delta/qt5/qtwebkit.git/Source/JavaScriptCore/ChangeLog, branch dev code.qt.io: qt/qtwebkit.git Import Qt5x2 branch of QtWebkit for Qt 5.2 2013-09-19T18:50:05+00:00 Allan Sandfeld Jensen allan.jensen@digia.com 2013-09-13T10:51:20+00:00 d441d6f39bb846989d95bcf5caf387b42414718d Importing a new snapshot of webkit. Change-Id: I2d01ad12cdc8af8cb015387641120a9d7ea5f10c Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com> 
Importing a new snapshot of webkit.

Change-Id: I2d01ad12cdc8af8cb015387641120a9d7ea5f10c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
LLInt conditional branch compilation fault on MIPS. 2013-05-23T11:39:31+00:00 Balazs Kilvady kilvadyb@homejinni.com 2013-04-09T20:42:19+00:00 f8feaca001e36b582c6de1d2822c7e5b6a133b8e https://bugs.webkit.org/show_bug.cgi?id=114264 Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-04-09 Reviewed by Filip Pizlo. Fix conditional branch compilation in LLInt offlineasm. * offlineasm/mips.rb: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148045 268f45cc-cd09-0410-ab3c-d52691b4dbfc Conflicts: Source/JavaScriptCore/ChangeLog Change-Id: I31b5c06f4424d06785ae53f2f5e34584082b4b02 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com> Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=114264

Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-04-09
Reviewed by Filip Pizlo.

Fix conditional branch compilation in LLInt offlineasm.

* offlineasm/mips.rb:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148045 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Conflicts:
	Source/JavaScriptCore/ChangeLog

Change-Id: I31b5c06f4424d06785ae53f2f5e34584082b4b02
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
offlineasm BaseIndex handling is broken on ARM due to MIPS changes 2013-05-23T11:39:19+00:00 Balazs Kilvady kilvadyb@homejinni.com 2013-02-01T22:00:00+00:00 765fd0c6ebdfbd1a0540211bc8b58e46076b41a3 https://bugs.webkit.org/show_bug.cgi?id=108261 Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-02-01 Reviewed by Filip Pizlo. offlineasm BaseIndex handling fix on MIPS. * offlineasm/mips.rb: * offlineasm/risc.rb: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141641 268f45cc-cd09-0410-ab3c-d52691b4dbfc Conflicts: Source/JavaScriptCore/ChangeLog Source/JavaScriptCore/offlineasm/mips.rb Change-Id: I7ec4d500e11717e1cb2b6fd7f310e4e66cfa7955 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com> Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=108261

Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-02-01
Reviewed by Filip Pizlo.

offlineasm BaseIndex handling fix on MIPS.

* offlineasm/mips.rb:
* offlineasm/risc.rb:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141641 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Conflicts:
	Source/JavaScriptCore/ChangeLog
	Source/JavaScriptCore/offlineasm/mips.rb

