Google Git
Sign in
webkit / WebKit / safari-4-branch / . / JavaScriptCore / ChangeLog
blob: dcebe24d3ca12e869f979eddc92d7e4b00382d1b [file] [log] [blame]
2010-02-01 Mark Rowe <mrowe@apple.com>
Merge r51976.
2009-12-10 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
Incorrect caching of prototype lookup with dictionary base
https://bugs.webkit.org/show_bug.cgi?id=32402
Make sure we don't add cached prototype lookup to the proto_list
lookup chain if the top level object is a dictionary.
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCacheGetByID):
2010-01-25 Mark Rowe <mrowe@apple.com>
Merge r53089.
2010-01-11 Steve Falkenburg <sfalken@apple.com>
https://bugs.webkit.org/show_bug.cgi?id=33480
Improve debugging reliability for WTF on Windows.
Store WTF static library's PDB file into a better location.
* JavaScriptCore.vcproj/WTF/WTF.vcproj:
2010-01-25 Mark Rowe <mrowe@apple.com>
Merge r52749.
2010-01-04 Dan Bernstein <mitz@apple.com>
Reviewed by Ada Chan and Mark Rowe.
Updated copyright string
* Info.plist:
* JavaScriptCore.vcproj/JavaScriptCore.resources/Info.plist:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc:
2009-11-03 Mark Rowe <mrowe@apple.com>
Merge r50443.
2009-11-02 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
REGRESSION (r48573): JSC may incorrectly cache chain lookups with a dictionary at the head of the chain
https://bugs.webkit.org/show_bug.cgi?id=31045
Add guards to prevent caching of prototype chain lookups with dictionaries at the
head of the chain. Also add a few tighter assertions to cached prototype lookups
to catch this in future.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::tryCacheGetByID):
(JSC::Interpreter::privateExecute):
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCacheGetByID):
2009-10-15 Mark Rowe <mrowe@apple.com>
Merge r46777.
2009-08-04 Oliver Hunt <oliver@apple.com>
Reviewed by NOBODY (build fix).
PPC64 Build fix
* wtf/Platform.h:
2009-10-14 Mark Rowe <mrowe@apple.com>
Merge r47620.
2009-08-20 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
REGRESSION: fast/profiler/call.html is crashing occasionally
https://bugs.webkit.org/show_bug.cgi?id=28476
Using the codeblock for information about how many parameters and
locals a function has is unsafe in certain circumstances. The
basic scenario is all function code being cleared in response to
the debugger or profiler being enabled, and then an activation is
marked before its associated function is re-executed.
To deal with this scenario we store the variable count of a function
directly in the FunctionExecutable, and then use that information.
* runtime/Arguments.h:
(JSC::Arguments::getArgumentsData):
* runtime/Executable.cpp:
(JSC::FunctionExecutable::generateBytecode):
* runtime/Executable.h:
(JSC::FunctionExecutable::FunctionExecutable):
(JSC::FunctionExecutable::variableCount):
* runtime/JSActivation.cpp:
(JSC::JSActivation::markChildren):
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r48733.
2009-09-24 Mark Rowe <mrowe@apple.com>
Reviewed by Sam Weinig.
<rdar://problem/7215058> FastMalloc scavenging thread should be named
* wtf/FastMalloc.cpp:
(WTF::TCMalloc_PageHeap::scavengerThread): Set the thread name.
* wtf/Platform.h: Move the knowledge of whether pthread_setname_np exists to here as HAVE(PTHREAD_SETNAME_NP).
* wtf/ThreadingPthreads.cpp:
(WTF::setThreadNameInternal): Use HAVE(PTHREAD_SETNAME_NP).
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r46725.
2009-08-03 Ada Chan <adachan@apple.com>
Fixed the Tiger build.
* wtf/FastMalloc.cpp:
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r46724.
2009-08-03 Ada Chan <adachan@apple.com>
Reviewed by Darin Adler.
Don't use background thread to scavenge memory on Tiger until we figure out why it causes a crash.
https://bugs.webkit.org/show_bug.cgi?id=27900
* wtf/FastMalloc.cpp:
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r46648.
2009-07-31 Ada Chan <adachan@apple.com>
Fixes the Windows release-PGO build.
Reviewed by Jon Honeycutt.
* JavaScriptCore.vcproj/WTF/WTF.vcproj: Suppresses the warning about unreachable code that we get by adding "return 0" to WTF::TCMalloc_PageHeap::runScavengerThread().
* wtf/FastMalloc.cpp:
(WTF::TCMalloc_PageHeap::runScavengerThread): Fixes the error about the method not returning a value in the release-PGO build.
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r46511.
2009-07-28 Ada Chan <adachan@apple.com>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=27236
- Implement TCMalloc_SystemRelease and TCMalloc_SystemCommit for Windows.
- Use a background thread to periodically scavenge memory to release back to the system.
* wtf/FastMalloc.cpp:
(WTF::TCMalloc_PageHeap::init):
(WTF::TCMalloc_PageHeap::runScavengerThread):
(WTF::TCMalloc_PageHeap::scavenge):
(WTF::TCMalloc_PageHeap::shouldContinueScavenging):
(WTF::TCMalloc_PageHeap::New):
(WTF::TCMalloc_PageHeap::AllocLarge):
(WTF::TCMalloc_PageHeap::Delete):
(WTF::TCMalloc_PageHeap::GrowHeap):
(WTF::sleep):
(WTF::TCMalloc_PageHeap::scavengerThread):
* wtf/TCSystemAlloc.cpp:
(TCMalloc_SystemRelease):
(TCMalloc_SystemCommit):
* wtf/TCSystemAlloc.h:
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r46387.
2009-07-24 Ada Chan <adachan@apple.com>
In preparation for https://bugs.webkit.org/show_bug.cgi?id=27236:
Remove TCMALLOC_TRACK_DECOMMITED_SPANS. We'll always track decommitted spans.
We have tested this and show it has little impact on performance.
Reviewed by Mark Rowe.
* wtf/FastMalloc.cpp:
(WTF::TCMalloc_PageHeap::New):
(WTF::TCMalloc_PageHeap::AllocLarge):
(WTF::propagateDecommittedState):
(WTF::mergeDecommittedStates):
(WTF::TCMalloc_PageHeap::Delete):
(WTF::TCMalloc_PageHeap::IncrementalScavenge):
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r48590.
2009-09-21 Oliver Hunt <oliver@apple.com>
Reviewed by Geoff Garen.
REGRESSION (r48582): Crash in StructureStubInfo::initPutByIdTransition when reloading trac.webkit.org
https://bugs.webkit.org/show_bug.cgi?id=29599
It is unsafe to attempt to cache new property transitions on
dictionaries of any type.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::tryCachePutByID):
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCachePutByID):
2009-10-13 Mark Rowe <mrowe@apple.com>
Merge r49026.
2009-10-02 Steve Falkenburg <sfalken@apple.com>
Reviewed by Mark Rowe.
<https://bugs.webkit.org/show_bug.cgi?id=29989>
Safari version number shouldn't be exposed in WebKit code
For a WebKit version of 532.3.4:
Product version is: 5.32.3.4 (was 4.0.3.0)
File version is: 5.32.3.4 (was 4.532.3.4)
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r48582.
2009-09-21 Oliver Hunt <oliver@apple.com>
RS=Maciej Stachowiak.
Re-land SNES fix with corrected assertion.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::resolveGlobal):
(JSC::Interpreter::tryCachePutByID):
(JSC::Interpreter::tryCacheGetByID):
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCachePutByID):
(JSC::JITThunks::tryCacheGetByID):
(JSC::DEFINE_STUB_FUNCTION):
* runtime/BatchedTransitionOptimizer.h:
(JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
* runtime/JSObject.cpp:
(JSC::JSObject::removeDirect):
* runtime/Structure.cpp:
(JSC::Structure::Structure):
(JSC::Structure::getEnumerablePropertyNames):
(JSC::Structure::despecifyDictionaryFunction):
(JSC::Structure::addPropertyTransitionToExistingStructure):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::removePropertyTransition):
(JSC::Structure::toDictionaryTransition):
(JSC::Structure::toCacheableDictionaryTransition):
(JSC::Structure::toUncacheableDictionaryTransition):
(JSC::Structure::fromDictionaryTransition):
(JSC::Structure::removePropertyWithoutTransition):
* runtime/Structure.h:
(JSC::Structure::isDictionary):
(JSC::Structure::isUncacheableDictionary):
(JSC::Structure::):
* runtime/StructureChain.cpp:
(JSC::StructureChain::isCacheable):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r47605.
2009-08-20 Oliver Hunt <oliver@apple.com>
Reviewed by Geoff Garen.
REGRESSION: significant slowdown on Celtic Kane "AJAX declaration" subtest
https://bugs.webkit.org/show_bug.cgi?id=28332
Follow up style fixes that were missed in review.
* runtime/Structure.cpp:
(JSC::Structure::hasTransition):
* runtime/Structure.h:
(JSC::Structure::get):
(JSC::StructureTransitionTable::contains):
* runtime/StructureTransitionTable.h:
(JSC::StructureTransitionTable::add):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r47604.
2009-08-20 Oliver Hunt <oliver@apple.com>
Reviewed by NOBODY (Build fix).
Add new exports to windows jsc build
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r47601.
2009-08-20 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
REGRESSION: significant slowdown on Celtic Kane "AJAX declaration" subtest
https://bugs.webkit.org/show_bug.cgi?id=28332
The method check optimisation made transitions aware of the value being
assigned when a transition was assigning a function. This had the side
effect of making every assignment of a function expression result in a
new transition, and thus a new Structure. The net result of this is that
the common JS idiom of
function MyObject() {
this.myFunction = function(...){...};
}
new MyObject();
Will produce a unique structure on every iteration, meaning that all
caching is defeated and there is a significant amount of structure churn.
The fix is to return the transition to its original form where it is
keyed off a property name + attributes tuple, but have each transition
support an optional transition on a specific value.
* JavaScriptCore.exp:
* runtime/JSObject.h:
(JSC::JSObject::putDirectInternal):
* runtime/Structure.cpp:
(JSC::Structure::~Structure):
(JSC::Structure::addPropertyTransitionToExistingStructure):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::hasTransition):
* runtime/Structure.h:
(JSC::Structure::transitionedFor):
(JSC::Structure::hasTransition):
(JSC::Structure::):
(JSC::StructureTransitionTable::contains):
(JSC::StructureTransitionTable::get):
* runtime/StructureTransitionTable.h:
(JSC::StructureTransitionTableHashTraits::emptyValue):
(JSC::StructureTransitionTable::hasTransition):
(JSC::StructureTransitionTable::remove):
(JSC::StructureTransitionTable::add):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r47474.
2009-08-18 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
Assigning a function to an object should always use the existing transition, even if the transition is not specialized
https://bugs.webkit.org/show_bug.cgi?id=28442
Check for an unspecialized transition as an alternative to always failing if specialisation does not match.
* runtime/Structure.cpp:
(JSC::Structure::addPropertyTransitionToExistingStructure):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r48830.
2009-09-28 Oliver Hunt <oliver@apple.com>
Reviewed by Geoff Garen.
Hard dependency on SSE2 instruction set with JIT
https://bugs.webkit.org/show_bug.cgi?id=29779
Add floating point support checks to op_jfalse and op_jtrue, and
fix the logic for the slow case of op_add
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_add):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46706.
2009-08-02 Geoffrey Garen <ggaren@apple.com>
Qt build fix.
Added JSAPIValueWrapper.cpp to the build.
* JavaScriptCore.pri:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46705.
2009-08-02 Geoffrey Garen <ggaren@apple.com>
Windows build fix.
Exported symbols for JSAPIValueWrapper.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46704.
2009-08-02 Geoffrey Garen <ggaren@apple.com>
GTK build fix.
* jit/JITStubs.cpp: #include <stdarg.h>, for a definition of va_start.
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46703.
2009-08-02 Geoffrey Garen <ggaren@apple.com>
Qt build fix.
* runtime/Collector.cpp: #include <limits.h>, for a definition of ULONG_MAX.
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46702.
2009-08-02 Geoffrey Garen <ggaren@apple.com>
Windows build fix: Nixed JSImmediate::prototype, JSImmediate::toObject,
and JSImmediate::toThisObject, and removed their exported symbols.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
* runtime/JSImmediate.cpp:
* runtime/JSImmediate.h:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46701.
2009-08-02 Geoffrey Garen <ggaren@apple.com>
Reviewed by Mark Rowe.
Enabled JSVALUE32_64 by default on all platforms other than x86_64 (which uses JSVALUE64).
* wtf/Platform.h:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46610.
2009-07-30 Geoffrey Garen <ggaren@apple.com>
Reviewed by Gavin Barraclough.
Fixed failing tests seen on Windows buildbot.
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* jit/JITStubs.h:
(JSC::): Use "int" instead of "bool" to guarantee a 32-bit result,
regardless of compiler. gcc on mac uses 32-bit values for bool,
but gcc on linux and MSVC on Windows use 8-bit values.
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46601.
2009-07-30 Geoffrey Garen <ggaren@apple.com>
Windows build fix: added missing symbols on Windows.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46599.
2009-07-30 Geoffrey Garen <ggaren@apple.com>
Windows build fix: removed stale symbols on Windows.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46598.
=== End merge of nitro-extreme branch 2009-07-30 ===
2009-07-20 Geoffrey Garen <ggaren@apple.com>
Fixed a post-review typo in r46066 that caused tons of test failures.
SunSpider reports no change.
* runtime/JSArray.cpp:
(JSC::JSArray::JSArray): Initialize the full vector capacity, to avoid
uninitialized members at the end.
2009-07-20 Geoffrey Garen <ggaren@apple.com>
Windows WebKit build fix: Added some missing exports.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-07-17 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Get the branch working on windows.
https://bugs.webkit.org/show_bug.cgi?id=27391
SunSpider says 0.3% faster.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Updated
MSVC export lists to fix linker errors.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Added / removed
new / old project files.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines): Used #pragma pack to tell
MSVC that these structures represent actual memory layout, and should not be
automatically aligned. Changed the return value load to load a 64bit quantity
into the canonical registers.
* jit/JIT.h: Moved OBJECT_OFFSETOF definition to StdLibExtras.h because
it's needed by more than just the JIT, and it supplements a standard library
macro (offsetof).
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallInitializeCallFrame): Fixed an incorrectly signed
cast to resolve an MSVC warning.
* jit/JITStubs.h: Used #pragma pack to tell MSVC that these structures
represent actual memory layout, and should not be automatically aligned.
* runtime/JSArray.cpp:
(JSC::JSArray::JSArray): Replaced memset_pattern8 with a for loop, since
memset_pattern8 is not portable. (I verified that this version of the loop
gives the best performance / generated code in GCC.)
* runtime/JSObject.h:
(JSC::JSObject::JSObject): Removed accidental usage of FIELD_OFFSET --
OBJECT_OFFSETOF is our new macro name. (FIELD_OFFSET conflicts with a
definition in winnt.h.)
* runtime/JSValue.cpp: Added some headers needed by non-all-in-one builds.
* runtime/JSValue.h:
(JSC::JSValue::): Made the tag signed, to match MSVC's signed enum values.
(GCC doesn't seem to care one way or the other.)
