am b9fca1a7: (-s ours) Fix Geolocation service to use correct signature for Location...

[android-x86/external-webkit.git] / JavaScriptCore / ChangeLog

2009-10-08  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Fix for JIT'ed op_call instructions (evals, constructs, etc.)
        when !ENABLE(JIT_OPTIMIZE_CALL) && USE(JSVALUE32_64)

        https://bugs.webkit.org/show_bug.cgi?id=30201

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):

2009-10-07  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed no longer exported symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-10-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed <rdar://problem/5751979> Database code takes JSLock on secondary
        thread, permanently slowing down JavaScript
        
        Removed the optional lock from Heap::protect, Heap::unprotect, and friends,
        since WebCore no longer uses it.

        * JavaScriptCore.exp:
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::protectedGlobalObjectCount):
        (JSC::Heap::protectedObjectCount):
        (JSC::Heap::protectedObjectTypeCounts):
        * runtime/Collector.h:

2009-10-07  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's IdentifierArena
        https://bugs.webkit.org/show_bug.cgi?id=30158

        Inherits IdentifierArena class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/parser/ParserArena.cpp:36.

        * parser/ParserArena.h:

2009-10-07  Adam Roben  <aroben@apple.com>

        Export DateInstance::info in a way that works on Windows

        Fixes <http://webkit.org/b/30171>
        fast/dom/Window/window-postmessage-clone.html fails on Windows

        Reviewed by Anders Carlsson.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Removed the export of DateInstance::info from here.

        * runtime/DateInstance.h: Use JS_EXPORTDATA to export
        DateInstance::info, which is the required way of exporting data on
        Windows.

2009-10-07  Jørgen Lind  <jorgen.lind@nokia.com>

        Reviewed by Simon Hausmann.

        When enabling or disabling the JIT through .qmake.cache, make sure
        to also toggle ENABLE_YARR_JIT.

        * JavaScriptCore.pri:

2009-10-06  Priit Laes  <plaes@plaes.org>

        Reviewed by Gavin Barraclough.

        Linking fails with "relocation R_X86_64_PC32 against symbol
        `cti_vm_throw'"
        https://bugs.webkit.org/show_bug.cgi?id=28422

        * jit/JITStubs.cpp:
        Mark cti_vm_throw symbol as PLT-indirect symbol, so it doesn't end up
        in text segment causing relocation errors on amd64 architecture.
        Introduced new define SYMBOL_STRING_RELOCATION for such symbols.

2009-10-06  Oliver Hunt  <oliver@apple.com>

        Windows linking fix

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-10-06  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (build fix).

        Windows build fix.

        * runtime/DateInstance.cpp:

2009-10-05  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        It should be possible to post (clone) built-in JS objects to Workers
        https://bugs.webkit.org/show_bug.cgi?id=22878

        Expose helpers to throw correct exceptions during object graph walk
        used for cloning and add a helper function to create Date instances
        without going through the JS Date constructor function.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h:
        * runtime/ExceptionHelpers.cpp:
        (JSC::createTypeError):
        * runtime/ExceptionHelpers.h:

2009-10-06  David Levin  <levin@chromium.org>

        Reviewed by Oliver Hunt.

        StringImpl needs a method to get an instance for another thread which doesn't copy the underlying buffer.
        https://bugs.webkit.org/show_bug.cgi?id=30095

        * wtf/CrossThreadRefCounted.h:
        Removed an unused function and assert improvement.
        (WTF::CrossThreadRefCounted::isOwnedByCurrentThread): Moved out common code from asserts.
        (WTF::CrossThreadRefCounted::ref): Changed assert to use the common method.
        (WTF::CrossThreadRefCounted::deref): Changed assert to use the common method.
        (WTF::CrossThreadRefCounted::crossThreadCopy): Since this includes a potentially
        non-threadsafe operation, add an assert that the class is owned by the current thread.

2009-10-05  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix. Add Symbian files to the list of excludes.

        * wscript:

2009-10-05  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Remove precompiled header from JavaScriptCore compilation to
        prevent qmake warning during autonomous compilation.
        https://bugs.webkit.org/show_bug.cgi?id=30069

        * JavaScriptCore.pro:

2009-10-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Removed the concept of a "fast access cutoff" in arrays, because it
        punished some patterns of array access too much, and made things too
        complex for inlining in some cases.
        
        1.3% speedup on SunSpider.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        (JSC::): Check m_vectorLength instead of m_fastAccessCutoff when
        getting / putting from / to an array. Inline putting past the end of
        the array.

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::getOwnPropertyDescriptor):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::getOwnPropertyNames):
        (JSC::JSArray::increaseVectorLength):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::sort):
        (JSC::JSArray::fillArgList):
        (JSC::JSArray::copyToRegisters):
        (JSC::JSArray::compactForSorting):
        (JSC::JSArray::checkConsistency):
        * runtime/JSArray.h:
        (JSC::JSArray::canGetIndex):
        (JSC::JSArray::canSetIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::markChildrenDirect): Removed m_fastAccessCutoff, and
        replaced with checks for JSValue() to detect reads and writes from / to
        uninitialized parts of the array.

2009-10-02  Jonni Rainisto  <jonni.rainisto@nokia.com>

        Reviewed by Darin Adler.

        Math.random() gives too low values on Win32 when _CRT_RAND_S is not defined
        https://bugs.webkit.org/show_bug.cgi?id=29956

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber): Added PLATFORM(WIN_OS) to handle 15bit rand()

2009-10-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Take one branch instead of two to test for JSValue().
        
        1.1% SunSpider speedup.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_create_arguments):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val): Test for the empty value tag, instead
        of testing for the cell tag with a 0 payload.

        * runtime/JSValue.cpp:
        (JSC::JSValue::description): Added support for dumping the new empty value,
        and deleted values, in debug builds.

        * runtime/JSValue.h:
        (JSC::JSValue::JSValue()): Construct JSValue() with the empty value tag.

        (JSC::JSValue::JSValue(JSCell*)): Convert null pointer to the empty value
        tag, to avoid having two different c++ versions of null / empty.

        (JSC::JSValue::operator bool): Test for the empty value tag, instead
        of testing for the cell tag with a 0 payload.

2009-10-02  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Mark Rowe.

        <https://bugs.webkit.org/show_bug.cgi?id=29989>
        Safari version number shouldn't be exposed in WebKit code
        
        For a WebKit version of 532.3.4:
        Product version is: 5.32.3.4 (was 4.0.3.0)
        File version is: 5.32.3.4 (was 4.532.3.4)

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc:

2009-10-02  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Rubber-stamped by Simon Hausmann.

        Fix the Qt on Mac OS X build.

        * wtf/FastMalloc.cpp:

2009-10-02  Jørgen Lind  <jorgen.lind@nokia.com>

        Reviewed by Simon Hausmann.

        Allow enabling and disabling of the JIT through a qmake variable.

        Qt's configure may set this variable through .qmake.cache if a
        commandline option is given and/or the compile test for hwcap.h
        failed/succeeded.

        * JavaScriptCore.pri:

2009-10-01  Mark Rowe  <mrowe@apple.com>

        Fix the Tiger build.  Don't unconditionally enable 3D canvas as it is not supported on Tiger.

        * Configurations/FeatureDefines.xcconfig:

2009-10-01  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=29187

        Don't inline ~ListRefPtr() to work around winscw compiler forward declaration
        bug regarding templated classes.

        The compiler bug is reported at:
        https://xdabug001.ext.nokia.com/bugzilla/show_bug.cgi?id=9812

        The change will be reverted when the above bug is fixed in winscw compiler.

        * wtf/ListRefPtr.h:
        (WTF::::~ListRefPtr):

2009-10-01  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] Allow custom memory allocation control for the whole JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=27029

        Since in JavaScriptCore almost every class which has been instantiated by operator new is
        inherited from FastAllocBase (bug #20422), we disable customizing global operator new for the Qt-port
        when USE_SYSTEM_MALLOC=0.

        Add #include <unistd.h> to FastMalloc.cpp because it's used by TCMalloc_PageHeap::scavengerThread().
        (It's needed for the functionality of TCmalloc.)

        Add TCSystemAlloc.cpp to JavaScriptCore.pri if USE_SYSTEM_MALLOC is disabled.

        * JavaScriptCore.pri:
        * wtf/FastMalloc.cpp:
        (WTF::sleep):
        * wtf/FastMalloc.h:

2009-09-30  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by George Staikos.

        Defines two pseudo-platforms for ARM and Thumb-2 instruction set.
        https://bugs.webkit.org/show_bug.cgi?id=29122

        Introduces WTF_PLATFORM_ARM_TRADITIONAL and WTF_PLATFORM_ARM_THUMB2
        macros on ARM platforms. The PLATFORM(ARM_THUMB2) should be used
        when Thumb-2 instruction set is the required target. The
        PLATFORM(ARM_TRADITIONAL) is for generic ARM instruction set. In
        case where the code is common the PLATFORM(ARM) have to be used.

        Modified by George Wright  <gwright@rim.com> to correctly work
        with the RVCT-defined __TARGET_ARCH_ARM and __TARGET_ARCH_THUMB
        compiler macros, as well as adding readability changes.

        * wtf/Platform.h:

2009-09-30  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Devirtualise array toString conversion

        Tweak the implementation of Array.prototype.toString to have a fast path
        when acting on a true JSArray.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):

2009-09-30  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Geoffrey Garen.

        Buildfix for platforms using JSVALUE32.
        https://bugs.webkit.org/show_bug.cgi?id=29915

        After http://trac.webkit.org/changeset/48905 the build broke in JSVALUE32 case.
        Also removed unreachable code.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
         - Declaration of "OperandTypes types" moved before first use.
         - Typos fixed: dst modified to result, regT2 added.
         - Unreachable code removed.
        (JSC::JIT::emitSlow_op_add):
         - Missing declaration of "OperandTypes types" added.

2009-09-30  Janne Koskinen  <janne.p.koskinen@digia.com> 

        Reviewed by Simon Hausmann.

        Reduce heap size on Symbian from 64MB to 8MB.

        This is not a perfect fix, it requires more fine tuning.
        But this makes it possible again to debug in the emulator,
        which is more important in order to be able to fix other
        run-time issues.

        * runtime/Collector.h:

2009-09-30  Janne Koskinen  <janne.p.koskinen@digia.com> 

        Reviewed by Simon Hausmann.

        Fix CRASH() macro for Symbian build.

        * wtf/Assertions.h: Added missing }

2009-09-29  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Inlined a few math operations.
        
        ~1% SunSpider speedup.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub): Don't take a stub call when operating on
        a constant int and a double.

2009-09-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Tidy up codeblock sampler
        https://bugs.webkit.org/show_bug.cgi?id=29836

        Some rather simple refactoring of codeblock sampler so that
        it's easier for us to use it to find problems in non-jsc
        environments

        * JavaScriptCore.exp:
        * bytecode/SamplingTool.h:
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::enableSampler):
        (JSC::Interpreter::dumpSampleData):
        (JSC::Interpreter::startSampling):
        (JSC::Interpreter::stopSampling):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::sampler):
        * jit/JIT.h:
        * jsc.cpp:
        (runWithScripts):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Executable.h:
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::ProgramExecutable::create):
        (JSC::ProgramExecutable::ProgramExecutable):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::startSampling):
        (JSC::JSGlobalData::stopSampling):
        (JSC::JSGlobalData::dumpSampleData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-09-29  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Dimitri Glazkov.

        Add GYP generated files to svn:ignore
        https://bugs.webkit.org/show_bug.cgi?id=29895

        The following files are generated by JavaScriptCore's GYP file and should be ignored:

        pcre.mk
        wtf.scons
        wtf.mk
        SConstruct
        wtf_config.scons
        wtf_config.mk
        pcre.scons

        * JavaScriptCore.gyp: Changed property svn:ignore.

2009-09-29  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Standardized an optimization for adding non-numbers.
        
        SunSpider says maybe a tiny speedup.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitSlow_op_add):

2009-09-29  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: export a new symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Removed virtual destructor from JSGlobalObjectData to eliminate pointer
        fix-ups when accessing JSGlobalObject::d.
        
        Replaced with an explicit destructor function pointer.
        
        6% speedup on bench-alloc-nonretained.js.

        * JavaScriptCore.exp:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::~JSGlobalObject):
        (JSC::JSGlobalObject::destroyJSGlobalObjectData):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::JSGlobalObject):

2009-09-29  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by David Kilzer.

        [Qt] Assert messages prints visible in Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29808

        Asserts use vprintf to print the messages to stderr.
        In Symbian Open C it is not possible to see stderr so
        I routed the messages to stdout instead.

        * wtf/Assertions.cpp:

2009-09-29  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Darin Adler.

        [Qt] Symbian CRASH macro implementation

        Added Symbian specific crash macro that
        stops to crash line if JIT debugging is used.
        Additional differentiation of access violation
        (KERN-EXEC 3) and CRASH panic.

        * wtf/Assertions.h:

2009-09-28  Mark Rowe  <mrowe@apple.com>

        Fix the PowerPC build.

        * JavaScriptCore.exp:

2009-09-28  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/7195704> JavaScriptCore fails to mark registers when built for x86_64 using LLVM GCC.

        * runtime/Collector.cpp:
        (JSC::Heap::markCurrentThreadConservatively): Force jmp_buf to use the appropriate alignment for a pointer
        to ensure that we correctly interpret the contents of registers during marking.

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: added new exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed exports that no longer exist.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        NotNullPassRefPtr: smart pointer optimized for passing references that are not null
        https://bugs.webkit.org/show_bug.cgi?id=29822
        
        Added NotNullPassRefPtr, and deployed it in all places that initialize
        JavaScript objects.
        
        2.2% speedup on bench-allocate-nonretained.js.

        * API/JSCallbackConstructor.cpp:
        (JSC::JSCallbackConstructor::JSCallbackConstructor):
        * API/JSCallbackConstructor.h:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::JSCallbackObject::JSCallbackObject):
        * JavaScriptCore.exp:
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::addFunctionDecl):
        (JSC::CodeBlock::addFunctionExpr):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * runtime/ArrayConstructor.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::ArrayPrototype):
        * runtime/ArrayPrototype.h:
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * runtime/BooleanConstructor.h:
        * runtime/BooleanObject.cpp:
        (JSC::BooleanObject::BooleanObject):
        * runtime/BooleanObject.h:
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/BooleanPrototype.h:
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateConstructor.h:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h:
        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::DatePrototype):
        * runtime/DatePrototype.h:
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorConstructor.h:
        * runtime/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * runtime/ErrorInstance.h:
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/ErrorPrototype.h:
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionConstructor.h:
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/FunctionPrototype.h:
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        * runtime/GlobalEvalFunction.h:
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::JSByteArray):
        * runtime/JSByteArray.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        * runtime/JSFunction.h:
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObject):
        * runtime/JSONObject.h:
        (JSC::JSONObject::JSONObject):
        * runtime/JSObject.h:
        (JSC::JSObject::JSObject):
        (JSC::JSObject::setStructure):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::JSVariableObject):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::JSWrapperObject):
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/MathObject.h:
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorConstructor.h:
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NativeErrorPrototype.h:
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * runtime/NumberConstructor.h:
        * runtime/NumberObject.cpp:
        (JSC::NumberObject::NumberObject):
        * runtime/NumberObject.h:
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/NumberPrototype.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * runtime/ObjectConstructor.h:
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * runtime/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::setCachedPrototypeChain):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PrototypeFunction.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/RegExpConstructor.h:
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::RegExpObject):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
        * runtime/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * runtime/RegExpPrototype.h:
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringConstructor.h:
        * runtime/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * runtime/StringObject.h:
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/StringPrototype.h:
        * wtf/PassRefPtr.h:
        (WTF::NotNullPassRefPtr::NotNullPassRefPtr):
        (WTF::NotNullPassRefPtr::~NotNullPassRefPtr):
        (WTF::NotNullPassRefPtr::get):
        (WTF::NotNullPassRefPtr::clear):
        (WTF::NotNullPassRefPtr::releaseRef):
        (WTF::NotNullPassRefPtr::operator*):
        (WTF::NotNullPassRefPtr::operator->):
        (WTF::NotNullPassRefPtr::operator!):
        (WTF::NotNullPassRefPtr::operator UnspecifiedBoolType):
        * wtf/RefPtr.h:
        (WTF::RefPtr::RefPtr):
        (WTF::operator==):

2009-09-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Hard dependency on SSE2 instruction set with JIT
        https://bugs.webkit.org/show_bug.cgi?id=29779

        Add floating point support checks to op_jfalse and op_jtrue, and
        fix the logic for the slow case of op_add

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_add):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-09-28  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Dimitri Glazkov.

        Chromium port - recognize we are being built independently
        of chromium and look for dependencies under webkit/chromium rather
        than chromium/src.

        https://bugs.webkit.org/show_bug.cgi?id=29722

        * JavaScriptCore.gyp/JavaScriptCore.gyp:

2009-09-28  Jakub Wieczorek  <faw217@gmail.com>

        Reviewed by Simon Hausmann.

        [Qt] Implement XSLT support with QtXmlPatterns.
        https://bugs.webkit.org/show_bug.cgi?id=28303

        * wtf/Platform.h: Add a WTF_USE_QXMLQUERY #define.

2009-09-28  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Remove __clear_cache which is an internal function of GCC
        https://bugs.webkit.org/show_bug.cgi?id=28886

        Although __clear_cache is exported from GCC, this is an internal
        function. GCC makes no promises about it.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-09-28  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Fix an absolute path to somewhere in Oliver's machine to a relative path
        for derived JSONObject.lut.h.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-09-28  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by Simon Hausmann.

        Add ARM version detection for Windows CE.

        * wtf/Platform.h:

2009-09-26  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Simon Hausmann.

        Add MarkStackSymbian.cpp to build JavascriptCore for Symbian.

        Re-use Windows shrinkAllocation implementation because Symbian doesn't
        support releasing part of memory region.
        
        Use fastMalloc and fastFree to implement allocateStack and releaseStack
        for Symbian port.

        * JavaScriptCore.pri:
        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackSymbian.cpp: Added.
        (JSC::MarkStack::initializePagesize):
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):

2009-09-25  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Fix unaligned data access in YARR_JIT on ARMv5 and below.
        https://bugs.webkit.org/show_bug.cgi?id=29695

        On ARMv5 and below all data access should be naturally aligned.
        In the YARR_JIT there is a case when character pairs are
        loaded from the input string, but this data access is not
        naturally aligned. This fix introduces load32WithUnalignedHalfWords
        and branch32WithUnalignedHalfWords functions which contain
        naturally aligned memory loads - half word loads - on ARMv5 and below.

        * assembler/MacroAssemblerARM.cpp:
        (JSC::MacroAssemblerARM::load32WithUnalignedHalfWords):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerARM::branch32WithUnalignedHalfWords):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerARMv7::branch32):
        (JSC::MacroAssemblerARMv7::branch32WithUnalignedHalfWords):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerX86Common::branch32WithUnalignedHalfWords):
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generatePatternCharacterPair):

2009-09-25  Jeremy Orlow  <jorlow@chromium.org>

        This is breaking Chromium try bots, so I'm counting this as a build fix.

        Add more svn:ignore exceptions.  On different platforms, these files are
        generated with different case for JavaScriptCore.  Also there are some
        wtf project files that get built apparently.

        * JavaScriptCore.gyp: Changed property svn:ignore.

2009-09-25  Ada Chan  <adachan@apple.com>

        Build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Inlined some object creation code, including lexicalGlobalObject access
        https://bugs.webkit.org/show_bug.cgi?id=29750
        
        SunSpider says 0.5% faster.
        
        0.8% speedup on bench-alloc-nonretained.js.
        2.5% speedup on v8-splay.js.

        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/CallFrame.h:
        (JSC::ExecState::lexicalGlobalObject):
        (JSC::ExecState::globalThisValue):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChainNode::print):
        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::ScopeChainNode):
        (JSC::ScopeChainNode::~ScopeChainNode):
        (JSC::ScopeChainNode::push):
        (JSC::ScopeChain::ScopeChain):
        (JSC::ScopeChain::globalObject): Added a globalObject data member to ScopeChainNode.
        Replaced accessor function for globalObject() with data member. Replaced
        globalThisObject() accessor with direct access to globalThis, to match.

        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init):
        * runtime/JSGlobalObject.h: Inlined array and object construction.

2009-09-25  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Gavin Barraclough.

        Add ARM version detection rules for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29715

        * wtf/Platform.h:

2009-09-24  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Mark "Do It!" Rowe.

        Some GCC versions don't like C++-style comments in preprocessor
        directives, change to C-style to shut them up.

        * wtf/Platform.h:

2009-09-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Division is needlessly slow in 64-bit
        https://bugs.webkit.org/show_bug.cgi?id=29723

        Add codegen for op_div on x86-64

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emitSlow_op_div):
        * jit/JITInlineMethods.h:
        (JSC::JIT::isOperandConstantImmediateDouble):
        (JSC::JIT::addressFor):
        (JSC::JIT::emitLoadDouble):
        (JSC::JIT::emitLoadInt32ToDouble):
        (JSC::JIT::emitJumpSlowCaseIfNotImmediateNumber):

2009-09-24  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Dimitri Glazkov.

        Add GYP generated files to svn:ignore
        https://bugs.webkit.org/show_bug.cgi?id=29724

        Adding the following files to the svn:ignore list (all in the
        JavaScriptCore/JavaScriptCore.gyp directory)

        JavaScriptCore.xcodeproj
        JavaScriptCore.sln
        JavaScriptCore.vcproj
        JavaScriptCore_Debug.rules
        JavaScriptCore_Release.rules
        JavaScriptCore_Release - no tcmalloc.rules
        JavaScriptCore_Purify.rules
        JavaScriptCore.mk
        JavaScriptCore_Debug_rules.mk
        JavaScriptCore_Release_rules.mk
        JavaScriptCore_Release - no tcmalloc_rules.mk
        JavaScriptCore_Purify_rules.mk
        JavaScriptCore.scons
        JavaScriptCore_main.scons

        * JavaScriptCore.gyp: Changed property svn:ignore.

2009-09-24  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Adam Barth.

        Replace platform-dependent code with WTF::currentTime()
        https://bugs.webkit.org/show_bug.cgi?id=29148

        * jsc.cpp:
        (StopWatch::start):
        (StopWatch::stop):
        (StopWatch::getElapsedMS):
        * runtime/TimeoutChecker.cpp:
        (JSC::getCPUTime):

2009-09-24  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/7215058> FastMalloc scavenging thread should be named

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::scavengerThread): Set the thread name.
        * wtf/Platform.h: Move the knowledge of whether pthread_setname_np exists to here as HAVE(PTHREAD_SETNAME_NP).
        * wtf/ThreadingPthreads.cpp:
        (WTF::setThreadNameInternal): Use HAVE(PTHREAD_SETNAME_NP).

2009-09-24  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Renamed clear to removeAll, as suggested by Darin Adler.

        * wtf/HashCountedSet.h:
        (WTF::::removeAll):

2009-09-24  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough.

        Fix FastMalloc to build with assertions enabled.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_Central_FreeList::ReleaseToSpans):
        * wtf/TCSpinLock.h:
        (TCMalloc_SpinLock::IsHeld):

2009-09-24  Geoffrey Garen  <ggaren@apple.com>

        Suggested by Darin Adler.

        Removed some unnecessary parameter names.

        * wtf/HashCountedSet.h:

2009-09-24  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        On Windows JSChar is typedef'ed to wchar_t.

        When building with WINSCW for Symbian we need to do the
        same typedef.

        * API/JSStringRef.h:

2009-09-23  Geoffrey Garen  <ggaren@apple.com>

        A piece of my last patch that I forgot.

        * wtf/HashCountedSet.h:
        (WTF::::clear): Added HashCountedSet::clear.

2009-09-24  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Avoid __clear_cache built-in function if DISABLE_BUILTIN_CLEAR_CACHE define is set
        https://bugs.webkit.org/show_bug.cgi?id=28886

        There are some GCC packages (for example GCC-2006q3 from CodeSourcery)
        which contain __clear_cache built-in function only for C while the C++
        version of __clear_cache is missing on ARM architectures.

        Fixed a small bug in the inline assembly of cacheFlush function on
        ARM_TRADITIONAL.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-09-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added the ability to swap vectors with inline capacities, so you can
        store a vector with inline capacity in a hash table.

        * wtf/Vector.h:
        (WTF::swap):
        (WTF::VectorBuffer::swap):

2009-09-23  David Kilzer  <ddkilzer@apple.com>

        Move definition of USE(PLUGIN_HOST_PROCESS) from WebKitPrefix.h to Platform.h

        Reviewed by Mark Rowe.

        * wtf/Platform.h: Define WTF_USE_PLUGIN_HOST_PROCESS to 1 when
        building on 64-bit SnowLeopard.  Define to 0 elsewhere.

2009-09-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Code sampling builds are broken.
        https://bugs.webkit.org/show_bug.cgi?id=29662

        Fix build.

        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * bytecode/SamplingTool.cpp:
        (JSC::ScriptSampleRecord::sample):
        (JSC::SamplingTool::doRun):
        (JSC::SamplingTool::notifyOfScope):
        (JSC::compareScriptSampleRecords):
        (JSC::SamplingTool::dump):
        * bytecode/SamplingTool.h:
        (JSC::ScriptSampleRecord::ScriptSampleRecord):
        (JSC::ScriptSampleRecord::~ScriptSampleRecord):
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::makeFunction):
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * parser/Nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::fromGlobalCode):
        * runtime/Executable.h:
        (JSC::ScriptExecutable::ScriptExecutable):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::EvalExecutable::create):
        (JSC::ProgramExecutable::ProgramExecutable):
        (JSC::FunctionExecutable::create):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-09-22  Darin Adler  <darin@apple.com>

        Reviewed by Sam Weinig.

        * wtf/Forward.h: Added PassOwnPtr.

2009-09-22  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by David Levin.

        Ported chromium.org's javascriptcore.gyp for the webkit chromium port.

        https://bugs.webkit.org/show_bug.cgi?id=29617

        * JavaScriptCore.gyp/JavaScriptCore.gyp: Added.

2009-09-22  Thiago Macieira  <thiago.macieira@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compilation with WINSCW: no varargs macros

        Disable variadic arguments for WINSCW just like we do
        for MSVC7.

        * wtf/Assertions.h:

2009-09-22  Kent Hansen  <khansen@trolltech.com>

        Reviewed by Simon Hausmann.

        Disable variadic macros on MSVC7.

        This was originally added in r26589 but not extended
        when LOG_DISABLED/ASSERT_DISABLED was introduced.

        * wtf/Assertions.h:

2009-09-22  Simon Hausmann  <simon.hausmann@nokia.com>

        Unreviewed build fix for Windows CE < 5

        Define WINCEBASIC to disable the IsDebuggerPresent() code in
        wtf/Assertions.cpp.

        * JavaScriptCore.pri:

2009-09-22  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by Simon Hausmann.

        Fix major memory leak in JavaScriptCore RegisterFile on Windows CE

        https://bugs.webkit.org/show_bug.cgi?id=29367

        On Widows CE we must decommit all committed pages before we release
        them. See VirtualFree documentation.
        Desktop Windows behaves much smoother in this situation.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):

2009-09-21  Greg Bolsinga  <bolsinga@apple.com>

        Reviewed by Simon Fraser & Sam Weinig.

        Add ENABLE(ORIENTATION_EVENTS)
        https://bugs.webkit.org/show_bug.cgi?id=29508

        * wtf/Platform.h: Also sort PLATFORM(IPHONE) #defines.

2009-09-21  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Eric Seidel.

        [Fix] SourceCode's uninitialized member
        
        Potential source of crashes and bugs was fixed. Default constructor
        didn't initialized m_provider member.

        https://bugs.webkit.org/show_bug.cgi?id=29364

        * parser/SourceCode.h:
        (JSC::SourceCode::SourceCode):

2009-09-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        REGRESSION (r48582): Crash in StructureStubInfo::initPutByIdTransition when reloading trac.webkit.org
        https://bugs.webkit.org/show_bug.cgi?id=29599

        It is unsafe to attempt to cache new property transitions on
        dictionaries of any type.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):

2009-09-21  Oliver Hunt  <oliver@apple.com>

        RS=Maciej Stachowiak.

        Re-land SNES fix with corrected assertion.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        * runtime/JSObject.cpp:
        (JSC::JSObject::removeDirect):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::despecifyDictionaryFunction):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::removePropertyTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::toCacheableDictionaryTransition):
        (JSC::Structure::toUncacheableDictionaryTransition):
        (JSC::Structure::fromDictionaryTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        * runtime/Structure.h:
        (JSC::Structure::isDictionary):
        (JSC::Structure::isUncacheableDictionary):
        (JSC::Structure::):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-09-21  Adam Roben  <aroben@apple.com>

        Revert r48573, as it caused many assertion failures

        * interpreter/Interpreter.cpp:
        * jit/JITStubs.cpp:
        * runtime/BatchedTransitionOptimizer.h:
        * runtime/JSObject.cpp:
        * runtime/Structure.cpp:
        * runtime/Structure.h:
        * runtime/StructureChain.cpp:

2009-09-21  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed make dist build fix. Missing files.

        * GNUmakefile.am:

2009-09-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam 'Cabin Boy' Weinig.

        Fix stack alignment with ARM THUMB2 JIT.
        https://bugs.webkit.org/show_bug.cgi?id=29526
        
        Stack is currently being decremented by 0x3c, bump this to 0x40 to make this a
        multiple of 16 bytes.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:

2009-09-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        SNES is too slow
        https://bugs.webkit.org/show_bug.cgi?id=29534

        The problem was that the emulator used multiple classes with
        more properties than our dictionary cutoff allowed, this resulted
        in more or less all critical logic inside the emulator requiring
        uncached property access.

        Rather than simply bumping the dictionary cutoff, this patch
        recognises that there are two ways to create a "dictionary"
        structure.  Either by adding a large number of properties, or
        by removing a property.  In the case of adding properties we
        know all the existing properties will maintain their existing
        offsets, so we could cache access to those properties, if we
        know they won't be removed.

        To make this possible, this patch adds the logic required to
        distinguish a dictionary created by addition from one created
        by removal.  With this logic in place we can now cache access
        to objects with large numbers of properties.

        SNES performance improved by more than 6x.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        * runtime/JSObject.cpp:
        (JSC::JSObject::removeDirect):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::despecifyDictionaryFunction):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::removePropertyTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::toCacheableDictionaryTransition):
        (JSC::Structure::toUncacheableDictionaryTransition):
        (JSC::Structure::fromDictionaryTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        * runtime/Structure.h:
        (JSC::Structure::isDictionary):
        (JSC::Structure::isUncacheableDictionary):
        (JSC::Structure::):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Implement ES5 Object.create function
        https://bugs.webkit.org/show_bug.cgi?id=29524

        Implement Object.create.  Very simple patch, effectively Object.defineProperties
        only creating the target object itself.

        * runtime/CommonIdentifiers.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorCreate):

2009-09-19  Dan Bernstein  <mitz@apple.com>

        Fix clean debug builds.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-19  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by George Staikos.

        QtWebKit Windows CE compile fix

        https://bugs.webkit.org/show_bug.cgi?id=29379

        There is no _aligned_alloc or _aligned_free on Windows CE.
        We just use the Windows code that was there before and use VirtualAlloc.
        But that also means that the BLOCK_SIZE must be 64K as this function
        allocates on 64K boundaries.

        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlock):
        * runtime/Collector.h:

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Implement ES5 Object.defineProperties function
        https://bugs.webkit.org/show_bug.cgi?id=29522

        Implement Object.defineProperties.  Fairly simple patch, simply makes use of
        existing functionality used for defineProperty.

        * runtime/CommonIdentifiers.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::defineProperties):
        (JSC::objectConstructorDefineProperties):

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Windows build fix part2

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Buildfix).

        Windows build fix part 1.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Implement ES5 Object.defineProperty function
        https://bugs.webkit.org/show_bug.cgi?id=29503

        Implement Object.defineProperty.  This requires adding the API to
        ObjectConstructor, along with a helper function that implements the
        ES5 internal [[ToPropertyDescriptor]] function.  It then adds
        JSObject::defineOwnProperty that implements the appropriate ES5 semantics.
        Currently defineOwnProperty uses a delete followed by a put to redefine
        attributes of a property, clearly this is less efficient than it could be
        but we can improve this if it needs to be possible in future.

