- 11 Nov, 2007 1 commit
-
-
darin@apple.com authored
Reviewed by Sam. - http://bugs.webkit.org/show_bug.cgi?id=15924 next round of changes to JSRegExp (formerly PCRE) This is a combination of converting to C++, tweaking the API, and adding some additional optimizations. Future steps will involve getting rid of the use of UTF-8 completely (we'll use UTF-16 exclusively instead), eliminating more source files, and some more speed-ups. SunSpider says the current round is an 0.9% speed-up overall, and a 5.3% speed-up for regexp. * JavaScriptCore.exp: Updated for new entry points. * JavaScriptCore.pri: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.vcproj/dftables/dftables.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * JavaScriptCoreSources.bkl: * jscore.bkl: Updated for new source file names and ForwardingHeaders. * kjs/regexp.cpp: (KJS::RegExp::RegExp): Changed to use the error message without calling strdup on it and to pass the new types and options. (KJS::RegExp::~RegExp): Removed the now-unneeded free of the error message. (KJS::RegExp::match): Pass the new types and options. * kjs/regexp.h: Update type of m_constructionError. * pcre/AUTHORS: Update to reflect the status of the project -- we don't include the Google parts, and this isn't the PCRE library, per se. * pcre/COPYING: Ditto. * pcre/dftables.cpp: Copied from JavaScriptCore/pcre/dftables.c. (main): Removed unneeded ctype_digit. * pcre/pcre.h: Convert to C++, tweak API a bit. Use UChar instead of JSRegExpChar. * pcre/pcre_compile.cpp: Copied from JavaScriptCore/pcre/pcre_compile.c. Moved a lot of private stuff used only within this file here from pcre_internal.h. Renumbered the error codes. (error_text): Use a single string with embedded nulls for the error text (I got this idea from newer versions of PCRE). (check_escape): Changed return type to be enum instead of int. Replaced ctype_digit uses with isASCIIDigit. (is_counted_repeat): Ditto. (read_repeat_counts): Ditto. (first_significant_code): Ditto. (find_fixedlength): Ditto. (could_be_empty_branch): Ditto. (compile_branch): Ditto. Also removed some code that handles changing options. JavaScript doesn't have any of the features that allow options to change. (compile_regex): Updated for change to options parameter. (is_anchored): Ditto. (find_firstassertedchar): Ditto. (jsRegExpCompile): Changed to take separate flags instead of an options int. Also changed to call new/delete instead of pcre_malloc/free. (jsRegExpFree): Ditto. * pcre/pcre_exec.cpp: Copied from JavaScriptCore/pcre/pcre_exec.c. Added a case that uses computed goto for the opcode loop, but did not turn it on. Changed the RMATCH macro to handle returns more efficiently by putting the where pointer in the new frame instead of the old one, allowing us to branch to the return with a single statement. Switched to new/delete from pcre_malloc/free. Changed many RRETURN callers to not set the return value since it's already set correctly. Replaced the rrc variable with an is_match variable. Values other than "match" and "no match" are now handled differently. This allows us to remove the code to check for those cases in various rules. (match): All the case statements use a macro BEGIN_OPCODE instead. And all the continue statements, or break statements that break out of the outer case use a macro NEXT_OPCODE instead. Replaced a few if statements with assertions. (jsRegExpExecute): Use new/delete instead of pcre_malloc/free. Removed unused start_match field from the match block. * pcre/pcre_internal.h: Moved the last few configuration macros from pcre-config.h in here. Removed various unused types. Converted from JSRegExpChar to UChar. Eliminated pcre_malloc/free. Replaced the opcode enum with a macro that can be used in multiple places. Unfortunately we lose the comments for each opcode; we should find a place to put those back. Removed ctype_digit. * pcre/pcre_maketables.cpp: Copied from JavaScriptCore/pcre/pcre_maketables.c. (pcre_maketables): Got rid of the conditional code that allows this to be compiled in -- it's only used for dftables now (and soon may be obsolete entirely). Changed code for cbit_digit to not use isdigit, and took the "_" case out of the loop. Removed ctype_digit. * pcre/pcre_ord2utf8.cpp: Copied from JavaScriptCore/pcre/pcre_ord2utf8.c. * pcre/pcre_tables.cpp: Copied from JavaScriptCore/pcre/pcre_tables.c. Moved _pcre_OP_lengths out of here into pcre_exec.cpp. * pcre/pcre_ucp_searchfuncs.cpp: Copied from JavaScriptCore/pcre/pcre_ucp_searchfuncs.c. Updated for other file name changes. * pcre/pcre_xclass.cpp: Copied from JavaScriptCore/pcre/pcre_xclass.c. * pcre/ucpinternal.h: Updated header. * pcre/ucptable.cpp: Copied from JavaScriptCore/pcre/ucptable.c. * wtf/ASCIICType.h: (WTF::isASCIIDigit): Removed a branch by changing from && to & for this operation. Also added an overload that takes an int because that's useful for PCRE. Later we could optimize for int and overload other functions in this file; stuck to this simple one for now. * wtf/unicode/icu/UnicodeIcu.h: Removed unused isUpper. * wtf/unicode/qt4/UnicodeQt4.h: Ditto. * pcre/LICENCE: Removed. * pcre/pcre-config.h: Removed. * wtf/FastMallocPCRE.cpp: Removed. * pcre/dftables.c: Renamed to cpp. * pcre/pcre_compile.c: Ditto. * pcre/pcre_exec.c: Ditto. * pcre/pcre_maketables.c: Ditto. * pcre/pcre_ord2utf8.c: Ditto. * pcre/pcre_tables.c: Ditto. * pcre/pcre_ucp_searchfuncs.c: Ditto. * pcre/pcre_xclass.c: Ditto. * pcre/ucptable.c: Ditto. WebCore: Reviewed by Sam. - updated for JSRegExp function changes * platform/RegularExpression.cpp: (WebCore::RegularExpression::Private::compile): (WebCore::RegularExpression::match): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27686 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 05 Nov, 2007 1 commit
-
-
ggaren authored
Reviewed by Darin Adler. http://bugs.webkit.org/show_bug.cgi?id=15835 Switched List implementation from a custom heap allocator to an inline Vector, for a disappointing .5% SunSpider speedup. Also renamed List::slice to List::getSlice because "get" is the conventional prefix for functions returning a value through an out parameter. * kjs/array_object.cpp: (KJS::ArrayProtoFunc::callAsFunction): Removed some redundant function calls and memory accesses. * kjs/bool_object.cpp: (BooleanObjectImp::construct): Removed questionable use of iterator. * kjs/list.cpp: * kjs/list.h: New List class, implemented in terms of Vector. Two interesting differences: 1. The inline capacity is 8, not 5. Many of the Lists constructed during a SunSpider run are larger than 5; almost none are larger than 8. 2. The growth factor is 4, not 2. Since we can guarantee that Lists aren't long-lived, we can grow them more aggressively, to avoid excessive copying. * kjs/regexp_object.cpp: (RegExpObjectImp::construct): Removed redundant function calls. * kjs/string_object.cpp: (KJS::StringObjectImp::construct): Removed questionable use of iterator. * wtf/Vector.h: (WTF::::uncheckedAppend): Added a fast, unchecked version of append. WebCore: Reviewed by Darin Adler. http://bugs.webkit.org/show_bug.cgi?id=15835 Small adaptations to new KJS::List class. * bindings/js/kjs_window.cpp: (KJS::WindowFunc::callAsFunction): (KJS::ScheduledAction::ScheduledAction): WebKit: Reviewed by Darin Adler. http://bugs.webkit.org/show_bug.cgi?id=15835 Small adaptations to new KJS::List class. * ForwardingHeaders/kjs/value.h: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27448 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 03 Nov, 2007 1 commit
-
-
darin@apple.com authored
Reviewed by Maciej. - http://bugs.webkit.org/show_bug.cgi?id=15821 remove unused PCRE features for speed A first step toward removing the PCRE features we don't use. This gives a 0.8% speedup on SunSpider, and a 6.5% speedup on the SunSpider regular expression test. Replaced the public interface with one that doesn't use the name PCRE. Removed code we don't need for JavaScript and various configurations we don't use. This is in preparation for still more changes in the future. We'll probably switch to C++ and make some even more significant changes to the regexp engine to get some additional speed. There's probably additional unused stuff that I haven't deleted yet. This does mean that our PCRE is now a fork, but I think that's not really a big deal. * JavaScriptCore.exp: Remove the 5 old entry points and add the 3 new entry points for WebCore's direct use of the regular expression engine. * kjs/config.h: Remove the USE(PCRE16) define. I decided to flip its sense and now there's a USE(POSIX_REGEX) instead, which should probably not be set by anyone. Maybe later we'll just get rid of it altogether. * kjs/regexp.h: * kjs/regexp.cpp: (KJS::RegExp::RegExp): Switch to new jsRegExp function names and defines. Cut down on the number of functions used. (KJS::RegExp::~RegExp): Ditto. (KJS::RegExp::match): Ditto. * pcre/dftables.c: (main): Get rid of ctype_letter and ctype_meta, which are unused. * pcre/pcre-config.h: Get rid of EBCIDIC, PCRE_DATA_SCOPE, const, size_t, HAVE_STRERROR, HAVE_MEMMOVE, HAVE_BCOPY, NEWLINE, POSIX_MALLOC_THRESHOLD, NO_RECURSE, SUPPORT_UCP, SUPPORT_UTF8, and JAVASCRIPT. These are all no longer configurable in our copy of the library. * pcre/pcre.h: Remove the macro-based kjs prefix hack, the PCRE version macros, PCRE_UTF16, the code to set up PCRE_DATA_SCOPE, the include of <stdlib.h>, and most of the constants and functions defined in this header. Changed the naming scheme to use a JSRegExp prefix rather than a pcre prefix. In the future, we'll probably change this to be a C++ header. * pcre/pcre_compile.c: Removed all unused code branches, including many whole functions and various byte codes. Kept changes outside of removal to a minimum. (check_escape): (first_significant_code): (find_fixedlength): (find_recurse): (could_be_empty_branch): (compile_branch): (compile_regex): (is_anchored): (is_startline): (find_firstassertedchar): (jsRegExpCompile): Renamed from pcre_compile2 and changed the parameters around a bit. (jsRegExpFree): Added. * pcre/pcre_exec.c: Removed many unused opcodes and variables. Also started tearing down the NO_RECURSE mechanism since it's now the default. In some cases there were things in the explicit frame that could be turned into plain old local variables and other small like optimizations. (pchars): (match_ref): (match): Changed parameters quite a bit since it's now not used recursively. (jsRegExpExecute): Renamed from pcre_exec. * pcre/pcre_internal.h: Get rid of