generation.
      
      These functions need to invoke toThis() because they observe the 'this'
      value. Also, toLocaleString() is specified to accept non-array 'this'
      values.
      
      (Most other host functions don't need this fix because they perform
      strict 'this' checking, which never coerces unexpected types.)
      
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getCodeBlock):
      (JSC::CodeCache::getProgramCodeBlock):
      (JSC::CodeCache::getEvalCodeBlock):
      * runtime/CodeCache.h: Don't supply a scope to the unlinked code cache.
      Unlinked code is supposed to be scope-free, so let's have the compiler
      help verify that.
      
      * runtime/CommonSlowPaths.cpp:
      (JSC::SLOW_PATH_DECL):
      * runtime/CommonSlowPaths.h:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::create):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::EvalExecutable::numVariables):
      (JSC::EvalExecutable::numberOfFunctionDecls):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecutionImpl):
      (JSC::prepareFunctionForExecutionImpl):
      (JSC::installOptimizedCode): Fiddled with executable initialization so
      that we can always generate a full scope chain before we go to link a
      code block. We need this because code block linking now depends on the
      scope chain to link non-local variable resolution opcodes.
      
      * runtime/JSActivation.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::createEvalCodeBlock):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::varInjectionWatchpoint):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncEval):
      * runtime/JSNameScope.h:
      * runtime/JSScope.cpp:
      (JSC::abstractAccess):
      (JSC::JSScope::objectAtScope):
      (JSC::JSScope::depth):
      (JSC::JSScope::resolve):
      (JSC::JSScope::abstractResolve): Updated to match changes explained above.
      
      * runtime/JSScope.h:
      (JSC::makeType):
      (JSC::needsVarInjectionChecks):
      (JSC::ResolveOp::ResolveOp):
      (JSC::ResolveModeAndType::ResolveModeAndType):
      (JSC::ResolveModeAndType::mode):
      (JSC::ResolveModeAndType::type):
      (JSC::ResolveModeAndType::operand): Removed the old variable resolution
      state machine, since it's unused now. Added logic for performing abstract
      variable resolution at link time. This is used by codeblock linking.
      
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncValueOf):
      (JSC::objectProtoFuncHasOwnProperty):
      (JSC::objectProtoFuncIsPrototypeOf):
      (JSC::objectProtoFuncDefineGetter):
      (JSC::objectProtoFuncDefineSetter):
      (JSC::objectProtoFuncLookupGetter):
      (JSC::objectProtoFuncLookupSetter):
      (JSC::objectProtoFuncPropertyIsEnumerable):
      (JSC::objectProtoFuncToLocaleString):
      (JSC::objectProtoFuncToString): Fixed some pre-existing bugs in
      'this' value conversion, which I made much more common by removing
      special cases in bytecode generation.
      
      These functions need to invoke toThis() because they observe the 'this'
      value.
      
      * runtime/StringPrototype.cpp:
      (JSC::checkObjectCoercible):
      (JSC::stringProtoFuncReplace):
      (JSC::stringProtoFuncCharAt):
      (JSC::stringProtoFuncCharCodeAt):
      (JSC::stringProtoFuncConcat):
      (JSC::stringProtoFuncIndexOf):
      (JSC::stringProtoFuncLastIndexOf):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSlice):
      (JSC::stringProtoFuncSplit):
      (JSC::stringProtoFuncSubstr):
      (JSC::stringProtoFuncSubstring):
      (JSC::stringProtoFuncToLowerCase):
      (JSC::stringProtoFuncToUpperCase):
      (JSC::stringProtoFuncLocaleCompare):
      (JSC::stringProtoFuncBig):
      (JSC::stringProtoFuncSmall):
      (JSC::stringProtoFuncBlink):
      (JSC::stringProtoFuncBold):
      (JSC::stringProtoFuncFixed):
      (JSC::stringProtoFuncItalics):
      (JSC::stringProtoFuncStrike):
      (JSC::stringProtoFuncSub):
      (JSC::stringProtoFuncSup):
      (JSC::stringProtoFuncFontcolor):
      (JSC::stringProtoFuncFontsize):
      (JSC::stringProtoFuncAnchor):
      (JSC::stringProtoFuncLink):
      (JSC::trimString): Fixed some pre-existing bugs in
      'this' value conversion, which I made much more common by removing
      special cases in bytecode generation.
      
      These functions need to invoke toThis() because they observe the 'this'
      value.
      
      * runtime/StructureRareData.cpp:
      * runtime/VM.cpp:
      (JSC::VM::~VM):
      
      * runtime/WriteBarrier.h:
      (JSC::WriteBarrierBase::slot): Modified to reduce casting in client code.
      
      LayoutTests:
      
      This patch removed special-case 'this' resolution from bytecode, making
      some pre-existing edge cases in 'this' value treatment much more common.
      
      I updated the test results below, and added some tests, to match bug
      fixes for these cases.
      
      * fast/js/script-tests/array-functions-non-arrays.js:
      * fast/js/array-functions-non-arrays-expected.txt: As specified, it's
      not an error to pass a non-array to toLocaleString. Our new result
      matches Firefox and Chrome.
      
      * fast/js/array-prototype-properties-expected.txt: Updated for slightly
      clearer error message.
      
      * fast/js/basic-strict-mode-expected.txt: Updated for slightly more
      standard error message.
      
      * fast/js/object-prototype-toString-expected.txt: Added.
      * fast/js/object-prototype-toString.html: Added. This test demonstrates
      why we now fail a Sputnik test below, while Firefox and Chrome pass it.
      (The test doesn't test what it thinks it tests, and this test verifies
      that we get right what it does think it tests.)
      
      * fast/js/string-prototype-function-this-expected.txt: Added.
      * fast/js/string-prototype-function-this.html: Added. This test shows
      that we CheckObjectCoercible in string prototype functions. (We used
      to get this wrong, but Sputnik tests made it seem like we got it right
      because they didn't test the dynamic scope case.)
      
      * sputnik/Conformance/11_Expressions/11.1_Primary_Expressions/11.1.1_The_this_Keyword/S11.1.1_A2-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.3_Array_prototype_toLocaleString/S15.4.4.3_A2_T1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.11_String.prototype.replace/S15.5.4.11_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.12_String.prototype.search/S15.5.4.12_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.13_String.prototype.slice/S15.5.4.13_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.14_String.prototype.split/S15.5.4.14_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.15_String.prototype.substring/S15.5.4.15_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.6_String.prototype.concat/S15.5.4.6_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.7_String.prototype.indexOf/S15.5.4.7_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.8_String.prototype.lastIndexOf/S15.5.4.8_A1_T3-expected.txt:
      
      Updated to show failing results. Firefox and Chrome also fail these
      tests, and the ES5 spec seems to mandate failure. Because these tests
      resolve a String.prototype function at global scope, the 'this' value
      for the call is an environment record. Logically, an environment record
      converts to 'undefined' at the call site, and should then fail the
      CheckObjectCoercible test.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153221 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      58c86752
    • oliver@apple.com's avatar
      fourthTier: Introducing the StackIterator class. · 2b2e1324
      oliver@apple.com authored
      This was a non trivial merge as trunk has changed computation of line and column information
      
      Introducing the StackIterator class.
      https://bugs.webkit.org/show_bug.cgi?id=117390.
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore:
      
      The StackIterator class is meant to unify the way we iterate the JS
      stack. It also makes it so that we don't have to copy the frame data
      into the intermediate StackFrame struct before processing it.
      Unfortunately we still can't get rid of StackFrame because it is used
      to record frame information for the Exception stack that is expected
      to persist beyond when the frames have been popped off the JS stack.
      
      The StackIterator will iterate over all "logical" frames (i.e. including
      inlined frames). As it iterates the JS stack, if it encounters a DFG
      frame that has inlined frames, the iterator will canonicalize the
      inlined frames before returning. Once canonicalized, the frame can be
      read like any other frame.
      
      The StackIterator implements a Frame class that inherits from CallFrame.
      The StackIterator::Frame serves as reader of the CallFrame that makes
      it easier to access information about the frame. The StackIterator::Frame
      only adds functions, and no additional data fields.
      
      * API/JSContextRef.cpp:
      (JSContextCreateBacktrace):
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * interpreter/CallFrame.cpp:
      (JSC::CallFrame::begin):
      (JSC::CallFrame::beginAt):
      * interpreter/CallFrame.h:
      (JSC::ExecState::setInlineCallFrame):
      (ExecState):
      (JSC::ExecState::end):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::dumpRegisters):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::debug):
      * interpreter/Interpreter.h:
      (Interpreter):
      * interpreter/StackIterator.cpp: Added.
      (JSC::StackIterator::StackIterator):
      (JSC::StackIterator::beginAt):
      (JSC::StackIterator::gotoNextFrame):
      - Based on the deleted Interpreter::findFunctionCallFrameFromVMCode().
      (JSC::StackIterator::findFrameForFunction):
      - Based on the deleted Interpreter::retrieveCallerFromVMCode().
      (JSC::StackIterator::Frame::codeType):
      - Based on the deleted getStackFrameCodeType().
      (JSC::StackIterator::Frame::functionName):
      - Based on StackFrame::friendlyFunctionName().
      (JSC::StackIterator::Frame::sourceURL):
      - Based on StackFrame::friendlySourceURL().
      (JSC::StackIterator::Frame::toString):
      - Based on StackFrame::toString().
      (JSC::StackIterator::Frame::bytecodeOffset):
      (JSC::StackIterator::Frame::line):
      - Based on StackFrame::line().
      (JSC::StackIterator::Frame::column):
      - Based on StackFrame::column().
      (JSC::StackIterator::Frame::arguments):
      - Based on the deleted Interpreter::retrieveArgumentsFromVMCode().
      (JSC::StackIterator::Frame::retrieveExpressionInfo):
      - Based on StackFrame::expressionInfo().
      (JSC::StackIterator::Frame::logicalFrame):
      - Based on the now deleted CallFrame::trueCallFrame().
      (JSC::StackIterator::Frame::logicalCallerFrame):
      - Based on the now deleted CallFrame::trueCallerFrame().
      (JSC::jitTypeName):
      (JSC::printIndents):
      (JSC::printif):
      (JSC::StackIterator::Frame::print):
      (debugPrintCallFrame):
      - Prints the contents of the frame for debugging purposes.
        There are 2 versions that can be used as follows:
      
        1. When you have a valid StackIterator, you can print
           the current frame's content using the print instance
           method:
               iter->print(indentLevel);
      
        2. When you have a CallFrame* that you want to dump from a debugger
           console, you can print its content as follows:
               (gdb) call debugPrintCallFrame(callFrame)
      
        A sample of the output looks like this:
      
            frame 0x1510c70b0 {
               name 'shouldBe'
               sourceURL 'testapi.js'
               hostFlag 0
               isInlinedFrame 0
               callee 0x15154efb0
               returnPC 0x10ed0786d
               callerFrame 0x1510c7058
               logicalCallerFrame 0x1510c7058
               rawLocationBits 27 0x1b
               codeBlock 0x7fe79b037200
                  bytecodeOffset 27 0x1b / 210
                  line 46
                  column 20
                  jitType 3 <BaselineJIT> isOptimizingJIT 0
                  hasCodeOrigins 0
            }
      
      * interpreter/StackIterator.h: Added.
      (StackIterator::Frame):
      (JSC::StackIterator::Frame::create):
      (JSC::StackIterator::Frame::isJSFrame):
      (JSC::StackIterator::Frame::callFrame):
      * interpreter/StackIteratorPrivate.h: Added.
      (StackIterator):
      (JSC::StackIterator::operator*):
      (JSC::StackIterator::operator->):
      (JSC::StackIterator::operator==):
      (JSC::StackIterator::operator!=):
      (JSC::StackIterator::operator++):
      (JSC::StackIterator::end):
      (JSC::StackIterator::empty):
      * jsc.cpp:
      (functionJSCStack):
      * profiler/ProfileGenerator.cpp:
      (JSC::ProfileGenerator::addParentForConsoleStart):
      * profiler/ProfileNode.h:
      (ProfileNode):
      * runtime/JSFunction.cpp:
      (JSC::retrieveArguments):
      (JSC::JSFunction::argumentsGetter):
      (JSC::skipOverBoundFunctions):
      (JSC::retrieveCallerFunction):
      (JSC::JSFunction::callerGetter):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncProtoGetter):
      (JSC::globalFuncProtoSetter):
      * runtime/ObjectConstructor.cpp:
      (JSC::objectConstructorGetPrototypeOf):
      * runtime/Operations.h:
      
      Source/WebCore:
      
      No new tests.
      
      * ForwardingHeaders/interpreter/StackIterator.h: Added.
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::send):
      * bindings/js/ScriptCallStackFactory.cpp:
      (WebCore::createScriptCallStack):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153218 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2b2e1324
    • oliver@apple.com's avatar
      fourthTier: Disambiguate between CallFrame bytecodeOffset and codeOriginIndex. · c4497327
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=117262.
      
      Reviewed by Geoffrey Garen.
      
      When writing to the ArgumentCount tag in CallFrame, we will set the high
      bit if the written value is a codeOriginIndex.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeOrigin.h:
      (CodeOrigin):
      (JSC::CodeOrigin::isHandle):
      (JSC::CodeOrigin::encodeHandle):
      (JSC::CodeOrigin::decodeHandle):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::JITCompiler::beginCall):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::tryBuildGetByIDList):
      * interpreter/CallFrame.cpp:
      (JSC::CallFrame::locationAsBytecodeOffset):
      (JSC::CallFrame::setLocationAsBytecodeOffset):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallFrame):
      * interpreter/CallFrame.h:
      (ExecState):
      (JSC::ExecState::inlineCallFrame):
      * interpreter/CallFrameInlines.h: Added.
      (JSC::CallFrame::hasLocationAsBytecodeOffset):
      (JSC::CallFrame::hasLocationAsCodeOriginIndex):
      (JSC::CallFrame::locationAsRawBits):
      (JSC::CallFrame::setLocationAsRawBits):
      (JSC::CallFrame::locationAsBytecodeOffset):
      (JSC::CallFrame::setLocationAsBytecodeOffset):
      (JSC::CallFrame::locationAsCodeOriginIndex):
      * interpreter/Interpreter.cpp:
      (JSC::getBytecodeOffsetForCallFrame):
      (JSC::getCallerInfo):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153209 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c4497327
    • oliver@apple.com's avatar
      fourthTier: Implement a probe mechanism for JIT generated code. · e9743fd0
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=115705.
      
      Reviewed by Geoffrey Garen.
      
      The probe is in the form of a MacroAssembler pseudo instruction.
      It takes 3 arguments: a ProbeFunction, and 2 void* args.
      
      When inserted into the JIT at some code generation site, the probe
      pseudo "instruction" will emit a minimal amount of code to save the
      stack pointer, 1 (or more) scratch register(s), and the probe
      arguments into a ProbeContext record on the stack. The emitted code
      will then call a probe trampoline to do the rest of the work, which
      consists of:
      1. saving the remaining registers into the ProbeContext.
      2. calling the ProbeFunction, and passing it the ProbeContext pointer.
      3. restoring the registers from the ProbeContext after the ProbeFunction
         returns, and then returning to the JIT generated code.
      
      The ProbeContext is stack allocated and is only valid for the duration
      that the ProbeFunction is executing.
      
      If the user supplied ProbeFunction alters the register values in the
      ProbeContext, the new values will be installed into the registers upon
      returning from the probe. This can be useful for some debugging or
      testing purposes.
      
      The probe mechanism is built conditional on USE(MASM_PROBE) which is
      defined in config.h. USE(MASM_PROBE) will off by default.
      
      This changeset only implements the probe mechanism for X86 and X86_64.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/MacroAssembler.h:
      (MacroAssembler):
      (JSC::MacroAssembler::shouldBlind):
      (JSC::MacroAssembler::store32):
      * assembler/MacroAssemblerX86.h:
      (MacroAssemblerX86):
      (JSC::MacroAssemblerX86::trustedImm32FromPtr):
      (JSC::MacroAssemblerX86::probe):
      * assembler/MacroAssemblerX86Common.cpp: Added.
      (JSC::MacroAssemblerX86Common::ProbeContext::dumpCPURegisters):
      - CPU specific register dumper called by ProbeContext::dump().
      (JSC::MacroAssemblerX86Common::ProbeContext::dump):
      - Prints the ProbeContext to the DataLog.
      * assembler/MacroAssemblerX86Common.h:
      (MacroAssemblerX86Common):
      (CPUState): Added.
      (ProbeContext): Added.
      * assembler/MacroAssemblerX86_64.h:
      (MacroAssemblerX86_64):
      (JSC::MacroAssemblerX86_64::trustedImm64FromPtr):
      (JSC::MacroAssemblerX86_64::probe):
      * assembler/X86Assembler.h:
      * config.h: Added WTF_USE_MASM_PROBE flag.
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      * jit/JITStubsX86.h:
      * jit/JITStubsX86Common.h: Added.
      * jit/JITStubsX86_64.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153162 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e9743fd0
    • oliver@apple.com's avatar
      fourthTier: Refactor JITStubs.cpp to move CPU specific parts out into their own files. · cd1c2e74
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116135.
      
      Reviewed by Michael Saboff.
      
      This mod only moves the CPU specific parts out. There is no code change.
      Tested on debug builds of X86, X86_64, ARM and ARMv7. The SH4 and MIPS
      ports are untested. Windows port also not tested.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * jit/JITStubs.cpp:
      (JSC::performPlatformSpecificJITAssertions):
      * jit/JITStubsARM.h: Added.
      (JSC::ctiTrampoline):
      (JSC::ctiTrampolineEnd):
      (JSC::ctiVMThrowTrampoline):
      (JSC::ctiOpThrowNotCaught):
      (JSC::performARMJITAssertions):
      * jit/JITStubsARMv7.h: Added.
      (JSC::ctiTrampoline):
      (JSC::ctiVMThrowTrampoline):
      (JSC::ctiOpThrowNotCaught):
      (JSC::performARMv7JITAssertions):
      * jit/JITStubsMIPS.h: Added.
      (JSC::performMIPSJITAssertions):
      * jit/JITStubsSH4.h: Added.
      * jit/JITStubsX86.h: Added.
      * jit/JITStubsX86_64.h: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153160 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cd1c2e74
    • oliver@apple.com's avatar
      fourthTier: Landing the initial FTL logic in a single commit to avoid spurious · ea77149c
      oliver@apple.com authored
      broken builds.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153121 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ea77149c
    • oliver@apple.com's avatar
      fourthTier: DFG should provide utilities for common OSR exit tasks · b9009149
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114306
      
      Reviewed by Mark Hahnenberg.
      
      Just abstract out some things that the FTL will want to use as well.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOSRExitCompiler.h:
      (OSRExitCompiler):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompilerCommon.cpp: Added.
      (DFG):
      (JSC::DFG::handleExitCounts):
      (JSC::DFG::reifyInlinedCallFrames):
      (JSC::DFG::adjustAndJumpToTarget):
      * dfg/DFGOSRExitCompilerCommon.h: Added.
      (DFG):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153119 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b9009149
    • oliver@apple.com's avatar
      fourthTier: put DFG data into a DFG::JITCode, and put common DFG and FTL data... · 02b179b1
      oliver@apple.com authored
      fourthTier: put DFG data into a DFG::JITCode, and put common DFG and FTL data into something accessible from both DFG::JITCode and FTL::JITCode
      https://bugs.webkit.org/show_bug.cgi?id=113905
      
      Reviewed by Geoffrey Garen.
      
      This removes one pointer from CodeBlock.
      