        * JavaScriptCore.exp:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::defineGetter):
        (JSC::DebuggerActivation::defineSetter):
        * debugger/DebuggerActivation.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
          Update defineGetter/Setter calls
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertySlot):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::defineGetter):
        (JSC::JSGlobalObject::defineSetter):
        * runtime/JSGlobalObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::putDescriptor):
        (JSC::JSObject::defineOwnProperty):
        * runtime/JSObject.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        (JSC::toPropertyDescriptor):
        (JSC::objectConstructorDefineProperty):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        * runtime/PropertyDescriptor.cpp:
        (JSC::PropertyDescriptor::writable):
        (JSC::PropertyDescriptor::enumerable):
        (JSC::PropertyDescriptor::configurable):
        (JSC::PropertyDescriptor::isDataDescriptor):
        (JSC::PropertyDescriptor::isGenericDescriptor):
        (JSC::PropertyDescriptor::isAccessorDescriptor):
        (JSC::PropertyDescriptor::getter):
        (JSC::PropertyDescriptor::setter):
        (JSC::PropertyDescriptor::setDescriptor):
        (JSC::PropertyDescriptor::setAccessorDescriptor):
        (JSC::PropertyDescriptor::setWritable):
        (JSC::PropertyDescriptor::setEnumerable):
        (JSC::PropertyDescriptor::setConfigurable):
        (JSC::PropertyDescriptor::setSetter):
        (JSC::PropertyDescriptor::setGetter):
        (JSC::PropertyDescriptor::equalTo):
        (JSC::PropertyDescriptor::attributesEqual):
        (JSC::PropertyDescriptor::attributesWithOverride):
        * runtime/PropertyDescriptor.h:
        (JSC::PropertyDescriptor::PropertyDescriptor):
        (JSC::PropertyDescriptor::value):
        (JSC::PropertyDescriptor::setValue):
        (JSC::PropertyDescriptor::isEmpty):
        (JSC::PropertyDescriptor::writablePresent):
        (JSC::PropertyDescriptor::enumerablePresent):
        (JSC::PropertyDescriptor::configurablePresent):
        (JSC::PropertyDescriptor::setterPresent):
        (JSC::PropertyDescriptor::getterPresent):
        (JSC::PropertyDescriptor::operator==):
        (JSC::PropertyDescriptor::):

2009-09-18  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Build fix to enable ARM_THUMB2 on Linux
        https://bugs.webkit.org/show_bug.cgi?id=

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * jit/JITStubs.cpp:
        * wtf/Platform.h:

2009-09-18  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Defines two pseudo-platforms for ARM and Thumb-2 instruction set.
        https://bugs.webkit.org/show_bug.cgi?id=29122

        Introduces WTF_PLATFORM_ARM_TRADITIONAL and WTF_PLATFORM_ARM_THUMB2
        macros on ARM platforms. The PLATFORM(ARM_THUMB2) should be used
        when Thumb-2 instruction set is the required target. The
        PLATFORM(ARM_TRADITIONAL) is for generic ARM instruction set. In
        case where the code is common the PLATFORM(ARM) have to be used.

        * assembler/ARMAssembler.cpp:
        * assembler/ARMAssembler.h:
        * assembler/ARMv7Assembler.h:
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.cpp:
        * assembler/MacroAssemblerARM.h:
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        * jit/ExecutableAllocator.h:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::beginUninterruptedSequence):
        (JSC::JIT::preserveReturnAddressAfterCall):
        (JSC::JIT::restoreReturnAddressBeforeReturn):
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):

2009-09-18  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by Simon Hausmann.

        Fix the Qt/Windows CE build.

        * JavaScriptCore.pri: Build the ce_time.cpp functions from
        within Qt externally.
        * wtf/DateMath.cpp: Removed unnecessary Qt #ifdef, for the
        Qt build these functions are no external, too.

2009-09-17  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        Symbian/WINSCW build fox.

        Repeat Q_OS_WIN wchar_t hack for WINSCW, similar to
        revision 24774.

        WINSCW defines wchar_t, thus UChar has to be wchar_t

        * wtf/unicode/qt4/UnicodeQt4.h:

2009-09-17  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        Symbian/WINSCW build fix.

        https://bugs.webkit.org/show_bug.cgi?id=29186

        WINSCW Template specialisation name in declaration must the be the same as in implementation.

        * runtime/LiteralParser.h:

2009-09-15  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=27060

        Symbian compiler for emulator target (WINSCW) fails with
        "illegal operand" for m_attributesInPrevious in structure.ccp
        (when calling make_pair functions).
        This error is apparently due to the compiler not properly
        resolving the unsigned type of the declared bitfield.

        Initial patch explicitly casted m_attributesInPrevious
        to unsigned, but since bitfield optimization is not critical for
        the emulator target, this conditional change in header file
        appears to be least intrusive.

        * runtime/Structure.h:

2009-09-16  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Fix GCC warnings on ARM_THUMB2 platform

        * assembler/ARMv7Assembler.h:
        (JSC::ARMThumbImmediate::countLeadingZerosPartial):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerARMv7::moveFixedWidthEncoding):

2009-09-16  Greg Bolsinga  <bolsinga@apple.com>

        Add ENABLE(INSPECTOR)
        https://bugs.webkit.org/show_bug.cgi?id=29260

        Reviewed by David Kilzer.

        * wtf/Platform.h:

2009-09-16  Greg Bolsinga  <bolsinga@apple.com>

        Add ENABLE(CONTEXT_MENUS)
        https://bugs.webkit.org/show_bug.cgi?id=29225

        Reviewed by David Kilzer.

        * wtf/Platform.h:

2009-09-16  Benjamin C Meyer  <benjamin.meyer@torchmobile.com>

        Reviewed by Eric Seidel.

        The webkit stdint and stdbool headers exists because
        the compiler MSVC doesn't include them.  The check
        should not check for PLATFORM(WIN_OS) but for MSVC.

        * os-win32/stdbool.h:
        * os-win32/stdint.h:

2009-09-16  Greg Bolsinga  <bolsinga@apple.com>

        Add ENABLE(DRAG_SUPPORT)
        https://bugs.webkit.org/show_bug.cgi?id=29233

        Reviewed by David Kilzer.

        * wtf/Platform.h:

2009-09-16  Kevin Ollivier  <kevino@theolliviers.com>

        waf build fix after flag was moved to correct place.

        * wscript:

2009-09-16  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Build fix for 64-bit Qt on Mac OS X

        * wtf/Platform.h: Use JSVALUE64 on DARWIN, not only on MAC

2009-09-16  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        [Qt] Fix wtf/ThreadSpecific.h under Qt to free thread local objects.
        https://bugs.webkit.org/show_bug.cgi?id=29295

        This is an important fix when JavaScript workers are in use, since
        unfreed ThreadGlobalDatas leak a big amount of memory (50-100k each).
        QThreadStorage calls the destructor of a given object, which is the
        ThreadSpecific::Data. Unlike pthread, Qt is object oriented, and does
        not support the calling of a static utility function when the thread
        is about to close. In this patch we call the ThreadSpecific::destroy()
        utility function from the destructor of ThreadSpecific::Data. Moreover,
        since Qt resets all thread local values to 0 before the calling of the
        appropriate destructors, we set back the pointer to its original value.
        This is necessary because the get() method of the ThreadSpecific
        object may be called during the exuction of the destructor.

        * wtf/ThreadSpecific.h:
        (WTF::ThreadSpecific::Data::~Data):
        (WTF::::~ThreadSpecific):
        (WTF::::set):
        (WTF::::destroy):

2009-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Allow anonymous storage inside JSObject
        https://bugs.webkit.org/show_bug.cgi?id=29168

        Add the concept of anonymous slots to Structures so that it is
        possible to store references to values that need marking in the
        standard JSObject storage buffer.  This allows us to reduce the
        malloc overhead of some objects (by allowing them to store JS
        values in the inline storage of the object) and reduce the 
        dependence of custom mark functions (if all an objects children
        are in the standard object property storage there's no need to
        mark them manually).

        * JavaScriptCore.exp:
        * runtime/JSObject.h:
        (JSC::JSObject::putAnonymousValue):
        (JSC::JSObject::getAnonymousValue):
        (JSC::JSObject::addAnonymousSlots):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        (JSC::JSWrapperObject::JSWrapperObject):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/PropertyMapHashTable.h:
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
        (JSC::Structure::materializePropertyMap):
        (JSC::Structure::addAnonymousSlotsTransition):
        (JSC::Structure::copyPropertyTable):
        (JSC::Structure::put):
        (JSC::Structure::rehashPropertyMapHashTable):
        * runtime/Structure.h:
        (JSC::Structure::propertyStorageSize):
        (JSC::StructureTransitionTable::reifySingleTransition):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::TransitionTable::addSlotTransition):
        (JSC::StructureTransitionTable::TransitionTable::removeSlotTransition):
        (JSC::StructureTransitionTable::TransitionTable::getSlotTransition):
        (JSC::StructureTransitionTable::getAnonymousSlotTransition):
        (JSC::StructureTransitionTable::addAnonymousSlotTransition):
        (JSC::StructureTransitionTable::removeAnonymousSlotTransition):

2009-09-15  Alex Milowski  <alex@milowski.com>

        Reviewed by Tor Arne Vestbø.

        Added the ENABLE_MATHML define to the features

        * Configurations/FeatureDefines.xcconfig:

2009-09-15 Csaba Osztrogonac <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        [Qt] Build fix for windows.

        After http://trac.webkit.org/changeset/47795 the MinGW build broke,
        because MinGW has __mingw_aligned_malloc instead of _aligned_malloc.

        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock): MinGW case added.
        (JSC::Heap::freeBlock): MinGW case added.

2009-09-15  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        [Qt] Build fix for Windows/MinGW

        https://bugs.webkit.org/show_bug.cgi?id=29268

        * wtf/Platform.h: JSVALUE32_64 temporarily disabled on PLATFORM(WIN_OS) with COMPILER(MINGW)

2009-09-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Detect VFP at runtime in generic ARM port on Linux platform.
        https://bugs.webkit.org/show_bug.cgi?id=29076

        * JavaScriptCore.pri:
        * assembler/MacroAssemblerARM.cpp: Added.
        (JSC::isVFPPresent):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::supportsFloatingPoint):

2009-09-14  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        [Qt] Build fix for windows build.

        * JavaScriptCore.pri: Correct a logic error.
        * pcre/dftables: Add missing paranthesis for tmpdir function.

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Build fix for windows exports (again).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Build fix for windows exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Correct fix for non-allinonefile builds

        * runtime/ObjectConstructor.cpp:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Fix non-allinonefile builds

        * runtime/ObjectConstructor.cpp:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        [ES5] Implement Object.keys
        https://bugs.webkit.org/show_bug.cgi?id=29170

        This patch basically requires two separate steps, the first is to split getPropertyNames
        into two functions -- getOwnPropertyNames and getPropertyNames, basically making them behave
        in the same way as getOwnPropertySlot and getPropertySlot.  In essence getOwnPropertyNames
        produces the list of properties on an object excluding its prototype chain and getPropertyNames
        just iterates the the object and its prototype chain calling getOwnPropertyNames at each level.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertyNames):
        * JavaScriptCore.exp:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::getOwnPropertyNames):
        * debugger/DebuggerActivation.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertyNames):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::getOwnPropertyNames):
        * runtime/JSByteArray.h:
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::getOwnPropertyNames):
        * runtime/JSNotAnObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::getOwnPropertyNames):
        * runtime/JSObject.h:
        * runtime/JSVariableObject.cpp:
        (JSC::JSVariableObject::getOwnPropertyNames):
        * runtime/JSVariableObject.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorKeys):
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertyNames):
        * runtime/StringObject.cpp:
        (JSC::StringObject::getOwnPropertyNames):
        * runtime/StringObject.h:
        * runtime/Structure.cpp:
        (JSC::Structure::getOwnEnumerablePropertyNames):
        (JSC::Structure::getEnumerablePropertyNames):
        * runtime/Structure.h:

2009-09-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        getPropertyNames caching is invalid when the prototype chain contains objects with custom getPropertyNames
        https://bugs.webkit.org/show_bug.cgi?id=29214

        Add a flag to TypeInfo to indicate whether a type overrides getPropertyNames.
        This flag is used to make sure that caching of the property name data is safe.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        * runtime/JSTypeInfo.h:
        (JSC::TypeInfo::hasDefaultGetPropertyNames):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-09-11  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=29207
        Add checks for using WebCore JS context on secondary threads

        * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        Added a new mainThreadOnly flag that WebCore would set.

        * runtime/Collector.cpp: (JSC::Heap::registerThread): JSC API methods always call this,
        so this is a good place to check that the API isn't used form a wrong thread.

2009-09-11  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        Compiling JavaScriptCore on sparc 64 with gcc fails.

        ThreadSafeShared uses the atomic __gnu_cxx::__exchange_and_add with an int,
        however on sparc 64 the _Atomic_word argument is typedefed to long (8 bytes).

        The patch disables WTF_USE_LOCKFREE_THREADSAFESHARED in ThreadSafeShared to use
        a mutex instead when compiling for sparc 64 with gcc.

        https://bugs.webkit.org/show_bug.cgi?id=29175

        * wtf/Platform.h:
        __sparc64__ is not defined on all OS.
        Uses instead: __sparc__ && __arch64__ || __sparcv9
        * wtf/Threading.h:

2009-09-11  Prasanth Ullattil  <prasanth.ullattil@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compile error on Windows7(64Bit) with latest SDK.

        Added the missing include file.

        * runtime/UString.cpp:

2009-09-11  Joerg Bornemann  <joerg.bornemann@trolltech.com>

        Reviewed by Simon Hausmann.

        Qt/Windows CE compile fix, include the executable allocator and
        markstack implementation in the windows build.

        * JavaScriptCore.pri:

2009-09-08  John Abd-El-Malek  <jam@chromium.org>

        Reviewed by Dimitri Glazkov.

        Remove unneeded define for ActiveX.
        https://bugs.webkit.org/show_bug.cgi?id=29054

        * wtf/Platform.h:

2009-09-10  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Sam Weinig.

        Update JavaScriptCore and WebKit's FeatureDefines.xcconfig so that they are in sync with WebCore as they need to be.

        * Configurations/FeatureDefines.xcconfig:

2009-09-10  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        Export WTF::tryFastMalloc used in WebSocketChannel.
        https://bugs.webkit.org/show_bug.cgi?id=28038

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Make StructureTransitionTable use an enum for the PtrAndFlags member
        used for the single transition slot optimisation.

        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::StructureTransitionTable):
        (JSC::StructureTransitionTable::usingSingleTransitionSlot):
        (JSC::StructureTransitionTable::):

2009-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Refactor StructureTransitionTable and Structure to unify handling of the single slot optimization
        https://bugs.webkit.org/show_bug.cgi?id=29141

        Make StructureTransitionTable encapsulate the single transition slot optimization.

        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::~Structure):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::StructureTransitionTable::contains):
        (JSC::StructureTransitionTable::get):
        (JSC::StructureTransitionTable::hasTransition):
        (JSC::StructureTransitionTable::reifySingleTransition):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::StructureTransitionTable):
        (JSC::StructureTransitionTable::~StructureTransitionTable):
        (JSC::StructureTransitionTable::remove):
        (JSC::StructureTransitionTable::add):
        (JSC::StructureTransitionTable::table):
        (JSC::StructureTransitionTable::singleTransition):
        (JSC::StructureTransitionTable::usingSingleTransitionSlot):
        (JSC::StructureTransitionTable::setSingleTransition):
        (JSC::StructureTransitionTable::setTransitionTable):
        (JSC::StructureTransitionTable::):
        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):

2009-09-10  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Implement fastDeleteSkippingDestructor for FastAllocBase and fastDeleteAllValues for HashSet
        https://bugs.webkit.org/show_bug.cgi?id=25930

        FastAllocBase has been extended with fastDeleteSkippingDestructor function which
        releases memory without destructor call. fastDeleteAllValues has been implemented 
        similar as deleteAllValues but it uses fastDelete function to release memory.

        * wtf/FastAllocBase.h:
        (WTF::fastDeleteSkippingDestructor):
        * wtf/HashSet.h:
        (WTF::fastDeleteAllValues):

2009-09-10  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        ARM compiler does not understand GCC visibility attribute
        https://bugs.webkit.org/show_bug.cgi?id=29079

        * API/JSBase.h: Make the test more specific to hit only
        the GCC compiler

2009-09-10  Adam Barth  <abarth@webkit.org>

        Unreviewed revert of the previous change.  It broke the tests.

        * wtf/dtoa.cpp:
        (WTF::dtoa):

2009-09-10  Ben Laurie  <benl@google.com>

        Reviewed by Adam Barth.

        <https://bugs.webkit.org/show_bug.cgi?id=26836>

        If dtoa was given a small buffer and the number was either infinite or
        NaN, then the buffer would be overflowed.

        * wtf/dtoa.cpp:

2009-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Change reinterpret_cast to static_cast in r48212.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Remove WTF_PLATFORM_FORCE_PACK as it is no longer used
        https://bugs.webkit.org/show_bug.cgi?id=29066

        * wtf/Platform.h:

2009-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Ariya Hidayat.

        Implement flushing the instruction cache for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29075

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush): Call IMB_Range to flush
        the instruction cache on Symbian

2009-09-09  Kent Hansen  <khansen@trolltech.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=29024
        Make JavaScriptCore compile on platforms with case-insensitive file systems and typeinfo.h in STL

        These platforms include Microsoft Visual Studio 2003, and Symbian with Metrowerks compiler.

        * JavaScriptCore.gypi:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSTypeInfo.h: Copied from JavaScriptCore/runtime/TypeInfo.h.
        * runtime/Structure.h:
        * runtime/TypeInfo.h: Removed.

2009-09-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        JSON.stringify(Date) loses the milliseconds information
        https://bugs.webkit.org/show_bug.cgi?id=29063

        Make sure we include milliseconds in the output of toISOString.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToISOString):

2009-09-08  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix, generate derived sources earlier in order to make sure
        they're found by the build system when generating the list of sources to build.

        * wscript:

2009-09-08  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        Build fix when USE(LOCKFREE_THREADSAFESHARED) is not defined
        https://bugs.webkit.org/show_bug.cgi?id=29011

        * wtf/Threading.h: Use LOCKFREE_THREADSAFESHARED guard for 
        atomicIncrement and atomicDecrement

2009-09-07  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control in Yarr's RegexInterpreter
        https://bugs.webkit.org/show_bug.cgi?id=29025

        Inherits RegexInterpreter classes from FastAllocBase (bug #20422), which has
        been instantiated by 'new':

        class ByteDisjunction
        -> instantiated in JavaScriptCore/yarr/RegexInterpreter.cpp:1462

        struct BytecodePattern
        -> instantiated in JavaScriptCore/yarr/RegexInterpreter.cpp:1279

        * yarr/RegexInterpreter.h:

2009-09-07  Drew Wilson  <atwilson@google.com>

        Reverting r48121 to fix Windows build errors.

        * JavaScriptCore.exp:

2009-09-07  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        Enable SHARED_WORKERS by default
        https://bugs.webkit.org/show_bug.cgi?id=28959

        * Configurations/FeatureDefines.xcconfig:

2009-09-07  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        Export WTF::tryFastMalloc used in WebSocketChannel.
        https://bugs.webkit.org/show_bug.cgi?id=28038

        * JavaScriptCore.exp:

2009-09-04  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Fix windows export files

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-04  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        [[ToString]] conversion should use the actual toString function for String objects.

        Remove incorrect specialisations of toString conversions on StringObject.

        * JavaScriptCore.exp:
        * runtime/StringObject.cpp:
        * runtime/StringObject.h:

2009-09-04  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Add new export.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Add new export.

2009-09-04  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Remove unneeded export.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Remove unneeded export.

2009-09-04  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        DateInstance object collected on ARM JIT (JSValue: WTF_USE_JSVALUE32)
        https://bugs.webkit.org/show_bug.cgi?id=28909

        Part two.

        Make some improvements to garbage collection code:

            1) Create a runtime assertion that catches any classes that
               override markChildren but have the HasDefaultMark bit set.
            2) Remove checks of the mark bit outside the MarkStack::append
               function; they are redundant.
            3) Improve the efficiency of the asObject and asArray functions
               when called on JSCell* to avoid a round trip to JSValue.
            4) Make more callers use the checked asCell and asObject
               casting functions rather than unchecked casts.
            5) Removed the JSCell::marked function and other GC-related
               functions because these operations are no longer things that
               code other than the core GC code needs to do directly. Fixed
               callers that were calling them.

        * runtime/Collector.cpp:
        (JSC::Heap::markConservatively): Removed unneeded call to MarkStack::drain.
        (JSC::Heap::markProtectedObjects): Removed unneeded check of the mark
        bit and call to MarkStack::drain.
        (JSC::Heap::collect): Removed unneeded checks of the mark bit and also
        changed call to SmallStrings::mark to call markChildren instead to match
        the rest of the objects.
        (JSC::typeName): Removed unneeded cast to JSObject*.

        * runtime/JSArray.h:
        (JSC::asArray): Added an overload for JSCell* and changed the JSValue
        version to call it. Removed some unneeded casts.
        (JSC::JSArray::markChildrenDirect): Marked this function inline. It's in
        a header, and if not marked inline this could lead to linking problems.
        (JSC::MarkStack::markChildren): Added. This helper function is used by
        the drain function to avoid repating code. Also added the code here to
        check fro default mark violations in debug code. If a markChildren
        function adds something to the mark stack, but the type info claimed
        hasDefaultMark was true, then we will get an assertion now. Also fixed
        the assertion about the mark bit to use the Heap function directly
        because we don't have a JSCell::marked function any more.
        (JSC::MarkStack::drain): Changed a local variable from "v" to "value",
        and from "currentCell" to "cell". Changed to call markChildren in two
        places instead of repeating a chain of if statements twice. Changed
        code that reads and writes the mark bit to use Heap::isCellMarked and
        Heap::markCell so we can eliminate the JSCell::marked and
        JSCell::markCellDirect functions.

        * runtime/JSCell.h: Removed JSCell's markCellDirect and marked member
        functions. Added a comment explaining that asCell should be deprecated
        in favor of the JSValue asCell member function.
        (JSC::MarkStack::append): Added the assertion that catches callers
        that have set the HasDefaultMark bit incorrectly. Changed
        code that reads and writes the mark bit to use Heap::isCellMarked and
        Heap::markCell so we can eliminate the JSCell::marked and
        JSCell::markCellDirect functions. Moved the overload of
        MarkStack::append for JSValue here so it can call through to the cell
        version. The old version had a copy of all the code instead, but that
        repeated the conversion from JSValue to JSCell* and the check for
        whether a value is a cell multiple times.
        (JSC::Structure::markAggregate): Moved this function here to avoid
        dependencies for Structure.h, since this calls MarkStack::append.

        * runtime/JSObject.cpp:
        (JSC::JSObject::markChildren): Added code to clear
        m_isCheckingForDefaultMarkViolation so the marking done by JSObject
        doesn't trigger the assertion.

        * runtime/JSValue.h: Moved some stray includes that were outside the
        header guard inside it. Not sure how that happened! Removed the
        GC-related member functions markChildren, hasChildren, marked, and
        markDirect.

        * runtime/JSWrapperObject.h: Made markChildren private.
        (JSC::JSWrapperObject::createStructure): Added. Fixes a bug where the
        HasDefaultMark bit was set.

        * runtime/MarkStack.h: Added m_isCheckingForDefaultMarkViolation and
        initialized it to false. Moved the append function body from here to
        JSCell.h. Added a declaration of a private markChildren function used
        inside the drain function.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::markChildren): Changed the name and style of this
        function to match other functions. This allows us to share the normal
        mark stack code path.

        * runtime/SmallStrings.h: Changed the name and interface of mark to
        the more-normal markChildren style.

        * runtime/Structure.h: Moved the body of markAggregate into the
        JSCell.h to avoid a circular dependency with JSCell.h.

2009-09-04  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        DateInstance object collected on ARM JIT (JSValue: WTF_USE_JSVALUE32)
        https://bugs.webkit.org/show_bug.cgi?id=28909

        Part one.

        Make some improvements to garbage collection code:

            1) Fix the two classes that had the default mark bit set but
               should not.
            2) Remove checks of the mark bit outside the MarkStack::append
               function; they are redundant.
            3) Make more callers use the checked asCell and asObject
               casting functions rather than unchecked casts.
            4) Removed some GC-related functions because these operations are
               no longer things that code other than the core GC code needs
               to do directly. Fixed callers that were calling them.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate): Removed unneeded check of the mark
        bit before calling MarkStack::append.

        * interpreter/Register.h: Removed unneeded marked and markChildren
        functions.

        * jit/JITStubs.cpp:
        (op_eq): Removed unneeded assertions, instead using checked casting
        functions such as asObject.

        * runtime/ArgList.h: Added now-needed forward declaration of MarkStack.

        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren): Remmoved unneeded check of the mark bit.

        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure): Added. Fixes a bug where the
        HasDefaultMark bit was set.

        * runtime/JSCell.cpp:
        (JSC::JSCell::getObject): Use asObject to avoid a direct static_cast.

        * runtime/JSObject.h:
        (JSC::asObject): Added an overload for JSCell* and changed the JSValue
        version to call it.
        (JSC::JSValue::get): Use asObject to avoid a direct static_cast.

        * runtime/JSWrapperObject.h: Made markChildren private.
        (JSC::JSWrapperObject::createStructure): Added. Fixes a bug where the
        HasDefaultMark bit was set. Later we may want to optimize this for
        wrapper types that never have cells in their internal values, but there
        is no measured performance regression in SunSpider or V8 doing this
        all the time.

        * runtime/MarkStack.cpp: Tweaked formatting.

2009-09-04  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix. Switch USE_ defines over to the compiler so that they can be
        checked by files not including config.h (like WebCorePrefix.h).

        * wtf/Platform.h:

2009-09-03  Yong Li  <yong.li@torchmobile.com>

        Reviewed by David Levin.

        Remove unnecessary dependency on unistd.h
        https://bugs.webkit.org/show_bug.cgi?id=28962

        * runtime/Completion.cpp:

2009-09-03  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Eric Seidel.

        Add strnstr for Linux and Windows in StringExtras.h
        https://bugs.webkit.org/show_bug.cgi?id=28901

        * wtf/StringExtras.h:
        (strnstr):

2009-09-03  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's HashEntry class
        https://bugs.webkit.org/show_bug.cgi?id=27830

        Inherits HashEntry class from FastAllocBase because it has been
        instantiated by 'new' JavaScriptCore/runtime/Lookup.cpp:32.

        * runtime/Lookup.h:

2009-09-02  Gavin Barraclough  <barraclough@apple.com>

        Should crash if JIT code buffer allocation fails.

        https://bugs.webkit.org/show_bug.cgi?id=28926
        <rdar://problem/7031922>

        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemAlloc):
        * jit/ExecutableAllocatorWin.cpp:
        (JSC::ExecutablePool::systemAlloc):

2009-09-02  Kevin Ollivier  <kevino@theolliviers.com>

        waf build fixes for Windows/MSVC.

        * wscript:

2009-09-02  Kevin Ollivier  <kevino@theolliviers.com>

        Build fix for building on Windows.

        * wtf/ThreadingPthreads.cpp:

2009-09-02  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Eric Seidel.

        Use fastMalloc when neither MMAP nor VIRTUALALLOC are enabled
        
        RegisterFile constructor currently throws #error when both
        MMAP and VIRTUALALLOC conditions fail.
        On any platform that does not provide these features
        (for instance, Symbian),
        the fallback should be regular malloc (or fastMalloc).
        It is functionally equivalent in this case, even though it may
        have certain drawbacks such as lack of dynamic pre-allocation.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):

2009-08-31  Robert Agoston  <Agoston.Robert@stud.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Fixed typo.
        https://bugs.webkit.org/show_bug.cgi?id=28691

        * parser/Parser.h:
        (JSC::Parser::parse):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        JSON Stringifier does not follow ES5 spec for handling of Number, String and Boolean objects
        https://bugs.webkit.org/show_bug.cgi?id=28797

        Fixed unwrapBoxedPrimitive to do the right thing, which necessitated a couple of new exception
        checks, and corrected the logic in gap to correctly convert Number and String objects.

        * runtime/JSONObject.cpp:
        (JSC::unwrapBoxedPrimitive):
        (JSC::gap):
        (JSC::Stringifier::Stringifier):
        (JSC::Stringifier::appendStringifiedValue):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Adam Roben.

        JSON.stringify replacer array does not accept values that are not string primitives.
        https://bugs.webkit.org/show_bug.cgi?id=28788

        Update the JSON stringifier to initialise its replacer array according to the most
        recent version of the spec.

        * runtime/Identifier.h:
        (JSC::Identifier::from):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Stringifier):

2009-08-27  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=28753
        <rdar://problem/7173448> Excessive number of threads (and a crash)

        * wtf/Threading.h: (WTF::atomicIncrement): Changed atomicIncrement to match decrement
        and return the new value. Also added using directives for these functions, to match
        te rest of WTF.

2009-08-27  Brent Fulgham  <bfulgham@webkit.org>

        Reviewed by Adam Roben.

        Link the testapi against CFLite when building the WinCairo port.

        * JavaScriptCore.vcproj/testapi/testapi.vcproj: Add new Release_CFLite
          target.  Update all targets to inherit from either the
          JavaScriptCF.vsprops (Apple target) or the JavaScriptCFLite.vsprops
          file (WinCairo target).
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops: Remove
          input file CoreFoundation.lib. This is provided by either the
          JavaScriptCF.vsprops or JavaScriptCFLite.vsprops file.

2009-08-27  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Geoff Garen.
        
        Fix Windows-specific crash due to missing memory clearing call.
        
        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock):

2009-08-27  Brent Fulgham  <bfulgham@webkit.org>

        Build fix: JavaScriptCore_debug.def missing some exports.  Apple
        Windows build does not use this file, so it was not noticed previously.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-27  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        x86-64 GTK broken due to code offsets changing, pointers sometimes packed into immediates.
        https://bugs.webkit.org/show_bug.cgi?id=28317

        Missed one, fix part II.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::move):
        * assembler/X86Assembler.h:
        (JSC::CAN_SIGN_EXTEND_8_32):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Adam Roben.

        JSON.stringify replacer array does not accept values that are not string primitives.
        https://bugs.webkit.org/show_bug.cgi?id=28788

        Update the JSON stringifier to initialise its replacer array according to the most
        recent version of the spec.

        * runtime/Identifier.h:
        (JSC::Identifier::from):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Stringifier):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        JSON parser accepts trailing comma in array literals
        https://bugs.webkit.org/show_bug.cgi?id=28779

        Update parser to correctly fail if there's a trailing comma.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        'this' in JSON.parse reviver is the global object
        https://bugs.webkit.org/show_bug.cgi?id=28752

        This is a technically simple change, we merely update the code for calling
        the reviver function to pass the correct this object.  Doing so however
        exposes the holder to arbitrary mutation by the reviver function so it is
        necessary for us to now guard all property accesses against the possibility
        of failure.

        * runtime/JSArray.h:
          JSON needs to delete a property from the array, so we friend its 
          Walker class so that we can make a non-virtual call to the arrays
          delete and getOwnPropertySlot methods.
        * runtime/JSONObject.cpp:
        (JSC::Walker::callReviver):
          We need to pass the correct this object
        (JSC::Walker::walk):
          Update calls to callReviver, and update property logic logic
          to correctly handle the holder being mutated by the reviver
          function.

2009-08-26  Alice Liu  <alice.liu@apple.com>

        Windows build fix: added some exported symbols

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Removed some exported symbols that no longer exist.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Olliejver Hunt.

        x86-64 GTK broken due to code offsets changing, pointers sometimes packed into immediates.
        https://bugs.webkit.org/show_bug.cgi?id=28317

        We rely on a slightly OS X specific behaviour, that x86-64 applications have a 4Gb zero page,
        so pointers are never representable as a 32-bit integer, and always have to be represented by
        a separate immediate load instruction, rather than within the immediate field of an arithmetic
        or memory operation.

        We explicitly check for a couple of cases where a value might be representable in 32-bit, but
        these probably never kick in on Mac OS, and only kick in to hose GTK.  Deleting these does not
        show a performance degradation on SunSpider.  Remove.

        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::storePtr):
        (JSC::MacroAssemblerX86_64::branchPtr):

2009-08-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        A bit of Collector refatoring.
        
        SunSpider says no change. v8 says 1.003x faster (1.02x faster on splay).

        * JavaScriptCore.exp:

        * runtime/JSCell.cpp:
        (JSC::JSCell::toPrimitive):
        (JSC::JSCell::getPrimitiveNumber):
        (JSC::JSCell::toBoolean):
        (JSC::JSCell::toNumber):
        (JSC::JSCell::toString):
        (JSC::JSCell::toObject): Removed pure virtual functions from
        JSCell, so the collector can construct one. This allowed
        me to remove a bunch of ASSERT_NOT_REACHED throughout the
        code, too.

        * runtime/JSCell.h:
        (JSC::JSCell::JSCell): ditto
        (JSC::Heap::heap): Inlined this function because it's trivial.

        * JavaScriptCore.exp:

        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlock):
        (JSC::Heap::freeBlocks): Renamed freeHeap to freeBlocks, since
        it doesn't actually free the Heap object.
        (JSC::Heap::heapAllocate):
        (JSC::Heap::sweep):
        * runtime/Collector.h: Refactored block allocation and destruction
        into helper functions.
        
        * runtime/GetterSetter.cpp:
        * runtime/JSAPIValueWrapper.cpp:
        * runtime/JSPropertyNameIterator.cpp: Removed dummy implementations
        of pure virtual functions. (See above.)

=== End re-roll-in of r47738:47740 with Windows crash fixed ===

2009-08-26  Geoffrey Garen  <ggaren@apple.com>

        Build fix: start out with a 32-bit value to avoid a shortening warning.

        * runtime/Collector.cpp:
        (JSC::Heap::sweep):

2009-08-24  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Substantially reduced VM thrash in the GC heap.
        
        1.08x faster on v8 (1.60x faster on v8-splay).
        
        1.40x faster on bench-alloc-nonretained.
        
        1.90x faster on bench-alloc-retained.
        
        SunSpider says no change.
        