PCRE_DEFINITION, PCRE_SPTR, PCRE_IMS, PCRE_ICHANGED, PCRE_NOPARTIAL, PCRE_STUDY_MAPPED, PUBLIC_OPTIONS, PUBLIC_EXEC_OPTIONS, PUBLIC_DFA_EXEC_OPTIONS, PUBLIC_STUDY_OPTIONS, MAGIC_NUMBER, 16 of the opcodes, _pcre_utt, _pcre_utt_size, _pcre_try_flipped, _pcre_ucp_findprop, and _pcre_valid_utf8. Also moved pcre_malloc and pcre_free here. * pcre/pcre_maketables.c: Changed to only compile in dftables. Also got rid of many of the tables that we don't use. * pcre/pcre_tables.c: Removed the unused Unicode property tables. * pcre/pcre_ucp_searchfuncs.c: Removed everything except for _pcre_ucp_othercase. * pcre/pcre_xclass.c: (_pcre_xclass): Removed uneeded support for classes based on Unicode properties. * wtf/FastMallocPCRE.cpp: Removed unused bits. It would be good to eliminate this completely, but we need the regular expression code to be C++ first. * pcre/pcre_fullinfo.c: * pcre/pcre_get.c: * pcre/ucp.h: Files that are no longer needed. I didn't remove them with this check-in, because I didn't want to modify all the project files. WebCore: Reviewed by Maciej. - WebCore part of http://bugs.webkit.org/show_bug.cgi?id=15821 remove unused PCRE features for speed * page/Frame.cpp: (WebCore::Frame::matchLabelsAgainstElement): * page/mac/FrameMac.mm: (WebCore::Frame::matchLabelsAgainstElement): Remove use of "[[:digit:]]" syntax. This hasn't worked for some time. Use "\d" instead. * platform/RegularExpression.h: Remove the unused cap function. We can add it back later if we find we need it. * platform/RegularExpression.cpp: (WebCore::RegularExpression::Private::compile): Update for JavaScriptCore regular expression entry point changes. (WebCore::RegularExpression::Private::~Private): Ditto. (WebCore::RegularExpression::match): Remove the code to set PCRE_NOTBOL. This means that regular expressions with metacharactesr like ^ in them won't work any more with non-whole-string searches, but we don't use any regular expressions like that. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27419 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 01 Nov, 2007 1 commit
-
-
ggaren authored
Reviewed by Maciej Stachowiak. In preparation for making List a simple stack-allocated Vector: Removed all instances of List copying and/or assignment, and made List inherit from Noncopyable. Functions that used to return a List by copy now take List& out parameters. Layout tests and JS tests pass. * kjs/list.cpp: (KJS::List::slice): Replaced copyTail with a more generic slice alternative. (JavaScriptCore only calls slice(1), but WebCore calls slice(2)). WebCore: Reviewed by Maciej Stachowiak. In preparation for making List a simple stack-allocated Vector: Removed all instances of List copying, assignment, and/or storage. Layout tests and JS tests pass. * bindings/js/kjs_window.cpp: (KJS::WindowFunc::callAsFunction): Stores a Vector of protected JSValue*'s instead of a List now. Converts to List on the fly when calling the timer function. This is slightly less efficient, but the common case is 0-2 arguments, so it's no biggie. (HTML iBench shows no regression. PLT does not use JS timers.) (KJS::ScheduledAction::execute): Uses the more efficient and non-copying List::slice now. (KJS::ScheduledAction::ScheduledAction): ditto * bindings/objc/WebScriptObject.mm: (getListFromNSArray): Takes a List out parameter now, to avoid copying. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27373 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 29 Oct, 2007 1 commit
-
-
eseidel authored
Build fix only, no review. * JavaScriptCore.exp: Export symbol for new StringInstance::getOwnPropertySlot git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27220 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 25 Oct, 2007 2 commits
-
-
mjs authored
- fold together toPrimitive() and toNumber() conversions for 0.5% gain on SunSpider * kjs/nodes.cpp: (KJS::SubNode::evaluate): Subtract directly, since toPrimitive() is not adding any value over toNumber() here. (KJS::valueForReadModifyAssignment): Ditto. (KJS::lessThan): Use new getPrimitiveNumber() method to avoid some virtual calls and branches. (KJS::lessThanEq): Ditto. * JavaScriptCore.exp: Export new functions as needed. * kjs/value.h: (KJS::JSValue::toPrimitive): Fixed formatting. (KJS::JSValue::getPrimitiveNumber): New method - this simultaneously converts to number and tells you whether a toPrimitive() conversion with a Number hint would have given a string. * kjs/internal.cpp: (KJS::StringImp::getPrimitiveNumber): Implemented. (KJS::NumberImp::getPrimitiveNumber): ditto (KJS::GetterSetterImp::getPrimitiveNumber): ditto (KJS::StringImp::toPrimitive): Fixed formatting. (KJS::NumberImp::toPrimitive): ditto (KJS::GetterSetterImp::toPrimitive): ditto * kjs/internal.h: * kjs/object.cpp: (KJS::JSObject::getPrimitiveNumber): Implemented. * kjs/object.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27086 268f45cc-cd09-0410-ab3c-d52691b4dbfc -
eseidel authored
Reviewed by Maciej. Add a JSGlobalObject class and remove the InterpreterMap http://bugs.webkit.org/show_bug.cgi?id=15681 This required making JSCallbackObject a template class to allow for JSGlobalObjects with JSCallbackObject functionality. SunSpider claims this was a 0.5% speedup. * API/JSCallbackObject.cpp: (KJS::): * API/JSCallbackObject.h: * API/JSCallbackObjectFunctions.h: Copied from API/JSCallbackObject.cpp. (KJS::::JSCallbackObject): (KJS::::init): (KJS::::~JSCallbackObject): (KJS::::initializeIfNeeded): (KJS::::className): (KJS::::getOwnPropertySlot): (KJS::::put): (KJS::::deleteProperty): (KJS::::implementsConstruct): (KJS::::construct): (KJS::::implementsHasInstance): (KJS::::hasInstance): (KJS::::implementsCall): (KJS::::callAsFunction): (KJS::::getPropertyNames): (KJS::::toNumber): (KJS::::toString): (KJS::::setPrivate): (KJS::::getPrivate): (KJS::::inherits): (KJS::::cachedValueGetter): (KJS::::staticValueGetter): (KJS::::staticFunctionGetter): (KJS::::callbackGetter): * API/JSClassRef.cpp: (OpaqueJSClass::prototype): * API/JSContextRef.cpp: (JSGlobalContextCreate): * API/JSObjectRef.cpp: (JSObjectMake): (JSObjectGetPrivate): (JSObjectSetPrivate): * API/JSValueRef.cpp: (JSValueIsObjectOfClass): * JavaScriptCore.exp: * JavaScriptCore.xcodeproj/project.pbxproj: * bindings/c/c_utility.cpp: (KJS::Bindings::convertValueToNPVariant): * bindings/jni/jni_jsobject.cpp: * bindings/objc/objc_utility.mm: (KJS::Bindings::convertValueToObjcValue): * kjs/Context.cpp: (KJS::Context::Context): * kjs/ExecState.cpp: (KJS::ExecState::lexicalInterpreter): * kjs/JSGlobalObject.h: Added. (KJS::JSGlobalObject::JSGlobalObject): (KJS::JSGlobalObject::isGlobalObject): (KJS::JSGlobalObject::interpreter): (KJS::JSGlobalObject::setInterpreter): * kjs/array_instance.cpp: * kjs/context.h: * kjs/function.cpp: (KJS::FunctionImp::callAsFunction): (KJS::GlobalFuncImp::callAsFunction): * kjs/interpreter.cpp: (KJS::Interpreter::Interpreter): (KJS::Interpreter::init): (KJS::Interpreter::~Interpreter): (KJS::Interpreter::globalObject): (KJS::Interpreter::initGlobalObject): (KJS::Interpreter::evaluate): * kjs/interpreter.h: * kjs/lookup.h: (KJS::cacheGlobalObject): * kjs/object.h: (KJS::JSObject::isGlobalObject): * kjs/testkjs.cpp: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@27022 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 24 Oct, 2007 1 commit
-
-
ggaren authored
Inlined the fast path for creating an Identifier from an Identifier. This is a .4% speedup on SunSpider overall, but as big as a 2.5% speedup on certain individual tests. 65% of the Identifiers creating by SunSpider are already Identifiers. (The main reason I'm making this change is that it resolves a large regression in a patch I haven't checked in yet.) * JavaScriptCore.exp: * kjs/identifier.cpp: (KJS::Identifier::addSlowCase): * kjs/identifier.h: (KJS::Identifier::Identifier::add): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@26994 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 23 Oct, 2007 1 commit
-
-
darin authored
- fix http://bugs.webkit.org/show_bug.cgi?id=15636 some JavaScriptCore regression tests are failing due to numeric conversion This should restore correctness and make speed better too, restoring some of the optimization we lost in my last check-in. * kjs/JSImmediate.h: (KJS::JSImmediate::getTruncatedInt32): Added. Uses the range checking idiom I used in my patch yesterday. (KJS::JSImmediate::getTruncatedUInt32): Ditto. * kjs/internal.h: Removed getInt32 and added getTruncatedInt/UInt32. * kjs/internal.cpp: (KJS::NumberImp::getUInt32): Changed to always use double, since I can't find a way to write this more efficiently for float. (KJS::NumberImp::getTruncatedInt32): Added. (KJS::NumberImp::getTruncatedUInt32): Added. * kjs/value.h: Removed getInt32 and added getTruncatedInt/UInt32. (KJS::JSValue::getUInt32): (KJS::JSValue::getTruncatedInt32): Added. (KJS::JSValue::getTruncatedUInt32): Added. (KJS::JSValue::toInt32): Changed getInt32 call to getTruncatedInt32. (KJS::JSValue::toUInt32): Changed getUInt32 call to getTruncatedUInt32. * kjs/value.cpp: (KJS::JSCell::getTruncatedInt32): Added. (KJS::JSCell::getTruncatedUInt32): Added. (KJS::JSValue::toInteger): Changed getUInt32 call to getTruncatedInt32. (KJS::JSValue::toInt32SlowCase): Removed extra getInt32 call I accidentally had left in here. (KJS::JSValue::toUInt32SlowCase): Ditto. (KJS::JSValue::toUInt16): Changed getUInt32 call to getTruncatedUInt32. * JavaScriptCore.exp: Updated. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@26912 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 22 Oct, 2007 1 commit
-
-
darin authored
- http://bugs.webkit.org/show_bug.cgi?id=15617 improve speed of integer conversions Makes SunSpider 6% faster. * kjs/JSImmediate.h: Added toInt32 and toUInt32, with separate versions for 32-bit and 64-bit. * kjs/value.h: (KJS::JSValue::getUInt32): Call JSImmediate::toUInt32. * kjs/internal.h: Added getInt32. * kjs/internal.cpp: (KJS::NumberImp::getInt32): Added. (KJS::NumberImp::getUInt32): Replaced with more-optimal implementation stolen from JSValue. * kjs/value.h: (KJS::jsNumber): Marked ALWAYS_INLINE, because this wasn't getting inlined. (KJS::JSValue::getInt32): Added. (KJS::JSValue::getUInt32): Changed to call the new JSImmediate::toUInt32 to avoid converting from float to double. (KJS::JSValue::toInt32): Made inline, separated out the slow case. (KJS::JSValue::toUInt32): Ditto. * kjs/value.cpp: (KJS::JSCell::getInt32): Added. (KJS::JSValue::toInt32SlowCase): Renamed from toInt32. Changed to use the new getInt32. Added a faster case for in-range numbers. (KJS::JSValue::toUInt32SlowCase): Ditto. (KJS::JSValue::toUInt16): Added a faster case for in-range numbers. * JavaScriptCore.exp: Updated for changes. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@26892 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 05 Oct, 2007 1 commit
