1. 17 Apr, 2013 1 commit
    • mark.lam@apple.com's avatar
      Source/JavaScriptCore: Add LLINT and baseline JIT support for timing out scripts. · dff6b22e
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114577.
      
      Reviewed by Geoffrey Garen.
      
      Introduces the new Watchdog class which is used to track script
      execution time, and initiate script termination if needed.
      
      * API/JSContextRef.cpp:
      (internalScriptTimeoutCallback):
      (JSContextGroupSetExecutionTimeLimit):
      (JSContextGroupClearExecutionTimeLimit):
      * API/JSContextRefPrivate.h:
      - Added new script execution time limit APIs.
      * API/tests/testapi.c:
      (currentCPUTime):
      (shouldTerminateCallback):
      (cancelTerminateCallback):
      (extendTerminateCallback):
      (main):
      - Added new API tests for script execution time limit.
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitLoopHint):
      - loop hints are needed for the llint as well. Hence, it will be
        emitted unconditionally.
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::addStackTraceIfNecessary):
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      - Added checks for script termination before entering script code.
      * jit/JIT.cpp:
      (JSC::JIT::emitWatchdogTimerCheck):
      * jit/JIT.h:
      (JSC::JIT::emit_op_loop_hint):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION(void, handle_watchdog_timer)):
      * jit/JITStubs.h:
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::doThrow):
      - Factored out some common code from returnToThrow() and callToThrow().
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL(slow_path_handle_watchdog_timer)):
      * llint/LLIntSlowPaths.h:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ExceptionHelpers.cpp:
      (JSC::throwTerminatedExecutionException):
      - Also removed the now unused InterruptedExecutionException.
      * runtime/ExceptionHelpers.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      - Added watchdog, and removed the now obsolete Terminator.
      * runtime/Terminator.h: Removed.
      * runtime/Watchdog.cpp: Added.
      (JSC::Watchdog::Watchdog):
      (JSC::Watchdog::~Watchdog):
      (JSC::Watchdog::setTimeLimit):
      (JSC::Watchdog::didFire):
      (JSC::Watchdog::isEnabled):
      (JSC::Watchdog::fire):
      (JSC::Watchdog::arm):
      (JSC::Watchdog::disarm):
      (JSC::Watchdog::startCountdownIfNeeded):
      (JSC::Watchdog::startCountdown):
      (JSC::Watchdog::stopCountdown):
      (JSC::Watchdog::Scope::Scope):
      (JSC::Watchdog::Scope::~Scope):
      * runtime/Watchdog.h: Added.
      (Watchdog):
      (JSC::Watchdog::didFire):
      (JSC::Watchdog::timerDidFireAddress):
      (JSC::Watchdog::isArmed):
      (Watchdog::Scope):
      * runtime/WatchdogMac.cpp: Added.
      (JSC::Watchdog::initTimer):
      (JSC::Watchdog::destroyTimer):
      (JSC::Watchdog::startTimer):
      (JSC::Watchdog::stopTimer):
      * runtime/WatchdogNone.cpp: Added.
      (JSC::Watchdog::initTimer):
      (JSC::Watchdog::destroyTimer):
      (JSC::Watchdog::startTimer):
      (JSC::Watchdog::stopTimer):
      
      Source/WebCore: Add LLINT and baseline JIT support for timing out scripts.
      https://bugs.webkit.org/show_bug.cgi?id=114577.
      
      Reviewed by Geoffrey Garen.
      
      Replaced use of the obsolete JSGlobalData.terminator methods with the
      JSGlobalData.watchdog equivalents.
      
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::scheduleExecutionTermination):
      (WebCore::WorkerScriptController::isExecutionTerminating):
      
      Source/WTF: Added currentCPUTime() and currentCPUTimeMS().
      https://bugs.webkit.org/show_bug.cgi?id=114577.
      
      Reviewed by Geoffrey Garen.
      
      The currentCPUTime() implementation came from the old TimeoutChecker.cpp.
      
      * wtf/CurrentTime.cpp:
      (WTF::currentCPUTime):
      (WTF::currentCPUTimeMS):
      * wtf/CurrentTime.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148639 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      dff6b22e
  2. 29 Jan, 2013 1 commit
    • fpizlo@apple.com's avatar
      DFG should not use a graph that is a vector, Nodes shouldn't move after... · 8ff092fc
      fpizlo@apple.com authored
      DFG should not use a graph that is a vector, Nodes shouldn't move after allocation, and we should always refer to nodes by Node*
      https://bugs.webkit.org/show_bug.cgi?id=106868
      
      Reviewed by Oliver Hunt.
              
      This adds a pool allocator for Nodes, and uses that instead of a Vector. Changes all
      uses of Node& and NodeIndex to be simply Node*. Nodes no longer have an index except
      for debugging (Node::index(), which is not guaranteed to be O(1)).
              