        * runtime/Collector.cpp:
        (JSC::Heap::heapAllocate): Fixed a long-standing bug: update a few local
        variables unconditionally after calling collect(), since they may be used
        even if we don't "goto scan". (In the bug I saw, usedBlocks got out of
        sync with heap.usedBlocks).
        (JSC::Heap::sweep): Keep enough free heap space to accomodate 
        the number of objects we'll allocate before the next GC, plus 25%, for
        good measure.
        * runtime/Collector.h: Bumped the block size to 256k. This seems to give
        the best cache performance, and it prevents us from initiating lots of
        VM traffic to recover very small chunks of memory.

=== Begin re-roll-in of r47738:47740 with Windows crash fixed ===

2009-08-25  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        postMessage() spec now supports sending arrays of ports
        https://bugs.webkit.org/show_bug.cgi?id=26902

        Added OwnPtr to VectorTraits so we can store OwnPtrs in Vectors.

        * wtf/VectorTraits.h:

2009-08-26  Xan Lopez  <xlopez@igalia.com>

        Rubber-stamped by Gustavo Noronha.

        Remove duplicated files from file list.

        * GNUmakefile.am:

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        More export fixes.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Hopefully fix all the exports from JSC on windows

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fixes).

        Forgot I added files to JavaScriptCore. 

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCoreSources.bkl:

2009-08-25  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        [ES5] Implement getOwnPropertyDescriptor
        https://bugs.webkit.org/show_bug.cgi?id=28724

        Implement the core runtime support for getOwnPropertyDescriptor.
        This adds a virtual getOwnPropertyDescriptor method to every class
        that implements getOwnPropertySlot that shadows the behaviour of
        getOwnPropertySlot.  The alternative would be to make getOwnPropertySlot
        (or PropertySlots in general) provide property attribute information,
        but quick testing showed this to be a regression.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Arguments.cpp:
        (JSC::Arguments::getOwnPropertyDescriptor):
        * runtime/Arguments.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::getOwnPropertyDescriptor):
        * runtime/ArrayPrototype.h:
        * runtime/CommonIdentifiers.h:
        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::getOwnPropertyDescriptor):
        * runtime/DatePrototype.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertyDescriptor):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::getOwnPropertyDescriptor):
        * runtime/JSByteArray.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::getOwnPropertyDescriptor):
        * runtime/JSFunction.h:
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::getOwnPropertyDescriptor):
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::getOwnPropertyDescriptor):
        * runtime/JSNotAnObject.h:
        * runtime/JSONObject.cpp:
        (JSC::JSONObject::getOwnPropertySlot):
        (JSC::JSONObject::getOwnPropertyDescriptor):
        * runtime/JSONObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::getOwnPropertyDescriptor):
        (JSC::JSObject::getPropertyDescriptor):
        * runtime/JSObject.h:
        * runtime/JSString.cpp:
        (JSC::JSString::getStringPropertyDescriptor):
        (JSC::JSString::getOwnPropertyDescriptor):
        * runtime/JSString.h:
        * runtime/JSVariableObject.cpp:
        (JSC::JSVariableObject::symbolTableGet):
        * runtime/JSVariableObject.h:
        * runtime/Lookup.h:
        (JSC::getStaticPropertyDescriptor):
        (JSC::getStaticFunctionDescriptor):
        (JSC::getStaticValueDescriptor):
          Add property descriptor equivalents of the lookup
          table access functions

        * runtime/MathObject.cpp:
        (JSC::MathObject::getOwnPropertySlot):
        (JSC::MathObject::getOwnPropertyDescriptor):
        * runtime/MathObject.h:
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::getOwnPropertyDescriptor):
        * runtime/NumberConstructor.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        * runtime/PropertyDescriptor.cpp: Added.
        (JSC::PropertyDescriptor::writable):
        (JSC::PropertyDescriptor::enumerable):
        (JSC::PropertyDescriptor::configurable):
        (JSC::PropertyDescriptor::hasAccessors):
        (JSC::PropertyDescriptor::setUndefined):
        (JSC::PropertyDescriptor::getter):
        (JSC::PropertyDescriptor::setter):
        (JSC::PropertyDescriptor::setDescriptor):
        (JSC::PropertyDescriptor::setAccessorDescriptor):
        * runtime/PropertyDescriptor.h: Added.
        (JSC::PropertyDescriptor::PropertyDescriptor):
        (JSC::PropertyDescriptor::attributes):
        (JSC::PropertyDescriptor::isValid):
        (JSC::PropertyDescriptor::value):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::getOwnPropertyDescriptor):
        * runtime/RegExpConstructor.h:
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::getOwnPropertyDescriptor):
        * runtime/RegExpObject.h:
        * runtime/StringObject.cpp:
        (JSC::StringObject::getOwnPropertyDescriptor):
        * runtime/StringObject.h:
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::getOwnPropertyDescriptor):
        * runtime/StringPrototype.h:

2009-08-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        How many copies of the parameters do you need?
        https://bugs.webkit.org/show_bug.cgi?id=28701

        The function parameters in JSC get copied a lot - and unnecessarily so.

        Originally this happened due to duplicating FunctionBodyNodes on recompilation,
        though the problem has been exacerbated by copying the parameters from the
        original function body onto the executable, then back onto the real body that
        will be generated (this happens on every function).  And this is all made worse
        since the data structures in question are a little ugly - C style arrays of C++
        objects containing ref counts, so they need a full copy-construct (rather than
        a simple memcpy).

        This can all be greatly simplified by just punting the parameters off into
        their own ref-counted object, and forgoing all the copying.

        ~no performance change, possible slight progression.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::makeFunction):
        * parser/Nodes.cpp:
        (JSC::FunctionParameters::FunctionParameters):
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::finishParsing):
        * parser/Nodes.h:
        (JSC::FunctionBodyNode::parameters):
        (JSC::FunctionBodyNode::parameterCount):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::~FunctionExecutable):
        (JSC::FunctionExecutable::compile):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::fromGlobalCode):
        (JSC::FunctionExecutable::paramString):
        * runtime/Executable.h:
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::parameterCount):

2009-08-25  Brent Fulgham  <bfulgham@webkit.org>

        Reviewed by NOBODY (Buildfix).

        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Add Debug_CFLite target
          that inherits from the debug_wincairo property sheet and therefore
          links to the proper debug library.
        * JavaScriptCore.vcproj/testapi/testapi.vcproj: Add Debug_CFLite target
          that inherits from the debug_wincairo property sheet and therefore
          links to the proper debug library.

2009-08-25  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Export tryFastMalloc for Canvas3D work
        https://bugs.webkit.org/show_bug.cgi?id=28018

        * JavaScriptCore.exp:

2009-08-25  David Levin  <levin@chromium.org>

        Reviewed by Adam Roben.

        PLATFORM(CFNETWORK) should be USE(CFNETWORK).
        https://bugs.webkit.org/show_bug.cgi?id=28713

        * wtf/Platform.h: Added a #define to catch this issue in the
        future. The define would generate an error on gcc without the
        space in the expansion, but Visual C++ needs the space to cause an error.

2009-08-24  Brent Fulgham  <bfulgham@webkit.org>

        Reviewed by Steve Falkenburg.

        Revise CFLite Debug build to emit DLL's with _debug label.
        https://bugs.webkit.org/show_bug.cgi?id=28695.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Modify
          Cairo debug build to inherit from new debug_cairo property sheet.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCFLite.vsprops:
          Modify to look for debug CFLite when in debug build.

2009-08-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Adler & Darin Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=28691
        Do not retain ScopeNodes outside of parsing
        
        There is now no need for these to exist outside of parsing - their use in the runtime is replaced by Executable types.

        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::makeFunction):
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::ScopeNodeData):
        (JSC::ProgramNode::create):
        (JSC::EvalNode::create):
        (JSC::FunctionBodyNode::create):
        * parser/Nodes.h:
        (JSC::ScopeNode::adoptData):
        (JSC::FunctionBodyNode::parameterCount):
        * parser/Parser.cpp:
        * parser/Parser.h:
        (JSC::Parser::arena):
        (JSC::Parser::Parser):
        (JSC::Parser::parse):
        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):
        (JSC::arrayProtoFuncSort):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::~FunctionExecutable):
        (JSC::EvalExecutable::compile):
        (JSC::ProgramExecutable::checkSyntax):
        (JSC::ProgramExecutable::compile):
        (JSC::FunctionExecutable::compile):
        (JSC::EvalExecutable::generateJITCode):
        (JSC::ProgramExecutable::generateJITCode):
        (JSC::FunctionExecutable::generateJITCode):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::recompile):
        (JSC::FunctionExecutable::fromGlobalCode):
        (JSC::FunctionExecutable::copyParameters):
        (JSC::FunctionExecutable::paramString):
        * runtime/Executable.h:
        (JSC::ScriptExecutable::ScriptExecutable):
        (JSC::ScriptExecutable::sourceID):
        (JSC::ScriptExecutable::sourceURL):
        (JSC::ScriptExecutable::lineNo):
        (JSC::ScriptExecutable::lastLine):
        (JSC::ScriptExecutable::usesEval):
        (JSC::ScriptExecutable::usesArguments):
        (JSC::ScriptExecutable::needsActivation):
        (JSC::ScriptExecutable::recordParse):
        (JSC::EvalExecutable::bytecode):
        (JSC::EvalExecutable::jitCode):
        (JSC::ProgramExecutable::bytecode):
        (JSC::ProgramExecutable::reparseExceptionInfo):
        (JSC::ProgramExecutable::jitCode):
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::make):
        (JSC::FunctionExecutable::bytecode):
        (JSC::FunctionExecutable::isGenerated):
        (JSC::FunctionExecutable::name):
        (JSC::FunctionExecutable::parameterCount):
        (JSC::FunctionExecutable::jitCode):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::numericCompareFunction):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-08-24  Darin Adler  <darin@apple.com>

        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::put): Landed revised version I had tested but forgot
        to land. Leave out the branch, since we don't need one.

2009-08-24  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        Array index miss case creates a string every time
        https://bugs.webkit.org/show_bug.cgi?id=28664

        SunSpider test results I saw:

            0.5% faster overall
            1% faster on crypto-aes
            20% faster on crypto-md5
            13% faster on crypto-sha1

        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype): Initialize m_hasNoPropertiesWithUInt32Names
        to true.
        (JSC::ObjectPrototype::put): Clearly m_hasNoPropertiesWithUInt32Names if the new
        property has a name that is the string form of a UInt32.
        (JSC::ObjectPrototype::getOwnPropertySlot): Don't call JSObject::getOwnPropertySlot
        if m_hasNoPropertiesWithUInt32Names is true, and it is highly likely to be true.

        * runtime/ObjectPrototype.h: Added declarations for the above.

2009-08-24  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed. Fix a typo in my distcheck build fix.

        * GNUmakefile.am:

2009-08-23  Gustavo Noronha Silva  <gns@gnome.org>

        Unreviewed build fix for make distcheck.

        * GNUmakefile.am: Added files required for the build.

2009-08-22  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Mark Rowe.

        REGRESSION(r47639-r47660): Webkit crashes on launch on PowerPC
        https://bugs.webkit.org/show_bug.cgi?id=28655

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction): Initialize properly with a VPtrHackExecutable.
        * wtf/Platform.h:

2009-08-22  Darin Adler  <darin@apple.com>

        Fix storage leak from syntax tree arena allocation patch.

        * parser/Nodes.h: CommaNode needs to inherit from ParserArenaDeletable
        because it has a vector.

2009-08-21  Darin Adler  <darin@apple.com>

        Fix Qt build.

        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::ScopeNodeData): Made non-inline again.
        This is used outside Nodes.cpp so can't be inline unless
        it is in the header.

2009-08-21  Darin Adler  <darin@apple.com>

        Two loose ends from the last commit.

        * JavaScriptCore.xcodeproj/project.pbxproj: Made ParserArena.h
        and create_hash_table project-internal instead of "private".
        * runtime/Executable.h: Removed accidentally-added constructor.

2009-08-21  Darin Adler  <darin@apple.com>

        Reviewed by Gavin Barraclough.

        Syntax tree nodes should use arena allocation
        https://bugs.webkit.org/show_bug.cgi?id=25674

        Use an actual arena now. 0.6% speedup on SunSpider.

        New and improved with 100% less leaking of the universe.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Removed all exports involving the class FunctionBodyNode, which no
        longer needs to be used outside JavaScriptCore.

        * JavaScriptCore.xcodeproj/project.pbxproj: Made Nodes.h and
        Executable.h project-internal instead of "private".

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): Updated since VarStack
        contains const Identifier* now.

        * parser/Grammar.y: Made identifiers from the lexer be const
        Identifier* and updated since VarStack contains const Identifier* now.

        * parser/Lexer.cpp:
        (JSC::Lexer::setCode): Pass in ParserArena, used for identifiers.
        (JSC::Lexer::makeIdentifier): Changed return type to const Identifier*
        and changed to call ParserArena.
        (JSC::Lexer::clear): Removed the code to manage m_identifiers and
        added code to set m_arena to 0.
        * parser/Lexer.h: Updated for changes above.

        * parser/NodeConstructors.h:
        (JSC::ParserArenaFreeable::operator new): Added. Calls allocateFreeable
        on the arena.
        (JSC::ParserArenaDeletable::operator new): Changed to call the
        allocateDeletable function on the arena instead of deleteWithArena.
        (JSC::PropertyNode::PropertyNode): Added new constructor that makes
        numeric identifiers. Some day we might want to optimize this for
        integers so it doesn't create a string for each one.
        (JSC::ContinueNode::ContinueNode): Initialize m_ident to nullIdentifier
        since it's now a const Identifier& so it can't be left uninitialized.
        (JSC::BreakNode::BreakNode): Ditto.
        (JSC::CaseClauseNode::CaseClauseNode): Updated to use SourceElements*
        to keep track of the statements rather than a separate statement vector.
        (JSC::BlockNode::BlockNode): Ditto.
        (JSC::ForInNode::ForInNode): Initialize m_ident to nullIdentifier.

        * parser/Nodes.cpp: Moved the comment explaining emitBytecode in here.
        It seemed strangely out of place in the header.
        (JSC::ThrowableExpressionData::emitThrowError): Added an overload for
        UString as well as Identifier.
        (JSC::SourceElements::singleStatement): Added.
        (JSC::SourceElements::lastStatement): Added.
        (JSC::RegExpNode::emitBytecode): Changed the throwError code to use
        the substitution mechanism instead of doing a string append.
        (JSC::SourceElements::emitBytecode): Added. Replaces the old
        statementListEmitCode function, since we now keep the SourceElements
        objects around.
        (JSC::BlockNode::lastStatement): Added.
        (JSC::BlockNode::emitBytecode): Changed to use emitBytecode instead of
        statementListEmitCode.
        (JSC::CaseClauseNode::emitBytecode): Added.
        (JSC::CaseBlockNode::emitBytecodeForBlock): Changed to use emitBytecode
        instead of statementListEmitCode.
        (JSC::ScopeNodeData::ScopeNodeData): Changed to store the
        SourceElements* instead of using releaseContentsIntoVector.
        (JSC::ScopeNode::emitStatementsBytecode): Added.
        (JSC::ScopeNode::singleStatement): Added.
        (JSC::ProgramNode::emitBytecode): Call emitStatementsBytecode instead
        of statementListEmitCode.
        (JSC::EvalNode::emitBytecode): Ditto.
        (JSC::FunctionBodyNode::emitBytecode): Call emitStatementsBytecode
        insetad of statementListEmitCode and check for the return node using
        the new functions.

        * parser/Nodes.h: Changed VarStack to store const Identifier* instead
        of Identifier and rely on the arena to control lifetime. Added a new
        ParserArenaFreeable class. Made ParserArenaDeletable inherit from
        FastAllocBase instead of having its own operator new. Base the Node
        class on ParserArenaFreeable. Changed the various Node classes
        to use const Identifier& instead of Identifier to avoid the need to
        call their destructors and allow them to function as "freeable" in the
        arena. Removed extraneous JSC_FAST_CALL on definitions of inline functions.
        Changed ElementNode, PropertyNode, ArgumentsNode, ParameterNode,
        CaseClauseNode, ClauseListNode, and CaseBlockNode to use ParserArenaFreeable
        as a base class since they do not descend from Node. Eliminated the
        StatementVector type and instead have various classes use SourceElements*
        instead of StatementVector. This prevents those classes from having to
        use ParserArenaDeletable to make sure the vector destructor is called.

        * parser/Parser.cpp:
        (JSC::Parser::parse): Pass the arena to the lexer.

        * parser/Parser.h: Added an include of ParserArena.h, which is no longer
        included by Nodes.h.
        (JSC::Parser::parseFunctionFromGlobalCode): Changed to use the
        singleStatement function, since there is no longer any children function.
        Removed some unneeded use of RefPtr.

        * parser/ParserArena.cpp:
        (JSC::ParserArena::ParserArena): Added. Initializes the new members,
        m_freeableMemory, m_freeablePoolEnd, and m_identifiers.
        (JSC::ParserArena::freeablePool): Added. Computes the pool pointer,
        since we store only the current pointer and the end of pool pointer.
        (JSC::ParserArena::deallocateObjects): Added. Contains the common
        memory-deallocation logic used by both the destructor and the
        reset function.
        (JSC::ParserArena::~ParserArena): Changed to call deallocateObjects.
        (JSC::ParserArena::reset): Ditto. Also added code to zero out the
        new structures, and switched to use clear() instead of shrink(0) since
        we don't really reuse arenas.
        (JSC::ParserArena::makeNumericIdentifier): Added.
        (JSC::ParserArena::allocateFreeablePool): Added. Used when the pool
        is empty.
        (JSC::ParserArena::isEmpty): Added. No longer inline, which is fine
        since this is used only for assertions at the moment.
        (JSC::ParserArena::derefWithArena): Make non-inline.

        * parser/ParserArena.h: Added an actual arena of "freeable" objects,
        ones that don't need destructors to be called. Also added a separate
        IdentifierArena object, a segmented vector of identifiers that used
        to be in the Lexer.

        * runtime/Executable.h: Moved the definition of the
        FunctionExecutable::make function here. It can't go in JSFunction.h
        since that header has to be used outside JavaScriptCore and so can't
        include this, which includes Nodes.h. The function could be moved
        elswhere if we don't want to include JSFunction.h in this header, but
        for now this seems to be the best place.

        * runtime/JSFunction.h: Removed the include of Executable.h and
        definition of the FunctionExecutable::make function.

        * wtf/FastMalloc.cpp: Fixed an incorrect comment.

2009-08-21  Mark Rowe  <mrowe@apple.com>

        Fix the non-JIT build.

        * runtime/Executable.cpp:
        * runtime/Executable.h:

2009-08-21  Gavin Barraclough  <barraclough@apple.com>

        Speculative QuickTime build fix.

        * runtime/JSArray.cpp:

2009-08-21  Gavin Barraclough  <barraclough@apple.com>

        Speculative QT build fix.

        * runtime/StringPrototype.cpp:

2009-08-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Restructure Executable types so that host functions do not hold a FunctionExecutable.
        https://bugs.webkit.org/show_bug.cgi?id=28621

        All JSFunction objects have a pointer to an Executable*.  This is currently always a
        FunctionExecutable, however this has a couple of drawbacks.  Host functions do not
        store a range of information that the FunctionExecutable provides (source, name,
        CodeBlock & information presently held on the FunctionBodyNode). 

        [ * nearly all... see below! ]

        Instead, make JSFunctions hold a pointer to an ExecutableBase, move fields specific
        to JS sourced executable types (source, node) into a new subclass (ScriptExecutable),
        and create a new NativeExecutable type.  We now provide a new method in JSFunction
        to access & downcast to FunctionExecutable, but in doing so we can make an early
        check (with an ASSERT) to ensure that the Executable read from a function will only
        be treated as a FunctionExecutable (and thus the JS sepcific fields will only be
        accessed) if the JSFunction is not a host function.

        There is one JSFunction that currently does not have an Executable, which is the
        object created to allow us to read out the vtable pointer.  By making this change
        we can also add a new Executable type fror this object (VPtrHackExecutable).
        Since this means that really all JSFunctions have an Executable we no longer have
        to null-check m_executable before us it - particularly in isHostFunction().

        This patch removes CacheableEvalExecutable, since all subclasses of ExecutableBase
        can now be ref-counted - since both JSFunction holds (and ref-counts) an ExecutableBase
        that might be a FunctionExecutable or a NativeExecutable.  This does now mean that all
        ProgramExecutables and EvalExecutables (unnecessarily) provide an interface to be
        ref-counted, however this seems less-bad than host functions unnecessarily providing
        interface to access non-host specific information.

        The class hierarcy has changed from this:
        
        - ExecutableBase
            - ProgramExecutable
            - EvalExecutable
                - CacheableEvalExecutable (also RefCounted by multiple-inheritance)
            - FunctionExecutable (also RefCounted by multiple-inheritance, 'special' FunctionExecutable also used for host functions)

        To this:
        
        - RefCounted
            - ExecutableBase
                - NativeExecutable
                - VPtrHackExecutable
                - ScriptExecutable
                    - ProgramExecutable
                    - EvalExecutable
                    - FunctionExecutable

        This patch speeds up sunspidey by a couple of ms (presumably due to the changes to isHostFunction()).

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::ownerExecutable):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * profiler/Profiler.cpp:
        (JSC::createCallIdentifierFromFunctionImp):
        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        (JSC::Arguments::Arguments):
        * runtime/Executable.cpp:
        (JSC::NativeExecutable::~NativeExecutable):
        (JSC::VPtrHackExecutable::~VPtrHackExecutable):
        * runtime/Executable.h:
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::ExecutableBase::~ExecutableBase):
        (JSC::ExecutableBase::isHostFunction):
        (JSC::NativeExecutable::NativeExecutable):
        (JSC::VPtrHackExecutable::VPtrHackExecutable):
        (JSC::ScriptExecutable::ScriptExecutable):
        (JSC::ScriptExecutable::source):
        (JSC::ScriptExecutable::sourceID):
        (JSC::ScriptExecutable::sourceURL):
        (JSC::ScriptExecutable::lineNo):
        (JSC::ScriptExecutable::lastLine):
        (JSC::ScriptExecutable::usesEval):
        (JSC::ScriptExecutable::usesArguments):
        (JSC::ScriptExecutable::needsActivation):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::EvalExecutable::create):
        (JSC::ProgramExecutable::ProgramExecutable):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::markChildren):
        (JSC::JSFunction::getCallData):
        (JSC::JSFunction::call):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getConstructData):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::executable):
        (JSC::JSFunction::jsExecutable):
        (JSC::JSFunction::isHostFunction):

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Browser hangs on opening Web Inspector.
        https://bugs.webkit.org/show_bug.cgi?id=28438

        Code generation needs to be able to walk the entire scopechain in some
        cases, however the symbol table used by activations was a member of the
        codeblock.  Following recompilation this may no longer exist, leading
        to a crash or hang on lookup.

        We fix this by introducing a refcounted SymbolTable subclass, SharedSymbolTable,
        for the CodeBlocks used by function code.  This allows activations to
        maintain ownership of a copy of the symbol table even after recompilation so
        they can continue to work.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::symbolTable):
        (JSC::CodeBlock::sharedSymbolTable):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        (JSC::FunctionCodeBlock::~FunctionCodeBlock):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::retrieveArguments):
        * runtime/Executable.cpp:
        (JSC::EvalExecutable::generateBytecode):
        (JSC::FunctionExecutable::generateBytecode):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        (JSC::JSActivation::JSActivationData::~JSActivationData):
        * runtime/SymbolTable.h:

2009-08-20  Xan Lopez  <xlopez@igalia.com>

        Add new file to GTK+ build.

        * GNUmakefile.am:

2009-08-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.

        Added a number => string cache.
        
        1.07x faster on v8 (1.7x faster on v8-splay).
        1.004x faster on SunSpider.

        * runtime/JSCell.h: Moved JSValue::toString to JSString.h.
        * runtime/JSGlobalData.h: Holds the cache.
        * runtime/JSNumberCell.cpp:
        (JSC::JSNumberCell::toString):
        (JSC::JSNumberCell::toThisString): Removed -0 special case.
        UString handles this now, since too many clients were
        special-casing it.

        * runtime/JSString.h:
        (JSC::JSValue::toString): Use the cache when converting
        an int or double to string.

        * runtime/Operations.h:
        (JSC::concatenateStrings): Call toString to take advantage
        of the cache.

        * runtime/SmallStrings.h:
        (JSC::NumericStrings::add):
        (JSC::NumericStrings::lookup): The cache.

        * runtime/UString.cpp:
        (JSC::UString::from): Added -0 special case mentioned above.
        Removed appendNumeric because it's mutually exclusive with the
        cache.

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION: fast/profiler/call.html is crashing occasionally
        https://bugs.webkit.org/show_bug.cgi?id=28476

        Using the codeblock for information about how many parameters and
        locals a function has is unsafe in certain circumstances.  The
        basic scenario is all function code being cleared in response to
        the debugger or profiler being enabled, and then an activation is
        marked before its associated function is re-executed.

        To deal with this scenario we store the variable count of a function
        directly in the FunctionExecutable, and then use that information.

        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::generateBytecode):
        * runtime/Executable.h:
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::variableCount):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::markChildren):

2009-08-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Numbering of arguments to emitGetJITStubArg/emitPutJITStubArg incorrect
        <bug lost in the great bug disasteroony of 08/20/09!>

        The argumentNumber argument to emitGetJITStubArg/emitPutJITStubArg should match
        the argument number used within the stub functions in JITStubs.cpp, but it doesn't.

        Firstly, all the numbers changed when we added a void* 'reserved' as the first slot
        (rather than leaving argument 0 unused), and secondly in 32_64 builds the index to
        peek/poke needs to be multiplies by 2 (since the argument to peek/poke is a number
        of machine words, and on 32_64 build the argument slots to stub functions are two
        words wide).

        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArg):
        (JSC::JIT::emitPutJITStubArgConstant):
        (JSC::JIT::emitGetJITStubArg):
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        REGRESSION: significant slowdown on Celtic Kane "AJAX declaration" subtest
        https://bugs.webkit.org/show_bug.cgi?id=28332

        Follow up style fixes that were missed in review.

        * runtime/Structure.cpp:
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::Structure::get):
        (JSC::StructureTransitionTable::contains):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::add):

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Add new exports to windows jsc build

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION: significant slowdown on Celtic Kane "AJAX declaration" subtest
        https://bugs.webkit.org/show_bug.cgi?id=28332

        The method check optimisation made transitions aware of the value being
        assigned when a transition was assigning a function.  This had the side
        effect of making every assignment of a function expression result in a
        new transition, and thus a new Structure.  The net result of this is that
        the common JS idiom of

            function MyObject() {
                this.myFunction = function(...){...};
            }
            new MyObject();

        Will produce a unique structure on every iteration, meaning that all
        caching is defeated and there is a significant amount of structure churn.

        The fix is to return the transition to its original form where it is
        keyed off a property name + attributes tuple, but have each transition
        support an optional transition on a specific value.

        * JavaScriptCore.exp:
        * runtime/JSObject.h:
        (JSC::JSObject::putDirectInternal):
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::Structure::transitionedFor):
        (JSC::Structure::hasTransition):
        (JSC::Structure::):
        (JSC::StructureTransitionTable::contains):
        (JSC::StructureTransitionTable::get):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTableHashTraits::emptyValue):
        (JSC::StructureTransitionTable::hasTransition):
        (JSC::StructureTransitionTable::remove):
        (JSC::StructureTransitionTable::add):

2009-08-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Remove FunctionCodeBlock.
        https://bugs.webkit.org/show_bug.cgi?id=28502

        These only exist to allow JIT code to dereference properties off the
        CodeBlock for any callee, regardless of whether it is a host function.

        Instead just use the FunctionExecutable.  Copy the m_parameters field
        from the CodeBlock into the Executable, and use this to distinguish
        between host functions, functions that have been bytecompiled, and
        functions that have not.

        m_parameters is moved to ExecutableBase rather than FunctionExecutable
        so that (as a separate change) we can move make a separate class of
        executable for host code, which is not devived from FunctionExecutable
        (host code does not feature any of the properties that normal executable
        do and will provide, such as source, attributes, and a parsed name).

        1% win on v8 tests, 0.5% on sunspider.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::handlerForBytecodeOffset):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        (JSC::CodeBlock::functionRegisterForBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CodeBlock::source):
        (JSC::CodeBlock::sourceOffset):
        (JSC::CodeBlock::evalCodeCache):
        (JSC::CodeBlock::createRareDataIfNecessary):
        
            remove NativeCodeBlocks and the NativeCode code type.
        
        * jit/JIT.cpp:
        (JSC::JIT::linkCall):

            Revert to previous behaviour (as currently still commented!) that Hhost functions have a null codeblock.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):

            Bring the 32_64 & non-32_64 JITs into line with each other, callee in regT0.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):

            Rewrite call trampolines to not use the CodeBlock.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):

            Make call_JSFunction & call_arityCheck return the callee, don't expect to be passed the CodeBlock.

        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::generateBytecode):
        (JSC::FunctionExecutable::recompile):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/Executable.h:
        (JSC::ExecutableBase::):
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::FunctionExecutable::isHostFunction):

            Add m_numParameters.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):

            Only call generatedBytecode() on JSFunctions non-host FunctionExecutables.

2009-08-20  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28054
       
        Use a helper function to work around winscw compiler forward declaration bug
        regarding templated classes.

        Add parenthesis around (PassRefPtr::*UnspecifiedBoolType) to make winscw compiler
        work with the default UnSpecifiedBoolType() operator, which removes the winscw
        specific bool cast hack.

        * wtf/PassRefPtr.h:
        (WTF::derefIfNotNull):
        (WTF::PassRefPtr::~PassRefPtr):

2009-08-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Gavin Barraclough.

        Change namespace ARM to ARMRegisters
        X86 to X86Registers to avoid conflict with macros
        https://bugs.webkit.org/show_bug.cgi?id=28428

        * assembler/ARMAssembler.cpp:
        * assembler/ARMAssembler.h:
        * assembler/ARMv7Assembler.h:
        * assembler/MacroAssemblerARM.h:
        * assembler/MacroAssemblerARMv7.h:
        * assembler/MacroAssemblerX86Common.h:
        * assembler/MacroAssemblerX86_64.h:
        * assembler/X86Assembler.h:
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * jit/JITInlineMethods.h:
        * jit/JITOpcodes.cpp:
        * wrec/WRECGenerator.cpp:
        * wrec/WRECGenerator.h:
        * yarr/RegexJIT.cpp:

2009-08-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Devirtualise marking
        https://bugs.webkit.org/show_bug.cgi?id=28294

        We actually need to mark the value in a number object if we're using the
        32bit number representation.

        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):

2009-08-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

         We probably shouldn't be keeping the AST for eval nodes around forevar.
        https://bugs.webkit.org/show_bug.cgi?id=28469

        EvalNodes don't destroyData() (delete their parser data) since they need to hold onto
        their varStack.  Copy a list of variable onto EvalCodeBlock, and this can go away.

        * bytecode/CodeBlock.h:
        (JSC::EvalCodeBlock::variable):
        (JSC::EvalCodeBlock::numVariables):
        (JSC::EvalCodeBlock::adoptVariables):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        * parser/Nodes.h:
        * runtime/Executable.cpp:
        (JSC::EvalExecutable::generateBytecode):
        * runtime/Executable.h:

2009-08-19  Jungshik Shin  <jshin@chromium.org>

        Reviewed by Darin Adler.

        http://bugs.webkit.org/show_bug.cgi?id=28441

        Fix a build issue with ICU 4.2 or later on Windows with Visual C++. 
        Instead of defining all isXXX and toupper/tolower as 
          WTF_Please_use_ASCIICType_instead_of_ctype_see_comment_in_ASCIICType_h,
        #define them to be different by prepending 'WTF_...ASCIIType_h' with
        the originial names like 'toupper_WTF_...ASCIIType_h'. 

        * wtf/DisallowCType.h:

2009-08-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Assigning a function to an object should always use the existing transition, even if the transition is not specialized
        https://bugs.webkit.org/show_bug.cgi?id=28442

        Check for an unspecialized transition as an alternative to always failing if specialisation does not match.

        * runtime/Structure.cpp:
        (JSC::Structure::addPropertyTransitionToExistingStructure):

2009-08-18  Dirk Schulze  <krit@webkit.org>

        Reviewed by Oliver Hunt.

        Added additional getter to ByteArray with an unsigned char as return.
        ByteArray can take unsigned char directly now.

        * wtf/ByteArray.h:
        (WTF::ByteArray::set):
        (WTF::ByteArray::get):

2009-08-18  Peter Kasting  <pkasting@google.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28415
        Set svn:eol-style CRLF on all .sln and .vcproj files that don't already
        have it.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        
2009-08-18  Xan Lopez  <xlopez@igalia.com>

        Try to fix the GTK+ build.

        * GNUmakefile.am:

2009-08-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        No, silly runtime, AST nodes are not for you.

        We still use AST nodes (ScopeNodes, particularly FunctionBodyNodes) within
        the runtime, which means that these nodes must be persisted outside of the
        arena, contain both parser & runtime data, etc.  This is all a bit of a mess.

        Move functionality into a new FunctionExecutable class.