-
-
ggaren authored
Reviewed by Sam Weinig. Added JSObject::removeDirect, to support the fix for <rdar://problem/5522487> REGRESSION: With JavaScript disabled, any page load causes a crash in PropertyMap::put * kjs/object.cpp: (KJS::JSObject::removeDirect): * kjs/object.h: WebCore: Reviewed by Sam Weinig. New fix for <rdar://problem/5522487> REGRESSION: With JavaScript disabled, any page load causes a crash in PropertyMap::put Explicitly remove the "document" property from the window. The old solution would leave a stale "document" property around after JavaScript was re-enabled. The architecture for disabling JavaScript could use some consolidation. It seems wrong that a script proxy even exists when JavaScript is disabled. It also seems wrong that so many individual call sites are responsible for checking whether JavaScript is enabled. I've filed a bug about this: http://bugs.webkit.org/show_bug.cgi?id=15385. * bindings/js/kjs_proxy.cpp: (WebCore::KJSProxy::clearDocumentWrapper): * bindings/js/kjs_proxy.h: * page/Frame.cpp: (WebCore::Frame::setDocument): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@26074 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 15 Sep, 2007 1 commit
-
-
darin authored
* JavaScriptCore.exp: Export WTFLogVerbose. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@25584 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 03 Aug, 2007 1 commit
-
-
bdash authored
Reviewed by Geoff Garen. <rdar://problem/4212199> 'leaks' reports false leaks in WebKit (because the WTF allocator uses mmap?) Implement malloc zone introspection routines to allow leaks, heap, and friends to request information about specific memory regions that were allocated by FastMalloc or the JavaScriptCore collector. This requires tool-side support before the regions will be displayed. The addition of that support is tracked by <rdar://problems/5353057&5353060>. * JavaScriptCore.exp: Export the two variables that are used by leaks to introspect the allocators. * JavaScriptCore.xcodeproj/project.pbxproj: * kjs/AllInOneFile.cpp: * kjs/CollectorZone.cpp: Added. (KJS::): (KJS::CollectorZone::registerZone): (KJS::CollectorZone::CollectorZone): Create and register our zone with the system. (KJS::CollectorZone::zoneEnumerator): Iterate over the CollectorBlocks that are in use and report them to the caller as being used. * kjs/CollectorZone.h: Added. (KJS::CollectorZone::zoneObjectSize): Return zero to indicate the specified pointer does not belong to this zone. * kjs/collector.cpp: (KJS::Collector::registerThread): Register the CollectorZone with the system when the first thread is registered with the collector. * wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::GetDescriptorEnsureSafe): (WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Enumerate the objects on the free list. (WTF::TCMalloc_ThreadCache::enumerateFreeObjects): Ditto. (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto. (WTF::TCMalloc_ThreadCache::InitModule): Register the FastMallocZone with the system when initializing TCMalloc. (WTF::FreeObjectFinder::FreeObjectFinder): (WTF::FreeObjectFinder::visit): Add an object to the free list. (WTF::FreeObjectFinder::isFreeObject): (WTF::FreeObjectFinder::freeObjectCount): (WTF::FreeObjectFinder::findFreeObjects): Find the free objects within a thread cache or free list. (WTF::PageMapFreeObjectFinder::PageMapFreeObjectFinder): Find the free objects within a TC_PageMap. (WTF::PageMapFreeObjectFinder::visit): Called once per allocated span. Record whether the span or any subobjects are free. (WTF::PageMapMemoryUsageRecorder::PageMapMemoryUsageRecorder): (WTF::PageMapMemoryUsageRecorder::visit): Called once per allocated span. Report the range of memory as being allocated, and the span or it's subobjects as being used if they do not appear on the free list. (WTF::FastMallocZone::zoneEnumerator): Map the key remote TCMalloc data structures into our address space. We then locate all free memory ranges before reporting the other ranges as being in use. (WTF::FastMallocZone::zoneObjectSize): Determine whether the given pointer originates from within our allocation zone. If so, we return its allocation size. (WTF::FastMallocZone::zoneMalloc): (WTF::FastMallocZone::zoneCalloc): (WTF::FastMallocZone::zoneFree): (WTF::FastMallocZone::zoneRealloc): (WTF::): (WTF::FastMallocZone::FastMallocZone): Create and register our zone with the system. (WTF::FastMallocZone::registerZone): * wtf/MallocZoneSupport.h: Added. (WTF::RemoteMemoryReader::RemoteMemoryReader): A helper class to ease the process of mapping memory in a different process into our local address space (WTF::RemoteMemoryReader::operator()): * wtf/TCPageMap.h: (TCMalloc_PageMap2::visit): Walk over the heap and visit each allocated span. (TCMalloc_PageMap3::visit): Ditto. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@24843 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 25 Jul, 2007 1 commit
-
-
mjs authored
Reviewed by Darin. - JavaScriptCore part of fix for <rdar://problem/5300291> Optimize GC to reclaim big, temporary objects (like XMLHttpRequest.responseXML) quickly Also, as a side effect of optimizations included in this patch: - 7% speedup on JavaScript iBench - 4% speedup on "Celtic Kane" JS benchmark The basic idea is explained in a big comment in collector.cpp. When unusually large objecs are allocated, we push the next GC closer on the assumption that most objects are short-lived. I also did the following two optimizations in the course of tuning this not to be a performance regression: 1) Change UString::Rep to hold a self-pointer as the baseString in the unshared case, instead of a null pointer; this removes a number of null checks in hot code because many places already wanted to use the rep itself or the baseString as appropriate. 2) Avoid creating duplicate StringImpls when creating a StringInstance (the object wrapper for a JS string) or calling their methods. Since a temporary wrapper object is made every time a string method is called, this resulted in two useless extra StringImpls being allocated for no reason whenever a String method was invoked on a string value. Now we bypass those. * kjs/collector.cpp: (KJS::): (KJS::Collector::recordExtraCost): Basics of the extra cost mechanism. (KJS::Collector::allocate): ditto (KJS::Collector::collect): ditto * kjs/collector.h: (KJS::Collector::reportExtraMemoryCost): ditto * kjs/array_object.cpp: (ArrayInstance::ArrayInstance): record extra cost * kjs/internal.cpp: (KJS::StringImp::toObject): don't create a whole new StringImpl just to be the internal value of a StringInstance! StringImpls are immutable so there's no point tot his. * kjs/internal.h: (KJS::StringImp::StringImp): report extra cost * kjs/string_object.cpp: (KJS::StringInstance::StringInstance): new version that takes a StringImp (KJS::StringProtoFunc::callAsFunction): don't create a whole new StringImpl just to convert self to string! we already have one in the internal value * kjs/string_object.h: report extra cost * kjs/ustring.cpp: All changes to handle baseString being self instead of null in the unshared case. (KJS::): (KJS::UString::Rep::create): (KJS::UString::Rep::destroy): (KJS::UString::usedCapacity): (KJS::UString::usedPreCapacity): (KJS::UString::expandCapacity): (KJS::UString::expandPreCapacity): (KJS::UString::UString): (KJS::UString::append): (KJS::UString::operator=): (KJS::UString::copyForWriting): * kjs/ustring.h: (KJS::UString::Rep::baseIsSelf): new method, now that baseString is self instead of null in the unshared case we can't just null check. (KJS::UString::Rep::data): adjusted as mentioned above (KJS::UString::cost): new method to compute the cost for a UString, for use by StringImpl. * kjs/value.cpp: (KJS::jsString): style fixups. (KJS::jsOwnedString): new method, use this for strings allocated from UStrings held by the parse tree. Tracking their cost as part of string cost is pointless, because garbage collecting them will not actually free the relevant string buffer. * kjs/value.h: prototyped jsOwnedString. * kjs/nodes.cpp: (StringNode::evaluate): use jsOwnedString as appropriate (RegExpNode::evaluate): ditto (PropertyNameNode::evaluate): ditto (ForInNode::execute): ditto * JavaScriptCore.exp: Exported some new symbols. WebCore: Reviewed by Darin. - fixed <rdar://problem/5300291> Optimize GC to reclaim big, temporary objects (like XMLHttpRequest.responseXML) quickly With this plus related JavaScriptCore changes, a number of XMLHttpRequest situations that result in huge data sets are addressed, including a single huge responseXML on an XMR done repeatedly, or accessing responseText repeatedly during loading of a single large XHR. In addition to the GC changes in JavaScriptCore, I changed responseText to be stored as a KJS::UString instead of a WebCore::String so that the JavaScript responseText value can share the buffer (indeed multiple intermediate responseTexts can share its buffer). First of all, here's some manual test cases that will each blow out the process VM without this fix, but will settle into decent steady state with. * manual-tests/memory: Added. * manual-tests/memory/MessageUidsAlreadyDownloaded2: Added. * manual-tests/memory/string-growth.html: Added. * manual-tests/memory/xhr-multiple-requests-responseText.html: Added. * manual-tests/memory/xhr-multiple-requests-responseXML.html: Added. * manual-tests/memory/xhr-multiple-requests.html: Added. * manual-tests/memory/xhr-repeated-string-access.xml: Added. And here's the actual code changes: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSDocumentCustom.cpp: (WebCore::toJS): Record extra cost if the document is frameless (counting the nodes doesn't make a measurable performance difference here in any case I could find) * bindings/js/JSXMLHttpRequest.cpp: (KJS::JSXMLHttpRequest::getValueProperty): Adjust for the fact that ressponseText is now stored as a UString. * bindings/js/kjs_binding.cpp: (KJS::jsOwnedStringOrNull): New helper. * bindings/js/kjs_binding.h: * xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::getResponseText): It's a UString! (WebCore::XMLHttpRequest::getResponseXML): handle the fact that m_responseText is a UString. (WebCore::XMLHttpRequest::XMLHttpRequest): ditto. (WebCore::XMLHttpRequest::abort): call dropProtection (WebCore::XMLHttpRequest::didFinishLoading): call dropProtection (WebCore::XMLHttpRequest::dropProtection): after removing our GC protection, report extra cost of this XHR's responseText buffer. * xml/XMLHttpRequest.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@24633 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 09 Jul, 2007 1 commit
