1. 05 Dec, 2013 1 commit
    • mark.lam@apple.com's avatar
      Make the C Loop LLINT work with callToJavaScript. · afeead10
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=125294.
      
      Reviewed by Michael Saboff.
      
      1. Changed the C Loop LLINT to dispatch to an Executable via its JITCode
         instance which is consistent with how the ASM LLINT works.
      2. Changed CLoop::execute() to take an Opcode instead of an OpcodeID.
         This makes it play nice with the use of JITCode for dispatching.
      3. Introduce a callToJavaScript and callToNativeFunction for the C Loop
         LLINT. These will call JSStack::pushFrame() and popFrame() to setup
         and teardown the CallFrame.
      4. Also introduced a C Loop returnFromJavaScript which is just a
         replacement for ctiOpThrowNotCaught which had the same function.
      5. Remove a lot of #if ENABLE(LLINT_C_LOOP) code now that the dispatch
         mechanism is consistent.
      
      This patch has been tested with both configurations of COMPUTED_GOTOs
      on and off.
      
      * interpreter/CachedCall.h:
      (JSC::CachedCall::CachedCall):
      (JSC::CachedCall::call):
      (JSC::CachedCall::setArgument):
      * interpreter/CallFrameClosure.h:
      (JSC::CallFrameClosure::setThis):
      (JSC::CallFrameClosure::setArgument):
      (JSC::CallFrameClosure::resetCallFrame):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * interpreter/Interpreter.h:
      * interpreter/JSStack.h:
      * interpreter/JSStackInlines.h:
      (JSC::JSStack::pushFrame):
      * interpreter/ProtoCallFrame.h:
      (JSC::ProtoCallFrame::scope):
      (JSC::ProtoCallFrame::callee):
      (JSC::ProtoCallFrame::thisValue):
      (JSC::ProtoCallFrame::argument):
      (JSC::ProtoCallFrame::setArgument):
      * jit/JITCode.cpp:
      (JSC::JITCode::execute):
      * jit/JITCode.h:
      * jit/JITExceptions.cpp:
      (JSC::genericUnwind):
      * llint/LLIntCLoop.cpp:
      (JSC::LLInt::CLoop::initialize):
      * llint/LLIntCLoop.h:
      * llint/LLIntEntrypoint.cpp:
      (JSC::LLInt::setFunctionEntrypoint):
      (JSC::LLInt::setEvalEntrypoint):
      (JSC::LLInt::setProgramEntrypoint):
      - Inverted the check for vm.canUseJIT(). This allows the JIT case to be
        #if'd out nicely when building the C Loop LLINT.
      * llint/LLIntOpcode.h:
      * llint/LLIntThunks.cpp:
      (JSC::doCallToJavaScript):
      (JSC::executeJS):
      (JSC::callToJavaScript):
      (JSC::executeNative):
      (JSC::callToNativeFunction):
      * llint/LLIntThunks.h:
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * runtime/Executable.h:
      (JSC::ExecutableBase::offsetOfNumParametersFor):
      (JSC::ExecutableBase::hostCodeEntryFor):
      (JSC::ExecutableBase::jsCodeEntryFor):
      (JSC::ExecutableBase::jsCodeWithArityCheckEntryFor):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::finishCreation):
      (JSC::ProgramExecutable::generatedJITCode):
      * runtime/JSArray.cpp:
      (JSC::AVLTreeAbstractorForArrayCompare::compare_key_key):
      * runtime/StringPrototype.cpp:
      (JSC::replaceUsingRegExpSearch):
      * runtime/VM.cpp:
      (JSC::VM::getHostFunction):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@160186 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      afeead10
  2. 27 Nov, 2013 1 commit
  3. 22 Nov, 2013 1 commit
    • fpizlo@apple.com's avatar
      Combine SymbolTable and SharedSymbolTable · bbddb5bf
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=124761
      
      Reviewed by Geoffrey Garen.
              
      SymbolTable was never used directly; we now always used SharedSymbolTable. So, this
      gets rid of SymbolTable and renames SharedSymbolTable to SymbolTable.
      
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::symbolTable):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::symbolTable):
      (JSC::UnlinkedCodeBlock::symbolTable):
      (JSC::UnlinkedCodeBlock::finishCreation):
      * bytecompiler/BytecodeGenerator.h:
      (JSC::BytecodeGenerator::symbolTable):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGStackLayoutPhase.cpp:
      (JSC::DFG::StackLayoutPhase::run):
      * jit/AssemblyHelpers.h:
      (JSC::AssemblyHelpers::symbolTableFor):
      * runtime/Arguments.h:
      (JSC::Arguments::finishCreation):
      * runtime/Executable.h:
      (JSC::FunctionExecutable::symbolTable):
      * runtime/JSActivation.h:
      (JSC::JSActivation::create):
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::registersOffset):
      (JSC::JSActivation::allocationSize):
      * runtime/JSSymbolTableObject.h:
      (JSC::JSSymbolTableObject::symbolTable):
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/SymbolTable.cpp:
      (JSC::SymbolTable::destroy):
      (JSC::SymbolTable::SymbolTable):
      * runtime/SymbolTable.h:
      (JSC::SymbolTable::create):
      (JSC::SymbolTable::createStructure):
      * runtime/VM.cpp:
      (JSC::VM::VM):
      * runtime/VM.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@159713 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bbddb5bf
  4. 19 Nov, 2013 1 commit
    • mark.lam@apple.com's avatar
      Add tracking of endColumn for Executables. · fa35e785
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=124245.
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      1. Fixed computation of columns to take into account the startColumn from
         <script> tags. Previously, we were only computing the column relative
         to the char after the <script> tag. Now, the column number that JSC
         computes is always the column number you'll see when viewing the source
         in a text editor (assuming the first column position is 1, not 0).
      
      2. Previously, unlinkedExecutables kept the a base-1 startColumn for
         ProgramExecutables and EvalExecutables, but uses base-0 columns for
         FunctionExecutables. This has been fixed so that they all use base-0
         columns. When the executable gets linked, the column is adjusted into
         a base-1 value.
      
      3. In the UnlinkedFunctionExecutable, renamed m_functionStartOffset to
         m_unlinkedFunctionNameStart because it actually points to the start
         column in the name part of the function declaration.
      
         Similarly, renamed m_functionStartColumn to m_unlinkedBodyStartColumn
         because it points to the first character in the function body. This is
         usually '{' except for functions created from "global code" which
         excludes its braces. See FunctionExecutable::fromGlobalCode().
      
             The exclusion of braces for the global code case is needed so that
         computed start and end columns will more readily map to what a JS
         developer would expect them to be. Otherwise, the first column of the
         function source will not be 1 (includes prepended characters added in
         constructFunctionSkippingEvalEnabledCheck()).
      
         Also, similarly, a m_unlinkedBodyEndColumn has been added to track the
         end column of the UnlinkedFunctionExecutable.
      
      4. For unlinked executables, end column values are either:
         a. Relative to the start of the last line if (last line != first line).
         b. Relative to the start column position if (last line == first line).
      
         The second case is needed so that we can add an appropriate adjustment
         to the end column value (just like we do for the start column) when we
         link the executable.
      
      5. This is not new to this patch, but it worth noting that the lineCount
         values used through this patch has the following meaning:
         - a lineCount of 0 means the source for this code block is on 1 line.
         - a lineCount of N means there are N + l lines of source.
      
         This interpretation is janky, but was present before this patch. We can
         clean that up later in another patch.
      
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      - In order to implement WebCore::Internals::parserMetaData(), we need to
        move some seemingly unrelated header files from the Project section to
        the Private section so that they can be #include'd by the forwarding
        CodeBlock.h from WebCore.
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::sourceCodeForTools):
      (JSC::CodeBlock::CodeBlock):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::generateFunctionCodeBlock):
      (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
      - m_isFromGlobalCode is needed to support the exclusion of the open brace /
        prepended code for functions created from "global code".
      (JSC::UnlinkedFunctionExecutable::link):
      (JSC::UnlinkedFunctionExecutable::fromGlobalCode):
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::create):
      (JSC::UnlinkedFunctionExecutable::unlinkedFunctionNameStart):
      (JSC::UnlinkedFunctionExecutable::unlinkedBodyStartColumn):
      (JSC::UnlinkedFunctionExecutable::unlinkedBodyEndColumn):
      (JSC::UnlinkedFunctionExecutable::recordParse):
      (JSC::UnlinkedCodeBlock::recordParse):
      (JSC::UnlinkedCodeBlock::endColumn):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::FunctionBodyNode::emitBytecode):
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::createFunctionBody):
      (JSC::ASTBuilder::setFunctionNameStart):
      * parser/Lexer.cpp:
      (JSC::::shiftLineTerminator):
      - Removed an unused SourceCode Lexer<T>::sourceCode() function.
      * parser/Lexer.h:
      (JSC::Lexer::positionBeforeLastNewline):
      (JSC::Lexer::prevTerminator):
      - Added tracking of m_positionBeforeLastNewline in the Lexer to enable us
        to exclude the close brace / appended code for functions created from "global
        code".
      * parser/Nodes.cpp:
      (JSC::ProgramNode::ProgramNode):
      (JSC::ProgramNode::create):
      (JSC::EvalNode::EvalNode):
      (JSC::EvalNode::create):
      (JSC::FunctionBodyNode::FunctionBodyNode):
      (JSC::FunctionBodyNode::create):
      (JSC::FunctionBodyNode::setEndPosition):
      - setEndPosition() is needed to fixed up the end position so that we can
        exclude the close brace / appended code for functions created from "global
        code".
      * parser/Nodes.h:
      (JSC::ProgramNode::startColumn):
      (JSC::ProgramNode::endColumn):
      (JSC::EvalNode::startColumn):
      (JSC::EvalNode::endColumn):
      (JSC::FunctionBodyNode::setFunctionNameStart):
      (JSC::FunctionBodyNode::functionNameStart):
      (JSC::FunctionBodyNode::endColumn):
      * parser/Parser.cpp:
      (JSC::::parseFunctionBody):
      (JSC::::parseFunctionInfo):
      * parser/Parser.h:
      (JSC::Parser::positionBeforeLastNewline):
      (JSC::::parse):
      - Subtracted 1 from startColumn here to keep the node column values consistently
        base-0. See note 2 above.
      (JSC::parse):
      * parser/SourceProviderCacheItem.h:
      (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::createFunctionBody):
      (JSC::SyntaxChecker::setFunctionNameStart):
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getGlobalCodeBlock):
      (JSC::CodeCache::getProgramCodeBlock):
      (JSC::CodeCache::getEvalCodeBlock):
      (JSC::CodeCache::getFunctionExecutableFromGlobalCode):
      * runtime/CodeCache.h:
      * runtime/Executable.cpp:
      (JSC::ScriptExecutable::newCodeBlockFor):
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::ProgramExecutable::initializeGlobalProperties):
      (JSC::FunctionExecutable::fromGlobalCode):
      * runtime/Executable.h:
      (JSC::ExecutableBase::isEvalExecutable):
      (JSC::ExecutableBase::isProgramExecutable):
      (JSC::ScriptExecutable::ScriptExecutable):
      (JSC::ScriptExecutable::endColumn):
      (JSC::ScriptExecutable::recordParse):
      (JSC::FunctionExecutable::create):
      (JSC::FunctionExecutable::bodyIncludesBraces):
      * runtime/FunctionConstructor.cpp:
      (JSC::constructFunctionSkippingEvalEnabledCheck):
      * runtime/FunctionPrototype.cpp:
      (JSC::insertSemicolonIfNeeded):
      (JSC::functionProtoFuncToString):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::createProgramCodeBlock):
      (JSC::JSGlobalObject::createEvalCodeBlock):
      
      Source/WebCore: 
      
      Test: js/dom/script-start-end-locations.html
      
      * ForwardingHeaders/bytecode: Added.
      * ForwardingHeaders/bytecode/CodeBlock.h: Added.
      * WebCore.exp.in:
      * testing/Internals.cpp:
      (WebCore::GetCallerCodeBlockFunctor::GetCallerCodeBlockFunctor):
      (WebCore::GetCallerCodeBlockFunctor::operator()):
      (WebCore::GetCallerCodeBlockFunctor::codeBlock):
      (WebCore::Internals::parserMetaData):
      * testing/Internals.h:
      * testing/Internals.idl:
      
      Source/WebKit: 
      
      * WebKit.vcxproj/WebKitExportGenerator/WebKitExports.def.in:
      - Added an exported symbol to make the Win32 build happy. The Win64 symbol
        is currently a copy of the Win32 one. It'll need to be updated if the
        mangled symbol is different for Win64.
      
      LayoutTests: 
      
      * fast/events/window-onerror2-expected.txt:
      * inspector-protocol/debugger/setBreakpoint-actions-expected.txt:
      * js/dom/script-start-end-locations-expected.txt: Added.
      * js/dom/script-start-end-locations.html: Added.
      * js/dom/script-tests/script-start-end-locations.js: Added.
      * js/dom/stack-trace-expected.txt:
      * js/dom/stack-trace.html:
      - Changed tabs to spaces. The tabs were making it hard to visually confirm
        the exected column values for 2 functions.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@159520 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fa35e785
  5. 05 Nov, 2013 1 commit
    • fpizlo@apple.com's avatar
      FTL should support PutById · 87839ab0
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=123784
      
      Reviewed by Geoffrey Garen.
      
      * ftl/FTLAbbreviations.h:
      (JSC::FTL::buildCall):
      * ftl/FTLCapabilities.cpp:
      (JSC::FTL::canCompile):
      * ftl/FTLCompile.cpp:
      (JSC::FTL::generateICFastPath):
      (JSC::FTL::fixFunctionBasedOnStackMaps):
      * ftl/FTLInlineCacheDescriptor.h:
      (JSC::FTL::InlineCacheDescriptor::InlineCacheDescriptor):
      (JSC::FTL::GetByIdDescriptor::GetByIdDescriptor):
      (JSC::FTL::PutByIdDescriptor::PutByIdDescriptor):
      (JSC::FTL::PutByIdDescriptor::ecmaMode):
      (JSC::FTL::PutByIdDescriptor::putKind):
      * ftl/FTLIntrinsicRepository.h:
      * ftl/FTLLowerDFGToLLVM.cpp:
      (JSC::FTL::LowerDFGToLLVM::compileNode):
      (JSC::FTL::LowerDFGToLLVM::compilePutById):
      * ftl/FTLOutput.h:
      (JSC::FTL::Output::call):
      * ftl/FTLSlowPathCall.cpp:
      (JSC::FTL::callOperation):
      * ftl/FTLSlowPathCall.h:
      * ftl/FTLState.h:
      * jit/CCallHelpers.h:
      (JSC::CCallHelpers::setupArguments):
      * runtime/Executable.h:
      (JSC::ScriptExecutable::ecmaMode):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@158681 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      87839ab0
  6. 03 Sep, 2013 1 commit
    • fpizlo@apple.com's avatar
      CodeBlock::jettison() should be implicit · 195d7b84
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120567
      
      Reviewed by Oliver Hunt.
              
      This is a risky change from a performance standpoint, but I believe it's
      necessary. This makes all CodeBlocks get swept by GC. Nobody but the GC
      can delete CodeBlocks because the GC always holds a reference to them.
      Once a CodeBlock reaches just one reference (i.e. the one from the GC)
      then the GC will free it only if it's not on the stack.
              
      This allows me to get rid of the jettisoning logic. We need this for FTL
      tier-up. Well; we don't need it, but it will help prevent a lot of bugs.
      Previously, if you wanted to to replace one code block with another, you
      had to remember to tell the GC that the previous code block is
      "jettisoned". We would need to do this when tiering up from DFG to FTL
      and when dealing with DFG-to-FTL OSR entry code blocks. There are a lot
      of permutations here - tiering up to the FTL, OSR entering into the FTL,
      deciding that an OSR entry code block is not relevant anymore - just to
      name a few. In each of these cases we'd have to jettison the previous
      code block. It smells like a huge source of future bugs.
              
      So I made jettisoning implicit by making the GC always watch out for a
      CodeBlock being owned solely by the GC.
              
      This change is performance neutral.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::visitAggregate):
      (JSC::CodeBlock::jettison):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::setJITCode):
      (JSC::CodeBlock::shouldImmediatelyAssumeLivenessDuringScan):
      (JSC::CodeBlockSet::mark):
      * dfg/DFGCommonData.h:
      (JSC::DFG::CommonData::CommonData):
      * heap/CodeBlockSet.cpp: Added.
      (JSC::CodeBlockSet::CodeBlockSet):
      (JSC::CodeBlockSet::~CodeBlockSet):
      (JSC::CodeBlockSet::add):
      (JSC::CodeBlockSet::clearMarks):
      (JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced):
      (JSC::CodeBlockSet::traceMarked):
      * heap/CodeBlockSet.h: Added.
      * heap/ConservativeRoots.cpp:
      (JSC::ConservativeRoots::add):
      * heap/ConservativeRoots.h:
      * heap/DFGCodeBlocks.cpp: Removed.
      * heap/DFGCodeBlocks.h: Removed.
      * heap/Heap.cpp:
      (JSC::Heap::markRoots):
      (JSC::Heap::deleteAllCompiledCode):
      (JSC::Heap::deleteUnmarkedCompiledCode):
      * heap/Heap.h:
      * interpreter/JSStack.cpp:
      (JSC::JSStack::gatherConservativeRoots):
      * interpreter/JSStack.h:
      * runtime/Executable.cpp:
      (JSC::ScriptExecutable::installCode):
      * runtime/Executable.h:
      * runtime/VM.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154986 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      195d7b84
  7. 01 Sep, 2013 1 commit
    • fpizlo@apple.com's avatar
      CodeBlock refactoring broke profile dumping · 669223d4
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120551
      
      Reviewed by Michael Saboff.
              
      Fix the bug, and did a big clean-up of how Executable returns CodeBlocks. A lot
      of the problems we have with code like CodeBlock::baselineVersion() is that we
      were trying *way too hard* to side-step the fact that Executable can't return a
      CodeBlock*. Previously it could only return CodeBlock&, so if it didn't have a
      CodeBlock yet, you were screwed. And if you didn't know, or weren't sure, if it
      did have a CodeBlock, you were really going to have a bad time. Also it really
      bugs me that the methods were called generatedBytecode(). In all other contexts
      if you ask for a CodeBlock, then method to call is codeBlock(). So I made all
      of those changes.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::baselineVersion):
      (JSC::ProgramCodeBlock::replacement):
      (JSC::EvalCodeBlock::replacement):
      (JSC::FunctionCodeBlock::replacement):
      (JSC::CodeBlock::globalObjectFor):
      * bytecode/CodeOrigin.cpp:
      (JSC::InlineCallFrame::hash):
      * dfg/DFGOperations.cpp:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * jit/JITCode.h:
      (JSC::JITCode::isExecutableScript):
      (JSC::JITCode::isLowerTier):
      * jit/JITStubs.cpp:
      (JSC::lazyLinkFor):
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::setUpCall):
      * runtime/ArrayPrototype.cpp:
      (JSC::isNumericCompareFunction):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      * runtime/Executable.cpp:
      (JSC::ScriptExecutable::installCode):
      * runtime/Executable.h:
      (JSC::EvalExecutable::codeBlock):
      (JSC::ProgramExecutable::codeBlock):
      (JSC::FunctionExecutable::eitherCodeBlock):
      (JSC::FunctionExecutable::codeBlockForCall):
      (JSC::FunctionExecutable::codeBlockForConstruct):
      (JSC::FunctionExecutable::codeBlockFor):
      * runtime/FunctionExecutableDump.cpp:
      (JSC::FunctionExecutableDump::dump):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154935 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      669223d4
  8. 29 Aug, 2013 3 commits
    • fpizlo@apple.com's avatar
      CodeBlock compilation and installation should be simplified and rationalized · 62b6af85
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120326
      
      Reviewed by Oliver Hunt.
              
      Rolling r154804 back in after fixing no-LLInt build.
              
      Previously Executable owned the code for generating JIT code; you always had
      to go through Executable. But often you also had to go through CodeBlock,
      because ScriptExecutable couldn't have virtual methods, but CodeBlock could.
      So you'd ask CodeBlock to do something, which would dispatch through a
      virtual method that would select the appropriate Executable subtype's method.
      This all meant that the same code would often be duplicated, because most of
      the work needed to compile something was identical regardless of code type.
      But then we tried to fix this, by having templatized helpers in
      ExecutionHarness.h and JITDriver.h. The result was that if you wanted to find
      out what happened when you asked for something to be compiled, you'd go on a
      wild ride that started with CodeBlock, touched upon Executable, and then
      ricocheted into either ExecutionHarness or JITDriver (likely both).
              
      Another awkwardness was that for concurrent compiles, the DFG::Worklist had
      super-special inside knowledge of what JITStubs.cpp's cti_optimize would have
      done once the compilation finished.
              
      Also, most of the DFG JIT drivers assumed that they couldn't install the
      JITCode into the CodeBlock directly - instead they would return it via a
      reference, which happened to be a reference to the JITCode pointer in
      Executable. This was super weird.
              
      Finally, there was no notion of compiling code into a special CodeBlock that
      wasn't used for handling calls into an Executable. I'd like this for FTL OSR
      entry.
              
      This patch solves these problems by reducing all of that complexity into just
      three primitives:
              
      - Executable::newCodeBlock(). This gives you a new code block, either for call
        or for construct, and either to serve as the baseline code or the optimized
        code. The new code block is then owned by the caller; Executable doesn't
        register it anywhere. The new code block has no JITCode and isn't callable,
        but it has all of the bytecode.
              
      - CodeBlock::prepareForExecution(). This takes the CodeBlock's bytecode and
        produces a JITCode, and then installs the JITCode into the CodeBlock. This
        method takes a JITType, and always compiles with that JIT. If you ask for
        JITCode::InterpreterThunk then you'll get JITCode that just points to the
        LLInt entrypoints. Once this returns, it is possible to call into the
        CodeBlock if you do so manually - but the Executable still won't know about
        it so JS calls to that Executable will still be routed to whatever CodeBlock
        is associated with the Executable.
              
      - Executable::installCode(). This takes a CodeBlock and makes it the code-for-
        entry for that Executable. This involves unlinking the Executable's last
        CodeBlock, if there was one. This also tells the GC about any effect on
        memory usage and does a bunch of weird data structure rewiring, since
        Executable caches some of CodeBlock's fields for the benefit of virtual call
        fast paths.
              
      This functionality is then wrapped around three convenience methods:
              
      - Executable::prepareForExecution(). If there is no code block for that
        Executable, then one is created (newCodeBlock()), compiled
        (CodeBlock::prepareForExecution()) and installed (installCode()).
              
      - CodeBlock::newReplacement(). Asks the Executable for a new CodeBlock that
        can serve as an optimized replacement of the current one.
              
      - CodeBlock::install(). Asks the Executable to install this code block.
              
      This patch allows me to kill *a lot* of code and to remove a lot of
      specializations for functions vs. not-functions, and a lot of places where we
      pass around JITCode references and such. ExecutionHarness and JITDriver are
      both gone. Overall this patch has more red than green.
              
      It also allows me to work on FTL OSR entry and tier-up:
              
      - FTL tier-up: this will involve DFGOperations.cpp asking the DFG::Worklist
        to do some compilation, but it will require the DFG::Worklist to do
        something different than what JITStubs.cpp would want, once the compilation
        finishes. This patch introduces a callback mechanism for that purpose.
              
      - FTL OSR entry: this will involve creating a special auto-jettisoned
        CodeBlock that is used only for FTL OSR entry. The new set of primitives
        allows for this: Executable can vend you a fresh new CodeBlock, and you can
        ask that CodeBlock to compile itself with any JIT of your choosing. Or you
        can take that CodeBlock and compile it yourself. Previously the act of
        producing a CodeBlock-for-optimization and the act of compiling code for it
        were tightly coupled; now you can separate them and you can create such
        auto-jettisoned CodeBlocks that are used for a one-shot OSR entry.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::prepareForExecutionImpl):
      (JSC::CodeBlock::prepareForExecution):
      (JSC::CodeBlock::prepareForExecutionAsynchronously):
      (JSC::CodeBlock::install):
      (JSC::CodeBlock::newReplacement):
      (JSC::FunctionCodeBlock::jettisonImpl):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::hasBaselineJITProfiling):
      * bytecode/DeferredCompilationCallback.cpp: Added.
      (JSC::DeferredCompilationCallback::DeferredCompilationCallback):
      (JSC::DeferredCompilationCallback::~DeferredCompilationCallback):
      * bytecode/DeferredCompilationCallback.h: Added.
      * dfg/DFGDriver.cpp:
      (JSC::DFG::tryCompile):
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      * dfg/DFGFailedFinalizer.cpp:
      (JSC::DFG::FailedFinalizer::finalize):
      (JSC::DFG::FailedFinalizer::finalizeFunction):
      * dfg/DFGFailedFinalizer.h:
      * dfg/DFGFinalizer.h:
      * dfg/DFGJITFinalizer.cpp:
      (JSC::DFG::JITFinalizer::finalize):
      (JSC::DFG::JITFinalizer::finalizeFunction):
      * dfg/DFGJITFinalizer.h:
      * dfg/DFGOSRExitPreparation.cpp:
      (JSC::DFG::prepareCodeOriginForOSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPlan.cpp:
      (JSC::DFG::Plan::Plan):
      (JSC::DFG::Plan::compileInThreadImpl):
      (JSC::DFG::Plan::notifyReady):
      (JSC::DFG::Plan::finalizeWithoutNotifyingCallback):
      (JSC::DFG::Plan::finalizeAndNotifyCallback):
      * dfg/DFGPlan.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::completeAllReadyPlansForVM):
      (JSC::DFG::Worklist::runThread):
      * ftl/FTLJITFinalizer.cpp:
      (JSC::FTL::JITFinalizer::finalize):
      (JSC::FTL::JITFinalizer::finalizeFunction):
      * ftl/FTLJITFinalizer.h:
      * heap/Heap.h:
      (JSC::Heap::isDeferred):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * jit/JITDriver.h: Removed.
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      * jit/JITToDFGDeferredCompilationCallback.cpp: Added.
      (JSC::JITToDFGDeferredCompilationCallback::JITToDFGDeferredCompilationCallback):
      (JSC::JITToDFGDeferredCompilationCallback::~JITToDFGDeferredCompilationCallback):
      (JSC::JITToDFGDeferredCompilationCallback::create):
      (JSC::JITToDFGDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
      (JSC::JITToDFGDeferredCompilationCallback::compilationDidComplete):
      * jit/JITToDFGDeferredCompilationCallback.h: Added.
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::setFunctionEntrypoint):
      (JSC::LLInt::setEvalEntrypoint):
      (JSC::LLInt::setProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::setUpCall):
      * runtime/ArrayPrototype.cpp:
      (JSC::isNumericCompareFunction):
      * runtime/CommonSlowPaths.cpp:
      * runtime/CompilationResult.cpp:
      (WTF::printInternal):
      * runtime/CompilationResult.h:
      * runtime/Executable.cpp:
      (JSC::ScriptExecutable::installCode):
      (JSC::ScriptExecutable::newCodeBlockFor):
      (JSC::ScriptExecutable::newReplacementCodeBlockFor):
      (JSC::ScriptExecutable::prepareForExecutionImpl):
      * runtime/Executable.h:
      (JSC::ExecutableBase::offsetOfJITCodeWithArityCheckFor):
      (JSC::ExecutableBase::offsetOfNumParametersFor):
      (JSC::ScriptExecutable::prepareForExecution):
      (JSC::FunctionExecutable::jettisonOptimizedCodeFor):
      * runtime/ExecutionHarness.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154824 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      62b6af85
    • commit-queue@webkit.org's avatar
      Unreviewed, rolling out r154804. · ea1f9022
      commit-queue@webkit.org authored
      http://trac.webkit.org/changeset/154804
      https://bugs.webkit.org/show_bug.cgi?id=120477
      
      Broke Windows build (assumes LLInt features not enabled on
      this build) (Requested by bfulgham on #webkit).
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::reoptimize):
      (JSC::ProgramCodeBlock::replacement):
      (JSC::EvalCodeBlock::replacement):
      (JSC::FunctionCodeBlock::replacement):
      (JSC::ProgramCodeBlock::compileOptimized):
      (JSC::ProgramCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::EvalCodeBlock::compileOptimized):
      (JSC::EvalCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::FunctionCodeBlock::compileOptimized):
      (JSC::FunctionCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::jitType):
      (JSC::CodeBlock::jitCompile):
      * bytecode/DeferredCompilationCallback.cpp: Removed.
      * bytecode/DeferredCompilationCallback.h: Removed.
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      (JSC::DFG::tryFinalizePlan):
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      (JSC::DFG::tryFinalizePlan):
      * dfg/DFGFailedFinalizer.cpp:
      (JSC::DFG::FailedFinalizer::finalize):
      (JSC::DFG::FailedFinalizer::finalizeFunction):
      * dfg/DFGFailedFinalizer.h:
      * dfg/DFGFinalizer.h:
      * dfg/DFGJITFinalizer.cpp:
      (JSC::DFG::JITFinalizer::finalize):
      (JSC::DFG::JITFinalizer::finalizeFunction):
      * dfg/DFGJITFinalizer.h:
      * dfg/DFGOSRExitPreparation.cpp:
      (JSC::DFG::prepareCodeOriginForOSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPlan.cpp:
      (JSC::DFG::Plan::Plan):
      (JSC::DFG::Plan::compileInThreadImpl):
      (JSC::DFG::Plan::finalize):
      * dfg/DFGPlan.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::completeAllReadyPlansForVM):
      (JSC::DFG::Worklist::runThread):
      * ftl/FTLJITFinalizer.cpp:
      (JSC::FTL::JITFinalizer::finalize):
      (JSC::FTL::JITFinalizer::finalizeFunction):
      * ftl/FTLJITFinalizer.h:
      * heap/Heap.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * jit/JITDriver.h: Added.
      (JSC::jitCompileIfAppropriateImpl):
      (JSC::jitCompileFunctionIfAppropriateImpl):
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      * jit/JITToDFGDeferredCompilationCallback.cpp: Removed.
      * jit/JITToDFGDeferredCompilationCallback.h: Removed.
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::setUpCall):
      * runtime/ArrayPrototype.cpp:
      (JSC::isNumericCompareFunction):
      * runtime/CommonSlowPaths.cpp:
      * runtime/CompilationResult.cpp:
      (WTF::printInternal):
      * runtime/CompilationResult.h:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::jitCompile):
      (JSC::EvalExecutable::compileInternal):
      (JSC::EvalExecutable::replaceWithDeferredOptimizedCode):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::ProgramExecutable::replaceWithDeferredOptimizedCode):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForCall):
      (JSC::FunctionExecutable::compileForConstructInternal):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForConstruct):
      * runtime/Executable.h:
      (JSC::ExecutableBase::offsetOfJITCodeWithArityCheckFor):
      (JSC::ExecutableBase::offsetOfNumParametersFor):
      (JSC::ExecutableBase::catchRoutineFor):
      (JSC::EvalExecutable::compile):
      (JSC::ProgramExecutable::compile):
      (JSC::FunctionExecutable::compileForCall):
      (JSC::FunctionExecutable::compileForConstruct):
      (JSC::FunctionExecutable::compileFor):
      (JSC::FunctionExecutable::compileOptimizedFor):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeFor):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC::prepareForExecutionImpl):
      (JSC::prepareFunctionForExecutionImpl):
      (JSC::installOptimizedCode):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      (JSC::replaceWithDeferredOptimizedCode):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154814 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ea1f9022
    • fpizlo@apple.com's avatar
      CodeBlock compilation and installation should be simplified and rationalized · 4ea262e2
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120326
      
      Reviewed by Oliver Hunt.
              
      Previously Executable owned the code for generating JIT code; you always had
      to go through Executable. But often you also had to go through CodeBlock,
      because ScriptExecutable couldn't have virtual methods, but CodeBlock could.
      So you'd ask CodeBlock to do something, which would dispatch through a
      virtual method that would select the appropriate Executable subtype's method.
      This all meant that the same code would often be duplicated, because most of
      the work needed to compile something was identical regardless of code type.
      But then we tried to fix this, by having templatized helpers in
      ExecutionHarness.h and JITDriver.h. The result was that if you wanted to find
      out what happened when you asked for something to be compiled, you'd go on a
      wild ride that started with CodeBlock, touched upon Executable, and then
      ricocheted into either ExecutionHarness or JITDriver (likely both).
              
      Another awkwardness was that for concurrent compiles, the DFG::Worklist had
      super-special inside knowledge of what JITStubs.cpp's cti_optimize would have
      done once the compilation finished.
              
      Also, most of the DFG JIT drivers assumed that they couldn't install the
      JITCode into the CodeBlock directly - instead they would return it via a
      reference, which happened to be a reference to the JITCode pointer in
      Executable. This was super weird.
              
      Finally, there was no notion of compiling code into a special CodeBlock that
      wasn't used for handling calls into an Executable. I'd like this for FTL OSR
      entry.
              
      This patch solves these problems by reducing all of that complexity into just
      three primitives:
              
      - Executable::newCodeBlock(). This gives you a new code block, either for call
        or for construct, and either to serve as the baseline code or the optimized
        code. The new code block is then owned by the caller; Executable doesn't
        register it anywhere. The new code block has no JITCode and isn't callable,
        but it has all of the bytecode.
              
      - CodeBlock::prepareForExecution(). This takes the CodeBlock's bytecode and
        produces a JITCode, and then installs the JITCode into the CodeBlock. This
        method takes a JITType, and always compiles with that JIT. If you ask for
        JITCode::InterpreterThunk then you'll get JITCode that just points to the
        LLInt entrypoints. Once this returns, it is possible to call into the
        CodeBlock if you do so manually - but the Executable still won't know about
        it so JS calls to that Executable will still be routed to whatever CodeBlock
        is associated with the Executable.
              
      - Executable::installCode(). This takes a CodeBlock and makes it the code-for-
        entry for that Executable. This involves unlinking the Executable's last
        CodeBlock, if there was one. This also tells the GC about any effect on
        memory usage and does a bunch of weird data structure rewiring, since
        Executable caches some of CodeBlock's fields for the benefit of virtual call
        fast paths.
              
      This functionality is then wrapped around three convenience methods:
              
      - Executable::prepareForExecution(). If there is no code block for that
        Executable, then one is created (newCodeBlock()), compiled
        (CodeBlock::prepareForExecution()) and installed (installCode()).
              
      - CodeBlock::newReplacement(). Asks the Executable for a new CodeBlock that
        can serve as an optimized replacement of the current one.
              
      - CodeBlock::install(). Asks the Executable to install this code block.
              
      This patch allows me to kill *a lot* of code and to remove a lot of
      specializations for functions vs. not-functions, and a lot of places where we
      pass around JITCode references and such. ExecutionHarness and JITDriver are
      both gone. Overall this patch has more red than green.
              
      It also allows me to work on FTL OSR entry and tier-up:
              
      - FTL tier-up: this will involve DFGOperations.cpp asking the DFG::Worklist
        to do some compilation, but it will require the DFG::Worklist to do
        something different than what JITStubs.cpp would want, once the compilation
        finishes. This patch introduces a callback mechanism for that purpose.
              
