1. 29 Aug, 2013 1 commit
    • commit-queue@webkit.org's avatar
      Unreviewed, rolling out r154804. · ea1f9022
      commit-queue@webkit.org authored
      http://trac.webkit.org/changeset/154804
      https://bugs.webkit.org/show_bug.cgi?id=120477
      
      Broke Windows build (assumes LLInt features not enabled on
      this build) (Requested by bfulgham on #webkit).
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::reoptimize):
      (JSC::ProgramCodeBlock::replacement):
      (JSC::EvalCodeBlock::replacement):
      (JSC::FunctionCodeBlock::replacement):
      (JSC::ProgramCodeBlock::compileOptimized):
      (JSC::ProgramCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::EvalCodeBlock::compileOptimized):
      (JSC::EvalCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::FunctionCodeBlock::compileOptimized):
      (JSC::FunctionCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::jitType):
      (JSC::CodeBlock::jitCompile):
      * bytecode/DeferredCompilationCallback.cpp: Removed.
      * bytecode/DeferredCompilationCallback.h: Removed.
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      (JSC::DFG::tryFinalizePlan):
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      (JSC::DFG::tryFinalizePlan):
      * dfg/DFGFailedFinalizer.cpp:
      (JSC::DFG::FailedFinalizer::finalize):
      (JSC::DFG::FailedFinalizer::finalizeFunction):
      * dfg/DFGFailedFinalizer.h:
      * dfg/DFGFinalizer.h:
      * dfg/DFGJITFinalizer.cpp:
      (JSC::DFG::JITFinalizer::finalize):
      (JSC::DFG::JITFinalizer::finalizeFunction):
      * dfg/DFGJITFinalizer.h:
      * dfg/DFGOSRExitPreparation.cpp:
      (JSC::DFG::prepareCodeOriginForOSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPlan.cpp:
      (JSC::DFG::Plan::Plan):
      (JSC::DFG::Plan::compileInThreadImpl):
      (JSC::DFG::Plan::finalize):
      * dfg/DFGPlan.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::completeAllReadyPlansForVM):
      (JSC::DFG::Worklist::runThread):
      * ftl/FTLJITFinalizer.cpp:
      (JSC::FTL::JITFinalizer::finalize):
      (JSC::FTL::JITFinalizer::finalizeFunction):
      * ftl/FTLJITFinalizer.h:
      * heap/Heap.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * jit/JITDriver.h: Added.
      (JSC::jitCompileIfAppropriateImpl):
      (JSC::jitCompileFunctionIfAppropriateImpl):
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      * jit/JITToDFGDeferredCompilationCallback.cpp: Removed.
      * jit/JITToDFGDeferredCompilationCallback.h: Removed.
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::setUpCall):
      * runtime/ArrayPrototype.cpp:
      (JSC::isNumericCompareFunction):
      * runtime/CommonSlowPaths.cpp:
      * runtime/CompilationResult.cpp:
      (WTF::printInternal):
      * runtime/CompilationResult.h:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::jitCompile):
      (JSC::EvalExecutable::compileInternal):
      (JSC::EvalExecutable::replaceWithDeferredOptimizedCode):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::ProgramExecutable::replaceWithDeferredOptimizedCode):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForCall):
      (JSC::FunctionExecutable::compileForConstructInternal):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForConstruct):
      * runtime/Executable.h:
      (JSC::ExecutableBase::offsetOfJITCodeWithArityCheckFor):
      (JSC::ExecutableBase::offsetOfNumParametersFor):
      (JSC::ExecutableBase::catchRoutineFor):
      (JSC::EvalExecutable::compile):
      (JSC::ProgramExecutable::compile):
      (JSC::FunctionExecutable::compileForCall):
      (JSC::FunctionExecutable::compileForConstruct):
      (JSC::FunctionExecutable::compileFor):
      (JSC::FunctionExecutable::compileOptimizedFor):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeFor):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC::prepareForExecutionImpl):
      (JSC::prepareFunctionForExecutionImpl):
      (JSC::installOptimizedCode):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      (JSC::replaceWithDeferredOptimizedCode):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154814 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ea1f9022
  2. 28 Aug, 2013 3 commits
    • fpizlo@apple.com's avatar
      CodeBlock compilation and installation should be simplified and rationalized · 4ea262e2
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120326
      
      Reviewed by Oliver Hunt.
              
      Previously Executable owned the code for generating JIT code; you always had
      to go through Executable. But often you also had to go through CodeBlock,
      because ScriptExecutable couldn't have virtual methods, but CodeBlock could.
      So you'd ask CodeBlock to do something, which would dispatch through a
      virtual method that would select the appropriate Executable subtype's method.
      This all meant that the same code would often be duplicated, because most of
      the work needed to compile something was identical regardless of code type.
      But then we tried to fix this, by having templatized helpers in
      ExecutionHarness.h and JITDriver.h. The result was that if you wanted to find
      out what happened when you asked for something to be compiled, you'd go on a
      wild ride that started with CodeBlock, touched upon Executable, and then
      ricocheted into either ExecutionHarness or JITDriver (likely both).
              
      Another awkwardness was that for concurrent compiles, the DFG::Worklist had
      super-special inside knowledge of what JITStubs.cpp's cti_optimize would have
      done once the compilation finished.
              
      Also, most of the DFG JIT drivers assumed that they couldn't install the
      JITCode into the CodeBlock directly - instead they would return it via a
      reference, which happened to be a reference to the JITCode pointer in
      Executable. This was super weird.
              
      Finally, there was no notion of compiling code into a special CodeBlock that
      wasn't used for handling calls into an Executable. I'd like this for FTL OSR
      entry.
              
      This patch solves these problems by reducing all of that complexity into just
      three primitives:
              
      - Executable::newCodeBlock(). This gives you a new code block, either for call
        or for construct, and either to serve as the baseline code or the optimized
        code. The new code block is then owned by the caller; Executable doesn't
        register it anywhere. The new code block has no JITCode and isn't callable,
        but it has all of the bytecode.
              
      - CodeBlock::prepareForExecution(). This takes the CodeBlock's bytecode and
        produces a JITCode, and then installs the JITCode into the CodeBlock. This
        method takes a JITType, and always compiles with that JIT. If you ask for
        JITCode::InterpreterThunk then you'll get JITCode that just points to the
        LLInt entrypoints. Once this returns, it is possible to call into the
        CodeBlock if you do so manually - but the Executable still won't know about
        it so JS calls to that Executable will still be routed to whatever CodeBlock
        is associated with the Executable.
              
      - Executable::installCode(). This takes a CodeBlock and makes it the code-for-
        entry for that Executable. This involves unlinking the Executable's last
        CodeBlock, if there was one. This also tells the GC about any effect on
        memory usage and does a bunch of weird data structure rewiring, since
        Executable caches some of CodeBlock's fields for the benefit of virtual call
        fast paths.
              
      This functionality is then wrapped around three convenience methods:
              
      - Executable::prepareForExecution(). If there is no code block for that
        Executable, then one is created (newCodeBlock()), compiled
        (CodeBlock::prepareForExecution()) and installed (installCode()).
              
      - CodeBlock::newReplacement(). Asks the Executable for a new CodeBlock that
        can serve as an optimized replacement of the current one.
              
      - CodeBlock::install(). Asks the Executable to install this code block.
              
      This patch allows me to kill *a lot* of code and to remove a lot of
      specializations for functions vs. not-functions, and a lot of places where we
      pass around JITCode references and such. ExecutionHarness and JITDriver are
      both gone. Overall this patch has more red than green.
              
      It also allows me to work on FTL OSR entry and tier-up:
              
      - FTL tier-up: this will involve DFGOperations.cpp asking the DFG::Worklist
        to do some compilation, but it will require the DFG::Worklist to do
        something different than what JITStubs.cpp would want, once the compilation
        finishes. This patch introduces a callback mechanism for that purpose.
              