      It also gives us a framework for having JITType-specific data in CodeBlock, by
      putting it into the appropriate JITCode class (either DFG::JITCode or
      FTL::JITCode). And it allows us to have DFG and FTL share some common data,
      via DFG::CommonData, which is stored in both DFG::JITCode and FTL::JITCode and
      always accessible via JITCode::dfgCommon().
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC):
      (JSC::CodeBlock::dumpBytecode):
      (JSC::CodeBlock::visitAggregate):
      (JSC::CodeBlock::performTracingFixpointIteration):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitWeakReferences):
      (JSC::CodeBlock::shrinkToFit):
      (JSC::CodeBlock::tallyFrequentExitSites):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::setJITCode):
      (JSC::CodeBlock::shouldImmediatelyAssumeLivenessDuringScan):
      (JSC::DFGCodeBlocks::mark):
      * dfg/DFGAssemblyHelpers.h:
      * dfg/DFGCommonData.cpp: Added.
      (DFG):
      (JSC::DFG::CommonData::notifyCompilingStructureTransition):
      (JSC::DFG::CommonData::shrinkToFit):
      * dfg/DFGCommonData.h: Added.
      (JSC):
      (DFG):
      (JSC::DFG::WeakReferenceTransition::WeakReferenceTransition):
      (WeakReferenceTransition):
      (CommonData):
      (JSC::DFG::CommonData::CommonData):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGDriver.h:
      (DFG):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGGraph.h:
      (Graph):
      * dfg/DFGJITCode.cpp: Added.
      (DFG):
      (JSC::DFG::JITCode::JITCode):
      (JSC::DFG::JITCode::~JITCode):
      (JSC::DFG::JITCode::dfgCommon):
      (JSC::DFG::JITCode::dfg):
      (JSC::DFG::JITCode::shrinkToFit):
      * dfg/DFGJITCode.h: Added.
      (DFG):
      (JITCode):
      (JSC::DFG::JITCode::appendOSREntryData):
      (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex):
      (JSC::DFG::JITCode::appendOSRExit):
      (JSC::DFG::JITCode::lastOSRExit):
      (JSC::DFG::JITCode::appendSpeculationRecovery):
      (JSC::DFG::JITCode::appendWatchpoint):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::JITCompiler):
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGJITCompiler.h:
      (JITCompiler):
      (JSC::DFG::JITCompiler::addWeakReference):
      (JSC::DFG::JITCompiler::noticeOSREntry):
      (JSC::DFG::JITCompiler::jitCode):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExit.h:
      (OSRExit):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::backwardSpeculationCheck):
      (JSC::DFG::SpeculativeJIT::speculationWatchpoint):
      (JSC::DFG::SpeculativeJIT::convertLastOSRExitToForward):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGVariableEventStream.cpp:
      * ftl/FTLCompile.cpp:
      (JSC::FTL::compile):
      * ftl/FTLJITCode.cpp:
      (JSC::FTL::JITCode::JITCode):
      (JSC::FTL::JITCode::~JITCode):
      (FTL):
      (JSC::FTL::JITCode::initializeCode):
      (JSC::FTL::JITCode::addressForCall):
      (JSC::FTL::JITCode::executableAddressAtOffset):
      (JSC::FTL::JITCode::dataAddressAtOffset):
      (JSC::FTL::JITCode::offsetOf):
      (JSC::FTL::JITCode::size):
      (JSC::FTL::JITCode::contains):
      (JSC::FTL::JITCode::ftl):
      (JSC::FTL::JITCode::dfgCommon):
      * ftl/FTLJITCode.h:
      (JITCode):
      * ftl/FTLLowerDFGToLLVM.cpp:
      (JSC::FTL::LowerDFGToLLVM::compileStructureTransitionWatchpoint):
      (JSC::FTL::LowerDFGToLLVM::compilePutStructure):
      (JSC::FTL::LowerDFGToLLVM::compilePhantomPutStructure):
      (JSC::FTL::LowerDFGToLLVM::addWeakReference):
      (LowerDFGToLLVM):
      (JSC::FTL::LowerDFGToLLVM::weakPointer):
      * ftl/FTLState.cpp:
      (FTL):
      (JSC::FTL::State::State):
      (JSC::FTL::State::dumpState):
      * ftl/FTLState.h:
      (State):
      * heap/DFGCodeBlocks.cpp:
      (JSC::DFGCodeBlocks::~DFGCodeBlocks):
      (JSC::DFGCodeBlocks::jettison):
      (JSC::DFGCodeBlocks::clearMarks):
      (JSC::DFGCodeBlocks::deleteUnmarkedJettisonedCodeBlocks):
      (JSC::DFGCodeBlocks::traceMarkedCodeBlocks):
      * jit/JITCode.cpp:
      (JSC::JITCode::dfgCommon):
      (JSC):
      (JSC::JITCode::dfg):
      (JSC::JITCode::ftl):
      (JSC::DirectJITCode::DirectJITCode):
      (JSC::DirectJITCode::initializeCodeRef):
      (JSC::DirectJITCode::addressForCall):
      (JSC::DirectJITCode::executableAddressAtOffset):
      (JSC::DirectJITCode::dataAddressAtOffset):
      (JSC::DirectJITCode::offsetOf):
      (JSC::DirectJITCode::size):
      (JSC::DirectJITCode::contains):
      * jit/JITCode.h:
      (DFG):
      (FTL):
      (JSC):
      (JITCode):
      (DirectJITCode):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153116 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      02b179b1
  5. 20 Jul, 2013 1 commit
  6. 08 Jul, 2013 1 commit
  7. 22 May, 2013 1 commit
  8. 10 May, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      Rename StructureCheckHoistingPhase to TypeCheckHoistingPhase · f94b583f
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=115938
      
      We're going to add some more types of check hoisting soon, so let's have the right name here.
      
      Rubber stamped by Filip Pizlo.
              
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGStructureCheckHoistingPhase.cpp: Removed.
      * dfg/DFGStructureCheckHoistingPhase.h: Removed.
      * dfg/DFGTypeCheckHoistingPhase.cpp: Copied from Source/JavaScriptCore/dfg/DFGStructureCheckHoistingPhase.cpp.
      (JSC::DFG::TypeCheckHoistingPhase::TypeCheckHoistingPhase):
      (JSC::DFG::performTypeCheckHoisting):
      * dfg/DFGTypeCheckHoistingPhase.h: Copied from Source/JavaScriptCore/dfg/DFGStructureCheckHoistingPhase.h.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149911 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f94b583f
  9. 30 Apr, 2013 1 commit
    • rniwa@webkit.org's avatar
      Unreviewed, rolling out r149349 and r149354. · 3b9e15c9
      rniwa@webkit.org authored
      http://trac.webkit.org/changeset/149349
      http://trac.webkit.org/changeset/149354
      https://bugs.webkit.org/show_bug.cgi?id=115444
      
       The Thumb version of compileSoftModulo make invalid use of
      registers (Requested by benjaminp on #webkit).
      
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * assembler/ARMv7Assembler.h:
      (ARMv7Assembler):
      * assembler/AbstractMacroAssembler.h:
      (JSC::isARMv7s):
      (JSC):
      * assembler/MacroAssemblerARMv7.cpp: Removed.
      * assembler/MacroAssemblerARMv7.h:
      (MacroAssemblerARMv7):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileSoftModulo):
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForARMv7s):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      
      Source/WTF:
      
      * wtf/Platform.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149395 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3b9e15c9
  10. 29 Apr, 2013 2 commits
    • commit-queue@webkit.org's avatar
      [ARM] Expand the use of integer division · 867a6d44
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=115138
      
      Patch by Cosmin Truta <ctruta@blackberry.com> on 2013-04-29
      Reviewed by Benjamin Poulain.
      
      Source/JavaScriptCore:
      
      If availability of hardware integer division isn't known at compile
      time, check the CPU flags and decide at runtime whether to fall back
      to software. Currently, this OS-specific check is implemented on QNX.
      
      Moreover, use operator % instead of fmod() in the calculation of the
      software modulo. Even when it's software-emulated, operator % is faster
      than fmod(): on ARM v7 QNX, without hardware division, we noticed
      >3% speedup on SunSpider.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * assembler/ARMv7Assembler.h:
      (JSC::ARMv7Assembler::sdiv): Did not compile conditionally.
      (JSC::ARMv7Assembler::udiv): Ditto.
      * assembler/AbstractMacroAssembler.h:
      (JSC::isARMv7s): Removed.
      * assembler/MacroAssemblerARMv7.cpp: Added.
      (JSC::isIntegerDivSupported): Added.
      * assembler/MacroAssemblerARMv7.h:
      (JSC::MacroAssemblerARMv7::supportsIntegerDiv): Added.
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode): Checked MacroAssembler::supportsIntegerDiv() in ArithDiv case.
      * dfg/DFGOperations.cpp:
      (JSC::DFG::operationModOnInts): Added.
      * dfg/DFGOperations.h:
      (JSC::DFG::Z_DFGOperation_ZZ): Added.
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileSoftModulo): Separated the X86-specific and ARM-specific codegen
      from the common implementation; used operationModOnInts on ARM.
      (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForARM): Renamed from compileIntegerArithDivForARMv7.
      (JSC::DFG::SpeculativeJIT::compileArithMod): Allowed run-time detection of integer div on ARM.
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation): Added overloads with Z_DFGOperation_ZZ arguments.
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): Used compileIntegerArithDivForARM.
      
      Source/WTF:
      
      * wtf/Platform.h: Added ENABLE_ARM_INTEGER_DIV.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149349 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      867a6d44
    • carlosgc@webkit.org's avatar
      Unreviewed. Fix make distcheck. · 835101e7
      carlosgc@webkit.org authored
      Source/JavaScriptCore:
      
      * GNUmakefile.list.am: Add missing headers files to compilation
      and offlineasm/sh4.rb script.
      
      Source/WebCore:
      
      * GNUmakefile.am: Add missing scripts to EXTRA_DIST.
      * GNUmakefile.list.am: Add missing files to compilation.
      
      Source/WebKit2:
      
      * GNUmakefile.list.am: Add missing header files to compilation.
      
      Source/WTF:
      
      * GNUmakefile.list.am: Add missing header file to compilation.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149277 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      835101e7
  11. 18 Apr, 2013 1 commit
    • ggaren@apple.com's avatar
      Renamed JSGlobalData to VM · 9a9a4b52
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114777
      
      Reviewed by Phil Pizlo.
      
      ../JavaScriptCore: 
      
