X-Git-Url: https://git.saurik.com/apple/javascriptcore.git/blobdiff_plain/93a3786624b2768d89bfa27e46598dc64e2fb70a..HEAD:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 799f50a..1622ee2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3565 +1,78 @@ -2013-07-18 Andreas Kling +2015-07-31 Lucas Forschler - CodeBlock DFG entry list isn't getting shrunk-to-fit after linking. - - + Merge r187579 - Reviewed by Geoffrey Garen. + 2015-07-29 Filip Pizlo - Move the CodeBlock::shrinkToFit() call out of JITCompiler::link() and to the call sites - so SpeculativeJIT::linkOSREntries() can fill in CodeBlock::m_dfgData->osrEntry first. + DFG::ArgumentsEliminationPhase should emit a PutStack for all of the GetStacks that the ByteCodeParser emitted + https://bugs.webkit.org/show_bug.cgi?id=147433 + rdar://problem/21668986 - 886 kB progression on + Reviewed by Mark Lam. - * dfg/DFGJITCompiler.cpp: - (JSC::DFG::JITCompiler::link): - (JSC::DFG::JITCompiler::compile): - (JSC::DFG::JITCompiler::compileFunction): + Ideally, the ByteCodeParser would only emit SetArgument nodes for named arguments. But + currently that's not what it does - it emits a SetArgument for every argument that a varargs + call may pass. Each SetArgument gets turned into a GetStack. This means that if + ArgumentsEliminationPhase optimizes away PutStacks for those varargs arguments that didn't + get passed or used, we get degenerate IR where we have a GetStack of something that didn't + have a PutStack. -2013-07-18 Andreas Kling + This fixes the bug by removing the code to optimize away PutStacks in + ArgumentsEliminationPhase. - CodeBlock::m_argumentValueProfiles wastes a lot of memory. - - + * dfg/DFGArgumentsEliminationPhase.cpp: + * tests/stress/varargs-inlining-underflow.js: Added. + (baz): + (bar): + (foo): - Reviewed by Anders Carlsson. +2015-07-24 Matthew Hanson - Use Vector::resizeToFit() for CodeBlock::m_argumentValueProfiles. We don't need any padding - for growth, since we won't be appending to it anyway. + Merge r187139. rdar://problem/21847618 - 921 KB progression on + 2015-07-21 Filip Pizlo - * bytecode/CodeBlock.cpp: - (JSC::CodeBlock::setNumParameters): + Unreviewed, fix a lot of tests. Need to initialize WTF threading sooner. -2013-07-16 Mark Hahnenberg + * jsc.cpp: + (main): - Remove reference to JSValueStructSupport.h from JSExport.h - https://bugs.webkit.org/show_bug.cgi?id=118746 +2015-07-23 Lucas Forschler - Reviewed by Filip Pizlo. + Merge r187125 - * API/JSExport.h: No such header exists, so it doesn't make sense to reference it. + 2015-07-21 Filip Pizlo -2013-07-17 Lucas Forschler - - Rollout r152600 - -2013-07-17 Lucas Forschler - - Merge r152600 - - 2013-07-12 Brent Fulgham - - [Windows] Build correction after r152573/r152577. - https://bugs.webkit.org/show_bug.cgi?id=118610 - - Reviewed by Oliver Hunt. - - * jit/JITThunks.cpp: - (JSC::JITThunks::hostFunctionStub): Hand-feed MSVC++ the fact that we want the second - argument of the make_pair to be a function pointer. - -2013-07-17 Lucas Forschler - - Merge r152742 - - 2013-07-16 Filip Pizlo - - MakeRope fixup shouldn't lead to an Identity without kids - https://bugs.webkit.org/show_bug.cgi?id=118745 - - Reviewed by Mark Hahnenberg. - - Make the empty string pruning part of fixupMakeRope() stop if it's on the last child. - - Make Node::convertToIdentity release-assert that it has exactly one kid. - - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupMakeRope): - * dfg/DFGNode.h: - (JSC::DFG::Node::convertToIdentity): - -2013-07-15 Lucas Forschler - - Merge r152613 - - 2013-07-13 Commit Queue - - Unreviewed, rolling out r151978. - http://trac.webkit.org/changeset/151978 - https://bugs.webkit.org/show_bug.cgi?id=118651 - - Caused regressions at least 3 websites (Requested by rniwa on - #webkit). - - * runtime/JSCJSValue.h: - * runtime/JSString.h: - -2013-07-15 Lucas Forschler - - Merge r152577 - - 2013-07-11 Oliver Hunt - - Attempt to fix the windows build. - - * jit/JITThunks.cpp: - (JSC::JITThunks::hostFunctionStub): - * jit/JITThunks.h: - -2013-07-15 Lucas Forschler - - Merge r152573 - - 2013-07-10 Oliver Hunt - - NativeExecutable cache needs to use both call and construct functions for key - https://bugs.webkit.org/show_bug.cgi?id=118545 - - Reviewed by Geoffrey Garen. - - Make the native executable cache make use a key pair so we don't decide to - treat all subsequent functions as not being constructors. - - * jit/JITThunks.cpp: - (JSC::JITThunks::hostFunctionStub): - * jit/JITThunks.h: - * runtime/JSBoundFunction.cpp: - (JSC::JSBoundFunction::create): - * runtime/JSCell.cpp: - (JSC::JSCell::getCallData): - (JSC::JSCell::getConstructData): - -2013-07-09 Lucas Forschler - - Merge r152497 - - 2013-07-09 Mark Lam - - Gardening to unbreak builds on the Windows bot. - - Not reviewed. - - * parser/ParserTokens.h: - -2013-07-09 Lucas Forschler - - Merge r152494 - - 2013-07-09 Mark Lam - - Fix 30% JSBench regression (caused by adding column numbers to stack traces). - https://bugs.webkit.org/show_bug.cgi?id=118481. - - Reviewed by Mark Hahnenberg and Geoffrey Garen. - - Previously, we already capture ExpressionRangeInfo that provides a divot for - each bytecode that can potentially throw an exception (and therefore generate - a stack trace). On first attempt to compute column numbers, we then do a walk - of the source string to record all line start positions in a table associated - with the SourceProvider. The column number can then be computed as - divot - lineStartFor(bytecodeOffset). - - The computation of this lineStarts table is the source of the 30% JSBench - performance regression. - - The new code now records lineStarts as the lexer and parser scans the source - code. These lineStarts are then used to compute the column number for the - given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture - the line number at the divot point and store that in the ExpressionRangeInfo. - Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo - for the bytecodeOffset, and then compute the line and column from the values - stored in the expression info. - - The strategy: - 1. We want to minimize perturbations to the lexer and parser. Specifically, - the changes added should not change how it scans code, and generate bytecode. - 2. We regard the divot as the source character position we are interested - in. As such, we'll capture line and lineStart (for column) at the point - when we capture the divot information. This ensures that the 3 values are - consistent. - - How the change is done: - 1. Change the lexer to track lineStarts. - 2. Change the parser to capture line and lineStarts at the point of capturing - divots. - 3. Change the parser and associated code to plumb these values all the way to - the point that the correspoinding ExpressionRangeInfo is emitted. - 4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the - the necessary places so that we can add them as needed when reifying - UnlinkedCodeBlocks into CodeBlocks. - 5. Compress the line and column number values in the ExpressionRangeInfo. In - practice, we seldom have both large line and column numbers. Hence, we can - encode both in an uint32_t most of the time. For the times when we encounter - both large line and column numbers, we have a fallback to store the "fat" - position info. - 6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column - number coverage. - 7. Change the interpreter to use the new way of computing line and column. - 8. Delete old line and column computation code that is now unused. - - Misc details: - - the old lexer was tracking both a startOffset and charPosition where - charPosition equals startOffset - SourceCode.startOffset. We now use - startOffset exclusively throughout the system for consistency. - All offset values (including lineStart) are relative to the start of the - SourceProvider string. These values will only be converted to be relative - to the SourceCode.startOffset at the very last minute i.e. when the divot - is stored into the ExpressionRangeInfo. - - This change to use the same offset system everywhere reduces confusion - from having to convert back and forth between the 2 systems. It also - enables a lot of assertions to be used. - - - Also fixed some bugs in the choice of divot positions to use. For example, - both Eval and Function expressions previously used column numbers from - the start of the expression but used the line number at the end of the - expression. This is now fixed to use either the start or end positions - as appropriate, but not a mix of line and columns from both. - - - Why use ints instead of unsigneds for offsets and lineStarts inside the - lexer and parser? - Some tests (e.g. fast/js/call-base-resolution.html and - fast/js/eval-cross-window.html) has shown that lineStart offsets can be - prior to the SourceCode.startOffset. Keeping the lexer offsets as ints - simplifies computations and makes it easier to maintain the assertions - that (startOffset >= lineStartOffset). - - However, column and line numbers are always unsigned when we publish - them to the ExpressionRangeInfo. The ints are only used inside the - lexer and parser ... well, and bytecode generator. - - - For all cases, lineStart is always captured where the divot is captured. - However, some sputnik conformance tests have shown that we cannot honor - line breaks for assignment statements like the following: - - eval("x\u000A*=\u000A-1;"); - - In this case, the lineStart is expected to be captured at the start of - the assignment expression instead of at the divot point in the middle. - The assignment expression is the only special case for this. - - This patch has been tested against the full layout tests both with release - and debug builds with no regression. - - * API/JSContextRef.cpp: - (JSContextCreateBacktrace): - - Updated to use the new StackFrame::computeLineAndColumn(). - * bytecode/CodeBlock.cpp: - (JSC::CodeBlock::CodeBlock): - - Added m_firstLineColumnOffset initialization. - - Plumbed the firstLineColumnOffset into the SourceCode. - - Initialized column for op_debug using the new way. - (JSC::CodeBlock::lineNumberForBytecodeOffset): - - Changed to compute line number using the ExpressionRangeInfo. - (JSC::CodeBlock::columnNumberForBytecodeOffset): Added - - Changed to compute column number using the ExpressionRangeInfo. - (JSC::CodeBlock::expressionRangeForBytecodeOffset): - * bytecode/CodeBlock.h: - (JSC::CodeBlock::firstLineColumnOffset): - (JSC::GlobalCodeBlock::GlobalCodeBlock): - - Plumbed firstLineColumnOffset through to the super class. - (JSC::ProgramCodeBlock::ProgramCodeBlock): - - Plumbed firstLineColumnOffset through to the super class. - (JSC::EvalCodeBlock::EvalCodeBlock): - - Plumbed firstLineColumnOffset through to the super class. - But for EvalCodeBlocks, the firstLineColumnOffset is always 1 - because we're starting with a new source string with no start - offset. - (JSC::FunctionCodeBlock::FunctionCodeBlock): - - Plumbed firstLineColumnOffset through to the super class. - - * bytecode/ExpressionRangeInfo.h: - - Added modes for encoding line and column into a single 30-bit - unsigned. The encoding is in 1 of 3 modes: - 1. FatLineMode: 22-bit line, 8-bit column - 2. FatColumnMode: 8-bit line, 22-bit column - 3. FatLineAndColumnMode: 32-bit line, 32-bit column - (JSC::ExpressionRangeInfo::encodeFatLineMode): Added. - - Encodes line and column into the 30-bit position using FatLine mode. - (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added. - - Encodes line and column into the 30-bit position using FatColumn mode. - (JSC::ExpressionRangeInfo::decodeFatLineMode): Added. - - Decodes the FatLine mode 30-bit position into line and column. - (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added. - - Decodes the FatColumn mode 30-bit position into line and column. - - * bytecode/UnlinkedCodeBlock.cpp: - (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): - - Plumbed startColumn through. - (JSC::UnlinkedFunctionExecutable::link): - - Plumbed startColumn through. - (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - - Computes a line number using the new way. - (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): - - Added decoding of line and column. - - Added handling of the case when we do not find a fitting expression - range info for a specified bytecodeOffset. This only happens if the - bytecodeOffset is below the first expression range info. In that - case, we'll use the first expression range info entry. - (JSC::UnlinkedCodeBlock::addExpressionInfo): - - Added encoding of line and column. - - * bytecode/UnlinkedCodeBlock.h: - - Added m_expressionInfoFatPositions in RareData. - (JSC::UnlinkedFunctionExecutable::functionStartColumn): - (JSC::UnlinkedCodeBlock::shrinkToFit): - - Removed obsoleted m_lineInfo. - * bytecompiler/BytecodeGenerator.cpp: - (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through. - (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through. - (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through. - (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through. - (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through. - * bytecompiler/BytecodeGenerator.h: - (JSC::BytecodeGenerator::emitNode): - (JSC::BytecodeGenerator::emitNodeInConditionContext): - - Removed obsoleted m_lineInfo. - (JSC::BytecodeGenerator::emitExpressionInfo): - - Plumbed line and lineStart through. - - Compute the line and column to be added to the expression range info. - * bytecompiler/NodesCodegen.cpp: - (JSC::ThrowableExpressionData::emitThrowReferenceError): - (JSC::ResolveNode::emitBytecode): - (JSC::ArrayNode::toArgumentList): - (JSC::BracketAccessorNode::emitBytecode): - (JSC::DotAccessorNode::emitBytecode): - (JSC::NewExprNode::emitBytecode): - (JSC::EvalFunctionCallNode::emitBytecode): - (JSC::FunctionCallValueNode::emitBytecode): - (JSC::FunctionCallResolveNode::emitBytecode): - (JSC::FunctionCallBracketNode::emitBytecode): - (JSC::FunctionCallDotNode::emitBytecode): - (JSC::CallFunctionCallDotNode::emitBytecode): - (JSC::ApplyFunctionCallDotNode::emitBytecode): - (JSC::PostfixNode::emitResolve): - (JSC::PostfixNode::emitBracket): - (JSC::PostfixNode::emitDot): - (JSC::DeleteResolveNode::emitBytecode): - (JSC::DeleteBracketNode::emitBytecode): - (JSC::DeleteDotNode::emitBytecode): - (JSC::PrefixNode::emitResolve): - (JSC::PrefixNode::emitBracket): - (JSC::PrefixNode::emitDot): - - Plumbed line and lineStart through the above as needed. - - (JSC::UnaryOpNode::emitBytecode): - - Added emission of an ExpressionRangeInfo for the UnaryOp node. - - (JSC::BinaryOpNode::emitStrcat): - (JSC::ThrowableBinaryOpNode::emitBytecode): - (JSC::InstanceOfNode::emitBytecode): - (JSC::emitReadModifyAssignment): - (JSC::ReadModifyResolveNode::emitBytecode): - (JSC::AssignResolveNode::emitBytecode): - (JSC::AssignDotNode::emitBytecode): - (JSC::ReadModifyDotNode::emitBytecode): - (JSC::AssignBracketNode::emitBytecode): - (JSC::ReadModifyBracketNode::emitBytecode): - - Plumbed line and lineStart through the above as needed. - - (JSC::ConstStatementNode::emitBytecode): - (JSC::EmptyStatementNode::emitBytecode): - (JSC::DebuggerStatementNode::emitBytecode): - (JSC::ExprStatementNode::emitBytecode): - (JSC::VarStatementNode::emitBytecode): - (JSC::IfElseNode::emitBytecode): - (JSC::DoWhileNode::emitBytecode): - (JSC::WhileNode::emitBytecode): - (JSC::ForNode::emitBytecode): - (JSC::ForInNode::emitBytecode): - (JSC::ContinueNode::emitBytecode): - (JSC::BreakNode::emitBytecode): - (JSC::ReturnNode::emitBytecode): - (JSC::WithNode::emitBytecode): - (JSC::SwitchNode::emitBytecode): - (JSC::LabelNode::emitBytecode): - (JSC::ThrowNode::emitBytecode): - (JSC::TryNode::emitBytecode): - (JSC::ProgramNode::emitBytecode): - (JSC::EvalNode::emitBytecode): - (JSC::FunctionBodyNode::emitBytecode): - - Plumbed line and lineStart through the above as needed. - - * interpreter/Interpreter.cpp: - (JSC::appendSourceToError): - - Added line and column arguments for expressionRangeForBytecodeOffset(). - (JSC::StackFrame::computeLineAndColumn): - - Replaces StackFrame::line() and StackFrame::column(). - (JSC::StackFrame::expressionInfo): - - Added line and column arguments. - (JSC::StackFrame::toString): - - Changed to use the new StackFrame::computeLineAndColumn(). - (JSC::Interpreter::getStackTrace): - - Added