      - FTL OSR entry: this will involve creating a special auto-jettisoned
        CodeBlock that is used only for FTL OSR entry. The new set of primitives
        allows for this: Executable can vend you a fresh new CodeBlock, and you can
        ask that CodeBlock to compile itself with any JIT of your choosing. Or you
        can take that CodeBlock and compile it yourself. Previously the act of
        producing a CodeBlock-for-optimization and the act of compiling code for it
        were tightly coupled; now you can separate them and you can create such
        auto-jettisoned CodeBlocks that are used for a one-shot OSR entry.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::prepareForExecution):
      (JSC::CodeBlock::install):
      (JSC::CodeBlock::newReplacement):
      (JSC::FunctionCodeBlock::jettisonImpl):
      (JSC::CodeBlock::setOptimizationThresholdBasedOnCompilationResult):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::hasBaselineJITProfiling):
      * bytecode/DeferredCompilationCallback.cpp: Added.
      (JSC::DeferredCompilationCallback::DeferredCompilationCallback):
      (JSC::DeferredCompilationCallback::~DeferredCompilationCallback):
      * bytecode/DeferredCompilationCallback.h: Added.
      * dfg/DFGDriver.cpp:
      (JSC::DFG::tryCompile):
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      * dfg/DFGFailedFinalizer.cpp:
      (JSC::DFG::FailedFinalizer::finalize):
      (JSC::DFG::FailedFinalizer::finalizeFunction):
      * dfg/DFGFailedFinalizer.h:
      * dfg/DFGFinalizer.h:
      * dfg/DFGJITFinalizer.cpp:
      (JSC::DFG::JITFinalizer::finalize):
      (JSC::DFG::JITFinalizer::finalizeFunction):
      * dfg/DFGJITFinalizer.h:
      * dfg/DFGOSRExitPreparation.cpp:
      (JSC::DFG::prepareCodeOriginForOSRExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPlan.cpp:
      (JSC::DFG::Plan::Plan):
      (JSC::DFG::Plan::compileInThreadImpl):
      (JSC::DFG::Plan::finalizeWithoutNotifyingCallback):
      (JSC::DFG::Plan::finalizeAndNotifyCallback):
      * dfg/DFGPlan.h:
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::completeAllReadyPlansForVM):
      * ftl/FTLJITFinalizer.cpp:
      (JSC::FTL::JITFinalizer::finalize):
      (JSC::FTL::JITFinalizer::finalizeFunction):
      * ftl/FTLJITFinalizer.h:
      * heap/Heap.h:
      (JSC::Heap::isDeferred):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      * jit/JITDriver.h: Removed.
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      * jit/JITToDFGDeferredCompilationCallback.cpp: Added.
      (JSC::JITToDFGDeferredCompilationCallback::JITToDFGDeferredCompilationCallback):
      (JSC::JITToDFGDeferredCompilationCallback::~JITToDFGDeferredCompilationCallback):
      (JSC::JITToDFGDeferredCompilationCallback::create):
      (JSC::JITToDFGDeferredCompilationCallback::compilationDidComplete):
      * jit/JITToDFGDeferredCompilationCallback.h: Added.
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::setFunctionEntrypoint):
      (JSC::LLInt::setEvalEntrypoint):
      (JSC::LLInt::setProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::setUpCall):
      * runtime/ArrayPrototype.cpp:
      (JSC::isNumericCompareFunction):
      * runtime/CommonSlowPaths.cpp:
      * runtime/CompilationResult.cpp:
      (WTF::printInternal):
      * runtime/CompilationResult.h:
      * runtime/Executable.cpp:
      (JSC::ScriptExecutable::installCode):
      (JSC::ScriptExecutable::newCodeBlockFor):
      (JSC::ScriptExecutable::newReplacementCodeBlockFor):
      (JSC::ScriptExecutable::prepareForExecutionImpl):
      * runtime/Executable.h:
      (JSC::ScriptExecutable::prepareForExecution):
      (JSC::FunctionExecutable::jettisonOptimizedCodeFor):
      * runtime/ExecutionHarness.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154804 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4ea262e2
  9. 26 Aug, 2013 1 commit
  10. 22 Aug, 2013 1 commit
    • barraclough@apple.com's avatar
      Clarify var/const/function declaration · 1d962d08
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120144
      
      Reviewed by Sam Weinig.
      
      Add methods to JSGlobalObject to declare vars, consts, and functions.
      
      * runtime/Executable.cpp:
      (JSC::ProgramExecutable::initializeGlobalProperties):
      * runtime/Executable.h:
          - Moved declaration code to JSGlobalObject
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::addGlobalVar):
          - internal implementation of addVar, addConst, addFunction
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::addVar):
      (JSC::JSGlobalObject::addConst):
      (JSC::JSGlobalObject::addFunction):
          - Added methods to declare vars, consts, and functions
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154434 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1d962d08
  11. 14 Aug, 2013 1 commit
    • fpizlo@apple.com's avatar
      Foo::s_info should be Foo::info(), so that you can change how the s_info is actually linked · 10ae2d0d
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=119770
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::finishCreation):
      * API/JSCallbackConstructor.h:
      (JSC::JSCallbackConstructor::createStructure):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      * API/JSCallbackFunction.h:
      (JSC::JSCallbackFunction::createStructure):
      * API/JSCallbackObject.cpp:
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObject::visitChildren):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::asCallbackObject):
      (JSC::::finishCreation):
      * API/JSObjectRef.cpp:
      (JSObjectGetPrivate):
      (JSObjectSetPrivate):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      * API/JSValueRef.cpp:
      (JSValueIsObjectOfClass):
      * API/JSWeakObjectMapRefPrivate.cpp:
      * API/ObjCCallbackFunction.h:
      (JSC::ObjCCallbackFunction::createStructure):
      * JSCTypedArrayStubs.h:
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::CallLinkStatus):
      (JSC::CallLinkStatus::function):
      (JSC::CallLinkStatus::internalFunction):
      * bytecode/CodeBlock.h:
      (JSC::baselineCodeBlockForInlineCallFrame):
      * bytecode/SpeculatedType.cpp:
      (JSC::speculationFromClassInfo):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedFunctionExecutable::visitChildren):
      (JSC::UnlinkedCodeBlock::visitChildren):
      (JSC::UnlinkedProgramCodeBlock::visitChildren):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::createStructure):
      (JSC::UnlinkedProgramCodeBlock::createStructure):
      (JSC::UnlinkedEvalCodeBlock::createStructure):
      (JSC::UnlinkedFunctionCodeBlock::createStructure):
      * debugger/Debugger.cpp:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::visitChildren):
      * debugger/DebuggerActivation.h:
      (JSC::DebuggerActivation::createStructure):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::functionName):
      * dfg/DFGAbstractInterpreterInlines.h:
      (JSC::DFG::::executeEffects):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
      (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::isInternalFunctionConstant):
      * dfg/DFGOperations.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::compileNewStringObject):
      * dfg/DFGThunks.cpp:
      (JSC::DFG::virtualForThunkGenerator):
      * interpreter/Interpreter.cpp:
      (JSC::loadVarargs):
      * jsc.cpp:
      (GlobalObject::createStructure):
      * profiler/LegacyProfiler.cpp:
      (JSC::LegacyProfiler::createCallIdentifier):
      * runtime/Arguments.cpp:
      (JSC::Arguments::visitChildren):
      * runtime/Arguments.h:
      (JSC::Arguments::createStructure):
      (JSC::asArguments):
      (JSC::Arguments::finishCreation):
      * runtime/ArrayConstructor.cpp:
      (JSC::arrayConstructorIsArray):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::createStructure):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::finishCreation):
      (JSC::arrayProtoFuncConcat):
      (JSC::attemptFastSort):
      * runtime/ArrayPrototype.h:
      (JSC::ArrayPrototype::createStructure):
      * runtime/BooleanConstructor.h:
      (JSC::BooleanConstructor::createStructure):
      * runtime/BooleanObject.cpp:
      (JSC::BooleanObject::finishCreation):
      * runtime/BooleanObject.h:
      (JSC::BooleanObject::createStructure):
      (JSC::asBooleanObject):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::finishCreation):
      (JSC::booleanProtoFuncToString):
      (JSC::booleanProtoFuncValueOf):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::createStructure):
      * runtime/DateConstructor.cpp:
      (JSC::constructDate):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::createStructure):
      * runtime/DateInstance.cpp:
      (JSC::DateInstance::finishCreation):
      * runtime/DateInstance.h:
      (JSC::DateInstance::createStructure):
      (JSC::asDateInstance):
      * runtime/DatePrototype.cpp:
      (JSC::formateDateInstance):
      (JSC::DatePrototype::finishCreation):
      (JSC::dateProtoFuncToISOString):
      (JSC::dateProtoFuncToLocaleString):
      (JSC::dateProtoFuncToLocaleDateString):
      (JSC::dateProtoFuncToLocaleTimeString):
      (JSC::dateProtoFuncGetTime):
      (JSC::dateProtoFuncGetFullYear):
      (JSC::dateProtoFuncGetUTCFullYear):
      (JSC::dateProtoFuncGetMonth):
      (JSC::dateProtoFuncGetUTCMonth):
      (JSC::dateProtoFuncGetDate):
      (JSC::dateProtoFuncGetUTCDate):
      (JSC::dateProtoFuncGetDay):
      (JSC::dateProtoFuncGetUTCDay):
      (JSC::dateProtoFuncGetHours):
      (JSC::dateProtoFuncGetUTCHours):
      (JSC::dateProtoFuncGetMinutes):
      (JSC::dateProtoFuncGetUTCMinutes):
      (JSC::dateProtoFuncGetSeconds):
      (JSC::dateProtoFuncGetUTCSeconds):
      (JSC::dateProtoFuncGetMilliSeconds):
      (JSC::dateProtoFuncGetUTCMilliseconds):
      (JSC::dateProtoFuncGetTimezoneOffset):
      (JSC::dateProtoFuncSetTime):
      (JSC::setNewValueFromTimeArgs):
      (JSC::setNewValueFromDateArgs):
      (JSC::dateProtoFuncSetYear):
      (JSC::dateProtoFuncGetYear):
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::createStructure):
      * runtime/Error.h:
      (JSC::StrictModeTypeErrorFunction::createStructure):
      * runtime/ErrorConstructor.h:
      (JSC::ErrorConstructor::createStructure):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::finishCreation):
      * runtime/ErrorInstance.h:
      (JSC::ErrorInstance::createStructure):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::finishCreation):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::createStructure):
      * runtime/ExceptionHelpers.cpp:
      (JSC::isTerminatedExecutionException):
      * runtime/ExceptionHelpers.h:
      (JSC::TerminatedExecutionError::createStructure):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::visitChildren):
      (JSC::ProgramExecutable::visitChildren):
      (JSC::FunctionExecutable::visitChildren):
      (JSC::ExecutableBase::hashFor):
      * runtime/Executable.h:
      (JSC::ExecutableBase::createStructure):
      (JSC::NativeExecutable::createStructure):
      (JSC::EvalExecutable::createStructure):
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::compileFor):
      (JSC::FunctionExecutable::compileOptimizedFor):
      (JSC::FunctionExecutable::createStructure):
      * runtime/FunctionConstructor.h:
      (JSC::FunctionConstructor::createStructure):
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncToString):
      (JSC::functionProtoFuncApply):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::createStructure):
      * runtime/GetterSetter.cpp:
      (JSC::GetterSetter::visitChildren):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::createStructure):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::finishCreation):
      * runtime/InternalFunction.h:
      (JSC::InternalFunction::createStructure):
      (JSC::asInternalFunction):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::visitChildren):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSC::JSActivation::createStructure):
      (JSC::asActivation):
      * runtime/JSArray.h:
      (JSC::JSArray::createStructure):
      (JSC::asArray):
      (JSC::isJSArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::finishCreation):
      (JSC::JSBoundFunction::visitChildren):
      * runtime/JSBoundFunction.h:
      (JSC::JSBoundFunction::createStructure):
      * runtime/JSCJSValue.cpp:
      (JSC::JSValue::dumpInContext):
      * runtime/JSCJSValueInlines.h:
      (JSC::JSValue::isFunction):
      * runtime/JSCell.h:
      (JSC::jsCast):
      (JSC::jsDynamicCast):
      * runtime/JSCellInlines.h:
      (JSC::allocateCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::visitChildren):
      (JSC::skipOverBoundFunctions):
      (JSC::JSFunction::callerGetter):
      * runtime/JSFunction.h:
      (JSC::JSFunction::createStructure):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::visitChildren):
      (JSC::slowValidateCell):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::createStructure):
      * runtime/JSNameScope.cpp:
      (JSC::JSNameScope::visitChildren):
      * runtime/JSNameScope.h:
      (JSC::JSNameScope::createStructure):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::createStructure):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::finishCreation):
      (JSC::unwrapBoxedPrimitive):
      (JSC::Stringifier::Stringifier):
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Stringifier::Holder::Holder):
      (JSC::Walker::walk):
      (JSC::JSONProtoFuncStringify):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::getCallableObjectSlow):
      (JSC::JSObject::visitChildren):
      (JSC::JSObject::copyBackingStore):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      * runtime/JSObject.h:
      (JSC::JSObject::finishCreation):
      (JSC::JSObject::createStructure):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSFinalObject::createStructure):
      (JSC::isJSFinalObject):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::visitChildren):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::createStructure):
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::visitChildren):
      * runtime/JSProxy.h:
      (JSC::JSProxy::createStructure):
      * runtime/JSScope.cpp:
      (JSC::JSScope::visitChildren):
      * runtime/JSSegmentedVariableObject.cpp:
      (JSC::JSSegmentedVariableObject::visitChildren):
      * runtime/JSString.h:
      (JSC::JSString::createStructure):
      (JSC::isJSString):
      * runtime/JSSymbolTableObject.cpp:
      (JSC::JSSymbolTableObject::visitChildren):
      * runtime/JSVariableObject.h:
      * runtime/JSWithScope.cpp:
      (JSC::JSWithScope::visitChildren):
      * runtime/JSWithScope.h:
      (JSC::JSWithScope::createStructure):
      * runtime/JSWrapperObject.cpp:
      (JSC::JSWrapperObject::visitChildren):
      * runtime/JSWrapperObject.h:
      (JSC::JSWrapperObject::createStructure):
      * runtime/MathObject.cpp:
      (JSC::MathObject::finishCreation):
      * runtime/MathObject.h:
      (JSC::MathObject::createStructure):
      * runtime/NameConstructor.h:
      (JSC::NameConstructor::createStructure):
      * runtime/NameInstance.h:
      (JSC::NameInstance::createStructure):
      (JSC::NameInstance::finishCreation):
      * runtime/NamePrototype.cpp:
      (JSC::NamePrototype::finishCreation):
      (JSC::privateNameProtoFuncToString):
      * runtime/NamePrototype.h:
      (JSC::NamePrototype::createStructure):
      * runtime/NativeErrorConstructor.cpp:
      (JSC::NativeErrorConstructor::visitChildren):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::createStructure):
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::finishCreation):
      * runtime/NumberConstructor.h:
      (JSC::NumberConstructor::createStructure):
      * runtime/NumberObject.cpp:
      (JSC::NumberObject::finishCreation):
      * runtime/NumberObject.h:
      (JSC::NumberObject::createStructure):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::finishCreation):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::createStructure):
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::finishCreation):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::createStructure):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyTable::createStructure):
      * runtime/PropertyTable.cpp:
      (JSC::PropertyTable::visitChildren):
      * runtime/RegExp.h:
      (JSC::RegExp::createStructure):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::finishCreation):
      (JSC::RegExpConstructor::visitChildren):
      (JSC::constructRegExp):
      * runtime/RegExpConstructor.h:
      (JSC::RegExpConstructor::createStructure):
      (JSC::asRegExpConstructor):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::visitChildren):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::finishCreation):
      (JSC::RegExpObject::visitChildren):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::createStructure):
      (JSC::asRegExpObject):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncTest):
      (JSC::regExpProtoFuncExec):
      (JSC::regExpProtoFuncCompile):
      (JSC::regExpProtoFuncToString):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::createStructure):
      * runtime/SparseArrayValueMap.cpp:
      (JSC::SparseArrayValueMap::createStructure):
      * runtime/SparseArrayValueMap.h:
      * runtime/StrictEvalActivation.h:
      (JSC::StrictEvalActivation::createStructure):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::createStructure):
      * runtime/StringObject.cpp:
      (JSC::StringObject::finishCreation):
      * runtime/StringObject.h:
      (JSC::StringObject::createStructure):
      (JSC::asStringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::finishCreation):
      (JSC::stringProtoFuncReplace):
      (JSC::stringProtoFuncToString):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSplit):
      * runtime/StringPrototype.h:
      (JSC::StringPrototype::createStructure):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::get):
      (JSC::Structure::visitChildren):
      * runtime/Structure.h:
      (JSC::Structure::typeInfo):
      (JSC::Structure::previousID):
      (JSC::Structure::outOfLineSize):
      (JSC::Structure::totalStorageCapacity):
      (JSC::Structure::materializePropertyMapIfNecessary):
      (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::visitChildren):
      * runtime/StructureChain.h:
      (JSC::StructureChain::createStructure):
      * runtime/StructureInlines.h:
      (JSC::Structure::get):
      * runtime/StructureRareData.cpp:
      (JSC::StructureRareData::createStructure):
      (JSC::StructureRareData::visitChildren):
      * runtime/StructureRareData.h:
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::createStructure):
      * runtime/VM.cpp:
      (JSC::VM::VM):
      (JSC::StackPreservingRecompiler::operator()):
      (JSC::VM::releaseExecutableMemory):
      * runtime/WriteBarrier.h:
      (JSC::validateCell):
      * testRegExp.cpp:
      (GlobalObject::createStructure):
      
      Source/WebCore: 
      
      No new tests because no new behavior.
      
      * bindings/js/IDBBindingUtilities.cpp:
      (WebCore::createIDBKeyFromValue):
      * bindings/js/JSAttrCustom.cpp:
      (WebCore::JSAttr::visitChildren):
      * bindings/js/JSAudioTrackCustom.cpp:
      (WebCore::JSAudioTrack::visitChildren):
      * bindings/js/JSAudioTrackListCustom.cpp:
      (WebCore::JSAudioTrackList::visitChildren):
      * bindings/js/JSBlobCustom.cpp:
      (WebCore::JSBlobConstructor::constructJSBlob):
      * bindings/js/JSCSSRuleCustom.cpp:
      (WebCore::JSCSSRule::visitChildren):
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::JSCSSStyleDeclaration::visitChildren):
      (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames):
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::toHTMLCanvasStyle):
      * bindings/js/JSCanvasRenderingContextCustom.cpp:
      (WebCore::JSCanvasRenderingContext::visitChildren):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::valueToDate):
      * bindings/js/JSDOMBinding.h:
      (WebCore::DOMConstructorObject::createStructure):
      (WebCore::getDOMStructure):
      (WebCore::toRefPtrNativeArray):
      (WebCore::getStaticValueSlotEntryWithoutCaching):
      * bindings/js/JSDOMFormDataCustom.cpp:
      (WebCore::toHTMLFormElement):
      (WebCore::JSDOMFormData::append):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::finishCreation):
      (WebCore::JSDOMGlobalObject::scriptExecutionContext):
      (WebCore::JSDOMGlobalObject::visitChildren):
      * bindings/js/JSDOMGlobalObject.h:
      (WebCore::JSDOMGlobalObject::info):
      (WebCore::JSDOMGlobalObject::createStructure):
      (WebCore::getDOMConstructor):
      * bindings/js/JSDOMStringListCustom.cpp:
      (WebCore::toDOMStringList):
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::finishCreation):
      (WebCore::toJSDOMWindow):
      * bindings/js/JSDOMWindowBase.h:
      (WebCore::JSDOMWindowBase::createStructure):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::visitChildren):
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      (WebCore::toDOMWindow):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::finishCreation):
      * bindings/js/JSDOMWindowShell.h:
      (WebCore::JSDOMWindowShell::createStructure):
      * bindings/js/JSEventTargetCustom.cpp:
      (WebCore::toEventTarget):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::getOwnPropertySlotDelegate):
      (WebCore::JSHistory::getOwnPropertyDescriptorDelegate):
      * bindings/js/JSImageConstructor.cpp:
      (WebCore::JSImageConstructor::finishCreation):
      * bindings/js/JSImageConstructor.h:
      (WebCore::JSImageConstructor::createStructure):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::JSInjectedScriptHost::isHTMLAllCollection):
      (WebCore::JSInjectedScriptHost::type):
      (WebCore::JSInjectedScriptHost::functionDetails):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::getOwnPropertySlotDelegate):
      (WebCore::JSLocation::getOwnPropertyDescriptorDelegate):
      (WebCore::JSLocation::putDelegate):
      * bindings/js/JSMessageChannelCustom.cpp:
      (WebCore::JSMessageChannel::visitChildren):
      * bindings/js/JSMessagePortCustom.cpp:
      (WebCore::JSMessagePort::visitChildren):
      * bindings/js/JSNodeCustom.cpp:
      (WebCore::JSNode::pushEventHandlerScope):
      (WebCore::JSNode::visitChildren):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::JSNodeFilter::visitChildren):
      (WebCore::toNodeFilter):
      * bindings/js/JSNodeIteratorCustom.cpp:
      (WebCore::JSNodeIterator::visitChildren):
      * bindings/js/JSPluginElementFunctions.h:
      (WebCore::pluginElementCustomGetOwnPropertySlot):
      (WebCore::pluginElementCustomGetOwnPropertyDescriptor):
      * bindings/js/JSSVGElementInstanceCustom.cpp:
      (WebCore::JSSVGElementInstance::visitChildren):
      * bindings/js/JSSharedWorkerCustom.cpp:
      (WebCore::JSSharedWorker::visitChildren):
      * bindings/js/JSStyleSheetCustom.cpp:
      (WebCore::JSStyleSheet::visitChildren):
      * bindings/js/JSTextTrackCueCustom.cpp:
      (WebCore::JSTextTrackCue::visitChildren):
      * bindings/js/JSTextTrackCustom.cpp:
      (WebCore::JSTextTrack::visitChildren):
      * bindings/js/JSTextTrackListCustom.cpp:
      (WebCore::JSTextTrackList::visitChildren):
      * bindings/js/JSTrackCustom.cpp:
      (WebCore::toTrack):
      * bindings/js/JSTreeWalkerCustom.cpp:
      (WebCore::JSTreeWalker::visitChildren):
      * bindings/js/JSVideoTrackCustom.cpp:
      (WebCore::JSVideoTrack::visitChildren):
      * bindings/js/JSVideoTrackListCustom.cpp:
      (WebCore::JSVideoTrackList::visitChildren):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::JSWebGLRenderingContext::visitChildren):
      (WebCore::JSWebGLRenderingContext::getAttachedShaders):
      (WebCore::JSWebGLRenderingContext::getProgramParameter):
      (WebCore::JSWebGLRenderingContext::getShaderParameter):
      (WebCore::JSWebGLRenderingContext::getUniform):
      (WebCore::dataFunctionf):
      (WebCore::dataFunctioni):
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSWorkerGlobalScopeBase.cpp:
      (WebCore::JSWorkerGlobalScopeBase::finishCreation):
      (WebCore::toJSDedicatedWorkerGlobalScope):
      (WebCore::toJSSharedWorkerGlobalScope):
      * bindings/js/JSWorkerGlobalScopeBase.h:
      (WebCore::JSWorkerGlobalScopeBase::createStructure):
      * bindings/js/JSWorkerGlobalScopeCustom.cpp:
      (WebCore::JSWorkerGlobalScope::visitChildren):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::visitChildren):
      (WebCore::JSXMLHttpRequest::send):
      * bindings/js/JSXPathResultCustom.cpp:
      (WebCore::JSXPathResult::visitChildren):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptState.cpp:
      (WebCore::domWindowFromScriptState):
      (WebCore::scriptExecutionContextFromScriptState):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::isArray):
      (WebCore::CloneSerializer::dumpArrayBufferView):
      (WebCore::CloneSerializer::dumpIfTerminal):
      (WebCore::CloneSerializer::serialize):
      (WebCore::CloneDeserializer::CloneDeserializer):
      (WebCore::CloneDeserializer::readArrayBufferView):
      * bindings/objc/DOM.mm:
      (+[DOMNode _nodeFromJSWrapper:]):
      * bindings/objc/DOMUtility.mm:
      (JSC::createDOMWrapper):
      * bindings/objc/WebScriptObject.mm:
      (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateGetOwnPropertySlotBody):
      (GenerateGetOwnPropertyDescriptorBody):
      (GenerateHeader):
      (GenerateParametersCheckExpression):
      (GenerateImplementation):
      (GenerateParametersCheck):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bindings/scripts/test/JS/JSFloat64Array.cpp:
      (WebCore::JSFloat64ArrayConstructor::finishCreation):
      (WebCore::JSFloat64Array::finishCreation):
      (WebCore::JSFloat64Array::getOwnPropertySlot):
      (WebCore::JSFloat64Array::getOwnPropertyDescriptor):
      (WebCore::JSFloat64Array::getOwnPropertySlotByIndex):
      (WebCore::JSFloat64Array::put):
      (WebCore::JSFloat64Array::putByIndex):
      (WebCore::JSFloat64Array::getOwnPropertyNames):
      (WebCore::jsFloat64ArrayPrototypeFunctionFoo):
      (WebCore::jsFloat64ArrayPrototypeFunctionSet):
      (WebCore::JSFloat64Array::getByIndex):
      (WebCore::toFloat64Array):
      * bindings/scripts/test/JS/JSFloat64Array.h:
      (WebCore::JSFloat64Array::createStructure):
      (WebCore::JSFloat64ArrayPrototype::createStructure):
      (WebCore::JSFloat64ArrayConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
      (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
      (WebCore::JSTestActiveDOMObject::finishCreation):
      (WebCore::JSTestActiveDOMObject::getOwnPropertySlot):
      (WebCore::JSTestActiveDOMObject::getOwnPropertyDescriptor):
      (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunction):
      (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage):
      (WebCore::toTestActiveDOMObject):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
      (WebCore::JSTestActiveDOMObject::createStructure):
      (WebCore::JSTestActiveDOMObjectPrototype::createStructure):
      (WebCore::JSTestActiveDOMObjectConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
      (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
      (WebCore::JSTestCustomNamedGetter::finishCreation):
      (WebCore::JSTestCustomNamedGetter::getOwnPropertySlot):
      (WebCore::JSTestCustomNamedGetter::getOwnPropertyDescriptor):
      (WebCore::JSTestCustomNamedGetter::getOwnPropertySlotByIndex):
      (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction):
      (WebCore::toTestCustomNamedGetter):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
      (WebCore::JSTestCustomNamedGetter::createStructure):
      (WebCore::JSTestCustomNamedGetterPrototype::createStructure):
      (WebCore::JSTestCustomNamedGetterConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
      (WebCore::JSTestEventConstructorConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::getOwnPropertySlot):
      (WebCore::JSTestEventConstructor::getOwnPropertyDescriptor):
      (WebCore::toTestEventConstructor):
      * bindings/scripts/test/JS/JSTestEventConstructor.h:
      (WebCore::JSTestEventConstructor::createStructure):
      (WebCore::JSTestEventConstructorPrototype::createStructure):
      (WebCore::JSTestEventConstructorConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::JSTestEventTargetConstructor::finishCreation):
      (WebCore::JSTestEventTarget::finishCreation):
      (WebCore::JSTestEventTarget::getOwnPropertySlot):
      (WebCore::JSTestEventTarget::getOwnPropertyDescriptor):
      (WebCore::JSTestEventTarget::getOwnPropertySlotByIndex):
      (WebCore::JSTestEventTarget::getOwnPropertyNames):
      (WebCore::jsTestEventTargetPrototypeFunctionItem):
      (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionDispatchEvent):
      (WebCore::JSTestEventTarget::visitChildren):
      (WebCore::JSTestEventTarget::indexGetter):
      (WebCore::toTestEventTarget):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::createStructure):
      (WebCore::JSTestEventTargetPrototype::createStructure):
      (WebCore::JSTestEventTargetConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestException.cpp:
      (WebCore::JSTestExceptionConstructor::finishCreation):
      (WebCore::JSTestException::finishCreation):
      (WebCore::JSTestException::getOwnPropertySlot):
      (WebCore::JSTestException::getOwnPropertyDescriptor):
      (WebCore::toTestException):
      * bindings/scripts/test/JS/JSTestException.h:
      (WebCore::JSTestException::createStructure):
      (WebCore::JSTestExceptionPrototype::createStructure):
      (WebCore::JSTestExceptionConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::finishCreation):
      (WebCore::JSTestInterface::finishCreation):
      (WebCore::JSTestInterface::getOwnPropertySlot):
      (WebCore::JSTestInterface::getOwnPropertyDescriptor):
      (WebCore::JSTestInterface::put):
      (WebCore::JSTestInterface::putByIndex):
      (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod1):
      (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
      (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod3):
      (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod1):
      (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):
      (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod3):
      (WebCore::toTestInterface):
      * bindings/scripts/test/JS/JSTestInterface.h:
      (WebCore::JSTestInterface::createStructure):
      (WebCore::JSTestInterfacePrototype::createStructure):
      (WebCore::JSTestInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
      (WebCore::JSTestMediaQueryListListener::finishCreation):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertyDescriptor):
      (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
      (WebCore::toTestMediaQueryListListener):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      (WebCore::JSTestMediaQueryListListener::createStructure):
      (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
      (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
      (WebCore::JSTestNamedConstructorConstructor::finishCreation):
      (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::getOwnPropertySlot):
      (WebCore::JSTestNamedConstructor::getOwnPropertyDescriptor):
      (WebCore::toTestNamedConstructor):
      * bindings/scripts/test/JS/JSTestNamedConstructor.h:
      (WebCore::JSTestNamedConstructor::createStructure):
      (WebCore::JSTestNamedConstructorPrototype::createStructure):
      (WebCore::JSTestNamedConstructorConstructor::createStructure):
      (WebCore::JSTestNamedConstructorNamedConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNode.cpp:
      (WebCore::JSTestNodeConstructor::finishCreation):
      (WebCore::JSTestNode::finishCreation):
      (WebCore::JSTestNode::getOwnPropertySlot):
      (WebCore::JSTestNode::getOwnPropertyDescriptor):
      (WebCore::JSTestNode::visitChildren):
      * bindings/scripts/test/JS/JSTestNode.h:
      (WebCore::JSTestNode::createStructure):
      (WebCore::JSTestNodePrototype::createStructure):
      (WebCore::JSTestNodeConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::finishCreation):
      (WebCore::JSTestObj::finishCreation):
      (WebCore::JSTestObj::getOwnPropertySlot):
      (WebCore::JSTestObj::getOwnPropertyDescriptor):
      (WebCore::JSTestObj::put):
      (WebCore::jsTestObjPrototypeFunctionVoidMethod):
      (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionByteMethod):
      (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionOctetMethod):
      (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionLongMethod):
      (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionObjMethod):
      (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg):
      (WebCore::jsTestObjPrototypeFunctionMethodReturningSequence):
      (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArg):
      (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows):
      (WebCore::jsTestObjPrototypeFunctionSerializedValue):
      (WebCore::jsTestObjPrototypeFunctionOptionsObject):
      (WebCore::jsTestObjPrototypeFunctionMethodWithException):
      (WebCore::jsTestObjPrototypeFunctionCustomMethod):
      (WebCore::jsTestObjPrototypeFunctionCustomMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionAddEventListener):
      (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoid):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateObj):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoidException):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateObjException):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces):
      (WebCore::jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalString):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefined):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullString):
      (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackAndOptionalArg):
      (WebCore::jsTestObjPrototypeFunctionConditionalMethod1):
      (WebCore::jsTestObjPrototypeFunctionConditionalMethod2):
      (WebCore::jsTestObjPrototypeFunctionConditionalMethod3):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod):
      (WebCore::jsTestObjPrototypeFunctionClassMethodWithClamp):
      (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequence):
      (WebCore::jsTestObjPrototypeFunctionStringArrayFunction):
      (WebCore::jsTestObjPrototypeFunctionDomStringListFunction):
      (WebCore::jsTestObjPrototypeFunctionGetSVGDocument):
      (WebCore::jsTestObjPrototypeFunctionConvert1):
      (WebCore::jsTestObjPrototypeFunctionConvert2):
      (WebCore::jsTestObjPrototypeFunctionConvert4):
      (WebCore::jsTestObjPrototypeFunctionConvert5):
      (WebCore::jsTestObjPrototypeFunctionMutablePointFunction):
      (WebCore::jsTestObjPrototypeFunctionImmutablePointFunction):
      (WebCore::jsTestObjPrototypeFunctionOrange):
      (WebCore::jsTestObjPrototypeFunctionStrictFunction):
      (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
      (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
      (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
      (WebCore::JSTestObj::visitChildren):
      (WebCore::toTestObj):
      * bindings/scripts/test/JS/JSTestObj.h:
      (WebCore::JSTestObj::createStructure):
      (WebCore::JSTestObjPrototype::createStructure):
      (WebCore::JSTestObjConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
      (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors):
      (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
      (WebCore::JSTestOverloadedConstructors::finishCreation):
      (WebCore::JSTestOverloadedConstructors::getOwnPropertySlot):
      (WebCore::JSTestOverloadedConstructors::getOwnPropertyDescriptor):
      (WebCore::toTestOverloadedConstructors):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
      (WebCore::JSTestOverloadedConstructors::createStructure):
      (WebCore::JSTestOverloadedConstructorsPrototype::createStructure):
      (WebCore::JSTestOverloadedConstructorsConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertyDescriptor):
      (WebCore::JSTestSerializedScriptValueInterface::put):
      (WebCore::JSTestSerializedScriptValueInterface::visitChildren):
      (WebCore::toTestSerializedScriptValueInterface):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      (WebCore::JSTestSerializedScriptValueInterface::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestTypedefs.cpp:
      (WebCore::JSTestTypedefsConstructor::finishCreation):
      (WebCore::JSTestTypedefs::finishCreation):
      (WebCore::JSTestTypedefs::getOwnPropertySlot):
      (WebCore::JSTestTypedefs::getOwnPropertyDescriptor):
      (WebCore::JSTestTypedefs::put):
      (WebCore::jsTestTypedefsPrototypeFunctionFunc):
      (WebCore::jsTestTypedefsPrototypeFunctionSetShadow):
      (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArg):
      (WebCore::jsTestTypedefsPrototypeFunctionNullableArrayArg):
      (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClamp):
      (WebCore::jsTestTypedefsPrototypeFunctionImmutablePointFunction):
      (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction):
      (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction2):
      (WebCore::jsTestTypedefsPrototypeFunctionMethodWithException):
      (WebCore::toTestTypedefs):
      * bindings/scripts/test/JS/JSTestTypedefs.h:
      (WebCore::JSTestTypedefs::createStructure):
      (WebCore::JSTestTypedefsPrototype::createStructure):
      (WebCore::JSTestTypedefsConstructor::createStructure):
      * bridge/c/CRuntimeObject.cpp:
      (JSC::Bindings::CRuntimeObject::finishCreation):
      * bridge/c/CRuntimeObject.h:
      (JSC::Bindings::CRuntimeObject::createStructure):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::createStructure):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      (JSC::Bindings::CInstance::invokeMethod):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/objc/ObjCRuntimeObject.h:
      (JSC::Bindings::ObjCRuntimeObject::createStructure):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::finishCreation):
      (ObjcInstance::invokeMethod):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
      (JSC::Bindings::callObjCFallbackObject):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtRuntimeObject::createStructure):
      (JSC::Bindings::QtInstance::getInstance):
      * bridge/qt/qt_pixmapruntime.cpp:
      (JSC::Bindings::assignToHTMLImageElement):
      (JSC::Bindings::QtPixmapRuntime::toQt):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::isJSUint8Array):
      (JSC::Bindings::isJSArray):
      (JSC::Bindings::isJSDate):
      (JSC::Bindings::isQtObject):
      (JSC::Bindings::unwrapBoxedPrimitive):
      (JSC::Bindings::convertQVariantToValue):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::finishCreation):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::createStructure):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      (JSC::callRuntimeMethod):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::createStructure):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::finishCreation):
      (JSC::Bindings::callRuntimeObject):
      (JSC::Bindings::callRuntimeConstructor):
      * bridge/runtime_object.h:
      (JSC::Bindings::RuntimeObject::createStructure):
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::getObjectID):
      (WebKit::NetscapePluginInstanceProxy::retainLocalObject):
      (WebKit::NetscapePluginInstanceProxy::releaseLocalObject):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::invokeMethod):
      * Plugins/Hosted/ProxyRuntimeObject.h:
      (WebKit::ProxyRuntimeObject::createStructure):
      * WebView/WebView.mm:
      (aeDescFromJSValue):
      
      Source/WebKit/qt: 
      
      * Api/qwebelement.cpp:
      (convertJSValueToWebElementVariant):
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (convertJSValueToNodeVariant):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154038 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      10ae2d0d
  12. 25 Jul, 2013 7 commits
    • oliver@apple.com's avatar
      fourthTier: Re-worked non-local variable resolution · 58c86752
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=117375
      
      Reviewed by Filip Pizlo.
      