      * API/APICast.h:
      (JSC):
      (toJS):
      (toRef):
      * API/APIShims.h:
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
      (APIEntryShimWithoutLock):
      (JSC::APIEntryShim::APIEntryShim):
      (APIEntryShim):
      (JSC::APIEntryShim::~APIEntryShim):
      (JSC::APICallbackShim::APICallbackShim):
      (JSC::APICallbackShim::~APICallbackShim):
      (APICallbackShim):
      * API/JSAPIWrapperObject.h:
      (JSAPIWrapperObject):
      * API/JSAPIWrapperObject.mm:
      (JSC::::createStructure):
      (JSC::JSAPIWrapperObject::JSAPIWrapperObject):
      (JSC::JSAPIWrapperObject::finishCreation):
      (JSC::JSAPIWrapperObject::visitChildren):
      * API/JSBase.cpp:
      (JSGarbageCollect):
      (JSReportExtraMemoryCost):
      (JSSynchronousGarbageCollectForDebugging):
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::JSCallbackConstructor):
      (JSC::JSCallbackConstructor::finishCreation):
      * API/JSCallbackConstructor.h:
      (JSC::JSCallbackConstructor::createStructure):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      (JSC::JSCallbackFunction::create):
      * API/JSCallbackFunction.h:
      (JSCallbackFunction):
      (JSC::JSCallbackFunction::createStructure):
      * API/JSCallbackObject.cpp:
      (JSC::::create):
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObjectData::setPrivateProperty):
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
      (JSCallbackObject):
      (JSC::JSCallbackObject::setPrivateProperty):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::JSCallbackObject):
      (JSC::::finishCreation):
      (JSC::::put):
      (JSC::::staticFunctionGetter):
      * API/JSClassRef.cpp:
      (OpaqueJSClassContextData::OpaqueJSClassContextData):
      (OpaqueJSClass::contextData):
      (OpaqueJSClass::prototype):
      * API/JSClassRef.h:
      (OpaqueJSClassContextData):
      * API/JSContext.mm:
      (-[JSContext setException:]):
      (-[JSContext initWithGlobalContextRef:]):
      (+[JSContext contextWithGlobalContextRef:]):
      * API/JSContextRef.cpp:
      (JSContextGroupCreate):
      (JSContextGroupRelease):
      (JSGlobalContextCreate):
      (JSGlobalContextCreateInGroup):
      (JSGlobalContextRetain):
      (JSGlobalContextRelease):
      (JSContextGetGroup):
      (JSContextCreateBacktrace):
      * API/JSObjectRef.cpp:
      (JSObjectMake):
      (JSObjectMakeConstructor):
      (JSObjectMakeFunction):
      (JSObjectSetPrototype):
      (JSObjectHasProperty):
      (JSObjectGetProperty):
      (JSObjectSetProperty):
      (JSObjectDeleteProperty):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      (OpaqueJSPropertyNameArray::OpaqueJSPropertyNameArray):
      (OpaqueJSPropertyNameArray):
      (JSObjectCopyPropertyNames):
      (JSPropertyNameArrayRelease):
      (JSPropertyNameAccumulatorAddName):
      * API/JSScriptRef.cpp:
      (OpaqueJSScript::create):
      (OpaqueJSScript::vm):
      (OpaqueJSScript::OpaqueJSScript):
      (OpaqueJSScript):
      (parseScript):
      * API/JSVirtualMachine.mm:
      (scanExternalObjectGraph):
      * API/JSVirtualMachineInternal.h:
      (JSC):
      * API/JSWrapperMap.mm:
      (makeWrapper):
      * API/ObjCCallbackFunction.h:
      (JSC::ObjCCallbackFunction::createStructure):
      * API/ObjCCallbackFunction.mm:
      (JSC::ObjCCallbackFunction::create):
      * API/OpaqueJSString.cpp:
      (OpaqueJSString::identifier):
      * API/OpaqueJSString.h:
      (JSC):
      (OpaqueJSString):
      * GNUmakefile.list.am:
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.order:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * KeywordLookupGenerator.py:
      (Trie.printSubTreeAsC):
      * Target.pri:
      * assembler/ARMAssembler.cpp:
      (JSC::ARMAssembler::executableCopy):
      * assembler/ARMAssembler.h:
      (ARMAssembler):
      * assembler/AssemblerBuffer.h:
      (JSC::AssemblerBuffer::executableCopy):
      * assembler/AssemblerBufferWithConstantPool.h:
      (JSC::AssemblerBufferWithConstantPool::executableCopy):
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::linkCode):
      * assembler/LinkBuffer.h:
      (JSC):
      (JSC::LinkBuffer::LinkBuffer):
      (LinkBuffer):
      * assembler/MIPSAssembler.h:
      (JSC::MIPSAssembler::executableCopy):
      * assembler/SH4Assembler.h:
      (JSC::SH4Assembler::executableCopy):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::executableCopy):
      (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
      * bytecode/CallLinkInfo.cpp:
      (JSC::CallLinkInfo::unlink):
      * bytecode/CallLinkInfo.h:
      (CallLinkInfo):
      * bytecode/CodeBlock.cpp:
      (JSC::dumpStructure):
      (JSC::CodeBlock::printStructures):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::visitStructures):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::createActivation):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::findClosureCallForReturnPC):
      (JSC::ProgramCodeBlock::jettisonImpl):
      (JSC::EvalCodeBlock::jettisonImpl):
      (JSC::FunctionCodeBlock::jettisonImpl):
      (JSC::CodeBlock::predictedMachineCodeSize):
      (JSC::CodeBlock::usesOpcode):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::appendWeakReference):
      (JSC::CodeBlock::appendWeakReferenceTransition):
      (JSC::CodeBlock::setJITCode):
      (JSC::CodeBlock::setGlobalData):
      (JSC::CodeBlock::vm):
      (JSC::CodeBlock::valueProfileForBytecodeOffset):
      (JSC::CodeBlock::addConstant):
      (JSC::CodeBlock::setConstantRegisters):
      (CodeBlock):
      (JSC::CodeBlock::WeakReferenceTransition::WeakReferenceTransition):
      * bytecode/EvalCodeCache.h:
      (JSC::EvalCodeCache::getSlow):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC::Instruction::Instruction):
      * bytecode/ObjectAllocationProfile.h:
      (JSC::ObjectAllocationProfile::initialize):
      (JSC::ObjectAllocationProfile::possibleDefaultPropertyCount):
      * bytecode/PolymorphicAccessStructureList.h:
      (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
      (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
      * bytecode/PolymorphicPutByIdList.h:
      (JSC::PutByIdAccess::transition):
      (JSC::PutByIdAccess::replace):
      * bytecode/PreciseJumpTargets.cpp:
      (JSC::computePreciseJumpTargets):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (JSC):
      (PutByIdStatus):
      * bytecode/ResolveGlobalStatus.cpp:
      (JSC::computeForStructure):
      * bytecode/SamplingTool.cpp:
      (JSC::SamplingTool::notifyOfScope):
      * bytecode/SamplingTool.h:
      (JSC::ScriptSampleRecord::ScriptSampleRecord):
      (SamplingTool):
      * bytecode/StructureStubInfo.h:
      (JSC::StructureStubInfo::initGetByIdSelf):
      (JSC::StructureStubInfo::initGetByIdProto):
      (JSC::StructureStubInfo::initGetByIdChain):
      (JSC::StructureStubInfo::initPutByIdTransition):
      (JSC::StructureStubInfo::initPutByIdReplace):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::generateFunctionCodeBlock):
      (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
      (JSC::UnlinkedFunctionExecutable::link):
      (JSC::UnlinkedFunctionExecutable::fromGlobalCode):
      (JSC::UnlinkedFunctionExecutable::codeBlockFor):
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::create):
      (UnlinkedFunctionExecutable):
      (JSC::UnlinkedFunctionExecutable::finishCreation):
      (JSC::UnlinkedFunctionExecutable::createStructure):
      (JSC::UnlinkedCodeBlock::addRegExp):
      (JSC::UnlinkedCodeBlock::addConstant):
      (JSC::UnlinkedCodeBlock::addFunctionDecl):
      (JSC::UnlinkedCodeBlock::addFunctionExpr):
      (JSC::UnlinkedCodeBlock::vm):
      (UnlinkedCodeBlock):
      (JSC::UnlinkedCodeBlock::finishCreation):
      (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock):
      (JSC::UnlinkedProgramCodeBlock::create):
      (JSC::UnlinkedProgramCodeBlock::addFunctionDeclaration):
      (JSC::UnlinkedProgramCodeBlock::UnlinkedProgramCodeBlock):
      (JSC::UnlinkedProgramCodeBlock::createStructure):
      (JSC::UnlinkedEvalCodeBlock::create):
      (JSC::UnlinkedEvalCodeBlock::UnlinkedEvalCodeBlock):
      (JSC::UnlinkedEvalCodeBlock::createStructure):
      (JSC::UnlinkedFunctionCodeBlock::create):
      (JSC::UnlinkedFunctionCodeBlock::UnlinkedFunctionCodeBlock):
      (JSC::UnlinkedFunctionCodeBlock::createStructure):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::addConstant):
      (JSC::BytecodeGenerator::emitLoad):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::addStringConstant):
      (JSC::BytecodeGenerator::expectedFunctionForIdentifier):
      (JSC::BytecodeGenerator::emitThrowReferenceError):
      (JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      (JSC::BytecodeGenerator::vm):
      (JSC::BytecodeGenerator::propertyNames):
      (JSC::BytecodeGenerator::makeFunction):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::RegExpNode::emitBytecode):
      (JSC::ArrayNode::toArgumentList):
      (JSC::ApplyFunctionCallDotNode::emitBytecode):
      (JSC::InstanceOfNode::emitBytecode):
      * debugger/Debugger.cpp:
      (JSC::Debugger::recompileAllJSFunctions):
      (JSC::evaluateInGlobalCallFrame):
      * debugger/Debugger.h:
      (JSC):
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::DebuggerActivation):
      (JSC::DebuggerActivation::finishCreation):
      * debugger/DebuggerActivation.h:
      (JSC::DebuggerActivation::create):
      (JSC::DebuggerActivation::createStructure):
      (DebuggerActivation):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::evaluate):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::executeEffects):
      * dfg/DFGAssemblyHelpers.h:
      (JSC::DFG::AssemblyHelpers::AssemblyHelpers):
      (JSC::DFG::AssemblyHelpers::vm):
      (JSC::DFG::AssemblyHelpers::debugCall):
      (JSC::DFG::AssemblyHelpers::emitExceptionCheck):
      (AssemblyHelpers):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGByteCodeParser.h:
      (JSC):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::CCallHelpers):
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::canHandleOpcodes):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::foldConstants):
      * dfg/DFGDisassembler.cpp:
      (JSC::DFG::Disassembler::reportToProfiler):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGDriver.h:
      (JSC):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
      (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::Graph):
      * dfg/DFGGraph.h:
      (Graph):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::JITCompiler):
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGJITCompiler.h:
      (JSC):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      (JSC::DFG::operationPutByValInternal):
      (JSC::getHostCallReturnValueWithExecState):
      * dfg/DFGPhase.h:
      (JSC::DFG::Phase::vm):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::tryBuildGetByIDProtoList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryCachePutByID):
      (JSC::DFG::tryBuildPutByIdList):
      (JSC::DFG::linkSlowFor):
      (JSC::DFG::dfgLinkFor):
      (JSC::DFG::dfgLinkSlowFor):
      (JSC::DFG::dfgLinkClosureCall):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::typedArrayDescriptor):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
      (JSC::DFG::SpeculativeJIT::compileFromCharCode):
      (JSC::DFG::SpeculativeJIT::compileMakeRope):
      (JSC::DFG::SpeculativeJIT::compileStringEquality):
      (JSC::DFG::SpeculativeJIT::compileToStringOnCell):
      (JSC::DFG::SpeculativeJIT::speculateObject):
      (JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
      (JSC::DFG::SpeculativeJIT::speculateString):
      (JSC::DFG::SpeculativeJIT::speculateStringOrStringObject):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::prepareForExternalCall):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
      (JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGThunks.cpp:
      (JSC::DFG::osrExitGenerationThunkGenerator):
      (JSC::DFG::throwExceptionFromCallSlowPathGenerator):
      (JSC::DFG::slowPathFor):
      (JSC::DFG::linkForThunkGenerator):
      (JSC::DFG::linkCallThunkGenerator):
      (JSC::DFG::linkConstructThunkGenerator):
      (JSC::DFG::linkClosureCallThunkGenerator):
      (JSC::DFG::virtualForThunkGenerator):
      (JSC::DFG::virtualCallThunkGenerator):
      (JSC::DFG::virtualConstructThunkGenerator):
      * dfg/DFGThunks.h:
      (JSC):
      (DFG):
      * heap/BlockAllocator.h:
      (JSC):
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::tryAllocateSlowCase):
      (JSC::CopiedSpace::tryReallocate):
      * heap/CopiedSpaceInlines.h:
      (JSC::CopiedSpace::tryAllocate):
      * heap/GCThreadSharedData.cpp:
      (JSC::GCThreadSharedData::GCThreadSharedData):
      (JSC::GCThreadSharedData::reset):
      * heap/GCThreadSharedData.h:
      (JSC):
      (GCThreadSharedData):
      * heap/HandleSet.cpp:
      (JSC::HandleSet::HandleSet):
      (JSC::HandleSet::~HandleSet):
      (JSC::HandleSet::grow):
      * heap/HandleSet.h:
      (JSC):
      (HandleSet):
      (JSC::HandleSet::vm):
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC):
      (JSC::Heap::lastChanceToFinalize):
      (JSC::Heap::protect):
      (JSC::Heap::unprotect):
      (JSC::Heap::stack):
      (JSC::Heap::getConservativeRegisterRoots):
      (JSC::Heap::markRoots):
      (JSC::Heap::deleteAllCompiledCode):
      (JSC::Heap::collect):
      (JSC::Heap::isValidAllocation):
      * heap/Heap.h:
      (JSC):
      (Heap):
      (JSC::Heap::vm):
      * heap/HeapTimer.cpp:
      (JSC::HeapTimer::HeapTimer):
      (JSC::HeapTimer::timerDidFire):
      (JSC::HeapTimer::timerEvent):
      * heap/HeapTimer.h:
      (JSC):
      (HeapTimer):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::IncrementalSweeper):
      (JSC::IncrementalSweeper::sweepNextBlock):
      (JSC::IncrementalSweeper::willFinishSweeping):
      (JSC::IncrementalSweeper::create):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/Local.h:
      (Local):
      (JSC::::Local):
      (JSC::LocalStack::LocalStack):
      (JSC::LocalStack::push):
      (LocalStack):
      * heap/LocalScope.h:
      (JSC):
      (LocalScope):
      (JSC::LocalScope::LocalScope):
      * heap/MachineStackMarker.cpp:
      (JSC::MachineThreads::addCurrentThread):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::allocateSlowCase):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::vm):
      * heap/SlotVisitor.cpp:
      (JSC::SlotVisitor::SlotVisitor):
      (JSC::SlotVisitor::setup):
      * heap/Strong.h:
      (JSC):
      (Strong):
      (JSC::Strong::operator=):
      * heap/StrongInlines.h:
      (JSC::::Strong):
      (JSC::::set):
      * heap/SuperRegion.h:
      (JSC):
      * heap/WeakSet.cpp:
      * heap/WeakSet.h:
      (WeakSet):
      (JSC::WeakSet::WeakSet):
      (JSC::WeakSet::vm):
      * interpreter/AbstractPC.cpp:
      (JSC::AbstractPC::AbstractPC):
      * interpreter/AbstractPC.h:
      (JSC):
      (AbstractPC):
      * interpreter/CachedCall.h:
      (JSC::CachedCall::CachedCall):
      * interpreter/CallFrame.h:
      (ExecState):
      (JSC::ExecState::clearException):
      (JSC::ExecState::clearSupplementaryExceptionInfo):
      (JSC::ExecState::exception):
      (JSC::ExecState::hadException):
      (JSC::ExecState::propertyNames):
      (JSC::ExecState::emptyList):
      (JSC::ExecState::interpreter):
      (JSC::ExecState::heap):
      (JSC::ExecState::arrayConstructorTable):
      (JSC::ExecState::arrayPrototypeTable):
      (JSC::ExecState::booleanPrototypeTable):
      (JSC::ExecState::dateTable):
      (JSC::ExecState::dateConstructorTable):
      (JSC::ExecState::errorPrototypeTable):
      (JSC::ExecState::globalObjectTable):
      (JSC::ExecState::jsonTable):
      (JSC::ExecState::mathTable):
      (JSC::ExecState::numberConstructorTable):
      (JSC::ExecState::numberPrototypeTable):
      (JSC::ExecState::objectConstructorTable):
      (JSC::ExecState::privateNamePrototypeTable):
      (JSC::ExecState::regExpTable):
      (JSC::ExecState::regExpConstructorTable):
      (JSC::ExecState::regExpPrototypeTable):
      (JSC::ExecState::stringConstructorTable):
      (JSC::ExecState::abstractReturnPC):
      * interpreter/CallFrameClosure.h:
      (CallFrameClosure):
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::eval):
      (JSC::loadVarargs):
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::dumpRegisters):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::appendSourceToError):
      (JSC::getCallerInfo):
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::addStackTraceIfNecessary):
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      (JSC::Interpreter::retrieveArgumentsFromVMCode):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      * interpreter/Interpreter.h:
      (JSC):
      (JSC::TopCallFrameSetter::TopCallFrameSetter):
      (JSC::TopCallFrameSetter::~TopCallFrameSetter):
      (TopCallFrameSetter):
      (JSC::NativeCallFrameTracer::NativeCallFrameTracer):
      (Interpreter):
      * interpreter/JSStack.cpp:
      (JSC::JSStack::JSStack):
      * interpreter/JSStack.h:
      (JSC):
      * jit/ClosureCallStubRoutine.cpp:
      (JSC::ClosureCallStubRoutine::ClosureCallStubRoutine):
      * jit/ClosureCallStubRoutine.h:
      (ClosureCallStubRoutine):
      * jit/ExecutableAllocator.cpp:
      (JSC::ExecutableAllocator::ExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * jit/ExecutableAllocator.h:
      (JSC):
      (ExecutableAllocator):
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::ExecutableAllocator::ExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * jit/GCAwareJITStubRoutine.cpp:
      (JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine):
      (JSC::MarkingGCAwareJITStubRoutineWithOneObject::MarkingGCAwareJITStubRoutineWithOneObject):
      (JSC::createJITStubRoutine):
      * jit/GCAwareJITStubRoutine.h:
      (GCAwareJITStubRoutine):
      (MarkingGCAwareJITStubRoutineWithOneObject):
      (JSC):
      * jit/JIT.cpp:
      (JSC::JIT::JIT):
      (JSC::JIT::privateCompile):
      (JSC::JIT::linkFor):
      (JSC::JIT::linkSlowCall):
      * jit/JIT.h:
      (JSC::JIT::compile):
      (JSC::JIT::compileClosureCall):
      (JSC::JIT::compileGetByIdProto):
      (JSC::JIT::compileGetByIdSelfList):
      (JSC::JIT::compileGetByIdProtoList):
      (JSC::JIT::compileGetByIdChainList):
      (JSC::JIT::compileGetByIdChain):
      (JSC::JIT::compilePutByIdTransition):
      (JSC::JIT::compileGetByVal):
      (JSC::JIT::compilePutByVal):
      (JSC::JIT::compileCTINativeCall):
      (JSC::JIT::compilePatchGetArrayLength):
      (JIT):
      * jit/JITCall.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      (JSC::JIT::privateCompileClosureCall):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      (JSC::JIT::privateCompileClosureCall):
      * jit/JITCode.h:
      (JSC):
      (JSC::JITCode::execute):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      (JSC::jitThrow):
      * jit/JITExceptions.h:
      (JSC):
      * jit/JITInlines.h:
      (JSC::JIT::emitLoadCharacterString):
      (JSC::JIT::updateTopCallFrame):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emit_op_catch):
      (JSC::JIT::emit_op_convert_this):
      (JSC::JIT::emitSlow_op_convert_this):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emitSlow_op_eq):
      (JSC::JIT::emitSlow_op_neq):
      (JSC::JIT::compileOpStrictEq):
      (JSC::JIT::emit_op_catch):
      (JSC::JIT::emit_op_convert_this):
      (JSC::JIT::emitSlow_op_convert_this):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITStubs.cpp:
      (JSC::ctiTrampoline):
      (JSC):
      (JSC::performPlatformSpecificJITAssertions):
      (JSC::tryCachePutByID):
      (JSC::tryCacheGetByID):
      (JSC::returnToThrowTrampoline):
      (JSC::throwExceptionFromOpCall):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::getPolymorphicAccessStructureListSlot):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      (JSC::putByVal):
      * jit/JITStubs.h:
      (JSC):
      (JITStackFrame):
      * jit/JITThunks.cpp:
      (JSC::JITThunks::ctiNativeCall):
      (JSC::JITThunks::ctiNativeConstruct):
      (JSC::JITThunks::ctiStub):
      (JSC::JITThunks::hostFunctionStub):
      * jit/JITThunks.h:
      (JSC):
      (JITThunks):
      * jit/JITWriteBarrier.h:
      (JSC):
      (JSC::JITWriteBarrierBase::set):
      (JSC::JITWriteBarrier::set):
      * jit/SpecializedThunkJIT.h:
      (JSC::SpecializedThunkJIT::loadJSStringArgument):
      (JSC::SpecializedThunkJIT::finalize):
      * jit/ThunkGenerator.h:
      (JSC):
      * jit/ThunkGenerators.cpp:
      (JSC::generateSlowCaseFor):
      (JSC::linkForGenerator):
      (JSC::linkCallGenerator):
      (JSC::linkConstructGenerator):
      (JSC::linkClosureCallGenerator):
      (JSC::virtualForGenerator):
      (JSC::virtualCallGenerator):
      (JSC::virtualConstructGenerator):
      (JSC::stringLengthTrampolineGenerator):
      (JSC::nativeForGenerator):
      (JSC::nativeCallGenerator):
      (JSC::nativeConstructGenerator):
      (JSC::stringCharLoad):
      (JSC::charToString):
      (JSC::charCodeAtThunkGenerator):
      (JSC::charAtThunkGenerator):
      (JSC::fromCharCodeThunkGenerator):
      (JSC::sqrtThunkGenerator):
      (JSC::floorThunkGenerator):
      (JSC::ceilThunkGenerator):
      (JSC::roundThunkGenerator):
      (JSC::expThunkGenerator):
      (JSC::logThunkGenerator):
      (JSC::absThunkGenerator):
      (JSC::powThunkGenerator):
      * jit/ThunkGenerators.h:
      (JSC):
      * jsc.cpp:
      (GlobalObject):
      (GlobalObject::create):
      (GlobalObject::createStructure):
      (GlobalObject::finishCreation):
      (GlobalObject::addFunction):
      (GlobalObject::addConstructableFunction):
      (functionDumpCallFrame):
      (functionJSCStack):
      (functionReleaseExecutableMemory):
      (functionRun):
      (main):
      (runWithScripts):
      (jscmain):
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntData.h:
      (JSC):
      (Data):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntOffsetsExtractor.cpp:
      * llint/LLIntSlowPaths.cpp:
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      * llint/LLIntThunks.cpp:
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h:
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/cloop.rb:
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::ASTBuilder):
      (JSC::ASTBuilder::createSourceElements):
      (JSC::ASTBuilder::createCommaExpr):
      (JSC::ASTBuilder::createLogicalNot):
      (JSC::ASTBuilder::createUnaryPlus):
      (JSC::ASTBuilder::createVoid):
      (JSC::ASTBuilder::thisExpr):
      (JSC::ASTBuilder::createResolve):
      (JSC::ASTBuilder::createObjectLiteral):
      (JSC::ASTBuilder::createArray):
      (JSC::ASTBuilder::createNumberExpr):
      (JSC::ASTBuilder::createString):
      (JSC::ASTBuilder::createBoolean):
      (JSC::ASTBuilder::createNull):
      (JSC::ASTBuilder::createBracketAccess):
      (JSC::ASTBuilder::createDotAccess):
      (JSC::ASTBuilder::createRegExp):
      (JSC::ASTBuilder::createNewExpr):
      (JSC::ASTBuilder::createConditionalExpr):
      (JSC::ASTBuilder::createAssignResolve):
      (JSC::ASTBuilder::createFunctionExpr):
      (JSC::ASTBuilder::createFunctionBody):
      (JSC::ASTBuilder::createGetterOrSetterProperty):
      (JSC::ASTBuilder::createArguments):
      (JSC::ASTBuilder::createArgumentsList):
      (JSC::ASTBuilder::createProperty):
      (JSC::ASTBuilder::createPropertyList):
      (JSC::ASTBuilder::createElementList):
      (JSC::ASTBuilder::createFormalParameterList):
      (JSC::ASTBuilder::createClause):
      (JSC::ASTBuilder::createClauseList):
      (JSC::ASTBuilder::createFuncDeclStatement):
      (JSC::ASTBuilder::createBlockStatement):
      (JSC::ASTBuilder::createExprStatement):
      (JSC::ASTBuilder::createIfStatement):
      (JSC::ASTBuilder::createForLoop):
      (JSC::ASTBuilder::createForInLoop):
      (JSC::ASTBuilder::createEmptyStatement):
      (JSC::ASTBuilder::createVarStatement):
      (JSC::ASTBuilder::createReturnStatement):
      (JSC::ASTBuilder::createBreakStatement):
      (JSC::ASTBuilder::createContinueStatement):
      (JSC::ASTBuilder::createTryStatement):
      (JSC::ASTBuilder::createSwitchStatement):
      (JSC::ASTBuilder::createWhileStatement):
      (JSC::ASTBuilder::createDoWhileStatement):
      (JSC::ASTBuilder::createLabelStatement):
      (JSC::ASTBuilder::createWithStatement):
      (JSC::ASTBuilder::createThrowStatement):
      (JSC::ASTBuilder::createDebugger):
      (JSC::ASTBuilder::createConstStatement):
      (JSC::ASTBuilder::appendConstDecl):
      (JSC::ASTBuilder::addVar):
      (JSC::ASTBuilder::combineCommaNodes):
      (JSC::ASTBuilder::Scope::Scope):
      (JSC::ASTBuilder::createNumber):
      (ASTBuilder):
      (JSC::ASTBuilder::makeTypeOfNode):
      (JSC::ASTBuilder::makeDeleteNode):
      (JSC::ASTBuilder::makeNegateNode):
      (JSC::ASTBuilder::makeBitwiseNotNode):
      (JSC::ASTBuilder::makeMultNode):
      (JSC::ASTBuilder::makeDivNode):
      (JSC::ASTBuilder::makeModNode):
      (JSC::ASTBuilder::makeAddNode):
      (JSC::ASTBuilder::makeSubNode):
      (JSC::ASTBuilder::makeLeftShiftNode):
      (JSC::ASTBuilder::makeRightShiftNode):
      (JSC::ASTBuilder::makeURightShiftNode):
      (JSC::ASTBuilder::makeBitOrNode):
      (JSC::ASTBuilder::makeBitAndNode):
      (JSC::ASTBuilder::makeBitXOrNode):
      (JSC::ASTBuilder::makeFunctionCallNode):
      (JSC::ASTBuilder::makeBinaryNode):
      (JSC::ASTBuilder::makeAssignNode):
      (JSC::ASTBuilder::makePrefixNode):
      (JSC::ASTBuilder::makePostfixNode):
      * parser/Lexer.cpp:
      (JSC::Keywords::Keywords):
      (JSC::::Lexer):
      (JSC::::parseIdentifier):
      (JSC::::parseIdentifierSlowCase):
      * parser/Lexer.h:
      (JSC::Keywords::isKeyword):
      (JSC::Keywords::getKeyword):
      (Keywords):
      (Lexer):
      (JSC::::makeIdentifier):
      (JSC::::makeRightSizedIdentifier):
      (JSC::::makeIdentifierLCharFromUChar):
      (JSC::::makeLCharIdentifier):
      * parser/NodeConstructors.h:
      (JSC::ParserArenaFreeable::operator new):
      (JSC::ParserArenaDeletable::operator new):
      (JSC::ParserArenaRefCounted::ParserArenaRefCounted):
      (JSC::PropertyNode::PropertyNode):
      (JSC::ContinueNode::ContinueNode):
      (JSC::BreakNode::BreakNode):
      (JSC::ForInNode::ForInNode):
      * parser/Nodes.cpp:
      (JSC::ScopeNode::ScopeNode):
      (JSC::ProgramNode::ProgramNode):
      (JSC::ProgramNode::create):
      (JSC::EvalNode::EvalNode):
      (JSC::EvalNode::create):
      (JSC::FunctionBodyNode::FunctionBodyNode):
      (JSC::FunctionBodyNode::create):
      * parser/Nodes.h:
      (ParserArenaFreeable):
      (ParserArenaDeletable):
      (ParserArenaRefCounted):
      (ArrayNode):
      (ForInNode):
      (ContinueNode):
      (BreakNode):
      (ScopeNode):
      (ProgramNode):
      (EvalNode):
      (FunctionBodyNode):
      * parser/Parser.cpp:
      (JSC::::Parser):
      (JSC::::parseInner):
      (JSC::::parseSourceElements):
      (JSC::::parseTryStatement):
      (JSC::::parseFunctionBody):
      (JSC::::parseFunctionInfo):
      (JSC::::parseAssignmentExpression):
      (JSC::::parseProperty):
      (JSC::::parsePrimaryExpression):
      (JSC::::parseMemberExpression):
      (JSC::::parseUnaryExpression):
      * parser/Parser.h:
      (JSC):
      (JSC::Scope::Scope):
      (JSC::Scope::declareVariable):
      (JSC::Scope::declareParameter):
      (Scope):
      (Parser):
      (JSC::Parser::pushScope):
      (JSC::::parse):
      (JSC::parse):
      * parser/ParserArena.h:
      (IdentifierArena):
      (JSC::IdentifierArena::makeIdentifier):
      (JSC::IdentifierArena::makeIdentifierLCharFromUChar):
      (JSC::IdentifierArena::makeNumericIdentifier):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::SyntaxChecker):
      (JSC::SyntaxChecker::createProperty):
      (JSC::SyntaxChecker::createGetterOrSetterProperty):
      * profiler/LegacyProfiler.cpp:
      (JSC::LegacyProfiler::startProfiling):
      (JSC::LegacyProfiler::stopProfiling):
      * profiler/LegacyProfiler.h:
      (JSC):
      * profiler/ProfilerBytecode.cpp:
      (JSC::Profiler::Bytecode::toJS):
      * profiler/ProfilerBytecodeSequence.cpp:
      (JSC::Profiler::BytecodeSequence::BytecodeSequence):
      (JSC::Profiler::BytecodeSequence::addSequenceProperties):
      * profiler/ProfilerBytecodes.cpp:
      (JSC::Profiler::Bytecodes::toJS):
      * profiler/ProfilerCompilation.cpp:
      (JSC::Profiler::Compilation::toJS):
      * profiler/ProfilerCompiledBytecode.cpp:
      (JSC::Profiler::CompiledBytecode::toJS):
      * profiler/ProfilerDatabase.cpp:
      (JSC::Profiler::Database::Database):
      (JSC::Profiler::Database::toJS):
      (JSC::Profiler::Database::toJSON):
      * profiler/ProfilerDatabase.h:
      (Database):
      * profiler/ProfilerOSRExit.cpp:
      (JSC::Profiler::OSRExit::toJS):
      * profiler/ProfilerOrigin.cpp:
      (JSC::Profiler::Origin::toJS):
      * profiler/ProfilerProfiledBytecodes.cpp:
      (JSC::Profiler::ProfiledBytecodes::toJS):
      * runtime/ArgList.h:
      (MarkedArgumentBuffer):
      * runtime/Arguments.cpp:
      (JSC::Arguments::putByIndex):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      (JSC::Arguments::defineOwnProperty):
      (JSC::Arguments::tearOff):
      (JSC::Arguments::didTearOffActivation):
      (JSC::Arguments::tearOffForInlineCallFrame):
      * runtime/Arguments.h:
      (JSC::Arguments::create):
      (JSC::Arguments::createStructure):
      (Arguments):
      (JSC::Arguments::Arguments):
      (JSC::Arguments::trySetArgument):
      (JSC::Arguments::finishCreation):
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::finishCreation):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::createStructure):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::ArrayPrototype):