Change-Id: I7ec4d500e11717e1cb2b6fd7f310e4e66cfa7955
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
MIPS DFG implementation. 2013-05-23T11:38:58+00:00 Balazs Kilvady kilvadyb@homejinni.com 2013-02-18T19:25:23+00:00 fee41053a81024e15303ebf68e6a9a029374ce92 https://bugs.webkit.org/show_bug.cgi?id=101328 Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-02-18 Reviewed by Oliver Hunt. DFG implementation for MIPS. Source/JavaScriptCore: * assembler/MIPSAssembler.h: (JSC::MIPSAssembler::MIPSAssembler): (JSC::MIPSAssembler::sllv): (JSC::MIPSAssembler::movd): (MIPSAssembler): (JSC::MIPSAssembler::negd): (JSC::MIPSAssembler::labelForWatchpoint): (JSC::MIPSAssembler::label): (JSC::MIPSAssembler::vmov): (JSC::MIPSAssembler::linkDirectJump): (JSC::MIPSAssembler::maxJumpReplacementSize): (JSC::MIPSAssembler::revertJumpToMove): (JSC::MIPSAssembler::replaceWithJump): * assembler/MacroAssembler.h: (MacroAssembler): (JSC::MacroAssembler::poke): * assembler/MacroAssemblerMIPS.h: (JSC::MacroAssemblerMIPS::add32): (MacroAssemblerMIPS): (JSC::MacroAssemblerMIPS::and32): (JSC::MacroAssemblerMIPS::lshift32): (JSC::MacroAssemblerMIPS::mul32): (JSC::MacroAssemblerMIPS::or32): (JSC::MacroAssemblerMIPS::rshift32): (JSC::MacroAssemblerMIPS::urshift32): (JSC::MacroAssemblerMIPS::sub32): (JSC::MacroAssemblerMIPS::xor32): (JSC::MacroAssemblerMIPS::store32): (JSC::MacroAssemblerMIPS::jump): (JSC::MacroAssemblerMIPS::branchAdd32): (JSC::MacroAssemblerMIPS::branchMul32): (JSC::MacroAssemblerMIPS::branchSub32): (JSC::MacroAssemblerMIPS::branchNeg32): (JSC::MacroAssemblerMIPS::call): (JSC::MacroAssemblerMIPS::loadDouble): (JSC::MacroAssemblerMIPS::moveDouble): (JSC::MacroAssemblerMIPS::swapDouble): (JSC::MacroAssemblerMIPS::subDouble): (JSC::MacroAssemblerMIPS::mulDouble): (JSC::MacroAssemblerMIPS::divDouble): (JSC::MacroAssemblerMIPS::negateDouble): (JSC::MacroAssemblerMIPS::branchEqual): (JSC::MacroAssemblerMIPS::branchNotEqual): (JSC::MacroAssemblerMIPS::branchTruncateDoubleToInt32): (JSC::MacroAssemblerMIPS::branchTruncateDoubleToUint32): (JSC::MacroAssemblerMIPS::truncateDoubleToInt32): (JSC::MacroAssemblerMIPS::truncateDoubleToUint32): (JSC::MacroAssemblerMIPS::branchDoubleNonZero): (JSC::MacroAssemblerMIPS::branchDoubleZeroOrNaN): (JSC::MacroAssemblerMIPS::invert): (JSC::MacroAssemblerMIPS::replaceWithJump): (JSC::MacroAssemblerMIPS::maxJumpReplacementSize): * dfg/DFGAssemblyHelpers.h: (AssemblyHelpers): (JSC::DFG::AssemblyHelpers::preserveReturnAddressAfterCall): (JSC::DFG::AssemblyHelpers::restoreReturnAddressBeforeReturn): (JSC::DFG::AssemblyHelpers::debugCall): * dfg/DFGCCallHelpers.h: (CCallHelpers): (JSC::DFG::CCallHelpers::setupArguments): (JSC::DFG::CCallHelpers::setupArgumentsWithExecState): * dfg/DFGFPRInfo.h: (DFG): (FPRInfo): (JSC::DFG::FPRInfo::toRegister): (JSC::DFG::FPRInfo::toIndex): (JSC::DFG::FPRInfo::debugName): * dfg/DFGGPRInfo.h: (DFG): (GPRInfo): (JSC::DFG::GPRInfo::toRegister): (JSC::DFG::GPRInfo::toIndex): (JSC::DFG::GPRInfo::debugName): * dfg/DFGSpeculativeJIT.h: (SpeculativeJIT): * jit/JSInterfaceJIT.h: (JSInterfaceJIT): * runtime/JSGlobalData.h: (JSC::ScratchBuffer::allocationSize): (ScratchBuffer): Source/WTF: * wtf/Platform.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143247 268f45cc-cd09-0410-ab3c-d52691b4dbfc Conflicts: Source/JavaScriptCore/ChangeLog Source/JavaScriptCore/assembler/MacroAssemblerMIPS.h Source/JavaScriptCore/dfg/DFGAssemblyHelpers.h Source/WTF/ChangeLog Change-Id: Ibc6c2a2b1d5c70d351ede37c6c111b66b4cf7fef Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com> Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=101328

Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-02-18
Reviewed by Oliver Hunt.

DFG implementation for MIPS.