-
-
mjs authored
Reviewed by Oliver. - JavaScriptCore part of fix for: <rdar://problem/5295734> Repro crash closing tab/window @ maps.google.com in WTF::HashSet<KJS::RuntimeObjectImp*, WTF::PtrHash<KJS::RuntimeObjectImp*>, WTF::HashTraits<KJS::RuntimeObjectImp*> >::add + 11 * JavaScriptCore.exp: Added needed export. WebCore: Reviewed by Oliver. <rdar://problem/5295734> Repro crash closing tab/window @ maps.google.com in WTF::HashSet<KJS::RuntimeObjectImp*, WTF::PtrHash<KJS::RuntimeObjectImp*>, WTF::HashTraits<KJS::RuntimeObjectImp*> >::add + 11 Automated test case is not possible. Did not bother with manual test this time. * bindings/js/kjs_dom.cpp: (WebCore::getRuntimeObject): Check that runtime root isn't null, as well as instance; this should cover the case where the plugin is already shut down and onunload time. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@24106 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 29 Jun, 2007 1 commit
-
-
weinig authored
Reviewed by Darin. Second pass at fixing implicit 64-32 bit conversion errors. <rdar://problem/5292262> - Add a toFloat() method to JSValue for float conversion. * JavaScriptCore.exp: * kjs/value.cpp: (KJS::JSValue::toFloat): * kjs/value.h: WebCore: Reviewed by Darin. Second pass at fixing implicit 64-32 bit conversion errors. <rdar://problem/5292262> - Use new JSValue::toFloat() method instead of toNumber() where appropriate. * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::JSCanvasRenderingContext2D::setFillColor): (WebCore::JSCanvasRenderingContext2D::setStrokeColor): (WebCore::JSCanvasRenderingContext2D::strokeRect): (WebCore::JSCanvasRenderingContext2D::drawImage): (WebCore::JSCanvasRenderingContext2D::drawImageFromRect): (WebCore::JSCanvasRenderingContext2D::setShadow): * bindings/js/JSHTMLSelectElementCustom.cpp: (WebCore::JSHTMLSelectElement::remove): * bindings/js/JSSVGMatrixCustom.cpp: (WebCore::JSSVGMatrix::rotateFromVector): * bindings/js/kjs_events.cpp: (KJS::JSClipboardPrototypeFunction::callAsFunction): * bindings/scripts/CodeGeneratorJS.pm: * ksvg2/svg/SVGScriptElement.cpp: (WebCore::SVGScriptElement::executeScript): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@23892 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 13 Jun, 2007 1 commit
-
-
andersca authored
Reviewed by Geoff. Make sure that bindings instances get correct root objects. * JavaScriptCore.exp: * bindings/NP_jsobject.cpp: (listFromVariantArgs): (_NPN_InvokeDefault): (_NPN_Invoke): (_NPN_SetProperty): * bindings/c/c_instance.cpp: (KJS::Bindings::CInstance::invokeMethod): (KJS::Bindings::CInstance::invokeDefaultMethod): * bindings/c/c_runtime.cpp: (KJS::Bindings::CField::valueFromInstance): * bindings/c/c_utility.cpp: (KJS::Bindings::convertNPVariantToValue): * bindings/c/c_utility.h: * bindings/objc/objc_instance.mm: (ObjcInstance::invokeMethod): (ObjcInstance::invokeDefaultMethod): (ObjcInstance::getValueOfUndefinedField): * bindings/objc/objc_runtime.mm: (ObjcField::valueFromInstance): (ObjcArray::valueAt): * bindings/objc/objc_utility.h: * bindings/objc/objc_utility.mm: (KJS::Bindings::convertObjcValueToValue): * bindings/runtime.h: WebCore: Reviewed by Geoff. Pass the root object to methods that end up creating new ObjcInstance objects. * bindings/objc/WebScriptObject.mm: (listFromNSArray): (-[WebScriptObject callWebScriptMethod:withArguments:]): (-[WebScriptObject evaluateWebScript:]): (-[WebScriptObject setValue:forKey:]): (-[WebScriptObject valueForKey:]): (-[WebScriptObject removeWebScriptKey:]): (-[WebScriptObject setWebScriptValueAtIndex:value:]): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@23512 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 30 Mar, 2007 1 commit
-
-
andersca authored
Reviewed by Geoff. Implement _NPN_Enumerate support. * JavaScriptCore.exp: * bindings/NP_jsobject.cpp: (_NPN_Enumerate): * bindings/c/c_instance.cpp: (KJS::Bindings::CInstance::getPropertyNames): * bindings/c/c_instance.h: * bindings/npapi.h: * bindings/npruntime.h: * bindings/npruntime_impl.h: * bindings/runtime.h: (KJS::Bindings::Instance::getPropertyNames): * bindings/runtime_object.cpp: (RuntimeObjectImp::getPropertyNames): * bindings/runtime_object.h: (KJS::RuntimeObjectImp::getInternalInstance): LayoutTests: Reviewed by Geoff. Add enumeration test. * plugins/netscape-enumerate-expected.txt: Added. * plugins/netscape-enumerate.html: Added. WebKit: Reviewed by Geoff. * Plugins/WebNetscapePluginPackage.m: (-[WebNetscapePluginPackage load]): Initialize pushpopupsenabledstate, poppopupsenabledstate and enumerate. * Plugins/npapi.m: (NPN_PushPopupsEnabledState): (NPN_PopPopupsEnabledState): Add stubs for these functions. * Plugins/npfunctions.h: Add new methods to NPNetscapeFuncs. WebKitTools: Reviewed by Geoff. * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj: Add TestObject.c and TestObject.h * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c: (pluginGetProperty): Implement the testObject property. (pluginInvoke): Implement testEnumerate which takes an object and an array and enumerates the properties of the object and adds them to the array. (pluginAllocate): Allocate the test object. (pluginDeallocate): Free the test object. * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.c: Added. * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.h: Added. Add a test object with two enumerable properties. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20613 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 21 Mar, 2007 1 commit
-
-
thatcher authored
<rdar://problem/5076599> JavaScriptCore has a weak export (vtable for KJS::JSCell) * JavaScriptCore.exp: Remove __ZTVN3KJS6JSCellE. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20368 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 18 Mar, 2007 3 commits
-
-
mjs authored
Reviewed by Mark. - avoid static construction (and global variable access) in a smarter, more portable way, to later enable MUTLI_THREAD mode to work on other platforms and compilers. * kjs/CommonIdentifiers.cpp: Added. New class to hold all the shared identifiers. (KJS::CommonIdentifiers::CommonIdentifiers): (KJS::CommonIdentifiers::shared): * kjs/CommonIdentifiers.h: Added. * kjs/ExecState.h: (KJS::ExecState::propertyNames): Hand the CommonIdentifiers instance here for easy access. (KJS::ExecState::ExecState): * API/JSObjectRef.cpp: (JSObjectMakeConstructor): * CMakeLists.txt: * JavaScriptCore.exp: * JavaScriptCore.pri: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * JavaScriptCoreSources.bkl: * bindings/runtime_array.cpp: (RuntimeArray::getOwnPropertySlot): (RuntimeArray::put): * bindings/runtime_method.cpp: (RuntimeMethod::getOwnPropertySlot): * kjs/array_object.cpp: (ArrayInstance::getOwnPropertySlot): (ArrayInstance::put): (ArrayInstance::deleteProperty): (ArrayProtoFunc::ArrayProtoFunc): (ArrayProtoFunc::callAsFunction): (ArrayObjectImp::ArrayObjectImp): * kjs/bool_object.cpp: (BooleanPrototype::BooleanPrototype): (BooleanProtoFunc::BooleanProtoFunc): (BooleanProtoFunc::callAsFunction): (BooleanObjectImp::BooleanObjectImp): * kjs/completion.h: (KJS::Completion::Completion): * kjs/date_object.cpp: (KJS::DateProtoFunc::DateProtoFunc): (KJS::DateObjectImp::DateObjectImp): (KJS::DateObjectFuncImp::DateObjectFuncImp): * kjs/error_object.cpp: (ErrorPrototype::ErrorPrototype): (ErrorProtoFunc::ErrorProtoFunc): (ErrorProtoFunc::callAsFunction): (ErrorObjectImp::ErrorObjectImp): (ErrorObjectImp::construct): (NativeErrorPrototype::NativeErrorPrototype): (NativeErrorImp::NativeErrorImp): (NativeErrorImp::construct): (NativeErrorImp::callAsFunction): * kjs/function.cpp: (KJS::FunctionImp::getOwnPropertySlot): (KJS::FunctionImp::put): (KJS::FunctionImp::deleteProperty): (KJS::FunctionImp::getParameterName): (KJS::DeclaredFunctionImp::construct): (KJS::IndexToNameMap::unMap): (KJS::Arguments::Arguments): (KJS::ActivationImp::getOwnPropertySlot): (KJS::ActivationImp::deleteProperty): (KJS::GlobalFuncImp::GlobalFuncImp): * kjs/function_object.cpp: (FunctionPrototype::FunctionPrototype): (FunctionProtoFunc::FunctionProtoFunc): (FunctionProtoFunc::callAsFunction): (FunctionObjectImp::FunctionObjectImp): (FunctionObjectImp::construct): * kjs/grammar.y: * kjs/identifier.cpp: * kjs/identifier.h: * kjs/interpreter.cpp: (KJS::Interpreter::init): (KJS::Interpreter::initGlobalObject): * kjs/interpreter.h: * kjs/lookup.h: * kjs/math_object.cpp: (MathFuncImp::MathFuncImp): * kjs/nodes.cpp: (ArrayNode::evaluate): (FuncDeclNode::processFuncDecl): (FuncExprNode::evaluate): * kjs/number_object.cpp: (NumberPrototype::NumberPrototype): (NumberProtoFunc::NumberProtoFunc): (NumberObjectImp::NumberObjectImp): * kjs/object.cpp: (KJS::JSObject::put): (KJS::JSObject::defaultValue): (KJS::JSObject::hasInstance): * kjs/object.h: (KJS::JSObject::getOwnPropertySlot): * kjs/object_object.cpp: (ObjectPrototype::ObjectPrototype): (ObjectProtoFunc::ObjectProtoFunc): (ObjectObjectImp::ObjectObjectImp): * kjs/regexp_object.cpp: (RegExpPrototype::RegExpPrototype): (RegExpProtoFunc::RegExpProtoFunc): (RegExpObjectImp::RegExpObjectImp): * kjs/string_object.cpp: (KJS::StringInstance::getOwnPropertySlot): (KJS::StringInstance::put): (KJS::StringInstance::deleteProperty): (KJS::StringPrototype::StringPrototype): (KJS::StringProtoFunc::StringProtoFunc): (KJS::StringProtoFunc::callAsFunction): (KJS::StringObjectImp::StringObjectImp): (KJS::StringObjectFuncImp::StringObjectFuncImp): * kjs/testkjs.cpp: (TestFunctionImp::TestFunctionImp): WebCore: Reviewed by Mark. - avoid static construction (and global variable access) in a smarter, more portable way, to later enable MUTLI_THREAD mode to work on other platforms and compilers. * bindings/js/JSCustomXPathNSResolver.cpp: (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI): * bindings/js/JSHTMLInputElementBase.cpp: (WebCore::JSHTMLInputElementBaseFunction::JSHTMLInputElementBaseFunction): * bindings/js/JSHTMLOptionElementConstructor.cpp: (WebCore::JSHTMLOptionElementConstructor::JSHTMLOptionElementConstructor): * bindings/js/JSXMLHttpRequest.cpp: (KJS::JSXMLHttpRequestConstructorImp::JSXMLHttpRequestConstructorImp): * bindings/js/JSXSLTProcessor.cpp: (KJS::XSLTProcessorConstructorImp::XSLTProcessorConstructorImp): * bindings/js/kjs_dom.cpp: (KJS::DOMNamedNodeMap::getOwnPropertySlot): (KJS::DOMNamedNodesCollection::getOwnPropertySlot): * bindings/js/kjs_events.cpp: (KJS::JSAbstractEventListener::handleEvent): * bindings/js/kjs_html.cpp: (KJS::HTMLElementFunction::HTMLElementFunction): (KJS::JSHTMLCollection::getOwnPropertySlot): * bindings/js/kjs_window.cpp: (KJS::ScheduledAction::execute): * bindings/objc/WebScriptObject.mm: * bindings/scripts/CodeGeneratorJS.pm: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20310 268f45cc-cd09-0410-ab3c-d52691b4dbfc -