      - FTL OSR entry: this will involve creating a special auto-jettisoned
        CodeBlock that is used only for FTL OSR entry. The new set of primitives
        allows for this: Executable can vend you a fresh new CodeBlock, and you can
        ask that CodeBlock to compile itself with any JIT of your choosing. Or you
        can take that CodeBlock and compile it yourself. Previously the act of
        producing a CodeBlock-for-optimization and the act of compiling code for it
        were tightly coupled; now you can separate them and you can create such
        auto-jettisoned CodeBlocks that are used for a one-shot OSR entry.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::prepareForExecution):
      (JSC::CodeBlock::install):
      (JSC::CodeBlock::newReplacement):
      (JSC::FunctionCodeBlock::jettisonImpl):
      (JSC::CodeBlock::setOptimizationThresholdBasedOnCompilationResult):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::hasBaselineJITProfiling):
      * bytecode/DeferredCompilationCallback.cpp: Added.
      (JSC::DeferredCompilationCallback::DeferredCompilationCallback):
      (JSC::DeferredCompilationCallback::~DeferredCompilationCallback):
      * bytecode/DeferredCompilationCallback.h: Added.
      * dfg/DFGDriver.cpp:
      (JSC::DFG::tryCompile):
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      * dfg/DFGFailedFinalizer.cpp:
      (JSC::DFG::FailedFinalizer::finalize):
      (JSC::DFG::FailedFinalizer::finalizeFunction):
      * dfg/DFGFailedFinalizer.h:
      * dfg/DFGFinalizer.h:
      * dfg/DFGJITFinalizer.cpp:
      (JSC::DFG::JITFinalizer::finalize):
      (JSC::DFG::JITFinalizer::finalizeFunction):
      * dfg/DFGJITFinalizer.h:
      * dfg/DFGOSRExitPreparation.cpp:
      (JSC::DFG::prepareCodeOriginForOSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPlan.cpp:
      (JSC::DFG::Plan::Plan):
      (JSC::DFG::Plan::compileInThreadImpl):
      (JSC::DFG::Plan::finalizeWithoutNotifyingCallback):
      (JSC::DFG::Plan::finalizeAndNotifyCallback):
      * dfg/DFGPlan.h:
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::completeAllReadyPlansForVM):
      * ftl/FTLJITFinalizer.cpp:
      (JSC::FTL::JITFinalizer::finalize):
      (JSC::FTL::JITFinalizer::finalizeFunction):
      * ftl/FTLJITFinalizer.h:
      * heap/Heap.h:
      (JSC::Heap::isDeferred):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * jit/JITDriver.h: Removed.
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      * jit/JITToDFGDeferredCompilationCallback.cpp: Added.
      (JSC::JITToDFGDeferredCompilationCallback::JITToDFGDeferredCompilationCallback):
      (JSC::JITToDFGDeferredCompilationCallback::~JITToDFGDeferredCompilationCallback):
      (JSC::JITToDFGDeferredCompilationCallback::create):
      (JSC::JITToDFGDeferredCompilationCallback::compilationDidComplete):
      * jit/JITToDFGDeferredCompilationCallback.h: Added.
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::setFunctionEntrypoint):
      (JSC::LLInt::setEvalEntrypoint):
      (JSC::LLInt::setProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::setUpCall):
      * runtime/ArrayPrototype.cpp:
      (JSC::isNumericCompareFunction):
      * runtime/CommonSlowPaths.cpp:
      * runtime/CompilationResult.cpp:
      (WTF::printInternal):
      * runtime/CompilationResult.h:
      * runtime/Executable.cpp:
      (JSC::ScriptExecutable::installCode):
      (JSC::ScriptExecutable::newCodeBlockFor):
      (JSC::ScriptExecutable::newReplacementCodeBlockFor):
      (JSC::ScriptExecutable::prepareForExecutionImpl):
      * runtime/Executable.h:
      (JSC::ScriptExecutable::prepareForExecution):
      (JSC::FunctionExecutable::jettisonOptimizedCodeFor):
      * runtime/ExecutionHarness.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154804 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4ea262e2
    • commit-queue@webkit.org's avatar
      Source/JavaScriptCore: https://bugs.webkit.org/show_bug.cgi?id=119548 · 3f922f9b
      commit-queue@webkit.org authored
      Refactoring Exception throws.
      
      Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-28
      Reviewed by Geoffrey Garen.
      
      Gardening of exception throws. The act of throwing an exception was being handled in
      different ways depending on whether the code was running in the LLint, Baseline JIT,
      or the DFG Jit. This made development in the vm exception and error objects difficult.
      
       * runtime/VM.cpp:
      (JSC::appendSourceToError):
      This function moved from the interpreter into the VM. It views the developers code
      (if there is a codeBlock) to extract what was trying to be evaluated when the error
      occurred.
      
      (JSC::VM::throwException):
      This function takes in the error object and sets the following:
          1: The VM's exception stack
          2: The VM's exception
          3: Appends extra information on the error message(via appendSourceToError)
          4: The error object's line number
          5: The error object's column number
          6: The error object's sourceURL
          7: The error object's stack trace (unless it already exists because the developer
              created the error object).
      
      (JSC::VM::getExceptionInfo):
      (JSC::VM::setExceptionInfo):
      (JSC::VM::clearException):
      (JSC::clearExceptionStack):
      * runtime/VM.h:
      (JSC::VM::exceptionOffset):
      (JSC::VM::exception):
      (JSC::VM::addressOfException):
      (JSC::VM::exceptionStack):
      VM exception and exceptionStack are now private data members.
      
      * interpreter/Interpreter.h:
      (JSC::ClearExceptionScope::ClearExceptionScope):
      Created this structure to temporarily clear the exception within the VM. This
      needed to see if addition errors occur when setting the debugger as we are
      unwinding the stack.
      
       * interpreter/Interpreter.cpp:
      (JSC::Interpreter::unwind):
      Removed the code that would try to add error information if it did not exist.
      All of this functionality has moved into the VM and all error information is set
      at the time the error occurs.
      
      The rest of these functions reference the new calling convention to throw an error.
      
      * API/APICallbackFunction.h:
      (JSC::APICallbackFunction::call):
      * API/JSCallbackConstructor.cpp:
      (JSC::constructJSCallback):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlot):
      (JSC::::defaultValue):
      (JSC::::put):
      (JSC::::putByIndex):
      (JSC::::deleteProperty):
      (JSC::::construct):
      (JSC::::customHasInstance):
      (JSC::::call):
      (JSC::::getStaticValue):
      (JSC::::staticFunctionGetter):
      (JSC::::callbackGetter):
      * debugger/Debugger.cpp:
      (JSC::evaluateInGlobalCallFrame):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::evaluate):
      * dfg/DFGAssemblyHelpers.h:
      (JSC::DFG::AssemblyHelpers::emitExceptionCheck):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::operationPutByValInternal):
      * ftl/FTLLowerDFGToLLVM.cpp:
      (JSC::FTL::LowerDFGToLLVM::callCheck):
      * heap/Heap.cpp:
      (JSC::Heap::markRoots):
      * interpreter/CallFrame.h:
      (JSC::ExecState::clearException):
      (JSC::ExecState::exception):
      (JSC::ExecState::hadException):
      * interpreter/Interpreter.cpp:
      (JSC::eval):
      (JSC::loadVarargs):
      (JSC::stackTraceAsString):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * interpreter/Interpreter.h:
      (JSC::ClearExceptionScope::ClearExceptionScope):
      * jit/JITCode.cpp:
      (JSC::JITCode::execute):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_catch):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_catch):
      * jit/JITStubs.cpp:
      (JSC::returnToThrowTrampoline):
      (JSC::throwExceptionFromOpCall):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      (JSC::putByVal):
      (JSC::cti_vm_handle_exception):
      * jit/SlowPathCall.h:
      (JSC::JITSlowPathCall::call):
      * jit/ThunkGenerators.cpp:
      (JSC::nativeForGenerator):
      * jsc.cpp:
      (functionRun):
      (functionLoad):
      (functionCheckSyntax):
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::doThrow):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArrayConstructor.cpp:
      (JSC::constructArrayWithSizeQuirk):
      * runtime/CommonSlowPaths.cpp:
      (JSC::SLOW_PATH_DECL):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::opIn):
      * runtime/CommonSlowPathsExceptions.cpp:
      (JSC::CommonSlowPaths::interpreterThrowInCaller):
      * runtime/Completion.cpp:
      (JSC::evaluate):
      * runtime/Error.cpp:
      (JSC::addErrorInfo):
      (JSC::throwTypeError):
      (JSC::throwSyntaxError):
      * runtime/Error.h:
      (JSC::throwVMError):
      * runtime/ExceptionHelpers.cpp:
      (JSC::throwOutOfMemoryError):
      (JSC::throwStackOverflowError):
      (JSC::throwTerminatedExecutionException):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::create):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      * runtime/FunctionConstructor.cpp:
      (JSC::constructFunction):
      (JSC::constructFunctionSkippingEvalEnabledCheck):
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      (JSC::JSArray::put):
      (JSC::JSArray::push):
      * runtime/JSCJSValue.cpp:
      (JSC::JSValue::toObjectSlowCase):
      (JSC::JSValue::synthesizePrototype):
      (JSC::JSValue::putToPrimitive):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSGenericTypedArrayViewInlines.h:
      (JSC::::create):
      (JSC::::createUninitialized):
      (JSC::::validateRange):
      (JSC::::setWithSpecificType):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::encode):
      (JSC::decode):
      (JSC::globalFuncProtoSetter):
      * runtime/JSNameScope.cpp:
      (JSC::JSNameScope::put):
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Walker::walk):
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
      (JSC::JSObject::defaultValue):
      (JSC::JSObject::hasInstance):
      (JSC::JSObject::defaultHasInstance):
      (JSC::JSObject::defineOwnNonIndexProperty):
      (JSC::throwTypeError):
      * runtime/ObjectConstructor.cpp:
      (JSC::toPropertyDescriptor):
      * runtime/RegExpConstructor.cpp:
      (JSC::constructRegExp):
      * runtime/StringObject.cpp:
      (JSC::StringObject::defineOwnProperty):
      * runtime/StringRecursionChecker.cpp:
      (JSC::StringRecursionChecker::throwStackOverflowError):
      
      Source/WebCore: https://bugs.webkit.org/show_bug.cgi?id=119548
      Refactoring Exception throws.
      
      Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-28
      Reviewed by Geoffrey Garen.
      
      Gets column information from the error object for reporting exceptions.
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::reportException):
      * bindings/js/ScriptCallStackFactory.cpp:
      (WebCore::createScriptCallStackFromException):
      
      Moved setting an exception into the vm, These functions changed to use the new functionality.
      
      * bindings/js/JSAudioBufferSourceNodeCustom.cpp:
      (WebCore::JSAudioBufferSourceNode::setBuffer):
      * bindings/js/JSBiquadFilterNodeCustom.cpp:
      (WebCore::JSBiquadFilterNode::setType):
      * bindings/js/JSCryptoCustom.cpp:
      (WebCore::JSCrypto::getRandomValues):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::setDOMException):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::JSInjectedScriptHost::setFunctionVariableValue):
      * bindings/js/JSJavaScriptCallFrameCustom.cpp:
      (WebCore::JSJavaScriptCallFrame::evaluate):
      (WebCore::JSJavaScriptCallFrame::setVariableValue):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::acceptNode):
      * bindings/js/JSOscillatorNodeCustom.cpp:
      (WebCore::JSOscillatorNode::setType):
      * bindings/js/JSPannerNodeCustom.cpp:
      (WebCore::JSPannerNode::setPanningModel):
      (WebCore::JSPannerNode::setDistanceModel):
      * bindings/js/JSSVGLengthCustom.cpp:
      (WebCore::JSSVGLength::convertToSpecifiedUnits):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::getObjectParameter):
      (WebCore::JSWebGLRenderingContext::getAttachedShaders):
      (WebCore::JSWebGLRenderingContext::getExtension):
      (WebCore::JSWebGLRenderingContext::getFramebufferAttachmentParameter):
      (WebCore::JSWebGLRenderingContext::getParameter):
      (WebCore::JSWebGLRenderingContext::getProgramParameter):
      (WebCore::JSWebGLRenderingContext::getShaderParameter):
      (WebCore::JSWebGLRenderingContext::getUniform):
      (WebCore::dataFunctionf):
      (WebCore::dataFunctioni):
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::open):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneBase::throwStackOverflow):
      (WebCore::CloneDeserializer::throwValidationError):
      (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::setException):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CInstance::moveGlobalExceptionToExecState):
      (JSC::Bindings::CInstance::invokeMethod):
      (JSC::Bindings::CInstance::invokeDefaultMethod):
      (JSC::Bindings::CInstance::invokeConstruct):
      (JSC::Bindings::CInstance::toJSPrimitive):
      * bridge/objc/objc_instance.mm:
      (ObjcInstance::invokeMethod):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcArray::setValueAt):
      (JSC::Bindings::ObjcArray::valueAt):
      * bridge/objc/objc_utility.mm:
      (JSC::Bindings::throwError):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtField::valueFromInstance):
      (JSC::Bindings::QtField::setValueToInstance):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::put):
      (JSC::RuntimeArray::putByIndex):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::throwInvalidAccessError):
      
      Source/WebKit/mac: https://bugs.webkit.org/show_bug.cgi?id=119548
      Refactoring Exception throws.
      
      Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-28
      Reviewed by Geoffrey Garen.
      
      Moved setting an exception into the vm, These functions changed to use the new functionality.
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::moveGlobalExceptionToExecState):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyInstance::invokeMethod):
      
      Source/WebKit2: https://bugs.webkit.org/show_bug.cgi?id=119548
      Refactoring Exception throws.
      
      Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-28
      Reviewed by Geoffrey Garen.
      
      Moved setting an exception into the vm, These functions changed to use the new functionality.
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::throwInvalidAccessError):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::moveGlobalExceptionToExecState):
      
      LayoutTests: https://bugs.webkit.org/show_bug.cgi?id=119548
      Refactoring Exception throws.
      
      Patch by Chris Curtis <chris_curtis@apple.com> on 2013-08-28
      Reviewed by Geoffrey Garen.
      
      Column/line information was added into these results.
      * fast/events/window-onerror4-expected.txt:
      * fast/js/global-recursion-on-full-stack-expected.txt:
      
      fixed a variable name in a case when shouldThrowType failed.
      * fast/js/mozilla/resources/js-test-pre.js:
      (shouldThrowType):
      
      Sorted the properties to allow the results always show in the same order.
      * fast/js/script-tests/exception-properties.js:
      * fast/js/exception-properties-expected.txt:
      
      This test needed to be modified to have the line numbers match on the output across
      wk and wk2. This test is inherently flaky because is relies on size of the available
      native stack. To account for the flakiness an additional call was made to force the
      results to match.
      This patch now records and outputs the line number where the errors were occurring.
      This was causing the test results to no longer match because of the line numbers.
      By changing how to account for the flakiness, the results match again.
      * fast/xmlhttprequest/xmlhttprequest-recursive-sync-event-expected.txt:
      * fast/xmlhttprequest/xmlhttprequest-recursive-sync-event.html:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154797 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3f922f9b
    • zandobersek@gmail.com's avatar
      [GTK] Add support for building JSC with FTL JIT enabled · aa396195
      zandobersek@gmail.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120270
      
      Reviewed by Filip Pizlo.
      
      .: 
      
      * Source/autotools/FindDependencies.m4: Disable FTL JIT if the JIT itself is disabled or if the C++ compiler
      being used is not Clang. Check for llvm-config and use it to properly test for the LLVM >= 3.4 dependency.
      * Source/autotools/PrintBuildConfiguration.m4: Print out the status of the FTL JIT support.
      * Source/autotools/ReadCommandLineArguments.m4: Add a configuration flag for enabling the feature, defaulting
      to 'no' used as the default value for now. This should switch to 'auto' at some point in future.
      * Source/autotools/SetupAutoconfHeader.m4: Define ENABLE_FTL_JIT to a specific value if possible.
      Also define HAVE_LLVM to 1 if the LLVM dependency was satisfied.
      
      Source/JavaScriptCore: 
      
      * GNUmakefile.am: Add LLVM_LIBS to the list of linker flags and LLVM_CFLAGS to the list of
      compiler flags for the JSC library.
      * GNUmakefile.list.am: Add the missing build targets.
      * ftl/FTLAbbreviations.h: Include the <cstring> header and use std::strlen. This avoids compilation
      failures when using the Clang compiler with the libstdc++ standard library.
      (JSC::FTL::mdKindID):
      (JSC::FTL::mdString):
      
      Source/WTF: 
      
      * wtf/Platform.h: Define ENABLE_FTL_JIT to the value of 1 for the GTK port if building for the x86-64
      architecture with LLVM present and the define not being previously defined. This is applicable when
      configuring the Automake build with '--enable-ftl-jit=auto'.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154747 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      aa396195
  3. 26 Aug, 2013 9 commits
    • aestes@apple.com's avatar
      Fix issues found by the Clang Static Analyzer · a872654a
      aestes@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120230
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore:
      
      * API/JSValue.mm:
      (valueToString): Don't leak every CFStringRef when in Objective-C GC.
      * API/ObjCCallbackFunction.mm:
      (JSC::ObjCCallbackFunctionImpl::~ObjCCallbackFunctionImpl): Don't
      release m_invocation's target since NSInvocation will do it for us on
      -dealloc.
      (objCCallbackFunctionForBlock): Tell NSInvocation to retain its target
      and -release our reference to the copied block.
      * API/tests/minidom.c:
      (createStringWithContentsOfFile): Free buffer before returning.
      * API/tests/testapi.c:
      (createStringWithContentsOfFile): Ditto.
      
      Source/WebCore:
      
      * WebCore.xcodeproj/project.pbxproj: Removed FoundationExtras.h.
      * accessibility/mac/WebAccessibilityObjectWrapperMac.mm: Removed CFAutoreleaseHelper().
      (AXTextMarkerRange): Used HardAutorelease() instead of
      CFAutoreleaseHelper().
      (AXTextMarkerRangeStart): Ditto.
      (AXTextMarkerRangeEnd): Ditto.
      (textMarkerForVisiblePosition): Ditto.
      * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
      (-[WebCoreAVFMovieObserver initWithCallback:]): Called [super init]
      first so that we don't later use ivars from the wrong self.
      (-[WebCoreAVFLoaderDelegate initWithCallback:]): Ditto.
      * platform/mac/FoundationExtras.h: Removed.
      * platform/mac/KURLMac.mm:
      (WebCore::KURL::operator NSURL *): Used WTF's HardAutorelease().
      * platform/mac/WebCoreNSURLExtras.mm:
      (WebCore::mapHostNameWithRange): Used HardAutorelease() instead of
      WebCoreCFAutorelease().
      (WebCore::URLWithData): Ditto.
      (WebCore::userVisibleString): Ditto.
      (WebCore::URLByRemovingComponentAndSubsequentCharacter): Used Vector<>
      with an inline capacity rather than heap-allocating a buffer.
      * platform/mac/WebCoreObjCExtras.h: Used HardAutorelease() instead of
      WebCoreCFAutorelease().
      * platform/text/mac/StringImplMac.mm:
      (WTF::StringImpl::operator NSString *): Used WTF's HardAutorelease().
      
      Source/WebKit/mac:
      
      * Misc/WebNSFileManagerExtras.mm:
      (-[NSFileManager _webkit_startupVolumeName]): Used HardAutorelease()
      instead of WebCFAutorelease().
      * Misc/WebNSObjectExtras.h: Removed definition of WebCFAutorelease().
      * Misc/WebNSURLExtras.mm:
      (-[NSURL _web_URLWithLowercasedScheme]): Used HardAutorelease()
      instead of WebCFAutorelease().
      * Plugins/Hosted/WebHostedNetscapePluginView.mm:
      (-[WebHostedNetscapePluginView createPluginLayer]): Stop leaking
      CGColors (CALayer retains its backgroundColor property despite the
      property attributes claiming otherwise).
      * Plugins/WebBasePluginPackage.mm:
      (+[WebBasePluginPackage preferredLocalizationName]): Used
      HardAutorelease() instead of WebCFAutorelease().
      * WebView/WebDeviceOrientationProviderMock.mm:
      (-[WebDeviceOrientationProviderMockInternal lastOrientation]): Stop
      leaking WebDeviceOrientations.
      * WebView/WebPDFRepresentation.mm:
      (-[WebPDFRepresentation convertPostScriptDataSourceToPDF:]): Used
      HardAutorelease() instead of WebCFAutorelease().
      * WebView/WebView.mm:
      (+[WebView _setCacheModel:]): Ditto.
      (-[WebView _removeObjectForIdentifier:]): Ditto.
      
      Source/WebKit2:
      
      * UIProcess/API/mac/WKBrowsingContextController.mm:
      (autoreleased): Don't leak CFURLs when in Objective-C GC.
      * WebProcess/WebPage/mac/WKAccessibilityWebPageObject.mm:
      (-[WKAccessibilityWebPageObject accessibilityAttributeValue:forParameter:]):
      Don't leak CFStrings when in Objective-C GC.
      
      Source/WTF:
      
      * wtf/ObjcRuntimeExtras.h:
      (HardAutorelease): Added a canonical implementation of HardAutorelease.
      
      Tools:
      
      * DumpRenderTree/mac/DumpRenderTreePasteboard.m:
      (-[LocalPasteboard initWithName:]): Called [super init] first so that we
      don't later use ivars from the wrong self.
      * DumpRenderTree/mac/TestRunnerMac.mm:
      (-[APITestDelegate initWithCompletionCondition:]): Ditto.
      * TestWebKitAPI/Tests/WebKit2ObjC/CustomProtocolsTest.mm:
      (TestWebKitAPI::TEST): Don't leak WKProcessGroups,
      WKBrowsingContextGroups, and WKViews.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154647 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a872654a
    • bfulgham@apple.com's avatar
      [Windows] Unreviewed build fix after r154629. · 15802aa3
      bfulgham@apple.com authored
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: Add missing build files.
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154638 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      15802aa3
    • rniwa@webkit.org's avatar
      Windows build fix attempt after r154629. · a4cd5517
      rniwa@webkit.org authored
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154635 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a4cd5517
    • mhahnenberg@apple.com's avatar
      JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage does a check on the... · 200865d6
      mhahnenberg@apple.com authored
      JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage does a check on the length of the ArrayStorage after possible reallocing it
      https://bugs.webkit.org/show_bug.cgi?id=120278
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      * runtime/JSObject.cpp:
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      
      LayoutTests: 
      
      * fast/js/put-direct-index-beyond-vector-length-resize-expected.txt: Added.
      * fast/js/put-direct-index-beyond-vector-length-resize.html: Added.
      * fast/js/script-tests/put-direct-index-beyond-vector-length-resize.js: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154633 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      200865d6
    • fpizlo@apple.com's avatar
      Fix indention of Executable.h. · 2a2ee96e
      fpizlo@apple.com authored
      Rubber stamped by Mark Hahnenberg.
      
      * runtime/Executable.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154632 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2a2ee96e
    • mhahnenberg@apple.com's avatar
      Object.defineProperty should be able to create a PropertyDescriptor where m_attributes == 0 · 6441bf1f
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120314
      
      Reviewed by Darin Adler.
      
      Currently with the way that defineProperty works, we leave a stray low bit set in 
      PropertyDescriptor::m_attributes in the following code:
      
      var o = {};
      Object.defineProperty(o, 100, {writable:true, enumerable:true, configurable:true, value:"foo"});
              
      This is due to the fact that the lowest non-zero attribute (ReadOnly) is represented as 1 << 1 
      instead of 1 << 0. We then calculate the default attributes as (DontDelete << 1) - 1, which is 0xF, 
      but only the top three bits mean anything. Even in the case above, the top three bits are set 
      to 0 but the bottom bit remains set, which causes us to think m_attributes is non-zero.
      
      Since some of these attributes and their corresponding values are exposed in the JavaScriptCore 
      framework's public C API, it's safer to just change how we calculate the default value, which is
      where the weirdness was originating from in the first place.
      
      * runtime/PropertyDescriptor.cpp:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154630 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6441bf1f
    • weinig@apple.com's avatar
      Add support for Promises · bd760697
      weinig@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120260
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore: 
      
      Add an initial implementation of Promises - http://dom.spec.whatwg.org/#promises.
      - Despite Promises being defined in the DOM, the implementation is being put in JSC
        in preparation for the Promises eventually being defined in ECMAScript.
      
      * CMakeLists.txt:
      * DerivedSources.make:
      * DerivedSources.pri:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      Add new files.
      
      * jsc.cpp:
      Update jsc's GlobalObjectMethodTable to stub out the new QueueTaskToEventLoop callback. This mean's
      you can't quite use Promises with with the command line tool yet.
          
      * interpreter/CallFrame.h:
      (JSC::ExecState::promisePrototypeTable):
      (JSC::ExecState::promiseConstructorTable):
      (JSC::ExecState::promiseResolverPrototypeTable):
      * runtime/VM.cpp:
      (JSC::VM::VM):
      (JSC::VM::~VM):
      * runtime/VM.h:
      Add supporting code for the new static lookup tables.
      
      * runtime/CommonIdentifiers.h:
      Add 3 new identifiers, "Promise", "PromiseResolver", and "then".
      
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::visitChildren):
      Add supporting code Promise and PromiseResolver's constructors and structures.
      
      * runtime/JSGlobalObject.h:
      (JSC::TaskContext::~TaskContext):
      Add a new callback to the GlobalObjectMethodTable to post a task on the embedder's runloop.
      
      (JSC::JSGlobalObject::promisePrototype):
      (JSC::JSGlobalObject::promiseResolverPrototype):
      (JSC::JSGlobalObject::promiseStructure):
      (JSC::JSGlobalObject::promiseResolverStructure):
      (JSC::JSGlobalObject::promiseCallbackStructure):
      (JSC::JSGlobalObject::promiseWrapperCallbackStructure):
      Add supporting code Promise and PromiseResolver's constructors and structures.
      
      * runtime/JSPromise.cpp: Added.
      * runtime/JSPromise.h: Added.
      * runtime/JSPromiseCallback.cpp: Added.
      * runtime/JSPromiseCallback.h: Added.
      * runtime/JSPromiseConstructor.cpp: Added.
      * runtime/JSPromiseConstructor.h: Added.
      * runtime/JSPromisePrototype.cpp: Added.
      * runtime/JSPromisePrototype.h: Added.
      * runtime/JSPromiseResolver.cpp: Added.
      * runtime/JSPromiseResolver.h: Added.
      * runtime/JSPromiseResolverConstructor.cpp: Added.
      * runtime/JSPromiseResolverConstructor.h: Added.
      * runtime/JSPromiseResolverPrototype.cpp: Added.
      * runtime/JSPromiseResolverPrototype.h: Added.
      Add Promise implementation.
      
      Source/WebCore: 
      
      Add an initial implementation of Promises - http://dom.spec.whatwg.org/#promises.
      - Despite Promises being defined in the DOM, the implementation is being put in JSC
        in preparation for the Promises eventually being defined in ECMAScript.
      
      Tests: fast/js/Promise-already-fulfilled.html
             fast/js/Promise-already-rejected.html
             fast/js/Promise-already-resolved.html
             fast/js/Promise-catch-in-workers.html
             fast/js/Promise-catch.html
             fast/js/Promise-chain.html
             fast/js/Promise-exception.html
             fast/js/Promise-fulfill-in-workers.html
             fast/js/Promise-fulfill.html
             fast/js/Promise-init-in-workers.html
             fast/js/Promise-init.html
             fast/js/Promise-reject-in-workers.html
             fast/js/Promise-reject.html
             fast/js/Promise-resolve-chain.html
             fast/js/Promise-resolve-in-workers.html
             fast/js/Promise-resolve-with-then-exception.html
             fast/js/Promise-resolve-with-then-fulfill.html
             fast/js/Promise-resolve-with-then-reject.html
             fast/js/Promise-resolve.html
             fast/js/Promise-simple-fulfill-inside-callback.html
             fast/js/Promise-simple-fulfill.html
             fast/js/Promise-simple-in-workers.html
             fast/js/Promise-simple.html
             fast/js/Promise-static-fulfill.html
             fast/js/Promise-static-reject.html
             fast/js/Promise-static-resolve.html
             fast/js/Promise-then-in-workers.html
             fast/js/Promise-then-without-callbacks-in-workers.html
             fast/js/Promise-then-without-callbacks.html
             fast/js/Promise-then.html
             fast/js/Promise-types.html
             fast/js/Promise.html
      
      * GNUmakefile.list.am:
      * Target.pri:
      * UseJSC.cmake:
      * WebCore.vcxproj/WebCore.vcxproj:
      * WebCore.vcxproj/WebCore.vcxproj.filters:
      * WebCore.xcodeproj/project.pbxproj:
      * bindings/js/JSBindingsAllInOne.cpp:
      Add new files.
      
      * bindings/js/JSDOMGlobalObjectTask.cpp: Added.
      (WebCore::JSGlobalObjectCallback::create):
      (WebCore::JSGlobalObjectCallback::~JSGlobalObjectCallback):
      (WebCore::JSGlobalObjectCallback::call):
      (WebCore::JSGlobalObjectCallback::JSGlobalObjectCallback):
      (WebCore::JSGlobalObjectTask::JSGlobalObjectTask):
      (WebCore::JSGlobalObjectTask::~JSGlobalObjectTask):
      (WebCore::JSGlobalObjectTask::performTask):
      * bindings/js/JSDOMGlobalObjectTask.h: Added.
      (WebCore::JSGlobalObjectTask::create):
      Add a new task type to be used with the GlobalObjectMethodTable's new QueueTaskToEventLoop callback.
      
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::queueTaskToEventLoop):
      * bindings/js/JSDOMWindowBase.h:
      Implement the GlobalObjectMethodTable callback, QueueTaskToEventLoop. 
      
      * bindings/js/JSMainThreadExecState.h:
      All using JSMainThreadExecState as a simple RAII object.
      
      * bindings/js/JSWorkerGlobalScopeBase.cpp:
      (WebCore::JSWorkerGlobalScopeBase::JSWorkerGlobalScopeBase):
      (WebCore::JSWorkerGlobalScopeBase::allowsAccessFrom):
      (WebCore::JSWorkerGlobalScopeBase::supportsProfiling):
      (WebCore::JSWorkerGlobalScopeBase::supportsRichSourceInfo):
      (WebCore::JSWorkerGlobalScopeBase::shouldInterruptScript):
      (WebCore::JSWorkerGlobalScopeBase::javaScriptExperimentsEnabled):
      (WebCore::JSWorkerGlobalScopeBase::queueTaskToEventLoop):
      * bindings/js/JSWorkerGlobalScopeBase.h:
      Add a GlobalObjectMethodTable and implement QueueTaskToEventLoop. Forward the other callbacks
      to JSGlobalObject so they retain their existing behavior.
      
      LayoutTests: 
      
      Add tests adapted from the Mozilla and Blink projects.
      
      * fast/js/Promise-already-fulfilled-expected.txt: Added.
      * fast/js/Promise-already-fulfilled.html: Added.
      * fast/js/Promise-already-rejected-expected.txt: Added.
      * fast/js/Promise-already-rejected.html: Added.
      * fast/js/Promise-already-resolved-expected.txt: Added.
      * fast/js/Promise-already-resolved.html: Added.
      * fast/js/Promise-catch-expected.txt: Added.
      * fast/js/Promise-catch-in-workers-expected.txt: Added.
      * fast/js/Promise-catch-in-workers.html: Added.
      * fast/js/Promise-catch.html: Added.
      * fast/js/Promise-chain-expected.txt: Added.
      * fast/js/Promise-chain.html: Added.
      * fast/js/Promise-exception-expected.txt: Added.
      * fast/js/Promise-exception.html: Added.
      * fast/js/Promise-expected.txt: Added.
      * fast/js/Promise-fulfill-expected.txt: Added.
      * fast/js/Promise-fulfill-in-workers-expected.txt: Added.
      * fast/js/Promise-fulfill-in-workers.html: Added.
      * fast/js/Promise-fulfill.html: Added.
      * fast/js/Promise-init-expected.txt: Added.
      * fast/js/Promise-init-in-workers-expected.txt: Added.
      * fast/js/Promise-init-in-workers.html: Added.
      * fast/js/Promise-init.html: Added.
      * fast/js/Promise-reject-expected.txt: Added.
      * fast/js/Promise-reject-in-workers-expected.txt: Added.
      * fast/js/Promise-reject-in-workers.html: Added.
      * fast/js/Promise-reject.html: Added.
      * fast/js/Promise-resolve-chain-expected.txt: Added.
      * fast/js/Promise-resolve-chain.html: Added.
      * fast/js/Promise-resolve-expected.txt: Added.
      * fast/js/Promise-resolve-in-workers-expected.txt: Added.
      * fast/js/Promise-resolve-in-workers.html: Added.
      * fast/js/Promise-resolve-with-then-exception-expected.txt: Added.
      * fast/js/Promise-resolve-with-then-exception.html: Added.
      * fast/js/Promise-resolve-with-then-fulfill-expected.txt: Added.
      * fast/js/Promise-resolve-with-then-fulfill.html: Added.
      * fast/js/Promise-resolve-with-then-reject-expected.txt: Added.
      * fast/js/Promise-resolve-with-then-reject.html: Added.
      * fast/js/Promise-resolve.html: Added.
      * fast/js/Promise-simple-expected.txt: Added.
      * fast/js/Promise-simple-fulfill-expected.txt: Added.
      * fast/js/Promise-simple-fulfill-inside-callback-expected.txt: Added.
      * fast/js/Promise-simple-fulfill-inside-callback.html: Added.
      * fast/js/Promise-simple-fulfill.html: Added.
      * fast/js/Promise-simple-in-workers-expected.txt: Added.
      * fast/js/Promise-simple-in-workers.html: Added.
      * fast/js/Promise-simple.html: Added.
      * fast/js/Promise-static-fulfill-expected.txt: Added.
      * fast/js/Promise-static-fulfill.html: Added.
      * fast/js/Promise-static-reject-expected.txt: Added.
      * fast/js/Promise-static-reject.html: Added.
      * fast/js/Promise-static-resolve-expected.txt: Added.
      * fast/js/Promise-static-resolve.html: Added.
      * fast/js/Promise-then-expected.txt: Added.
      * fast/js/Promise-then-in-workers-expected.txt: Added.
      * fast/js/Promise-then-in-workers.html: Added.
      * fast/js/Promise-then-without-callbacks-expected.txt: Added.
      * fast/js/Promise-then-without-callbacks-in-workers-expected.txt: Added.
      * fast/js/Promise-then-without-callbacks-in-workers.html: Added.
      * fast/js/Promise-then-without-callbacks.html: Added.
      * fast/js/Promise-then.html: Added.
      * fast/js/Promise-types-expected.txt: Added.
      * fast/js/Promise-types.html: Added.
      * fast/js/Promise.html: Added.
      * fast/js/resources/Promise-catch-in-workers.js: Added.
      * fast/js/resources/Promise-fulfill-in-workers.js: Added.
      * fast/js/resources/Promise-init-in-workers.js: Added.
      * fast/js/resources/Promise-reject-in-workers.js: Added.
      * fast/js/resources/Promise-resolve-in-workers.js: Added.
      * fast/js/resources/Promise-simple-in-workers.js: Added.
      * fast/js/resources/Promise-then-in-workers.js: Added.
      * fast/js/resources/Promise-then-without-callbacks-in-workers.js: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154629 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bd760697
    • zandobersek@gmail.com's avatar
      Plenty of -Wcast-align warnings in KeywordLookup.h · fbef8ed9
      zandobersek@gmail.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120316
      
      Reviewed by Darin Adler.
      
      * KeywordLookupGenerator.py: Use reinterpret_cast instead of a C-style cast when casting
      the character pointers to types of larger size. This avoids spewing lots of warnings
      in the KeywordLookup.h header when compiling with the -Wcast-align option.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154626 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fbef8ed9
    • barraclough@apple.com's avatar
      RegExpMatchesArray should not call [[put]] · 49a919a4
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120317
      
      Reviewed by Oliver Hunt.
      
      This will call accessors on the JSObject/JSArray prototypes - so adding an accessor or read-only
      property called index or input to either of these prototypes will result in broken behavior.
      
      Source/JavaScriptCore: 
      
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::reifyAllProperties):
          - put -> putDirect
      
      LayoutTests: 
      
      * fast/regex/lastIndex-expected.txt:
      * fast/regex/script-tests/lastIndex.js:
          - Added test
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154612 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      49a919a4
  4. 25 Aug, 2013 1 commit
    • fpizlo@apple.com's avatar
      FloatTypedArrayAdaptor::toJSValue should almost certainly not use jsNumber()... · 1fb752ad
      fpizlo@apple.com authored
      FloatTypedArrayAdaptor::toJSValue should almost certainly not use jsNumber() since that attempts int conversions
      https://bugs.webkit.org/show_bug.cgi?id=120228
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt.
              
      It turns out that there were three problems:
              
      - Using jsNumber() meant that we were converting doubles to integers and then
        possibly back again whenever doing a set() between floating point arrays.
              
      - Slow-path accesses to double typed arrays were slower than necessary because
        of the to-int conversion attempt.
              
      - The use of JSValue as an intermediate for converting between differen types
        in typedArray.set() resulted in worse code than I had previously expected.
              
      This patch solves the problem by using template double-dispatch to ensure that
      that C++ compiler sees the simplest possible combination of casts between any
      combination of typed array types, while still preserving JS and typed array
      conversion semantics. Conversions are done as follows:
              
          SourceAdaptor::convertTo<TargetAdaptor>(value)
              
      Internally, convertTo() calls one of three possible methods on TargetAdaptor,
      with one method for each of int32_t, uint32_t, and double. This means that the
      C++ compiler will at worst see a widening cast to one of those types followed
      by a narrowing conversion (not necessarily a cast - may have clamping or the
      JS toInt32() function).
              
      This change doesn't just affect typedArray.set(); it also affects slow-path
      accesses to typed arrays as well. This patch also adds a bunch of new test
      coverage.
              
      This change is a ~50% speed-up on typedArray.set() involving floating point
      types.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * runtime/GenericTypedArrayView.h:
      (JSC::GenericTypedArrayView::set):
      * runtime/JSDataViewPrototype.cpp:
      (JSC::setData):
      * runtime/JSGenericTypedArrayView.h:
      (JSC::JSGenericTypedArrayView::setIndexQuicklyToDouble):
      (JSC::JSGenericTypedArrayView::setIndexQuickly):
      * runtime/JSGenericTypedArrayViewInlines.h:
      (JSC::::setWithSpecificType):
      (JSC::::set):
      * runtime/ToNativeFromValue.h: Added.
      (JSC::toNativeFromValue):
      * runtime/TypedArrayAdaptors.h:
      (JSC::IntegralTypedArrayAdaptor::toJSValue):
      (JSC::IntegralTypedArrayAdaptor::toDouble):
      (JSC::IntegralTypedArrayAdaptor::toNativeFromInt32):
      (JSC::IntegralTypedArrayAdaptor::toNativeFromUint32):
      (JSC::IntegralTypedArrayAdaptor::toNativeFromDouble):
      (JSC::IntegralTypedArrayAdaptor::convertTo):
      (JSC::FloatTypedArrayAdaptor::toJSValue):
      (JSC::FloatTypedArrayAdaptor::toDouble):
      (JSC::FloatTypedArrayAdaptor::toNativeFromInt32):
      (JSC::FloatTypedArrayAdaptor::toNativeFromUint32):
      (JSC::FloatTypedArrayAdaptor::toNativeFromDouble):
      (JSC::FloatTypedArrayAdaptor::convertTo):
      (JSC::Uint8ClampedAdaptor::toJSValue):
      (JSC::Uint8ClampedAdaptor::toDouble):
      (JSC::Uint8ClampedAdaptor::toNativeFromInt32):
      (JSC::Uint8ClampedAdaptor::toNativeFromUint32):
      (JSC::Uint8ClampedAdaptor::toNativeFromDouble):
      (JSC::Uint8ClampedAdaptor::convertTo):
      
      LayoutTests: 
      
      Reviewed by Oliver Hunt.
              
      Add coverage for three things:
              
      - Typed array accesses with corner-case values.
              
      - Typed array set() (i.e. copy) between arrays of different types.
              
      - Performance of typedArray.set() involving different types.
              
      This required some changes to our test harnesses, since they previously
      couldn't consistently do numerical array comparisons in a reliable way.
      
      * fast/js/regress/Float32Array-to-Float64Array-set-expected.txt: Added.
      * fast/js/regress/Float32Array-to-Float64Array-set.html: Added.
      * fast/js/regress/Float64Array-to-Int16Array-set-expected.txt: Added.
      * fast/js/regress/Float64Array-to-Int16Array-set.html: Added.
      * fast/js/regress/Int16Array-to-Int32Array-set-expected.txt: Added.
      * fast/js/regress/Int16Array-to-Int32Array-set.html: Added.
      * fast/js/regress/script-tests/Float32Array-to-Float64Array-set.js: Added.
      * fast/js/regress/script-tests/Float64Array-to-Int16Array-set.js: Added.
      * fast/js/regress/script-tests/Int16Array-to-Int32Array-set.js: Added.
      * fast/js/resources/js-test-pre.js:
      (areNumbersEqual):
      (areArraysEqual):
      (isResultCorrect):
      * fast/js/resources/standalone-pre.js:
      (areNumbersEqual):
      (areArraysEqual):
      (isTypedArray):
      (isResultCorrect):
      (stringify):
      (shouldBe):
      * fast/js/script-tests/typed-array-access.js: Added.
      (bitsToString):
      (bitsToValue):
      (valueToBits):
      (roundTrip):
      * fast/js/script-tests/typed-array-set-different-types.js: Added.
      (MyRandom):
      (.reference):
      (.usingConstruct):
      * fast/js/typed-array-access-expected.txt: Added.
      * fast/js/typed-array-access.html: Added.
      * fast/js/typed-array-set-different-types-expected.txt: Added.
      * fast/js/typed-array-set-different-types.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154569 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1fb752ad
  5. 24 Aug, 2013 1 commit
  6. 23 Aug, 2013 6 commits
    • commit-queue@webkit.org's avatar
      Failure building with python3 · ccdbe1c7
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=106645
      
      Patch by Laszlo Papp <lpapp@kde.org> on 2013-08-23
      Reviewed by Benjamin Poulain.
      
      Use print functions instead of python statements to be compatible with python 3.X and 2.7 as well.
      Archlinux has been using python3 and that is what causes issues while packaging QtWebKit along with Qt5.
      
      * disassembler/udis86/itab.py:
      (UdItabGenerator.genInsnTable):
      * disassembler/udis86/ud_opcode.py:
      (UdOpcodeTables.print_table):
      * disassembler/udis86/ud_optable.py:
      (UdOptableXmlParser.parseDef):
      (UdOptableXmlParser.parse):
      (printFn):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154521 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ccdbe1c7
    • fpizlo@apple.com's avatar
      Incorrect TypedArray#set behavior · 067496d0
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=83818
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt and Mark Hahnenberg.
              
      This was so much fun! typedArray.set() is like a memmove on steroids, and I'm
      not smart enough to figure out optimal versions for *all* of the cases. But I
      did come up with optimal implementations for most of the cases, and I wrote
      spec-literal code (i.e. copy via a transfer buffer) for the cases I'm not smart
      enough to write optimal code for.
      
      * runtime/JSArrayBufferView.h:
      (JSC::JSArrayBufferView::hasArrayBuffer):
      * runtime/JSArrayBufferViewInlines.h:
      (JSC::JSArrayBufferView::buffer):
      (JSC::JSArrayBufferView::existingBufferInButterfly):
      (JSC::JSArrayBufferView::neuter):
      (JSC::JSArrayBufferView::byteOffset):
      * runtime/JSGenericTypedArrayView.h:
      * runtime/JSGenericTypedArrayViewInlines.h:
      (JSC::::setWithSpecificType):
      (JSC::::set):
      (JSC::::existingBuffer):
      
      LayoutTests: 
      
      Reviewed by Oliver Hunt and Mark Hahnenberg.
              
      Made it possible for shouldBe() to compare typed arrays to each other and to any array-like
      object.
              
      Added a bunch of tests for different kinds of overlapping typedArray.set()'s.
              
      For sanity, also added the reduced test case from the bug. Interestingly, though, that test
      case already passed on trunk - probably by luck (we had incidentally changed the default
      copy direction from one that happened to not work to one that happened to be fine, but only
      for this test).
      
      * fast/js/jsc-test-list:
      * fast/js/resources/js-test-pre.js:
      (isTypedArray):
      (isResultCorrect):
      (stringify):
      (shouldBe):
      * fast/js/script-tests/typed-array-copy.js: Added.
      * fast/js/script-tests/typedarray-set-destination-smaller-than-source.js: Added.
      * fast/js/script-tests/typedarray-set-overlapping-elements-of-same-size.js: Added.
      * fast/js/script-tests/typedarray-set-same-type-memmove.js: Added.
      (arraysEqual):
      * fast/js/script-tests/typedarray-set-source-smaller-than-destination.js: Added.
      * fast/js/typed-array-copy-expected.txt: Added.
      * fast/js/typed-array-copy.html: Added.
      * fast/js/typedarray-set-destination-smaller-than-source-expected.txt: Added.
      * fast/js/typedarray-set-destination-smaller-than-source.html: Added.
      * fast/js/typedarray-set-overlapping-elements-of-same-size-expected.txt: Added.
      * fast/js/typedarray-set-overlapping-elements-of-same-size.html: Added.
      * fast/js/typedarray-set-same-type-memmove-expected.txt: Added.
      * fast/js/typedarray-set-same-type-memmove.html: Added.
      * fast/js/typedarray-set-source-smaller-than-destination-expected.txt: Added.
      * fast/js/typedarray-set-source-smaller-than-destination.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154518 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      067496d0
    • alex.christensen@flexsim.com's avatar
      Re-separating Win32 and Win64 builds. · 1b370662
      alex.christensen@flexsim.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120178
      
      Reviewed by Brent Fulgham.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.make:
      Pass PlatformArchitecture as a command line parameter to bash scripts.
      * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh:
      * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/build-LLIntDesiredOffsets.sh:
      * JavaScriptCore.vcxproj/build-generated-files.sh:
      Use PlatformArchitecture from command line to determine which object directory to use (obj32 or obj64).
      
      Source/WebCore: 
      
      * WebCore.vcxproj/WebCoreGenerated.make:
      * WebCore.vcxproj/WebCoreGeneratedWinCairo.make:
      Pass PlatformArchitecture as a command line parameter to bash scripts
      and use PlatformArchitecture to determine which directory to delete
      while cleaning (obj32 or obj64).
      * WebCore.vcxproj/WebCoreGeneratedWinCairoCommon.props:
      Export PlatformArchitecture to be used by make and cmd scripts.
      * WebCore.vcxproj/build-generated-files.sh:
      Use PlatformArchitecture from command line to determine which object directory to use (obj32 or obj64).
      * WebCore.vcxproj/copyForwardingHeaders.cmd:
      * WebCore.vcxproj/copyWebCoreResourceFiles.cmd:
      Use PlatformArchitecture to determine which directory to copy to (obj32 or obj64).
      
      Source/WebKit: 
      
      * WebKit.vcxproj/WebKit/WebKitPostBuild.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorBuildCmd.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPostBuild.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPreBuild.cmd:
      Use PlatformArchitecture to determine correct object directory (obj32 or obj64).
      
      Source/WTF: 
      
      * WTF.vcxproj/WTFGenerated.make:
      Pass PlatformArchitecture as a command line parameter to bash scripts.
      * WTF.vcxproj/build-generated-files.sh:
      Use PlatformArchitecture from command line to determine which object directory to use (obj32 or obj64).
      
      WebKitLibraries: 
      
      * win/tools/vsprops/common.props:
      Export PlatformArchitecture to be used by make and cmd scripts.
      Use PlatformArchitecture to determine correct build directory
      (lib32/bin32/obj32 or lib64/bin64/obj64).
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154513 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1b370662
    • fpizlo@apple.com's avatar
      build-jsc --ftl-jit should work · 67aa405d
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120194
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      * Configurations/Base.xcconfig: CPPFLAGS should include FEATURE_DEFINES
      * Configurations/JSC.xcconfig: The 'jsc' tool includes headers where field layout may depend on FEATURE_DEFINES
      * Configurations/ToolExecutable.xcconfig: All other tools include headers where field layout may depend on FEATURE_DEFINES
      * ftl/FTLLowerDFGToLLVM.cpp: Build fix
      (JSC::FTL::LowerDFGToLLVM::compilePutStructure):
      (JSC::FTL::LowerDFGToLLVM::compilePhantomPutStructure):
      
      Source/WTF: 
      
      * wtf/LLVMHeaders.h: I don't know what went wrong here. If HAVE(LLVM), then we need those headers!
      
      Tools: 
      
      * Scripts/build-jsc: Need to pass the feature flag to xcodebuild
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154509 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      67aa405d
    • oliver@apple.com's avatar
      Re-sort xcode project file · 189baf5c
      oliver@apple.com authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154499 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      189baf5c
    • oliver@apple.com's avatar
      Support in memory compression of rarely used data · abcf78c4
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120143
      
      Reviewed by Gavin Barraclough.
      
      Source/JavaScriptCore:
      
      Include zlib in LD_FLAGS and make UnlinkedCodeBlock make use of CompressibleVector.  This saves ~200k on google maps.
      
      * Configurations/JavaScriptCore.xcconfig:
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset):
      (JSC::UnlinkedCodeBlock::addExpressionInfo):
      * bytecode/UnlinkedCodeBlock.h:
      
      Source/WTF:
      
      Adds a set of utility functions to wrap the use of zlib over a generic
      type or a Vector<> as well as adding CompressibleVector that wraps
      either a Vector<> or compressed data.
      
      * GNUmakefile.list.am:
      * WTF.pro:
      * WTF.vcxproj/WTF.vcxproj:
      * WTF.xcodeproj/project.pbxproj:
      * wtf/CMakeLists.txt:
      * wtf/CheckedArithmetic.h:
      * wtf/Compression.cpp: Added.
      (WTF::zAlloc):
      (WTF::zFree):
      (WTF::GenericCompressedData::create):
      (WTF::GenericCompressedData::decompress):
      * wtf/Compression.h: Added.
      (WTF::GenericCompressedData::compressedSize):
      (WTF::GenericCompressedData::originalSize):
      (WTF::GenericCompressedData::GenericCompressedData):
      (WTF::CompressedVector::create):
      (WTF::CompressedVector::decompress):
      (WTF::CompressedVector::size):
      (WTF::CompressibleVector::CompressibleVector):
      (WTF::CompressibleVector::shrinkToFit):
      (WTF::CompressibleVector::size):
      (WTF::CompressibleVector::operator[]):
      (WTF::CompressibleVector::at):
      (WTF::CompressibleVector::begin):
      (WTF::CompressibleVector::end):
      (WTF::CompressibleVector::data):
      (WTF::CompressibleVector::decompressIfNecessary):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154498 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      abcf78c4
  7. 22 Aug, 2013 8 commits
  8. 21 Aug, 2013 11 commits
    • commit-queue@webkit.org's avatar
      Unreviewed, rolling out r154416. · 4ef33f9a
      commit-queue@webkit.org authored
      http://trac.webkit.org/changeset/154416
      https://bugs.webkit.org/show_bug.cgi?id=120147
      
      Broke Windows builds (Requested by rniwa on #webkit).
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh:
      * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/build-LLIntDesiredOffsets.sh:
      * JavaScriptCore.vcxproj/build-generated-files.sh:
      
      Source/WebCore:
      
      * WebCore.vcxproj/WebCoreGenerated.make:
      * WebCore.vcxproj/WebCoreGeneratedWinCairo.make:
      * WebCore.vcxproj/WebCoreGeneratedWinCairoCommon.props:
      * WebCore.vcxproj/build-generated-files.sh:
      * WebCore.vcxproj/copyForwardingHeaders.cmd:
      * WebCore.vcxproj/copyWebCoreResourceFiles.cmd:
      
      Source/WebKit:
      
      * WebKit.vcxproj/WebKit/WebKitPostBuild.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorBuildCmd.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPostBuild.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPreBuild.cmd:
      
      Source/WTF:
      
      * WTF.vcxproj/WTFGenerated.make:
      * WTF.vcxproj/build-generated-files.sh:
      
      WebKitLibraries:
      
      * win/tools/vsprops/common.props:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154436 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4ef33f9a
    • barraclough@apple.com's avatar
      Clarify var/const/function declaration · 1d962d08
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120144
      
      Reviewed by Sam Weinig.
      
      Add methods to JSGlobalObject to declare vars, consts, and functions.
      
      * runtime/Executable.cpp:
      (JSC::ProgramExecutable::initializeGlobalProperties):
      * runtime/Executable.h:
          - Moved declaration code to JSGlobalObject
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::addGlobalVar):
          - internal implementation of addVar, addConst, addFunction
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::addVar):
      (JSC::JSGlobalObject::addConst):
      (JSC::JSGlobalObject::addFunction):
          - Added methods to declare vars, consts, and functions
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154434 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1d962d08
    • commit-queue@webkit.org's avatar
      https://bugs.webkit.org/show_bug.cgi?id=119900 · 40b6cd3c
      commit-queue@webkit.org authored
      Exception in global setter doesn't unwind correctly
      
      Patch by Yi Shen <max.hong.shen@gmail.com> on 2013-08-21
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore:
      
      Call VM_THROW_EXCEPTION_AT_END in op_put_to_scope if the setter throws exception.
      
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      
      LayoutTests:
      
      Add test for calling global setter which throws exception.
      
      * fast/js/script-tests/throw-exception-in-global-setter.js: Added.
      (g):
      * fast/js/throw-exception-in-global-setter-expected.txt: Added.
      * fast/js/throw-exception-in-global-setter.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154429 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      40b6cd3c
    • mhahnenberg@apple.com's avatar
      Rename/refactor setButterfly/setStructure · ab08d670
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120138
      
      Reviewed by Geoffrey Garen.
      
      setButterfly becomes setStructureAndButterfly.
      
      Also removed the Butterfly* argument from setStructure and just implicitly
      used m_butterfly internally since that's what every single client of setStructure
      was doing already.
      
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/JSObject.cpp:
      (JSC::JSObject::notifyPresenceOfIndexedAccessors):
      (JSC::JSObject::createInitialUndecided):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::convertUndecidedToArrayStorage):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::convertInt32ToArrayStorage):
      (JSC::JSObject::genericConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::seal):
      (JSC::JSObject::freeze):
      (JSC::JSObject::preventExtensions):
      (JSC::JSObject::reifyStaticFunctionsForDelete):
      (JSC::JSObject::removeDirect):
      * runtime/JSObject.h:
      (JSC::JSObject::setStructureAndButterfly):
      (JSC::JSObject::setStructure):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putDirectWithoutTransition):
      * runtime/Structure.cpp:
      (JSC::Structure::flattenDictionaryStructure):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154426 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ab08d670
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=120127 · f39a4ec4
      barraclough@apple.com authored
      Remove JSObject::propertyIsEnumerable
      
      Unreviewed typo fix
      
      * runtime/JSObject.h:
          - fix typo
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154423 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f39a4ec4
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=120139 · 61ff98cd
      barraclough@apple.com authored
      PropertyDescriptor argument to define methods should be const
      
      Rubber stamped by Sam Weinig.
      
      This should never be modified, and this way we can use rvalues.
      
      Source/JavaScriptCore: 
      
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::defineOwnProperty):
      * debugger/DebuggerActivation.h:
      * runtime/Arguments.cpp:
      (JSC::Arguments::defineOwnProperty):
      * runtime/Arguments.h:
      * runtime/ClassInfo.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      * runtime/JSArray.h:
      * runtime/JSArrayBuffer.cpp:
      (JSC::JSArrayBuffer::defineOwnProperty):
      * runtime/JSArrayBuffer.h:
      * runtime/JSArrayBufferView.cpp:
      (JSC::JSArrayBufferView::defineOwnProperty):
      * runtime/JSArrayBufferView.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::defineOwnProperty):
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSFunction.h:
      * runtime/JSGenericTypedArrayView.h:
      * runtime/JSGenericTypedArrayViewInlines.h:
      (JSC::::defineOwnProperty):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::defineOwnProperty):
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::putDescriptor):
      (JSC::JSObject::defineOwnNonIndexProperty):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::defineOwnProperty):
      * runtime/JSProxy.h:
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::defineOwnProperty):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::defineOwnProperty):
      * runtime/RegExpObject.h:
      * runtime/StringObject.cpp:
      (JSC::StringObject::defineOwnProperty):
      * runtime/StringObject.h:
          - make PropertyDescriptor const
      
      Source/WebCore: 
      
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::defineOwnProperty):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::defineOwnProperty):
      (WebCore::JSLocationPrototype::defineOwnProperty):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
          - make PropertyDescriptor const
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154422 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      61ff98cd
    • fpizlo@apple.com's avatar
      REGRESSION: Crash under JITCompiler::link while loading Gmail · 5feb4a8f
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=119872
      
      Source/JavaScriptCore: 
      
      Reviewed by Mark Hahnenberg.
              
      Apparently, unsigned + signed = unsigned. Work around it with a cast.
      
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      
      LayoutTests: 
      
      Reviewed by Mark Hahnenberg.
      
      * fast/js/dfg-switch-imm-negative-expected.txt: Added.
      * fast/js/dfg-switch-imm-negative.html: Added.
      * fast/js/jsc-test-list:
      * fast/js/script-tests/dfg-switch-imm-negative.js: Added.
      (foo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154419 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5feb4a8f
    • achristensen@apple.com's avatar
      <https://webkit.org/b/120137> Separating Win32 and Win64 builds. · 23db3941
      achristensen@apple.com authored
      Reviewed by Brent Fulgham.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.make:
      * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.make:
      Pass PlatformArchitecture as a command line parameter to bash scripts.
      * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh:
      * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/build-LLIntDesiredOffsets.sh:
      * JavaScriptCore.vcxproj/build-generated-files.sh:
      Use PlatformArchitecture from command line to determine which object directory to use (obj32 or obj64).
      
      Source/WebCore: 
      
      * WebCore.vcxproj/WebCoreGenerated.make:
      * WebCore.vcxproj/WebCoreGeneratedWinCairo.make:
      Pass PlatformArchitecture as a command line parameter to bash scripts
      and use PlatformArchitecture to determine which directory to delete
      while cleaning (obj32 or obj64).
      * WebCore.vcxproj/WebCoreGeneratedWinCairoCommon.props:
      Export PlatformArchitecture to be used by make and cmd scripts.
      * WebCore.vcxproj/build-generated-files.sh:
      Use PlatformArchitecture from command line to determine which object directory to use (obj32 or obj64).
      * WebCore.vcxproj/copyForwardingHeaders.cmd:
      * WebCore.vcxproj/copyWebCoreResourceFiles.cmd:
      Use PlatformArchitecture to determine which directory to copy to (obj32 or obj64).
      
      Source/WebKit: 
      
      * WebKit.vcxproj/WebKit/WebKitPostBuild.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorBuildCmd.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPostBuild.cmd:
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExportGeneratorPreBuild.cmd:
      Use PlatformArchitecture to determine correct object directory (obj32 or obj64).
      
      Source/WTF: 
      
      * WTF.vcxproj/WTFGenerated.make:
      Pass PlatformArchitecture as a command line parameter to bash scripts.
      * WTF.vcxproj/build-generated-files.sh:
      Use PlatformArchitecture from command line to determine which object directory to use (obj32 or obj64).
      
      WebKitLibraries: 
      
      * win/tools/vsprops/common.props:
      Export PlatformArchitecture to be used by make and cmd scripts.
      Use PlatformArchitecture to determine correct build directory
      (lib32/bin32/obj32 or lib64/bin64/obj64).
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154416 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      23db3941
    • fpizlo@apple.com's avatar
      Assertion failure in JSC::SlotVisitor::copyLater when marking JSDataView · cd07b473
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120099
      
      Source/JavaScriptCore: 
      
      Reviewed by Mark Hahnenberg.
              
      JSDataView should not store the ArrayBuffer* in the butterfly indexing header, since
      JSDataView may have ordinary JS indexed properties.
      
      * runtime/ClassInfo.h:
      * runtime/JSArrayBufferView.cpp:
      (JSC::JSArrayBufferView::ConstructionContext::ConstructionContext):
      (JSC::JSArrayBufferView::finishCreation):
      * runtime/JSArrayBufferView.h:
      (JSC::hasArrayBuffer):
      * runtime/JSArrayBufferViewInlines.h:
      (JSC::JSArrayBufferView::buffer):
      (JSC::JSArrayBufferView::neuter):
      (JSC::JSArrayBufferView::byteOffset):
      * runtime/JSCell.cpp:
      (JSC::JSCell::slowDownAndWasteMemory):
      * runtime/JSCell.h:
      * runtime/JSDataView.cpp:
      (JSC::JSDataView::JSDataView):
      (JSC::JSDataView::create):
      (JSC::JSDataView::slowDownAndWasteMemory):
      * runtime/JSDataView.h:
      (JSC::JSDataView::buffer):
      * runtime/JSGenericTypedArrayView.h:
      * runtime/JSGenericTypedArrayViewInlines.h:
      (JSC::::visitChildren):
      (JSC::::slowDownAndWasteMemory):
      
      LayoutTests: 
      
      Reviewed by Mark Hahnenberg.
      
      * fast/js/regress/ArrayBuffer-DataView-alloc-large-long-lived-expected.txt: Added.
      * fast/js/regress/ArrayBuffer-DataView-alloc-large-long-lived.html: Added.
      * fast/js/regress/ArrayBuffer-DataView-alloc-long-lived-expected.txt: Added.
      * fast/js/regress/ArrayBuffer-DataView-alloc-long-lived.html: Added.
      * fast/js/regress/DataView-custom-properties-expected.txt: Added.
      * fast/js/regress/DataView-custom-properties.html: Added.
      * fast/js/regress/script-tests/ArrayBuffer-DataView-alloc-large-long-lived.js: Added.
      * fast/js/regress/script-tests/ArrayBuffer-DataView-alloc-long-lived.js: Added.
      * fast/js/regress/script-tests/DataView-custom-properties.js: Added.
      * platform/mac/TestExpectations: 
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154408 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cd07b473
    • mhahnenberg@apple.com's avatar
      Remove incorrect ASSERT from CopyVisitor::visitItem · a61dc64e
      mhahnenberg@apple.com authored
      Rubber stamped by Filip Pizlo.
      
      Source/JavaScriptCore: 
      
      * heap/CopyVisitorInlines.h:
      (JSC::CopyVisitor::visitItem):
      
      LayoutTests: 
      
      Added a new test that triggered the old ASSERT. It's a useful test to have because we create
      TypedArrays with custom properties.
      
      * fast/js/regress/ArrayBuffer-Int8Array-alloc-large-long-lived-fragmented-expected.txt: Added.
      * fast/js/regress/ArrayBuffer-Int8Array-alloc-large-long-lived-fragmented.html: Added.
      * fast/js/regress/script-tests/ArrayBuffer-Int8Array-alloc-large-long-lived-fragmented.js: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154407 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a61dc64e
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=120127 · 8c300972
      barraclough@apple.com authored
      Remove JSObject::propertyIsEnumerable
      
      Reviewed by Sam Weinig.
      
      This method is just a wart - it contains unnecessary const-casting, function call overhead, and LOC.
      
      * runtime/JSObject.cpp:
      * runtime/JSObject.h:
          - remove propertyIsEnumerable
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncPropertyIsEnumerable):
          - Move implementation here using getOwnPropertyDescriptor directly.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154405 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8c300972