the needed firstLineColumnOffset arg for the StackFrame. - - * interpreter/Interpreter.h: - * parser/ASTBuilder.h: - (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo): - (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo): - (JSC::ASTBuilder::createResolve): - (JSC::ASTBuilder::createBracketAccess): - (JSC::ASTBuilder::createDotAccess): - (JSC::ASTBuilder::createRegExp): - (JSC::ASTBuilder::createNewExpr): - (JSC::ASTBuilder::createAssignResolve): - (JSC::ASTBuilder::createFunctionExpr): - (JSC::ASTBuilder::createFunctionBody): - (JSC::ASTBuilder::createGetterOrSetterProperty): - (JSC::ASTBuilder::createFuncDeclStatement): - (JSC::ASTBuilder::createBlockStatement): - (JSC::ASTBuilder::createExprStatement): - (JSC::ASTBuilder::createIfStatement): - (JSC::ASTBuilder::createForLoop): - (JSC::ASTBuilder::createForInLoop): - (JSC::ASTBuilder::createVarStatement): - (JSC::ASTBuilder::createReturnStatement): - (JSC::ASTBuilder::createBreakStatement): - (JSC::ASTBuilder::createContinueStatement): - (JSC::ASTBuilder::createTryStatement): - (JSC::ASTBuilder::createSwitchStatement): - (JSC::ASTBuilder::createWhileStatement): - (JSC::ASTBuilder::createDoWhileStatement): - (JSC::ASTBuilder::createLabelStatement): - (JSC::ASTBuilder::createWithStatement): - (JSC::ASTBuilder::createThrowStatement): - (JSC::ASTBuilder::createDebugger): - (JSC::ASTBuilder::createConstStatement): - (JSC::ASTBuilder::appendBinaryExpressionInfo): - (JSC::ASTBuilder::appendUnaryToken): - (JSC::ASTBuilder::unaryTokenStackLastStart): - (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added. - (JSC::ASTBuilder::assignmentStackAppend): - (JSC::ASTBuilder::createAssignment): - (JSC::ASTBuilder::setExceptionLocation): - (JSC::ASTBuilder::makeDeleteNode): - (JSC::ASTBuilder::makeFunctionCallNode): - (JSC::ASTBuilder::makeBinaryNode): - (JSC::ASTBuilder::makeAssignNode): - (JSC::ASTBuilder::makePrefixNode): - (JSC::ASTBuilder::makePostfixNode):. - - Plumbed line, lineStart, and startColumn through the above as needed. - - * parser/Lexer.cpp: - (JSC::::currentSourcePtr): - (JSC::::setCode): - - Added tracking for sourceoffset and lineStart. - (JSC::::internalShift): - (JSC::::parseIdentifier): - - Added tracking for lineStart. - (JSC::::parseIdentifierSlowCase): - (JSC::::parseString): - - Added tracking for lineStart. - (JSC::::parseStringSlowCase): - (JSC::::lex): - - Added tracking for sourceoffset. - (JSC::::sourceCode): - * parser/Lexer.h: - (JSC::Lexer::currentOffset): - (JSC::Lexer::currentLineStartOffset): - (JSC::Lexer::setOffset): - - Added tracking for lineStart. - (JSC::Lexer::offsetFromSourcePtr): Added. conversion function. - (JSC::Lexer::sourcePtrFromOffset): Added. conversion function. - (JSC::Lexer::setOffsetFromSourcePtr): - (JSC::::lexExpectIdentifier): - - Added tracking for sourceoffset and lineStart. - - * parser/NodeConstructors.h: - (JSC::Node::Node): - (JSC::ResolveNode::ResolveNode): - (JSC::EvalFunctionCallNode::EvalFunctionCallNode): - (JSC::FunctionCallValueNode::FunctionCallValueNode): - (JSC::FunctionCallResolveNode::FunctionCallResolveNode): - (JSC::FunctionCallBracketNode::FunctionCallBracketNode): - (JSC::FunctionCallDotNode::FunctionCallDotNode): - (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode): - (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode): - (JSC::PostfixNode::PostfixNode): - (JSC::DeleteResolveNode::DeleteResolveNode): - (JSC::DeleteBracketNode::DeleteBracketNode): - (JSC::DeleteDotNode::DeleteDotNode): - (JSC::PrefixNode::PrefixNode): - (JSC::ReadModifyResolveNode::ReadModifyResolveNode): - (JSC::ReadModifyBracketNode::ReadModifyBracketNode): - (JSC::AssignBracketNode::AssignBracketNode): - (JSC::AssignDotNode::AssignDotNode): - (JSC::ReadModifyDotNode::ReadModifyDotNode): - (JSC::AssignErrorNode::AssignErrorNode): - (JSC::WithNode::WithNode): - (JSC::ForInNode::ForInNode): - - Plumbed line and lineStart through the above as needed. - * parser/Nodes.cpp: - (JSC::StatementNode::setLoc): Plumbed lineStart. - (JSC::ScopeNode::ScopeNode): Plumbed lineStart. - (JSC::ProgramNode::ProgramNode): Plumbed startColumn. - (JSC::ProgramNode::create): Plumbed startColumn. - (JSC::EvalNode::create): - (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn. - (JSC::FunctionBodyNode::create): Plumbed startColumn. - * parser/Nodes.h: - (JSC::Node::startOffset): - (JSC::Node::lineStartOffset): Added. - (JSC::StatementNode::firstLine): - (JSC::StatementNode::lastLine): - (JSC::ThrowableExpressionData::ThrowableExpressionData): - (JSC::ThrowableExpressionData::setExceptionSourceCode): - (JSC::ThrowableExpressionData::divotStartOffset): - (JSC::ThrowableExpressionData::divotEndOffset): - (JSC::ThrowableExpressionData::divotLine): - (JSC::ThrowableExpressionData::divotLineStart): - (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData): - (JSC::ThrowableSubExpressionData::setSubexpressionInfo): - (JSC::ThrowableSubExpressionData::subexpressionDivot): - (JSC::ThrowableSubExpressionData::subexpressionStartOffset): - (JSC::ThrowableSubExpressionData::subexpressionEndOffset): - (JSC::ThrowableSubExpressionData::subexpressionLine): - (JSC::ThrowableSubExpressionData::subexpressionLineStart): - (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData): - (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo): - (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot): - (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset): - (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset): - (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine): - (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart): - (JSC::ScopeNode::startStartOffset): - (JSC::ScopeNode::startLineStartOffset): - (JSC::ProgramNode::startColumn): - (JSC::EvalNode::startColumn): - (JSC::FunctionBodyNode::startColumn): - - Plumbed line and lineStart through the above as needed. - * parser/Parser.cpp: - (JSC::::Parser): - (JSC::::parseSourceElements): - (JSC::::parseVarDeclarationList): - (JSC::::parseConstDeclarationList): - (JSC::::parseForStatement): - (JSC::::parseBreakStatement): - (JSC::::parseContinueStatement): - (JSC::::parseReturnStatement): - (JSC::::parseThrowStatement): - (JSC::::parseWithStatement): - - Plumbed line and lineStart through the above as needed. - (JSC::::parseFunctionBody): - - Plumbed startColumn. - (JSC::::parseFunctionInfo): - (JSC::::parseFunctionDeclaration): - (JSC::LabelInfo::LabelInfo): - (JSC::::parseExpressionOrLabelStatement): - (JSC::::parseAssignmentExpression): - (JSC::::parseBinaryExpression): - (JSC::::parseProperty): - (JSC::::parseObjectLiteral): - (JSC::::parsePrimaryExpression): - (JSC::::parseMemberExpression): - (JSC::::parseUnaryExpression): - - Plumbed line, lineStart, startColumn through the above as needed. - * parser/Parser.h: - (JSC::Parser::next): - (JSC::Parser::nextExpectIdentifier): - (JSC::Parser::tokenStart): - (JSC::Parser::tokenColumn): - (JSC::Parser::tokenEnd): - (JSC::Parser::tokenLineStart): - (JSC::Parser::lastTokenLine): - (JSC::Parser::lastTokenLineStart): - (JSC::::parse): - * parser/ParserTokens.h: - (JSC::JSTokenLocation::JSTokenLocation): - - Plumbed lineStart. - (JSC::JSTokenLocation::lineStartPosition): - (JSC::JSTokenLocation::startPosition): - (JSC::JSTokenLocation::endPosition): - * parser/SourceCode.h: - (JSC::SourceCode::SourceCode): - (JSC::SourceCode::startColumn): - (JSC::makeSource): - (JSC::SourceCode::subExpression): - * parser/SourceProvider.cpp: delete old code. - * parser/SourceProvider.h: delete old code. - * parser/SourceProviderCacheItem.h: - (JSC::SourceProviderCacheItem::closeBraceToken): - (JSC::SourceProviderCacheItem::SourceProviderCacheItem): - - Plumbed lineStart. - * parser/SyntaxChecker.h: - (JSC::SyntaxChecker::makeFunctionCallNode): - (JSC::SyntaxChecker::makeAssignNode): - (JSC::SyntaxChecker::makePrefixNode): - (JSC::SyntaxChecker::makePostfixNode): - (JSC::SyntaxChecker::makeDeleteNode): - (JSC::SyntaxChecker::createResolve): - (JSC::SyntaxChecker::createBracketAccess): - (JSC::SyntaxChecker::createDotAccess): - (JSC::SyntaxChecker::createRegExp): - (JSC::SyntaxChecker::createNewExpr): - (JSC::SyntaxChecker::createAssignResolve): - (JSC::SyntaxChecker::createFunctionExpr): - (JSC::SyntaxChecker::createFunctionBody): - (JSC::SyntaxChecker::createFuncDeclStatement): - (JSC::SyntaxChecker::createForInLoop): - (JSC::SyntaxChecker::createReturnStatement): - (JSC::SyntaxChecker::createBreakStatement): - (JSC::SyntaxChecker::createContinueStatement): - (JSC::SyntaxChecker::createWithStatement): - (JSC::SyntaxChecker::createLabelStatement): - (JSC::SyntaxChecker::createThrowStatement): - (JSC::SyntaxChecker::createGetterOrSetterProperty): - (JSC::SyntaxChecker::appendBinaryExpressionInfo): - (JSC::SyntaxChecker::operatorStackPop): - - Made SyntaxChecker prototype changes to match ASTBuilder due to new - args added for plumbing line, lineStart, and startColumn. - * runtime/CodeCache.cpp: - (JSC::CodeCache::generateBytecode): - (JSC::CodeCache::getCodeBlock): - - Plumbed startColumn. - * runtime/Executable.cpp: - (JSC::FunctionExecutable::FunctionExecutable): - (JSC::ProgramExecutable::compileInternal): - (JSC::FunctionExecutable::produceCodeBlockFor): - (JSC::FunctionExecutable::fromGlobalCode): - - Plumbed startColumn. - * runtime/Executable.h: - (JSC::ScriptExecutable::startColumn): - (JSC::ScriptExecutable::recordParse): - (JSC::FunctionExecutable::create): - - Plumbed startColumn. - -2013-07-08 Lucas Forschler - - Merge r152052 - - 2013-06-26 Anders Carlsson - - Add JSStringCreateWithCharactersNoCopy SPI - https://bugs.webkit.org/show_bug.cgi?id=118074 - - - Reviewed by Geoffrey Garen. - - * API/JSStringRef.cpp: - (JSStringCreateWithCharactersNoCopy): - Create a new OpaqueJSString, using the newly added StringImpl::createWithoutCopying function. - - * API/JSStringRefPrivate.h: Added. - Add a home for the JSStringCreateWithCharactersNoCopy function. - - * API/OpaqueJSString.h: - (OpaqueJSString::OpaqueJSString): - Just call isolatedCopy on the passed in string. - - * API/tests/testapi.c: - Add an API test for JSStringCreateWithCharactersNoCopy. - - * JavaScriptCore.xcodeproj/project.pbxproj: - Add new files. - -2013-07-08 Lucas Forschler - - Merge r152314 - - 2013-07-02 Mark Hahnenberg - - Replace RELEASE_ASSERT with ASSERT in CodeBlock:: bytecodeOffsetForCallAtIndex - https://bugs.webkit.org/show_bug.cgi?id=118316 - - Reviewed by Geoffrey Garen. - - This is causing some crashiness in release builds. We should replace it with an ASSERT - until we track down all the places that need fixing in bug 118315. - - * bytecode/CodeBlock.h: - (JSC::CodeBlock::bytecodeOffsetForCallAtIndex): - -2013-07-01 Lucas Forschler - - Merge r152091 - - 2013-06-27 Timothy Hatcher - - Notify the debugger about functions created from source code via new Function() or WebCore::JSLazyEventListener. - - https://bugs.webkit.org/show_bug.cgi?id=118063 - - Reviewed by Geoffrey Garen. - - * bytecode/UnlinkedCodeBlock.cpp: - (JSC::UnlinkedFunctionExecutable::fromGlobalCode): Call Debugger::sourceParsed. - -2013-07-01 Lucas Forschler - - Merge r151978 - - 2013-06-25 Ryosuke Niwa - - JSString should remember AtomicString - https://bugs.webkit.org/show_bug.cgi?id=117386 - - Reviewed by Geoffrey Garen. - - Added JSValue::toAtomicString and JSString::atomicString. These two functions allow WebCore to update - JSString's m_value to set isAtomic flag and avoid the AtomicStringTable lookups in subsequent attempts - to obtain the AtomicString of the same value. - - * runtime/JSCJSValue.h: - * runtime/JSString.h: - (JSC::JSString::atomicString): - (JSC::JSValue::toAtomicString): - -2013-06-25 Lucas Forschler - - Merge r151786 - - 2013-06-20 Mark Hahnenberg - - Improper deallocation of JSManagedValue causes crashes during autorelease pool draining - https://bugs.webkit.org/show_bug.cgi?id=117840 + Fixed VM pool allocation should have a reserve for allocations that cannot fail + https://bugs.webkit.org/show_bug.cgi?id=147154 + rdar://problem/21847618 Reviewed by Geoffrey Garen. - Improperly managing a JSManagedValue can cause a crash when the JSC::Weak inside the - JSManagedValue is destroyed upon deallocation. We would rather have improperly maintained - JSManagedValues cause memory leaks than take down the whole app. - - The fix is to use the callback to the JSC::Weak on the destruction of the VM so that we - can safely null it out. This will prevent ~Weak from crashing. - - * API/JSManagedValue.mm: - (-[JSManagedValue JSC::JSC::]): - (JSManagedValueHandleOwner::finalize): - * API/tests/testapi.mm: Added a test that crashed prior to this fix due to a leaked - managed reference. Also fixed a small style nit I noticed in another test. - -2013-06-25 Lucas Forschler - - Merge r151923 - - 2013-06-24 Roger Fong - - Unreviewed. Makefile build fix for AppleWindows. - - * JavaScriptCore.vcxproj/JavaScriptCore.make: - -2013-06-21 Lucas Forschler - - Merge r151787 - - 2013-06-20 Roger Fong - - Make Windows makefile copy build output to a different folder. - . - - * JavaScriptCore.vcxproj/JavaScriptCore.make: - -2013-06-18 Roger Fong - - Disable some feature flags. - . - - Rubberstamped by Jon Lee. - - * Configurations/FeatureDefines.xcconfig: - -2013-06-18 Oliver Hunt - - Going to google.com/trends causes a crash - https://bugs.webkit.org/show_bug.cgi?id=117602 - - Reviewed by Geoffrey Garen. - - When handling op_throw, etc we need to flush the variables and arguments - for the entire inline stack, not just the top frame. - - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::flushAllArgumentsAndCapturedVariablesInInlineStack): - (JSC::DFG::ByteCodeParser::parseBlock): - -2013-06-18 Roger Fong - - Replace tools32 folder with tools and update WebKit Windows solution accordingly. - . - - Rubberstamped by Brent Fulgham. - - * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: - * JavaScriptCore.vcxproj/JavaScriptCoreDebug.props: - * JavaScriptCore.vcxproj/JavaScriptCoreDebugCFLite.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.vcxproj: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedDebug.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedProduction.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedRelease.props: - * JavaScriptCore.vcxproj/JavaScriptCorePostBuild.cmd: - * JavaScriptCore.vcxproj/JavaScriptCoreProduction.props: - * JavaScriptCore.vcxproj/JavaScriptCoreRelease.props: - * JavaScriptCore.vcxproj/JavaScriptCoreReleaseCFLite.props: - * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.vcxproj: - * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.vcxproj: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractor.vcxproj: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorDebug.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorProduction.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorRelease.props: - * JavaScriptCore.vcxproj/jsc/jsc.vcxproj: - * JavaScriptCore.vcxproj/jsc/jscDebug.props: - * JavaScriptCore.vcxproj/jsc/jscProduction.props: - * JavaScriptCore.vcxproj/jsc/jscRelease.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj: - * JavaScriptCore.vcxproj/testRegExp/testRegExpDebug.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpProduction.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpRelease.props: - * JavaScriptCore.vcxproj/testapi/testapi.vcxproj: - * JavaScriptCore.vcxproj/testapi/testapiDebug.props: - * JavaScriptCore.vcxproj/testapi/testapiDebugCFLite.props: - * JavaScriptCore.vcxproj/testapi/testapiProduction.props: - * JavaScriptCore.vcxproj/testapi/testapiRelease.props: - * JavaScriptCore.vcxproj/testapi/testapiReleaseCFLite.props: - -2013-06-17 Roger Fong - - Modify Windows makefiles to copy some bin output into Program Files. - https://bugs.webkit.org/show_bug.cgi?id=117714. - - - Reviewed by Brent Fulgham. - - * JavaScriptCore.vcxproj/JavaScriptCore.make: - -2013-06-14 Ryosuke Niwa - - Function names on Object.prototype should be common identifiers - https://bugs.webkit.org/show_bug.cgi?id=117614 - - Reviewed by Darin Adler. - - Patch written by Sam Weinig. Make Object's prototype function names common identififers since they're used frequently. - - * runtime/CommonIdentifiers.h: - * runtime/FunctionConstructor.cpp: - (JSC::constructFunction): - * runtime/JSGlobalObject.cpp: - (JSC::JSGlobalObject::reset): - * runtime/JSObject.h: - * runtime/ObjectPrototype.cpp: - (JSC::ObjectPrototype::finishCreation): - * runtime/StringPrototype.cpp: - (JSC::StringPrototype::finishCreation): - -2013-06-13 Ryosuke Niwa - - Remove LiteralIdentifierTable - https://bugs.webkit.org/show_bug.cgi?id=117613 - - Reviewed by Geoffrey Garen. - - Removed LiteralIdentifierTable since it doesn't seem to have any perf. impact now. - - * runtime/Identifier.cpp: - (JSC::Identifier::add): - -2013-06-12 Conrad Shultz - - JSExport header documentation substitutes "semicolon" for "colon" - https://bugs.webkit.org/show_bug.cgi?id=117552 - - Reviewed by Mark Hahnenberg. - - * API/JSExport.h: - Fix a couple typos. - -2013-06-10 Raphael Kubo da Costa - - [JSC] Remove a vestige of wxWidgets support. - https://bugs.webkit.org/show_bug.cgi?id=117419 - - Reviewed by Benjamin Poulain. - - * runtime/JSExportMacros.h: Remove a check for BUILDING_WX__ that - seems to have gone unnoticed when the wxWidgets port was removed. - -2013-06-06 Roger Fong - - Stop copying AAS binaries into build folder. - https://bugs.webkit.org/show_bug.cgi?id=117319. - - Rubberstamped by Darin Adler. - - * JavaScriptCore.vcxproj/JavaScriptCorePreLink.cmd: - * JavaScriptCore.vcxproj/jsc/jscPostBuild.cmd: - * JavaScriptCore.vcxproj/jsc/jscPreLink.cmd: - * JavaScriptCore.vcxproj/testRegExp/testRegExpPostBuild.cmd: - * JavaScriptCore.vcxproj/testRegExp/testRegExpPreLink.cmd: - * JavaScriptCore.vcxproj/testapi/testapiPreLink.cmd: - -2013-06-05 Filip Pizlo - - DFG CFA shouldn't filter ArrayModes with ALL_NON_ARRAY_ARRAY_MODES if the speculated type is not SpecArray - https://bugs.webkit.org/show_bug.cgi?id=117279 - - - Reviewed by Mark Hahnenberg. - - * dfg/DFGAbstractValue.h: - (JSC::DFG::AbstractValue::filterArrayModesByType): - -2013-06-05 Michael Saboff - - JSC: Crash beneath cti_op_div @ http://gmailblog.blogspot.com - https://bugs.webkit.org/show_bug.cgi?id=117280 - - Reviewed by Filip Pizlo. - - Updated the merging of VariableAccessData nodes in ArgumentPosition lists - to find the unified VariableAccessData node that is the root of the - current node instead of using the current node directly when merging - attributes. - Added new dump code to dump the ArgumentPosition list. - - * dfg/DFGArgumentPosition.h: - (JSC::DFG::rgumentPosition::mergeArgumentPredictionAwareness): - (JSC::DFG::ArgumentPosition::mergeArgumentUnboxingAwareness): - (JSC::DFG::ArgumentPosition::dump): - * dfg/DFGGraph.cpp: - (JSC::DFG::Graph::dump): - -2013-06-05 Bear Travis - - [CSS Exclusions][CSS Shapes] Split CSS Exclusions & Shapes compile & runtime flags - https://bugs.webkit.org/show_bug.cgi?id=117172 - - Reviewed by Alexandru Chiculita. - - Adding the CSS_SHAPES compile flag. - - * Configurations/FeatureDefines.xcconfig: - -2013-06-05 Balazs Kilvady - - JSC Assertion tests failures on MIPS. - https://bugs.webkit.org/show_bug.cgi?id=116552 - - Reviewed by Geoffrey Garen. - - Fix condition handlig in branchAdd32 implemetations. - - * assembler/MacroAssemblerMIPS.h: - (JSC::MacroAssemblerMIPS::branchAdd32): - -2013-06-04 Julien Brianceau - - [sh4] Add floating point absolute function support in baseline JIT. - https://bugs.webkit.org/show_bug.cgi?id=117147 - - Reviewed by Geoffrey Garen. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::supportsFloatingPointAbs): - (JSC::MacroAssemblerSH4::absDouble): - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::dabs): - (JSC::SH4Assembler::printInstr): - -2013-06-04 Zan Dobersek - - [JSC] Test262 15.5.4.9_3 test is failing - https://bugs.webkit.org/show_bug.cgi?id=116789 - - Reviewed by Geoffrey Garen. - - Bring the String.prototype.localeCompare behavior in line wit ES5 15.9.4.9. - If method is not given enough arguments, the minimal amount of arguments must be assumed, with their value being undefined. - The first argument to localeCompare, in its string form, is used as the 'that' string that's used in the comparison. - Therefor, when calling str.localeCompare() or str.localeCompare(undefined), the first argument is `undefined` and the - string "undefined" is used as the string to which value of str is compared. - - * runtime/StringPrototype.cpp: - (JSC::stringProtoFuncLocaleCompare): Remove the early return in case of no given arguments to achieve the desired behavior. - -2013-06-03 Hojong Han - - [EFL] Implement GCActivityCallback - https://bugs.webkit.org/show_bug.cgi?id=95923 - - Reviewed by Geoffrey Garen. - - Implements the activity triggered garbage collector. - Additional GCs can be triggered by platfrom timer. - It has sort of compaction effect not to make JSC heap grow fast - so that memory usage becomes lower than usual. - - * PlatformEfl.cmake: Added. - * heap/HeapTimer.cpp: - (JSC): - (JSC::HeapTimer::HeapTimer): - (JSC::HeapTimer::~HeapTimer): - (JSC::HeapTimer::add): - (JSC::HeapTimer::stop): - (JSC::HeapTimer::timerEvent): - * heap/HeapTimer.h: - (HeapTimer): - * jsc.cpp: - (main): - * runtime/GCActivityCallback.cpp: - (JSC): - (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback): - (JSC::DefaultGCActivityCallback::scheduleTimer): - (JSC::DefaultGCActivityCallback::cancelTimer): - (JSC::DefaultGCActivityCallback::didAllocate): - * runtime/GCActivityCallback.h: - (GCActivityCallback): - (JSC::GCActivityCallback::GCActivityCallback): - (DefaultGCActivityCallback): - -2013-06-03 Roger Fong - - Nuke VS2005 files from the tree. - . - - Rubberstamped by Brent Fulgham. - - * JavaScriptCore.vcproj: Removed. - * JavaScriptCore.vcproj/JavaScriptCore: Removed. - * JavaScriptCore.vcproj/JavaScriptCore.make: Removed. - * JavaScriptCore.vcproj/JavaScriptCore.resources: Removed. - * JavaScriptCore.vcproj/JavaScriptCore.resources/Info.plist: Removed. - * JavaScriptCore.vcproj/JavaScriptCore.sln: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCF.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreDebug.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreDebugAll.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreDebugCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedCommon.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedDebug.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedDebugAll.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedDebugCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedProduction.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedRelease.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedReleaseCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGeneratedReleasePGO.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCorePGOOptimize.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCorePostBuild.cmd: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCorePreBuild.cmd: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCorePreLink.cmd: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreProduction.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreRelease.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreReleaseCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreReleasePGO.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreReleasePGOOptimize.vsprops: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/build-generated-files.sh: Removed. - * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd: Removed. - * JavaScriptCore.vcproj/JavaScriptCoreSubmit.sln: Removed. - * JavaScriptCore.vcproj/LLIntAssembly: Removed. - * JavaScriptCore.vcproj/LLIntAssembly/LLIntAssembly.make: Removed. - * JavaScriptCore.vcproj/LLIntAssembly/LLIntAssembly.vcproj: Removed. - * JavaScriptCore.vcproj/LLIntAssembly/build-LLIntAssembly.sh: Removed. - * JavaScriptCore.vcproj/LLIntDesiredOffsets: Removed. - * JavaScriptCore.vcproj/LLIntDesiredOffsets/LLIntDesiredOffsets.make: Removed. - * JavaScriptCore.vcproj/LLIntDesiredOffsets/LLIntDesiredOffsets.vcproj: Removed. - * JavaScriptCore.vcproj/LLIntDesiredOffsets/build-LLIntDesiredOffsets.sh: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractor.vcproj: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorDebug.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorDebugAll.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorDebugCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorProduction.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorRelease.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorReleaseCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorReleasePGO.vsprops: Removed. - * JavaScriptCore.vcproj/jsc: Removed. - * JavaScriptCore.vcproj/jsc/jsc.vcproj: Removed. - * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscDebug.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscDebugAll.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscDebugCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscPostBuild.cmd: Removed. - * JavaScriptCore.vcproj/jsc/jscPreBuild.cmd: Removed. - * JavaScriptCore.vcproj/jsc/jscPreLink.cmd: Removed. - * JavaScriptCore.vcproj/jsc/jscProduction.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscRelease.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscReleaseCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/jsc/jscReleasePGO.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExp.vcproj: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpCommon.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpDebug.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpDebugAll.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpDebugCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpPostBuild.cmd: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpPreBuild.cmd: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpPreLink.cmd: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpProduction.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpRelease.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpReleaseCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/testRegExp/testRegExpReleasePGO.vsprops: Removed. - * JavaScriptCore.vcproj/testapi: Removed. - * JavaScriptCore.vcproj/testapi/testapi.vcproj: Removed. - * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops: Removed. - * JavaScriptCore.vcproj/testapi/testapiDebug.vsprops: Removed. - * JavaScriptCore.vcproj/testapi/testapiDebugAll.vsprops: Removed. - * JavaScriptCore.vcproj/testapi/testapiDebugCairoCFLite.vsprops: Removed. - * JavaScriptCore.vcproj/testapi/testapiPostBuild.cmd: Removed. - * JavaScriptCore.vcproj/testapi/testapiPreBuild.cmd: Removed. - * JavaScriptCore.vcproj/testapi/testapiPreLink.cmd: Removed. - * JavaScriptCore.vcproj/testapi/testapiProduction.vsprops: Removed. - * JavaScriptCore.vcproj/testapi/testapiRelease.vsprops: Removed. - * JavaScriptCore.vcproj/testapi/testapiReleaseCairoCFLite.vsprops: Removed. - -2013-05-31 Filip Pizlo - - Incorrect assertion in DFG::Graph::uncheckedActivationRegisterFor() - - - Rubber stamped by Mark Hahnenberg. - - This has a bogus assertion that checks that the passed CodeOrigin doesn't have - an inline call frame. This was well intentioned in the sense that it is true - that inlined call frames wouldn't have an activation register. But that doesn't - mean that people won't ask. Removing the assertion fixes a debug-only crash and - has no impact on production code. This change adds a comment to that effect. - - * dfg/DFGGraph.h: - (JSC::DFG::Graph::uncheckedActivationRegisterFor): - -2013-05-31 Julien Brianceau - - [sh4] Fix Overflow case of branchMul32 in baseline JIT. - https://bugs.webkit.org/show_bug.cgi?id=117057 - - Reviewed by Oliver Hunt. - - Current implementation of Overflow case in branchMul32 performs an - unsigned multiplication whereas a signed multiplication is expected. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::branchMul32): - -2013-05-31 Julien Brianceau - - [sh4] Fix floating point comparisons in baseline JIT. - https://bugs.webkit.org/show_bug.cgi?id=117066. - - Reviewed by Oliver Hunt. - - Current implementation of branchDouble function in baseline JIT is wrong - for some conditions and overkill for others. For instance: - - With DoubleGreaterThanOrEqual condition, branch will be taken if either - operand is NaN with current implementation whereras it should not. - - With DoubleNotEqualOrUnordered condition, performed NaN checks are - useless (because comparison result is false if either operand is NaN). - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::branchDouble): - -2013-05-31 Julien Brianceau - - [sh4] Fix double floating point transfer in baseline JIT. - https://bugs.webkit.org/show_bug.cgi?id=117054 - - Reviewed by Oliver Hunt. - - In current implementation, dmovRegReg function transfers only one single - FPRegister as PR=1 and SZ=0 in floating point status/control register. - Double transfers must be performed with two fmov.s opcodes. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::moveDouble): - (JSC::MacroAssemblerSH4::addDouble): Handle (op2==dest) case properly. - (JSC::MacroAssemblerSH4::sqrtDouble): - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::fmovsRegReg): - -2013-05-31 Julien Brianceau - - [sh4] Handle branchType properly in branchTruncateDoubleToInt32. - https://bugs.webkit.org/show_bug.cgi?id=117062 - - Reviewed by Oliver Hunt. - - Current implementation of branchTruncateDoubleToInt32 is incorrect - when branchType == BranchIfTruncateSuccessful in sh4 baseline JIT. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::branchTruncateDoubleToInt32): - -2013-05-31 Brent Fulgham - - [Windows] Unreviewed build fix for VS2005 builders. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: Add - missing export for WTF::SHA1::computeHexDigest - -2013-05-30 David Farler - - Fix jscore-test when not using --sdk option with jsDriver.pl - https://bugs.webkit.org/show_bug.cgi?id=116339 - - Reviewed by Joe Pecoraro. - - * tests/mozilla/jsDriver.pl: - (execute_tests): - With each test, the shell_command needs to be started from scratch. - - This fix will clear the shell_command and start over as before with - the opt_arch option when not using --sdk with jsDriver.pl. - -2013-05-30 Roger Fong - - Get rid of JavaScript exports file on AppleWin port. - https://bugs.webkit.org/show_bug.cgi?id=117050. - - Reviewed by Darin Adler. - - Delete the JavaScriptCoreExportGenerator folder and remove dependencies. - Start linking in WTF.lib now that it's a shared library. - - * JavaScriptCore.vcxproj/JavaScriptCore.submit.sln: - * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: - * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGenerator.vcxproj: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGenerator.vcxproj.filters: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorBuildCmd.cmd: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorCommon.props: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorDebug.props: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPostBuild.cmd: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPreBuild.cmd: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorProduction.props: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorRelease.props: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: Removed. - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/make-export-file-generator: Removed. - * JavaScriptCore.vcxproj/jsc/jscCommon.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj: - * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj.filters: - * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props: - * JavaScriptCore.vcxproj/testapi/testapiCommon.props: - -2013-05-22 David Farler - - Add --sdk option to jsDriver.pl to run with iOS Simulator - https://bugs.webkit.org/show_bug.cgi?id=116339 - - Reviewed by David Kilzer. - - * tests/mozilla/jsDriver.pl: - (execute_tests): - Prefix shell command with the path to the "sim" tool. - (parse_args): - Add -d / --sdk option. - (usage): - Help message for -d / --sdk option. - -2013-05-30 Julien Brianceau - - [sh4] Optimize NaN checks in LLINT for floating point comparisons. - https://bugs.webkit.org/show_bug.cgi?id=117049 - - Reviewed by Oliver Hunt. - - Use the fcmp/eq opcode in sh4 LLINT to test if a double is NaN. - This is more efficient, doesn't require two tmp registers and requires - less code than current implementation (which converts double to float, - then checks 'E = Emax + 1' and 'f != 0'). - - * offlineasm/sh4.rb: - -2013-05-30 Oliver Hunt - - JSCallbackObject does not correctly initialise the PropertySlot for getOwnPropertyDescriptor - https://bugs.webkit.org/show_bug.cgi?id=117053 - - Reviewed by Mark Hahnenberg. - - Set appropriate thisValue on the PropertySlot - - * API/JSCallbackObjectFunctions.h: - (JSC::::getOwnPropertyDescriptor): - * API/tests/testapi.mm: - -2013-05-29 Jeffrey Pfau - - [Mac] Enable cache partitioning and the public suffix list on 10.8 - - - Rubber-stamped by David Kilzer. - - * Configurations/FeatureDefines.xcconfig: - -2013-05-28 Brent Fulgham - - [Windows] Put correct byteCompile symbol in file. Previous version - had an extra 'i' appended to the end. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: - -2013-05-28 Brent Fulgham - - [Windows] Unreviewed build fix. Remove ?byteCompile symbol that - is no longer accessible during link. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: - -2013-05-28 Gavin Barraclough - - String(new Date(2010,10,1)) is wrong in KRAT, YAKT - https://bugs.webkit.org/show_bug.cgi?id=106750 - - Reviewed by Darin Adler. - - * runtime/JSDateMath.cpp: - (JSC::msToGregorianDateTime): - - Additional review comment fix. - -2013-05-28 Brent Fulgham - - [Windows] Unreviewed build fix after r150833 - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: - A CR/LF combination was lost in the file, combining two symbols. - -2013-05-27 Gavin Barraclough - - String(new Date(2010,10,1)) is wrong in KRAT, YAKT - https://bugs.webkit.org/show_bug.cgi?id=106750 - - Reviewed by Darin Adler. - - First part of a fix, simplfy date handling code, instead of operating separately - on the UTC-standard and standard-DST offsets, just generate a combined UTC-local - offset (this is what we actually need, and what the OS gives us). - - * runtime/JSDateMath.cpp: - (JSC::getLocalTimeOffset): - - removed getUTCOffset, converted getDSTOffset -> getLocalTimeOffset - (JSC::gregorianDateTimeToMS): - (JSC::msToGregorianDateTime): - (JSC::parseDateFromNullTerminatedCharacters): - - call getLocalTimeOffset instead of getUTCOffset/getDSTOffset - * runtime/VM.cpp: - (JSC::VM::resetDateCache): - - removed cachedUTCOffset, converted DSTOffsetCache -> LocalTimeOffsetCache - * runtime/VM.h: - (JSC::LocalTimeOffsetCache::LocalTimeOffsetCache): - (JSC::LocalTimeOffsetCache::reset): - (LocalTimeOffsetCache): - - removed cachedUTCOffset, converted DSTOffsetCache -> LocalTimeOffsetCache - -2013-05-28 Mark Hahnenberg - - r150199 is very wrong - https://bugs.webkit.org/show_bug.cgi?id=116876 - - JSValue needs to protect its internal JSValueRef. - - Reviewed by Darin Adler. - - * API/JSValue.mm: - (-[JSValue initWithValue:inContext:]): - (-[JSValue dealloc]): - * API/tests/testapi.mm: Added a simple test to make sure that we protect the - underlying JavaScript value across garbage collections. - -2013-05-27 Patrick Gansterer - - Use ICU_INCLUDE_DIRS in BlackBerry CMake files - https://bugs.webkit.org/show_bug.cgi?id=116210 - - Reviewed by Rob Buis. - - Set and use the ICU_INCLUDE_DIRS variable to avoid - duplicated adding of the ICU include directory. - - * PlatformBlackBerry.cmake: - -2013-05-27 Gabor Rapcsanyi - - MacroAssemblerARM should use xor to swap registers instead of move - https://bugs.webkit.org/show_bug.cgi?id=116306 - - Reviewed by Zoltan Herczeg. - - Change register swapping to xor from move and this way we don't need - temporary register anymore. - - * assembler/MacroAssemblerARM.h: - (JSC::MacroAssemblerARM::swap): - -2013-05-25 Filip Pizlo - - We broke (-2^31/-1)|0 in the DFG - https://bugs.webkit.org/show_bug.cgi?id=116767 - - Reviewed by Andreas Kling. - - The bug is that we were assuming that in the -2^31 case, we already had -2^31 - in the result register. This was a wrong assumption. - - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForX86): - -2013-05-24 Filip Pizlo - - We broke !(0/0) - https://bugs.webkit.org/show_bug.cgi?id=116736 - - Reviewed by Gavin Barraclough. - - * parser/ASTBuilder.h: - (JSC::ASTBuilder::createLogicalNot): - * runtime/JSCJSValueInlines.h: - (JSC::JSValue::pureToBoolean): - -2013-05-24 Julien Brianceau - - [sh4] Optimize LLINT generated code and fix few bugs in baseline JIT. - https://bugs.webkit.org/show_bug.cgi?id=116716 - - Reviewed by Geoffrey Garen. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::mul32): Cosmetic changes. - (JSC::MacroAssemblerSH4::convertInt32ToDouble): Absolute address was not dereferenced. - (JSC::MacroAssemblerSH4::branch32): Absolute address was not dereferenced. - (JSC::MacroAssemblerSH4::revertJumpReplacementToBranchPtrWithPatch): Use all 32 bits of pointer for revertJump call. - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::revertJump): Use changePCrelativeAddress to patch the whole pointer. - (JSC::SH4Assembler::linkJump): Cosmetic change. - * offlineasm/sh4.rb: Optimize LLINT generated code. - -2013-05-23 Peter Wang - - CLoop llint backend should not use the d8 register as scratch register - https://bugs.webkit.org/show_bug.cgi?id=116019 - - Reviewed by Csaba Osztrogonác. - - * offlineasm/cloop.rb: - -2013-05-22 Peter Wang - - Use uninitialized register in "JIT::emit_op_neq_null" and "emit_op_eq_null" - https://bugs.webkit.org/show_bug.cgi?id=116593 - - Reviewed by Filip Pizlo. - - Generated instructions using uninitialized register. It's caused by a mistake of r126494. - - * jit/JITOpcodes32_64.cpp: - (JSC::JIT::emit_op_eq_null): - (JSC::JIT::emit_op_neq_null): - -2013-05-22 Filip Pizlo - - Fix indentation of CodeBlock.h - - Rubber stampted by Mark Hahnenberg. - - * bytecode/CodeBlock.h: - -2013-05-22 Julien Brianceau - - [sh4] Remove MacroAssemblerSH4.cpp file. - https://bugs.webkit.org/show_bug.cgi?id=116596. - - Reviewed by Geoffrey Garen. - - Move linkCall and repatchCall implementations from MacroAssemblerSH4.cpp - to MacroAssemblerSH4.h and remove MacroAssemblerSH4.cpp, as it is done - for other architectures. - - * GNUmakefile.list.am: - * JavaScriptCore.xcodeproj/project.pbxproj: - * Target.pri: - * assembler/MacroAssemblerSH4.cpp: Removed. - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::linkCall): - (MacroAssemblerSH4): - (JSC::MacroAssemblerSH4::repatchCall): - -2013-05-21 Brent Fulgham - - [Windows] Unreviewed speculative fix for test-bots. - - Add export declaration for WTFInvokeCrashHook to avoid runtime - load error on test bots. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: - -2013-05-21 Mark Lam - - Added missing assert condition for PositiveOrZero in ARM branch32(). - https://bugs.webkit.org/show_bug.cgi?id=116538. - - Reviewed by Geoffrey Garen. - - * assembler/MacroAssemblerARM.h: - (JSC::MacroAssemblerARM::branchAdd32): - -2013-05-20 Mark Hahnenberg - - Disable SuperRegion - https://bugs.webkit.org/show_bug.cgi?id=116362 - - Rubber stamped by Geoff Garen. - - * heap/Region.h: - -2013-05-20 Oliver Hunt - - Make C API more robust against null contexts - https://bugs.webkit.org/show_bug.cgi?id=116462 - - Reviewed by Anders Carlsson. - - Handle null contexts in a non-crashy way. It's a bug to ever call the - API with a null context, and the absence of a context means we can't - produce a meaningful result, so we still assert in debug builds. - - Now where possible we detect and early return, returning null for any - pointer type, NaN for doubles, and false for any boolean result. - - * API/JSBase.cpp: - (JSEvaluateScript): - (JSCheckScriptSyntax): - (JSReportExtraMemoryCost): - * API/JSContextRef.cpp: - (JSContextGetGlobalObject): - (JSContextGetGroup): - (JSContextGetGlobalContext): - (JSContextCreateBacktrace): - * API/JSObjectRef.cpp: - (JSObjectMake): - (JSObjectMakeFunctionWithCallback): - (JSObjectMakeConstructor): - (JSObjectMakeFunction): - (JSObjectMakeArray): - (JSObjectMakeDate): - (JSObjectMakeError): - (JSObjectMakeRegExp): - (JSObjectGetPrototype): - (JSObjectSetPrototype): - (JSObjectHasProperty): - (JSObjectGetProperty): - (JSObjectSetProperty): - (JSObjectGetPropertyAtIndex): - (JSObjectSetPropertyAtIndex): - (JSObjectDeleteProperty): - (JSObjectCopyPropertyNames): - * API/JSValueRef.cpp: - (JSValueGetType): - (JSValueIsUndefined): - (JSValueIsNull): - (JSValueIsBoolean): - (JSValueIsNumber): - (JSValueIsString): - (JSValueIsObject): - (JSValueIsObjectOfClass): - (JSValueIsEqual): - (JSValueIsStrictEqual): - (JSValueIsInstanceOfConstructor): - (JSValueMakeUndefined): - (JSValueMakeNull): - (JSValueMakeBoolean): - (JSValueMakeNumber): - (JSValueMakeString): - (JSValueMakeFromJSONString): - (JSValueCreateJSONString): - (JSValueToBoolean): - (JSValueToNumber): - (JSValueToStringCopy): - (JSValueToObject): - (JSValueProtect): - * API/JSWeakObjectMapRefPrivate.cpp: - -2013-05-20 David Kilzer - - Synchronize FeatureDefines.xcconfig - - * Configurations/FeatureDefines.xcconfig: Remove - ENABLE_LINK_PRERENDER. This was missed in r150356. - -2013-05-19 Anders Carlsson - - Remove link prerendering code - https://bugs.webkit.org/show_bug.cgi?id=116415 - - Reviewed by Darin Adler. - - This code was only used by Chromium and is dead now. - - * Configurations/FeatureDefines.xcconfig: - -2013-05-18 Patrick Gansterer - - [CMake] Replace *_LIBRARY_NAME with *_OUTPUT_NAME - https://bugs.webkit.org/show_bug.cgi?id=114554 - - Reviewed by Gyuyoung Kim. - - Using variables as target names is very uncommon in CMake. - The usual way to specify the name of the resulting binary - is to set the OUTPUT_NAME target property. - - * CMakeLists.txt: - * shell/CMakeLists.txt: - -2013-05-17 Patrick Gansterer - - [CMake] Remove invalid include paths - https://bugs.webkit.org/show_bug.cgi?id=116213 - - Reviewed by Gyuyoung Kim. - - Since "${JAVASCRIPTCORE_DIR}/wtf" does not exist, it is safe - to remove them from the list of include directories. - - * PlatformEfl.cmake: Removed. - * PlatformGTK.cmake: Removed. - -2013-05-16 Patrick Gansterer - - Consolidate lists in JavaScriptCore CMake files - https://bugs.webkit.org/show_bug.cgi?id=115992 - - Reviewed by Gyuyoung Kim. - - Move common files into the CMakeLists.txt to avoid duplicating the list of files. - Also rebase the recently added GTK files to match the other CMake ports, since - the submitted patch was based on an older version of the source tree. - - * CMakeLists.txt: - * PlatformEfl.cmake: - * PlatformGTK.cmake: - * shell/CMakeLists.txt: - * shell/PlatformEfl.cmake: - * shell/PlatformGTK.cmake: - -2013-05-16 Geoffrey Garen - - JSValue shouldn't protect/unprotect its context - https://bugs.webkit.org/show_bug.cgi?id=116234 - - Reviewed by Mark Hahnenberg. - - Our retain on _context is sufficient. - - * API/JSValue.mm: - (-[JSValue initWithValue:inContext:]): - (-[JSValue dealloc]): - -2013-05-15 Ryosuke Niwa - - Another Windows build fix attempt after r150160. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: - -2013-05-15 Oliver Hunt - - RefCountedArray needs to use vector initialisers for its backing store - https://bugs.webkit.org/show_bug.cgi?id=116194 - - Reviewed by Gavin Barraclough. - - Use an out of line function to clear the exception stack to avoid - needing to include otherwise unnecessary headers all over the place. - - Everything else is just being updated to use that. - - * bytecompiler/BytecodeGenerator.cpp: - * interpreter/CallFrame.h: - (JSC::ExecState::clearSupplementaryExceptionInfo): - * interpreter/Interpreter.cpp: - (JSC::Interpreter::addStackTraceIfNecessary): - (JSC::Interpreter::throwException): - * runtime/JSGlobalObject.cpp: - (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): - * runtime/VM.cpp: - (JSC): - (JSC::VM::clearExceptionStack): - * runtime/VM.h: - (VM): - (JSC::VM::exceptionStack): - -2013-05-15 Commit Queue - - Unreviewed, rolling out r150051. - http://trac.webkit.org/changeset/150051 - https://bugs.webkit.org/show_bug.cgi?id=116186 - - Broke all JSC tests on Mac and the author is unresponsive - (Requested by rniwa on #webkit). - - * JavaScriptCore.xcodeproj/project.pbxproj: - -2013-05-15 Julien Brianceau - - Remove savedTimeoutReg from JITStackFrame for sh4 base JIT. - https://bugs.webkit.org/show_bug.cgi?id=116143 - - Reviewed by Geoffrey Garen. - - Since r148119, timeoutCheckRegister is removed from baseline JIT. - So we don't need to save r8 register in JITStackFrame anymore for sh4. - - * jit/JITStubs.cpp: - * jit/JITStubs.h: - (JITStackFrame): - -2013-05-15 Nico Weber - - WebKit doesn't support MSVS2003 any more, remove preprocessor checks for older versions. - https://bugs.webkit.org/show_bug.cgi?id=116157 - - Reviewed by Anders Carlsson. - - Also remove a gcc3.2 workaround. - - Merges parts of these two commits by the talented Nico Weber: - https://chromium.googlesource.com/chromium/blink/+/3677e2f47348daeff405a40b6f90fbdf0654c2f5 - https://chromium.googlesource.com/chromium/blink/+/0fcd96c448dc30be1416dcc15713c53710c1a312 - - * os-win32/inttypes.h: - -2013-05-13 Alvaro Lopez Ortega - - Nightly build's jsc doesn't work without DYLD_FRAMEWORK... - https://bugs.webkit.org/show_bug.cgi?id=79065 - - Reviewed by Darin Adler. - - Fixes the build process so the depencencies of the jsc binary are - modified before its copied to its target directory. In this way - jsc should always use relative reference to the JavaScriptCore - libraries. - - * JavaScriptCore.xcodeproj/project.pbxproj: Fixes the commands in - the "Copy Into Framework" target. - -2013-05-13 Mark Hahnenberg - - Objective-C API: scanExternalObjectGraph should not create new JSVirtualMachine wrappers - https://bugs.webkit.org/show_bug.cgi?id=116074 - - If scanExternalObjectGraph creates a new JSVirtualMachine wrapper during collection, when the - scanExternalObjectGraph call finishes and the autorelease pool is drained we will dealloc the - JSVirtualMachine which will cause us to try to take the API lock for the corresponding VM. - If this happens on a GC thread other than the "main" thread, we will deadlock. The solution - is to just check the VM cache, and if there is no JSVirtualMachine wrapper, return early. - - Reviewed by Darin Adler. - - * API/JSVirtualMachine.mm: - (scanExternalObjectGraph): - -2013-05-13 Benjamin Poulain - - Improve stringProtoFuncLastIndexOf for the prefix case - https://bugs.webkit.org/show_bug.cgi?id=115952 - - Reviewed by Geoffrey Garen. - - * runtime/StringPrototype.cpp: - (JSC::stringProtoFuncLastIndexOf): - Use the optimized string search when possible. - - On Joseph Pecoraro's tests, this gives a ~30% speed improvement. - -2013-05-13 Zalan Bujtas - - WebProcess consuming very high CPU on linkedin.com - https://bugs.webkit.org/show_bug.cgi?id=115601 - - Reviewed by Andreas Kling. - - Disable WEB_TIMING_MINIMAL. - Turn off window.performance and performance.now(). Some JS frameworks expect - additional Web Timing APIs, when performance.now() is available. - - * Configurations/FeatureDefines.xcconfig: - -2013-05-12 Anders Carlsson - - Stop including UnusedParam.h - https://bugs.webkit.org/show_bug.cgi?id=116003 - - Reviewed by Sam Weinig. - - UnusedParam.h is empty now so there's no need to include it anymore. - - * API/APICast.h: - * API/tests/JSNode.c: - * API/tests/JSNodeList.c: - * API/tests/minidom.c: - * API/tests/testapi.c: - * assembler/AbstractMacroAssembler.h: - * assembler/MacroAssemblerCodeRef.h: - * bytecode/CodeBlock.cpp: - * heap/HandleStack.h: - * interpreter/JSStackInlines.h: - * jit/CompactJITCodeMap.h: - * jit/ExecutableAllocator.h: - * parser/SourceProvider.h: - * runtime/DatePrototype.cpp: - * runtime/JSNotAnObject.cpp: - * runtime/JSSegmentedVariableObject.h: - * runtime/JSVariableObject.h: - * runtime/Options.cpp: - * runtime/PropertyOffset.h: - -2013-05-11 Martin Robinson - - [GTK] Add a basic cmake build for WTF and JavaScriptCore - https://bugs.webkit.org/show_bug.cgi?id=115967 - - Reviewed by Laszlo Gombos. - - * PlatformGTK.cmake: Added. - * shell/PlatformGTK.cmake: Added. - -2013-05-10 Laszlo Gombos - - Remove USE(OS_RANDOMNESS) - https://bugs.webkit.org/show_bug.cgi?id=108095 - - Reviewed by Darin Adler. - - Remove the USE(OS_RANDOMNESS) guard as it is turned on for all - ports. - - * jit/JIT.cpp: - (JSC::JIT::JIT): - -2013-05-10 Mark Hahnenberg - - Rename StructureCheckHoistingPhase to TypeCheckHoistingPhase - https://bugs.webkit.org/show_bug.cgi?id=115938 - - We're going to add some more types of check hoisting soon, so let's have the right name here. - - Rubber stamped by Filip