Source/JavaScriptCore:

* assembler/MIPSAssembler.h:
(JSC::MIPSAssembler::MIPSAssembler):
(JSC::MIPSAssembler::sllv):
(JSC::MIPSAssembler::movd):
(MIPSAssembler):
(JSC::MIPSAssembler::negd):
(JSC::MIPSAssembler::labelForWatchpoint):
(JSC::MIPSAssembler::label):
(JSC::MIPSAssembler::vmov):
(JSC::MIPSAssembler::linkDirectJump):
(JSC::MIPSAssembler::maxJumpReplacementSize):
(JSC::MIPSAssembler::revertJumpToMove):
(JSC::MIPSAssembler::replaceWithJump):
* assembler/MacroAssembler.h:
(MacroAssembler):
(JSC::MacroAssembler::poke):
* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::add32):
(MacroAssemblerMIPS):
(JSC::MacroAssemblerMIPS::and32):
(JSC::MacroAssemblerMIPS::lshift32):
(JSC::MacroAssemblerMIPS::mul32):
(JSC::MacroAssemblerMIPS::or32):
(JSC::MacroAssemblerMIPS::rshift32):
(JSC::MacroAssemblerMIPS::urshift32):
(JSC::MacroAssemblerMIPS::sub32):
(JSC::MacroAssemblerMIPS::xor32):
(JSC::MacroAssemblerMIPS::store32):
(JSC::MacroAssemblerMIPS::jump):
(JSC::MacroAssemblerMIPS::branchAdd32):
(JSC::MacroAssemblerMIPS::branchMul32):
(JSC::MacroAssemblerMIPS::branchSub32):
(JSC::MacroAssemblerMIPS::branchNeg32):
(JSC::MacroAssemblerMIPS::call):
(JSC::MacroAssemblerMIPS::loadDouble):
(JSC::MacroAssemblerMIPS::moveDouble):
(JSC::MacroAssemblerMIPS::swapDouble):
(JSC::MacroAssemblerMIPS::subDouble):
(JSC::MacroAssemblerMIPS::mulDouble):
(JSC::MacroAssemblerMIPS::divDouble):
(JSC::MacroAssemblerMIPS::negateDouble):
(JSC::MacroAssemblerMIPS::branchEqual):
(JSC::MacroAssemblerMIPS::branchNotEqual):
(JSC::MacroAssemblerMIPS::branchTruncateDoubleToInt32):
(JSC::MacroAssemblerMIPS::branchTruncateDoubleToUint32):
(JSC::MacroAssemblerMIPS::truncateDoubleToInt32):
(JSC::MacroAssemblerMIPS::truncateDoubleToUint32):
(JSC::MacroAssemblerMIPS::branchDoubleNonZero):
(JSC::MacroAssemblerMIPS::branchDoubleZeroOrNaN):
(JSC::MacroAssemblerMIPS::invert):
(JSC::MacroAssemblerMIPS::replaceWithJump):
(JSC::MacroAssemblerMIPS::maxJumpReplacementSize):
* dfg/DFGAssemblyHelpers.h:
(AssemblyHelpers):
(JSC::DFG::AssemblyHelpers::preserveReturnAddressAfterCall):
(JSC::DFG::AssemblyHelpers::restoreReturnAddressBeforeReturn):
(JSC::DFG::AssemblyHelpers::debugCall):
* dfg/DFGCCallHelpers.h:
(CCallHelpers):
(JSC::DFG::CCallHelpers::setupArguments):
(JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
* dfg/DFGFPRInfo.h:
(DFG):
(FPRInfo):
(JSC::DFG::FPRInfo::toRegister):
(JSC::DFG::FPRInfo::toIndex):
(JSC::DFG::FPRInfo::debugName):
* dfg/DFGGPRInfo.h:
(DFG):
(GPRInfo):
(JSC::DFG::GPRInfo::toRegister):
(JSC::DFG::GPRInfo::toIndex):
(JSC::DFG::GPRInfo::debugName):
* dfg/DFGSpeculativeJIT.h:
(SpeculativeJIT):
* jit/JSInterfaceJIT.h:
(JSInterfaceJIT):
* runtime/JSGlobalData.h:
(JSC::ScratchBuffer::allocationSize):
(ScratchBuffer):

Source/WTF:

* wtf/Platform.h:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@143247 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Conflicts:
	Source/JavaScriptCore/ChangeLog
	Source/JavaScriptCore/assembler/MacroAssemblerMIPS.h
	Source/JavaScriptCore/dfg/DFGAssemblyHelpers.h
	Source/WTF/ChangeLog