      1% speed-up on SunSpider, presumably because this improves compile times.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/DataFormat.h:
      (JSC::dataFormatToString):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::initialize):
      (JSC::DFG::AbstractState::booleanResult):
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::mergeStateAtTail):
      (JSC::DFG::AbstractState::mergeToSuccessors):
      (JSC::DFG::AbstractState::mergeVariableBetweenBlocks):
      (JSC::DFG::AbstractState::dump):
      * dfg/DFGAbstractState.h:
      (DFG):
      (JSC::DFG::AbstractState::forNode):
      (AbstractState):
      (JSC::DFG::AbstractState::speculateInt32Unary):
      (JSC::DFG::AbstractState::speculateNumberUnary):
      (JSC::DFG::AbstractState::speculateBooleanUnary):
      (JSC::DFG::AbstractState::speculateInt32Binary):
      (JSC::DFG::AbstractState::speculateNumberBinary):
      (JSC::DFG::AbstractState::trySetConstant):
      * dfg/DFGAbstractValue.h:
      (AbstractValue):
      * dfg/DFGAdjacencyList.h:
      (JSC::DFG::AdjacencyList::AdjacencyList):
      (JSC::DFG::AdjacencyList::initialize):
      * dfg/DFGAllocator.h: Added.
      (DFG):
      (Allocator):
      (JSC::DFG::Allocator::Region::size):
      (JSC::DFG::Allocator::Region::headerSize):
      (JSC::DFG::Allocator::Region::numberOfThingsPerRegion):
      (JSC::DFG::Allocator::Region::data):
      (JSC::DFG::Allocator::Region::isInThisRegion):
      (JSC::DFG::Allocator::Region::regionFor):
      (Region):
      (JSC::DFG::::Allocator):
      (JSC::DFG::::~Allocator):
      (JSC::DFG::::allocate):
      (JSC::DFG::::free):
      (JSC::DFG::::freeAll):
      (JSC::DFG::::reset):
      (JSC::DFG::::indexOf):
      (JSC::DFG::::allocatorOf):
      (JSC::DFG::::bumpAllocate):
      (JSC::DFG::::freeListAllocate):
      (JSC::DFG::::allocateSlow):
      (JSC::DFG::::freeRegionsStartingAt):
      (JSC::DFG::::startBumpingIn):
      * dfg/DFGArgumentsSimplificationPhase.cpp:
      (JSC::DFG::ArgumentsSimplificationPhase::run):
      (JSC::DFG::ArgumentsSimplificationPhase::observeBadArgumentsUse):
      (JSC::DFG::ArgumentsSimplificationPhase::observeBadArgumentsUses):
      (JSC::DFG::ArgumentsSimplificationPhase::observeProperArgumentsUse):
      (JSC::DFG::ArgumentsSimplificationPhase::isOKToOptimize):
      (JSC::DFG::ArgumentsSimplificationPhase::removeArgumentsReferencingPhantomChild):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::ArrayMode::originalArrayStructure):
      (JSC::DFG::ArrayMode::alreadyChecked):
      * dfg/DFGArrayMode.h:
      (ArrayMode):
      * dfg/DFGArrayifySlowPathGenerator.h:
      (JSC::DFG::ArrayifySlowPathGenerator::ArrayifySlowPathGenerator):
      * dfg/DFGBasicBlock.h:
      (JSC::DFG::BasicBlock::node):
      (JSC::DFG::BasicBlock::isInPhis):
      (JSC::DFG::BasicBlock::isInBlock):
      (BasicBlock):
      * dfg/DFGBasicBlockInlines.h:
      (DFG):
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::getDirect):
      (JSC::DFG::ByteCodeParser::get):
      (JSC::DFG::ByteCodeParser::setDirect):
      (JSC::DFG::ByteCodeParser::set):
      (JSC::DFG::ByteCodeParser::setPair):
      (JSC::DFG::ByteCodeParser::injectLazyOperandSpeculation):
      (JSC::DFG::ByteCodeParser::getLocal):
      (JSC::DFG::ByteCodeParser::setLocal):
      (JSC::DFG::ByteCodeParser::getArgument):
      (JSC::DFG::ByteCodeParser::setArgument):
      (JSC::DFG::ByteCodeParser::flushDirect):
      (JSC::DFG::ByteCodeParser::getToInt32):
      (JSC::DFG::ByteCodeParser::toInt32):
      (JSC::DFG::ByteCodeParser::getJSConstantForValue):
      (JSC::DFG::ByteCodeParser::getJSConstant):
      (JSC::DFG::ByteCodeParser::getCallee):
      (JSC::DFG::ByteCodeParser::getThis):
      (JSC::DFG::ByteCodeParser::setThis):
      (JSC::DFG::ByteCodeParser::isJSConstant):
      (JSC::DFG::ByteCodeParser::isInt32Constant):
      (JSC::DFG::ByteCodeParser::valueOfJSConstant):
      (JSC::DFG::ByteCodeParser::valueOfInt32Constant):
      (JSC::DFG::ByteCodeParser::constantUndefined):
      (JSC::DFG::ByteCodeParser::constantNull):
      (JSC::DFG::ByteCodeParser::one):
      (JSC::DFG::ByteCodeParser::constantNaN):
      (JSC::DFG::ByteCodeParser::cellConstant):
      (JSC::DFG::ByteCodeParser::addToGraph):
      (JSC::DFG::ByteCodeParser::insertPhiNode):
      (JSC::DFG::ByteCodeParser::addVarArgChild):
      (JSC::DFG::ByteCodeParser::addCall):
      (JSC::DFG::ByteCodeParser::addStructureTransitionCheck):
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::getPrediction):
      (JSC::DFG::ByteCodeParser::getArrayModeAndEmitChecks):
      (JSC::DFG::ByteCodeParser::makeSafe):
      (JSC::DFG::ByteCodeParser::makeDivSafe):
      (JSC::DFG::ByteCodeParser::ConstantRecord::ConstantRecord):
      (ConstantRecord):
      (JSC::DFG::ByteCodeParser::PhiStackEntry::PhiStackEntry):
      (PhiStackEntry):
      (JSC::DFG::ByteCodeParser::handleCall):
      (JSC::DFG::ByteCodeParser::emitFunctionChecks):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::setIntrinsicResult):
      (JSC::DFG::ByteCodeParser::handleMinMax):
      (JSC::DFG::ByteCodeParser::handleIntrinsic):
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::getScope):
      (JSC::DFG::ByteCodeParser::parseResolveOperations):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::processPhiStack):
      (JSC::DFG::ByteCodeParser::linkBlock):
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      (JSC::DFG::ByteCodeParser::parse):
      * dfg/DFGCFAPhase.cpp:
      (JSC::DFG::CFAPhase::performBlockCFA):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::run):
      (JSC::DFG::CFGSimplificationPhase::keepOperandAlive):
      (JSC::DFG::CFGSimplificationPhase::fixPossibleGetLocal):
      (JSC::DFG::CFGSimplificationPhase::fixPhis):
      (JSC::DFG::CFGSimplificationPhase::removePotentiallyDeadPhiReference):
      (JSC::DFG::CFGSimplificationPhase::OperandSubstitution::OperandSubstitution):
      (JSC::DFG::CFGSimplificationPhase::OperandSubstitution::dump):
      (OperandSubstitution):
      (JSC::DFG::CFGSimplificationPhase::skipGetLocal):
      (JSC::DFG::CFGSimplificationPhase::recordNewTarget):
      (JSC::DFG::CFGSimplificationPhase::fixTailOperand):
      (JSC::DFG::CFGSimplificationPhase::mergeBlocks):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::canonicalize):
      (JSC::DFG::CSEPhase::endIndexForPureCSE):
      (JSC::DFG::CSEPhase::pureCSE):
      (JSC::DFG::CSEPhase::constantCSE):
      (JSC::DFG::CSEPhase::weakConstantCSE):
      (JSC::DFG::CSEPhase::getCalleeLoadElimination):
      (JSC::DFG::CSEPhase::getArrayLengthElimination):
      (JSC::DFG::CSEPhase::globalVarLoadElimination):
      (JSC::DFG::CSEPhase::scopedVarLoadElimination):
      (JSC::DFG::CSEPhase::globalVarWatchpointElimination):
      (JSC::DFG::CSEPhase::globalVarStoreElimination):
      (JSC::DFG::CSEPhase::scopedVarStoreElimination):
      (JSC::DFG::CSEPhase::getByValLoadElimination):
      (JSC::DFG::CSEPhase::checkFunctionElimination):
      (JSC::DFG::CSEPhase::checkExecutableElimination):
      (JSC::DFG::CSEPhase::checkStructureElimination):
      (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination):
      (JSC::DFG::CSEPhase::putStructureStoreElimination):
      (JSC::DFG::CSEPhase::getByOffsetLoadElimination):
      (JSC::DFG::CSEPhase::putByOffsetStoreElimination):
      (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::checkArrayElimination):
      (JSC::DFG::CSEPhase::getIndexedPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::getMyScopeLoadElimination):
      (JSC::DFG::CSEPhase::getLocalLoadElimination):
      (JSC::DFG::CSEPhase::setLocalStoreElimination):
      (JSC::DFG::CSEPhase::performSubstitution):
      (JSC::DFG::CSEPhase::eliminateIrrelevantPhantomChildren):
      (JSC::DFG::CSEPhase::setReplacement):
      (JSC::DFG::CSEPhase::eliminate):
      (JSC::DFG::CSEPhase::performNodeCSE):
      (JSC::DFG::CSEPhase::performBlockCSE):
      (CSEPhase):
      * dfg/DFGCommon.cpp: Added.
      (DFG):
      (JSC::DFG::NodePointerTraits::dump):
      * dfg/DFGCommon.h:
      (DFG):
      (JSC::DFG::NodePointerTraits::defaultValue):
      (NodePointerTraits):
      (JSC::DFG::verboseCompilationEnabled):
      (JSC::DFG::shouldDumpGraphAtEachPhase):
      (JSC::DFG::validationEnabled):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::foldConstants):
      (JSC::DFG::ConstantFoldingPhase::isCapturedAtOrAfter):
      (JSC::DFG::ConstantFoldingPhase::addStructureTransitionCheck):
      (JSC::DFG::ConstantFoldingPhase::paintUnreachableCode):
      * dfg/DFGDisassembler.cpp:
      (JSC::DFG::Disassembler::Disassembler):
      (JSC::DFG::Disassembler::createDumpList):
      (JSC::DFG::Disassembler::dumpDisassembly):
      * dfg/DFGDisassembler.h:
      (JSC::DFG::Disassembler::setForNode):
      (Disassembler):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGEdge.cpp: Added.
      (DFG):
      (JSC::DFG::Edge::dump):
      * dfg/DFGEdge.h:
      (JSC::DFG::Edge::Edge):
      (JSC::DFG::Edge::node):
      (JSC::DFG::Edge::operator*):
      (JSC::DFG::Edge::operator->):
      (Edge):
      (JSC::DFG::Edge::setNode):
      (JSC::DFG::Edge::useKind):
      (JSC::DFG::Edge::setUseKind):
      (JSC::DFG::Edge::isSet):
      (JSC::DFG::Edge::shift):
      (JSC::DFG::Edge::makeWord):
      (JSC::DFG::operator==):
      (JSC::DFG::operator!=):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupBlock):
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::checkArray):
      (JSC::DFG::FixupPhase::blessArrayOperation):
      (JSC::DFG::FixupPhase::fixIntEdge):
      (JSC::DFG::FixupPhase::fixDoubleEdge):
      (JSC::DFG::FixupPhase::injectInt32ToDoubleNode):
      (FixupPhase):
      * dfg/DFGGenerationInfo.h:
      (JSC::DFG::GenerationInfo::GenerationInfo):
      (JSC::DFG::GenerationInfo::initConstant):
      (JSC::DFG::GenerationInfo::initInteger):
      (JSC::DFG::GenerationInfo::initJSValue):
      (JSC::DFG::GenerationInfo::initCell):
      (JSC::DFG::GenerationInfo::initBoolean):
      (JSC::DFG::GenerationInfo::initDouble):
      (JSC::DFG::GenerationInfo::initStorage):
      (GenerationInfo):
      (JSC::DFG::GenerationInfo::node):
      (JSC::DFG::GenerationInfo::noticeOSRBirth):
      (JSC::DFG::GenerationInfo::use):
      (JSC::DFG::GenerationInfo::appendFill):
      (JSC::DFG::GenerationInfo::appendSpill):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::Graph):
      (JSC::DFG::Graph::~Graph):
      (DFG):
      (JSC::DFG::Graph::dumpCodeOrigin):
      (JSC::DFG::Graph::amountOfNodeWhiteSpace):
      (JSC::DFG::Graph::printNodeWhiteSpace):
      (JSC::DFG::Graph::dump):
      (JSC::DFG::Graph::dumpBlockHeader):
      (JSC::DFG::Graph::refChildren):
      (JSC::DFG::Graph::derefChildren):
      (JSC::DFG::Graph::predictArgumentTypes):
      (JSC::DFG::Graph::collectGarbage):
      (JSC::DFG::Graph::determineReachability):
      (JSC::DFG::Graph::resetExitStates):
      * dfg/DFGGraph.h:
      (Graph):
      (JSC::DFG::Graph::ref):
      (JSC::DFG::Graph::deref):
      (JSC::DFG::Graph::changeChild):
      (JSC::DFG::Graph::compareAndSwap):
      (JSC::DFG::Graph::clearAndDerefChild):
      (JSC::DFG::Graph::clearAndDerefChild1):
      (JSC::DFG::Graph::clearAndDerefChild2):
      (JSC::DFG::Graph::clearAndDerefChild3):
      (JSC::DFG::Graph::convertToConstant):
      (JSC::DFG::Graph::getJSConstantSpeculation):
      (JSC::DFG::Graph::addSpeculationMode):
      (JSC::DFG::Graph::valueAddSpeculationMode):
      (JSC::DFG::Graph::arithAddSpeculationMode):
      (JSC::DFG::Graph::addShouldSpeculateInteger):
      (JSC::DFG::Graph::mulShouldSpeculateInteger):
      (JSC::DFG::Graph::negateShouldSpeculateInteger):
      (JSC::DFG::Graph::isConstant):
      (JSC::DFG::Graph::isJSConstant):
      (JSC::DFG::Graph::isInt32Constant):
      (JSC::DFG::Graph::isDoubleConstant):
      (JSC::DFG::Graph::isNumberConstant):
      (JSC::DFG::Graph::isBooleanConstant):
      (JSC::DFG::Graph::isCellConstant):
      (JSC::DFG::Graph::isFunctionConstant):
      (JSC::DFG::Graph::isInternalFunctionConstant):
      (JSC::DFG::Graph::valueOfJSConstant):
      (JSC::DFG::Graph::valueOfInt32Constant):
      (JSC::DFG::Graph::valueOfNumberConstant):
      (JSC::DFG::Graph::valueOfBooleanConstant):
      (JSC::DFG::Graph::valueOfFunctionConstant):
      (JSC::DFG::Graph::valueProfileFor):
      (JSC::DFG::Graph::methodOfGettingAValueProfileFor):
      (JSC::DFG::Graph::numSuccessors):
      (JSC::DFG::Graph::successor):
      (JSC::DFG::Graph::successorForCondition):
      (JSC::DFG::Graph::isPredictedNumerical):
      (JSC::DFG::Graph::byValIsPure):
      (JSC::DFG::Graph::clobbersWorld):
      (JSC::DFG::Graph::varArgNumChildren):
      (JSC::DFG::Graph::numChildren):
      (JSC::DFG::Graph::varArgChild):
      (JSC::DFG::Graph::child):
      (JSC::DFG::Graph::voteNode):
      (JSC::DFG::Graph::voteChildren):
      (JSC::DFG::Graph::substitute):
      (JSC::DFG::Graph::substituteGetLocal):
      (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
      (JSC::DFG::Graph::mulImmediateShouldSpeculateInteger):
      * dfg/DFGInsertionSet.h:
      (JSC::DFG::Insertion::Insertion):
      (JSC::DFG::Insertion::element):
      (Insertion):
      (JSC::DFG::InsertionSet::insert):
      (InsertionSet):
      * dfg/DFGJITCompiler.cpp:
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::JITCompiler::setForNode):
      (JSC::DFG::JITCompiler::addressOfDoubleConstant):
      (JSC::DFG::JITCompiler::noticeOSREntry):
      * dfg/DFGLongLivedState.cpp: Added.
      (DFG):
      (JSC::DFG::LongLivedState::LongLivedState):
      (JSC::DFG::LongLivedState::~LongLivedState):
      (JSC::DFG::LongLivedState::shrinkToFit):
      * dfg/DFGLongLivedState.h: Added.
      (DFG):
      (LongLivedState):
      * dfg/DFGMinifiedID.h:
      (JSC::DFG::MinifiedID::MinifiedID):
      (JSC::DFG::MinifiedID::node):
      * dfg/DFGMinifiedNode.cpp:
      (JSC::DFG::MinifiedNode::fromNode):
      * dfg/DFGMinifiedNode.h:
      (MinifiedNode):
      * dfg/DFGNode.cpp: Added.
      (DFG):
      (JSC::DFG::Node::index):
      (WTF):
      (WTF::printInternal):
      * dfg/DFGNode.h:
      (DFG):
      (JSC::DFG::Node::Node):
      (Node):
      (JSC::DFG::Node::convertToGetByOffset):
      (JSC::DFG::Node::convertToPutByOffset):
      (JSC::DFG::Node::ref):
      (JSC::DFG::Node::shouldSpeculateInteger):
      (JSC::DFG::Node::shouldSpeculateIntegerForArithmetic):
      (JSC::DFG::Node::shouldSpeculateIntegerExpectingDefined):
      (JSC::DFG::Node::shouldSpeculateDoubleForArithmetic):
      (JSC::DFG::Node::shouldSpeculateNumber):
      (JSC::DFG::Node::shouldSpeculateNumberExpectingDefined):
      (JSC::DFG::Node::shouldSpeculateFinalObject):
      (JSC::DFG::Node::shouldSpeculateArray):
      (JSC::DFG::Node::dumpChildren):
      (WTF):
      * dfg/DFGNodeAllocator.h: Added.
      (DFG):
      (operator new ):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::OSRExit):
      * dfg/DFGOSRExit.h:
      (OSRExit):
      (SpeculationFailureDebugInfo):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPhase.cpp:
      (DFG):
      (JSC::DFG::Phase::beginPhase):
      (JSC::DFG::Phase::endPhase):
      * dfg/DFGPhase.h:
      (Phase):
      (JSC::DFG::runAndLog):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::setPrediction):
      (JSC::DFG::PredictionPropagationPhase::mergePrediction):
      (JSC::DFG::PredictionPropagationPhase::isNotNegZero):
      (JSC::DFG::PredictionPropagationPhase::isNotZero):
      (JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwoForConstant):
      (JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwoNonRecursive):
      (JSC::DFG::PredictionPropagationPhase::isWithinPowerOfTwo):
      (JSC::DFG::PredictionPropagationPhase::propagate):
      (JSC::DFG::PredictionPropagationPhase::mergeDefaultFlags):
      (JSC::DFG::PredictionPropagationPhase::propagateForward):
      (JSC::DFG::PredictionPropagationPhase::propagateBackward):
      (JSC::DFG::PredictionPropagationPhase::doDoubleVoting):
      (PredictionPropagationPhase):
      (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
      * dfg/DFGScoreBoard.h:
      (JSC::DFG::ScoreBoard::ScoreBoard):
      (JSC::DFG::ScoreBoard::use):
      (JSC::DFG::ScoreBoard::useIfHasResult):
      (ScoreBoard):
      * dfg/DFGSilentRegisterSavePlan.h:
      (JSC::DFG::SilentRegisterSavePlan::SilentRegisterSavePlan):
      (JSC::DFG::SilentRegisterSavePlan::node):
      (SilentRegisterSavePlan):
      * dfg/DFGSlowPathGenerator.h:
      (JSC::DFG::SlowPathGenerator::SlowPathGenerator):
      (JSC::DFG::SlowPathGenerator::generate):
      (SlowPathGenerator):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::speculationCheck):
      (JSC::DFG::SpeculativeJIT::speculationWatchpoint):
      (JSC::DFG::SpeculativeJIT::convertLastOSRExitToForward):
      (JSC::DFG::SpeculativeJIT::forwardSpeculationCheck):
      (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
      (JSC::DFG::SpeculativeJIT::silentSavePlanForGPR):
      (JSC::DFG::SpeculativeJIT::silentSavePlanForFPR):
      (JSC::DFG::SpeculativeJIT::silentSpill):
      (JSC::DFG::SpeculativeJIT::silentFill):
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::arrayify):
      (JSC::DFG::SpeculativeJIT::fillStorage):
      (JSC::DFG::SpeculativeJIT::useChildren):
      (JSC::DFG::SpeculativeJIT::isStrictInt32):
      (JSC::DFG::SpeculativeJIT::isKnownInteger):
      (JSC::DFG::SpeculativeJIT::isKnownNumeric):
      (JSC::DFG::SpeculativeJIT::isKnownCell):
      (JSC::DFG::SpeculativeJIT::isKnownNotCell):
      (JSC::DFG::SpeculativeJIT::isKnownNotInteger):
      (JSC::DFG::SpeculativeJIT::isKnownNotNumber):
      (JSC::DFG::SpeculativeJIT::writeBarrier):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompare):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):
      (JSC::DFG::GPRTemporary::GPRTemporary):
      (JSC::DFG::FPRTemporary::FPRTemporary):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleDoubleBranch):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
      (JSC::DFG::SpeculativeJIT::noticeOSRBirth):
      (JSC::DFG::SpeculativeJIT::compileMovHint):
      (JSC::DFG::SpeculativeJIT::compile):
      (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
      (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
      (JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
      (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
      (JSC::DFG::SpeculativeJIT::checkGeneratedTypeForToInt32):
      (JSC::DFG::SpeculativeJIT::compileValueToInt32):
      (JSC::DFG::SpeculativeJIT::compileUInt32ToNumber):
      (JSC::DFG::SpeculativeJIT::compileDoubleAsInt32):
      (JSC::DFG::SpeculativeJIT::compileInt32ToDouble):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray):
      (JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
      (JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray):
      (JSC::DFG::SpeculativeJIT::compileInstanceOfForObject):
      (JSC::DFG::SpeculativeJIT::compileInstanceOf):
      (JSC::DFG::SpeculativeJIT::compileSoftModulo):
      (JSC::DFG::SpeculativeJIT::compileAdd):
      (JSC::DFG::SpeculativeJIT::compileArithSub):
      (JSC::DFG::SpeculativeJIT::compileArithNegate):
      (JSC::DFG::SpeculativeJIT::compileArithMul):
      (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForX86):
      (JSC::DFG::SpeculativeJIT::compileArithMod):
      (JSC::DFG::SpeculativeJIT::compare):
      (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
      (JSC::DFG::SpeculativeJIT::compileStrictEq):
      (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnArguments):
      (JSC::DFG::SpeculativeJIT::compileGetArgumentsLength):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      (JSC::DFG::SpeculativeJIT::compileNewFunctionNoCheck):
      (JSC::DFG::SpeculativeJIT::compileNewFunctionExpression):
      (JSC::DFG::SpeculativeJIT::compileRegExpExec):
      (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
      (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
      * dfg/DFGSpeculativeJIT.h:
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::canReuse):
      (JSC::DFG::SpeculativeJIT::isFilled):
      (JSC::DFG::SpeculativeJIT::isFilledDouble):
      (JSC::DFG::SpeculativeJIT::use):
      (JSC::DFG::SpeculativeJIT::isConstant):
      (JSC::DFG::SpeculativeJIT::isJSConstant):
      (JSC::DFG::SpeculativeJIT::isInt32Constant):
      (JSC::DFG::SpeculativeJIT::isDoubleConstant):
      (JSC::DFG::SpeculativeJIT::isNumberConstant):
      (JSC::DFG::SpeculativeJIT::isBooleanConstant):
      (JSC::DFG::SpeculativeJIT::isFunctionConstant):
      (JSC::DFG::SpeculativeJIT::valueOfInt32Constant):
      (JSC::DFG::SpeculativeJIT::valueOfNumberConstant):
      (JSC::DFG::SpeculativeJIT::valueOfNumberConstantAsInt32):
      (JSC::DFG::SpeculativeJIT::addressOfDoubleConstant):
      (JSC::DFG::SpeculativeJIT::valueOfJSConstant):
      (JSC::DFG::SpeculativeJIT::valueOfBooleanConstant):
      (JSC::DFG::SpeculativeJIT::valueOfFunctionConstant):
      (JSC::DFG::SpeculativeJIT::isNullConstant):
      (JSC::DFG::SpeculativeJIT::valueOfJSConstantAsImm64):
      (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
      (JSC::DFG::SpeculativeJIT::integerResult):
      (JSC::DFG::SpeculativeJIT::noResult):
      (JSC::DFG::SpeculativeJIT::cellResult):
      (JSC::DFG::SpeculativeJIT::booleanResult):
      (JSC::DFG::SpeculativeJIT::jsValueResult):
      (JSC::DFG::SpeculativeJIT::storageResult):
      (JSC::DFG::SpeculativeJIT::doubleResult):
      (JSC::DFG::SpeculativeJIT::initConstantInfo):
      (JSC::DFG::SpeculativeJIT::appendCallWithExceptionCheck):
      (JSC::DFG::SpeculativeJIT::isInteger):
      (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
      (JSC::DFG::SpeculativeJIT::setNodeForOperand):
      (JSC::DFG::IntegerOperand::IntegerOperand):
      (JSC::DFG::IntegerOperand::node):
      (JSC::DFG::IntegerOperand::gpr):
      (JSC::DFG::IntegerOperand::use):
      (IntegerOperand):
      (JSC::DFG::DoubleOperand::DoubleOperand):
      (JSC::DFG::DoubleOperand::node):
      (JSC::DFG::DoubleOperand::fpr):
      (JSC::DFG::DoubleOperand::use):
      (DoubleOperand):
      (JSC::DFG::JSValueOperand::JSValueOperand):
      (JSC::DFG::JSValueOperand::node):
      (JSC::DFG::JSValueOperand::gpr):
      (JSC::DFG::JSValueOperand::fill):
      (JSC::DFG::JSValueOperand::use):
      (JSValueOperand):
      (JSC::DFG::StorageOperand::StorageOperand):
      (JSC::DFG::StorageOperand::node):
      (JSC::DFG::StorageOperand::gpr):
      (JSC::DFG::StorageOperand::use):
      (StorageOperand):
      (JSC::DFG::SpeculateIntegerOperand::SpeculateIntegerOperand):
      (JSC::DFG::SpeculateIntegerOperand::node):
      (JSC::DFG::SpeculateIntegerOperand::gpr):
      (JSC::DFG::SpeculateIntegerOperand::use):
      (SpeculateIntegerOperand):
      (JSC::DFG::SpeculateStrictInt32Operand::SpeculateStrictInt32Operand):
      (JSC::DFG::SpeculateStrictInt32Operand::node):
      (JSC::DFG::SpeculateStrictInt32Operand::gpr):
      (JSC::DFG::SpeculateStrictInt32Operand::use):
      (SpeculateStrictInt32Operand):
      (JSC::DFG::SpeculateDoubleOperand::SpeculateDoubleOperand):
      (JSC::DFG::SpeculateDoubleOperand::node):
      (JSC::DFG::SpeculateDoubleOperand::fpr):
      (JSC::DFG::SpeculateDoubleOperand::use):
      (SpeculateDoubleOperand):
      (JSC::DFG::SpeculateCellOperand::SpeculateCellOperand):
      (JSC::DFG::SpeculateCellOperand::node):
      (JSC::DFG::SpeculateCellOperand::gpr):
      (JSC::DFG::SpeculateCellOperand::use):
      (SpeculateCellOperand):
      (JSC::DFG::SpeculateBooleanOperand::SpeculateBooleanOperand):
      (JSC::DFG::SpeculateBooleanOperand::node):
      (JSC::DFG::SpeculateBooleanOperand::gpr):
      (JSC::DFG::SpeculateBooleanOperand::use):
      (SpeculateBooleanOperand):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::fillInteger):
      (JSC::DFG::SpeculativeJIT::fillDouble):
      (JSC::DFG::SpeculativeJIT::fillJSValue):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToNumber):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToInt32):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeUInt32ToNumber):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateInt):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntStrict):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileIntegerCompare):
      (JSC::DFG::SpeculativeJIT::compileDoubleCompare):
      (JSC::DFG::SpeculativeJIT::compileValueAdd):
      (JSC::DFG::SpeculativeJIT::compileNonStringCellOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::compileLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitNonStringCellOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::emitBranch):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::fillInteger):
      (JSC::DFG::SpeculativeJIT::fillDouble):
      (JSC::DFG::SpeculativeJIT::fillJSValue):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToNumber):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToInt32):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeUInt32ToNumber):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateInt):
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntStrict):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileIntegerCompare):
      (JSC::DFG::SpeculativeJIT::compileDoubleCompare):
      (JSC::DFG::SpeculativeJIT::compileValueAdd):
      (JSC::DFG::SpeculativeJIT::compileNonStringCellOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::compileLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitNonStringCellOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::emitBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGStructureAbstractValue.h:
      (StructureAbstractValue):
      * dfg/DFGStructureCheckHoistingPhase.cpp:
      (JSC::DFG::StructureCheckHoistingPhase::run):
      * dfg/DFGValidate.cpp:
      (DFG):
      (Validate):
      (JSC::DFG::Validate::validate):
      (JSC::DFG::Validate::reportValidationContext):
      * dfg/DFGValidate.h:
      * dfg/DFGValueSource.cpp:
      (JSC::DFG::ValueSource::dump):
      * dfg/DFGValueSource.h:
      (JSC::DFG::ValueSource::ValueSource):
      * dfg/DFGVirtualRegisterAllocationPhase.cpp:
      (JSC::DFG::VirtualRegisterAllocationPhase::run):
      * runtime/FunctionExecutableDump.cpp: Added.
      (JSC):
      (JSC::FunctionExecutableDump::dump):
      * runtime/FunctionExecutableDump.h: Added.
      (JSC):
      (FunctionExecutableDump):
      (JSC::FunctionExecutableDump::FunctionExecutableDump):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (DFG):
      (JSGlobalData):
      * runtime/Options.h:
      (JSC):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141069 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8ff092fc
  3. 22 Nov, 2012 1 commit
    • fpizlo@apple.com's avatar
      Rename dataLog() and dataLogV() to dataLogF() and dataLogFV() · 01902c80
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=103001
      
