Crash accessing static property on sealed object
[webkit:qtwebkit.git] / Source / JavaScriptCore / ChangeLog
1 2011-08-15  Gavin Barraclough  <barraclough@apple.com>
2
3         Crash accessing static property on sealed object
4         https://bugs.webkit.org/show_bug.cgi?id=66242
5
6         Reviewed by Sam Weinig.
7
8         * runtime/JSObject.h:
9         (JSC::JSObject::putDirectInternal):
10             - should only check isExtensible if checkReadOnly.
11
12 2011-08-06  Aron Rosenberg  <arosenberg@logitech.com>
13
14         Reviewed by Benjamin Poulain.
15
16         [Qt] Fix build with Intel compiler on Windows
17         https://bugs.webkit.org/show_bug.cgi?id=65088
18
19         Intel compiler needs .lib suffixes instead of .a
20         Intel compiler doesn't support nullptr
21         Intel compiler supports unsized arrays
22
23         * JavaScriptCore.pri:
24         * jsc.cpp:
25         * wtf/ByteArray.h:
26         * wtf/NullPtr.h:
27
28 2011-05-15  Gavin Barraclough  <barraclough@apple.com>
29
30         Reviewed by Geoff Garen & Michael Saboff.
31
32         https://bugs.webkit.org/show_bug.cgi?id=60860
33         Simplify backtracking in YARR JIT
34
35         YARR JIT currently performs a single pass of code generation over the pattern,
36         with special handling to allow the code generation for some backtracking code
37         out of line. We can simplify things by moving to a common mechanism whereby all
38         forwards matching code is generated in one pass, and all backtracking code is
39         generated in another. Backtracking code can be generated in reverse order, to
40         optimized the common fall-through case.
41
42         To make it easier to walk over the pattern, we can first convert to a more
43         byte-code like format before JIT generating. In time we should unify this with
44         the YARR interpreter to more closely unify the two.
45
46         * yarr/YarrJIT.cpp:
47         (JSC::Yarr::YarrGenerator::jumpIfNoAvailableInput):
48         (JSC::Yarr::YarrGenerator::YarrOp::YarrOp):
49         (JSC::Yarr::YarrGenerator::BacktrackingState::BacktrackingState):
50         (JSC::Yarr::YarrGenerator::BacktrackingState::append):
51         (JSC::Yarr::YarrGenerator::BacktrackingState::fallthrough):
52         (JSC::Yarr::YarrGenerator::BacktrackingState::link):
53         (JSC::Yarr::YarrGenerator::BacktrackingState::linkTo):
54         (JSC::Yarr::YarrGenerator::BacktrackingState::takeBacktracksToJumpList):
55         (JSC::Yarr::YarrGenerator::BacktrackingState::isEmpty):
56         (JSC::Yarr::YarrGenerator::BacktrackingState::linkDataLabels):
57         (JSC::Yarr::YarrGenerator::BacktrackingState::ReturnAddressRecord::ReturnAddressRecord):
58         (JSC::Yarr::YarrGenerator::generateAssertionBOL):
59         (JSC::Yarr::YarrGenerator::backtrackAssertionBOL):
60         (JSC::Yarr::YarrGenerator::generateAssertionEOL):
61         (JSC::Yarr::YarrGenerator::backtrackAssertionEOL):
62         (JSC::Yarr::YarrGenerator::matchAssertionWordchar):
63         (JSC::Yarr::YarrGenerator::generateAssertionWordBoundary):
64         (JSC::Yarr::YarrGenerator::backtrackAssertionWordBoundary):
65         (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
66         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterOnce):
67         (JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
68         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterFixed):
69         (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
70         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
71         (JSC::Yarr::YarrGenerator::generatePatternCharacterNonGreedy):
72         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
73         (JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
74         (JSC::Yarr::YarrGenerator::backtrackCharacterClassOnce):
75         (JSC::Yarr::YarrGenerator::generateCharacterClassFixed):
76         (JSC::Yarr::YarrGenerator::backtrackCharacterClassFixed):
77         (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy):
78         (JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy):
79         (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy):
80         (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):
81         (JSC::Yarr::YarrGenerator::generateTerm):
82         (JSC::Yarr::YarrGenerator::backtrackTerm):
83         (JSC::Yarr::YarrGenerator::generate):
84         (JSC::Yarr::YarrGenerator::backtrack):
85         (JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
86         (JSC::Yarr::YarrGenerator::opCompileParentheticalAssertion):
87         (JSC::Yarr::YarrGenerator::opCompileAlternative):
88         (JSC::Yarr::YarrGenerator::opCompileBody):
89         (JSC::Yarr::YarrGenerator::YarrGenerator):
90         (JSC::Yarr::YarrGenerator::compile):
91
92 2011-06-08  Mikołaj Małecki  <m.malecki@samsung.com>
93
94         Reviewed by Pavel Feldman.
95
96         Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.
97         https://bugs.webkit.org/show_bug.cgi?id=52791
98
99         No new tests. The problem can be reproduced by trying to create InspectorValue
100         from 1.0e-100 and call ->toJSONString() on this.
101
102         * JavaScriptCore.exp:
103         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
104         export 2 functions DecimalNumber::bufferLengthForStringExponential and
105         DecimalNumber::toStringExponential.
106
107 2011-07-26  Alexis Menard  <alexis.menard@openbossa.org>
108
109         Unreviewed build fix for Qt/Linux.
110
111         On platforms with no glib and gstreamer we should not build javascriptcore
112         with the Glib support. This is related to http://trac.webkit.org/changeset/91752.
113
114         * wtf/wtf.pri:
115
116 2011-07-26  Alexis Menard  <alexis.menard@openbossa.org>
117
118         Reviewed by Andreas Kling.
119
120         [Qt] Change default backend to use GStreamer on Linux and QuickTime on Mac.
121         https://bugs.webkit.org/show_bug.cgi?id=63472
122
123         Enable the bits needed for GStreamer only when QtMultimedia is not used.
124
125         * wtf/wtf.pri:
126
127 2011-07-12  Hui Huang  <Hui.2.Huang@nokia.com>
128
129         Reviewed by Laszlo Gombos.
130
131         [Qt] Fix compiling errors with QtWebkit 2.2 WINSCW build.
132         https://bugs.webkit.org/show_bug.cgi?id=64391
133
134         (QtWebKit-2.2 only, patch not in webkit trunk)
135
136         * parser/JSParser.cpp:
137         * runtime/JSONObject.cpp:
138         * wtf/PageAllocatorSymbian.h:
139         * wtf/Platform.h:
140         * wtf/text/AtomicString.h:
141         * wtf/text/StringStatics.cpp:
142
143
144 2011-07-13  Ademar de Souza Reis Jr.  <ademar.reis@openbossa.org>
145
146         Reviewed by Andreas Kling.
147
148         Broken build on QNX
149         https://bugs.webkit.org/show_bug.cgi?id=63717
150
151         QNX doesn't support pthread's SA_RESTART (required by
152         JSC_MULTIPLE_THREADS), JIT is broken at runtime and there a
153         few minor compilation errors here and there.
154
155         Original patch by Ritt Konstantin <ritt.ks@gmail.com>, also
156         tested by him on QNX v6.5 (x86)
157
158         * wtf/DateMath.cpp: fix usage of abs/labs
159         * wtf/Platform.h: Disable JIT and JSC_MULTIPLE_THREADS
160         * wtf/StackBounds.cpp: Add a couple of missing includes (and sort them)
161
162 2011-07-09  Thouraya Andolsi  <thouraya.andolsi@st.com>
163
164         Fix unaligned userspace access for SH4 platforms. 
165         https://bugs.webkit.org/show_bug.cgi?id=62993
166
167         * wtf/Platform.h:
168
169 2011-05-23  Matthew Delaney  <mdelaney@apple.com>
170
171         Reviewed by Simon Fraser.
172
173         Remove safeFloatToInt() in FloatRect.cpp and replace with working version of clampToInteger()
174         https://bugs.webkit.org/show_bug.cgi?id=58216
175
176         * wtf/MathExtras.h:
177         (clampToInteger):
178         (clampToPositiveInteger):
179
180 2011-06-20  Oliver Hunt  <oliver@apple.com>
181
182         Reviewed by Darin Adler.
183
184         REGRESSION (r79060): Searching for a flight at united.com fails
185         https://bugs.webkit.org/show_bug.cgi?id=63003
186
187         This original change also broke Twitter, and we attempted to refine the fix to 
188         address that problem (http://trac.webkit.org/changeset/80542), but since it still breaks United,
189         we need to revert the change until we understand the problem better.
190
191         * wtf/DateMath.cpp:
192         (WTF::parseDateFromNullTerminatedCharacters):
193
194 2011-06-09  Gavin Barraclough  <barraclough@apple.com>
195
196         Reviewed by Geoff Garen.
197
198         Bug 62405 - Fix integer overflow in Array.prototype.push
199
200         Fix geoff's review comments re static_cast.
201
202         * runtime/ArrayPrototype.cpp:
203         (JSC::arrayProtoFuncPush):
204
205 2011-06-09  Gavin Barraclough  <barraclough@apple.com>
206
207         Reviewed by Oliver Hunt.
208
209         Bug 62405 - Fix integer overflow in Array.prototype.push
210
211         There are three integer overflows here, leading to safe (not a security risk)
212         but incorrect (non-spec-compliant) behaviour.
213
214         Two overflows occur when calculating the new length after pushing (one in the
215         fast version of push in JSArray, one in the generic version in ArrayPrototype).
216         The other occurs calculating indices to write to when multiple items are pushed.
217
218         These errors result in three test-262 failures.
219
220         * runtime/ArrayPrototype.cpp:
221         (JSC::arrayProtoFuncPush):
222         * runtime/JSArray.cpp:
223         (JSC::JSArray::put):
224         (JSC::JSArray::push):
225
226 2011-06-08  Ademar de Souza Reis Jr.  <ademar.reis@openbossa.org>
227
228         Reviewed by Andreas Kling.
229
230         Webkit on SPARC Solaris has wrong endian
231         https://bugs.webkit.org/show_bug.cgi?id=29407
232
233         Bug 57256 fixed one crash on misaligned reads on sparc/solaris, but
234         there are more ocurrences of the same code pattern in webkit.
235
236         This patch includes the check on these other parts of the code.
237
238         This is a speculative fix, I don't have a sparc machine to test and
239         don't know which kind of test would trigger a crash (but it's quite
240         obvious that it's the same code duplicated in different files).
241
242         * runtime/UString.h:
243         (JSC::UStringHash::equal):
244         * wtf/text/StringHash.h:
245         (WTF::StringHash::equal):
246
247 2011-06-08  Yael Aharon  <yael.aharon@nokia.com>
248
249         Reviewed by Andreas Kling.
250
251         [Qt] Build fix for building QtWebKit inside of Qt.
252         https://bugs.webkit.org/show_bug.cgi?id=62280
253
254         Remove CONFIG=staticlib, because it causes the configure script to add -ljavascriptcore
255         into QtWebKit.prl.
256
257         No new tests, as this is just a build fix.
258
259         * JavaScriptCore.pri:
260
261 2011-06-03  Alexis Menard  <alexis.menard@openbossa.org>
262
263         Reviewed by Benjamin Poulain.
264
265         [Qt] Build fix of QtWebKit 2.2 when inside Qt tree with GCC 4.6.
266         https://bugs.webkit.org/show_bug.cgi?id=61957
267
268         When building inside the Qt source tree, qmake always append the mkspecs
269         defines after ours. We have to workaround and make sure that we append 
270         our flags after the qmake variable used inside Qt. This workaround was provided 
271         by our qmake folks. We need to append in both case because qmake behave differently
272         when called with -spec or via SUBDIR+=. This patch unbreak r87950 on Mac for Qt port.
273
274         * JavaScriptCore.pro:
275
276 2011-06-02  Alexis Menard  <alexis.menard@openbossa.org>
277
278         Reviewed by Andreas Kling.
279
280         [Qt] Build fix of QtWebKit 2.2 when inside Qt tree with GCC 4.6.
281         https://bugs.webkit.org/show_bug.cgi?id=61957
282
283         When building inside the Qt source tree, qmake always append the mkspecs
284         defines after ours. We have to workaround and make sure that we append  
285         our flags after the qmake variable used inside Qt. This workaround was provided
286         by our qmake folks.
287
288         * JavaScriptCore.pro:
289
290 2011-05-31  Oliver Hunt  <oliver@apple.com>
291
292         Reviewed by Geoffrey Garen.
293
294         Freezing a function and its prototype causes browser to crash.
295         https://bugs.webkit.org/show_bug.cgi?id=61758
296
297         Make JSObject::preventExtensions virtual so that we can override it
298         and instantiate all lazy
299
300         * JavaScriptCore.exp:
301         * runtime/JSFunction.cpp:
302         (JSC::createPrototypeProperty):
303         (JSC::JSFunction::preventExtensions):
304         (JSC::JSFunction::getOwnPropertySlot):
305         * runtime/JSFunction.h:
306         * runtime/JSObject.h:
307         * runtime/JSObject.cpp:
308         (JSC::JSObject::seal):
309         (JSC::JSObject::seal):
310
311 2011-05-12  Maciej Stachowiak  <mjs@apple.com>
312
313         Reviewed by Darin Adler.
314
315         XMLDocumentParserLibxml2 should play nice with strict OwnPtrs
316         https://bugs.webkit.org/show_bug.cgi?id=59394
317
318         This portion of the change introduces a PassTraits template, which
319         is used to enable takeFirst() to work for a Deque holding OwnPtrs,
320         and optimize it for a Deque holding RefPtrs. In the future it can
321         be deployed elsewhere to make our data structures work better with
322         our smart pointers.
323
324         * GNUmakefile.list.am:
325         * JavaScriptCore.gypi:
326         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
327         * JavaScriptCore.xcodeproj/project.pbxproj:
328         * wtf/CMakeLists.txt:
329         * wtf/Deque.h:
330         (WTF::::takeFirst):
331         * wtf/PassTraits.h: Added.
332         (WTF::PassTraits::transfer):
333
334 2011-05-26  Patrick Gansterer  <paroga@webkit.org>
335
336         Reviewed by Adam Barth.
337
338         ASSERT(isMainThread()) when using single threaded jsc executable
339         https://bugs.webkit.org/show_bug.cgi?id=60846
340
341         Remove the ASSERT since we do not have the concept of MainThread in JSC.
342
343         * wtf/CryptographicallyRandomNumber.cpp:
344         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
345         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
346
347 2011-05-20  Brady Eidson  <beidson@apple.com>
348
349         Reviewed by Sam Weinig.
350
351         <rdar://problem/9472883> and https://bugs.webkit.org/show_bug.cgi?id=61203
352         Horrendous bug in callOnMainThreadAndWait
353
354         * wtf/MainThread.cpp:
355         (WTF::dispatchFunctionsFromMainThread): Before signaling the background thread with the
356           syncFlag condition, reacquire the mutex first.
357
358 2011-05-20  Xan Lopez  <xlopez@igalia.com>
359
360         Reviewed by Oliver Hunt.
361
362         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
363         https://bugs.webkit.org/show_bug.cgi?id=42756
364
365         Use the MAP_NORESERVE flag for mmap on Linux to skip the kernel
366         check of the available memory. This should give us an
367         overcommit-like behavior in most systems, which is what we want.
368
369         * wtf/OSAllocatorPosix.cpp:
370         (WTF::OSAllocator::reserveAndCommit): pass MAP_NORSERVE to mmap.
371
372 2011-05-11  Igor Oliveira  <igor.oliveira@openbossa.org>
373
374         Reviewed by Eric Seidel.
375
376         WebKit does not build with GCCE
377         https://bugs.webkit.org/show_bug.cgi?id=60667
378
379         Allow compile WebKit with GCCE
380
381         * wtf/Alignment.h:
382         * wtf/Platform.h:
383
384 2011-05-18  Oliver Hunt  <oliver@apple.com>
385
386         Reviewed by Sam Weinig.
387
388         JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
389         https://bugs.webkit.org/show_bug.cgi?id=61090
390
391         Remove the Structure-free JSGlobalObject constructor and instead always
392         pass the structure into the JSGlobalObject constructor.
393         Stop DebuggerActivation creating a new structure every time, and simply
394         use a single shared structure held by the GlobalData.
395
396         * API/JSContextRef.cpp:
397         * debugger/DebuggerActivation.cpp:
398         (JSC::DebuggerActivation::DebuggerActivation):
399         * jsc.cpp:
400         (GlobalObject::GlobalObject):
401         (functionRun):
402         (jscmain):
403         * runtime/JSGlobalData.cpp:
404         (JSC::JSGlobalData::JSGlobalData):
405         (JSC::JSGlobalData::clearBuiltinStructures):
406         * runtime/JSGlobalData.h:
407         * runtime/JSGlobalObject.h:
408
409 2011-05-15  Geoffrey Garen  <ggaren@apple.com>
410
411         Reviewed by Maciej Stachowiak.
412
413         Partial fix for <rdar://problem/9417875> REGRESSION: SunSpider ~17% slower
414         in browser than on command line
415         
416         This patch fixes a few issues in generated code that could unreasonably
417         prolong object lifetimes.
418
419         * heap/Heap.cpp:
420         (JSC::Heap::collectAllGarbage): Throw away all function code before doing
421         a major collection. We want to clear polymorphic caches, since they can
422         keep alive large object graphs that have gone "stale". For the same reason,
423         but to a lesser extent, we also want to clear linked functions and other
424         one-off caches.
425
426         This has the side-benefit of reducing memory footprint from run-once
427         functions, and of allowing predictions and caches that have failed to
428         re-specialize.
429
430         Eventually, if compilation costs rise far enough, we may want a more
431         limited strategy for de-specializing code without throwing it away
432         completely, but this works for now, and it's the simplest solution.
433
434         * jit/JITStubs.cpp:
435         (JSC::JITThunks::hostFunctionStub):
436         * jit/JITStubs.h:
437         * runtime/JSFunction.cpp: Made the host function stub cache weak --
438         otherwise it's effectively a memory leak that can seriously fragment the
439         GC and JIT heaps.
440
441         (JSC::JSFunction::JSFunction):
442         (JSC::JSFunction::visitChildren): Cleared up some comments that confused
443         me when working with this code.
444
445 2011-05-07  Dawit Alemayehu  <adawit@kde.org>
446
447         Reviewed by Daniel Bates.
448
449         Fix compile with GCC 4.6.0
450         https://bugs.webkit.org/show_bug.cgi?id=60380
451
452         Remove unused local variable from code.
453
454         * runtime/StringPrototype.cpp:
455         (JSC::stringProtoFuncMatch):
456
457 2011-05-12  Keith Kyzivat  <keith.kyzivat@nokia.com>
458
459         Reviewed by Csaba Osztrogonác.
460
461         [Qt] Arm debug build failing on ARMAssembler::debugOffset()
462         https://bugs.webkit.org/show_bug.cgi?id=60688
463
464         Related to svn rev 85523
465
466         * assembler/ARMAssembler.h:
467         (JSC::ARMAssembler::debugOffset):
468
469 2011-05-11  Geoffrey Garen  <ggaren@apple.com>
470
471         Reviewed by Oliver Hunt.
472
473         <rdar://problem/9331651> REGRESSION: RPRVT grows by 1MB / sec @ dvd2blu.com
474         
475         SunSpider reports no change.
476
477         This bug was caused by changing Structure and Executable to being GC
478         objects, and by a long-standing bug that would thrash the global object
479         between dictionary and non-dictionary states.