      (JSC::ArrayPrototype::finishCreation):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      * runtime/ArrayPrototype.h:
      (JSC::ArrayPrototype::createStructure):
      * runtime/BatchedTransitionOptimizer.h:
      (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
      (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
      (BatchedTransitionOptimizer):
      * runtime/BooleanConstructor.cpp:
      (JSC::BooleanConstructor::finishCreation):
      (JSC::constructBoolean):
      (JSC::constructBooleanFromImmediateBoolean):
      * runtime/BooleanConstructor.h:
      (JSC::BooleanConstructor::createStructure):
      * runtime/BooleanObject.cpp:
      (JSC::BooleanObject::BooleanObject):
      (JSC::BooleanObject::finishCreation):
      * runtime/BooleanObject.h:
      (BooleanObject):
      (JSC::BooleanObject::create):
      (JSC::BooleanObject::createStructure):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::BooleanPrototype):
      (JSC::BooleanPrototype::finishCreation):
      (JSC::booleanProtoFuncToString):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::createStructure):
      * runtime/Butterfly.h:
      (JSC):
      (Butterfly):
      * runtime/ButterflyInlines.h:
      (JSC::Butterfly::createUninitialized):
      (JSC::Butterfly::create):
      (JSC::Butterfly::growPropertyStorage):
      (JSC::Butterfly::createOrGrowArrayRight):
      (JSC::Butterfly::growArrayRight):
      (JSC::Butterfly::resizeArray):
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getCodeBlock):
      (JSC::CodeCache::getProgramCodeBlock):
      (JSC::CodeCache::getEvalCodeBlock):
      (JSC::CodeCache::getFunctionExecutableFromGlobalCode):
      * runtime/CodeCache.h:
      (JSC):
      (JSC::SourceCodeValue::SourceCodeValue):
      (CodeCache):
      * runtime/CommonIdentifiers.cpp:
      (JSC):
      (JSC::CommonIdentifiers::CommonIdentifiers):
      * runtime/CommonIdentifiers.h:
      (CommonIdentifiers):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::opIn):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::finishCreation):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::createStructure):
      * runtime/DateInstance.cpp:
      (JSC::DateInstance::DateInstance):
      (JSC::DateInstance::finishCreation):
      (JSC::DateInstance::calculateGregorianDateTime):
      (JSC::DateInstance::calculateGregorianDateTimeUTC):
      * runtime/DateInstance.h:
      (DateInstance):
      (JSC::DateInstance::create):
      (JSC::DateInstance::createStructure):
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::finishCreation):
      (JSC::dateProtoFuncSetTime):
      (JSC::setNewValueFromTimeArgs):
      (JSC::setNewValueFromDateArgs):
      (JSC::dateProtoFuncSetYear):
      (JSC::dateProtoFuncToJSON):
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::createStructure):
      * runtime/Error.cpp:
      (JSC::createError):
      (JSC::createEvalError):
      (JSC::createRangeError):
      (JSC::createReferenceError):
      (JSC::createSyntaxError):
      (JSC::createTypeError):
      (JSC::createURIError):
      (JSC::addErrorInfo):
      (JSC::throwError):
      * runtime/Error.h:
      (JSC):
      (JSC::StrictModeTypeErrorFunction::create):
      (JSC::StrictModeTypeErrorFunction::createStructure):
      * runtime/ErrorConstructor.cpp:
      (JSC::ErrorConstructor::finishCreation):
      * runtime/ErrorConstructor.h:
      (JSC::ErrorConstructor::createStructure):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      * runtime/ErrorInstance.h:
      (JSC::ErrorInstance::createStructure):
      (JSC::ErrorInstance::create):
      (ErrorInstance):
      (JSC::ErrorInstance::finishCreation):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::ErrorPrototype):
      (JSC::ErrorPrototype::finishCreation):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::createStructure):
      * runtime/ExceptionHelpers.cpp:
      (JSC::createInterruptedExecutionException):
      (JSC::createTerminatedExecutionException):
      * runtime/ExceptionHelpers.h:
      (JSC):
      (JSC::InterruptedExecutionError::InterruptedExecutionError):
      (JSC::InterruptedExecutionError::create):
      (JSC::InterruptedExecutionError::createStructure):
      (JSC::TerminatedExecutionError::TerminatedExecutionError):
      (JSC::TerminatedExecutionError::create):
      (JSC::TerminatedExecutionError::createStructure):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC::EvalExecutable::EvalExecutable):
      (JSC::ProgramExecutable::ProgramExecutable):
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::compileInternal):
      (JSC::EvalExecutable::jettisonOptimizedCode):
      (JSC::ProgramExecutable::checkSyntax):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::jettisonOptimizedCode):
      (JSC::ProgramExecutable::initializeGlobalProperties):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::jettisonOptimizedCodeForCall):
      (JSC::FunctionExecutable::jettisonOptimizedCodeForConstruct):
      (JSC::FunctionExecutable::fromGlobalCode):
      * runtime/Executable.h:
      (JSC::ExecutableBase::ExecutableBase):
      (JSC::ExecutableBase::finishCreation):
      (JSC::ExecutableBase::createStructure):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::createStructure):
      (JSC::NativeExecutable::finishCreation):
      (JSC::NativeExecutable::NativeExecutable):
      (JSC::ScriptExecutable::ScriptExecutable):
      (JSC::ScriptExecutable::finishCreation):
      (JSC::EvalExecutable::compile):
      (EvalExecutable):
      (JSC::EvalExecutable::create):
      (JSC::EvalExecutable::createStructure):
      (JSC::ProgramExecutable::create):
      (ProgramExecutable):
      (JSC::ProgramExecutable::compile):
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::create):
      (JSC::FunctionExecutable::compileForCall):
      (FunctionExecutable):
      (JSC::FunctionExecutable::compileForConstruct):
      (JSC::FunctionExecutable::jettisonOptimizedCodeFor):
      (JSC::FunctionExecutable::createStructure):
      (JSC::JSFunction::JSFunction):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/FunctionConstructor.cpp:
      (JSC::FunctionConstructor::finishCreation):
      * runtime/FunctionConstructor.h:
      (JSC::FunctionConstructor::createStructure):
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::finishCreation):
      (JSC::FunctionPrototype::addFunctionProperties):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::createStructure):
      * runtime/GCActivityCallback.cpp:
      (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::doWork):
      (JSC::DefaultGCActivityCallback::didAllocate):
      * runtime/GCActivityCallback.h:
      (JSC::GCActivityCallback::GCActivityCallback):
      * runtime/GCActivityCallbackBlackBerry.cpp:
      (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::doWork):
      (JSC::DefaultGCActivityCallback::didAllocate):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::GetterSetter):
      (JSC::GetterSetter::create):
      (JSC::GetterSetter::setGetter):
      (JSC::GetterSetter::setSetter):
      (JSC::GetterSetter::createStructure):
      * runtime/Identifier.cpp:
      (JSC::Identifier::add):
      (JSC::Identifier::add8):
      (JSC::Identifier::addSlowCase):
      (JSC::Identifier::from):
      (JSC::Identifier::checkCurrentIdentifierTable):
      * runtime/Identifier.h:
      (JSC::Identifier::Identifier):
      (JSC::Identifier::createLCharFromUChar):
      (Identifier):
      (JSC::Identifier::add):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::InternalFunction):
      (JSC::InternalFunction::finishCreation):
      (JSC::InternalFunction::name):
      (JSC::InternalFunction::displayName):
      * runtime/InternalFunction.h:
      (JSC::InternalFunction::createStructure):
      (InternalFunction):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      (JSC::JSAPIValueWrapper::finishCreation):
      (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::symbolTablePutWithAttributes):
      (JSC::JSActivation::getOwnPropertySlot):
      (JSC::JSActivation::put):
      (JSC::JSActivation::putDirectVirtual):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::create):
      (JSC::JSActivation::createStructure):
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::tearOff):
      * runtime/JSArray.cpp:
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::setLengthWritable):
      (JSC::JSArray::unshiftCountSlowCase):
      (JSC::JSArray::setLength):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithArrayStorage):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::ContiguousTypeAccessor::setWithValue):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sortVector):
      * runtime/JSArray.h:
      (JSC::JSArray::JSArray):
      (JSArray):
      (JSC::JSArray::shiftCountForShift):
      (JSC::JSArray::unshiftCountForShift):
      (JSC::JSArray::createStructure):
      (JSC::createContiguousArrayButterfly):
      (JSC::createArrayButterfly):
      (JSC):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      (JSC::constructArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::create):
      (JSC::JSBoundFunction::JSBoundFunction):
      * runtime/JSBoundFunction.h:
      (JSC::JSBoundFunction::createStructure):
      * runtime/JSCJSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      (JSC::JSValue::toStringSlowCase):
      * runtime/JSCJSValue.h:
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSCellInlines.h:
      (JSC::JSCell::JSCell):
      (JSC::JSCell::finishCreation):
      (JSC::allocateCell):
      (JSC::JSCell::setStructure):
      (JSC::JSCell::fastGetOwnProperty):
      * runtime/JSDateMath.cpp:
      (JSC::getDSTOffset):
      (JSC::getUTCOffset):
      (JSC::parseDate):
      * runtime/JSDestructibleObject.h:
      (JSC::JSDestructibleObject::JSDestructibleObject):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::create):
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::createAllocationProfile):
      (JSC::JSFunction::name):
      (JSC::JSFunction::displayName):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::deleteProperty):
      * runtime/JSFunction.h:
      (JSFunction):
      (JSC::JSFunction::create):
      (JSC::JSFunction::setScope):
      (JSC::JSFunction::createStructure):
      * runtime/JSGlobalData.cpp: Removed.
      * runtime/JSGlobalData.h: Removed.
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::~JSGlobalObject):
      (JSC::JSGlobalObject::setGlobalThis):
      (JSC::JSGlobalObject::init):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::createThrowTypeError):
      (JSC::JSGlobalObject::resetPrototype):
      (JSC::JSGlobalObject::addStaticGlobals):
      (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
      (JSC::JSGlobalObject::createProgramCodeBlock):
      (JSC::JSGlobalObject::createEvalCodeBlock):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::create):
      (JSGlobalObject):
      (JSC::JSGlobalObject::finishCreation):
      (JSC::JSGlobalObject::vm):
      (JSC::JSGlobalObject::createStructure):
      (JSC::ExecState::dynamicGlobalObject):
      (JSC::constructEmptyArray):
      (DynamicGlobalObjectScope):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncProtoSetter):
      * runtime/JSLock.cpp:
      (JSC::JSLockHolder::JSLockHolder):
      (JSC::JSLockHolder::init):
      (JSC::JSLockHolder::~JSLockHolder):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::willDestroyGlobalData):
      (JSC::JSLock::lock):
      (JSC::JSLock::unlock):
      (JSC::JSLock::DropAllLocks::DropAllLocks):
      (JSC::JSLock::DropAllLocks::~DropAllLocks):
      * runtime/JSLock.h:
      (JSC):
      (JSLockHolder):
      (JSLock):
      (JSC::JSLock::vm):
      (DropAllLocks):
      * runtime/JSNameScope.h:
      (JSC::JSNameScope::createStructure):
      (JSC::JSNameScope::finishCreation):
      (JSC::JSNameScope::JSNameScope):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::JSNotAnObject):
      (JSC::JSNotAnObject::create):
      (JSC::JSNotAnObject::createStructure):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::JSONObject):
      (JSC::JSONObject::finishCreation):
      (Holder):
      (JSC::Stringifier::Stringifier):
      (JSC::Stringifier::stringify):
      (JSC::Stringifier::toJSON):
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Stringifier::Holder::Holder):
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::Walker):
      (JSC::Walker::walk):
      (JSC::JSONProtoFuncParse):
      (JSC::JSONProtoFuncStringify):
      (JSC::JSONStringify):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::notifyPresenceOfIndexedAccessors):
      (JSC::JSObject::createInitialIndexedStorage):
      (JSC::JSObject::createInitialUndecided):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::createInitialArrayStorage):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
      (JSC::JSObject::convertUndecidedToArrayStorage):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::convertInt32ToArrayStorage):
      (JSC::JSObject::genericConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToContiguous):
      (JSC::JSObject::rageConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::convertUndecidedForValue):
      (JSC::JSObject::convertInt32ForValue):
      (JSC::JSObject::setIndexQuicklyToUndecided):
      (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex):
      (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::rageEnsureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::putDirectVirtual):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::setPrototypeWithCycleCheck):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::getOwnNonIndexPropertyNames):
      (JSC::JSObject::seal):
      (JSC::JSObject::freeze):
      (JSC::JSObject::preventExtensions):
      (JSC::JSObject::reifyStaticFunctionsForDelete):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::allocateSparseIndexMap):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::putDirectNativeFunction):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::ensureLengthSlow):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::putDirectMayBeIndex):
      (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope):
      (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope):
      (DefineOwnPropertyScope):
      (JSC::JSObject::defineOwnNonIndexProperty):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::putByIndexInline):
      (JSC::JSObject::putDirectIndex):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectOffset):
      (JSC::JSObject::putDirect):
      (JSC::JSObject::isSealed):
      (JSC::JSObject::isFrozen):
      (JSC::JSObject::flattenDictionaryObject):
      (JSC::JSObject::ensureInt32):
      (JSC::JSObject::ensureDouble):
      (JSC::JSObject::ensureContiguous):
      (JSC::JSObject::rageEnsureContiguous):
      (JSC::JSObject::ensureArrayStorage):
      (JSC::JSObject::finishCreation):
      (JSC::JSObject::createStructure):
      (JSC::JSObject::ensureLength):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSC::JSFinalObject::createStructure):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSFinalObject::create):
      (JSC::JSObject::setButterfly):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putOwnDataProperty):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::createStructure):
      (JSC::JSPropertyNameIterator::setCachedStructure):
      (JSC::JSPropertyNameIterator::setCachedPrototypeChain):
      (JSC::JSPropertyNameIterator::finishCreation):
      (JSC::StructureRareData::setEnumerationCache):
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::setTarget):
      * runtime/JSProxy.h:
      (JSC::JSProxy::create):
      (JSC::JSProxy::createStructure):
      (JSC::JSProxy::JSProxy):
      (JSC::JSProxy::finishCreation):
      (JSProxy):
      * runtime/JSScope.cpp:
      (JSC::executeResolveOperations):
      (JSC::JSScope::resolveContainingScopeInternal):
      (JSC::JSScope::resolveWithBase):
      (JSC::JSScope::resolveWithThis):
      (JSC::JSScope::resolvePut):
      * runtime/JSScope.h:
      (JSScope):
      (JSC::JSScope::JSScope):
      (JSC::JSScope::vm):
      (JSC::ExecState::vm):
      * runtime/JSSegmentedVariableObject.h:
      (JSC::JSSegmentedVariableObject::JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::finishCreation):
      * runtime/JSString.cpp:
      (JSC::JSRopeString::RopeBuilder::expand):
      (JSC::StringObject::create):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      (JSC::JSString::JSString):
      (JSC::JSString::finishCreation):
      (JSC::JSString::create):
      (JSC::JSString::createHasOtherOwner):
      (JSC::JSString::createStructure):
      (JSRopeString):
      (JSC::JSRopeString::RopeBuilder::RopeBuilder):
      (JSC::JSRopeString::RopeBuilder::append):
      (RopeBuilder):
      (JSC::JSRopeString::JSRopeString):
      (JSC::JSRopeString::finishCreation):
      (JSC::JSRopeString::append):
      (JSC::JSRopeString::createNull):
      (JSC::JSRopeString::create):
      (JSC::jsEmptyString):
      (JSC::jsSingleCharacterString):
      (JSC::jsSingleCharacterSubstring):
      (JSC::jsNontrivialString):
      (JSC::jsString):
      (JSC::jsSubstring):
      (JSC::jsSubstring8):
      (JSC::jsOwnedString):
      (JSC::jsStringBuilder):
      (JSC::inlineJSValueNotStringtoString):
      * runtime/JSStringJoiner.cpp:
      (JSC::JSStringJoiner::build):
      * runtime/JSSymbolTableObject.h:
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/JSWithScope.h:
      (JSC::JSWithScope::create):
      (JSC::JSWithScope::createStructure):
      (JSC::JSWithScope::JSWithScope):
      * runtime/JSWrapperObject.h:
      (JSWrapperObject):
      (JSC::JSWrapperObject::createStructure):
      (JSC::JSWrapperObject::JSWrapperObject):
      (JSC::JSWrapperObject::setInternalValue):
      * runtime/LiteralParser.cpp:
      (JSC::::tryJSONPParse):
      (JSC::::makeIdentifier):
      (JSC::::parse):
      * runtime/Lookup.cpp:
      (JSC::HashTable::createTable):
      (JSC::setUpStaticFunctionSlot):
      * runtime/Lookup.h:
      (JSC::HashTable::initializeIfNeeded):
      (JSC::HashTable::entry):
      (JSC::HashTable::begin):
      (JSC::HashTable::end):
      (HashTable):
      (JSC::lookupPut):
      * runtime/MathObject.cpp:
      (JSC::MathObject::MathObject):
      (JSC::MathObject::finishCreation):
      (JSC::mathProtoFuncSin):
      * runtime/MathObject.h:
      (JSC::MathObject::createStructure):
      * runtime/MemoryStatistics.cpp:
      * runtime/MemoryStatistics.h:
      * runtime/NameConstructor.cpp:
      (JSC::NameConstructor::finishCreation):
      (JSC::constructPrivateName):
      * runtime/NameConstructor.h:
      (JSC::NameConstructor::createStructure):
      * runtime/NameInstance.cpp:
      (JSC::NameInstance::NameInstance):
      * runtime/NameInstance.h:
      (JSC::NameInstance::createStructure):
      (JSC::NameInstance::create):
      (NameInstance):
      (JSC::NameInstance::finishCreation):
      * runtime/NamePrototype.cpp:
      (JSC::NamePrototype::NamePrototype):
      (JSC::NamePrototype::finishCreation):
      * runtime/NamePrototype.h:
      (JSC::NamePrototype::createStructure):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::createStructure):
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NativeErrorPrototype.cpp:
      (JSC::NativeErrorPrototype::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::finishCreation):
      (JSC::constructWithNumberConstructor):
      * runtime/NumberConstructor.h:
      (JSC::NumberConstructor::createStructure):
      * runtime/NumberObject.cpp:
      (JSC::NumberObject::NumberObject):
      (JSC::NumberObject::finishCreation):
      (JSC::constructNumber):
      * runtime/NumberObject.h:
      (NumberObject):
      (JSC::NumberObject::create):
      (JSC::NumberObject::createStructure):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::NumberPrototype):
      (JSC::NumberPrototype::finishCreation):
      (JSC::integerValueToString):
      (JSC::numberProtoFuncToString):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::createStructure):
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::finishCreation):
      (JSC::objectConstructorGetOwnPropertyDescriptor):
      (JSC::objectConstructorSeal):
      (JSC::objectConstructorFreeze):
      (JSC::objectConstructorPreventExtensions):
      (JSC::objectConstructorIsSealed):
      (JSC::objectConstructorIsFrozen):
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      (JSC::constructEmptyObject):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      (JSC::ObjectPrototype::finishCreation):
      (JSC::objectProtoFuncToString):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::createStructure):
      * runtime/Operations.cpp:
      (JSC::jsTypeStringForValue):
      * runtime/Operations.h:
      (JSC):
      (JSC::jsString):
      (JSC::jsStringFromArguments):
      (JSC::normalizePrototypeChainForChainAccess):
      (JSC::normalizePrototypeChain):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (JSC::PropertyTable::createStructure):
      (PropertyTable):
      (JSC::PropertyTable::copy):
      * runtime/PropertyNameArray.h:
      (JSC::PropertyNameArray::PropertyNameArray):
      (JSC::PropertyNameArray::vm):
      (JSC::PropertyNameArray::addKnownUnique):
      (PropertyNameArray):
      * runtime/PropertyTable.cpp:
      (JSC::PropertyTable::create):
      (JSC::PropertyTable::clone):
      (JSC::PropertyTable::PropertyTable):
      * runtime/PrototypeMap.cpp:
      (JSC::PrototypeMap::emptyObjectStructureForPrototype):
      * runtime/RegExp.cpp:
      (JSC::RegExp::RegExp):
      (JSC::RegExp::finishCreation):
      (JSC::RegExp::createWithoutCaching):
      (JSC::RegExp::create):
      (JSC::RegExp::compile):
      (JSC::RegExp::compileIfNecessary):
      (JSC::RegExp::match):
      (JSC::RegExp::compileMatchOnly):
      (JSC::RegExp::compileIfNecessaryMatchOnly):
      * runtime/RegExp.h:
      (JSC):
      (RegExp):
      (JSC::RegExp::createStructure):
      * runtime/RegExpCache.cpp:
      (JSC::RegExpCache::lookupOrCreate):
      (JSC::RegExpCache::RegExpCache):
      (JSC::RegExpCache::addToStrongCache):
      * runtime/RegExpCache.h:
      (RegExpCache):
      * runtime/RegExpCachedResult.cpp:
      (JSC::RegExpCachedResult::lastResult):
      (JSC::RegExpCachedResult::setInput):
      * runtime/RegExpCachedResult.h:
      (JSC::RegExpCachedResult::RegExpCachedResult):
      (JSC::RegExpCachedResult::record):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::RegExpConstructor):
      (JSC::RegExpConstructor::finishCreation):
      (JSC::constructRegExp):
      * runtime/RegExpConstructor.h:
      (JSC::RegExpConstructor::createStructure):
      (RegExpConstructor):
      (JSC::RegExpConstructor::performMatch):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::RegExpMatchesArray):
      (JSC::RegExpMatchesArray::create):
      (JSC::RegExpMatchesArray::finishCreation):
      (JSC::RegExpMatchesArray::reifyAllProperties):
      * runtime/RegExpMatchesArray.h:
      (RegExpMatchesArray):
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::RegExpObject):
      (JSC::RegExpObject::finishCreation):
      (JSC::RegExpObject::match):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::create):
      (JSC::RegExpObject::setRegExp):
      (JSC::RegExpObject::setLastIndex):
      (JSC::RegExpObject::createStructure):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncCompile):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::createStructure):
      * runtime/SmallStrings.cpp:
      (JSC::SmallStrings::initializeCommonStrings):
      (JSC::SmallStrings::createEmptyString):
      (JSC::SmallStrings::createSingleCharacterString):
      (JSC::SmallStrings::initialize):
      * runtime/SmallStrings.h:
      (JSC):
      (JSC::SmallStrings::singleCharacterString):
      (SmallStrings):
      * runtime/SparseArrayValueMap.cpp:
      (JSC::SparseArrayValueMap::SparseArrayValueMap):
      (JSC::SparseArrayValueMap::finishCreation):
      (JSC::SparseArrayValueMap::create):
      (JSC::SparseArrayValueMap::createStructure):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::SparseArrayEntry::put):
      * runtime/SparseArrayValueMap.h:
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::StrictEvalActivation):
      * runtime/StrictEvalActivation.h:
      (JSC::StrictEvalActivation::create):
      (JSC::StrictEvalActivation::createStructure):
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::finishCreation):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::createStructure):
      * runtime/StringObject.cpp:
      (JSC::StringObject::StringObject):
      (JSC::StringObject::finishCreation):
      (JSC::constructString):
      * runtime/StringObject.h:
      (JSC::StringObject::create):
      (JSC::StringObject::createStructure):
      (StringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::StringPrototype):
      (JSC::StringPrototype::finishCreation):
      (JSC::removeUsingRegExpSearch):
      (JSC::replaceUsingRegExpSearch):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSplit):
      * runtime/StringPrototype.h:
      (JSC::StringPrototype::createStructure):
      * runtime/StringRecursionChecker.h:
      (JSC::StringRecursionChecker::performCheck):
      (JSC::StringRecursionChecker::~StringRecursionChecker):
      * runtime/Structure.cpp:
      (JSC::StructureTransitionTable::add):
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::changePrototypeTransition):
      (JSC::Structure::despecifyFunctionTransition):
      (JSC::Structure::attributeChangeTransition):
      (JSC::Structure::toDictionaryTransition):
      (JSC::Structure::toCacheableDictionaryTransition):
      (JSC::Structure::toUncacheableDictionaryTransition):
      (JSC::Structure::sealTransition):
      (JSC::Structure::freezeTransition):
      (JSC::Structure::preventExtensionsTransition):
      (JSC::Structure::takePropertyTableOrCloneIfPinned):
      (JSC::Structure::nonPropertyTransition):
      (JSC::Structure::isSealed):
      (JSC::Structure::isFrozen):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::allocateRareData):
      (JSC::Structure::cloneRareDataFrom):
      (JSC::Structure::copyPropertyTable):
      (JSC::Structure::copyPropertyTableForPinning):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::despecifyAllFunctions):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::createPropertyMap):
      (JSC::Structure::getPropertyNamesFromStructure):
      (JSC::Structure::prototypeChainMayInterceptStoreTo):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::finishCreation):
      (JSC::Structure::setPrototypeWithoutTransition):
      (JSC::Structure::setGlobalObject):
      (JSC::Structure::setObjectToStringValue):
      (JSC::Structure::materializePropertyMapIfNecessary):
      (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
      (JSC::Structure::setPreviousID):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::StructureChain):
      * runtime/StructureChain.h:
      (JSC::StructureChain::create):
      (JSC::StructureChain::createStructure):
      (JSC::StructureChain::finishCreation):
      (StructureChain):
      * runtime/StructureInlines.h:
      (JSC::Structure::create):
      (JSC::Structure::createStructure):
      (JSC::Structure::get):
      (JSC::Structure::setEnumerationCache):
      (JSC::Structure::prototypeChain):
      (JSC::Structure::propertyTable):
      * runtime/StructureRareData.cpp:
      (JSC::StructureRareData::createStructure):
      (JSC::StructureRareData::create):
      (JSC::StructureRareData::clone):
      (JSC::StructureRareData::StructureRareData):
      * runtime/StructureRareData.h:
      (StructureRareData):
      * runtime/StructureRareDataInlines.h:
      (JSC::StructureRareData::setPreviousID):
      (JSC::StructureRareData::setObjectToStringValue):
      * runtime/StructureTransitionTable.h:
      (StructureTransitionTable):
      (JSC::StructureTransitionTable::setSingleTransition):
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::create):
      (JSC::SharedSymbolTable::createStructure):
      (JSC::SharedSymbolTable::SharedSymbolTable):
      * runtime/VM.cpp: Copied from Source/JavaScriptCore/runtime/JSGlobalData.cpp.
      (JSC::VM::VM):
      (JSC::VM::~VM):
      (JSC::VM::createContextGroup):
      (JSC::VM::create):
      (JSC::VM::createLeaked):
      (JSC::VM::sharedInstanceExists):
      (JSC::VM::sharedInstance):
      (JSC::VM::sharedInstanceInternal):
      (JSC::VM::getHostFunction):
      (JSC::VM::ClientData::~ClientData):
      (JSC::VM::resetDateCache):
      (JSC::VM::startSampling):
      (JSC::VM::stopSampling):
      (JSC::VM::discardAllCode):
      (JSC::VM::dumpSampleData):
      (JSC::VM::addSourceProviderCache):
      (JSC::VM::clearSourceProviderCaches):
      (JSC::VM::releaseExecutableMemory):
      (JSC::releaseExecutableMemory):
      (JSC::VM::gatherConservativeRoots):
      (JSC::VM::addRegExpToTrace):
      (JSC::VM::dumpRegExpTrace):
      * runtime/VM.h: Copied from Source/JavaScriptCore/runtime/JSGlobalData.h.
      (VM):
      (JSC::VM::isSharedInstance):
      (JSC::VM::usingAPI):
      (JSC::VM::isInitializingObject):
      (JSC::VM::setInitializingObjectClass):
      (JSC::WeakSet::heap):
      * runtime/WriteBarrier.h:
      (JSC):
      (JSC::WriteBarrierBase::set):
      (JSC::WriteBarrierBase::setMayBeNull):
      (JSC::WriteBarrierBase::setEarlyValue):
      (JSC::WriteBarrier::WriteBarrier):
      * testRegExp.cpp:
      (GlobalObject):
      (GlobalObject::create):
      (GlobalObject::createStructure):
      (GlobalObject::finishCreation):
      (main):
      (testOneRegExp):
      (parseRegExpLine):
      (runFromFiles):
      (realMain):
      * yarr/YarrInterpreter.h:
      (BytecodePattern):
      * yarr/YarrJIT.cpp:
      (YarrGenerator):
      (JSC::Yarr::YarrGenerator::compile):
      (JSC::Yarr::jitCompile):
      * yarr/YarrJIT.h:
      (JSC):
      