      Rubber stamped by Dan Bernstein.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      (JSC::LinkBuffer::dumpLinkStatistics):
      (JSC::LinkBuffer::dumpCode):
      * assembler/LinkBuffer.h:
      (JSC):
      * assembler/SH4Assembler.h:
      (JSC::SH4Assembler::vprintfStdoutInstr):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpBytecodeCommentAndNewLine):
      (JSC::CodeBlock::printUnaryOp):
      (JSC::CodeBlock::printBinaryOp):
      (JSC::CodeBlock::printConditionalJump):
      (JSC::CodeBlock::printGetByIdOp):
      (JSC::dumpStructure):
      (JSC::dumpChain):
      (JSC::CodeBlock::printGetByIdCacheStatus):
      (JSC::CodeBlock::printCallOp):
      (JSC::CodeBlock::printPutByIdOp):
      (JSC::CodeBlock::printStructure):
      (JSC::CodeBlock::printStructures):
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::dumpStatistics):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::resetStubInternal):
      (JSC::CodeBlock::reoptimize):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::CodeBlock::shouldOptimizeNow):
      (JSC::CodeBlock::tallyFrequentExitSites):
      (JSC::CodeBlock::dumpValueProfiles):
      * bytecode/Opcode.cpp:
      (JSC::OpcodeStats::~OpcodeStats):
      * bytecode/SamplingTool.cpp:
      (JSC::SamplingFlags::stop):
      (JSC::SamplingRegion::dumpInternal):
      (JSC::SamplingTool::dump):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::initialize):
      (JSC::DFG::AbstractState::endBasicBlock):
      (JSC::DFG::AbstractState::mergeStateAtTail):
      (JSC::DFG::AbstractState::mergeToSuccessors):
      * dfg/DFGAbstractValue.h:
      (JSC::DFG::AbstractValue::dump):
      * dfg/DFGArgumentsSimplificationPhase.cpp:
      (JSC::DFG::ArgumentsSimplificationPhase::run):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::injectLazyOperandSpeculation):
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::getArrayModeAndEmitChecks):
      (JSC::DFG::ByteCodeParser::makeSafe):
      (JSC::DFG::ByteCodeParser::makeDivSafe):
      (JSC::DFG::ByteCodeParser::handleCall):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::processPhiStack):
      (JSC::DFG::ByteCodeParser::linkBlock):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      (JSC::DFG::ByteCodeParser::parse):
      * dfg/DFGCFAPhase.cpp:
      (JSC::DFG::CFAPhase::performBlockCFA):
      (JSC::DFG::CFAPhase::performForwardCFA):
      * dfg/DFGCFGSimplificationPhase.cpp:
      (JSC::DFG::CFGSimplificationPhase::run):
      (JSC::DFG::CFGSimplificationPhase::fixPossibleGetLocal):
      (JSC::DFG::CFGSimplificationPhase::fixPhis):
      (JSC::DFG::CFGSimplificationPhase::fixJettisonedPredecessors):
      (JSC::DFG::CFGSimplificationPhase::removePotentiallyDeadPhiReference):
      (JSC::DFG::CFGSimplificationPhase::mergeBlocks):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::endIndexForPureCSE):
      (JSC::DFG::CSEPhase::setReplacement):
      (JSC::DFG::CSEPhase::eliminate):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::debugFail):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::foldConstants):
      (JSC::DFG::ConstantFoldingPhase::paintUnreachableCode):
      * dfg/DFGDisassembler.cpp:
      (JSC::DFG::Disassembler::dump):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::fixDoubleEdge):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::printWhiteSpace):
      (JSC::DFG::Graph::dumpCodeOrigin):
      (JSC::DFG::Graph::dump):
      (JSC::DFG::Graph::dumpBlockHeader):
      (JSC::DFG::Graph::predictArgumentTypes):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPhase.cpp:
      (JSC::DFG::Phase::beginPhase):
      * dfg/DFGPhase.h:
      (JSC::DFG::runAndLog):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      (JSC::DFG::PredictionPropagationPhase::propagateForward):
      (JSC::DFG::PredictionPropagationPhase::propagateBackward):
      (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
      * dfg/DFGRegisterBank.h:
      (JSC::DFG::RegisterBank::dump):
      * dfg/DFGScoreBoard.h:
      (JSC::DFG::ScoreBoard::use):
      (JSC::DFG::ScoreBoard::dump):
      * dfg/DFGSlowPathGenerator.h:
      (JSC::DFG::SlowPathGenerator::generate):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
      (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecutionWithConditionalDirection):
      (JSC::DFG::SpeculativeJIT::runSlowPathGenerators):
      (JSC::DFG::SpeculativeJIT::dump):
      (JSC::DFG::SpeculativeJIT::checkConsistency):
      (JSC::DFG::SpeculativeJIT::compile):
      (JSC::DFG::SpeculativeJIT::checkGeneratedTypeForToInt32):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
      (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
      (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
      (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
      * dfg/DFGStructureCheckHoistingPhase.cpp:
      (JSC::DFG::StructureCheckHoistingPhase::run):
      * dfg/DFGValidate.cpp:
      (Validate):
      (JSC::DFG::Validate::reportValidationContext):
      (JSC::DFG::Validate::dumpData):
      (JSC::DFG::Validate::dumpGraphIfAppropriate):
      * dfg/DFGVariableEventStream.cpp:
      (JSC::DFG::VariableEventStream::logEvent):
      (JSC::DFG::VariableEventStream::reconstruct):
      * dfg/DFGVirtualRegisterAllocationPhase.cpp:
      (JSC::DFG::VirtualRegisterAllocationPhase::run):
      * heap/Heap.cpp:
      * heap/HeapStatistics.cpp:
      (JSC::HeapStatistics::logStatistics):
      (JSC::HeapStatistics::showObjectStatistics):
      * heap/MarkStack.h:
      * heap/MarkedBlock.h:
      * heap/SlotVisitor.cpp:
      (JSC::SlotVisitor::validate):
      * interpreter/CallFrame.cpp:
      (JSC::CallFrame::dumpCaller):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::dumpRegisters):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITDisassembler.cpp:
      (JSC::JITDisassembler::dump):
      (JSC::JITDisassembler::dumpForInstructions):
      * jit/JITStubRoutine.h:
      (JSC):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JumpReplacementWatchpoint.cpp:
      (JSC::JumpReplacementWatchpoint::fireInternal):
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      * profiler/Profile.cpp:
      (JSC::Profile::debugPrintData):
      (JSC::Profile::debugPrintDataSampleStyle):
      * profiler/ProfileNode.cpp:
      (JSC::ProfileNode::debugPrintData):
      (JSC::ProfileNode::debugPrintDataSampleStyle):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::dumpRegExpTrace):
      * runtime/RegExp.cpp:
      (JSC::RegExp::matchCompareWithInterpreter):
      * runtime/SamplingCounter.cpp:
      (JSC::AbstractSamplingCounter::dump):
      * runtime/Structure.cpp:
      (JSC::Structure::dumpStatistics):
      (JSC::PropertyMapStatisticsExitLogger::~PropertyMapStatisticsExitLogger):
      * tools/CodeProfile.cpp:
      (JSC::CodeProfile::report):
      * tools/ProfileTreeNode.h:
      (JSC::ProfileTreeNode::dumpInternal):
      * yarr/YarrInterpreter.cpp:
      (JSC::Yarr::ByteCompiler::dumpDisjunction):
      
      Source/WebCore: 
      
      No change in behavior, so no new tests.
      