      Source/JavaScriptCore:
      
      This patch has two goals:
      
      (1) Simplicity.
      
          * Net removes 15 opcodes.
          * Net removes 2,000 lines of code.
          * Removes setPair() from the DFG: All DFG nodes have 1 result register now.
      
      (2) Performance.
      
          * 2%-3% speedup on SunSpider (20% in LLInt and Baseline JIT)
          * 2% speedup on v8-spider
          * 10% speedup on js-regress-hashmap*
          * Amusing 2X speedup on js-regress-poly-stricteq
      
      The bytecode now separates the scope chain resolution opcode from the
      scope access opcode.
      
          OLD:
              get_scoped_var  r0, 1, 0
              inc             r0
              put_scoped_var  1, 0, r0
      
          NEW:
              resolve_scope   r0, x(@id0)
              get_from_scope  r1, r0, x(@id0)
              inc             r1
              put_to_scope    r0, x(@id0), r1
      
      Also, we link non-local variable resolution opcodes at CodeBlock link
      time instead of time of first opcode execution.
      
      This means that we can represent all possible non-local variable
      resolutions using just three opcodes, and any optimizations in these
      opcodes naturally apply across-the-board.
      
      * API/JSCTestRunnerUtils.cpp:
      (JSC::numberOfDFGCompiles):
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.order:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri: Build!
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpBytecode): Updated for removed things.
      
      (JSC::CodeBlock::CodeBlock): Always provide the full scope chain when
      creating a CodeBlock, so we can perform non-local variable resolution.
      
      Added code to perform linking for these opcodes. This is where we figure
      out which non-local variable resolutions are optimizable, and how.
      
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::noticeIncomingCall):
      (JSC::CodeBlock::optimizeAfterWarmUp):
      (JSC::CodeBlock::optimizeAfterLongWarmUp):
      (JSC::CodeBlock::optimizeSoon): Updated for removed things.
      
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::needsActivation):
      (JSC::GlobalCodeBlock::GlobalCodeBlock):
      (JSC::ProgramCodeBlock::ProgramCodeBlock):
      (JSC::EvalCodeBlock::EvalCodeBlock):
      (JSC::FunctionCodeBlock::FunctionCodeBlock):
      * bytecode/EvalCodeCache.h:
      (JSC::EvalCodeCache::getSlow): Updated for interface changes.
      
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFor): Treat global object access as
      optimizable even though the global object has a custom property access
      callback. This is what we've always done since, otherwise, we can't
      optimize globals. (In future, we probably want to figure out a more
      targeted policy than "any property access callback means no
      optimization".)
      
      * bytecode/GlobalResolveInfo.h: Removed.
      * bytecode/Instruction.h:
      * bytecode/Opcode.h:
      (JSC::padOpcodeName):
      
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFor): Like GetByIdStatus.
      
      * bytecode/ResolveGlobalStatus.cpp: Removed.
      * bytecode/ResolveGlobalStatus.h: Removed.
      * bytecode/ResolveOperation.h: Removed.
      
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::generateFunctionCodeBlock):
      (JSC::UnlinkedFunctionExecutable::codeBlockFor):
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h: Don't provide a scope chain to unlinked
      code blocks. Giving a scope to an unscoped compilation unit invites
      programming errors.
      
      * bytecode/Watchpoint.h:
      (JSC::WatchpointSet::addressOfIsInvalidated):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::resolveCallee):
      (JSC::BytecodeGenerator::local):
      (JSC::BytecodeGenerator::constLocal):
      (JSC::BytecodeGenerator::resolveType):
      (JSC::BytecodeGenerator::emitResolveScope):
      (JSC::BytecodeGenerator::emitGetFromScope):
      (JSC::BytecodeGenerator::emitPutToScope):
      (JSC::BytecodeGenerator::emitInstanceOf):
      (JSC::BytecodeGenerator::emitPushWithScope):
      (JSC::BytecodeGenerator::emitPopScope):
      (JSC::BytecodeGenerator::pushFinallyContext):
      (JSC::BytecodeGenerator::emitComplexPopScopes):
      (JSC::BytecodeGenerator::popTryAndEmitCatch):
      (JSC::BytecodeGenerator::emitPushNameScope):
      (JSC::BytecodeGenerator::isArgumentNumber):
      * bytecompiler/BytecodeGenerator.h:
      (JSC::Local::Local):
      (JSC::Local::operator bool):
      (JSC::Local::get):
      (JSC::Local::isReadOnly):
      (JSC::BytecodeGenerator::scopeDepth):
      (JSC::BytecodeGenerator::shouldOptimizeLocals):
      (JSC::BytecodeGenerator::canOptimizeNonLocals): Refactored the bytecode
      generator to resolve all variables within local scope, as if there
      were no non-local scope. This helps provide a separation of concerns:
      unlinked bytecode is always scope-free, and the linking stage links
      in the provided scope.
      
      * bytecompiler/NodesCodegen.cpp:
      (JSC::ResolveNode::isPure):
      (JSC::ResolveNode::emitBytecode):
      (JSC::EvalFunctionCallNode::emitBytecode):
      (JSC::FunctionCallResolveNode::emitBytecode):
      (JSC::PostfixNode::emitResolve):
      (JSC::DeleteResolveNode::emitBytecode):
      (JSC::TypeOfResolveNode::emitBytecode):
      (JSC::PrefixNode::emitResolve):
      (JSC::ReadModifyResolveNode::emitBytecode):
      (JSC::AssignResolveNode::emitBytecode):
      (JSC::ConstDeclNode::emitCodeSingle):
      (JSC::ForInNode::emitBytecode): A bunch of this codegen is no longer
      necessary, since it's redundant with the linking stage.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::executeEffects):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::cellConstantWithStructureCheck):
      (JSC::DFG::ByteCodeParser::handlePutByOffset):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::parseBlock): Updated for interface changes.
      Notably, we can reuse existing DFG nodes -- but the mapping between
      bytecode and DFG nodes has changed, and some nodes and corner cases have
      been removed.
      
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::scopedVarLoadElimination):
      (JSC::DFG::CSEPhase::varInjectionWatchpointElimination):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::scopedVarStoreElimination):
      (JSC::DFG::CSEPhase::getLocalLoadElimination):
      (JSC::DFG::CSEPhase::setLocalStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE): Added CSE for var injection
      watchpoints. Even though watchpoints are "free", they're quite common
      inside code that's subject to var injection, so I figured we'd save a
      little memory.
      
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::capabilityLevel):
      * dfg/DFGCapabilities.h: Removed detection for old forms.
      
      * dfg/DFGDriver.h:
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      * dfg/DFGGraph.h:
      * dfg/DFGJITCode.cpp:
      * dfg/DFGNode.h:
      (JSC::DFG::Node::convertToStructureTransitionWatchpoint):
      (JSC::DFG::Node::hasVarNumber):
      (JSC::DFG::Node::hasIdentifierNumberForCheck):
      (JSC::DFG::Node::hasRegisterPointer):
      (JSC::DFG::Node::hasHeapPrediction):
      * dfg/DFGNodeType.h:
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGRepatch.h:
      (JSC::DFG::dfgResetGetByID):
      (JSC::DFG::dfgResetPutByID):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation): Removed some unneeded things,
      and updated for renames.
      
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): The two primary changes here are:
      
      (1) Use a watchpoint for var injection instead of looping over the scope
      chain and checking. This is more efficient and much easier to model in
      code generation.
      
      (2) I've eliminated the notion of an optimized global assignment that
      needs to check for whether it should fire a watchpiont. Instead, we
      fire pre-emptively at the point of optimization. This removes a bunch
      of edge cases, and it seems like a more honest representation of
      the fact that our new optimization contradicts our old one.
      
      * dfg/DFGTypeCheckHoistingPhase.cpp:
      (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
      (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
      * heap/DFGCodeBlocks.cpp:
      (JSC::DFGCodeBlocks::jettison):
      * interpreter/CallFrame.h:
      (JSC::ExecState::trueCallFrame): Removed stuff that's unused now, and
      fixed the build.
      
      * interpreter/Interpreter.cpp:
      (JSC::eval):
      (JSC::getBytecodeOffsetForCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::throwException): Updated exception scope tracking
      to match the rest of our linking strategy: The unlinked bytecode compiles
      exception scope as if non-local scope did not exist, and we add in
      non-local scope at link time. This means that we can restore the right
      scope depth based on a simple number, without checking the contents of
      the scope chain.
      
      (JSC::Interpreter::execute): Make sure to establish the full scope chain
      before linking eval code. We now require the full scope chain at link
      time, in order to link non-local variable resolution opcodes.
      
      * jit/JIT.cpp:
      (JSC::JIT::JIT):
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * jit/JIT.h:
      * jit/JITArithmetic.cpp:
      (JSC::JIT::emit_op_add):
      * jit/JITCode.cpp:
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emitSlow_op_bitxor):
      (JSC::JIT::emitSlow_op_bitor):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emitSlow_op_to_primitive):
      (JSC::JIT::emit_op_strcat):
      (JSC::JIT::emitSlow_op_create_this):
      (JSC::JIT::emitSlow_op_to_this):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emitVarInjectionCheck):
      (JSC::JIT::emitResolveClosure):
      (JSC::JIT::emit_op_resolve_scope):
      (JSC::JIT::emitSlow_op_resolve_scope):
      (JSC::JIT::emitLoadWithStructureCheck):
      (JSC::JIT::emitGetGlobalProperty):
      (JSC::JIT::emitGetGlobalVar):
      (JSC::JIT::emitGetClosureVar):
      (JSC::JIT::emit_op_get_from_scope):
      (JSC::JIT::emitSlow_op_get_from_scope):
      (JSC::JIT::emitPutGlobalProperty):
      (JSC::JIT::emitPutGlobalVar):
      (JSC::JIT::emitPutClosureVar):
      (JSC::JIT::emit_op_put_to_scope):
      (JSC::JIT::emitSlow_op_put_to_scope):
      (JSC::JIT::emit_op_init_global_const):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emitVarInjectionCheck):
      (JSC::JIT::emitResolveClosure):
      (JSC::JIT::emit_op_resolve_scope):
      (JSC::JIT::emitSlow_op_resolve_scope):
      (JSC::JIT::emitLoadWithStructureCheck):
      (JSC::JIT::emitGetGlobalProperty):
      (JSC::JIT::emitGetGlobalVar):
      (JSC::JIT::emitGetClosureVar):
      (JSC::JIT::emit_op_get_from_scope):
      (JSC::JIT::emitSlow_op_get_from_scope):
      (JSC::JIT::emitPutGlobalProperty):
      (JSC::JIT::emitPutGlobalVar):
      (JSC::JIT::emitPutClosureVar):
      (JSC::JIT::emit_op_put_to_scope):
      (JSC::JIT::emitSlow_op_put_to_scope):
      (JSC::JIT::emit_op_init_global_const):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JITStubs.h: Re-wrote baseline JIT codegen for our new variable
      resolution model.
      
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntSlowPaths.cpp:
      * llint/LLIntSlowPaths.h:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm: Ditto for LLInt.
      
      * offlineasm/x86.rb: Fixed a pre-existing encoding bug for a syntactic
      form that we never used before.
      
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncToString):
      (JSC::arrayProtoFuncToLocaleString):
      (JSC::arrayProtoFuncJoin):
      (JSC::arrayProtoFuncConcat):
      (JSC::arrayProtoFuncPop):
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncReverse):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSlice):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncForEach):
      (JSC::arrayProtoFuncSome):
      (JSC::arrayProtoFuncReduce):
      (JSC::arrayProtoFuncReduceRight):
      (JSC::arrayProtoFuncIndexOf):
      (JSC::arrayProtoFuncLastIndexOf): Fixed some pre-existing bugs in
      'this' value conversion, which I made much more common by removing
      special cases in bytecode generation.
      
      These functions need to invoke toThis() because they observe the 'this'
      value. Also, toLocaleString() is specified to accept non-array 'this'
      values.
      
      (Most other host functions don't need this fix because they perform
      strict 'this' checking, which never coerces unexpected types.)
      
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getCodeBlock):
      (JSC::CodeCache::getProgramCodeBlock):
      (JSC::CodeCache::getEvalCodeBlock):
      * runtime/CodeCache.h: Don't supply a scope to the unlinked code cache.
      Unlinked code is supposed to be scope-free, so let's have the compiler
      help verify that.
      
      * runtime/CommonSlowPaths.cpp:
      (JSC::SLOW_PATH_DECL):
      * runtime/CommonSlowPaths.h:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::create):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::EvalExecutable::numVariables):
      (JSC::EvalExecutable::numberOfFunctionDecls):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecutionImpl):
      (JSC::prepareFunctionForExecutionImpl):
      (JSC::installOptimizedCode): Fiddled with executable initialization so
      that we can always generate a full scope chain before we go to link a
      code block. We need this because code block linking now depends on the
      scope chain to link non-local variable resolution opcodes.
      
      * runtime/JSActivation.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::createEvalCodeBlock):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::varInjectionWatchpoint):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncEval):
      * runtime/JSNameScope.h:
      * runtime/JSScope.cpp:
      (JSC::abstractAccess):
      (JSC::JSScope::objectAtScope):
      (JSC::JSScope::depth):
      (JSC::JSScope::resolve):
      (JSC::JSScope::abstractResolve): Updated to match changes explained above.
      
      * runtime/JSScope.h:
      (JSC::makeType):
      (JSC::needsVarInjectionChecks):
      (JSC::ResolveOp::ResolveOp):
      (JSC::ResolveModeAndType::ResolveModeAndType):
      (JSC::ResolveModeAndType::mode):
      (JSC::ResolveModeAndType::type):
      (JSC::ResolveModeAndType::operand): Removed the old variable resolution
      state machine, since it's unused now. Added logic for performing abstract
      variable resolution at link time. This is used by codeblock linking.
      
      * runtime/ObjectPrototype.cpp:
      (JSC::objectProtoFuncValueOf):
      (JSC::objectProtoFuncHasOwnProperty):
      (JSC::objectProtoFuncIsPrototypeOf):
      (JSC::objectProtoFuncDefineGetter):
      (JSC::objectProtoFuncDefineSetter):
      (JSC::objectProtoFuncLookupGetter):
      (JSC::objectProtoFuncLookupSetter):
      (JSC::objectProtoFuncPropertyIsEnumerable):
      (JSC::objectProtoFuncToLocaleString):
      (JSC::objectProtoFuncToString): Fixed some pre-existing bugs in
      'this' value conversion, which I made much more common by removing
      special cases in bytecode generation.
      
      These functions need to invoke toThis() because they observe the 'this'
      value.
      
      * runtime/StringPrototype.cpp:
      (JSC::checkObjectCoercible):
      (JSC::stringProtoFuncReplace):
      (JSC::stringProtoFuncCharAt):
      (JSC::stringProtoFuncCharCodeAt):
      (JSC::stringProtoFuncConcat):
      (JSC::stringProtoFuncIndexOf):
      (JSC::stringProtoFuncLastIndexOf):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSlice):
      (JSC::stringProtoFuncSplit):
      (JSC::stringProtoFuncSubstr):
      (JSC::stringProtoFuncSubstring):
      (JSC::stringProtoFuncToLowerCase):
      (JSC::stringProtoFuncToUpperCase):
      (JSC::stringProtoFuncLocaleCompare):
      (JSC::stringProtoFuncBig):
      (JSC::stringProtoFuncSmall):
      (JSC::stringProtoFuncBlink):
      (JSC::stringProtoFuncBold):
      (JSC::stringProtoFuncFixed):
      (JSC::stringProtoFuncItalics):
      (JSC::stringProtoFuncStrike):
      (JSC::stringProtoFuncSub):
      (JSC::stringProtoFuncSup):
      (JSC::stringProtoFuncFontcolor):
      (JSC::stringProtoFuncFontsize):
      (JSC::stringProtoFuncAnchor):
      (JSC::stringProtoFuncLink):
      (JSC::trimString): Fixed some pre-existing bugs in
      'this' value conversion, which I made much more common by removing
      special cases in bytecode generation.
      
      These functions need to invoke toThis() because they observe the 'this'
      value.
      
      * runtime/StructureRareData.cpp:
      * runtime/VM.cpp:
      (JSC::VM::~VM):
      
      * runtime/WriteBarrier.h:
      (JSC::WriteBarrierBase::slot): Modified to reduce casting in client code.
      
      LayoutTests:
      
      This patch removed special-case 'this' resolution from bytecode, making
      some pre-existing edge cases in 'this' value treatment much more common.
      
      I updated the test results below, and added some tests, to match bug
      fixes for these cases.
      
      * fast/js/script-tests/array-functions-non-arrays.js:
      * fast/js/array-functions-non-arrays-expected.txt: As specified, it's
      not an error to pass a non-array to toLocaleString. Our new result
      matches Firefox and Chrome.
      
      * fast/js/array-prototype-properties-expected.txt: Updated for slightly
      clearer error message.
      
      * fast/js/basic-strict-mode-expected.txt: Updated for slightly more
      standard error message.
      
      * fast/js/object-prototype-toString-expected.txt: Added.
      * fast/js/object-prototype-toString.html: Added. This test demonstrates
      why we now fail a Sputnik test below, while Firefox and Chrome pass it.
      (The test doesn't test what it thinks it tests, and this test verifies
      that we get right what it does think it tests.)
      
      * fast/js/string-prototype-function-this-expected.txt: Added.
      * fast/js/string-prototype-function-this.html: Added. This test shows
      that we CheckObjectCoercible in string prototype functions. (We used
      to get this wrong, but Sputnik tests made it seem like we got it right
      because they didn't test the dynamic scope case.)
      
      * sputnik/Conformance/11_Expressions/11.1_Primary_Expressions/11.1.1_The_this_Keyword/S11.1.1_A2-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.3_Array_prototype_toLocaleString/S15.4.4.3_A2_T1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.11_String.prototype.replace/S15.5.4.11_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.12_String.prototype.search/S15.5.4.12_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.13_String.prototype.slice/S15.5.4.13_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.14_String.prototype.split/S15.5.4.14_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.15_String.prototype.substring/S15.5.4.15_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.6_String.prototype.concat/S15.5.4.6_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.7_String.prototype.indexOf/S15.5.4.7_A1_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.8_String.prototype.lastIndexOf/S15.5.4.8_A1_T3-expected.txt:
      
      Updated to show failing results. Firefox and Chrome also fail these
      tests, and the ES5 spec seems to mandate failure. Because these tests
      resolve a String.prototype function at global scope, the 'this' value
      for the call is an environment record. Logically, an environment record
      converts to 'undefined' at the call site, and should then fail the
      CheckObjectCoercible test.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153221 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      58c86752
    • oliver@apple.com's avatar
      fourthTier: Recursive deadlock in DFG::ByteCodeParser · 0919f4f3
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=117376
      
      Source/JavaScriptCore:
      
      Reviewed by Mark Hahnenberg.
      
      Leave the lock early to prevent a deadlock beneath get().
      
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      
      Source/WTF:
      
      Reviewed by Mark Hahnenberg.
      
      I've often wanted to leave a lock early. Now I have that power!
      
      * wtf/Locker.h:
      (WTF::Locker::Locker):
      (WTF::Locker::~Locker):
      (Locker):
      (WTF::Locker::unlockEarly):
      (WTF::Locker::lock):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153216 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0919f4f3
    • oliver@apple.com's avatar
      fourthTier: testRunner should have a way of disabling inlining of functions · 4e67ae52
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116875
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore:
      
      * API/JSCTestRunnerUtils.cpp:
      (JSC::getExecutable):
      (JSC):
      (JSC::numberOfDFGCompiles):
      (JSC::setNeverInline):
      * API/JSCTestRunnerUtils.h:
      (JSC):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpAssumingJITType):
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::mightInlineFunctionForCall):
      (JSC::DFG::mightInlineFunctionForClosureCall):
      (JSC::DFG::mightInlineFunctionForConstruct):
      * runtime/Executable.h:
      (JSC::ScriptExecutable::ScriptExecutable):
      (ScriptExecutable):
      (JSC::ScriptExecutable::setNeverInline):
      (JSC::ScriptExecutable::neverInline):
      (JSC::ScriptExecutable::isInliningCandidate):
      
      Tools:
      
      * DumpRenderTree/TestRunner.cpp:
      (neverInlineFunction):
      (TestRunner::staticFunctions):
      
      LayoutTests:
      
      * fast/js/script-tests/dfg-min-max.js:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153191 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4e67ae52
    • oliver@apple.com's avatar
      fourthTier: testRunner should be able to tell you if a function is DFG compiled · 37172f80
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116847
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore:
      
      * API/JSCTestRunnerUtils.cpp: Added.
      (JSC):
      (JSC::numberOfDFGCompiles):
      * API/JSCTestRunnerUtils.h: Added.
      (JSC):
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::numberOfDFGCompiles):
      (JSC):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::runThread):
      * runtime/Executable.h:
      (JSC):
      * runtime/JSFunctionInlines.h: Added.
      (JSC):
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::jsExecutable):
      (JSC::JSFunction::isHostFunction):
      (JSC::JSFunction::nativeFunction):
      (JSC::JSFunction::nativeConstructor):
      * runtime/Operations.h:
      
      Source/WebCore:
      
      Bail early if we're in the compilation thread. This is only relevant for
      debug dumps.
      
      No new tests becase no new behavior.
      
      * loader/cache/CachedScript.cpp:
      (WebCore::CachedScript::script):
      
      Tools:
      
      * DumpRenderTree/TestRunner.cpp:
      (numberOfDFGCompiles):
      (TestRunner::staticFunctions):
      
      LayoutTests:
      
      * fast/js/script-tests/dfg-min-max.js:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153188 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      37172f80
    • oliver@apple.com's avatar
      fourthTier: Executable and CodeBlock should be aware of DFG::Plans that complete asynchronously · 75afc4f8
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116350
      
      Reviewed by Oliver Hunt.
      
      This refactors compilation so that:
      
      - JITStubs knows exactly what the result of compilation was. For example, if
        compilation was deferred, it will now know this.
      
      - The set of things that has to happen to install compiled code is now factored
        out into JSC::installOptimizedCode().
      
      - A bunch of the code in Executable.cpp is now made more common to reduce code
        duplication. For example, the heap heuristics stuff is now in one place.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.cpp:
      (JSC::ProgramCodeBlock::compileOptimized):
      (JSC::ProgramCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC):
      (JSC::EvalCodeBlock::compileOptimized):
      (JSC::EvalCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::FunctionCodeBlock::compileOptimized):
      (JSC::FunctionCodeBlock::replaceWithDeferredOptimizedCode):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::jitCompile):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * dfg/DFGDesiredIdentifiers.cpp:
      (JSC::DFG::DesiredIdentifiers::numberOfIdentifiers):
      (DFG):
      (JSC::DFG::DesiredIdentifiers::at):
      * dfg/DFGDesiredIdentifiers.h:
      (JSC):
      (DesiredIdentifiers):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      (JSC::DFG::tryFinalizePlan):
      (DFG):
      * dfg/DFGDriver.h:
      (DFG):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      (JSC::DFG::tryFinalizePlan):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::Graph):
      * dfg/DFGJITFinalizer.cpp:
      (JSC::DFG::JITFinalizer::finalizeCommon):
      * dfg/DFGPlan.cpp:
      (JSC::DFG::Plan::Plan):
      (JSC::DFG::Plan::compileInThread):
      (JSC::DFG::Plan::reallyAdd):
      * dfg/DFGPlan.h:
      (JSC):
      (Plan):
      (DFG):
      * ftl/FTLJITFinalizer.cpp:
      (JSC::FTL::JITFinalizer::finalizeFunction):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriateImpl):
      (JSC::jitCompileFunctionIfAppropriateImpl):
      (JSC):
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      * runtime/CompilationResult.cpp: Added.
      (WTF):
      (WTF::printInternal):
      * runtime/CompilationResult.h: Added.
      (JSC):
      (WTF):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::jitCompile):
      (JSC::EvalExecutable::compileInternal):
      (JSC::EvalExecutable::replaceWithDeferredOptimizedCode):
      (JSC):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::ProgramExecutable::replaceWithDeferredOptimizedCode):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForCall):
      (JSC::FunctionExecutable::compileForConstructInternal):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeForConstruct):
      * runtime/Executable.h:
      (ScriptExecutable):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::compileOptimizedFor):
      (JSC::FunctionExecutable::replaceWithDeferredOptimizedCodeFor):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecutionImpl):
      (JSC::prepareFunctionForExecutionImpl):
      (JSC):
      (JSC::installOptimizedCode):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      (JSC::replaceWithDeferredOptimizedCode):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153165 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      75afc4f8
    • oliver@apple.com's avatar
      fourthTier: CodeBlock should be RefCounted · 410b541c
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=115594
      
      Reviewed by Geoffrey Garen.
      
      This makes it possible to have the currently-being-compiled CodeBlock not be
      installed in Executable, while also allowing it to point to its intended
      alternative(). So long as we were using ownership and not reference counting, it
      would have been difficult to have both CodeBlock::m_alternative and
      Executable::m_codeBlockForBlah point to the previous CodeBlock.
      
      I also took the opportunity to clean up a bunch of code that appears to have
      rotted.
      
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::operator==):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::releaseAlternative):
      (JSC::CodeBlock::setAlternative):
      (CodeBlock):
      (JSC::GlobalCodeBlock::GlobalCodeBlock):
      (JSC::ProgramCodeBlock::ProgramCodeBlock):
      (JSC::EvalCodeBlock::EvalCodeBlock):
      (JSC::FunctionCodeBlock::FunctionCodeBlock):
      * heap/DFGCodeBlocks.cpp:
      (JSC::DFGCodeBlocks::~DFGCodeBlocks):
      (JSC::DFGCodeBlocks::jettison):
      (JSC::DFGCodeBlocks::deleteUnmarkedJettisonedCodeBlocks):
      * heap/DFGCodeBlocks.h:
      (DFGCodeBlocks):
      * heap/Heap.cpp:
      (JSC::Heap::jettisonDFGCodeBlock):
      * heap/Heap.h:
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC::EvalExecutable::jitCompile):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (EvalExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::codeBlockFor):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153147 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      410b541c
    • oliver@apple.com's avatar
      fourthTier: JITCode should abstract exactly how the JIT code is structured and... · 9a1ae938
      oliver@apple.com authored
      fourthTier: JITCode should abstract exactly how the JIT code is structured and where it was allocated
      https://bugs.webkit.org/show_bug.cgi?id=113437
      
      Reviewed by Mark Hahnenberg.
      
      JITCode is now a virtual base class, which will allow different JITs to have radically
      different memory allocation and management conventions in the future. It will also
      make it easier to store JIT-specific meta-data in CodeBlock just by putting it into
      an appropriate JITCode subclass.
      
      For now there is one subclass, DirectJITCode, which just behaves like JITCode used to
      behave.
      
      * assembler/RepatchBuffer.h:
      (JSC::RepatchBuffer::RepatchBuffer):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::resetStubInternal):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::codeOriginForReturn):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::setJITCode):
      (JSC::CodeBlock::getJITCode):
      (JSC::CodeBlock::getJITType):
      (CodeBlock):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGDriver.h:
      (DFG):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGJITCompiler.h:
      (JITCompiler):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::codeLocationForRepatch):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompile):
      * jit/JIT.h:
      (JSC::JIT::compile):
      (JIT):
      * jit/JITCode.cpp:
      (JSC):
      (JSC::JITCode::JITCode):
      (JSC::JITCode::~JITCode):
      (JSC::JITCode::execute):
      (JSC::JITCode::hostFunction):
      (JSC::DirectJITCode::DirectJITCode):
      (JSC::DirectJITCode::~DirectJITCode):
      (JSC::DirectJITCode::addressForCall):
      (JSC::DirectJITCode::executableAddressAtOffset):
      (JSC::DirectJITCode::dataAddressAtOffset):
      (JSC::DirectJITCode::offsetOf):
      (JSC::DirectJITCode::size):
      (JSC::DirectJITCode::contains):
      * jit/JITCode.h:
      (JSC):
      (JITCode):
      (JSC::JITCode::bottomTierJIT):
      (JSC::JITCode::topTierJIT):
      (JSC::JITCode::nextTierJIT):
      (JSC::JITCode::isOptimizingJIT):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::jitType):
      (JSC::JITCode::jitTypeFor):
      (JSC::JITCode::executableAddress):
      (JSC::JITCode::start):
      (JSC::JITCode::end):
      (DirectJITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITStubs.cpp:
      (JSC::lazyLinkFor):
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/ThunkGenerators.cpp:
      (JSC::virtualForGenerator):
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::ExecutableBase::generatedJITCodeForCall):
      (JSC::ExecutableBase::generatedJITCodeForConstruct):
      (JSC::ExecutableBase::generatedJITCodeFor):
      (ExecutableBase):
      (JSC::ExecutableBase::hostCodeEntryFor):
      (JSC::ExecutableBase::jsCodeEntryFor):
      (JSC::ExecutableBase::jsCodeWithArityCheckEntryFor):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::finishCreation):
      (JSC::EvalExecutable::generatedJITCode):
      (JSC::ProgramExecutable::generatedJITCode):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153113 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9a1ae938
  13. 09 Jul, 2013 1 commit
    • mark.lam@apple.com's avatar
      Fix 30% JSBench regression (caused by adding column numbers to stack traces). · 5b45f90a
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=118481.
      
      Reviewed by Mark Hahnenberg and Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      Previously, we already capture ExpressionRangeInfo that provides a divot for
      each bytecode that can potentially throw an exception (and therefore generate
      a stack trace). On first attempt to compute column numbers, we then do a walk
      of the source string to record all line start positions in a table associated
      with the SourceProvider. The column number can then be computed as
          divot - lineStartFor(bytecodeOffset).
      
      The computation of this lineStarts table is the source of the 30% JSBench
      performance regression.
      
      The new code now records lineStarts as the lexer and parser scans the source
      code. These lineStarts are then used to compute the column number for the
      given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture
      the line number at the divot point and store that in the ExpressionRangeInfo.
      Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo
      for the bytecodeOffset, and then compute the line and column from the values
      stored in the expression info.
      
      The strategy:
      1. We want to minimize perturbations to the lexer and parser. Specifically,
         the changes added should not change how it scans code, and generate bytecode.
      2. We regard the divot as the source character position we are interested
         in. As such, we'll capture line and lineStart (for column) at the point
         when we capture the divot information. This ensures that the 3 values are
         consistent.
      
      How the change is done:
      1. Change the lexer to track lineStarts.
      2. Change the parser to capture line and lineStarts at the point of capturing
         divots.
      3. Change the parser and associated code to plumb these values all the way to
         the point that the correspoinding ExpressionRangeInfo is emitted.
      4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the
         the necessary places so that we can add them as needed when reifying
         UnlinkedCodeBlocks into CodeBlocks.
      5. Compress the line and column number values in the ExpressionRangeInfo. In
         practice, we seldom have both large line and column numbers. Hence, we can
         encode both in an uint32_t most of the time. For the times when we encounter
         both large line and column numbers, we have a fallback to store the "fat"
         position info.
      6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column
         number coverage.
      7. Change the interpreter to use the new way of computing line and column.
      8. Delete old line and column computation code that is now unused.
      
      Misc details:
      - the old lexer was tracking both a startOffset and charPosition where
        charPosition equals startOffset - SourceCode.startOffset. We now use
        startOffset exclusively throughout the system for consistency.
        All offset values (including lineStart) are relative to the start of the
        SourceProvider string. These values will only be converted to be relative
        to the SourceCode.startOffset at the very last minute i.e. when the divot
        is stored into the ExpressionRangeInfo.
      
        This change to use the same offset system everywhere reduces confusion
        from having to convert back and forth between the 2 systems. It also
        enables a lot of assertions to be used.
      
      - Also fixed some bugs in the choice of divot positions to use. For example,
        both Eval and Function expressions previously used column numbers from
        the start of the expression but used the line number at the end of the
        expression. This is now fixed to use either the start or end positions
        as appropriate, but not a mix of line and columns from both.
      
      - Why use ints instead of unsigneds for offsets and lineStarts inside the
        lexer and parser?
        Some tests (e.g. fast/js/call-base-resolution.html and
        fast/js/eval-cross-window.html) has shown that lineStart offsets can be
        prior to the SourceCode.startOffset. Keeping the lexer offsets as ints
        simplifies computations and makes it easier to maintain the assertions
        that (startOffset >= lineStartOffset).
      
        However, column and line numbers are always unsigned when we publish
        them to the ExpressionRangeInfo. The ints are only used inside the
        lexer and parser ... well, and bytecode generator.
      
      - For all cases, lineStart is always captured where the divot is captured.
        However, some sputnik conformance tests have shown that we cannot honor
        line breaks for assignment statements like the following:
      
            eval("x\u000A*=\u000A-1;");
      
        In this case, the lineStart is expected to be captured at the start of
        the assignment expression instead of at the divot point in the middle.
        The assignment expression is the only special case for this.
      
      This patch has been tested against the full layout tests both with release
      and debug builds with no regression.
      