* wtf/MainThread.cpp: Moved the StdLibExtras.h #include -- I did this a
while ago to resolve a conflict with winnt.h. I can't remember if it's truly
still needed, but what the heck.
* wtf/StdLibExtras.h: Moved OBJECT_OFFSETOF definition here.
2009-07-06 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig (?).
Fixed an assertion seen during the stress test.
Don't assume that, if op1 is constant, op2 is not, and vice versa. Sadly,
not all constants get folded.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emitSlow_op_jnlesseq):
2009-07-06 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Include op_convert_this in result caching.
No change on SunSpider or v8.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_convert_this):
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* jit/JITStubs.h:
(JSC::): Made the op_convert_this JIT stub return an EncodedJSValue, so
to maintain the result caching contract that { tag, payload } can be
found in { regT1, regT0 }.
2009-07-06 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Implemented result chaining.
1% faster on SunSpider. 4%-5% faster on v8.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::move):
* assembler/X86Assembler.h:
(JSC::X86Assembler::movl_rr): Added an optimization to eliminate
no-op mov instructions, to simplify chaining.
* jit/JIT.cpp:
(JSC::JIT::JIT):
* jit/JIT.h: Added data members and helper functions for recording
chained results. We record both a mapping from virtual to machine register
and the opcode for which the mapping is valid, to help ensure that the
mapping isn't used after the mapped register has been stomped by other
instructions.
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallVarargs):
(JSC::JIT::compileOpCallVarargsSlowCase):
(JSC::JIT::emit_op_ret):
(JSC::JIT::emit_op_construct_verify):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase): Chain function call results.
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoadTag):
(JSC::JIT::emitLoadPayload):
(JSC::JIT::emitLoad):
(JSC::JIT::emitLoad2):
(JSC::JIT::isLabeled):
(JSC::JIT::map):
(JSC::JIT::unmap):
(JSC::JIT::isMapped):
(JSC::JIT::getMappedPayload):
(JSC::JIT::getMappedTag): Use helper functions when loading virtual
registers into machine registers, in case the loads can be eliminated
by chaining.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_mov):
(JSC::JIT::emit_op_end):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_get_global_var):
(JSC::JIT::emit_op_put_global_var):
(JSC::JIT::emit_op_get_scoped_var):
(JSC::JIT::emit_op_put_scoped_var):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_next_pname):
(JSC::JIT::emit_op_to_jsnumber):
(JSC::JIT::emit_op_catch): Chain results from these opcodes.
(JSC::JIT::emit_op_profile_will_call):
(JSC::JIT::emit_op_profile_did_call): Load the profiler into regT2 to
avoid stomping a chained result.
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_method_check):
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_get_by_id): Chain results from these opcodes.
* jit/JITStubCall.h:
(JSC::JITStubCall::addArgument): Always use { regT1, regT0 }, to facilitate
chaining.
(JSC::JITStubCall::call): Unmap all mapped registers, since our callee
stub might stomp them.
2009-07-01 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Don't reload values in emitBinaryDoubleOp.
SunSpider reports a 0.6% progression.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emitBinaryDoubleOp):
2009-07-01 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Convert op_div to load op1 and op2 up front.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_div):
2009-07-01 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Don't emit code in emitBinaryDoubleOp if code is unreachable, observable
via an empty (unlinked) jumplist passed in. This only effects op_jnless
and op_jnlesseq at present.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::emitBinaryDoubleOp):
2009-07-01 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Converted op_mod to put { tag, payload } in { regT1, regT0 }, and
tidied up its constant case.
SunSpider reports a 0.2% regression, but a micro-benchmark of op_mod
shows a 12% speedup, and the SunSpider test that uses op_mod most should
benefit a lot from result caching in the end, since it almost always
performs (expression) % constant.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitSlow_op_mod):
2009-06-30 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Converted some more arithmetic ops to put { tag, payload } in
{ regT1, regT0 }.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Converted some more arithmetic ops to put { tag, payload } in
{ regT1, regT0 }, and added a case for subtract constant.
SunSpider says no change. v8 says 0.3% slower.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_add):
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSub32Constant):
(JSC::JIT::emitSlow_op_sub):
2009-06-30 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Remove more uses of addressFor(), load double constants directly from
the constantpool in the CodeBlock, rather than from the register file.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitBinaryDoubleOp):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed a bug in postfix ops, where we would treat x = x++ and x = x--
as a no-op, even if x were not an int, and the ++/-- could have side-effects.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_post_inc):
(JSC::JIT::emitSlow_op_post_inc):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emitSlow_op_post_dec):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Converted some arithmetic ops to put { tag, payload } in
{ regT1, regT0 }.
SunSpider says 0.7% faster. v8 says no change.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emit_op_bitxor):
* jit/JITInlineMethods.h:
(JSC::JIT::isOperandConstantImmediateInt):
(JSC::JIT::getOperandConstantImmediateInt):
2009-06-30 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Start removing cases of addressFor().
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_div):
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoadDouble):
(JSC::JIT::emitLoadInt32ToDouble):
(JSC::JIT::emitStoreDouble):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Rolled back in my last patch with regression fixed.
* jit/JIT.cpp:
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emitSlow_op_resolve_global):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emitSlow_op_neq):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Rolled out my last patch because it was a 2% SunSpider regression.
* jit/JIT.cpp:
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emitSlow_op_neq):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Reviewed by Gavin "Sam Weinig" Barraclough.
Standardized the rest of our opcodes to put { tag, payload } in
{ regT1, regT0 } where possible.
* jit/JIT.cpp:
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emitSlow_op_resolve_global):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emitSlow_op_neq):
2009-06-30 Gavin Barraclough <barraclough@apple.com>
Reviewed by Geoffrey Garen.
Replace calls to store32(tagFor()) and store32(payloadFor())
with emitStoreInt32(), emitStoreBool(), and emitStoreCell().
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_negate):
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emitBitAnd32Constant):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emitBitOr32Constant):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emitBitXor32Constant):
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emit_op_post_inc):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emit_op_pre_inc):
(JSC::JIT::emit_op_pre_dec):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSub32ConstantLeft):
(JSC::JIT::emitSub32ConstantRight):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mod):
* jit/JITCall.cpp:
(JSC::JIT::emit_op_load_varargs):
* jit/JITInlineMethods.h:
(JSC::JIT::emitStoreInt32):
(JSC::JIT::emitStoreCell):
(JSC::JIT::emitStoreBool):
(JSC::JIT::emitStore):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::compileOpStrictEq):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
* jit/JITStubCall.h:
(JSC::JITStubCall::call):
2009-06-30 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Standardized the rest of the property access instructions to put { tag,
payload } in { regT1, regT0 }.
Small v8 speedup, 0.2% SunSpider slowdown.
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoad):
(JSC::JIT::emitLoad2):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::patchPutByIdReplace):
2009-06-29 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Various cleanups.
- Use fpRegT* instead of X86::xmm*.
- Use a switch statement in emitBinaryDoubleOp instead of a bunch of
if/elses.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_div):
2009-06-29 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add inline code dealing with doubles for op_jfalse and op_jtrue.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::):
(JSC::MacroAssemblerX86Common::zeroDouble):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
2009-06-28 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Standardized op_get_by_id to put { tag, payload } in { regT1, regT0 }.
SunSpider and v8 report maybe 0.2%-0.4% regressions, but the optimization
this enables will win much more than that back.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines):
* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_method_check):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::compileGetByIdHotPath):
(JSC::JIT::compileGetByIdSlowCase):
(JSC::JIT::patchGetByIdSelf):
(JSC::JIT::privateCompilePatchGetArrayLength):
(JSC::JIT::privateCompileGetByIdProto):
(JSC::JIT::privateCompileGetByIdSelfList):
(JSC::JIT::privateCompileGetByIdProtoList):
(JSC::JIT::privateCompileGetByIdChainList):
(JSC::JIT::privateCompileGetByIdChain):
2009-06-26 Geoffrey Garen <ggaren@apple.com>
Reviewed by Maciej Stachowiak.
Standardized op_call to put { tag, payload } in { regT1, regT0 }.
SunSpider and v8 report no change.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallInitializeCallFrame):
(JSC::JIT::compileOpCallSetupArgs):
(JSC::JIT::compileOpConstructSetupArgs):
(JSC::JIT::compileOpCallVarargsSetupArgs):
(JSC::JIT::compileOpCallVarargs):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):
2009-06-26 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Handle multiplying by zero a little better by
inlining the case that both operands are non-negative
into the slowpath.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::branchOr32):
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
2009-06-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Optimize x++ to ++x inside for loops.
Sadly, no measurable speedup, but this should help with result chaining.
* parser/Nodes.cpp:
(JSC::ForNode::emitBytecode):
2009-06-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_bitnot):
(JSC::JIT::emit_op_post_inc):
2009-06-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emit_op_pre_inc):
(JSC::JIT::emitSlow_op_pre_inc):
(JSC::JIT::emit_op_pre_dec):
(JSC::JIT::emitSlow_op_pre_dec):
2009-06-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_negate):
(JSC::JIT::emitSlow_op_negate):
* jit/JITCall.cpp:
(JSC::JIT::emit_op_construct_verify):
(JSC::JIT::emitSlow_op_construct_verify):
2009-06-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_true):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
2009-06-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig (sort of, maybe).
Fixed some ASSERTs in http/tests/security.
These ASSERTs were introduced by http://trac.webkit.org/changeset/45057,
but the underlying problem was actually older. http://trac.webkit.org/changeset/45057
just exposed the problem by enabling optimization in more cases.
The ASSERTs fired because we tested PropertySlot::slotBase() for validity,
but slotBase() ASSERTs if it's invalid, so we would ASSERT before
the test could happen. Solution: Remove the ASSERT. Maybe it was valid
once, but it clearly goes against a pattern we've deployed of late.
The underlying problem was that WebCore would re-use a PropertySlot in
the case of a forwarding access, and the second use would not completely
overwrite the first use. Solution: Make sure to overwrite m_offset when
setting a value on a PropertySlot. (Other values already get implicitly
overwritten during reuse.)
* runtime/PropertySlot.h:
(JSC::PropertySlot::PropertySlot):
(JSC::PropertySlot::setValueSlot):
(JSC::PropertySlot::setValue):
(JSC::PropertySlot::setRegisterSlot):
(JSC::PropertySlot::setUndefined):
(JSC::PropertySlot::slotBase):
(JSC::PropertySlot::clearOffset):
2009-06-24 Gavin Barraclough <barraclough@apple.com>
Reviewed by Geoff Garen.
Enable JIT_OPTIMIZE_METHOD_CALLS on the branch, implementation matches current implemenatation in ToT.
* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_method_check):
(JSC::JIT::emitSlow_op_method_check):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::compileGetByIdHotPath):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::compileGetByIdSlowCase):
2009-06-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Bit off a tiny bit more of standardizing opcode behavior to help with result
caching.
SunSpider reports no change, v8 maybe a tiny speedup.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_to_jsnumber):
(JSC::JIT::emitSlow_op_to_jsnumber):
(JSC::JIT::emit_op_convert_this):
(JSC::JIT::emitSlow_op_convert_this):
2009-06-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Bit off a tiny bit more of standardizing opcode behavior to help with result
caching -- including removing my old enemy, op_resolve_function, because
it was non-standard, and removing it felt better than helping it limp along.
SunSpider reports no change, v8 maybe a tiny speedup.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dump):
* bytecode/Opcode.h:
* bytecompiler/BytecodeGenerator.cpp:
* bytecompiler/BytecodeGenerator.h:
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_get_scoped_var):
(JSC::JIT::emit_op_put_scoped_var):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emitSlow_op_to_primitive):
* jit/JITStubs.cpp:
* jit/JITStubs.h:
* parser/Nodes.cpp:
(JSC::FunctionCallResolveNode::emitBytecode):
2009-06-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Bit off a tiny bit of standardizing opcode behavior to help with result
caching.
0.6% SunSpider speedup. 0.3% v8 speedup.
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoad): Accomodate a base register that overlaps with payload
by loading tag before payload, to avoid stomping base/payload.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_mov): Abide by the standard "tag in regT1, payload in
regT0" semantics.
(JSC::JIT::emit_op_get_global_var):
(JSC::JIT::emit_op_put_global_var): Ditto. Also, removed some irrelevent
loads while I was at it. The global object's "d" pointer never changes
after construction.
2009-06-23 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Remove 'arguments' field from Register union (again).
This time do so without breaking tests (radical, I know).
* interpreter/CallFrame.h:
(JSC::ExecState::optionalCalleeArguments):
(JSC::ExecState::setArgumentCount):
(JSC::ExecState::init):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::dumpRegisters):
(JSC::Interpreter::unwindCallFrame):
(JSC::Interpreter::privateExecute):
(JSC::Interpreter::retrieveArguments):
* interpreter/Register.h:
(JSC::Register::withInt):
(JSC::Register::):
(JSC::Register::Register):
(JSC::Register::i):
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_tear_off_arguments):
* runtime/Arguments.h:
(JSC::JSActivation::copyRegisters):
(JSC::Register::arguments):
* runtime/JSActivation.cpp:
(JSC::JSActivation::argumentsGetter):
* runtime/JSActivation.h:
2009-06-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Removed some result register tracking cruft in preparation for a new
result tracking mechanism.
SunSpider reports no change.
* assembler/AbstractMacroAssembler.h:
* assembler/X86Assembler.h:
(JSC::X86Assembler::JmpDst::JmpDst): No need to track jump targets in
machine code; we already do this in bytecode.
* jit/JIT.cpp:
(JSC::JIT::JIT):
(JSC::JIT::emitTimeoutCheck): Make sure to save and restore the result
registers, so an opcode with a timeout check can still benefit from result
register caching.
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases): Removed calls to killLastResultRegister()
in preparation for something new.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
* jit/JITInlineMethods.h:
(JSC::JIT::emitGetFromCallFrameHeaderPtr):
(JSC::JIT::emitGetFromCallFrameHeader32):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jmp):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_jsr):
(JSC::JIT::emit_op_sret):
(JSC::JIT::emit_op_jmp_scopes): ditto
* jit/JITStubCall.h:
(JSC::JITStubCall::JITStubCall):
(JSC::JITStubCall::getArgument): added a mechanism for reloading an argument
you passed to a JIT stub, for use in emitTimeoutCheck.
2009-06-23 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Remove now-useless inplace variants of binary ops.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emit_op_add):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emit_op_mul):
2009-06-23 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Move off memory operands to aid in re-enabling result caching.
- No regression measured.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_negate):
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emitBitAnd32Constant):
(JSC::JIT::emitBitAnd32InPlace):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emitBitOr32Constant):
(JSC::JIT::emitBitOr32InPlace):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emitBitXor32Constant):
(JSC::JIT::emitBitXor32InPlace):
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emit_op_post_inc):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emit_op_pre_inc):
(JSC::JIT::emitSlow_op_pre_inc):
(JSC::JIT::emit_op_pre_dec):
(JSC::JIT::emitSlow_op_pre_dec):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitAdd32InPlace):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitSlowAdd32Constant):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):
(JSC::JIT::emitSub32ConstantLeft):
(JSC::JIT::emitSub32ConstantRight):
(JSC::JIT::emitSub32InPlaceLeft):
(JSC::JIT::emitSub32InPlaceRight):
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitMul32InPlace):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mod):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallVarargs):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emit_op_to_jsnumber):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
2009-06-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed some missing and/or misplaced labels in bytecode generation, so
we don't have to work around them in JIT code generation.