      * platform/KURLWTFURL.cpp:
      (WebCore::KURL::print):
      
      Source/WTF: 
      
      * wtf/DataLog.cpp:
      (WTF::dataLogFV):
      (WTF::dataLogF):
      (WTF::dataLogFString):
      * wtf/DataLog.h:
      (WTF):
      * wtf/HashTable.cpp:
      (WTF::HashTableStats::dumpStats):
      * wtf/HashTable.h:
      (WTF::HashTable::Stats::dumpStats):
      * wtf/MetaAllocator.cpp:
      (WTF::MetaAllocator::dumpProfile):
      * wtf/StackStats.cpp:
      (WTF::StackStats::initialize):
      (WTF::StackStats::PerThreadStats::PerThreadStats):
      (WTF::StackStats::CheckPoint::CheckPoint):
      (WTF::StackStats::CheckPoint::~CheckPoint):
      (WTF::StackStats::probe):
      (WTF::StackStats::LayoutCheckPoint::LayoutCheckPoint):
      * wtf/text/WTFString.cpp:
      (String::show):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@135469 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      01902c80
  4. 02 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG CSE should be able to eliminate unnecessary flushes of arguments and captured variables · b80bc2a3
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=87929
      
      Reviewed by Geoffrey Garen.
              
      Slight speed-up on V8. Big win (up to 50%) on programs that inline very small functions.
              
      This required a bunch of changes:
              
      - The obvious change is making CSE essentially ignore whether or not the set of
        operations between the Flush and the SetLocal can exit, and instead focus on whether or
        not that set of operations can clobber the world or access local variables. This code
        is now refactored to return a set of flags indicating any of these events, and the CSE
        decides what to do based on those flags. If the set of operations is non-clobbering
        and non-accessing, then the Flush is turned into a Phantom on the child of the
        SetLocal. This expands the liveness of the relevant variable but virtually guarantees
        that it will be register allocated and not flushed to the stack. So, yeah, this patch
        is a lot of work to save a few stores to the stack.
              
      - Previously, CheckArgumentsNotCreated was optimized "lazily" in that you only knew if
        it was a no-op if you were holding onto a CFA abstract state. But this would make the
        CSE act pessimistically, since it doesn't use the CFA. Hence, this patch changes the
        constant folding phase into something more broad; it now fixes up
        CheckArgumentsNotCreated nodes by turning them into phantoms if it knows that they are
        no-ops.
              
      - Arguments simplification was previously relying on this very strange PhantomArguments
        node, which had two different meanings: for normal execution it meant the empty value
        but for OSR exit it meant that the arguments should be reified. This produces problems
        when set SetLocals to the captured arguments registers are CSE'd away, since we'd be
        triggering reification of arguments without having initialized the arguments registers
        to empty. The cleanest solution was to fix PhantomArguments to have one meaning:
        namely, arguments reification on OSR exit. Hence, this patch changes arguments
        simplification to change SetLocal of CreateArguments on the arguments registers to be
        a SetLocal of Empty.
              
      - Argument value recoveries were previously derived from the value source of the
        arguments at the InlineStart. But that relies on all SetLocals to arguments having
        been flushed. It's possible that we could have elided the SetLocal to the arguments
        at the callsite because there were subsequent SetLocals to the arguments inside of the
        callee, in which case the InlineStart would get the wrong information. Hence, this
        patch changes argument value recovery computation to operate over the ArgumentPositions
        directly.
              
      - But that doesn't actually work, because previously, there was no way to link an
        InlineStart back to the corresponding ArgumentPositions, at least not without some
        ugliness. So this patch instates the rule that the m_argumentPositions vector consists
        of disjoint subsequences such that each subsequence corresponds to an inline callsite
        and can be identified by its first index, and within each subsequence are the
        ArgumentPositions of all of the arguments ordered by argument index. This required
        flipping the order in which ArgumentPositions are added to the vector, and giving
        InlineStart an operand that indicates the start of that inline callsite's
        ArgumentPosition subsequence.
              
      - This patch also revealed a nasty bug in the reification of arguments in inline call
        frames on OSR exit. Since the reification was happening after the values of virtual
        registers were recovered, the value recoveries of the inline arguments were wrong.
        Hence using operationCreateInlinedArguments is wrong. For example a value recovery
        might say that you have to box a double, but if we had already boxed it then boxing
        it a second time will result in garbage. The specific case of this bug was this patch
        uncovered was that now it is possible for an inline call frame to not have any valid
        value recoveries for any inline arguments, if the optimization elides all argument
        flushes, while at the same time optimizing away arguments creation. Then OSR exit
        would try to recover the arguments using the inline call frame, which had bogus
        information, and humorous crashes would ensue. This patch fixes this issue by moving
        arguments reification to after call frame reification, so that arguments reification
        can always use operationCreateArguments instead of operationCreateInlinedArguments.
              
      - This patch may turn a Flush into a Phantom. That's kind of the whole point. But that
        broke forward speculation checks, which knew to look for a Flush prior to a SetLocal
        but didn't know that there could alternatively be a Phantom in place of the Flush.
        This patch fixes that by augmenting the forward speculation check logic.
              
      - Finally, in the process of having fun with all of the above, I realized that my DFG
        validation was not actually running on every phase like I had originally designed it
        to. In fact it was only running just after bytecode parsing. I initially tried to
        make it run in every phase but found that this causes some tests to timeout
        (specifically the evil fuzzing ones), so I decided on a compromise where: (i) in
        release mode validation never runs, (ii) in debug mode validation will run just
        after parsing and just before the backend, and (iii) it's possible with a simple
        switch to enable validation to run on every phase.
              
      Luckily all of the above issues were already covered by the 77 or so DFG-specific
      layout tests. Hence, this patch does not introduce any new tests despite being so
      meaty.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGArgumentPosition.h:
      (JSC::DFG::ArgumentPosition::prediction):
      (JSC::DFG::ArgumentPosition::doubleFormatState):
      (JSC::DFG::ArgumentPosition::shouldUseDoubleFormat):
      (ArgumentPosition):
      * dfg/DFGArgumentsSimplificationPhase.cpp:
      (JSC::DFG::ArgumentsSimplificationPhase::run):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::SetLocalStoreEliminationResult::SetLocalStoreEliminationResult):
      (SetLocalStoreEliminationResult):
      (JSC::DFG::CSEPhase::setLocalStoreElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGCommon.h:
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::run):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGNode.h:
      (Node):
      (JSC::DFG::Node::hasArgumentPositionStart):
      (JSC::DFG::Node::argumentPositionStart):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGPhase.cpp:
      (DFG):
      * dfg/DFGPhase.h:
      (Phase):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::forwardSpeculationCheck):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119342 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b80bc2a3
  5. 18 May, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG should have control flow graph simplification · 79c51ee1
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=84553
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt.
              
      Merged r115512 from dfgopt.
      
      This change gives the DFG the ability to simplify the control flow graph
      as part of an optimization fixpoint that includes CSE, CFA, and constant
      folding. This required a number of interesting changes including:
              
      - Solidifying the set of invariants that the DFG obeys. For example, the
        head and tail of each basic block must advertise the set of live locals
        and the set of available locals, respectively. It must do so by
        referring to the first access to the local in the block (for head) and
        the last one (for tail). This patch introduces the start of a
        validation step that may be turned on even with asserts disabled. To
        ensure that these invariants are preserved, I had to remove the
        redundant phi elimination phase. For now I just remove the call, but in
        the future we will probably remove it entirely unless we find a use for
        it.
              
      - Making it easier to get the boolean version of a JSValue. This is a
        pure operation, but we previously did not treat it as such.
              
      - Fixing the merging and filtering of AbstractValues that correspond to
        concrete JSValues. This was previously broken and was limiting the
        effect of running constant folding. Fixing this meant that I had to
        change how constant folding eliminates GetLocal nodes, so as to ensure
        that the resulting graph still obeys DFG rules.
              
      - Introducing simplified getters for some of the things that DFG phases
        want to know about, like the Nth child of a node (now just
        graph.child(...) if you don't care about performance too much) or
        getting successors of a basic block.
              
      The current CFG simplifier can handle almost all of the cases that it
      ought to handle; the noteworthy one that is not yet handled is removing
      basic blocks that just have jumps. To do this right we need to be able
      to remove jump-only blocks that also perform keep-alive on some values.
      To make this work, we need to be able to hoist the keep-alive into (or
      just above) a Branch. This is not fundamentally difficult but I opted to
      let this patch omit this optimization. We can handle this later.
              
      This is a big win on programs that include inline functions that are
      often called with constant arguments. Of course, SunSpider, V8, and
      Kraken don't count. Those benchmarks are completely neutral with this
      change.
      
      * API/JSValueRef.cpp:
      (JSValueToBoolean):
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::dfgOSREntryDataForBytecodeIndex):
      * bytecode/Operands.h:
      (JSC::Operands::setOperandFirstTime):
      (Operands):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::initialize):
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::mergeStateAtTail):
      (JSC::DFG::AbstractState::mergeToSuccessors):
      * dfg/DFGAbstractValue.h:
      (JSC::DFG::AbstractValue::isClear):
      (JSC::DFG::AbstractValue::operator!=):
      (JSC::DFG::AbstractValue::merge):
      (JSC::DFG::AbstractValue::filter):
      (JSC::DFG::AbstractValue::validateIgnoringValue):
      (AbstractValue):
      * dfg/DFGAdjacencyList.h:
      (JSC::DFG::AdjacencyList::child):
      (JSC::DFG::AdjacencyList::setChild):
      (AdjacencyList):
      * dfg/DFGBasicBlock.h:
      (JSC::DFG::BasicBlock::~BasicBlock):
      (BasicBlock):
      (JSC::DFG::BasicBlock::numNodes):
      (JSC::DFG::BasicBlock::nodeIndex):
      (JSC::DFG::BasicBlock::isPhiIndex):
      (JSC::DFG::BasicBlock::isInPhis):
      (JSC::DFG::BasicBlock::isInBlock):
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (DFG):
      (JSC::DFG::ByteCodeParser::parse):
      * dfg/DFGCFAPhase.cpp:
      (JSC::DFG::CFAPhase::run):
      (JSC::DFG::CFAPhase::performBlockCFA):
      (JSC::DFG::performCFA):
      * dfg/DFGCFAPhase.h:
      (DFG):
      * dfg/DFGCFGSimplificationPhase.cpp: Added.
      (DFG):
      (CFGSimplificationPhase):
      (JSC::DFG::CFGSimplificationPhase::CFGSimplificationPhase):
      (JSC::DFG::CFGSimplificationPhase::run):
      (JSC::DFG::CFGSimplificationPhase::killUnreachable):
      (JSC::DFG::CFGSimplificationPhase::findOperandSource):
      (JSC::DFG::CFGSimplificationPhase::keepOperandAlive):
      (JSC::DFG::CFGSimplificationPhase::fixPossibleGetLocal):
      (JSC::DFG::CFGSimplificationPhase::jettisonBlock):
      (JSC::DFG::CFGSimplificationPhase::fixPhis):
      (JSC::DFG::CFGSimplificationPhase::fixJettisonedPredecessors):
      (JSC::DFG::CFGSimplificationPhase::removePotentiallyDeadPhiReference):
      (JSC::DFG::CFGSimplificationPhase::OperandSubstitution::OperandSubstitution):
      (OperandSubstitution):
      (JSC::DFG::CFGSimplificationPhase::OperandSubstitution::dump):
      (JSC::DFG::CFGSimplificationPhase::skipGetLocal):
      (JSC::DFG::CFGSimplificationPhase::fixTailOperand):
      (JSC::DFG::CFGSimplificationPhase::mergeBlocks):
      (JSC::DFG::performCFGSimplification):
      * dfg/DFGCFGSimplificationPhase.h: Added.
      (DFG):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::run):
      (CSEPhase):
      (JSC::DFG::CSEPhase::impureCSE):
      (JSC::DFG::CSEPhase::globalVarLoadElimination):
      (JSC::DFG::CSEPhase::getByValLoadElimination):
      (JSC::DFG::CSEPhase::checkStructureLoadElimination):
      (JSC::DFG::CSEPhase::getByOffsetLoadElimination):
      (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::getIndexedPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      (JSC::DFG::CSEPhase::performBlockCSE):
      (JSC::DFG::performCSE):
      * dfg/DFGCSEPhase.h:
      (DFG):
      * dfg/DFGCommon.h:
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::run):
      (JSC::DFG::performConstantFolding):
      * dfg/DFGConstantFoldingPhase.h:
      (DFG):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGEdge.h:
      (Edge):
      (JSC::DFG::Edge::operator UnspecifiedBoolType*):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::run):
      (JSC::DFG::FixupPhase::fixupBlock):
      (JSC::DFG::performFixup):
      * dfg/DFGFixupPhase.h:
      (DFG):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      (JSC::DFG::Graph::handleSuccessor):
      (DFG):
      (JSC::DFG::Graph::determineReachability):
      (JSC::DFG::Graph::resetReachability):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::deref):
      (JSC::DFG::Graph::changeIndex):
      (Graph):
      (JSC::DFG::Graph::changeEdge):
      (JSC::DFG::Graph::numSuccessors):
      (JSC::DFG::Graph::successor):
      (JSC::DFG::Graph::successorForCondition):
      (JSC::DFG::Graph::isPredictedNumerical):
      (JSC::DFG::Graph::byValIsPure):
      (JSC::DFG::Graph::clobbersWorld):
      (JSC::DFG::Graph::numChildren):
      (JSC::DFG::Graph::child):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::convertToConstant):
      (JSC::DFG::Node::numSuccessors):
      (Node):
      (JSC::DFG::Node::successor):
      (JSC::DFG::Node::successorForCondition):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOperations.cpp:
      * dfg/DFGPhase.cpp:
      (JSC::DFG::Phase::endPhase):
      * dfg/DFGPhase.h:
      (JSC::DFG::runPhase):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::run):
      (JSC::DFG::performPredictionPropagation):
      * dfg/DFGPredictionPropagationPhase.h:
      (DFG):
      * dfg/DFGRedundantPhiEliminationPhase.cpp:
      (JSC::DFG::RedundantPhiEliminationPhase::run):
      (JSC::DFG::performRedundantPhiElimination):
      * dfg/DFGRedundantPhiEliminationPhase.h:
      (DFG):
      * dfg/DFGScoreBoard.h:
      (JSC::DFG::ScoreBoard::use):
      (ScoreBoard):
      (JSC::DFG::ScoreBoard::useIfHasResult):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      (JSC::DFG::SpeculativeJIT::createOSREntries):
      (JSC::DFG::SpeculativeJIT::linkOSREntries):
      (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
      (JSC::DFG::SpeculativeJIT::compileRegExpExec):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::nextBlock):
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::use):
      (JSC::DFG::SpeculativeJIT::jump):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
      (JSC::DFG::SpeculativeJIT::emitBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
      (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
      (JSC::DFG::SpeculativeJIT::emitBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGValidate.cpp: Added.
      (DFG):
      (Validate):
      (JSC::DFG::Validate::Validate):
      (JSC::DFG::Validate::validate):
      (JSC::DFG::Validate::reportValidationContext):
      (JSC::DFG::Validate::dumpData):
      (JSC::DFG::Validate::dumpGraphIfAppropriate):
      (JSC::DFG::validate):
      * dfg/DFGValidate.h: Added.
      (DFG):
      (JSC::DFG::validate):
      * dfg/DFGVirtualRegisterAllocationPhase.cpp:
      (JSC::DFG::VirtualRegisterAllocationPhase::run):
      (JSC::DFG::performVirtualRegisterAllocation):
      * dfg/DFGVirtualRegisterAllocationPhase.h:
      (DFG):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncSome):
      * runtime/BooleanConstructor.cpp:
      (JSC::constructBoolean):
      (JSC::callBooleanConstructor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSObject.cpp:
      (JSC):
      * runtime/JSObject.h:
      * runtime/JSString.cpp:
      (JSC::JSString::toBoolean):
      * runtime/JSString.h:
      (JSString):
      (JSC::JSCell::toBoolean):
      (JSC::JSValue::toBoolean):
      * runtime/JSValue.h:
      * runtime/ObjectConstructor.cpp:
      (JSC::toPropertyDescriptor):
      * runtime/RegExpConstructor.cpp:
      (JSC::setRegExpConstructorMultiline):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncToString):
      
      Source/WebCore: 
      
      Reviewed by Oliver Hunt.
      
      Merged r115512 from dfgopt.
      
      JSValue::toBoolean(ExecState*) -> JSValue::toBoolean()
              
      No new tests, because no new behavior.
      
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::addEventListener):
      (WebCore::JSDOMWindow::removeEventListener):
      * bindings/js/JSDataViewCustom.cpp:
      (WebCore::getDataViewMember):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::JSDeviceMotionEvent::initDeviceMotionEvent):
      * bindings/js/JSDeviceOrientationEventCustom.cpp:
      (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSDirectoryEntryCustom.cpp:
      (WebCore::JSDirectoryEntry::getFile):
      (WebCore::JSDirectoryEntry::getDirectory):
      * bindings/js/JSDirectoryEntrySyncCustom.cpp:
      (WebCore::getFlags):
      * bindings/js/JSHTMLCanvasElementCustom.cpp:
      (WebCore::JSHTMLCanvasElement::getContext):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::JSInspectorFrontendHost::showContextMenu):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::open):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::hasBreakpoint):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateEventListenerCall):
      (GenerateImplementation):
      (JSValueToNative):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::convertValueToJObject):
      
      Source/WebKit/mac: 
      
      Reviewed by Oliver Hunt.
              
      Merged r115512 from dfgopt.
      
      JSValue::toBoolean(ExecState*) -> JSValue::toBoolean()
              
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      
      Source/WebKit2: 
      
      Reviewed by Oliver Hunt.
      
      Merged r115512 from dfgopt.
      
      JSValue::toBoolean(ExecState*) -> JSValue::toBoolean()
              
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@117646 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      79c51ee1
  6. 01 Mar, 2012 1 commit
    • yuqiang.xian@intel.com's avatar
      DFG BasicBlocks should not require that their nodes have continuous indices in the graph · 861d918e
      yuqiang.xian@intel.com authored
      https://bugs.webkit.org/show_bug.cgi?id=79899
      
      Reviewed by Filip Pizlo.
      
      This will make it more convenient to insert nodes into the DFG.
      With this capability we now place the Phi nodes in the corresponding
      blocks.
      Local CSE is modified to not to rely on the assumption of continuous
      node indices in a block.
      This is performance neutral on SunSpider, V8 and Kraken.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::AbstractState):
      (JSC::DFG::AbstractState::beginBasicBlock):
      (JSC::DFG::AbstractState::execute):
      (JSC::DFG::AbstractState::clobberStructures):
      (JSC::DFG::AbstractState::mergeToSuccessors):
      (JSC::DFG::AbstractState::dump):
      * dfg/DFGAbstractState.h:
      (JSC::DFG::AbstractState::forNode):
      (AbstractState):
      * dfg/DFGArithNodeFlagsInferencePhase.cpp:
      (ArithNodeFlagsInferencePhase):
      * dfg/DFGBasicBlock.h:
      (JSC::DFG::BasicBlock::BasicBlock):
      (BasicBlock):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::addToGraph):
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::insertPhiNode):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::processPhiStack):
      (JSC::DFG::ByteCodeParser::linkBlock):
      (JSC::DFG::ByteCodeParser::determineReachability):
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGCFAPhase.cpp:
      (JSC::DFG::CFAPhase::performBlockCFA):
      (CFAPhase):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::CSEPhase):
      (JSC::DFG::CSEPhase::endIndexForPureCSE):
      (JSC::DFG::CSEPhase::pureCSE):
      (JSC::DFG::CSEPhase::impureCSE):
      (JSC::DFG::CSEPhase::globalVarLoadElimination):
      (JSC::DFG::CSEPhase::getByValLoadElimination):
      (JSC::DFG::CSEPhase::checkFunctionElimination):
      (JSC::DFG::CSEPhase::checkStructureLoadElimination):
      (JSC::DFG::CSEPhase::getByOffsetLoadElimination):
      (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::getIndexedPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::getScopeChainLoadElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      (JSC::DFG::CSEPhase::performBlockCSE):
      (CSEPhase):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGPhase.cpp:
      (JSC::DFG::Phase::beginPhase):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompare):
      (JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
      (JSC::DFG::SpeculativeJIT::compileStrictEq):
      * dfg/DFGSpeculativeJIT.h:
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
      (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
      * dfg/DFGVirtualRegisterAllocationPhase.cpp:
      (JSC::DFG::VirtualRegisterAllocationPhase::run):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109318 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      861d918e
  7. 23 Feb, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG OSR exit value profiling should have graceful handling of local variables and arguments · 31659dee
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=79310
      
      Reviewed by Gavin Barraclough.
              
      Previously, if we OSR exited because a prediction in a local was wrong, we'd
      only realize what the true type of the local was if the regular value profiling
      kicked in and told us. Unless the local was block-locally copy propagated, in
      which case we'd know from an OSR exit profile.
              
      This patch adds OSR exit profiling to all locals and arguments. Now, if we OSR
      exit because of a mispredicted local or argument type, we'll know what the type of
      the local or argument should be immediately upon exiting.
              
      The way that local variable OSR exit profiling works is that we now have a lazily
      added set of OSR-exit-only value profiles for exit sites that are BadType and that
      cited a GetLocal as their value source. The value profiles are only added if the
      OSR exit is taken, and are keyed by CodeBlock, bytecode index of the GetLocal, and
      operand. The look-up is performed by querying the
      CompressedLazyOperandValueProfileHolder in the CodeBlock, using a key that contains
      the bytecode index and the operand. Because the value profiles are added at random
      times, they are not sorted; instead they are just stored in an arbitrarily-ordered
      SegmentedVector. Look-ups are made fast by "decompressing": the DFG::ByteCodeParser
      creates a LazyOperandValueProfileParser, which turns the
      CompressedLazyOperandValueProfileHolder's contents into a HashMap for the duration
      of DFG parsing.
              
      Previously, OSR exits had a pointer to the ValueProfile that had the specFailBucket
      into which values observed during OSR exit would be placed. Now it uses a lazy
      thunk for a ValueProfile. I call this the MethodOfGettingAValueProfile. It may
      either contain a ValueProfile inside it (which works for previous uses of OSR exit
      profiling) or it may just have knowledge of how to go about creating the
      LazyOperandValueProfile in the case that the OSR exit is actually taken. This
      ensures that we never have to create NumOperands*NumBytecodeIndices*NumCodeBlocks
      value profiling buckets unless we actually did OSR exit on every single operand,
      in every single instruction, in each code block (that's probably unlikely).
              
      This appears to be neutral on the major benchmarks, but is a double-digit speed-up
      on code deliberately written to have data flow that spans basic blocks and where
      the code exhibits post-optimization polymorphism in a local variable.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::lazyOperandValueProfiles):
      * bytecode/LazyOperandValueProfile.cpp: Added.
      (JSC):
      (JSC::CompressedLazyOperandValueProfileHolder::CompressedLazyOperandValueProfileHolder):
      (JSC::CompressedLazyOperandValueProfileHolder::~CompressedLazyOperandValueProfileHolder):
      (JSC::CompressedLazyOperandValueProfileHolder::computeUpdatedPredictions):
      (JSC::CompressedLazyOperandValueProfileHolder::add):
      (JSC::LazyOperandValueProfileParser::LazyOperandValueProfileParser):
      (JSC::LazyOperandValueProfileParser::~LazyOperandValueProfileParser):
      (JSC::LazyOperandValueProfileParser::getIfPresent):
      (JSC::LazyOperandValueProfileParser::prediction):
      * bytecode/LazyOperandValueProfile.h: Added.
      (JSC):
      (LazyOperandValueProfileKey):
      (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey):
      (JSC::LazyOperandValueProfileKey::operator!):
      (JSC::LazyOperandValueProfileKey::operator==):
      (JSC::LazyOperandValueProfileKey::hash):
      (JSC::LazyOperandValueProfileKey::bytecodeOffset):
      (JSC::LazyOperandValueProfileKey::operand):
      (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue):
      (JSC::LazyOperandValueProfileKeyHash::hash):
      (JSC::LazyOperandValueProfileKeyHash::equal):
      (LazyOperandValueProfileKeyHash):
      (WTF):
      (JSC::LazyOperandValueProfile::LazyOperandValueProfile):
      (LazyOperandValueProfile):
      (JSC::LazyOperandValueProfile::key):
      (CompressedLazyOperandValueProfileHolder):
      (LazyOperandValueProfileParser):
      * bytecode/MethodOfGettingAValueProfile.cpp: Added.
      (JSC):
      (JSC::MethodOfGettingAValueProfile::fromLazyOperand):
      (JSC::MethodOfGettingAValueProfile::getSpecFailBucket):
      * bytecode/MethodOfGettingAValueProfile.h: Added.
      (JSC):
      (MethodOfGettingAValueProfile):
      (JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):
      (JSC::MethodOfGettingAValueProfile::operator!):
      * bytecode/ValueProfile.cpp: Removed.
      * bytecode/ValueProfile.h:
      (JSC):
      (ValueProfileBase):
      (JSC::ValueProfileBase::ValueProfileBase):
      (JSC::ValueProfileBase::dump):
      (JSC::ValueProfileBase::computeUpdatedPrediction):
      (JSC::MinimalValueProfile::MinimalValueProfile):
      (ValueProfileWithLogNumberOfBuckets):
      (JSC::ValueProfileWithLogNumberOfBuckets::ValueProfileWithLogNumberOfBuckets):
      (JSC::ValueProfile::ValueProfile):
      (JSC::getValueProfileBytecodeOffset):
      (JSC::getRareCaseProfileBytecodeOffset):
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::injectLazyOperandPrediction):
      (JSC::DFG::ByteCodeParser::getLocal):
      (JSC::DFG::ByteCodeParser::getArgument):
      (InlineStackEntry):
      (JSC::DFG::ByteCodeParser::fixVariableAccessPredictions):
      (DFG):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      (JSC::DFG::ByteCodeParser::parse):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::valueProfileFor):
      (JSC::DFG::Graph::methodOfGettingAValueProfileFor):
      (Graph):
      * dfg/DFGNode.h:
      (Node):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::OSRExit):
      * dfg/DFGOSRExit.h:
      (OSRExit):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGPhase.cpp:
      (JSC::DFG::Phase::beginPhase):
      (JSC::DFG::Phase::endPhase):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::speculationCheck):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::nonUnifiedPrediction):
      (VariableAccessData):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108677 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      31659dee
  8. 18 Feb, 2012 2 commits
    • fpizlo@apple.com's avatar
      DFGPropagator.cpp has too many things · a18833ed
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=78956
      
      Reviewed by Oliver Hunt.
              
      Added the notion of a DFG::Phase. Removed DFG::Propagator, and took its
      various things and put them into separate files. These new phases follow
      the naming convention "DFG<name>Phase" where <name> is a noun. They are
      called via functions of the form "perform<name>".
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * dfg/DFGArithNodeFlagsInferencePhase.cpp: Added.
      (DFG):
      (JSC::DFG::performArithNodeFlagsInference):
      * dfg/DFGArithNodeFlagsInferencePhase.h: Added.
      (DFG):
      * dfg/DFGCFAPhase.cpp: Added.
      (DFG):
      (JSC::DFG::performCFA):
      * dfg/DFGCFAPhase.h: Added.
      (DFG):
      * dfg/DFGCSEPhase.cpp: Added.
      (DFG):
      (JSC::DFG::performCSE):
      * dfg/DFGCSEPhase.h: Added.
      (DFG):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGPhase.cpp: Added.
      (DFG):
      (JSC::DFG::Phase::beginPhase):
      (JSC::DFG::Phase::endPhase):
      * dfg/DFGPhase.h: Added.
      (DFG):
      (Phase):
      (JSC::DFG::Phase::Phase):
      (JSC::DFG::Phase::~Phase):
      (JSC::DFG::Phase::globalData):
      (JSC::DFG::Phase::codeBlock):
      (JSC::DFG::Phase::profiledBlock):
      (JSC::DFG::Phase::beginPhase):
      (JSC::DFG::Phase::endPhase):
      (JSC::DFG::runPhase):
      * dfg/DFGPredictionPropagationPhase.cpp: Added.
      (DFG):
      (JSC::DFG::performPredictionPropagation):
      * dfg/DFGPredictionPropagationPhase.h: Added.
      (DFG):
      * dfg/DFGPropagator.cpp: Removed.
      * dfg/DFGPropagator.h: Removed.
      * dfg/DFGVirtualRegisterAllocationPhase.cpp: Added.
      (DFG):
      (JSC::DFG::performVirtualRegisterAllocation):
      * dfg/DFGVirtualRegisterAllocationPhase.h: Added.
      (DFG):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108166 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a18833ed
    • fpizlo@apple.com's avatar
      DFG::Graph should have references to JSGlobalData, the CodeBlock being compiled, and · adf274c5
      fpizlo@apple.com authored
      the CodeBlock that was used for profiling
      https://bugs.webkit.org/show_bug.cgi?id=78954
      
      Reviewed by Gavin Barraclough.
      