480
481         * runtime/BatchedTransitionOptimizer.h:
482         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): Don't
483         eagerly transition to dictionary -- this can cause pathological dictionary
484         churn, and it's not necessary, since objects know how to automatically
485         transition to dictionary when necessary.
486
487         * runtime/Executable.cpp:
488         (JSC::EvalExecutable::compileInternal):
489         (JSC::ProgramExecutable::compileInternal):
490         (JSC::FunctionExecutable::compileForCallInternal):
491         (JSC::FunctionExecutable::compileForConstructInternal): Be sure to report
492         extra cost from compilation, because it can be quite high. This is especially
493         important for program code, since DOM timers can repeatedly allocate
494         program code without allocating any other objects.
495
496         * runtime/JSObject.cpp:
497         (JSC::JSObject::removeDirect): Don't transition to the uncacheable state
498         if the thing we're trying to remove doesn't exist. This can happen during
499         compilation, since the compiler needs to ensure that no pre-existing
500         conflicting definitions exist for certain declarations.
501
502 2011-05-11  Holger Hans Peter Freyther  <holger@moiji-mobile.com>
503
504         Unreviewed build fix.
505
506         [MIPS] Fix compilation of the MIPS JIT
507
508         Include the MIPSAssembler.h first to indirectly include
509         AssemblerBuffer.h before the AbstractMacroAssembler.h. This
510         order is used for the ARM and X86 MacroAssembler*.h
511
512         * assembler/MacroAssemblerMIPS.h:
513
514 2011-05-09  Darin Adler  <darin@apple.com>
515
516         Reviewed by Oliver Hunt.
517
518         http://bugs.webkit.org/show_bug.cgi?id=60509
519         Wrong type used for return value from strlen
520
521         * wtf/FastMalloc.cpp:
522         (WTF::fastStrDup): Use size_t. Also don't bother checking for failure since
523         fastMalloc won't return if it fails.
524
525 2011-05-05  Alexis Menard  <alexis.menard@openbossa.org>
526
527         Reviewed by Benjamin Poulain.
528
529         [Qt] Make QtWebKit build when using gcc 4.6.0
530         https://bugs.webkit.org/show_bug.cgi?id=60265
531
532         If QtWebKit is compiled with gcc 4.6.0 or later we don't want to deactivate
533         the c++0x support because it works.
534
535         * JavaScriptCore.pro:
536
537 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
538
539         Reviewed by Geoffrey Garen.
540
541         Port MachineStackMarker.cpp to Windows x64
542         https://bugs.webkit.org/show_bug.cgi?id=60216
543
544         * heap/MachineStackMarker.cpp:
545         (JSC::getPlatformThreadRegisters): the CONTEXT struct is usable also
546         on 64-bit Windows.
547         (JSC::otherThreadStackPointer): return the Rsp register on Windows x64.
548
549 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
550
551         Reviewed by Martin Robinson.
552
553         Link libjavascriptcoregtk on Windows with winmm.dll
554         https://bugs.webkit.org/show_bug.cgi?id=60215
555
556         * GNUmakefile.am:
557
558 2011-05-04  Tao Bai  <michaelbai@chromium.org>
559
560         Reviewed by David Kilzer.
561
562         Populate touch-icon url to FrameLoaderClient
563         https://bugs.webkit.org/show_bug.cgi?id=59143
564
565         * Configurations/FeatureDefines.xcconfig:
566
567 2011-05-03  Geoffrey Garen  <ggaren@apple.com>
568
569         Reviewed by Darin Adler.
570
571         <rdar://problem/9366557> Various crashes due to bad DFG codegen at canalplus.fr
572
573         * dfg/DFGSpeculativeJIT.cpp:
574         (JSC::DFG::SpeculativeJIT::checkArgumentTypes): Removed a stray line of
575         code that accidentally survived the conversion to a switch statement,
576         causing a lot of important code not to run most of the time.
577
578         Since this is not a trivial finger-picking mistake, I will not call it a
579         typo.
580
581 2011-05-04  Adam Roben  <aroben@apple.com>
582
583         Another attempted build fix
584
585         * wtf/OwnPtr.h:
586         (WTF::OwnPtr::operator==):
587         (WTF::OwnPtr::operator!=):
588         * wtf/PassOwnPtr.h:
589         (WTF::PassOwnPtr::operator==):
590         (WTF::PassOwnPtr::operator!=):
591         Added a return statement. And made a tweak based on a suggestion from Anders Carlsson.
592
593 2011-05-04  Adam Roben  <aroben@apple.com>
594
595         Try to fix Leopard, Qt, and probably others
596
597         * wtf/OwnPtr.h:
598         (WTF::OwnPtr::operator==):
599         (WTF::OwnPtr::operator!=):
600         * wtf/PassOwnPtr.h:
601         (WTF::PassOwnPtr::operator==):
602         (WTF::PassOwnPtr::operator!=):
603         Try to get the compiler not to instantiate these function templates unnecessarily.
604
605 2011-05-03  Adam Roben  <aroben@apple.com>
606
607         Disallow equality comparisons between [Pass]OwnPtrs
608
609         If you have two OwnPtrs that are equal, you've already lost. (Unless you're doing something
610         really sneaky, in which case you should stop!)
611
612         Fixes <http://webkit.org/b/60053> Testing OwnPtrs for equality should cause a compiler error
613
614         Reviewed by Anders Carlsson and Antti Koivisto.
615
616         * wtf/OwnPtr.h:
617         (WTF::OwnPtr::operator==):
618         (WTF::OwnPtr::operator!=):
619         * wtf/PassOwnPtr.h:
620         (WTF::PassOwnPtr::operator==):
621         (WTF::PassOwnPtr::operator!=):
622         Added private equality operators that fail to compile when used. (When not used, the
623         compiler will skip over them because they are function templates.)
624
625 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
626
627         Reviewed by Gavin Barraclough.
628
629         JITArithmetic.cpp produces a warning on a unused variable.
630         https://bugs.webkit.org/show_bug.cgi?id=60060
631
632         Just properly use what we already have converted.
633
634         * jit/JITArithmetic.cpp:
635         (JSC::JIT::emitSlow_op_add):
636         (JSC::JIT::emitSlow_op_mul):
637
638 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
639
640         Reviewed by Geoffrey Garen.
641
642         JITPropertyAccess produces a unused but set variable warning in gcc 4.6.0.
643         https://bugs.webkit.org/show_bug.cgi?id=60050
644
645         This patch fix a compilation warning. The new warning scenario -Wunused-but-set-variable
646         in gcc 4.6.0 is included in -Wall and therefore stops the compilation when warnings are treated
647         as errors. The patch introduces a new macro ASSERT_JIT_OFFSET_UNUSED and ASSERT_WITH_MESSAGE_UNUSED
648         which copy the idea of ASSERT_UNUSED.
649
650         * jit/JIT.h:
651         * jit/JITPropertyAccess.cpp:
652         (JSC::JIT::emit_op_method_check):
653         (JSC::JIT::compileGetByIdHotPath):
654         (JSC::JIT::emit_op_put_by_id):
655         * wtf/Assertions.h:
656         (assertWithMessageUnused):
657
658 2011-04-29  Jer Noble  <jer.noble@apple.com>
659
660         Reviewed by Eric Seidel.
661
662         Implement FULLSCREEN_API on Windows, Part 4: Enable it
663         https://bugs.webkit.org/show_bug.cgi?id=59798
664
665         * wtf/Platform.h: Set ENABLE_FULLSCREEN_API on win.
666
667 2011-05-03  Alexis Menard  <alexis.menard@openbossa.org>
668
669         Reviewed by Eric Seidel.
670
671         Unused but set variable warning in MacroAssemberX86_64
672         https://bugs.webkit.org/show_bug.cgi?id=59482
673
674         * assembler/MacroAssemblerX86_64.h:
675         (JSC::MacroAssemblerX86_64::call):
676         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
677         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
678
679 2011-05-03  Oliver Hunt  <oliver@apple.com>
680
681         Reviewed by Geoffrey Garen.
682
683         Make malloc validation useful
684         https://bugs.webkit.org/show_bug.cgi?id=57502
685
686         Reland this patch (rolled out in 82905) without
687         turning it on by default.
688
689         * JavaScriptCore.exp:
690         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
691         * wtf/FastMalloc.cpp:
692         (WTF::tryFastMalloc):
693         (WTF::fastMalloc):
694         (WTF::tryFastCalloc):
695         (WTF::fastCalloc):
696         (WTF::fastFree):
697         (WTF::tryFastRealloc):
698         (WTF::fastRealloc):
699         (WTF::fastMallocSize):
700         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
701         (WTF::TCMalloc_PageHeap::scheduleScavenger):
702         (WTF::TCMalloc_PageHeap::suspendScavenger):
703         (WTF::TCMalloc_PageHeap::signalScavenger):
704         (WTF::TCMallocStats::malloc):
705         (WTF::TCMallocStats::free):
706         (WTF::TCMallocStats::fastCalloc):
707         (WTF::TCMallocStats::tryFastCalloc):
708         (WTF::TCMallocStats::calloc):
709         (WTF::TCMallocStats::fastRealloc):
710         (WTF::TCMallocStats::tryFastRealloc):
711         (WTF::TCMallocStats::realloc):
712         (WTF::TCMallocStats::fastMallocSize):
713         * wtf/FastMalloc.h:
714         (WTF::Internal::fastMallocValidationHeader):
715         (WTF::Internal::fastMallocValidationSuffix):
716         (WTF::Internal::fastMallocMatchValidationType):
717         (WTF::Internal::setFastMallocMatchValidationType):
718         (WTF::fastMallocMatchValidateFree):
719         (WTF::fastMallocValidate):
720
721 2011-05-03  Xan Lopez  <xlopez@igalia.com>
722
723         Reviewed by Anders Carlsson.
724
725         Compile error with GCC 4.6.0, tries to assign unsigned& to bitfield
726         https://bugs.webkit.org/show_bug.cgi?id=59261
727
728         Use unary '+' to force proper type detection in template arguments
729         with GCC 4.6.0. See bug report for more details.
730
731         * runtime/Structure.cpp:
732         (JSC::StructureTransitionTable::remove): Use '+' to force precise type detection.
733         (JSC::StructureTransitionTable::add): ditto.
734         * runtime/Structure.h:
735         (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer): ditto.
736
737 2011-05-03  Jessie Berlin  <jberlin@apple.com>
738
739         Rubber-stamped by Adam Roben.
740
741         Revert r85550 and r85575.
742
743         Variables cannot be exported via the .def file. Instead, they should be annotated with
744         JS_EXPORTDATA.
745
746         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
747         * runtime/Structure.cpp:
748         (JSC::Structure::materializePropertyMap):
749         * runtime/Structure.h:
750         (JSC::Structure::typeInfo):
751         (JSC::Structure::previousID):
752         (JSC::Structure::propertyStorageCapacity):
753         (JSC::Structure::propertyStorageSize):
754         (JSC::Structure::get):
755         (JSC::Structure::materializePropertyMapIfNecessary):
756
757 2011-05-02  Adam Roben  <aroben@apple.com>
758
759         Allow implicit conversion from nullptr_t to PassOwnPtr
760
761         This makes it a lot easier to write code that just wants a null PassOwnPtr, especially in
762         strict PassOwnPtr mode.
763
764         Fixes <http://webkit.org/b/59964> Implicit conversion from std::nullptr_t to PassOwnPtr
765         doesn't work, but should
766
767         Reviewed by Adam Barth.
768
769         * wtf/PassOwnPtr.h:
770         (WTF::PassOwnPtr::PassOwnPtr): Added a non-explicit constructor that takes a nullptr_t.
771
772         * wtf/MessageQueue.h:
773         (WTF::::waitForMessageFilteredWithTimeout):
774         (WTF::::tryGetMessage):
775         Use the new implicit conversion.
776
777 2011-05-02  Jessie Berlin  <jberlin@apple.com>
778
779         Rubber-stamped by Oliver Hunt.
780
781         Remove an assertion that Windows was hitting on launch.
782
783         * runtime/Structure.cpp:
784         (JSC::Structure::materializePropertyMap):
785         * runtime/Structure.h:
786         (JSC::Structure::typeInfo):
787         (JSC::Structure::previousID):
788         (JSC::Structure::propertyStorageCapacity):
789         (JSC::Structure::propertyStorageSize):
790         (JSC::Structure::get):
791         (JSC::Structure::materializePropertyMapIfNecessary):
792
793 2011-05-02  Mark Rowe  <mrowe@apple.com>
794
795         Reviewed by Geoff Garen.
796
797         <rdar://problem/9371948> JavaScriptCore should build with GCC 4.2
798
799         * Configurations/CompilerVersion.xcconfig:
800
801 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
802
803         ARMv7 build fix.
804
805         * assembler/AbstractMacroAssembler.h:
806         (JSC::AbstractMacroAssembler::Jump::link):
807         (JSC::AbstractMacroAssembler::Jump::linkTo):
808
809 2011-05-02  Oliver Hunt  <oliver@apple.com>
810
811         Windows build fix.
812
813         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
814
815 2011-05-02  Michael Saboff  <msaboff@apple.com>
816
817         Reviewed by Geoffrey Garen.
818
819         crash in JSC::RegExp::match
820         https://bugs.webkit.org/show_bug.cgi?id=58922
821
822         Cleared chained backtrack data label when linking label even if that 
823         label doesn't chain itself.  This is needed so that subsequent 
824         backtrack data labels point to the next outer paren and not within 
825         the current paren.
826
827         * yarr/YarrJIT.cpp:
828         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
829
830 2011-05-02  Geoffrey Garen  <ggaren@apple.com>
831
832         Reviewed by Oliver Hunt.
833
834         Tiny bit of heap cleanup.
835
836         * heap/MarkedBlock.h:
837         (JSC::MarkedBlock::contains): Tightened up an assertion and a comment.
838
839         * heap/MarkedSpace.h:
840         (JSC::MarkedSpace::globalData):
841         (JSC::MarkedSpace::highWaterMark):
842         (JSC::MarkedSpace::setHighWaterMark): Moved inlines out of the class
843         definition, for better clarity.
844
845 2011-05-02  Oliver Hunt  <oliver@apple.com>
846
847         Reviewed by Gavin Barraclough.
848
849         Correct marking of interpreter data in mixed mode builds
850         https://bugs.webkit.org/show_bug.cgi?id=59962
851
852         We had a few places in mixed mode builds where we would not
853         track data used by the interpreter for marking.  This patch
854         corrects the problem and adds a number of assertions to catch
855         live Structures being collected.
856
857         * JavaScriptCore.exp:
858         * assembler/ARMv7Assembler.h:
859         (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
860         * bytecode/CodeBlock.cpp:
861         (JSC::CodeBlock::dump):
862         * bytecode/CodeBlock.h:
863         (JSC::CodeBlock::addPropertyAccessInstruction):
864         (JSC::CodeBlock::addGlobalResolveInstruction):
865         (JSC::CodeBlock::addStructureStubInfo):
866         (JSC::CodeBlock::addGlobalResolveInfo):
867         * bytecompiler/BytecodeGenerator.cpp:
868         (JSC::BytecodeGenerator::emitResolve):
869         (JSC::BytecodeGenerator::emitResolveWithBase):
870         (JSC::BytecodeGenerator::emitGetById):
871         (JSC::BytecodeGenerator::emitPutById):
872         (JSC::BytecodeGenerator::emitDirectPutById):
873         * runtime/Structure.cpp:
874         (JSC::Structure::materializePropertyMap):
875         * runtime/Structure.h:
876         (JSC::Structure::typeInfo):
877         (JSC::Structure::previousID):
878         (JSC::Structure::propertyStorageCapacity):
879         (JSC::Structure::propertyStorageSize):
880         (JSC::Structure::get):
881         (JSC::Structure::materializePropertyMapIfNecessary):
882
883 2011-05-02  Xan Lopez  <xlopez@igalia.com>
884
885         Reviewed by Alexey Proskuryakov.
886
887         Use native NullPtr when using GCC 4.6.0 and C++0x
888         https://bugs.webkit.org/show_bug.cgi?id=59252
889
890         GCC 4.6.0 has nullptr support, use it when possible.
891
892         * wtf/NullPtr.cpp: include config.h to pull in Platform.h before
893         NullPtr.h, since we need the GCC_VERSION_AT_LEAST definition.
894         * wtf/NullPtr.h: check for GCC >= 4.6.0 and C++0x in order to
895         use native nullptr.
896
897 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
898
899         Reviewed by Oliver Hunt.
900
901         https://bugs.webkit.org/show_bug.cgi?id=59950
902         Clean up AssemblerBuffer to use a Vector internally.
903
904         AssemblerBuffer handles reallocing a byte array itself - stop that.
905
906         * assembler/ARMAssembler.cpp:
907         (JSC::ARMAssembler::executableCopy):
908         * assembler/AssemblerBuffer.h:
909         (JSC::AssemblerLabel::AssemblerLabel):
910         (JSC::AssemblerLabel::labelAtOffset):
911         (JSC::AssemblerBuffer::AssemblerBuffer):
912         (JSC::AssemblerBuffer::~AssemblerBuffer):
913         (JSC::AssemblerBuffer::isAvailable):
914         (JSC::AssemblerBuffer::ensureSpace):
915         (JSC::AssemblerBuffer::isAligned):
916         (JSC::AssemblerBuffer::putIntegral):
917         (JSC::AssemblerBuffer::putIntegralUnchecked):
918         (JSC::AssemblerBuffer::putByteUnchecked):
919         (JSC::AssemblerBuffer::putByte):
920         (JSC::AssemblerBuffer::putShortUnchecked):
921         (JSC::AssemblerBuffer::putShort):
922         (JSC::AssemblerBuffer::putIntUnchecked):
923         (JSC::AssemblerBuffer::putInt):
924         (JSC::AssemblerBuffer::putInt64Unchecked):
925         (JSC::AssemblerBuffer::putInt64):
926         (JSC::AssemblerBuffer::codeSize):
927         (JSC::AssemblerBuffer::label):
928         (JSC::AssemblerBuffer::executableCopy):
929         (JSC::AssemblerBuffer::rewindToLabel):
930         (JSC::AssemblerBuffer::debugOffset):
931         (JSC::AssemblerBuffer::append):
932         (JSC::AssemblerBuffer::grow):
933         * assembler/AssemblerBufferWithConstantPool.h:
934         * assembler/MacroAssemblerX86_64.h:
935         (JSC::MacroAssemblerX86_64::linkCall):
936         * assembler/X86Assembler.h:
937         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
938
939 2011-05-02  Jeff Miller  <jeffm@apple.com>
940
941         Reviewed by Alexy Proskuryakov.
942
943         Avoid potential buffer overflow in WTFLog() and WTFLogVerbose()
944         https://bugs.webkit.org/show_bug.cgi?id=59949
945
946         * wtf/Assertions.cpp: Check for 0 or empty format string in WTFLog() and WTFLogVerbose().
947
948 2011-05-02  Adam Barth  <abarth@webkit.org>
949
950         Reviewed by Alexey Proskuryakov.
951
952         StringImpl::endsWith has some insane code
953         https://bugs.webkit.org/show_bug.cgi?id=59900
954
955         * wtf/text/StringImpl.cpp:
956         (WTF::StringImpl::endsWith):
957             - m_data shadows a member variable of the same name.