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitJumpSubroutine):
* parser/Nodes.cpp:
(JSC::TryNode::emitBytecode):
2009-06-22 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
For member function calls, emit "this" directly into the "this" slot
for the function call, instead of moving it there later. This reduces
time spent in op_mov during certain calls, like "a.b.c()".
1%-2% speedup on v8, mostly richards and delta-blue.
* parser/Nodes.cpp:
(JSC::FunctionCallDotNode::emitBytecode):
2009-06-22 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Remove 'arguments' field from Register union. Having JSCell derived types in the union is
dangerous since it opens the possibility for the field to be written as a raw pointer but
then read as a JSValue. This will lead to statle data being read for the tag, which may
be dangerous. Having removed Arguments* types form Register, all arguments objects must
always explicitly be stored in the register file as JSValues.
* interpreter/CallFrame.h:
(JSC::ExecState::optionalCalleeArguments):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::unwindCallFrame):
(JSC::Interpreter::privateExecute):
(JSC::Interpreter::retrieveArguments):
* interpreter/Register.h:
(JSC::Register::):
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_tear_off_arguments):
* runtime/Arguments.h:
(JSC::JSActivation::copyRegisters):
* runtime/JSActivation.cpp:
(JSC::JSActivation::argumentsGetter):
* runtime/JSActivation.h:
2009-06-03 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add back known this value optimization by abstracting
slow case if not JSCell jumps.
* jit/JIT.h:
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallVarargs):
(JSC::JIT::compileOpCallVarargsSlowCase):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):
* jit/JITInlineMethods.h:
(JSC::JIT::emitJumpSlowCaseIfNotJSCell):
(JSC::JIT::linkSlowCaseIfNotJSCell):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
2009-06-01 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed some of the regression in crypto-aes.js. (8.5% speedup in
crypto-aes.js.)
SunSpider reports no change overall.
Division was producing double results, which took the slow path through
array access code.
Strangely, all my attempts at versions of this patch that modified array
access code to accept ints encoded as doubles along the fast or slow paths
were regressions. So I did this instead.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_div): When dividing an int by an int, go ahead and try
to turn the result into an int. Don't just do int division, though, because
testing shows it to be slower than SSE double division, and the corner
cases are pretty complicated / lengthy on top of that. Also, don't try
to canonicalize division of known tiny numerators into ints, since that's a
waste of time.
2009-05-26 Geoffrey Garen <ggaren@apple.com>
Reviewed by Oliver Hunt.
Fixed a regression caused by my recent fix for NaN.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitBinaryDoubleOp): Actually do the comparison in reverse
order, like the ChangeLog said we would, bokay?
2009-05-26 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig and Oliver Hunt.
Fixed two edge cases in %:
- Don't do -2147483648 % x as a fast case, since you might do -2147483648 % -1,
which will signal a hardware exception due to overflow.
- In the case of a zero remainder, be sure to store negative zero if the
dividend was zero.
SunSpider reports no change.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitSlow_op_mod):
2009-05-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Maciej Stachowiak.
Fixed a regression when comparing to NaN.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitBinaryDoubleOp): For op_jnless and op_jnless_eq, do the
comparison in reverse order, and jump if the result is below or
below-or-equal. This ensures that we do jump in the case of NaN.
2009-05-25 Geoffrey Garen <ggaren@apple.com>
Reviewed by Oliver Hunt.
SunSpider says no change.
Fixed regressions in fast/js/var-declarations-shadowing.html and
fast/js/equality.html, caused by recent == and != optimizations.
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_eq): Don't treat "compare to string" as always
numeric or string comparison. If the second operand is an object, you
need to ToPrimitive it, and start all over again. Also, I wrote out each
of the possible cases explicitly, to cut down on redundant branching.
2009-05-25 Sam Weinig <sam@webkit.org>
Reviewed by Mark Rowe.
Fix bug in fast/js/constant-folding.html where we were not negating
-0 properly.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_negate):
2009-05-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Oliver Hunt.
Refactored new slow case codegen for == and !=.
SunSpider reports no change, maybe a tiny speedup.
* jit/JITOpcodes.cpp:
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emitSlow_op_neq): Made a vptr comparison a *Ptr operation,
instead of *32, to make it portable to 64bit. Reorganized the string
and generic cases to make their control flow a little clearer.
2009-05-23 Geoffrey Garen <ggaren@apple.com>
Reviewed by Maciej Stachowiak.
Optimized == and != for our new value representation -- especially for strings.
14% speedup on date-format-tofte.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_eq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emitSlow_op_neq):
* jit/JITStubCall.h:
(JSC::JITStubCall::JITStubCall):
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_eq):
(JSC::JITStubs::cti_op_eq_strings):
(JSC::JITStubs::cti_op_call_eval):
* jit/JITStubs.h:
(JSC::):
* runtime/JSValue.h:
2009-05-22 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Fix non-SSE enabled builds.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_add): Don't early return here, we still need to call the JIT stub.
(JSC::JIT::emitSlow_op_sub): Ditto.
2009-05-22 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Here's a thought: let's not take a jit stub call just to multiply by 1,
bokay?
imul doesn't set the zero flag, so to test for a zero result, we need
an explicit instruction. (Luckily, it does set the overflow flag, so
we can still use that.)
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emitMul32InPlace):
2009-05-22 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey "Premature Commit" Garen.
Add back constant integer cases for op_add.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_add):
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitSlowAdd32Constant):
* jit/JITInlineMethods.h:
(JSC::JIT::getConstantOperandImmediateDouble):
(JSC::JIT::isOperandConstantImmediateDouble):
2009-05-22 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added fast double cases for op_jnless and op_jnlesseq.
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::JumpList::jumps): New accesor, used by
addSlowCase.
* assembler/X86Assembler.h:
(JSC::X86Assembler::ucomisd_rm): New method for comparing register to
memory.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::emit_op_add):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emit_op_div): Modified emitBinaryDoubleOp to accept comparison/jump
operations in addition to operations with explicit result registers.
* jit/JITInlineMethods.h:
(JSC::JIT::addSlowCase): Added an "addSlowCase" for JumpLists, so clients
can track multiple jumps to the same slow case condition together.
2009-05-21 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Implement op_negate inline fast cases.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::neg32):
* assembler/X86Assembler.h:
(JSC::X86Assembler::):
(JSC::X86Assembler::negl_m):
(JSC::X86Assembler::xorpd_rr):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_negate):
(JSC::JIT::emitSlow_op_negate):
2009-05-20 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Update the patchOffsetGetByIdSlowCaseCall constant for the
case that OPCODE_SAMPLING is enabled.
* jit/JIT.h:
2009-05-20 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added support for inline subtraction of doubles.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):
(JSC::JIT::emitSlowSub32InPlaceLeft):
(JSC::JIT::emitBinaryDoubleOp):
2009-05-20 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Added support for inline division.
* assembler/X86Assembler.h:
(JSC::X86Assembler::):
(JSC::X86Assembler::divsd_rr):
(JSC::X86Assembler::divsd_mr):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dump):
* bytecode/Opcode.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitBinaryOp):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_div):
(JSC::JIT::emitSlow_op_div):
2009-05-20 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added support for inline addition of doubles.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitSlowAdd32InPlace):
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
2009-05-20 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Factored inline double operations into a helper function, so that we
can reuse this code for other math operations.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitBinaryDoubleOp):
(JSC::JIT::emit_op_mul):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallInitializeCallFrame):
2009-05-20 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added support for inline multiplication of doubles.
* assembler/X86Assembler.h:
(JSC::X86Assembler::cvtsi2sd_mr): New function, useful for loading an
int32 into a double register.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul): Filled out these cases for double arithmetic.
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::addressFor): New function, useful for addressing a JSValue's
full 64bits as a double.
2009-05-19 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement and enable optimized calls.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines): Add ENABLE(JIT_OPTIMIZE_CALL) guards
around the the optimize call only trampolines (virtualCallPreLink and virtualCallLink).
Update the trampolines to account for the new JSValue representation.
(JSC::JIT::unlinkCall): Use NULL instead of JSValue noValue.
* jit/JITCall.cpp:
(JSC::JIT::compileOpCall): Update to account for the new JSValue representation
(JSC::JIT::compileOpCallSlowCase): Ditto.
* jit/JITStubs.h: Remove incorrect !ENABLE(JIT_OPTIMIZE_CALL) guard.
* wtf/Platform.h: Enable ENABLE_JIT_OPTIMIZE_CALL.
2009-05-19 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement and enable optimized property access.
* assembler/AbstractMacroAssembler.h: Fix comment.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines): Remove array length trampoline
and implement the string length trampoline.
* jit/JIT.h: Add new constants for patch offsets.
* jit/JITInlineMethods.h: Remove FIELD_OFFSET which is now in StdLibExtras.h.
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::compilePutDirectOffset):
(JSC::JIT::compileGetDirectOffset):
(JSC::JIT::privateCompilePutByIdTransition):
(JSC::JIT::patchGetByIdSelf):
(JSC::JIT::patchPutByIdReplace):
(JSC::JIT::privateCompilePatchGetArrayLength):
(JSC::JIT::privateCompileGetByIdProto):
(JSC::JIT::privateCompileGetByIdSelfList):
(JSC::JIT::privateCompileGetByIdProtoList):
(JSC::JIT::privateCompileGetByIdChainList):
(JSC::JIT::privateCompileGetByIdChain):
* jit/JITStubCall.h:
(JSC::JITStubCall::addArgument): Add version of addArgument that takes
two registers for the tag and payload.
* jit/JITStubs.cpp:
(JSC::JITStubs::JITStubs): Remove array length trampoline pointer.
(JSC::JITStubs::cti_op_get_by_id_self_fail):
* jit/JITStubs.h:
* runtime/JSObject.h:
(JSC::JSObject::JSObject): Move m_inheritorID below the property storage
to align it to a 16 byte boundary.
* wtf/Platform.h: Enable ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
* wtf/StdLibExtras.h: Move FIELD_OFFSET here.
2009-05-17 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Remove unneeded ExecState parameter from the number JSValue constructors.
* runtime/JSValue.h:
(JSC::jsNumber):
(JSC::jsNaN):
(JSC::JSValue::JSValue):
2009-05-15 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implemented fast path for op_put_by_val when putting to arrays.
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
2009-05-15 Geoffrey Garen <ggaren@apple.com> (Mostly by Sam)
Reviewed by Sam Weinig.
Implemented fast path for op_get_by_val when accessing array.
* jit/JIT.cpp:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed a failure in fast/js/math-transforms.html caused by failing to
preserve -0 in multiplication.
* assembler/X86Assembler.h:
(JSC::X86Assembler::jz):
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emitMul32Constant):
(JSC::JIT::emitMul32InPlace): Check both for overflow and for zero when
doing multiplication. Use a slow case to get these right.
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed a bug in the varargs calling convention.
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallVarargs): Move the argument count into regT1,
since that's where ctiVirtualCall expects it to be.
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed a small bug in instanceof's looping code.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof): NULL means the object has no prototype,
so only loop when *not* equal to NULL.
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed a small bug in instanceof's result writing code.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof): Make sure to fill out the payload bits
in all cases.
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Removed an invalid assertion in cti_op_urshift which
depended on a fast path for op_urshift which has
never existed.
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_urshift):
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed loop_if_true, which had the same reversed test that jtrue had.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_true):
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
In op_neq, we apparently want to check that one value
does *not* equal another. Go figure.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_neq):
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
The slow case of op_mod should call op_mod's jit stub,
not op_mul. That would be dumb.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_mod):
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed problems when using 'arguments' due to a half-initialized register.
* interpreter/CallFrame.h:
(JSC::ExecState::setCalleeArguments):
(JSC::ExecState::init): Require a full JSValue when setting up the
'arguments' virtual register, since this register is accessible from JIT
code and bytecode, and needs to be a true JSValue.
* interpreter/CallFrameClosure.h:
(JSC::CallFrameClosure::resetCallFrame): ditto
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute): ditto
* interpreter/Register.h: Removed the constructor that allowed assignment
of a JSArguments* to a register. That is not safe. See above.
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_create_arguments):
(JSC::JITStubs::cti_op_create_arguments_no_params): ditto
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
We really want to go to the slow case in op_jfalse and
op_jtrue if the value is *not* boolean.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Flipped the condition when emitting a an op_loop_if_less or op_loop_if_lesseq
if the first operand is a constant.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Added missing return in op_jnless and op_jnlesseq.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
2009-05-14 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Load constants into the the register file as a temporary measure to
aid bring up. This allows us to use to treat constants like any
other virtual register.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_enter_with_activation):
2009-05-14 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Implemented op_strict_eq. Original patch by Snowy, by way of Sam and Gavin.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::set8): Added set8, since it's slightly
faster than set32, and the new value representation usually doesn't
need set32.
* jit/JIT.cpp:
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoadTag):
(JSC::JIT::emitLoadPayload): Added helper functions for dealing with
constants. Eventually, we should write special cases for all constants,
but these are helpful in the short term.
* jit/JITOpcodes.cpp:
(JSC::JIT::compileOpStrictEq):
(JSC::JIT::emitSlow_op_stricteq):
(JSC::JIT::emitSlow_op_nstricteq): teh opcodez.
* runtime/JSValue.h:
(JSC::JSValue::):
(JSC::JSValue::isDouble): Added a LowestTag for clarity.
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Fixed some bugs in host function calls.
testapi now passes!
* jit/JIT.cpp: Changed some registers around to avoid overwriting edx:eax,
which is how JSValues are now returned. Also changed the code that
passes thisValue to pass the full 64bits of the value. Also added
an #error compiler directive to other platform builds, since the JSValue
return signature probably won't return in edx:eax on those platforms,
and we'll have to investigate a solution.
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Removed parameters from functions that are intended never to use their
parameters.
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Ported op_instance_of from TOT. It's basically the same, but some register
stuff changed to memory stuff.
* jit/JITInlineMethods.h:
(JSC::JIT::emitPutJITStubArgFromVirtualRegister):
(JSC::JIT::emitStore): Changed to use helper functions.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof): Ported from TOT.
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Gavin Barraclough.
Added a comment to explain an exception-handling subtelty that we found
hard to remember when reviewing my last patch.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_catch):
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Implemented try/catch.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw): Updated to use JITStackFrame abstraction.
(JSC::JIT::emit_op_catch): Filled out.
2009-05-13 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implemented op_loop_if_true, op_jfalse, op_jtrue, op_jeq_null and op_jneq_null
* jit/JITOpcodes.cpp:
(JSC::JIT::emitSlow_op_instanceof): Moved from below to be next to its
fast brother.
(JSC::JIT::emit_op_loop_if_true): Similar to the old version
in that it tries to do the integer case first and reduce the
number of jumps you might need to take.
(JSC::JIT::emitSlow_op_loop_if_true):
(JSC::JIT::emit_op_jfalse): Very similar to op_loop_if_true, only
the inverse and without a timeout check.