ggaren authored
Reviewed by Oliver Hunt. Exposed some extra toUInt32 functionality, as part of the fix for REGRESSION: Incomplete document.all implementation breaks abtelectronics.com (Style Change Through JavaScript Blanks Content) * JavaScriptCore.exp: * kjs/identifier.h: (KJS::Identifier::toUInt32): LayoutTests: Reviewed by Oliver Hunt. Layout test for http://bugs.webkit.org/show_bug.cgi?id=13106 REGRESSION: Incomplete document.all implementation breaks abtelectronics.com (Style Change Through JavaScript Blanks Content) * fast/dom/collection-null-like-arguments-expected.txt: Added. * fast/dom/collection-null-like-arguments.html: Added. WebCore: Reviewed by Oliver Hunt. Fixed http://bugs.webkit.org/show_bug.cgi?id=13106 REGRESSION: Incomplete document.all implementation breaks abtelectronics.com (Style Change Through JavaScript Blanks Content) When indexing into collections, treat the empty string as an invalid argument, instead of the number 0. * bindings/js/kjs_html.cpp: (KJS::JSHTMLCollection::getOwnPropertySlot): (KJS::JSHTMLCollection::callAsFunction): (KJS::JSHTMLCollectionPrototypeFunction::callAsFunction): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20295 268f45cc-cd09-0410-ab3c-d52691b4dbfc -
ggaren authored
* JavaScriptCore.exp: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20293 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 12 Mar, 2007 1 commit
-
-
ggaren authored
Reviewed by Oliver Hunt. Fixed <rdar://problem/4681051> Installer crashes in KJS::Collector:: markOtherThreadConservatively(KJS::Collector::Thread*) trying to install iLife 06 using Rosetta on an Intel Machine The problem was that our thread-specific data destructor would modify the list of active JavaScript threads without holding the JSLock, corrupting the list. Corruption was especially likely if one JavaScript thread exited while another was starting up. * JavaScriptCore.exp: * kjs/JSLock.cpp: Don't conflate locking the JSLock with registering a thread, since the thread-specific data destructor needs to lock without registering a thread. Instead, treat thread registration as a part of the convenience of the JSLock object, and whittle down JSLock::lock() to just the bits that actually do the locking. (KJS::JSLock::lock): (KJS::JSLock::registerThread): * kjs/JSLock.h: Updated comments to mention the new behavior above, and other recent changes. (KJS::JSLock::JSLock): * kjs/collector.cpp: (KJS::destroyRegisteredThread): Lock here. (KJS::Collector::registerThread): To match, assert that we're locked here. JavaScriptGlue: Reviewed by Oliver Hunt. Updated in light of fix for <rdar://problem/4681051> Installer crashes in KJS::Collector::markOtherThreadConservatively(KJS::Collector::Thread*) trying to install iLife 06 using Rosetta on an Intel Machine * JavaScriptGlue.cpp: (JSLockInterpreter): Ensure backwards compatibility by calling registerThread() when explicitly taking the JSLock. (This doesn't happen automatically anymore.) I doubt this actally matters, but in JavaScriptGlue territory, that kind of thinking will get you killed. WebKitTools: Reviewed by Oliver Hunt. Beefed up --threaded mode in light of <rdar://problem/4681051> Installer crashes in KJS::Collector::markOtherThreadConservatively(KJS::Collector::Thread*) trying to install iLife 06 using Rosetta on an Intel Machine --threaded mode now runs a bunch of different JavaScript threads, randomly killing and respawning them. This was sufficient for reproducing the bug on my MacBook Pro. * DumpRenderTree/DumpRenderTree.m: (javaScriptThreads): (runJavaScriptThread): (startJavaScriptThreads): (stopJavaScriptThreads): (dumpRenderTree): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20115 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 06 Mar, 2007 1 commit
-
-
ggaren authored
Reviewed by Maciej Stachowiak. Fixed all known crashers exposed by run-webkit-tests --threaded. This covers: <rdar://problem/4565394> | http://bugs.webkit.org/show_bug.cgi?id=12585 PAC file: after closing a window that contains macworld.com, new window crashes (KJS::PropertyMap::mark()) (12585) <rdar://problem/4571215> | http://bugs.webkit.org/show_bug.cgi?id=9211 PAC file: Crash occurs when clicking on the navigation tabs at http://www.businessweek.com/ (9211) <rdar://problem/4557926> PAC file: Crash occurs when attempting to view image in slideshow mode at http://d.smugmug.com/gallery/581716 ( KJS::IfNode::execute (KJS:: ExecState*) + 312) if you use a PAC file (1) Added some missing JSLocks, along with related ASSERTs. (2) Fully implemented support for objects that can only be garbage collected on the main thread. So far, only WebCore uses this. We can add it to API later if we learn that it's needed. The implementation uses a "main thread only" flag inside each object. When collecting on a secondary thread, the Collector does an extra pass through the heap to mark all flagged objects before sweeping. This solution makes the common case -- flag lots of objects, but never collect on a secondary thread -- very fast, even though the uncommon case of garbage collecting on a secondary thread isn't as fast as it could be. I left some notes about how to speed it up, if we ever care. For posterity, here are some things I learned about GC while investigating: * Each collect must either mark or delete every heap object. "Zombie" objects, which are neither marked nor deleted, raise these issues: * On the next pass, the conservative marking algorithm might mark a zombie, causing it to mark freed objects. * The client might try to use a zombie, which would seem live because its finalizer had not yet run. * A collect on the main thread is free to delete any object. Presumably, objects allocated on secondary threads have thread-safe finalizers. * A collect on a secondary thread must not delete thread-unsafe objects. * The mark function must be thread-safe. Line by line comments: * API/JSObjectRef.h: Added comment specifying that the finalize callback may run on any thread. * JavaScriptCore.exp: Nothing to see here. * bindings/npruntime.cpp: (_NPN_GetStringIdentifier): Added JSLock. * bindings/objc/objc_instance.h: * bindings/objc/objc_instance.mm: (ObjcInstance::~ObjcInstance): Use an autorelease pool. The other callers to CFRelease needed one, too, but they were dead code, so I removed them instead. (This fixes a leak seen while running run-webkit-tests --threaded, although I don't think it's specifically a threading issue.) * kjs/collector.cpp: (KJS::Collector::collectOnMainThreadOnly): New function. Tells the collector to collect a value only if it's collecting on the main thread. (KJS::Collector::markMainThreadOnlyObjects): New function. Scans the heap for "main thread only" objects and marks them. * kjs/date_object.cpp: (KJS::DateObjectImp::DateObjectImp): To make the new ASSERTs happy, allocate our globals on the heap, avoiding a seemingly unsafe destructor call at program exit time. * kjs/function_object.cpp: (FunctionPrototype::FunctionPrototype): ditto * kjs/interpreter.cpp: (KJS::Interpreter::mark): Removed boolean parameter, which was an incomplete and arguably hackish way to implement markMainThreadOnlyObjects() inside WebCore. * kjs/interpreter.h: * kjs/identifier.cpp: (KJS::identifierTable): Added some ASSERTs to check for thread safety problems. * kjs/list.cpp: Added some ASSERTs to check for thread safety problems. (KJS::allocateListImp): (KJS::List::release): (KJS::List::append): (KJS::List::empty): Make the new ASSERTs happy. * kjs/object.h: (KJS::JSObject::JSObject): "m_destructorIsThreadSafe" => "m_collectOnMainThreadOnly". I removed the constructor parameter because m_collectOnMainThreadOnly, like m_marked, is a Collector bit, so only the Collector should set or get it. * kjs/object_object.cpp: (ObjectPrototype::ObjectPrototype): Make the ASSERTs happy. * kjs/regexp_object.cpp: (RegExpPrototype::RegExpPrototype): ditto * kjs/ustring.cpp: Added some ASSERTs to check for thread safety problems. (KJS::UCharReference::ref): (KJS::UString::Rep::createCopying): (KJS::UString::Rep::create): (KJS::UString::Rep::destroy): (KJS::UString::null): Make the new ASSERTs happy. * kjs/ustring.h: (KJS::UString::Rep::ref): Added some ASSERTs to check for thread safety problems. (KJS::UString::Rep::deref): * kjs/value.h: (KJS::JSCell::JSCell): JavaScriptGlue: Reviewed by Maciej Stachowiak. Fixed all known crashers exposed by run-webkit-tests --threaded while using a PAC file (for maximum carnage). See JavaScriptCore ChangeLog for more details. * JSBase.cpp: (JSBase::Release): Lock when deleting, because we may be deleting an object (like a JSRun) that holds thread-unsafe data. * JSUtils.cpp: (CFStringToUString): Don't lock, because our caller locks. Also, locking inside a function that returns thread-unsafe data by copy will only mask threading problems. * JavaScriptGlue.cpp: (JSRunEvaluate): Added missing JSLock. (JSRunCheckSyntax): Converted to JSLock. * JavaScriptGlue.xcodeproj/project.pbxproj: WebCore: Reviewed by Maciej Stachowiak. Fixed all known crashers exposed by run-webkit-tests --threaded [*]. See JavaScriptCore ChangeLog for more details. * bindings/js/kjs_binding.cpp: (KJS::domNodesPerDocument): Added thread safety ASSERT. (KJS::ScriptInterpreter::mark): Removed obsolete logic for marking unsafe objects when collecting on a secondary thread. The Collector takes care of this now. * bindings/js/kjs_binding.h: (KJS::DOMObject::DOMObject): Used new API for specifying that WebCore objects should be garbage collected on the main thread only. * bindings/js/kjs_window.cpp: (KJS::ScheduledAction::execute): Moved JSLock to cover implementedsCall() call, which, for some subclasses, ends up allocating garbage collected objects. (This fix was speculative. I didn't actually see a crash from this.) (KJS::Window::timerFired): Added JSLock around ScheduleAction destruction, since it destroys a KJS::List. * bindings/objc/WebScriptObject.mm: (-[WebScriptObject setException:]): Added JSLock. (This fix was speculative. I didn't actually see a crash from this.) * bridge/mac/WebCoreScriptDebugger.mm: (-[WebCoreScriptCallFrame evaluateWebScript:]): Added JSLock. (This fix was speculative. I didn't actually see a crash from this.) * dom/Document.cpp: (WebCore::Document::~Document): Added JSLock around modification to domNodesPerDocument(), which can be accessed concurrently during garbage collection. * dom/Node.cpp: (WebCore::Node::setDocument): ditto. [*] fast/js/toString-stack-overflow.html is an exception. --threaded mode crashes this test because it causes the garbage collector to run frequently, and this test crashes if you happen to garbage collect while it's running. This is a known issue with stack overflow during the mark phase. It's not related to threading. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20004 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 27 Feb, 2007 1 commit