958
959 2011-05-02  Gabor Loki  <loki@webkit.org>
960
961         Buildfix for ARM after r85448
962
963         * assembler/ARMAssembler.h:
964         (JSC::ARMAssembler::loadBranchTarget):
965
966 2011-05-01  Oliver Hunt  <oliver@apple.com>
967
968         Reviewed by Gavin Barraclough.
969
970         Strict-mode only reserved words not reserved
971         https://bugs.webkit.org/show_bug.cgi?id=55342
972
973         Fix line number tracking when we rollback the lexer.
974
975         * parser/JSParser.cpp:
976         (JSC::JSParser::parseSourceElements):
977
978 2011-05-01  Oliver Hunt  <oliver@apple.com>
979
980         Reviewed by Gavin Barraclough.
981
982         ES5 Strict mode does not allow getter and setter for same propId
983         https://bugs.webkit.org/show_bug.cgi?id=57295
984
985         Simplify and correct the logic for strict mode object literals.
986
987         * parser/JSParser.cpp:
988         (JSC::JSParser::parseStrictObjectLiteral):
989
990 2011-05-01  Oliver Hunt  <oliver@apple.com>
991
992         Reviewed by Gavin Barraclough.
993
994         Assigning to function identifier under strict should throw
995         https://bugs.webkit.org/show_bug.cgi?id=59289
996
997         Add logic to StaticScopeObject to ensure we don't silently consume
998         writes to constant properties.
999
1000         * runtime/JSStaticScopeObject.cpp:
1001         (JSC::JSStaticScopeObject::put):
1002
1003 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
1004
1005         Reviewed by Sam Weinig.
1006
1007         https://bugs.webkit.org/show_bug.cgi?id=59903
1008         Use AssemblerLabel throughout Assembler classes, AssemblerBuffer
1009
1010         Creating a lable() into the AssemblerBuffer should return an AssemblerLabel,
1011         not an unsigned int.
1012
1013         * assembler/ARMAssembler.cpp:
1014         (JSC::ARMAssembler::executableCopy):
1015         * assembler/ARMAssembler.h:
1016         (JSC::ARMAssembler::blx):
1017         (JSC::ARMAssembler::label):
1018         (JSC::ARMAssembler::loadBranchTarget):
1019         * assembler/ARMv7Assembler.h:
1020         (JSC::ARMv7Assembler::b):
1021         (JSC::ARMv7Assembler::blx):
1022         (JSC::ARMv7Assembler::bx):
1023         (JSC::ARMv7Assembler::label):
1024         (JSC::ARMv7Assembler::ARMInstructionFormatter::label):
1025         * assembler/AssemblerBuffer.h:
1026         (JSC::AssemblerBuffer::label):
1027         * assembler/AssemblerBufferWithConstantPool.h:
1028         * assembler/MIPSAssembler.h:
1029         (JSC::MIPSAssembler::label):
1030         (JSC::MIPSAssembler::relocateJumps):
1031         * assembler/SH4Assembler.h:
1032         (JSC::SH4Assembler::loadConstant):
1033         (JSC::SH4Assembler::loadConstantUnReusable):
1034         (JSC::SH4Assembler::call):
1035         (JSC::SH4Assembler::jmp):
1036         (JSC::SH4Assembler::jne):
1037         (JSC::SH4Assembler::je):
1038         (JSC::SH4Assembler::label):
1039         (JSC::SH4Assembler::oneShortOp):
1040         * assembler/X86Assembler.h:
1041         (JSC::X86Assembler::call):
1042         (JSC::X86Assembler::jmp_r):
1043         (JSC::X86Assembler::label):
1044         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
1045         (JSC::X86Assembler::X86InstructionFormatter::label):
1046
1047 2011-05-01  Adam Barth  <abarth@webkit.org>
1048
1049         Reviewed by David Levin.
1050
1051         Enable strict mode for OwnPtr and PassOwnPtr
1052         https://bugs.webkit.org/show_bug.cgi?id=59428
1053
1054         * wtf/OwnPtr.h:
1055
1056 2011-05-01  Patrick Gansterer  <paroga@webkit.org>
1057
1058         Reviewed by Adam Barth.
1059
1060         Enable strict OwnPtr for PLATFORM(WIN)
1061         https://bugs.webkit.org/show_bug.cgi?id=59881
1062
1063         * wtf/OwnPtr.h:
1064
1065 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
1066
1067         Reviewed by Sam Weinig.
1068
1069         https://bugs.webkit.org/show_bug.cgi?id=59896
1070         Remove JmpSrc/JmpDst types.
1071
1072         The JmpSrc/JmpDst classes predate the MacroAssembler interface. Having these
1073         object be per-assembler in unhelpful, causes unnecessary code duplication,
1074         and prevents the AssemblerBuffer from providing a richer type for labels.
1075         The limited semantic meaning that they did convey is undermined by the manner
1076         in which their meanings have been overloaded (use of JmpSrc for Call, JmpDst
1077         for data labels).
1078
1079         Jumps on ARMv7 have had additional information added to the object via the
1080         ARMv7 JmpSrc. This data should probably be in the instruction stream. This
1081         patch does not fix the problem, and moves the data (ifdefed) to
1082         AbstractMacroAssembler::Jump (which is effectively where it was before!).
1083         This at least closes the hole such that no further data may be added to JmpSrc,
1084         but this is unfortunate, and should be cleaned up.
1085
1086         * assembler/ARMAssembler.h:
1087         (JSC::ARMAssembler::blx):
1088         (JSC::ARMAssembler::label):
1089         (JSC::ARMAssembler::align):
1090         (JSC::ARMAssembler::loadBranchTarget):
1091         (JSC::ARMAssembler::jmp):
1092         (JSC::ARMAssembler::linkPointer):
1093         (JSC::ARMAssembler::linkJump):
1094         (JSC::ARMAssembler::linkCall):
1095         (JSC::ARMAssembler::getRelocatedAddress):
1096         (JSC::ARMAssembler::getDifferenceBetweenLabels):
1097         (JSC::ARMAssembler::getCallReturnOffset):
1098         * assembler/ARMv7Assembler.h:
1099         (JSC::ARMv7Assembler::b):
1100         (JSC::ARMv7Assembler::blx):
1101         (JSC::ARMv7Assembler::bx):
1102         (JSC::ARMv7Assembler::label):
1103         (JSC::ARMv7Assembler::align):
1104         (JSC::ARMv7Assembler::getRelocatedAddress):
1105         (JSC::ARMv7Assembler::getDifferenceBetweenLabels):
1106         (JSC::ARMv7Assembler::getCallReturnOffset):
1107         (JSC::ARMv7Assembler::linkJump):
1108         (JSC::ARMv7Assembler::linkCall):
1109         (JSC::ARMv7Assembler::linkPointer):
1110         * assembler/AbstractMacroAssembler.h:
1111         (JSC::AbstractMacroAssembler::Label::isSet):
1112         (JSC::AbstractMacroAssembler::Call::Call):
1113         (JSC::AbstractMacroAssembler::Jump::Jump):
1114         (JSC::AbstractMacroAssembler::Jump::link):
1115         (JSC::AbstractMacroAssembler::Jump::linkTo):
1116         (JSC::AbstractMacroAssembler::linkPointer):
1117         (JSC::AbstractMacroAssembler::getLinkerAddress):
1118         * assembler/AssemblerBuffer.h:
1119         (JSC::AssemblerLabel::AssemblerLabel):
1120         (JSC::AssemblerLabel::isSet):
1121         * assembler/LinkBuffer.h:
1122         (JSC::LinkBuffer::patch):
1123         * assembler/MIPSAssembler.h:
1124         (JSC::MIPSAssembler::label):
1125         (JSC::MIPSAssembler::align):
1126         (JSC::MIPSAssembler::getRelocatedAddress):
1127         (JSC::MIPSAssembler::getDifferenceBetweenLabels):
1128         (JSC::MIPSAssembler::getCallReturnOffset):
1129         (JSC::MIPSAssembler::linkJump):
1130         (JSC::MIPSAssembler::linkCall):
1131         (JSC::MIPSAssembler::linkPointer):
1132         * assembler/MacroAssemblerARMv7.h:
1133         (JSC::MacroAssemblerARMv7::branchDouble):
1134         (JSC::MacroAssemblerARMv7::branchDoubleZeroOrNaN):
1135         (JSC::MacroAssemblerARMv7::jump):
1136         (JSC::MacroAssemblerARMv7::nearCall):
1137         (JSC::MacroAssemblerARMv7::call):
1138         (JSC::MacroAssemblerARMv7::ret):
1139         (JSC::MacroAssemblerARMv7::tailRecursiveCall):
1140         (JSC::MacroAssemblerARMv7::makeBranch):
1141         * assembler/MacroAssemblerMIPS.h:
1142         (JSC::MacroAssemblerMIPS::nearCall):
1143         (JSC::MacroAssemblerMIPS::call):
1144         (JSC::MacroAssemblerMIPS::tailRecursiveCall):
1145         (JSC::MacroAssemblerMIPS::branchTrue):
1146         (JSC::MacroAssemblerMIPS::branchFalse):
1147         (JSC::MacroAssemblerMIPS::branchEqual):
1148         (JSC::MacroAssemblerMIPS::branchNotEqual):
1149         * assembler/SH4Assembler.h:
1150         (JSC::SH4Assembler::call):
1151         (JSC::SH4Assembler::jmp):
1152         (JSC::SH4Assembler::jne):
1153         (JSC::SH4Assembler::je):
1154         (JSC::SH4Assembler::label):
1155         (JSC::SH4Assembler::align):
1156         (JSC::SH4Assembler::linkJump):
1157         (JSC::SH4Assembler::linkCall):
1158         (JSC::SH4Assembler::linkPointer):
1159         (JSC::SH4Assembler::getCallReturnOffset):
1160         (JSC::SH4Assembler::getRelocatedAddress):
1161         (JSC::SH4Assembler::getDifferenceBetweenLabels):
1162         (JSC::SH4Assembler::patchPointer):
1163         * assembler/X86Assembler.h:
1164         (JSC::X86Assembler::call):
1165         (JSC::X86Assembler::jmp):
1166         (JSC::X86Assembler::jmp_r):
1167         (JSC::X86Assembler::jne):
1168         (JSC::X86Assembler::jnz):
1169         (JSC::X86Assembler::je):
1170         (JSC::X86Assembler::jz):
1171         (JSC::X86Assembler::jl):
1172         (JSC::X86Assembler::jb):
1173         (JSC::X86Assembler::jle):
1174         (JSC::X86Assembler::jbe):
1175         (JSC::X86Assembler::jge):
1176         (JSC::X86Assembler::jg):
1177         (JSC::X86Assembler::ja):
1178         (JSC::X86Assembler::jae):
1179         (JSC::X86Assembler::jo):
1180         (JSC::X86Assembler::jp):
1181         (JSC::X86Assembler::js):
1182         (JSC::X86Assembler::jCC):
1183         (JSC::X86Assembler::label):
1184         (JSC::X86Assembler::labelFor):
1185         (JSC::X86Assembler::align):
1186         (JSC::X86Assembler::linkJump):
1187         (JSC::X86Assembler::linkCall):
1188         (JSC::X86Assembler::linkPointer):
1189         (JSC::X86Assembler::getCallReturnOffset):
1190         (JSC::X86Assembler::getRelocatedAddress):
1191         (JSC::X86Assembler::getDifferenceBetweenLabels):
1192         (JSC::X86Assembler::rewindToLabel):
1193         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
1194         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
1195         * jit/JIT.cpp:
1196         (JSC::JIT::privateCompileMainPass):
1197         * jit/JIT.h:
1198         * jit/JITInlineMethods.h:
1199         (JSC::JIT::atJumpTarget):
1200         (JSC::JIT::emitGetVirtualRegister):
1201         * jit/JITOpcodes.cpp:
1202         (JSC::JIT::emit_op_jmp):
1203         (JSC::JIT::emit_op_jfalse):
1204         (JSC::JIT::emit_op_jeq_null):
1205         (JSC::JIT::emit_op_jneq_null):
1206         (JSC::JIT::emit_op_jneq_ptr):
1207         (JSC::JIT::emit_op_jsr):
1208         (JSC::JIT::emit_op_jtrue):
1209         (JSC::JIT::emit_op_jmp_scopes):
1210
1211 2011-05-01  Chao-ying Fu  <fu@mips.com>
1212
1213         Reviewed by Eric Seidel.
1214
1215         Fix MIPS build due to the split of "Condition" enum
1216         https://bugs.webkit.org/show_bug.cgi?id=59407
1217
1218         * assembler/MIPSAssembler.h:
1219         (JSC::MIPSAssembler::debugOffset):
1220         * assembler/MacroAssemblerMIPS.h:
1221         (JSC::MacroAssemblerMIPS::branch32):
1222         (JSC::MacroAssemblerMIPS::compare32):
1223
1224 2011-04-30  Adam Barth  <abarth@webkit.org>
1225
1226         Reviewed by Adam Barth.
1227
1228         Enable strict OwnPtr for GTK
1229         https://bugs.webkit.org/show_bug.cgi?id=59861
1230
1231         * wtf/OwnPtr.h:
1232
1233 2011-04-30  Gavin Barraclough  <barraclough@apple.com>
1234
1235         ARMv7 build fix.
1236
1237         * assembler/AssemblerBufferWithConstantPool.h:
1238
1239 2011-04-30  Gavin Barraclough  <barraclough@apple.com>
1240
1241         Reviewed by Oliver Hunt.
1242
1243         Bug 59869 - AssemblerBuffer cleanup - disambiguate size()
1244
1245         The method size() is called on the AssemblerBuffer both to acquire
1246         the complete size of the code, and to get a position to use as a
1247         label into the code. Instead, add an explicit 'label' method.
1248
1249         * assembler/ARMAssembler.cpp:
1250         (JSC::ARMAssembler::executableCopy):
1251         * assembler/ARMAssembler.h:
1252         (JSC::ARMAssembler::blx):
1253         (JSC::ARMAssembler::codeSize):
1254         (JSC::ARMAssembler::label):
1255         (JSC::ARMAssembler::loadBranchTarget):
1256         * assembler/ARMv7Assembler.h:
1257         (JSC::ARMv7Assembler::b):
1258         (JSC::ARMv7Assembler::blx):
1259         (JSC::ARMv7Assembler::bx):
1260         (JSC::ARMv7Assembler::label):
1261         (JSC::ARMv7Assembler::codeSize):
1262         (JSC::ARMv7Assembler::ARMInstructionFormatter::codeSize):
1263         (JSC::ARMv7Assembler::ARMInstructionFormatter::data):
1264         * assembler/AbstractMacroAssembler.h:
1265         * assembler/AssemblerBuffer.h:
1266         (JSC::AssemblerBuffer::codeSize):
1267         (JSC::AssemblerBuffer::label):
1268         * assembler/AssemblerBufferWithConstantPool.h:
1269         * assembler/LinkBuffer.h:
1270         (JSC::LinkBuffer::LinkBuffer):
1271         (JSC::LinkBuffer::linkCode):
1272         * assembler/MIPSAssembler.h:
1273         (JSC::MIPSAssembler::newJmpSrc):
1274         (JSC::MIPSAssembler::appendJump):
1275         (JSC::MIPSAssembler::label):
1276         (JSC::MIPSAssembler::codeSize):
1277         (JSC::MIPSAssembler::relocateJumps):
1278         * assembler/SH4Assembler.h:
1279         (JSC::SH4Assembler::loadConstant):
1280         (JSC::SH4Assembler::loadConstantUnReusable):
1281         (JSC::SH4Assembler::call):
1282         (JSC::SH4Assembler::jmp):
1283         (JSC::SH4Assembler::jne):
1284         (JSC::SH4Assembler::je):
1285         (JSC::SH4Assembler::label):
1286         (JSC::SH4Assembler::executableCopy):
1287         (JSC::SH4Assembler::oneShortOp):
1288         (JSC::SH4Assembler::codeSize):
1289         * assembler/X86Assembler.h:
1290         (JSC::X86Assembler::call):
1291         (JSC::X86Assembler::jmp_r):
1292         (JSC::X86Assembler::codeSize):
1293         (JSC::X86Assembler::label):
1294         (JSC::X86Assembler::executableCopy):
1295         (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
1296         (JSC::X86Assembler::X86InstructionFormatter::codeSize):
1297         (JSC::X86Assembler::X86InstructionFormatter::label):
1298         (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
1299         * dfg/DFGJITCompiler.cpp:
1300         (JSC::DFG::JITCompiler::compileFunction):
1301         * jit/JIT.cpp:
1302         (JSC::JIT::privateCompile):
1303         * jit/JITOpcodes.cpp:
1304         (JSC::JIT::privateCompileCTIMachineTrampolines):
1305         * jit/JITOpcodes32_64.cpp:
1306         (JSC::JIT::privateCompileCTIMachineTrampolines):
1307         * yarr/YarrJIT.cpp:
1308         (JSC::Yarr::YarrGenerator::compile):
1309
1310 2011-04-29  Adam Barth  <abarth@webkit.org>
1311
1312         Attempt to fix the Windows build.
1313
1314         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1315
1316 2011-04-29  Adam Barth  <abarth@webkit.org>
1317
1318         Reviewed by Eric Seidel.
1319
1320         CSP script-src should block eval
1321         https://bugs.webkit.org/show_bug.cgi?id=59850
1322
1323         ggaren recommend a different approach to this patch, essentially
1324         installing a new function for function-eval and changing the AST
1325         representation of operator-eval to call function-eval.  However, I'm
1326         not sure that approach is workable because the ASTBuilder doesn't know
1327         about global objects, and there is added complication due to the cache.
1328
1329         This approach is more dynamic, adding a branch in EvalExecutable to
1330         detect whether eval is current disabled in the lexical scope.  The spec
1331         is slightly unclear about whether we should return undefined or throw
1332         an exception.  I've asked Brandon to clarify the spec, but throwing an
1333         exception seems natural.
1334
1335         * JavaScriptCore.exp:
1336         * runtime/Executable.cpp:
1337         (JSC::EvalExecutable::compileInternal):
1338         * runtime/JSGlobalObject.cpp:
1339         (JSC::JSGlobalObject::disableEval):
1340         * runtime/JSGlobalObject.h:
1341         (JSC::JSGlobalObject::JSGlobalObject):
1342         (JSC::JSGlobalObject::isEvalEnabled):
1343
1344 2011-04-29  Gavin Barraclough  <barraclough@apple.com>
1345
1346         Reviewed by Oliver Hunt.
1347
1348         https://bugs.webkit.org/show_bug.cgi?id=59847
1349         Remove linkOffset from LinkBuffer
1350
1351         This is redundant since removal of recompilation for exception info.
1352
1353         * assembler/LinkBuffer.h:
1354         (JSC::LinkBuffer::LinkBuffer):
1355         (JSC::LinkBuffer::linkCode):
1356         * dfg/DFGJITCompiler.cpp:
1357         (JSC::DFG::JITCompiler::compileFunction):
1358         * jit/JIT.cpp:
1359         (JSC::JIT::JIT):
1360         (JSC::JIT::privateCompile):
1361         * jit/JIT.h:
1362         (JSC::JIT::compile):
1363         (JSC::JIT::compileCTIMachineTrampolines):
1364         (JSC::JIT::compileCTINativeCall):
1365         * jit/JITOpcodes.cpp:
1366         (JSC::JIT::privateCompileCTIMachineTrampolines):
1367         * jit/JITOpcodes32_64.cpp:
1368         (JSC::JIT::privateCompileCTIMachineTrampolines):
1369         (JSC::JIT::privateCompileCTINativeCall):
1370         * jit/JITPropertyAccess.cpp:
1371         (JSC::JIT::stringGetByValStubGenerator):
1372         (JSC::JIT::privateCompilePutByIdTransition):
1373         (JSC::JIT::privateCompilePatchGetArrayLength):
1374         (JSC::JIT::privateCompileGetByIdProto):
1375         (JSC::JIT::privateCompileGetByIdSelfList):
1376         (JSC::JIT::privateCompileGetByIdProtoList):
1377         (JSC::JIT::privateCompileGetByIdChainList):
1378         (JSC::JIT::privateCompileGetByIdChain):
1379         * jit/JITPropertyAccess32_64.cpp:
1380         (JSC::JIT::stringGetByValStubGenerator):
1381         (JSC::JIT::privateCompilePutByIdTransition):
1382         (JSC::JIT::privateCompilePatchGetArrayLength):
1383         (JSC::JIT::privateCompileGetByIdProto):
1384         (JSC::JIT::privateCompileGetByIdSelfList):
1385         (JSC::JIT::privateCompileGetByIdProtoList):
1386         (JSC::JIT::privateCompileGetByIdChainList):
1387         (JSC::JIT::privateCompileGetByIdChain):
1388         * jit/SpecializedThunkJIT.h:
1389         (JSC::SpecializedThunkJIT::finalize):
1390         * yarr/YarrJIT.cpp:
1391         (JSC::Yarr::YarrGenerator::compile):
1392
1393 2011-04-29  Gavin Barraclough  <barraclough@apple.com>
1394
1395         Reviewed by Oliver Hunt & Geoff Garen.
1396
1397         https://bugs.webkit.org/show_bug.cgi?id=59221
1398         [RegexFuzz] Regression blocking testing
1399
1400         Okay, so the bug here is that when, in the case of a TypeParentheticalAssertion
1401         node, emitDisjunction recursively calls to itself to emit the nested disjunction
1402         the value of parenthesesInputCountAlreadyChecked is bogus (doesn't take into
1403         account the uncheck that has just taken place).