(JSC::JIT::emitSlow_op_jfalse):
(JSC::JIT::emit_op_jtrue): Very similar to op_loop_if_true except
without the timeout check.
(JSC::JIT::emitSlow_op_jtrue):
(JSC::JIT::emit_op_jeq_null): Very similar to the implementation
of op_eq, except it takes jumps instead of copying the condition
to a dst.
(JSC::JIT::emit_op_jneq_null): Ditto but for op_neq.
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Implemented op_call_varargs.
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallVarargsSetupArgs):
(JSC::JIT::compileOpCallVarargs):
(JSC::JIT::emit_op_call):
(JSC::JIT::emit_op_call_eval):
(JSC::JIT::emit_op_load_varargs):
(JSC::JIT::emit_op_call_varargs):
(JSC::JIT::emit_op_construct):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jneq_ptr):
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Implemented op_call_eval.
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallVarargsSetupArgs):
(JSC::JIT::compileOpCall):
* jit/JITStubCall.h:
(JSC::CallEvalJITStub::CallEvalJITStub):
2009-05-13 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Implemented op_not. (Gavin did most of the work!)
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_not):
(JSC::JIT::emitSlow_op_not):
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Implemented op_global_resolve.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq): Added back accidentally removed
early returns.
(JSC::JIT::emit_op_resolve_global):
* jit/JITStubs.cpp:
(JSC::JITStubs::cti_op_resolve_global): Pretty similar to the old code,
but we need two reads and a TimesEight step in order to account for the
64bit value size.
* jit/JITStubs.h:
(JSC::): Slightly tweaked this code to specialize for a JSGlobalObject*,
to avoid having to pass an irrelevant tag pointer to the stub.
2009-05-13 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implemented op_to_jsnumber.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_to_jsnumber):
(JSC::JIT::emitSlow_op_to_jsnumber):
2009-05-13 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implemented op_convert_this.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_convert_this):
(JSC::JIT::emitSlow_op_convert_this):
2009-05-13 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Got basic JS function and constructor calls working.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines):
* jit/JIT.h:
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallSetupArgs):
(JSC::JIT::compileOpCallVarargsSetupArgs):
(JSC::JIT::compileOpConstructSetupArgs):
(JSC::JIT::emit_op_ret):
(JSC::JIT::emit_op_construct_verify):
(JSC::JIT::emitSlow_op_construct_verify):
(JSC::JIT::emitSlow_op_call):
(JSC::JIT::emitSlow_op_call_eval):
(JSC::JIT::emitSlow_op_call_varargs):
(JSC::JIT::emitSlow_op_construct):
(JSC::JIT::compileOpCall): Filled out these cases, with call_eval #if'd out.
* jit/JITInlineMethods.h:
(JSC::JIT::emitPutJITStubArgFromVirtualRegister):
(JSC::JIT::emitLoad): Restored some legacy "*CTIArg*" functions,
since I wanted to avoid the complexity of revamping the API here while
trying to bring it up. Eventually, we should re-remove all of these functions.
(JSC::JIT::recordJumpTarget): Removed unnecessary macro cruft. You will
not silence me, Sam Weinig! The world will know that you are a crufty,
crufty, crufty programmer!!!
* jit/JITOpcodes.cpp:
* jit/JITStubs.cpp:
(JSC::):
* jit/JITStubs.h: Changed up some offsets in the JITStackFrame class, since
and off-by-one error was causing stack misalignment.
2009-05-13 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement op_eq_null and op_neq_null.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::set8):
(JSC::MacroAssemblerX86Common::setTest8):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_stricteq):
(JSC::JIT::emitSlow_op_stricteq):
(JSC::JIT::emit_op_nstricteq):
(JSC::JIT::emitSlow_op_nstricteq):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
* jsc.cpp:
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement op_new_error.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_new_error):
* jit/JITStubCall.h:
(JSC::JITStubCall::addArgument): Add a version of addArgument
that takes a constant JSValue.
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Remove now unused emitGetVariableObjectRegister and emitPutVariableObjectRegister.
* jit/JIT.cpp:
* jit/JIT.h:
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement op_to_primitive and op_next_pname.
* jit/JITOpcodes.cpp:
(JSC::JIT::emitSlow_op_construct_verify):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emitSlow_op_to_primitive):
(JSC::JIT::emitSlow_op_loop_if_true):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_next_pname):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add op_get_global_var, op_put_global_var, emit_op_get_scoped_var, emit_op_put_scoped_var and
op_unexpected_load.
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::tagFor):
(JSC::JIT::payloadFor):
(JSC::JIT::emitLoad):
(JSC::JIT::emitStore):
(JSC::JIT::emitLoadReturnValue):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_get_global_var):
(JSC::JIT::emit_op_put_global_var):
(JSC::JIT::emit_op_get_scoped_var):
(JSC::JIT::emit_op_put_scoped_var):
(JSC::JIT::emit_op_unexpected_load):
2009-05-12 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added overflow handling to op_sub.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_sub):
(JSC::JIT::emitSlowSub32InPlaceLeft):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Remove a function call by folding op_get_by_id and op_put_by_id into
their respective compile functions.
* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Make JITStubCall work in 64bit by making the stack index
step dependent on the size of void*.
* jit/JITStubCall.h:
(JSC::JITStubCall::JITStubCall):
(JSC::JITStubCall::addArgument):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement simple version of property access opcodes
which just call a stub functions.
* jit/JITOpcodes.cpp:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_put_by_index):
(JSC::JIT::emit_op_put_getter):
(JSC::JIT::emit_op_put_setter):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::compileGetByIdHotPath):
(JSC::JIT::compilePutByIdHotPath):
* jit/JITStubCall.h:
(JSC::JITStubCall::addArgument):
* jsc.cpp:
2009-05-12 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added work-around for XCode debugging echo problem.
* jsc.cpp:
(runInteractive):
2009-05-12 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added overflow handling to op_add.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitSlowAdd32InPlace):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add slow cases for op_jnless or emit_op_jnlesseq.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emitSlow_op_jnlesseq):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add implementations for op_jnless, emit_op_jnlesseq, op_loop_if_less and op_loop_if_lesseq.
No slow cases for op_jnless or emit_op_jnlesseq yet.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emitSlow_op_jnlesseq):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emitSlow_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
(JSC::JIT::emitSlow_op_loop_if_lesseq):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Turn the RECORD_JUMP_TARGET macro into an inline function.
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::recordJumpTarget):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jmp):
(JSC::JIT::emit_op_jsr):
(JSC::JIT::emit_op_jmp_scopes):
2009-05-12 Sam Weinig <sam@webkit.org>
Add MacroAssemblerX86Common::set8 to fix the build.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::set8):
2009-05-12 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Added overflow recovery for pre_inc and pre_dec.
Turned some short-circuit code into early returns, as is the WebKit style.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_post_inc):
(JSC::JIT::emitSlow_op_post_inc):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emitSlow_op_post_dec):
(JSC::JIT::emitSlow_op_pre_inc):
(JSC::JIT::emitSlow_op_pre_dec):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement op_jmp, op_loop, op_eq and op_neq.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jmp):
(JSC::JIT::emit_op_loop):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_enter_with_activation):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement the slow cases for arithmetic opcodes.
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_lshift):
(JSC::JIT::emitSlow_op_rshift):
(JSC::JIT::emitSlow_op_bitand):
(JSC::JIT::emitSlow_op_bitor):
(JSC::JIT::emitSlow_op_bitxor):
(JSC::JIT::emitSlow_op_bitnot):
(JSC::JIT::emitSlow_op_sub):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emitSlow_op_mod):
(JSC::JIT::emit_op_mod):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Implement op_bitnot.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::not32):
* assembler/X86Assembler.h:
(JSC::X86Assembler::notl_m):
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_bitnot):
2009-05-12 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add arithmetic opcode implementations from the old nitro-extreme branch.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emitSlow_op_lshift):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emitSlow_op_rshift):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emitBitAnd32Constant):
(JSC::JIT::emitBitAnd32InPlace):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emitSlow_op_bitor):
(JSC::JIT::emitBitOr32Constant):
(JSC::JIT::emitBitOr32InPlace):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emitSlow_op_bitxor):
(JSC::JIT::emitBitXor32Constant):
(JSC::JIT::emitBitXor32InPlace):
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emitSlow_op_bitnot):
(JSC::JIT::emit_op_post_inc):
(JSC::JIT::emitSlow_op_post_inc):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emitSlow_op_post_dec):
(JSC::JIT::emit_op_pre_inc):
(JSC::JIT::emitSlow_op_pre_inc):
(JSC::JIT::emit_op_pre_dec):
(JSC::JIT::emitSlow_op_pre_dec):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitAdd32Constant):
(JSC::JIT::emitAdd32InPlace):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):
(JSC::JIT::emitSub32ConstantLeft):
(JSC::JIT::emitSub32ConstantRight):
(JSC::JIT::emitSub32InPlaceLeft):
(JSC::JIT::emitSub32InPlaceRight):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emitMul32Constant):
(JSC::JIT::emitMul32InPlace):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitSlow_op_mod):
* jit/JITOpcodes.cpp:
2009-05-12 Geoffrey Garen <ggaren@apple.com>
Removed JIT_OPTIMIZE_ARITHMETIC setting, since it was all about 32bit
value representations.
Added JSAPIValueWrapper to the repository.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
* runtime/JSAPIValueWrapper.cpp: Added.
(JSC::JSAPIValueWrapper::toPrimitive):
(JSC::JSAPIValueWrapper::getPrimitiveNumber):
(JSC::JSAPIValueWrapper::toBoolean):
(JSC::JSAPIValueWrapper::toNumber):
(JSC::JSAPIValueWrapper::toString):
(JSC::JSAPIValueWrapper::toObject):
* runtime/JSAPIValueWrapper.h: Added.
(JSC::JSAPIValueWrapper::value):
(JSC::JSAPIValueWrapper::isAPIValueWrapper):
(JSC::JSAPIValueWrapper::JSAPIValueWrapper):
(JSC::jsAPIValueWrapper):
* wtf/Platform.h:
2009-05-12 Geoffrey Garen <ggaren@apple.com>
Turned on the JIT and got it building and running the most trivial of
programs.
All configurable optimizations are turned off, and a few opcodes are ad
hoc #if'd out.
So far, I've only merged op_mov and op_end, but some stub-reliant
opcodes work as-is from TOT.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::~CodeBlock):
* bytecode/CodeBlock.h:
* jit/JIT.cpp:
(JSC::JIT::compileOpStrictEq):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emitSlow_op_lshift):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emitSlow_op_rshift):
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emitSlow_op_bitand):
(JSC::JIT::emit_op_post_inc):
(JSC::JIT::emitSlow_op_post_inc):
(JSC::JIT::emit_op_post_dec):
(JSC::JIT::emitSlow_op_post_dec):
(JSC::JIT::emit_op_pre_inc):
(JSC::JIT::emitSlow_op_pre_inc):
(JSC::JIT::emit_op_pre_dec):
(JSC::JIT::emitSlow_op_pre_dec):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitSlow_op_mod):
(JSC::JIT::emit_op_add):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emit_op_sub):
(JSC::JIT::compileBinaryArithOpSlowCase):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitSlow_op_mul):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallInitializeCallFrame):
(JSC::JIT::compileOpConstructSetupArgs):
(JSC::JIT::compileOpCallVarargs):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):
* jit/JITInlineMethods.h:
(JSC::JIT::getConstantOperandImmediateInt):
(JSC::JIT::isOperandConstantImmediateInt):
(JSC::JIT::emitInitRegister):
(JSC::JIT::addSlowCase):
(JSC::JIT::addJump):
(JSC::JIT::emitJumpSlowToHot):
(JSC::JIT::tagFor):
(JSC::JIT::payloadFor):
(JSC::JIT::emitLoad):
(JSC::JIT::emitLoadReturnValue):
(JSC::JIT::emitStore):
(JSC::JIT::emitStoreReturnValue):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_mov):
(JSC::JIT::emit_op_end):
(JSC::JIT::emit_op_jmp):
(JSC::JIT::emit_op_loop):
(JSC::JIT::emit_op_loop_if_less):
(JSC::JIT::emit_op_loop_if_lesseq):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_get_global_var):
(JSC::JIT::emit_op_put_global_var):
(JSC::JIT::emit_op_get_scoped_var):
(JSC::JIT::emit_op_put_scoped_var):
(JSC::JIT::emit_op_tear_off_activation):
(JSC::JIT::emit_op_ret):
(JSC::JIT::emit_op_construct_verify):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_loop_if_true):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_unexpected_load):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emit_op_throw):
(JSC::JIT::emit_op_next_pname):
(JSC::JIT::emit_op_push_scope):
(JSC::JIT::emit_op_to_jsnumber):
(JSC::JIT::emit_op_push_new_scope):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_switch_imm):
(JSC::JIT::emit_op_switch_char):
(JSC::JIT::emit_op_switch_string):
(JSC::JIT::emit_op_new_error):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emit_op_convert_this):
(JSC::JIT::emit_op_profile_will_call):
(JSC::JIT::emit_op_profile_did_call):
(JSC::JIT::emitSlow_op_construct_verify):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emitSlow_op_loop_if_less):
(JSC::JIT::emitSlow_op_loop_if_lesseq):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emitSlow_op_not):
(JSC::JIT::emitSlow_op_instanceof):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emit_op_put_by_index):
(JSC::JIT::emit_op_put_getter):
(JSC::JIT::emit_op_put_setter):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::compileGetByIdHotPath):
(JSC::JIT::compilePutByIdHotPath):
* jit/JITStubCall.h:
(JSC::JITStubCall::JITStubCall):
(JSC::JITStubCall::addArgument):
(JSC::JITStubCall::call):
(JSC::JITStubCall::):
(JSC::CallEvalJITStub::CallEvalJITStub):
* jit/JITStubs.cpp:
(JSC::):
(JSC::JITStubs::cti_op_add):
(JSC::JITStubs::cti_op_pre_inc):
(JSC::JITStubs::cti_op_mul):
(JSC::JITStubs::cti_op_get_by_val):
(JSC::JITStubs::cti_op_get_by_val_string):
(JSC::JITStubs::cti_op_get_by_val_byte_array):
(JSC::JITStubs::cti_op_sub):
(JSC::JITStubs::cti_op_put_by_val):
(JSC::JITStubs::cti_op_put_by_val_array):
(JSC::JITStubs::cti_op_put_by_val_byte_array):
(JSC::JITStubs::cti_op_negate):
(JSC::JITStubs::cti_op_div):
(JSC::JITStubs::cti_op_pre_dec):
(JSC::JITStubs::cti_op_post_inc):
(JSC::JITStubs::cti_op_eq):
(JSC::JITStubs::cti_op_lshift):
(JSC::JITStubs::cti_op_bitand):
(JSC::JITStubs::cti_op_rshift):
(JSC::JITStubs::cti_op_bitnot):
(JSC::JITStubs::cti_op_mod):
(JSC::JITStubs::cti_op_neq):
(JSC::JITStubs::cti_op_post_dec):
(JSC::JITStubs::cti_op_urshift):
(JSC::JITStubs::cti_op_bitxor):
(JSC::JITStubs::cti_op_bitor):
(JSC::JITStubs::cti_op_switch_imm):
* jit/JITStubs.h:
* runtime/JSArray.cpp:
(JSC::JSArray::JSArray):
* runtime/JSFunction.cpp:
(JSC::JSFunction::~JSFunction):
* runtime/JSValue.h:
(JSC::JSValue::payload):
* wtf/Platform.h:
2009-05-07 Sam Weinig <sam@webkit.org>
Reviewed by Geoffrey Garen.
Add some new MacroAssembler and assembler functions that will be needed shortly.
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::add32):
(JSC::MacroAssemblerX86Common::and32):
(JSC::MacroAssemblerX86Common::mul32):
(JSC::MacroAssemblerX86Common::neg32):
(JSC::MacroAssemblerX86Common::or32):
(JSC::MacroAssemblerX86Common::sub32):
(JSC::MacroAssemblerX86Common::xor32):
(JSC::MacroAssemblerX86Common::branchAdd32):
(JSC::MacroAssemblerX86Common::branchMul32):
(JSC::MacroAssemblerX86Common::branchSub32):
* assembler/X86Assembler.h:
(JSC::X86Assembler::):
(JSC::X86Assembler::addl_rm):
(JSC::X86Assembler::andl_mr):
(JSC::X86Assembler::andl_rm):
(JSC::X86Assembler::andl_im):
(JSC::X86Assembler::negl_r):
(JSC::X86Assembler::notl_r):
(JSC::X86Assembler::orl_rm):
(JSC::X86Assembler::orl_im):
(JSC::X86Assembler::subl_rm):
(JSC::X86Assembler::xorl_mr):
(JSC::X86Assembler::xorl_rm):
(JSC::X86Assembler::xorl_im):
(JSC::X86Assembler::imull_mr):
2009-05-11 Sam Weinig <sam@webkit.org>
Reviewed by Cameron Zwarich.
Remove the NumberHeap.
* JavaScriptCore.exp:
* runtime/Collector.cpp:
(JSC::Heap::Heap):
(JSC::Heap::destroy):
(JSC::Heap::recordExtraCost):
(JSC::Heap::heapAllocate):
(JSC::Heap::markConservatively):
(JSC::Heap::sweep):
(JSC::Heap::collect):
(JSC::Heap::objectCount):
(JSC::Heap::statistics):
(JSC::typeName):
(JSC::Heap::isBusy):
* runtime/Collector.h:
(JSC::Heap::globalData):
* runtime/JSCell.h:
2009-05-11 Geoffrey Garen <ggaren@apple.com>
Reviewed by Sam Weinig.
Land initial commit of new number representation for 32 bit platforms,
with JIT disabled.
* API/APICast.h:
(toJS):
(toRef):
* API/JSCallbackObjectFunctions.h:
(JSC::::hasInstance):
(JSC::::toNumber):
(JSC::::toString):
* API/tests/testapi.c:
(EvilExceptionObject_convertToType):
* AllInOneFile.cpp:
* JavaScriptCore.exp:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeBlock.cpp:
(JSC::valueToSourceString):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitLoad):
(JSC::BytecodeGenerator::emitUnexpectedLoad):
(JSC::keyForImmediateSwitch):
* bytecompiler/BytecodeGenerator.h:
* interpreter/Interpreter.cpp:
(JSC::Interpreter::dumpRegisters):
(JSC::Interpreter::privateExecute):
* parser/Nodes.cpp:
(JSC::ArrayNode::emitBytecode):
(JSC::processClauseList):
* runtime/ArgList.h:
* runtime/Collector.h:
(JSC::sizeof):
* runtime/DateMath.cpp:
* runtime/ExceptionHelpers.h:
* runtime/InitializeThreading.cpp:
* runtime/JSArray.cpp:
(JSC::JSArray::JSArray):
* runtime/JSCell.cpp:
* runtime/JSCell.h:
(JSC::JSCell::isAPIValueWrapper):
(JSC::JSValue::isString):
(JSC::JSValue::isGetterSetter):
(JSC::JSValue::isObject):
(JSC::JSValue::getString):
(JSC::JSValue::getObject):
(JSC::JSValue::getCallData):
(JSC::JSValue::getConstructData):
(JSC::JSValue::getUInt32):
(JSC::JSValue::marked):
(JSC::JSValue::toPrimitive):
(JSC::JSValue::getPrimitiveNumber):
(JSC::JSValue::toBoolean):
(JSC::JSValue::toNumber):
(JSC::JSValue::toString):
(JSC::JSValue::needsThisConversion):
(JSC::JSValue::toThisString):
(JSC::JSValue::getJSNumber):
(JSC::JSValue::toObject):
(JSC::JSValue::toThisObject):
* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::JSGlobalData):
* runtime/JSGlobalData.h:
* runtime/JSGlobalObject.h:
(JSC::Structure::prototypeForLookup):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncParseInt):
* runtime/JSImmediate.h:
* runtime/JSNumberCell.cpp: Removed.
* runtime/JSNumberCell.h: Removed.
* runtime/JSObject.h:
(JSC::JSValue::get):
(JSC::JSValue::put):
* runtime/JSString.h:
(JSC::JSValue::toThisJSString):
* runtime/JSValue.cpp:
(JSC::JSValue::toInteger):
(JSC::JSValue::toIntegerPreserveNaN):
(JSC::JSValue::toObjectSlowCase):
(JSC::JSValue::toThisObjectSlowCase):
(JSC::JSValue::synthesizeObject):
(JSC::JSValue::synthesizePrototype):
(JSC::JSValue::description):
(JSC::nonInlineNaN):
* runtime/JSValue.h:
(JSC::JSValue::):
(JSC::EncodedJSValueHashTraits::emptyValue):
(JSC::jsNaN):
(JSC::operator==):
(JSC::operator!=):
(JSC::toInt32):
(JSC::toUInt32):
(JSC::JSValue::encode):
(JSC::JSValue::decode):
(JSC::JSValue::JSValue):
(JSC::JSValue::operator bool):
(JSC::JSValue::operator==):
(JSC::JSValue::operator!=):
(JSC::JSValue::isUndefined):
(JSC::JSValue::isNull):
(JSC::JSValue::isUndefinedOrNull):
(JSC::JSValue::isCell):
(JSC::JSValue::isInt32):
(JSC::JSValue::isUInt32):
(JSC::JSValue::isDouble):
(JSC::JSValue::isTrue):
(JSC::JSValue::isFalse):
(JSC::JSValue::tag):
(JSC::JSValue::asInt32):
(JSC::JSValue::asUInt32):
(JSC::JSValue::asDouble):
(JSC::JSValue::asCell):
(JSC::JSValue::isNumber):
(JSC::JSValue::isBoolean):
(JSC::JSValue::getBoolean):
(JSC::JSValue::uncheckedGetNumber):
(JSC::JSValue::toJSNumber):
(JSC::JSValue::getNumber):
(JSC::JSValue::toInt32):
(JSC::JSValue::toUInt32):
* runtime/Operations.h:
(JSC::JSValue::equal):
(JSC::JSValue::equalSlowCaseInline):
(JSC::JSValue::strictEqual):
(JSC::JSValue::strictEqualSlowCaseInline):
(JSC::jsLess):
(JSC::jsLessEq):
(JSC::jsAdd):
* runtime/PropertySlot.h:
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncCharAt):
(JSC::stringProtoFuncCharCodeAt):
(JSC::stringProtoFuncIndexOf):
* wtf/Platform.h:
=== Start merge of nitro-extreme branch 2009-07-30 ===
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46438.
2009-07-27 Gavin Barraclough <barraclough@apple.com>
Rubber stamped by Oliver Hunt.
Fix tyop in JIT, renamed preverveReturnAddressAfterCall -> preserveReturnAddressAfterCall.
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
(JSC::JIT::privateCompileCTIMachineTrampolines):
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::preserveReturnAddressAfterCall):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::privateCompilePutByIdTransition):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46347.
2009-07-24 Csaba Osztrogonac <oszi@inf.u-szeged.hu>
Reviewed by Darin Adler and Adam Barth.
Build fix for x86 platforms.
https://bugs.webkit.org/show_bug.cgi?id=27602
* jit/JIT.cpp:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46247.
2009-07-22 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
With ENABLE(ASSEMBLER_WX_EXCLUSIVE), only change permissions once per repatch event.
( https://bugs.webkit.org/show_bug.cgi?id=27564 )
Currently we change permissions forwards and backwards for each instruction modified,
instead we should only change permissions once per complete repatching event.
2.5% progression running with ENABLE(ASSEMBLER_WX_EXCLUSIVE) enabled,
which recoups 1/3 of the penalty of running with this mode enabled.
* assembler/ARMAssembler.cpp:
(JSC::ARMAssembler::linkBranch):
- Replace usage of MakeWritable with cacheFlush.
* assembler/ARMAssembler.h:
(JSC::ARMAssembler::patchPointerInternal):
(JSC::ARMAssembler::repatchLoadPtrToLEA):
- Replace usage of MakeWritable with cacheFlush.
* assembler/ARMv7Assembler.h:
(JSC::ARMv7Assembler::relinkJump):
(JSC::ARMv7Assembler::relinkCall):
(JSC::ARMv7Assembler::repatchInt32):
(JSC::ARMv7Assembler::repatchPointer):
(JSC::ARMv7Assembler::repatchLoadPtrToLEA):
(JSC::ARMv7Assembler::setInt32):
- Replace usage of MakeWritable with cacheFlush.
* assembler/LinkBuffer.h:
(JSC::LinkBuffer::performFinalization):
- Make explicit call to cacheFlush.
* assembler/MacroAssemblerCodeRef.h:
(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
- Make size always available.
* assembler/RepatchBuffer.h:
(JSC::RepatchBuffer::RepatchBuffer):
(JSC::RepatchBuffer::~RepatchBuffer):
- Add calls to MakeWritable & makeExecutable.
* assembler/X86Assembler.h:
(JSC::X86Assembler::relinkJump):
(JSC::X86Assembler::relinkCall):
(JSC::X86Assembler::repatchInt32):
(JSC::X86Assembler::repatchPointer):
(JSC::X86Assembler::repatchLoadPtrToLEA):
- Remove usage of MakeWritable.
* bytecode/CodeBlock.h:
(JSC::CodeBlock::getJITCode):
- Provide access to CodeBlock's JITCode.
* jit/ExecutableAllocator.h:
(JSC::ExecutableAllocator::makeExecutable):
(JSC::ExecutableAllocator::cacheFlush):
- Remove MakeWritable, make cacheFlush public.
* jit/JIT.cpp:
(JSC::ctiPatchNearCallByReturnAddress):
(JSC::ctiPatchCallByReturnAddress):
(JSC::JIT::privateCompile):
(JSC::JIT::unlinkCall):
(JSC::JIT::linkCall):
- Add CodeBlock argument to RepatchBuffer.
* jit/JIT.h:
- Pass CodeBlock argument for use by RepatchBuffer.
* jit/JITCode.h:
(JSC::JITCode::start):
(JSC::JITCode::size):
- Provide access to code start & size.
* jit/JITPropertyAccess.cpp:
(JSC::JIT::privateCompilePutByIdTransition):
(JSC::JIT::patchGetByIdSelf):
(JSC::JIT::patchMethodCallProto):
(JSC::JIT::patchPutByIdReplace):
(JSC::JIT::privateCompilePatchGetArrayLength):
(JSC::JIT::privateCompileGetByIdProto):
(JSC::JIT::privateCompileGetByIdSelfList):
(JSC::JIT::privateCompileGetByIdProtoList):
(JSC::JIT::privateCompileGetByIdChainList):
(JSC::JIT::privateCompileGetByIdChain):
- Add CodeBlock argument to RepatchBuffer.
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCachePutByID):
(JSC::JITThunks::tryCacheGetByID):
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
- Pass CodeBlock argument for use by RepatchBuffer.
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46210.
2009-07-21 Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
Reviewed by Gavin Barraclough.
Cache not only the structure of the method, but the
structure of its prototype as well.
https://bugs.webkit.org/show_bug.cgi?id=27077
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::~CodeBlock):
* bytecode/CodeBlock.h:
(JSC::MethodCallLinkInfo::MethodCallLinkInfo):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::patchMethodCallProto):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46209.
2009-07-21 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Move call linking / repatching down from AbstractMacroAssembler into MacroAssemblerARCH classes.
( https://bugs.webkit.org/show_bug.cgi?id=27527 )
This allows the implementation to be defined per architecture. Specifically this addresses the
fact that x86-64 MacroAssembler implements far calls as a load to register, followed by a call
to register. Patching the call actually requires the pointer load to be patched, rather than
the call to be patched. This is implementation detail specific to MacroAssemblerX86_64, and as
such is best handled there.
* assembler/AbstractMacroAssembler.h:
* assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::linkCall):
(JSC::MacroAssemblerARM::repatchCall):
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::linkCall):
(JSC::MacroAssemblerARMv7::repatchCall):
* assembler/MacroAssemblerX86.h:
(JSC::MacroAssemblerX86::linkCall):
(JSC::MacroAssemblerX86::repatchCall):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::linkCall):
(JSC::MacroAssemblerX86_64::repatchCall):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46202.
2009-07-21 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver Hunt.
Move LinkBuffer/RepatchBuffer out of AbstractMacroAssembler.
( https://bugs.webkit.org/show_bug.cgi?id=27485 )
This change is the first step in a process to move code that should be in
the architecture-specific MacroAssembler classes up out of Assmbler and
AbstractMacroAssembler.
* JavaScriptCore.xcodeproj/project.pbxproj:
- added new files
* assembler/ARMAssembler.h:
(JSC::ARMAssembler::linkPointer):
- rename patchPointer to bring it in line with the current link/repatch naming scheme
* assembler/ARMv7Assembler.h:
(JSC::ARMv7Assembler::linkCall):
(JSC::ARMv7Assembler::linkPointer):
(JSC::ARMv7Assembler::relinkCall):
(JSC::ARMv7Assembler::repatchInt32):
(JSC::ARMv7Assembler::repatchPointer):
(JSC::ARMv7Assembler::setInt32):
(JSC::ARMv7Assembler::setPointer):
- rename patchPointer to bring it in line with the current link/repatch naming scheme
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::linkJump):
(JSC::AbstractMacroAssembler::linkCall):
(JSC::AbstractMacroAssembler::linkPointer):
(JSC::AbstractMacroAssembler::getLinkerAddress):
(JSC::AbstractMacroAssembler::getLinkerCallReturnOffset):
(JSC::AbstractMacroAssembler::repatchJump):
(JSC::AbstractMacroAssembler::repatchCall):
(JSC::AbstractMacroAssembler::repatchNearCall):
(JSC::AbstractMacroAssembler::repatchInt32):
(JSC::AbstractMacroAssembler::repatchPointer):
(JSC::AbstractMacroAssembler::repatchLoadPtrToLEA):
- remove the LinkBuffer/RepatchBuffer classes, but leave a set of (private, friended) methods to interface to the Assembler
* assembler/LinkBuffer.h: Added.
(JSC::LinkBuffer::LinkBuffer):
(JSC::LinkBuffer::~LinkBuffer):
(JSC::LinkBuffer::link):
(JSC::LinkBuffer::patch):
(JSC::LinkBuffer::locationOf):
(JSC::LinkBuffer::locationOfNearCall):
(JSC::LinkBuffer::returnAddressOffset):
(JSC::LinkBuffer::finalizeCode):
(JSC::LinkBuffer::finalizeCodeAddendum):
(JSC::LinkBuffer::code):
(JSC::LinkBuffer::performFinalization):
- new file containing the LinkBuffer class, previously a member of AbstractMacroAssembler
* assembler/RepatchBuffer.h: Added.
(JSC::RepatchBuffer::RepatchBuffer):
(JSC::RepatchBuffer::relink):
(JSC::RepatchBuffer::repatch):
(JSC::RepatchBuffer::repatchLoadPtrToLEA):
(JSC::RepatchBuffer::relinkCallerToTrampoline):
(JSC::RepatchBuffer::relinkCallerToFunction):
(JSC::RepatchBuffer::relinkNearCallerToTrampoline):
- new file containing the RepatchBuffer class, previously a member of AbstractMacroAssembler
* assembler/X86Assembler.h:
(JSC::X86Assembler::linkJump):
(JSC::X86Assembler::linkCall):
(JSC::X86Assembler::linkPointerForCall):
(JSC::X86Assembler::linkPointer):
(JSC::X86Assembler::relinkJump):
(JSC::X86Assembler::relinkCall):
(JSC::X86Assembler::repatchInt32):
(JSC::X86Assembler::repatchPointer):
(JSC::X86Assembler::setPointer):
(JSC::X86Assembler::setInt32):
(JSC::X86Assembler::setRel32):
- rename patchPointer to bring it in line with the current link/repatch naming scheme
* jit/JIT.cpp:
(JSC::ctiPatchNearCallByReturnAddress):
(JSC::ctiPatchCallByReturnAddress):
- include new headers
- remove MacroAssembler:: specification from RepatchBuffer usage
* jit/JITPropertyAccess.cpp:
* yarr/RegexJIT.cpp:
- include new headers
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46187.
2009-07-21 Robert Agoston <Agoston.Robert@stud.u-szeged.hu>
Reviewed by David Levin.
Fixed #undef typo.
https://bugs.webkit.org/show_bug.cgi?id=27506
* bytecode/Opcode.h:
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r46057.
2009-07-17 Gabor Loki <loki@inf.u-szeged.hu>
Reviewed by Gavin Barraclough.
Extend AssemblerBuffer with constant pool handling mechanism.
https://bugs.webkit.org/show_bug.cgi?id=24986
Add a platform independed constant pool framework.
This pool can store 32 or 64 bits values which is enough to hold
any integer, pointer or double constant.
* assembler/AssemblerBuffer.h:
(JSC::AssemblerBuffer::putIntUnchecked):
(JSC::AssemblerBuffer::putInt64Unchecked):
(JSC::AssemblerBuffer::append):
(JSC::AssemblerBuffer::grow):
* assembler/AssemblerBufferWithConstantPool.h: Added.
(JSC::):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r45933.
2009-07-15 Darin Adler <darin@apple.com>
Fix a build for a particular Apple configuration.
* wtf/FastAllocBase.h: Change include to use "" style for
including another wtf header. This is the style we use for
including other public headers in the same directory.
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r45918.
2009-07-15 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=27020
msToGregorianDateTime should set utcOffset to 0 when outputIsUTC is false
* wtf/DateMath.cpp:
(WTF::gregorianDateTimeToMS):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r45904.
2009-07-15 Oliver Hunt <oliver@apple.com>
Reviewed by Simon Hausmann.
REGRESSION: fast/js/postfix-syntax.html fails with interpreter
https://bugs.webkit.org/show_bug.cgi?id=27294
When postfix operators operating on locals assign to the same local
the order of operations has to be to store the incremented value, then
store the unmodified number. Rather than implementing this subtle
semantic in the interpreter I've just made the logic explicit in the
bytecode generator, so x=x++ effectively becomes x=ToNumber(x) (for a
local var x).
* parser/Nodes.cpp:
(JSC::emitPostIncOrDec):
2009-10-08 Mark Rowe <mrowe@apple.com>
Merge r45903.
2009-07-15 Oliver Hunt <oliver@apple.com>
Reviewed by Simon Hausmann.
REGRESSION(43559): fast/js/kde/arguments-scope.html fails with interpreter
https://bugs.webkit.org/show_bug.cgi?id=27259
The interpreter was incorrectly basing its need to create the arguments object
based on the presence of the callframe's argument reference rather than the local
arguments reference. Based on this it then overrode the local variable reference.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
2009-07-15 Steve Falkenburg <sfalken@apple.com>
Merge r45949.
2009-07-15 Steve Falkenburg <sfalken@apple.com>
Windows Build fix.
Visual Studio reset our intermediate directory on us.
This sets it back.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
* JavaScriptCore.vcproj/testapi/testapi.vcproj:
2009-07-15 Steve Falkenburg <sfalken@apple.com>
Merge r45892.
2009-07-14 Steve Falkenburg <sfalken@apple.com>
Reorganize JavaScriptCore headers into:
API: include/JavaScriptCore/
Private: include/private/JavaScriptCore/
Reviewed by Darin Adler.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
* JavaScriptCore.vcproj/testapi/testapi.vcproj:
* JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:
2009-07-12 Mark Rowe <mrowe@apple.com>
Merge r45736.
2009-07-10 Mark Rowe <mrowe@apple.com>
Second part of the "make Windows happier" dance.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-07-12 Mark Rowe <mrowe@apple.com>
Merge r45735.
2009-07-10 Mark Rowe <mrowe@apple.com>
Try and make the Windows build happy.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-07-12 Mark Rowe <mrowe@apple.com>
Merge r45733.
2009-07-10 Kevin McCullough <kmccullough@apple.com>
Reviewed by Geoffrey Garen.
* debugger/Debugger.h: Made this function virtual for use in WebCore's
WebInspector.
2009-07-11 Mark Rowe <mrowe@apple.com>
<rdar://problem/7047403> Disable channel messaging
* Configurations/FeatureDefines.xcconfig:
2009-07-09 Maciej Stachowiak <mjs@apple.com>
Not reviewed, build fix.
Windows build fix for the last change.
* wtf/dtoa.cpp: Forgot to include Vector.h
2009-07-09 Maciej Stachowiak <mjs@apple.com>
Reviewed by Darin Adler.
REGRESSION: crash in edge cases of floating point parsing.
https://bugs.webkit.org/show_bug.cgi?id=27110
<rdar://problem/7044458>
Tests: fast/css/number-parsing-crash.html
fast/css/number-parsing-crash.html
fast/js/number-parsing-crash.html
* wtf/dtoa.cpp:
(WTF::BigInt::BigInt): Converted this to more a proper class, using a Vector
with inline capacity
(WTF::lshift): Rearranged logic somewhat nontrivially to deal with the new way of sizing BigInts.
Added an assertion to verify that invariants are maintained.
All other functions are adapted fairly mechanically to the above changes.
(WTF::BigInt::clear):
(WTF::BigInt::size):
(WTF::BigInt::resize):
(WTF::BigInt::words):
(WTF::BigInt::append):
(WTF::multadd):
(WTF::s2b):
(WTF::i2b):
(WTF::mult):
(WTF::cmp):
(WTF::diff):
(WTF::b2d):
(WTF::d2b):
(WTF::ratio):
(WTF::strtod):
(WTF::quorem):
(WTF::dtoa):
2009-07-09 Drew Wilson <atwilson@google.com>
Reviewed by Alexey Proskuryakov.
Turned on CHANNEL_MESSAGING by default because the MessageChannel API
can now be implemented for Web Workers and is reasonably stable.
* Configurations/FeatureDefines.xcconfig:
2009-07-09 Oliver Hunt <oliver@apple.com>
Reviewed by NOBODY (Build fix).
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
2009-07-09 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
Bug 27016 - Interpreter crashes due to invalid array indexes
<https://bugs.webkit.org/show_bug.cgi?id=27016>
Unsigned vs signed conversions results in incorrect behaviour in
64bit interpreter builds.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
2009-07-09 Dimitri Glazkov <dglazkov@chromium.org>
Reviewed by Darin Fisher.
[Chromium] Upstream JavaScriptCore.gypi, the project file for Chromium build.
https://bugs.webkit.org/show_bug.cgi?id=27135
* JavaScriptCore.gypi: Added.
2009-07-09 Joe Mason <joe.mason@torchmobile.com>
Reviewed by George Staikos.
Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>
https://bugs.webkit.org/show_bug.cgi?id=27031
Add an override for deleteOwnedPtr(HDC) on Windows
* wtf/OwnPtrCommon.h:
* wtf/OwnPtrWin.cpp:
(WTF::deleteOwnedPtr):
2009-07-09 Laszlo Gombos <laszlo.1.gombos@nokia.com>
Reviewed by Darin Adler.
Guard singal.h dependency with HAVE(SIGNAL_H) to enable building jsc
on SYMBIAN.
https://bugs.webkit.org/show_bug.cgi?id=27026
Based on Norbert Leser's work.
* jsc.cpp:
(printUsageStatement):
(parseArguments):
* wtf/Platform.h:
2009-07-07 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Stop loading constants into the register file.
Instead, use high register values (highest bit bar the sign bit set) to indicate
constants in the instruction stream, and when we encounter such a value load it
directly from the CodeBlock.
Since constants are no longer copied into the register file, this patch renders
the 'unexpected constant' mechanism redundant, and removes it.
2% improvement, thanks to Sam Weinig.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dump):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::mark):
(JSC::CodeBlock::shrinkToFit):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::isTemporaryRegisterIndex):
(JSC::CodeBlock::constantRegister):
(JSC::CodeBlock::isConstantRegisterIndex):
(JSC::CodeBlock::getConstant):
(JSC::ExecState::r):
* bytecode/Opcode.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::preserveLastVar):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::addConstantValue):
(JSC::BytecodeGenerator::emitEqualityOp):
(JSC::BytecodeGenerator::emitLoad):
(JSC::BytecodeGenerator::emitResolveBase):
(JSC::BytecodeGenerator::emitResolveWithBase):
(JSC::BytecodeGenerator::emitNewError):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitNode):
* interpreter/CallFrame.h:
(JSC::ExecState::noCaller):
(JSC::ExecState::hasHostCallFrameFlag):
(JSC::ExecState::addHostCallFrameFlag):
(JSC::ExecState::removeHostCallFrameFlag):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::resolve):
(JSC::Interpreter::resolveSkip):
(JSC::Interpreter::resolveGlobal):
(JSC::Interpreter::resolveBase):
(JSC::Interpreter::resolveBaseAndProperty):
(JSC::Interpreter::resolveBaseAndFunc):
(JSC::Interpreter::dumpRegisters):
(JSC::Interpreter::throwException):
(JSC::Interpreter::createExceptionScope):
(JSC::Interpreter::privateExecute):
(JSC::Interpreter::retrieveArguments):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoadDouble):
(JSC::JIT::emitLoadInt32ToDouble):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_new_error):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_enter_with_activation):
* parser/Nodes.cpp:
(JSC::DeleteResolveNode::emitBytecode):
(JSC::DeleteValueNode::emitBytecode):
(JSC::PrefixResolveNode::emitBytecode):
* runtime/JSActivation.cpp:
(JSC::JSActivation::JSActivation):
* wtf/Platform.h:
2009-07-07 Mark Rowe <mrowe@apple.com>
Reviewed by Darin Adler.
Fix <https://bugs.webkit.org/show_bug.cgi?id=27025> / <rdar://problem/7033448>.
Bug 27025: Crashes and regression test failures related to regexps in 64-bit
For x86_64 RegexGenerator uses rbx, a callee-save register, as a scratch register but
neglects to save and restore it. The change in handling of the output vector in r45545
altered code generation so that the RegExp::match was now storing important data in rbx,
which caused crashes and bogus results when it was clobbered.
* yarr/RegexJIT.cpp:
(JSC::Yarr::RegexGenerator::generateEnter): Save rbx.
(JSC::Yarr::RegexGenerator::generateReturn): Restore rbx.
2009-07-06 Ada Chan <adachan@apple.com>
Reviewed by Darin Adler and Mark Rowe.
Decommitted spans are added to the list of normal spans rather than
the returned spans in TCMalloc_PageHeap::Delete().
https://bugs.webkit.org/show_bug.cgi?id=26998
In TCMalloc_PageHeap::Delete(), the deleted span can be decommitted in
the process of merging with neighboring spans that are also decommitted.
The merged span needs to be placed in the list of returned spans (spans
whose memory has been returned to the system). Right now it's always added
to the list of the normal spans which can theoretically cause thrashing.
* wtf/FastMalloc.cpp:
(WTF::TCMalloc_PageHeap::Delete):
2009-07-05 Lars Knoll <lars.knoll@nokia.com>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26843
Fix run-time crashes in JavaScriptCore with the Metrowerks compiler on Symbian.
The Metrowerks compiler on the Symbian platform moves the globally
defined Hashtables into read-only memory, despite one of the members
being mutable. This causes crashes at run-time due to write access to
read-only memory.
Avoid the use of const with this compiler by introducing the
JSC_CONST_HASHTABLE macro.
Based on idea by Norbert Leser.
* runtime/Lookup.h: Define JSC_CONST_HASHTABLE as const for !WINSCW.
* create_hash_table: Use JSC_CONST_HASHTABLE for hashtables.
* runtime/JSGlobalData.cpp: Import various global hashtables via the macro.
2009-07-04 Dan Bernstein <mitz@apple.com>
- debug build fix
* runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructor::getLastParen):
2009-07-03 Yong Li <yong.li@torchmobile.com>
Reviewed by Maciej Stachowiak (and revised slightly)
RegExp::match to be optimized
https://bugs.webkit.org/show_bug.cgi?id=26957
Allow regexp matching to use Vectors with inline capacity instead of
allocating a new ovector buffer every time.
~5% speedup on SunSpider string-unpack-code test, 0.3% on SunSpider overall.
* runtime/RegExp.cpp:
(JSC::RegExp::match):
* runtime/RegExp.h:
* runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructorPrivate::RegExpConstructorPrivate):
(JSC::RegExpConstructorPrivate::lastOvector):
(JSC::RegExpConstructorPrivate::tempOvector):
(JSC::RegExpConstructorPrivate::changeLastOvector):
(JSC::RegExpConstructor::performMatch):
(JSC::RegExpMatchesArray::RegExpMatchesArray):
(JSC::RegExpMatchesArray::fillArrayInstance):
(JSC::RegExpConstructor::getBackref):
(JSC::RegExpConstructor::getLastParen):
(JSC::RegExpConstructor::getLeftContext):
(JSC::RegExpConstructor::getRightContext):
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncSplit):
2009-06-30 Kwang Yul Seo <skyul@company100.net>
Reviewed by Eric Seidel.
Override operator new/delete with const std::nothrow_t& as the second
argument.
https://bugs.webkit.org/show_bug.cgi?id=26792
On Windows CE, operator new/delete, new[]/delete[] with const
std::nothrow_t& must be overrided because some standard template
libraries use these operators.
The problem occurs when memory allocated by new(size_t s, const
std::nothrow_t&) is freed by delete(void* p). This causes the umatched
malloc/free problem.
The patch overrides all new, delete, new[] and delete[] to use
fastMaloc and fastFree consistently.
* wtf/FastMalloc.h:
(throw):
2009-06-30 Gabor Loki <loki@inf.u-szeged.hu>
Reviewed by Sam Weinig.
<https://bugs.webkit.org/show_bug.cgi?id=24986>
Remove unnecessary references to AssemblerBuffer.
* interpreter/Interpreter.cpp:
* interpreter/Interpreter.h:
2009-06-29 David Levin <levin@chromium.org>
Reviewed by Oliver Hunt.
Still seeing occasional leaks from UString::sharedBuffer code
https://bugs.webkit.org/show_bug.cgi?id=26420
The problem is that the pointer to the memory allocation isn't visible
by "leaks" due to the lower bits being used as flags. The fix is to
make the pointer visible in memory (in debug only). The downside of
this fix that the memory allocated by sharedBuffer will still look like
a leak in non-debug builds when any flags are set.
* wtf/PtrAndFlags.h:
(WTF::PtrAndFlags::set):
2009-06-29 Sam Weinig <sam@webkit.org>
Reviewed by Mark Rowe.
Remove more unused scons support.
* SConstruct: Removed.
2009-06-29 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
<rdar://problem/7016214> JSON.parse fails to parse valid JSON with most Unicode characters
<https://bugs.webkit.org/show_bug.cgi?id=26802>
In the original JSON.parse patch unicode was handled correctly, however in some last
minute "clean up" I oversimplified isSafeStringCharacter. This patch corrects this bug.
* runtime/LiteralParser.cpp:
(JSC::isSafeStringCharacter):
(JSC::LiteralParser::Lexer::lexString):
2009-06-26 Oliver Hunt <oliver@apple.com>
Reviewed by Dan Bernstein.
<rdar://problem/7009684> REGRESSION(r45039): Crashes inside JSEvent::put on PowerPC (26746)
<https://bugs.webkit.org/show_bug.cgi?id=26746>
Fix for r45039 incorrectly uncached a get_by_id by converting it to put_by_id. Clearly this
is less than correct. This patch corrects that error.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::tryCacheGetByID):
2009-06-26 Eric Seidel <eric@webkit.org>
No review, only rolling out r45259.
Roll out r45259 after crash appeared on the bots:
plugins/undefined-property-crash.html
ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize
(leopard-intel-debug-tests/build/JavaScriptCore/runtime/Collector.cpp:278
void* JSC::Heap::heapAllocate(size_t) [with JSC::HeapType heapType = PrimaryHeap])
* runtime/DateInstance.cpp:
* runtime/Identifier.cpp:
* runtime/Lookup.h:
* runtime/RegExpConstructor.cpp:
* runtime/RegExpObject.h:
* runtime/ScopeChain.h:
* runtime/UString.h:
2009-06-26 Jedrzej Nowacki <jedrzej.nowacki@nokia.com>
Reviewed by Simon Hausmann.
Add support for QDataStream operators to Vector.
* wtf/Vector.h:
(WTF::operator<<):
(WTF::operator>>):
2009-06-24 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Make the opcode sampler work once again.
* jit/JIT.h:
(JSC::JIT::compileGetByIdProto):
(JSC::JIT::compileGetByIdSelfList):
(JSC::JIT::compileGetByIdProtoList):
(JSC::JIT::compileGetByIdChainList):
(JSC::JIT::compileGetByIdChain):
(JSC::JIT::compilePutByIdTransition):
(JSC::JIT::compileCTIMachineTrampolines):
(JSC::JIT::compilePatchGetArrayLength):
* jit/JITStubCall.h:
(JSC::JITStubCall::call):
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
Extend FastAllocBase.h with 'using WTF::FastAllocBase' to avoid
unnecessary WTF:: usings.
Remove existing unnecessary WTF:: usings.
* interpreter/Interpreter.h:
* profiler/CallIdentifier.h:
* runtime/ScopeChain.h:
* wtf/FastAllocBase.h:
2009-06-24 David Levin <levin@chromium.org>
Fix all builds.
* bytecode/CodeBlock.h:
* bytecompiler/BytecodeGenerator.h:
* interpreter/Register.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26677
Inherits CodeBlock class from FastAllocBase because it
has been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.h:217.
* bytecode/CodeBlock.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26676
Inherits BytecodeGenerator class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/parser/Nodes.cpp:1892.
* bytecompiler/BytecodeGenerator.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26675
Inherits Register class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/JSVariableObject.h:149.
* interpreter/Register.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=26674
Inherits HashMap class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:458.
* wtf/HashMap.h:
2009-06-24 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
<rdar://problem/6940519> REGRESSION (Safari 4 Public Beta - TOT): google.com/adplanner shows blank page instead of site details in "basic research'
The problem was caused by the page returned with a function using a
var declaration list containing around ~3000 variables. The solution
to this is to flatten the comma expression representation and make
codegen comma expressions and initializer lists iterative rather than
recursive.
* parser/Grammar.y:
* parser/NodeConstructors.h:
(JSC::CommaNode::CommaNode):
* parser/Nodes.cpp:
(JSC::CommaNode::emitBytecode):
* parser/Nodes.h:
(JSC::ExpressionNode::isCommaNode):
(JSC::CommaNode::isCommaNode):
(JSC::CommaNode::append):
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26645
Inherits ScopeChainNode class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/ScopeChain.h:95.
* wtf/RefPtr.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=26648
Inherits Deque class from FastAllocBase because it has been
instantiated by 'new' with DEFINE_STATIC_LOCAL macro in
JavaScriptCore/wtf/MainThread.cpp:62.
* wtf/Deque.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=26644
Inherits RefPtr class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/StructureChain.cpp:41.
* wtf/RefPtr.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
Inherits HashSet class from FastAllocBase, because it has been
instantiated by 'new' in JavaScriptCore/runtime/Collector.h:116.
* wtf/HashSet.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
Inherits Vector class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:633.
* wtf/Vector.h:
2009-06-24 Norbert Leser <norbert.leser@nokia.com>
Reviewed by Maciej Stachoviak.
The BytecodeGenerator objects were instantiated on stack, which takes up ~38kB per instance
(each instance includes copy of JSC::CodeBlock with large SymbolTable, etc.).
Specifically, since there is nested invocation (e.g., GlobalCode --> FunctionCode),
the stack overflows immediately on Symbian hardware (max. 80 kB).
Proposed change allocates generator objects on heap.
Performance impact (if any) should be negligible and change is proposed as general fix,
rather than ifdef'd for SYMBIAN.
* parser/Nodes.cpp:
(JSC::ProgramNode::generateBytecode):
(JSC::EvalNode::generateBytecode):
(JSC::EvalNode::bytecodeForExceptionInfoReparse):
(JSC::FunctionBodyNode::generateBytecode):
(JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):
2009-06-23 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
<rdar://problem/6992806> REGRESSION: Enumeration can skip new properties in cases of prototypes that have more than 64 (26593)
<https://bugs.webkit.org/show_bug.cgi?id=26593>
Do not attempt to cache structure chains if they contain a dictionary at any level.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::tryCachePutByID):
(JSC::Interpreter::tryCacheGetByID):
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCachePutByID):
* runtime/Structure.cpp:
(JSC::Structure::getEnumerablePropertyNames):
(JSC::Structure::addPropertyTransition):
* runtime/StructureChain.cpp:
(JSC::StructureChain::isCacheable):
* runtime/StructureChain.h:
2009-06-23 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=26654
Add the proper export define for the JavaScriptCore API when building for WINCE.
* API/JSBase.h:
2009-06-23 Joe Mason <joe.mason@torchmobile.com>
Reviewed by Adam Treat.
Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>
https://bugs.webkit.org/show_bug.cgi?id=26611
Implement currentThreadStackBase on WINCE by adding a global,
g_stackBase, which must be set to the address of a local variable
by the caller before calling any WebKit function that invokes JSC.
* runtime/Collector.cpp:
(JSC::isPageWritable):
(JSC::getStackBase):
Starts at the top of the stack and returns the entire range of
consecutive writable pages as an estimate of the actual stack.
This will be much bigger than the actual stack range, so some
dead objects can't be collected, but it guarantees live objects
aren't collected prematurely.
(JSC::currentThreadStackBase):
On WinCE, returns g_stackBase if set or call getStackBase as a
fallback if not.
2009-06-23 Oliver Hunt <oliver@apple.com>
Reviewed by Alexey Proskuryakov.
Fix stupid performance problem in the LiteralParser
The LiteralParser was making a new UString in order to use
toDouble, however UString's toDouble allows a much wider range
of numberic strings than the LiteralParser accepts, and requires
an additional heap allocation or two for the construciton of the
UString. To rectify this we just call WTF::dtoa directly using
a stack allocated buffer to hold the validated numeric literal.
* runtime/LiteralParser.cpp:
(JSC::LiteralParser::Lexer::lexNumber):
(JSC::LiteralParser::parse):
* runtime/LiteralParser.h:
2009-06-22 Oliver Hunt <oliver@apple.com>
Reviewed by Alexey Proskuryakov.
Bug 26640: JSON.stringify needs to special case Boolean objects
<https://bugs.webkit.org/show_bug.cgi?id=26640>
Add special case handling of the Boolean object so we match current
ES5 errata.
* runtime/JSONObject.cpp:
(JSC::unwrapBoxedPrimitive): renamed from unwrapNumberOrString
(JSC::gap):
(JSC::Stringifier::appendStringifiedValue):
2009-06-22 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
Bug 26591: Support revivers in JSON.parse
<https://bugs.webkit.org/show_bug.cgi?id=26591>
Add reviver support to JSON.parse. This completes the JSON object.
* runtime/JSONObject.cpp:
(JSC::Walker::Walker):
(JSC::Walker::callReviver):
(JSC::Walker::walk):
(JSC::JSONProtoFuncParse):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
Bug 26592: Support standard toJSON functions
<https://bugs.webkit.org/show_bug.cgi?id=26592>
Add support for the standard Date.toJSON function.
* runtime/DatePrototype.cpp:
(JSC::dateProtoFuncToJSON):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by Sam Weinig.
Bug 26594: JSC needs to support Date.toISOString
<https://bugs.webkit.org/show_bug.cgi?id=26594>
Add support for Date.toISOString.
* runtime/DatePrototype.cpp:
(JSC::dateProtoFuncToISOString):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by NOBODY (Build fix).
Remove dead code.
* runtime/LiteralParser.cpp:
(JSC::LiteralParser::parse):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler and Cameron Zwarich.
Bug 26587: Support JSON.parse
<https://bugs.webkit.org/show_bug.cgi?id=26587>
Extend the LiteralParser to support the full strict JSON
grammar, fix a few places where the grammar was incorrectly
lenient. Doesn't yet support the JSON.parse reviver function
but that does not block the JSON.parse functionality itself.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::callEval):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
* runtime/JSONObject.cpp:
(JSC::JSONProtoFuncParse):
* runtime/LiteralParser.cpp:
(JSC::LiteralParser::Lexer::lex):
(JSC::isSafeStringCharacter):
(JSC::LiteralParser::Lexer::lexString):
(JSC::LiteralParser::parse):
* runtime/LiteralParser.h:
(JSC::LiteralParser::LiteralParser):
(JSC::LiteralParser::tryJSONParse):
(JSC::LiteralParser::):
(JSC::LiteralParser::Lexer::Lexer):
2009-06-21 David Levin <levin@chromium.org>
Reviewed by NOBODY (speculative build fix for windows).
Simply removed some whitespace form this file to make windows build wtf and
hopefully copy the new MessageQueque.h so that WebCore picks it up.
* wtf/Assertions.cpp:
2009-06-21 Drew Wilson <atwilson@google.com>
Reviewed by David Levin.
<https://bugs.webkit.org/show_bug.cgi?id=25043>
Added support for multi-threaded MessagePorts.
* wtf/MessageQueue.h:
(WTF::::appendAndCheckEmpty):
Added API to test whether the queue was empty before adding an element.
2009-06-20 David D. Kilzer <ddkilzer@webkit.org>
Fix namespace comment in SegmentedVector.h
* wtf/SegmentedVector.h: Updated namespace comment to reflect
new namespace after r44897.
2009-06-20 Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
Bug 24986: ARM JIT port
<https://bugs.webkit.org/show_bug.cgi?id=24986>
Reviewed by Oliver Hunt.
An Iterator added for SegmentedVector. Currently
only the pre ++ operator is supported.
* wtf/SegmentedVector.h:
(WTF::SegmentedVectorIterator::~SegmentedVectorIterator):
(WTF::SegmentedVectorIterator::operator*):
(WTF::SegmentedVectorIterator::operator->):
(WTF::SegmentedVectorIterator::operator++):
(WTF::SegmentedVectorIterator::operator==):
(WTF::SegmentedVectorIterator::operator!=):
(WTF::SegmentedVectorIterator::operator=):
(WTF::SegmentedVectorIterator::SegmentedVectorIterator):
(WTF::SegmentedVector::alloc):
(WTF::SegmentedVector::begin):
(WTF::SegmentedVector::end):
2009-06-20 Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
Bug 24986: ARM JIT port
<https://bugs.webkit.org/show_bug.cgi?id=24986>
Reviewed by Oliver Hunt.
Move SegmentedVector to /wtf subdirectory
and change "namespace JSC" to "namespace WTF"
Additional build file updates by David Kilzer.
* GNUmakefile.am: Updated path to SegmentedVector.h.
* JavaScriptCore.order: Updated SegmentedVector namespace from
JSC to WTF in mangled C++ method name.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
Removed reference to bytecompiler\SegmentedVector.h.
* JavaScriptCore.vcproj/WTF/WTF.vcproj: Added reference to
wtf\SegmentedVector.h.
* JavaScriptCore.xcodeproj/project.pbxproj: Moved
SegmentedVector.h definition from bytecompiler subdirectory to
wtf subdirectory.
* bytecompiler/BytecodeGenerator.h: Updated #include path to
SegmentedVector.h and prepended WTF:: namespace to its use.
* parser/Lexer.h: Ditto.
* wtf/SegmentedVector.h: Renamed from JavaScriptCore/bytecompiler/SegmentedVector.h.
(WTF::SegmentedVector::SegmentedVector):
(WTF::SegmentedVector::~SegmentedVector):
(WTF::SegmentedVector::size):
(WTF::SegmentedVector::at):
(WTF::SegmentedVector::operator[]):
(WTF::SegmentedVector::last):
(WTF::SegmentedVector::append):
(WTF::SegmentedVector::removeLast):
(WTF::SegmentedVector::grow):
(WTF::SegmentedVector::clear):
(WTF::SegmentedVector::deleteAllSegments):
(WTF::SegmentedVector::segmentExistsFor):
(WTF::SegmentedVector::segmentFor):
(WTF::SegmentedVector::subscriptFor):
(WTF::SegmentedVector::ensureSegmentsFor):
(WTF::SegmentedVector::ensureSegment):
2009-06-19 Gavin Barraclough <barraclough@apple.com>
Reviewed by NOBODY (build fix take 2 - rename FIELD_OFFSET to something that doesn't conflict with winnt.h).