-
-
ggaren authored
Reviewed by Maciej Stachowiak. Fixed http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306> JS objects not collected after closing window @ ebay.com/maps.google.com Don't GC in the Interpreter destructor. For that to work, the Interpreter would have to NULL out all of its ProtectedPtrs before calling collect(). But we've decided that we don't want things to work that way, anyway. We want the client to be in charge of manual GC so that it can optimize cases when it will be destroying many interpreters at once (e.g., http://bugs.webkit.org/show_bug.cgi?id=12900). Also removed Interpreter::collect() because it was redundant with Collector::collect(). * JavaScriptCore.exp: * kjs/interpreter.cpp: (KJS::Interpreter::~Interpreter): * kjs/testkjs.cpp: (TestFunctionImp::callAsFunction): LayoutTests: Reviewed by Maciej Stachowiak. Test for http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306> JS objects not collected after closing window @ ebay.com/maps.google.com * fast/leaks/003-expected.txt: Added. * fast/leaks/003.html: Added. * fast/dom/gc-10.html: Bumped the wiggle room threshold on this test by 2 because it's failing on my machine with the patch applied but, according to the test notes, we're still well within the margin of error. WebCore: Reviewed by Maciej Stachowiak. Fixed http://bugs.webkit.org/show_bug.cgi?id=12659 | <rdar://problem/4954306> JS objects not collected after closing window @ ebay.com/maps.google.com Garbage collect in the KJSProxy destructor, after clearing our reference to the interpreter, because that's when the interpreter has torn down fully. (Technically speaking, we can't *prove* that we have the only reference to our interpreter, but that's how it works in practice, and manual garbage collection is just an opportunistic optimization, so it's OK for it to work in practice even if it can't be proven in theory.) Layout tests pass. No leaks reported. * bindings/js/kjs_proxy.cpp: (WebCore::KJSProxy::~KJSProxy): * bindings/js/kjs_proxy.h: * page/Page.cpp: (WebCore::Page::~Page): Merged pageDestroyed() calls. Moved debug-only code to the bottom. * page/Frame.cpp: (WebCore::Frame::~Frame): Don't call getObject() because globalObject() returns a JSObject* already, and the call can leave a pointer to the Window object on the stack. Don't check for NULL because it is an invariant of JavaScriptCore that no JSObject* can be NULL. Do use a volatile pointer for w because the 'w = 0' assignment just screams to the compiler, "Don't generate any code for me!" git-svn-id: http://svn.webkit.org/repository/webkit/trunk@19894 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 09 Feb, 2007 1 commit
-
-
andersca authored
Reviewed by Geoff. <rdar://problem/4930614> Safari complains about "Slow Script" if GMail is left open and machine is busy <rdar://problem/4649516> Turn off slow script dialog or crank up time that makes it come up <rdar://problem/4963589> Slow script warning is displayed after closing of PROMPT or PRINT dialog Re-do the way script timeouts are handled. No longer use a unix timer that sends signals. Instead, add a tick count and increment it in loop bodies. If the tick count reaches a threshold, do a timeout check. If the total time executing is higher than the timeout value, (possibly) interrupt the script. The timeout checker also adjusts the threshold dynamically to prevent doing the timeout check too often. * JavaScriptCore.exp: Remove pause and resume calls. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Add winmm.lib. * kjs/interpreter.cpp: (KJS::Interpreter::init): (KJS::Interpreter::~Interpreter): (KJS::Interpreter::startTimeoutCheck): (KJS::Interpreter::stopTimeoutCheck): (KJS::Interpreter::resetTimeoutCheck): (KJS::getCurrentTime): (KJS::Interpreter::checkTimeout): * kjs/interpreter.h: (KJS::Interpreter::timedOut): * kjs/nodes.cpp: (DoWhileNode::execute): (WhileNode::execute): (ForNode::execute): WebCore: Reviewed by Geoff. No need to pause timeout checks anymore. * bindings/js/kjs_window.cpp: (KJS::WindowFunc::callAsFunction): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@19534 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 26 Jan, 2007 1 commit
-
-
ggaren authored
Reviewed by Maciej Stachowiak. Fixed <rdar://problem/4608404> WebScriptObject's _rootObject lack of ownership policy causes crashes (e.g., in Dashcode) The old model for RootObject ownership was either to (1) leak them or (2) assign them to a single owner -- the WebCore::Frame -- which would destroy them when it believed that all of its plug-ins had unloaded. This model was broken because of (1) and also because plug-ins are not the only RootObject clients. All Bindings clients are RootObjects clients, including applications, which outlive any particular WebCore::Frame. The new model for RootObject ownership is to reference-count them, with a throw-back to the old model: The WebCore::Frame tracks the RootObjects it creates, and invalidates them when it believes that all of its plug-ins have unloaded. We maintain this throw-back to avoid plug-in leaks, particularly from Java. Java is completely broken when it comes to releasing JavaScript objects. Comments in our code allege that Java does not always call finalize when collecting objects. Moreoever, my own testing reveals that, when Java does notify JavaScript of a finalize, the data it provides is totally bogus. This setup is far from ideal, but I don't think we can do better without completely rewriting the bindings code, and possibly part of the Java plug-in / VM. Layout tests pass. No additional leaks reported. WebCore/manual-tests/*liveconnect* and a few LiveConnect demos on the web also run without a hitch. const RootObject* => RootObject*, since we need to ref/deref * bindings/NP_jsobject.cpp: (jsDeallocate): deref our RootObjects. Also unprotect or JSObject, instead of just relying on the RootObject to do it for us when it's invalidated. (_isSafeScript): Check RootObject validity. (_NPN_CreateScriptObject): ditto (_NPN_Invoke): ditto (_NPN_Evaluate): ditto (_NPN_GetProperty): ditto (_NPN_SetProperty): ditto (_NPN_RemoveProperty): ditto (_NPN_HasProperty): ditto (_NPN_HasMethod): ditto (_NPN_SetException): ditto * bindings/runtime_root.cpp: Revived bit-rotted LIAR LIAR LIAR comment. LOOK: Added support for invalidating RootObjects without deleting them, which is the main goal of this patch. Moved protect counting into the RootObject class, to emphasize that the RootObject protects the JSObject, and unprotects it upon being invalidated. addNativeReference => RootObject::gcProtect removeNativeReference => RootObject::gcUnprotect ProtectCountSet::contains => RootObject::gcIsProtected I know we'll all be sad to see the word "native" go. * bindings/runtime_root.h: Added ref-counting support to RootObject, with all the standard accoutrements. * bindings/c/c_utility.cpp: (KJS::Bindings::convertValueToNPVariant): If we can't find a valid RootObject, return void instead of just leaking. * bindings/jni/jni_instance.cpp: (JavaInstance::JavaInstance): Don't take a RootObject in our constructor; be like other Instances and require the caller to call setRootObject. This reduces the number of ownership code paths. (JavaInstance::invokeMethod): Check RootObject for validity. * bindings/jni/jni_instance.h: Removed private no-arg constructor. Having an arg constructor accomplishes the same thing. * bindings/jni/jni_jsobject.cpp: (JavaJSObject::invoke): No need to call findProtectCountSet, because finalize() checks for RootObject validity. (JavaJSObject::JavaJSObject): check RootObject for validity (JavaJSObject::call): ditto (JavaJSObject::eval): ditto (JavaJSObject::getMember): ditto (JavaJSObject::setMember): ditto (JavaJSObject::removeMember): ditto (JavaJSObject::getSlot): ditto (JavaJSObject::setSlot): ditto (JavaJSObject::toString): ditto (JavaJSObject::finalize): ditto (JavaJSObject::createNative): No need to tell the RootObject to protect the global object, since the RootObject already owns the interpreter. * bindings/jni/jni_runtime.cpp: (JavaArray::JavaArray): Removed copy construcutor becaue it was unused. Dead code is dangerous code. * bindings/objc/objc_runtime.mm: Added WebUndefined protocol. Previous use of WebScriptObject was bogus, because WebUndefined is not a subclass of WebScriptObject. (convertValueToObjcObject): If we can't find a valid RootObject, return nil instead of just leaking. * bindings/objc/objc_utility.mm: (KJS::Bindings::convertValueToObjcValue): If we can't find a valid RootObject, return nil instead of just leaking. LayoutTests: Reviewed by Maciej Stachowiak. Added test for <rdar://problem/4608404> WebScriptObject's _rootObject lack of ownership policy causes crashes (e.g., in Dashcode) No test for Java or NPP versions of this bug because there's no reliable way to make Java and NPP objects outlive their RootObjects (although Java objects sometimes do). * plugins/root-object-premature-delete-crash-expected.txt: Added. * plugins/root-object-premature-delete-crash.html: Added. WebCore: Reviewed by Maciej Stachowiak. Fixed <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) Added RootObject ref-counting goodness. * page/mac/FrameMac.h: * page/mac/FrameMac.mm: (WebCore::FrameMac::cleanupPluginObjects): Invalidate our RootObjects instead of detroying them. Track _bindingRootObject separately from the rest of our RootObjects, since it has its own variable. * page/mac/WebCoreFrameBridge.mm: (createRootObject): Use the Frame's new, more encapsulated function to create a RootObject. * bindings/objc/WebScriptObject.mm: Nixed rootObject setters, since they were unused and they complicated reference-counting. WebKitTools: Reviewed by Maciej Stachowiak. Added support for test for <rdar://problem/4608404> WebScriptObject's _rootObject lack of ownership policy causes crashes (e.g., in Dashcode) * DumpRenderTree/DumpRenderTree.m: (+[LayoutTestController isSelectorExcludedFromWebScript:]): (+[LayoutTestController webScriptNameForSelector:]): (-[LayoutTestController storeWebScriptObject:]): (-[LayoutTestController accessStoredWebScriptObject]): (-[LayoutTestController dealloc]): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@19183 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 14 Jan, 2007 1 commit