      * API/JSContextRef.cpp:
      (JSContextCreateBacktrace):
        - Updated to use the new StackFrame::computeLineAndColumn().
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
        - Added m_firstLineColumnOffset initialization.
        - Plumbed the firstLineColumnOffset into the SourceCode.
        - Initialized column for op_debug using the new way.
      (JSC::CodeBlock::lineNumberForBytecodeOffset):
        - Changed to compute line number using the ExpressionRangeInfo.
      (JSC::CodeBlock::columnNumberForBytecodeOffset): Added
        - Changed to compute column number using the ExpressionRangeInfo.
      (JSC::CodeBlock::expressionRangeForBytecodeOffset):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::firstLineColumnOffset):
      (JSC::GlobalCodeBlock::GlobalCodeBlock):
        - Plumbed firstLineColumnOffset through to the super class.
      (JSC::ProgramCodeBlock::ProgramCodeBlock):
        - Plumbed firstLineColumnOffset through to the super class.
      (JSC::EvalCodeBlock::EvalCodeBlock):
        - Plumbed firstLineColumnOffset through to the super class.
          But for EvalCodeBlocks, the firstLineColumnOffset is always 1
          because we're starting with a new source string with no start
          offset.
      (JSC::FunctionCodeBlock::FunctionCodeBlock):
        - Plumbed firstLineColumnOffset through to the super class.
      
      * bytecode/ExpressionRangeInfo.h:
        - Added modes for encoding line and column into a single 30-bit
          unsigned. The encoding is in 1 of 3 modes:
          1. FatLineMode: 22-bit line, 8-bit column
          2. FatColumnMode: 8-bit line, 22-bit column
          3. FatLineAndColumnMode: 32-bit line, 32-bit column
      (JSC::ExpressionRangeInfo::encodeFatLineMode): Added.
        - Encodes line and column into the 30-bit position using FatLine mode.
      (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added.
        - Encodes line and column into the 30-bit position using FatColumn mode.
      (JSC::ExpressionRangeInfo::decodeFatLineMode): Added.
        - Decodes the FatLine mode 30-bit position into line and column.
      (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added.
        - Decodes the FatColumn mode 30-bit position into line and column.
      
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
        - Plumbed startColumn through.
      (JSC::UnlinkedFunctionExecutable::link):
        - Plumbed startColumn through.
      (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset):
        - Computes a line number using the new way.
      (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset):
        - Added decoding of line and column.
        - Added handling of the case when we do not find a fitting expression
          range info for a specified bytecodeOffset. This only happens if the
          bytecodeOffset is below the first expression range info. In that
          case, we'll use the first expression range info entry.
      (JSC::UnlinkedCodeBlock::addExpressionInfo):
        - Added encoding of line and column.
      
      * bytecode/UnlinkedCodeBlock.h:
        - Added m_expressionInfoFatPositions in RareData.
      (JSC::UnlinkedFunctionExecutable::functionStartColumn):
      (JSC::UnlinkedCodeBlock::shrinkToFit):
        - Removed obsoleted m_lineInfo.
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through.
      (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through.
      (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through.
      (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through.
      (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through.
      * bytecompiler/BytecodeGenerator.h:
      (JSC::BytecodeGenerator::emitNode):
      (JSC::BytecodeGenerator::emitNodeInConditionContext):
        - Removed obsoleted m_lineInfo.
      (JSC::BytecodeGenerator::emitExpressionInfo):
        - Plumbed line and lineStart through.
        - Compute the line and column to be added to the expression range info.
      * bytecompiler/NodesCodegen.cpp:
      (JSC::ThrowableExpressionData::emitThrowReferenceError):
      (JSC::ResolveNode::emitBytecode):
      (JSC::ArrayNode::toArgumentList):
      (JSC::BracketAccessorNode::emitBytecode):
      (JSC::DotAccessorNode::emitBytecode):
      (JSC::NewExprNode::emitBytecode):
      (JSC::EvalFunctionCallNode::emitBytecode):
      (JSC::FunctionCallValueNode::emitBytecode):
      (JSC::FunctionCallResolveNode::emitBytecode):
      (JSC::FunctionCallBracketNode::emitBytecode):
      (JSC::FunctionCallDotNode::emitBytecode):
      (JSC::CallFunctionCallDotNode::emitBytecode):
      (JSC::ApplyFunctionCallDotNode::emitBytecode):
      (JSC::PostfixNode::emitResolve):
      (JSC::PostfixNode::emitBracket):
      (JSC::PostfixNode::emitDot):
      (JSC::DeleteResolveNode::emitBytecode):
      (JSC::DeleteBracketNode::emitBytecode):
      (JSC::DeleteDotNode::emitBytecode):
      (JSC::PrefixNode::emitResolve):
      (JSC::PrefixNode::emitBracket):
      (JSC::PrefixNode::emitDot):
        - Plumbed line and lineStart through the above as needed.
      
      (JSC::UnaryOpNode::emitBytecode):
        - Added emission of an ExpressionRangeInfo for the UnaryOp node.
      
      (JSC::BinaryOpNode::emitStrcat):
      (JSC::ThrowableBinaryOpNode::emitBytecode):
      (JSC::InstanceOfNode::emitBytecode):
      (JSC::emitReadModifyAssignment):
      (JSC::ReadModifyResolveNode::emitBytecode):
      (JSC::AssignResolveNode::emitBytecode):
      (JSC::AssignDotNode::emitBytecode):
      (JSC::ReadModifyDotNode::emitBytecode):
      (JSC::AssignBracketNode::emitBytecode):
      (JSC::ReadModifyBracketNode::emitBytecode):
        - Plumbed line and lineStart through the above as needed.
      
      (JSC::ConstStatementNode::emitBytecode):
      (JSC::EmptyStatementNode::emitBytecode):
      (JSC::DebuggerStatementNode::emitBytecode):
      (JSC::ExprStatementNode::emitBytecode):
      (JSC::VarStatementNode::emitBytecode):
      (JSC::IfElseNode::emitBytecode):
      (JSC::DoWhileNode::emitBytecode):
      (JSC::WhileNode::emitBytecode):
      (JSC::ForNode::emitBytecode):
      (JSC::ForInNode::emitBytecode):
      (JSC::ContinueNode::emitBytecode):
      (JSC::BreakNode::emitBytecode):
      (JSC::ReturnNode::emitBytecode):
      (JSC::WithNode::emitBytecode):
      (JSC::SwitchNode::emitBytecode):
      (JSC::LabelNode::emitBytecode):
      (JSC::ThrowNode::emitBytecode):
      (JSC::TryNode::emitBytecode):
      (JSC::ProgramNode::emitBytecode):
      (JSC::EvalNode::emitBytecode):
      (JSC::FunctionBodyNode::emitBytecode):
        - Plumbed line and lineStart through the above as needed.
      
      * interpreter/Interpreter.cpp:
      (JSC::appendSourceToError):
        - Added line and column arguments for expressionRangeForBytecodeOffset().
      (JSC::StackFrame::computeLineAndColumn):
        - Replaces StackFrame::line() and StackFrame::column().
      (JSC::StackFrame::expressionInfo):
        - Added line and column arguments.
      (JSC::StackFrame::toString):
        - Changed to use the new StackFrame::computeLineAndColumn().
      (JSC::Interpreter::getStackTrace):
        - Added the needed firstLineColumnOffset arg for the StackFrame.
      
      * interpreter/Interpreter.h:
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo):
      (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo):
      (JSC::ASTBuilder::createResolve):
      (JSC::ASTBuilder::createBracketAccess):
      (JSC::ASTBuilder::createDotAccess):
      (JSC::ASTBuilder::createRegExp):
      (JSC::ASTBuilder::createNewExpr):
      (JSC::ASTBuilder::createAssignResolve):
      (JSC::ASTBuilder::createFunctionExpr):
      (JSC::ASTBuilder::createFunctionBody):
      (JSC::ASTBuilder::createGetterOrSetterProperty):
      (JSC::ASTBuilder::createFuncDeclStatement):
      (JSC::ASTBuilder::createBlockStatement):
      (JSC::ASTBuilder::createExprStatement):
      (JSC::ASTBuilder::createIfStatement):
      (JSC::ASTBuilder::createForLoop):
      (JSC::ASTBuilder::createForInLoop):
      (JSC::ASTBuilder::createVarStatement):
      (JSC::ASTBuilder::createReturnStatement):
      (JSC::ASTBuilder::createBreakStatement):
      (JSC::ASTBuilder::createContinueStatement):
      (JSC::ASTBuilder::createTryStatement):
      (JSC::ASTBuilder::createSwitchStatement):
      (JSC::ASTBuilder::createWhileStatement):
      (JSC::ASTBuilder::createDoWhileStatement):
      (JSC::ASTBuilder::createLabelStatement):
      (JSC::ASTBuilder::createWithStatement):
      (JSC::ASTBuilder::createThrowStatement):
      (JSC::ASTBuilder::createDebugger):
      (JSC::ASTBuilder::createConstStatement):
      (JSC::ASTBuilder::appendBinaryExpressionInfo):
      (JSC::ASTBuilder::appendUnaryToken):
      (JSC::ASTBuilder::unaryTokenStackLastStart):
      (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added.
      (JSC::ASTBuilder::assignmentStackAppend):
      (JSC::ASTBuilder::createAssignment):
      (JSC::ASTBuilder::setExceptionLocation):
      (JSC::ASTBuilder::makeDeleteNode):
      (JSC::ASTBuilder::makeFunctionCallNode):
      (JSC::ASTBuilder::makeBinaryNode):
      (JSC::ASTBuilder::makeAssignNode):
      (JSC::ASTBuilder::makePrefixNode):
      (JSC::ASTBuilder::makePostfixNode):.
        - Plumbed line, lineStart, and startColumn through the above as needed.
      
      * parser/Lexer.cpp:
      (JSC::::currentSourcePtr):
      (JSC::::setCode):
        - Added tracking for sourceoffset and lineStart.
      (JSC::::internalShift):
      (JSC::::parseIdentifier):
        - Added tracking for lineStart.
      (JSC::::parseIdentifierSlowCase):
      (JSC::::parseString):
        - Added tracking for lineStart.
      (JSC::::parseStringSlowCase):
      (JSC::::lex):
        - Added tracking for sourceoffset.
      (JSC::::sourceCode):
      * parser/Lexer.h:
      (JSC::Lexer::currentOffset):
      (JSC::Lexer::currentLineStartOffset):
      (JSC::Lexer::setOffset):
        - Added tracking for lineStart.
      (JSC::Lexer::offsetFromSourcePtr): Added. conversion function.
      (JSC::Lexer::sourcePtrFromOffset): Added. conversion function.
      (JSC::Lexer::setOffsetFromSourcePtr):
      (JSC::::lexExpectIdentifier):
        - Added tracking for sourceoffset and lineStart.
      
      * parser/NodeConstructors.h:
      (JSC::Node::Node):
      (JSC::ResolveNode::ResolveNode):
      (JSC::EvalFunctionCallNode::EvalFunctionCallNode):
      (JSC::FunctionCallValueNode::FunctionCallValueNode):
      (JSC::FunctionCallResolveNode::FunctionCallResolveNode):
      (JSC::FunctionCallBracketNode::FunctionCallBracketNode):
      (JSC::FunctionCallDotNode::FunctionCallDotNode):
      (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode):
      (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode):
      (JSC::PostfixNode::PostfixNode):
      (JSC::DeleteResolveNode::DeleteResolveNode):
      (JSC::DeleteBracketNode::DeleteBracketNode):
      (JSC::DeleteDotNode::DeleteDotNode):
      (JSC::PrefixNode::PrefixNode):
      (JSC::ReadModifyResolveNode::ReadModifyResolveNode):
      (JSC::ReadModifyBracketNode::ReadModifyBracketNode):
      (JSC::AssignBracketNode::AssignBracketNode):
      (JSC::AssignDotNode::AssignDotNode):
      (JSC::ReadModifyDotNode::ReadModifyDotNode):
      (JSC::AssignErrorNode::AssignErrorNode):
      (JSC::WithNode::WithNode):
      (JSC::ForInNode::ForInNode):
        - Plumbed line and lineStart through the above as needed.
      * parser/Nodes.cpp:
      (JSC::StatementNode::setLoc): Plumbed lineStart.
      (JSC::ScopeNode::ScopeNode): Plumbed lineStart.
      (JSC::ProgramNode::ProgramNode): Plumbed startColumn.
      (JSC::ProgramNode::create): Plumbed startColumn.
      (JSC::EvalNode::create):
      (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn.
      (JSC::FunctionBodyNode::create): Plumbed startColumn.
      * parser/Nodes.h:
      (JSC::Node::startOffset):
      (JSC::Node::lineStartOffset): Added.
      (JSC::StatementNode::firstLine):
      (JSC::StatementNode::lastLine):
      (JSC::ThrowableExpressionData::ThrowableExpressionData):
      (JSC::ThrowableExpressionData::setExceptionSourceCode):
      (JSC::ThrowableExpressionData::divotStartOffset):
      (JSC::ThrowableExpressionData::divotEndOffset):
      (JSC::ThrowableExpressionData::divotLine):
      (JSC::ThrowableExpressionData::divotLineStart):
      (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData):
      (JSC::ThrowableSubExpressionData::setSubexpressionInfo):
      (JSC::ThrowableSubExpressionData::subexpressionDivot):
      (JSC::ThrowableSubExpressionData::subexpressionStartOffset):
      (JSC::ThrowableSubExpressionData::subexpressionEndOffset):
      (JSC::ThrowableSubExpressionData::subexpressionLine):
      (JSC::ThrowableSubExpressionData::subexpressionLineStart):
      (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData):
      (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo):
      (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot):
      (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset):
      (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset):
      (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine):
      (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart):
      (JSC::ScopeNode::startStartOffset):
      (JSC::ScopeNode::startLineStartOffset):
      (JSC::ProgramNode::startColumn):
      (JSC::EvalNode::startColumn):
      (JSC::FunctionBodyNode::startColumn):
        - Plumbed line and lineStart through the above as needed.
      * parser/Parser.cpp:
      (JSC::::Parser):
      (JSC::::parseSourceElements):
      (JSC::::parseVarDeclarationList):
      (JSC::::parseConstDeclarationList):
      (JSC::::parseForStatement):
      (JSC::::parseBreakStatement):
      (JSC::::parseContinueStatement):
      (JSC::::parseReturnStatement):
      (JSC::::parseThrowStatement):
      (JSC::::parseWithStatement):
        - Plumbed line and lineStart through the above as needed.
      (JSC::::parseFunctionBody):
        - Plumbed startColumn.
      (JSC::::parseFunctionInfo):
      (JSC::::parseFunctionDeclaration):
      (JSC::LabelInfo::LabelInfo):
      (JSC::::parseExpressionOrLabelStatement):
      (JSC::::parseAssignmentExpression):
      (JSC::::parseBinaryExpression):
      (JSC::::parseProperty):
      (JSC::::parseObjectLiteral):
      (JSC::::parsePrimaryExpression):
      (JSC::::parseMemberExpression):
      (JSC::::parseUnaryExpression):
        - Plumbed line, lineStart, startColumn through the above as needed.
      * parser/Parser.h:
      (JSC::Parser::next):
      (JSC::Parser::nextExpectIdentifier):
      (JSC::Parser::tokenStart):
      (JSC::Parser::tokenColumn):
      (JSC::Parser::tokenEnd):
      (JSC::Parser::tokenLineStart):
      (JSC::Parser::lastTokenLine):
      (JSC::Parser::lastTokenLineStart):
      (JSC::::parse):
      * parser/ParserTokens.h:
      (JSC::JSTokenLocation::JSTokenLocation):
        - Plumbed lineStart.
      (JSC::JSTokenLocation::lineStartPosition):
      (JSC::JSTokenLocation::startPosition):
      (JSC::JSTokenLocation::endPosition):
      * parser/SourceCode.h:
      (JSC::SourceCode::SourceCode):
      (JSC::SourceCode::startColumn):
      (JSC::makeSource):
      (JSC::SourceCode::subExpression):
      * parser/SourceProvider.cpp: delete old code.
      * parser/SourceProvider.h: delete old code.
      * parser/SourceProviderCacheItem.h:
      (JSC::SourceProviderCacheItem::closeBraceToken):
      (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
        - Plumbed lineStart.
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::makeFunctionCallNode):
      (JSC::SyntaxChecker::makeAssignNode):
      (JSC::SyntaxChecker::makePrefixNode):
      (JSC::SyntaxChecker::makePostfixNode):
      (JSC::SyntaxChecker::makeDeleteNode):
      (JSC::SyntaxChecker::createResolve):
      (JSC::SyntaxChecker::createBracketAccess):
      (JSC::SyntaxChecker::createDotAccess):
      (JSC::SyntaxChecker::createRegExp):
      (JSC::SyntaxChecker::createNewExpr):
      (JSC::SyntaxChecker::createAssignResolve):
      (JSC::SyntaxChecker::createFunctionExpr):
      (JSC::SyntaxChecker::createFunctionBody):
      (JSC::SyntaxChecker::createFuncDeclStatement):
      (JSC::SyntaxChecker::createForInLoop):
      (JSC::SyntaxChecker::createReturnStatement):
      (JSC::SyntaxChecker::createBreakStatement):
      (JSC::SyntaxChecker::createContinueStatement):
      (JSC::SyntaxChecker::createWithStatement):
      (JSC::SyntaxChecker::createLabelStatement):
      (JSC::SyntaxChecker::createThrowStatement):
      (JSC::SyntaxChecker::createGetterOrSetterProperty):
      (JSC::SyntaxChecker::appendBinaryExpressionInfo):
      (JSC::SyntaxChecker::operatorStackPop):
        - Made SyntaxChecker prototype changes to match ASTBuilder due to new
          args added for plumbing line, lineStart, and startColumn.
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::generateBytecode):
      (JSC::CodeCache::getCodeBlock):
        - Plumbed startColumn.
      * runtime/Executable.cpp:
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::fromGlobalCode):
        - Plumbed startColumn.
      * runtime/Executable.h:
      (JSC::ScriptExecutable::startColumn):
      (JSC::ScriptExecutable::recordParse):
      (JSC::FunctionExecutable::create):
        - Plumbed startColumn.
      
      Source/WebCore: 
      
      Test: fast/js/line-column-numbers.html
      
      Updated the bindings to use StackFrame::computeLineAndColumn(). The old
      StackFrame::line() and StackFrame::column() has been removed. The new
      algorithm always computes the 2 values together anyway. Hence it is more
      efficient to return them as a pair instead of doing the same computation
      twice for each half of the result.
      
      * bindings/js/ScriptCallStackFactory.cpp:
      (WebCore::createScriptCallStack):
      (WebCore::createScriptCallStackFromException):
      * bindings/js/ScriptSourceCode.h:
      (WebCore::ScriptSourceCode::ScriptSourceCode):
      
      LayoutTests: 
      
      The fix now computes line and column numbers more accurately. As a result,
      some of the test results need to be re-baselined. Among other fixes, one
      major source of difference is that the old code was incorrectly computing
      0-based column numbers. This has now been fixed to be 1-based.
      Note: line numbers were always 1-based.
      
      Also added a new test: fast/js/line-column-numbers.html, which tests line
      and column numbers for source code in various configurations.
      
      * editing/execCommand/outdent-blockquote-test1-expected.txt:
      * editing/execCommand/outdent-blockquote-test2-expected.txt:
      * editing/execCommand/outdent-blockquote-test3-expected.txt:
      * editing/execCommand/outdent-blockquote-test4-expected.txt:
      * editing/pasteboard/copy-paste-float-expected.txt:
      * editing/pasteboard/paste-blockquote-before-blockquote-expected.txt:
      * editing/pasteboard/paste-double-nested-blockquote-before-blockquote-expected.txt:
      * fast/dom/Window/window-resize-contents-expected.txt:
      * fast/events/remove-target-with-shadow-in-drag-expected.txt:
      * fast/js/line-column-numbers-expected.txt: Added.
      * fast/js/line-column-numbers.html: Added.
      * fast/js/script-tests/line-column-numbers.js: Added.
      (try.doThrow4b):
      (doThrow5b.try.innerFunc):
      (doThrow5b):
      (doThrow6b.try.innerFunc):
      (doThrow6b):
      (catch):
      (try.doThrow11b):
      (try.doThrow14b):
      * fast/js/stack-trace-expected.txt:
      * inspector/console/console-url-line-column-expected.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@152494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5b45f90a
  14. 09 May, 2013 1 commit
    • oliver@apple.com's avatar
      Code cache stores bogus var references for functions in eval code · 0c14001a
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=115747
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore:
      
      Non-global eval now uses a per-CodeBlock cache, and only use it
      when we're at the top of a function's scope.  This means that we
      will no longer cache the parsing of a single string across
      multiple functions, and we won't cache when we're nested inside
      constructs like |with| and |catch| where previously we would, which
      is good because caching in those cases is unsound.
      
      * bytecode/EvalCodeCache.h:
      (JSC):
      (JSC::EvalCodeCache::getSlow):
      (JSC::EvalCodeCache::get):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedCodeBlock::codeCacheForEval):
      (UnlinkedCodeBlock):
      (RareData):
      * debugger/Debugger.cpp:
      (JSC::evaluateInGlobalCallFrame):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::evaluate):
      * interpreter/Interpreter.cpp:
      (JSC::eval):
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::CodeCache):
      (JSC::CodeCache::generateBytecode):
      (JSC):
      (JSC::CodeCache::getCodeBlock):
      * runtime/CodeCache.h:
      (JSC::CodeCacheMap::CodeCacheMap):
      (CodeCacheMap):
      (JSC::CodeCacheMap::canPruneQuickly):
      (JSC::CodeCacheMap::prune):
      (JSC::CodeCache::create):
      (CodeCache):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::EvalExecutable):
      (JSC::EvalExecutable::compileInternal):
      * runtime/Executable.h:
      (JSC::EvalExecutable::create):
      (EvalExecutable):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::createEvalCodeBlock):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncEval):
      * runtime/VM.cpp:
      (JSC::VM::VM):
      * runtime/VM.h:
      (VM):
      
      LayoutTests:
      
      Many tests
      
      * fast/js/eval-cache-scoped-lookup-expected.txt: Added.
      * fast/js/eval-cache-scoped-lookup.html: Added.
      * fast/js/script-tests/eval-cache-scoped-lookup.js: Added.
      (first):
      (a.string_appeared_here.second):
      (third):
      (fifth):
      (sixth):
      (seventh):
      (eighth):
      (nineth):
      (tenth):
      (eleventh):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149836 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0c14001a
  15. 18 Apr, 2013 1 commit
    • ggaren@apple.com's avatar
      Renamed JSGlobalData to VM · 9a9a4b52
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114777
      
      Reviewed by Phil Pizlo.
      
      ../JavaScriptCore: 
      