      * bytecode/CodeBlock.h:
      (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
      (JSC):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::AbstractState):
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGAbstractState.h:
      * dfg/DFGAssemblyHelpers.h:
      (AssemblyHelpers):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleCall):
      (JSC::DFG::parse):
      * dfg/DFGByteCodeParser.h:
      (DFG):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      (JSC::DFG::Graph::predictArgumentTypes):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::Graph):
      (Graph):
      (JSC::DFG::Graph::getJSConstantPrediction):
      (JSC::DFG::Graph::addShouldSpeculateInteger):
      (JSC::DFG::Graph::isInt32Constant):
      (JSC::DFG::Graph::isDoubleConstant):
      (JSC::DFG::Graph::isNumberConstant):
      (JSC::DFG::Graph::isBooleanConstant):
      (JSC::DFG::Graph::isFunctionConstant):
      (JSC::DFG::Graph::valueOfJSConstant):
      (JSC::DFG::Graph::valueOfInt32Constant):
      (JSC::DFG::Graph::valueOfNumberConstant):
      (JSC::DFG::Graph::valueOfBooleanConstant):
      (JSC::DFG::Graph::valueOfFunctionConstant):
      (JSC::DFG::Graph::baselineCodeBlockFor):
      (JSC::DFG::Graph::valueProfileFor):
      (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::JITCompiler::JITCompiler):
      (JITCompiler):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
      * dfg/DFGPropagator.cpp:
      (JSC::DFG::Propagator::Propagator):
      (JSC::DFG::Propagator::isNotNegZero):
      (JSC::DFG::Propagator::isNotZero):
      (JSC::DFG::Propagator::propagateNodePredictions):
      (JSC::DFG::Propagator::doRoundOfDoubleVoting):
      (JSC::DFG::Propagator::globalCFA):
      (JSC::DFG::propagate):
      * dfg/DFGPropagator.h:
      (DFG):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
      (JSC::DFG::SpeculativeJIT::compileAdd):
      (JSC::DFG::SpeculativeJIT::compileArithSub):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::isConstant):
      (JSC::DFG::SpeculativeJIT::isJSConstant):
      (JSC::DFG::SpeculativeJIT::isInt32Constant):
      (JSC::DFG::SpeculativeJIT::isDoubleConstant):
      (JSC::DFG::SpeculativeJIT::isNumberConstant):
      (JSC::DFG::SpeculativeJIT::isBooleanConstant):
      (JSC::DFG::SpeculativeJIT::isFunctionConstant):
      (JSC::DFG::SpeculativeJIT::valueOfInt32Constant):
      (JSC::DFG::SpeculativeJIT::valueOfNumberConstant):
      (JSC::DFG::SpeculativeJIT::valueOfJSConstant):
      (JSC::DFG::SpeculativeJIT::valueOfBooleanConstant):
      (JSC::DFG::SpeculativeJIT::valueOfFunctionConstant):
      (JSC::DFG::SpeculativeJIT::speculationCheck):
      (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108154 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      adf274c5
  9. 15 Sep, 2011 1 commit
    • fpizlo@apple.com's avatar
      The DFG non-speculative JIT is no longer used and should be removed. · 903c378f
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=68177
      
      Reviewed by Geoffrey Garen.
              
      This removes the non-speculative JIT and everything that relied on it,
      including the ability to turn on DFG but not tiered compilation the,
      ability to perform speculation failure into non-speculative JIT code,
      and the ability to statically terminate speculation.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.pro:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.h:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitLoopHint):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::getStrongPrediction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGGenerationInfo.h:
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::predictArgumentTypes):
      * dfg/DFGJITCodeGenerator.cpp:
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::compileBody):
      * dfg/DFGJITCompiler.h:
      * dfg/DFGNode.h:
      * dfg/DFGNonSpeculativeJIT.cpp: Removed.
      * dfg/DFGNonSpeculativeJIT.h: Removed.
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGPropagator.cpp:
      * dfg/DFGPropagator.h:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::osrExits):
      (JSC::DFG::SpeculativeJIT::speculationRecovery):
      (JSC::DFG::SpeculativeJIT::speculationCheck):
      (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompile):
      * jit/JIT.h:
      * jit/JITCode.h:
      (JSC::JITCode::bottomTierJIT):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h:
      * wtf/Platform.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@95240 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      903c378f
  10. 06 Sep, 2011 1 commit
    • fpizlo@apple.com's avatar
      JavaScriptCore does not have tiered compilation · 594887ab
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=67176
      
      Reviewed by Gavin Barraclough.
      
      This adds the ability to have multiple CodeBlocks associated with
      a particular role in an Executable.  These are stored in
      descending order of compiler tier.  CodeBlocks are optimized when
      a counter (m_executeCounter) that is incremented in loops and
      epilogues becomes positive.  Optimizing means that all calls to
      the old CodeBlock are unlinked.
      
      The DFG can now pull in predictions from ValueProfiles, and
      propagate them along the graph.  To support the new phase while
      maintaing some level of abstraction, a DFGDriver was introduced
      that encapsulates how to run the DFG compiler.
      
      This is turned off by default because it's not yet a performance
      win on all benchmarks.  It speeds up crypto and richards by
      10% and 6% respectively, but still does not do as good of a job
      as it could.  Notably, the DFG backend has not changed, and
      is largely oblivious to the new information being made available
      to it.
      
      When turned off (the default), this patch is performance neutral.
      
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * assembler/MacroAssemblerX86.h:
      (JSC::MacroAssemblerX86::branchAdd32):
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::branchAdd32):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::visitAggregate):
      (JSC::CallLinkInfo::unlink):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::clearEvalCache):
      (JSC::replaceExistingEntries):
      (JSC::CodeBlock::copyDataFromAlternative):
      (JSC::ProgramCodeBlock::replacement):
      (JSC::EvalCodeBlock::replacement):
      (JSC::FunctionCodeBlock::replacement):
      (JSC::ProgramCodeBlock::compileOptimized):
      (JSC::EvalCodeBlock::compileOptimized):
      (JSC::FunctionCodeBlock::compileOptimized):
      * bytecode/CodeBlock.h:
      (JSC::GlobalCodeBlock::GlobalCodeBlock):
      (JSC::ProgramCodeBlock::ProgramCodeBlock):
      (JSC::EvalCodeBlock::EvalCodeBlock):
      (JSC::FunctionCodeBlock::FunctionCodeBlock):
      * bytecode/ValueProfile.h:
      (JSC::ValueProfile::dump):
      (JSC::ValueProfile::computeStatistics):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      * bytecompiler/BytecodeGenerator.h:
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::addCall):
      (JSC::DFG::ByteCodeParser::dynamicallyPredict):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::parse):
      * dfg/DFGDriver.cpp: Added.
      (JSC::DFG::compile):
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGDriver.h: Added.
      (JSC::DFG::tryCompile):
      (JSC::DFG::tryCompileFunction):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      (JSC::DFG::Graph::predictArgumentTypes):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::predict):
      (JSC::DFG::Graph::predictGlobalVar):
      (JSC::DFG::Graph::isConstant):
      (JSC::DFG::Graph::isJSConstant):
      (JSC::DFG::Graph::isInt32Constant):
      (JSC::DFG::Graph::isDoubleConstant):
      (JSC::DFG::Graph::valueOfJSConstant):
      (JSC::DFG::Graph::valueOfInt32Constant):
      (JSC::DFG::Graph::valueOfDoubleConstant):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::JITCompiler::isConstant):
      (JSC::DFG::JITCompiler::isJSConstant):
      (JSC::DFG::JITCompiler::isInt32Constant):
      (JSC::DFG::JITCompiler::isDoubleConstant):
      (JSC::DFG::JITCompiler::valueOfJSConstant):
      (JSC::DFG::JITCompiler::valueOfInt32Constant):
      (JSC::DFG::JITCompiler::valueOfDoubleConstant):
      * dfg/DFGNode.h:
      (JSC::DFG::isCellPrediction):
      (JSC::DFG::isNumberPrediction):
      (JSC::DFG::predictionToString):
      (JSC::DFG::mergePrediction):
      (JSC::DFG::makePrediction):
      (JSC::DFG::Node::valueOfJSConstant):
      (JSC::DFG::Node::isInt32Constant):
      (JSC::DFG::Node::isDoubleConstant):
      (JSC::DFG::Node::valueOfInt32Constant):
      (JSC::DFG::Node::valueOfDoubleConstant):
      (JSC::DFG::Node::predict):
      * dfg/DFGPropagation.cpp: Added.
      (JSC::DFG::Propagator::Propagator):
      (JSC::DFG::Propagator::fixpoint):
      (JSC::DFG::Propagator::setPrediction):
      (JSC::DFG::Propagator::mergePrediction):
      (JSC::DFG::Propagator::propagateNode):
      (JSC::DFG::Propagator::propagateForward):
      (JSC::DFG::Propagator::propagateBackward):
      (JSC::DFG::propagate):
      * dfg/DFGPropagation.h: Added.
      (JSC::DFG::propagate):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::dfgLinkFor):
      * heap/HandleHeap.h:
      (JSC::HandleHeap::Node::Node):
      * jit/JIT.cpp:
      (JSC::JIT::emitOptimizationCheck):
      (JSC::JIT::emitTimeoutCheck):
      (JSC::JIT::privateCompile):
      (JSC::JIT::linkFor):
      * jit/JIT.h:
      (JSC::JIT::emitOptimizationCheck):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::emit_op_ret):
      (JSC::JIT::emit_op_ret_object_or_this):
      * jit/JITCode.h:
      (JSC::JITCode::JITCode):
      (JSC::JITCode::bottomTierJIT):
      (JSC::JITCode::topTierJIT):
      (JSC::JITCode::nextTierJIT):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_ret):
      (JSC::JIT::emit_op_ret_object_or_this):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JITStubs.h:
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC::EvalExecutable::compile):
      (JSC::ProgramExecutable::compile):
      (JSC::FunctionExecutable::compileForCall):
      (JSC::FunctionExecutable::compileForConstruct):
      (JSC::FunctionExecutable::compileOptimizedFor):
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (WTF::BasicRawSentinelNode::BasicRawSentinelNode):
      (WTF::BasicRawSentinelNode::setPrev):
      (WTF::BasicRawSentinelNode::setNext):
      (WTF::BasicRawSentinelNode::prev):
      (WTF::BasicRawSentinelNode::next):
      (WTF::BasicRawSentinelNode::isOnList):
      (WTF::::remove):
      (WTF::::SentinelLinkedList):
      (WTF::::begin):
      (WTF::::end):
      (WTF::::push):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@94559 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      594887ab
  11. 17 Mar, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 56603 - DFG JIT related cleanup · d9976840
      barraclough@apple.com authored
      Move node generation out to separate function, move binarySearch algorithm out
      to StdLibExtras, fix Graph::dump() to print comma between non-node children,
      even if there are no node children.
      
      Reviewed by Sam Weinig.
      
      * bytecode/CodeBlock.h:
      (JSC::getCallReturnOffset):
      (JSC::CodeBlock::getStubInfo):
      (JSC::CodeBlock::getCallLinkInfo):
      (JSC::CodeBlock::getMethodCallLinkInfo):
      (JSC::CodeBlock::bytecodeOffset):
          - Move binaryChop to binarySearch in StdLibExtras
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::parse):
      (JSC::DFG::parse):
          - Make m_noArithmetic a member, initialize m_currentIndex in the constructor.
      * dfg/DFGByteCodeParser.h:
          - Change parse() to not take a start index (always 0).
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
          - Fix Graph::dump() to print comma between non-node children, even if there are no node children.
      * dfg/DFGJITCodeGenerator.h:
      (JSC::DFG::JITCodeGenerator::JITCodeGenerator):
          - Initialize m_compileIndex in constructor.
      * dfg/DFGNonSpeculativeJIT.cpp:
      (JSC::DFG::NonSpeculativeJIT::compile):
      * dfg/DFGNonSpeculativeJIT.h:
          - Spilt out compilation of individual node.
      * dfg/DFGOperations.cpp:
      (JSC::DFG::operationConvertThis):
      * dfg/DFGOperations.h:
          - Cleanup parameter name.
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT.h:
          - Spilt out compilation of individual node.
      * runtime/Executable.cpp:
      (JSC::tryDFGCompile):
          - Change parse() to not take a start index (always 0).
      * wtf/StdLibExtras.h:
      (WTF::binarySearch):
          - Move binaryChop to binarySearch in StdLibExtras
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81403 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d9976840
  12. 14 Mar, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 56284 - Add a dataflow intermediate representation for use in JIT generation. · 2302c04f
      barraclough@apple.com authored
      Reviewed by Geoffrey Garen & Oliver Hunt.
      
      The JSC JIT presently generates code directly from the bytecode used by the interpreter.
      This is not an optimal intermediate representation for JIT code generation, since it does
      not capture liveness information of values, and provides little opportunity to perform
      any static analysis for even primitive types. The JIT currently generates two code paths,
      a fast path handling common cases, and a slower path handling less common operand types.
      However the slow path jumps back into the fast path, meaning that information arising
      from the earlier type checks cannot be propagated to later operations.
      
      This patch adds:
          * a dataflow intermediate representation capable of describing a single basic block
            of operations,
          * a mechanism to convert a simple, single-block bytecode functions to the new IR,
          * and a JIT code generator capable of generating code from this representation.
      
      The JIT generates two code paths, with the slower path not reentering the fast path
      mid-block, allowing speculative optimizations to be made on the hot path, with type
      information arising from these speculative decisions able to be propagated through the
      dataflow. Code generation of both speculative and non-speculative paths exploits the type
      and liveness information represented in the dataflow graph to attempt to avoid redundant
      boxing and type-checking of values, and to remove unnecessary spills of temporary values
      to the RegisterFile.
      
      The dataflow JIT currently can only support a subset of bytecode operations, limited to
      arithmetic, bit-ops, and basic property access. Functions that cannot be compiled by the
      dataflow JIT will be run using the existing JIT. The coverage of the dataflow JIT will be
      expanded to include, control-flow, function calls, and then the long-tail of remaining
      bytecode instructions. The JIT presently only support JSVALUE64, and as a consequence of
      this only supports x86-64.
      
      The status of the dataflow JIT is currently work-in-progress. Limitations of the present
      JIT code generation may cause performance regressions, particularly:
          * the policy to only generate arithmetic code on the speculative path using integer
            instructions, never using floating point.
          * the policy to only generate arithmetic code on the non-speculative path using
            floating point instructions, never using integer.
          * always generating JSValue adds on the non-speculative path as a call out to a
            C-function, never handling this in JIT code.
          * always assuming by-Value property accesses on the speculative path to be array
            accesses.
          * generating all by-Value property accesses from the non-speculative path as a call
            out to a C-function.
          * generating all by-Indentifer property accesses as a call out to a C-function.
      Due to these regressions, the code is landed in a state where it is disabled in most
      cases by the ENABLE_DFG_JIT_RESTRICTIONS guard in Platform.h. As these regressions are
      addressed, the JIT will be allowed to trigger in more cases.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
          - Added new files to Xcode project.
      * dfg: Added.
          - Added directory for new code.
      * dfg/DFGByteCodeParser.cpp: Added.
      * dfg/DFGByteCodeParser.h: Added.
          - Contruct a DFG::Graph representation from a bytecode CodeBlock.
      * dfg/DFGGenerationInfo.h: Added.
          - Track type & register information for VirtualRegisters during JIT code generation.
      * dfg/DFGGraph.cpp: Added.
      * dfg/DFGGraph.h: Added.
          - Dataflow graph intermediate representation for code generation.
      * dfg/DFGJITCodeGenerator.cpp: Added.
      * dfg/DFGJITCodeGenerator.h: Added.
          - Base class for SpeculativeJIT & NonSpeculativeJIT to share common functionality.
      * dfg/DFGJITCompiler.cpp: Added.
      * dfg/DFGJITCompiler.h: Added.
          - Class responsible for driving code generation of speculativeJIT & non-speculative
            code paths from the dataflow graph.
      * dfg/DFGNonSpeculativeJIT.cpp: Added.
      * dfg/DFGNonSpeculativeJIT.h: Added.
          - Used to generate the non-speculative code path, this make no assumptions
            about operand types.
      * dfg/DFGOperations.cpp: Added.
      * dfg/DFGOperations.h: Added.
          - Helper functions called from the JIT generated code.
      * dfg/DFGRegisterBank.h: Added.
          - Used to track contents of physical registers during JIT code generation.
      * dfg/DFGSpeculativeJIT.cpp: Added.
      * dfg/DFGSpeculativeJIT.h: Added.
          - Used to generate the speculative code path, this make assumptions about
            operand types to enable optimization.
      * runtime/Executable.cpp:
          - Add code to attempt to use the DFG JIT to compile a function, with fallback
            to the existing JIT.
      * wtf/Platform.h:
          - Added compile guards to enable the DFG JIT.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81079 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2302c04f
  13. 09 Feb, 2011 1 commit
    • pvarga@webkit.org's avatar
      Replace PCRE with Yarr in WebCore · 4ab8255f
      pvarga@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=53496
      
      Reviewed by Gavin Barraclough.
      
      Rollback r77626 with windows build fix.
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.exp:
      * JavaScriptCore.gyp/JavaScriptCore.gyp:
      * JavaScriptCore.gypi:
      * JavaScriptCore.pro:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * create_regex_tables:
      * runtime/RegExp.cpp:
      * wtf/Platform.h:
      * yarr/Yarr.h:
      * yarr/YarrJIT.cpp:
      * yarr/YarrJIT.h:
      * yarr/YarrParser.h:
      * yarr/YarrPattern.h:
      * yarr/YarrSyntaxChecker.h:
      * yarr/yarr.pri: Added.
      
      Source/WebCore:
      
      No new tests needed.
      
      * Android.jscbindings.mk:
      * CMakeLists.txt:
      * ForwardingHeaders/pcre/pcre.h: Removed.
      * ForwardingHeaders/yarr/Yarr.h: Added.
      * ForwardingHeaders/yarr/YarrInterpreter.h: Added.
      * ForwardingHeaders/yarr/YarrPattern.h: Added.
      * WebCore.gyp/WebCore.gyp:
      * WebCore.pro:
      * WebCore.vcproj/WebCore.vcproj:
      * WebCore.vcproj/copyForwardingHeaders.cmd:
      * platform/text/RegularExpression.cpp:
      (WebCore::RegularExpression::Private::create):
      (WebCore::RegularExpression::Private::Private):
      (WebCore::RegularExpression::Private::compile):
      (WebCore::RegularExpression::match):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78042 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4ab8255f
  14. 04 Feb, 2011 2 commits
    • loislo@chromium.org's avatar
      2011-02-04 Sheriff Bot <webkit.review.bot@gmail.com> · 66fc8e99
      loislo@chromium.org authored
              Unreviewed, rolling out r77625 and r77626.
              http://trac.webkit.org/changeset/77625
              http://trac.webkit.org/changeset/77626
              https://bugs.webkit.org/show_bug.cgi?id=53765
      
              It broke Windows builds (Requested by Ossy_ on #webkit).
      
              * Android.jscbindings.mk:
              * CMakeLists.txt:
              * ForwardingHeaders/pcre/pcre.h: Added.
              * ForwardingHeaders/yarr/Yarr.h: Removed.
              * ForwardingHeaders/yarr/YarrInterpreter.h: Removed.
              * ForwardingHeaders/yarr/YarrPattern.h: Removed.
              * WebCore.gyp/WebCore.gyp:
              * WebCore.pro:
              * WebCore.vcproj/WebCore.vcproj:
              * WebCore.vcproj/copyForwardingHeaders.cmd:
              * platform/text/RegularExpression.cpp:
              (WebCore::RegularExpression::Private::regexp):
              (WebCore::RegularExpression::Private::compile):
              (WebCore::RegularExpression::Private::Private):
              (WebCore::RegularExpression::Private::create):
              (WebCore::RegularExpression::Private::~Private):
              (WebCore::RegularExpression::match):
      
      2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r77625 and r77626.
              http://trac.webkit.org/changeset/77625
              http://trac.webkit.org/changeset/77626
              https://bugs.webkit.org/show_bug.cgi?id=53765
      
              It broke Windows builds (Requested by Ossy_ on #webkit).
      
              * JavaScriptCore.exp:
              * JavaScriptCore.gyp/JavaScriptCore.gyp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.pro:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * create_regex_tables:
              * runtime/RegExp.cpp:
              * wtf/Platform.h:
              * yarr/Yarr.h:
              * yarr/YarrJIT.cpp:
              * yarr/YarrJIT.h:
              * yarr/YarrParser.h:
              * yarr/YarrPattern.h:
              * yarr/YarrSyntaxChecker.h:
              * yarr/yarr.pri: Removed.
      
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77630 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      66fc8e99
    • pvarga@webkit.org's avatar
      2011-02-04 Peter Varga <pvarga@webkit.org> · 43e81a73
      pvarga@webkit.org authored
              Reviewed by Gavin Barraclough.
      
              Replace PCRE with Yarr in WebCore
              https://bugs.webkit.org/show_bug.cgi?id=53496
      
              * JavaScriptCore.exp:
              * JavaScriptCore.gyp/JavaScriptCore.gyp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.pro:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * create_regex_tables:
              * runtime/RegExp.cpp:
              * wtf/Platform.h:
              * yarr/Yarr.h:
              * yarr/YarrJIT.cpp:
              * yarr/YarrJIT.h:
              * yarr/YarrParser.h:
              * yarr/YarrPattern.h:
              * yarr/YarrSyntaxChecker.h:
              * yarr/yarr.pri: Added.
      2011-02-04  Peter Varga  <pvarga@webkit.org>
      
              Reviewed by Gavin Barraclough.
      
              Replace PCRE with Yarr in WebCore
              https://bugs.webkit.org/show_bug.cgi?id=53496
      
              No new tests needed.
      
              * Android.jscbindings.mk:
              * CMakeLists.txt:
              * ForwardingHeaders/pcre/pcre.h: Removed.
              * ForwardingHeaders/yarr/Yarr.h: Added.
              * ForwardingHeaders/yarr/YarrInterpreter.h: Added.
              * ForwardingHeaders/yarr/YarrPattern.h: Added.
              * WebCore.gyp/WebCore.gyp:
              * WebCore.pro:
              * WebCore.vcproj/WebCore.vcproj:
              * WebCore.vcproj/copyForwardingHeaders.cmd:
              * platform/text/RegularExpression.cpp:
              (WebCore::RegularExpression::Private::create):
              (WebCore::RegularExpression::Private::Private):
              (WebCore::RegularExpression::Private::compile):
              (WebCore::RegularExpression::match):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77625 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      43e81a73
  15. 10 Jan, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 52079 - Syntax errors should be early errors. · 7e6bd6d6
      barraclough@apple.com authored
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      From chapter 16 the spec:
          An implementation must report most errors at the time the relevant ECMAScript language construct is
          evaluated. An early error is an error that can be detected and reported prior to the evaluation of
          any construct in the Program containing the error. An implementation must report early errors in a
          Program prior to the first evaluation of that Program. Early errors in eval code are reported at
          the time eval is called but prior to evaluation of any construct within the eval code. All errors
          that are not early errors are runtime errors.
      
          An implementation must treat any instance of the following kinds of errors as an early error:
              * Any syntax error."
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
          Added new files.
      * bytecode/CodeBlock.cpp:
          Removed op_throw_syntax_error.
      * bytecode/Opcode.h:
          Removed op_throw_syntax_error.
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::generate):
          If m_expressionTooDeep then throw a runtime error.
      (JSC::BytecodeGenerator::BytecodeGenerator):
          Initialize m_expressionTooDeep.
      (JSC::BytecodeGenerator::emitThrowExpressionTooDeepException):
          Sets m_expressionTooDeep.
      * bytecompiler/BytecodeGenerator.h:
          Added m_expressionTooDeep, removed emitThrowSyntaxError.
      * bytecompiler/NodesCodegen.cpp:
      (JSC::RegExpNode::emitBytecode):
      (JSC::ContinueNode::emitBytecode):
      (JSC::BreakNode::emitBytecode):
      (JSC::ReturnNode::emitBytecode):
      (JSC::LabelNode::emitBytecode):
          Conditions that threw syntax error are now handled during parsing;
          during bytecompilation these are now just ASSERTs.
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      * jit/JIT.h:
      * jit/JITOpcodes.cpp:
      * jit/JITOpcodes32_64.cpp:
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
          Removed op_throw_syntax_error.
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::createRegExp):
          Renamed; added syntax check.
      * parser/JSParser.cpp:
      (JSC::JSParser::breakIsValid):
      (JSC::JSParser::hasLabel):
      (JSC::JSParser::Scope::Scope):
      (JSC::JSParser::Scope::setIsFunction):
      (JSC::JSParser::Scope::isFunctionBoundary):
      (JSC::JSParser::ScopeRef::hasContainingScope):
      (JSC::JSParser::ScopeRef::containingScope):
      (JSC::JSParser::AutoPopScopeRef::AutoPopScopeRef):
      (JSC::JSParser::AutoPopScopeRef::~AutoPopScopeRef):
      (JSC::JSParser::AutoPopScopeRef::setPopped):
      (JSC::JSParser::popScopeInternal):
      (JSC::JSParser::popScope):
      (JSC::jsParse):
      (JSC::JSParser::JSParser):
      (JSC::JSParser::parseProgram):
      (JSC::JSParser::parseBreakStatement):
      (JSC::JSParser::parseContinueStatement):
      (JSC::JSParser::parseReturnStatement):
      (JSC::JSParser::parseTryStatement):
      (JSC::JSParser::parseFunctionInfo):
      (JSC::JSParser::parseExpressionOrLabelStatement):
      (JSC::JSParser::parsePrimaryExpression):
      * parser/JSParser.h:
      * parser/Nodes.h:
      * parser/Parser.cpp:
      (JSC::Parser::parse):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::createRegExp):
          Renamed; added syntax check.
      * runtime/ExceptionHelpers.cpp:
      (JSC::createOutOfMemoryError):
      (JSC::throwOutOfMemoryError):
      * runtime/ExceptionHelpers.h:
          Broke out createOutOfMemoryError.
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
          Add check for exception after bytecode generation.
      * runtime/RegExpConstructor.cpp:
      (JSC::constructRegExp):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncCompile):
          RegExp error prefixes not included in error string.
      * yarr/RegexParser.h:
      (JSC::Yarr::Parser::parse):
          Removed regexBegin/regexEnd/regexError.
      * yarr/RegexPattern.cpp:
      (JSC::Yarr::RegexPatternConstructor::regexBegin):
          Removed regexEnd/regexError.
      (JSC::Yarr::compileRegex):
          Add call to regexBegin (no longer called from the parser).
      * yarr/YarrSyntaxChecker.cpp: Added.
      (JSC::Yarr::SyntaxChecker::assertionBOL):
      (JSC::Yarr::SyntaxChecker::assertionEOL):
      (JSC::Yarr::SyntaxChecker::assertionWordBoundary):
      (JSC::Yarr::SyntaxChecker::atomPatternCharacter):
      (JSC::Yarr::SyntaxChecker::atomBuiltInCharacterClass):
      (JSC::Yarr::SyntaxChecker::atomCharacterClassBegin):
      (JSC::Yarr::SyntaxChecker::atomCharacterClassAtom):
      (JSC::Yarr::SyntaxChecker::atomCharacterClassRange):
      (JSC::Yarr::SyntaxChecker::atomCharacterClassBuiltIn):
      (JSC::Yarr::SyntaxChecker::atomCharacterClassEnd):
      (JSC::Yarr::SyntaxChecker::atomParenthesesSubpatternBegin):
      (JSC::Yarr::SyntaxChecker::atomParentheticalAssertionBegin):
      (JSC::Yarr::SyntaxChecker::atomParenthesesEnd):
      (JSC::Yarr::SyntaxChecker::atomBackReference):
      (JSC::Yarr::SyntaxChecker::quantifyAtom):
      (JSC::Yarr::SyntaxChecker::disjunction):
      (JSC::Yarr::checkSyntax):
      * yarr/YarrSyntaxChecker.h: Added.
          Check RegExp syntax.
      
      LayoutTests: 
      
      Fix syntax errors in layout tests, and update expected results.
      
      * editing/selection/select-crash-001.html:
      * editing/selection/select-crash-002.html:
      * fast/canvas/webgl/renderbuffer-initialization.html:
      * fast/forms/25153.html:
      * fast/forms/textfield-drag-into-disabled.html:
      * fast/js/exception-codegen-crash-expected.txt:
      * fast/js/exception-codegen-crash.html:
      * fast/js/kde/parse-expected.txt:
      * fast/js/kde/script-tests/parse.js:
      * fast/js/large-expressions-expected.txt:
      * fast/js/named-function-expression-expected.txt:
      * fast/js/parser-syntax-check-expected.txt:
      * fast/js/script-tests/large-expressions.js:
      * fast/js/script-tests/named-function-expression.js:
      * fast/js/script-tests/parser-syntax-check.js:
      * fast/js/sputnik/Conformance/12_Statement/12.6_Iteration_Statements/12.6.3_The_for_Statement/S12.6.3_A11.1_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.6_Iteration_Statements/12.6.3_The_for_Statement/S12.6.3_A11_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.6_Iteration_Statements/12.6.3_The_for_Statement/S12.6.3_A12.1_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.6_Iteration_Statements/12.6.3_The_for_Statement/S12.6.3_A12_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A1_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A1_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A1_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A1_T4-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A5_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A5_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A5_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A6-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A8_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.7_The_continue_Statement/S12.7_A8_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A1_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A1_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A1_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A1_T4-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A5_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A5_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A5_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A6-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A8_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.8_The_break_Statement/S12.8_A8_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T1-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T10-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T2-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T3-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T4-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T5-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T6-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T7-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T8-expected.txt:
      * fast/js/sputnik/Conformance/12_Statement/12.9_The_return_Statement/S12.9_A1_T9-expected.txt:
      * http/tests/security/isolatedWorld/events.html:
      * http/tests/security/isolatedWorld/userGestureEvents.html:
      * svg/custom/resources/use-instanceRoot-event-listeners.js:
      * svg/custom/rgbcolor-syntax.svg:
      * svg/custom/use-instanceRoot-modifications.svg:
      * svg/custom/use-property-changes-through-svg-dom.svg:
      * webarchive/adopt-attribute-styled-body-webarchive-expected.webarchive:
      * webarchive/resources/adopt-attribute-styled-body-iframe.html:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75408 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7e6bd6d6
  16. 08 Jan, 2011 1 commit
  17. 09 Sep, 2009 1 commit
  18. 07 Apr, 2009 1 commit
  19. 31 Oct, 2008 1 commit
  20. 11 Aug, 2008 1 commit
  21. 22 May, 2008 1 commit
  22. 23 Feb, 2008 1 commit
    • ddkilzer@apple.com's avatar
      WebCore: · 267da135
      ddkilzer@apple.com authored
              Please clarify licensing for some files
              <http://bugs.webkit.org/show_bug.cgi?id=14970>
      
              Reviewed by Darin.
      
              * bindings/objc/WebScriptObject.h: Added Apple BSD-style license.
              * bindings/objc/WebScriptObjectPrivate.h: Ditto.
              * platform/text/mac/ShapeArabic.c: Added ICU license from WebCore/icu/LICENSE.
      
      WebKit/mac:
      
              Please clarify licensing for some files
              <http://bugs.webkit.org/show_bug.cgi?id=14970>
      
              Reviewed by Darin.
      
              * Plugins/WebNetscapeDeprecatedFunctions.c: Updated copyright statement
              and added Apple BSD-style license.
              * Plugins/WebNetscapeDeprecatedFunctions.h: Ditto.
      
      WebKitTools:
      
              Please clarify licensing for some files
              <http://bugs.webkit.org/show_bug.cgi?id=14970>
      
              Reviewed by Darin.
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.cpp: Added
              copyright statement.  Replaced license with newer Apple BSD-style license.
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.h: Ditto.
              * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.cpp: Ditto.
              * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.h: Ditto.
              * DumpRenderTree/TestNetscapePlugIn.subproj/main.cpp: Ditto.
              * DumpRenderTree/win/TestNetscapePlugin/main.c: Ditto.
              * mangleme/LICENSE: Added (LGPL).
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@30520 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      267da135
  23. 30 Mar, 2007 2 commits
    • andersca's avatar
      Reviewed by Geoff. · b5e193f8
      andersca authored
              * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.c:
              (testAllocate):
              (testEnumerate):
              Add casts.
              
              * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.h:
              Don't use #import, use #include.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20619 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b5e193f8
    • andersca's avatar
      JavaScriptCore: · 77d5e0d0
      andersca authored
              Reviewed by Geoff.
      
              Implement _NPN_Enumerate support.
              
              * JavaScriptCore.exp:
              * bindings/NP_jsobject.cpp:
              (_NPN_Enumerate):
              * bindings/c/c_instance.cpp:
              (KJS::Bindings::CInstance::getPropertyNames):
              * bindings/c/c_instance.h:
              * bindings/npapi.h:
              * bindings/npruntime.h:
              * bindings/npruntime_impl.h:
              * bindings/runtime.h:
              (KJS::Bindings::Instance::getPropertyNames):
              * bindings/runtime_object.cpp:
              (RuntimeObjectImp::getPropertyNames):
              * bindings/runtime_object.h:
              (KJS::RuntimeObjectImp::getInternalInstance):
      
      LayoutTests:
      
              Reviewed by Geoff.
      
              Add enumeration test.
              
              * plugins/netscape-enumerate-expected.txt: Added.
              * plugins/netscape-enumerate.html: Added.
      
      WebKit:
      
              Reviewed by Geoff.
      
              * Plugins/WebNetscapePluginPackage.m:
              (-[WebNetscapePluginPackage load]):
              Initialize pushpopupsenabledstate, poppopupsenabledstate and enumerate.
              
              * Plugins/npapi.m:
              (NPN_PushPopupsEnabledState):
              (NPN_PopPopupsEnabledState):
              Add stubs for these functions.
              
              * Plugins/npfunctions.h:
              Add new methods to NPNetscapeFuncs.
      
      WebKitTools:
      
              Reviewed by Geoff.
      
              * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
              Add TestObject.c and TestObject.h
              
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c:
              (pluginGetProperty):
              Implement the testObject property.
              
              (pluginInvoke):
              Implement testEnumerate which takes an object and an array and enumerates
              the properties of the object and adds them to the array.
              
              (pluginAllocate):
              Allocate the test object.
              
              (pluginDeallocate):
              Free the test object.
              
              * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.c: Added.
              * DumpRenderTree/TestNetscapePlugIn.subproj/TestObject.h: Added.
              Add a test object with two enumerable properties.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20613 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      77d5e0d0
  24. 29 Mar, 2007 1 commit
    • ggaren's avatar
      LayoutTests: · 2663f9a7
      ggaren authored
              Reviewed by Beth Dakin.
              
              Layout test for <rdar://problem/5091330> REGRESSION: Repro crash in 
              -[WebBaseNetscapePluginView(WebNPPCallbacks) destroyStream:reason:] 
              navigating away from page with DivX movie plug-in (13203)
      
              * plugins/destroy-stream-twice-expected.txt: Added.
              * plugins/destroy-stream-twice.html: Added.
      
      WebKit:
      
              Reviewed by Beth Dakin, reviewed by Maciej Stachowiak.
              
              Layout test for <rdar://problem/5091330> REGRESSION: Repro crash in 
              -[WebBaseNetscapePluginView(WebNPPCallbacks) destroyStream:reason:] 
              navigating away from page with DivX movie plug-in (13203)
              
              Changed LOG_ERROR to LOG so the layout test doesn't produce console spew
              every time you run it.
      
              * Plugins/WebBaseNetscapePluginView.mm:
              (-[WebBaseNetscapePluginView destroyStream:reason:]):
      
      WebKitTools:
      
              Reviewed by Beth Dakin.
              
              Layout test for <rdar://problem/5091330> REGRESSION: Repro crash in 
              -[WebBaseNetscapePluginView(WebNPPCallbacks) destroyStream:reason:] 
              navigating away from page with DivX movie plug-in (13203)
              
              Added hasStream property and destroyStream function, used by layout test.
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c:
              (pluginGetProperty):
              (pluginInvoke):
              (pluginAllocate):
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.h:
              * DumpRenderTree/TestNetscapePlugIn.subproj/main.c:
              (NPP_NewStream):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@20597 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2663f9a7
  25. 05 Mar, 2007 1 commit
    • andersca's avatar
      LayoutTests: · 526c36f0
      andersca authored
              Reviewed by Adam, Darin.
      
              <rdar://problem/5025212>
              In Mail, a crash occurs at WebCore::Frame::tree() when clicking on embedded flash object
      
              * plugins/get-url-with-blank-target-expected.txt: Added.
              * plugins/get-url-with-blank-target.html: Added.
      
      WebKit:
      
              Reviewed by Adam, Darin.
       
              <rdar://problem/5025212>
              In Mail, a crash occurs at WebCore::Frame::tree() when clicking on embedded flash object
      
              * Plugins/WebBaseNetscapePluginView.mm:
              (-[WebBaseNetscapePluginView loadPluginRequest:]):
              Handle the case where the web view returned from the delegate method is null. Also, send out an error notification
              in that case so we can catch it.
      
      WebKitTools:
      
              Reviewed by Adam, Darin.
      
              <rdar://problem/5025212>
              In Mail, a crash occurs at WebCore::Frame::tree() when clicking on embedded flash object
              
              Add a "getURLNotify" method to the plugin object. This lets you pass a URL, a target and a callback function
              to be run when the URL has finished (or failed) loading.
              
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c:
              (pluginInvoke):
              (handleCallback):
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.h:
              * DumpRenderTree/TestNetscapePlugIn.subproj/main.c:
              (NPP_URLNotify):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@19966 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      526c36f0
  26. 06 Nov, 2006 1 commit
    • ap's avatar
      Reviewed by Maciej. · fdfb9d6f
      ap authored
              http://bugs.webkit.org/show_bug.cgi?id=11517
              REGRESSION: Flash clicks/interactivity not working properly
      
      WebCore:
              * bridge/mac/FrameMac.mm:
              (WebCore::FrameMac::handleMouseMoveEvent):
              (WebCore::FrameMac::handleMouseReleaseEvent):
              Restore parts of event dispatching that were removed when fixing
              bug 7323 - just bypass those for subframes.
      
      WebKitTools:
              Teach TestNetscapePlugin to log events passed to it. To enable, set eventLoggingEnabled to true:
      
              <embed name="plg" type="application/x-webkit-test-netscape" width=100 height=100></embed>
              <script>
                  plg.eventLoggingEnabled = true;
                  // use eventSender to simulate events...
              </script>
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c:
              (pluginGetProperty):
              (pluginSetProperty):
              (pluginAllocate):
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.h:
              * DumpRenderTree/TestNetscapePlugIn.subproj/main.c:
              (NPP_HandleEvent):
      
      LayoutTests:
              * plugins/mouse-events-expected.txt: Added.
              * plugins/mouse-events.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@17611 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fdfb9d6f
  27. 09 Mar, 2006 1 commit
    • darin's avatar
      Reviewed by John Sullivan. · 24fbf130
      darin authored
              - fix http://bugzilla.opendarwin.org/show_bug.cgi?id=7681
                memory leak in the plug-in tests
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/main.c:
              (NPP_Destroy): Added code to release the plug-in object. This is the leak fix.
              (NPP_SetWindow): Remove unneeded code to store the window pointer.
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c:
              Moved the browser global in here since it's declared in this file's header.
              Changed the code to set up the pluginClass structure to not use function
              pointer casts. Those are dangerous because they can hide many types of mismatch.
              And indeed when I did this I discovered that many functions were missing their
              boolean return values or had parameter declarations with the wrong types.
              (pluginGetProperty): Use STRINGZ_TO_NPVARIANT macro for greater simplicity and
              clarity. Added boolean return value: return true when successful and false when not.
              (pluginSetProperty): Added boolean return value, return false since we have no
              properties we can set.
              (pluginInvoke): Added boolean return value. Return true when successful and false
              when not. Use NPVARIANT macros where appropriate. Added a missing release for the
              return value from calling the browser. Changed code to put the strings in malloc
              buffers instead of relying on GCC's extension that allows variable-sized arrays
              on the stack.
              (pluginInvokeDefault): Added boolean return value, return false since we have no
              default function to call.
              (pluginInvalidate): Added missing parameter. Removed comment.
              (pluginAllocate): Removed unneeded cast. This is C code, not C++, so you don't have
              to cast the result of malloc.
              (pluginDeallocate): Removed uneeded cast.
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.h: Removed some unneeded
              includes. Changed our PluginObject to use NPObject instead of re-declaring fields
              that match NPObject's fields. Removed unused NPWindow pointer.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@13233 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      24fbf130
  28. 05 Jan, 2006 1 commit
    • ggaren's avatar
      LayoutTests: · 7dd73f87
      ggaren authored
              Layout test for http://bugzilla.opendarwin.org/show_bug.cgi?id=6318
              REGRESSION: Repro crash in JS called from Flash on bdash.net.nz
      
              * fast/plugins/netscape-back-forward-expected.txt: Added.
              * fast/plugins/netscape-back-forward.html: Added.
              * fast/plugins/resources/go-back.html: Added.
      
      WebKit:
      
              Reviewed by Darin.
      
              - Fixed http://bugzilla.opendarwin.org/show_bug.cgi?id=6361
              Add plugin support to DumpRenderTree
      
              * WebKit.exp: export WebPluginDatabase class, which DumpRenderTree
              needs to add plugins to the runtime.
      
      WebKitTools:
      
              Reviewed by darin.
      
              - Fixed http://bugzilla.opendarwin.org/show_bug.cgi?id=6361
              Add plugin support to DumpRenderTree
      
              Also wrote first test plugin.
      
              * DumpRenderTree/DumpRenderTree.m:
              (main):
              (1) Put the WebView in an invisible window, because PlugIns are
              optimized not to load if there's no parent window.
              (2) Tell WebKit to load any PlugIns in the directory from which we
              loaded. This means we can build nasty PlugIns alongside DumpRenderTree
              and they'll load automagically during layout testing, but they won't be
              added to the user's system, hosing apps like Safari.
      
              * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj: Added new
              test PlugIn to project.
      
              PlugIn added to project:
      
              * DumpRenderTree/TestNetscapePlugIn.subproj/Info.plist: Added.
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.c: Added.
              (getPluginClass):
              (initializeIdentifiers):
              (pluginHasProperty):
              (pluginHasMethod):
              (pluginGetProperty):
              (pluginSetProperty):
              (pluginInvoke):
              (pluginInvokeDefault):
              (pluginInvalidate):
              (pluginAllocate):
              (pluginDeallocate):
              * DumpRenderTree/TestNetscapePlugIn.subproj/PluginObject.h: Added.
              * DumpRenderTree/TestNetscapePlugIn.subproj/main.c: Added.
              (NP_Initialize):
              (NP_GetEntryPoints):
              (NP_Shutdown):
              (NPP_New):
              (NPP_Destroy):
              (NPP_SetWindow):
              (NPP_NewStream):
              (NPP_DestroyStream):
              (NPP_WriteReady):
              (NPP_Write):
              (NPP_StreamAsFile):
              (NPP_Print):
              (NPP_HandleEvent):
              (NPP_URLNotify):
              (NPP_GetValue):
              (NPP_SetValue):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@11885 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7dd73f87