-
-
bdash authored
Reviewed by Mitz. Minor fixes to JavaScript pretty-printing. * JavaScriptCore.exp: * kjs/Parser.cpp: (KJS::Parser::prettyPrint): Return line number and error message if parsing fails. * kjs/Parser.h: * kjs/nodes2string.cpp: (ElementNode::streamTo): Include comma delimiters in array literals. (PropertyNameNode::streamTo): Quote property names in object literals to handle the case when the property name is not a valid identifier. * kjs/testkjs.cpp: (doIt): Print any errors encountered while pretty-printing. 2007-01-14 Mark Rowe <mrowe@apple.com> Reviewed by Mitz. Layout tests for fixes to JavaScript pretty-printing. * fast/js/pretty-print-expected.txt: * fast/js/resources/pretty-print.js: Test handling of object literal with non-identifier property name, and of array literals. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18837 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 11 Jan, 2007 1 commit
-
-
ggaren authored
Reviewed by Anders Carlsson. Even more cleanup in preparation for fixing <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) Layout tests pass. Renames: findRootObjectForNativeHandleFunction => createRootObject FindRootObjectForNativeHandleFunctionPtr => CreateRootObjectFunction Also removed unnecessary use of "Bindings::" prefix. * JavaScriptCore.exp: * bindings/jni/jni_jsobject.cpp: (JavaJSObject::createNative): (JavaJSObject::convertValueToJObject): (JavaJSObject::convertJObjectToValue): * bindings/runtime_root.cpp: (KJS::Bindings::RootObject::setCreateRootObject): * bindings/runtime_root.h: (KJS::Bindings::RootObject::createRootObject): WebCore: Reviewed by Anders Carlsson. Even more cleanup in preparation for fixing <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) Layout tests pass. Renames: findRootObjectForNativeHandleFunction => createRootObject FindRootObjectForNativeHandleFunctionPtr => createRootObjectFunction rootForView => createRootObject getInstanceForView => getPluginInstanceForWidget * page/mac/FrameMac.mm: (WebCore::FrameMac::getAppletInstanceForWidget): Put the NSView * in a void* variable named "nativeHandle" to be more explicit about the fact that JavaScript's "nativeHandle" is just an NSView *. (WebCore::getPluginInstanceForWidget): This function now does the NSView * fetching that its callers used to do. (WebCore::FrameMac::getEmbedInstanceForWidget): Updated for rename. (WebCore::FrameMac::getObjectInstanceForWidget): ditto * page/mac/WebCoreFrameBridge.mm: Killed the WebCoreBridgeInternal category, which was really more of a shmategory. (createRootObject): Removed rootObjectForView, folding it into its only caller, the similarly named rootForView. Renamed the pair to "createRootObject" because that's what they do. (-[WebCoreFrameBridge init]): Updated for renames git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18782 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 09 Jan, 2007 1 commit
-
-
ap authored
Reviewed by Darin. - changes for http://bugs.webkit.org/show_bug.cgi?id=11078 Forms Don't Submit (ASP Pages) JavaScriptCore: * JavaScriptCore.exp: * kjs/value.cpp: (KJS::JSValue::toInt32): Folded toInt32Inline into this method, which was its only caller. (KJS::JSValue::toUInt32): Added a variant that reports if the conversion has succeeded. * kjs/value.h: WebCore: * bindings/js/kjs_html.cpp: (KJS::JSHTMLCollectionProtoFunc::callAsFunction): Changed item() to fall back to namedItem() if its argument does not convert to a number. LayoutTests: * fast/dom/collection-namedItem-via-item-expected.txt: Added. * fast/dom/collection-namedItem-via-item.html: Added. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18715 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 29 Dec, 2006 1 commit
-
-
ggaren authored
Reviewed by Brian Dash... err... Mark Rowe. More cleanup in preparation for fixing <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) The key change here is to RootObject::RootObject(). * JavaScriptCore.exp: * bindings/c/c_utility.cpp: (KJS::Bindings::convertValueToNPVariant): Changed to use new constructor. * bindings/jni/jni_jsobject.cpp: (JavaJSObject::createNative): Changed to use new constructor. Replaced large 'if' followed by default condition with "if !" and explicit default condition. * bindings/objc/objc_runtime.mm: (convertValueToObjcObject): Changed to use new constructor. * bindings/runtime_root.cpp: (KJS::Bindings::RootObject::destroy): "removeAllNativeReferences" => "destroy" because this function actually destroys the RootObject. * bindings/runtime_root.h: Changed Interpreter* to RefPtr<Interpreter> to prevent a RootObject from holding a stale Interperter*. (KJS::Bindings::RootObject::RootObject): Changed constructor to take an Interpreter*, since it's pointless to create a RootObject without one. Removed setRootObjectImp() and rootObjectImp() because they were just a confusing way of setting and getting the Interpreter's global object. (KJS::Bindings::RootObject::nativeHandle): "_nativeHandle" => "m_nativeHandle" (KJS::Bindings::RootObject::interpreter): "_interpreter" => "m_interpreter" WebCore: Reviewed by Brian Dash... err... Mark Rowe. More cleanup in preparation for fixing <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) The key change here is to RootObject::RootObject(). Layout tests pass. Renamed "_bindingRoot" => "_bindingRootObject" because "RootObject" is the type name. * bindings/objc/WebScriptObject.mm: (_didExecute): Use Interpreter::globalObject(), since RootObject::rootObjectImp() no longer exists. * page/mac/FrameMac.mm: (WebCore::FrameMac::bindingRootObject): Use the new RootObject constructor. Stop lying about who deletes _bindingRoot. (WebCore::FrameMac::cleanupPluginObjects): => "destroy". Fixed a bug where the RootObject would only free its own memory if there were a ReferencesSet* associated with it. * page/mac/WebCoreFrameBridge.mm: (-[WebCoreFrameBridge rootObjectForView:]): Use new constructor. Changed misleading comment. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18481 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 28 Dec, 2006 1 commit
-
-
ggaren authored
Reviewed by Brady Eidson. Some cleanup in preparation for fixing <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) I'm just trying to make heads or tails of this baffling code. Renamed "root" | "execContext" | "executionContext" => "rootObject", because that's the object's (admittedly vague) type name. * bindings/runtime.cpp: Removed createLanguageInstanceForValue because I'll give you a dollar if you can explain to me what it actually did. * bindings/runtime_root.cpp: Put everything in the KJS::Bindings namespace, removing the KJS::Bindings prefix from individual functions and datatypes. This matches the header and eliminates a lot of syntax cruft. * bindings/c/c_utility.cpp: (KJS::Bindings::convertValueToNPVariant): Replaced use of createLanguageInstanceForValue with call to _NPN_CreateScriptObject because that's what createLanguageInstanceForValue actually did (but don't ask me for that dollar now; that's cheating.) * bindings/objc/objc_utility.h: * bindings/objc/objc_utility.mm: (KJS::Bindings::convertValueToObjcValue): Removed. Its only purpose was to call a single function for WebKit, which WebKit can do on its own. * kjs/interpreter.h: Removed rtti() because it was unused, and this class is scheduled for demolition anyway. * kjs/interpreter.cpp: Removed createLanguageInstanceForValue because it had nothing to do with the Interpreter, and nothing makes Chuck Norris more mad than a function whose sole purpose is to call another function of the same name. (Really, I asked him.) WebCore: Reviewed by Brady Eidson. Some cleanup in preparation for fixing <rdar://problem/4608404> WebScriptObject's _executionContext lack of ownership policy causes crashes (e.g., in Dashcode) Layout tests pass. Renamed "root" | "execContext" | "executionContext" => rootObject, because that's the object's (admittedly vague) type name. * bindings/js/kjs_binding.cpp: * bindings/js/kjs_binding.h: Removed createLanguageInstanceForValue and createObjcInstanceForValue because their only purpose was to confuse you. * bindings/objc/DOMInternal.h: Moved declaration of createDOMWrapper here. createDOMWrapper is the new name for createObjcInstanceForValue. * bindings/objc/DOMInternal.mm: Renamed Interpreter::createObjcInstanceForValue to createDOMWrapper because creating DOM wrappers has nothing to do with the interpreter, and everything to do with the DOM. Renamed value to object because it is one. Removed newObj nil check that is unnecessary in ObjC. * bindings/objc/WebScriptObject.mm: Replaced call to createLanguageInstanceForValue with explicit code to do the same thing it would have done: (1) try to create a DOM wrapper; (2) if the object is not a wrappable DOM object, create a vanilla WebScriptObject for it instead. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18461 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 19 Dec, 2006 1 commit
-
-
andersca authored
Add -p option to testkjs which pretty prints the files instead of executing them. * JavaScriptCore.exp: * JavaScriptCore.xcodeproj/project.pbxproj: * kjs/Parser.cpp: (KJS::Parser::prettyPrint): * kjs/Parser.h: * kjs/testkjs.cpp: (doIt): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18337 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 11 Dec, 2006 1 commit
-
-
http://bugs.webkit.org/show_bug.cgi?id=9673ap authored
Add support for window.atob() and window.btoa() Reviewed by Darin. JavaScriptCore: * JavaScriptCore.exp: Export UString::is8Bit(). * JavaScriptCore.xcodeproj/project.pbxproj: Added StringExtras.h as a private header. WebCore: * WebCore.xcodeproj/project.pbxproj: Added Base64.{h,cpp} * bindings/js/kjs_window.cpp: (KJS::WindowFunc::callAsFunction): * bindings/js/kjs_window.h: (KJS::Window::): * platform/Base64.cpp: Added. (base64Encode): (base64Decode): * platform/Base64.h: Added. * ForwardingHeaders/wtf/StringExtras.h: Added. * platform/DeprecatedString.cpp: Use strncasecmp from StringExtras. LayoutTests: * fast/dom/Window/atob-btoa-expected.txt: Added. * fast/dom/Window/atob-btoa.html: Added. * fast/dom/Window/btoa-pnglet-expected.checksum: Added. * fast/dom/Window/btoa-pnglet-expected.png: Added. * fast/dom/Window/btoa-pnglet-expected.txt: Added. * fast/dom/Window/btoa-pnglet.html: Added. * fast/dom/Window/window-properties-expected.txt: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@18170 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 12 Oct, 2006 1 commit