1404
1405         Also, the special handling given to countToCheck in the case of parenthetical
1406         assertions is nonsense, delete it, along with the isParentheticalAssertion argument.
1407
1408         * yarr/YarrInterpreter.cpp:
1409         (JSC::Yarr::ByteCompiler::emitDisjunction):
1410
1411 2011-04-29  Csaba Osztrogonác  <ossy@webkit.org>
1412
1413         Reviewed by Adam Barth.
1414
1415         Enable strict OwnPtr for Qt
1416         https://bugs.webkit.org/show_bug.cgi?id=59667
1417
1418         * wtf/OwnPtr.h:
1419
1420 2011-04-29  Dean Jackson  <dino@apple.com>
1421
1422         Reviewed by Simon Fraser.
1423
1424         Add ENABLE macro for WebKitAnimation
1425         https://bugs.webkit.org/show_bug.cgi?id=59729
1426
1427         Add new feature to toggle WebKit Animation API.
1428
1429         * Configurations/FeatureDefines.xcconfig:
1430
1431 2011-04-28  Sam Weinig  <sam@webkit.org>
1432
1433         Reviewed by Mark Rowe.
1434
1435         Install testapi.js along side testapi
1436         https://bugs.webkit.org/show_bug.cgi?id=59773
1437
1438         * JavaScriptCore.xcodeproj/project.pbxproj:
1439         Add new build phase to copy testapi.js to install path of testapi
1440         on install.
1441
1442 2011-04-28  David Levin  <levin@chromium.org>
1443
1444         Reviewed by Adam Barth.
1445
1446         Remove IMAGE_RESIZER related code.
1447         https://bugs.webkit.org/show_bug.cgi?id=59735
1448
1449         * Configurations/FeatureDefines.xcconfig:
1450
1451 2011-04-28  Gavin Barraclough  <barraclough@apple.com>
1452
1453         Reviewed by Oliver Hunt.
1454
1455         https://bugs.webkit.org/show_bug.cgi?id=59763
1456         DFG JIT - Unify FPRReg & FPRegisterID
1457
1458         (Following on from GPRReg/RegisterID unification).
1459
1460         * dfg/DFGFPRInfo.h:
1461         (JSC::DFG::FPRInfo::toRegister):
1462         (JSC::DFG::FPRInfo::debugName):
1463         * dfg/DFGGPRInfo.h:
1464         * dfg/DFGJITCodeGenerator.cpp:
1465         (JSC::DFG::JITCodeGenerator::fillDouble):
1466         (JSC::DFG::JITCodeGenerator::checkConsistency):
1467         * dfg/DFGJITCodeGenerator.h:
1468         (JSC::DFG::JITCodeGenerator::boxDouble):
1469         (JSC::DFG::JITCodeGenerator::unboxDouble):
1470         (JSC::DFG::JITCodeGenerator::flushRegisters):
1471         (JSC::DFG::JITCodeGenerator::isFlushed):
1472         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
1473         (JSC::DFG::JITCodeGenerator::setupStubArguments):
1474         (JSC::DFG::JITCodeGenerator::callOperation):
1475         (JSC::DFG::GPRResult::lockedResult):
1476         (JSC::DFG::FPRResult::lockedResult):
1477         * dfg/DFGJITCompiler.cpp:
1478         (JSC::DFG::JITCompiler::fillNumericToDouble):
1479         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
1480         (JSC::DFG::JITCompiler::compileFunction):
1481         * dfg/DFGJITCompiler.h:
1482         * dfg/DFGNode.h:
1483         * dfg/DFGNonSpeculativeJIT.cpp:
1484         (JSC::DFG::EntryLocation::EntryLocation):
1485         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
1486         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
1487         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
1488         (JSC::DFG::NonSpeculativeJIT::compile):
1489         * dfg/DFGNonSpeculativeJIT.h:
1490         (JSC::DFG::NonSpeculativeJIT::silentSpillAllRegisters):
1491         (JSC::DFG::NonSpeculativeJIT::silentFillAllRegisters):
1492         * dfg/DFGRegisterBank.h:
1493         (JSC::DFG::RegisterBank::iterator::regID):
1494         (JSC::DFG::RegisterBank::iterator::debugName):
1495         * dfg/DFGSpeculativeJIT.cpp:
1496         (JSC::DFG::SpeculationCheck::SpeculationCheck):
1497         (JSC::DFG::SpeculativeJIT::compile):
1498         * dfg/DFGSpeculativeJIT.h:
1499
1500 2011-04-28  David Kilzer  <ddkilzer@apple.com>
1501
1502         Revert "<http://webkit.org/b/59705> WTF::postTimer() leaks a CFRunLoopTimerRef every time it's called"
1503
1504         This reverts commit r85195.  It was crashing DumpRenderTree on Lion.
1505
1506         * wtf/mac/MainThreadMac.mm:
1507         (WTF::postTimer):
1508
1509 2011-04-28  Adam Barth  <abarth@webkit.org>
1510
1511         Reviewed by Eric Seidel.
1512
1513         Remove WML
1514         https://bugs.webkit.org/show_bug.cgi?id=59678
1515
1516         Remove the WML configuration option from the Mac build system.
1517
1518         * Configurations/FeatureDefines.xcconfig:
1519
1520 2011-04-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1521
1522         Unreviewed, rolling out r85233 and r85235.
1523         http://trac.webkit.org/changeset/85233
1524         http://trac.webkit.org/changeset/85235
1525         https://bugs.webkit.org/show_bug.cgi?id=59754
1526
1527         Causes issues with jsc. (Requested by dave_levin on #webkit).
1528
1529         * GNUmakefile.list.am:
1530         * JavaScriptCore.gypi:
1531         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1532         * JavaScriptCore.xcodeproj/project.pbxproj:
1533         * jit/ExecutableAllocator.h:
1534         (JSC::ExecutablePool::ExecutablePool):
1535         * parser/SourceProvider.h:
1536         (JSC::SourceProvider::SourceProvider):
1537         * runtime/RegExp.cpp:
1538         (JSC::RegExp::RegExp):
1539         * wtf/CMakeLists.txt:
1540         * wtf/RefCounted.h:
1541         (WTF::RefCountedBase::ref):
1542         (WTF::RefCountedBase::hasOneRef):
1543         (WTF::RefCountedBase::refCount):
1544         (WTF::RefCountedBase::derefBase):
1545         * wtf/SizeLimits.cpp:
1546         * wtf/ThreadRestrictionVerifier.h: Removed.
1547         * wtf/text/CString.h:
1548         (WTF::CStringBuffer::CStringBuffer):
1549
1550 2011-04-28  Gavin Barraclough  <barraclough@apple.com>
1551
1552         Reviewed by Oliver Hunt.
1553
1554         Bug 59740 - DFG JIT - Unify GPRReg & RegisterID
1555
1556         Currently we use a mix of enum values throughout the DFG JIT to  represent
1557         gpr registers - the RegisterID provided by the MacroAssembler, and the
1558         GPRReg enum giving the sequential register set over which the RegisterBank
1559         allocates. Unify the two.
1560
1561         Patch to unify FPRReg in a similar fashion will follow.
1562
1563         * JavaScriptCore.xcodeproj/project.pbxproj:
1564         * dfg/DFGFPRInfo.h: Added.
1565         (JSC::DFG::next):
1566         (JSC::DFG::FPRBankInfo::toRegister):
1567         (JSC::DFG::FPRBankInfo::toIndex):
1568         * dfg/DFGGPRInfo.h: Added.
1569         (JSC::DFG::GPRInfo::toRegister):
1570         (JSC::DFG::GPRInfo::toIndex):
1571         (JSC::DFG::GPRInfo::debugName):
1572         * dfg/DFGJITCodeGenerator.cpp:
1573         (JSC::DFG::JITCodeGenerator::fillInteger):
1574         (JSC::DFG::JITCodeGenerator::fillDouble):
1575         (JSC::DFG::JITCodeGenerator::fillJSValue):
1576         (JSC::DFG::JITCodeGenerator::dump):
1577         (JSC::DFG::JITCodeGenerator::checkConsistency):
1578         (JSC::DFG::GPRTemporary::GPRTemporary):
1579         (JSC::DFG::FPRTemporary::FPRTemporary):
1580         * dfg/DFGJITCodeGenerator.h:
1581         (JSC::DFG::JITCodeGenerator::boxDouble):
1582         (JSC::DFG::JITCodeGenerator::unboxDouble):
1583         (JSC::DFG::JITCodeGenerator::spill):
1584         (JSC::DFG::JITCodeGenerator::flushRegisters):
1585         (JSC::DFG::JITCodeGenerator::isFlushed):
1586         (JSC::DFG::JITCodeGenerator::bitOp):
1587         (JSC::DFG::JITCodeGenerator::shiftOp):
1588         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
1589         (JSC::DFG::JITCodeGenerator::setupStubArguments):
1590         (JSC::DFG::JITCodeGenerator::callOperation):
1591         (JSC::DFG::IntegerOperand::gpr):
1592         (JSC::DFG::DoubleOperand::gpr):
1593         (JSC::DFG::GPRTemporary::gpr):
1594         (JSC::DFG::FPRTemporary::gpr):
1595         (JSC::DFG::GPRResult::lockedResult):
1596         * dfg/DFGJITCompiler.cpp:
1597         (JSC::DFG::JITCompiler::fillNumericToDouble):
1598         (JSC::DFG::JITCompiler::fillInt32ToInteger):
1599         (JSC::DFG::JITCompiler::fillToJS):
1600         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
1601         (JSC::DFG::JITCompiler::compileFunction):
1602         (JSC::DFG::JITCompiler::jitAssertIsInt32):
1603         (JSC::DFG::JITCompiler::jitAssertIsJSInt32):
1604         (JSC::DFG::JITCompiler::jitAssertIsJSNumber):
1605         (JSC::DFG::JITCompiler::jitAssertIsJSDouble):
1606         * dfg/DFGJITCompiler.h:
1607         (JSC::DFG::JITCompiler::preserveReturnAddressAfterCall):
1608         (JSC::DFG::JITCompiler::restoreReturnAddressBeforeReturn):
1609         (JSC::DFG::JITCompiler::emitGetFromCallFrameHeaderPtr):
1610         (JSC::DFG::JITCompiler::emitPutToCallFrameHeader):
1611         (JSC::DFG::JITCompiler::emitPutImmediateToCallFrameHeader):
1612         (JSC::DFG::JITCompiler::addressForGlobalVar):
1613         (JSC::DFG::JITCompiler::addressFor):
1614         (JSC::DFG::JITCompiler::tagFor):
1615         (JSC::DFG::JITCompiler::payloadFor):
1616         * dfg/DFGNonSpeculativeJIT.cpp:
1617         (JSC::DFG::EntryLocation::EntryLocation):
1618         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
1619         (JSC::DFG::NonSpeculativeJIT::valueToInt32):
1620         (JSC::DFG::NonSpeculativeJIT::numberToInt32):
1621         (JSC::DFG::NonSpeculativeJIT::compile):
1622         * dfg/DFGNonSpeculativeJIT.h:
1623         (JSC::DFG::NonSpeculativeJIT::silentSpillGPR):
1624         (JSC::DFG::NonSpeculativeJIT::silentSpillFPR):
1625         (JSC::DFG::NonSpeculativeJIT::silentFillGPR):
1626         (JSC::DFG::NonSpeculativeJIT::silentFillFPR):
1627         (JSC::DFG::NonSpeculativeJIT::silentSpillAllRegisters):
1628         (JSC::DFG::NonSpeculativeJIT::silentFillAllRegisters):
1629         * dfg/DFGRegisterBank.h:
1630         (JSC::DFG::RegisterBank::allocate):
1631         (JSC::DFG::RegisterBank::retain):
1632         (JSC::DFG::RegisterBank::release):
1633         (JSC::DFG::RegisterBank::lock):
1634         (JSC::DFG::RegisterBank::unlock):
1635         (JSC::DFG::RegisterBank::isLocked):
1636         (JSC::DFG::RegisterBank::name):
1637         (JSC::DFG::RegisterBank::iterator::name):
1638         (JSC::DFG::RegisterBank::iterator::isLocked):
1639         (JSC::DFG::RegisterBank::iterator::release):
1640         (JSC::DFG::RegisterBank::iterator::gpr):
1641         (JSC::DFG::RegisterBank::iterator::debugName):
1642         (JSC::DFG::RegisterBank::iterator::operator++):
1643         (JSC::DFG::RegisterBank::iterator::operator!=):
1644         (JSC::DFG::RegisterBank::iterator::index):
1645         (JSC::DFG::RegisterBank::iterator::iterator):
1646         (JSC::DFG::RegisterBank::begin):
1647         (JSC::DFG::RegisterBank::end):
1648         (JSC::DFG::RegisterBank::isLockedAtIndex):
1649         (JSC::DFG::RegisterBank::nameAtIndex):
1650         (JSC::DFG::RegisterBank::releaseAtIndex):
1651         (JSC::DFG::RegisterBank::allocateInternal):
1652         (JSC::DFG::RegisterBank::MapEntry::MapEntry):
1653         * dfg/DFGScoreBoard.h:
1654         (JSC::DFG::ScoreBoard::~ScoreBoard):
1655         * dfg/DFGSpeculativeJIT.cpp:
1656         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
1657         (JSC::DFG::SpeculationCheck::SpeculationCheck):
1658         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1659         (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
1660         (JSC::DFG::SpeculativeJIT::compile):
1661         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
1662         (JSC::DFG::SpeculativeJIT::initializeVariableTypes):
1663         * dfg/DFGSpeculativeJIT.h:
1664         (JSC::DFG::SpeculateIntegerOperand::gpr):
1665
1666 2011-04-28  Oliver Hunt  <oliver@apple.com>
1667
1668         Reviewed by Gavin Barraclough.
1669
1670         Remove evil addressOfStructure() function
1671         https://bugs.webkit.org/show_bug.cgi?id=59739
1672
1673         Remove the addressOfStructure function from JSCell, and update
1674         callsites to use the same logic as testPrototype()
1675
1676         * jit/JITPropertyAccess.cpp:
1677         (JSC::JIT::privateCompileGetByIdProto):
1678         (JSC::JIT::privateCompileGetByIdProtoList):
1679         * jit/JITPropertyAccess32_64.cpp:
1680         (JSC::JIT::privateCompileGetByIdProto):
1681         (JSC::JIT::privateCompileGetByIdProtoList):
1682         * runtime/JSCell.h:
1683
1684 2011-04-28  Oliver Hunt  <oliver@apple.com>
1685
1686         Reviewed by Gavin Barraclough.
1687
1688         Clean up testPrototype()
1689         https://bugs.webkit.org/show_bug.cgi?id=59734
1690
1691         Remove direct pointer to the inside of a GC object and just do
1692         the indirect load manually.  Doesn't effect sunspider but does
1693         clean up the code quite a bit, and simplifies the handling of
1694         GC values.
1695
1696         * jit/JITPropertyAccess.cpp:
1697         (JSC::JIT::testPrototype):
1698
1699 2011-04-28  David Levin  <levin@chromium.org>
1700
1701         Build fix.
1702
1703         * wtf/RefCounted.h: Fix inverted ifdef.
1704
1705 2011-04-07  David Levin  <levin@chromium.org>
1706
1707         Reviewed by Darin Adler.
1708
1709         Add asserts to RefCounted to make sure ref/deref happens on the right thread.
1710         https://bugs.webkit.org/show_bug.cgi?id=31639
1711
1712         * GNUmakefile.list.am: Added new files to the build.
1713         * JavaScriptCore.gypi: Ditto.
1714         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1715         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1716         * jit/ExecutableAllocator.h:
1717         (JSC::ExecutablePool::ExecutablePool): Turned off checks for this
1718         due to not being able to figure out what was guarding it (bug 58091).
1719         * parser/SourceProvider.h:
1720         (JSC::SourceProvider::SourceProvider): Ditto.
1721         * runtime/RegExp.cpp:
1722         (JSC::RegExp::RegExp): Ditto.
1723         * wtf/CMakeLists.txt: Added new files to the build.
1724         * wtf/ThreadRestrictionVerifier.h: Added.
1725         Everything is done in the header to avoid the issue with exports
1726         that are only useful in debug but still needing to export them.
1727         * wtf/RefCounted.h:
1728         (WTF::RefCountedBase::ref): Added checks using the non thread safe verifier.
1729         and filed bug 58171 about making it stricter.
1730         (WTF::RefCountedBase::hasOneRef): Ditto.
1731         (WTF::RefCountedBase::refCount): Ditto.
1732         (WTF::RefCountedBase::setMutexForVerifier): Expose a way to change the checks to be based
1733         on a mutex. This is in the header to avoid adding more exports from JavaScriptCore.
1734         (WTF::RefCountedBase::deprecatedTurnOffVerifier): Temporary way to turn off verification.
1735         Filed bug 58174 to remove this method.
1736         (WTF::RefCountedBase::derefBase):
1737         * wtf/SizeLimits.cpp: Adjusted the debug size check for RefCounted.
1738         * wtf/text/CString.h:
1739         (WTF::CStringBuffer::CStringBuffer): Turned off checks for this while a fix is being
1740         done in Chromium's test_shell (bug 58093).
1741
1742 2011-04-28  Xan Lopez  <xlopez@igalia.com>
1743
1744         Unreviewed attempt to fix the build.
1745
1746         * GNUmakefile.am: add -lpthread.
1747
1748 2011-04-28  Oliver Hunt  <oliver@apple.com>
1749
1750         Reviewed by Gavin Barraclough.
1751
1752         Only need a single implementation of testPrototype
1753         https://bugs.webkit.org/show_bug.cgi?id=59724
1754
1755         Remove excess copy of identical testPrototype() code
1756
1757         * jit/JITPropertyAccess.cpp:
1758         (JSC::JIT::testPrototype):
1759         * jit/JITPropertyAccess32_64.cpp:
1760
1761 2011-04-28  Xan Lopez  <xlopez@igalia.com>
1762
1763         Reviewed by Martin Robinson.
1764
1765         [Gtk] Split JSC and WebCore builds
1766         https://bugs.webkit.org/show_bug.cgi?id=19428
1767
1768         Build JavaScriptCore as a libtool shared library instead of a
1769         private convenience library.