Pizlo. - - * CMakeLists.txt: - * GNUmakefile.list.am: - * JavaScriptCore.xcodeproj/project.pbxproj: - * Target.pri: - * dfg/DFGDriver.cpp: - (JSC::DFG::compile): - * dfg/DFGStructureCheckHoistingPhase.cpp: Removed. - * dfg/DFGStructureCheckHoistingPhase.h: Removed. - * dfg/DFGTypeCheckHoistingPhase.cpp: Copied from Source/JavaScriptCore/dfg/DFGStructureCheckHoistingPhase.cpp. - (JSC::DFG::TypeCheckHoistingPhase::TypeCheckHoistingPhase): - (JSC::DFG::performTypeCheckHoisting): - * dfg/DFGTypeCheckHoistingPhase.h: Copied from Source/JavaScriptCore/dfg/DFGStructureCheckHoistingPhase.h. - -2013-05-09 Christophe Dumez - - Unreviewed build fix after r149836. - - It broke at least EFL and GTK builds. Move new static members initialization - outside the class. Those need to have a definition outside the class because - their address is used (e.g. CodeCacheMap::nonGlobalWorkingSetMaxEntries). - - * runtime/CodeCache.cpp: - (JSC): - * runtime/CodeCache.h: - (CodeCacheMap): - -2013-05-08 Oliver Hunt - - Code cache stores bogus var references for functions in eval code - https://bugs.webkit.org/show_bug.cgi?id=115747 - - Reviewed by Mark Hahnenberg. - - Non-global eval now uses a per-CodeBlock cache, and only use it - when we're at the top of a function's scope. This means that we - will no longer cache the parsing of a single string across - multiple functions, and we won't cache when we're nested inside - constructs like |with| and |catch| where previously we would, which - is good because caching in those cases is unsound. - - * bytecode/EvalCodeCache.h: - (JSC): - (JSC::EvalCodeCache::getSlow): - (JSC::EvalCodeCache::get): - * bytecode/UnlinkedCodeBlock.h: - (JSC::UnlinkedCodeBlock::codeCacheForEval): - (UnlinkedCodeBlock): - (RareData): - * debugger/Debugger.cpp: - (JSC::evaluateInGlobalCallFrame): - * debugger/DebuggerCallFrame.cpp: - (JSC::DebuggerCallFrame::evaluate): - * interpreter/Interpreter.cpp: - (JSC::eval): - * runtime/CodeCache.cpp: - (JSC::CodeCache::CodeCache): - (JSC::CodeCache::generateBytecode): - (JSC): - (JSC::CodeCache::getCodeBlock): - * runtime/CodeCache.h: - (JSC::CodeCacheMap::CodeCacheMap): - (CodeCacheMap): - (JSC::CodeCacheMap::canPruneQuickly): - (JSC::CodeCacheMap::prune): - (JSC::CodeCache::create): - (CodeCache): - * runtime/Executable.cpp: - (JSC::EvalExecutable::EvalExecutable): - (JSC::EvalExecutable::compileInternal): - * runtime/Executable.h: - (JSC::EvalExecutable::create): - (EvalExecutable): - * runtime/JSGlobalObject.cpp: - (JSC::JSGlobalObject::createEvalCodeBlock): - * runtime/JSGlobalObject.h: - (JSGlobalObject): - * runtime/JSGlobalObjectFunctions.cpp: - (JSC::globalFuncEval): - * runtime/VM.cpp: - (JSC::VM::VM): - * runtime/VM.h: - (VM): - -2013-05-08 Mark Hahnenberg - - DFGArrayMode::fromObserved is too liberal when it sees different Array and NonArray shapes - https://bugs.webkit.org/show_bug.cgi?id=115805 - - Reviewed by Geoffrey Garen. - - It checks the observed ArrayModes to see if we have seen any ArrayWith* first. If so, it assumes it's - an Array::Array, even if we've also observed any NonArrayWith* in the ArrayProfile. This leads to the - code generated by jumpSlowForUnwantedArrayMode to check the indexing type against (shape | IsArray) - instead of just shape, which can cause us to exit a lot in the case that we saw a NonArray. - - To fix this we need to add a case that checks for both ArrayWith* and NonArrayWith* cases first, which - should then use Array::PossiblyArray, then do the checks we were already doing. - - * bytecode/ArrayProfile.h: - (JSC::hasSeenArray): - (JSC::hasSeenNonArray): - * dfg/DFGArrayMode.cpp: - (JSC::DFG::ArrayMode::fromObserved): - -2013-05-09 Joe Mason - - [BlackBerry] Set up logging buffer on start of jsc executable - https://bugs.webkit.org/show_bug.cgi?id=114688 - - Reviewed by Rob Buis. - - Internal PR: 322715 - Internally Reviewed By: Jeff Rogers - - * jsc.cpp: - (main): call BB::Platform::setupApplicationLogging - -2013-05-08 Michael Saboff - - JSC: There should be a disassembler for ARM Thumb 2 - https://bugs.webkit.org/show_bug.cgi?id=115827 - - Reviewed by Filip Pizlo. - - Added a new disassembler for ARMv7 Thumb2 instructions for use by the JSC debugging - and profiling code. The opcode coverage is currently not complete. It covers all - of the integer instructions JSC currently emits, but only a limited number of - floating point opcodes. Currently that is just the 64 bit vmov and vmsr instructions. - - The disassembler is structured as a base opcode class ARMv7DOpcode with sub-classes - for each instruction group. There is a public format method that does the bulk of - the disassembly work. There are two broad sub-classes, ARMv7D16BitOpcode and - ARMv7D32BitOpcode, for the 16 bit and 32 bit opcodes. There are sub-classes under - those two classes for individual and related groups of opcodes. Instructions are - "dispatched" to the right subclass via two arrays of linked lists in the inner classes - OpcodeGroup. There is one such inner class for each ARMv7D16BitOpcode and ARMv7D32BitOpcode. - Each OpcodeGroup has a mask and a pattern that it applies to the instruction to determine - that it matches a particular group. OpcodeGroup uses a static method to reinterpret_cast - the Opcode object to the right base class for the instruction group for formatting. - The cast eliminates the need of allocating an object for each decoded instruction. - Unknown instructions are formatted as ".word 1234" or ".long 12345678" depending whether - the instruction is 16 or 32 bit. - - * JavaScriptCore.xcodeproj/project.pbxproj: - * disassembler/ARMv7: Added. - * disassembler/ARMv7/ARMv7DOpcode.cpp: Added. - (ARMv7Disassembler): - (OpcodeGroupInitializer): - (JSC::ARMv7Disassembler::ARMv7DOpcode::init): - (JSC::ARMv7Disassembler::ARMv7DOpcode::startITBlock): - (JSC::ARMv7Disassembler::ARMv7DOpcode::saveITConditionAt): - (JSC::ARMv7Disassembler::ARMv7DOpcode::fetchOpcode): - (JSC::ARMv7Disassembler::ARMv7DOpcode::disassemble): - (JSC::ARMv7Disassembler::ARMv7DOpcode::bufferPrintf): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendInstructionName): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendRegisterName): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendRegisterList): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendFPRegisterName): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::init): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::doDisassemble): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::defaultFormat): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddRegisterT2::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSPPlusImmediate::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchConditionalT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchExchangeT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchT2::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareImmediateT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT2::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeGeneratePCRelativeAddress::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadFromLiteralPool::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscBreakpointT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscByteHalfwordOps::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscHint16::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscIfThenT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveImmediateT1::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveRegisterT1::format): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::init): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::doDisassemble): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::defaultFormat): - (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::appendModifiedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::appendImmShift): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::appendFPRegister): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegShift::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegParallel::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegMisc::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadRegister::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadUnsignedImmediate::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataPushPopSingle::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate12::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleRegister::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::format): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMSR::format): - * disassembler/ARMv7/ARMv7DOpcode.h: Added. - (ARMv7Disassembler): - (ARMv7DOpcode): - (JSC::ARMv7Disassembler::ARMv7DOpcode::ARMv7DOpcode): - (JSC::ARMv7Disassembler::ARMv7DOpcode::is32BitInstruction): - (JSC::ARMv7Disassembler::ARMv7DOpcode::isFPInstruction): - (JSC::ARMv7Disassembler::ARMv7DOpcode::conditionName): - (JSC::ARMv7Disassembler::ARMv7DOpcode::shiftName): - (JSC::ARMv7Disassembler::ARMv7DOpcode::inITBlock): - (JSC::ARMv7Disassembler::ARMv7DOpcode::startingITBlock): - (JSC::ARMv7Disassembler::ARMv7DOpcode::endITBlock): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendInstructionNameNoITBlock): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendSeparator): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendCharacter): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendString): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendShiftType): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendSignedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendUnsignedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendPCRelativeOffset): - (JSC::ARMv7Disassembler::ARMv7DOpcode::appendShiftAmount): - (ARMv7D16BitOpcode): - (OpcodeGroup): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::OpcodeGroup): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::setNext): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::next): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::matches): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::OpcodeGroup::format): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::rm): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::rd): - (JSC::ARMv7Disassembler::ARMv7D16BitOpcode::opcodeGroupNumber): - (ARMv7DOpcodeAddRegisterT2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddRegisterT2::rdn): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddRegisterT2::rm): - (ARMv7DOpcodeAddSPPlusImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSPPlusImmediate::rd): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSPPlusImmediate::immediate8): - (ARMv7DOpcodeAddSubtract): - (ARMv7DOpcodeAddSubtractT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::rm): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractT1::rn): - (ARMv7DOpcodeAddSubtractImmediate3): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::immediate3): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate3::rn): - (ARMv7DOpcodeAddSubtractImmediate8): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::rdn): - (JSC::ARMv7Disassembler::ARMv7DOpcodeAddSubtractImmediate8::immediate8): - (ARMv7DOpcodeBranchConditionalT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchConditionalT1::condition): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchConditionalT1::offset): - (ARMv7DOpcodeBranchExchangeT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchExchangeT1::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchExchangeT1::rm): - (ARMv7DOpcodeBranchT2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchT2::immediate11): - (ARMv7DOpcodeCompareImmediateT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareImmediateT1::rn): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareImmediateT1::immediate8): - (ARMv7DOpcodeCompareRegisterT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT1::rn): - (ARMv7DOpcodeCompareRegisterT2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT2::rn): - (JSC::ARMv7Disassembler::ARMv7DOpcodeCompareRegisterT2::rm): - (ARMv7DOpcodeDataProcessingRegisterT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::rm): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegisterT1::rdn): - (ARMv7DOpcodeGeneratePCRelativeAddress): - (JSC::ARMv7Disassembler::ARMv7DOpcodeGeneratePCRelativeAddress::rd): - (JSC::ARMv7Disassembler::ARMv7DOpcodeGeneratePCRelativeAddress::immediate8): - (ARMv7DOpcodeLoadFromLiteralPool): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadFromLiteralPool::rt): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadFromLiteralPool::immediate8): - (ARMv7DOpcodeLoadStoreRegisterImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::immediate5): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::rn): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::rt): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterImmediate::scale): - (ARMv7DOpcodeLoadStoreRegisterImmediateWordAndByte): - (ARMv7DOpcodeLoadStoreRegisterImmediateHalfWord): - (ARMv7DOpcodeLoadStoreRegisterOffsetT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::opB): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::rm): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::rn): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterOffsetT1::rt): - (ARMv7DOpcodeLoadStoreRegisterSPRelative): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::rt): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadStoreRegisterSPRelative::immediate8): - (ARMv7DOpcodeLogicalImmediateT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLogicalImmediateT1::immediate5): - (ARMv7DOpcodeMiscAddSubSP): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscAddSubSP::immediate7): - (ARMv7DOpcodeMiscByteHalfwordOps): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscByteHalfwordOps::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscByteHalfwordOps::op): - (ARMv7DOpcodeMiscBreakpointT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscBreakpointT1::immediate8): - (ARMv7DOpcodeMiscCompareAndBranch): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::immediate6): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscCompareAndBranch::rn): - (ARMv7DOpcodeMiscHint16): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscHint16::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscHint16::opA): - (ARMv7DOpcodeMiscIfThenT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscIfThenT1::firstCondition): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscIfThenT1::mask): - (ARMv7DOpcodeMiscPushPop): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMiscPushPop::registerMask): - (ARMv7DOpcodeMoveImmediateT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveImmediateT1::rd): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveImmediateT1::immediate8): - (ARMv7DOpcodeMoveRegisterT1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveRegisterT1::rd): - (JSC::ARMv7Disassembler::ARMv7DOpcodeMoveRegisterT1::rm): - (ARMv7D32BitOpcode): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::OpcodeGroup): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::setNext): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::next): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::matches): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::OpcodeGroup::format): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rd): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rm): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rn): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::rt): - (JSC::ARMv7Disassembler::ARMv7D32BitOpcode::opcodeGroupNumber): - (ARMv7DOpcodeBranchRelative): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::sBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::j1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::j2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchRelative::immediate11): - (ARMv7DOpcodeConditionalBranchT3): - (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::offset): - (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::condition): - (JSC::ARMv7Disassembler::ARMv7DOpcodeConditionalBranchT3::immediate6): - (ARMv7DOpcodeBranchOrBranchLink): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::offset): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::immediate10