-
-
ggaren authored
Removed JSObjectMakeWithPrototype, clarified some comments. We really don't want people to manage their own prototypes, so we don't want an extra function in the API devoted to just that. People can still manage their own prototypes if they really want by using JSObjectSetPrototype. * API/JSClassRef.cpp: (OpaqueJSClass::createNoAutomaticPrototype): (OpaqueJSClass::create): * API/JSClassRef.h: * API/JSObjectRef.cpp: (JSClassCreate): (JSObjectMake): * API/JSObjectRef.h: * API/testapi.c: (main): * JavaScriptCore.exp: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@17017 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 03 Sep, 2006 1 commit
-
-
ap authored
http://bugzilla.opendarwin.org/show_bug.cgi?id=10693 Convert JavaScript arrays to AppleScript lists JavaScriptCore: * JavaScriptCore.exp: Export ArrayInstance::info and ArrayInstance::getItem(). * kjs/array_instance.h: * kjs/array_object.cpp: (ArrayInstance::getItem): Added a method to access array items from C++. WebCore: * bridge/mac/WebCoreFrameBridge.mm: (aeDescFromJSValue): Added a case for ArrayInstance. LayoutTests: * fast/AppleScript/array-expected.txt: * fast/AppleScript/array.html: Updated results, added a test for circular dependencies. WebKitTools: * DumpRenderTree/AppleScriptController.m: (convertAEDescToObject): (-[AppleScriptController doJavaScript:]): Support printing AEDescLists. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@16200 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 13 Aug, 2006 1 commit
-
-
mjs authored
Reviewed (and tweaked a little) by Maciej. - shrank the size of JSObject by 8 bytes and made the corresponding reduction to the cell size, resulting in a 1.2% speed improvement on JS iBench (and probably overall memory savings). This was done by removing _scope and _internalValue data members from JSObject and moving them only to the subclasses that actually make use of them. * kjs/object.cpp: (KJS::JSObject::mark): No need to mark scope or internal value here. * kjs/object.h: (KJS::JSObject::JSObject): Don't initialize them. * kjs/JSWrapperObject.cpp: Added. New base class for object types that wrap primitive values (Number, String, Boolean, Date). (KJS::JSWrapperObject::mark): * kjs/JSWrapperObject.h: Added. (KJS::JSWrapperObject::JSWrapperObject): (KJS::JSWrapperObject::internalValue): (KJS::JSWrapperObject::setInternalValue): * kjs/array_object.cpp: (ArrayPrototype::ArrayPrototype): Don't set useless internal value. * kjs/bool_object.cpp: (BooleanInstance::BooleanInstance): Inherit from JSWrapperObject. (BooleanProtoFunc::callAsFunction): Fixed to account for fact that not all JSObjects have an internal value. (BooleanObjectImp::construct): ditto. * kjs/bool_object.h: * kjs/collector.cpp: Lowered cell size to 48. (KJS::Collector::allocate): meaningless whitespace change * kjs/date_object.cpp: (KJS::DateInstance::DateInstance): Inherit from JSWrapperObject. (KJS::DateProtoFunc::callAsFunction): adjusted for move of internalValue (KJS::DateObjectImp::construct): ditto * kjs/date_object.h: * kjs/error_object.cpp: (ErrorPrototype::ErrorPrototype): don't set internal value * kjs/function.cpp: move _scope and related handling here (KJS::FunctionImp::mark): mark scope * kjs/function.h: (KJS::FunctionImp::scope): moved here from JSObject (KJS::FunctionImp::setScope): ditto * kjs/number_object.cpp: (NumberInstance::NumberInstance): inherit from JSWrapperObject (NumberProtoFunc::callAsFunction): adjusted (NumberObjectImp::construct): adjusted * kjs/number_object.h: shring RegExp-related objects a little * kjs/regexp_object.cpp: (RegExpPrototype::RegExpPrototype): Adjust for size tweaks (RegExpObjectImp::RegExpObjectImp): ditto * kjs/regexp_object.h: * kjs/string_object.cpp: (StringInstance::StringInstance): inherit from JSWrapperObject (StringProtoFunc::callAsFunction): adjusted * kjs/string_object.h: * JavaScriptCore.exp: Exported new methods as needed. * JavaScriptCore.xcodeproj/project.pbxproj: Added new files to build. WebCore: Reviewed (and tweaked a little) by Maciej. - shrank the size of JSObject by 8 bytes and made the corresponding reduction to the cell size, resulting in a 1.2% speed improvement on JS iBench (and probably overall memory savings). The WebCore part of this is to expect only FunctionImp to have a scope, not all JSObjects. * bindings/js/kjs_events.cpp: (KJS::JSLazyEventListener::parseCode): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@15846 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 24 Jul, 2006 1 commit
-
-
thatcher authored
Reviewed by Maciej. Bug 9686: [Drosera] Need the ability to break into Drosera on Javascript exceptions http://bugzilla.opendarwin.org/show_bug.cgi?id=9686 JavaScriptCore portion of the fix. * JavaScriptCore.exp: Update symbol for change in argument type. * kjs/debugger.cpp: (Debugger::detach): Clear map of recent exceptions. (Debugger::hasHandledException): Track the most recent exception thrown by an interpreter. (Debugger::exception): Change exception argument to a JSValue. * kjs/debugger.h: * kjs/nodes.cpp: (Node::debugExceptionIfNeeded): Notify the debugger of an exception if it hasn't seen it before. (ThrowNode::execute): Notify the debugger that an exception is being thrown. * kjs/nodes.h: 2006-07-23 Geoffrey Garen <ggaren@apple.com> Patch by Eric Albert, reviewed by Darin and me. - Fixed <rdar://problem/4645931> JavaScriptCore stack-scanning code crashes (Collector::markStackObjectsConservatively) * bindings/jni/jni_jsobject.cpp: On 64bit systems, jint is a long, not an int. (JavaJSObject::getSlot): (JavaJSObject::setSlot): * kjs/collector.cpp: (KJS::Collector::markCurrentThreadConservatively): Use a pointer instead of an int as 'dummy,' because on LP64 systems, an int is not pointer-aligned, and we want to scan the stack for pointers. * JavaScriptCore.xcodeproj/project.pbxproj: After a tense cease-fire, the XCode war has started up again! WebCore: Reviewed by maciej. Bug 9686: [Drosera] Need the ability to break into Drosera on Javascript exceptions http://bugzilla.opendarwin.org/show_bug.cgi?id=9686 WebCore portion of the fix. * bridge/mac/WebCoreScriptDebugger.h: (-[WebScriptDebugger exceptionRaised:sourceId:line::]): Add delegate method. * bridge/mac/WebCoreScriptDebugger.mm: (WebCoreScriptDebuggerImp::exception): Call delegate method when an exception is raised. WebKit: Reviewed by Maciej. Bug 9686: [Drosera] Need the ability to break into Drosera on Javascript exceptions http://bugzilla.opendarwin.org/show_bug.cgi?id=9686 WebKit portion of the fix. * DefaultDelegates/WebDefaultScriptDebugDelegate.m: (-[WebDefaultScriptDebugDelegate webView:exceptionWasRaised:sourceId:line:forWebFrame:]): * DefaultDelegates/WebScriptDebugServer.h: * DefaultDelegates/WebScriptDebugServer.m: (-[WebScriptDebugServer webView:exceptionWasRaised:sourceId:line:forWebFrame:]): Notify listeners that an exception has been raised. * WebView/WebScriptDebugDelegate.h: * WebView/WebScriptDebugDelegate.m: (-[WebScriptCallFrame exceptionRaised:sourceId:line:]): Dispatch through to delegate and WebScriptDebugServer. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@15593 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 21 Jul, 2006 1 commit
-
-
ggaren authored
Reviewed by Darin. - Added support for strings that masquerade as undefined. Currently used by WebCore to implement undetectable style.filter. The name is a little long, but it's only used in one line of code, so I thought clarity should win over brevity. * JavaScriptCore.exp: * JavaScriptCore.xcodeproj/project.pbxproj: * kjs/object.h: * kjs/string_object.h: (KJS::StringInstanceThatMasqueradesAsUndefined::StringInstanceThatMasqueradesAsUndefined): (KJS::StringInstanceThatMasqueradesAsUndefined::masqueradeAsUndefined): (KJS::StringInstanceThatMasqueradesAsUndefined::toBoolean): LayoutTests: Test for undetectable style.filter property. * fast/dom/undetectable-style-filter-expected.txt: Added. * fast/dom/undetectable-style-filter.html: Added. WebCore: Reviewed by Darin. - Fixed <rdar://problem/4507265> REGRESSION: overlays don't work on HousingMaps.com (Google Maps-based site) - Made style.filter undetectable, like document.all. Unfortunately, the SVG spec-makers invented a CSS attribute named 'filter', which conflicts with IE's custom CSS attribute by the same name. Web programs like the Google maps API test for style.filter, and assume it's the IE style.filter if they find it, so we need to make style.filter undetectable to avoid breaking them. An alternative solution would be to hotwire a delorean, go back in time, and beg the web standards makers to make standards that work on the web. * bindings/js/kjs_css.cpp: (KJS::DOMCSSStyleDeclaration::cssPropertyGetter): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@15557 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 17 Jul, 2006 1 commit
-
-
ggaren authored
- Added automatic prototype creation for classes. A class stores a weak reference to a prototype, which is cleared when the prototype is garbage collected, to avoid a reference cycle. We now have an attributes field in JSClassDefinition, that currently is used only to override automatic prototype creation when you want to manage your own prototypes, but can be extended in the future for other nefarious purposes. Similarly, we have JSObjectMake and JSObjectMakeWithPrototype, the latter allowing you to manage your own prototypes. JSObjectMakeConstructor is more interesting now, able to make a constructor on your behalf if you just give it a class. - Removed bogus old code from minidom.js. - Tweaked the headerdocs. - Added more GC testing, which caught some leaks, and tested more funny edge cases in lookup, which caught a lookup bug. Removed some testing we used to do with MyObject because it was redundant with the new, cool stuff. While fixing the lookup bug I retracted this change: "If a static setProperty callback returns 'false', to indicate that the property was not set, we no longer forward the set request up the class chain, because that's almost certainly not what the programmer expected." Returning false when setting a static property is a little silly, but you can see it being useful when shadowing a base class's static properties, and, regardless of usefullness, this is the defined behavior of the setProperty callback. - Plus a little ASCII art, for the kids. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@15497 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