1770
1771         * GNUmakefile.am: define new jsc library and adapt to new name for
1772         javascriptcore target.
1773         * GNUmakefile.list.am: ditto.
1774
1775 2011-04-28  David Kilzer  <ddkilzer@apple.com>
1776
1777         <http://webkit.org/b/59705> WTF::postTimer() leaks a CFRunLoopTimerRef every time it's called
1778
1779         Reviewed by Simon Fraser.
1780
1781         * wtf/mac/MainThreadMac.mm:
1782         (WTF::postTimer): Use RetainPtr to plug the leak.
1783
1784 2011-04-27  Sam Weinig  <sam@webkit.org>
1785
1786         Reviewed by David Kilzer.
1787
1788         Add way to install testapi in production builds
1789         https://bugs.webkit.org/show_bug.cgi?id=59674
1790
1791         * Configurations/TestAPI.xcconfig: Copied from Configurations/JavaScriptCore.xcconfig.
1792         Add configuration file for TestAPI. In addition to name, we now specify an install path
1793         and allow SKIP_INSTALL to be overridden by setting FORCE_TOOL_INSTALL.
1794
1795         * JavaScriptCore.xcodeproj/project.pbxproj:
1796         Remove in-project build settings and add missing configuration files. Added missing CompilerVersion.xcconfig
1797         file.
1798
1799 2011-04-27  Adam Barth  <abarth@webkit.org>
1800
1801         Reviewed by David Levin.
1802
1803         Enable strict OwnPtrs for Chromium
1804         https://bugs.webkit.org/show_bug.cgi?id=59666
1805
1806         * wtf/OwnPtr.h:
1807
1808 2011-04-27  Oliver Hunt  <oliver@apple.com>
1809
1810         Reviewed by Geoffrey Garen.
1811
1812         Add ability to remove keys from weakmap API
1813         https://bugs.webkit.org/show_bug.cgi?id=59645
1814
1815         Add JSWeakObjectMapRemove API
1816
1817         * API/JSWeakObjectMapRefPrivate.cpp:
1818         * API/JSWeakObjectMapRefPrivate.h:
1819         * JavaScriptCore.exp:
1820
1821 2011-04-27  Adam Barth  <abarth@webkit.org>
1822
1823         Reviewed by David Levin.
1824
1825         Enable strict mode for OwnPtr
1826         https://bugs.webkit.org/show_bug.cgi?id=59428
1827
1828         This patch enables strict mode for OwnPtr on PLATFORM(MAC) only.
1829
1830         * wtf/OwnPtr.h:
1831
1832 2011-04-27  Steve Block  <steveblock@google.com>
1833
1834         Reviewed by David Levin.
1835
1836         Remove Android build system
1837         https://bugs.webkit.org/show_bug.cgi?id=48111
1838
1839         This is to avoid the maintenance burden until the Android port is
1840         fully upstreamed.
1841
1842         * Android.mk: Removed.
1843         * Android.v8.wtf.mk: Removed.
1844
1845 2011-04-27  Mark Rowe  <mrowe@apple.com>
1846
1847         Fix 32-bit build after r85036.
1848
1849         * wtf/Platform.h: USE(PLUGIN_HOST_PROCESS) is only true for 64-bit.
1850
1851 2011-04-27  Csaba Osztrogonác  <ossy@webkit.org>
1852
1853         Unreviewed buildfix after r85036.
1854
1855         Readd non-dead code.
1856
1857         * wtf/OSAllocatorPosix.cpp:
1858         (WTF::OSAllocator::reserveAndCommit):
1859
1860 2011-04-27  Adam Barth  <abarth@webkit.org>
1861
1862         Reviewed by Kenneth Russell.
1863
1864         OwnPtr assignment operator should be private
1865         https://bugs.webkit.org/show_bug.cgi?id=59487
1866
1867         Unfortunately we can't remove the copy constructor because of some
1868         detail about gcc.  (The issue is documented in a comment already.)
1869
1870         * wtf/OwnPtr.h:
1871
1872 2011-04-26  Sheriff Bot  <webkit.review.bot@gmail.com>
1873
1874         Unreviewed, rolling out r84977.
1875         http://trac.webkit.org/changeset/84977
1876         https://bugs.webkit.org/show_bug.cgi?id=59568
1877
1878         caused crashes on the SL WK2 bots (Requested by jessieberlin
1879         on #webkit).
1880
1881         * assembler/MacroAssemblerX86_64.h:
1882         (JSC::MacroAssemblerX86_64::call):
1883         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
1884         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
1885
1886 2011-04-26  Kevin Ollivier  <kevino@theolliviers.com>
1887
1888         Rubberstamped by Eric Seidel.
1889
1890         Enable waf to be used to build other ports
1891         https://bugs.webkit.org/show_bug.cgi?id=58213
1892
1893         * wscript:
1894
1895 2011-04-26  Sam Weinig  <sam@webkit.org>
1896
1897         Reviewed by David Hyatt.
1898
1899         Remove Datagrid from the tree
1900         https://bugs.webkit.org/show_bug.cgi?id=59543
1901
1902         * Configurations/FeatureDefines.xcconfig:
1903         Remove feature.
1904
1905 2011-04-26  Adrienne Walker  <enne@google.com>
1906
1907         Reviewed by Geoffrey Garen.
1908
1909         Fix incorrect use of OwnPtr<T*> in GCActivityCallback
1910         https://bugs.webkit.org/show_bug.cgi?id=59559
1911
1912         * runtime/GCActivityCallback.h:
1913
1914 2011-04-26  Xan Lopez  <xlopez@igalia.com>
1915
1916         Reviewed by Daniel Bates.
1917
1918         Unused but set variable warning in MacroAssembelX86_64
1919         https://bugs.webkit.org/show_bug.cgi?id=59482
1920
1921         * assembler/MacroAssemblerX86_64.h:
1922         (JSC::MacroAssemblerX86_64::call): do not declare the label
1923         variable if we are not going to use it.
1924         (JSC::MacroAssemblerX86_64::tailRecursiveCall): ditto.
1925         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall): ditto.
1926
1927 2011-04-26  Dan Bernstein  <mitz@apple.com>
1928
1929         Reviewed by Mark Rowe.
1930
1931         Choose the compiler based on the Xcode version for Snow Leopard debug builds.
1932
1933         * Configurations/Base.xcconfig:
1934         * Configurations/CompilerVersion.xcconfig: Added.
1935
1936 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
1937
1938         Reviewed by Oliver Hunt.
1939
1940         Nixed special finalizer handling for WebCore strings
1941         https://bugs.webkit.org/show_bug.cgi?id=59425
1942         
1943         SunSpider reports no change.
1944         
1945         Not needed anymore, since weak handles have finalizers.
1946
1947         * runtime/JSString.cpp:
1948         (JSC::JSString::resolveRope):
1949         (JSC::JSString::resolveRopeSlowCase):
1950         (JSC::JSString::outOfMemory):
1951         (JSC::JSString::substringFromRope):
1952         (JSC::JSString::replaceCharacter): Updated for removal of union.
1953
1954         * runtime/JSString.h:
1955         (JSC::RopeBuilder::JSString):
1956         (JSC::RopeBuilder::~JSString):
1957         (JSC::RopeBuilder::appendStringInConstruct):
1958         (JSC::RopeBuilder::appendValueInConstructAndIncrementLength): No need for
1959         union or special constructor anymore.
1960
1961 2011-04-26  Gabor Loki  <loki@webkit.org>
1962
1963         Reviewed by Csaba Osztrogonác.
1964
1965         Speeding up SVG filters with multicore (SMP) support
1966         https://bugs.webkit.org/show_bug.cgi?id=43903
1967
1968         Some SVG filters execute a huge number of pixel manipulations, which
1969         cannot be sped up by graphics accelerators, since their algorithm is
1970         too complex. Using the power of Symmetric Multi Processing (SMP) we
1971         can split up a task to smaller (data independent) tasks, which can be
1972         executed independently.
1973
1974         The ParallelJobs framework provides a simple way for distributed
1975         programming. The framework is based on WebKit's threading infrastructure,
1976         Open Multi-Processing's (OpenMP) API, and libdispatch API.
1977
1978         * GNUmakefile.list.am:
1979         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1980         * JavaScriptCore.xcodeproj/project.pbxproj:
1981         * wtf/CMakeLists.txt:
1982         * wtf/ParallelJobs.h: Added.
1983         (WTF::ParallelJobs::ParallelJobs):
1984         (WTF::ParallelJobs::numberOfJobs):
1985         (WTF::ParallelJobs::parameterForJob):
1986         (WTF::ParallelJobs::executeJobs):
1987         * wtf/ParallelJobsGeneric.cpp: Added.
1988         (WTF::ParallelEnvironment::ThreadPrivate::tryLockFor):
1989         (WTF::ParallelEnvironment::ThreadPrivate::executeJob):
1990         (WTF::ParallelEnvironment::ThreadPrivate::waitForFinish):
1991         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
1992         * wtf/ParallelJobsGeneric.h: Added.
1993         (WTF::ParallelEnvironment::ParallelEnvironment):
1994         (WTF::ParallelEnvironment::numberOfJobs):
1995         (WTF::ParallelEnvironment::parameterForJob):
1996         (WTF::ParallelEnvironment::executeJobs):
1997         (WTF::ParallelEnvironment::ThreadPrivate::ThreadPrivate):
1998         (WTF::ParallelEnvironment::ThreadPrivate::create):
1999         * wtf/ParallelJobsLibdispatch.h: Added.
2000         (WTF::ParallelEnvironment::ParallelEnvironment):
2001         (WTF::ParallelEnvironment::numberOfJobs):
2002         (WTF::ParallelEnvironment::parameterForJob):
2003         (WTF::ParallelEnvironment::executeJobs):
2004         * wtf/ParallelJobsOpenMP.h: Added.
2005         (WTF::ParallelEnvironment::ParallelEnvironment):
2006         (WTF::ParallelEnvironment::numberOfJobs):
2007         (WTF::ParallelEnvironment::parameterForJob):
2008         (WTF::ParallelEnvironment::executeJobs):
2009         * wtf/Platform.h:
2010         * wtf/wtf.pri:
2011
2012 2011-04-26  Mihai Parparita  <mihaip@chromium.org>
2013
2014         Reviewed by Adam Barth.
2015
2016         Turn off make built-in implicit rules for derived sources makefile
2017         https://bugs.webkit.org/show_bug.cgi?id=59418
2018         
2019         We don't use any of make's built-in implicit rules, turning them off
2020         speeds up parsing of the makefile.
2021
2022         * JavaScriptCore.xcodeproj/project.pbxproj:
2023         * gyp/generate-derived-sources.sh:
2024
2025 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
2026
2027         Reviewed by Oliver Hunt.
2028
2029         Custom prototypes on DOM objects don't persist after garbage collection
2030         https://bugs.webkit.org/show_bug.cgi?id=59412
2031         
2032         SunSpider reports no change.
2033         
2034         The hasCustomProperties() check didn't check for a custom prototype.
2035
2036         * runtime/JSObject.h:
2037         (JSC::JSObject::hasCustomProperties): Changed to delegate to Structure
2038         because it is the "truth" about an object's pedigree.
2039
2040         * runtime/Structure.cpp:
2041         (JSC::Structure::Structure):
2042         * runtime/Structure.h:
2043         (JSC::Structure::didTransition): Track whether a Structure has ever
2044         transitioned for any reason. If so, we have to assume that the object
2045         holding it is custom in some way.
2046
2047 2011-04-25  Gavin Barraclough  <barraclough@apple.com>
2048
2049         Reviewed by Geoff Garen.
2050
2051         https://bugs.webkit.org/show_bug.cgi?id=59405
2052         DFG JIT - add type speculation for integer & array types, for vars & args.
2053
2054         If a var or argument is used as the base for a GetByVal or PutByVal access
2055         we are speculating that it is of type Array (we only generate code on the
2056         speculative path to perform array accesses). By typing the var or args slot
2057         as Array, and checking on entry to the function (in the case of args), and
2058         each time the local is written to, we can avoid a type check at each point
2059         the array is accessed. This will typically hoist type checks out of loops.
2060
2061         Similarly, any local that is incremented or decremented, or is the input or
2062         output or a bitwise operator, is likely to be an integer. By typing the
2063         local as int32 we can avoid speculation checks on access, and tagging when
2064         writing to the slot. All accesses can become 32bit instead of 64.
2065
2066         * dfg/DFGByteCodeParser.cpp:
2067         (JSC::DFG::ByteCodeParser::set):
2068         (JSC::DFG::ByteCodeParser::predictArray):
2069         (JSC::DFG::ByteCodeParser::predictInt32):
2070         (JSC::DFG::ByteCodeParser::parseBlock):
2071         * dfg/DFGGraph.h:
2072         (JSC::DFG::PredictionSlot::PredictionSlot):
2073         (JSC::DFG::Graph::Graph):
2074         (JSC::DFG::Graph::predict):
2075         (JSC::DFG::Graph::getPrediction):
2076         * dfg/DFGJITCompiler.cpp:
2077         (JSC::DFG::JITCompiler::compileFunction):
2078         * dfg/DFGJITCompiler.h:
2079         (JSC::DFG::JITCompiler::tagFor):
2080         (JSC::DFG::JITCompiler::payloadFor):
2081         * dfg/DFGNode.h:
2082         * dfg/DFGNonSpeculativeJIT.cpp:
2083         (JSC::DFG::NonSpeculativeJIT::compile):
2084         * dfg/DFGSpeculativeJIT.cpp:
2085         (JSC::DFG::SpeculativeJIT::compile):
2086         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
2087         (JSC::DFG::SpeculativeJIT::initializeVariableTypes):
2088         * dfg/DFGSpeculativeJIT.h:
2089         * runtime/Executable.cpp:
2090         (JSC::tryDFGCompile):
2091
2092 2011-04-25  David Levin  <levin@chromium.org>
2093
2094         Reviewed by James Robinson.
2095
2096         Fix OwnPtr strict mode violation in MessageQueue.h
2097         https://bugs.webkit.org/show_bug.cgi?id=59400
2098
2099         * wtf/MessageQueue.h:
2100         (WTF::::waitForMessage):
2101         (WTF::::waitForMessageFilteredWithTimeout):
2102         (WTF::::tryGetMessage):
2103
2104 2011-04-25  Adam Barth  <abarth@webkit.org>
2105
2106         Reviewed by Darin Adler.
2107
2108         JavaScriptCore should play nice strict OwnPtrs
2109         https://bugs.webkit.org/show_bug.cgi?id=59401
2110
2111         * dfg/DFGByteCodeParser.cpp:
2112         (JSC::DFG::ByteCodeParser::parse):
2113         * heap/Heap.cpp:
2114         (JSC::TypeCounter::TypeCounter):
2115         * jit/JITStubs.cpp:
2116         (JSC::JITThunks::JITThunks):
2117         * parser/JSParser.cpp:
2118         (JSC::JSParser::Scope::Scope):
2119         * yarr/YarrJIT.cpp:
2120         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
2121
2122 2011-04-25  Mark Rowe  <mrowe@apple.com>
2123
2124         Build fix.
2125
2126         * wtf/ListHashSet.h:
2127
2128 2011-04-25  Gavin Barraclough  <barraclough@apple.com>
2129
2130         Reviewed by Oliver Hunt.
2131
2132         Bug 59370 - DFG JIT - fix leak of BlocksBlocks
2133         (put the blocks immediately into an OwnPtr).
2134
2135         * dfg/DFGByteCodeParser.cpp:
2136         (JSC::DFG::ByteCodeParser::parse):
2137
2138 2011-04-25  James Robinson  <jamesr@chromium.org>
2139
2140         Reviewed by David Levin.
2141
2142         Fix strict OwnPtr violations in ListHashSet and RenderLayerCompositor
2143         https://bugs.webkit.org/show_bug.cgi?id=59353
2144
2145         * wtf/ListHashSet.h:
2146         (WTF::::ListHashSet):
2147
2148 2011-04-25  David Levin  <levin@chromium.org>
2149
2150         Reviewed by Adam Barth.
2151
2152         Fix PassOwnPtr issues in Structure and JSGlobalData.cpp
2153         https://bugs.webkit.org/show_bug.cgi?id=59347
2154
2155         * runtime/JSGlobalData.cpp:
2156         (JSC::JSGlobalData::JSGlobalData):
2157         * runtime/Structure.cpp:
2158         (JSC::Structure::copyPropertyTable):
2159         (JSC::Structure::createPropertyMap):
2160         * runtime/Structure.h:
2161
2162 2011-04-25  Oliver Hunt  <oliver@apple.com>
2163
2164         Reviewed by Geoffrey Garen.
2165
2166         Make ClassInfo required when creating a Structure
2167         https://bugs.webkit.org/show_bug.cgi?id=59340
2168
2169         Add ClassInfo to all those types which currently don't
2170         have it, and add an assertion to Structure::create to
2171         ensure that the provided classInfo is not null.
2172
2173         * runtime/Executable.h:
2174         (JSC::EvalExecutable::createStructure):
2175         (JSC::ProgramExecutable::createStructure):
2176         (JSC::FunctionExecutable::createStructure):
2177         * runtime/GetterSetter.cpp:
2178         * runtime/GetterSetter.h:
2179         (JSC::GetterSetter::createStructure):
2180         * runtime/JSAPIValueWrapper.cpp:
2181         * runtime/JSAPIValueWrapper.h:
2182         (JSC::JSAPIValueWrapper::createStructure):
2183         * runtime/JSCell.cpp:
2184         * runtime/JSCell.h:
2185         * runtime/JSString.cpp:
2186         * runtime/JSString.h:
2187         (JSC::RopeBuilder::createStructure):
2188         * runtime/Structure.h:
2189         (JSC::Structure::create):
2190         (JSC::JSCell::createDummyStructure):
2191
2192 2011-04-25  David Levin  <levin@chromium.org>
2193
2194         Reviewed by Adam Barth.
2195
2196         PropertyMapHashTable.h should use adoptPtr instead of implicit conversions to PassRefPtr.
2197         https://bugs.webkit.org/show_bug.cgi?id=59342
2198
2199         This patch is to prepare for the strict OwnPtr hack-a-thon.
2200
2201         * runtime/PropertyMapHashTable.h:
2202         (JSC::PropertyTable::copy):
2203
2204 2011-04-25  Thouraya ANDOLSI  <thouraya.andolsi@st.com>
2205
2206         Reviewed by Gavin Barraclough.
2207
2208         Rationalize MacroAssembler branch methods
2209         https://bugs.webkit.org/show_bug.cgi?id=58950
2210
2211         split out the 'Condition' enum into 'RelationalCondition' and 'ResultCondition' 
2212         and apply related changes (only for SH4 platforms).