        * API/JSCallbackFunction.cpp:
        * API/JSObjectRef.cpp:
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::markAggregate):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::discardBytecode):
        (JSC::CodeBlock::instructionCount):
        (JSC::CodeBlock::getJITCode):
        (JSC::CodeBlock::executablePool):
        (JSC::CodeBlock::ownerExecutable):
        (JSC::CodeBlock::extractExceptionInfo):
        (JSC::CodeBlock::addFunctionDecl):
        (JSC::CodeBlock::functionDecl):
        (JSC::CodeBlock::numberOfFunctionDecls):
        (JSC::CodeBlock::addFunctionExpr):
        (JSC::CodeBlock::functionExpr):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::EvalCodeBlock::EvalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        (JSC::NativeCodeBlock::NativeCodeBlock):
        * bytecode/EvalCodeCache.h:
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::doRun):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/CallFrameClosure.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        (JSC::Interpreter::debug):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveLastCaller):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::JIT::compile):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::emit_op_new_func):
        (JSC::JIT::emit_op_new_func_exp):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::reparseDataIfNecessary):
        * parser/Nodes.h:
        (JSC::EvalNode::partialDestroyData):
        * parser/Parser.h:
        * profiler/ProfileGenerator.cpp:
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        (JSC::createCallIdentifierFromFunctionImp):
        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        (JSC::Arguments::Arguments):
        (JSC::JSActivation::copyRegisters):
        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):
        * runtime/CallData.h:
        (JSC::):
        * runtime/Collector.cpp:
        (JSC::Heap::collect):
        * runtime/ConstructData.h:
        (JSC::):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createUndefinedVariableError):
        (JSC::createInvalidParamError):
        (JSC::createNotAConstructorError):
        (JSC::createNotAFunctionError):
        (JSC::createNotAnObjectError):
        * runtime/Executable.cpp: Added.
        (JSC::EvalExecutable::generateBytecode):
        (JSC::ProgramExecutable::generateBytecode):
        (JSC::FunctionExecutable::generateBytecode):
        (JSC::EvalExecutable::generateJITCode):
        (JSC::ProgramExecutable::generateJITCode):
        (JSC::FunctionExecutable::generateJITCode):
        (JSC::FunctionExecutable::isHostFunction):
        (JSC::FunctionExecutable::markAggregate):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::recompile):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/Executable.h:
        (JSC::ExecutableBase::~ExecutableBase):
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::ExecutableBase::source):
        (JSC::ExecutableBase::sourceID):
        (JSC::ExecutableBase::lastLine):
        (JSC::ExecutableBase::usesEval):
        (JSC::ExecutableBase::usesArguments):
        (JSC::ExecutableBase::needsActivation):
        (JSC::ExecutableBase::astNode):
        (JSC::ExecutableBase::generatedJITCode):
        (JSC::ExecutableBase::getExecutablePool):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::EvalExecutable::bytecode):
        (JSC::EvalExecutable::varStack):
        (JSC::EvalExecutable::evalNode):
        (JSC::EvalExecutable::jitCode):
        (JSC::ProgramExecutable::ProgramExecutable):
        (JSC::ProgramExecutable::reparseExceptionInfo):
        (JSC::ProgramExecutable::bytecode):
        (JSC::ProgramExecutable::programNode):
        (JSC::ProgramExecutable::jitCode):
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::name):
        (JSC::FunctionExecutable::bytecode):
        (JSC::FunctionExecutable::generatedBytecode):
        (JSC::FunctionExecutable::usesEval):
        (JSC::FunctionExecutable::usesArguments):
        (JSC::FunctionExecutable::parameterCount):
        (JSC::FunctionExecutable::paramString):
        (JSC::FunctionExecutable::isGenerated):
        (JSC::FunctionExecutable::body):
        (JSC::FunctionExecutable::jitCode):
        (JSC::FunctionExecutable::createNativeThunk):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        (JSC::JSActivation::markChildren):
        (JSC::JSActivation::isDynamicScope):
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::isHostFunction):
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::markChildren):
        (JSC::JSFunction::getCallData):
        (JSC::JSFunction::call):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getConstructData):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::executable):
        (JSC::FunctionExecutable::make):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::numericCompareFunction):
        * runtime/JSGlobalData.h:

2009-08-17  Mark Rowe  <mrowe@apple.com>

        Reviewed by Darin Adler.

        Fix 300,000+ leaks seen during the regression tests.

        EvalCodeCache::get was heap-allocating an EvalExecutable instance without adopting the initial reference.
        While fixing this we noticed that EvalExecutable was a RefCounted type that was sometimes stack allocated.
        To make this cleaner and to prevent clients from attempting to ref a stack-allocated instance, we move the
        refcounting down to a new CacheableEvalExecutable class that derives from EvalExecutable. EvalCodeCache::get
        now uses CacheableEvalExecutable::create and avoids the leak.

        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        * runtime/Executable.h:
        (JSC::CacheableEvalExecutable::create):
        (JSC::CacheableEvalExecutable::CacheableEvalExecutable):

2009-08-17  Oliver Hunt  <oliver@apple.com>

        RS=Mark Rowe.

        REGRESSION (r47292): Prototype.js is broken by ES5 Arguments changes
        https://bugs.webkit.org/show_bug.cgi?id=28341
        <rdar://problem/7145615>

        Reverting r47292.  Alas Prototype.js breaks with Arguments inheriting
        from Array as ES5 attempted.  Prototype.js defines $A in terms of a 
        function it places on (among other global objects) the Array prototype,
        thus breaking $A for arrays.

        * runtime/Arguments.h:
        (JSC::Arguments::Arguments):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * tests/mozilla/ecma_3/Function/arguments-001.js:

2009-08-17  Peter Kasting  <pkasting@google.com>

        Reviewed by Steve Falkenburg.

        https://bugs.webkit.org/show_bug.cgi?id=27323
        Only add Cygwin to the path when it isn't already there.  This avoids
        causing problems for people who purposefully have non-Cygwin versions of
        executables like svn in front of the Cygwin ones in their paths.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-08-17  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Mark Rowe.

        Fix build with FAST_MALLOC_MATCH_VALIDATION enabled.

        * wtf/FastMalloc.cpp:
        (WTF::fastMalloc):
        (WTF::fastCalloc):
        (WTF::fastRealloc):

2009-08-16  Holger Hans Peter Freyther  <zecke@selfish.org>

        Reviewed by Mark Rowe.

        Fix crash on ./ecma_2/RegExp/exec-002.js.
        https://bugs.webkit.org/show_bug.cgi?id=28353

        Change the order of freeParenthesesDisjunctionContext and
        popParenthesesDisjunctionContext on all call sites as the pop
        method is accessing backTrack->lastContext which is the context
        that is about to be freed.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::parenthesesDoBacktrack):
        (JSC::Yarr::Interpreter::backtrackParentheses):

2009-08-16  Holger Hans Peter Freyther  <zecke@selfish.org>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=28352

        Fix coding style violations. Use m_ for C++ class members. Remove
        trailing whitespace on empty lines.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::ParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::tryConsumeCharacter):
        (JSC::Yarr::Interpreter::tryConsumeBackReference):
        (JSC::Yarr::Interpreter::parenthesesDoBacktrack):
        (JSC::Yarr::Interpreter::backtrackParentheses):
        (JSC::Yarr::ByteCompiler::ByteCompiler):
        (JSC::Yarr::ByteCompiler::compile):
        (JSC::Yarr::ByteCompiler::checkInput):
        (JSC::Yarr::ByteCompiler::assertionBOL):
        (JSC::Yarr::ByteCompiler::assertionEOL):
        (JSC::Yarr::ByteCompiler::assertionWordBoundary):
        (JSC::Yarr::ByteCompiler::atomPatternCharacter):
        (JSC::Yarr::ByteCompiler::atomCharacterClass):
        (JSC::Yarr::ByteCompiler::atomBackReference):
        (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
        (JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
        (JSC::Yarr::ByteCompiler::popParenthesesStack):
        (JSC::Yarr::ByteCompiler::closeAlternative):
        (JSC::Yarr::ByteCompiler::closeBodyAlternative):
        (JSC::Yarr::ByteCompiler::atomParenthesesEnd):
        (JSC::Yarr::ByteCompiler::regexBegin):
        (JSC::Yarr::ByteCompiler::alterantiveBodyDisjunction):
        (JSC::Yarr::ByteCompiler::alterantiveDisjunction):
        (JSC::Yarr::ByteCompiler::emitDisjunction):

2009-08-15  Mark Rowe  <mrowe@apple.com>

        Fix the build with JIT disabled.

        * runtime/Arguments.h: Only compile the jitCode method when the JIT is enabled.
        * runtime/Executable.h: Include PrototypeFunction.h so the compiler knows what
        NativeFunctionWrapper is when the JIT is disabled.

2009-08-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        Reviewed by Sam Weinig.

        Added ENABLE_EVENTSOURCE flag.
        https://bugs.webkit.org/show_bug.cgi?id=14997

        * Configurations/FeatureDefines.xcconfig:

2009-08-14  Gavin Barraclough  <barraclough@apple.com>

        * parser/Parser.h:
        (JSC::EvalExecutable::parse):
        (JSC::ProgramExecutable::parse):
        * runtime/Executable.h:

2009-08-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Remove AST nodes from use within the Runtime (outside of parsing), stage 1
        https://bugs.webkit.org/show_bug.cgi?id=28330

        Remove the EvalNode and ProgramNode from use in the runtime.  They still exist
        after this patch, but are hidden behind EvalExecutable and FunctionExecutable,
        and are also still reachable behind CodeBlock::m_ownerNode.

        The next step will be to beat back FunctionBodyNode in the same fashion.
        Then remove the usage via CodeBlock, then only construct these nodes only on
        demand during bytecode generation.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.h:
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::GlobalCodeBlock::~GlobalCodeBlock):
        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::EvalCodeBlock::EvalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        (JSC::NativeCodeBlock::NativeCodeBlock):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::execute):
        * interpreter/Interpreter.h:
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::generateBytecode):
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):
        * parser/Parser.h:
        (JSC::Parser::parse):
        (JSC::Parser::reparse):
        (JSC::Parser::parseFunctionFromGlobalCode):
        (JSC::::parse):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Error.cpp:
        (JSC::throwError):
        * runtime/Error.h:
        * runtime/Executable.h: Added.
        (JSC::TemplateExecutable::TemplateExecutable):
        (JSC::TemplateExecutable::markAggregate):
        (JSC::TemplateExecutable::sourceURL):
        (JSC::TemplateExecutable::lineNo):
        (JSC::TemplateExecutable::bytecode):
        (JSC::TemplateExecutable::jitCode):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::ProgramExecutable::ProgramExecutable):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/FunctionConstructor.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::numericCompareFunction):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::~JSGlobalObject):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::codeBlocks):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-08-14  Darin Adler  <darin@apple.com>

        Reviewed by Sam Weinig.

        Rename the confusing isObject(<class>) to inherits(<class>).
        It still works on non-objects, returning false.

        * runtime/ArrayConstructor.cpp:
        (JSC::arrayConstructorIsArray): Removed unneeded isObject call
        and updated remaining isObject call to new name, inherits.

        * runtime/JSCell.h: Renamed isObject(<class>) to inherits(<class>)
        but more importantly, made it non-virtual (it was already inline)
        so it is now as fast as JSObject::inherits was.

        * runtime/JSObject.h: Removed inherits function since the one
        in the base class is fine as-is. Also made various JSCell functions
        that should not be called on JSObject uncallable by making them
        both private and not implemented.
        (JSC::JSCell::inherits): Updated name.
        (JSC::JSValue::inherits): Ditto.

        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncConcat):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString):
        (JSC::booleanProtoFuncValueOf):
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToISOString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetMilliSeconds):
        (JSC::dateProtoFuncGetUTCMilliseconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSValue.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest):
        (JSC::regExpProtoFuncExec):
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChain::localDepth):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToString):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSplit):
        Updated to new name, inherits, from old name, isObject.

2009-07-31  Harald Fernengel  <harald.fernengel@nokia.com>

        Reviewed by Simon Hausmann.

        Adding QNX as a platform. Currently only tested with Qt.

        https://bugs.webkit.org/show_bug.cgi?id=27885

        * JavaScriptCore/runtime/Collector.cpp: Added retrieving of stack base
          since QNX doesn't have the pthread _nt functions
        * JavaScriptCore/wtf/Platform.h: Added WTF_PLATFORM_QNX and corresponding
          defines
        * WebCore/bridge/npapi.h: Build fix for missing typedefs on QNX

2009-08-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Currently generic ARM and ARMv7 platforms work only with JSVALUE32
        https://bugs.webkit.org/show_bug.cgi?id=28300

        * wtf/Platform.h:

2009-08-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Enable JIT on ARM for QT by default
        https://bugs.webkit.org/show_bug.cgi?id=28259

        * wtf/Platform.h:

2009-08-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Enable YARR_JIT on ARM for QT by default
        https://bugs.webkit.org/show_bug.cgi?id=28259

        * wtf/Platform.h:

2009-08-14  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        [ES5] Arguments object should inherit from Array
        https://bugs.webkit.org/show_bug.cgi?id=28298

        Make the Arguments object conform to the behaviour specified in ES5.
        The simple portion of this is to make Arguments use Array.prototype
        as its prototype rather than Object.prototype.

        The spec then requires us to set instance.constructor to the pristine
        Object constructor, and instance.toString and instance.toLocaleString
        to the pristine versions from Object.prototype.  To do this we now 
        make the ObjectPrototype constructor return its toString and
        toLocaleString functions (similar to the call and apply functions
        from FunctionPrototype).

        Oddly enough this reports itself as a slight win, but given the code
        isn't hit in the tests that claim to have improved I put this down to
        code motion.

        * runtime/Arguments.h:
        (JSC::Arguments::Arguments):
        (JSC::Arguments::initializeStandardProperties):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::objectConstructor):
        (JSC::JSGlobalObject::objectToStringFunction):
        (JSC::JSGlobalObject::objectToLocaleStringFunction):
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * tests/mozilla/ecma_3/Function/arguments-001.js:
          Update test to new es5 behaviour

2009-08-14  Oliver Hunt  <oliver@apple.com>

        Remove MarkStack::drain from the JSC exports file

        MarkStack::drain is now marked inline, the including it in the exports file
        produces an ld warning

        * JavaScriptCore.exp:

2009-08-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Remove accidentally left in debugging statement.

        * runtime/JSArray.h:
        (JSC::MarkStack::drain):

2009-08-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        [ES5] Implement Array.isArray
        https://bugs.webkit.org/show_bug.cgi?id=28296

        Add support for Array.isArray to the Array constructor

        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        (JSC::arrayConstructorIsArray):
        * runtime/ArrayConstructor.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.h:
        (JSC::MarkStack::drain):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):

2009-08-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Buildfix).

        Attempt to fix windows build

        * runtime/Collector.cpp:

2009-08-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Devirtualise marking
        https://bugs.webkit.org/show_bug.cgi?id=28294

        Add a bit to TypeInfo to indicate that an object uses the standard
        JSObject::markChildren method.  This allows us to devirtualise marking
        of most objects (though a branch is still needed).  We also add a branch
        to identify arrays thus devirtualising marking in that case as well.

        In order to make the best use of this devirtualisation I've also reworked
        the MarkStack::drain() logic to make the iteration more efficient.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * JavaScriptCore.exp:
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        * runtime/JSArray.cpp:
        (JSC::JSArray::markChildren):
        * runtime/JSArray.h:
        (JSC::JSArray::markChildrenDirect):
        (JSC::MarkStack::drain):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSCell.h:
        (JSC::MarkStack::append):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.cpp:
        (JSC::JSObject::markChildren):
        * runtime/JSObject.h:
        (JSC::JSObject::markChildrenDirect):
        (JSC::JSObject::createStructure):
        * runtime/JSString.h:
        (JSC::JSString::createStructure):
        * runtime/JSType.h:
        (JSC::):
        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStack):
        (JSC::MarkStack::MarkSet::MarkSet):
        (JSC::MarkStack::MarkStackArray::last):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/TypeInfo.h:
        (JSC::TypeInfo::hasDefaultMark):

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by Mark Rowe.

        Some small bits of housekeeping.

        * JavaScriptCore.xcodeproj/project.pbxproj: Make Parser.h
        project instead of private. Remove JSONObject.lut.h.

        * assembler/ARMAssembler.h: Remove unneeded WTF prefix.
        * assembler/AssemblerBufferWithConstantPool.h: Ditto.
        * bytecompiler/BytecodeGenerator.h: Ditto.

        * wtf/SegmentedVector.h: Add a "using" statement as we do
        with the other WTF headers.

2009-08-13  Darin Adler  <darin@apple.com>

        Fix Tiger build.

        * parser/Grammar.y: Use a template function so we can compile
        setStatementLocation even if it comes before YYLTYPE is defined.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Too much use of void* in Grammar.y
        https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Changed all the helper functions to
        take a JSGlobalData* instead of a void*. A couple formatting
        tweaks that I missed when breaking this into pieces.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Reduced and sorted includes. Tweaked comment
        format. Marked a few more functions inline.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Pass the number to the PropertyNode instead of
        first turning it into an Identifier.

        * parser/NodeConstructors.h:
        (JSC::PropertyNode::PropertyNode): Add an overload that takes a double
        so the code to convert to a string can be here instead of Grammar.y.
        * parser/Nodes.h: Ditto.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Eliminate the DBG macro.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Eliminate the SET_EXCEPTION_LOCATION macro.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        George asked me to break the patch from
        https://bugs.webkit.org/show_bug.cgi?id=28287
        into smaller pieces and land it in stages.

        * parser/Grammar.y: Eliminate the LEXER macro.

2009-08-13  Mark Rowe  <mrowe@apple.com>

        Try some more to fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export a new symbol.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Ditto.

2009-08-13  Mark Rowe  <mrowe@apple.com>

        Try and fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export a new symbol.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Ditto.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by David Levin.

        JavaScriptCore tweaks to get ready for the parser arena
        https://bugs.webkit.org/show_bug.cgi?id=28243

        Eliminate dependencies on Nodes.h outside JavaScriptCore,
        and cut down on them inside JavaScriptCore.

        Change regular expression parsing to use identifiers as
        with other strings we parse.

        Fix a couple things that are needed to use const Identifier
        more, which will be part of the parser arena work.

        * JavaScriptCore.exp: Resorted and updated.

        * JavaScriptCore.xcodeproj/project.pbxproj: Changed
        CollectorHeapIterator.h to be project-internal.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitPushNewScope): Added const.
        * bytecompiler/BytecodeGenerator.h: Ditto.

        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions): Moved this function
        here from WebCore. Here is better since it uses so many internals.
        Removed unimportant optimization for the no listener case.
        * debugger/Debugger.h: Ditto. Also removed unneeded include
        and tweaked formatting and comments.

        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName): Call asFunction instead
        of doing the unchecked static_cast.
        (JSC::DebuggerCallFrame::calculatedFunctionName): Ditto.

        * jit/JITStubs.cpp:
        (JSC::op_call_JSFunction): Call isHostFunction on the body rather
        than on the JSFunction.
        (JSC::vm_lazyLinkCall): Ditto.
        (JSC::op_construct_JSConstruct): Ditto.

        * parser/Grammar.y: Changed callers to use new scanRegExp with
        out arguments instead of relying on state in the Lexer. And
        callers that just want to skip a regular expression to use
        skipRegExp.

        * parser/Lexer.cpp:
        (JSC::Lexer::scanRegExp): Changed to use out arguments, and to
        add a prefix argument so we can add in the "=" character as needed.
        Also rewrote to streamline the logic a bit inspired by suggestions
        by David Levin.
        (JSC::Lexer::skipRegExp): Added. Version of the function above that
        does not actually put the regular expression into a string.
        (JSC::Lexer::clear): Removed code to clear m_pattern and m_flags.
        * parser/Lexer.h: Changed scanRegExp to have out arguments. Added
        skipRegExp. Eliminated pattern, flags, m_pattern, and m_flags.

        * parser/NodeConstructors.h:
        (JSC::RegExpNode::RegExpNode): Changed to take const Identifier&.
        * parser/Nodes.cpp:
        (JSC::RegExpNode::emitBytecode): Changed since m_pattern and
        m_flags are now Identifier instead of UString.
        (JSC::FunctionBodyNode::make): Moved this function here instead
        of putting it in the JSFunction.h header.
        * parser/Nodes.h: Changed RegExpNode to use Identifier.

        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier): Changed to use isHostFunction
        on the body instead of on the JSFunction object.
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString): Ditto.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::isHostFunction): Moved here from header.
        (JSC::JSFunction::isHostFunctionNonInline): Added.
        (JSC::JSFunction::JSFunction): Removed unneeded initialization of
        m_body to 0.
        (JSC::JSFunction::setBody): Moved here from header.

        * runtime/JSFunction.h: Removed unneeded includes. Moved private
        constructor down to the private section. Made virtual functions
        private. Removed unneeded overload of setBody and moved the body
        of the function into the .cpp file. Changed assertions to use
        the non-inline version of isHostFunction.

        * runtime/PropertySlot.cpp:
        (JSC::PropertySlot::functionGetter): Use asFunction instead
        of doing the unchecked static_cast.

        * wtf/SegmentedVector.h:
        (WTF::SegmentedVector::isEmpty): Added.

2009-08-13  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Darin Adler.

        Use the version of operator new that takes a JSGlobalData when allocating FuncDeclNode and FuncExprNode
        from within the grammar to prevent these nodes from being leaked.

        * parser/Grammar.y:

2009-08-13  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Ariya Hidayat.

        Remove the special-case for Qt wrt JSVALUE_32 introduced in
        r46709. It must've been a dependency issue on the bot, as
        after a manual build all the tests pass on amd64 and ia32.

        * wtf/Platform.h:

2009-08-12  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add optimize call and property access support for ARM JIT.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        For tightly coupled sequences the BEGIN_UNINTERRUPTED_SEQUENCE and
        END_UNINTERRUPTED_SEQUENCE macros have been introduced which ensure
        space for instructions and constants of the named sequence. This
        method is vital for those architecture which are using constant pool.

        The 'latePatch' method - which was linked to JmpSrc - is replaced with
        a port specific solution (each calls are marked to place their address
        on the constant pool).

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::linkBranch):
        (JSC::ARMAssembler::executableCopy): Add extra align for constant pool.
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::JmpSrc::JmpSrc):
        (JSC::ARMAssembler::sizeOfConstantPool):
        (JSC::ARMAssembler::jmp):
        (JSC::ARMAssembler::linkCall):
        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        * assembler/AssemblerBufferWithConstantPool.h:
        (JSC::AssemblerBufferWithConstantPool::flushIfNoSpaceFor): Fix the
        computation of the remaining space.
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::branch32):
        (JSC::MacroAssemblerARM::nearCall):
        (JSC::MacroAssemblerARM::call):
        (JSC::MacroAssemblerARM::branchPtrWithPatch):
        (JSC::MacroAssemblerARM::ensureSpace):
        (JSC::MacroAssemblerARM::sizeOfConstantPool):
        (JSC::MacroAssemblerARM::prepareCall):
        * assembler/X86Assembler.h:
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::beginUninterruptedSequence):
        (JSC::JIT::endUninterruptedSequence):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::emit_op_put_by_id):

2009-08-12  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Dave Kilzer.

        Disable WTF_USE_JSVALUE32_64 on iPhone for now (support not yet added for ARMv7).

        * wtf/Platform.h:

2009-08-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Maciej Stachoviak.

        Ooops - moved code that had been accidentally added to op_new_func instead of
        op_new_func_exp, to where it shoulds be.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * wtf/Platform.h:

2009-08-12  Ada Chan  <adachan@apple.com>

        Added workaround for the limitation that VirtualFree with MEM_RELEASE
        can only accept the base address returned by VirtualAlloc when the region
        was reserved and it can only free the entire region, and not a part of it.

        Reviewed by Oliver Hunt.

        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackWin.cpp:
        (JSC::MarkStack::releaseStack):

2009-08-12  Balazs Kelemen  <kelemen.balazs.3@stud.u-szeged.hu>

        Reviewed by Ariya Hidayat.

        Build fix: use std::numeric_limits<long long>::min() instead of LLONG_MIN
        since LLONG_MIN is not defined in standard c++.

        * runtime/UString.cpp:
        (JSC::UString::from):

2009-08-12  Benjamin Otte  <otte@gnome.org>

        Reviewed by Jan Alonzo.

        Buildfix for Gtk platforms debug builds.

        * GNUmakefile.am: Choose MarkStackPosix.cpp or MarkStackWin.cpp
        depending on platform.

2009-08-12  Simon Hausmann  <simon.hausmann@nokia.com>

        Prospective build fix for Mac and 32-bit Windows.

        * runtime/UString.cpp: Include wtf/StringExtras.h for snprintf.
        (JSC::UString::from): Use %lld instead of %I64d for snprintf
        on non-windows platforms.

2009-08-12  Prasanth Ullattil  <prasanth.ullattil@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compile error on 64Bit Windows, when UString::from
        is called with an intptr_t.

        Added new UString::From overload with long long parameter.

        Thanks to Holger for the long long idea.

        * runtime/UString.cpp:
        (JSC::UString::from):
        * runtime/UString.h:

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Mark Rowe.

        Minor style fixes.

        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        * wtf/FastMalloc.h:
        (WTF::TryMallocReturnValue::getValue):

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Make it harder to misuse try* allocation routines
        https://bugs.webkit.org/show_bug.cgi?id=27469

        Jump through a few hoops to make it much harder to accidentally
        miss null-checking of values returned by the try-* allocation
        routines.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::increaseVectorLength):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncLink):
        * runtime/UString.cpp:
        (JSC::allocChars):
        (JSC::reallocChars):
        (JSC::expandCapacity):
        (JSC::UString::Rep::reserveCapacity):
        (JSC::UString::expandPreCapacity):
        (JSC::createRep):
        (JSC::concatenate):
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        (JSC::UString::append):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        * wtf/FastMalloc.cpp:
        (WTF::tryFastZeroedMalloc):
        (WTF::tryFastMalloc):
        (WTF::tryFastCalloc):
        (WTF::tryFastRealloc):
        (WTF::TCMallocStats::tryFastMalloc):
        (WTF::TCMallocStats::tryFastCalloc):
        (WTF::TCMallocStats::tryFastRealloc):
        * wtf/FastMalloc.h:
        (WTF::TryMallocReturnValue::TryMallocReturnValue):
        (WTF::TryMallocReturnValue::~TryMallocReturnValue):
        (WTF::TryMallocReturnValue::operator PossiblyNull<T>):
        (WTF::TryMallocReturnValue::getValue):
        * wtf/Platform.h:
        * wtf/PossiblyNull.h: Added.
        (WTF::PossiblyNull::PossiblyNull):
        (WTF::PossiblyNull::~PossiblyNull):
        (WTF::::getValue):

2009-08-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix part deux).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-11  Gavin Barraclough  <barraclough@apple.com>

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Restrict use of FuncDeclNode & FuncExprNode to the parser.
        https://bugs.webkit.org/show_bug.cgi?id=28209

        These objects were also being referenced from the CodeBlock.  By changing this
        to just retain pointers to FunctionBodyNodes these classes can be restricted to
        use during parsing.

        No performance impact (or sub-percent progression).

        * JavaScriptCore.exp:
            Update symbols.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::mark):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::addFunction):
        (JSC::CodeBlock::function):
            Unify m_functions & m_functionExpressions into a single Vector<RefPtr<FuncExprNode> >.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::addConstant):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
            FunctionStacks now contain FunctionBodyNodes not FuncDeclNodes.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
            Update to reflect chnages in CodeBlock.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_func_exp):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
            Update to reflect chnages in CodeBlock.

        * parser/Grammar.y:
            FunctionStacks now contain FunctionBodyNodes not FuncDeclNodes.

        * parser/NodeConstructors.h:
        (JSC::FuncExprNode::FuncExprNode):
        (JSC::FuncDeclNode::FuncDeclNode):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::mark):
        (JSC::FunctionBodyNode::finishParsing):
        * parser/Nodes.h:
        (JSC::FunctionBodyNode::ident):
            Move m_ident & make methods from FuncDeclNode & FuncExprNode to FunctionBodyNode.

        * runtime/JSFunction.h:
        (JSC::FunctionBodyNode::make):
            Make this method inline (was FuncDeclNode::makeFunction).

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Native JSON.stringify does not omit functions
        https://bugs.webkit.org/show_bug.cgi?id=28117

        Objects that are callable should be treated as undefined when
        serialising to JSON.

        * runtime/JSONObject.cpp:
        (JSC::Stringifier::appendStringifiedValue):

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        REGRESSION: Hang/crash in BytecodeGenerator::constRegisterFor loading simple page
        https://bugs.webkit.org/show_bug.cgi?id=28169

        Handle the case where someone has attempted to shadow a property
        on the global object with a constant.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::constRegisterFor):
        * parser/Nodes.cpp:
        (JSC::ConstDeclNode::emitCodeSingle):

2009-08-11  John Gregg  <johnnyg@google.com>

        Reviewed by Maciej Stachowiak.

        Desktop Notifications API
        https://bugs.webkit.org/show_bug.cgi?id=25463

        Adds ENABLE_NOTIFICATION flag.

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-08-11  Maxime Simon  <simon.maxime@gmail.com>

        Reviewed by Eric Seidel.

        Modifications on JavaScriptCore to allow Haiku port.
        https://bugs.webkit.org/show_bug.cgi?id=28121

        * runtime/Collector.cpp: Haiku doesn't have sys/mman.h, using OS.h instead.
        (JSC::currentThreadStackBase): Haiku uses its own threading system.
        * wtf/Platform.h: Defining all Haiku platform values.
        * wtf/haiku/MainThreadHaiku.cpp: Adding a missing header (NotImplemented.h).

2009-08-11  Jessie Berlin  <jberlin@apple.com>

        Reviewed by Adam Roben.

        Fix windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-11  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        Buildfix for Qt-win platforms.

        * JavaScriptCore.pri: Choose MarkStackPosix.cpp or MarkStackWin.cpp depend on platform.

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (And another build fix).

        Add new exports for MSVC

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (yet another build fix).

        Remove obsolete entries from MSVC exports file

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Add includes needed for non-allinonefile builds

        * runtime/GetterSetter.h:
        * runtime/ScopeChain.h:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Fix export file for last build fix

        * JavaScriptCore.exp:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Hoist page size initialization into platform specific code.

        * jit/ExecutableAllocatorPosix.cpp:
        * jit/ExecutableAllocatorWin.cpp:
        * runtime/MarkStack.h:
        (JSC::MarkStack::pageSize):
        * runtime/MarkStackPosix.cpp:
        (JSC::MarkStack::initializePagesize):
        * runtime/MarkStackWin.cpp:
        (JSC::MarkStack::initializePagesize):

2009-08-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Stack overflow crash in JavaScript garbage collector mark pass
        https://bugs.webkit.org/show_bug.cgi?id=12216

        Make the GC mark phase iterative by using an explicit mark stack.
        To do this marking any single object is performed in multiple stages
          * The object is appended to the MarkStack, this sets the marked
            bit for the object using the new markDirect() function, and then
            returns
          * When the MarkStack is drain()ed the object is popped off the stack
            and markChildren(MarkStack&) is called on the object to collect 
            all of its children.  drain() then repeats until the stack is empty.

        Additionally I renamed a number of methods from 'mark' to 'markAggregate'
        in order to make it more clear that marking of those object was not
        going to result in an actual recursive mark.

        * GNUmakefile.am
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate):
        * bytecode/CodeBlock.h:
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::markAggregate):
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::markChildren):
        * debugger/DebuggerActivation.h:
        * interpreter/Register.h:
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::markGlobals):
        (JSC::RegisterFile::markCallFrames):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::markAggregate):
        (JSC::EvalNode::markAggregate):
        (JSC::FunctionBodyNode::markAggregate):
        * parser/Nodes.h:
        (JSC::ScopeNode::markAggregate):
        * runtime/ArgList.cpp:
        (JSC::MarkedArgumentBuffer::markLists):
        * runtime/ArgList.h:
        * runtime/Arguments.cpp:
        (JSC::Arguments::markChildren):
        * runtime/Arguments.h:
        * runtime/Collector.cpp:
        (JSC::Heap::markConservatively):
        (JSC::Heap::markCurrentThreadConservativelyInternal):
        (JSC::Heap::markCurrentThreadConservatively):
        (JSC::Heap::markOtherThreadConservatively):
        (JSC::Heap::markStackObjectsConservatively):
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::collect):
        * runtime/Collector.h:
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        (JSC::GetterSetter::createStructure):
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::markChildren):
        * runtime/GlobalEvalFunction.h:
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::markChildren):
        * runtime/JSActivation.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::markChildren):
        * runtime/JSArray.h:
        * runtime/JSCell.h:
        (JSC::JSCell::markCellDirect):
        (JSC::JSCell::markChildren):
        (JSC::JSValue::markDirect):
        (JSC::JSValue::markChildren):
        (JSC::JSValue::hasChildren):
        (JSC::MarkStack::append):
        (JSC::MarkStack::drain):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::markChildren):
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::markChildren):
        * runtime/JSNotAnObject.h:
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::markAggregate):
        (JSC::JSONObject::markStringifiers):
        * runtime/JSONObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::markChildren):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        * runtime/JSObject.h:
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::markChildren):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::createStructure):
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::create):
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::markChildren):
        * runtime/JSStaticScopeObject.h:
        * runtime/JSType.h:
        (JSC::):
        * runtime/JSValue.h:
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::markChildren):
        * runtime/JSWrapperObject.h:
        * runtime/MarkStack.cpp: Added.
        (JSC::MarkStack::compact):
        * runtime/MarkStack.h: Added.
        (JSC::):
        (JSC::MarkStack::MarkStack):
        (JSC::MarkStack::append):
        (JSC::MarkStack::appendValues):
        (JSC::MarkStack::~MarkStack):
        (JSC::MarkStack::MarkSet::MarkSet):
        (JSC::MarkStack::pageSize):
        
        MarkStackArray is a non-shrinking, mmap-based vector type
        used for storing objects to be marked.
        (JSC::MarkStack::MarkStackArray::MarkStackArray):
        (JSC::MarkStack::MarkStackArray::~MarkStackArray):
        (JSC::MarkStack::MarkStackArray::expand):
        (JSC::MarkStack::MarkStackArray::append):
        (JSC::MarkStack::MarkStackArray::removeLast):
        (JSC::MarkStack::MarkStackArray::isEmpty):
        (JSC::MarkStack::MarkStackArray::size):
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackPosix.cpp: Added.
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):
        * runtime/MarkStackWin.cpp: Added.
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):

        * runtime/ScopeChain.h:
        * runtime/ScopeChainMark.h:
        (JSC::ScopeChain::markAggregate):
        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::mark):
        * runtime/Structure.h:
        (JSC::Structure::markAggregate):

2009-08-10  Mark Rowe  <mrowe@apple.com>
        
        Reviewed by Darin Adler.

        Fix hundreds of "pointer being freed was not allocated" errors seen on the build bot.

        * wtf/FastMalloc.h: Implement nothrow variants of the delete and delete[] operators since
        we implement the nothrow variants of new and new[].  The nothrow variant of delete is called
        explicitly in the implementation of std::sort which was resulting in FastMalloc-allocated
        memory being passed to the system allocator to free.

2009-08-10  Jan Michael Alonzo  <jmalonzo@webkit.org>

        [Gtk] Unreviewed build fix. Move JSAPIValueWrapper.cpp/.h in the debug
        section. This file is already part of AllInOneFile in Release builds.

        * GNUmakefile.am:

2009-08-10  Darin Adler  <darin@apple.com>

        * wtf/FastMalloc.h: Fix build.

2009-08-10  Darin Adler  <darin@apple.com>

        Reviewed by Mark Rowe.

        FastMalloc.h has cross-platform code but marked as WinCE-only
        https://bugs.webkit.org/show_bug.cgi?id=28160

        1) The support for nothrow was inside #if PLATFORM(WINCE) even though it is
           not platform-specific.
        2) The code tried to override operator delete nothrow, which does not exist.
        3) The code in the header checks the value of USE_SYSTEM_MALLOC, but the code
           in FastMalloc.cpp checks only if the macro is defined.

        * wtf/FastMalloc.h: See above.
        * wtf/FastMalloc.cpp: Ditto.

2009-08-10  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Fix an annoying indentation issue.

        * runtime/DateConstructor.cpp:
        (JSC::constructDate):

2009-08-10  Xan Lopez  <xlopez@igalia.com>

        Unreviewed build fix.

        Add new files to makefile.

        * GNUmakefile.am:

2009-08-10  Simon Hausmann  <simon.hausmann@nokia.com>

        Fix compilation with the interpreter instead of the JIT by including
        PrototypeFunction.h as forward-declared through NativeFunctionWrapper.h.

        * runtime/ObjectConstructor.cpp:

2009-08-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by George Staikos.

        JSON.stringify replacer returning undefined does not omit object properties
        https://bugs.webkit.org/show_bug.cgi?id=28118

        Correct behaviour of stringify when using a replacer function that returns
        undefined.  This is a simple change to move the undefined value check to
        after the replacer function is called.  This means that the replacer function
        is now called for properties with the value undefined, however i've confirmed
        that this behaviour is correct.
        
        In addition I've made the cyclic object exception have a more useful error
        message.

        * runtime/JSONObject.cpp:
        (JSC::Stringifier::appendStringifiedValue):

2009-08-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Eric Seidel and Sam Weinig.

        [ES5] Implement Object.getPrototypeOf
        https://bugs.webkit.org/show_bug.cgi?id=28114

        Implement getPrototypeOf

        * runtime/CommonIdentifiers.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConsGetPrototypeOf):
        * runtime/ObjectConstructor.h:

2009-08-07  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        Allow custom memory allocation control for Noncopyable class
        https://bugs.webkit.org/show_bug.cgi?id=27879

        Several classes which are inherited from Noncopyable are instantiated by
        operator new, so Noncopyable class has been inherited from FastAllocBase.

        * wtf/Noncopyable.h:

2009-08-07  George Staikos <george.staikos@torchmobile.com> 

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=27305
        Implement WinCE-specific unicode layer.
        Written by George Staikos <george.staikos@torchmobile.com>
        with bug fixes by Yong Li <yong.li@torchmobile.com>
        refactored by Joe Mason <joe.mason@torchmobile.com> 

        * wtf/Platform.h:
        * wtf/unicode/Unicode.h:
        * wtf/unicode/wince/UnicodeWince.cpp: Added.
        (WTF::Unicode::toLower):
        (WTF::Unicode::toUpper):
        (WTF::Unicode::foldCase):
        (WTF::Unicode::isPrintableChar):
        (WTF::Unicode::isSpace):
        (WTF::Unicode::isLetter):
        (WTF::Unicode::isUpper):
        (WTF::Unicode::isLower):
        (WTF::Unicode::isDigit):
        (WTF::Unicode::isPunct):
        (WTF::Unicode::toTitleCase):
        (WTF::Unicode::direction):
        (WTF::Unicode::category):
        (WTF::Unicode::decompositionType):
        (WTF::Unicode::combiningClass):
        (WTF::Unicode::mirroredChar):
        (WTF::Unicode::digitValue):
        * wtf/unicode/wince/UnicodeWince.h: Added.
        (WTF::Unicode::):
        (WTF::Unicode::isSeparatorSpace):
        (WTF::Unicode::isHighSurrogate):
        (WTF::Unicode::isLowSurrogate):
        (WTF::Unicode::isArabicChar):
        (WTF::Unicode::hasLineBreakingPropertyComplexContext):
        (WTF::Unicode::umemcasecmp):
        (WTF::Unicode::surrogateToUcs4):

2009-08-07  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28069

        Add inline to help winscw compiler resolve specialized argument in 
        templated functions.  

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexString):

2009-08-07  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        Allow custom memory allocation control for RegExpObjectData struct
        http://bugs.webkit.org/show_bug.cgi?id=26750

        Inherits RegExpObjectData struct from FastAllocBase because
        it has been instantiated by 'new' in JavaScriptCore/runtime/RegExpObject.cpp:62

        * runtime/RegExpObject.h:

2009-08-06  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        Updated patch for bug #27059:
        Symbian platform always uses little endian encoding,
        regardless of compiler.
        We need to make sure that we correctly detect EABI architecture
        for armv5 targets on Symbian,
        where __EABI__ is set but not __ARM_EABI__

        * wtf/Platform.h:

2009-08-06  Adam Barth  <abarth@webkit.org>

        Unreviewed revert.

        http://bugs.webkit.org/show_bug.cgi?id=27879

        Revert 46877 because it broke GTK.

        * wtf/Noncopyable.h:

2009-08-06  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Make get_by_id/put_by_id/method_check/call defer optimization using a data flag rather than a code modification.
        ( https://bugs.webkit.org/show_bug.cgi?id=27635 )

        This improves performance of ENABLE(ASSEMBLER_WX_EXCLUSIVE) builds by 2-2.5%, reducing the overhead to about 2.5%.
        (No performance impact with ASSEMBLER_WX_EXCLUSIVE disabled).

        * bytecode/CodeBlock.cpp:
        (JSC::printStructureStubInfo):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
            - Change a pointer in CallLinkInfo/MethodCallLinkInfo to use a PtrAndFlags, use a flag to track when an op has been executed once.

        * bytecode/StructureStubInfo.cpp:
        (JSC::StructureStubInfo::deref):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/StructureStubInfo.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::StructureStubInfo::initGetByIdSelf):
        (JSC::StructureStubInfo::initGetByIdProto):
        (JSC::StructureStubInfo::initGetByIdChain):
        (JSC::StructureStubInfo::initGetByIdSelfList):
        (JSC::StructureStubInfo::initGetByIdProtoList):
        (JSC::StructureStubInfo::initPutByIdTransition):
        (JSC::StructureStubInfo::initPutByIdReplace):
        (JSC::StructureStubInfo::seenOnce):
        (JSC::StructureStubInfo::setSeen):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID, add a flag to track when an op has been executed once.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::unlinkCall):
            - Remove the "don't lazy link" stage of calls.

        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        (JSC::JITStubs::getPolymorphicAccessStructureListSlot):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * jit/JITStubs.h:
        (JSC::JITThunks::ctiStringLengthTrampoline):
        (JSC::JITStubs::):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):
        (WTF::PtrAndFlags::operator!):
        (WTF::PtrAndFlags::operator->):
            - Add ! and -> operators, add constuctor with pointer argument.

2009-08-06  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Adam Barth.

        Allow custom memory allocation control for Noncopyable class
        https://bugs.webkit.org/show_bug.cgi?id=27879

        Several classes which inherited from Noncopyable are instantiated by
        operator new, so Noncopyable class has been inherited from FastAllocBase.

        * wtf/Noncopyable.h:

2009-08-06  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Sam Weinig.

        Add explicit dependencies for our build verification scripts to ensure that they always run after linking has completed.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-08-06  Mark Rowe  <mrowe@apple.com>

        Bring a little order to our otherwise out of control lives.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-08-06  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's PolymorphicAccessStructureList struct
        https://bugs.webkit.org/show_bug.cgi?id=27877

        Inherits PolymorphicAccessStructureList struct from FastAllocBase because it has been instantiated by
        'new' in JavaScriptCore/jit/JITStubs.cpp:1229.

        * bytecode/Instruction.h:

2009-08-05  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's ScopeNodeData struct
        https://bugs.webkit.org/show_bug.cgi?id=27875

        Inherits ScopeNodeData struct from FastAllocBase because it has been instantiated by
        'new' in JavaScriptCore/parser/Nodes.cpp:1848.

        * parser/Nodes.h:

2009-08-05  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add floating point support for generic ARM port.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::doubleTransfer):
        * assembler/ARMAssembler.h:
        (JSC::ARM::):
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::faddd_r):
        (JSC::ARMAssembler::fsubd_r):
        (JSC::ARMAssembler::fmuld_r):
        (JSC::ARMAssembler::fcmpd_r):
        (JSC::ARMAssembler::fdtr_u):
        (JSC::ARMAssembler::fdtr_d):
        (JSC::ARMAssembler::fmsr_r):
        (JSC::ARMAssembler::fsitod_r):
        (JSC::ARMAssembler::fmstat):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::):
        (JSC::MacroAssemblerARM::supportsFloatingPoint):
        (JSC::MacroAssemblerARM::loadDouble):
        (JSC::MacroAssemblerARM::storeDouble):
        (JSC::MacroAssemblerARM::addDouble):
        (JSC::MacroAssemblerARM::subDouble):
        (JSC::MacroAssemblerARM::mulDouble):
        (JSC::MacroAssemblerARM::convertInt32ToDouble):
        (JSC::MacroAssemblerARM::branchDouble):
        * jit/JIT.h:

2009-08-05  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add JIT support for generic ARM port without optimizations.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        All JIT optimizations are disabled.

        Signed off by Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
        Signed off by Gabor Loki <loki@inf.u-szeged.hu>

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::baseIndexTransfer32):
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::store32):
        (JSC::MacroAssemblerARM::move):
        (JSC::MacroAssemblerARM::branch32):
        (JSC::MacroAssemblerARM::add32):
        (JSC::MacroAssemblerARM::sub32):
        (JSC::MacroAssemblerARM::load32):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getBytecodeIndex):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        (JSC::JITStackFrame::returnAddressSlot):
        * wtf/Platform.h:

2009-08-04  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Oiver Hunt.

        Revert r46643 since this breaks the Yarr::Interpreter running the v8 tests.
        https://bugs.webkit.org/show_bug.cgi?id=27874

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::allocDisjunctionContext):
        (JSC::Yarr::Interpreter::freeDisjunctionContext):
        (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::freeParenthesesDisjunctionContext):

2009-08-04  Oliver Hunt  <oliver@apple.com>

        PPC64 Build fix

        * wtf/Platform.h:

2009-08-04  Benjamin C Meyer  <benjamin.meyer@torchmobile.com>

        Reviewed by Adam Treat

        Explicitly include limits.h header when using INT_MAX and INT_MIN

        * interpreter/Interpreter.cpp

2009-08-03  Harald Fernengel  <harald.fernengel@nokia.com>

        Reviewed by Darin Adler.

        Fix compile error for ambigous call to abs()
        https://bugs.webkit.org/show_bug.cgi?id=27873

        Fix ambiguity in abs(long int) call by calling labs() instead

        * wtf/DateMath.cpp: replace call to abs() with labs()

2009-08-03  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        [Qt] Consolidate common gcc flags to WebKit.pri
        https://bugs.webkit.org/show_bug.cgi?id=27934

        * JavaScriptCore.pro:

2009-08-03  Ada Chan  <adachan@apple.com>

        Fixed the Tiger build.

        * wtf/FastMalloc.cpp:

2009-08-03  Ada Chan  <adachan@apple.com>

        Reviewed by Darin Adler.

        Don't use background thread to scavenge memory on Tiger until we figure out why it causes a crash.
        https://bugs.webkit.org/show_bug.cgi?id=27900

        * wtf/FastMalloc.cpp:

2009-08-03  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Jan Alonzo.

        Fix build break on Gtk/x86_64.
        https://bugs.webkit.org/show_bug.cgi?id=27936

        Use JSVALUE64 for X86_64 LINUX, except Qt.

        * wtf/Platform.h:

2009-08-02  Xan Lopez  <xlopez@igalia.com>

        Fix the GTK+ build.

        * wtf/Platform.h:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Disabled JSVALUE32_64 on Qt builds, since all layout tests mysteriously
        crash with it enabled.

        * wtf/Platform.h:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Qt build fix.

        Added JSAPIValueWrapper.cpp to the build.

        * JavaScriptCore.pri:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix.

        Exported symbols for JSAPIValueWrapper.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        GTK build fix.

        * jit/JITStubs.cpp: #include <stdarg.h>, for a definition of va_start.

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Qt build fix.
        
        * runtime/Collector.cpp: #include <limits.h>, for a definition of ULONG_MAX.

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Nixed JSImmediate::prototype, JSImmediate::toObject,
        and JSImmediate::toThisObject, and removed their exported symbols.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * runtime/JSImmediate.cpp:
        * runtime/JSImmediate.h:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.

        Enabled JSVALUE32_64 by default on all platforms other than x86_64 (which uses JSVALUE64).

        * wtf/Platform.h:

2009-08-02  Kevin Ollivier  <kevino@theolliviers.com>

        Reviewed by Jan Alonzo.

        Script for building the JavaScriptCore library for wx.
        https://bugs.webkit.org/show_bug.cgi?id=27619

        * wscript: Added.

2009-08-02  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        DateMath depends on strftime and localtime, which need to be imported manually on WinCE
        https://bugs.webkit.org/show_bug.cgi?id=26558

        * wtf/DateMath.cpp:

2009-08-01  David Kilzer  <ddkilzer@apple.com>

        wtf/Threading.h: added include of Platform.h

        Reviewed by Mark Rowe.

        * wtf/Threading.h: Added #include "Platform.h" since this header
        uses PLATFORM() and other macros.

2009-08-01  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Roll out r46668 as it was misinformed.  ScopeChain is only used with placement new.

        * runtime/ScopeChain.h:

2009-08-01  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Allow custom memory allocation control for JavaScriptCore's HashMap class
        http://bugs.webkit.org/show_bug.cgi?id=27871

        Inherits HashMap class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/API/JSClassRef.cpp:148.

        * wtf/RefPtrHashMap.h:
        (WTF::):

2009-08-01  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Allow custom memory allocation control for JavaScriptCore's ScopeChain class
        https://bugs.webkit.org/show_bug.cgi?id=27834

        Inherits ScopeChain class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/JSFunction.h:109.

        * runtime/ScopeChain.h:

2009-08-01  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's RegExpConstructorPrivate struct 
        https://bugs.webkit.org/show_bug.cgi?id=27833

        Inherits RegExpConstructorPrivate class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/RegExpConstructor.cpp:152.

        * runtime/RegExpConstructor.cpp:

2009-07-31  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        Resurrect the old GetTickCount implementation of currentTime, controlled by WTF_USE_QUERY_PERFORMANCE_COUNTER
        currentSystemTime taken from older WebKit; currentTime written by Yong Li <yong.li@torchmobile.com>; cleanup by Joe Mason <joe.mason@torchmobile.com>
        https://bugs.webkit.org/show_bug.cgi?id=27848

        * wtf/CurrentTime.cpp:
        (WTF::currentSystemTime): get current time with GetCurrentFT
        (WTF::currentTime): track msec elapsed since first currentSystemTime call using GetTickCount
        * wtf/Platform.h:

2009-07-31  Ada Chan  <adachan@apple.com>

        Fixes the Windows release-PGO build.

        Reviewed by Jon Honeycutt.

        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Suppresses the warning about unreachable code that we get by adding "return 0" to WTF::TCMalloc_PageHeap::runScavengerThread().
        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::runScavengerThread): Fixes the error about the method not returning a value in the release-PGO build.

2009-07-31  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Change malloc to fastMalloc and free to fastFree in Yarr's RegexInterpreter.cpp
        https://bugs.webkit.org/show_bug.cgi?id=27874

        Use fastMalloc and fastFree instead of malloc and free in RegexInterpreter.cpp's methods.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::allocDisjunctionContext):
        (JSC::Yarr::Interpreter::freeDisjunctionContext):
        (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::freeParenthesesDisjunctionContext):

2009-07-30  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Jan Alonzo.

        Fix compiler warning.

        GCC does not like C++-style comments in preprocessor directives.

        * wtf/Platform.h:

2009-07-30  John McCall  <rjmccall@apple.com>

        Reviewed by Gavin Barraclough.

        Optimize the X86_64 trampolines: avoid the need for filler arguments
        and move the stub-args area closer to the stack pointer.

        * jit/JIT.h: adjust patch offsets because of slight code-size change 
        * jit/JITCode.h:
        (JSC::JITCode::execute): don't pass filler args
        * jit/JITStubs.cpp:
        (ctiTrampoline): (X86_64): push args onto stack, use args directly
        (ctiVMThrowTrampoline): (X86_64): adjust %rsp by correct displacement
        (ctiOpThrowNotCaught): (X86_64): adjust %rsp by correct displacement
        * jit/JITStubs.h:
        (JITStackFrame): (X86_64): move args area earlier
        (ctiTrampoline): remove filler args from prototype

2009-07-30  Gavin Barraclough  <barraclough@apple.com>

        Temporarily revert r46618 since this is b0rking on Linux.

2009-07-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Make get_by_id/put_by_id/method_check/call defer optimization using a data flag rather than a code modification.
        ( https://bugs.webkit.org/show_bug.cgi?id=27635 )

        This improves performance of ENABLE(ASSEMBLER_WX_EXCLUSIVE) builds by 2-2.5%, reducing the overhead to about 2.5%.
        (No performance impact with ASSEMBLER_WX_EXCLUSIVE disabled).

        * bytecode/CodeBlock.cpp:
        (JSC::printStructureStubInfo):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
            - Change a pointer in CallLinkInfo/MethodCallLinkInfo to use a PtrAndFlags, use a flag to track when an op has been executed once.

        * bytecode/StructureStubInfo.cpp:
        (JSC::StructureStubInfo::deref):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/StructureStubInfo.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::StructureStubInfo::initGetByIdSelf):
        (JSC::StructureStubInfo::initGetByIdProto):
        (JSC::StructureStubInfo::initGetByIdChain):
        (JSC::StructureStubInfo::initGetByIdSelfList):
        (JSC::StructureStubInfo::initGetByIdProtoList):
        (JSC::StructureStubInfo::initPutByIdTransition):
        (JSC::StructureStubInfo::initPutByIdReplace):
        (JSC::StructureStubInfo::seenOnce):
        (JSC::StructureStubInfo::setSeen):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID, add a flag to track when an op has been executed once.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::unlinkCall):
            - Remove the "don't lazy link" stage of calls.

        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        (JSC::JITStubs::getPolymorphicAccessStructureListSlot):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * jit/JITStubs.h:
        (JSC::JITThunks::ctiStringLengthTrampoline):
        (JSC::JITStubs::):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):
        (WTF::PtrAndFlags::operator!):
        (WTF::PtrAndFlags::operator->):
            - Add ! and -> operators, add constuctor with pointer argument.

2009-07-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Fixed failing tests seen on Windows buildbot.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::): Use "int" instead of "bool" to guarantee a 32-bit result,
        regardless of compiler. gcc on mac uses 32-bit values for bool,
        but gcc on linux and MSVC on Windows use 8-bit values.

2009-07-30  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: added missing symbols on Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-30  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed stale symbols on Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

=== End merge of nitro-extreme branch 2009-07-30 ===

2009-07-20  Geoffrey Garen  <ggaren@apple.com>

        Fixed a post-review typo in r46066 that caused tons of test failures.
        
        SunSpider reports no change.

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray): Initialize the full vector capacity, to avoid
        uninitialized members at the end.

2009-07-20  Geoffrey Garen  <ggaren@apple.com>

        Windows WebKit build fix: Added some missing exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-17  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Get the branch working on windows.
        https://bugs.webkit.org/show_bug.cgi?id=27391
        
        SunSpider says 0.3% faster.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Updated
        MSVC export lists to fix linker errors.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Added / removed
        new / old project files.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines): Used #pragma pack to tell
        MSVC that these structures represent actual memory layout, and should not be
        automatically aligned. Changed the return value load to load a 64bit quantity
        into the canonical registers.

        * jit/JIT.h: Moved OBJECT_OFFSETOF definition to StdLibExtras.h because
        it's needed by more than just the JIT, and it supplements a standard library
        macro (offsetof).

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame): Fixed an incorrectly signed
        cast to resolve an MSVC warning.

        * jit/JITStubs.h: Used #pragma pack to tell MSVC that these structures
        represent actual memory layout, and should not be automatically aligned. 

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray): Replaced memset_pattern8 with a for loop, since
        memset_pattern8 is not portable. (I verified that this version of the loop
        gives the best performance / generated code in GCC.)

        * runtime/JSObject.h:
        (JSC::JSObject::JSObject): Removed accidental usage of FIELD_OFFSET --
        OBJECT_OFFSETOF is our new macro name. (FIELD_OFFSET conflicts with a
        definition in winnt.h.)

        * runtime/JSValue.cpp: Added some headers needed by non-all-in-one builds.
        
        * runtime/JSValue.h:
        (JSC::JSValue::): Made the tag signed, to match MSVC's signed enum values.
        (GCC doesn't seem to care one way or the other.)

        * wtf/MainThread.cpp: Moved the StdLibExtras.h #include -- I did this a
        while ago to resolve a conflict with winnt.h. I can't remember if it's truly
        still needed, but what the heck.

        * wtf/StdLibExtras.h: Moved OBJECT_OFFSETOF definition here.

2009-07-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig (?).
        
        Fixed an assertion seen during the stress test.
        
        Don't assume that, if op1 is constant, op2 is not, and vice versa. Sadly,
        not all constants get folded.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):

2009-07-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Include op_convert_this in result caching.
        
        No change on SunSpider or v8.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_convert_this):

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::): Made the op_convert_this JIT stub return an EncodedJSValue, so
        to maintain the result caching contract that { tag, payload } can be
        found in { regT1, regT0 }.

2009-07-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented result chaining.
        
        1% faster on SunSpider. 4%-5% faster on v8.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::move):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movl_rr): Added an optimization to eliminate
        no-op mov instructions, to simplify chaining.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * jit/JIT.h: Added data members and helper functions for recording
        chained results. We record both a mapping from virtual to machine register
        and the opcode for which the mapping is valid, to help ensure that the
        mapping isn't used after the mapped register has been stomped by other
        instructions.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):
        (JSC::JIT::emit_op_ret):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase): Chain function call results.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadTag):
        (JSC::JIT::emitLoadPayload):
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitLoad2):
        (JSC::JIT::isLabeled):
        (JSC::JIT::map):
        (JSC::JIT::unmap):
        (JSC::JIT::isMapped):
        (JSC::JIT::getMappedPayload):
        (JSC::JIT::getMappedTag): Use helper functions when loading virtual
        registers into machine registers, in case the loads can be eliminated
        by chaining.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_mov):
        (JSC::JIT::emit_op_end):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_next_pname):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_catch): Chain results from these opcodes.

        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call): Load the profiler into regT2 to
        avoid stomping a chained result.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_get_by_id): Chain results from these opcodes.

        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument): Always use { regT1, regT0 }, to facilitate
        chaining.

        (JSC::JITStubCall::call): Unmap all mapped registers, since our callee
        stub might stomp them.

2009-07-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Don't reload values in emitBinaryDoubleOp.

        SunSpider reports a 0.6% progression. 

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitBinaryDoubleOp):

2009-07-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Convert op_div to load op1 and op2 up front.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_div):

2009-07-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Don't emit code in emitBinaryDoubleOp if code is unreachable, observable
        via an empty (unlinked) jumplist passed in.  This only effects op_jnless
        and op_jnlesseq at present.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emitBinaryDoubleOp):

2009-07-01  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Converted op_mod to put { tag, payload } in { regT1, regT0 }, and
        tidied up its constant case.
        
        SunSpider reports a 0.2% regression, but a micro-benchmark of op_mod
        shows a 12% speedup, and the SunSpider test that uses op_mod most should
        benefit a lot from result caching in the end, since it almost always
        performs (expression) % constant.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):

2009-06-30  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Converted some more arithmetic ops to put { tag, payload } in
        { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Converted some more arithmetic ops to put { tag, payload } in
        { regT1, regT0 }, and added a case for subtract constant.
        
        SunSpider says no change. v8 says 0.3% slower.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSub32Constant):
        (JSC::JIT::emitSlow_op_sub):

2009-06-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove more uses of addressFor(), load double constants directly from
        the constantpool in the CodeBlock, rather than from the register file.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitBinaryDoubleOp):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a bug in postfix ops, where we would treat x = x++ and x = x--
        as a no-op, even if x were not an int, and the ++/-- could have side-effects.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Converted some arithmetic ops to put { tag, payload } in
        { regT1, regT0 }.
        
        SunSpider says 0.7% faster. v8 says no change.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emit_op_bitxor):
        * jit/JITInlineMethods.h:
        (JSC::JIT::isOperandConstantImmediateInt):
        (JSC::JIT::getOperandConstantImmediateInt):

2009-06-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Start removing cases of addressFor().

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadDouble):
        (JSC::JIT::emitLoadInt32ToDouble):
        (JSC::JIT::emitStoreDouble):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Rolled back in my last patch with regression fixed.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emitSlow_op_resolve_global):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Rolled out my last patch because it was a 2% SunSpider regression.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin "Sam Weinig" Barraclough.
        
        Standardized the rest of our opcodes to put { tag, payload } in
        { regT1, regT0 } where possible.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emitSlow_op_resolve_global):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):

2009-06-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoffrey Garen.

        Replace calls to store32(tagFor()) and store32(payloadFor())
        with emitStoreInt32(), emitStoreBool(), and emitStoreCell().

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitBitAnd32Constant):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitBitOr32Constant):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitBitXor32Constant):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSub32ConstantLeft):
        (JSC::JIT::emitSub32ConstantRight):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emit_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_load_varargs):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitStoreInt32):
        (JSC::JIT::emitStoreCell):
        (JSC::JIT::emitStoreBool):
        (JSC::JIT::emitStore):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized the rest of the property access instructions to put { tag,
        payload } in { regT1, regT0 }.

        Small v8 speedup, 0.2% SunSpider slowdown.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitLoad2):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::patchPutByIdReplace):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Various cleanups.
        - Use fpRegT* instead of X86::xmm*.
        - Use a switch statement in emitBinaryDoubleOp instead of a bunch of
          if/elses.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add inline code dealing with doubles for op_jfalse and op_jtrue.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::):
        (JSC::MacroAssemblerX86Common::zeroDouble):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-06-28  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Standardized op_get_by_id to put { tag, payload } in { regT1, regT0 }.
        
        SunSpider and v8 report maybe 0.2%-0.4% regressions, but the optimization
        this enables will win much more than that back.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-06-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Standardized op_call to put { tag, payload } in { regT1, regT0 }.
        
        SunSpider and v8 report no change.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):

2009-06-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Handle multiplying by zero a little better by
        inlining the case that both operands are non-negative
        into the slowpath.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::branchOr32):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Optimize x++ to ++x inside for loops.
        
        Sadly, no measurable speedup, but this should help with result chaining.

        * parser/Nodes.cpp:
        (JSC::ForNode::emitBytecode):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emit_op_post_inc):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emitSlow_op_negate):
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emitSlow_op_construct_verify):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_true):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig (sort of, maybe).
        
        Fixed some ASSERTs in http/tests/security.
        
        These ASSERTs were introduced by http://trac.webkit.org/changeset/45057,
        but the underlying problem was actually older. http://trac.webkit.org/changeset/45057
        just exposed the problem by enabling optimization in more cases.
        
        The ASSERTs fired because we tested PropertySlot::slotBase() for validity,
        but slotBase() ASSERTs if it's invalid, so we would ASSERT before
        the test could happen. Solution: Remove the ASSERT. Maybe it was valid
        once, but it clearly goes against a pattern we've deployed of late.
        
        The underlying problem was that WebCore would re-use a PropertySlot in
        the case of a forwarding access, and the second use would not completely
        overwrite the first use. Solution: Make sure to overwrite m_offset when
        setting a value on a PropertySlot. (Other values already get implicitly
        overwritten during reuse.)

        * runtime/PropertySlot.h:
        (JSC::PropertySlot::PropertySlot):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setValue):
        (JSC::PropertySlot::setRegisterSlot):
        (JSC::PropertySlot::setUndefined):
        (JSC::PropertySlot::slotBase):
        (JSC::PropertySlot::clearOffset):

2009-06-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Enable JIT_OPTIMIZE_METHOD_CALLS on the branch, implementation matches current implemenatation in ToT.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emitSlow_op_method_check):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::compileGetByIdSlowCase):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Bit off a tiny bit more of standardizing opcode behavior to help with result
        caching.
        
        SunSpider reports no change, v8 maybe a tiny speedup.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emitSlow_op_to_jsnumber):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emitSlow_op_convert_this):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Bit off a tiny bit more of standardizing opcode behavior to help with result
        caching -- including removing my old enemy, op_resolve_function, because
        it was non-standard, and removing it felt better than helping it limp along.
        
        SunSpider reports no change, v8 maybe a tiny speedup.
        
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emitSlow_op_to_primitive):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        * parser/Nodes.cpp:
        (JSC::FunctionCallResolveNode::emitBytecode):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Bit off a tiny bit of standardizing opcode behavior to help with result
        caching.
        
        0.6% SunSpider speedup. 0.3% v8 speedup.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoad): Accomodate a base register that overlaps with payload
        by loading tag before payload, to avoid stomping base/payload.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_mov): Abide by the standard "tag in regT1, payload in
        regT0" semantics.

        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var): Ditto. Also, removed some irrelevent
        loads while I was at it. The global object's "d" pointer never changes
        after construction.

2009-06-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove 'arguments' field from Register union (again).
        This time do so without breaking tests (radical, I know).

        * interpreter/CallFrame.h:
        (JSC::ExecState::optionalCalleeArguments):
        (JSC::ExecState::setArgumentCount):
        (JSC::ExecState::init):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * interpreter/Register.h:
        (JSC::Register::withInt):
        (JSC::Register::):
        (JSC::Register::Register):
        (JSC::Register::i):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_tear_off_arguments):
        * runtime/Arguments.h:
        (JSC::JSActivation::copyRegisters):
        (JSC::Register::arguments):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Removed some result register tracking cruft in preparation for a new
        result tracking mechanism.
        
        SunSpider reports no change.

        * assembler/AbstractMacroAssembler.h:
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::JmpDst::JmpDst): No need to track jump targets in
        machine code; we already do this in bytecode.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        (JSC::JIT::emitTimeoutCheck): Make sure to save and restore the result
        registers, so an opcode with a timeout check can still benefit from result
        register caching.

        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases): Removed calls to killLastResultRegister()
        in preparation for something new.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetFromCallFrameHeaderPtr):
        (JSC::JIT::emitGetFromCallFrameHeader32):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_jsr):
        (JSC::JIT::emit_op_sret):
        (JSC::JIT::emit_op_jmp_scopes): ditto

        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::getArgument): added a mechanism for reloading an argument
        you passed to a JIT stub, for use in emitTimeoutCheck.

2009-06-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove now-useless inplace variants of binary ops.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emit_op_mul):

2009-06-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Move off memory operands to aid in re-enabling result caching.

        - No regression measured.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitBitAnd32Constant):
        (JSC::JIT::emitBitAnd32InPlace):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitBitOr32Constant):
        (JSC::JIT::emitBitOr32InPlace):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitBitXor32Constant):
        (JSC::JIT::emitBitXor32InPlace):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitAdd32InPlace):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32Constant):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSub32ConstantLeft):
        (JSC::JIT::emitSub32ConstantRight):
        (JSC::JIT::emitSub32InPlaceLeft):
        (JSC::JIT::emitSub32InPlaceRight):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitMul32InPlace):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emit_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emit_op_to_jsnumber):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed some missing and/or misplaced labels in bytecode generation, so
        we don't have to work around them in JIT code generation.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpSubroutine):
        * parser/Nodes.cpp:
        (JSC::TryNode::emitBytecode):

2009-06-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        For member function calls, emit "this" directly into the "this" slot
        for the function call, instead of moving it there later. This reduces
        time spent in op_mov during certain calls, like "a.b.c()".
        
        1%-2% speedup on v8, mostly richards and delta-blue.

        * parser/Nodes.cpp:
        (JSC::FunctionCallDotNode::emitBytecode):

2009-06-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove 'arguments' field from Register union.  Having JSCell derived types in the union is
        dangerous since it opens the possibility for the field to be written as a raw pointer but
        then read as a JSValue.  This will lead to statle data being read for the tag, which may
        be dangerous.  Having removed Arguments* types form Register, all arguments objects must
        always explicitly be stored in the register file as JSValues.

        * interpreter/CallFrame.h:
        (JSC::ExecState::optionalCalleeArguments):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * interpreter/Register.h:
        (JSC::Register::):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_tear_off_arguments):
        * runtime/Arguments.h:
        (JSC::JSActivation::copyRegisters):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:

2009-06-03  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add back known this value optimization by abstracting
        slow case if not JSCell jumps.

        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::linkSlowCaseIfNotJSCell):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emitSlow_op_instanceof):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):

2009-06-01  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed some of the regression in crypto-aes.js. (8.5% speedup in
        crypto-aes.js.)
        
        SunSpider reports no change overall.
        
        Division was producing double results, which took the slow path through
        array access code.
        
        Strangely, all my attempts at versions of this patch that modified array
        access code to accept ints encoded as doubles along the fast or slow paths
        were regressions. So I did this instead.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_div): When dividing an int by an int, go ahead and try
        to turn the result into an int. Don't just do int division, though, because
        testing shows it to be slower than SSE double division, and the corner
        cases are pretty complicated / lengthy on top of that. Also, don't try
        to canonicalize division of known tiny numerators into ints, since that's a
        waste of time.

2009-05-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        Fixed a regression caused by my recent fix for NaN.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp): Actually do the comparison in reverse
        order, like the ChangeLog said we would, bokay?

2009-05-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig and Oliver Hunt.
        
        Fixed two edge cases in %:
        
        - Don't do -2147483648 % x as a fast case, since you might do -2147483648 % -1,
        which will signal a hardware exception due to overflow.

        - In the case of a zero remainder, be sure to store negative zero if the
        dividend was zero.
        
        SunSpider reports no change.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):

2009-05-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Fixed a regression when comparing to NaN.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp): For op_jnless and op_jnless_eq, do the
        comparison in reverse order, and jump if the result is below or 
        below-or-equal. This ensures that we do jump in the case of NaN.

2009-05-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        SunSpider says no change.
        
        Fixed regressions in fast/js/var-declarations-shadowing.html and
        fast/js/equality.html, caused by recent == and != optimizations.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_eq): Don't treat "compare to string" as always
        numeric or string comparison. If the second operand is an object, you
        need to ToPrimitive it, and start all over again. Also, I wrote out each
        of the possible cases explicitly, to cut down on redundant branching.

2009-05-25  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Fix bug in fast/js/constant-folding.html where we were not negating
        -0 properly.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):

2009-05-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        Refactored new slow case codegen for == and !=.
        
        SunSpider reports no change, maybe a tiny speedup.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emitSlow_op_neq): Made a vptr comparison a *Ptr operation,
        instead of *32, to make it portable to 64bit. Reorganized the string
        and generic cases to make their control flow a little clearer.

2009-05-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Optimized == and != for our new value representation -- especially for strings.
        
        14% speedup on date-format-tofte.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_eq_strings):
        (JSC::JITStubs::cti_op_call_eval):
        * jit/JITStubs.h:
        (JSC::):
        * runtime/JSValue.h:

2009-05-22  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Fix non-SSE enabled builds.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_add): Don't early return here, we still need to call the JIT stub.
        (JSC::JIT::emitSlow_op_sub): Ditto.

2009-05-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Here's a thought: let's not take a jit stub call just to multiply by 1,
        bokay?
        
        imul doesn't set the zero flag, so to test for a zero result, we need
        an explicit instruction. (Luckily, it does set the overflow flag, so
        we can still use that.)

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitMul32InPlace):

2009-05-22  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey "Premature Commit" Garen.

        Add back constant integer cases for op_add.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32Constant):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperandImmediateDouble):
        (JSC::JIT::isOperandConstantImmediateDouble):

2009-05-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added fast double cases for op_jnless and op_jnlesseq.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::JumpList::jumps): New accesor, used by
        addSlowCase.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::ucomisd_rm): New method for comparing register to
        memory.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emit_op_div): Modified emitBinaryDoubleOp to accept comparison/jump
        operations in addition to operations with explicit result registers.

        * jit/JITInlineMethods.h:
        (JSC::JIT::addSlowCase): Added an "addSlowCase" for JumpLists, so clients
        can track multiple jumps to the same slow case condition together.

2009-05-21  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Implement op_negate inline fast cases.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::neg32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::negl_m):
        (JSC::X86Assembler::xorpd_rr):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emitSlow_op_negate):

2009-05-20  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Update the patchOffsetGetByIdSlowCaseCall constant for the
        case that OPCODE_SAMPLING is enabled.

        * jit/JIT.h:

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added support for inline subtraction of doubles.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSlowSub32InPlaceLeft):
        (JSC::JIT::emitBinaryDoubleOp):

2009-05-20  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Added support for inline division.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::divsd_rr):
        (JSC::X86Assembler::divsd_mr):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitBinaryOp):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emitSlow_op_div):

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added support for inline addition of doubles.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32InPlace):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Factored inline double operations into a helper function, so that we
        can reuse this code for other math operations.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added support for inline multiplication of doubles.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::cvtsi2sd_mr): New function, useful for loading an
        int32 into a double register.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul): Filled out these cases for double arithmetic.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::addressFor): New function, useful for addressing a JSValue's
        full 64bits as a double.

2009-05-19  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement and enable optimized calls.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines): Add ENABLE(JIT_OPTIMIZE_CALL) guards
        around the the optimize call only trampolines (virtualCallPreLink and virtualCallLink).
        Update the trampolines to account for the new JSValue representation.
        (JSC::JIT::unlinkCall): Use NULL instead of JSValue noValue. 

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall): Update to account for the new JSValue representation
        (JSC::JIT::compileOpCallSlowCase): Ditto.

        * jit/JITStubs.h: Remove incorrect !ENABLE(JIT_OPTIMIZE_CALL) guard.

        * wtf/Platform.h: Enable ENABLE_JIT_OPTIMIZE_CALL.

2009-05-19  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement and enable optimized property access.

        * assembler/AbstractMacroAssembler.h: Fix comment.
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines): Remove array length trampoline
        and implement the string length trampoline.
        * jit/JIT.h: Add new constants for patch offsets.
        * jit/JITInlineMethods.h: Remove FIELD_OFFSET which is now in StdLibExtras.h.
        * jit/JITPropertyAccess.cpp: 
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument): Add version of addArgument that takes
        two registers for the tag and payload.
        * jit/JITStubs.cpp:
        (JSC::JITStubs::JITStubs): Remove array length trampoline pointer.
        (JSC::JITStubs::cti_op_get_by_id_self_fail): 
        * jit/JITStubs.h:
        * runtime/JSObject.h:
        (JSC::JSObject::JSObject): Move m_inheritorID below the property storage
        to align it to a 16 byte boundary.
        * wtf/Platform.h: Enable ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
        * wtf/StdLibExtras.h: Move FIELD_OFFSET here.

2009-05-17  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove unneeded ExecState parameter from the number JSValue constructors.

        * runtime/JSValue.h:
        (JSC::jsNumber):
        (JSC::jsNaN):
        (JSC::JSValue::JSValue):

2009-05-15  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented fast path for op_put_by_val when putting to arrays.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):

2009-05-15  Geoffrey Garen  <ggaren@apple.com> (Mostly by Sam)

        Reviewed by Sam Weinig.
        
        Implemented fast path for op_get_by_val when accessing array.

        * jit/JIT.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a failure in fast/js/math-transforms.html caused by failing to
        preserve -0 in multiplication.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::jz):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitMul32Constant):
        (JSC::JIT::emitMul32InPlace): Check both for overflow and for zero when
        doing multiplication. Use a slow case to get these right.

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a bug in the varargs calling convention.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs): Move the argument count into regT1,
        since that's where ctiVirtualCall expects it to be.

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Fixed a small bug in instanceof's looping code.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof): NULL means the object has no prototype,
        so only loop when *not* equal to NULL.

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a small bug in instanceof's result writing code.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof): Make sure to fill out the payload bits
        in all cases.

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Removed an invalid assertion in cti_op_urshift which
        depended on a fast path for op_urshift which has
        never existed.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_urshift):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed loop_if_true, which had the same reversed test that jtrue had.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_true):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        In op_neq, we apparently want to check that one value
        does *not* equal another.  Go figure.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_neq):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        The slow case of op_mod should call op_mod's jit stub,
        not op_mul.  That would be dumb.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_mod):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed problems when using 'arguments' due to a half-initialized register.

        * interpreter/CallFrame.h:
        (JSC::ExecState::setCalleeArguments):
        (JSC::ExecState::init): Require a full JSValue when setting up the 
        'arguments' virtual register, since this register is accessible from JIT
        code and bytecode, and needs to be a true JSValue.

        * interpreter/CallFrameClosure.h:
        (JSC::CallFrameClosure::resetCallFrame): ditto

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute): ditto

        * interpreter/Register.h: Removed the constructor that allowed assignment
        of a JSArguments* to a register. That is not safe. See above.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_create_arguments):
        (JSC::JITStubs::cti_op_create_arguments_no_params): ditto

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        We really want to go to the slow case in op_jfalse and
        op_jtrue if the value is *not* boolean. 

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Flipped the condition when emitting a an op_loop_if_less or op_loop_if_lesseq
        if the first operand is a constant.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Added missing return in op_jnless and op_jnlesseq. 

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Load constants into the the register file as a temporary measure to
        aid bring up.  This allows us to use to treat constants like any
        other virtual register.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_strict_eq. Original patch by Snowy, by way of Sam and Gavin.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::set8): Added set8, since it's slightly
        faster than set32, and the new value representation usually doesn't
        need set32.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadTag):
        (JSC::JIT::emitLoadPayload): Added helper functions for dealing with
        constants. Eventually, we should write special cases for all constants,
        but these are helpful in the short term.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlow_op_stricteq):
        (JSC::JIT::emitSlow_op_nstricteq): teh opcodez.

        * runtime/JSValue.h:
        (JSC::JSValue::):
        (JSC::JSValue::isDouble): Added a LowestTag for clarity.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed some bugs in host function calls.
        
        testapi now passes!

        * jit/JIT.cpp: Changed some registers around to avoid overwriting edx:eax,
        which is how JSValues are now returned. Also changed the code that
        passes thisValue to pass the full 64bits of the value. Also added
        an #error compiler directive to other platform builds, since the JSValue
        return signature probably won't return in edx:eax on those platforms,
        and we'll have to investigate a solution.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Removed parameters from functions that are intended never to use their
        parameters.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Ported op_instance_of from TOT. It's basically the same, but some register
        stuff changed to memory stuff.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        (JSC::JIT::emitStore): Changed to use helper functions.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emitSlow_op_instanceof): Ported from TOT.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.
        
        Added a comment to explain an exception-handling subtelty that we found
        hard to remember when reviewing my last patch.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_catch):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented try/catch.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw): Updated to use JITStackFrame abstraction.
        (JSC::JIT::emit_op_catch): Filled out.

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented op_loop_if_true, op_jfalse, op_jtrue, op_jeq_null and op_jneq_null

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_instanceof): Moved from below to be next to its
        fast brother.

        (JSC::JIT::emit_op_loop_if_true): Similar to the old version
        in that it tries to do the integer case first and reduce the
        number of jumps you might need to take.
        (JSC::JIT::emitSlow_op_loop_if_true):

        (JSC::JIT::emit_op_jfalse): Very similar to op_loop_if_true, only
        the inverse and without a timeout check.
        (JSC::JIT::emitSlow_op_jfalse):

        (JSC::JIT::emit_op_jtrue): Very similar to op_loop_if_true except
        without the timeout check.
        (JSC::JIT::emitSlow_op_jtrue):

        (JSC::JIT::emit_op_jeq_null): Very similar to the implementation
        of op_eq, except it takes jumps instead of copying the condition
        to a dst.
        (JSC::JIT::emit_op_jneq_null): Ditto but for op_neq.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_call_varargs.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::emit_op_call):
        (JSC::JIT::emit_op_call_eval):
        (JSC::JIT::emit_op_load_varargs):
        (JSC::JIT::emit_op_call_varargs):
        (JSC::JIT::emit_op_construct):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jneq_ptr):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_call_eval.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCall):
        * jit/JITStubCall.h:
        (JSC::CallEvalJITStub::CallEvalJITStub):

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Implemented op_not. (Gavin did most of the work!)

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emitSlow_op_not):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_global_resolve.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq): Added back accidentally removed
        early returns. 

        (JSC::JIT::emit_op_resolve_global):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_resolve_global): Pretty similar to the old code,
        but we need two reads and a TimesEight step in order to account for the
        64bit value size.

        * jit/JITStubs.h:
        (JSC::): Slightly tweaked this code to specialize for a JSGlobalObject*,
        to avoid having to pass an irrelevant tag pointer to the stub.

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented op_to_jsnumber.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emitSlow_op_to_jsnumber):

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented op_convert_this.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emitSlow_op_convert_this):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Got basic JS function and constructor calls working.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::emit_op_ret):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emitSlow_op_construct_verify):
        (JSC::JIT::emitSlow_op_call):
        (JSC::JIT::emitSlow_op_call_eval):
        (JSC::JIT::emitSlow_op_call_varargs):
        (JSC::JIT::emitSlow_op_construct):
        (JSC::JIT::compileOpCall): Filled out these cases, with call_eval #if'd out.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        (JSC::JIT::emitLoad): Restored some legacy "*CTIArg*" functions,
        since I wanted to avoid the complexity of revamping the API here while
        trying to bring it up. Eventually, we should re-remove all of these functions.

        (JSC::JIT::recordJumpTarget): Removed unnecessary macro cruft. You will
        not silence me, Sam Weinig! The world will know that you are a crufty,
        crufty, crufty programmer!!!

        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        (JSC::):
        * jit/JITStubs.h: Changed up some offsets in the JITStackFrame class, since
        and off-by-one error was causing stack misalignment.

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_eq_null and op_neq_null.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::set8):
        (JSC::MacroAssemblerX86Common::setTest8):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_stricteq):
        (JSC::JIT::emitSlow_op_stricteq):
        (JSC::JIT::emit_op_nstricteq):
        (JSC::JIT::emitSlow_op_nstricteq):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        * jsc.cpp:

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_new_error.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_error):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument): Add a version of addArgument
        that takes a constant JSValue.

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove now unused emitGetVariableObjectRegister and emitPutVariableObjectRegister.

        * jit/JIT.cpp:
        * jit/JIT.h:

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_to_primitive and op_next_pname.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_construct_verify):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emitSlow_op_to_primitive):
        (JSC::JIT::emitSlow_op_loop_if_true):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_next_pname):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add op_get_global_var, op_put_global_var, emit_op_get_scoped_var, emit_op_put_scoped_var and
        op_unexpected_load.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::tagFor):
        (JSC::JIT::payloadFor):
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitStore):
        (JSC::JIT::emitLoadReturnValue):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_unexpected_load):

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added overflow handling to op_sub.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSlowSub32InPlaceLeft):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove a function call by folding op_get_by_id and op_put_by_id into
        their respective compile functions.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Make JITStubCall work in 64bit by making the stack index
        step dependent on the size of void*.

        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::addArgument):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement simple version of property access opcodes
        which just call a stub functions.

        * jit/JITOpcodes.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_put_by_index):
        (JSC::JIT::emit_op_put_getter):
        (JSC::JIT::emit_op_put_setter):
        (JSC::JIT::emit_op_del_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument):
        * jsc.cpp:

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added work-around for XCode debugging echo problem.

        * jsc.cpp:
        (runInteractive):

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added overflow handling to op_add.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32InPlace):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add slow cases for op_jnless or emit_op_jnlesseq.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add implementations for op_jnless, emit_op_jnlesseq, op_loop_if_less and op_loop_if_lesseq.
        No slow cases for op_jnless or emit_op_jnlesseq yet.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emitSlow_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emitSlow_op_loop_if_lesseq):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Turn the RECORD_JUMP_TARGET macro into an inline function.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::recordJumpTarget):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_jsr):
        (JSC::JIT::emit_op_jmp_scopes):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Add MacroAssemblerX86Common::set8 to fix the build.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::set8):

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added overflow recovery for pre_inc and pre_dec.
        
        Turned some short-circuit code into early returns, as is the WebKit style.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_dec):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_jmp, op_loop, op_eq and op_neq.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_loop):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement the slow cases for arithmetic opcodes.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emitSlow_op_bitand):
        (JSC::JIT::emitSlow_op_bitor):
        (JSC::JIT::emitSlow_op_bitxor):
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitSlow_op_mod):
        (JSC::JIT::emit_op_mod):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_bitnot.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::not32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::notl_m):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_bitnot):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add arithmetic opcode implementations from the old nitro-extreme branch.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitBitAnd32Constant):
        (JSC::JIT::emitBitAnd32InPlace):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitSlow_op_bitor):
        (JSC::JIT::emitBitOr32Constant):
        (JSC::JIT::emitBitOr32InPlace):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitSlow_op_bitxor):
        (JSC::JIT::emitBitXor32Constant):
        (JSC::JIT::emitBitXor32InPlace):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitAdd32InPlace):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSub32ConstantLeft):
        (JSC::JIT::emitSub32ConstantRight):
        (JSC::JIT::emitSub32InPlaceLeft):
        (JSC::JIT::emitSub32InPlaceRight):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitMul32Constant):
        (JSC::JIT::emitMul32InPlace):
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):
        * jit/JITOpcodes.cpp:

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Removed JIT_OPTIMIZE_ARITHMETIC setting, since it was all about 32bit
        value representations.
        
        Added JSAPIValueWrapper to the repository.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * runtime/JSAPIValueWrapper.cpp: Added.
        (JSC::JSAPIValueWrapper::toPrimitive):
        (JSC::JSAPIValueWrapper::getPrimitiveNumber):
        (JSC::JSAPIValueWrapper::toBoolean):
        (JSC::JSAPIValueWrapper::toNumber):
        (JSC::JSAPIValueWrapper::toString):
        (JSC::JSAPIValueWrapper::toObject):
        * runtime/JSAPIValueWrapper.h: Added.
        (JSC::JSAPIValueWrapper::value):
        (JSC::JSAPIValueWrapper::isAPIValueWrapper):
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        (JSC::jsAPIValueWrapper):
        * wtf/Platform.h:

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Turned on the JIT and got it building and running the most trivial of
        programs.
        
        All configurable optimizations are turned off, and a few opcodes are ad
        hoc #if'd out.
        
        So far, I've only merged op_mov and op_end, but some stub-reliant
        opcodes work as-is from TOT.
        
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * bytecode/CodeBlock.h:
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitSlow_op_bitand):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlow_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperandImmediateInt):
        (JSC::JIT::isOperandConstantImmediateInt):
        (JSC::JIT::emitInitRegister):
        (JSC::JIT::addSlowCase):
        (JSC::JIT::addJump):
        (JSC::JIT::emitJumpSlowToHot):
        (JSC::JIT::tagFor):
        (JSC::JIT::payloadFor):
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitLoadReturnValue):
        (JSC::JIT::emitStore):
        (JSC::JIT::emitStoreReturnValue):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_mov):
        (JSC::JIT::emit_op_end):
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_loop):
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_tear_off_activation):
        (JSC::JIT::emit_op_ret):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_loop_if_true):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_unexpected_load):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emit_op_throw):
        (JSC::JIT::emit_op_next_pname):
        (JSC::JIT::emit_op_push_scope):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_push_new_scope):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_switch_imm):
        (JSC::JIT::emit_op_switch_char):
        (JSC::JIT::emit_op_switch_string):
        (JSC::JIT::emit_op_new_error):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call):
        (JSC::JIT::emitSlow_op_construct_verify):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emitSlow_op_loop_if_less):
        (JSC::JIT::emitSlow_op_loop_if_lesseq):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emitSlow_op_not):
        (JSC::JIT::emitSlow_op_instanceof):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emit_op_put_by_index):
        (JSC::JIT::emit_op_put_getter):
        (JSC::JIT::emit_op_put_setter):
        (JSC::JIT::emit_op_del_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::addArgument):
        (JSC::JITStubCall::call):
        (JSC::JITStubCall::):
        (JSC::CallEvalJITStub::CallEvalJITStub):
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_post_dec):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_switch_imm):
        * jit/JITStubs.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * runtime/JSValue.h:
        (JSC::JSValue::payload):
        * wtf/Platform.h:

2009-05-07  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add some new MacroAssembler and assembler functions that will be needed shortly.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::add32):
        (JSC::MacroAssemblerX86Common::and32):
        (JSC::MacroAssemblerX86Common::mul32):
        (JSC::MacroAssemblerX86Common::neg32):
        (JSC::MacroAssemblerX86Common::or32):
        (JSC::MacroAssemblerX86Common::sub32):
        (JSC::MacroAssemblerX86Common::xor32):
        (JSC::MacroAssemblerX86Common::branchAdd32):
        (JSC::MacroAssemblerX86Common::branchMul32):
        (JSC::MacroAssemblerX86Common::branchSub32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::addl_rm):
        (JSC::X86Assembler::andl_mr):
        (JSC::X86Assembler::andl_rm):
        (JSC::X86Assembler::andl_im):
        (JSC::X86Assembler::negl_r):
        (JSC::X86Assembler::notl_r):
        (JSC::X86Assembler::orl_rm):
        (JSC::X86Assembler::orl_im):
        (JSC::X86Assembler::subl_rm):
        (JSC::X86Assembler::xorl_mr):
        (JSC::X86Assembler::xorl_rm):
        (JSC::X86Assembler::xorl_im):
        (JSC::X86Assembler::imull_mr):

2009-05-11  Sam Weinig  <sam@webkit.org>

        Reviewed by Cameron Zwarich.

        Remove the NumberHeap.

        * JavaScriptCore.exp:
        * runtime/Collector.cpp:
        (JSC::Heap::Heap):
        (JSC::Heap::destroy):
        (JSC::Heap::recordExtraCost):
        (JSC::Heap::heapAllocate):
        (JSC::Heap::markConservatively):
        (JSC::Heap::sweep):
        (JSC::Heap::collect):
        (JSC::Heap::objectCount):
        (JSC::Heap::statistics):
        (JSC::typeName):
        (JSC::Heap::isBusy):
        * runtime/Collector.h:
        (JSC::Heap::globalData):
        * runtime/JSCell.h:

2009-05-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Land initial commit of new number representation for 32 bit platforms,
        with JIT disabled.

        * API/APICast.h:
        (toJS):
        (toRef):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::hasInstance):
        (JSC::::toNumber):
        (JSC::::toString):
        * API/tests/testapi.c:
        (EvilExceptionObject_convertToType):
        * AllInOneFile.cpp:
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::valueToSourceString):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitUnexpectedLoad):
        (JSC::keyForImmediateSwitch):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::privateExecute):
        * parser/Nodes.cpp:
        (JSC::ArrayNode::emitBytecode):
        (JSC::processClauseList):
        * runtime/ArgList.h:
        * runtime/Collector.h:
        (JSC::sizeof):
        * runtime/DateMath.cpp:
        * runtime/ExceptionHelpers.h:
        * runtime/InitializeThreading.cpp:
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSCell.cpp:
        * runtime/JSCell.h:
        (JSC::JSCell::isAPIValueWrapper):
        (JSC::JSValue::isString):
        (JSC::JSValue::isGetterSetter):
        (JSC::JSValue::isObject):
        (JSC::JSValue::getString):
        (JSC::JSValue::getObject):
        (JSC::JSValue::getCallData):
        (JSC::JSValue::getConstructData):
        (JSC::JSValue::getUInt32):
        (JSC::JSValue::marked):
        (JSC::JSValue::toPrimitive):
        (JSC::JSValue::getPrimitiveNumber):
        (JSC::JSValue::toBoolean):
        (JSC::JSValue::toNumber):
        (JSC::JSValue::toString):
        (JSC::JSValue::needsThisConversion):
        (JSC::JSValue::toThisString):
        (JSC::JSValue::getJSNumber):
        (JSC::JSValue::toObject):
        (JSC::JSValue::toThisObject):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.h:
        (JSC::Structure::prototypeForLookup):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):
        * runtime/JSImmediate.h:
        * runtime/JSNumberCell.cpp: Removed.
        * runtime/JSNumberCell.h: Removed.
        * runtime/JSObject.h:
        (JSC::JSValue::get):
        (JSC::JSValue::put):
        * runtime/JSString.h:
        (JSC::JSValue::toThisJSString):
        * runtime/JSValue.cpp:
        (JSC::JSValue::toInteger):
        (JSC::JSValue::toIntegerPreserveNaN):
        (JSC::JSValue::toObjectSlowCase):
        (JSC::JSValue::toThisObjectSlowCase):
        (JSC::JSValue::synthesizeObject):
        (JSC::JSValue::synthesizePrototype):
        (JSC::JSValue::description):
        (JSC::nonInlineNaN):
        * runtime/JSValue.h:
        (JSC::JSValue::):
        (JSC::EncodedJSValueHashTraits::emptyValue):
        (JSC::jsNaN):
        (JSC::operator==):
        (JSC::operator!=):
        (JSC::toInt32):
        (JSC::toUInt32):
        (JSC::JSValue::encode):
        (JSC::JSValue::decode):
        (JSC::JSValue::JSValue):
        (JSC::JSValue::operator bool):
        (JSC::JSValue::operator==):
        (JSC::JSValue::operator!=):
        (JSC::JSValue::isUndefined):
        (JSC::JSValue::isNull):
        (JSC::JSValue::isUndefinedOrNull):
        (JSC::JSValue::isCell):
        (JSC::JSValue::isInt32):
        (JSC::JSValue::isUInt32):
        (JSC::JSValue::isDouble):
        (JSC::JSValue::isTrue):
        (JSC::JSValue::isFalse):
        (JSC::JSValue::tag):
        (JSC::JSValue::asInt32):
        (JSC::JSValue::asUInt32):
        (JSC::JSValue::asDouble):
        (JSC::JSValue::asCell):
        (JSC::JSValue::isNumber):
        (JSC::JSValue::isBoolean):
        (JSC::JSValue::getBoolean):
        (JSC::JSValue::uncheckedGetNumber):
        (JSC::JSValue::toJSNumber):
        (JSC::JSValue::getNumber):
        (JSC::JSValue::toInt32):
        (JSC::JSValue::toUInt32):
        * runtime/Operations.h:
        (JSC::JSValue::equal):
        (JSC::JSValue::equalSlowCaseInline):
        (JSC::JSValue::strictEqual):
        (JSC::JSValue::strictEqualSlowCaseInline):
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAdd):
        * runtime/PropertySlot.h:
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncIndexOf):
        * wtf/Platform.h:

=== Start merge of nitro-extreme branch 2009-07-30 ===

2009-07-29  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by George Staikos.

        Resolve class/struct mixup in forward declarations
        https://bugs.webkit.org/show_bug.cgi?id=27708

        * API/JSClassRef.h:
        * bytecode/SamplingTool.h:
        * interpreter/Interpreter.h:
        * jit/JIT.h:
        * profiler/ProfileGenerator.h:
        * profiler/Profiler.h:
        * runtime/ClassInfo.h:
        * runtime/ExceptionHelpers.h:
        * runtime/JSByteArray.h:
        * runtime/JSCell.h:
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.h:
        * runtime/JSObject.h:
        * runtime/JSString.h:

2009-07-28  Ada Chan  <adachan@apple.com>        

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=27236
        - Implement TCMalloc_SystemRelease and TCMalloc_SystemCommit for Windows.
        - Use a background thread to periodically scavenge memory to release back to the system.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::init):
        (WTF::TCMalloc_PageHeap::runScavengerThread):
        (WTF::TCMalloc_PageHeap::scavenge):
        (WTF::TCMalloc_PageHeap::shouldContinueScavenging):
        (WTF::TCMalloc_PageHeap::New):
        (WTF::TCMalloc_PageHeap::AllocLarge):
        (WTF::TCMalloc_PageHeap::Delete):
        (WTF::TCMalloc_PageHeap::GrowHeap):
        (WTF::sleep):
        (WTF::TCMalloc_PageHeap::scavengerThread):
        * wtf/TCSystemAlloc.cpp:
        (TCMalloc_SystemRelease):
        (TCMalloc_SystemCommit):
        * wtf/TCSystemAlloc.h:

2009-07-28  Xan Lopez  <xlopez@igalia.com>

        Add new files, fixes distcheck.

        * GNUmakefile.am:

2009-07-28  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        [Qt] Determining whether to use JIT or interpreter
        moved from JavaScriptCore.pri to Platform.h

        * JavaScriptCore.pri:
        * wtf/Platform.h:

2009-07-27  Brian Weinstein  <bweinstein@apple.com>

        Fix of misuse of sort command.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-27  Brian Weinstein  <bweinstein@apple.com>

        Build fix for Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-27  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Oliver Hunt.

        Fix tyop in JIT, renamed preverveReturnAddressAfterCall -> preserveReturnAddressAfterCall.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::preserveReturnAddressAfterCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):

2009-07-27  Alexey Proskuryakov  <ap@webkit.org>

        Gtk build fix.

        * runtime/JSLock.cpp: (JSC::JSLock::JSLock): Fix "no threading" case.

2009-07-27  Alexey Proskuryakov  <ap@webkit.org>

        Release build fix.

        * runtime/JSLock.h: (JSC::JSLock::~JSLock):

2009-07-27  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=27735
        Give a helpful name to JSLock constructor argument

        * API/JSBase.cpp:
        (JSGarbageCollect):
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        (JSPropertyNameArrayRelease):
        (JSPropertyNameAccumulatorAddName):
        * JavaScriptCore.exp:
        * jsc.cpp:
        (functionGC):
        (cleanupGlobalData):
        (jscmain):
        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        * runtime/JSLock.cpp:
        (JSC::JSLock::JSLock):
        (JSC::JSLock::lock):
        (JSC::JSLock::unlock):
        (JSC::JSLock::DropAllLocks::DropAllLocks):
        (JSC::JSLock::DropAllLocks::~DropAllLocks):
        * runtime/JSLock.h:
        (JSC::):
        (JSC::JSLock::JSLock):
        (JSC::JSLock::~JSLock):

2009-07-25  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        Allow custom memory allocation control for OpaqueJSPropertyNameArray struct
        https://bugs.webkit.org/show_bug.cgi?id=27342

        Inherits OpaqueJSPropertyNameArray struct from FastAllocBase because it has been
        instantiated by 'new' JavaScriptCore/API/JSObjectRef.cpp:473.

        * API/JSObjectRef.cpp:

2009-07-24  Ada Chan  <adachan@apple.com>

        In preparation for https://bugs.webkit.org/show_bug.cgi?id=27236:
        Remove TCMALLOC_TRACK_DECOMMITED_SPANS.  We'll always track decommitted spans.
        We have tested this and show it has little impact on performance.

        Reviewed by Mark Rowe.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::New):
        (WTF::TCMalloc_PageHeap::AllocLarge):
        (WTF::propagateDecommittedState):
        (WTF::mergeDecommittedStates):
        (WTF::TCMalloc_PageHeap::Delete):
        (WTF::TCMalloc_PageHeap::IncrementalScavenge):

2009-07-24  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Darin Adler and Adam Barth.

        Build fix for x86 platforms.
        https://bugs.webkit.org/show_bug.cgi?id=27602

        * jit/JIT.cpp:

2009-07-23  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix, adding missing header.

        * jit/JIT.cpp:

2009-07-22  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        Add wince specific memory files into wtf/wince
        https://bugs.webkit.org/show_bug.cgi?id=27550

        * wtf/wince/FastMallocWince.h: Added.
        * wtf/wince/MemoryManager.cpp: Added.
        * wtf/wince/MemoryManager.h: Added.

2009-07-23  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Simon Hausmann.

        Fix for missing mmap features in Symbian
        https://bugs.webkit.org/show_bug.cgi?id=24540

        Fix, conditionally for PLATFORM(SYMBIAN), as an alternative 
        to missing support for the MAP_ANON property flag in mmap. 
        It utilizes Symbian specific memory allocation features.

        * runtime/Collector.cpp

2009-07-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        With ENABLE(ASSEMBLER_WX_EXCLUSIVE), only change permissions once per repatch event.
        ( https://bugs.webkit.org/show_bug.cgi?id=27564 )

        Currently we change permissions forwards and backwards for each instruction modified,
        instead we should only change permissions once per complete repatching event.

        2.5% progression running with ENABLE(ASSEMBLER_WX_EXCLUSIVE) enabled,
        which recoups 1/3 of the penalty of running with this mode enabled.

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::linkBranch):
            - Replace usage of MakeWritable with cacheFlush.
        
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::patchPointerInternal):
        (JSC::ARMAssembler::repatchLoadPtrToLEA):
            - Replace usage of MakeWritable with cacheFlush.

        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::relinkJump):
        (JSC::ARMv7Assembler::relinkCall):
        (JSC::ARMv7Assembler::repatchInt32):
        (JSC::ARMv7Assembler::repatchPointer):
        (JSC::ARMv7Assembler::repatchLoadPtrToLEA):
        (JSC::ARMv7Assembler::setInt32):
            - Replace usage of MakeWritable with cacheFlush.

        * assembler/LinkBuffer.h:
        (JSC::LinkBuffer::performFinalization):
            - Make explicit call to cacheFlush.

        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
            - Make size always available.

        * assembler/RepatchBuffer.h:
        (JSC::RepatchBuffer::RepatchBuffer):
        (JSC::RepatchBuffer::~RepatchBuffer):
            - Add calls to MakeWritable & makeExecutable.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::relinkJump):
        (JSC::X86Assembler::relinkCall):
        (JSC::X86Assembler::repatchInt32):
        (JSC::X86Assembler::repatchPointer):
        (JSC::X86Assembler::repatchLoadPtrToLEA):
            - Remove usage of MakeWritable.

        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getJITCode):
            - Provide access to CodeBlock's JITCode.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::makeExecutable):
        (JSC::ExecutableAllocator::cacheFlush):
            - Remove MakeWritable, make cacheFlush public.

        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
        (JSC::JIT::privateCompile):
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
            - Add CodeBlock argument to RepatchBuffer.

        * jit/JIT.h:
            - Pass CodeBlock argument for use by RepatchBuffer.

        * jit/JITCode.h:
        (JSC::JITCode::start):
        (JSC::JITCode::size):
            - Provide access to code start & size.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchMethodCallProto):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
            - Add CodeBlock argument to RepatchBuffer.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
            - Pass CodeBlock argument for use by RepatchBuffer.

2009-07-21  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Cache not only the structure of the method, but the
        structure of its prototype as well.
        https://bugs.webkit.org/show_bug.cgi?id=27077

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::MethodCallLinkInfo::MethodCallLinkInfo):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchMethodCallProto):

2009-07-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Move call linking / repatching down from AbstractMacroAssembler into MacroAssemblerARCH classes.
        ( https://bugs.webkit.org/show_bug.cgi?id=27527 )

        This allows the implementation to be defined per architecture.  Specifically this addresses the
        fact that x86-64 MacroAssembler implements far calls as a load to register, followed by a call
        to register.  Patching the call actually requires the pointer load to be patched, rather than
        the call to be patched.  This is implementation detail specific to MacroAssemblerX86_64, and as
        such is best handled there.

        * assembler/AbstractMacroAssembler.h:
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::linkCall):
        (JSC::MacroAssemblerARM::repatchCall):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::linkCall):
        (JSC::MacroAssemblerARMv7::repatchCall):
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::linkCall):
        (JSC::MacroAssemblerX86::repatchCall):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::linkCall):
        (JSC::MacroAssemblerX86_64::repatchCall):

2009-07-21  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by George Staikos.

        Every wtf file includes other wtf files with <> style includes
        except this one.  Fix the exception.

        * wtf/ByteArray.h:

2009-07-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Move LinkBuffer/RepatchBuffer out of AbstractMacroAssembler.
        ( https://bugs.webkit.org/show_bug.cgi?id=27485 )

        This change is the first step in a process to move code that should be in
        the architecture-specific MacroAssembler classes up out of Assmbler and
        AbstractMacroAssembler.

        * JavaScriptCore.xcodeproj/project.pbxproj:
            - added new files
        
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::linkPointer):
            - rename patchPointer to bring it in line with the current link/repatch naming scheme
        
        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::linkCall):
        (JSC::ARMv7Assembler::linkPointer):
        (JSC::ARMv7Assembler::relinkCall):
        (JSC::ARMv7Assembler::repatchInt32):
        (JSC::ARMv7Assembler::repatchPointer):
        (JSC::ARMv7Assembler::setInt32):
        (JSC::ARMv7Assembler::setPointer):
            - rename patchPointer to bring it in line with the current link/repatch naming scheme

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::linkJump):
        (JSC::AbstractMacroAssembler::linkCall):
        (JSC::AbstractMacroAssembler::linkPointer):
        (JSC::AbstractMacroAssembler::getLinkerAddress):
        (JSC::AbstractMacroAssembler::getLinkerCallReturnOffset):
        (JSC::AbstractMacroAssembler::repatchJump):
        (JSC::AbstractMacroAssembler::repatchCall):
        (JSC::AbstractMacroAssembler::repatchNearCall):
        (JSC::AbstractMacroAssembler::repatchInt32):
        (JSC::AbstractMacroAssembler::repatchPointer):
        (JSC::AbstractMacroAssembler::repatchLoadPtrToLEA):
            - remove the LinkBuffer/RepatchBuffer classes, but leave a set of (private, friended) methods to interface to the Assembler

        * assembler/LinkBuffer.h: Added.
        (JSC::LinkBuffer::LinkBuffer):
        (JSC::LinkBuffer::~LinkBuffer):
        (JSC::LinkBuffer::link):
        (JSC::LinkBuffer::patch):
        (JSC::LinkBuffer::locationOf):
        (JSC::LinkBuffer::locationOfNearCall):
        (JSC::LinkBuffer::returnAddressOffset):
        (JSC::LinkBuffer::finalizeCode):
        (JSC::LinkBuffer::finalizeCodeAddendum):
        (JSC::LinkBuffer::code):
        (JSC::LinkBuffer::performFinalization):
            - new file containing the LinkBuffer class, previously a member of AbstractMacroAssembler

        * assembler/RepatchBuffer.h: Added.
        (JSC::RepatchBuffer::RepatchBuffer):
        (JSC::RepatchBuffer::relink):
        (JSC::RepatchBuffer::repatch):
        (JSC::RepatchBuffer::repatchLoadPtrToLEA):
        (JSC::RepatchBuffer::relinkCallerToTrampoline):
        (JSC::RepatchBuffer::relinkCallerToFunction):
        (JSC::RepatchBuffer::relinkNearCallerToTrampoline):
            - new file containing the RepatchBuffer class, previously a member of AbstractMacroAssembler

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::linkJump):
        (JSC::X86Assembler::linkCall):
        (JSC::X86Assembler::linkPointerForCall):
        (JSC::X86Assembler::linkPointer):
        (JSC::X86Assembler::relinkJump):
        (JSC::X86Assembler::relinkCall):
        (JSC::X86Assembler::repatchInt32):
        (JSC::X86Assembler::repatchPointer):
        (JSC::X86Assembler::setPointer):
        (JSC::X86Assembler::setInt32):
        (JSC::X86Assembler::setRel32):
            - rename patchPointer to bring it in line with the current link/repatch naming scheme

        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
            - include new headers
            - remove MacroAssembler:: specification from RepatchBuffer usage

        * jit/JITPropertyAccess.cpp:
        * yarr/RegexJIT.cpp:
            - include new headers

2009-07-21  Robert Agoston  <Agoston.Robert@stud.u-szeged.hu>

        Reviewed by David Levin.

        Fixed #undef typo.
        https://bugs.webkit.org/show_bug.cgi?id=27506

        * bytecode/Opcode.h:

2009-07-21  Adam Roben  <aroben@apple.com>

        Roll out r46153, r46154, and r46155

        These changes were causing build failures and assertion failures on
        Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSArray.cpp:
        * runtime/StringPrototype.cpp:
        * runtime/UString.cpp:
        * runtime/UString.h:
        * wtf/FastMalloc.cpp:
        * wtf/FastMalloc.h:
        * wtf/Platform.h:
        * wtf/PossiblyNull.h: Removed.

2009-07-21  Roland Steiner  <rolandsteiner@google.com>

        Reviewed by David Levin.

        Add ENABLE_RUBY to list of build options
        https://bugs.webkit.org/show_bug.cgi?id=27324

        * Configurations/FeatureDefines.xcconfig: Added flag ENABLE_RUBY.

2009-07-20  Oliver Hunt  <oliver@apple.com>

        Build fix attempt #2

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-20  Oliver Hunt  <oliver@apple.com>

        Build fix attempt #1

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Make it harder to misuse try* allocation routines
        https://bugs.webkit.org/show_bug.cgi?id=27469

        Jump through a few hoops to make it much harder to accidentally
        miss null-checking of values returned by the try-* allocation
        routines.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::increaseVectorLength):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncLink):
        * runtime/UString.cpp:
        (JSC::allocChars):
        (JSC::reallocChars):
        (JSC::expandCapacity):
        (JSC::UString::Rep::reserveCapacity):
        (JSC::UString::expandPreCapacity):
        (JSC::createRep):
        (JSC::concatenate):
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        (JSC::UString::append):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        * wtf/FastMalloc.cpp:
        (WTF::tryFastZeroedMalloc):
        (WTF::tryFastMalloc):
        (WTF::tryFastCalloc):
        (WTF::tryFastRealloc):
        (WTF::TCMallocStats::tryFastMalloc):
        (WTF::TCMallocStats::tryFastCalloc):
        (WTF::TCMallocStats::tryFastRealloc):
        * wtf/FastMalloc.h:
        (WTF::TryMallocReturnValue::TryMallocReturnValue):
        (WTF::TryMallocReturnValue::~TryMallocReturnValue):
        (WTF::TryMallocReturnValue::operator Maybe<T>):
        (WTF::TryMallocReturnValue::getValue):
        * wtf/PossiblyNull.h:
        (WTF::PossiblyNull::PossiblyNull):
        (WTF::PossiblyNull::~PossiblyNull):
        (WTF::PossiblyNull::getValue):
        * wtf/Platform.h:

2009-07-20  Gavin Barraclough  <barraclough@apple.com>

        RS Oliver Hunt.

        Add ARM assembler files to xcodeproj, for convenience editing.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-07-20  Jessie Berlin  <jberlin@apple.com>

        Reviewed by David Levin.

        Fix an incorrect assertion in Vector::remove.
        
        https://bugs.webkit.org/show_bug.cgi?id=27477

        * wtf/Vector.h:
        (WTF::::remove):
        Assert that the position at which to start removing elements + the
        length (the number of elements to remove) is less than or equal to the
        size of the entire Vector.

2009-07-20  Peter Kasting  <pkasting@google.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=27468
        Back out r46060, which caused problems for some Apple developers.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Allow custom memory allocation control in NewThreadContext
        https://bugs.webkit.org/show_bug.cgi?id=27338

        Inherits NewThreadContext struct from FastAllocBase because it
        has been instantiated by 'new' JavaScriptCore/wtf/Threading.cpp:76.

        * wtf/Threading.cpp:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Allow custom memory allocation control in JavaScriptCore's JSClassRef.h
        https://bugs.webkit.org/show_bug.cgi?id=27340

        Inherit StaticValueEntry and StaticFunctionEntry struct from FastAllocBase because these
        have been instantiated by 'new' in JavaScriptCore/API/JSClassRef.cpp:153
        and in JavaScriptCore/API/JSClassRef.cpp:166.

        * API/JSClassRef.h:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control in JavaScriptCore's RegexPattern.h
        https://bugs.webkit.org/show_bug.cgi?id=27343

        Inherits RegexPattern.h's structs (which have been instantiated by operator new) from FastAllocBase:

        CharacterClass (new call: JavaScriptCore/yarr/RegexCompiler.cpp:144)
        PatternAlternative (new call: JavaScriptCore/yarr/RegexPattern.h:221) 
        PatternDisjunction (new call: JavaScriptCore/yarr/RegexCompiler.cpp:446)

        * yarr/RegexPattern.h:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's MatchFrame struct
        https://bugs.webkit.org/show_bug.cgi?id=27344

        Inherits MatchFrame struct from FastAllocBase because it has
        been instantiated by 'new' JavaScriptCore/pcre/pcre_exec.cpp:359.

        * pcre/pcre_exec.cpp:

2009-07-20  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Holger Freyther.

        Remove some outdated S60 platform specific code
        https://bugs.webkit.org/show_bug.cgi?id=27423

        * wtf/Platform.h:

2009-07-20  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Qt build fix with MSVC and MinGW.

        * jsc.pro: Make sure jsc is a console application, and turn off
        exceptions and stl support to fix the build.

2009-07-20  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Gustavo Noronha.

        Do not use C++-style comments in preprocessor directives.

        GCC does not like this in some configurations, using C-style
        comments is safer.

        * wtf/Platform.h:

2009-07-17  Peter Kasting  <pkasting@google.com>

        Reviewed by Steve Falkenburg.

        https://bugs.webkit.org/show_bug.cgi?id=27323
        Only add Cygwin to the path when it isn't already there.  This avoids
        causing problems for people who purposefully have non-Cygwin versions of
        executables like svn in front of the Cygwin ones in their paths.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-07-17  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add YARR support for generic ARM platforms (disabled by default).
        https://bugs.webkit.org/show_bug.cgi?id=24986

        Add generic ARM port for MacroAssembler. It supports the whole
        MacroAssembler functionality except floating point.

        The class JmpSrc is extended with a flag which enables to patch
        the jump destination offset during execution. This feature is
        required for generic ARM port.

        Signed off by Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
        Signed off by Gabor Loki <loki@inf.u-szeged.hu>

        * JavaScriptCore.pri:
        * assembler/ARMAssembler.cpp: Added.
        (JSC::ARMAssembler::getLdrImmAddress):
        (JSC::ARMAssembler::linkBranch):
        (JSC::ARMAssembler::patchConstantPoolLoad):
        (JSC::ARMAssembler::getOp2):
        (JSC::ARMAssembler::genInt):
        (JSC::ARMAssembler::getImm):
        (JSC::ARMAssembler::moveImm):
        (JSC::ARMAssembler::dataTransfer32):
        (JSC::ARMAssembler::baseIndexTransfer32):
        (JSC::ARMAssembler::executableCopy):
        * assembler/ARMAssembler.h: Added.
        (JSC::ARM::):
        (JSC::ARMAssembler::ARMAssembler):
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::JmpSrc::JmpSrc):
        (JSC::ARMAssembler::JmpSrc::enableLatePatch):
        (JSC::ARMAssembler::JmpDst::JmpDst):
        (JSC::ARMAssembler::JmpDst::isUsed):
        (JSC::ARMAssembler::JmpDst::used):
        (JSC::ARMAssembler::emitInst):
        (JSC::ARMAssembler::and_r):
        (JSC::ARMAssembler::ands_r):
        (JSC::ARMAssembler::eor_r):
        (JSC::ARMAssembler::eors_r):
        (JSC::ARMAssembler::sub_r):
        (JSC::ARMAssembler::subs_r):
        (JSC::ARMAssembler::rsb_r):
        (JSC::ARMAssembler::rsbs_r):
        (JSC::ARMAssembler::add_r):
        (JSC::ARMAssembler::adds_r):
        (JSC::ARMAssembler::adc_r):
        (JSC::ARMAssembler::adcs_r):
        (JSC::ARMAssembler::sbc_r):
        (JSC::ARMAssembler::sbcs_r):
        (JSC::ARMAssembler::rsc_r):
        (JSC::ARMAssembler::rscs_r):
        (JSC::ARMAssembler::tst_r):
        (JSC::ARMAssembler::teq_r):
        (JSC::ARMAssembler::cmp_r):
        (JSC::ARMAssembler::orr_r):
        (JSC::ARMAssembler::orrs_r):
        (JSC::ARMAssembler::mov_r):
        (JSC::ARMAssembler::movs_r):
        (JSC::ARMAssembler::bic_r):
        (JSC::ARMAssembler::bics_r):
        (JSC::ARMAssembler::mvn_r):
        (JSC::ARMAssembler::mvns_r):
        (JSC::ARMAssembler::mul_r):
        (JSC::ARMAssembler::muls_r):
        (JSC::ARMAssembler::mull_r):
        (JSC::ARMAssembler::ldr_imm):
        (JSC::ARMAssembler::ldr_un_imm):
        (JSC::ARMAssembler::dtr_u):
        (JSC::ARMAssembler::dtr_ur):
        (JSC::ARMAssembler::dtr_d):
        (JSC::ARMAssembler::dtr_dr):
        (JSC::ARMAssembler::ldrh_r):
        (JSC::ARMAssembler::ldrh_d):
        (JSC::ARMAssembler::ldrh_u):
        (JSC::ARMAssembler::strh_r):
        (JSC::ARMAssembler::push_r):
        (JSC::ARMAssembler::pop_r):
        (JSC::ARMAssembler::poke_r):
        (JSC::ARMAssembler::peek_r):
        (JSC::ARMAssembler::clz_r):
        (JSC::ARMAssembler::bkpt):
        (JSC::ARMAssembler::lsl):
        (JSC::ARMAssembler::lsr):
        (JSC::ARMAssembler::asr):
        (JSC::ARMAssembler::lsl_r):
        (JSC::ARMAssembler::lsr_r):
        (JSC::ARMAssembler::asr_r):
        (JSC::ARMAssembler::size):
        (JSC::ARMAssembler::ensureSpace):
        (JSC::ARMAssembler::label):
        (JSC::ARMAssembler::align):
        (JSC::ARMAssembler::jmp):
        (JSC::ARMAssembler::patchPointerInternal):
        (JSC::ARMAssembler::patchConstantPoolLoad):
        (JSC::ARMAssembler::patchPointer):
        (JSC::ARMAssembler::repatchInt32):
        (JSC::ARMAssembler::repatchPointer):
        (JSC::ARMAssembler::repatchLoadPtrToLEA):
        (JSC::ARMAssembler::linkJump):
        (JSC::ARMAssembler::relinkJump):
        (JSC::ARMAssembler::linkCall):
        (JSC::ARMAssembler::relinkCall):
        (JSC::ARMAssembler::getRelocatedAddress):
        (JSC::ARMAssembler::getDifferenceBetweenLabels):
        (JSC::ARMAssembler::getCallReturnOffset):
        (JSC::ARMAssembler::getOp2Byte):
        (JSC::ARMAssembler::placeConstantPoolBarrier):
        (JSC::ARMAssembler::RM):
        (JSC::ARMAssembler::RS):
        (JSC::ARMAssembler::RD):
        (JSC::ARMAssembler::RN):
        (JSC::ARMAssembler::getConditionalField):
        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::JmpSrc::enableLatePatch):
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Call::enableLatePatch):
        (JSC::AbstractMacroAssembler::Jump::enableLatePatch):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.h: Added.
        (JSC::MacroAssemblerARM::):
        (JSC::MacroAssemblerARM::add32):
        (JSC::MacroAssemblerARM::and32):
        (JSC::MacroAssemblerARM::lshift32):
        (JSC::MacroAssemblerARM::mul32):
        (JSC::MacroAssemblerARM::not32):
        (JSC::MacroAssemblerARM::or32):
        (JSC::MacroAssemblerARM::rshift32):
        (JSC::MacroAssemblerARM::sub32):
        (JSC::MacroAssemblerARM::xor32):
        (JSC::MacroAssemblerARM::load32):
        (JSC::MacroAssemblerARM::load32WithAddressOffsetPatch):
        (JSC::MacroAssemblerARM::loadPtrWithPatchToLEA):
        (JSC::MacroAssemblerARM::load16):
        (JSC::MacroAssemblerARM::store32WithAddressOffsetPatch):
        (JSC::MacroAssemblerARM::store32):
        (JSC::MacroAssemblerARM::pop):
        (JSC::MacroAssemblerARM::push):
        (JSC::MacroAssemblerARM::move):
        (JSC::MacroAssemblerARM::swap):
        (JSC::MacroAssemblerARM::signExtend32ToPtr):
        (JSC::MacroAssemblerARM::zeroExtend32ToPtr):
        (JSC::MacroAssemblerARM::branch32):
        (JSC::MacroAssemblerARM::branch16):
        (JSC::MacroAssemblerARM::branchTest32):
        (JSC::MacroAssemblerARM::jump):
        (JSC::MacroAssemblerARM::branchAdd32):
        (JSC::MacroAssemblerARM::mull32):
        (JSC::MacroAssemblerARM::branchMul32):
        (JSC::MacroAssemblerARM::branchSub32):
        (JSC::MacroAssemblerARM::breakpoint):
        (JSC::MacroAssemblerARM::nearCall):
        (JSC::MacroAssemblerARM::call):
        (JSC::MacroAssemblerARM::ret):
        (JSC::MacroAssemblerARM::set32):
        (JSC::MacroAssemblerARM::setTest32):
        (JSC::MacroAssemblerARM::tailRecursiveCall):
        (JSC::MacroAssemblerARM::makeTailRecursiveCall):
        (JSC::MacroAssemblerARM::moveWithPatch):
        (JSC::MacroAssemblerARM::branchPtrWithPatch):
        (JSC::MacroAssemblerARM::storePtrWithPatch):
        (JSC::MacroAssemblerARM::supportsFloatingPoint):
        (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
        (JSC::MacroAssemblerARM::loadDouble):
        (JSC::MacroAssemblerARM::storeDouble):
        (JSC::MacroAssemblerARM::addDouble):
        (JSC::MacroAssemblerARM::subDouble):
        (JSC::MacroAssemblerARM::mulDouble):
        (JSC::MacroAssemblerARM::convertInt32ToDouble):
        (JSC::MacroAssemblerARM::branchDouble):
        (JSC::MacroAssemblerARM::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerARM::ARMCondition):
        (JSC::MacroAssemblerARM::prepareCall):
        (JSC::MacroAssemblerARM::call32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::JmpSrc::enableLatePatch):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):

2009-07-17  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Extend AssemblerBuffer with constant pool handling mechanism.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        Add a platform independed constant pool framework.
        This pool can store 32 or 64 bits values which is enough to hold
        any integer, pointer or double constant.

        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::putIntUnchecked):
        (JSC::AssemblerBuffer::putInt64Unchecked):
        (JSC::AssemblerBuffer::append):
        (JSC::AssemblerBuffer::grow):
        * assembler/AssemblerBufferWithConstantPool.h: Added.
        (JSC::):

2009-07-17  Eric Roman  <eroman@chromium.org>

        Reviewed by Darin Adler.

        Build fix for non-Darwin.
        Add a guard for inclusion of RetainPtr.h which includes CoreFoundation.h

        https://bugs.webkit.org/show_bug.cgi?id=27382

        * wtf/unicode/icu/CollatorICU.cpp:

2009-07-17  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by John Sullivan.

        Get user default collation order via a CFLocale API when available.

        * wtf/unicode/icu/CollatorICU.cpp: (WTF::Collator::userDefault):

2009-07-17  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix the include path for the Symbian port
        https://bugs.webkit.org/show_bug.cgi?id=27358

        * JavaScriptCore.pri:

2009-07-17  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by David Levin.

        Build fix on platforms don't have MMAP.
        https://bugs.webkit.org/show_bug.cgi?id=27365

        * interpreter/RegisterFile.h: Including stdio.h irrespectively of HAVE(MMAP)

2009-07-16  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by David Levin.

        Add --web-sockets flag and ENABLE_WEB_SOCKETS define.
        https://bugs.webkit.org/show_bug.cgi?id=27206
        
        Add ENABLE_WEB_SOCKETS

        * Configurations/FeatureDefines.xcconfig: add ENABLE_WEB_SOCKETS

2009-07-16  Maxime Simon  <simon.maxime@gmail.com>

        Reviewed by Eric Seidel.

        Added Haiku-specific files for JavaScriptCore.
        https://bugs.webkit.org/show_bug.cgi?id=26620

        * wtf/haiku/MainThreadHaiku.cpp: Added.
        (WTF::initializeMainThreadPlatform):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2009-07-16  Gavin Barraclough  <barraclough@apple.com>

        RS by Oliver Hunt.

        Revert r45969, this fix does not appear to be valid.
        https://bugs.webkit.org/show_bug.cgi?id=27077

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        * jit/JIT.cpp:
        * jit/JIT.h:

2009-07-16  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Allow custom memory allocation control in ExceptionInfo and RareData struct
        https://bugs.webkit.org/show_bug.cgi?id=27336

        Inherits ExceptionInfo and RareData struct from FastAllocBase because these
        have been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.cpp:1289 and
        in JavaScriptCore/bytecode/CodeBlock.h:453.

        Remove unnecessary WTF:: namespace from CodeBlock inheritance.
 
        * bytecode/CodeBlock.h:

2009-07-16  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Geoff Garen.

        Fix FeatureDefines.xcconfig to not be out of sync with the rest of the world.

        * Configurations/FeatureDefines.xcconfig:

2009-07-16  Yong Li  <yong.li@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27320
         _countof is only included in CE6; for CE5 we need to define it ourself

         * wtf/Platform.h:

2009-07-16  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Workers + garbage collector: weird crashes
        https://bugs.webkit.org/show_bug.cgi?id=27077

        We need to unlink cached method call sites when a function is destroyed.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        * jit/JIT.cpp:
        (JSC::JIT::unlinkMethodCall):
        * jit/JIT.h:

2009-07-15  Steve Falkenburg  <sfalken@apple.com>

        Windows Build fix.

        Visual Studio reset our intermediate directory on us.
        This sets it back.
        
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:

2009-07-15  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=26794
        Make Yacc-generated parsers to use fastMalloc/fastFree.
        
        Define YYMALLOC and YYFREE to fastMalloc and fastFree
        respectively.

        * parser/Grammar.y:

2009-07-15  Darin Adler  <darin@apple.com>

        Fix a build for a particular Apple configuration.

        * wtf/FastAllocBase.h: Change include to use "" style for
        including another wtf header. This is the style we use for
        including other public headers in the same directory.

2009-07-15  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=27303
        Implement createThreadInternal for WinCE.
        Contains changes by George Staikos <george.staikos@torchmobile.com> and Joe Mason <joe.mason@torchmobile.com>

        * wtf/ThreadingWin.cpp:
        (WTF::createThreadInternal):

2009-07-15  Joe Mason  <joe.mason@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27298
         Platform defines for WINCE.
         Contains changes by Yong Li <yong.li@torchmobile.com>,
         George Staikos <george.staikos@torchmobile.com> and Joe Mason <joe.mason@torchmobile.com>

         * wtf/Platform.h:

2009-07-15  Yong Li  <yong.li@torchmobile.com>

         Reviewed by Adam Treat.

         https://bugs.webkit.org/show_bug.cgi?id=27306
         Use RegisterClass instead of RegisterClassEx on WinCE.

         * wtf/win/MainThreadWin.cpp:
         (WTF::initializeMainThreadPlatform):

2009-07-15  Yong Li  <yong.li@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27301
         Use OutputDebugStringW on WinCE since OutputDebugStringA is not supported
         Originally written by Yong Li <yong.li@torchmobile.com> and refactored by
         Joe Mason <joe.mason@torchmobile.com>

         * wtf/Assertions.cpp: vprintf_stderr_common

2009-07-15  Yong Li  <yong.li@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27020
         msToGregorianDateTime should set utcOffset to 0 when outputIsUTC is false

         * wtf/DateMath.cpp:
         (WTF::gregorianDateTimeToMS):

2009-07-15  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Cleanup - Remove obsolete code from the make system
        https://bugs.webkit.org/show_bug.cgi?id=27299

        * JavaScriptCore.pro:
        * jsc.pro:

2009-07-07  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=27056

        Alternate bool operator for codewarrior compiler (WINSCW).
        Compiler (latest b482) reports error for UnspecifiedBoolType construct:
        "illegal explicit conversion from 'WTF::OwnArrayPtr<JSC::Register>' to 'bool'"

        Same fix as in r38391.

        * JavaScriptCore/wtf/OwnArrayPtr.h:

2009-07-15  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        Qualify include path with wtf to fix compilation
        on Symbian.
        https://bugs.webkit.org/show_bug.cgi?id=27055

        * interpreter/Interpreter.h:

2009-07-15  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Dave Kilzer.

        Turn off non-portable date manipulations for SYMBIAN
        https://bugs.webkit.org/show_bug.cgi?id=27064

        Introduce HAVE(TM_GMTOFF), HAVE(TM_ZONE) and HAVE(TIMEGM) guards 
        and place the rules for controlling the guards in Platform.h.
        Turn off these newly introduced guards for SYMBIAN.

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):
        * wtf/DateMath.h:
        (WTF::GregorianDateTime::GregorianDateTime):
        (WTF::GregorianDateTime::operator tm):
        * wtf/Platform.h:

2009-07-15  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Simon Hausmann.

        Undef ASSERT on Symbian, to avoid excessive warnings
        https://bugs.webkit.org/show_bug.cgi?id=27052

        * wtf/Assertions.h:

2009-07-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Simon Hausmann.

        REGRESSION: fast/js/postfix-syntax.html fails with interpreter
        https://bugs.webkit.org/show_bug.cgi?id=27294

        When postfix operators operating on locals assign to the same local
        the order of operations has to be to store the incremented value, then
        store the unmodified number.  Rather than implementing this subtle
        semantic in the interpreter I've just made the logic explicit in the
        bytecode generator, so x=x++ effectively becomes x=ToNumber(x) (for a
        local var x).

        * parser/Nodes.cpp:
        (JSC::emitPostIncOrDec):

2009-07-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Simon Hausmann.

        REGRESSION(43559): fast/js/kde/arguments-scope.html fails with interpreter
        https://bugs.webkit.org/show_bug.cgi?id=27259

        The interpreter was incorrectly basing its need to create the arguments object
        based on the presence of the callframe's argument reference rather than the local
        arguments reference.  Based on this it then overrode the local variable reference.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-07-14  Steve Falkenburg  <sfalken@apple.com>

        Reorganize JavaScriptCore headers into:
        API: include/JavaScriptCore/
        Private: include/private/JavaScriptCore/

        Reviewed by Darin Adler.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Change JSCell's superclass to NoncopyableCustomAllocated
        https://bugs.webkit.org/show_bug.cgi?id=27248

        JSCell class customizes operator new, since Noncopyable will be 
        inherited from FastAllocBase, NoncopyableCustomAllocated has 
        to be used.

        * runtime/JSCell.h:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Change all Noncopyable inheriting visibility to public.
        https://bugs.webkit.org/show_bug.cgi?id=27225

        Change all Noncopyable inheriting visibility to public because
        it is needed to the custom allocation framework (bug #20422).

        * bytecode/SamplingTool.h:
        * bytecompiler/RegisterID.h:
        * interpreter/CachedCall.h:
        * interpreter/RegisterFile.h:
        * parser/Lexer.h:
        * parser/Parser.h:
        * runtime/ArgList.h:
        * runtime/BatchedTransitionOptimizer.h:
        * runtime/Collector.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSCell.h:
        * runtime/JSGlobalObject.h:
        * runtime/JSLock.h:
        * runtime/JSONObject.cpp:
        * runtime/SmallStrings.cpp:
        * runtime/SmallStrings.h:
        * wtf/CrossThreadRefCounted.h:
        * wtf/GOwnPtr.h:
        * wtf/Locker.h:
        * wtf/MessageQueue.h:
        * wtf/OwnArrayPtr.h:
        * wtf/OwnFastMallocPtr.h:
        * wtf/OwnPtr.h:
        * wtf/RefCounted.h:
        * wtf/ThreadSpecific.h:
        * wtf/Threading.h:
        * wtf/Vector.h:
        * wtf/unicode/Collator.h:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Change ParserArenaRefCounted's superclass to RefCountedCustomAllocated
        https://bugs.webkit.org/show_bug.cgi?id=27249

        ParserArenaDeletable customizes operator new, to avoid double inheritance
        ParserArenaDeletable's superclass has been changed to RefCountedCustomAllocated.

        * parser/Nodes.h:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Add RefCountedCustomAllocated to RefCounted.h
        https://bugs.webkit.org/show_bug.cgi?id=27232

        Some class which are inherited from RefCounted customize
        operator new, but RefCounted is inherited from Noncopyable
        which will be inherited from FastAllocBase. To avoid
        conflicts Noncopyable inheriting was moved down to RefCounted
        and to avoid double inheritance this class has been added.

        * wtf/RefCounted.h:
        (WTF::RefCountedCustomAllocated::deref):
        (WTF::RefCountedCustomAllocated::~RefCountedCustomAllocated):

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Add NoncopyableCustomAllocated to Noncopyable.h.
        https://bugs.webkit.org/show_bug.cgi?id=27228
        
        Some classes which inherited from Noncopyable overrides operator new
        since Noncopyable'll be inherited from FastAllocBase, Noncopyable.h 
        needs to be extended with this new class to support the overriding. 

        * wtf/Noncopyable.h:
        (WTFNoncopyable::NoncopyableCustomAllocated::NoncopyableCustomAllocated):
        (WTFNoncopyable::NoncopyableCustomAllocated::~NoncopyableCustomAllocated):

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's IdentifierTable class
        https://bugs.webkit.org/show_bug.cgi?id=27260

        Inherits IdentifierTable class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Identifier.cpp:70.

        * runtime/Identifier.cpp:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's Profiler class
        https://bugs.webkit.org/show_bug.cgi?id=27253

        Inherits Profiler class from FastAllocBase because it has been instantiated by
        'new' in JavaScriptCore/profiler/Profiler.cpp:56.