Change-Id: Ibc6c2a2b1d5c70d351ede37c6c111b66b4cf7fef
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
MIPS LLInt implementation. 2013-05-23T11:38:48+00:00 Balazs Kilvady kilvadyb@homejinni.com 2013-01-07T19:40:10+00:00 9147a90a7bdf8a0791efa9d677a0f36ffdb75533 https://bugs.webkit.org/show_bug.cgi?id=99706 Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-01-07 Reviewed by Filip Pizlo. LLInt implementation for MIPS. Source/JavaScriptCore: * assembler/MacroAssemblerMIPS.h: (JSC::MacroAssemblerMIPS::jump): * dfg/DFGOperations.cpp: (JSC): * jit/JITStubs.cpp: (JSC): * jit/JITStubs.h: (JITStackFrame): * llint/LLIntOfflineAsmConfig.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * offlineasm/backends.rb: * offlineasm/instructions.rb: * offlineasm/mips.rb: Added. Source/WTF: * wtf/Platform.h: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138970 268f45cc-cd09-0410-ab3c-d52691b4dbfc Conflicts: Source/JavaScriptCore/ChangeLog Source/JavaScriptCore/jit/JITStubs.h Change-Id: I1677d54c1641cf60e517772944582c8f387eeb6d Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com> Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=99706

Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-01-07
Reviewed by Filip Pizlo.

LLInt implementation for MIPS.

Source/JavaScriptCore:

* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::jump):
* dfg/DFGOperations.cpp:
(JSC):
* jit/JITStubs.cpp:
(JSC):
* jit/JITStubs.h:
(JITStackFrame):
* llint/LLIntOfflineAsmConfig.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* offlineasm/backends.rb:
* offlineasm/instructions.rb:
* offlineasm/mips.rb: Added.

Source/WTF:

* wtf/Platform.h:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138970 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Conflicts:
	Source/JavaScriptCore/ChangeLog
	Source/JavaScriptCore/jit/JITStubs.h

Change-Id: I1677d54c1641cf60e517772944582c8f387eeb6d
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
Fix massive parallel builds 2013-03-01T08:15:57+00:00 hausmann@webkit.org hausmann@webkit.org 2013-02-27T12:05:56+00:00 6da40bf3d504020da4394cd2509ad988e5e81ab6 Reviewed by Tor Arne Vestbø. There exists a race condition that LLIntDesiredOffsets.h is written to by two parllel instances of the ruby script. This patch ensures that similar to the output file, the generated file is also prefixed according to the build configuration. * LLIntOffsetsExtractor.pro: git-svn-id: http://svn.webkit.org/repository/webkit/trunk@144168 268f45cc-cd09-0410-ab3c-d52691b4dbfc Change-Id: Ibf60cf455c342fce5a4244aba788a2ad8e18e136 Reviewed-by: Iikka Eklund <iikka.eklund@digia.com> 
Reviewed by Tor Arne Vestbø.

There exists a race condition that LLIntDesiredOffsets.h is written to
by two parllel instances of the ruby script. This patch ensures that similar to the output file,
the generated file is also prefixed according to the build configuration.