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
(JSC::JIT::privateCompileCTIMachineTrampolines):
(JSC::JIT::emitGetVariableObjectRegister):
(JSC::JIT::emitPutVariableObjectRegister):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::compileBinaryArithOp):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallInitializeCallFrame):
(JSC::JIT::compileOpCall):
* jit/JITInlineMethods.h:
(JSC::JIT::restoreArgumentReference):
(JSC::JIT::checkStructure):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_get_scoped_var):
(JSC::JIT::emit_op_put_scoped_var):
(JSC::JIT::emit_op_construct_verify):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_to_jsnumber):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emit_op_convert_this):
(JSC::JIT::emit_op_profile_will_call):
(JSC::JIT::emit_op_profile_did_call):
(JSC::JIT::emitSlow_op_get_by_val):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emit_op_method_check):
(JSC::JIT::compileGetByIdHotPath):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::compilePutDirectOffset):
(JSC::JIT::compileGetDirectOffset):
(JSC::JIT::privateCompilePutByIdTransition):
(JSC::JIT::privateCompilePatchGetArrayLength):
* jit/JITStubs.cpp:
(JSC::JITThunks::JITThunks):
2009-06-19 Gavin Barraclough <barraclough@apple.com>
Reviewed by NOBODY (Windows build fix).
* jit/JIT.h:
* jit/JITInlineMethods.h:
2009-06-19 Gabor Loki <loki@inf.u-szeged.hu>
Reviewed by Gavin Barraclough.
Reorganize ARM architecture specific macros.
Use PLATFORM_ARM_ARCH(7) instead of PLATFORM(ARM_V7).
Bug 24986: ARM JIT port
<https://bugs.webkit.org/show_bug.cgi?id=24986>
* assembler/ARMv7Assembler.h:
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::Imm32::Imm32):
* assembler/MacroAssembler.h:
* assembler/MacroAssemblerCodeRef.h:
(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
* jit/ExecutableAllocator.h:
(JSC::ExecutableAllocator::cacheFlush):
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::restoreArgumentReferenceForTrampoline):
* jit/JITStubs.cpp:
* jit/JITStubs.h:
* wtf/Platform.h:
* yarr/RegexJIT.cpp:
(JSC::Yarr::RegexGenerator::generateEnter):
(JSC::Yarr::RegexGenerator::generateReturn):
2009-06-19 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver Hunt.
Fix armv7 JIT build issues.
Unfortunate the arm compiler does not like the use of offsetof on JITStackFrame (since it now contains non POD types),
and the FIELD_OFFSET macro does not appear constantish enough for it to be happy with its use in COMPILE_ASSERT macros.
* Replace offsetofs with FIELD_OFFSETs (safe on C++ objects).
* Move COMPILE_ASSERTs defending layout of JITStackFrame structure on armv7 into JITThunks constructor.
* jit/JIT.cpp:
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::restoreArgumentReference):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_catch):
* jit/JITStubs.cpp:
(JSC::JITThunks::JITThunks):
2009-06-19 Adam Treat <adam.treat@torchmobile.com>
Blind attempt at build fix.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-06-19 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Oliver Hunt.
Inherits CallIdentifier struct from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/profiler/CallIdentifier.h:86.
* wtf/HashCountedSet.h:
2009-06-19 Adam Treat <adam.treat@torchmobile.com>
Reviewed by Oliver Hunt.
https://bugs.webkit.org/show_bug.cgi?id=26540
Modify the test shell to add a new function 'checkSyntax' that will
only parse the source instead of executing it. In this way we can test
pure parsing performance against some of the larger scripts in the wild.
* jsc.cpp:
(GlobalObject::GlobalObject):
(functionCheckSyntax):
2009-06-19 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
Inherits HashCountedSet class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/Collector.cpp:1095.
* wtf/HashCountedSet.h:
2009-06-19 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=26558
Declare these symbols extern for WINCE as they are provided by libce.
* runtime/DateConstructor.cpp:
* runtime/DatePrototype.cpp:
(JSC::formatLocaleDate):
2009-06-19 Oliver Hunt <oliver@apple.com>
Reviewed by Maciej Stachowiak.
<rdar://problem/6988973> ScopeChain leak in interpreter builds
Move the Scopechain destruction code in JSFunction outside of the ENABLE(JIT)
path.
* runtime/JSFunction.cpp:
(JSC::JSFunction::~JSFunction):
* wtf/Platform.h:
2009-06-19 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=26543
Windows CE uses 'GetLastError' instead of 'errno.'
* interpreter/RegisterFile.h:
(JSC::RegisterFile::RegisterFile):
(JSC::RegisterFile::grow):
2009-06-19 David Levin <levin@chromium.org>
Reviewed by NOBODY (Windows build fix).
Add export for Windows corresponding to OSX export done in r44844.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-06-18 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin "Viceroy of Venezuela" Barraclough.
Bug 26532: Native functions do not correctly unlink from optimised callsites when they're collected
<https://bugs.webkit.org/show_bug.cgi?id=26532> <rdar://problem/6625385>
We need to make sure that each native function instance correctly unlinks any references to it
when it is collected. Allowing this to happen required a few changes:
* Every native function needs a codeblock to track the link information
* To have this codeblock, every function now also needs its own functionbodynode
so we no longer get to have a single shared instance.
* Identifying a host function is now done by looking for CodeBlock::codeType() == NativeCode
* JavaScriptCore.exp:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
Constructor for NativeCode CodeBlock
(JSC::CodeBlock::derefStructures):
(JSC::CodeBlock::refStructures):
(JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
(JSC::CodeBlock::handlerForBytecodeOffset):
(JSC::CodeBlock::lineNumberForBytecodeOffset):
(JSC::CodeBlock::expressionRangeForBytecodeOffset):
(JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
(JSC::CodeBlock::functionRegisterForBytecodeOffset):
(JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
(JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
(JSC::CodeBlock::setJITCode):
Add assertions to ensure we don't try and use NativeCode CodeBlocks as
a normal codeblock.
* bytecode/CodeBlock.h:
(JSC::):
(JSC::CodeBlock::source):
(JSC::CodeBlock::sourceOffset):
(JSC::CodeBlock::evalCodeCache):
(JSC::CodeBlock::createRareDataIfNecessary):
More assertions.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines):
(JSC::JIT::linkCall):
Update logic to allow native function caching
* jit/JITStubs.cpp:
* parser/Nodes.cpp:
(JSC::FunctionBodyNode::createNativeThunk):
(JSC::FunctionBodyNode::isHostFunction):
* parser/Nodes.h:
* runtime/JSFunction.cpp:
(JSC::JSFunction::JSFunction):
(JSC::JSFunction::~JSFunction):
(JSC::JSFunction::mark):
* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::~JSGlobalData):
* runtime/JSGlobalData.h:
2009-06-18 Gavin Barraclough <barraclough@apple.com>
Reviewed by NOBODY (Windows build fix).
* wtf/DateMath.cpp:
(WTF::calculateUTCOffset):
2009-06-18 Gavin Barraclough <barraclough@apple.com>
Reviewed by Geoff Garen.
Timezone calculation incorrect in Venezuela.
https://bugs.webkit.org/show_bug.cgi?id=26531
<rdar://problem/6646169> Time is incorrectly reported to JavaScript in both Safari 3 and Firefox 3
The problem is that we're calculating the timezone relative to 01/01/2000,
but the VET timezone changed from -4 hours to -4:30 hours on 12/09/2007.
According to the spec, section 15.9.1.9 states "the time since the beginning
of the year", presumably meaning the *current* year. Change the calculation
to be based on whatever the current year is, rather than a canned date.
No performance impact.
* wtf/DateMath.cpp:
(WTF::calculateUTCOffset):
2009-06-18 Gavin Barraclough <barraclough@apple.com>
Rubber Stamped by Mark Rowe (originally reviewed by Sam Weinig).
(Reintroducing patch added in r44492, and reverted in r44796.)
Change the implementation of op_throw so the stub function always modifies its
return address - if it doesn't find a 'catch' it will switch to a trampoline
to force a return from JIT execution. This saves memory, by avoiding the need
for a unique return for every op_throw.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):
JITStubs::cti_op_throw now always changes its return address,
remove return code generated after the stub call (this is now
handled by ctiOpThrowNotCaught).
* jit/JITStubs.cpp:
(JSC::):
Add ctiOpThrowNotCaught definitions.
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
Change cti_op_throw to always change its return address.
* jit/JITStubs.h:
Add ctiOpThrowNotCaught declaration.
2009-06-18 Kevin McCullough <kmccullough@apple.com>
Reviewed by Oliver Hunt.
<rdar://problem/6940880> REGRESSION: Breakpoints don't break in 64-bit
- Exposed functions now needed by WebCore.
* JavaScriptCore.exp:
2009-06-17 Darin Adler <darin@apple.com>
Reviewed by Oliver Hunt.
Bug 26429: Make JSON.stringify non-recursive so it can handle objects
of arbitrary complexity
https://bugs.webkit.org/show_bug.cgi?id=26429
For marking I decided not to use gcProtect, because this is inside the engine
so it's easy enough to just do marking. And that darned gcProtect does locking!
Oliver tried to convince me to used MarkedArgumentBuffer, but the constructor
for that class says "FIXME: Remove all clients of this API, then remove this API."
* runtime/Collector.cpp:
(JSC::Heap::collect): Add a call to JSONObject::markStringifiers.
* runtime/CommonIdentifiers.cpp:
(JSC::CommonIdentifiers::CommonIdentifiers): Added emptyIdentifier.
* runtime/CommonIdentifiers.h: Ditto.
* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::JSGlobalData): Initialize firstStringifierToMark to 0.
* runtime/JSGlobalData.h: Added firstStringifierToMark.
* runtime/JSONObject.cpp: Cut down the includes to the needed ones only.
(JSC::unwrapNumberOrString): Added. Helper for unwrapping number and string
objects to get their number and string values.
(JSC::ReplacerPropertyName::ReplacerPropertyName): Added. The class is used
to wrap an identifier or integer so we don't have to do any work unless we
actually call a replacer.
(JSC::ReplacerPropertyName::value): Added.
(JSC::gap): Added. Helper function for the Stringifier constructor.
(JSC::PropertyNameForFunctionCall::PropertyNameForFunctionCall): Added.
The class is used to wrap an identifier or integer so we don't have to
allocate a number or string until we actually call toJSON or a replacer.
(JSC::PropertyNameForFunctionCall::asJSValue): Added.
(JSC::Stringifier::Stringifier): Updated and moved out of the class
definition. Added code to hook this into a singly linked list for marking.
(JSC::Stringifier::~Stringifier): Remove from the singly linked list.
(JSC::Stringifier::mark): Mark all the objects in the holder stacks.
(JSC::Stringifier::stringify): Updated.
(JSC::Stringifier::appendQuotedString): Tweaked and streamlined a bit.
(JSC::Stringifier::toJSON): Renamed from toJSONValue.
(JSC::Stringifier::appendStringifiedValue): Renamed from stringify.
Added code to use the m_holderStack to do non-recursive stringify of
objects and arrays. This code also uses the timeout checker since in
pathological cases it could be slow even without calling into the
JavaScript virtual machine.
(JSC::Stringifier::willIndent): Added.
(JSC::Stringifier::indent): Added.
(JSC::Stringifier::unindent): Added.
(JSC::Stringifier::startNewLine): Added.
(JSC::Stringifier::Holder::Holder): Added.
(JSC::Stringifier::Holder::appendNextProperty): Added. This is the
function that handles the format of arrays and objects.
(JSC::JSONObject::getOwnPropertySlot): Moved this down to the bottom
of the file so the JSONObject class is not interleaved with the
Stringifier class.
(JSC::JSONObject::markStringifiers): Added. Calls mark.
(JSC::JSONProtoFuncStringify): Streamlined the code here. The code
to compute the gap string is now a separate function.
* runtime/JSONObject.h: Made everything private. Added markStringifiers.
2009-06-17 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
<rdar://problem/6974140> REGRESSION(r43849): Crash in cti_op_call_NotJSFunction when getting directions on maps.google.com
Roll out r43849 as it appears that we cannot rely on the address of
an objects property storage being constant even if the structure is
unchanged.
* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::compileGetDirectOffset):
(JSC::JIT::privateCompileGetByIdProto):
(JSC::JIT::privateCompileGetByIdProtoList):
(JSC::JIT::privateCompileGetByIdChainList):
(JSC::JIT::privateCompileGetByIdChain):
2009-06-17 Gavin Barraclough <barraclough@apple.com>
Rubber Stamped by Mark Rowe.
Fully revert r44492 & r44748 while we fix a bug they cause on internal builds <rdar://problem/6955963>.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):
* jit/JITStubs.cpp:
(JSC::):
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
* jit/JITStubs.h:
2009-06-17 Gavin Barraclough <barraclough@apple.com>
Reviewed by Mark Rowe.
<rdar://problem/6947426> sunspider math-cordic.js exhibits different intermediate results running 32-bit vs. 64-bit
On 64-bit, NaN-encoded values must be detagged before they can be used in rshift.
No performance impact.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_rshift):
2009-06-17 Adam Treat <adam.treat@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=23155
Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.
* jsc.cpp:
(main):
2009-06-17 George Staikos <george.staikos@torchmobile.com>
Reviewed by Adam Treat.
https://bugs.webkit.org/show_bug.cgi?id=23155
Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.
* config.h:
* jsc.cpp:
* wtf/Assertions.cpp:
* wtf/Assertions.h:
* wtf/CurrentTime.cpp:
(WTF::lowResUTCTime):
* wtf/DateMath.cpp:
(WTF::getLocalTime):
* wtf/MathExtras.h:
* wtf/Platform.h:
* wtf/StringExtras.h:
* wtf/Threading.h:
* wtf/win/MainThreadWin.cpp:
2009-06-17 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver Hunt.
<rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com
Remove PropertySlot::putValue - PropertySlots should only be used for getting,
not putting. Rename JSGlobalObject::getOwnPropertySlot to hasOwnPropertyForWrite,
which is what it really was being used to ask, and remove some other getOwnPropertySlot
& getOwnPropertySlotForWrite methods, which were unused and likely to lead to confusion.
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::hasOwnPropertyForWrite):
* runtime/JSObject.h:
* runtime/JSStaticScopeObject.cpp:
* runtime/JSStaticScopeObject.h:
* runtime/PropertySlot.h:
2009-06-16 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver hunt.
Temporarily partially disable r44492, since this is causing some problems on internal builds.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):
* jit/JITStubs.cpp:
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
2009-06-16 Sam Weinig <sam@webkit.org>
Fix windows build.
* jit/JIT.cpp:
(JSC::JIT::JIT):
2009-06-16 Sam Weinig <sam@webkit.org>
Reviewed by Oliver Hunt.
Initialize m_bytecodeIndex to -1 in JIT, and correctly initialize
it for each type of stub using the return address to find the correct
offset.
* jit/JIT.cpp:
(JSC::JIT::JIT):
* jit/JIT.h:
(JSC::JIT::compileGetByIdProto):
(JSC::JIT::compileGetByIdSelfList):
(JSC::JIT::compileGetByIdProtoList):
(JSC::JIT::compileGetByIdChainList):
(JSC::JIT::compileGetByIdChain):
(JSC::JIT::compilePutByIdTransition):
(JSC::JIT::compileCTIMachineTrampolines):
(JSC::JIT::compilePatchGetArrayLength):
* jit/JITStubCall.h:
(JSC::JITStubCall::call):
== Rolled over to ChangeLog-2009-06-16 ==