): - (JSC::ARMv7Disassembler::ARMv7DOpcodeBranchOrBranchLink::isBL): - (ARMv7DOpcodeDataProcessingLogicalAndRithmetic): - (ARMv7DOpcodeDataProcessingModifiedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::sBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingModifiedImmediate::immediate12): - (ARMv7DOpcodeDataProcessingShiftedReg): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::sBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::immediate5): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::type): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::tbBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingShiftedReg::tBit): - (ARMv7DOpcodeDataProcessingReg): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingReg::op1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingReg::op2): - (ARMv7DOpcodeDataProcessingRegShift): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegShift::opName): - (ARMv7DOpcodeDataProcessingRegExtend): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::opExtendName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::opExtendAndAddName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegExtend::rotate): - (ARMv7DOpcodeDataProcessingRegParallel): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegParallel::opName): - (ARMv7DOpcodeDataProcessingRegMisc): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataProcessingRegMisc::opName): - (ARMv7DOpcodeHint32): - (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::isDebugHint): - (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::debugOption): - (JSC::ARMv7Disassembler::ARMv7DOpcodeHint32::op): - (ARMv7DOpcodeFPTransfer): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opH): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opL): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::rt): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opC): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::opB): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::vd): - (JSC::ARMv7Disassembler::ARMv7DOpcodeFPTransfer::vn): - (ARMv7DOpcodeDataLoad): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataLoad::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataLoad::op): - (ARMv7DOpcodeLoadRegister): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadRegister::immediate2): - (ARMv7DOpcodeLoadSignedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::pBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::uBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::wBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadSignedImmediate::immediate8): - (ARMv7DOpcodeLoadUnsignedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLoadUnsignedImmediate::immediate12): - (ARMv7DOpcodeLongMultipleDivide): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::smlalOpName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::smlaldOpName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::smlsldOpName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::rdLo): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::rdHi): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::op1): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::op2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::nBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeLongMultipleDivide::mBit): - (ARMv7DOpcodeDataPushPopSingle): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataPushPopSingle::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataPushPopSingle::op): - (ARMv7DOpcodeDataStoreSingle): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataStoreSingle::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeDataStoreSingle::op): - (ARMv7DOpcodeStoreSingleImmediate12): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate12::immediate12): - (ARMv7DOpcodeStoreSingleImmediate8): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::pBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::uBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::wBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleImmediate8::immediate8): - (ARMv7DOpcodeStoreSingleRegister): - (JSC::ARMv7Disassembler::ARMv7DOpcodeStoreSingleRegister::immediate2): - (ARMv7DOpcodeUnmodifiedImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::opName): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::shBit): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::bitNumOrSatImmediate): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::immediate5): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::immediate12): - (JSC::ARMv7Disassembler::ARMv7DOpcodeUnmodifiedImmediate::immediate16): - (ARMv7DOpcodeVMOVDoublePrecision): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::rt2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::rt): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVDoublePrecision::vm): - (ARMv7DOpcodeVMOVSinglePrecision): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::op): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::rt2): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::rt): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMOVSinglePrecision::vm): - (ARMv7DOpcodeVMSR): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMSR::opL): - (JSC::ARMv7Disassembler::ARMv7DOpcodeVMSR::rt): - * disassembler/ARMv7Disassembler.cpp: Added. - (JSC::tryToDisassemble): - -2013-05-07 Julien Brianceau - - Take advantage of pre-decrement and post-increment opcodes for sh4 base JIT. - https://bugs.webkit.org/show_bug.cgi?id=115722 - - Reviewed by Oliver Hunt. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::load8PostInc): - (MacroAssemblerSH4): - (JSC::MacroAssemblerSH4::load16Unaligned): - (JSC::MacroAssemblerSH4::load16PostInc): - (JSC::MacroAssemblerSH4::storeDouble): - (JSC::MacroAssemblerSH4::load32WithUnalignedHalfWords): - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::movwMemRegIn): - (SH4Assembler): - (JSC::SH4Assembler::movbMemRegIn): - (JSC::SH4Assembler::printInstr): - -2013-05-07 Anders Carlsson - - Remove AlwaysInline.h from WTF - https://bugs.webkit.org/show_bug.cgi?id=115727 - - Reviewed by Brent Fulgham. - - The macro that used to be in AlwaysInline.h is now in Compiler.h so there's no reason - to keep AlwaysInline.h around anymore. - - * jit/JSInterfaceJIT.h: - * parser/Lexer.h: - * runtime/JSCJSValue.h: - * runtime/SymbolTable.h: - -2013-05-07 Mikhail Pozdnyakov - - HashTraits >::PeekType should be raw pointer for better performance - https://bugs.webkit.org/show_bug.cgi?id=115646 - - Reviewed by Darin Adler. - - * bytecompiler/StaticPropertyAnalyzer.h: - (JSC::StaticPropertyAnalyzer::putById): - Updated accordingly to new HashMap<.., RefPtr>::get() semantics. - -2013-05-06 Julien Brianceau - - Misc bugfix and cleaning in sh4 base JIT. - https://bugs.webkit.org/show_bug.cgi?id=115627 - - Reviewed by Oliver Hunt. - - Get rid of loadX(RegisterID r0, RegisterID src, RegisterID dest) functions. - Remove misplaced extuw() implementation from MacroAssemblerSH4. - Add movbRegMemr0 and movwRegMemr0 functions in SH4Assembler. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::add32): Skip operation when first operand is a zero immediate. - (JSC::MacroAssemblerSH4::sub32): Skip operation when first operand is a zero immediate. - (JSC::MacroAssemblerSH4::load32): Fix wrong usage of r0 register. - (JSC::MacroAssemblerSH4::load8Signed): Handle "base == r0" case. - (MacroAssemblerSH4): - (JSC::MacroAssemblerSH4::load16): Handle "base == r0" case. - (JSC::MacroAssemblerSH4::load16Unaligned): Use extuw() implementation from SH4Assembler. - (JSC::MacroAssemblerSH4::load16Signed): Cosmetic change. - (JSC::MacroAssemblerSH4::store8): Fix unhandled BaseIndex offset and handle (base == r0) case. - (JSC::MacroAssemblerSH4::store16): Fix unhandled BaseIndex offset and handle (base == r0) case. - (JSC::MacroAssemblerSH4::store32): - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::movwRegMemr0): - (SH4Assembler): - (JSC::SH4Assembler::movbRegMemr0): - (JSC::SH4Assembler::placeConstantPoolBarrier): Cosmetic change. - (JSC::SH4Assembler::maxJumpReplacementSize): - (JSC::SH4Assembler::replaceWithJump): Correct branch range and save an opcode. - (JSC::SH4Assembler::printInstr): - -2013-05-06 Anders Carlsson - - Stop using WTF::deleteAllValues in JavaScriptCore - https://bugs.webkit.org/show_bug.cgi?id=115670 - - Reviewed by Oliver Hunt. - - Change the Vectors used to Vectors of OwnPtrs instead. - - * heap/DFGCodeBlocks.cpp: - (JSC::DFGCodeBlocks::~DFGCodeBlocks): - (JSC::DFGCodeBlocks::deleteUnmarkedJettisonedCodeBlocks): - -2013-05-06 Andras Becsi - - Build with GCC 4.8 fails because of -Wmaybe-uninitialized - https://bugs.webkit.org/show_bug.cgi?id=115648 - - Reviewed by Michael Saboff. - - Initialize values in Options::setOption since from - there we end up calling OptionRange::init with - uninitialized members. - - * runtime/Options.cpp: - -2013-05-06 Gabor Rapcsanyi - - JSC ARM traditional failing on Octane NavierStokes test - https://bugs.webkit.org/show_bug.cgi?id=115626 - - Reviewed by Zoltan Herczeg. - - Change the ARM traditional assembler to use double precision on value - conversions. - - * assembler/ARMAssembler.h: - -2013-05-03 Michael Saboff - - There should be a runtime option to constrain what functions get DFG compiled - https://bugs.webkit.org/show_bug.cgi?id=115576 - - Reviewed by Mark Hahnenberg. - - Added OptionRange to Options to allow checking that something is within an option - or not. The new OptionClass supports range strings in the form of [!][:]. - If only one value is given, then it will be used for both low and high. A leading - '!' inverts the check. If no range is given, then checking for a value within a range - will always return true. Added the option "bytecodeRangeToDFGCompile" that takes an - OptionRange string to select the bytecode range of code blocks to DFG compile. - - * dfg/DFGDriver.cpp: - (JSC::DFG::compile): Added new check for bytecode count within bytecodeRangeToDFGCompile - range. - * runtime/Options.cpp: - (JSC::parse): Added overloaded parse() for OptionRange. - (JSC::OptionRange::init): Parse range string and then initialize the range. - (JSC::OptionRange::isInRange): Function used by consumer to check if a value is within - the specified range. - (JSC::Options::dumpOption): Added code to dump OptionRange options. - * runtime/Options.h: - (OptionRange): New class. - (JSC::OptionRange::operator= ): This is really used as a default ctor for use within - the Option static array initialization. - (JSC::OptionRange::rangeString): This is used for debug. It assumes that the char* - passed into OptionRange::init is valid when this function is called. - -2013-05-02 Oliver Hunt - - Fix potential bug in lookup logic - https://bugs.webkit.org/show_bug.cgi?id=115522 - - Reviewed by Mark Hahnenberg. - - Though not a problem in practise, it is technically possible - to inject an un-proxied global object into the scope chain - via the C API. This change makes sure that the scope walk - in BytecodeGenerator actually limits itself to scopes that - are statically bindable. - - * bytecompiler/BytecodeGenerator.cpp: - (JSC::BytecodeGenerator::resolve): - * runtime/JSObject.h: - (JSObject): - (JSC): - (JSC::JSObject::isStaticScopeObject): - -2013-05-01 Roger Fong - - Set Path in makefile for AppleWin. - - * JavaScriptCore.vcxproj/JavaScriptCore.make: - -2013-05-01 Benjamin Poulain - - Remove the remaining wscript - https://bugs.webkit.org/show_bug.cgi?id=115459 - - Reviewed by Andreas Kling. - - * wscript: Removed. - -2013-04-30 Mark Lam - - JSContextGroupSetExecutionTimeLimit() should not pass a callback to the - VM watchdog if its client did not pass one in. - https://bugs.webkit.org/show_bug.cgi?id=115461. - - Reviewed by Geoffrey Garen. - - * API/JSContextRef.cpp: - (internalScriptTimeoutCallback): - (JSContextGroupSetExecutionTimeLimit): - * API/tests/testapi.c: - (main): - - Added test case when the time limit callback is 0. - - Also updated a check to verify that a TerminatedExecutionException is - thrown when the time out is cancelled. - - Also fixed some cosmetic typos. - -2013-04-30 Geoffrey Garen - - Removed op_ensure_property_exists - https://bugs.webkit.org/show_bug.cgi?id=115460 - - Reviewed by Mark Hahnenberg. - - It was unused, and whatever it was once used for was not optimized. - - * JavaScriptCore.order: - * bytecode/CodeBlock.cpp: - (JSC::CodeBlock::dumpBytecode): - * bytecode/Opcode.h: - (JSC::padOpcodeName): - * jit/JIT.cpp: - (JSC::JIT::privateCompileMainPass): - * jit/JIT.h: - * jit/JITOpcodes.cpp: - * jit/JITOpcodes32_64.cpp: - * jit/JITStubs.cpp: - * jit/JITStubs.h: - * llint/LLIntSlowPaths.cpp: - * llint/LLIntSlowPaths.h: - * llint/LowLevelInterpreter.asm: - -2013-04-30 Oliver Hunt - - JSC Stack walking logic craches in the face of inlined functions triggering VM re-entry - https://bugs.webkit.org/show_bug.cgi?id=115449 - - Reviewed by Geoffrey Garen. - - Rename callframeishost to something that makes sense, and fix - getCallerInfo to correctly handle inline functions calling into - the VM. - - * bytecode/CodeBlock.cpp: - (JSC::CodeBlock::codeOriginForReturn): - Make this more robust in the face of incorrect stack walking - * interpreter/CallFrame.cpp: - (JSC::CallFrame::trueCallerFrame): - Everyone has to perform a codeblock() check before calling this - so we might as well just do it here. - * interpreter/Interpreter.cpp: - (JSC::getCallerInfo): - -2013-04-30 Julien Brianceau - - Bug fixing in sh4 base JIT and LLINT. - https://bugs.webkit.org/show_bug.cgi?id=115420 - - Reviewed by Oliver Hunt. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::lshift32): - (JSC::MacroAssemblerSH4::rshift32): - (JSC::MacroAssemblerSH4::branchMul32): - (JSC::MacroAssemblerSH4::urshift32): - (JSC::MacroAssemblerSH4::replaceWithJump): - (JSC::MacroAssemblerSH4::maxJumpReplacementSize): - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::shldRegReg): - (JSC::SH4Assembler::shadRegReg): - (JSC::SH4Assembler::shalImm8r): - (SH4Assembler): - (JSC::SH4Assembler::sharImm8r): - (JSC::SH4Assembler::maxJumpReplacementSize): - (JSC::SH4Assembler::replaceWithJump): - * offlineasm/sh4.rb: - -2013-04-30 Geoffrey Garen - - Objective-C JavaScriptCore API should publicly support bridging to C - https://bugs.webkit.org/show_bug.cgi?id=115447 - - Reviewed by Mark Hahnenberg. - - For consistency, I renamed - - +[JSValue valueWithValue:] => +[JSValue valueWithJSValueRef] - +[JSContext contextWithGlobalContextRef] => +[JSContext contextWithJSGlobalContextRef] - -[JSContext globalContext] => -[JSContext JSGlobalContextRef] - - I searched svn to verify that these functions don't have clients yet, - so we won't break anything. - - I also exported as public API - - +[JSValue valueWithJSValueRef:] - +[JSContext contextWithJSGlobalContextRef:] - - It's hard to integrate with the C API without these. - -2013-04-30 Commit Queue - - Unreviewed, rolling out r149349 and r149354. - http://trac.webkit.org/changeset/149349 - http://trac.webkit.org/changeset/149354 - https://bugs.webkit.org/show_bug.cgi?id=115444 - - The Thumb version of compileSoftModulo make invalid use of - registers (Requested by benjaminp on #webkit). - - * CMakeLists.txt: - * GNUmakefile.list.am: - * JavaScriptCore.xcodeproj/project.pbxproj: - * assembler/ARMv7Assembler.h: - (ARMv7Assembler): - * assembler/AbstractMacroAssembler.h: - (JSC::isARMv7s): - (JSC): - * assembler/MacroAssemblerARMv7.cpp: Removed. - * assembler/MacroAssemblerARMv7.h: - (MacroAssemblerARMv7): - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupNode): - * dfg/DFGOperations.cpp: - * dfg/DFGOperations.h: - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compileSoftModulo): - (DFG): - (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForARMv7s): - * dfg/DFGSpeculativeJIT.h: - (JSC::DFG::SpeculativeJIT::callOperation): - (SpeculativeJIT): - * dfg/DFGSpeculativeJIT32_64.cpp: - (JSC::DFG::SpeculativeJIT::compile): - -2013-04-30 Zalan Bujtas - - Animations fail to start on http://www.google.com/insidesearch/howsearchworks/thestory/ - https://bugs.webkit.org/show_bug.cgi?id=111244 - - Reviewed by David Kilzer. - - Enable performance.now() as a minimal subset of Web Timing API. - It returns DOMHighResTimeStamp, a monotonically increasing value representing the - number of milliseconds from the start of the navigation of the current document. - JS libraries use this API to check against the requestAnimationFrame() timestamp. - - * Configurations/FeatureDefines.xcconfig: - -2013-04-30 Zoltan Arvai - - Unreviewed. Speculative build fix on Qt Arm and Mips after r149349. - - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compileSoftModulo): - -2013-04-29 Cosmin Truta - - [ARM] Expand the use of integer division - https://bugs.webkit.org/show_bug.cgi?id=115138 - - Reviewed by Benjamin Poulain. - - If availability of hardware integer division isn't known at compile - time, check the CPU flags and decide at runtime whether to fall back - to software. Currently, this OS-specific check is implemented on QNX. - - Moreover, use operator % instead of fmod() in the calculation of the - software modulo. Even when it's software-emulated, operator % is faster - than fmod(): on ARM v7 QNX, without hardware division, we noticed - >3% speedup on SunSpider. - - * CMakeLists.txt: - * GNUmakefile.list.am: - * JavaScriptCore.xcodeproj/project.pbxproj: - * assembler/ARMv7Assembler.h: - (JSC::ARMv7Assembler::sdiv): Did not compile conditionally. - (JSC::ARMv7Assembler::udiv): Ditto. - * assembler/AbstractMacroAssembler.h: - (JSC::isARMv7s): Removed. - * assembler/MacroAssemblerARMv7.cpp: Added. - (JSC::isIntegerDivSupported): Added. - * assembler/MacroAssemblerARMv7.h: - (JSC::MacroAssemblerARMv7::supportsIntegerDiv): Added. - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupNode): Checked MacroAssembler::supportsIntegerDiv() in ArithDiv case. - * dfg/DFGOperations.cpp: - (JSC::DFG::operationModOnInts): Added. - * dfg/DFGOperations.h: - (JSC::DFG::Z_DFGOperation_ZZ): Added. - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compileSoftModulo): Separated the X86-specific and ARM-specific codegen - from the common implementation; used operationModOnInts on ARM. - (JSC::DFG::SpeculativeJIT::compileIntegerArithDivForARM): Renamed from compileIntegerArithDivForARMv7. - (JSC::DFG::SpeculativeJIT::compileArithMod): Allowed run-time detection of integer div on ARM. - * dfg/DFGSpeculativeJIT.h: - (JSC::DFG::SpeculativeJIT::callOperation): Added overloads with Z_DFGOperation_ZZ arguments. - * dfg/DFGSpeculativeJIT32_64.cpp: - (JSC::DFG::SpeculativeJIT::compile): Used compileIntegerArithDivForARM. - -2013-04-29 Benjamin Poulain - - Unify the data access of StringImpl members from JavaScriptCore - https://bugs.webkit.org/show_bug.cgi?id=115320 - - Reviewed by Andreas Kling. - - DFG accesses the member infos by directly calling the methods on StringImpl, - while the baseline JIT was using helper methods on ThunkHelpers. - - Cut the middle man, and use StringImpl directly everywhere. - - * jit/JITInlines.h: - (JSC::JIT::emitLoadCharacterString): - * jit/JITPropertyAccess.cpp: - (JSC::JIT::stringGetByValStubGenerator): - * jit/JITPropertyAccess32_64.cpp: - (JSC::JIT::stringGetByValStubGenerator): - * jit/JSInterfaceJIT.h: - * jit/ThunkGenerators.cpp: - (JSC::stringCharLoad): - -2013-04-29 Benjamin Poulain - - Use push and pop for iOS math function thunks - https://bugs.webkit.org/show_bug.cgi?id=115215 - - Reviewed by Filip Pizlo. - - The iOS ABI is a little different than regular ARM ABI regarding stack alignment. - The requirement is 4 bytes: - "The ARM environment uses a stack that—at the point of function calls—is 4-byte aligned, - grows downward, and contains local variables and a function’s parameters." - - Subsequently, we can just use push and pop to preserve the link register. - - * jit/ThunkGenerators.cpp: - -2013-04-29 Brent Fulgham - - [Windows, WinCairo] Get rid of last few pthread include/link references. - https://bugs.webkit.org/show_bug.cgi?id=115375 - - Reviewed by Tim Horton. - - * JavaScriptCore.vcproj/jsc/jscPostBuild.cmd: - * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.props: - * JavaScriptCore.vcxproj/jsc/jscCommon.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props: - * JavaScriptCore.vcxproj/testapi/testapiCommon.props: - -2013-04-29 Roger Fong - - Unreviewed. AppleWin VS2010 build fix. - - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in: - -2013-04-26 Mark Hahnenberg - - ~BlockAllocator should ASSERT that it has no more Regions left - https://bugs.webkit.org/show_bug.cgi?id=115287 - - Reviewed by Andreas Kling. - - * heap/BlockAllocator.cpp: - (JSC::BlockAllocator::~BlockAllocator): - (JSC::BlockAllocator::allRegionSetsAreEmpty): - * heap/BlockAllocator.h: - (RegionSet): - (JSC::BlockAllocator::RegionSet::isEmpty): - (BlockAllocator): - -2013-04-29 Mark Hahnenberg - - IndexingTypes should use hex - https://bugs.webkit.org/show_bug.cgi?id=115286 - - Decimal is kind of confusing/hard to read because they're used as bit masks. Hex seems more appropriate. - - Reviewed by Geoffrey Garen. - - * runtime/IndexingType.h: - -2013-04-29 Carlos Garcia Campos - - Unreviewed. Fix make distcheck. - - * GNUmakefile.list.am: Add missing headers files to compilation - and offlineasm/sh4.rb script. - -2013-04-28 Dean Jackson - - [Mac] Disable canvas backing store scaling (HIGH_DPI_CANVAS) - https://bugs.webkit.org/show_bug.cgi?id=115310 - - Reviewed by Simon Fraser. - - Remove ENABLE_HIGH_DPI_CANVAS_macosx. - - * Configurations/FeatureDefines.xcconfig: - -2013-04-27 Darin Adler - - Move from constructor and member function adoptCF/NS to free function adoptCF/NS. - https://bugs.webkit.org/show_bug.cgi?id=115307 - - Reviewed by Geoffrey Garen. - - * heap/HeapTimer.cpp: - (JSC::HeapTimer::HeapTimer): - * runtime/VM.cpp: - (JSC::enableAssembler): - Use adoptCF free function. - -2013-04-27 Anders Carlsson - - Try to fix the Windows build. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def: - -2013-04-25 Geoffrey Garen - - Cleaned up pre/post inc/dec in bytecode - https://bugs.webkit.org/show_bug.cgi?id=115222 - - Reviewed by Filip Pizlo. - - A few related changes here: - - (*) Removed post_inc and post_dec. The two-result form was awkward to - reason about. Being explicit about the intermediate mov and to_number - reduces DFG overhead, removes some fragile ASSERTs from the DFG, and - fixes a const bug. Plus, we get to blow away 262 lines of code. - - (*) Renamed pre_inc and pre_dec to inc and dec, since there's only one - version now. - - (*) Renamed to_jsnumber to to_number, to match the ECMA name. - - (*) Tightened up the codegen and runtime support for to_number. - - - * JavaScriptCore.order: Order! - - * bytecode/CodeBlock.cpp: - (JSC::CodeBlock::dumpBytecode): - * bytecode/Opcode.h: - (JSC::padOpcodeName): - * bytecompiler/BytecodeGenerator.cpp: - (JSC::BytecodeGenerator::emitInc): - (JSC::BytecodeGenerator::emitDec): - * bytecompiler/BytecodeGenerator.h: - (JSC::BytecodeGenerator::emitToNumber): - (BytecodeGenerator): Removed post_inc and post_dec. - - * bytecompiler/NodesCodegen.cpp: - (JSC::emitPreIncOrDec): Updated for rename. - - (JSC::emitPostIncOrDec): Issue an explicit mov and to_number when needed. - These are rare, and they boil away in the DFG. - - (JSC::PostfixNode::emitResolve): - (JSC::PrefixNode::emitResolve): For const, use an explicit mov instead - of any special forms. This fixes a bug where we would do string - add/subtract instead of number. - - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::parseBlock): - * dfg/DFGCapabilities.h: - (JSC::DFG::canCompileOpcode): - * jit/JIT.cpp: - (JSC::JIT::privateCompileMainPass): - (JSC::JIT::privateCompileSlowCases): - * jit/JIT.h: - * jit/JITArithmetic.cpp: - (JSC::JIT::emit_op_inc): - (JSC::JIT::emitSlow_op_inc): - (JSC::JIT::emit_op_dec): - (JSC::JIT::emitSlow_op_dec): - * jit/JITArithmetic32_64.cpp: - (JSC::JIT::emit_op_inc): - (JSC::JIT::emitSlow_op_inc): - (JSC::JIT::emit_op_dec): - (JSC::JIT::emitSlow_op_dec): Removed post_inc/dec, and updated for renames. - - * jit/JITOpcodes.cpp: - (JSC::JIT::emit_op_to_number): - (JSC::JIT::emitSlow_op_to_number): Removed a test for number cells. There's - no such thing! - - * jit/JITOpcodes32_64.cpp: - (JSC::JIT::emit_op_to_number): Use LowestTag to avoid making assumptions - about the lowest valued tag. - - (JSC::JIT::emitSlow_op_to_number): Updated for renames. - - * jit/JITStubs.cpp: - (JSC::DEFINE_STUB_FUNCTION): - * jit/JITStubs.h: - * llint/LLIntSlowPaths.cpp: - (JSC::LLInt::LLINT_SLOW_PATH_DECL): - * llint/LLIntSlowPaths.h: - * llint/LowLevelInterpreter32_64.asm: - * llint/LowLevelInterpreter64.asm: - * parser/NodeConstructors.h: - (JSC::UnaryPlusNode::UnaryPlusNode): Removed post_inc/dec, and updated for renames. - - * runtime/Operations.cpp: - (JSC::jsIsObjectType): Removed a test for number cells. There's - no such thing! - -2013-04-27 Julien Brianceau - - REGRESSION(r149114): cache flush for SH4 arch may flush an extra page. - https://bugs.webkit.org/show_bug.cgi?id=115305 - - Reviewed by Andreas Kling. - - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::cacheFlush): - -2013-04-26 Geoffrey Garen - - Re-landing - - Filled out more cases of branch folding in bytecode when emitting - expressions into a branching context - https://bugs.webkit.org/show_bug.cgi?id=115057 - - Reviewed by Phil Pizlo. - - We can't fold the number == 1 case to boolean because all non-zero numbers - down-cast to true, but only 1 is == to true. - -2013-04-26 Filip Pizlo - - Correct indentation of SymbolTable.h - - Rubber stamped by Mark Hahnenberg. - - * runtime/SymbolTable.h: - -2013-04-26 Roger Fong - - Make Apple Windows VS2010 build results into and get dependencies from __32 suffixed folders. - Make the DebugSuffix configuration use _debug dependencies. - - * JavaScriptCore.vcxproj/JavaScriptCore.make: - * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: - * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: - * JavaScriptCore.vcxproj/JavaScriptCoreCF.props: - * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props: - * JavaScriptCore.vcxproj/JavaScriptCoreDebug.props: - * JavaScriptCore.vcxproj/JavaScriptCoreDebugCFLite.props: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGenerator.vcxproj: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGenerator.vcxproj.filters: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorBuildCmd.cmd: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorCommon.props: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorDebug.props: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPostBuild.cmd: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPreBuild.cmd: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorProduction.props: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorRelease.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.make: - * JavaScriptCore.vcxproj/JavaScriptCoreGenerated.vcxproj: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedCommon.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedDebug.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedProduction.props: - * JavaScriptCore.vcxproj/JavaScriptCoreGeneratedRelease.props: - * JavaScriptCore.vcxproj/JavaScriptCorePostBuild.cmd: - * JavaScriptCore.vcxproj/JavaScriptCorePreLink.cmd: - * JavaScriptCore.vcxproj/JavaScriptCoreProduction.props: - * JavaScriptCore.vcxproj/JavaScriptCoreRelease.props: - * JavaScriptCore.vcxproj/JavaScriptCoreReleaseCFLite.props: - * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.make: - * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/LLIntAssembly.vcxproj: - * JavaScriptCore.vcxproj/LLInt/LLIntAssembly/build-LLIntAssembly.sh: - * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.make: - * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/LLIntDesiredOffsets.vcxproj: - * JavaScriptCore.vcxproj/LLInt/LLIntDesiredOffsets/build-LLIntDesiredOffsets.sh: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractor.vcxproj: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorDebug.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorProduction.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorRelease.props: - * JavaScriptCore.vcxproj/build-generated-files.sh: - * JavaScriptCore.vcxproj/copy-files.cmd: - * JavaScriptCore.vcxproj/jsc/jsc.vcxproj: - * JavaScriptCore.vcxproj/jsc/jscCommon.props: - * JavaScriptCore.vcxproj/jsc/jscDebug.props: - * JavaScriptCore.vcxproj/jsc/jscPostBuild.cmd: - * JavaScriptCore.vcxproj/jsc/jscPreLink.cmd: - * JavaScriptCore.vcxproj/jsc/jscProduction.props: - * JavaScriptCore.vcxproj/jsc/jscRelease.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj: - * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj.filters: - * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpDebug.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpPostBuild.cmd: - * JavaScriptCore.vcxproj/testRegExp/testRegExpPreLink.cmd: - * JavaScriptCore.vcxproj/testRegExp/testRegExpProduction.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpRelease.props: - * JavaScriptCore.vcxproj/testapi/testapi.vcxproj: - * JavaScriptCore.vcxproj/testapi/testapiCommon.props: - * JavaScriptCore.vcxproj/testapi/testapiCommonCFLite.props: - * JavaScriptCore.vcxproj/testapi/testapiDebug.props: - * JavaScriptCore.vcxproj/testapi/testapiDebugCFLite.props: - * JavaScriptCore.vcxproj/testapi/testapiPreLink.cmd: - * JavaScriptCore.vcxproj/testapi/testapiProduction.props: - * JavaScriptCore.vcxproj/testapi/testapiRelease.props: - * JavaScriptCore.vcxproj/testapi/testapiReleaseCFLite.props: - -2013-04-26 Roger Fong - - Disable sub-pixel layout on mac. - https://bugs.webkit.org/show_bug.cgi?id=114999. - - Reviewed by Simon Fraser. - - * Configurations/FeatureDefines.xcconfig: - -2013-04-26 Oliver Hunt - - Make stack tracing more robust - https://bugs.webkit.org/show_bug.cgi?id=115272 - - Reviewed by Geoffrey Garen. - - CallFrame already handles stack walking confusion robustly, - so we should make sure that the actual walk handles that as well. - - * interpreter/Interpreter.cpp: - (JSC::getCallerInfo): - -2013-04-26 Mark Hahnenberg - - REGRESSION(r149165): It made many tests crash on 32 bit - https://bugs.webkit.org/show_bug.cgi?id=115227 - - Reviewed by Csaba Osztrogonác. - - m_reservation is uninitialized when ENABLE(SUPER_REGION) is false. - - * heap/SuperRegion.cpp: - (JSC::SuperRegion::~SuperRegion): - -2013-04-26 Julien Brianceau - - Fix SH4 build broken since r149159. - https://bugs.webkit.org/show_bug.cgi?id=115229 - - Add BranchTruncateType enum in SH4 port and handle it in branchTruncateDoubleToInt32. - - Reviewed by Allan Sandfeld Jensen. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::branchTruncateDoubleToInt32): - -2013-04-25 Mark Hahnenberg - - SuperRegion doesn't call deallocate() on its PageReservation - https://bugs.webkit.org/show_bug.cgi?id=115208 - - Reviewed by Geoffrey Garen. - - It should. This doesn't cause us to leak physical memory, but it does cause us to leak virtual - address space (and probably mach ports), which is also bad :-( FixedVMPoolExecutableAllocator - also has this bug, but it doesn't matter much because there's only one instance of that class - throughout the entire lifetime of the process, whereas each VM has its own SuperRegion. - - * heap/SuperRegion.cpp: - (JSC::SuperRegion::~SuperRegion): - * heap/SuperRegion.h: - (SuperRegion): - * jit/ExecutableAllocatorFixedVMPool.cpp: - (FixedVMPoolExecutableAllocator): - (JSC::FixedVMPoolExecutableAllocator::~FixedVMPoolExecutableAllocator): - -2013-04-25 Filip Pizlo - - DFG doesn't support to_jsnumber - https://bugs.webkit.org/show_bug.cgi?id=115129 - - Reviewed by Geoffrey Garen. - - Based on Oliver's patch. Implements to_jsnumber as Identity(Number:@thingy), and then does - an optimization in Fixup to turn Identity(Number:) into Identity(Int32:) if the predictions - tell us to. Identity is later turned into Phantom. - - Also fixed BackPropMask, which appeared to have NodeDoesNotExit included in it. That's - wrong; NodeDoesNotExit is not a backward propagation property. - - Also fixed Identity to be marked as CanExit (i.e. not NodeDoesNotExit). - - This more than doubles the FPS on ammo. - - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::parseBlock): - * dfg/DFGCapabilities.h: - (JSC::DFG::canCompileOpcode): - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupNode): - (FixupPhase): - (JSC::DFG::FixupPhase::observeUseKindOnNode): - (JSC::DFG::FixupPhase::observeUseKindOnEdge): - * dfg/DFGNodeFlags.h: - (DFG): - * dfg/DFGNodeType.h: - (DFG): - * dfg/DFGPredictionPropagationPhase.cpp: - (JSC::DFG::PredictionPropagationPhase::propagate): - -2013-04-24 Oliver Hunt - - Add support for Math.imul - https://bugs.webkit.org/show_bug.cgi?id=115143 - - Reviewed by Filip Pizlo. - - Add support for Math.imul, a thunk generator for Math.imul, - and an intrinsic. - - Fairly self explanatory set of changes, DFG intrinsics simply - leverages the existing ValueToInt32 nodes. - - * create_hash_table: - * dfg/DFGAbstractState.cpp: - (JSC::DFG::AbstractState::executeEffects): - * dfg/DFGBackwardsPropagationPhase.cpp: - (JSC::DFG::BackwardsPropagationPhase::propagate): - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::handleIntrinsic): - * dfg/DFGCSEPhase.cpp: - (JSC::DFG::CSEPhase::performNodeCSE): - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupNode): - * dfg/DFGNodeType.h: - (DFG): - * dfg/DFGPredictionPropagationPhase.cpp: - (JSC::DFG::PredictionPropagationPhase::propagate): - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compileArithIMul): - * dfg/DFGSpeculativeJIT.h: - (SpeculativeJIT): - * dfg/DFGSpeculativeJIT32_64.cpp: - (JSC::DFG::SpeculativeJIT::compile): - * dfg/DFGSpeculativeJIT64.cpp: - (JSC::DFG::SpeculativeJIT::compile): - * jit/ThunkGenerators.cpp: - (JSC::imulThunkGenerator): - (JSC): - * jit/ThunkGenerators.h: - (JSC): - * runtime/Intrinsic.h: - * runtime/MathObject.cpp: - (JSC): - (JSC::mathProtoFuncIMul): - * runtime/VM.cpp: - (JSC::thunkGeneratorForIntrinsic): - -2013-04-25 Filip Pizlo - - Unreviewed, roll out http://trac.webkit.org/changeset/148999 - It broke http://kripken.github.io/ammo.js/examples/new/ammo.html - - * JavaScriptCore.order: - * bytecompiler/BytecodeGenerator.cpp: - (JSC::BytecodeGenerator::emitNewArray): - (JSC::BytecodeGenerator::emitThrowReferenceError): - (JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded): - * bytecompiler/BytecodeGenerator.h: - (JSC::BytecodeGenerator::shouldEmitProfileHooks): - (BytecodeGenerator): - * bytecompiler/NodesCodegen.cpp: - (JSC): - (JSC::NullNode::emitBytecode): - (JSC::BooleanNode::emitBytecode): - (JSC::NumberNode::emitBytecode): - (JSC::StringNode::emitBytecode): - (JSC::IfNode::emitBytecode): - (JSC::IfElseNode::emitBytecode): - * parser/ASTBuilder.h: - (JSC::ASTBuilder::createIfStatement): - (ASTBuilder): - * parser/NodeConstructors.h: - (JSC): - (JSC::NullNode::NullNode): - (JSC::BooleanNode::BooleanNode): - (JSC::NumberNode::NumberNode): - (JSC::StringNode::StringNode): - (JSC::IfNode::IfNode): - (JSC::IfElseNode::IfElseNode): - * parser/Nodes.h: - (JSC::ExpressionNode::isPure): - (JSC::ExpressionNode::isSubtract): - (StatementNode): - (NullNode): - (JSC::NullNode::isNull): - (BooleanNode): - (JSC::BooleanNode::isPure): - (NumberNode): - (JSC::NumberNode::value): - (JSC::NumberNode::isPure): - (StringNode): - (JSC::StringNode::isPure): - (JSC::StringNode::isString): - (BinaryOpNode): - (IfNode): - (JSC): - (IfElseNode): - (ContinueNode): - (BreakNode): - * parser/Parser.cpp: - (JSC::::parseIfStatement): - * parser/ResultType.h: - (ResultType): - * runtime/JSCJSValueInlines.h: - (JSC::JSValue::pureToBoolean): - * runtime/JSCell.h: - (JSCell): - * runtime/JSCellInlines.h: - (JSC): - -2013-04-25 Filip Pizlo - - PreciseJumpTargets should treat loop_hint as a jump target - https://bugs.webkit.org/show_bug.cgi?id=115209 - - Reviewed by Mark Hahnenberg. - - I didn't add a test but I turned this into a release assertion. Running Octane is enough - to trigger it. - - * bytecode/PreciseJumpTargets.cpp: - (JSC::computePreciseJumpTargets): - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::parseBlock): - -2013-04-25 Roman Zhuykov - - Fix problems with processing negative zero on DFG. - https://bugs.webkit.org/show_bug.cgi?id=113862 - - Reviewed by Filip Pizlo. - - Fix NodeNeedsNegZero flag propagation in BackwardPropagationPhase. - Function arithNodeFlags should not mask NodeNeedsNegZero flag for ArithNegate and DoubleAsInt32 - nodes and this flag should be always used to decide where we need to generate nezative-zero checks. - Remove unnecessary negative-zero checks from integer ArithDiv on ARM. - Also remove such checks from integer ArithMod on ARM and X86, and make them always to - check not only "modulo_result == 0" but also "dividend < 0". - Generate faster code for case when ArithMod operation divisor is constant power of 2 on ARMv7 - in the same way as on ARMv7s, and add negative-zero checks into this code when needed. - Change speculationCheck ExitKind from Overflow to NegativeZero where applicable. - - This shows 30% speedup of math-spectral-norm, and 5% speedup - on SunSpider overall on ARMv7 Linux. - - * assembler/MacroAssemblerARM.h: - (JSC::MacroAssemblerARM::branchConvertDoubleToInt32): - * assembler/MacroAssemblerARMv7.h: - (JSC::MacroAssemblerARMv7::branchConvertDoubleToInt32): - * assembler/MacroAssemblerMIPS.h: - (JSC::MacroAssemblerMIPS::branchConvertDoubleToInt32): - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::branchConvertDoubleToInt32): - * assembler/MacroAssemblerX86Common.h: - (JSC::MacroAssemblerX86Common::branchConvertDoubleToInt32): - * dfg/DFGBackwardsPropagationPhase.cpp: - (JSC::DFG::BackwardsPropagationPhase::isNotNegZero): - (JSC::DFG::BackwardsPropagationPhase::isNotPosZero): - (JSC::DFG::BackwardsPropagationPhase::propagate): - * dfg/DFGNode.h: - (JSC::DFG::Node::arithNodeFlags): - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compileDoubleAsInt32): - (JSC::DFG::SpeculativeJIT::compileSoftModulo): - (JSC::DFG::SpeculativeJIT::compileArithNegate): - -2013-04-25 Oliver Hunt - - Stack guards are too conservative - https://bugs.webkit.org/show_bug.cgi?id=115147 - - Reviewed by Mark Hahnenberg. - - Increase stack guard to closer to old size. - - * interpreter/Interpreter.cpp: - (JSC::Interpreter::StackPolicy::StackPolicy): - -2013-04-25 Oliver Hunt - - Stack guards are too conservative - https://bugs.webkit.org/show_bug.cgi?id=115147 - - Reviewed by Geoffrey Garen. - - Reduce the limits and simplify the decision making. - - * interpreter/Interpreter.cpp: - (JSC::Interpreter::StackPolicy::StackPolicy): - -2013-04-25 Nick Diego Yamane - - JSC: Fix interpreter misbehavior in builds with JIT disabled - https://bugs.webkit.org/show_bug.cgi?id=115190 - - Reviewed by Oliver Hunt. - - Commit http://trac.webkit.org/changeset/147858 modified - some details on how JS stack traces are built. The method - "getLineNumberForCallFrame", renamed in that changeset to - "getBytecodeOffsetForCallFrame" is always returning `0' when - JIT is disabled - - How to reproduce: - - Build webkit with JIT disabled - - Open MiniBrowser, for example, with http://google.com - - In a debug build, WebProcess will hit the following ASSERT: - Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp:279 ASSERT(low); - - * interpreter/Interpreter.cpp: - (JSC::getBytecodeOffsetForCallFrame): - -2013-04-25 Oliver Hunt - - Make checkSyntax take a VM instead of an ExecState - - RS=Tim - - * jsc.cpp: - (runInteractive): - * runtime/Completion.cpp: - (JSC::checkSyntax): - * runtime/Completion.h: - (JSC): - -2013-04-25 Michael Saboff - - 32 Bit: Crash due to RegExpTest nodes not setting result type to Boolean - https://bugs.webkit.org/show_bug.cgi?id=115188 - - Reviewed by Geoffrey Garen. - - Changed the RegExpTest node to set the AbstractValue to boolean, since that - what it is. - - * dfg/DFGAbstractState.cpp: - (JSC::DFG::AbstractState::executeEffects): - -2013-04-25 Julien Brianceau - - REGRESSION(r137994): Random crashes occur with SH4 JSC. - https://bugs.webkit.org/show_bug.cgi?id=115167. - - Reviewed by Oliver Hunt. - - Since r137994, uncommited pages could be inside the area of memory in - parameter of the cacheFlush function. That's why we have to flush each - page separately to avoid a fail of the whole flush, if an uncommited page - is in the area. - - This patch is very similar to changeset 145194 made for ARMv7 architecture, - see https://bugs.webkit.org/show_bug.cgi?id=111441 for further information. - - * assembler/SH4Assembler.h: - (JSC::SH4Assembler::cacheFlush): - -2013-04-24 Mark Lam - - Add watchdog timer polling for the DFG. - https://bugs.webkit.org/show_bug.cgi?id=115134. - - Reviewed by Geoffrey Garen. - - The strategy is to add a speculation check to the DFG generated code to - test if the watchdog timer has fired or not. If the watchdog timer has - fired, the generated code will do an OSR exit to the baseline JIT, and - let it handle servicing the watchdog timer. - - If the watchdog is not enabled, this speculation check will not be - emitted. - - * API/tests/testapi.c: - (currentCPUTime_callAsFunction): - (extendTerminateCallback): - (main): - - removed try/catch statements so that we can test the watchdog on the DFG. - - added JS bindings to a native currentCPUTime() function so that the timeout - tests can be more accurate. - - also shortened the time values so that the tests can complete sooner. - - * bytecode/ExitKind.h: - * dfg/DFGAbstractState.cpp: - (JSC::DFG::AbstractState::executeEffects): - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::parseBlock): - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupNode): - * dfg/DFGNodeType.h: - * dfg/DFGPredictionPropagationPhase.cpp: - (JSC::DFG::PredictionPropagationPhase::propagate): - * dfg/DFGSpeculativeJIT32_64.cpp: - (JSC::DFG::SpeculativeJIT::compile): - * dfg/DFGSpeculativeJIT64.cpp: - (JSC::DFG::SpeculativeJIT::compile): - * runtime/Watchdog.cpp: - (JSC::Watchdog::setTimeLimit): - -2013-04-24 Filip Pizlo - - Special thunks for math functions should work on ARMv7 - https://bugs.webkit.org/show_bug.cgi?id=115144 - - Reviewed by Gavin Barraclough and Oliver Hunt. - - The only hard bit here was ensuring that we implemented the very special - "cheap C call" convention on ARMv7. - - * assembler/AbstractMacroAssembler.h: - (JSC::isARMv7s): - (JSC): - (JSC::isX86): - * dfg/DFGCommon.h: - * jit/SpecializedThunkJIT.h: - (SpecializedThunkJIT): - (JSC::SpecializedThunkJIT::callDoubleToDoublePreservingReturn): - * jit/ThunkGenerators.cpp: - (JSC::floorThunkGenerator): - (JSC::ceilThunkGenerator): - (JSC::roundThunkGenerator): - (JSC::expThunkGenerator): - (JSC::logThunkGenerator): - -2013-04-24 Julien Brianceau - - Misc bugfix and cleaning in sh4 base JIT. - https://bugs.webkit.org/show_bug.cgi?id=115022. - - Reviewed by Oliver Hunt. - - Remove unused add32() and sub32() with scratchreg parameter to avoid - confusion as this function prototype means another behaviour. - Remove unused "void push(Address)" function which seems quite buggy. - - * assembler/MacroAssemblerSH4.h: - (JSC::MacroAssemblerSH4::and32): Cosmetic change. - (JSC::MacroAssemblerSH4::lshift32): Cosmetic change. - (JSC::MacroAssemblerSH4::or32): Cosmetic change. - (JSC::MacroAssemblerSH4::xor32): Cosmetic change. - (MacroAssemblerSH4): - (JSC::MacroAssemblerSH4::load32): Cosmetic change. - (JSC::MacroAssemblerSH4::load8Signed): Fix invalid offset upper limit - when using r0 register and cosmetic changes. - (JSC::MacroAssemblerSH4::load8): Reuse load8Signed to avoid duplication. - (JSC::MacroAssemblerSH4::load16): Fix invalid offset upper limit when - using r0 register, fix missing offset shift and cosmetic changes. - (JSC::MacroAssemblerSH4::store32): Cosmetic change. - (JSC::MacroAssemblerSH4::branchAdd32): Store result value before branch. - -2013-04-24 Patrick Gansterer - - [WIN] Remove pthread from Visual Studio files in JavaScriptCore - https://bugs.webkit.org/show_bug.cgi?id=114864 - - Reviewed by Brent Fulgham. - - * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: - * JavaScriptCore.vcproj/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.vsprops: - * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: - * JavaScriptCore.vcproj/testRegExp/testRegExpCommon.vsprops: - * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops: - * JavaScriptCore.vcxproj/JavaScriptCoreCommon.props: - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorCommon.props: - * JavaScriptCore.vcxproj/LLInt/LLIntOffsetsExtractor/LLIntOffsetsExtractorCommon.props: - * JavaScriptCore.vcxproj/jsc/jscCommon.props: - * JavaScriptCore.vcxproj/testRegExp/testRegExpCommon.props: - * JavaScriptCore.vcxproj/testapi/testapiCommon.props: - * JavaScriptCore.vcxproj/testapi/testapiCommonCFLite.props: - -2013-04-24 Filip Pizlo - - DFG should keep the operand to create_this alive if it's emitting code for create_this - https://bugs.webkit.org/show_bug.cgi?id=115133 - - Reviewed by Mark Hahnenberg. - - The DFG must model bytecode liveness, or else OSR exit is going to have a really bad time. - - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::parseBlock): - -2013-04-24 Roger Fong - - Have VS2010 WebKit solution look in WebKit_Libraries/lib32 for dependencies. - - * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExportGeneratorPostBuild.cmd: - * JavaScriptCore.vcxproj/JavaScriptCorePreLink.cmd: - * JavaScriptCore.vcxproj/jsc/jscPostBuild.cmd: - * JavaScriptCore.vcxproj/jsc/jscPreLink.cmd: - * JavaScriptCore.vcxproj/testRegExp/testRegExp.vcxproj.filters: - * JavaScriptCore.vcxproj/testRegExp/testRegExpPostBuild.cmd: - * JavaScriptCore.vcxproj/testRegExp/testRegExpPreLink.cmd: - * JavaScriptCore.vcxproj/testapi/testapiPreLink.cmd: - -2013-04-24 Geoffrey Garen - - 32-bit build fix. - - Unreviewed. - - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compilePeepHoleBooleanBranch): Explicitly - truncate to 32-bit to avoid compiler warnings. It's safe to truncate - because the payload of a boolean is the low bits on both 64-bit and 32-bit. - -2013-04-23 Geoffrey Garen - - Filled out more cases of branch folding in the DFG - https://bugs.webkit.org/show_bug.cgi?id=115088 - - Reviewed by Oliver Hunt. - - No change on the benchmarks we track, but a 3X speedup on a - microbenchmark that uses these techniques. - - * dfg/DFGByteCodeParser.cpp: - (JSC::DFG::ByteCodeParser::parseBlock): (!/=)= and (!/=)== can constant - fold all types, not just numbers, because true constants have no - side effects when type-converted at runtime. - - * dfg/DFGFixupPhase.cpp: - (JSC::DFG::FixupPhase::fixupNode): - * dfg/DFGNode.h: - (JSC::DFG::Node::shouldSpeculateBoolean): Added support for fixing up - boolean uses, like we do for other types like number. - - * dfg/DFGSpeculativeJIT.cpp: - (JSC::DFG::SpeculativeJIT::compilePeepHoleBooleanBranch): - (JSC::DFG::SpeculativeJIT::compilePeepHoleBranch): - (JSC::DFG::SpeculativeJIT::compare): - (JSC::DFG::SpeculativeJIT::compileStrictEq): - (JSC::DFG::SpeculativeJIT::compileBooleanCompare): Peephole fuse - boolean compare and/or compare-branch, now that we have the types for - them. - - * dfg/DFGSpeculativeJIT.h: Updated declarations. - -== Rolled over to ChangeLog-2013-04-24 == + This adds the notion of a JIT pool reserve fraction. Some fraction, currently 1/4, of + the JIT pool is reserved for allocations that cannot fail. It makes sense to make this + a fraction rather than a constant because each allocation that can fail may cause some + number of allocations that cannot fail (for example, the OSR exit thunks that we + compile when we exit from some CodeBlock cannot fail). + + I've tested this by adding a test mode where we artificially limit the JIT pool size. + Prior to the fix, we had >20 failures. Now we have none. + + * heap/GCLogging.cpp: + (WTF::printInternal): I needed a dump method on Options members when debugging this. + * heap/GCLogging.h: + * jit/ExecutableAllocator.h: Raise the ARM64 limit to 32MB because 16MB is cutting it too close. + * jit/ExecutableAllocatorFixedVMPool.cpp: + (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator): Add the ability to artificially limit JIT pool size for testing. + (JSC::ExecutableAllocator::memoryPressureMultiplier): Implement the reserve when computing memory pressure for JIT tier-up heuristics. + (JSC::ExecutableAllocator::allocate): Implement the reserve when allocating can-fail things. + * jsc.cpp: Rewire some options parsing so that CommandLine happens before we create the JIT pool. + (main): + (CommandLine::parseArguments): + (jscmain): + * runtime/Options.cpp: + (JSC::OptionRange::dump): I needed a dump method on Options members when debugging this. + (JSC::Options::initialize): This can now be called more than once. + * runtime/Options.h: + +== Rolled over to ChangeLog-2015-07-23 ==