      * API/APICast.h:
      (JSC):
      (toJS):
      (toRef):
      * API/APIShims.h:
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
      (APIEntryShimWithoutLock):
      (JSC::APIEntryShim::APIEntryShim):
      (APIEntryShim):
      (JSC::APIEntryShim::~APIEntryShim):
      (JSC::APICallbackShim::APICallbackShim):
      (JSC::APICallbackShim::~APICallbackShim):
      (APICallbackShim):
      * API/JSAPIWrapperObject.h:
      (JSAPIWrapperObject):
      * API/JSAPIWrapperObject.mm:
      (JSC::::createStructure):
      (JSC::JSAPIWrapperObject::JSAPIWrapperObject):
      (JSC::JSAPIWrapperObject::finishCreation):
      (JSC::JSAPIWrapperObject::visitChildren):
      * API/JSBase.cpp:
      (JSGarbageCollect):
      (JSReportExtraMemoryCost):
      (JSSynchronousGarbageCollectForDebugging):
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::JSCallbackConstructor):
      (JSC::JSCallbackConstructor::finishCreation):
      * API/JSCallbackConstructor.h:
      (JSC::JSCallbackConstructor::createStructure):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      (JSC::JSCallbackFunction::create):
      * API/JSCallbackFunction.h:
      (JSCallbackFunction):
      (JSC::JSCallbackFunction::createStructure):
      * API/JSCallbackObject.cpp:
      (JSC::::create):
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObjectData::setPrivateProperty):
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
      (JSCallbackObject):
      (JSC::JSCallbackObject::setPrivateProperty):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::JSCallbackObject):
      (JSC::::finishCreation):
      (JSC::::put):
      (JSC::::staticFunctionGetter):
      * API/JSClassRef.cpp:
      (OpaqueJSClassContextData::OpaqueJSClassContextData):
      (OpaqueJSClass::contextData):
      (OpaqueJSClass::prototype):
      * API/JSClassRef.h:
      (OpaqueJSClassContextData):
      * API/JSContext.mm:
      (-[JSContext setException:]):
      (-[JSContext initWithGlobalContextRef:]):
      (+[JSContext contextWithGlobalContextRef:]):
      * API/JSContextRef.cpp:
      (JSContextGroupCreate):
      (JSContextGroupRelease):
      (JSGlobalContextCreate):
      (JSGlobalContextCreateInGroup):
      (JSGlobalContextRetain):
      (JSGlobalContextRelease):
      (JSContextGetGroup):
      (JSContextCreateBacktrace):
      * API/JSObjectRef.cpp:
      (JSObjectMake):
      (JSObjectMakeConstructor):
      (JSObjectMakeFunction):
      (JSObjectSetPrototype):
      (JSObjectHasProperty):
      (JSObjectGetProperty):
      (JSObjectSetProperty):
      (JSObjectDeleteProperty):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      (OpaqueJSPropertyNameArray::OpaqueJSPropertyNameArray):
      (OpaqueJSPropertyNameArray):
      (JSObjectCopyPropertyNames):
      (JSPropertyNameArrayRelease):
      (JSPropertyNameAccumulatorAddName):
      * API/JSScriptRef.cpp:
      (OpaqueJSScript::create):
      (OpaqueJSScript::vm):
      (OpaqueJSScript::OpaqueJSScript):
      (OpaqueJSScript):
      (parseScript):
      * API/JSVirtualMachine.mm:
      (scanExternalObjectGraph):
      * API/JSVirtualMachineInternal.h:
      (JSC):
      * API/JSWrapperMap.mm:
      (makeWrapper):
      * API/ObjCCallbackFunction.h:
      (JSC::ObjCCallbackFunction::createStructure):
      * API/ObjCCallbackFunction.mm:
      (JSC::ObjCCallbackFunction::create):
      * API/OpaqueJSString.cpp:
      (OpaqueJSString::identifier):
      * API/OpaqueJSString.h:
      (JSC):
      (OpaqueJSString):
      * GNUmakefile.list.am:
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.order:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * KeywordLookupGenerator.py:
      (Trie.printSubTreeAsC):
      * Target.pri:
      * assembler/ARMAssembler.cpp:
      (JSC::ARMAssembler::executableCopy):
      * assembler/ARMAssembler.h:
      (ARMAssembler):
      * assembler/AssemblerBuffer.h:
      (JSC::AssemblerBuffer::executableCopy):
      * assembler/AssemblerBufferWithConstantPool.h:
      (JSC::AssemblerBufferWithConstantPool::executableCopy):
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::linkCode):
      * assembler/LinkBuffer.h:
      (JSC):
      (JSC::LinkBuffer::LinkBuffer):
      (LinkBuffer):
      * assembler/MIPSAssembler.h:
      (JSC::MIPSAssembler::executableCopy):
      * assembler/SH4Assembler.h:
      (JSC::SH4Assembler::executableCopy):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::executableCopy):
      (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
      * bytecode/CallLinkInfo.cpp:
      (JSC::CallLinkInfo::unlink):
      * bytecode/CallLinkInfo.h:
      (CallLinkInfo):
      * bytecode/CodeBlock.cpp:
      (JSC::dumpStructure):
      (JSC::CodeBlock::printStructures):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::visitStructures):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::createActivation):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::findClosureCallForReturnPC):
      (JSC::ProgramCodeBlock::jettisonImpl):
      (JSC::EvalCodeBlock::jettisonImpl):
      (JSC::FunctionCodeBlock::jettisonImpl):
      (JSC::CodeBlock::predictedMachineCodeSize):
      (JSC::CodeBlock::usesOpcode):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::appendWeakReference):
      (JSC::CodeBlock::appendWeakReferenceTransition):
      (JSC::CodeBlock::setJITCode):
      (JSC::CodeBlock::setGlobalData):
      (JSC::CodeBlock::vm):
      (JSC::CodeBlock::valueProfileForBytecodeOffset):
      (JSC::CodeBlock::addConstant):
      (JSC::CodeBlock::setConstantRegisters):
      (CodeBlock):
      (JSC::CodeBlock::WeakReferenceTransition::WeakReferenceTransition):
      * bytecode/EvalCodeCache.h:
      (JSC::EvalCodeCache::getSlow):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC::Instruction::Instruction):
      * bytecode/ObjectAllocationProfile.h:
      (JSC::ObjectAllocationProfile::initialize):
      (JSC::ObjectAllocationProfile::possibleDefaultPropertyCount):
      * bytecode/PolymorphicAccessStructureList.h:
      (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
      (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
      * bytecode/PolymorphicPutByIdList.h:
      (JSC::PutByIdAccess::transition):
      (JSC::PutByIdAccess::replace):
      * bytecode/PreciseJumpTargets.cpp:
      (JSC::computePreciseJumpTargets):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (JSC):
      (PutByIdStatus):
      * bytecode/ResolveGlobalStatus.cpp:
      (JSC::computeForStructure):
      * bytecode/SamplingTool.cpp:
      (JSC::SamplingTool::notifyOfScope):
      * bytecode/SamplingTool.h:
      (JSC::ScriptSampleRecord::ScriptSampleRecord):
      (SamplingTool):
      * bytecode/StructureStubInfo.h:
      (JSC::StructureStubInfo::initGetByIdSelf):
      (JSC::StructureStubInfo::initGetByIdProto):
      (JSC::StructureStubInfo::initGetByIdChain):
      (JSC::StructureStubInfo::initPutByIdTransition):
      (JSC::StructureStubInfo::initPutByIdReplace):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::generateFunctionCodeBlock):
      (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
      (JSC::UnlinkedFunctionExecutable::link):
      (JSC::UnlinkedFunctionExecutable::fromGlobalCode):
      (JSC::UnlinkedFunctionExecutable::codeBlockFor):
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::create):
      (UnlinkedFunctionExecutable):
      (JSC::UnlinkedFunctionExecutable::finishCreation):
      (JSC::UnlinkedFunctionExecutable::createStructure):
      (JSC::UnlinkedCodeBlock::addRegExp):
      (JSC::UnlinkedCodeBlock::addConstant):
      (JSC::UnlinkedCodeBlock::addFunctionDecl):
      (JSC::UnlinkedCodeBlock::addFunctionExpr):
      (JSC::UnlinkedCodeBlock::vm):
      (UnlinkedCodeBlock):
      (JSC::UnlinkedCodeBlock::finishCreation):
      (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock):
      (JSC::UnlinkedProgramCodeBlock::create):
      (JSC::UnlinkedProgramCodeBlock::addFunctionDeclaration):
      (JSC::UnlinkedProgramCodeBlock::UnlinkedProgramCodeBlock):
      (JSC::UnlinkedProgramCodeBlock::createStructure):
      (JSC::UnlinkedEvalCodeBlock::create):
      (JSC::UnlinkedEvalCodeBlock::UnlinkedEvalCodeBlock):
      (JSC::UnlinkedEvalCodeBlock::createStructure):
      (JSC::UnlinkedFunctionCodeBlock::create):
      (JSC::UnlinkedFunctionCodeBlock::UnlinkedFunctionCodeBlock):
      (JSC::UnlinkedFunctionCodeBlock::createStructure):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::addConstant):
      (JSC::BytecodeGenerator::emitLoad):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::addStringConstant):
      (JSC::BytecodeGenerator::expectedFunctionForIdentifier):
      (JSC::BytecodeGenerator::emitThrowReferenceError):
      (JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      (JSC::BytecodeGenerator::vm):
      (JSC::BytecodeGenerator::propertyNames):
      (JSC::BytecodeGenerator::makeFunction):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::RegExpNode::emitBytecode):
      (JSC::ArrayNode::toArgumentList):
      (JSC::ApplyFunctionCallDotNode::emitBytecode):
      (JSC::InstanceOfNode::emitBytecode):
      * debugger/Debugger.cpp:
      (JSC::Debugger::recompileAllJSFunctions):
      (JSC::evaluateInGlobalCallFrame):
      * debugger/Debugger.h:
      (JSC):
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::DebuggerActivation):
      (JSC::DebuggerActivation::finishCreation):
      * debugger/DebuggerActivation.h:
      (JSC::DebuggerActivation::create):
      (JSC::DebuggerActivation::createStructure):
      (DebuggerActivation):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::evaluate):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::executeEffects):
      * dfg/DFGAssemblyHelpers.h:
      (JSC::DFG::AssemblyHelpers::AssemblyHelpers):
      (JSC::DFG::AssemblyHelpers::vm):
      (JSC::DFG::AssemblyHelpers::debugCall):
      (JSC::DFG::AssemblyHelpers::emitExceptionCheck):
      (AssemblyHelpers):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGByteCodeParser.h:
      (JSC):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::CCallHelpers):
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::canHandleOpcodes):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::foldConstants):
      * dfg/DFGDisassembler.cpp:
      (JSC::DFG::Disassembler::reportToProfiler):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGDriver.h:
      (JSC):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
      (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::Graph):
      * dfg/DFGGraph.h:
      (Graph):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::JITCompiler):
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGJITCompiler.h:
      (JSC):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      (JSC::DFG::operationPutByValInternal):
      (JSC::getHostCallReturnValueWithExecState):
      * dfg/DFGPhase.h:
      (JSC::DFG::Phase::vm):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::tryBuildGetByIDProtoList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryCachePutByID):
      (JSC::DFG::tryBuildPutByIdList):
      (JSC::DFG::linkSlowFor):
      (JSC::DFG::dfgLinkFor):
      (JSC::DFG::dfgLinkSlowFor):
      (JSC::DFG::dfgLinkClosureCall):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::typedArrayDescriptor):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
      (JSC::DFG::SpeculativeJIT::compileFromCharCode):
      (JSC::DFG::SpeculativeJIT::compileMakeRope):
      (JSC::DFG::SpeculativeJIT::compileStringEquality):
      (JSC::DFG::SpeculativeJIT::compileToStringOnCell):
      (JSC::DFG::SpeculativeJIT::speculateObject):
      (JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
      (JSC::DFG::SpeculativeJIT::speculateString):
      (JSC::DFG::SpeculativeJIT::speculateStringOrStringObject):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::prepareForExternalCall):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
      (JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGThunks.cpp:
      (JSC::DFG::osrExitGenerationThunkGenerator):
      (JSC::DFG::throwExceptionFromCallSlowPathGenerator):
      (JSC::DFG::slowPathFor):
      (JSC::DFG::linkForThunkGenerator):
      (JSC::DFG::linkCallThunkGenerator):
      (JSC::DFG::linkConstructThunkGenerator):
      (JSC::DFG::linkClosureCallThunkGenerator):
      (JSC::DFG::virtualForThunkGenerator):
      (JSC::DFG::virtualCallThunkGenerator):
      (JSC::DFG::virtualConstructThunkGenerator):
      * dfg/DFGThunks.h:
      (JSC):
      (DFG):
      * heap/BlockAllocator.h:
      (JSC):
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::tryAllocateSlowCase):
      (JSC::CopiedSpace::tryReallocate):
      * heap/CopiedSpaceInlines.h:
      (JSC::CopiedSpace::tryAllocate):
      * heap/GCThreadSharedData.cpp:
      (JSC::GCThreadSharedData::GCThreadSharedData):
      (JSC::GCThreadSharedData::reset):
      * heap/GCThreadSharedData.h:
      (JSC):
      (GCThreadSharedData):
      * heap/HandleSet.cpp:
      (JSC::HandleSet::HandleSet):
      (JSC::HandleSet::~HandleSet):
      (JSC::HandleSet::grow):
      * heap/HandleSet.h:
      (JSC):
      (HandleSet):
      (JSC::HandleSet::vm):
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC):
      (JSC::Heap::lastChanceToFinalize):
      (JSC::Heap::protect):
      (JSC::Heap::unprotect):
      (JSC::Heap::stack):
      (JSC::Heap::getConservativeRegisterRoots):
      (JSC::Heap::markRoots):
      (JSC::Heap::deleteAllCompiledCode):
      (JSC::Heap::collect):
      (JSC::Heap::isValidAllocation):
      * heap/Heap.h:
      (JSC):
      (Heap):
      (JSC::Heap::vm):
      * heap/HeapTimer.cpp:
      (JSC::HeapTimer::HeapTimer):
      (JSC::HeapTimer::timerDidFire):
      (JSC::HeapTimer::timerEvent):
      * heap/HeapTimer.h:
      (JSC):
      (HeapTimer):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::IncrementalSweeper):
      (JSC::IncrementalSweeper::sweepNextBlock):
      (JSC::IncrementalSweeper::willFinishSweeping):
      (JSC::IncrementalSweeper::create):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/Local.h:
      (Local):
      (JSC::::Local):
      (JSC::LocalStack::LocalStack):
      (JSC::LocalStack::push):
      (LocalStack):
      * heap/LocalScope.h:
      (JSC):
      (LocalScope):
      (JSC::LocalScope::LocalScope):
      * heap/MachineStackMarker.cpp:
      (JSC::MachineThreads::addCurrentThread):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::allocateSlowCase):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::vm):
      * heap/SlotVisitor.cpp:
      (JSC::SlotVisitor::SlotVisitor):
      (JSC::SlotVisitor::setup):
      * heap/Strong.h:
      (JSC):
      (Strong):
      (JSC::Strong::operator=):
      * heap/StrongInlines.h:
      (JSC::::Strong):
      (JSC::::set):
      * heap/SuperRegion.h:
      (JSC):
      * heap/WeakSet.cpp:
      * heap/WeakSet.h:
      (WeakSet):
      (JSC::WeakSet::WeakSet):
      (JSC::WeakSet::vm):
      * interpreter/AbstractPC.cpp:
      (JSC::AbstractPC::AbstractPC):
      * interpreter/AbstractPC.h:
      (JSC):
      (AbstractPC):
      * interpreter/CachedCall.h:
      (JSC::CachedCall::CachedCall):
      * interpreter/CallFrame.h:
      (ExecState):
      (JSC::ExecState::clearException):
      (JSC::ExecState::clearSupplementaryExceptionInfo):
      (JSC::ExecState::exception):
      (JSC::ExecState::hadException):
      (JSC::ExecState::propertyNames):
      (JSC::ExecState::emptyList):
      (JSC::ExecState::interpreter):
      (JSC::ExecState::heap):
      (JSC::ExecState::arrayConstructorTable):
      (JSC::ExecState::arrayPrototypeTable):
      (JSC::ExecState::booleanPrototypeTable):
      (JSC::ExecState::dateTable):
      (JSC::ExecState::dateConstructorTable):
      (JSC::ExecState::errorPrototypeTable):
      (JSC::ExecState::globalObjectTable):
      (JSC::ExecState::jsonTable):
      (JSC::ExecState::mathTable):
      (JSC::ExecState::numberConstructorTable):
      (JSC::ExecState::numberPrototypeTable):
      (JSC::ExecState::objectConstructorTable):
      (JSC::ExecState::privateNamePrototypeTable):
      (JSC::ExecState::regExpTable):
      (JSC::ExecState::regExpConstructorTable):
      (JSC::ExecState::regExpPrototypeTable):
      (JSC::ExecState::stringConstructorTable):
      (JSC::ExecState::abstractReturnPC):
      * interpreter/CallFrameClosure.h:
      (CallFrameClosure):
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::eval):
      (JSC::loadVarargs):
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::dumpRegisters):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::appendSourceToError):
      (JSC::getCallerInfo):
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::addStackTraceIfNecessary):
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      (JSC::Interpreter::retrieveArgumentsFromVMCode):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      * interpreter/Interpreter.h:
      (JSC):
      (JSC::TopCallFrameSetter::TopCallFrameSetter):
      (JSC::TopCallFrameSetter::~TopCallFrameSetter):
      (TopCallFrameSetter):
      (JSC::NativeCallFrameTracer::NativeCallFrameTracer):
      (Interpreter):
      * interpreter/JSStack.cpp:
      (JSC::JSStack::JSStack):
      * interpreter/JSStack.h:
      (JSC):
      * jit/ClosureCallStubRoutine.cpp:
      (JSC::ClosureCallStubRoutine::ClosureCallStubRoutine):
      * jit/ClosureCallStubRoutine.h:
      (ClosureCallStubRoutine):
      * jit/ExecutableAllocator.cpp:
      (JSC::ExecutableAllocator::ExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * jit/ExecutableAllocator.h:
      (JSC):
      (ExecutableAllocator):
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::ExecutableAllocator::ExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * jit/GCAwareJITStubRoutine.cpp:
      (JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine):
      (JSC::MarkingGCAwareJITStubRoutineWithOneObject::MarkingGCAwareJITStubRoutineWithOneObject):
      (JSC::createJITStubRoutine):
      * jit/GCAwareJITStubRoutine.h:
      (GCAwareJITStubRoutine):
      (MarkingGCAwareJITStubRoutineWithOneObject):
      (JSC):
      * jit/JIT.cpp:
      (JSC::JIT::JIT):
      (JSC::JIT::privateCompile):
      (JSC::JIT::linkFor):
      (JSC::JIT::linkSlowCall):
      * jit/JIT.h:
      (JSC::JIT::compile):
      (JSC::JIT::compileClosureCall):
      (JSC::JIT::compileGetByIdProto):
      (JSC::JIT::compileGetByIdSelfList):
      (JSC::JIT::compileGetByIdProtoList):
      (JSC::JIT::compileGetByIdChainList):
      (JSC::JIT::compileGetByIdChain):
      (JSC::JIT::compilePutByIdTransition):
      (JSC::JIT::compileGetByVal):
      (JSC::JIT::compilePutByVal):
      (JSC::JIT::compileCTINativeCall):
      (JSC::JIT::compilePatchGetArrayLength):
      (JIT):
      * jit/JITCall.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      (JSC::JIT::privateCompileClosureCall):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      (JSC::JIT::privateCompileClosureCall):
      * jit/JITCode.h:
      (JSC):
      (JSC::JITCode::execute):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      (JSC::jitThrow):
      * jit/JITExceptions.h:
      (JSC):
      * jit/JITInlines.h:
      (JSC::JIT::emitLoadCharacterString):
      (JSC::JIT::updateTopCallFrame):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emit_op_catch):
      (JSC::JIT::emit_op_convert_this):
      (JSC::JIT::emitSlow_op_convert_this):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emitSlow_op_eq):
      (JSC::JIT::emitSlow_op_neq):
      (JSC::JIT::compileOpStrictEq):
      (JSC::JIT::emit_op_catch):
      (JSC::JIT::emit_op_convert_this):
      (JSC::JIT::emitSlow_op_convert_this):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITStubs.cpp:
      (JSC::ctiTrampoline):
      (JSC):
      (JSC::performPlatformSpecificJITAssertions):
      (JSC::tryCachePutByID):
      (JSC::tryCacheGetByID):
      (JSC::returnToThrowTrampoline):
      (JSC::throwExceptionFromOpCall):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::getPolymorphicAccessStructureListSlot):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      (JSC::putByVal):
      * jit/JITStubs.h:
      (JSC):
      (JITStackFrame):
      * jit/JITThunks.cpp:
      (JSC::JITThunks::ctiNativeCall):
      (JSC::JITThunks::ctiNativeConstruct):
      (JSC::JITThunks::ctiStub):
      (JSC::JITThunks::hostFunctionStub):
      * jit/JITThunks.h:
      (JSC):
      (JITThunks):
      * jit/JITWriteBarrier.h:
      (JSC):
      (JSC::JITWriteBarrierBase::set):
      (JSC::JITWriteBarrier::set):
      * jit/SpecializedThunkJIT.h:
      (JSC::SpecializedThunkJIT::loadJSStringArgument):
      (JSC::SpecializedThunkJIT::finalize):
      * jit/ThunkGenerator.h:
      (JSC):
      * jit/ThunkGenerators.cpp:
      (JSC::generateSlowCaseFor):
      (JSC::linkForGenerator):
      (JSC::linkCallGenerator):
      (JSC::linkConstructGenerator):
      (JSC::linkClosureCallGenerator):
      (JSC::virtualForGenerator):
      (JSC::virtualCallGenerator):
      (JSC::virtualConstructGenerator):
      (JSC::stringLengthTrampolineGenerator):
      (JSC::nativeForGenerator):
      (JSC::nativeCallGenerator):
      (JSC::nativeConstructGenerator):
      (JSC::stringCharLoad):
      (JSC::charToString):
      (JSC::charCodeAtThunkGenerator):
      (JSC::charAtThunkGenerator):
      (JSC::fromCharCodeThunkGenerator):
      (JSC::sqrtThunkGenerator):
      (JSC::floorThunkGenerator):
      (JSC::ceilThunkGenerator):
      (JSC::roundThunkGenerator):
      (JSC::expThunkGenerator):
      (JSC::logThunkGenerator):
      (JSC::absThunkGenerator):
      (JSC::powThunkGenerator):
      * jit/ThunkGenerators.h:
      (JSC):
      * jsc.cpp:
      (GlobalObject):
      (GlobalObject::create):
      (GlobalObject::createStructure):
      (GlobalObject::finishCreation):
      (GlobalObject::addFunction):
      (GlobalObject::addConstructableFunction):
      (functionDumpCallFrame):
      (functionJSCStack):
      (functionReleaseExecutableMemory):
      (functionRun):
      (main):
      (runWithScripts):
      (jscmain):
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntData.h:
      (JSC):
      (Data):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntOffsetsExtractor.cpp:
      * llint/LLIntSlowPaths.cpp:
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      * llint/LLIntThunks.cpp:
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h:
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/cloop.rb:
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::ASTBuilder):
      (JSC::ASTBuilder::createSourceElements):
      (JSC::ASTBuilder::createCommaExpr):
      (JSC::ASTBuilder::createLogicalNot):
      (JSC::ASTBuilder::createUnaryPlus):
      (JSC::ASTBuilder::createVoid):
      (JSC::ASTBuilder::thisExpr):
      (JSC::ASTBuilder::createResolve):
      (JSC::ASTBuilder::createObjectLiteral):
      (JSC::ASTBuilder::createArray):
      (JSC::ASTBuilder::createNumberExpr):
      (JSC::ASTBuilder::createString):
      (JSC::ASTBuilder::createBoolean):
      (JSC::ASTBuilder::createNull):
      (JSC::ASTBuilder::createBracketAccess):
      (JSC::ASTBuilder::createDotAccess):
      (JSC::ASTBuilder::createRegExp):
      (JSC::ASTBuilder::createNewExpr):
      (JSC::ASTBuilder::createConditionalExpr):
      (JSC::ASTBuilder::createAssignResolve):
      (JSC::ASTBuilder::createFunctionExpr):
      (JSC::ASTBuilder::createFunctionBody):
      (JSC::ASTBuilder::createGetterOrSetterProperty):
      (JSC::ASTBuilder::createArguments):
      (JSC::ASTBuilder::createArgumentsList):
      (JSC::ASTBuilder::createProperty):
      (JSC::ASTBuilder::createPropertyList):
      (JSC::ASTBuilder::createElementList):
      (JSC::ASTBuilder::createFormalParameterList):
      (JSC::ASTBuilder::createClause):
      (JSC::ASTBuilder::createClauseList):
      (JSC::ASTBuilder::createFuncDeclStatement):
      (JSC::ASTBuilder::createBlockStatement):
      (JSC::ASTBuilder::createExprStatement):
      (JSC::ASTBuilder::createIfStatement):
      (JSC::ASTBuilder::createForLoop):
      (JSC::ASTBuilder::createForInLoop):
      (JSC::ASTBuilder::createEmptyStatement):
      (JSC::ASTBuilder::createVarStatement):
      (JSC::ASTBuilder::createReturnStatement):
      (JSC::ASTBuilder::createBreakStatement):
      (JSC::ASTBuilder::createContinueStatement):
      (JSC::ASTBuilder::createTryStatement):
      (JSC::ASTBuilder::createSwitchStatement):
      (JSC::ASTBuilder::createWhileStatement):
      (JSC::ASTBuilder::createDoWhileStatement):
      (JSC::ASTBuilder::createLabelStatement):
      (JSC::ASTBuilder::createWithStatement):
      (JSC::ASTBuilder::createThrowStatement):
      (JSC::ASTBuilder::createDebugger):
      (JSC::ASTBuilder::createConstStatement):
      (JSC::ASTBuilder::appendConstDecl):
      (JSC::ASTBuilder::addVar):
      (JSC::ASTBuilder::combineCommaNodes):
      (JSC::ASTBuilder::Scope::Scope):
      (JSC::ASTBuilder::createNumber):
      (ASTBuilder):
      (JSC::ASTBuilder::makeTypeOfNode):
      (JSC::ASTBuilder::makeDeleteNode):
      (JSC::ASTBuilder::makeNegateNode):
      (JSC::ASTBuilder::makeBitwiseNotNode):
      (JSC::ASTBuilder::makeMultNode):
      (JSC::ASTBuilder::makeDivNode):
      (JSC::ASTBuilder::makeModNode):
      (JSC::ASTBuilder::makeAddNode):
      (JSC::ASTBuilder::makeSubNode):
      (JSC::ASTBuilder::makeLeftShiftNode):
      (JSC::ASTBuilder::makeRightShiftNode):
      (JSC::ASTBuilder::makeURightShiftNode):
      (JSC::ASTBuilder::makeBitOrNode):
      (JSC::ASTBuilder::makeBitAndNode):
      (JSC::ASTBuilder::makeBitXOrNode):
      (JSC::ASTBuilder::makeFunctionCallNode):
      (JSC::ASTBuilder::makeBinaryNode):
      (JSC::ASTBuilder::makeAssignNode):
      (JSC::ASTBuilder::makePrefixNode):
      (JSC::ASTBuilder::makePostfixNode):
      * parser/Lexer.cpp:
      (JSC::Keywords::Keywords):
      (JSC::::Lexer):
      (JSC::::parseIdentifier):
      (JSC::::parseIdentifierSlowCase):
      * parser/Lexer.h:
      (JSC::Keywords::isKeyword):
      (JSC::Keywords::getKeyword):
      (Keywords):
      (Lexer):
      (JSC::::makeIdentifier):
      (JSC::::makeRightSizedIdentifier):
      (JSC::::makeIdentifierLCharFromUChar):
      (JSC::::makeLCharIdentifier):
      * parser/NodeConstructors.h:
      (JSC::ParserArenaFreeable::operator new):
      (JSC::ParserArenaDeletable::operator new):
      (JSC::ParserArenaRefCounted::ParserArenaRefCounted):
      (JSC::PropertyNode::PropertyNode):
      (JSC::ContinueNode::ContinueNode):
      (JSC::BreakNode::BreakNode):
      (JSC::ForInNode::ForInNode):
      * parser/Nodes.cpp:
      (JSC::ScopeNode::ScopeNode):
      (JSC::ProgramNode::ProgramNode):
      (JSC::ProgramNode::create):
      (JSC::EvalNode::EvalNode):
      (JSC::EvalNode::create):
      (JSC::FunctionBodyNode::FunctionBodyNode):
      (JSC::FunctionBodyNode::create):
      * parser/Nodes.h:
      (ParserArenaFreeable):
      (ParserArenaDeletable):
      (ParserArenaRefCounted):
      (ArrayNode):
      (ForInNode):
      (ContinueNode):
      (BreakNode):
      (ScopeNode):
      (ProgramNode):
      (EvalNode):
      (FunctionBodyNode):
      * parser/Parser.cpp:
      (JSC::::Parser):
      (JSC::::parseInner):
      (JSC::::parseSourceElements):
      (JSC::::parseTryStatement):
      (JSC::::parseFunctionBody):
      (JSC::::parseFunctionInfo):
      (JSC::::parseAssignmentExpression):
      (JSC::::parseProperty):
      (JSC::::parsePrimaryExpression):
      (JSC::::parseMemberExpression):
      (JSC::::parseUnaryExpression):
      * parser/Parser.h:
      (JSC):
      (JSC::Scope::Scope):
      (JSC::Scope::declareVariable):
      (JSC::Scope::declareParameter):
      (Scope):
      (Parser):
      (JSC::Parser::pushScope):
      (JSC::::parse):
      (JSC::parse):
      * parser/ParserArena.h:
      (IdentifierArena):
      (JSC::IdentifierArena::makeIdentifier):
      (JSC::IdentifierArena::makeIdentifierLCharFromUChar):
      (JSC::IdentifierArena::makeNumericIdentifier):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::SyntaxChecker):
      (JSC::SyntaxChecker::createProperty):
      (JSC::SyntaxChecker::createGetterOrSetterProperty):
      * profiler/LegacyProfiler.cpp:
      (JSC::LegacyProfiler::startProfiling):
      (JSC::LegacyProfiler::stopProfiling):
      * profiler/LegacyProfiler.h:
      (JSC):
      * profiler/ProfilerBytecode.cpp:
      (JSC::Profiler::Bytecode::toJS):
      * profiler/ProfilerBytecodeSequence.cpp:
      (JSC::Profiler::BytecodeSequence::BytecodeSequence):
      (JSC::Profiler::BytecodeSequence::addSequenceProperties):
      * profiler/ProfilerBytecodes.cpp:
      (JSC::Profiler::Bytecodes::toJS):
      * profiler/ProfilerCompilation.cpp:
      (JSC::Profiler::Compilation::toJS):
      * profiler/ProfilerCompiledBytecode.cpp:
      (JSC::Profiler::CompiledBytecode::toJS):
      * profiler/ProfilerDatabase.cpp:
      (JSC::Profiler::Database::Database):
      (JSC::Profiler::Database::toJS):
      (JSC::Profiler::Database::toJSON):
      * profiler/ProfilerDatabase.h:
      (Database):
      * profiler/ProfilerOSRExit.cpp:
      (JSC::Profiler::OSRExit::toJS):
      * profiler/ProfilerOrigin.cpp:
      (JSC::Profiler::Origin::toJS):
      * profiler/ProfilerProfiledBytecodes.cpp:
      (JSC::Profiler::ProfiledBytecodes::toJS):
      * runtime/ArgList.h:
      (MarkedArgumentBuffer):
      * runtime/Arguments.cpp:
      (JSC::Arguments::putByIndex):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      (JSC::Arguments::defineOwnProperty):
      (JSC::Arguments::tearOff):
      (JSC::Arguments::didTearOffActivation):
      (JSC::Arguments::tearOffForInlineCallFrame):
      * runtime/Arguments.h:
      (JSC::Arguments::create):
      (JSC::Arguments::createStructure):
      (Arguments):
      (JSC::Arguments::Arguments):
      (JSC::Arguments::trySetArgument):
      (JSC::Arguments::finishCreation):
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::finishCreation):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::createStructure):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::ArrayPrototype):
      (JSC::ArrayPrototype::finishCreation):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      * runtime/ArrayPrototype.h:
      (JSC::ArrayPrototype::createStructure):
      * runtime/BatchedTransitionOptimizer.h:
      (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
      (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
      (BatchedTransitionOptimizer):
      * runtime/BooleanConstructor.cpp:
      (JSC::BooleanConstructor::finishCreation):
      (JSC::constructBoolean):
      (JSC::constructBooleanFromImmediateBoolean):
      * runtime/BooleanConstructor.h:
      (JSC::BooleanConstructor::createStructure):
      * runtime/BooleanObject.cpp:
      (JSC::BooleanObject::BooleanObject):
      (JSC::BooleanObject::finishCreation):
      * runtime/BooleanObject.h:
      (BooleanObject):
      (JSC::BooleanObject::create):
      (JSC::BooleanObject::createStructure):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::BooleanPrototype):
      (JSC::BooleanPrototype::finishCreation):
      (JSC::booleanProtoFuncToString):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::createStructure):
      * runtime/Butterfly.h:
      (JSC):
      (Butterfly):
      * runtime/ButterflyInlines.h:
      (JSC::Butterfly::createUninitialized):
      (JSC::Butterfly::create):
      (JSC::Butterfly::growPropertyStorage):
      (JSC::Butterfly::createOrGrowArrayRight):
      (JSC::Butterfly::growArrayRight):
      (JSC::Butterfly::resizeArray):
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getCodeBlock):
      (JSC::CodeCache::getProgramCodeBlock):
      (JSC::CodeCache::getEvalCodeBlock):
      (JSC::CodeCache::getFunctionExecutableFromGlobalCode):
      * runtime/CodeCache.h:
      (JSC):
      (JSC::SourceCodeValue::SourceCodeValue):
      (CodeCache):
      * runtime/CommonIdentifiers.cpp:
      (JSC):
      (JSC::CommonIdentifiers::CommonIdentifiers):
      * runtime/CommonIdentifiers.h:
      (CommonIdentifiers):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::opIn):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::finishCreation):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::createStructure):
      * runtime/DateInstance.cpp:
      (JSC::DateInstance::DateInstance):
      (JSC::DateInstance::finishCreation):
      (JSC::DateInstance::calculateGregorianDateTime):
      (JSC::DateInstance::calculateGregorianDateTimeUTC):
      * runtime/DateInstance.h:
      (DateInstance):
      (JSC::DateInstance::create):
      (JSC::DateInstance::createStructure):
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::finishCreation):
      (JSC::dateProtoFuncSetTime):
      (JSC::setNewValueFromTimeArgs):
      (JSC::setNewValueFromDateArgs):
      (JSC::dateProtoFuncSetYear):
      (JSC::dateProtoFuncToJSON):
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::createStructure):
      * runtime/Error.cpp:
      (JSC::createError):
      (JSC::createEvalError):
      (JSC::createRangeError):
      (JSC::createReferenceError):
      (JSC::createSyntaxError):
      (JSC::createTypeError):
      (JSC::createURIError):
      (JSC::addErrorInfo):
      (JSC::throwError):
      * runtime/Error.h:
      (JSC):
      (JSC::StrictModeTypeErrorFunction::create):
      (JSC::StrictModeTypeErrorFunction::createStructure):
      * runtime/ErrorConstructor.cpp:
      (JSC::ErrorConstructor::finishCreation):
      * runtime/ErrorConstructor.h:
      (JSC::ErrorConstructor::createStructure):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      * runtime/ErrorInstance.h:
      (JSC::ErrorInstance::createStructure):
      (JSC::ErrorInstance::create):
      (ErrorInstance):
      (JSC::ErrorInstance::finishCreation):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::ErrorPrototype):
      (JSC::ErrorPrototype::finishCreation):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::createStructure):
      * runtime/ExceptionHelpers.cpp:
      (JSC::createInterruptedExecutionException):
      (JSC::createTerminatedExecutionException):
      * runtime/ExceptionHelpers.h:
      (JSC):
      (JSC::InterruptedExecutionError::InterruptedExecutionError):
      (JSC::InterruptedExecutionError::create):
      (JSC::InterruptedExecutionError::createStructure):
      (JSC::TerminatedExecutionError::TerminatedExecutionError):
      (JSC::TerminatedExecutionError::create):
      (JSC::TerminatedExecutionError::createStructure):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC::EvalExecutable::EvalExecutable):
      (JSC::ProgramExecutable::ProgramExecutable):
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::compileInternal):
      (JSC::EvalExecutable::jettisonOptimizedCode):
      (JSC::ProgramExecutable::checkSyntax):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::jettisonOptimizedCode):
      (JSC::ProgramExecutable::initializeGlobalProperties):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::jettisonOptimizedCodeForCall):
      (JSC::FunctionExecutable::jettisonOptimizedCodeForConstruct):
      (JSC::FunctionExecutable::fromGlobalCode):
      * runtime/Executable.h:
      (JSC::ExecutableBase::ExecutableBase):
      (JSC::ExecutableBase::finishCreation):
      (JSC::ExecutableBase::createStructure):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::createStructure):
      (JSC::NativeExecutable::finishCreation):
      (JSC::NativeExecutable::NativeExecutable):
      (JSC::ScriptExecutable::ScriptExecutable):
      (JSC::ScriptExecutable::finishCreation):
      (JSC::EvalExecutable::compile):
      (EvalExecutable):
      (JSC::EvalExecutable::create):
      (JSC::EvalExecutable::createStructure):
      (JSC::ProgramExecutable::create):
      (ProgramExecutable):
      (JSC::ProgramExecutable::compile):
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::create):
      (JSC::FunctionExecutable::compileForCall):
      (FunctionExecutable):
      (JSC::FunctionExecutable::compileForConstruct):
      (JSC::FunctionExecutable::jettisonOptimizedCodeFor):
      (JSC::FunctionExecutable::createStructure):
      (JSC::JSFunction::JSFunction):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/FunctionConstructor.cpp:
      (JSC::FunctionConstructor::finishCreation):
      * runtime/FunctionConstructor.h:
      (JSC::FunctionConstructor::createStructure):
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::finishCreation):
      (JSC::FunctionPrototype::addFunctionProperties):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::createStructure):
      * runtime/GCActivityCallback.cpp:
      (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::doWork):
      (JSC::DefaultGCActivityCallback::didAllocate):
      * runtime/GCActivityCallback.h:
      (JSC::GCActivityCallback::GCActivityCallback):
      * runtime/GCActivityCallbackBlackBerry.cpp:
      (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::doWork):
      (JSC::DefaultGCActivityCallback::didAllocate):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::GetterSetter):
      (JSC::GetterSetter::create):
      (JSC::GetterSetter::setGetter):
      (JSC::GetterSetter::setSetter):
      (JSC::GetterSetter::createStructure):
      * runtime/Identifier.cpp:
      (JSC::Identifier::add):
      (JSC::Identifier::add8):
      (JSC::Identifier::addSlowCase):
      (JSC::Identifier::from):
      (JSC::Identifier::checkCurrentIdentifierTable):
      * runtime/Identifier.h:
      (JSC::Identifier::Identifier):
      (JSC::Identifier::createLCharFromUChar):
      (Identifier):
      (JSC::Identifier::add):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::InternalFunction):
      (JSC::InternalFunction::finishCreation):
      (JSC::InternalFunction::name):
      (JSC::InternalFunction::displayName):
      * runtime/InternalFunction.h:
      (JSC::InternalFunction::createStructure):
      (InternalFunction):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      (JSC::JSAPIValueWrapper::finishCreation):
      (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::symbolTablePutWithAttributes):
      (JSC::JSActivation::getOwnPropertySlot):
      (JSC::JSActivation::put):
      (JSC::JSActivation::putDirectVirtual):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::create):
      (JSC::JSActivation::createStructure):
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::tearOff):
      * runtime/JSArray.cpp:
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::setLengthWritable):
      (JSC::JSArray::unshiftCountSlowCase):
      (JSC::JSArray::setLength):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithArrayStorage):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::ContiguousTypeAccessor::setWithValue):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sortVector):
      * runtime/JSArray.h:
      (JSC::JSArray::JSArray):
      (JSArray):
      (JSC::JSArray::shiftCountForShift):
      (JSC::JSArray::unshiftCountForShift):
      (JSC::JSArray::createStructure):
      (JSC::createContiguousArrayButterfly):
      (JSC::createArrayButterfly):
      (JSC):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      (JSC::constructArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::create):
      (JSC::JSBoundFunction::JSBoundFunction):
      * runtime/JSBoundFunction.h:
      (JSC::JSBoundFunction::createStructure):
      * runtime/JSCJSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      (JSC::JSValue::toStringSlowCase):
      * runtime/JSCJSValue.h:
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSCellInlines.h:
      (JSC::JSCell::JSCell):
      (JSC::JSCell::finishCreation):
      (JSC::allocateCell):
      (JSC::JSCell::setStructure):
      (JSC::JSCell::fastGetOwnProperty):
      * runtime/JSDateMath.cpp:
      (JSC::getDSTOffset):
      (JSC::getUTCOffset):
      (JSC::parseDate):
      * runtime/JSDestructibleObject.h:
      (JSC::JSDestructibleObject::JSDestructibleObject):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::create):
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::createAllocationProfile):
      (JSC::JSFunction::name):
      (JSC::JSFunction::displayName):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::deleteProperty):
      * runtime/JSFunction.h:
      (JSFunction):
      (JSC::JSFunction::create):
      (JSC::JSFunction::setScope):
      (JSC::JSFunction::createStructure):
      * runtime/JSGlobalData.cpp: Removed.
      * runtime/JSGlobalData.h: Removed.
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::~JSGlobalObject):
      (JSC::JSGlobalObject::setGlobalThis):
      (JSC::JSGlobalObject::init):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::createThrowTypeError):
      (JSC::JSGlobalObject::resetPrototype):
      (JSC::JSGlobalObject::addStaticGlobals):
      (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
      (JSC::JSGlobalObject::createProgramCodeBlock):
      (JSC::JSGlobalObject::createEvalCodeBlock):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::create):
      (JSGlobalObject):
      (JSC::JSGlobalObject::finishCreation):
      (JSC::JSGlobalObject::vm):
      (JSC::JSGlobalObject::createStructure):
      (JSC::ExecState::dynamicGlobalObject):
      (JSC::constructEmptyArray):
      (DynamicGlobalObjectScope):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncProtoSetter):
      * runtime/JSLock.cpp:
      (JSC::JSLockHolder::JSLockHolder):
      (JSC::JSLockHolder::init):
      (JSC::JSLockHolder::~JSLockHolder):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::willDestroyGlobalData):
      (JSC::JSLock::lock):
      (JSC::JSLock::unlock):
      (JSC::JSLock::DropAllLocks::DropAllLocks):
      (JSC::JSLock::DropAllLocks::~DropAllLocks):
      * runtime/JSLock.h:
      (JSC):
      (JSLockHolder):
      (JSLock):
      (JSC::JSLock::vm):
      (DropAllLocks):
      * runtime/JSNameScope.h:
      (JSC::JSNameScope::createStructure):
      (JSC::JSNameScope::finishCreation):
      (JSC::JSNameScope::JSNameScope):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::JSNotAnObject):
      (JSC::JSNotAnObject::create):
      (JSC::JSNotAnObject::createStructure):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::JSONObject):
      (JSC::JSONObject::finishCreation):
      (Holder):
      (JSC::Stringifier::Stringifier):
      (JSC::Stringifier::stringify):
      (JSC::Stringifier::toJSON):
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Stringifier::Holder::Holder):
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::Walker):
      (JSC::Walker::walk):
      (JSC::JSONProtoFuncParse):
      (JSC::JSONProtoFuncStringify):
      (JSC::JSONStringify):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::notifyPresenceOfIndexedAccessors):
      (JSC::JSObject::createInitialIndexedStorage):
      (JSC::JSObject::createInitialUndecided):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::createInitialArrayStorage):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
      (JSC::JSObject::convertUndecidedToArrayStorage):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::convertInt32ToArrayStorage):
      (JSC::JSObject::genericConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToContiguous):
      (JSC::JSObject::rageConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::convertUndecidedForValue):
      (JSC::JSObject::convertInt32ForValue):
      (JSC::JSObject::setIndexQuicklyToUndecided):
      (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex):
      (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::rageEnsureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::putDirectVirtual):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::setPrototypeWithCycleCheck):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::getOwnNonIndexPropertyNames):
      (JSC::JSObject::seal):
      (JSC::JSObject::freeze):
      (JSC::JSObject::preventExtensions):
      (JSC::JSObject::reifyStaticFunctionsForDelete):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::allocateSparseIndexMap):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::putDirectNativeFunction):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::ensureLengthSlow):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::putDirectMayBeIndex):
      (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope):
      (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope):
      (DefineOwnPropertyScope):
      (JSC::JSObject::defineOwnNonIndexProperty):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::putByIndexInline):
      (JSC::JSObject::putDirectIndex):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectOffset):
      (JSC::JSObject::putDirect):
      (JSC::JSObject::isSealed):
      (JSC::JSObject::isFrozen):
      (JSC::JSObject::flattenDictionaryObject):
      (JSC::JSObject::ensureInt32):
      (JSC::JSObject::ensureDouble):
      (JSC::JSObject::ensureContiguous):
      (JSC::JSObject::rageEnsureContiguous):
      (JSC::JSObject::ensureArrayStorage):
      (JSC::JSObject::finishCreation):
      (JSC::JSObject::createStructure):
      (JSC::JSObject::ensureLength):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSC::JSFinalObject::createStructure):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSFinalObject::create):
      (JSC::JSObject::setButterfly):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putOwnDataProperty):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::createStructure):
      (JSC::JSPropertyNameIterator::setCachedStructure):
      (JSC::JSPropertyNameIterator::setCachedPrototypeChain):
      (JSC::JSPropertyNameIterator::finishCreation):
      (JSC::StructureRareData::setEnumerationCache):
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::setTarget):
      * runtime/JSProxy.h:
      (JSC::JSProxy::create):
      (JSC::JSProxy::createStructure):
      (JSC::JSProxy::JSProxy):
      (JSC::JSProxy::finishCreation):
      (JSProxy):
      * runtime/JSScope.cpp:
      (JSC::executeResolveOperations):
      (JSC::JSScope::resolveContainingScopeInternal):
      (JSC::JSScope::resolveWithBase):
      (JSC::JSScope::resolveWithThis):
      (JSC::JSScope::resolvePut):
      * runtime/JSScope.h:
      (JSScope):
      (JSC::JSScope::JSScope):
      (JSC::JSScope::vm):
      (JSC::ExecState::vm):
      * runtime/JSSegmentedVariableObject.h:
      (JSC::JSSegmentedVariableObject::JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::finishCreation):
      * runtime/JSString.cpp:
      (JSC::JSRopeString::RopeBuilder::expand):
      (JSC::StringObject::create):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      (JSC::JSString::JSString):
      (JSC::JSString::finishCreation):
      (JSC::JSString::create):
      (JSC::JSString::createHasOtherOwner):
      (JSC::JSString::createStructure):
      (JSRopeString):
      (JSC::JSRopeString::RopeBuilder::RopeBuilder):
      (JSC::JSRopeString::RopeBuilder::append):
      (RopeBuilder):
      (JSC::JSRopeString::JSRopeString):
      (JSC::JSRopeString::finishCreation):
      (JSC::JSRopeString::append):
      (JSC::JSRopeString::createNull):
      (JSC::JSRopeString::create):
      (JSC::jsEmptyString):
      (JSC::jsSingleCharacterString):
      (JSC::jsSingleCharacterSubstring):
      (JSC::jsNontrivialString):
      (JSC::jsString):
      (JSC::jsSubstring):
      (JSC::jsSubstring8):
      (JSC::jsOwnedString):
      (JSC::jsStringBuilder):
      (JSC::inlineJSValueNotStringtoString):
      * runtime/JSStringJoiner.cpp:
      (JSC::JSStringJoiner::build):
      * runtime/JSSymbolTableObject.h:
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/JSWithScope.h:
      (JSC::JSWithScope::create):
      (JSC::JSWithScope::createStructure):
      (JSC::JSWithScope::JSWithScope):
      * runtime/JSWrapperObject.h:
      (JSWrapperObject):
      (JSC::JSWrapperObject::createStructure):
      (JSC::JSWrapperObject::JSWrapperObject):
      (JSC::JSWrapperObject::setInternalValue):
      * runtime/LiteralParser.cpp:
      (JSC::::tryJSONPParse):
      (JSC::::makeIdentifier):
      (JSC::::parse):
      * runtime/Lookup.cpp:
      (JSC::HashTable::createTable):
      (JSC::setUpStaticFunctionSlot):
      * runtime/Lookup.h:
      (JSC::HashTable::initializeIfNeeded):
      (JSC::HashTable::entry):
      (JSC::HashTable::begin):
      (JSC::HashTable::end):
      (HashTable):
      (JSC::lookupPut):
      * runtime/MathObject.cpp:
      (JSC::MathObject::MathObject):
      (JSC::MathObject::finishCreation):
      (JSC::mathProtoFuncSin):
      * runtime/MathObject.h:
      (JSC::MathObject::createStructure):
      * runtime/MemoryStatistics.cpp:
      * runtime/MemoryStatistics.h:
      * runtime/NameConstructor.cpp:
      (JSC::NameConstructor::finishCreation):
      (JSC::constructPrivateName):
      * runtime/NameConstructor.h:
      (JSC::NameConstructor::createStructure):
      * runtime/NameInstance.cpp:
      (JSC::NameInstance::NameInstance):
      * runtime/NameInstance.h:
      (JSC::NameInstance::createStructure):
      (JSC::NameInstance::create):
      (NameInstance):
      (JSC::NameInstance::finishCreation):
      * runtime/NamePrototype.cpp:
      (JSC::NamePrototype::NamePrototype):
      (JSC::NamePrototype::finishCreation):
      * runtime/NamePrototype.h:
      (JSC::NamePrototype::createStructure):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::createStructure):
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NativeErrorPrototype.cpp:
      (JSC::NativeErrorPrototype::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::finishCreation):
      (JSC::constructWithNumberConstructor):
      * runtime/NumberConstructor.h:
      (JSC::NumberConstructor::createStructure):
      * runtime/NumberObject.cpp:
      (JSC::NumberObject::NumberObject):
      (JSC::NumberObject::finishCreation):
      (JSC::constructNumber):
      * runtime/NumberObject.h:
      (NumberObject):
      (JSC::NumberObject::create):
      (JSC::NumberObject::createStructure):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::NumberPrototype):
      (JSC::NumberPrototype::finishCreation):
      (JSC::integerValueToString):
      (JSC::numberProtoFuncToString):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::createStructure):
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::finishCreation):
      (JSC::objectConstructorGetOwnPropertyDescriptor):
      (JSC::objectConstructorSeal):
      (JSC::objectConstructorFreeze):
      (JSC::objectConstructorPreventExtensions):
      (JSC::objectConstructorIsSealed):
      (JSC::objectConstructorIsFrozen):
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      (JSC::constructEmptyObject):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      (JSC::ObjectPrototype::finishCreation):
      (JSC::objectProtoFuncToString):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::createStructure):
      * runtime/Operations.cpp:
      (JSC::jsTypeStringForValue):
      * runtime/Operations.h:
      (JSC):
      (JSC::jsString):
      (JSC::jsStringFromArguments):
      (JSC::normalizePrototypeChainForChainAccess):
      (JSC::normalizePrototypeChain):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (JSC::PropertyTable::createStructure):
      (PropertyTable):
      (JSC::PropertyTable::copy):
      * runtime/PropertyNameArray.h:
      (JSC::PropertyNameArray::PropertyNameArray):
      (JSC::PropertyNameArray::vm):
      (JSC::PropertyNameArray::addKnownUnique):
      (PropertyNameArray):
      * runtime/PropertyTable.cpp:
      (JSC::PropertyTable::create):
      (JSC::PropertyTable::clone):
      (JSC::PropertyTable::PropertyTable):
      * runtime/PrototypeMap.cpp:
      (JSC::PrototypeMap::emptyObjectStructureForPrototype):
      * runtime/RegExp.cpp:
      (JSC::RegExp::RegExp):
      (JSC::RegExp::finishCreation):
      (JSC::RegExp::createWithoutCaching):
      (JSC::RegExp::create):
      (JSC::RegExp::compile):
      (JSC::RegExp::compileIfNecessary):
      (JSC::RegExp::match):
      (JSC::RegExp::compileMatchOnly):
      (JSC::RegExp::compileIfNecessaryMatchOnly):
      * runtime/RegExp.h:
      (JSC):
      (RegExp):
      (JSC::RegExp::createStructure):
      * runtime/RegExpCache.cpp:
      (JSC::RegExpCache::lookupOrCreate):
      (JSC::RegExpCache::RegExpCache):
      (JSC::RegExpCache::addToStrongCache):
      * runtime/RegExpCache.h:
      (RegExpCache):
      * runtime/RegExpCachedResult.cpp:
      (JSC::RegExpCachedResult::lastResult):
      (JSC::RegExpCachedResult::setInput):
      * runtime/RegExpCachedResult.h:
      (JSC::RegExpCachedResult::RegExpCachedResult):
      (JSC::RegExpCachedResult::record):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::RegExpConstructor):
      (JSC::RegExpConstructor::finishCreation):
      (JSC::constructRegExp):
      * runtime/RegExpConstructor.h:
      (JSC::RegExpConstructor::createStructure):
      (RegExpConstructor):
      (JSC::RegExpConstructor::performMatch):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::RegExpMatchesArray):
      (JSC::RegExpMatchesArray::create):
      (JSC::RegExpMatchesArray::finishCreation):
      (JSC::RegExpMatchesArray::reifyAllProperties):
      * runtime/RegExpMatchesArray.h:
      (RegExpMatchesArray):
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::RegExpObject):
      (JSC::RegExpObject::finishCreation):
      (JSC::RegExpObject::match):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::create):
      (JSC::RegExpObject::setRegExp):
      (JSC::RegExpObject::setLastIndex):
      (JSC::RegExpObject::createStructure):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncCompile):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::createStructure):
      * runtime/SmallStrings.cpp:
      (JSC::SmallStrings::initializeCommonStrings):
      (JSC::SmallStrings::createEmptyString):
      (JSC::SmallStrings::createSingleCharacterString):
      (JSC::SmallStrings::initialize):
      * runtime/SmallStrings.h:
      (JSC):
      (JSC::SmallStrings::singleCharacterString):
      (SmallStrings):
      * runtime/SparseArrayValueMap.cpp:
      (JSC::SparseArrayValueMap::SparseArrayValueMap):
      (JSC::SparseArrayValueMap::finishCreation):
      (JSC::SparseArrayValueMap::create):
      (JSC::SparseArrayValueMap::createStructure):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::SparseArrayEntry::put):
      * runtime/SparseArrayValueMap.h:
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::StrictEvalActivation):
      * runtime/StrictEvalActivation.h:
      (JSC::StrictEvalActivation::create):
      (JSC::StrictEvalActivation::createStructure):
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::finishCreation):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::createStructure):
      * runtime/StringObject.cpp:
      (JSC::StringObject::StringObject):
      (JSC::StringObject::finishCreation):
      (JSC::constructString):
      * runtime/StringObject.h:
      (JSC::StringObject::create):
      (JSC::StringObject::createStructure):
      (StringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::StringPrototype):
      (JSC::StringPrototype::finishCreation):
      (JSC::removeUsingRegExpSearch):
      (JSC::replaceUsingRegExpSearch):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSplit):
      * runtime/StringPrototype.h:
      (JSC::StringPrototype::createStructure):
      * runtime/StringRecursionChecker.h:
      (JSC::StringRecursionChecker::performCheck):
      (JSC::StringRecursionChecker::~StringRecursionChecker):
      * runtime/Structure.cpp:
      (JSC::StructureTransitionTable::add):
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::changePrototypeTransition):
      (JSC::Structure::despecifyFunctionTransition):
      (JSC::Structure::attributeChangeTransition):
      (JSC::Structure::toDictionaryTransition):
      (JSC::Structure::toCacheableDictionaryTransition):
      (JSC::Structure::toUncacheableDictionaryTransition):
      (JSC::Structure::sealTransition):
      (JSC::Structure::freezeTransition):
      (JSC::Structure::preventExtensionsTransition):
      (JSC::Structure::takePropertyTableOrCloneIfPinned):
      (JSC::Structure::nonPropertyTransition):
      (JSC::Structure::isSealed):
      (JSC::Structure::isFrozen):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::allocateRareData):
      (JSC::Structure::cloneRareDataFrom):
      (JSC::Structure::copyPropertyTable):
      (JSC::Structure::copyPropertyTableForPinning):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::despecifyAllFunctions):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::createPropertyMap):
      (JSC::Structure::getPropertyNamesFromStructure):
      (JSC::Structure::prototypeChainMayInterceptStoreTo):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::finishCreation):
      (JSC::Structure::setPrototypeWithoutTransition):
      (JSC::Structure::setGlobalObject):
      (JSC::Structure::setObjectToStringValue):
      (JSC::Structure::materializePropertyMapIfNecessary):
      (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
      (JSC::Structure::setPreviousID):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::StructureChain):
      * runtime/StructureChain.h:
      (JSC::StructureChain::create):
      (JSC::StructureChain::createStructure):
      (JSC::StructureChain::finishCreation):
      (StructureChain):
      * runtime/StructureInlines.h:
      (JSC::Structure::create):
      (JSC::Structure::createStructure):
      (JSC::Structure::get):
      (JSC::Structure::setEnumerationCache):
      (JSC::Structure::prototypeChain):
      (JSC::Structure::propertyTable):
      * runtime/StructureRareData.cpp:
      (JSC::StructureRareData::createStructure):
      (JSC::StructureRareData::create):
      (JSC::StructureRareData::clone):
      (JSC::StructureRareData::StructureRareData):
      * runtime/StructureRareData.h:
      (StructureRareData):
      * runtime/StructureRareDataInlines.h:
      (JSC::StructureRareData::setPreviousID):
      (JSC::StructureRareData::setObjectToStringValue):
      * runtime/StructureTransitionTable.h:
      (StructureTransitionTable):
      (JSC::StructureTransitionTable::setSingleTransition):
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::create):
      (JSC::SharedSymbolTable::createStructure):
      (JSC::SharedSymbolTable::SharedSymbolTable):
      * runtime/VM.cpp: Copied from Source/JavaScriptCore/runtime/JSGlobalData.cpp.
      (JSC::VM::VM):
      (JSC::VM::~VM):
      (JSC::VM::createContextGroup):
      (JSC::VM::create):
      (JSC::VM::createLeaked):
      (JSC::VM::sharedInstanceExists):
      (JSC::VM::sharedInstance):
      (JSC::VM::sharedInstanceInternal):
      (JSC::VM::getHostFunction):
      (JSC::VM::ClientData::~ClientData):
      (JSC::VM::resetDateCache):
      (JSC::VM::startSampling):
      (JSC::VM::stopSampling):
      (JSC::VM::discardAllCode):
      (JSC::VM::dumpSampleData):
      (JSC::VM::addSourceProviderCache):
      (JSC::VM::clearSourceProviderCaches):
      (JSC::VM::releaseExecutableMemory):
      (JSC::releaseExecutableMemory):
      (JSC::VM::gatherConservativeRoots):
      (JSC::VM::addRegExpToTrace):
      (JSC::VM::dumpRegExpTrace):
      * runtime/VM.h: Copied from Source/JavaScriptCore/runtime/JSGlobalData.h.
      (VM):
      (JSC::VM::isSharedInstance):
      (JSC::VM::usingAPI):
      (JSC::VM::isInitializingObject):
      (JSC::VM::setInitializingObjectClass):
      (JSC::WeakSet::heap):
      * runtime/WriteBarrier.h:
      (JSC):
      (JSC::WriteBarrierBase::set):
      (JSC::WriteBarrierBase::setMayBeNull):
      (JSC::WriteBarrierBase::setEarlyValue):
      (JSC::WriteBarrier::WriteBarrier):
      * testRegExp.cpp:
      (GlobalObject):
      (GlobalObject::create):
      (GlobalObject::createStructure):
      (GlobalObject::finishCreation):
      (main):
      (testOneRegExp):
      (parseRegExpLine):
      (runFromFiles):
      (realMain):
      * yarr/YarrInterpreter.h:
      (BytecodePattern):
      * yarr/YarrJIT.cpp:
      (YarrGenerator):
      (JSC::Yarr::YarrGenerator::compile):
      (JSC::Yarr::jitCompile):
      * yarr/YarrJIT.h:
      (JSC):
      