        * profiler/Profiler.h:

2009-07-06  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        Authors: George Staikos <george.staikos@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>, Makoto Matsumoto <matumoto@math.keio.ac.jp>, Takuji Nishimura

        https://bugs.webkit.org/show_bug.cgi?id=27030
        Implement custom RNG for WinCE using Mersenne Twister

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):
        * wtf/RandomNumberSeed.h:
        (WTF::initializeRandomNumberGenerator):
        * wtf/wince/mt19937ar.c: Added.
        (init_genrand):
        (init_by_array):
        (genrand_int32):
        (genrand_int31):
        (genrand_real1):
        (genrand_real2):
        (genrand_real3):
        (genrand_res53):

2009-07-13  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed make dist build fix.

        * GNUmakefile.am:

2009-07-13  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        Add ENABLE(SHARED_WORKERS) flag and define SharedWorker APIs
        https://bugs.webkit.org/show_bug.cgi?id=26932

        Added ENABLE(SHARED_WORKERS) flag (off by default).

        * Configurations/FeatureDefines.xcconfig:

2009-07-07  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        https://bugs.webkit.org/show_bug.cgi?id=27058

        Removed superfluous parenthesis around single expression.
        Compilers on Symbian platform fail to properly parse and compile.

        * JavaScriptCore/wtf/Platform.h:

2009-07-13  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        https://bugs.webkit.org/show_bug.cgi?id=27054

        Renamed Translator to HashTranslator

        Codewarrior compiler (WINSCW) latest b482 cannot resolve typename
        mismatch between template declaration and definition
        (HashTranslator / Translator)

        * wtf/HashSet.h:

2009-07-13  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=27053

        Ambiguity in LabelScope initialization

        Codewarrior compiler (WINSCW) latest b482 on Symbian cannot resolve
        type of "0" unambiguously. Set expression explicitly to
        PassRefPtr<Label>::PassRefPtr()

        * bytecompiler/BytecodeGenerator.cpp

2009-07-11  Simon Fraser  <simon.fraser@apple.com>

        Enable support for accelerated compositing and 3d transforms on Leopard.
        <https://bugs.webkit.org/show_bug.cgi?id=20166>
        <rdar://problem/6120614>

        Reviewed by Oliver Hunt.

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-07-10  Mark Rowe  <mrowe@apple.com>

        Second part of the "make Windows happier" dance.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-10  Mark Rowe  <mrowe@apple.com>

        Try and make the Windows build happy.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-10  Kevin McCullough  <kmccullough@apple.com>

        Reviewed by Geoffrey Garen.

        * debugger/Debugger.h: Made this function virtual for use in WebCore's
        WebInspector.

2009-07-10  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        ParserArenaDeletable should override delete
        https://bugs.webkit.org/show_bug.cgi?id=26790

        ParserArenaDeletable overrides new, but it does not override delete.
        ParserArenaDeletable must be freed by fastFree
        because it is allocated by fastMalloc.

        * parser/NodeConstructors.h:
        (JSC::ParserArenaDeletable::operator delete):
        * parser/Nodes.h:

2009-07-10  Adam Roben  <aroben@apple.com>

        Sort all our Xcode projects

        Accomplished using sort-Xcode-project-file.

        Requested by Dave Kilzer.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-07-09  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Windows build fix for the last change.

        * wtf/dtoa.cpp: Forgot to include Vector.h

2009-07-09  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        REGRESSION: crash in edge cases of floating point parsing.
        https://bugs.webkit.org/show_bug.cgi?id=27110
        <rdar://problem/7044458>
        
        Tests: fast/css/number-parsing-crash.html
               fast/css/number-parsing-crash.html
               fast/js/number-parsing-crash.html
        
        * wtf/dtoa.cpp:
        (WTF::BigInt::BigInt): Converted this to more a proper class, using a Vector
        with inline capacity

        (WTF::lshift): Rearranged logic somewhat nontrivially to deal with the new way of sizing BigInts.
        Added an assertion to verify that invariants are maintained.

        All other functions are adapted fairly mechanically to the above changes.
        (WTF::BigInt::clear):
        (WTF::BigInt::size):
        (WTF::BigInt::resize):
        (WTF::BigInt::words):
        (WTF::BigInt::append):
        (WTF::multadd):
        (WTF::s2b):
        (WTF::i2b):
        (WTF::mult):
        (WTF::cmp):
        (WTF::diff):
        (WTF::b2d):
        (WTF::d2b):
        (WTF::ratio):
        (WTF::strtod):
        (WTF::quorem):
        (WTF::dtoa):

2009-07-09  Drew Wilson  <atwilson@google.com>

        Reviewed by Alexey Proskuryakov.

        Turned on CHANNEL_MESSAGING by default because the MessageChannel API
        can now be implemented for Web Workers and is reasonably stable.

        * Configurations/FeatureDefines.xcconfig:

2009-07-09  Oliver Hunt  <oliver@apple.com>

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-07-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 27016 - Interpreter crashes due to invalid array indexes
        <https://bugs.webkit.org/show_bug.cgi?id=27016>

        Unsigned vs signed conversions results in incorrect behaviour in
        64bit interpreter builds.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-07-09  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Fisher.

        [Chromium] Upstream JavaScriptCore.gypi, the project file for Chromium build.
        https://bugs.webkit.org/show_bug.cgi?id=27135

        * JavaScriptCore.gypi: Added.

2009-07-09  Joe Mason  <joe.mason@torchmobile.com>

        Reviewed by George Staikos.
        
        Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>

        https://bugs.webkit.org/show_bug.cgi?id=27031
        Add an override for deleteOwnedPtr(HDC) on Windows
        
        * wtf/OwnPtrCommon.h:
        * wtf/OwnPtrWin.cpp:
        (WTF::deleteOwnedPtr):

2009-07-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Guard singal.h dependency with HAVE(SIGNAL_H) to enable building jsc
        on SYMBIAN.

        https://bugs.webkit.org/show_bug.cgi?id=27026

        Based on Norbert Leser's work.

        * jsc.cpp:
        (printUsageStatement):
        (parseArguments):
        * wtf/Platform.h:

2009-07-07  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Stop loading constants into the register file.

        Instead, use high register values (highest bit bar the sign bit set) to indicate
        constants in the instruction stream, and when we encounter such a value load it
        directly from the CodeBlock.

        Since constants are no longer copied into the register file, this patch renders
        the 'unexpected constant' mechanism redundant, and removes it.

        2% improvement, thanks to Sam Weinig.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::mark):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::isTemporaryRegisterIndex):
        (JSC::CodeBlock::constantRegister):
        (JSC::CodeBlock::isConstantRegisterIndex):
        (JSC::CodeBlock::getConstant):
        (JSC::ExecState::r):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::preserveLastVar):
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::addConstantValue):
        (JSC::BytecodeGenerator::emitEqualityOp):
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitResolveBase):
        (JSC::BytecodeGenerator::emitResolveWithBase):
        (JSC::BytecodeGenerator::emitNewError):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::emitNode):
        * interpreter/CallFrame.h:
        (JSC::ExecState::noCaller):
        (JSC::ExecState::hasHostCallFrameFlag):
        (JSC::ExecState::addHostCallFrameFlag):
        (JSC::ExecState::removeHostCallFrameFlag):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::resolveBaseAndFunc):
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadDouble):
        (JSC::JIT::emitLoadInt32ToDouble):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_error):
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):
        * parser/Nodes.cpp:
        (JSC::DeleteResolveNode::emitBytecode):
        (JSC::DeleteValueNode::emitBytecode):
        (JSC::PrefixResolveNode::emitBytecode):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        * wtf/Platform.h:

2009-07-07  Mark Rowe  <mrowe@apple.com>

        Reviewed by Darin Adler.

        Fix <https://bugs.webkit.org/show_bug.cgi?id=27025> / <rdar://problem/7033448>.
        Bug 27025: Crashes and regression test failures related to regexps in 64-bit

        For x86_64 RegexGenerator uses rbx, a callee-save register, as a scratch register but
        neglects to save and restore it.  The change in handling of the output vector in r45545
        altered code generation so that the RegExp::match was now storing important data in rbx,
        which caused crashes and bogus results when it was clobbered.

        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter): Save rbx.
        (JSC::Yarr::RegexGenerator::generateReturn): Restore rbx.

2009-07-06  Ada Chan  <adachan@apple.com>

        Reviewed by Darin Adler and Mark Rowe.

        Decommitted spans are added to the list of normal spans rather than 
        the returned spans in TCMalloc_PageHeap::Delete().
        https://bugs.webkit.org/show_bug.cgi?id=26998
        
        In TCMalloc_PageHeap::Delete(), the deleted span can be decommitted in 
        the process of merging with neighboring spans that are also decommitted.  
        The merged span needs to be placed in the list of returned spans (spans 
        whose memory has been returned to the system).  Right now it's always added 
        to the list of the normal spans which can theoretically cause thrashing.  

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::Delete):

2009-07-05  Lars Knoll  <lars.knoll@nokia.com>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=26843

        Fix run-time crashes in JavaScriptCore with the Metrowerks compiler on Symbian.

        The Metrowerks compiler on the Symbian platform moves the globally
        defined Hashtables into read-only memory, despite one of the members
        being mutable. This causes crashes at run-time due to write access to
        read-only memory.

        Avoid the use of const with this compiler by introducing the
        JSC_CONST_HASHTABLE macro.

        Based on idea by Norbert Leser.

        * runtime/Lookup.h: Define JSC_CONST_HASHTABLE as const for !WINSCW.
        * create_hash_table: Use JSC_CONST_HASHTABLE for hashtables.
        * runtime/JSGlobalData.cpp: Import various global hashtables via the macro.

2009-07-04  Dan Bernstein  <mitz@apple.com>

        - debug build fix

        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::getLastParen):

2009-07-03  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Maciej Stachowiak (and revised slightly)

        RegExp::match to be optimized
        https://bugs.webkit.org/show_bug.cgi?id=26957

        Allow regexp matching to use Vectors with inline capacity instead of
        allocating a new ovector buffer every time.
        
        ~5% speedup on SunSpider string-unpack-code test, 0.3% on SunSpider overall.

        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructorPrivate::RegExpConstructorPrivate):
        (JSC::RegExpConstructorPrivate::lastOvector):
        (JSC::RegExpConstructorPrivate::tempOvector):
        (JSC::RegExpConstructorPrivate::changeLastOvector):
        (JSC::RegExpConstructor::performMatch):
        (JSC::RegExpMatchesArray::RegExpMatchesArray):
        (JSC::RegExpMatchesArray::fillArrayInstance):
        (JSC::RegExpConstructor::getBackref):
        (JSC::RegExpConstructor::getLastParen):
        (JSC::RegExpConstructor::getLeftContext):
        (JSC::RegExpConstructor::getRightContext):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncSplit):

2009-06-30  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        Override operator new/delete with const std::nothrow_t& as the second
        argument.
        https://bugs.webkit.org/show_bug.cgi?id=26792

        On Windows CE, operator new/delete, new[]/delete[] with const
        std::nothrow_t& must be overrided because some standard template
        libraries use these operators.

        The problem occurs when memory allocated by new(size_t s, const
        std::nothrow_t&) is freed by delete(void* p). This causes the umatched
        malloc/free problem.

        The patch overrides all new, delete, new[] and delete[] to use
        fastMaloc and fastFree consistently.

        * wtf/FastMalloc.h:
        (throw):

2009-06-30  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Sam Weinig.

        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Remove unnecessary references to AssemblerBuffer.

        * interpreter/Interpreter.cpp:
        * interpreter/Interpreter.h:

2009-06-29  David Levin  <levin@chromium.org>

        Reviewed by Oliver Hunt.

        Still seeing occasional leaks from UString::sharedBuffer code
        https://bugs.webkit.org/show_bug.cgi?id=26420

        The problem is that the pointer to the memory allocation isn't visible
        by "leaks" due to the lower bits being used as flags.  The fix is to
        make the pointer visible in memory (in debug only). The downside of
        this fix that the memory allocated by sharedBuffer will still look like
        a leak in non-debug builds when any flags are set.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::set):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Remove more unused scons support.

        * SConstruct: Removed.

2009-06-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/7016214> JSON.parse fails to parse valid JSON with most Unicode characters
        <https://bugs.webkit.org/show_bug.cgi?id=26802>

        In the original JSON.parse patch unicode was handled correctly, however in some last
        minute "clean up" I oversimplified isSafeStringCharacter.  This patch corrects this bug.

        * runtime/LiteralParser.cpp:
        (JSC::isSafeStringCharacter):
        (JSC::LiteralParser::Lexer::lexString):

2009-06-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Dan Bernstein.

        <rdar://problem/7009684> REGRESSION(r45039): Crashes inside JSEvent::put on PowerPC (26746)
        <https://bugs.webkit.org/show_bug.cgi?id=26746>

        Fix for r45039 incorrectly uncached a get_by_id by converting it to put_by_id.  Clearly this
        is less than correct.  This patch corrects that error.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID):

2009-06-26  Eric Seidel  <eric@webkit.org>

        No review, only rolling out r45259.

        Roll out r45259 after crash appeared on the bots:
        plugins/undefined-property-crash.html
        ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize
        (leopard-intel-debug-tests/build/JavaScriptCore/runtime/Collector.cpp:278
        void* JSC::Heap::heapAllocate(size_t) [with JSC::HeapType heapType = PrimaryHeap])

        * runtime/DateInstance.cpp:
        * runtime/Identifier.cpp:
        * runtime/Lookup.h:
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpObject.h:
        * runtime/ScopeChain.h:
        * runtime/UString.h:

2009-06-26  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Add support for QDataStream operators to Vector.

        * wtf/Vector.h:
        (WTF::operator<<):
        (WTF::operator>>):

2009-06-24  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Make the opcode sampler work once again.

        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        Extend FastAllocBase.h with 'using WTF::FastAllocBase' to avoid
        unnecessary WTF:: usings.
        Remove existing unnecessary WTF:: usings.

        * interpreter/Interpreter.h:
        * profiler/CallIdentifier.h:
        * runtime/ScopeChain.h:
        * wtf/FastAllocBase.h:

2009-06-24  David Levin  <levin@chromium.org>

        Fix all builds.

        * bytecode/CodeBlock.h:
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Register.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26677

        Inherits CodeBlock class from FastAllocBase because it
        has been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.h:217.

        * bytecode/CodeBlock.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26676

        Inherits BytecodeGenerator class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/parser/Nodes.cpp:1892.

        * bytecompiler/BytecodeGenerator.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26675

        Inherits Register class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/JSVariableObject.h:149.

        * interpreter/Register.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        https://bugs.webkit.org/show_bug.cgi?id=26674

        Inherits HashMap class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:458.

        * wtf/HashMap.h:

2009-06-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6940519> REGRESSION (Safari 4 Public Beta - TOT): google.com/adplanner shows blank page instead of site details in "basic research'

        The problem was caused by the page returned with a function using a
        var declaration list containing around ~3000 variables.  The solution
        to this is to flatten the comma expression representation and make
        codegen comma expressions and initializer lists iterative rather than
        recursive.

        * parser/Grammar.y:
        * parser/NodeConstructors.h:
        (JSC::CommaNode::CommaNode):
        * parser/Nodes.cpp:
        (JSC::CommaNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::ExpressionNode::isCommaNode):
        (JSC::CommaNode::isCommaNode):
        (JSC::CommaNode::append):

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=26645

        Inherits ScopeChainNode class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/ScopeChain.h:95.

        * wtf/RefPtr.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=26648

        Inherits Deque class from FastAllocBase because it has been
        instantiated by 'new' with DEFINE_STATIC_LOCAL macro in 
        JavaScriptCore/wtf/MainThread.cpp:62.

        * wtf/Deque.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=26644

        Inherits RefPtr class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/StructureChain.cpp:41.

        * wtf/RefPtr.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits HashSet class from FastAllocBase, because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Collector.h:116.

        * wtf/HashSet.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits Vector class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:633.

        * wtf/Vector.h:

2009-06-24  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        The BytecodeGenerator objects were instantiated on stack, which takes up ~38kB per instance
        (each instance includes copy of JSC::CodeBlock with large SymbolTable, etc.).
        Specifically, since there is nested invocation (e.g., GlobalCode --> FunctionCode),
        the stack overflows immediately on Symbian hardware (max. 80 kB).
        Proposed change allocates generator objects on heap.
        Performance impact (if any) should be negligible and change is proposed as general fix,
        rather than ifdef'd for SYMBIAN.

        * parser/Nodes.cpp:
        (JSC::ProgramNode::generateBytecode):
        (JSC::EvalNode::generateBytecode):
        (JSC::EvalNode::bytecodeForExceptionInfoReparse):
        (JSC::FunctionBodyNode::generateBytecode):
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):

2009-06-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6992806> REGRESSION: Enumeration can skip new properties in cases of prototypes that have more than 64 (26593)
        <https://bugs.webkit.org/show_bug.cgi?id=26593>

        Do not attempt to cache structure chains if they contain a dictionary at any level.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        * runtime/Structure.cpp:
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::addPropertyTransition):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):
        * runtime/StructureChain.h:

2009-06-23  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26654
        Add the proper export define for the JavaScriptCore API when building for WINCE.

        * API/JSBase.h:

2009-06-23  Joe Mason  <joe.mason@torchmobile.com>

        Reviewed by Adam Treat.

        Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>

        https://bugs.webkit.org/show_bug.cgi?id=26611
        Implement currentThreadStackBase on WINCE by adding a global,
        g_stackBase, which must be set to the address of a local variable
        by the caller before calling any WebKit function that invokes JSC.

        * runtime/Collector.cpp:
        (JSC::isPageWritable):
        (JSC::getStackBase):
          Starts at the top of the stack and returns the entire range of
          consecutive writable pages as an estimate of the actual stack.
          This will be much bigger than the actual stack range, so some
          dead objects can't be collected, but it guarantees live objects
          aren't collected prematurely.

        (JSC::currentThreadStackBase):
          On WinCE, returns g_stackBase if set or call getStackBase as a
          fallback if not.

2009-06-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Fix stupid performance problem in the LiteralParser

        The LiteralParser was making a new UString in order to use
        toDouble, however UString's toDouble allows a much wider range
        of numberic strings than the LiteralParser accepts, and requires
        an additional heap allocation or two for the construciton of the
        UString.  To rectify this we just call WTF::dtoa directly using
        a stack allocated buffer to hold the validated numeric literal.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexNumber):
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:

2009-06-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Bug 26640: JSON.stringify needs to special case Boolean objects
        <https://bugs.webkit.org/show_bug.cgi?id=26640>

        Add special case handling of the Boolean object so we match current
        ES5 errata.

        * runtime/JSONObject.cpp:
        (JSC::unwrapBoxedPrimitive): renamed from unwrapNumberOrString
        (JSC::gap):
        (JSC::Stringifier::appendStringifiedValue):

2009-06-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 26591: Support revivers in JSON.parse
        <https://bugs.webkit.org/show_bug.cgi?id=26591>

        Add reviver support to JSON.parse.  This completes the JSON object.

        * runtime/JSONObject.cpp:
        (JSC::Walker::Walker):
        (JSC::Walker::callReviver):
        (JSC::Walker::walk):
        (JSC::JSONProtoFuncParse):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 26592: Support standard toJSON functions
        <https://bugs.webkit.org/show_bug.cgi?id=26592>

        Add support for the standard Date.toJSON function.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToJSON):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Bug 26594: JSC needs to support Date.toISOString
        <https://bugs.webkit.org/show_bug.cgi?id=26594>

        Add support for Date.toISOString.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToISOString):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Remove dead code.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler and Cameron Zwarich.

        Bug 26587: Support JSON.parse
        <https://bugs.webkit.org/show_bug.cgi?id=26587>

        Extend the LiteralParser to support the full strict JSON
        grammar, fix a few places where the grammar was incorrectly
        lenient.   Doesn't yet support the JSON.parse reviver function
        but that does not block the JSON.parse functionality itself.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * runtime/JSONObject.cpp:
        (JSC::JSONProtoFuncParse):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lex):
        (JSC::isSafeStringCharacter):
        (JSC::LiteralParser::Lexer::lexString):
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:
        (JSC::LiteralParser::LiteralParser):
        (JSC::LiteralParser::tryJSONParse):
        (JSC::LiteralParser::):
        (JSC::LiteralParser::Lexer::Lexer):

2009-06-21  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (speculative build fix for windows).

        Simply removed some whitespace form this file to make windows build wtf and
        hopefully copy the new MessageQueque.h so that WebCore picks it up.

        * wtf/Assertions.cpp:

2009-06-21  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        <https://bugs.webkit.org/show_bug.cgi?id=25043>
        Added support for multi-threaded MessagePorts.

        * wtf/MessageQueue.h:
        (WTF::::appendAndCheckEmpty):
            Added API to test whether the queue was empty before adding an element.
  
2009-06-20  David D. Kilzer  <ddkilzer@webkit.org>

        Fix namespace comment in SegmentedVector.h

        * wtf/SegmentedVector.h: Updated namespace comment to reflect
        new namespace after r44897.

2009-06-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Reviewed by Oliver Hunt.

        An Iterator added for SegmentedVector. Currently
        only the pre ++ operator is supported.

        * wtf/SegmentedVector.h:
        (WTF::SegmentedVectorIterator::~SegmentedVectorIterator):
        (WTF::SegmentedVectorIterator::operator*):
        (WTF::SegmentedVectorIterator::operator->):
        (WTF::SegmentedVectorIterator::operator++):
        (WTF::SegmentedVectorIterator::operator==):
        (WTF::SegmentedVectorIterator::operator!=):
        (WTF::SegmentedVectorIterator::operator=):
        (WTF::SegmentedVectorIterator::SegmentedVectorIterator):
        (WTF::SegmentedVector::alloc):
        (WTF::SegmentedVector::begin):
        (WTF::SegmentedVector::end):

2009-06-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Reviewed by Oliver Hunt.

        Move SegmentedVector to /wtf subdirectory
        and change "namespace JSC" to "namespace WTF"

        Additional build file updates by David Kilzer.

        * GNUmakefile.am: Updated path to SegmentedVector.h.
        * JavaScriptCore.order: Updated SegmentedVector namespace from
        JSC to WTF in mangled C++ method name.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        Removed reference to bytecompiler\SegmentedVector.h.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Added reference to
        wtf\SegmentedVector.h.
        * JavaScriptCore.xcodeproj/project.pbxproj: Moved
        SegmentedVector.h definition from bytecompiler subdirectory to
        wtf subdirectory.
        * bytecompiler/BytecodeGenerator.h: Updated #include path to
        SegmentedVector.h and prepended WTF:: namespace to its use.
        * parser/Lexer.h: Ditto.
        * wtf/SegmentedVector.h: Renamed from JavaScriptCore/bytecompiler/SegmentedVector.h.
        (WTF::SegmentedVector::SegmentedVector):
        (WTF::SegmentedVector::~SegmentedVector):
        (WTF::SegmentedVector::size):
        (WTF::SegmentedVector::at):
        (WTF::SegmentedVector::operator[]):
        (WTF::SegmentedVector::last):
        (WTF::SegmentedVector::append):
        (WTF::SegmentedVector::removeLast):
        (WTF::SegmentedVector::grow):
        (WTF::SegmentedVector::clear):
        (WTF::SegmentedVector::deleteAllSegments):
        (WTF::SegmentedVector::segmentExistsFor):
        (WTF::SegmentedVector::segmentFor):
        (WTF::SegmentedVector::subscriptFor):
        (WTF::SegmentedVector::ensureSegmentsFor):
        (WTF::SegmentedVector::ensureSegment):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix take 2 - rename FIELD_OFFSET to something that doesn't conflict with winnt.h).

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::emitGetVariableObjectRegister):
        (JSC::JIT::emitPutVariableObjectRegister):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::checkStructure):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call):
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        * jit/JIT.h:
        * jit/JITInlineMethods.h:

2009-06-19  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Reorganize ARM architecture specific macros.
        Use PLATFORM_ARM_ARCH(7) instead of PLATFORM(ARM_V7).

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Fix armv7 JIT build issues.

        Unfortunate the arm compiler does not like the use of offsetof on JITStackFrame (since it now contains non POD types),
        and the FIELD_OFFSET macro does not appear constantish enough for it to be happy with its use in COMPILE_ASSERT macros.

        * Replace offsetofs with FIELD_OFFSETs (safe on C++ objects).
        * Move COMPILE_ASSERTs defending layout of JITStackFrame structure on armv7 into JITThunks constructor.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_catch):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2009-06-19  Adam Treat  <adam.treat@torchmobile.com>

        Blind attempt at build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-19  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Inherits CallIdentifier struct from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/profiler/CallIdentifier.h:86.

        * wtf/HashCountedSet.h:

2009-06-19  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=26540
        Modify the test shell to add a new function 'checkSyntax' that will
        only parse the source instead of executing it. In this way we can test
        pure parsing performance against some of the larger scripts in the wild.

        * jsc.cpp:
        (GlobalObject::GlobalObject):
        (functionCheckSyntax):

2009-06-19  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        Inherits HashCountedSet class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Collector.cpp:1095.

        * wtf/HashCountedSet.h:

2009-06-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26558
        Declare these symbols extern for WINCE as they are provided by libce.

        * runtime/DateConstructor.cpp:
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2009-06-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        <rdar://problem/6988973> ScopeChain leak in interpreter builds

        Move the Scopechain destruction code in JSFunction outside of the ENABLE(JIT)
        path.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * wtf/Platform.h:

2009-06-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26543
        Windows CE uses 'GetLastError' instead of 'errno.'

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::grow):

2009-06-19  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (Windows build fix).

        Add export for Windows corresponding to OSX export done in r44844.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin "Viceroy of Venezuela" Barraclough.

        Bug 26532: Native functions do not correctly unlink from optimised callsites when they're collected
        <https://bugs.webkit.org/show_bug.cgi?id=26532> <rdar://problem/6625385>

        We need to make sure that each native function instance correctly unlinks any references to it
        when it is collected.  Allowing this to happen required a few changes:
            * Every native function needs a codeblock to track the link information
            * To have this codeblock, every function now also needs its own functionbodynode
              so we no longer get to have a single shared instance.
            * Identifying a host function is now done by looking for CodeBlock::codeType() == NativeCode

        * JavaScriptCore.exp:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
           Constructor for NativeCode CodeBlock
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::handlerForBytecodeOffset):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        (JSC::CodeBlock::functionRegisterForBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
        (JSC::CodeBlock::setJITCode):
           Add assertions to ensure we don't try and use NativeCode CodeBlocks as
           a normal codeblock.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CodeBlock::source):
        (JSC::CodeBlock::sourceOffset):
        (JSC::CodeBlock::evalCodeCache):
        (JSC::CodeBlock::createRareDataIfNecessary):
          More assertions.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::linkCall):
          Update logic to allow native function caching

        * jit/JITStubs.cpp:
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::isHostFunction):
        * parser/Nodes.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::mark):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Timezone calculation incorrect in Venezuela.

        https://bugs.webkit.org/show_bug.cgi?id=26531
        <rdar://problem/6646169> Time is incorrectly reported to JavaScript in both Safari 3 and Firefox 3

        The problem is that we're calculating the timezone relative to 01/01/2000,
        but the VET timezone changed from -4 hours to -4:30 hours on 12/09/2007.
        According to the spec, section 15.9.1.9 states "the time since the beginning
        of the year", presumably meaning the *current* year.  Change the calculation
        to be based on whatever the current year is, rather than a canned date.

        No performance impact.

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe (originally reviewed by Sam Weinig).

        (Reintroducing patch added in r44492, and reverted in r44796.)

        Change the implementation of op_throw so the stub function always modifies its
        return address - if it doesn't find a 'catch' it will switch to a trampoline
        to force a return from JIT execution.  This saves memory, by avoiding the need
        for a unique return for every op_throw.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
            JITStubs::cti_op_throw now always changes its return address,
            remove return code generated after the stub call (this is now
            handled by ctiOpThrowNotCaught).
        * jit/JITStubs.cpp:
        (JSC::):
            Add ctiOpThrowNotCaught definitions.
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
            Change cti_op_throw to always change its return address.
        * jit/JITStubs.h:
            Add ctiOpThrowNotCaught declaration.

2009-06-18  Kevin McCullough  <kmccullough@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6940880> REGRESSION: Breakpoints don't break in 64-bit

        - Exposed functions now needed by WebCore.

        * JavaScriptCore.exp:

2009-06-17  Darin Adler  <darin@apple.com>

        Reviewed by Oliver Hunt.

        Bug 26429: Make JSON.stringify non-recursive so it can handle objects
        of arbitrary complexity
        https://bugs.webkit.org/show_bug.cgi?id=26429

        For marking I decided not to use gcProtect, because this is inside the engine
        so it's easy enough to just do marking. And that darned gcProtect does locking!
        Oliver tried to convince me to used MarkedArgumentBuffer, but the constructor
        for that class says "FIXME: Remove all clients of this API, then remove this API."

        * runtime/Collector.cpp:
        (JSC::Heap::collect): Add a call to JSONObject::markStringifiers.

        * runtime/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers): Added emptyIdentifier.
        * runtime/CommonIdentifiers.h: Ditto.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Initialize firstStringifierToMark to 0.
        * runtime/JSGlobalData.h: Added firstStringifierToMark.

        * runtime/JSONObject.cpp: Cut down the includes to the needed ones only.
        (JSC::unwrapNumberOrString): Added. Helper for unwrapping number and string
        objects to get their number and string values.
        (JSC::ReplacerPropertyName::ReplacerPropertyName): Added. The class is used
        to wrap an identifier or integer so we don't have to do any work unless we
        actually call a replacer.
        (JSC::ReplacerPropertyName::value): Added.
        (JSC::gap): Added. Helper function for the Stringifier constructor.
        (JSC::PropertyNameForFunctionCall::PropertyNameForFunctionCall): Added.
        The class is used to wrap an identifier or integer so we don't have to
        allocate a number or string until we actually call toJSON or a replacer.
        (JSC::PropertyNameForFunctionCall::asJSValue): Added.
        (JSC::Stringifier::Stringifier): Updated and moved out of the class
        definition. Added code to hook this into a singly linked list for marking.
        (JSC::Stringifier::~Stringifier): Remove from the singly linked list.
        (JSC::Stringifier::mark): Mark all the objects in the holder stacks.
        (JSC::Stringifier::stringify): Updated.
        (JSC::Stringifier::appendQuotedString): Tweaked and streamlined a bit.
        (JSC::Stringifier::toJSON): Renamed from toJSONValue.
        (JSC::Stringifier::appendStringifiedValue): Renamed from stringify.
        Added code to use the m_holderStack to do non-recursive stringify of
        objects and arrays. This code also uses the timeout checker since in
        pathological cases it could be slow even without calling into the
        JavaScript virtual machine.
        (JSC::Stringifier::willIndent): Added.
        (JSC::Stringifier::indent): Added.
        (JSC::Stringifier::unindent): Added.
        (JSC::Stringifier::startNewLine): Added.
        (JSC::Stringifier::Holder::Holder): Added.
        (JSC::Stringifier::Holder::appendNextProperty): Added. This is the
        function that handles the format of arrays and objects.
        (JSC::JSONObject::getOwnPropertySlot): Moved this down to the bottom
        of the file so the JSONObject class is not interleaved with the
        Stringifier class.
        (JSC::JSONObject::markStringifiers): Added. Calls mark.
        (JSC::JSONProtoFuncStringify): Streamlined the code here. The code
        to compute the gap string is now a separate function.

        * runtime/JSONObject.h: Made everything private. Added markStringifiers.

2009-06-17  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6974140> REGRESSION(r43849): Crash in cti_op_call_NotJSFunction when getting directions on maps.google.com

        Roll out r43849 as it appears that we cannot rely on the address of
        an objects property storage being constant even if the structure is
        unchanged.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe.

        Fully revert r44492 & r44748 while we fix a bug they cause on internal builds <rdar://problem/6955963>.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6947426> sunspider math-cordic.js exhibits different intermediate results running 32-bit vs. 64-bit

        On 64-bit, NaN-encoded values must be detagged before they can be used in rshift.

        No performance impact.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):

2009-06-17  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=23155
        Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.

        * jsc.cpp:
        (main):

2009-06-17  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=23155
        Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.

        * config.h:
        * jsc.cpp:
        * wtf/Assertions.cpp:
        * wtf/Assertions.h:
        * wtf/CurrentTime.cpp:
        (WTF::lowResUTCTime):
        * wtf/DateMath.cpp:
        (WTF::getLocalTime):
        * wtf/MathExtras.h:
        * wtf/Platform.h:
        * wtf/StringExtras.h:
        * wtf/Threading.h:
        * wtf/win/MainThreadWin.cpp:

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com

        Remove PropertySlot::putValue - PropertySlots should only be used for getting,
        not putting.  Rename JSGlobalObject::getOwnPropertySlot to hasOwnPropertyForWrite,
        which is what it really was being used to ask, and remove some other getOwnPropertySlot
        & getOwnPropertySlotForWrite methods, which were unused and likely to lead to confusion.

        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::hasOwnPropertyForWrite):
        * runtime/JSObject.h:
        * runtime/JSStaticScopeObject.cpp:
        * runtime/JSStaticScopeObject.h:
        * runtime/PropertySlot.h:

2009-06-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver hunt.

        Temporarily partially disable r44492, since this is causing some problems on internal builds.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):

2009-06-16  Sam Weinig  <sam@webkit.org>

        Fix windows build.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):

2009-06-16  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Initialize m_bytecodeIndex to -1 in JIT, and correctly initialize
        it for each type of stub using the return address to find the correct
        offset.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

== Rolled over to ChangeLog-2009-06-16 ==