      ../WebCore: 
      
      * ForwardingHeaders/runtime/JSGlobalData.h: Removed.
      * ForwardingHeaders/runtime/VM.h: Copied from Source/WebCore/ForwardingHeaders/runtime/JSGlobalData.h.
      * WebCore.exp.in:
      * WebCore.order:
      * WebCore.vcxproj/WebCore.vcxproj:
      * WebCore.vcxproj/WebCore.vcxproj.filters:
      * bindings/js/DOMObjectHashTableMap.cpp:
      (WebCore::DOMObjectHashTableMap::mapFor):
      * bindings/js/DOMObjectHashTableMap.h:
      (JSC):
      (DOMObjectHashTableMap):
      * bindings/js/DOMWrapperWorld.cpp:
      (WebCore::DOMWrapperWorld::DOMWrapperWorld):
      (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
      (WebCore::normalWorld):
      (WebCore::mainThreadNormalWorld):
      * bindings/js/DOMWrapperWorld.h:
      (WebCore::DOMWrapperWorld::create):
      (WebCore::DOMWrapperWorld::vm):
      (DOMWrapperWorld):
      (WebCore):
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::garbageCollectSoon):
      (WebCore::GCController::garbageCollectNow):
      (WebCore::GCController::setJavaScriptGarbageCollectorTimerEnabled):
      (WebCore::GCController::discardAllCompiledCode):
      * bindings/js/IDBBindingUtilities.cpp:
      (WebCore::get):
      (WebCore::set):
      (WebCore::deserializeIDBValue):
      (WebCore::deserializeIDBValueBuffer):
      (WebCore::idbKeyToScriptValue):
      * bindings/js/JSCallbackData.h:
      (WebCore::JSCallbackData::JSCallbackData):
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver):
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::getHashTableForGlobalData):
      (WebCore::reportException):
      (WebCore::cacheDOMStructure):
      * bindings/js/JSDOMBinding.h:
      (WebCore::DOMConstructorObject::createStructure):
      (WebCore::DOMConstructorWithDocument::finishCreation):
      (WebCore::getDOMStructure):
      (WebCore::setInlineCachedWrapper):
      (WebCore):
      (WebCore::jsStringWithCache):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
      (WebCore::JSDOMGlobalObject::finishCreation):
      * bindings/js/JSDOMGlobalObject.h:
      (JSDOMGlobalObject):
      (WebCore::JSDOMGlobalObject::createStructure):
      (WebCore::getDOMConstructor):
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::finishCreation):
      (WebCore::JSDOMWindowBase::updateDocument):
      (WebCore::JSDOMWindowBase::commonVM):
      * bindings/js/JSDOMWindowBase.h:
      (JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::createStructure):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::setLocation):
      (WebCore::DialogHandler::dialogCreated):
      (WebCore::DialogHandler::returnValue):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::JSDOMWindowShell):
      (WebCore::JSDOMWindowShell::finishCreation):
      (WebCore::JSDOMWindowShell::setWindow):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      (WebCore::JSDOMWindowShell::create):
      (WebCore::JSDOMWindowShell::createStructure):
      * bindings/js/JSDOMWrapper.h:
      (WebCore::JSDOMWrapper::JSDOMWrapper):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::createAccelerationObject):
      (WebCore::createRotationRateObject):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSDictionary.h:
      (WebCore::JSDictionary::JSDictionary):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSEventListener.h:
      (WebCore::JSEventListener::setWrapper):
      (WebCore::JSEventListener::jsFunction):
      * bindings/js/JSHTMLDocumentCustom.cpp:
      (WebCore::JSHTMLDocument::all):
      (WebCore::JSHTMLDocument::setAll):
      * bindings/js/JSHTMLTemplateElementCustom.cpp:
      (WebCore::JSHTMLTemplateElement::content):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::state):
      * bindings/js/JSImageConstructor.cpp:
      (WebCore::JSImageConstructor::finishCreation):
      * bindings/js/JSImageConstructor.h:
      (WebCore::JSImageConstructor::createStructure):
      * bindings/js/JSImageDataCustom.cpp:
      (WebCore::toJS):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::InjectedScriptHost::nodeAsScriptValue):
      (WebCore::JSInjectedScriptHost::functionDetails):
      (WebCore::getJSListenerFunctions):
      (WebCore::JSInjectedScriptHost::getEventListeners):
      (WebCore::JSInjectedScriptHost::inspect):
      * bindings/js/JSLazyEventListener.cpp:
      (WebCore::JSLazyEventListener::initializeJSFunction):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::JSMessageEvent::data):
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSMutationCallback.cpp:
      (WebCore::JSMutationCallback::call):
      * bindings/js/JSMutationObserverCustom.cpp:
      (WebCore::JSMutationObserverConstructor::constructJSMutationObserver):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::JSNodeFilterCondition):
      * bindings/js/JSNodeFilterCondition.h:
      (WebCore::JSNodeFilterCondition::create):
      (JSNodeFilterCondition):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::toNodeFilter):
      * bindings/js/JSPopStateEventCustom.cpp:
      (WebCore::cacheState):
      * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
      (WebCore::JSRequestAnimationFrameCallback::handleEvent):
      * bindings/js/JSSQLResultSetRowListCustom.cpp:
      (WebCore::JSSQLResultSetRowList::item):
      * bindings/js/JSWorkerContextBase.cpp:
      (WebCore::JSWorkerContextBase::JSWorkerContextBase):
      (WebCore::JSWorkerContextBase::finishCreation):
      * bindings/js/JSWorkerContextBase.h:
      (WebCore::JSWorkerContextBase::createStructure):
      (JSWorkerContextBase):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::ScheduledAction):
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScheduledAction.h:
      (WebCore::ScheduledAction::ScheduledAction):
      * bindings/js/ScriptCachedFrameData.cpp:
      (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
      (WebCore::ScriptCachedFrameData::restore):
      (WebCore::ScriptCachedFrameData::clear):
      * bindings/js/ScriptCallStackFactory.cpp:
      (WebCore::createScriptCallStack):
      (WebCore::createScriptArguments):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::createWindowShell):
      (WebCore::ScriptController::evaluateInWorld):
      (WebCore::ScriptController::createWorld):
      (WebCore::ScriptController::getAllWorlds):
      (WebCore::ScriptController::clearWindowShell):
      (WebCore::ScriptController::initScript):
      (WebCore::ScriptController::updateDocument):
      (WebCore::ScriptController::cacheableBindingRootObject):
      (WebCore::ScriptController::bindingRootObject):
      (WebCore::ScriptController::clearScriptObjects):
      (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy):
      * bindings/js/ScriptControllerMac.mm:
      (WebCore::ScriptController::windowScriptObject):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptEventListener.cpp:
      (WebCore::eventListenerHandlerBody):
      (WebCore::eventListenerHandler):
      (WebCore::eventListenerHandlerLocation):
      * bindings/js/ScriptFunctionCall.cpp:
      (WebCore::ScriptFunctionCall::call):
      (WebCore::ScriptCallback::call):
      * bindings/js/ScriptGCEvent.cpp:
      (WebCore::ScriptGCEvent::getHeapSize):
      * bindings/js/ScriptObject.cpp:
      (WebCore::ScriptObject::ScriptObject):
      (WebCore::ScriptGlobalObject::set):
      * bindings/js/ScriptState.h:
      (WebCore):
      * bindings/js/ScriptValue.cpp:
      (WebCore::ScriptValue::deserialize):
      * bindings/js/ScriptValue.h:
      (WebCore::ScriptValue::ScriptValue):
      * bindings/js/ScriptWrappable.h:
      (JSC):
      (ScriptWrappable):
      * bindings/js/ScriptWrappableInlines.h:
      (WebCore::ScriptWrappable::setWrapper):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::readTerminal):
      (WebCore::SerializedScriptValue::deserializeForInspector):
      (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
      * bindings/js/WebCoreJSClientData.h:
      (WebCoreJSClientData):
      (WebCore::initNormalWorldClientData):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::WorkerScriptController):
      (WebCore::WorkerScriptController::~WorkerScriptController):
      (WebCore::WorkerScriptController::initScript):
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::scheduleExecutionTermination):
      (WebCore::WorkerScriptController::isExecutionTerminating):
      (WebCore::WorkerScriptController::disableEval):
      * bindings/js/WorkerScriptController.h:
      (JSC):
      (WebCore::WorkerScriptController::vm):
      (WorkerScriptController):
      * bindings/js/WorkerScriptDebugServer.cpp:
      (WebCore::WorkerScriptDebugServer::recompileAllJSFunctions):
      * bindings/objc/WebScriptObject.mm:
      (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateCallbackImplementation):
      (JSValueToNative):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bindings/scripts/test/JS/JSFloat64Array.cpp:
      (WebCore::getJSFloat64ArrayConstructorTable):
      (WebCore::JSFloat64ArrayConstructor::finishCreation):
      (WebCore::getJSFloat64ArrayPrototypeTable):
      (WebCore::getJSFloat64ArrayTable):
      (WebCore::JSFloat64Array::finishCreation):
      (WebCore::JSFloat64Array::createPrototype):
      * bindings/scripts/test/JS/JSFloat64Array.h:
      (WebCore::JSFloat64Array::create):
      (WebCore::JSFloat64Array::createStructure):
      (JSFloat64Array):
      (WebCore::JSFloat64ArrayPrototype::create):
      (WebCore::JSFloat64ArrayPrototype::createStructure):
      (WebCore::JSFloat64ArrayPrototype::JSFloat64ArrayPrototype):
      (WebCore::JSFloat64ArrayConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
      (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
      (WebCore::JSTestActiveDOMObject::finishCreation):
      (WebCore::JSTestActiveDOMObject::createPrototype):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
      (WebCore::JSTestActiveDOMObject::create):
      (WebCore::JSTestActiveDOMObject::createStructure):
      (JSTestActiveDOMObject):
      (WebCore::JSTestActiveDOMObjectPrototype::create):
      (WebCore::JSTestActiveDOMObjectPrototype::createStructure):
      (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
      (WebCore::JSTestActiveDOMObjectConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestCallback.cpp:
      (WebCore::JSTestCallback::callbackWithNoParam):
      (WebCore::JSTestCallback::callbackWithClass1Param):
      (WebCore::JSTestCallback::callbackWithClass2Param):
      (WebCore::JSTestCallback::callbackWithStringList):
      (WebCore::JSTestCallback::callbackWithBoolean):
      (WebCore::JSTestCallback::callbackRequiresThisToPass):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
      (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
      (WebCore::JSTestCustomNamedGetter::finishCreation):
      (WebCore::JSTestCustomNamedGetter::createPrototype):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
      (WebCore::JSTestCustomNamedGetter::create):
      (WebCore::JSTestCustomNamedGetter::createStructure):
      (JSTestCustomNamedGetter):
      (WebCore::JSTestCustomNamedGetterPrototype::create):
      (WebCore::JSTestCustomNamedGetterPrototype::createStructure):
      (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
      (WebCore::JSTestCustomNamedGetterConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
      (WebCore::JSTestEventConstructorConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::createPrototype):
      * bindings/scripts/test/JS/JSTestEventConstructor.h:
      (WebCore::JSTestEventConstructor::create):
      (WebCore::JSTestEventConstructor::createStructure):
      (JSTestEventConstructor):
      (WebCore::JSTestEventConstructorPrototype::create):
      (WebCore::JSTestEventConstructorPrototype::createStructure):
      (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
      (WebCore::JSTestEventConstructorConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::JSTestEventTargetConstructor::finishCreation):
      (WebCore::JSTestEventTarget::finishCreation):
      (WebCore::JSTestEventTarget::createPrototype):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::create):
      (WebCore::JSTestEventTarget::createStructure):
      (JSTestEventTarget):
      (WebCore::JSTestEventTargetPrototype::create):
      (WebCore::JSTestEventTargetPrototype::createStructure):
      (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
      (WebCore::JSTestEventTargetConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestException.cpp:
      (WebCore::JSTestExceptionConstructor::finishCreation):
      (WebCore::JSTestException::finishCreation):
      (WebCore::JSTestException::createPrototype):
      * bindings/scripts/test/JS/JSTestException.h:
      (WebCore::JSTestException::create):
      (WebCore::JSTestException::createStructure):
      (JSTestException):
      (WebCore::JSTestExceptionPrototype::create):
      (WebCore::JSTestExceptionPrototype::createStructure):
      (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
      (WebCore::JSTestExceptionConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::finishCreation):
      (WebCore::JSTestInterface::finishCreation):
      (WebCore::JSTestInterface::createPrototype):
      * bindings/scripts/test/JS/JSTestInterface.h:
      (WebCore::JSTestInterface::create):
      (WebCore::JSTestInterface::createStructure):
      (JSTestInterface):
      (WebCore::JSTestInterfacePrototype::create):
      (WebCore::JSTestInterfacePrototype::createStructure):
      (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
      (WebCore::JSTestInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
      (WebCore::JSTestMediaQueryListListener::finishCreation):
      (WebCore::JSTestMediaQueryListListener::createPrototype):
      (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      (WebCore::JSTestMediaQueryListListener::create):
      (WebCore::JSTestMediaQueryListListener::createStructure):
      (JSTestMediaQueryListListener):
      (WebCore::JSTestMediaQueryListListenerPrototype::create):
      (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
      (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
      (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
      (WebCore::JSTestNamedConstructorConstructor::finishCreation):
      (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::createPrototype):
      * bindings/scripts/test/JS/JSTestNamedConstructor.h:
      (WebCore::JSTestNamedConstructor::create):
      (WebCore::JSTestNamedConstructor::createStructure):
      (JSTestNamedConstructor):
      (WebCore::JSTestNamedConstructorPrototype::create):
      (WebCore::JSTestNamedConstructorPrototype::createStructure):
      (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
      (WebCore::JSTestNamedConstructorConstructor::createStructure):
      (WebCore::JSTestNamedConstructorNamedConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNode.cpp:
      (WebCore::JSTestNodeConstructor::finishCreation):
      (WebCore::JSTestNode::finishCreation):
      (WebCore::JSTestNode::createPrototype):
      * bindings/scripts/test/JS/JSTestNode.h:
      (WebCore::JSTestNode::create):
      (WebCore::JSTestNode::createStructure):
      (JSTestNode):
      (WebCore::JSTestNodePrototype::create):
      (WebCore::JSTestNodePrototype::createStructure):
      (WebCore::JSTestNodePrototype::JSTestNodePrototype):
      (WebCore::JSTestNodeConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::finishCreation):
      (WebCore::JSTestObj::finishCreation):
      (WebCore::JSTestObj::createPrototype):
      (WebCore::jsTestObjCachedAttribute1):
      (WebCore::jsTestObjCachedAttribute2):
      (WebCore::setJSTestObjConditionalAttr4Constructor):
      (WebCore::setJSTestObjConditionalAttr5Constructor):
      (WebCore::setJSTestObjConditionalAttr6Constructor):
      (WebCore::setJSTestObjAnyAttribute):
      (WebCore::setJSTestObjReplaceableAttribute):
      * bindings/scripts/test/JS/JSTestObj.h:
      (WebCore::JSTestObj::create):
      (WebCore::JSTestObj::createStructure):
      (JSTestObj):
      (WebCore::JSTestObjPrototype::create):
      (WebCore::JSTestObjPrototype::createStructure):
      (WebCore::JSTestObjPrototype::JSTestObjPrototype):
      (WebCore::JSTestObjConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
      (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
      (WebCore::JSTestOverloadedConstructors::finishCreation):
      (WebCore::JSTestOverloadedConstructors::createPrototype):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
      (WebCore::JSTestOverloadedConstructors::create):
      (WebCore::JSTestOverloadedConstructors::createStructure):
      (JSTestOverloadedConstructors):
      (WebCore::JSTestOverloadedConstructorsPrototype::create):
      (WebCore::JSTestOverloadedConstructorsPrototype::createStructure):
      (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
      (WebCore::JSTestOverloadedConstructorsConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::createPrototype):
      (WebCore::jsTestSerializedScriptValueInterfaceCachedValue):
      (WebCore::jsTestSerializedScriptValueInterfaceCachedReadonlyValue):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      (WebCore::JSTestSerializedScriptValueInterface::create):
      (WebCore::JSTestSerializedScriptValueInterface::createStructure):
      (JSTestSerializedScriptValueInterface):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::create):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestTypedefs.cpp:
      (WebCore::JSTestTypedefsConstructor::finishCreation):
      (WebCore::JSTestTypedefs::finishCreation):
      (WebCore::JSTestTypedefs::createPrototype):
      * bindings/scripts/test/JS/JSTestTypedefs.h:
      (WebCore::JSTestTypedefs::create):
      (WebCore::JSTestTypedefs::createStructure):
      (JSTestTypedefs):
      (WebCore::JSTestTypedefsPrototype::create):
      (WebCore::JSTestTypedefsPrototype::createStructure):
      (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
      (WebCore::JSTestTypedefsConstructor::createStructure):
      * bridge/c/CRuntimeObject.h:
      (JSC::Bindings::CRuntimeObject::createStructure):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::create):
      (JSC::Bindings::CRuntimeMethod::createStructure):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      * bridge/jsc/BridgeJSC.cpp:
      (JSC::Bindings::Instance::createRuntimeObject):
      * bridge/objc/ObjCRuntimeObject.h:
      (JSC::Bindings::ObjCRuntimeObject::createStructure):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::create):
      (ObjCRuntimeMethod::createStructure):
      (ObjCRuntimeMethod::finishCreation):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtRuntimeObject::createStructure):
      (JSC::Bindings::QtInstance::~QtInstance):
      (JSC::Bindings::QtInstance::getQtInstance):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::RuntimeArray):
      (JSC::RuntimeArray::finishCreation):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::create):
      (JSC::RuntimeArray::createStructure):
      (RuntimeArray):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::create):
      (JSC::RuntimeMethod::createStructure):
      (RuntimeMethod):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::RuntimeObject):
      (JSC::Bindings::RuntimeObject::finishCreation):
      * bridge/runtime_object.h:
      (JSC::Bindings::RuntimeObject::createStructure):
      * bridge/runtime_root.cpp:
      (JSC::Bindings::RootObject::RootObject):
      (JSC::Bindings::RootObject::gcProtect):
      (JSC::Bindings::RootObject::gcUnprotect):
      (JSC::Bindings::RootObject::updateGlobalObject):
      (JSC::Bindings::RootObject::addRuntimeObject):
      * bridge/runtime_root.h:
      (RootObject):
      * dom/Node.cpp:
      * dom/Node.h:
      (JSC):
      * dom/ScriptExecutionContext.cpp:
      (WebCore::ScriptExecutionContext::vm):
      * dom/ScriptExecutionContext.h:
      (JSC):
      (ScriptExecutionContext):
      * html/HTMLCanvasElement.cpp:
      (WebCore::HTMLCanvasElement::createImageBuffer):
      * html/HTMLImageLoader.cpp:
      (WebCore::HTMLImageLoader::notifyFinished):
      * inspector/ScriptArguments.cpp:
      (WebCore::ScriptArguments::ScriptArguments):
      * loader/icon/IconDatabaseBase.cpp:
      (WebCore):
      (WebCore::iconDatabase):
      (WebCore::setGlobalIconDatabase):
      * platform/qt/MemoryUsageSupportQt.cpp:
      (WebCore::memoryUsageKB):
      (WebCore::actualMemoryUsageKB):
      * platform/win/ClipboardUtilitiesWin.cpp:
      (WebCore::createGlobalData):
      * plugins/PluginView.cpp:
      (WebCore::PluginView::start):
      (WebCore::PluginView::stop):
      (WebCore::PluginView::performRequest):
      (WebCore::PluginView::npObject):
      (WebCore::PluginView::privateBrowsingStateChanged):
      * plugins/blackberry/PluginViewBlackBerry.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      (WebCore::PluginView::getWindowInfo):
      * plugins/efl/PluginViewEfl.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/gtk/PluginViewGtk.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/mac/PluginViewMac.mm:
      (WebCore::PluginView::platformStart):
      * plugins/qt/PluginViewQt.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      * plugins/win/PluginViewWin.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowRect):
      * testing/js/WebCoreTestSupport.cpp:
      (WebCoreTestSupport::injectInternalsObject):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::dropProtection):
      