      ../WebCore: 
      
      * ForwardingHeaders/runtime/JSGlobalData.h: Removed.
      * ForwardingHeaders/runtime/VM.h: Copied from Source/WebCore/ForwardingHeaders/runtime/JSGlobalData.h.
      * WebCore.exp.in:
      * WebCore.order:
      * WebCore.vcxproj/WebCore.vcxproj:
      * WebCore.vcxproj/WebCore.vcxproj.filters:
      * bindings/js/DOMObjectHashTableMap.cpp:
      (WebCore::DOMObjectHashTableMap::mapFor):
      * bindings/js/DOMObjectHashTableMap.h:
      (JSC):
      (DOMObjectHashTableMap):
      * bindings/js/DOMWrapperWorld.cpp:
      (WebCore::DOMWrapperWorld::DOMWrapperWorld):
      (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
      (WebCore::normalWorld):
      (WebCore::mainThreadNormalWorld):
      * bindings/js/DOMWrapperWorld.h:
      (WebCore::DOMWrapperWorld::create):
      (WebCore::DOMWrapperWorld::vm):
      (DOMWrapperWorld):
      (WebCore):
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::garbageCollectSoon):
      (WebCore::GCController::garbageCollectNow):
      (WebCore::GCController::setJavaScriptGarbageCollectorTimerEnabled):
      (WebCore::GCController::discardAllCompiledCode):
      * bindings/js/IDBBindingUtilities.cpp:
      (WebCore::get):
      (WebCore::set):
      (WebCore::deserializeIDBValue):
      (WebCore::deserializeIDBValueBuffer):
      (WebCore::idbKeyToScriptValue):
      * bindings/js/JSCallbackData.h:
      (WebCore::JSCallbackData::JSCallbackData):
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver):
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::getHashTableForGlobalData):
      (WebCore::reportException):
      (WebCore::cacheDOMStructure):
      * bindings/js/JSDOMBinding.h:
      (WebCore::DOMConstructorObject::createStructure):
      (WebCore::DOMConstructorWithDocument::finishCreation):
      (WebCore::getDOMStructure):
      (WebCore::setInlineCachedWrapper):
      (WebCore):
      (WebCore::jsStringWithCache):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
      (WebCore::JSDOMGlobalObject::finishCreation):
      * bindings/js/JSDOMGlobalObject.h:
      (JSDOMGlobalObject):
      (WebCore::JSDOMGlobalObject::createStructure):
      (WebCore::getDOMConstructor):
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::finishCreation):
      (WebCore::JSDOMWindowBase::updateDocument):
      (WebCore::JSDOMWindowBase::commonVM):
      * bindings/js/JSDOMWindowBase.h:
      (JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::createStructure):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::setLocation):
      (WebCore::DialogHandler::dialogCreated):
      (WebCore::DialogHandler::returnValue):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::JSDOMWindowShell):
      (WebCore::JSDOMWindowShell::finishCreation):
      (WebCore::JSDOMWindowShell::setWindow):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      (WebCore::JSDOMWindowShell::create):
      (WebCore::JSDOMWindowShell::createStructure):
      * bindings/js/JSDOMWrapper.h:
      (WebCore::JSDOMWrapper::JSDOMWrapper):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::createAccelerationObject):
      (WebCore::createRotationRateObject):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSDictionary.h:
      (WebCore::JSDictionary::JSDictionary):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSEventListener.h:
      (WebCore::JSEventListener::setWrapper):
      (WebCore::JSEventListener::jsFunction):
      * bindings/js/JSHTMLDocumentCustom.cpp:
      (WebCore::JSHTMLDocument::all):
      (WebCore::JSHTMLDocument::setAll):
      * bindings/js/JSHTMLTemplateElementCustom.cpp:
      (WebCore::JSHTMLTemplateElement::content):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::state):
      * bindings/js/JSImageConstructor.cpp:
      (WebCore::JSImageConstructor::finishCreation):
      * bindings/js/JSImageConstructor.h:
      (WebCore::JSImageConstructor::createStructure):
      * bindings/js/JSImageDataCustom.cpp:
      (WebCore::toJS):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::InjectedScriptHost::nodeAsScriptValue):
      (WebCore::JSInjectedScriptHost::functionDetails):
      (WebCore::getJSListenerFunctions):
      (WebCore::JSInjectedScriptHost::getEventListeners):
      (WebCore::JSInjectedScriptHost::inspect):
      * bindings/js/JSLazyEventListener.cpp:
      (WebCore::JSLazyEventListener::initializeJSFunction):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::JSMessageEvent::data):
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSMutationCallback.cpp:
      (WebCore::JSMutationCallback::call):
      * bindings/js/JSMutationObserverCustom.cpp:
      (WebCore::JSMutationObserverConstructor::constructJSMutationObserver):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::JSNodeFilterCondition):
      * bindings/js/JSNodeFilterCondition.h:
      (WebCore::JSNodeFilterCondition::create):
      (JSNodeFilterCondition):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::toNodeFilter):
      * bindings/js/JSPopStateEventCustom.cpp:
      (WebCore::cacheState):
      * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
      (WebCore::JSRequestAnimationFrameCallback::handleEvent):
      * bindings/js/JSSQLResultSetRowListCustom.cpp:
      (WebCore::JSSQLResultSetRowList::item):
      * bindings/js/JSWorkerContextBase.cpp:
      (WebCore::JSWorkerContextBase::JSWorkerContextBase):
      (WebCore::JSWorkerContextBase::finishCreation):
      * bindings/js/JSWorkerContextBase.h:
      (WebCore::JSWorkerContextBase::createStructure):
      (JSWorkerContextBase):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::ScheduledAction):
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScheduledAction.h:
      (WebCore::ScheduledAction::ScheduledAction):
      * bindings/js/ScriptCachedFrameData.cpp:
      (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
      (WebCore::ScriptCachedFrameData::restore):
      (WebCore::ScriptCachedFrameData::clear):
      * bindings/js/ScriptCallStackFactory.cpp:
      (WebCore::createScriptCallStack):
      (WebCore::createScriptArguments):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::createWindowShell):
      (WebCore::ScriptController::evaluateInWorld):
      (WebCore::ScriptController::createWorld):
      (WebCore::ScriptController::getAllWorlds):
      (WebCore::ScriptController::clearWindowShell):
      (WebCore::ScriptController::initScript):
      (WebCore::ScriptController::updateDocument):
      (WebCore::ScriptController::cacheableBindingRootObject):
      (WebCore::ScriptController::bindingRootObject):
      (WebCore::ScriptController::clearScriptObjects):
      (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy):
      * bindings/js/ScriptControllerMac.mm:
      (WebCore::ScriptController::windowScriptObject):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptEventListener.cpp:
      (WebCore::eventListenerHandlerBody):
      (WebCore::eventListenerHandler):
      (WebCore::eventListenerHandlerLocation):
      * bindings/js/ScriptFunctionCall.cpp:
      (WebCore::ScriptFunctionCall::call):
      (WebCore::ScriptCallback::call):
      * bindings/js/ScriptGCEvent.cpp:
      (WebCore::ScriptGCEvent::getHeapSize):
      * bindings/js/ScriptObject.cpp:
      (WebCore::ScriptObject::ScriptObject):
      (WebCore::ScriptGlobalObject::set):
      * bindings/js/ScriptState.h:
      (WebCore):
      * bindings/js/ScriptValue.cpp:
      (WebCore::ScriptValue::deserialize):
      * bindings/js/ScriptValue.h:
      (WebCore::ScriptValue::ScriptValue):
      * bindings/js/ScriptWrappable.h:
      (JSC):
      (ScriptWrappable):
      * bindings/js/ScriptWrappableInlines.h:
      (WebCore::ScriptWrappable::setWrapper):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::readTerminal):
      (WebCore::SerializedScriptValue::deserializeForInspector):
      (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
      * bindings/js/WebCoreJSClientData.h:
      (WebCoreJSClientData):
      (WebCore::initNormalWorldClientData):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::WorkerScriptController):
      (WebCore::WorkerScriptController::~WorkerScriptController):
      (WebCore::WorkerScriptController::initScript):
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::scheduleExecutionTermination):
      (WebCore::WorkerScriptController::isExecutionTerminating):
      (WebCore::WorkerScriptController::disableEval):
      * bindings/js/WorkerScriptController.h:
      (JSC):
      (WebCore::WorkerScriptController::vm):
      (WorkerScriptController):
      * bindings/js/WorkerScriptDebugServer.cpp:
      (WebCore::WorkerScriptDebugServer::recompileAllJSFunctions):
      * bindings/objc/WebScriptObject.mm:
      (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateCallbackImplementation):
      (JSValueToNative):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bindings/scripts/test/JS/JSFloat64Array.cpp:
      (WebCore::getJSFloat64ArrayConstructorTable):
      (WebCore::JSFloat64ArrayConstructor::finishCreation):
      (WebCore::getJSFloat64ArrayPrototypeTable):
      (WebCore::getJSFloat64ArrayTable):
      (WebCore::JSFloat64Array::finishCreation):
      (WebCore::JSFloat64Array::createPrototype):
      * bindings/scripts/test/JS/JSFloat64Array.h:
      (WebCore::JSFloat64Array::create):
      (WebCore::JSFloat64Array::createStructure):
      (JSFloat64Array):
      (WebCore::JSFloat64ArrayPrototype::create):
      (WebCore::JSFloat64ArrayPrototype::createStructure):
      (WebCore::JSFloat64ArrayPrototype::JSFloat64ArrayPrototype):
      (WebCore::JSFloat64ArrayConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
      (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
      (WebCore::JSTestActiveDOMObject::finishCreation):
      (WebCore::JSTestActiveDOMObject::createPrototype):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
      (WebCore::JSTestActiveDOMObject::create):
      (WebCore::JSTestActiveDOMObject::createStructure):
      (JSTestActiveDOMObject):
      (WebCore::JSTestActiveDOMObjectPrototype::create):
      (WebCore::JSTestActiveDOMObjectPrototype::createStructure):
      (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
      (WebCore::JSTestActiveDOMObjectConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestCallback.cpp:
      (WebCore::JSTestCallback::callbackWithNoParam):
      (WebCore::JSTestCallback::callbackWithClass1Param):
      (WebCore::JSTestCallback::callbackWithClass2Param):
      (WebCore::JSTestCallback::callbackWithStringList):
      (WebCore::JSTestCallback::callbackWithBoolean):
      (WebCore::JSTestCallback::callbackRequiresThisToPass):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
      (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
      (WebCore::JSTestCustomNamedGetter::finishCreation):
      (WebCore::JSTestCustomNamedGetter::createPrototype):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
      (WebCore::JSTestCustomNamedGetter::create):
      (WebCore::JSTestCustomNamedGetter::createStructure):
      (JSTestCustomNamedGetter):
      (WebCore::JSTestCustomNamedGetterPrototype::create):
      (WebCore::JSTestCustomNamedGetterPrototype::createStructure):
      (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
      (WebCore::JSTestCustomNamedGetterConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
      (WebCore::JSTestEventConstructorConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::createPrototype):
      * bindings/scripts/test/JS/JSTestEventConstructor.h:
      (WebCore::JSTestEventConstructor::create):
      (WebCore::JSTestEventConstructor::createStructure):
      (JSTestEventConstructor):
      (WebCore::JSTestEventConstructorPrototype::create):
      (WebCore::JSTestEventConstructorPrototype::createStructure):
      (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
      (WebCore::JSTestEventConstructorConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::JSTestEventTargetConstructor::finishCreation):
      (WebCore::JSTestEventTarget::finishCreation):
      (WebCore::JSTestEventTarget::createPrototype):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::create):
      (WebCore::JSTestEventTarget::createStructure):
      (JSTestEventTarget):
      (WebCore::JSTestEventTargetPrototype::create):
      (WebCore::JSTestEventTargetPrototype::createStructure):
      (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
      (WebCore::JSTestEventTargetConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestException.cpp:
      (WebCore::JSTestExceptionConstructor::finishCreation):
      (WebCore::JSTestException::finishCreation):
      (WebCore::JSTestException::createPrototype):
      * bindings/scripts/test/JS/JSTestException.h:
      (WebCore::JSTestException::create):
      (WebCore::JSTestException::createStructure):
      (JSTestException):
      (WebCore::JSTestExceptionPrototype::create):
      (WebCore::JSTestExceptionPrototype::createStructure):
      (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
      (WebCore::JSTestExceptionConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::finishCreation):
      (WebCore::JSTestInterface::finishCreation):
      (WebCore::JSTestInterface::createPrototype):
      * bindings/scripts/test/JS/JSTestInterface.h:
      (WebCore::JSTestInterface::create):
      (WebCore::JSTestInterface::createStructure):
      (JSTestInterface):
      (WebCore::JSTestInterfacePrototype::create):
      (WebCore::JSTestInterfacePrototype::createStructure):
      (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
      (WebCore::JSTestInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
      (WebCore::JSTestMediaQueryListListener::finishCreation):
      (WebCore::JSTestMediaQueryListListener::createPrototype):
      (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      (WebCore::JSTestMediaQueryListListener::create):
      (WebCore::JSTestMediaQueryListListener::createStructure):
      (JSTestMediaQueryListListener):
      (WebCore::JSTestMediaQueryListListenerPrototype::create):
      (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
      (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
      (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
      (WebCore::JSTestNamedConstructorConstructor::finishCreation):
      (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::createPrototype):
      * bindings/scripts/test/JS/JSTestNamedConstructor.h:
      (WebCore::JSTestNamedConstructor::create):
      (WebCore::JSTestNamedConstructor::createStructure):
      (JSTestNamedConstructor):
      (WebCore::JSTestNamedConstructorPrototype::create):
      (WebCore::JSTestNamedConstructorPrototype::createStructure):
      (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
      (WebCore::JSTestNamedConstructorConstructor::createStructure):
      (WebCore::JSTestNamedConstructorNamedConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNode.cpp:
      (WebCore::JSTestNodeConstructor::finishCreation):
      (WebCore::JSTestNode::finishCreation):
      (WebCore::JSTestNode::createPrototype):
      * bindings/scripts/test/JS/JSTestNode.h:
      (WebCore::JSTestNode::create):
      (WebCore::JSTestNode::createStructure):
      (JSTestNode):
      (WebCore::JSTestNodePrototype::create):
      (WebCore::JSTestNodePrototype::createStructure):
      (WebCore::JSTestNodePrototype::JSTestNodePrototype):
      (WebCore::JSTestNodeConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::finishCreation):
      (WebCore::JSTestObj::finishCreation):
      (WebCore::JSTestObj::createPrototype):
      (WebCore::jsTestObjCachedAttribute1):
      (WebCore::jsTestObjCachedAttribute2):
      (WebCore::setJSTestObjConditionalAttr4Constructor):
      (WebCore::setJSTestObjConditionalAttr5Constructor):
      (WebCore::setJSTestObjConditionalAttr6Constructor):
      (WebCore::setJSTestObjAnyAttribute):
      (WebCore::setJSTestObjReplaceableAttribute):
      * bindings/scripts/test/JS/JSTestObj.h:
      (WebCore::JSTestObj::create):
      (WebCore::JSTestObj::createStructure):
      (JSTestObj):
      (WebCore::JSTestObjPrototype::create):
      (WebCore::JSTestObjPrototype::createStructure):
      (WebCore::JSTestObjPrototype::JSTestObjPrototype):
      (WebCore::JSTestObjConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
      (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
      (WebCore::JSTestOverloadedConstructors::finishCreation):
      (WebCore::JSTestOverloadedConstructors::createPrototype):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
      (WebCore::JSTestOverloadedConstructors::create):
      (WebCore::JSTestOverloadedConstructors::createStructure):
      (JSTestOverloadedConstructors):
      (WebCore::JSTestOverloadedConstructorsPrototype::create):
      (WebCore::JSTestOverloadedConstructorsPrototype::createStructure):
      (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
      (WebCore::JSTestOverloadedConstructorsConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::createPrototype):
      (WebCore::jsTestSerializedScriptValueInterfaceCachedValue):
      (WebCore::jsTestSerializedScriptValueInterfaceCachedReadonlyValue):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      (WebCore::JSTestSerializedScriptValueInterface::create):
      (WebCore::JSTestSerializedScriptValueInterface::createStructure):
      (JSTestSerializedScriptValueInterface):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::create):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestTypedefs.cpp:
      (WebCore::JSTestTypedefsConstructor::finishCreation):
      (WebCore::JSTestTypedefs::finishCreation):
      (WebCore::JSTestTypedefs::createPrototype):
      * bindings/scripts/test/JS/JSTestTypedefs.h:
      (WebCore::JSTestTypedefs::create):
      (WebCore::JSTestTypedefs::createStructure):
      (JSTestTypedefs):
      (WebCore::JSTestTypedefsPrototype::create):
      (WebCore::JSTestTypedefsPrototype::createStructure):
      (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
      (WebCore::JSTestTypedefsConstructor::createStructure):
      * bridge/c/CRuntimeObject.h:
      (JSC::Bindings::CRuntimeObject::createStructure):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::create):
      (JSC::Bindings::CRuntimeMethod::createStructure):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      * bridge/jsc/BridgeJSC.cpp:
      (JSC::Bindings::Instance::createRuntimeObject):
      * bridge/objc/ObjCRuntimeObject.h:
      (JSC::Bindings::ObjCRuntimeObject::createStructure):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::create):
      (ObjCRuntimeMethod::createStructure):
      (ObjCRuntimeMethod::finishCreation):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtRuntimeObject::createStructure):
      (JSC::Bindings::QtInstance::~QtInstance):
      (JSC::Bindings::QtInstance::getQtInstance):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::RuntimeArray):
      (JSC::RuntimeArray::finishCreation):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::create):
      (JSC::RuntimeArray::createStructure):
      (RuntimeArray):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::create):
      (JSC::RuntimeMethod::createStructure):
      (RuntimeMethod):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::RuntimeObject):
      (JSC::Bindings::RuntimeObject::finishCreation):
      * bridge/runtime_object.h:
      (JSC::Bindings::RuntimeObject::createStructure):
      * bridge/runtime_root.cpp:
      (JSC::Bindings::RootObject::RootObject):
      (JSC::Bindings::RootObject::gcProtect):
      (JSC::Bindings::RootObject::gcUnprotect):
      (JSC::Bindings::RootObject::updateGlobalObject):
      (JSC::Bindings::RootObject::addRuntimeObject):
      * bridge/runtime_root.h:
      (RootObject):
      * dom/Node.cpp:
      * dom/Node.h:
      (JSC):
      * dom/ScriptExecutionContext.cpp:
      (WebCore::ScriptExecutionContext::vm):
      * dom/ScriptExecutionContext.h:
      (JSC):
      (ScriptExecutionContext):
      * html/HTMLCanvasElement.cpp:
      (WebCore::HTMLCanvasElement::createImageBuffer):
      * html/HTMLImageLoader.cpp:
      (WebCore::HTMLImageLoader::notifyFinished):
      * inspector/ScriptArguments.cpp:
      (WebCore::ScriptArguments::ScriptArguments):
      * loader/icon/IconDatabaseBase.cpp:
      (WebCore):
      (WebCore::iconDatabase):
      (WebCore::setGlobalIconDatabase):
      * platform/qt/MemoryUsageSupportQt.cpp:
      (WebCore::memoryUsageKB):
      (WebCore::actualMemoryUsageKB):
      * platform/win/ClipboardUtilitiesWin.cpp:
      (WebCore::createGlobalData):
      * plugins/PluginView.cpp:
      (WebCore::PluginView::start):
      (WebCore::PluginView::stop):
      (WebCore::PluginView::performRequest):
      (WebCore::PluginView::npObject):
      (WebCore::PluginView::privateBrowsingStateChanged):
      * plugins/blackberry/PluginViewBlackBerry.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      (WebCore::PluginView::getWindowInfo):
      * plugins/efl/PluginViewEfl.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/gtk/PluginViewGtk.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/mac/PluginViewMac.mm:
      (WebCore::PluginView::platformStart):
      * plugins/qt/PluginViewQt.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      * plugins/win/PluginViewWin.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowRect):
      * testing/js/WebCoreTestSupport.cpp:
      (WebCoreTestSupport::injectInternalsObject):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::dropProtection):
      
      ../WebKit/blackberry: 
      
      * Api/BlackBerryGlobal.cpp:
      (BlackBerry::WebKit::clearMemoryCaches):
      * WebKitSupport/AboutData.cpp:
      * WebKitSupport/DumpRenderTreeSupport.cpp:
      (DumpRenderTreeSupport::javaScriptObjectsCount):
      
      ../WebKit/efl: 
      
      * WebCoreSupport/DumpRenderTreeSupportEfl.cpp:
      (DumpRenderTreeSupportEfl::javaScriptObjectsCount):
      
      ../WebKit/gtk: 
      
      * WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
      (DumpRenderTreeSupportGtk::gcCountJavascriptObjects):
      
      ../WebKit/mac: 
      
      * Misc/WebCoreStatistics.mm:
      (+[WebCoreStatistics javaScriptObjectsCount]):
      (+[WebCoreStatistics javaScriptGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
      (+[WebCoreStatistics javaScriptObjectTypeCounts]):
      (+[WebCoreStatistics shouldPrintExceptions]):
      (+[WebCoreStatistics setShouldPrintExceptions:]):
      (+[WebCoreStatistics memoryStatistics]):
      (+[WebCoreStatistics javaScriptReferencedObjectsCount]):
      * Plugins/Hosted/NetscapePluginHostProxy.mm:
      (identifierFromIdentifierRep):
      * Plugins/Hosted/NetscapePluginInstanceProxy.h:
      (LocalObjectMap):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::idForObject):
      (WebKit::NetscapePluginInstanceProxy::getWindowNPObject):
      (WebKit::NetscapePluginInstanceProxy::getPluginElementNPObject):
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::create):
      (WebKit::ProxyRuntimeMethod::createStructure):
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::getPropertyNames):
      * Plugins/Hosted/ProxyRuntimeObject.h:
      (WebKit::ProxyRuntimeObject::create):
      (WebKit::ProxyRuntimeObject::createStructure):
      * Plugins/WebNetscapePluginStream.mm:
      (WebNetscapePluginStream::wantsAllStreams):
      * Plugins/WebNetscapePluginView.mm:
      (-[WebNetscapePluginView sendEvent:isDrawRect:]):
      (-[WebNetscapePluginView privateBrowsingModeDidChange]):
      (-[WebNetscapePluginView setWindowIfNecessary]):
      (-[WebNetscapePluginView createPluginScriptableObject]):
      (-[WebNetscapePluginView getFormValue:]):
      (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]):
      (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]):
      (-[WebNetscapePluginView loadPluginRequest:]):
      (-[WebNetscapePluginView _printedPluginBitmap]):
      * Plugins/WebPluginController.mm:
      (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]):
      (-[WebPluginController stopOnePlugin:]):
      (-[WebPluginController destroyOnePlugin:]):
      (-[WebPluginController startAllPlugins]):
      (-[WebPluginController addPlugin:]):
      * WebKit.order:
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame scopeChain]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebScriptDebugger.mm:
      (WebScriptDebugger::WebScriptDebugger):
      
      ../WebKit/qt: 
      
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (DumpRenderTreeSupportQt::javaScriptObjectsCount):
      * WebCoreSupport/QWebFrameAdapter.cpp:
      (QWebFrameAdapter::addToJavaScriptWindowObject):
      
      ../WebKit/win: 
      
      * WebCoreStatistics.cpp:
      (WebCoreStatistics::javaScriptObjectsCount):
      (WebCoreStatistics::javaScriptGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectsCount):
      (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      * WebJavaScriptCollector.cpp:
      (WebJavaScriptCollector::objectCount):
      
      ../WebKit2: 
      
      * Shared/linux/WebMemorySamplerLinux.cpp:
      (WebKit::WebMemorySampler::sampleWebKit):
      * Shared/mac/WebMemorySampler.mac.mm:
      (WebKit::WebMemorySampler::sampleWebKit):
      * WebProcess/InjectedBundle/InjectedBundle.cpp:
      (WebKit::InjectedBundle::javaScriptObjectsCount):
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::finishCreation):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::create):
      (JSNPMethod):
      (WebKit::JSNPMethod::createStructure):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::JSNPObject):
      (WebKit::JSNPObject::finishCreation):
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (WebKit::JSNPObject::create):
      (WebKit::JSNPObject::createStructure):
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::create):
      (WebKit::NPJSObject::initialize):
      * WebProcess/Plugins/Netscape/NPJSObject.h:
      (JSC):
      (NPJSObject):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::getOrCreateNPObject):
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      (WebKit::NPRuntimeObjectMap::evaluate):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.h:
      (JSC):
      (NPRuntimeObjectMap):
      * WebProcess/Plugins/PluginView.cpp:
      (WebKit::PluginView::windowScriptNPObject):
      (WebKit::PluginView::pluginElementNPObject):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::runJavaScriptInMainFrame):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::getWebCoreStatistics):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148696 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9a9a4b52
  16. 18 Feb, 2013 1 commit
    • fpizlo@apple.com's avatar
      Move all Structure out-of-line inline methods to StructureInlines.h · bb8aa756
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=110024
      
      Source/JavaScriptCore: 
      
      Rubber stamped by Mark Hahnenberg and Sam Weinig.
              