2213
2214         * assembler/MacroAssemblerSH4.cpp:
2215         * assembler/MacroAssemblerSH4.h:
2216         (JSC::MacroAssemblerSH4::compare32):
2217         (JSC::MacroAssemblerSH4::branch32WithUnalignedHalfWords):
2218         (JSC::MacroAssemblerSH4::branchDouble):
2219         (JSC::MacroAssemblerSH4::branch32):
2220         (JSC::MacroAssemblerSH4::branchTest8):
2221         (JSC::MacroAssemblerSH4::branch8):
2222         (JSC::MacroAssemblerSH4::branchTruncateDoubleToInt32):
2223         (JSC::MacroAssemblerSH4::test8):
2224         (JSC::MacroAssemblerSH4::branch16):
2225         (JSC::MacroAssemblerSH4::branchTest32):
2226         (JSC::MacroAssemblerSH4::branchAdd32):
2227         (JSC::MacroAssemblerSH4::branchMul32):
2228         (JSC::MacroAssemblerSH4::branchSub32):
2229         (JSC::MacroAssemblerSH4::branchOr32):
2230         (JSC::MacroAssemblerSH4::branchConvertDoubleToInt32):
2231         (JSC::MacroAssemblerSH4::branchPtrWithPatch):
2232         (JSC::MacroAssemblerSH4::SH4Condition):
2233         * assembler/SH4Assembler.h:
2234         (JSC::SH4Assembler::cmpEqImmR0):
2235
2236 2011-04-25  Adam Barth  <abarth@webkit.org>
2237
2238         Reviewed by Eric Seidel.
2239
2240         PropertyMapHashTable should work with strict OwnPtr
2241         https://bugs.webkit.org/show_bug.cgi?id=59337
2242
2243         This patch is in preparation for the strict OwnPtr hack-a-thon.
2244
2245         * runtime/PropertyMapHashTable.h:
2246         (JSC::PropertyTable::PropertyTable):
2247         (JSC::PropertyTable::addDeletedOffset):
2248
2249 2011-04-25  Geoffrey Garen  <ggaren@apple.com>
2250
2251         Reviewed by Sam Weinig.
2252
2253         Nixed MarkStack::deprecatedAppend, since it has no clients left.
2254
2255         * heap/MarkStack.h:
2256
2257 2011-04-23  Gavin Barraclough  <barraclough@apple.com>
2258
2259         Reviewed by Oliver Hunt.
2260
2261         Bug 59287 - DFG JIT - Handle temporaries as vars, allowing support for ?:
2262
2263         SetLocals to temporaries will only be generated if they are used within other
2264         blocks, due to the SSA based DCE.
2265
2266         * dfg/DFGByteCodeParser.cpp:
2267         (JSC::DFG::ByteCodeParser::ByteCodeParser):
2268         (JSC::DFG::ByteCodeParser::get):
2269         (JSC::DFG::ByteCodeParser::set):
2270         (JSC::DFG::ByteCodeParser::getLocal):
2271         (JSC::DFG::ByteCodeParser::setLocal):
2272         (JSC::DFG::ByteCodeParser::parseBlock):
2273         (JSC::DFG::ByteCodeParser::processPhiStack):
2274         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
2275         (JSC::DFG::ByteCodeParser::parse):
2276         * dfg/DFGGraph.h:
2277         (JSC::DFG::BasicBlock::BasicBlock):
2278
2279 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2280
2281         Reviewed by Sam Weinig & Geoff Garen.
2282
2283         Bug 59266 - DFG JIT - Add SSA style DCE
2284
2285         This works by making GetLocal nodes reference SetLocal nodes from prior blocks,
2286         via intermediate Phi nodes. Whenever we add a GetLocal to the graph, also add a
2287         matching child Phi, and add the Phi to a work queue to add references to prior
2288         definitions once we have the full CFG & can determine predecessors. This process
2289         is iterative, inserting new phis into predecessors as necessary.
2290
2291         * dfg/DFGByteCodeParser.cpp:
2292         (JSC::DFG::ByteCodeParser::getVariable):
2293         (JSC::DFG::ByteCodeParser::setVariable):
2294         (JSC::DFG::ByteCodeParser::getArgument):
2295         (JSC::DFG::ByteCodeParser::setArgument):
2296         (JSC::DFG::ByteCodeParser::parseBlock):
2297         (JSC::DFG::ByteCodeParser::processWorkQueue):
2298         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
2299         (JSC::DFG::ByteCodeParser::parse):
2300         * dfg/DFGGraph.cpp:
2301         (JSC::DFG::Graph::dump):
2302         (JSC::DFG::Graph::refChildren):
2303         * dfg/DFGGraph.h:
2304         (JSC::DFG::Graph::ref):
2305         * dfg/DFGNode.h:
2306         (JSC::DFG::Node::ref):
2307         * dfg/DFGNonSpeculativeJIT.cpp:
2308         (JSC::DFG::NonSpeculativeJIT::compile):
2309         * dfg/DFGScoreBoard.h:
2310         (JSC::DFG::ScoreBoard::~ScoreBoard):
2311         (JSC::DFG::ScoreBoard::dump):
2312         * dfg/DFGSpeculativeJIT.cpp:
2313         (JSC::DFG::SpeculativeJIT::compile):
2314
2315 2011-04-22  Vitaly Repeshko  <vitalyr@chromium.org>
2316
2317         Reviewed by Adam Barth.
2318
2319         Add missing default constructors for HashMap iterator specializations.
2320         https://bugs.webkit.org/show_bug.cgi?id=59250
2321
2322         * wtf/HashIterators.h:
2323         * wtf/HashTable.h:
2324         (WTF::HashTableConstIterator::HashTableConstIterator): Added cast
2325         to help compiler find the function template.
2326
2327 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2328
2329         Reviewed by Sam Weinig.
2330
2331         Bug 59262 - DFG JIT - reduce size of VariableRecord
2332
2333         We never need both the get & set node, only the most recent
2334         (which is always a set, if both exist).
2335
2336         * dfg/DFGByteCodeParser.cpp:
2337         (JSC::DFG::ByteCodeParser::getVariable):
2338         (JSC::DFG::ByteCodeParser::setVariable):
2339         (JSC::DFG::ByteCodeParser::getArgument):
2340         (JSC::DFG::ByteCodeParser::setArgument):
2341         (JSC::DFG::ByteCodeParser::parseBlock):
2342         * dfg/DFGGraph.h:
2343         (JSC::DFG::VariableRecord::VariableRecord):
2344
2345 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2346
2347         Reviewed by Geoffrey Garen.
2348
2349         Bug 59254 - DFG JIT - retain VariableRecords for args/var in all basic blocks,
2350         such that this information is available for DCE.  Also, since this enlarges the
2351         size of BasicBlock, make Graph hold a vector of pointers to basic blocks, not a
2352         vector of blocks.
2353
2354         * dfg/DFGByteCodeParser.cpp:
2355         (JSC::DFG::ByteCodeParser::ByteCodeParser):
2356         (JSC::DFG::ByteCodeParser::get):
2357         (JSC::DFG::ByteCodeParser::set):
2358         (JSC::DFG::ByteCodeParser::getVariable):
2359         (JSC::DFG::ByteCodeParser::setVariable):
2360         (JSC::DFG::ByteCodeParser::getArgument):
2361         (JSC::DFG::ByteCodeParser::setArgument):
2362         (JSC::DFG::ByteCodeParser::parseBlock):
2363         (JSC::DFG::ByteCodeParser::setupPredecessors):
2364         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
2365         (JSC::DFG::ByteCodeParser::parse):
2366         * dfg/DFGGraph.cpp:
2367         (JSC::DFG::Graph::dump):
2368         * dfg/DFGGraph.h:
2369         (JSC::DFG::VariableRecord::VariableRecord):
2370         (JSC::DFG::BasicBlock::BasicBlock):
2371         (JSC::DFG::BasicBlock::getBytecodeBegin):
2372         (JSC::DFG::Graph::blockIndexForBytecodeOffset):
2373         (JSC::DFG::Graph::blockForBytecodeOffset):
2374         * dfg/DFGNonSpeculativeJIT.cpp:
2375         (JSC::DFG::NonSpeculativeJIT::compile):
2376         * dfg/DFGSpeculativeJIT.cpp:
2377         (JSC::DFG::SpeculativeJIT::compile):
2378         * dfg/DFGSpeculativeJIT.h:
2379         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
2380
2381 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2382
2383         Errk, build fix.
2384
2385         * dfg/DFGSpeculativeJIT.cpp:
2386         (JSC::DFG::SpeculativeJIT::compile):
2387
2388 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2389
2390         Reviewed by Sam Weinig.
2391
2392         Quick cleanup to SpeculativeJIT/NonSpeculativeJIT compile loop,
2393         move out the call to checkConsistency().
2394
2395         * dfg/DFGNonSpeculativeJIT.cpp:
2396         (JSC::DFG::NonSpeculativeJIT::compile):
2397         * dfg/DFGSpeculativeJIT.cpp:
2398         (JSC::DFG::SpeculativeJIT::compile):
2399         * dfg/DFGSpeculativeJIT.h:
2400         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
2401         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
2402
2403 2011-04-21  Vitaly Repeshko  <vitalyr@chromium.org>
2404
2405         Reviewed by Adam Barth.
2406
2407         Provide default constructors for HashMap iterators.
2408         https://bugs.webkit.org/show_bug.cgi?id=59151
2409
2410         These will be used to implement an iterator over EventTarget's
2411         listeners.
2412
2413         * wtf/HashTable.h:
2414         (WTF::HashTableConstIteratorAdapter::HashTableConstIteratorAdapter):
2415         (WTF::HashTableIteratorAdapter::HashTableIteratorAdapter):
2416
2417 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2418
2419         Reviewed by Geoff Garen.
2420
2421         Bug 59232 - DFG JIT - Add predecessor links to BasicBlocks
2422
2423         These will be necessary for DCE support.
2424         Also factor allocateVirtualRegisters out into its own method.
2425
2426         * dfg/DFGByteCodeParser.cpp:
2427         (JSC::DFG::ByteCodeParser::setupPredecessors):
2428         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
2429         (JSC::DFG::ByteCodeParser::parse):
2430         * dfg/DFGGraph.h:
2431         (JSC::DFG::Graph::blockForBytecodeOffset):
2432         * dfg/DFGNode.h:
2433         (JSC::DFG::Node::isTerminal):
2434
2435 2011-04-22  Oliver Hunt  <oliver@apple.com>
2436
2437         Reviewed by Geoffrey Garen.
2438
2439         Object.create creates uncachable objects
2440         https://bugs.webkit.org/show_bug.cgi?id=59164
2441
2442         Use the prototype object's inheritorID, as we
2443         should always have done
2444
2445         * runtime/JSGlobalObject.cpp:
2446         (JSC::JSGlobalObject::reset):
2447         (JSC::JSGlobalObject::visitChildren):
2448         * runtime/JSGlobalObject.h:
2449         (JSC::JSGlobalObject::nullPrototypeObjectStructure):
2450         * runtime/ObjectConstructor.cpp:
2451         (JSC::objectConstructorCreate):
2452
2453 2011-04-22  Gavin Barraclough  <barraclough@apple.com>
2454
2455         Reviewed by Sam Weinig.
2456
2457         Bug 59222 - DFG JIT - don't allocate virtual registers to nodes with no result
2458
2459         We currently allocate virtual registers to nodes which have no result - these are
2460         clearly unused, and may result in us allocating a larger than necessary stack frame.
2461
2462         Encapsulate Node::virtualRegister such that we can ASSERT this is only called on
2463         nodes that have results, and improve the quality of output from the consistency check.
2464
2465         * dfg/DFGByteCodeParser.cpp:
2466         (JSC::DFG::ByteCodeParser::parse):
2467         * dfg/DFGGraph.cpp:
2468         (JSC::DFG::Graph::dump):
2469         * dfg/DFGGraph.h:
2470         (JSC::DFG::Graph::ref):
2471         (JSC::DFG::Graph::deref):
2472         * dfg/DFGJITCodeGenerator.cpp:
2473         (JSC::DFG::JITCodeGenerator::fillInteger):
2474         (JSC::DFG::JITCodeGenerator::fillDouble):
2475         (JSC::DFG::JITCodeGenerator::fillJSValue):
2476         (JSC::DFG::JITCodeGenerator::dump):
2477         (JSC::DFG::JITCodeGenerator::checkConsistency):
2478         * dfg/DFGJITCodeGenerator.h:
2479         (JSC::DFG::JITCodeGenerator::canReuse):
2480         (JSC::DFG::JITCodeGenerator::isFilled):
2481         (JSC::DFG::JITCodeGenerator::isFilledDouble):
2482         (JSC::DFG::JITCodeGenerator::use):
2483         (JSC::DFG::JITCodeGenerator::integerResult):
2484         (JSC::DFG::JITCodeGenerator::noResult):
2485         (JSC::DFG::JITCodeGenerator::cellResult):
2486         (JSC::DFG::JITCodeGenerator::jsValueResult):
2487         (JSC::DFG::JITCodeGenerator::doubleResult):
2488         (JSC::DFG::JITCodeGenerator::initConstantInfo):
2489         * dfg/DFGJITCompiler.cpp:
2490         (JSC::DFG::JITCompiler::fillNumericToDouble):
2491         (JSC::DFG::JITCompiler::fillInt32ToInteger):
2492         (JSC::DFG::JITCompiler::fillToJS):
2493         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
2494         * dfg/DFGNode.h:
2495         (JSC::DFG::Node::Node):
2496         (JSC::DFG::Node::hasResult):
2497         (JSC::DFG::Node::virtualRegister):
2498         (JSC::DFG::Node::setVirtualRegister):
2499         (JSC::DFG::Node::refCount):
2500         (JSC::DFG::Node::ref):
2501         (JSC::DFG::Node::deref):
2502         (JSC::DFG::Node::adjustedRefCount):
2503         * dfg/DFGNonSpeculativeJIT.cpp:
2504         (JSC::DFG::NonSpeculativeJIT::isKnownInteger):
2505         (JSC::DFG::NonSpeculativeJIT::isKnownNumeric):
2506         (JSC::DFG::NonSpeculativeJIT::compile):
2507         * dfg/DFGScoreBoard.h:
2508         (JSC::DFG::ScoreBoard::use):
2509         * dfg/DFGSpeculativeJIT.cpp:
2510         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
2511         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
2512         (JSC::DFG::SpeculativeJIT::compile):
2513
2514 2011-04-22  Sam Weinig  <sam@webkit.org>
2515
2516         Reviewed by Gavin Barraclough and Oliver Hunt.
2517
2518         Arrays should participate in global object forwarding fun
2519         https://bugs.webkit.org/show_bug.cgi?id=59215
2520
2521         * runtime/JSGlobalObject.h:
2522         (JSC::constructEmptyArray):
2523         (JSC::constructArray):
2524         Add variants of constructArray that take a global object.
2525
2526 2011-04-22  Sheriff Bot  <webkit.review.bot@gmail.com>
2527
2528         Unreviewed, rolling out r84650 and r84654.
2529         http://trac.webkit.org/changeset/84650
2530         http://trac.webkit.org/changeset/84654
2531         https://bugs.webkit.org/show_bug.cgi?id=59218
2532
2533         Broke Windows build (Requested by bweinstein on #webkit).
2534
2535         * API/JSCallbackObjectFunctions.h:
2536         (JSC::::init):
2537         * JavaScriptCore.exp:
2538         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2539         * heap/Handle.h:
2540         (JSC::HandleBase::operator!):
2541         (JSC::HandleBase::operator UnspecifiedBoolType*):
2542         (JSC::HandleTypes::getFromSlot):
2543         * heap/HandleHeap.cpp:
2544         (JSC::HandleHeap::markStrongHandles):
2545         (JSC::HandleHeap::markWeakHandles):
2546         (JSC::HandleHeap::finalizeWeakHandles):
2547         (JSC::HandleHeap::writeBarrier):
2548         (JSC::HandleHeap::protectedGlobalObjectCount):
2549         (JSC::HandleHeap::isValidWeakNode):
2550         * heap/HandleHeap.h:
2551         (JSC::HandleHeap::copyWeak):
2552         (JSC::HandleHeap::makeWeak):
2553         (JSC::HandleHeap::Node::slot):
2554         * heap/HandleStack.cpp:
2555         (JSC::HandleStack::mark):
2556         (JSC::HandleStack::grow):
2557         * heap/HandleStack.h:
2558         (JSC::HandleStack::zapTo):
2559         (JSC::HandleStack::push):
2560         * heap/Heap.cpp:
2561         (JSC::HandleHeap::protectedObjectTypeCounts):
2562         * heap/Local.h:
2563         (JSC::::set):
2564         * heap/Strong.h:
2565         (JSC::Strong::set):
2566         * heap/Weak.h:
2567         (JSC::Weak::set):
2568         * runtime/StructureTransitionTable.h:
2569         (JSC::StructureTransitionTable::singleTransition):
2570         (JSC::StructureTransitionTable::setSingleTransition):
2571         * runtime/WeakGCMap.h:
2572         (JSC::WeakGCMap::add):
2573         (JSC::WeakGCMap::set):
2574         * runtime/WriteBarrier.h:
2575
2576 2011-04-22  Brian Weinstein  <bweinstein@apple.com>
2577
2578         Part of Windows build fix from r84650.
2579
2580         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2581
2582 2011-04-22  Oliver Hunt  <oliver@apple.com>
2583
2584         Reviewed by Geoffrey Garen.
2585
2586         Make it harder to use HandleSlot incorrectly
2587         https://bugs.webkit.org/show_bug.cgi?id=59205
2588
2589         Just add a little type fudging to make it harder to
2590         incorrectly assign through a HandleSlot.
2591
2592         * API/JSCallbackObjectFunctions.h:
2593         (JSC::::init):
2594         * JavaScriptCore.exp:
2595         * heap/Handle.h:
2596         (JSC::HandleBase::operator!):
2597         (JSC::HandleBase::operator UnspecifiedBoolType*):
2598         (JSC::HandleTypes::getFromSlot):
2599         * heap/HandleHeap.cpp:
2600         (JSC::HandleHeap::markStrongHandles):
2601         (JSC::HandleHeap::markWeakHandles):
2602         (JSC::HandleHeap::finalizeWeakHandles):
2603         (JSC::HandleHeap::writeBarrier):
2604         (JSC::HandleHeap::protectedGlobalObjectCount):
2605         (JSC::HandleHeap::isValidWeakNode):
2606         * heap/HandleHeap.h:
2607         (JSC::HandleHeap::copyWeak):
2608         (JSC::HandleHeap::makeWeak):
2609         (JSC::HandleHeap::Node::slot):
2610         * heap/HandleStack.cpp:
2611         (JSC::HandleStack::mark):
2612         (JSC::HandleStack::grow):
2613         * heap/HandleStack.h:
2614         (JSC::HandleStack::zapTo):
2615         (JSC::HandleStack::push):
2616         * heap/Heap.cpp:
2617         (JSC::HandleHeap::protectedObjectTypeCounts):
2618         * heap/Local.h:
2619         (JSC::::set):
2620         * heap/Strong.h:
2621         (JSC::Strong::set):
2622         * heap/Weak.h:
2623         (JSC::Weak::set):
2624         * runtime/StructureTransitionTable.h:
2625         (JSC::StructureTransitionTable::singleTransition):
2626         (JSC::StructureTransitionTable::setSingleTransition):
2627         * runtime/WeakGCMap.h:
2628         (JSC::WeakGCMap::add):
2629         (JSC::WeakGCMap::set):
2630         * runtime/WriteBarrier.h:
2631         (JSC::OpaqueJSValue::toJSValue):
2632         (JSC::OpaqueJSValue::toJSValueRef):
2633         (JSC::OpaqueJSValue::fromJSValue):
2634
2635 2011-04-22  Patrick Gansterer  <paroga@webkit.org>
2636
2637         Unreviewed. Build fix for ENABLE(INTERPRETER) after r84556.
2638
2639         * bytecode/CodeBlock.cpp:
2640         (JSC::CodeBlock::visitAggregate):
2641
2642 2011-04-21  Sheriff Bot  <webkit.review.bot@gmail.com>
2643
2644         Unreviewed, rolling out r84583.
2645         http://trac.webkit.org/changeset/84583
2646         https://bugs.webkit.org/show_bug.cgi?id=59173
2647
2648         "broke
2649         http://trac.webkit.org/export/84593/trunk/LayoutTests/fast/js
2650         /Object-create.html" (Requested by ggaren on #webkit).