      ../WebKit/blackberry: 
      
      * Api/BlackBerryGlobal.cpp:
      (BlackBerry::WebKit::clearMemoryCaches):
      * WebKitSupport/AboutData.cpp:
      * WebKitSupport/DumpRenderTreeSupport.cpp:
      (DumpRenderTreeSupport::javaScriptObjectsCount):
      
      ../WebKit/efl: 
      
      * WebCoreSupport/DumpRenderTreeSupportEfl.cpp:
      (DumpRenderTreeSupportEfl::javaScriptObjectsCount):
      
      ../WebKit/gtk: 
      
      * WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
      (DumpRenderTreeSupportGtk::gcCountJavascriptObjects):
      
      ../WebKit/mac: 
      
      * Misc/WebCoreStatistics.mm:
      (+[WebCoreStatistics javaScriptObjectsCount]):
      (+[WebCoreStatistics javaScriptGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
      (+[WebCoreStatistics javaScriptObjectTypeCounts]):
      (+[WebCoreStatistics shouldPrintExceptions]):
      (+[WebCoreStatistics setShouldPrintExceptions:]):
      (+[WebCoreStatistics memoryStatistics]):
      (+[WebCoreStatistics javaScriptReferencedObjectsCount]):
      * Plugins/Hosted/NetscapePluginHostProxy.mm:
      (identifierFromIdentifierRep):
      * Plugins/Hosted/NetscapePluginInstanceProxy.h:
      (LocalObjectMap):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::idForObject):
      (WebKit::NetscapePluginInstanceProxy::getWindowNPObject):
      (WebKit::NetscapePluginInstanceProxy::getPluginElementNPObject):
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::create):
      (WebKit::ProxyRuntimeMethod::createStructure):
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::getPropertyNames):
      * Plugins/Hosted/ProxyRuntimeObject.h:
      (WebKit::ProxyRuntimeObject::create):
      (WebKit::ProxyRuntimeObject::createStructure):
      * Plugins/WebNetscapePluginStream.mm:
      (WebNetscapePluginStream::wantsAllStreams):
      * Plugins/WebNetscapePluginView.mm:
      (-[WebNetscapePluginView sendEvent:isDrawRect:]):
      (-[WebNetscapePluginView privateBrowsingModeDidChange]):
      (-[WebNetscapePluginView setWindowIfNecessary]):
      (-[WebNetscapePluginView createPluginScriptableObject]):
      (-[WebNetscapePluginView getFormValue:]):
      (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]):
      (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]):
      (-[WebNetscapePluginView loadPluginRequest:]):
      (-[WebNetscapePluginView _printedPluginBitmap]):
      * Plugins/WebPluginController.mm:
      (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]):
      (-[WebPluginController stopOnePlugin:]):
      (-[WebPluginController destroyOnePlugin:]):
      (-[WebPluginController startAllPlugins]):
      (-[WebPluginController addPlugin:]):
      * WebKit.order:
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame scopeChain]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebScriptDebugger.mm:
      (WebScriptDebugger::WebScriptDebugger):
      
      ../WebKit/qt: 
      
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (DumpRenderTreeSupportQt::javaScriptObjectsCount):
      * WebCoreSupport/QWebFrameAdapter.cpp:
      (QWebFrameAdapter::addToJavaScriptWindowObject):
      
      ../WebKit/win: 
      
      * WebCoreStatistics.cpp:
      (WebCoreStatistics::javaScriptObjectsCount):
      (WebCoreStatistics::javaScriptGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectsCount):
      (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      * WebJavaScriptCollector.cpp:
      (WebJavaScriptCollector::objectCount):
      
      ../WebKit2: 
      
      * Shared/linux/WebMemorySamplerLinux.cpp:
      (WebKit::WebMemorySampler::sampleWebKit):
      * Shared/mac/WebMemorySampler.mac.mm:
      (WebKit::WebMemorySampler::sampleWebKit):
      * WebProcess/InjectedBundle/InjectedBundle.cpp:
      (WebKit::InjectedBundle::javaScriptObjectsCount):
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::finishCreation):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::create):
      (JSNPMethod):
      (WebKit::JSNPMethod::createStructure):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::JSNPObject):
      (WebKit::JSNPObject::finishCreation):
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (WebKit::JSNPObject::create):
      (WebKit::JSNPObject::createStructure):
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::create):
      (WebKit::NPJSObject::initialize):
      * WebProcess/Plugins/Netscape/NPJSObject.h:
      (JSC):
      (NPJSObject):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::getOrCreateNPObject):
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      (WebKit::NPRuntimeObjectMap::evaluate):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.h:
      (JSC):
      (NPRuntimeObjectMap):
      * WebProcess/Plugins/PluginView.cpp:
      (WebKit::PluginView::windowScriptNPObject):
      (WebKit::PluginView::pluginElementNPObject):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::runJavaScriptInMainFrame):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::getWebCoreStatistics):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148696 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9a9a4b52
  12. 17 Apr, 2013 1 commit
    • mark.lam@apple.com's avatar
      Source/JavaScriptCore: Add LLINT and baseline JIT support for timing out scripts. · dff6b22e
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114577.
      
      Reviewed by Geoffrey Garen.
      
      Introduces the new Watchdog class which is used to track script
      execution time, and initiate script termination if needed.
      
      * API/JSContextRef.cpp:
      (internalScriptTimeoutCallback):
      (JSContextGroupSetExecutionTimeLimit):
      (JSContextGroupClearExecutionTimeLimit):
      * API/JSContextRefPrivate.h:
      - Added new script execution time limit APIs.
      * API/tests/testapi.c:
      (currentCPUTime):
      (shouldTerminateCallback):
      (cancelTerminateCallback):
      (extendTerminateCallback):
      (main):
      - Added new API tests for script execution time limit.
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitLoopHint):
      - loop hints are needed for the llint as well. Hence, it will be
        emitted unconditionally.
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::addStackTraceIfNecessary):
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      - Added checks for script termination before entering script code.
      * jit/JIT.cpp:
      (JSC::JIT::emitWatchdogTimerCheck):
      * jit/JIT.h:
      (JSC::JIT::emit_op_loop_hint):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION(void, handle_watchdog_timer)):
      * jit/JITStubs.h:
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::doThrow):
      - Factored out some common code from returnToThrow() and callToThrow().
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL(slow_path_handle_watchdog_timer)):
      * llint/LLIntSlowPaths.h:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ExceptionHelpers.cpp:
      (JSC::throwTerminatedExecutionException):
      - Also removed the now unused InterruptedExecutionException.
      * runtime/ExceptionHelpers.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      - Added watchdog, and removed the now obsolete Terminator.
      * runtime/Terminator.h: Removed.
      * runtime/Watchdog.cpp: Added.
      (JSC::Watchdog::Watchdog):
      (JSC::Watchdog::~Watchdog):
      (JSC::Watchdog::setTimeLimit):
      (JSC::Watchdog::didFire):
      (JSC::Watchdog::isEnabled):
      (JSC::Watchdog::fire):
      (JSC::Watchdog::arm):
      (JSC::Watchdog::disarm):
      (JSC::Watchdog::startCountdownIfNeeded):
      (JSC::Watchdog::startCountdown):
      (JSC::Watchdog::stopCountdown):
      (JSC::Watchdog::Scope::Scope):
      (JSC::Watchdog::Scope::~Scope):
      * runtime/Watchdog.h: Added.
      (Watchdog):
      (JSC::Watchdog::didFire):
      (JSC::Watchdog::timerDidFireAddress):
      (JSC::Watchdog::isArmed):
      (Watchdog::Scope):
      * runtime/WatchdogMac.cpp: Added.
      (JSC::Watchdog::initTimer):
      (JSC::Watchdog::destroyTimer):
      (JSC::Watchdog::startTimer):
      (JSC::Watchdog::stopTimer):
      * runtime/WatchdogNone.cpp: Added.
      (JSC::Watchdog::initTimer):
      (JSC::Watchdog::destroyTimer):
      (JSC::Watchdog::startTimer):
      (JSC::Watchdog::stopTimer):
      
      Source/WebCore: Add LLINT and baseline JIT support for timing out scripts.
      https://bugs.webkit.org/show_bug.cgi?id=114577.
      
      Reviewed by Geoffrey Garen.
      
      Replaced use of the obsolete JSGlobalData.terminator methods with the
      JSGlobalData.watchdog equivalents.
      
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::scheduleExecutionTermination):
      (WebCore::WorkerScriptController::isExecutionTerminating):
      
      Source/WTF: Added currentCPUTime() and currentCPUTimeMS().
      https://bugs.webkit.org/show_bug.cgi?id=114577.
      
      Reviewed by Geoffrey Garen.
      
      The currentCPUTime() implementation came from the old TimeoutChecker.cpp.
      
      * wtf/CurrentTime.cpp:
      (WTF::currentCPUTime):
      (WTF::currentCPUTimeMS):
      * wtf/CurrentTime.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148639 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      dff6b22e
  13. 15 Apr, 2013 1 commit
    • andersca@apple.com's avatar
      ScriptWrappable subclasses shouldn't have to include WeakInlines.h · 87a467cc
      andersca@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114641
      
      Reviewed by Alexey Proskuryakov.
      
      Source/JavaScriptCore:
      
      Move back the Weak constructor, destructor and clear() to Weak.h. Add a new weakClearSlowCase function
      and put it in Weak.cpp.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * heap/Weak.cpp: Added.
      * heap/Weak.h:
      * heap/WeakInlines.h:
      * heap/WeakSetInlines.h:
      
      Source/WebCore:
      
      Remove ScriptWrappableInlines.h includes, they're not needed anymore.
      
      * css/WebKitCSSMatrix.cpp:
      * dom/ClientRect.cpp:
      * dom/ClientRectList.cpp:
      * dom/Clipboard.cpp:
      * dom/DOMStringMap.cpp:
      * dom/Event.cpp:
      * dom/MutationRecord.cpp:
      * fileapi/FileList.cpp:
      * page/BarInfo.cpp:
      * plugins/DOMMimeTypeArray.cpp:
      * plugins/DOMPlugin.cpp:
      * plugins/DOMPluginArray.cpp:
      * storage/Storage.cpp:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148479 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      87a467cc
  14. 10 Apr, 2013 1 commit
    • ggaren@apple.com's avatar
      Removed bitrotted TimeoutChecker code · 285b5e22
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114336
      
      Reviewed by Alexey Proskuryakov.
      
      ../JavaScriptCore: 
      
      This mechanism hasn't worked for a while.
      
      MarkL is working on a new version of this feature with a distinct
      implementation.
      
      * API/APIShims.h:
      (JSC::APIEntryShim::~APIEntryShim):
      (JSC::APIEntryShim::init):
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * dfg/DFGGPRInfo.h:
      * jit/JIT.cpp:
      * jit/JIT.h:
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      * jit/JSInterfaceJIT.h:
      (JSInterfaceJIT):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.cpp:
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Walker::walk):
      * runtime/TimeoutChecker.cpp: Removed.
      * runtime/TimeoutChecker.h: Removed.
      
      ../WebCore: 
      
      This mechanism hasn't worked for a while.
      
      MarkL is working on a new version of this feature with a distinct
      implementation.
      
      * bindings/js/JSCallbackData.cpp:
      (WebCore::JSCallbackData::invokeCallback):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::commonJSGlobalData):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSMutationCallback.cpp:
      (WebCore::JSMutationCallback::call):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::evaluateInWorld):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneBase::CloneBase):
      (WebCore::CloneSerializer::serialize):
      (WebCore::CloneDeserializer::deserialize):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::evaluate):
      * bindings/objc/WebScriptObject.mm:
      (-[WebScriptObject callWebScriptMethod:withArguments:]):
      (-[WebScriptObject evaluateWebScript:]):
      
      ../WebKit/blackberry: 
      
      * Api/WebPage.cpp:
      (BlackBerry::WebKit::WebPage::setTimeoutForJavaScriptExecution):
      
      ../WebKit/mac: 
      
      This mechanism hasn't worked for a while.
      
      MarkL is working on a new version of this feature with a distinct
      implementation.
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      
      ../WebKit/qt: 
      
      * WebCoreSupport/FrameLoaderClientQt.cpp:
      (WebCore::FrameLoaderClientQt::createDocumentLoader):
      
      ../WebKit2: 
      
      This mechanism hasn't worked for a while.
      
      MarkL is working on a new version of this feature with a distinct
      implementation.
      
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::construct):
      (WebKit::NPJSObject::invoke):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::evaluate):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148119 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      285b5e22
  15. 01 Apr, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      Regions should be allocated from the same contiguous segment of virtual memory · 944b1216
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=113662
      
      Reviewed by Filip Pizlo.
      
      Instead of letting the OS spread our Regions all over the place, we should allocate them all within 
      some range of each other. This change will open the door to some other optimizations, e.g. doing simple 
      range checks for our write barriers and compressing JSCell pointers to 32-bits.
      
      Source/JavaScriptCore: 
      
      Added new SuperRegion class that encapsulates allocating Regions from a contiguous reserved chunk of 
      virtual address space. It functions very similarly to the FixedVMPoolExecutableAllocator class used by the JIT.
      
      Also added two new subclasses of Region, NormalRegion and ExcessRegion. 
              
      NormalRegion is the type of Region that is normally allocated when there is available space remaining 
      in the SuperRegion. If we ever run out of space in the SuperRegion, we fall back to allocating 
      ExcessRegions, which are identical to how Regions have behaved up until now, i.e. they contain a 
      PageAllocationAligned.
      
      We only use the SuperRegion (and NormalRegions) on 64-bit systems, since it doesn't make sense to reserve the 
      entire 4 GB address space on 32-bit systems just for the JS heap.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * heap/BlockAllocator.cpp:
      (JSC::BlockAllocator::BlockAllocator):
      * heap/BlockAllocator.h:
      (JSC):
      (BlockAllocator):
      (JSC::BlockAllocator::allocate):
      (JSC::BlockAllocator::allocateCustomSize):
      (JSC::BlockAllocator::deallocateCustomSize):
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC):
      (JSC::Heap::didExceedFixedHeapSizeLimit):
      * heap/Heap.h:
      (Heap):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::create):
      * heap/Region.h:
      (Region):
      (JSC):
      (NormalRegion):
      (JSC::NormalRegion::base):
      (JSC::NormalRegion::size):
      (ExcessRegion):
      (JSC::ExcessRegion::base):
      (JSC::ExcessRegion::size):
      (JSC::NormalRegion::NormalRegion):
      (JSC::NormalRegion::tryCreate):
      (JSC::NormalRegion::tryCreateCustomSize):
      (JSC::NormalRegion::reset):
      (JSC::ExcessRegion::ExcessRegion):
      (JSC::ExcessRegion::~ExcessRegion):
      (JSC::ExcessRegion::create):
      (JSC::ExcessRegion::createCustomSize):
      (JSC::ExcessRegion::reset):
      (JSC::Region::Region):
      (JSC::Region::initializeBlockList):
      (JSC::Region::create):
      (JSC::Region::createCustomSize):
      (JSC::Region::~Region):
      (JSC::Region::destroy):
      (JSC::Region::reset):
      (JSC::Region::deallocate):
      (JSC::Region::base):
      (JSC::Region::size):
      * heap/SuperRegion.cpp: Added.
      (JSC):
      (JSC::SuperRegion::SuperRegion):
      (JSC::SuperRegion::getAlignedBase):
      (JSC::SuperRegion::allocateNewSpace):
      (JSC::SuperRegion::notifyNeedPage):
      (JSC::SuperRegion::notifyPageIsFree):
      * heap/SuperRegion.h: Added.
      (JSC):
      (SuperRegion):
      
      Source/WTF: 
      
      * wtf/MetaAllocator.cpp: Changed the MetaAllocator to allow custom page sizes if the derived class wants to
      use something other than the system page size.
      (WTF::MetaAllocator::MetaAllocator):
      * wtf/MetaAllocator.h:
      (MetaAllocator):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@147324 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      944b1216
  16. 30 Mar, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      Move Region into its own header · 4b14805e
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=113617
      
      Reviewed by Geoffrey Garen.
      
      BlockAllocator.h is getting a little crowded. We should move the Region class into its own
      header, since it's pretty independent from the BlockAllocator.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/BlockAllocator.h:
      (JSC):
      * heap/Region.h: Added.
      (JSC):
      (DeadBlock):
      (JSC::DeadBlock::DeadBlock):
      (Region):
      (JSC::Region::blockSize):
      (JSC::Region::isFull):
      (JSC::Region::isEmpty):
      (JSC::Region::isCustomSize):
      (JSC::Region::create):
      (JSC::Region::createCustomSize):
      (JSC::Region::Region):
      (JSC::Region::~Region):
      (JSC::Region::reset):
      (JSC::Region::allocate):
      (JSC::Region::deallocate):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@147282 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4b14805e
  17. 24 Mar, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      HandleSet should use HeapBlocks for storing handles · 94b9c7da
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=113145
      
      Reviewed by Geoffrey Garen.
      
      * GNUmakefile.list.am: Build project changes.
      * JavaScriptCore.gypi: Ditto.
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: Ditto.
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: Ditto.
      * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
      * heap/BlockAllocator.cpp: Rename the RegionSet to m_fourKBBlockRegionSet because there are 
      too many block types to include them all in the name now.
      (JSC::BlockAllocator::BlockAllocator):
      * heap/BlockAllocator.h:
      (BlockAllocator): Add the appropriate override for regionSetFor.
      (JSC::WeakBlock):
      (JSC::MarkStackSegment):
      (JSC::HandleBlock):
      * heap/HandleBlock.h: Added.
      (HandleBlock): New class for HandleBlocks.
      (JSC::HandleBlock::blockFor): Static method to get the block of the given HandleNode pointer. Allows
      us to quickly figure out which HandleSet the HandleNode belongs to without storing the pointer to it
      in the HandleNode.
      (JSC::HandleBlock::handleSet): Getter.
      * heap/HandleBlockInlines.h: Added.
      (JSC::HandleBlock::create):
      (JSC::HandleBlock::HandleBlock):
      (JSC::HandleBlock::payloadEnd):
      (JSC::HandleBlock::payload):
      (JSC::HandleBlock::nodes):
      (JSC::HandleBlock::nodeAtIndex):
      (JSC::HandleBlock::nodeCapacity):
      * heap/HandleSet.cpp:
      (JSC::HandleSet::~HandleSet): 
      (JSC::HandleSet::grow):
      * heap/HandleSet.h:
      (HandleNode): Move the internal Node class from HandleSet to be its own public class so it can be 
      used by HandleBlock.
      (HandleSet): Add a typedef so that Node refers to the new HandleNode class.
      (JSC::HandleSet::toHandle):
      (JSC::HandleSet::toNode):
      (JSC::HandleSet::allocate):
      (JSC::HandleSet::deallocate):
      (JSC::HandleNode::HandleNode):
      (JSC::HandleNode::slot):
      (JSC::HandleNode::handleSet): Use the new blockFor static function to get the right HandleBlock and lookup 
      the HandleSet.
      (JSC::HandleNode::setPrev):
      (JSC::HandleNode::prev):
      (JSC::HandleNode::setNext):
      (JSC::HandleNode::next):
      (JSC::HandleSet::forEachStrongHandle):
      * heap/Heap.h: Friend HandleSet so that it can access the BlockAllocator when allocating HandleBlocks.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146734 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      94b9c7da
  18. 21 Mar, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      Objective-C API: wrapperClass holds a static JSClassRef, which causes JSGlobalObjects to leak · ff81d056
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=112856
      
      Reviewed by Geoffrey Garen.
      
      Through a very convoluted path that involves the caching of prototypes on the JSClassRef, we can leak 
      JSGlobalObjects when inserting an Objective-C object into multiple independent JSContexts.
      
      * API/JSAPIWrapperObject.cpp: Removed.
      * API/JSAPIWrapperObject.h:
      (JSAPIWrapperObject):
      * API/JSAPIWrapperObject.mm: Copied from Source/JavaScriptCore/API/JSAPIWrapperObject.cpp. Made this an
      Objective-C++ file so that we can call release on the wrappedObject. Also added a WeakHandleOwner for 
      JSAPIWrapperObjects. This will also be used in a future patch for https://bugs.webkit.org/show_bug.cgi?id=112608.
      (JSAPIWrapperObjectHandleOwner):
      (jsAPIWrapperObjectHandleOwner):
      (JSAPIWrapperObjectHandleOwner::finalize): This finalize replaces the old finalize that was done through
      the C API.
      (JSC::JSAPIWrapperObject::finishCreation): Allocate the WeakImpl. Balanced in finalize.
      (JSC::JSAPIWrapperObject::setWrappedObject): We now do the retain of the wrappedObject here rather than in random
      places scattered around JSWrapperMap.mm
      * API/JSObjectRef.cpp: Added some ifdefs for platforms that don't support the Obj-C API.
      (JSObjectGetPrivate): Ditto.
      (JSObjectSetPrivate): Ditto.
      (JSObjectGetPrivateProperty): Ditto.
      (JSObjectSetPrivateProperty): Ditto.
      (JSObjectDeletePrivateProperty): Ditto.
      * API/JSValueRef.cpp: Ditto.
      (JSValueIsObjectOfClass): Ditto.
      * API/JSWrapperMap.mm: Remove wrapperClass().
      (objectWithCustomBrand): Change to no longer use a parent class, which was only used to give the ability to 
      finalize wrapper objects.
      (-[JSObjCClassInfo initWithContext:forClass:superClassInfo:]): Change to no longer use wrapperClass(). 
      (-[JSObjCClassInfo allocateConstructorAndPrototypeWithSuperClassInfo:]): Ditto.
      (tryUnwrapObjcObject): We now check if the object inherits from JSAPIWrapperObject.
      * API/tests/testapi.mm: Added a test that exports an Objective-C object to two different JSContexts and makes 
      sure that the first one is collected properly by using a weak JSManagedValue for the wrapper in the first JSContext.
      * CMakeLists.txt: Build file modifications.
      * GNUmakefile.list.am: Ditto.
      * JavaScriptCore.gypi: Ditto.
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: Ditto.
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: Ditto.
      * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
      * runtime/JSGlobalObject.cpp: More ifdefs for unsupported platforms.
      (JSC::JSGlobalObject::reset): Ditto.
      (JSC::JSGlobalObject::visitChildren): Ditto.
      * runtime/JSGlobalObject.h: Ditto.
      (JSGlobalObject): Ditto.
      (JSC::JSGlobalObject::objcCallbackFunctionStructure): Ditto.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ff81d056
  19. 18 Mar, 2013 2 commits
    • fpizlo@apple.com's avatar
      DFG string conversions and allocations should be inlined · 0e6e1542
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=112376
      
      Source/JavaScriptCore: 
      
      Reviewed by Geoffrey Garen.
              
      This turns new String(), String(), String.prototype.valueOf(), and
      String.prototype.toString() into intrinsics. It gives the DFG the ability to handle
      conversions from StringObject to JSString and vice-versa, and also gives it the
      ability to handle cases where a variable may be either a StringObject or a JSString.
      To do this, I added StringObject to value profiling (and removed the stale
      distinction between Myarguments and Foreignarguments). I also cleaned up ToPrimitive
      handling, using some of the new functionality but also taking advantage of the
      existence of Identity(String:@a).
              
      This is a 2% SunSpider speed-up. Also there are some speed-ups on V8v7 and Kraken.
      On microbenchmarks that stress new String() this is a 14x speed-up.
      
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::hasExitSite):
      (JSC):
      * bytecode/DFGExitProfile.cpp:
      (JSC::DFG::ExitProfile::hasExitSite):
      (DFG):
      * bytecode/DFGExitProfile.h:
      (ExitProfile):
      (JSC::DFG::ExitProfile::hasExitSite):
      * bytecode/ExitKind.cpp:
      (JSC::exitKindToString):
      * bytecode/ExitKind.h:
      * bytecode/SpeculatedType.cpp:
      (JSC::dumpSpeculation):
      (JSC::speculationToAbbreviatedString):
      (JSC::speculationFromClassInfo):
      * bytecode/SpeculatedType.h:
      (JSC):
      (JSC::isStringObjectSpeculation):
      (JSC::isStringOrStringObjectSpeculation):
      * create_hash_table:
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::executeEffects):
      * dfg/DFGAbstractState.h:
      (JSC::DFG::AbstractState::filterEdgeByUse):
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleCall):
      (JSC::DFG::ByteCodeParser::emitArgumentPhantoms):
      (DFG):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::putStructureStoreElimination):
      * dfg/DFGEdge.h:
      (JSC::DFG::Edge::shift):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
      (FixupPhase):
      (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
      (JSC::DFG::FixupPhase::observeUseKindOnNode):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::hasGlobalExitSite):
      (Graph):
      (JSC::DFG::Graph::hasExitSite):
      (JSC::DFG::Graph::clobbersWorld):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::convertToToString):
      (Node):
      (JSC::DFG::Node::hasStructure):
      (JSC::DFG::Node::shouldSpeculateStringObject):
      (JSC::DFG::Node::shouldSpeculateStringOrStringObject):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileToStringOnCell):
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileNewStringObject):
      (JSC::DFG::SpeculativeJIT::speculateObject):
      (JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
      (JSC::DFG::SpeculativeJIT::speculateString):
      (JSC::DFG::SpeculativeJIT::speculateStringObject):
      (JSC::DFG::SpeculativeJIT::speculateStringOrStringObject):
      (JSC::DFG::SpeculativeJIT::speculate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      (JSC::DFG::SpeculateCellOperand::SpeculateCellOperand):
      (DFG):
      (JSC::DFG::SpeculativeJIT::speculateStringObjectForStructure):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGUseKind.cpp:
      (WTF::printInternal):
      * dfg/DFGUseKind.h:
      (JSC::DFG::typeFilterFor):
      * interpreter/CallFrame.h:
      (JSC::ExecState::regExpPrototypeTable):
      * runtime/CommonIdentifiers.h:
      * runtime/Intrinsic.h:
      * runtime/JSDestructibleObject.h:
      (JSDestructibleObject):
      (JSC::JSDestructibleObject::classInfoOffset):
      * runtime/JSGlobalData.cpp:
      (JSC):
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSObject.cpp:
      * runtime/JSObject.h:
      (JSC):
      * runtime/JSWrapperObject.h:
      (JSC::JSWrapperObject::allocationSize):
      (JSWrapperObject):
      (JSC::JSWrapperObject::internalValueOffset):
      (JSC::JSWrapperObject::internalValueCellOffset):
      * runtime/StringPrototype.cpp:
      (JSC):
      (JSC::StringPrototype::finishCreation):
      (JSC::StringPrototype::create):
      * runtime/StringPrototype.h:
      (StringPrototype):
      
      LayoutTests: 
      
      Reviewed by Geoffrey Garen.
      