      This was supposed to be easy.
              
      But, initially, there was a Structure inline method in CodeBlock.h, and moving that
      into StructureInlines.h meant that Operations.h included CodeBlock.h. This would
      cause WebCore build failures, because CodeBlock.h transitively included the JSC
      parser (via many, many paths), and the JSC parser defines tokens using enumeration
      elements that CSSGrammar.cpp (generated by bison) would #define. For example,
      bison would give CSSGrammar.cpp a #define FUNCTION 123, and would do so before
      including anything interesting. The JSC parser would have an enum that included
      FUNCTION as an element. Hence the JSC parser included into CSSGrammar.cpp would have
      a token element called FUNCTION declared in an enumeration, but FUNCTION was
      #define'd to 123, leading to a parser error.
              
      Wow.
              
      So I removed all transitive include paths from CodeBlock.h to the JSC Parser. I
      believe I was able to do so without out-of-lining anything interesting or performance
      critical. This is probably a purely good thing to have done: it will be nice to be
      able to make changes to the parser without having to compile the universe.
              
      Of course, doing this caused a bunch of other things to not compile, since a bunch of
      headers relied on things being implicitly included for them when they transitively
      included the parser. I fixed a lot of that.
              
      Finally, I ended up removing the method that depended on CodeBlock.h from
      StructureInlines.h, and putting it in Structure.cpp. That might seem like all of this
      was a waste of time, except that I suspect it was a worthwhile forcing function for
      cleaning up a bunch of cruft.
              
      * API/JSCallbackFunction.cpp:
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.h:
      (JSC):
      * bytecode/EvalCodeCache.h:
      * bytecode/SamplingTool.h:
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedFunctionExecutable::parameterCount):
      (JSC):
      * bytecode/UnlinkedCodeBlock.h:
      (UnlinkedFunctionExecutable):
      * bytecompiler/BytecodeGenerator.h:
      * bytecompiler/Label.h:
      (JSC):
      * dfg/DFGByteCodeParser.cpp:
      * dfg/DFGByteCodeParser.h:
      * dfg/DFGFPRInfo.h:
      * dfg/DFGRegisterBank.h:
      * heap/HandleStack.cpp:
      * jit/JITWriteBarrier.h:
      * parser/Nodes.h:
      (JSC):
      * parser/Parser.h:
      * parser/ParserError.h: Added.
      (JSC):
      (JSC::ParserError::ParserError):
      (ParserError):
      (JSC::ParserError::toErrorObject):
      * parser/ParserModes.h:
      * parser/SourceProvider.cpp: Added.
      (JSC):
      (JSC::SourceProvider::SourceProvider):
      (JSC::SourceProvider::~SourceProvider):
      * parser/SourceProvider.h:
      (JSC):
      (SourceProvider):
      * runtime/ArrayPrototype.cpp:
      * runtime/DatePrototype.cpp:
      * runtime/Executable.h:
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h:
      (JSC):
      * runtime/Operations.h:
      * runtime/Structure.cpp:
      (JSC::Structure::prototypeForLookup):
      (JSC):
      * runtime/Structure.h:
      (JSC):
      * runtime/StructureInlines.h: Added.
      (JSC):
      (JSC::Structure::create):
      (JSC::Structure::createStructure):
      (JSC::Structure::get):
      (JSC::Structure::masqueradesAsUndefined):
      (JSC::SlotVisitor::internalAppend):
      (JSC::Structure::transitivelyTransitionedFrom):
      (JSC::Structure::setEnumerationCache):
      (JSC::Structure::enumerationCache):
      (JSC::Structure::prototypeForLookup):
      (JSC::Structure::prototypeChain):
      (JSC::Structure::isValid):
      * runtime/StructureRareData.cpp:
      
      Source/WebCore: 
      
      Rubber stamped by Sam Weinig.
      
      No new tests because no new behavior. Just rewiring includes.
      
      * ForwardingHeaders/parser/SourceProviderCache.h: Added.
      * loader/cache/CachedScript.cpp:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143147 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bb8aa756
  17. 30 Jan, 2013 1 commit
  18. 29 Jan, 2013 1 commit
    • ggaren@apple.com's avatar
      Static size inference for JavaScript objects · c862eacf
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=108093
      
      Reviewed by Phil Pizlo.
      
      ../JavaScriptCore: 
      
      * API/JSObjectRef.cpp:
      * JavaScriptCore.order:
      * JavaScriptCore.xcodeproj/project.pbxproj: Pay the tax man.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpBytecode): op_new_object and op_create_this now
      have an extra inferredInlineCapacity argument. This is the statically
      inferred inline capacity, just from analyzing source text. op_new_object
      also gets a pointer to an allocation profile. (For op_create_this, the
      profile is in the construtor function.)
      
      (JSC::CodeBlock::CodeBlock): Link op_new_object.
      
      (JSC::CodeBlock::stronglyVisitStrongReferences): Mark our profiles.
      
      * bytecode/CodeBlock.h:
      (CodeBlock): Removed some dead code. Added object allocation profiles.
      
      * bytecode/Instruction.h:
      (JSC): New union type, since an instruction operand may point to an
      object allocation profile now.
      
      * bytecode/ObjectAllocationProfile.h: Added.
      (JSC):
      (ObjectAllocationProfile):
      (JSC::ObjectAllocationProfile::offsetOfAllocator):
      (JSC::ObjectAllocationProfile::offsetOfStructure):
      (JSC::ObjectAllocationProfile::ObjectAllocationProfile):
      (JSC::ObjectAllocationProfile::isNull):
      (JSC::ObjectAllocationProfile::initialize):
      (JSC::ObjectAllocationProfile::structure):
      (JSC::ObjectAllocationProfile::inlineCapacity):
      (JSC::ObjectAllocationProfile::clear):
      (JSC::ObjectAllocationProfile::visitAggregate):
      (JSC::ObjectAllocationProfile::possibleDefaultPropertyCount): New class
      for tracking a prediction about object allocation: structure, inline
      capacity, allocator to use.
      
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName): Updated instruction sizes.
      
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC):
      (JSC::UnlinkedCodeBlock::addObjectAllocationProfile):
      (JSC::UnlinkedCodeBlock::numberOfObjectAllocationProfiles):
      (UnlinkedCodeBlock): Unlinked support for allocation profiles.
      
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::generate): Kill all remaining analyses at the
      end of codegen, since this is our last opportunity.
      
      (JSC::BytecodeGenerator::BytecodeGenerator): Added a static property
      analyzer to bytecode generation. It tracks initializing assignments and
      makes a guess about how many will happen.
      
      (JSC::BytecodeGenerator::newObjectAllocationProfile):
      (JSC):
      (JSC::BytecodeGenerator::emitProfiledOpcode):
      (JSC::BytecodeGenerator::emitMove):
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveBase):
      (JSC::BytecodeGenerator::emitResolveBaseForPut):
      (JSC::BytecodeGenerator::emitResolveWithBaseForPut):
      (JSC::BytecodeGenerator::emitResolveWithThis):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitPutGetterSetter):
      (JSC::BytecodeGenerator::emitGetArgumentByVal):
      (JSC::BytecodeGenerator::emitGetByVal): Added hooks to the static property
      analyzer, so it can observe allocations and stores.
      
      (JSC::BytecodeGenerator::emitCreateThis): Factored this into a helper
      function because it was a significant amount of logic, and I wanted to
      add to it.
      
      (JSC::BytecodeGenerator::emitNewObject):
      (JSC::BytecodeGenerator::emitExpectedFunctionSnippet):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitCallVarargs):
      (JSC::BytecodeGenerator::emitConstruct): Added a hook to profiled opcodes
      to track their stores, in case a store kills a profiled allocation. Since
      profiled opcodes are basically the only interesting stores we do, this
      is a convenient place to notice any store that might kill an allocation.
      
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator): As above.
      
      * bytecompiler/StaticPropertyAnalysis.h: Added.
      (JSC):
      (StaticPropertyAnalysis):
      (JSC::StaticPropertyAnalysis::create):
      (JSC::StaticPropertyAnalysis::addPropertyIndex):
      (JSC::StaticPropertyAnalysis::record):
      (JSC::StaticPropertyAnalysis::propertyIndexCount):
      (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): Simple helper
      class for tracking allocations and stores.
      
      * bytecompiler/StaticPropertyAnalyzer.h: Added.
      (StaticPropertyAnalyzer):
      (JSC::StaticPropertyAnalyzer::StaticPropertyAnalyzer):
      (JSC::StaticPropertyAnalyzer::createThis):
      (JSC::StaticPropertyAnalyzer::newObject):
      (JSC::StaticPropertyAnalyzer::putById):
      (JSC::StaticPropertyAnalyzer::mov):
      (JSC::StaticPropertyAnalyzer::kill): Helper class for observing allocations
      and stores and making an inline capacity guess. The heuristics here are
      intentionally minimal because we don't want this one class to try to
      re-create something like a DFG or a runtime analysis. If we discover that
      we need those kinds of analyses, we should just replace this class with
      something else.
      
      This class tracks multiple registers that alias the same object -- that
      happens a lot, when moving locals into temporary registers -- but it
      doesn't track control flow or multiple objects that alias the same register.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute): Updated for rename.
      
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock): Updated for inline capacity and
      allocation profile.
      
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasInlineCapacity):
      (Node):
      (JSC::DFG::Node::inlineCapacity):
      (JSC::DFG::Node::hasFunction): Give the graph a good way to represent
      inline capacity for an allocation.
      
      * dfg/DFGNodeType.h:
      (DFG): Updated for rename.
      
      * dfg/DFGOperations.cpp: Updated for interface change.
      
      * dfg/DFGOperations.h: We pass the inline capacity to the slow case as
      an argument. This is the simplest way, since it's stored as a bytecode operand.
      
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate): Updated for rename.
      
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::tryCacheGetByID): Fixed a horrible off-by-one-half bug that only
      appears when doing an inline cached load for property number 64 on a 32-bit
      system. In JSVALUE32_64 land, "offsetRelativeToPatchedStorage" is the
      offset of the 64bit JSValue -- but we'll actually issue two loads, one for
      the payload at that offset, and one for the tag at that offset + 4. We need
      to ensure that both loads have a compact representation, or we'll corrupt
      the instruction stream.
      
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::emitAllocateJSArray):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): Lots of refactoring to support
      passing an allocator to our allocation function, and/or passing a Structure
      as a register instead of an immediate.
      
      * heap/MarkedAllocator.h:
      (DFG):
      (MarkedAllocator):
      (JSC::MarkedAllocator::offsetOfFreeListHead): Added an accessor to simplify
      JIT code generation of allocation from an arbitrary allocator.
      
      * jit/JIT.h:
      (JSC):
      * jit/JITInlines.h:
      (JSC):
      (JSC::JIT::emitAllocateJSObject):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emitSlow_op_new_object):
      (JSC::JIT::emit_op_create_this):
      (JSC::JIT::emitSlow_op_create_this):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emitSlow_op_new_object):
      (JSC::JIT::emit_op_create_this):
      (JSC::JIT::emitSlow_op_create_this): Same refactoring as done for the DFG.
      
      * jit/JITStubs.cpp:
      (JSC::tryCacheGetByID): Fixed the same bug mentioned above.
      
      (JSC::DEFINE_STUB_FUNCTION): Updated for interface changes.
      
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions): Updated for interface changes.
      
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm: Same refactoring as for the JITs.
      
      * profiler/ProfilerBytecode.cpp:
      * profiler/ProfilerBytecodes.cpp:
      * profiler/ProfilerCompilation.cpp:
      * profiler/ProfilerCompiledBytecode.cpp:
      * profiler/ProfilerDatabase.cpp:
      * profiler/ProfilerOSRExit.cpp:
      * profiler/ProfilerOrigin.cpp:
      * profiler/ProfilerProfiledBytecodes.cpp: Include ObjectConstructor.h
      because that's where createEmptyObject() lives now.
      
      * runtime/Executable.h:
      (JSC::JSFunction::JSFunction): Updated for rename.
      
      * runtime/JSCellInlines.h:
      (JSC::allocateCell): Updated to match the allocator selection code in
      the JIT, so it's clearer that both are correct.
      
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::createAllocationProfile):
      (JSC::JSFunction::visitChildren):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::put):
      (JSC::JSFunction::defineOwnProperty):
      (JSC::JSFunction::getConstructData):
      * runtime/JSFunction.h:
      (JSC::JSFunction::offsetOfScopeChain):
      (JSC::JSFunction::offsetOfExecutable):
      (JSC::JSFunction::offsetOfAllocationProfile):
      (JSC::JSFunction::allocationProfile):
      (JSFunction):
      (JSC::JSFunction::tryGetAllocationProfile):
      (JSC::JSFunction::addAllocationProfileWatchpoint): Changed inheritorID
      data member to be an ObjectAllocationProfile, which includes a pointer
      to the desired allocator. This simplifies JIT code, since we don't have
      to compute the allocator on the fly. I verified by code inspection that
      JSFunction is still only 64 bytes.
      
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::dateStructure): No direct pointer to the empty
      object structure anymore, because now clients need to specify how much
      inline capacity they want.
      
      * runtime/JSONObject.cpp:
      * runtime/JSObject.h:
      (JSC):
      (JSFinalObject):
      (JSC::JSFinalObject::defaultInlineCapacity):
      (JSC::JSFinalObject::maxInlineCapacity):
      (JSC::JSFinalObject::createStructure): A little refactoring to try to 
      clarify where some of these constants derive from.
      
      (JSC::maxOffsetRelativeToPatchedStorage): Used for bug fix, above.
      
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::setTarget): Ugly, but effective.
      
      * runtime/LiteralParser.cpp:
      * runtime/ObjectConstructor.cpp:
      (JSC::constructObject):
      (JSC::constructWithObjectConstructor):
      (JSC::callObjectConstructor):
      (JSC::objectConstructorCreate): Updated for interface changes.
      
      * runtime/ObjectConstructor.h:
      (JSC::constructEmptyObject): Clarified your options for how to allocate
      an empty object, to emphasize what things can actually vary.
      
      * runtime/PropertyOffset.h: These constants have moved because they're
      really higher level concepts to do with the layout of objects and the
      collector. PropertyOffset is just an abstract number line, independent
      of those things.
      
      * runtime/PrototypeMap.cpp:
      (JSC::PrototypeMap::emptyObjectStructureForPrototype):
      (JSC::PrototypeMap::clearEmptyObjectStructureForPrototype):
      * runtime/PrototypeMap.h:
      (PrototypeMap): The map key is now a pair of prototype and inline capacity,
      since Structure encodes inline capacity.
      
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::nonPropertyTransition):
      (JSC::Structure::copyPropertyTableForPinning):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::totalStorageSize):
      (JSC::Structure::transitionCount):
      (JSC::Structure::create): Fixed a nasty refactoring bug that only shows
      up after enabling variable-sized inline capacities: we were passing our
      type info where our inline capacity was expected. The compiler didn't
      notice because both have type int :(.
      
      ../WebCore: 
      
      * ForwardingHeaders/runtime/ObjectConstructor.h: Added.
      
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      * bindings/js/JSSQLResultSetRowListCustom.cpp: Include ObjectConstructor.h because
      that's where createEmptyObject() is located now.
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::deserialize): Updated for interface change.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141050 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c862eacf
  19. 24 Jan, 2013 1 commit
    • oliver@apple.com's avatar
      Harden JSC a bit with RELEASE_ASSERT · 903b0c0b
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=107766
      
      Reviewed by Mark Hahnenberg.
      
      Went through and replaced a pile of ASSERTs that were covering
      significantly important details (bounds checks, etc) where
      having the checks did not impact release performance in any
      measurable way.
      
      * API/JSContextRef.cpp:
      (JSContextCreateBacktrace):
      * assembler/MacroAssembler.h:
      (JSC::MacroAssembler::branchAdd32):
      (JSC::MacroAssembler::branchMul32):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpBytecode):
      (JSC::CodeBlock::handlerForBytecodeOffset):
      (JSC::CodeBlock::lineNumberForBytecodeOffset):
      (JSC::CodeBlock::bytecodeOffset):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::bytecodeOffsetForCallAtIndex):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::exceptionHandler):
      (JSC::CodeBlock::codeOrigin):
      (JSC::CodeBlock::immediateSwitchJumpTable):
      (JSC::CodeBlock::characterSwitchJumpTable):
      (JSC::CodeBlock::stringSwitchJumpTable):
      (JSC::CodeBlock::setIdentifiers):
      (JSC::baselineCodeBlockForInlineCallFrame):
      (JSC::ExecState::uncheckedR):
      * bytecode/CodeOrigin.cpp:
      (JSC::CodeOrigin::inlineStack):
      * bytecode/CodeOrigin.h:
      (JSC::CodeOrigin::CodeOrigin):
      * dfg/DFGCSEPhase.cpp:
      * dfg/DFGOSRExit.cpp:
      * dfg/DFGScratchRegisterAllocator.h:
      (JSC::DFG::ScratchRegisterAllocator::preserveUsedRegistersToScratchBuffer):
      (JSC::DFG::ScratchRegisterAllocator::restoreUsedRegistersFromScratchBuffer):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::allocate):
      (JSC::DFG::SpeculativeJIT::spill):
      (JSC::DFG::SpeculativeJIT::integerResult):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::fillInteger):
      (JSC::DFG::SpeculativeJIT::fillDouble):
      (JSC::DFG::SpeculativeJIT::fillJSValue):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntStrict):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGValueSource.h:
      (JSC::DFG::dataFormatToValueSourceKind):
      (JSC::DFG::ValueSource::ValueSource):
      * dfg/DFGVirtualRegisterAllocationPhase.cpp:
      * heap/BlockAllocator.cpp:
      (JSC::BlockAllocator::BlockAllocator):
      (JSC::BlockAllocator::releaseFreeRegions):
      (JSC::BlockAllocator::blockFreeingThreadMain):
      * heap/Heap.cpp:
      (JSC::Heap::lastChanceToFinalize):
      (JSC::Heap::collect):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::execute):
      * jit/GCAwareJITStubRoutine.cpp:
      (JSC::GCAwareJITStubRoutine::observeZeroRefCount):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      * jit/JITInlines.h:
      (JSC::JIT::emitLoad):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_end):
      (JSC::JIT::emit_resolve_operations):
      * jit/JITStubRoutine.cpp:
      (JSC::JITStubRoutine::observeZeroRefCount):
      * jit/JITStubs.cpp:
      (JSC::returnToThrowTrampoline):
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlot):
      (JSC::Arguments::getOwnPropertyDescriptor):
      (JSC::Arguments::deleteProperty):
      (JSC::Arguments::defineOwnProperty):
      (JSC::Arguments::didTearOffActivation):
      * runtime/ArrayPrototype.cpp:
      (JSC::shift):
      (JSC::unshift):
      (JSC::arrayProtoFuncLastIndexOf):
      * runtime/ButterflyInlines.h:
      (JSC::Butterfly::growPropertyStorage):
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getFunctionExecutableFromGlobalCode):
      * runtime/CodeCache.h:
      (JSC::CacheMap::add):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/Executable.cpp:
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::EvalExecutable::unlinkCalls):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::unlinkCalls):
      (JSC::ProgramExecutable::initializeGlobalProperties):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      (JSC::FunctionExecutable::unlinkCalls):
      (JSC::NativeExecutable::hashFor):
      * runtime/Executable.h:
      (JSC::EvalExecutable::compile):
      (JSC::ProgramExecutable::compile):
      (JSC::FunctionExecutable::compileForCall):
      (JSC::FunctionExecutable::compileForConstruct):
      * runtime/IndexingHeader.h:
      (JSC::IndexingHeader::setVectorLength):
      * runtime/JSArray.cpp:
      (JSC::JSArray::pop):
      (JSC::JSArray::shiftCountWithArrayStorage):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithArrayStorage):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::jsStrDecimalLiteral):
      * runtime/JSObject.cpp:
      (JSC::JSObject::copyButterfly):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
      * runtime/JSString.cpp:
      (JSC::JSRopeString::getIndexSlowCase):
      * yarr/YarrInterpreter.cpp:
      (JSC::Yarr::Interpreter::popParenthesesDisjunctionContext):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@140619 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      903b0c0b
  20. 23 Jan, 2013 1 commit
    • oliver@apple.com's avatar
      Replace ASSERT_NOT_REACHED with RELEASE_ASSERT_NOT_REACHED in JSC · 5598c181
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=107736
      
      Reviewed by Mark Hahnenberg.
      
      Mechanical change with no performance impact.
      
      * API/JSBlockAdaptor.mm:
      (BlockArgumentTypeDelegate::typeVoid):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::construct):
      (JSC::::call):
      * API/JSScriptRef.cpp:
      * API/ObjCCallbackFunction.mm:
      (ArgumentTypeDelegate::typeVoid):
      * assembler/ARMv7Assembler.h:
      (JSC::ARMv7Assembler::link):
      (JSC::ARMv7Assembler::replaceWithLoad):
      (JSC::ARMv7Assembler::replaceWithAddressComputation):
      * assembler/MacroAssembler.h:
      (JSC::MacroAssembler::invert):
      * assembler/MacroAssemblerARM.h:
      (JSC::MacroAssemblerARM::countLeadingZeros32):
      (JSC::MacroAssemblerARM::divDouble):
      * assembler/MacroAssemblerMIPS.h:
      (JSC::MacroAssemblerMIPS::absDouble):
      (JSC::MacroAssemblerMIPS::replaceWithJump):
      (JSC::MacroAssemblerMIPS::maxJumpReplacementSize):
      * assembler/MacroAssemblerSH4.h:
      (JSC::MacroAssemblerSH4::absDouble):
      (JSC::MacroAssemblerSH4::replaceWithJump):
      (JSC::MacroAssemblerSH4::maxJumpReplacementSize):
      * assembler/SH4Assembler.h:
      (JSC::SH4Assembler::shllImm8r):
      (JSC::SH4Assembler::shlrImm8r):
      (JSC::SH4Assembler::cmplRegReg):
      (JSC::SH4Assembler::branch):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::replaceWithLoad):
      (JSC::X86Assembler::replaceWithAddressComputation):
      * bytecode/CallLinkInfo.cpp:
      (JSC::CallLinkInfo::unlink):
      * bytecode/CodeBlock.cpp:
      (JSC::debugHookName):
      (JSC::CodeBlock::printGetByIdOp):
      (JSC::CodeBlock::printGetByIdCacheStatus):
      (JSC::CodeBlock::visitAggregate):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::usesOpcode):
      * bytecode/DataFormat.h:
      (JSC::needDataFormatConversion):
      * bytecode/ExitKind.cpp:
      (JSC::exitKindToString):
      (JSC::exitKindIsCountable):
      * bytecode/MethodOfGettingAValueProfile.cpp:
      (JSC::MethodOfGettingAValueProfile::getSpecFailBucket):
      * bytecode/Opcode.h:
      (JSC::opcodeLength):
      * bytecode/PolymorphicPutByIdList.cpp:
      (JSC::PutByIdAccess::fromStructureStubInfo):
      (JSC::PutByIdAccess::visitWeak):
      * bytecode/StructureStubInfo.cpp:
      (JSC::StructureStubInfo::deref):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::ResolveResult::checkValidity):
      (JSC::BytecodeGenerator::emitGetLocalVar):
      (JSC::BytecodeGenerator::beginSwitch):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::BinaryOpNode::emitBytecode):
      (JSC::emitReadModifyAssignment):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::mergeStateAtTail):
      (JSC::DFG::AbstractState::mergeToSuccessors):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::makeSafe):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::fixPossibleGetLocal):
      (JSC::DFG::CFGSimplificationPhase::fixTailOperand):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::setLocalStoreElimination):
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::canHandleOpcodes):
      * dfg/DFGCommon.h:
      (JSC::DFG::useKindToString):
      * dfg/DFGDoubleFormatState.h:
      (JSC::DFG::mergeDoubleFormatStates):
      (JSC::DFG::doubleFormatStateToString):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::blessArrayOperation):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::clobbersWorld):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::valueOfJSConstant):
      (JSC::DFG::Node::successor):
      * dfg/DFGNodeFlags.cpp:
      (JSC::DFG::nodeFlagsAsString):
      * dfg/DFGNodeType.h:
      (JSC::DFG::defaultFlags):
      * dfg/DFGRepatch.h:
      (JSC::DFG::dfgResetGetByID):
      (JSC::DFG::dfgResetPutByID):
      * dfg/DFGSlowPathGenerator.h:
      (JSC::DFG::SlowPathGenerator::call):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::silentSavePlanForGPR):
      (JSC::DFG::SpeculativeJIT::silentSpill):
      (JSC::DFG::SpeculativeJIT::silentFill):
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::checkGeneratedTypeForToInt32):
      (JSC::DFG::SpeculativeJIT::compileValueToInt32):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
      (JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::bitOp):
      (JSC::DFG::SpeculativeJIT::shiftOp):
      (JSC::DFG::SpeculativeJIT::integerResult):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::fillInteger):
      (JSC::DFG::SpeculativeJIT::fillDouble):
      (JSC::DFG::SpeculativeJIT::fillJSValue):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::fillInteger):
      (JSC::DFG::SpeculativeJIT::fillDouble):
      (JSC::DFG::SpeculativeJIT::fillJSValue):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGStructureCheckHoistingPhase.cpp:
      (JSC::DFG::StructureCheckHoistingPhase::run):
      * dfg/DFGValueSource.h:
      (JSC::DFG::ValueSource::valueRecovery):
      * dfg/DFGVariableEvent.cpp:
      (JSC::DFG::VariableEvent::dump):
      * dfg/DFGVariableEventStream.cpp:
      (JSC::DFG::VariableEventStream::reconstruct):
      * heap/BlockAllocator.h:
      (JSC::BlockAllocator::regionSetFor):
      * heap/GCThread.cpp:
      (JSC::GCThread::gcThreadMain):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::sweepHelper):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::isLive):
      * interpreter/CallFrame.h:
      (JSC::ExecState::inlineCallFrame):
      * interpreter/Interpreter.cpp:
      (JSC::getCallerInfo):
      (JSC::getStackFrameCodeType):
      (JSC::Interpreter::execute):
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::FixedVMPoolExecutableAllocator::notifyPageIsFree):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITArithmetic.cpp:
      (JSC::JIT::emitSlow_op_mod):
      * jit/JITArithmetic32_64.cpp:
      (JSC::JIT::emitBinaryDoubleOp):
      (JSC::JIT::emitSlow_op_mod):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::isDirectPutById):
      * jit/JITStubs.cpp:
      (JSC::getPolymorphicAccessStructureListSlot):
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      * parser/Lexer.cpp:
      (JSC::::lex):
      * parser/Nodes.h:
      (JSC::ExpressionNode::emitBytecodeInConditionContext):
      * parser/Parser.h:
      (JSC::Parser::getTokenName):
      (JSC::Parser::updateErrorMessageSpecialCase):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::operatorStackPop):
      * runtime/Arguments.cpp:
      (JSC::Arguments::tearOffForInlineCallFrame):
      * runtime/DatePrototype.cpp:
      (JSC::formatLocaleDate):
      * runtime/Executable.cpp:
      (JSC::samplingDescription):
      * runtime/Executable.h:
      (JSC::ScriptExecutable::unlinkCalls):
      * runtime/Identifier.cpp:
      (JSC):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::getCallData):
      * runtime/JSArray.cpp:
      (JSC::JSArray::push):
      (JSC::JSArray::sort):
      * runtime/JSCell.cpp:
      (JSC::JSCell::defaultValue):
      (JSC::JSCell::getOwnPropertyNames):
      (JSC::JSCell::getOwnNonIndexPropertyNames):
      (JSC::JSCell::className):
      (JSC::JSCell::getPropertyNames):
      (JSC::JSCell::customHasInstance):
      (JSC::JSCell::putDirectVirtual):
      (JSC::JSCell::defineOwnProperty):
      (JSC::JSCell::getOwnPropertyDescriptor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSNameScope.cpp:
      (JSC::JSNameScope::put):
      * runtime/JSObject.cpp:
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::tryGetIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::canSetIndexQuicklyForPutDirect):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::hasSparseMap):
      (JSC::JSObject::inSparseIndexingMode):
      * runtime/JSScope.cpp:
      (JSC::JSScope::isDynamicScope):
      * runtime/JSSymbolTableObject.cpp:
      (JSC::JSSymbolTableObject::putDirectVirtual):
      * runtime/JSSymbolTableObject.h:
      (JSSymbolTableObject):
      * runtime/LiteralParser.cpp:
      (JSC::::parse):
      * runtime/RegExp.cpp:
      (JSC::RegExp::compile):
      (JSC::RegExp::compileMatchOnly):
      * runtime/StructureTransitionTable.h:
      (JSC::newIndexingType):
      * tools/CodeProfile.cpp:
      (JSC::CodeProfile::sample):
      * yarr/YarrCanonicalizeUCS2.h:
      (JSC::Yarr::getCanonicalPair):
      (JSC::Yarr::areCanonicallyEquivalent):
      * yarr/YarrInterpreter.cpp:
      (JSC::Yarr::Interpreter::matchCharacterClass):
      (JSC::Yarr::Interpreter::matchBackReference):
      (JSC::Yarr::Interpreter::backtrackParenthesesTerminalEnd):
      (JSC::Yarr::Interpreter::matchParentheses):
      (JSC::Yarr::Interpreter::backtrackParentheses):
      (JSC::Yarr::Interpreter::matchDisjunction):
      * yarr/YarrJIT.cpp:
      (JSC::Yarr::YarrGenerator::generateTerm):
      (JSC::Yarr::YarrGenerator::backtrackTerm):
      * yarr/YarrParser.h:
      (JSC::Yarr::Parser::CharacterClassParserDelegate::assertionWordBoundary):
      (JSC::Yarr::Parser::CharacterClassParserDelegate::atomBackReference):
      * yarr/YarrPattern.cpp:
      (JSC::Yarr::YarrPatternConstructor::atomCharacterClassBuiltIn):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@140594 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5598c181
  21. 11 Jan, 2013 1 commit
  22. 04 Jan, 2013 1 commit
  23. 27 Dec, 2012 1 commit
    • fpizlo@apple.com's avatar
      All JIT stubs should go through the getCTIStub API · 2ac511cb
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=105750
      
      Reviewed by Sam Weinig.
              
      Previously JITThunks had two sets of thunks: one static set stored in a struct,
      which was filled by JIT::privateCompileCTITrampolines, and another set stored in
      a HashMap. Moreover, the code to generate the code for the CTI trampoline struct
      had loads of copy-paste between JSVALUE32_64 and JSVALUE64, and was total
      unmodular with respect to calls versus constructors, among other things.
                        
      This changeset removes this struct and rationalizes the code that generates those
      thunks. All of thunks are now generated through the getCTIStub HashMap API. All
      thunks for the baseline JIT now use the JSInterfaceJIT and have their codegen
      located in ThunkGenerators.cpp. All thunks now share as much code as possible -
      it turns out that they are almost 100% identical between 32_64 and 64, so that
      works out great. A bunch of call vs. construct duplication was eliminated. And,
      most of the call link versus virtual call duplication was also eliminated.
              
      This does not change behavior but it does make it easier to add more thunks in
      the future.
      
      * bytecode/CallLinkInfo.cpp:
      (JSC::CallLinkInfo::unlink):
      * jit/JIT.cpp:
      (JSC::JIT::linkFor):
      * jit/JIT.h:
      (JIT):
      * jit/JITCall.cpp:
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      * jit/JITInlines.h:
      (JSC):
      * jit/JITOpcodes.cpp:
      (JSC):
      (JSC::JIT::privateCompileCTINativeCall):
      * jit/JITOpcodes32_64.cpp:
      (JSC):
      * jit/JITStubs.cpp:
      (JSC::tryCacheGetByID):
      * jit/JITThunks.cpp:
      (JSC::JITThunks::JITThunks):
      (JSC::JITThunks::ctiNativeCall):
      (JSC::JITThunks::ctiNativeConstruct):
      (JSC):
      (JSC::JITThunks::hostFunctionStub):
      * jit/JITThunks.h:
      (JSC):
      (JITThunks):
      * jit/JSInterfaceJIT.h:
      (JSInterfaceJIT):
      (JSC::JSInterfaceJIT::emitJumpIfNotJSCell):
      (JSC):
      (JSC::JSInterfaceJIT::emitFastArithIntToImmNoCheck):
      (JSC::JSInterfaceJIT::emitJumpIfNotType):
      (JSC::JSInterfaceJIT::emitGetFromCallFrameHeaderPtr):
      (JSC::JSInterfaceJIT::emitPutToCallFrameHeader):
      (JSC::JSInterfaceJIT::emitPutImmediateToCallFrameHeader):
      (JSC::JSInterfaceJIT::emitPutCellToCallFrameHeader):
      (JSC::JSInterfaceJIT::preserveReturnAddressAfterCall):
      (JSC::JSInterfaceJIT::restoreReturnAddressBeforeReturn):
      (JSC::JSInterfaceJIT::restoreArgumentReference):
      * jit/ThunkGenerators.cpp:
      (JSC::generateSlowCaseFor):
      (JSC):
      (JSC::linkForGenerator):
      (JSC::linkCallGenerator):
      (JSC::linkConstructGenerator):
      (JSC::virtualForGenerator):
      (JSC::virtualCallGenerator):
      (JSC::virtualConstructGenerator):
      (JSC::stringLengthTrampolineGenerator):
      (JSC::nativeForGenerator):
      (JSC::nativeCallGenerator):
      (JSC::nativeConstructGenerator):
      (JSC::charCodeAtThunkGenerator):
      (JSC::charAtThunkGenerator):
      (JSC::fromCharCodeThunkGenerator):
      (JSC::sqrtThunkGenerator):
      (JSC::floorThunkGenerator):
      (JSC::ceilThunkGenerator):
      (JSC::roundThunkGenerator):
      (JSC::expThunkGenerator):
      (JSC::logThunkGenerator):
      (JSC::absThunkGenerator):
      (JSC::powThunkGenerator):
      * jit/ThunkGenerators.h:
      (JSC):
      * runtime/Executable.h:
      (NativeExecutable):
      (JSC::NativeExecutable::nativeFunctionFor):
      (JSC::NativeExecutable::offsetOfNativeFunctionFor):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138516 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2ac511cb
  24. 05 Dec, 2012 1 commit
    • fpizlo@apple.com's avatar
      display-profiler-output should be able to show source code · d0f5c88c
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=104073
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      Modify the profiler database to store source code. For functions, we store the
      function including the function signature.
      
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::unlinkedCodeBlock):
      (CodeBlock):
      * profiler/ProfilerBytecodes.cpp:
      (JSC::Profiler::Bytecodes::Bytecodes):
      (JSC::Profiler::Bytecodes::toJS):
      * profiler/ProfilerBytecodes.h:
      (Bytecodes):
      (JSC::Profiler::Bytecodes::sourceCode):
      * profiler/ProfilerDatabase.cpp:
      (JSC::Profiler::Database::addBytecodes):
      (JSC::Profiler::Database::ensureBytecodesFor):
      * profiler/ProfilerDatabase.h:
      (Database):
      * runtime/CommonIdentifiers.h:
      * runtime/Executable.h:
      (FunctionExecutable):
      (JSC::FunctionExecutable::unlinkedExecutable):
      
      Tools: 
      
      Display source code in the summary, using a one-line shortening.
      
      * Scripts/display-profiler-output:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@136606 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d0f5c88c
  25. 30 Nov, 2012 1 commit
    • fpizlo@apple.com's avatar
      It should be easy to find code blocks in debug dumps · 0bfcc38a
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=103623
      
      Source/JavaScriptCore: 
      
      Reviewed by Goeffrey Garen.
      
      This gives CodeBlock a relatively strong, but also relatively compact, hash. We compute
      it lazily so that it only impacts run-time when debug support is enabled. We stringify
      it smartly so that it's short and easy to type. We base it on the source code so that
      the optimization level is irrelevant. And, we use SHA1 since it's already in our code
      base. Now, when a piece of code wants to print some debugging to say that it's operating
      on some code block, it can use this CodeBlockHash instead of memory addresses.
      
      This also takes CodeBlock debugging into the new world of print() and dataLog(). In
      particular, CodeBlock::dump() corresponds to the thing you want printed if you do:
      
      dataLog("I heart ", *myCodeBlock);
      
      Probably, you want to just print some identifying information at this point rather than
      the full bytecode dump. So, the existing CodeBlock::dump() has been renamed to
      CodeBlock::dumpBytecode(), and CodeBlock::dump() now prints the CodeBlockHash plus just
      a few little tidbits.
              
      Here's an example of CodeBlock::dump() output:
              
      EkILzr:[0x103883a00, BaselineFunctionCall]
              
      EkILzr is the CodeBlockHash. 0x103883a00 is the CodeBlock's address in memory. The other
      part is self-explanatory.
      
      Finally, this new notion of CodeBlockHash is available for other purposes like bisecting
      breakage. As such CodeBlockHash has all of the comparison operator overloads. When
      bisecting in DFGDriver.cpp, you can now say things like:
              
      if (codeBlock->hash() < CodeBlockHash("CAAAAA"))
          return false;
              
      And yes, CAAAAA is near the median hash, and the largest one is smaller than E99999. Such
      is life when you use base 62 to encode a 32-bit number.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CallLinkInfo.h:
      (CallLinkInfo):
      (JSC::CallLinkInfo::specializationKind):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::hash):
      (JSC):
      (JSC::CodeBlock::dumpAssumingJITType):
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::dumpBytecode):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::resetStubInternal):
      (JSC::CodeBlock::reoptimize):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::CodeBlock::shouldOptimizeNow):
      (JSC::CodeBlock::tallyFrequentExitSites):
      (JSC::CodeBlock::dumpValueProfiles):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::specializationKind):
      (CodeBlock):
      (JSC::CodeBlock::getJITType):
      * bytecode/CodeBlockHash.cpp: Added.
      (JSC):
      (JSC::CodeBlockHash::CodeBlockHash):
      (JSC::CodeBlockHash::dump):
      * bytecode/CodeBlockHash.h: Added.
      (JSC):
      (CodeBlockHash):
      (JSC::CodeBlockHash::CodeBlockHash):
      (JSC::CodeBlockHash::hash):
      (JSC::CodeBlockHash::operator==):
      (JSC::CodeBlockHash::operator!=):
      (JSC::CodeBlockHash::operator<):
      (JSC::CodeBlockHash::operator>):
      (JSC::CodeBlockHash::operator<=):
      (JSC::CodeBlockHash::operator>=):
      * bytecode/CodeBlockWithJITType.h: Added.
      (JSC):
      (CodeBlockWithJITType):
      (JSC::CodeBlockWithJITType::CodeBlockWithJITType):
      (JSC::CodeBlockWithJITType::dump):
      * bytecode/CodeOrigin.cpp: Added.
      (JSC):
      (JSC::CodeOrigin::inlineDepthForCallFrame):
      (JSC::CodeOrigin::inlineDepth):
      (JSC::CodeOrigin::inlineStack):
      (JSC::InlineCallFrame::hash):
      * bytecode/CodeOrigin.h:
      (InlineCallFrame):
      (JSC::InlineCallFrame::specializationKind):
      (JSC):
      * bytecode/CodeType.cpp: Added.
      (WTF):
      (WTF::printInternal):
      * bytecode/CodeType.h:
      (WTF):
      * bytecode/ExecutionCounter.cpp:
      (JSC::ExecutionCounter::dump):
      * bytecode/ExecutionCounter.h:
      (ExecutionCounter):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGDisassembler.cpp:
      (JSC::DFG::Disassembler::dump):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dumpCodeOrigin):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::dfgLinkClosureCall):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::dumpCallFrame):
      * jit/JITCode.cpp: Added.
      (WTF):
      (WTF::printInternal):
      * jit/JITCode.h:
      (JSC::JITCode::jitType):
      (WTF):
      * jit/JITDisassembler.cpp:
      (JSC::JITDisassembler::dump):
      (JSC::JITDisassembler::dumpForInstructions):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/CodeSpecializationKind.cpp: Added.
      (WTF):
      (WTF::printInternal):
      * runtime/CodeSpecializationKind.h:
      (JSC::specializationFromIsCall):
      (JSC):
      (JSC::specializationFromIsConstruct):
      (WTF):
      * runtime/Executable.cpp:
      (JSC::ExecutableBase::hashFor):
      (JSC):
      (JSC::NativeExecutable::hashFor):
      (JSC::ScriptExecutable::hashFor):
      * runtime/Executable.h:
      (ExecutableBase):
      (NativeExecutable):
      (ScriptExecutable):
      (JSC::ScriptExecutable::source):
      
      Source/WTF: 
      
      Reviewed by Geoffrey Garen.
      
      Changed RawPointer to accept both const void* and void*, and use the former internally.
              
      Cleaned up SHA1 so that the functionality already used internally for self-testing is
      available via the API. This includes addBytes(CString) and computing hex digests.
      
      * wtf/RawPointer.h:
      (WTF::RawPointer::RawPointer):
      (RawPointer):
      (WTF::RawPointer::value):
      * wtf/SHA1.cpp:
      (WTF::expectSHA1):
      (WTF::SHA1::hexDigest):
      (WTF::SHA1::computeHexDigest):
      * wtf/SHA1.h:
      (WTF::SHA1::addBytes):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@136199 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0bfcc38a
  26. 14 Nov, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG CreateThis should be able to statically account for the structure of the... · f5db15ed
      fpizlo@apple.com authored
      DFG CreateThis should be able to statically account for the structure of the object it creates, if profiling indicates that this structure is always the same
      https://bugs.webkit.org/show_bug.cgi?id=102017
      
      Reviewed by Geoffrey Garen.
      
      This adds a watchpoint in JSFunction on the cached inheritor ID. It also changes
      NewObject to take a structure as an operand (previously it implicitly used the owning
      global object's empty object structure). Any GetCallee where the callee is predictable
      is turned into a CheckFunction + WeakJSConstant, and any CreateThis on a WeakJSConstant
      where the inheritor ID watchpoint is still valid is turned into an InheritorIDWatchpoint
      followed by a NewObject. NewObject already accounts for the structure it uses for object
      creation in the CFA.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::checkFunctionElimination):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasFunction):
      (JSC::DFG::Node::function):
      (JSC::DFG::Node::hasStructure):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * runtime/Executable.h:
      (JSC::JSFunction::JSFunction):
      * runtime/JSBoundFunction.cpp:
      (JSC):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::put):
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSFunction.h:
      (JSC::JSFunction::tryGetKnownInheritorID):
      (JSFunction):
      (JSC::JSFunction::addInheritorIDWatchpoint):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@134555 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f5db15ed
  27. 09 Nov, 2012 1 commit
    • oliver@apple.com's avatar
      Improve effectiveness of function-level caching · 27e0eed2
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101667
      
      Reviewed by Filip Pizlo.
      
      Added a random-eviction based cache for unlinked functions, and switch
      UnlinkedFunctionExecutable's code references to Weak<>, thereby letting
      us remove the explicit UnlinkedFunctionExecutable::clearCode() calls that
      were being triggered by GC.
      
      Refactored the random eviction part of the CodeCache into a separate data
      structure so that I didn't have to duplicate the code again, and then used
      that for the new function cache.
      
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedFunctionExecutable::visitChildren):
      (JSC::UnlinkedFunctionExecutable::codeBlockFor):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::clearCodeForRecompilation):
      (UnlinkedFunctionExecutable):
      * debugger/Debugger.cpp:
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getCodeBlock):
      (JSC::CodeCache::generateFunctionCodeBlock):
      (JSC::CodeCache::getFunctionExecutableFromGlobalCode):
      (JSC::CodeCache::usedFunctionCode):
      (JSC):
      * runtime/Executable.cpp:
      (JSC::FunctionExecutable::clearUnlinkedCodeForRecompilationIfNotCompiling):
      (JSC::FunctionExecutable::clearCode):
      * runtime/Executable.h:
      (FunctionExecutable):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133975 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      27e0eed2
  28. 07 Nov, 2012 1 commit
    • oliver@apple.com's avatar
      Reduce parser overhead in JSC · f0c01b8e
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101127
      
      Reviewed by Filip Pizlo.
      
      An exciting journey into the world of architecture in which our hero
      adds yet another layer to JSC codegeneration.
      
      This patch adds a marginally more compact form of bytecode that is
      free from any data specific to a given execution context, and that
      does store any data structures necessary for execution.  To actually
      execute this UnlinkedBytecode we still need to instantiate a real
      CodeBlock, but this is a much faster linear time operation than any
      of the earlier parsing or code generation passes.
      
      As the unlinked code is context free we can then simply use a cache
      from source to unlinked code mapping to completely avoid all of the
      old parser overhead.  The cache is currently very simple and memory
      heavy, using the complete source text as a key (rather than SourceCode
      or equivalent), and a random eviction policy.
      
      This seems to produce a substantial win when loading identical content
      in different contexts.
      
      * API/tests/testapi.c:
      (main):
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.cpp:
      * bytecode/CodeBlock.h:
          Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp
      * bytecode/Opcode.h:
          Added a global const init no op instruction needed to get correct
          behaviour without any associated semantics.
      * bytecode/UnlinkedCodeBlock.cpp: Added.
      * bytecode/UnlinkedCodeBlock.h: Added.
          A fairly shallow, GC allocated version of the old CodeBlock
          classes with a 32bit instruction size, and just metadata
          size tracking.
      * bytecompiler/BytecodeGenerator.cpp:
      * bytecompiler/BytecodeGenerator.h:
          Replace direct access to m_symbolTable with access through
          symbolTable().  ProgramCode no longer has a symbol table at
          all so some previously unconditional (and pointless) uses
          of symbolTable get null checks.
          A few other changes to deal with type changes due to us generating
          unlinked code (eg. pointer free, so profile indices rather than
          pointers).
      * dfg/DFGByteCodeParser.cpp:
      * dfg/DFGCapabilities.h:
          Support global_init_nop
      * interpreter/Interpreter.cpp:
          Now get the ProgramExecutable to initialise new global properties
          before starting execution.
      * jit/JIT.cpp:
      * jit/JITDriver.h:
      * jit/JITStubs.cpp:
      * llint/LLIntData.cpp:
      * llint/LLIntSlowPaths.cpp:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
          Adding init_global_const_nop everywhere else
      * parser/Parser.h:
      * parser/ParserModes.h: Added.
      * parser/ParserTokens.h:
          Parser no longer needs a global object or callframe to function
      * runtime/CodeCache.cpp: Added.
      * runtime/CodeCache.h: Added.
          A simple, random eviction, Source->UnlinkedCode cache
      * runtime/Executable.cpp:
      * runtime/Executable.h:
          Executables now reference their unlinked counterparts, and
          request code specifically for the target global object.
      * runtime/JSGlobalData.cpp:
      * runtime/JSGlobalData.h:
          GlobalData now owns a CodeCache and a set of new structures
          for the unlinked code types.
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h:
          Utility functions used by executables to perform compilation
      
      * runtime/JSType.h:
        Add new JSTypes for unlinked code
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f0c01b8e
  29. 03 Oct, 2012 1 commit
    • mhahnenberg@apple.com's avatar
      Delayed structure sweep can leak structures without bound · 30738a77
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96546
      
      Reviewed by Geoffrey Garen.
      
      This patch gets rid of the separate Structure allocator in the MarkedSpace and adds two new destructor-only
      allocators. We now have separate allocators for our three types of objects: those objects with no destructors,
      those objects with destructors and with immortal structures, and those objects with destructors that don't have 
      immortal structures. All of the objects of the third type (destructors without immortal structures) now 
      inherit from a new class named JSDestructibleObject (which in turn is a subclass of JSNonFinalObject), which stores 
      the ClassInfo for these classes at a fixed offset for safe retrieval during sweeping/destruction.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackConstructor.cpp: Use JSDestructibleObject for JSCallbackConstructor.
      (JSC):
      (JSC::JSCallbackConstructor::JSCallbackConstructor):
      * API/JSCallbackConstructor.h:
      (JSCallbackConstructor):
      * API/JSCallbackObject.cpp: Inherit from JSDestructibleObject for normal JSCallbackObjects and use a finalizer for 
      JSCallbackObject<JSGlobalObject>, since JSGlobalObject also uses a finalizer.
      (JSC):
      (JSC::::create): We need to move the create function for JSCallbackObject<JSGlobalObject> out of line so we can add 
      the finalizer for it. We don't want to add the finalizer is something like finishCreation in case somebody decides 
      to subclass this. We use this same technique for many other subclasses of JSGlobalObject.
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSCallbackObject):
      (JSC):
      * API/JSClassRef.cpp: Change all the JSCallbackObject<JSNonFinalObject> to use JSDestructibleObject instead.
      (OpaqueJSClass::prototype):
      * API/JSObjectRef.cpp: Ditto.
      (JSObjectMake):
      (JSObjectGetPrivate):
      (JSObjectSetPrivate):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      * API/JSValueRef.cpp: Ditto.
      (JSValueIsObjectOfClass):
      * API/JSWeakObjectMapRefPrivate.cpp: Ditto.
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * dfg/DFGSpeculativeJIT.h: Use the proper allocator type when doing inline allocation in the DFG.
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject):
      * heap/Heap.cpp:
      (JSC):
      * heap/Heap.h: Add accessors for the various types of allocators now. Also remove the isSafeToSweepStructures function 
      since it's always safe to sweep Structures now.
      (JSC::Heap::allocatorForObjectWithNormalDestructor): 
      (JSC::Heap::allocatorForObjectWithImmortalStructureDestructor):
      (Heap):
      (JSC::Heap::allocateWithNormalDestructor):
      (JSC):
      (JSC::Heap::allocateWithImmortalStructureDestructor):
      * heap/IncrementalSweeper.cpp: Remove all the logic to detect when it's safe to sweep Structures from the 
      IncrementalSweeper since it's always safe to sweep Structures now.
      (JSC::IncrementalSweeper::IncrementalSweeper):
      (JSC::IncrementalSweeper::sweepNextBlock):
      (JSC::IncrementalSweeper::startSweeping):
      (JSC::IncrementalSweeper::willFinishSweeping):
      (JSC):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/MarkedAllocator.cpp: Remove the logic that was preventing us from sweeping Structures if it wasn't safe. Add 
      tracking of the specific destructor type of allocator. 
      (JSC::MarkedAllocator::tryAllocateHelper):
      (JSC::MarkedAllocator::allocateBlock):
      * heap/MarkedAllocator.h:
      (JSC::MarkedAllocator::destructorType):
      (MarkedAllocator):
      (JSC::MarkedAllocator::MarkedAllocator):
      (JSC::MarkedAllocator::init):
      * heap/MarkedBlock.cpp: Add all the destructor type stuff to MarkedBlocks so that we do the right thing when sweeping. 
      We also use the stored destructor type to determine the right thing to do in all JSCell::classInfo() calls.
      (JSC::MarkedBlock::create):
      (JSC::MarkedBlock::MarkedBlock):
      (JSC):
      (JSC::MarkedBlock::specializedSweep):
      (JSC::MarkedBlock::sweep):
      (JSC::MarkedBlock::sweepHelper):
      * heap/MarkedBlock.h:
      (JSC):
      (JSC::MarkedBlock::allocator):
      (JSC::MarkedBlock::destructorType):
      * heap/MarkedSpace.cpp: Add the new destructor allocators to MarkedSpace.
      (JSC::MarkedSpace::MarkedSpace):
      (JSC::MarkedSpace::resetAllocators):
      (JSC::MarkedSpace::canonicalizeCellLivenessData):
      (JSC::MarkedSpace::isPagedOut):
      (JSC::MarkedSpace::freeBlock):
      * heap/MarkedSpace.h:
      (MarkedSpace):
      (JSC::MarkedSpace::immortalStructureDestructorAllocatorFor):
      (JSC::MarkedSpace::normalDestructorAllocatorFor):
      (JSC::MarkedSpace::allocateWithImmortalStructureDestructor):
      (JSC::MarkedSpace::allocateWithNormalDestructor):
      (JSC::MarkedSpace::forEachBlock):
      * heap/SlotVisitor.cpp: Add include because the symbol was needed in an inlined function.
      * jit/JIT.h: Make sure we use the correct allocator when doing inline allocations in the baseline JIT.
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      (JSC::JIT::emitAllocateJSFinalObject):
      (JSC::JIT::emitAllocateJSArray):
      * jsc.cpp: 
      (GlobalObject::create): Add finalizer here since JSGlobalObject needs to use a finalizer instead of inheriting from 
      JSDestructibleObject.
      * runtime/Arguments.cpp: Inherit from JSDestructibleObject.
      (JSC):
      * runtime/Arguments.h:
      (Arguments):
      (JSC::Arguments::Arguments):
      * runtime/ErrorPrototype.cpp: Added an assert to make sure we have a trivial destructor.
      (JSC):
      * runtime/Executable.h: Indicate that all of the Executable* classes have immortal Structures.
      (JSC):
      * runtime/InternalFunction.cpp: Inherit from JSDestructibleObject.
      (JSC):
      (JSC::InternalFunction::InternalFunction):
      * runtime/InternalFunction.h:
      (InternalFunction):
      * runtime/JSCell.h: Added two static bools, needsDestruction and hasImmortalStructure, that classes can override 
      to indicate at compile time which part of the heap they should be allocated in.
      (JSC::allocateCell): Use the appropriate allocator depending on the destructor type.
      * runtime/JSDestructibleObject.h: Added. New class that stores the ClassInfo of any subclass so that it can be 
      accessed safely when the object is being destroyed.
      (JSC):
      (JSDestructibleObject):
      (JSC::JSDestructibleObject::classInfo):
      (JSC::JSDestructibleObject::JSDestructibleObject):
      (JSC::JSCell::classInfo): Checks the current MarkedBlock to see where it should get the ClassInfo from so that it's always safe.
      * runtime/JSGlobalObject.cpp: JSGlobalObject now uses a finalizer instead of a destructor so that it can avoid forcing all 
      of its relatives in the inheritance hierarchy (e.g. JSScope) to use destructors as well.
      (JSC::JSGlobalObject::reset):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::createRareDataIfNeeded): Since we always create a finalizer now, we don't have to worry about adding one 
      for the m_rareData field when it's created.
      (JSC::JSGlobalObject::create):
      (JSC):
      * runtime/JSGlobalThis.h: Inherit from JSDestructibleObject.
      (JSGlobalThis):
      (JSC::JSGlobalThis::JSGlobalThis):
      * runtime/JSPropertyNameIterator.h: Has an immortal Structure.
      (JSC):
      * runtime/JSScope.cpp:
      (JSC):
      * runtime/JSString.h: Has an immortal Structure.
      (JSC):
      * runtime/JSWrapperObject.h: Inherit from JSDestructibleObject.
      (JSWrapperObject):
      (JSC::JSWrapperObject::JSWrapperObject):
      * runtime/MathObject.cpp: Cleaning up some of the inheritance stuff.
      (JSC):
      * runtime/NameInstance.h: Inherit from JSDestructibleObject.
      (NameInstance):
      * runtime/RegExp.h: Has immortal Structure.
      (JSC):
      * runtime/RegExpObject.cpp: Inheritance cleanup.
      (JSC):
      * runtime/SparseArrayValueMap.h: Has immortal Structure.
      (JSC):
      * runtime/Structure.h: Has immortal Structure.
      (JSC):
      * runtime/StructureChain.h: Ditto.
      (JSC):
      * runtime/SymbolTable.h: Ditto.
      (SharedSymbolTable):
      (JSC):
      
      Source/WebCore: 
      
      No new tests.
      
      * ForwardingHeaders/runtime/JSDestructableObject.h: Added.
      * bindings/js/JSDOMWrapper.h: Inherits from JSDestructibleObject.
      (JSDOMWrapper):
      (WebCore::JSDOMWrapper::JSDOMWrapper):
      * bindings/scripts/CodeGeneratorJS.pm: Add finalizers to anything that inherits from JSGlobalObject,
      e.g. JSDOMWindow and JSWorkerContexts. For those classes we also need to define needsDestruction as true.
      (GenerateHeader):
      * bridge/objc/objc_runtime.h: Inherit from JSDestructibleObject.
      (ObjcFallbackObjectImp):
      * bridge/objc/objc_runtime.mm:
      (Bindings):
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      * bridge/runtime_array.cpp: Use a finalizer so that JSArray isn't forced to inherit from JSDestructibleObject.
      (JSC):
      (JSC::RuntimeArray::destroy):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::create):
      (JSC):
      * bridge/runtime_object.cpp: Inherit from JSDestructibleObject.
      (Bindings):
      (JSC::Bindings::RuntimeObject::RuntimeObject):
      * bridge/runtime_object.h:
      (RuntimeObject):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      30738a77
  30. 25 Sep, 2012 1 commit
    • mark.lam@apple.com's avatar
      Deleting the classic interpreter and cleaning up some build options. · 74a9e837
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96969.
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      * bytecode/Instruction.h:
      (JSC::Instruction::Instruction):
      * interpreter/AbstractPC.cpp:
      (JSC::AbstractPC::AbstractPC):
      * interpreter/AbstractPC.h:
      (AbstractPC):
      * interpreter/CallFrame.h:
      (ExecState):
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getLineNumberForCallFrame):
      (JSC::getCallerInfo):
      (JSC::getSourceURLFromCallFrame):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::retrieveArgumentsFromVMCode):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC::Interpreter::getOpcodeID):
      (Interpreter):
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
      * offlineasm/asm.rb:
      * offlineasm/offsets.rb:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::NativeExecutable::create):
      (NativeExecutable):
      (JSC::NativeExecutable::finishCreation):
      * runtime/JSGlobalData.cpp:
      (JSC):
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::getHostFunction):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      (JSC::JSGlobalData::canUseJIT):
      (JSC::JSGlobalData::canUseRegExpJIT):
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      
      Source/WebKit/blackberry: 
      
      * WebCoreSupport/AboutDataEnableFeatures.in:
      
      Source/WTF: 
      
      * wtf/OSAllocatorPosix.cpp:
      (WTF::OSAllocator::reserveAndCommit):
      * wtf/Platform.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129453 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      74a9e837
  31. 22 Sep, 2012 1 commit
    • ggaren@apple.com's avatar
      Optimized closures that capture arguments · be8ad1fd
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97358
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      Previously, the activation object was responsible for capturing all
      arguments in a way that was convenient for the arguments object. Now,
      we move all captured variables into a contiguous region in the stack,
      allocate an activation for exactly that size, and make the arguments
      object responsible for knowing all the places to which arguments could
      have moved.
      
      This seems like the right tradeoff because
      
          (a) Closures are common and long-lived, so we want them to be small.
      
          (b) Our primary strategy for optimizing the arguments object is to make
          it go away. If you're allocating arguments objects, you're already having
          a bad time.
      
          (c) It's common to use either the arguments object or named argument
          closure, but not both.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::argumentsRegister):
      (JSC::CodeBlock::activationRegister):
      (JSC::CodeBlock::isCaptured):
      (JSC::CodeBlock::argumentIndexAfterCapture): m_numCapturedVars is gone
      now -- we have an explicit range instead.
      
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator): Move captured arguments
      into the captured region of local variables for space efficiency. Record
      precise data about where they moved for the sake of the arguments object.
      
      Some of this data was previously wrong, but it didn't cause any problems
      because the arguments weren't actually moving.
      
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::flushArgumentsAndCapturedVariables): Don't
      assume that captured vars are in any particular location -- always ask
      the CodeBlock. This is better encapsulation.
      
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile): I rename things sometimes.
      
      * runtime/Arguments.cpp:
      (JSC::Arguments::tearOff): Account for a particularly nasty edge case.
      
      (JSC::Arguments::didTearOffActivation): Don't allocate our slow arguments
      data on tear-off. We need to allocate it eagerly instead, since we need
      to know about displaced, captured arguments during access before tear-off.
      
      * runtime/Arguments.h:
      (JSC::Arguments::allocateSlowArguments):
      (JSC::Arguments::argument): Tell our slow arguments array where all arguments
      are, even if they are not captured. This simplifies some things, so we don't
      have to account explicitly for the full matrix of (not torn off, torn off)
      * (captured, not captured).
      
      (JSC::Arguments::finishCreation): Allocate our slow arguments array eagerly
      because we need to know about displaced, captured arguments during access
      before tear-off.
      
      * runtime/Executable.cpp:
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::FunctionExecutable::parameterCount):
      (FunctionExecutable):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::visitChildren):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::create):
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::registerOffset):
      (JSC::JSActivation::tearOff):
      (JSC::JSActivation::allocationSize):
      (JSC::JSActivation::isValid): This is really the point of the patch. All
      the pointer math in Activations basically boils away, since we always
      copy a contiguous region of captured variables now.
      
      * runtime/SymbolTable.h:
      (JSC::SlowArgument::SlowArgument):
      (SlowArgument):
      (SharedSymbolTable):
      (JSC::SharedSymbolTable::captureCount):
      (JSC::SharedSymbolTable::SharedSymbolTable): AllOfTheThings capture mode
      is gone now -- that's the point of the patch. indexIfCaptured gets renamed
      to index because we always have an index, even if not captured. (The only
      time when the index is meaningless is when we're Deleted.)
      
      LayoutTests: 
      
      * fast/js/dfg-arguments-alias-activation-expected.txt:
      * fast/js/dfg-arguments-alias-activation.html:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129297 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      be8ad1fd
  32. 18 Sep, 2012 1 commit
    • ossy@webkit.org's avatar
      Unreviewed, rolling out r128826 and r128813. · 7c7e4274
      ossy@webkit.org authored
      Source/JavaScriptCore:
      
      * API/JSCallbackConstructor.cpp:
      (JSC):
      (JSC::JSCallbackConstructor::JSCallbackConstructor):
      * API/JSCallbackConstructor.h:
      (JSCallbackConstructor):
      * API/JSCallbackObject.cpp:
      (JSC):
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObject::create):
      (JSCallbackObject):
      * API/JSClassRef.cpp:
      (OpaqueJSClass::prototype):
      * API/JSObjectRef.cpp:
      (JSObjectMake):
      (JSObjectGetPrivate):
      (JSObjectSetPrivate):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      * API/JSValueRef.cpp:
      (JSValueIsObjectOfClass):
      * API/JSWeakObjectMapRefPrivate.cpp:
      * GNUmakefile.list.am:
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject):
      * heap/Heap.cpp:
      (JSC::Heap::isSafeToSweepStructures):
      (JSC):
      * heap/Heap.h:
      (JSC::Heap::allocatorForObjectWithDestructor):
      (Heap):
      (JSC::Heap::allocateWithDestructor):
      (JSC::Heap::allocateStructure):
      (JSC):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::IncrementalSweeper):
      (JSC::IncrementalSweeper::sweepNextBlock):
      (JSC::IncrementalSweeper::startSweeping):
      (JSC::IncrementalSweeper::willFinishSweeping):
      (JSC::IncrementalSweeper::structuresCanBeSwept):
      (JSC):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::tryAllocateHelper):
      (JSC::MarkedAllocator::allocateBlock):
      * heap/MarkedAllocator.h:
      (JSC::MarkedAllocator::cellsNeedDestruction):
      (JSC::MarkedAllocator::onlyContainsStructures):
      (MarkedAllocator):
      (JSC::MarkedAllocator::MarkedAllocator):
      (JSC::MarkedAllocator::init):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::create):
      (JSC::MarkedBlock::MarkedBlock):
      (JSC):
      (JSC::MarkedBlock::specializedSweep):
      (JSC::MarkedBlock::sweep):
      (JSC::MarkedBlock::sweepHelper):
      * heap/MarkedBlock.h:
      (JSC):
      (MarkedBlock):
      (JSC::MarkedBlock::cellsNeedDestruction):
      (JSC::MarkedBlock::onlyContainsStructures):
      * heap/MarkedSpace.cpp:
      (JSC::MarkedSpace::MarkedSpace):
      (JSC::MarkedSpace::resetAllocators):
      (JSC::MarkedSpace::canonicalizeCellLivenessData):
      (JSC::MarkedSpace::isPagedOut):
      (JSC::MarkedSpace::freeBlock):
      * heap/MarkedSpace.h:
      (MarkedSpace):
      (Subspace):
      (JSC::MarkedSpace::allocatorFor):
      (JSC::MarkedSpace::destructorAllocatorFor):
      (JSC::MarkedSpace::allocateWithDestructor):
      (JSC::MarkedSpace::allocateStructure):
      (JSC::MarkedSpace::forEachBlock):
      * heap/SlotVisitor.cpp:
      * jit/JIT.h:
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      (JSC::JIT::emitAllocateJSFinalObject):
      (JSC::JIT::emitAllocateJSArray):
      * jsc.cpp:
      (GlobalObject::create):
      * runtime/Arguments.cpp:
      (JSC):
      * runtime/Arguments.h:
      (Arguments):
      (JSC::Arguments::Arguments):
      * runtime/ErrorPrototype.cpp:
      (JSC):
      * runtime/Executable.h:
      * runtime/InternalFunction.cpp:
      (JSC):
      (JSC::InternalFunction::InternalFunction):
      * runtime/InternalFunction.h:
      (InternalFunction):
      * runtime/JSCell.h:
      (JSC):
      (JSC::allocateCell):
      * runtime/JSDestructibleObject.h: Removed.
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::createRareDataIfNeeded):
      (JSC::JSGlobalObject::create):
      * runtime/JSGlobalThis.h:
      (JSGlobalThis):
      (JSC::JSGlobalThis::JSGlobalThis):
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSScope.cpp:
      (JSC):
      * runtime/JSString.h:
      (JSC):
      * runtime/JSWrapperObject.h:
      (JSWrapperObject):
      (JSC::JSWrapperObject::JSWrapperObject):
      * runtime/MathObject.cpp:
      (JSC):
      * runtime/NameInstance.h:
      (NameInstance):
      * runtime/RegExp.h:
      * runtime/RegExpObject.cpp:
      (JSC):
      * runtime/SparseArrayValueMap.h:
      * runtime/Structure.h:
      (JSC::Structure):
      (JSC::JSCell::classInfo):
      (JSC):
      * runtime/StructureChain.h:
      * runtime/SymbolTable.h:
      * testRegExp.cpp:
      (GlobalObject::create):
      
      Source/WebCore:
      
      * ForwardingHeaders/runtime/JSDestructibleObject.h: Removed.
      * bindings/js/JSDOMWrapper.h:
      (WebCore::JSDOMWrapper::JSDOMWrapper):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      * bridge/objc/objc_runtime.h:
      (ObjcFallbackObjectImp):
      * bridge/objc/objc_runtime.mm:
      (Bindings):
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      * bridge/runtime_array.cpp:
      (JSC):
      (JSC::RuntimeArray::destroy):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::create):
      * bridge/runtime_object.cpp:
      (Bindings):
      (JSC::Bindings::RuntimeObject::RuntimeObject):
      * bridge/runtime_object.h:
      (RuntimeObject):
      
      Source/WebKit2:
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit):
      (WebKit::JSNPObject::JSNPObject):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (JSNPObject):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128851 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7c7e4274