* LLIntOffsetsExtractor.pro:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@144168 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Change-Id: Ibf60cf455c342fce5a4244aba788a2ad8e18e136
Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
Restrictions on oversize CopiedBlock allocations should be relaxed 2013-02-06T13:45:44+00:00 Mark Hahnenberg mhahnenberg@apple.com 2013-02-04T13:21:12+00:00 90c58273524a6eb69bdbfe35023e63924c54a734 https://bugs.webkit.org/show_bug.cgi?id=105339 Reviewed by Filip Pizlo. Currently the DFG has a single branch in the inline allocation path for property/array storage where it checks to see if the number of bytes requested will fit in the current block. This does not match what the C++ allocation path does; it checks if the requested number of bytes is oversize, and then if it's not, it tries to fit it in the current block. The garbage collector assumes that ALL allocations that are greater than 16KB are in oversize blocks. Therefore, this mismatch can lead to crashes when the collector tries to perform some operation on a CopiedBlock. To avoid adding an extra branch to the inline allocation path in the JIT, we should make it so that oversize blocks are allocated on the same alignment boundaries so that there is a single mask to find the block header of any CopiedBlock (rather than two, one for normal and one for oversize blocks), and we should figure out if a block is oversize by some other method than just whatever the JSObject says it is. One way we could record this info Region of the block, since we allocate a one-off Region for oversize blocks. * heap/BlockAllocator.h: (JSC::Region::isCustomSize): (Region): (JSC::Region::createCustomSize): (JSC::Region::Region): (JSC::BlockAllocator::deallocateCustomSize): * heap/CopiedBlock.h: (CopiedBlock): (JSC::CopiedBlock::isOversize): (JSC): * heap/CopiedSpace.cpp: (JSC::CopiedSpace::tryAllocateOversize): (JSC::CopiedSpace::tryReallocate): (JSC::CopiedSpace::tryReallocateOversize): * heap/CopiedSpace.h: (CopiedSpace): * heap/CopiedSpaceInlines.h: (JSC::CopiedSpace::contains): (JSC::CopiedSpace::tryAllocate): (JSC): * heap/CopyVisitor.h: (CopyVisitor): * heap/CopyVisitorInlines.h: (JSC::CopyVisitor::checkIfShouldCopy): (JSC::CopyVisitor::didCopy): * heap/SlotVisitorInlines.h: (JSC::SlotVisitor::copyLater): * runtime/JSObject.cpp: (JSC::JSObject::copyButterfly): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138067 268f45cc-cd09-0410-ab3c-d52691b4dbfc Change-Id: Icebcfe83d82ace7c3e1db6a979306f604459c5ae Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=105339

Reviewed by Filip Pizlo.

Currently the DFG has a single branch in the inline allocation path for property/array storage where
it checks to see if the number of bytes requested will fit in the current block. This does not match
what the C++ allocation path does; it checks if the requested number of bytes is oversize, and then
if it's not, it tries to fit it in the current block. The garbage collector assumes that ALL allocations
that are greater than 16KB are in oversize blocks. Therefore, this mismatch can lead to crashes when
the collector tries to perform some operation on a CopiedBlock.

To avoid adding an extra branch to the inline allocation path in the JIT, we should make it so that
oversize blocks are allocated on the same alignment boundaries so that there is a single mask to find
the block header of any CopiedBlock (rather than two, one for normal and one for oversize blocks), and
we should figure out if a block is oversize by some other method than just whatever the JSObject says
it is. One way we could record this info Region of the block, since we allocate a one-off Region for
oversize blocks.

* heap/BlockAllocator.h:
(JSC::Region::isCustomSize):
(Region):
(JSC::Region::createCustomSize):
(JSC::Region::Region):
(JSC::BlockAllocator::deallocateCustomSize):
* heap/CopiedBlock.h:
(CopiedBlock):
(JSC::CopiedBlock::isOversize):
(JSC):
* heap/CopiedSpace.cpp:
(JSC::CopiedSpace::tryAllocateOversize):
(JSC::CopiedSpace::tryReallocate):
(JSC::CopiedSpace::tryReallocateOversize):
* heap/CopiedSpace.h:
(CopiedSpace):
* heap/CopiedSpaceInlines.h:
(JSC::CopiedSpace::contains):
(JSC::CopiedSpace::tryAllocate):
(JSC):
* heap/CopyVisitor.h:
(CopyVisitor):
* heap/CopyVisitorInlines.h:
(JSC::CopyVisitor::checkIfShouldCopy):
(JSC::CopyVisitor::didCopy):
* heap/SlotVisitorInlines.h:
(JSC::SlotVisitor::copyLater):
* runtime/JSObject.cpp:
(JSC::JSObject::copyButterfly):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Change-Id: Icebcfe83d82ace7c3e1db6a979306f604459c5ae
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
Butterfly::growArrayRight shouldn't be called on null Butterfly objects 2013-02-06T13:45:44+00:00 Mark Hahnenberg mhahnenberg@apple.com 2013-02-04T13:16:39+00:00 ddfc231cac5d5307df76332cb532224651ae4966 https://bugs.webkit.org/show_bug.cgi?id=105221 Reviewed by Filip Pizlo. Currently we depend upon the fact that Butterfly::growArrayRight works with null Butterfly objects purely by coincidence. We should add a new static function that null checks the old Butterfly object and creates a new one if it's null, or calls growArrayRight if it isn't for use in the couple of places in JSObject that expect such behavior to work. * runtime/Butterfly.h: (Butterfly): * runtime/ButterflyInlines.h: (JSC::Butterfly::createOrGrowArrayRight): (JSC): * runtime/JSObject.cpp: (JSC::JSObject::createInitialIndexedStorage): (JSC::JSObject::createArrayStorage): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@137961 268f45cc-cd09-0410-ab3c-d52691b4dbfc Change-Id: I643bc988f3e25b6f05be4e99f19fd2dc609152e4 Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=105221

Reviewed by Filip Pizlo.

Currently we depend upon the fact that Butterfly::growArrayRight works with null Butterfly
objects purely by coincidence. We should add a new static function that null checks the old
Butterfly object and creates a new one if it's null, or calls growArrayRight if it isn't for
use in the couple of places in JSObject that expect such behavior to work.

* runtime/Butterfly.h:
(Butterfly):
* runtime/ButterflyInlines.h:
(JSC::Butterfly::createOrGrowArrayRight):
(JSC):
* runtime/JSObject.cpp:
(JSC::JSObject::createInitialIndexedStorage):
(JSC::JSObject::createArrayStorage):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@137961 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Change-Id: I643bc988f3e25b6f05be4e99f19fd2dc609152e4
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
[MinGW-w64] Centralize workaround for pow() implementation 2013-01-10T13:16:44+00:00 hausmann@webkit.org hausmann@webkit.org 2013-01-03T09:54:36+00:00 d942482a69f6a72605cee42ff7724b23e62204bf https://bugs.webkit.org/show_bug.cgi?id=105925 Reviewed by Sam Weinig. As suggested by Sam, move the MinGW-w64 workaround into MathExtras.h away from the JSC usage. Source/JavaScriptCore: * runtime/MathObject.cpp: (JSC::mathPow): Source/WTF: * wtf/MathExtras.h: (wtf_pow): Change-Id: I49b2365baae6fdd9700667d1ef53c78bd70f6de3 git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138705 268f45cc-cd09-0410-ab3c-d52691b4dbfc Reviewed-by: Simon Hausmann <simon.hausmann@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=105925

Reviewed by Sam Weinig.

As suggested by Sam, move the MinGW-w64 workaround into MathExtras.h
away from the JSC usage.

Source/JavaScriptCore:

* runtime/MathObject.cpp:
(JSC::mathPow):

Source/WTF:

* wtf/MathExtras.h:
(wtf_pow):

Change-Id: I49b2365baae6fdd9700667d1ef53c78bd70f6de3
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@138705 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>
Fix Math.pow implementation with MinGW-w64 2012-12-17T15:16:21+00:00 Jonathan Liu net147@gmail.com 2012-12-17T12:15:57+00:00 3651ffe993a9243a89fe965fedee9315f3ab68f4 https://bugs.webkit.org/show_bug.cgi?id=105087 Patch by Jonathan Liu <net147@gmail.com> on 2012-12-17 Reviewed by Simon Hausmann. The MinGW-w64 runtime has different behaviour for pow() compared to other C runtimes. This results in the following test262 tests failing with the latest MinGW-w64 runtime: - S15.8.2.13_A14 - S15.8.2.13_A16 - S15.8.2.13_A20 - S15.8.2.13_A22 Handle the special cases that are different with MinGW-w64. * runtime/MathObject.cpp: (JSC::mathPow): Change-Id: Ifad1aa24ac36f2d452e9166a4298525793597da3 git-svn-id: http://svn.webkit.org/repository/webkit/trunk@137895 268f45cc-cd09-0410-ab3c-d52691b4dbfc Reviewed-by: Simon Hausmann <simon.hausmann@digia.com> 
https://bugs.webkit.org/show_bug.cgi?id=105087

Patch by Jonathan Liu <net147@gmail.com> on 2012-12-17
Reviewed by Simon Hausmann.

The MinGW-w64 runtime has different behaviour for pow()
compared to other C runtimes. This results in the following
test262 tests failing with the latest MinGW-w64 runtime:
- S15.8.2.13_A14
- S15.8.2.13_A16
- S15.8.2.13_A20
- S15.8.2.13_A22

Handle the special cases that are different with MinGW-w64.

* runtime/MathObject.cpp:
(JSC::mathPow):

Change-Id: Ifad1aa24ac36f2d452e9166a4298525793597da3
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@137895 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>