2651
2652         * runtime/ObjectConstructor.cpp:
2653         (JSC::objectConstructorCreate):
2654
2655 2011-04-21  Maciej Stachowiak  <mjs@apple.com>
2656
2657         Reviewed by Adam Roben.
2658
2659         Add a feature define to allow <details> and <summary> to be disabled
2660         https://bugs.webkit.org/show_bug.cgi?id=59118
2661         <rdar://problem/9257045>
2662
2663         * Configurations/FeatureDefines.xcconfig:
2664
2665 2011-04-21  Oliver Hunt  <oliver@apple.com>
2666
2667         Reviewed by Geoffrey Garen.
2668
2669         Object.create creates uncachable objects
2670         https://bugs.webkit.org/show_bug.cgi?id=59164
2671
2672         Use the prototype object's inheritorID, as we
2673         should always have done
2674
2675         * runtime/ObjectConstructor.cpp:
2676         (JSC::objectConstructorCreate):
2677
2678 2011-04-21  Oliver Hunt  <oliver@apple.com>
2679
2680         Reviewed by Geoffrey Garen.
2681
2682         Start moving to a general visitor pattern for GC traversal
2683         https://bugs.webkit.org/show_bug.cgi?id=59141
2684
2685         This is just a rename:
2686             markChildren -> visitChildren
2687             markAggregate -> visitAggregate
2688             markStack -> visitor
2689             MarkStack -> typedef'd to SlotVisitor
2690
2691         * API/JSCallbackObject.h:
2692         (JSC::JSCallbackObjectData::visitChildren):
2693         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren):
2694         (JSC::JSCallbackObject::visitChildren):
2695         * JavaScriptCore.exp:
2696         * bytecode/CodeBlock.cpp:
2697         (JSC::CodeBlock::visitStructures):
2698         (JSC::EvalCodeCache::visitAggregate):
2699         (JSC::CodeBlock::visitAggregate):
2700         * bytecode/CodeBlock.h:
2701         * bytecode/EvalCodeCache.h:
2702         * bytecode/Instruction.h:
2703         (JSC::PolymorphicAccessStructureList::visitAggregate):
2704         * bytecode/StructureStubInfo.cpp:
2705         (JSC::StructureStubInfo::visitAggregate):
2706         * bytecode/StructureStubInfo.h:
2707         * debugger/DebuggerActivation.cpp:
2708         (JSC::DebuggerActivation::visitChildren):
2709         * debugger/DebuggerActivation.h:
2710         * heap/HandleHeap.cpp:
2711         (JSC::WeakHandleOwner::isReachableFromOpaqueRoots):
2712         (JSC::HandleHeap::markStrongHandles):
2713         (JSC::HandleHeap::markWeakHandles):
2714         * heap/HandleHeap.h:
2715         * heap/HandleStack.cpp:
2716         (JSC::HandleStack::mark):
2717         * heap/HandleStack.h:
2718         * heap/Heap.cpp:
2719         (JSC::Heap::markProtectedObjects):
2720         (JSC::Heap::markTempSortVectors):
2721         (JSC::Heap::markRoots):
2722         * heap/Heap.h:
2723         * heap/MarkStack.cpp:
2724         (JSC::MarkStack::visitChildren):
2725         (JSC::MarkStack::drain):
2726         * heap/MarkStack.h:
2727         (JSC::HeapRootVisitor::HeapRootVisitor):
2728         (JSC::HeapRootVisitor::mark):
2729         (JSC::HeapRootVisitor::visitor):
2730         * heap/MarkedSpace.h:
2731         * runtime/ArgList.cpp:
2732         (JSC::MarkedArgumentBuffer::markLists):
2733         * runtime/ArgList.h:
2734         * runtime/Arguments.cpp:
2735         (JSC::Arguments::visitChildren):
2736         * runtime/Arguments.h:
2737         * runtime/Executable.cpp:
2738         (JSC::EvalExecutable::visitChildren):
2739         (JSC::ProgramExecutable::visitChildren):
2740         (JSC::FunctionExecutable::visitChildren):
2741         * runtime/Executable.h:
2742         * runtime/GetterSetter.cpp:
2743         (JSC::GetterSetter::visitChildren):
2744         * runtime/GetterSetter.h:
2745         (JSC::GetterSetter::createStructure):
2746         * runtime/JSAPIValueWrapper.h:
2747         (JSC::JSAPIValueWrapper::createStructure):
2748         * runtime/JSActivation.cpp:
2749         (JSC::JSActivation::visitChildren):
2750         * runtime/JSActivation.h:
2751         * runtime/JSArray.cpp:
2752         (JSC::JSArray::visitChildren):
2753         * runtime/JSArray.h:
2754         (JSC::JSArray::visitDirect):
2755         * runtime/JSCell.h:
2756         (JSC::JSCell::JSCell::visitChildren):
2757         * runtime/JSFunction.cpp:
2758         (JSC::JSFunction::visitChildren):
2759         * runtime/JSFunction.h:
2760         * runtime/JSGlobalObject.cpp:
2761         (JSC::visitIfNeeded):
2762         (JSC::JSGlobalObject::visitChildren):
2763         * runtime/JSGlobalObject.h:
2764         * runtime/JSONObject.cpp:
2765         * runtime/JSObject.cpp:
2766         (JSC::JSObject::visitChildren):
2767         * runtime/JSObject.h:
2768         (JSC::JSObject::visitDirect):
2769         * runtime/JSPropertyNameIterator.cpp:
2770         (JSC::JSPropertyNameIterator::visitChildren):
2771         * runtime/JSPropertyNameIterator.h:
2772         (JSC::JSPropertyNameIterator::createStructure):
2773         * runtime/JSStaticScopeObject.cpp:
2774         (JSC::JSStaticScopeObject::visitChildren):
2775         * runtime/JSStaticScopeObject.h:
2776         * runtime/JSTypeInfo.h:
2777         (JSC::TypeInfo::TypeInfo):
2778         (JSC::TypeInfo::overridesVisitChildren):
2779         * runtime/JSWrapperObject.cpp:
2780         (JSC::JSWrapperObject::visitChildren):
2781         * runtime/JSWrapperObject.h:
2782         * runtime/JSZombie.h:
2783         (JSC::JSZombie::visitChildren):
2784         * runtime/NativeErrorConstructor.cpp:
2785         (JSC::NativeErrorConstructor::visitChildren):
2786         * runtime/NativeErrorConstructor.h:
2787         * runtime/RegExpObject.cpp:
2788         (JSC::RegExpObject::visitChildren):
2789         * runtime/RegExpObject.h:
2790         * runtime/ScopeChain.cpp:
2791         (JSC::ScopeChainNode::visitChildren):
2792         * runtime/ScopeChain.h:
2793         * runtime/SmallStrings.cpp:
2794         (JSC::SmallStrings::visitChildren):
2795         * runtime/SmallStrings.h:
2796         * runtime/Structure.cpp:
2797         (JSC::Structure::Structure):
2798         (JSC::Structure::visitChildren):
2799         * runtime/Structure.h:
2800         * runtime/StructureChain.cpp:
2801         (JSC::StructureChain::visitChildren):
2802         * runtime/StructureChain.h:
2803         (JSC::StructureChain::createStructure):
2804
2805 2011-04-21  Sheriff Bot  <webkit.review.bot@gmail.com>
2806
2807         Unreviewed, rolling out r84548.
2808         http://trac.webkit.org/changeset/84548
2809         https://bugs.webkit.org/show_bug.cgi?id=59144
2810
2811         Broke chromium-win build (Requested by aklein on #webkit).
2812
2813         * wtf/Platform.h:
2814
2815 2011-04-21  Adam Klein  <adamk@chromium.org>
2816
2817         Reviewed by David Levin.
2818
2819         [fileapi] Worker File API calls that create Blobs fail in debug builds due to random number generator thread assertion
2820         https://bugs.webkit.org/show_bug.cgi?id=55728
2821
2822         Enable WTF_MULTIPLE_THREADS for Chromium.
2823
2824         * wtf/Platform.h:
2825
2826 2011-04-20  Michael Saboff  <msaboff@apple.com>
2827
2828         Reviewed by Geoff Garen.
2829
2830         JSString::resolveRope inefficient for common 2 fiber case
2831         https://bugs.webkit.org/show_bug.cgi?id=58994
2832
2833         Split JSString::resolveRope into three routines.
2834         resolveRope allocates the new buffer and handles the 1 or 2
2835         fiber case with single level fibers.
2836         resolveRopeSlowCase handles the general case.
2837         outOfMemory handles the rare out of memory exception case.
2838
2839         * runtime/JSString.cpp:
2840         (JSC::JSString::resolveRope):
2841         (JSC::JSString::resolveRopeSlowCase):
2842         (JSC::JSString::outOfMemory):
2843         * runtime/JSString.h:
2844
2845 2011-04-20  Adam Klein  <adamk@chromium.org>
2846
2847         Reviewed by David Levin.
2848
2849         Rename all uses of JSC_MULTIPLE_THREADS under wtf/... to WTF_MULTIPLE_THREADS
2850         https://bugs.webkit.org/show_bug.cgi?id=59040
2851
2852         This will be used to fix https://bugs.webkit.org/show_bug.cgi?id=55728
2853         by enabling WTF_MULTIPLE_THREADS for Chromium.
2854
2855         * wtf/CryptographicallyRandomNumber.cpp:
2856         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
2857         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
2858         * wtf/FastMalloc.cpp:
2859         * wtf/Platform.h:
2860         Enable WTF_MULTIPLE_THREADS whenever JSC_MULTIPLE_THREADS is enabled.
2861         * wtf/RandomNumber.cpp:
2862         (WTF::randomNumber):
2863         * wtf/RefCountedLeakCounter.cpp:
2864         (WTF::RefCountedLeakCounter::increment):
2865         (WTF::RefCountedLeakCounter::decrement):
2866         * wtf/dtoa.cpp:
2867         (WTF::pow5mult):
2868
2869 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2870
2871         Rubber stamped by Geoff Garen
2872
2873         Bug 59069 - DFG JIT - register allocate r8, r9, r10
2874
2875         * dfg/DFGJITCompiler.h:
2876         (JSC::DFG::JITCompiler::gprToRegisterID):
2877
2878 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2879
2880         Build fix - revert accidental change.
2881
2882         * wtf/Platform.h:
2883
2884 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2885
2886         Reviewed by Sam Weinig.
2887
2888         Add SAMPLING_FLAGS tool to DFG JIT.
2889
2890         * bytecode/SamplingTool.h:
2891         (JSC::SamplingFlags::addressOfFlags):
2892         * dfg/DFGJITCompiler.cpp:
2893         (JSC::DFG::JITCompiler::setSamplingFlag):
2894         (JSC::DFG::JITCompiler::clearSamplingFlag):
2895         * dfg/DFGJITCompiler.h:
2896         * jit/JITInlineMethods.h:
2897         (JSC::JIT::setSamplingFlag):
2898         (JSC::JIT::clearSamplingFlag):
2899         * wtf/Platform.h:
2900
2901 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2902
2903         Reviewed by Oliver Hunt.
2904
2905         Bug 59022 - DFG JIT - Optimize branch-on-relational-compare
2906
2907         If a relational compare (< or <=) is immediately followed by a branch,
2908         we can combine the two, avoiding generation of a boolean into a register.
2909
2910         * assembler/MacroAssemblerX86Common.h:
2911         (JSC::MacroAssemblerX86Common::branch32):
2912         (JSC::MacroAssemblerX86Common::invert):
2913         (JSC::MacroAssemblerX86Common::commute):
2914         * dfg/DFGNode.h:
2915         (JSC::DFG::Node::adjustedRefCount):
2916         * dfg/DFGSpeculativeJIT.cpp:
2917         (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch):
2918         (JSC::DFG::SpeculativeJIT::compile):
2919         * dfg/DFGSpeculativeJIT.h:
2920         (JSC::DFG::SpeculativeJIT::isJSConstantWithInt32Value):
2921         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
2922
2923 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2924
2925         ARMv7 build fix II.
2926
2927         * jit/JITOpcodes32_64.cpp:
2928         (JSC::JIT::softModulo):
2929
2930 2011-04-20  Gavin Barraclough  <barraclough@apple.com>
2931
2932         ARMv7 build fix.
2933
2934         * assembler/MacroAssemblerARM.h:
2935         (JSC::MacroAssemblerARM::test8):
2936
2937 2011-04-19  Gavin Barraclough  <barraclough@apple.com>
2938
2939         Reviewed by Oliver Hunt.
2940
2941         Rationalize MacroAssembler branch methods
2942         https://bugs.webkit.org/show_bug.cgi?id=58950
2943
2944         The MacroAssembler currently exposes x86's weird behaviour that the 'setcc'
2945         instruction only sets the low 8 bits of a register. Stop that.
2946
2947         Having done so, to clarify remove the 'set32' prefix from test & compare
2948         instructions - these methods all now set a full 32/64 bit register (Ptr size).
2949         The size in the function name should indicate the amount of data being compared.
2950
2951         Also split out the 'Condition' enum into 'RelationalCondition' and
2952         'ResultCondition'. The former is used in binary comparison, the latter is a unary
2953         condition check on the result of an operation.
2954
2955         * JavaScriptCore.xcodeproj/project.pbxproj:
2956         * assembler/MacroAssembler.h:
2957         (JSC::MacroAssembler::branchPtr):
2958         (JSC::MacroAssembler::branch32):
2959         (JSC::MacroAssembler::branch16):
2960         (JSC::MacroAssembler::branchTestPtr):
2961         (JSC::MacroAssembler::comparePtr):
2962         (JSC::MacroAssembler::branchAddPtr):
2963         (JSC::MacroAssembler::branchSubPtr):
2964         (JSC::MacroAssembler::branchTest8):
2965         * assembler/MacroAssemblerARM.h:
2966         (JSC::MacroAssemblerARM::branch8):
2967         (JSC::MacroAssemblerARM::branch32):
2968         (JSC::MacroAssemblerARM::branch32WithUnalignedHalfWords):
2969         (JSC::MacroAssemblerARM::branch16):
2970         (JSC::MacroAssemblerARM::branchTest8):
2971         (JSC::MacroAssemblerARM::branchTest32):
2972         (JSC::MacroAssemblerARM::branchAdd32):
2973         (JSC::MacroAssemblerARM::branchMul32):
2974         (JSC::MacroAssemblerARM::branchSub32):
2975         (JSC::MacroAssemblerARM::branchNeg32):
2976         (JSC::MacroAssemblerARM::branchOr32):
2977         (JSC::MacroAssemblerARM::compare32):
2978         (JSC::MacroAssemblerARM::test32):
2979         (JSC::MacroAssemblerARM::test8):
2980         (JSC::MacroAssemblerARM::branchPtrWithPatch):
2981         (JSC::MacroAssemblerARM::ARMCondition):
2982         * assembler/MacroAssemblerARMv7.h:
2983         (JSC::MacroAssemblerARMv7::branch32):
2984         (JSC::MacroAssemblerARMv7::branch32WithUnalignedHalfWords):
2985         (JSC::MacroAssemblerARMv7::branch16):
2986         (JSC::MacroAssemblerARMv7::branch8):
2987         (JSC::MacroAssemblerARMv7::branchTest32):
2988         (JSC::MacroAssemblerARMv7::branchTest8):
2989         (JSC::MacroAssemblerARMv7::branchAdd32):
2990         (JSC::MacroAssemblerARMv7::branchMul32):
2991         (JSC::MacroAssemblerARMv7::branchOr32):
2992         (JSC::MacroAssemblerARMv7::branchSub32):
2993         (JSC::MacroAssemblerARMv7::compare32):
2994         (JSC::MacroAssemblerARMv7::test32):
2995         (JSC::MacroAssemblerARMv7::test8):
2996         (JSC::MacroAssemblerARMv7::branchPtrWithPatch):
2997         (JSC::MacroAssemblerARMv7::makeBranch):
2998         (JSC::MacroAssemblerARMv7::armV7Condition):
2999         * assembler/MacroAssemblerMIPS.h:
3000         (JSC::MacroAssemblerMIPS::branch8):
3001         (JSC::MacroAssemblerMIPS::branch32):
3002         (JSC::MacroAssemblerMIPS::branch32WithUnalignedHalfWords):
3003         (JSC::MacroAssemblerMIPS::branch16):
3004         (JSC::MacroAssemblerMIPS::branchTest32):
3005         (JSC::MacroAssemblerMIPS::branchTest8):
3006         (JSC::MacroAssemblerMIPS::branchAdd32):
3007         (JSC::MacroAssemblerMIPS::branchMul32):
3008         (JSC::MacroAssemblerMIPS::branchSub32):
3009         (JSC::MacroAssemblerMIPS::branchOr32):
3010         (JSC::MacroAssemblerMIPS::compare32):
3011         (JSC::MacroAssemblerMIPS::test8):
3012         (JSC::MacroAssemblerMIPS::test32):
3013         (JSC::MacroAssemblerMIPS::branchPtrWithPatch):
3014         * assembler/MacroAssemblerX86.h:
3015         (JSC::MacroAssemblerX86::branch32):
3016         (JSC::MacroAssemblerX86::branchPtrWithPatch):
3017         * assembler/MacroAssemblerX86Common.h:
3018         (JSC::MacroAssemblerX86Common::branch8):
3019         (JSC::MacroAssemblerX86Common::branch32):
3020         (JSC::MacroAssemblerX86Common::branch32WithUnalignedHalfWords):
3021         (JSC::MacroAssemblerX86Common::branch16):
3022         (JSC::MacroAssemblerX86Common::branchTest32):
3023         (JSC::MacroAssemblerX86Common::branchTest8):
3024         (JSC::MacroAssemblerX86Common::branchAdd32):
3025         (JSC::MacroAssemblerX86Common::branchMul32):
3026         (JSC::MacroAssemblerX86Common::branchSub32):
3027         (JSC::MacroAssemblerX86Common::branchNeg32):
3028         (JSC::MacroAssemblerX86Common::branchOr32):
3029         (JSC::MacroAssemblerX86Common::compare32):
3030         (JSC::MacroAssemblerX86Common::test8):
3031         (JSC::MacroAssemblerX86Common::test32):
3032         (JSC::MacroAssemblerX86Common::x86Condition):
3033         * assembler/MacroAssemblerX86_64.h:
3034         (JSC::MacroAssemblerX86_64::comparePtr):
3035         (JSC::MacroAssemblerX86_64::branchPtr):
3036         (JSC::MacroAssemblerX86_64::branchTestPtr):
3037         (JSC::MacroAssemblerX86_64::branchAddPtr):
3038         (JSC::MacroAssemblerX86_64::branchSubPtr):
3039         (JSC::MacroAssemblerX86_64::branchPtrWithPatch):
3040         (JSC::MacroAssemblerX86_64::branchTest8):
3041         * dfg/DFGSpeculativeJIT.cpp:
3042         (JSC::DFG::SpeculativeJIT::compile):
3043         * jit/JITOpcodes.cpp:
3044         (JSC::JIT::emit_op_eq):
3045         (JSC::JIT::emit_op_neq):
3046         (JSC::JIT::compileOpStrictEq):
3047         (JSC::JIT::emit_op_eq_null):
3048         (JSC::JIT::emit_op_neq_null):
3049         * jit/JITOpcodes32_64.cpp:
3050         (JSC::JIT::emit_op_eq):
3051         (JSC::JIT::emit_op_neq):
3052         (JSC::JIT::compileOpStrictEq):
3053         (JSC::JIT::emit_op_eq_null):
3054         (JSC::JIT::emit_op_neq_null):
3055
3056 2011-04-20  Balazs Kelemen  <kbalazs@webkit.org>
3057
3058         Reviewed by Csaba Osztrogonác.
3059
3060         [Qt] Cleanup includepath adjustment for generated files
3061         https://bugs.webkit.org/show_bug.cgi?id=58869
3062
3063         * JavaScriptCore.pri:  Add the directory of generated files to the include
3064         path with absolute path to make it valid in the final build step.