      * fast/js/dfg-to-string-bad-toString-expected.txt: Added.
      * fast/js/dfg-to-string-bad-toString.html: Added.
      * fast/js/dfg-to-string-bad-valueOf-expected.txt: Added.
      * fast/js/dfg-to-string-bad-valueOf.html: Added.
      * fast/js/dfg-to-string-int-expected.txt: Added.
      * fast/js/dfg-to-string-int-or-string-expected.txt: Added.
      * fast/js/dfg-to-string-int-or-string.html: Added.
      * fast/js/dfg-to-string-int.html: Added.
      * fast/js/dfg-to-string-side-effect-clobbers-toString-expected.txt: Added.
      * fast/js/dfg-to-string-side-effect-clobbers-toString.html: Added.
      * fast/js/dfg-to-string-side-effect-expected.txt: Added.
      * fast/js/dfg-to-string-side-effect.html: Added.
      * fast/js/dfg-to-string-toString-becomes-bad-expected.txt: Added.
      * fast/js/dfg-to-string-toString-becomes-bad-with-dictionary-string-prototype-expected.txt: Added.
      * fast/js/dfg-to-string-toString-becomes-bad-with-dictionary-string-prototype.html: Added.
      * fast/js/dfg-to-string-toString-becomes-bad.html: Added.
      * fast/js/dfg-to-string-toString-in-string-expected.txt: Added.
      * fast/js/dfg-to-string-toString-in-string.html: Added.
      * fast/js/dfg-to-string-valueOf-becomes-bad-expected.txt: Added.
      * fast/js/dfg-to-string-valueOf-becomes-bad.html: Added.
      * fast/js/dfg-to-string-valueOf-in-string-expected.txt: Added.
      * fast/js/dfg-to-string-valueOf-in-string.html: Added.
      * fast/js/jsc-test-list:
      * fast/js/regress/script-tests/string-concat-object.js: Added.
      (foo):
      * fast/js/regress/script-tests/string-concat-pair-object.js: Added.
      (foo):
      * fast/js/regress/script-tests/string-concat-pair-simple.js: Added.
      (foo):
      * fast/js/regress/script-tests/string-concat-simple.js: Added.
      (foo):
      * fast/js/regress/script-tests/string-cons-repeat.js: Added.
      (foo):
      * fast/js/regress/script-tests/string-cons-tower.js: Added.
      (foo):
      * fast/js/regress/string-concat-object-expected.txt: Added.
      * fast/js/regress/string-concat-object.html: Added.
      * fast/js/regress/string-concat-pair-object-expected.txt: Added.
      * fast/js/regress/string-concat-pair-object.html: Added.
      * fast/js/regress/string-concat-pair-simple-expected.txt: Added.
      * fast/js/regress/string-concat-pair-simple.html: Added.
      * fast/js/regress/string-concat-simple-expected.txt: Added.
      * fast/js/regress/string-concat-simple.html: Added.
      * fast/js/regress/string-cons-repeat-expected.txt: Added.
      * fast/js/regress/string-cons-repeat.html: Added.
      * fast/js/regress/string-cons-tower-expected.txt: Added.
      * fast/js/regress/string-cons-tower.html: Added.
      * fast/js/script-tests/dfg-to-string-bad-toString.js: Added.
      (String.prototype.toString):
      (foo):
      * fast/js/script-tests/dfg-to-string-bad-valueOf.js: Added.
      (String.prototype.valueOf):
      (foo):
      * fast/js/script-tests/dfg-to-string-int-or-string.js: Added.
      (foo):
      * fast/js/script-tests/dfg-to-string-int.js: Added.
      (foo):
      * fast/js/script-tests/dfg-to-string-side-effect-clobbers-toString.js: Added.
      (foo):
      * fast/js/script-tests/dfg-to-string-side-effect.js: Added.
      (foo):
      * fast/js/script-tests/dfg-to-string-toString-becomes-bad-with-dictionary-string-prototype.js: Added.
      (foo):
      (.String.prototype.toString):
      * fast/js/script-tests/dfg-to-string-toString-becomes-bad.js: Added.
      (foo):
      (.String.prototype.toString):
      * fast/js/script-tests/dfg-to-string-toString-in-string.js: Added.
      (foo):
      (.argument.toString):
      * fast/js/script-tests/dfg-to-string-valueOf-becomes-bad.js: Added.
      (foo):
      (.String.prototype.valueOf):
      * fast/js/script-tests/dfg-to-string-valueOf-in-string.js: Added.
      (foo):
      (.argument.valueOf):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146089 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0e6e1542
    • fpizlo@apple.com's avatar
      ObjectPrototype properties should be eagerly created rather than lazily via static tables · 85d516bd
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=112539
      
      Reviewed by Oliver Hunt.
              
      This is the first part of https://bugs.webkit.org/show_bug.cgi?id=112233. Rolling this
      in first since it's the less-likely-to-be-broken part.
      
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * interpreter/CallFrame.h:
      (JSC::ExecState::objectConstructorTable):
      * runtime/CommonIdentifiers.h:
      * runtime/JSGlobalData.cpp:
      (JSC):
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSObject.cpp:
      (JSC::JSObject::putDirectNativeFunction):
      (JSC):
      * runtime/JSObject.h:
      (JSObject):
      (JSC):
      * runtime/Lookup.cpp:
      (JSC::setUpStaticFunctionSlot):
      * runtime/ObjectPrototype.cpp:
      (JSC):
      (JSC::ObjectPrototype::finishCreation):
      (JSC::ObjectPrototype::create):
      * runtime/ObjectPrototype.h:
      (ObjectPrototype):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146071 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      85d516bd
  20. 15 Mar, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      Roll out r145838 · 871ffe65
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=112458
      
      Unreviewed. Requested by Filip Pizlo.
      
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * dfg/DFGOperations.cpp:
      * interpreter/CallFrame.h:
      (JSC::ExecState::objectPrototypeTable):
      * jit/JITStubs.cpp:
      (JSC::getByVal):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::getByVal):
      * runtime/CommonIdentifiers.h:
      * runtime/JSCell.cpp:
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSCellInlines.h:
      (JSC):
      (JSC::JSCell::fastGetOwnProperty):
      * runtime/JSGlobalData.cpp:
      (JSC):
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSObject.cpp:
      (JSC):
      * runtime/JSObject.h:
      (JSObject):
      (JSC):
      * runtime/Lookup.cpp:
      (JSC::setUpStaticFunctionSlot):
      * runtime/ObjectPrototype.cpp:
      (JSC):
      (JSC::ObjectPrototype::finishCreation):
      (JSC::ObjectPrototype::getOwnPropertySlot):
      (JSC::ObjectPrototype::getOwnPropertyDescriptor):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::create):
      (ObjectPrototype):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyTable::findWithString):
      * runtime/Structure.h:
      (Structure):
      * runtime/StructureInlines.h:
      (JSC::Structure::get):
      
      LayoutTests:
      
      * fast/js/regress/script-tests/string-lookup-hit-identifier.js: Removed.
      * fast/js/regress/script-tests/string-lookup-hit.js: Removed.
      * fast/js/regress/script-tests/string-lookup-miss.js: Removed.
      * fast/js/regress/string-lookup-hit-expected.txt: Removed.
      * fast/js/regress/string-lookup-hit-identifier-expected.txt: Removed.
      * fast/js/regress/string-lookup-hit-identifier.html: Removed.
      * fast/js/regress/string-lookup-hit.html: Removed.
      * fast/js/regress/string-lookup-miss-expected.txt: Removed.
      * fast/js/regress/string-lookup-miss.html: Removed.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145945 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      871ffe65
  21. 14 Mar, 2013 2 commits
    • mhahnenberg@apple.com's avatar
      Objective-C API: Objective-C functions exposed to JavaScript have the wrong... · 9c4b2105
      mhahnenberg@apple.com authored
      Objective-C API: Objective-C functions exposed to JavaScript have the wrong type (object instead of function)
      https://bugs.webkit.org/show_bug.cgi?id=105892
      
      Reviewed by Geoffrey Garen.
      
      Changed ObjCCallbackFunction to subclass JSCallbackFunction which already has all of the machinery to call
      functions using the C API. Since ObjCCallbackFunction is now a JSCell, we changed the old implementation of
      ObjCCallbackFunction to be the internal implementation and keep track of all the proper data so that we 
      don't have to put all of that in the header, which will now be included from C++ files (e.g. JSGlobalObject.cpp).
      
      * API/JSCallbackFunction.cpp: Change JSCallbackFunction to allow subclassing. Originally it was internally
      passing its own Structure up the chain of constructors, but we now want to be able to pass other Structures as well.
      (JSC::JSCallbackFunction::JSCallbackFunction):
      (JSC::JSCallbackFunction::create):
      * API/JSCallbackFunction.h:
      (JSCallbackFunction):
      * API/JSWrapperMap.mm: Changed interface to tryUnwrapBlock.
      (tryUnwrapObjcObject):
      * API/ObjCCallbackFunction.h:
      (ObjCCallbackFunction): Moved into the JSC namespace, just like JSCallbackFunction.
      (JSC::ObjCCallbackFunction::createStructure): Overridden so that the correct ClassInfo gets used since we have 
      a destructor.
      (JSC::ObjCCallbackFunction::impl): Getter for the internal impl.
      * API/ObjCCallbackFunction.mm:
      (JSC::ObjCCallbackFunctionImpl::ObjCCallbackFunctionImpl): What used to be ObjCCallbackFunction is now 
      ObjCCallbackFunctionImpl. It handles the Objective-C specific parts of managing callback functions.
      (JSC::ObjCCallbackFunctionImpl::~ObjCCallbackFunctionImpl):
      (JSC::objCCallbackFunctionCallAsFunction): Same as the old one, but now it casts to ObjCCallbackFunction and grabs the impl 
      rather than using JSObjectGetPrivate.
      (JSC::ObjCCallbackFunction::ObjCCallbackFunction): New bits to allow being part of the JSCell hierarchy.
      (JSC::ObjCCallbackFunction::create):
      (JSC::ObjCCallbackFunction::destroy):
      (JSC::ObjCCallbackFunctionImpl::call): Handles the actual invocation, just like it used to.
      (objCCallbackFunctionForInvocation):
      (tryUnwrapBlock): Changed to check the ClassInfo for inheritance directly, rather than going through the C API call.
      * API/tests/testapi.mm: Added new test to make sure that doing Function.prototype.toString.call(f) won't result in 
      an error when f is an Objective-C method or block underneath the covers.
      * runtime/JSGlobalObject.cpp: Added new Structure for ObjCCallbackFunction.
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::objcCallbackFunctionStructure):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145848 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9c4b2105
    • fpizlo@apple.com's avatar
      JSObject fast by-string access optimizations should work even on the prototype... · 10c38d3c
      fpizlo@apple.com authored
      JSObject fast by-string access optimizations should work even on the prototype chain, and even when the result is undefined
      https://bugs.webkit.org/show_bug.cgi?id=112233
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt.
              
      Extended the existing fast access path for String keys to work over the entire prototype chain,
      not just the self access case. This will fail as soon as it sees an object that intercepts
      getOwnPropertySlot, so this patch also ensures that ObjectPrototype does not fall into that
      category. This is accomplished by making ObjectPrototype eagerly reify all of its properties.
      This is safe for ObjectPrototype because it's so common and we expect all of its properties to
      be reified for any interesting programs anyway. A new idiom for adding native functions to
      prototypes is introduced, which ought to work well for any other prototypes that we wish to do
      this conversion for.
              
      This is a >60% speed-up in the case that you frequently do by-string lookups that "miss", i.e.
      they don't turn up anything.
      
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * dfg/DFGOperations.cpp:
      * interpreter/CallFrame.h:
      (JSC::ExecState::objectConstructorTable):
      * jit/JITStubs.cpp:
      (JSC::getByVal):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::getByVal):
      * runtime/CommonIdentifiers.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::getByStringSlow):
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSCellInlines.h:
      (JSC):
      (JSC::JSCell::getByStringAndKey):
      (JSC::JSCell::getByString):
      * runtime/JSGlobalData.cpp:
      (JSC):
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSObject.cpp:
      (JSC::JSObject::putDirectNativeFunction):
      (JSC):
      * runtime/JSObject.h:
      (JSObject):
      (JSC):
      * runtime/Lookup.cpp:
      (JSC::setUpStaticFunctionSlot):
      * runtime/ObjectPrototype.cpp:
      (JSC):
      (JSC::ObjectPrototype::finishCreation):
      (JSC::ObjectPrototype::create):
      * runtime/ObjectPrototype.h:
      (ObjectPrototype):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyTable::findWithString):
      * runtime/Structure.h:
      (Structure):
      * runtime/StructureInlines.h:
      (JSC::Structure::get):
      (JSC):
      
      LayoutTests: 
      
      Reviewed by Oliver Hunt.
      
      * fast/js/regress/script-tests/string-lookup-hit-identifier.js: Added.
      (result):
      * fast/js/regress/script-tests/string-lookup-hit.js: Added.
      (result):
      * fast/js/regress/script-tests/string-lookup-miss.js: Added.
      (result):
      * fast/js/regress/string-lookup-hit-expected.txt: Added.
      * fast/js/regress/string-lookup-hit-identifier-expected.txt: Added.
      * fast/js/regress/string-lookup-hit-identifier.html: Added.
      * fast/js/regress/string-lookup-hit.html: Added.
      * fast/js/regress/string-lookup-miss-expected.txt: Added.
      * fast/js/regress/string-lookup-miss.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145838 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      10c38d3c
  22. 12 Mar, 2013 2 commits
    • rgabor@webkit.org's avatar
      Renaming the armv7.rb LLINT backend to arm.rb · 790e7dba
      rgabor@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=110565
      
      Reviewed by Zoltan Herczeg.
      
      This is the first step of a unified ARM backend for
      all ARM 32 bit architectures in LLInt.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * LLIntOffsetsExtractor.pro:
      * offlineasm/arm.rb: Copied from Source/JavaScriptCore/offlineasm/armv7.rb.
      * offlineasm/armv7.rb: Removed.
      * offlineasm/backends.rb:
      * offlineasm/risc.rb:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145504 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      790e7dba
    • fpizlo@apple.com's avatar
      DFG overflow check elimination is too smart for its own good · 96820433
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=111832
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt and Gavin Barraclough.
              
      Rolling this back in after fixing accidental misuse of JSValue. The code was doing value < someInt
      rather than value.asInt32() < someInt. This "worked" when isWithinPowerOfTwo wasn't templatized.
      It worked by always being false and always disabling the relvant optimization.
              
      This improves overflow check elimination in three ways:
              
      1) It reduces the amount of time the compiler will spend doing it.
              
      2) It fixes bugs where overflow check elimination was overzealous. Precisely, for a binary operation
         over @a and @b where both @a and @b will type check that their inputs (@a->children, @b->children)
         are int32's and then perform a possibly-overflowing operation, we must be careful not to assume
         that @a's non-int32 parts don't matter if at the point that @a runs we have as yet not proved that
         @b->children are int32's and that hence @b might produce a large enough result that doubles would
         start chopping low bits. The specific implication of this is that for a binary operation to not
         propagate that it cares about non-int32 parts (NodeUsedAsNumber), we must prove that at least one
         of the inputs is guaranteed to produce a result within 2^32 and that there won't be a tower of such
         operations large enough to ultimately produce a double greater than 2^52 (roughly). We achieve the
         latter by disabling this optimization for very large basic blocks. It's noteworthy that blocks that
         large won't even make it into the DFG currently.
              
      3) It makes the overflow check elimination more precise for cases where the inputs to an Add or Sub
         are the outputs of a bit-op. For example in (@a + (@b | 0)) | 0, we don't need to propagate
         NodeUsedAsNumber to either @a or @b.
              
      This is neutral on V8v7 and a slight speed-up on compile time benchmarks.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::ArrayMode::refine):
      * dfg/DFGBackwardsPropagationPhase.cpp: Added.
      (DFG):
      (BackwardsPropagationPhase):
      (JSC::DFG::BackwardsPropagationPhase::BackwardsPropagationPhase):
      (JSC::DFG::BackwardsPropagationPhase::run):
      (JSC::DFG::BackwardsPropagationPhase::isNotNegZero):
      (JSC::DFG::BackwardsPropagationPhase::isNotZero):
      (JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwoForConstant):
      (JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwoNonRecursive):
      (JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwo):
      (JSC::DFG::BackwardsPropagationPhase::mergeDefaultFlags):
      (JSC::DFG::BackwardsPropagationPhase::propagate):
      (JSC::DFG::performBackwardsPropagation):
      * dfg/DFGBackwardsPropagationPhase.h: Added.
      (DFG):
      * dfg/DFGCPSRethreadingPhase.cpp:
      (JSC::DFG::CPSRethreadingPhase::run):
      (JSC::DFG::CPSRethreadingPhase::clearIsLoadedFrom):
      (CPSRethreadingPhase):
      (JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
      (JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGNodeFlags.cpp:
      (JSC::DFG::dumpNodeFlags):
      (DFG):
      * dfg/DFGNodeFlags.h:
      (DFG):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (PredictionPropagationPhase):
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGUnificationPhase.cpp:
      (JSC::DFG::UnificationPhase::run):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::VariableAccessData):
      (JSC::DFG::VariableAccessData::mergeIsLoadedFrom):
      (VariableAccessData):
      (JSC::DFG::VariableAccessData::setIsLoadedFrom):
      (JSC::DFG::VariableAccessData::isLoadedFrom):
      
      LayoutTests: 
      
      Reviewed by Oliver Hunt and Gavin Barraclough.
      
      * fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int-expected.txt: Added.
      * fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.html: Added.
      * fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers-expected.txt: Added.
      * fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.html: Added.
      * fast/js/jsc-test-list:
      * fast/js/script-tests/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.js: Added.
      (foo):
      (bar):
      * fast/js/script-tests/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.js: Added.
      (foo):
      (bar):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145489 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      96820433
  23. 09 Mar, 2013 1 commit
    • commit-queue@webkit.org's avatar
      Unreviewed, rolling out r145299. · e8aaf5a0
      commit-queue@webkit.org authored
      http://trac.webkit.org/changeset/145299
      https://bugs.webkit.org/show_bug.cgi?id=111928
      
      compilation failure with recent clang
      (DFGBackwardsPropagationPhase.cpp:132:35: error: comparison of
      constant 10 with expression of type 'bool' is always false)
      (Requested by thorton on #webkit).
      
      Patch by Sheriff Bot <webkit.review.bot@gmail.com> on 2013-03-09
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::ArrayMode::refine):
      * dfg/DFGBackwardsPropagationPhase.cpp: Removed.
      * dfg/DFGBackwardsPropagationPhase.h: Removed.
      * dfg/DFGCPSRethreadingPhase.cpp:
      (JSC::DFG::CPSRethreadingPhase::run):
      (CPSRethreadingPhase):
      (JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
      (JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGNodeFlags.cpp:
      (JSC::DFG::nodeFlagsAsString):
      (DFG):
      * dfg/DFGNodeFlags.h:
      (DFG):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::isNotNegZero):
      (PredictionPropagationPhase):
      (JSC::DFG::PredictionPropagationPhase::isNotZero):
      (JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwoForConstant):
      (JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwoNonRecursive):
      (JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwo):
      (JSC::DFG::PredictionPropagationPhase::propagate):
      (JSC::DFG::PredictionPropagationPhase::mergeDefaultFlags):
      * dfg/DFGUnificationPhase.cpp:
      (JSC::DFG::UnificationPhase::run):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::VariableAccessData):
      (VariableAccessData):
      
      LayoutTests:
      
      * fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int-expected.txt: Removed.
      * fast/js/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.html: Removed.
      * fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers-expected.txt: Removed.
      * fast/js/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.html: Removed.
      * fast/js/jsc-test-list:
      * fast/js/script-tests/dfg-arith-add-overflow-check-elimination-predicted-but-not-proven-int.js: Removed.
      * fast/js/script-tests/dfg-arith-add-overflow-check-elimination-tower-of-large-numbers.js: Removed.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@145323 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e8aaf5a0