3065
3066 2011-04-19  Oliver Hunt  <oliver@apple.com>
3067
3068         Reviewed by Gavin Barraclough.
3069
3070         Remove unneeded deprecated methods from MarkStack
3071         https://bugs.webkit.org/show_bug.cgi?id=58853
3072
3073         Remove deprecated methods
3074
3075         * heap/MarkStack.h:
3076
3077 2011-04-19  Mark Rowe  <mrowe@apple.com>
3078
3079         Things work best when the Xcode project refers to the file at a path that exists.
3080
3081         * JavaScriptCore.xcodeproj/project.pbxproj:
3082
3083 2011-04-19  Renata Hodovan  <reni@webkit.org>
3084
3085         Reviewed by Eric Seidel.
3086
3087         Move the alignment related macros in Vector.h to new Alignment.h.
3088         https://bugs.webkit.org/show_bug.cgi?id=56000
3089
3090         * JavaScriptCore.gypi:
3091         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
3092         * JavaScriptCore.xcodeproj/project.pbxproj:
3093         * wtf/Alignment.h: Added.
3094         * wtf/CMakeLists.txt:
3095         * wtf/Vector.h:
3096
3097 2011-04-19  Oliver Hunt  <oliver@apple.com>
3098
3099         Reviewed by Gavin Barraclough.
3100
3101         Remove DeprecatedPtr
3102         https://bugs.webkit.org/show_bug.cgi?id=58718
3103
3104         Remove the class an all functions that still exist to support it.
3105
3106         * heap/MarkStack.h:
3107         (JSC::MarkStack::append):
3108         * runtime/JSValue.h:
3109         * runtime/WriteBarrier.h:
3110
3111 2011-04-19  Jungshik Shin  <jshin@chromium.org>
3112
3113         Reviewed by David Levin
3114
3115         Add U+FEFF (Zero width no-break space) to CharacterNames.h.
3116         It's added to the list of characters to treat as zero-width
3117         in WebCore.
3118
3119         https://bugs.webkit.org/show_bug.cgi?id=48860
3120
3121         * wtf/unicode/CharacterNames.h:
3122
3123 2011-04-19  Csaba Osztrogonác  <ossy@webkit.org>
3124
3125         [Qt] REGRESSION(84176): http/tests/xmlhttprequest/event-listener-gc.html fails
3126         https://bugs.webkit.org/show_bug.cgi?id=58871
3127
3128         Unreviewed, rolling out r84176, r84178, r84186, r84212 and r84231.
3129         http://trac.webkit.org/changeset/84176 (original patch)
3130         http://trac.webkit.org/changeset/84178 (original patch - part 2)
3131         http://trac.webkit.org/changeset/84186 (build fix)
3132         http://trac.webkit.org/changeset/84212
3133         http://trac.webkit.org/changeset/84231 (skip failing test)
3134
3135         original bugs:
3136          - https://bugs.webkit.org/show_bug.cgi?id=58718
3137          - https://bugs.webkit.org/show_bug.cgi?id=58853
3138
3139         * heap/MarkStack.h:
3140         (JSC::MarkStack::deprecatedAppendValues):
3141         (JSC::MarkStack::append):
3142         (JSC::MarkStack::deprecatedAppend):
3143         * runtime/JSValue.h:
3144         * runtime/WriteBarrier.h:
3145         (JSC::DeprecatedPtr::DeprecatedPtr):
3146         (JSC::DeprecatedPtr::get):
3147         (JSC::DeprecatedPtr::operator*):
3148         (JSC::DeprecatedPtr::operator->):
3149         (JSC::DeprecatedPtr::slot):
3150         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
3151         (JSC::DeprecatedPtr::operator!):
3152         (JSC::operator==):
3153
3154 2011-04-18  Oliver Hunt  <oliver@apple.com>
3155
3156         Reviewed by Gavin Barraclough.
3157
3158         Remove unneeded deprecated methods from MarkStack
3159         https://bugs.webkit.org/show_bug.cgi?id=58853
3160
3161         Remove deprecated methods
3162
3163         * heap/MarkStack.h:
3164
3165 2011-04-18  Oliver Hunt  <oliver@apple.com>
3166
3167         Reviewed by Adam Roben.
3168
3169         Off by one initialising repeat callframe
3170         https://bugs.webkit.org/show_bug.cgi?id=58838
3171         <rdar://problem/8756810>
3172
3173         If the end of a callframe made for a repeat call landed on
3174         a page boundary the following page may not have been committed
3175         which means that the off by one could lead to a crash.  However
3176         it could only happen in this case and only on windows which is
3177         why it was so hard to repro.  Alas given the steps needed to
3178         reproduce are such that it's not really possible to make a
3179         testcase.
3180
3181         This fix makes the code a little less squirrely by not trying
3182         to avoid the unnecessary initialisation of |this|.
3183
3184         * interpreter/Interpreter.cpp:
3185         (JSC::Interpreter::prepareForRepeatCall):
3186
3187 2011-04-18  Gavin Barraclough  <barraclough@apple.com>
3188
3189         Reviewed by Geoff Garen.
3190
3191         Bug 58829 - DFG JIT - Optimize add/sub immediate, multiply.
3192
3193         Add code generation for add/subtract instruction with immediate operands
3194         (where a child is a constant), and don't bail to non-speculative if an
3195         integer multiple results in a +0 result (only if it should be generating -0).
3196
3197         * dfg/DFGSpeculativeJIT.cpp:
3198         (JSC::DFG::SpeculativeJIT::compile):
3199         * dfg/DFGSpeculativeJIT.h:
3200         (JSC::DFG::SpeculativeJIT::isDoubleConstantWithInt32Value):
3201
3202 2011-04-18  Gavin Barraclough  <barraclough@apple.com>
3203
3204         Reviewed by Geoff Garen.
3205
3206         Bug 58817 - DFG JIT - if speculative compilation fails, throw away code.
3207
3208         If we detect a logical conflict, throw away generated code,
3209         and only compile through the NonSpeculativeJIT.
3210
3211         * assembler/AbstractMacroAssembler.h:
3212         (JSC::AbstractMacroAssembler::rewindToLabel):
3213         * assembler/AssemblerBuffer.h:
3214         (JSC::AssemblerBuffer::rewindToOffset):
3215         * assembler/MacroAssemblerX86Common.h:
3216         (JSC::MacroAssemblerX86Common::branchAdd32):
3217         (JSC::MacroAssemblerX86Common::branchSub32):
3218         * assembler/X86Assembler.h:
3219         (JSC::X86Assembler::rewindToLabel):
3220         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
3221         * dfg/DFGJITCompiler.cpp:
3222         (JSC::DFG::JITCompiler::linkSpeculationChecks):
3223         (JSC::DFG::JITCompiler::compileFunction):
3224         * dfg/DFGNode.h:
3225         * dfg/DFGNonSpeculativeJIT.cpp:
3226         (JSC::DFG::NonSpeculativeJIT::compile):
3227         * dfg/DFGSpeculativeJIT.cpp:
3228         (JSC::DFG::SpeculativeJIT::compile):
3229         * dfg/DFGSpeculativeJIT.h:
3230         (JSC::DFG::SpeculationCheckIndexIterator::SpeculationCheckIndexIterator):
3231
3232 2011-04-18  Oliver Hunt  <oliver@apple.com>
3233
3234         Reviewed by Gavin Barraclough.
3235
3236         Remove DeprecatedPtr
3237         https://bugs.webkit.org/show_bug.cgi?id=58718
3238
3239         As simple as it sounds.
3240
3241         * runtime/JSValue.h:
3242         * runtime/WriteBarrier.h:
3243
3244 2011-04-17  Cameron Zwarich  <zwarich@apple.com>
3245
3246         Reviewed by Dan Bernstein.
3247
3248         JSC no longer builds with Clang due to -Woverloaded-virtual warning
3249         https://bugs.webkit.org/show_bug.cgi?id=58760
3250
3251         Rename Structure's specificValue overload of put to putSpecificValue to avoid
3252         Clang's warning for overloading a virtual function.
3253
3254         * runtime/Structure.cpp:
3255         (JSC::Structure::addPropertyTransition):
3256         (JSC::Structure::addPropertyWithoutTransition):
3257         (JSC::Structure::putSpecificValue):
3258         * runtime/Structure.h:
3259
3260 2011-04-17  Patrick Gansterer  <paroga@webkit.org>
3261
3262         Reviewed by Adam Barth.
3263
3264         Remove WTF_PLATFORM_SGL
3265         https://bugs.webkit.org/show_bug.cgi?id=58743
3266
3267         WTF_PLATFORM_SGL and PLATFORM(SGL) are not used in the code anywhere.
3268
3269         * wtf/Platform.h:
3270
3271 2011-04-17  Patrick Gansterer  <paroga@webkit.org>
3272
3273         Reviewed by Adam Barth.
3274
3275         Rename PLATFORM(CA) to USE(CA)
3276         https://bugs.webkit.org/show_bug.cgi?id=58742
3277
3278         * wtf/Platform.h:
3279
3280 2011-04-17  Patrick Gansterer  <paroga@webkit.org>
3281
3282         Reviewed by Adam Barth.
3283
3284         Rename PLATFORM(CG) to USE(CG)
3285         https://bugs.webkit.org/show_bug.cgi?id=58729
3286
3287         * wtf/Platform.h:
3288
3289 2011-04-16  Patrick Gansterer  <paroga@webkit.org>
3290
3291         Reviewed by Eric Seidel.
3292
3293         Rename PLATFORM(CAIRO) to USE(CAIRO)
3294         https://bugs.webkit.org/show_bug.cgi?id=55192
3295
3296         * wtf/Platform.h:
3297         * wtf/gobject/GTypedefs.h:
3298
3299 2011-04-15  Sheriff Bot  <webkit.review.bot@gmail.com>
3300
3301         Unreviewed, rolling out r84067.
3302         http://trac.webkit.org/changeset/84067
3303         https://bugs.webkit.org/show_bug.cgi?id=58724
3304
3305         qt build are failing. (Requested by loislo2 on #webkit).
3306
3307         * heap/MarkStack.h:
3308         (JSC::MarkStack::append):
3309         * runtime/JSValue.h:
3310         * runtime/WriteBarrier.h:
3311         (JSC::DeprecatedPtr::DeprecatedPtr):
3312         (JSC::DeprecatedPtr::get):
3313         (JSC::DeprecatedPtr::operator*):
3314         (JSC::DeprecatedPtr::operator->):
3315         (JSC::DeprecatedPtr::slot):
3316         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
3317         (JSC::DeprecatedPtr::operator!):
3318         (JSC::operator==):
3319
3320 2011-04-15  Shishir Agrawal  <shishir@chromium.org>
3321
3322         Reviewed by James Robinson.
3323
3324         Add a flag to guard Page Visibility API changes.
3325         https://bugs.webkit.org/show_bug.cgi?id=58464
3326
3327         * Configurations/FeatureDefines.xcconfig:
3328
3329 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
3330
3331         Errrk! - build fix from !x86-64.
3332
3333         * dfg/DFGNode.h:
3334
3335 2011-04-15  David Levin  <levin@chromium.org>
3336
3337         Revert of r83974.
3338
3339         JavaScriptCore shouldn't depend on ../ThirdParty/gtest/xcode/gtest.xcodeproj
3340         https://bugs.webkit.org/show_bug.cgi?id=58716
3341
3342         * JavaScriptCore.xcodeproj/project.pbxproj:
3343         * wtf/tests/RunAllWtfTests.cpp: Removed.
3344         * wtf/tests/StringTests.cpp: Removed.
3345
3346 2011-04-15  Oliver Hunt  <oliver@apple.com>
3347
3348         Reviewed by Gavin Barraclough.
3349
3350         Remove DeprecatedPtr
3351         https://bugs.webkit.org/show_bug.cgi?id=58718
3352
3353         As simple as it sounds.
3354
3355         * heap/MarkStack.h:
3356         (JSC::MarkStack::append):
3357         * runtime/JSValue.h:
3358         * runtime/WriteBarrier.h:
3359
3360 2011-04-15  Gavin Barraclough  <barraclough@apple.com>
3361
3362         Reviewed by Oliver Hunt.
3363
3364         Add a simple tool to gather statistics on whether functions
3365         are completed through the new or old JIT.
3366
3367         * dfg/DFGNode.h:
3368         * dfg/DFGNonSpeculativeJIT.cpp:
3369         (JSC::DFG::NonSpeculativeJIT::compile):
3370         * dfg/DFGSpeculativeJIT.cpp:
3371         (JSC::DFG::SpeculativeJIT::compile):
3372         * jit/JIT.cpp:
3373         (JSC::JIT::privateCompile):
3374
3375 2011-04-15  Oliver Hunt  <oliver@apple.com>
3376
3377         GC allocate Structure
3378         https://bugs.webkit.org/show_bug.cgi?id=58483
3379
3380         Rolling r83894 r83827 r83810 r83809 r83808 back in with
3381         a workaround for the gcc bug seen by the gtk bots
3382
3383         * API/JSCallbackConstructor.cpp:
3384         (JSC::JSCallbackConstructor::JSCallbackConstructor):
3385         * API/JSCallbackConstructor.h:
3386         (JSC::JSCallbackConstructor::createStructure):
3387         * API/JSCallbackFunction.h:
3388         (JSC::JSCallbackFunction::createStructure):
3389         * API/JSCallbackObject.h:
3390         (JSC::JSCallbackObject::createStructure):
3391         * API/JSCallbackObjectFunctions.h:
3392         (JSC::::JSCallbackObject):
3393         * API/JSContextRef.cpp:
3394         * JavaScriptCore.JSVALUE32_64only.exp:
3395         * JavaScriptCore.JSVALUE64only.exp:
3396         * JavaScriptCore.exp:
3397         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3398         * bytecode/CodeBlock.cpp:
3399         (JSC::CodeBlock::~CodeBlock):
3400         (JSC::CodeBlock::markStructures):
3401         (JSC::CodeBlock::markAggregate):
3402         * bytecode/CodeBlock.h:
3403         (JSC::MethodCallLinkInfo::setSeen):
3404         (JSC::GlobalResolveInfo::GlobalResolveInfo):
3405         * bytecode/Instruction.h:
3406         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
3407         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
3408         (JSC::PolymorphicAccessStructureList::markAggregate):
3409         (JSC::Instruction::Instruction):
3410         * bytecode/StructureStubInfo.cpp:
3411         (JSC::StructureStubInfo::deref):
3412         (JSC::StructureStubInfo::markAggregate):
3413         * bytecode/StructureStubInfo.h:
3414         (JSC::StructureStubInfo::initGetByIdSelf):
3415         (JSC::StructureStubInfo::initGetByIdProto):
3416         (JSC::StructureStubInfo::initGetByIdChain):
3417         (JSC::StructureStubInfo::initPutByIdTransition):
3418         (JSC::StructureStubInfo::initPutByIdReplace):
3419         * debugger/DebuggerActivation.cpp:
3420         (JSC::DebuggerActivation::DebuggerActivation):
3421         * debugger/DebuggerActivation.h:
3422         (JSC::DebuggerActivation::createStructure):
3423         * heap/Handle.h:
3424         * heap/MarkStack.cpp:
3425         (JSC::MarkStack::markChildren):
3426         (JSC::MarkStack::drain):
3427         * heap/MarkedBlock.cpp:
3428         (JSC::MarkedBlock::MarkedBlock):
3429         (JSC::MarkedBlock::sweep):
3430         * heap/Strong.h:
3431         (JSC::Strong::Strong):
3432         (JSC::Strong::set):
3433         * interpreter/Interpreter.cpp:
3434         (JSC::Interpreter::resolveGlobal):
3435         (JSC::Interpreter::resolveGlobalDynamic):
3436         (JSC::Interpreter::tryCachePutByID):
3437         (JSC::Interpreter::uncachePutByID):
3438         (JSC::Interpreter::tryCacheGetByID):
3439         (JSC::Interpreter::uncacheGetByID):
3440         (JSC::Interpreter::privateExecute):
3441         * jit/JIT.h:
3442         * jit/JITPropertyAccess.cpp:
3443         (JSC::JIT::privateCompilePutByIdTransition):
3444         (JSC::JIT::patchMethodCallProto):
3445         (JSC::JIT::privateCompileGetByIdProto):
3446         (JSC::JIT::privateCompileGetByIdSelfList):
3447         (JSC::JIT::privateCompileGetByIdProtoList):
3448         (JSC::JIT::privateCompileGetByIdChainList):
3449         (JSC::JIT::privateCompileGetByIdChain):
3450         * jit/JITPropertyAccess32_64.cpp:
3451         (JSC::JIT::privateCompilePutByIdTransition):
3452         (JSC::JIT::patchMethodCallProto):
3453         (JSC::JIT::privateCompileGetByIdProto):
3454         (JSC::JIT::privateCompileGetByIdSelfList):
3455         (JSC::JIT::privateCompileGetByIdProtoList):
3456         (JSC::JIT::privateCompileGetByIdChainList):
3457         (JSC::JIT::privateCompileGetByIdChain):
3458         * jit/JITStubs.cpp:
3459         (JSC::JITThunks::tryCachePutByID):
3460         (JSC::JITThunks::tryCacheGetByID):
3461         (JSC::DEFINE_STUB_FUNCTION):
3462         (JSC::getPolymorphicAccessStructureListSlot):
3463         * jit/JSInterfaceJIT.h:
3464         (JSC::JSInterfaceJIT::storePtrWithWriteBarrier):
3465         * jsc.cpp:
3466         (cleanupGlobalData):
3467         * runtime/Arguments.h:
3468         (JSC::Arguments::createStructure):
3469         (JSC::Arguments::Arguments):
3470         (JSC::JSActivation::copyRegisters):
3471         * runtime/ArrayConstructor.cpp:
3472         (JSC::ArrayConstructor::ArrayConstructor):
3473         (JSC::constructArrayWithSizeQuirk):
3474         * runtime/ArrayConstructor.h:
3475         * runtime/ArrayPrototype.cpp:
3476         (JSC::ArrayPrototype::ArrayPrototype):
3477         (JSC::arrayProtoFuncSplice):
3478         * runtime/ArrayPrototype.h:
3479         (JSC::ArrayPrototype::createStructure):
3480         * runtime/BatchedTransitionOptimizer.h:
3481         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
3482         * runtime/BooleanConstructor.cpp:
3483         (JSC::BooleanConstructor::BooleanConstructor):
3484         * runtime/BooleanConstructor.h:
3485         * runtime/BooleanObject.cpp:
3486         (JSC::BooleanObject::BooleanObject):
3487         * runtime/BooleanObject.h:
3488         (JSC::BooleanObject::createStructure):
3489         * runtime/BooleanPrototype.cpp: