xref: /external/webkit/Source/JavaScriptCore/ChangeLog-2009-06-16

2009-06-15  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber Stamped by Sam Weinig.

        Rename PatchBuffer to LinkBuffer.  Previously our terminology has been a little
        mixed up, but we have decided to fix on refering to the process that takes place
        at the end of code generation as 'linking', and on any modifications that take
        place later (and once the code has potentially already been executed) as 'patching'.

        However, the term 'PatchBuffer' is already in use, and needs to be repurposed.

        To try to minimize confusion, we're going to switch the terminology over in stages,
        so for now we'll refer to later modifications as 'repatching'.  This means that the
        new 'PatchBuffer' has been introduced with the name 'RepatchBuffer' instead.

        This patch renames the old 'PatchBuffer' to 'LinkBuffer'.  We'll leave ToT in this
        state for a week or so to try to avoid to much overlap of the meaning of the term
        'PatchBuffer', then will come back and rename 'RepatchBuffer'.

        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::LinkBuffer::LinkBuffer):
        (JSC::AbstractMacroAssembler::LinkBuffer::~LinkBuffer):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::compile):

2009-06-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Having moved most of their functionality into the RepatchBuffer class,
        we can simplify the CodeLocation* classes.

        The CodeLocation* classes are currently a tangle of templatey and friendly
        badness, burried in the middle of AbstractMacroAssembler.  Having moved
        the ability to repatch out into RepatchBufer they are now do-nothing wrappers
        on CodePtr (MacroAssemblerCodePtr), that only exist to provide type-safety.

        Simplify the code, and move them off into their own header.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::PatchBuffer::patch):
        * assembler/CodeLocation.h: Copied from assembler/AbstractMacroAssembler.h.
        (JSC::CodeLocationCommon::CodeLocationCommon):
        (JSC::CodeLocationInstruction::CodeLocationInstruction):
        (JSC::CodeLocationLabel::CodeLocationLabel):
        (JSC::CodeLocationJump::CodeLocationJump):
        (JSC::CodeLocationCall::CodeLocationCall):
        (JSC::CodeLocationNearCall::CodeLocationNearCall):
        (JSC::CodeLocationDataLabel32::CodeLocationDataLabel32):
        (JSC::CodeLocationDataLabelPtr::CodeLocationDataLabelPtr):
        (JSC::CodeLocationCommon::instructionAtOffset):
        (JSC::CodeLocationCommon::labelAtOffset):
        (JSC::CodeLocationCommon::jumpAtOffset):
        (JSC::CodeLocationCommon::callAtOffset):
        (JSC::CodeLocationCommon::nearCallAtOffset):
        (JSC::CodeLocationCommon::dataLabelPtrAtOffset):
        (JSC::CodeLocationCommon::dataLabel32AtOffset):
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::operator!):
        * bytecode/CodeBlock.h:
        (JSC::getStructureStubInfoReturnLocation):
        (JSC::getCallLinkInfoReturnLocation):
        (JSC::getMethodCallLinkInfoReturnLocation):
        * bytecode/Instruction.h:
        * bytecode/JumpTable.h:
        (JSC::StringJumpTable::ctiForValue):
        (JSC::SimpleJumpTable::ctiForValue):
        * bytecode/StructureStubInfo.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitCatch):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        (JSC::JITStubs::getPolymorphicAccessStructureListSlot):

2009-06-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Having introduced the RepatchBuffer, ProcessorReturnAddress is now a do-nothing
        wrapper around ReturnAddressPtr.  Remove it.  In tugging on this piece of string
        it made sense to roll out the use of ReturnAddressPtr a little further into
        JITStubs (which had always been the intention).

        No performance impact.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToTrampoline):
        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkNearCallerToTrampoline):
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::ReturnAddressPtr::ReturnAddressPtr):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getStubInfo):
        (JSC::CodeBlock::getCallLinkInfo):
        (JSC::CodeBlock::getMethodCallLinkInfo):
        (JSC::CodeBlock::getBytecodeIndex):
        * interpreter/Interpreter.cpp:
        (JSC::bytecodeOffsetForPC):
        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::StackHack::StackHack):
        (JSC::returnToThrowTrampoline):
        (JSC::throwStackOverflowError):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
        (JSC::JITStackFrame::returnAddressSlot):
        * runtime/JSGlobalData.h:

2009-06-15  Simon Fraser  <simon.fraser (a] apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6974857>

        Define ENABLE_3D_RENDERING when building on 10.6, and move ENABLE_3D_RENDERING
        switch from config.h to wtf/Platform.h.

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-06-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Move repatching methods into a set of methods on a class.  This will allow us to
        coallesce memory reprotection calls.  Really, we want this class to be called
        PatchBuffer, we want the class PatchBuffer to be called LinkBuffer, we want both
        to be memblers of MacroAssembler rather then AbstractMacroAssembler, we don't
        want the CodeLocationFoo types anymore (they are now only really there to provide
        type safety, and that is completely undermined by the way we use offsets).  Then
        the link & patch buffers should delegate the actual patching calls to the
        architecture-specific layer of the MacroAssembler.  Landing all these changes as a
        sequence of patches.

        No performance impact.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::CodeLocationCall::CodeLocationCall):
        (JSC::AbstractMacroAssembler::CodeLocationNearCall::CodeLocationNearCall):
        (JSC::AbstractMacroAssembler::CodeLocationNearCall::calleeReturnAddressValue):
        (JSC::AbstractMacroAssembler::RepatchBuffer::RepatchBuffer):
        (JSC::AbstractMacroAssembler::RepatchBuffer::relink):
        (JSC::AbstractMacroAssembler::RepatchBuffer::repatch):
        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToTrampoline):
        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkNearCallerToTrampoline):
        (JSC::AbstractMacroAssembler::RepatchBuffer::repatchLoadPtrToLEA):
        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchMethodCallProto):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-06-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Hunt & Oliver Garen.

        We are currently generating two copies of the slow path for op_call for no reason.  Stop that.

        Originally op_call used two slow paths since the first set up the pointer to the CallLinkInfo
        for use when linking.  However this is now looked up using the return address (as we do for
        property accesses) so the two paths are now identical.

        No performance impact, reduces memory footprint.

        * bytecode/CodeBlock.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::linkCall):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):

2009-06-12  Dave Hyatt  <hyatt (a] apple.com>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=26373

        Add a new class to Threading in wtf called ReadWriteLock that handles single writer/multiple reader locking.
        Provide a pthreads-only implementation of the lock for now, as this class is only going to be used
        on Snow Leopard at first.

        * wtf/Threading.h:
        (WTF::ReadWriteLock::impl):
        * wtf/ThreadingPthreads.cpp:
        (WTF::ReadWriteLock::ReadWriteLock):
        (WTF::ReadWriteLock::~ReadWriteLock):
        (WTF::ReadWriteLock::readLock):
        (WTF::ReadWriteLock::tryReadLock):
        (WTF::ReadWriteLock::writeLock):
        (WTF::ReadWriteLock::tryWriteLock):
        (WTF::ReadWriteLock::unlock):

2009-06-12  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Make LiteralParser non-recursive

        Convert LiteralParser from using a simple recursive descent parser
        to a hand rolled PDA.  Relatively simple conversion, but required
        modifications to MarkedArgumentBuffer to make it more suitable as
        a generic marked vector.   I'll refactor and rename MarkedArgumentBuffer
        in future as there are many other cases where it will be useful to
        have such a class.

        * runtime/ArgList.h:
        (JSC::MarkedArgumentBuffer::MarkedArgumentBuffer):
        (JSC::MarkedArgumentBuffer::append):
        (JSC::MarkedArgumentBuffer::removeLast):
        (JSC::MarkedArgumentBuffer::last):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:
        (JSC::LiteralParser::LiteralParser):
        (JSC::LiteralParser::tryLiteralParse):
        (JSC::LiteralParser::):

2009-06-12  David Levin  <levin (a] chromium.org>

        Reviewed by NOBODY (build fix for windows).

        Adjust the exports for JSC on Windows like what was done for OSX in
        the previous commit.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-12  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        UString shouldn't create sharedBuffer for SmallStrings.
        https://bugs.webkit.org/show_bug.cgi?id=26360

        The methods changed are not used by JSC, so there is no JS perf impact.  However,
        there is a potential DOM perf impact, so I re-ran several of the tests that
        I ran previously and ensured that the perf stay the same which caused me to
        adjust the minLengthToShare.

        * JavaScriptCore.exp:
        * runtime/UString.cpp:
        (JSC::UString::Rep::sharedBuffer):
            Determines if the buffer being shared is big enough before doing so.
            Previously, BaseString::sharedBuffer was called but it would only know
            the length of the base string (BaseString::len) which may not be the same
            as the string being shared (Rep::len).
        (JSC::UString::BaseString::sharedBuffer):
            This is now only be used by Rep::sharedBuffer. which does the length check.
        * runtime/UString.h:

2009-06-12  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=26191
        Remove xmath include in MathExtras.h, because it is not needed and also
        breaks VS2008 builds with TR1 turned on.

        * wtf/MathExtras.h: Removed xmath include.

2009-06-12  Peter Kasting  <pkasting (a] google.com>

        Reviewed by Eric Seidel.

        * ChangeLog-2007-10-14: Change pseudonym "Don Gibson" to me (was used while Google Chrome was not public); update my email address.

2009-06-12  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fix. Adding JSONObject.cpp to the build.

        * JavaScriptCoreSources.bkl:

2009-06-12  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Jan Michael Alonzo.

        [Qt] Fix build break
        https://bugs.webkit.org/show_bug.cgi?id=26340

        * JavaScriptCore.pri: Add JSONObject.cpp to LUT files.

2009-06-11  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (build fix).

        Lower stringify recursion limit to deal with small windows stack.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::):

2009-06-11  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Holger Freyther.

        Fix compilation warnings
        <https://bugs.webkit.org/show_bug.cgi?id=26015>

        * wtf/ThreadingNone.cpp:
        (WTF::ThreadCondition::wait): Fix compilation warning.
        (WTF::ThreadCondition::timedWait): Ditto.

2009-06-10  Brent Fulgham  <bfulgham (a] webkit.org>

        Build fix for Windows target.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
          Correct missing </File> tag after @r44550 that prevents the
          project from being loaded in the Visual Studio IDE.

2009-06-09  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber Stamped by Mark Rowe.

        Tidy up a couple of comments.

        * assembler/ARMv7Assembler.h:
            Fix date in copyright, neaten up a couple of comments.
        * assembler/MacroAssemblerARMv7.h:
            Fix date in copyright.

2009-06-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 26249: Support JSON.stringify
        <https://bugs.webkit.org/show_bug.cgi?id=26249>
        
        Implement JSON.stringify.  This patch handles all the semantics of the ES5
        JSON.stringify function, including replacer functions and arrays and both
        string and numeric gap arguments.
        
        Currently uses a clamped recursive algorithm basically identical to the spec
        description but with a few minor tweaks for performance and corrected semantics
        discussed in the es-discuss mailing list.

        * DerivedSources.make:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/CallFrame.h:
        (JSC::ExecState::jsonTable):
        * runtime/CommonIdentifiers.h:
           add toJSON to the list of common identifiers

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
            Add support for the JSON object lookup table

        * runtime/JSONObject.cpp: Added.
        (JSC::):
        (JSC::JSONObject::getOwnPropertySlot):
        (JSC::Stringifier::):
        (JSC::Stringifier::Stringifier):
        (JSC::Stringifier::stringify):
        (JSC::Stringifier::appendString):

        (JSC::Stringifier::StringKeyGenerator::StringKeyGenerator):
        (JSC::Stringifier::StringKeyGenerator::getKey):
        (JSC::Stringifier::IntKeyGenerator::IntKeyGenerator):
        (JSC::Stringifier::IntKeyGenerator::getKey):
            These KeyGenerator classes are used to abstract away the lazy evaluation of keys for
            toJSON and replacer functions.

        (JSC::Stringifier::toJSONValue):
        (JSC::Stringifier::stringifyArray):
        (JSC::Stringifier::stringifyObject):
        (JSC::JSONProtoFuncStringify):
        * runtime/JSONObject.h: Added.
        (JSC::JSONObject:::JSObject):
        (JSC::JSONObject::classInfo):
        (JSC::JSONObject::createStructure):

2009-06-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Enable JIT_OPTIMIZE_CALL & JIT_OPTIMIZE_METHOD_CALLS on ARMv7 platforms.

        These optimizations function correctly with no further changes.

        * wtf/Platform.h:
            Change to enable JIT_OPTIMIZE_CALL & JIT_OPTIMIZE_METHOD_CALLS.

2009-06-09  Gavin Barraclough  <barraclough (a] apple.com>

        Not Reviewed, build fix.

        * assembler/MacroAssemblerARMv7.h:

2009-06-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Enable JIT_OPTIMIZE_ARITHMETIC on ARMv7 platforms.

        Temporarily split support for 'branchTruncateDoubleToInt32' onto its own switch
        ('supportsFloatingPointTruncate').  See comment in MacroAssemblerARMv7, we need
        to work out wherther we are going to be able to support the current interface on
        all platforms, or whether this should be refactored.

        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
            Add implementation of supportsFloatingPointTruncate (returns true).
        (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
            Add implementation of supportsFloatingPointTruncate (returns false).
        (JSC::MacroAssemblerARMv7::loadDouble):
        (JSC::MacroAssemblerARMv7::storeDouble):
        (JSC::MacroAssemblerARMv7::addDouble):
        (JSC::MacroAssemblerARMv7::subDouble):
        (JSC::MacroAssemblerARMv7::mulDouble):
        (JSC::MacroAssemblerARMv7::convertInt32ToDouble):
        (JSC::MacroAssemblerARMv7::branchDouble):
            Implement FP code genertion operations.
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
            Add implementation of supportsFloatingPointTruncate (returns true).
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
            Add implementation of supportsFloatingPointTruncate (returns true).
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
            Changed to call supportsFloatingPointTruncate().
        (JSC::JIT::emitSlow_op_rshift):
            Changed to call supportsFloatingPointTruncate().
        * wtf/Platform.h:
            Change to enable JIT_OPTIMIZE_ARITHMETIC.

2009-06-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Mark Rowe & Geoff Garen.

        Enable JIT_OPTIMIZE_PROPERTY_ACCESS on ARMv7 platforms.

        Firm up interface for planting load intructions that will be repatched by
        repatchLoadPtrToLEA().  This method should now no longer be applied to just
        any loadPtr instruction.

        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::loadPtrWithPatchToLEA):
            Implement loadPtrWithPatchToLEA interface (plants a load with a fixed width address).
        (JSC::MacroAssemblerARMv7::move):
        (JSC::MacroAssemblerARMv7::nearCall):
        (JSC::MacroAssemblerARMv7::call):
        (JSC::MacroAssemblerARMv7::moveWithPatch):
        (JSC::MacroAssemblerARMv7::tailRecursiveCall):
            Switch to use common method 'moveFixedWidthEncoding()' to perform fixed width (often patchable) loads.
        (JSC::MacroAssemblerARMv7::moveFixedWidthEncoding):
            Move an immediate to a register, always plants movT3/movt instruction pair.
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::loadPtrWithPatchToLEA):
            Implement loadPtrWithPatchToLEA interface (just a regular 32-bit load on x86).
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::loadPtrWithPatchToLEA):
            Implement loadPtrWithPatchToLEA interface (just a regular 64-bit load on x86_64).
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::emit_op_put_by_id):
        * wtf/Platform.h:
            Change to enable JIT_OPTIMIZE_PROPERTY_ACCESS.

2009-06-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Enable JS language JIT for ARM thumb2 platforms.  Add ARMv7 specific
        asm & constants, add appropriate configuration switches to Platform.h.

        Landing this disabled until jump linking is completed (see YARR jit patch).

        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::load32):
            Fix: should load pointer with ImmPtr not Imm32.
        (JSC::MacroAssemblerARMv7::store32):
            Fix: should load pointer with ImmPtr not Imm32.
        (JSC::MacroAssemblerARMv7::move):
            Fix: When moving an Imm32 that is actually a pointer, should call movT3()
            not mov(), to ensure code generation is repeatable (for exception handling).
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
            Disable JIT_OPTIMIZE_NATIVE_CALL specific code generation if the optimization is not enabled.
        * jit/JIT.h:
            Add ARMv7 specific values of constants & register names.
        * jit/JITInlineMethods.h:
        (JSC::JIT::preverveReturnAddressAfterCall):
        (JSC::JIT::restoreReturnAddressBeforeReturn):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
            Implement for ARMv7 (move value to/from lr).
        * jit/JITStubs.cpp:
            Add JIT entry/thow trampolines, add macro to add thunk wrapper around stub routines.
        * jit/JITStubs.h:
        (JSC::JITStackFrame::returnAddressSlot):
            Add ARMv7 stack frame object.
        * wtf/Platform.h:
            Add changes necessary to allow JIT to build on this platform, disabled.

2009-06-08  Mark Rowe  <mrowe (a] apple.com>

        Speculative GTK build fix.

        * wtf/DateMath.cpp:

2009-06-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Mark Rowe.

        Previous patch caused a regression.

        Restructure so no new (empty, inline) function calls are added on x86.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::makeWritable):
        (JSC::ExecutableAllocator::makeExecutable):
        (JSC::ExecutableAllocator::reprotectRegion):
        (JSC::ExecutableAllocator::cacheFlush):

2009-06-08  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Unreviewed, GTK build fix (thanks, bdash).

        * GNUmakefile.am: Moved DateMath with all other wtf kin.

2009-06-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Add (incomplete) support to YARR for running with the jit enabled
        on Arm thumb2 platforms.  Adds new Assembler/MacroAssembler classes,
        along with cache flushing support, tweaks to MacroAssemblerCodePtr
        to support decorated thumb code pointers, and new enter/exit code
        to YARR jit for the platform.

        Support for this platform is still under development - the assembler
        currrently only supports planting and linking jumps with a 16Mb range.
        As such, initially commiting in a disabled state.

        * JavaScriptCore.xcodeproj/project.pbxproj:
            Add new assembler files.
        * assembler/ARMv7Assembler.h: Added.
            Add new Assembler.
        * assembler/AbstractMacroAssembler.h:
            Tweaks to ensure sizes of pointer values planted in JIT code do not change.
        * assembler/MacroAssembler.h:
            On ARMv7 platforms use MacroAssemblerARMv7.
        * assembler/MacroAssemblerARMv7.h: Added.
            Add new MacroAssembler.
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::FunctionPtr::FunctionPtr):
            Add better ASSERT.
        (JSC::ReturnAddressPtr::ReturnAddressPtr):
            Add better ASSERT.
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
            On ARMv7, MacroAssemblerCodePtr's mush be 'decorated' with a low bit set,
            to indicate to the processor that the code is thumb code, not traditional
            32-bit ARM.
        (JSC::MacroAssemblerCodePtr::dataLocation):
            On ARMv7, decoration must be removed.
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::makeWritable):
            Reformatted, no change.
        (JSC::ExecutableAllocator::makeExecutable):
            When marking code executable also cache flush it, where necessary.
        (JSC::ExecutableAllocator::MakeWritable::MakeWritable):
            Only use the null implementation of this class if both !ASSEMBLER_WX_EXCLUSIVE
            and running on x86(_64) - on other platforms we may also need ensure that
            makeExecutable is called at the end to flush caches.
        (JSC::ExecutableAllocator::reprotectRegion):
            Reformatted, no change.
        (JSC::ExecutableAllocator::cacheFlush):
            Cache flush a region of memory, or platforms where this is necessary.
        * wtf/Platform.h:
            Add changes necessary to allow YARR jit to build on this platform, disabled.
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):
            Add support to these methods for ARMv7.

2009-06-08  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Unreviewed, fix my previous fix.

        * runtime/DateInstance.cpp:
        (JSC::DateInstance::msToGregorianDateTime): Use WTF namespace qualifier to
            disambiguate func signatures.

2009-06-08  Mark Rowe  <mrowe (a] apple.com>

        Attempt to fix the Tiger build.

        * wtf/Platform.h: Only test the value of the macro once we know it is defined.

2009-06-08  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Unreviewed, another Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-08  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Unreviewed, projectile-fixing Windows build.

        * runtime/DateConversion.cpp: Added StringExtras include.
        * wtf/DateMath.cpp: Replaced math with algorithm include (looking for std::min def for Windows).

2009-06-08  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Unreviewed, Windows build fix.

        * runtime/DateConstructor.cpp: Changed to use WTF namespace.
        * runtime/DateConversion.cpp: Added UString include.
        * runtime/DateInstance.cpp: Changed to use WTF namespace.
        * wtf/DateMath.cpp: Added math include.

2009-06-08  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=26238
        Move most of runtime/DateMath functions to wtf/DateMath, and split off conversion-related
        helpers to DateConversion.

        * AllInOneFile.cpp: Changed DateMath->DateConversion.
        * GNUmakefile.am: Ditto and added DateMath.
        * JavaScriptCore.exp: Ditto.
        * JavaScriptCore.pri: Ditto.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Added DateMath.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
        * JavaScriptCoreSources.bkl: Ditto.
        * pcre/pcre_exec.cpp: Changed to use DateMath.
        * profiler/ProfileNode.cpp:
        (JSC::getCount): Changed to use DateConversion.
        * runtime/DateConstructor.cpp: Ditto.
        * runtime/DateConversion.cpp: Copied from JavaScriptCore/runtime/DateMath.cpp.
        (JSC::parseDate): Refactored to use null-terminated characters as input.
        * runtime/DateConversion.h: Copied from JavaScriptCore/runtime/DateMath.h.
        * runtime/DateInstance.cpp: Changed to use wtf/DateMath.
        * runtime/DateInstance.h: Ditto.
        * runtime/DateMath.cpp: Removed.
        * runtime/DateMath.h: Removed.
        * runtime/DatePrototype.cpp: Ditto.
        * runtime/InitializeThreading.cpp: Ditto.
        * wtf/DateMath.cpp: Copied from JavaScriptCore/runtime/DateMath.cpp.
        * wtf/DateMath.h: Copied from JavaScriptCore/runtime/DateMath.h.

2009-06-08  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:

2009-06-07  David Kilzer  <ddkilzer (a] apple.com>

        Make JavaScriptCore compile for iPhone and iPhone Simulator

        Reviewed by Gavin Barraclough.

        * Configurations/Base.xcconfig: Split GCC_ENABLE_OBJC_GC on
        $(REAL_PLATFORM_NAME).  Added $(ARCHS_UNIVERSAL_IPHONE_OS) to
        VALID_ARCHS.  Added REAL_PLATFORM_NAME_iphoneos,
        REAL_PLATFORM_NAME_iphonesimulator, HAVE_DTRACE_iphoneos and
        HAVE_DTRACE_iphonesimulator variables.
        * Configurations/DebugRelase.xcconfig: Split ARCHS definition on
        $(REAL_PLATFORM_NAME).
        * Configurations/JavaScriptCore.xcconfig: Added
        EXPORTED_SYMBOLS_FILE_armv6 and EXPORTED_SYMBOLS_FILE_armv7
        variables.  Split OTHER_LDFLAGS into OTHER_LDFLAGS_BASE and
        OTHER_LDFLAGS_$(REAL_PLATFORM_NAME) since CoreServices.framework
        is only linked to on Mac OS X.
        * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
        to CoreServices.framework since it's linked using OTHER_LDFLAGS
        in JavaScriptCore.xcconfig.
        * profiler/ProfilerServer.mm: Added #import for iPhone
        Simulator.
        (-[ProfilerServer init]): Conditionalize use of
        NSDistributedNotificationCenter to non-iPhone or iPhone
        Simulator.
        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::): Build fix for iPhone and iPhone
        Simulator.
        * wtf/Platform.h: Defined PLATFORM(IPHONE) and
        PLATFORM(IPHONE_SIMULATOR).
        * wtf/ThreadingPthreads.cpp:
        (WTF::setThreadNameInternal): Build fix for iPhone and iPhone
        Simulator.

2009-06-08  Tor Arne Vestb  <tor.arne.vestbo (a] nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Use $QMAKE_PATH_SEP instead of hardcoded / to fix Windows build

        * JavaScriptCore.pri:
        * JavaScriptCore.pro:
        * jsc.pro:

2009-06-07  Gavin Barraclough  <barraclough (a] apple.com>

        RS by Sam Weinig.

        Remove bonus bogus \n from last commit.

        * jit/JITStubs.cpp:
        (JSC::):

2009-06-07  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Change the implementation of op_throw so the stub function always modifies its
        return address - if it doesn't find a 'catch' it will switch to a trampoline
        to force a return from JIT execution.  This saves memory, by avoiding the need
        for a unique return for every op_throw.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
            JITStubs::cti_op_throw now always changes its return address,
            remove return code generated after the stub call (this is now
            handled by ctiOpThrowNotCaught).
        * jit/JITStubs.cpp:
        (JSC::):
            Add ctiOpThrowNotCaught definitions.
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
            Change cti_op_throw to always change its return address.
        * jit/JITStubs.h:
            Add ctiOpThrowNotCaught declaration.

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Rudder stamped by Sam Weinig.

        Add missing ASSERT.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::getRelocatedAddress):

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Switch storePtrWithPatch to take the initial immediate value as an argument.

        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::storePtrWithPatch):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::storePtrWithPatch):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jsr):

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Remove patchLength..tByIdExternalLoadPrefix magic numbers from JIT.h.

        These aren't really suitable values to be tracking within common code
        of the JIT, since they are not (and realistically cannot) be checked
        by ASSERTs, as the other repatch offsets are.  Move this functionality
        (skipping the REX prefix when patching load instructions to LEAs on
        x86-64) into the X86Assembler.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::CodeLocationInstruction::repatchLoadPtrToLEA):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::repatchLoadPtrToLEA):
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):

2009-06-05  Shinichiro Hamaji  <hamaji (a] chromium.org>

        Bug 26160: Compile fails in MacOSX when GNU fileutils are installed

        <https://bugs.webkit.org/show_bug.cgi?id=26160>

        Reviewed by Alexey Proskuryakov.

        Use /bin/ln instead of ln for cases where this command is used with -h option.
        As this option is not supported by GNU fileutils, this change helps users 
        who have GNU fileutils in their PATH.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Remove DoubleNotEqual floating point comparison condition for now -
        it is not used, and it is unclear the semantics are correct (I think
        this comparison would actually give you not-equal-or-unordered, which
        might be what is wanted... we can revisit this interface & get it
        right when required).

        Also, fix asserts in branchArith32 ops.  All adds & subs can check
        for Signed, multiply only sets OF so can only check for overflow.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::):
        (JSC::MacroAssemblerX86Common::branchAdd32):
        (JSC::MacroAssemblerX86Common::branchMul32):
        (JSC::MacroAssemblerX86Common::branchSub32):

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Minor tidy up in JITStubs.

        * jit/JITStubs.cpp:
        (JSC::StackHack::StackHack):
        * jit/JITStubs.h:

2009-06-05  Koen Kooi <koen (a] dominion.thruhere.net>

        Reviewed by Xan Lopez.

        Build fix for glib unicode backend.

        * wtf/unicode/glib/UnicodeMacrosFromICU.h:

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        3 tiny cleanups:

        * assembler/MacroAssemblerX86.h:
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::storePtrWithPatch):
            store*() methods should take an ImplicitAddress, rather than an Address.
        * assembler/X86Assembler.h:
            Make patchPointer private.
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_ret):
            Remove empty line at end of function.

2009-06-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Encapsulate many uses of void* in the assembler & jit with types that provide
        more semantic information.  The new types are:
        
            * MacroAssemblerCodePtr - this wraps a pointer into JIT generated code.
            * FunctionPtr - this wraps a pointer to a C/C++ function in JSC.
            * ReturnAddressPtr - this wraps a return address resulting from a 'call' instruction.

        Wrapping these types allows for stronger type-checking than is possible with everything
        represented a void*.  For example, it is now enforced by the type system that near
        calls can only be linked to JIT code and not to C functions in JSC (this was previously
        required, but could not be enforced on the interface).

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::CodeLocationCommon::CodeLocationCommon):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::dataLocation):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::executableAddress):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::reset):
        (JSC::AbstractMacroAssembler::CodeLocationInstruction::repatchLoadToLEA):
        (JSC::AbstractMacroAssembler::CodeLocationInstruction::CodeLocationInstruction):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForSwitch):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForExceptionHandler):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForJSR):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::operator!):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::reset):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::CodeLocationLabel):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::getJumpDestination):
        (JSC::AbstractMacroAssembler::CodeLocationJump::relink):
        (JSC::AbstractMacroAssembler::CodeLocationJump::CodeLocationJump):
        (JSC::AbstractMacroAssembler::CodeLocationCall::relink):
        (JSC::AbstractMacroAssembler::CodeLocationCall::calleeReturnAddressValue):
        (JSC::AbstractMacroAssembler::CodeLocationCall::CodeLocationCall):
        (JSC::AbstractMacroAssembler::CodeLocationNearCall::relink):
        (JSC::AbstractMacroAssembler::CodeLocationNearCall::calleeReturnAddressValue):
        (JSC::AbstractMacroAssembler::CodeLocationNearCall::CodeLocationNearCall):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::repatch):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::CodeLocationDataLabel32):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::repatch):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::CodeLocationDataLabelPtr):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToTrampoline):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkNearCallerToTrampoline):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::addressForLookup):
        (JSC::AbstractMacroAssembler::trampolineAt):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::AbstractMacroAssembler::PatchBuffer::performFinalization):
        (JSC::::CodeLocationCommon::instructionAtOffset):
        (JSC::::CodeLocationCommon::labelAtOffset):
        (JSC::::CodeLocationCommon::jumpAtOffset):
        (JSC::::CodeLocationCommon::callAtOffset):
        (JSC::::CodeLocationCommon::nearCallAtOffset):
        (JSC::::CodeLocationCommon::dataLabelPtrAtOffset):
        (JSC::::CodeLocationCommon::dataLabel32AtOffset):
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::FunctionPtr::FunctionPtr):
        (JSC::FunctionPtr::value):
        (JSC::FunctionPtr::executableAddress):
        (JSC::ReturnAddressPtr::ReturnAddressPtr):
        (JSC::ReturnAddressPtr::value):
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        (JSC::MacroAssemblerCodePtr::executableAddress):
        (JSC::MacroAssemblerCodePtr::dataLocation):
        (JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::patchPointerForCall):
        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITCode.h:
        (JSC::JITCode::operator !):
        (JSC::JITCode::addressForCall):
        (JSC::JITCode::offsetOf):
        (JSC::JITCode::execute):
        (JSC::JITCode::size):
        (JSC::JITCode::HostFunction):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitNakedCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiArrayLengthTrampoline):
        (JSC::JITThunks::ctiStringLengthTrampoline):
        (JSC::JITThunks::ctiVirtualCallPreLink):
        (JSC::JITThunks::ctiVirtualCallLink):
        (JSC::JITThunks::ctiVirtualCall):
        (JSC::JITThunks::ctiNativeCallThunk):
        * yarr/RegexJIT.h:
        (JSC::Yarr::RegexCodeBlock::operator!):
        (JSC::Yarr::RegexCodeBlock::execute):

2009-06-05  Antti Koivisto  <antti (a] apple.com>

        Try to unbreak Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-03  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Dave Kilzer.
        
        https://bugs.webkit.org/show_bug.cgi?id=13128
        Safari not obeying cache header
        
        Export JSC::parseDate()

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-06-04  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bug in property caching of getters and setters.

        Make sure that the transition logic accounts for getters and setters.
        If we don't we end up screwing up the transition tables so that some
        transitions will start incorrectly believing that they need to check
        for getters and setters. 

        * runtime/JSObject.cpp:
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        * runtime/JSObject.h:
        (JSC::):
        * runtime/Structure.h:

2009-06-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Minor tweak to PatchBuffer, change it so it no longer holds a CodeRef, and instead
        holds a separate code pointer and executable pool.  Since it now always holds its
        own copy of the code size, and to simplify the construction sequence, it's neater
        this way.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::PatchBuffer::PatchBuffer):
        (JSC::AbstractMacroAssembler::PatchBuffer::finalizeCode):
        (JSC::AbstractMacroAssembler::PatchBuffer::code):
        (JSC::AbstractMacroAssembler::PatchBuffer::performFinalization):

2009-06-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Remove 'JIT_STUB_ARGUMENT_STACK' this is unused and untested.

        This just leaves JIT_STUB_ARGUMENT_REGISTER and JIT_STUB_ARGUMENT_VA_LIST.
        Since JIT_STUB_ARGUMENT_REGISTER is the sensible configuration on most platforms,
        remove this define and make this the default behaviour.
        Platforms must now define JIT_STUB_ARGUMENT_VA_LIST to get crazy va_list voodoo,
        if they so desire.

        (Refactoring of #ifdefs only, no functional change, no performance impact.)

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITStubs.cpp:
        (JSC::):
        * jit/JITStubs.h:
        * wtf/Platform.h:

2009-06-04  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Sam Weinig.

        * jit/JITArithmetic.cpp:
            Remove some redundant typedefs, unused since arithmetic was added to the MacroAssembler interface.

2009-06-04  Brent Fulgham  <bfulgham (a] webkit.org>

        Build fix due to header include problem.

        * interpreter/Interpreter.h: Remove wtf from includes so that
          compile can find the headers in expected places.

2009-06-04  Zoltan Horvath  <hzoltan (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        HashTable class (JavaScriptCore/wtf/HashTable.h) doesn't instantiated by 'new', so 
        inheritance was removed. HashTable struct has been instantiated by operator new in
        JSGlobalData.cpp:106.
        HashTable couldn't inherited from FastAllocBase since struct with inheritance is 
        no longer POD, so HashTable struct has been instantiated by fastNew, destroyed by
        fastDelete.

        * interpreter/Interpreter.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        * wtf/HashTable.h:

2009-06-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Wrap the code that plants pushes/pops planted by JIT in explanatorily named
        methods; move property storage reallocation into a standard stub function.

        ~No performance impact (possible <1% progression on x86-64, likely just noise).

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
            Wrap calls to push/pop.
        * jit/JIT.h:
            Declare the new wrapper methods.
        * jit/JITInlineMethods.h:
        (JSC::JIT::preverveReturnAddressAfterCall):
        (JSC::JIT::restoreReturnAddressBeforeReturn):
            Define the new wrapper methods.
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_end):
        (JSC::JIT::emit_op_ret):
            Wrap calls to push/pop.
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
            Move property storage reallocation into a standard stub function.
        * jit/JITStubs.cpp:
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::JITStubs::):

2009-06-04  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Ariya Hidayat.

        [Qt] Single-threaded QtWebKit configuration
        <https://bugs.webkit.org/show_bug.cgi?id=26015>

        * JavaScriptCore.pri: Use ThreadingNone.cpp instead of
        ThreadingQt.cpp and make sure ENABLE_JSC_MULTIPLE_THREADS is turned off
        when ENABLE_SINGLE_THREADED is tuned on
        * wtf/ThreadingNone.cpp:
        (WTF::ThreadCondition::wait): Fix compilation warning.
        (WTF::ThreadCondition::timedWait): Ditto.

2009-06-02  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Anders Carlsson.

        Remove workaround that was added to address <rdar://problem/5488678> as it no longer affects our Tiger builds.

        * Configurations/Base.xcconfig:

2009-06-02  Xan Lopez  <xlopez (a] igalia.com>

        Reviewed by Sam Weinig.

        Use C-style comments in Platform.h so it can be included from C
        files.

        * wtf/Platform.h:

2009-06-02  Tor Arne Vestb  <tor.arne.vestbo (a] nokia.com>

        Rubber-stamped by Simon Hausmann.

        Use File::Spec->tmpdir instead of hardcoded paths for tempfile() dir
        
        This fixes the Windows-build if the user does not have a /tmp directory.

        * pcre/dftables:

2009-06-02  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver ">>" Hunt.

        emitSlow_op_rshift is linking the wrong number of slow cases, if !supportsFloatingPoint().
        Fixerate, and refactor/comment the code a little to make it clearer what is going on.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):

2009-06-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by NOBODY - speculative windows build fix (errm, for the other patch!).

        * jit/JITStubs.cpp:
        (JSC::):

2009-06-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by NOBODY - speculative windows build fix.

        * assembler/AbstractMacroAssembler.h:
        (JSC::::CodeLocationCall::CodeLocationCall):
        (JSC::::CodeLocationNearCall::CodeLocationNearCall):

2009-06-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Olliej Hunt.

        Change JITStub functions from being static members on the JITStub class to be
        global extern "C" functions, and switch their the function signature declaration
        in the definition of the functions to be C-macro generated.  This makes it easier
        to work with the stub functions from assembler code (since the names no longer
        require mangling), and by delaring the functions with a macro we can look at
        also auto-generating asm thunks to wrap the JITStub functions to perform the
        work currently in 'restoreArgumentReference' (as a memory saving).

        Making this change also forces us to be a bit more realistic about what is private
        on the Register and CallFrame objects.  Presently most everything on these classes
        is private, and the classes have plenty of friends.  We could befriend all the
        global functions to perpetuate the delusion of encapsulation, but using friends is
        a bit of a sledgehammer solution here - since friends can poke around with all of
        the class's privates, and since all the major classes taht operate on Regsiters are
        currently friends, right there is currently in practice very little protection at
        all.  Better to start removing friend delclarations, and exposing just the parts
        that need to be exposed.

        * interpreter/CallFrame.h:
        (JSC::ExecState::returnPC):
        (JSC::ExecState::setCallerFrame):
        (JSC::ExecState::returnValueRegister):
        (JSC::ExecState::setArgumentCount):
        (JSC::ExecState::setCallee):
        (JSC::ExecState::setCodeBlock):
        * interpreter/Interpreter.h:
        * interpreter/Register.h:
        (JSC::Register::Register):
        (JSC::Register::i):
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::JITThunks::JITThunks):
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::JITStubs::):
        * runtime/JSFunction.h:
        (JSC::JSFunction::nativeFunction):
        (JSC::JSFunction::classInfo):
        * runtime/JSGlobalData.h:

2009-06-01  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Tidy up the literal parser.

        Make the number lexing in the LiteralParser exactly match the JSON spec, which
        makes us cover more cases, but also more strict.  Also made string lexing only
        allow double-quoted strings.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lex):
        (JSC::LiteralParser::Lexer::lexString):
        (JSC::LiteralParser::Lexer::lexNumber):

2009-06-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam "WX" Weinig.

        Allow the JIT to operate without relying on use of RWX memory, on platforms where this is supported.

        This patch adds a switch to Platform.h (ENABLE_ASSEMBLER_WX_EXCLUSIVE) which enables this mode of operation.
        When this flag is set, all executable memory will be allocated RX, and switched to RW only whilst being
        modified.  Upon completion of code generation the protection is switched back to RX to allow execution.

        Further optimization will be required before it is desirable to enable this mode of operation by default;
        enabling this presently incurs a 5%-10% regression.

        (Submitting disabled - no performance impact).

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::CodeLocationInstruction::repatchLoadToLEA):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::fromFunctionPointer):
        (JSC::AbstractMacroAssembler::CodeLocationJump::relink):
        (JSC::AbstractMacroAssembler::CodeLocationCall::relink):
        (JSC::AbstractMacroAssembler::CodeLocationNearCall::relink):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::repatch):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::repatch):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToTrampoline):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkNearCallerToTrampoline):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkNearCallerToFunction):
        (JSC::AbstractMacroAssembler::PatchBuffer::PatchBuffer):
        (JSC::AbstractMacroAssembler::PatchBuffer::~PatchBuffer):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::AbstractMacroAssembler::PatchBuffer::patch):
        (JSC::AbstractMacroAssembler::PatchBuffer::performFinalization):
        (JSC::::CodeLocationCommon::nearCallAtOffset):
        (JSC::::CodeLocationCall::CodeLocationCall):
        (JSC::::CodeLocationNearCall::CodeLocationNearCall):
        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::executableCopy):
        * assembler/X86Assembler.h:
        (JSC::CAN_SIGN_EXTEND_U32_64):
        (JSC::X86Assembler::linkJump):
        (JSC::X86Assembler::linkCall):
        (JSC::X86Assembler::patchPointer):
        (JSC::X86Assembler::relinkJump):
        (JSC::X86Assembler::relinkCall):
        (JSC::X86Assembler::repatchInt32):
        (JSC::X86Assembler::repatchPointer):
        (JSC::X86Assembler::repatchLoadToLEA):
        (JSC::X86Assembler::patchInt32):
        (JSC::X86Assembler::patchRel32):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::):
        (JSC::ExecutableAllocator::makeWritable):
        (JSC::ExecutableAllocator::makeExecutable):
        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemAlloc):
        (JSC::ExecutablePool::systemRelease):
        (JSC::ExecutableAllocator::reprotectRegion):
        * jit/ExecutableAllocatorWin.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        * wtf/Platform.h:

2009-05-29 Zoltan Horvath  <hzoltan (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits Interpreter class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/JSGlobalData.cpp. 

        * interpreter/Interpreter.h:

2009-06-01  David Levin  <levin (a] chromium.org>

        Reviewed by NOBODY (windows build fix).

        Add exports for windows (corresponding to the JavaScriptCore.exp modification
        in the previous change).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-01  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Alder and Maciej Stachowiak.

        Bug 26057: StringImpl should share buffers with UString.
        https://bugs.webkit.org/show_bug.cgi?id=26057

        * JavaScriptCore.exp:
        * runtime/UString.cpp:
        (JSC::UString::Rep::create):
        (JSC::UString::BaseString::sharedBuffer): Only do the sharing when
        the buffer exceeds a certain size.  The size was tuned by running
        various dom benchmarks with numbers ranging from 20 to 800 and finding
        a place that seemed to do the best overall.
        * runtime/UString.h:

2009-05-31  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Olliej "you just need to change NativeFunctionWrapper.h" Hunt.

        Add ENABLE_JIT_OPTIMIZE_NATIVE_CALL switch to allow JIT to operate without native call optimizations.

        * runtime/NativeFunctionWrapper.h:
        * wtf/Platform.h:

2009-05-30  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/6935193> REGRESSION (r42734): Celtic Kane JavaScript benchmark does not run:
        "Maximum call stack size exceeded"

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString): Use the same recursion limit as the other recursion checks.
        We need a limit of at least 100 to run the benchmark above.
        (JSC::arrayProtoFuncToLocaleString): Ditto.
        (JSC::arrayProtoFuncJoin): Ditto.

2009-05-28  Dirk Schulze  <krit (a] webkit.org>

        Reviewed by Nikolas Zimmermann.

        Added new build flag --filters for Mac. More details in WebCore/ChangeLog.

        * Configurations/FeatureDefines.xcconfig:

2009-05-27  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6928025> Stack overflow in JSC::stringProtoFuncReplace() running jsFunFuzz

        We should always check for exceptions after creating a CachedCall, this wasn't being done in
        the string replace logic.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):

2009-05-27  Gustavo Noronha Silva  <gustavo.noronha (a] collabora.co.uk>

        Unreviewed (make distcheck) build fix; adding missing headers.

        * GNUmakefile.am:

2009-05-27  Jessie Berlin  <jberlin (a] apple.com>

        Reviewed by Adam Roben
        
        Fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-27  Fridrich Strba  <fridrich.strba (a] bluewin.ch>

        Reviewed by Gustavo Noronha.

        When building on Windows, consider Windows specific files.

        * GNUmakefile.am:

2009-05-27  Fridrich Strba  <fridrich.strba (a] bluewin.ch>

        Reviewed by Maciej Stachowiak.

        When building with MinGW, don't use the __declspec(dl{import,export})
        decorations and rely on the linker to use its nifty auto-import feature.
        It is extremely hard to get the decorations right with MinGW in general
        and impossible in WebKit, where the resulting shared library is linking
        together some static libraries.

        * config.h:

2009-05-26  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Reviewed by Xan Lopez.

        https://bugs.webkit.org/show_bug.cgi?id=25613

        Be able to use GOwnPtr for GHashTable as well. The assumption
        is that the hash table has been created with g_hash_table_new_full
        and has proper destruction functions.

        * wtf/GOwnPtr.cpp:
        (WTF::GHashTable):
        * wtf/GOwnPtr.h:

2009-05-26  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6924033> REGRESSION: Assertion failure due to forward references

        Add a pattern type for forward references to ensure that we don't confuse the
        quantifier alternatives assertion.

        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::RegexPatternConstructor::atomBackReference):
        (JSC::Yarr::RegexPatternConstructor::setupAlternativeOffsets):
        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::ByteCompiler::emitDisjunction):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateTerm):
        * yarr/RegexPattern.h:
        (JSC::Yarr::PatternTerm::):
        (JSC::Yarr::PatternTerm::PatternTerm):
        (JSC::Yarr::PatternTerm::ForwardReference):

2009-05-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix for: <rdar://problem/6918095> REGRESSION: jQuery load() issue (25981),
        and also an ASSERT failure on http://ihasahotdog.com/.

        When overwriting a property on a dictionary with a cached specific value,
        clear the cache if new value being written is different.

        * JavaScriptCore.exp:
            Export the new symbols.
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_get_by_id_method_check_second):
            Close dictionary prototypes upon caching a method access, as would happen when caching
            a regular get_by_id.
        * runtime/JSObject.h:
        (JSC::JSObject::propertyStorage):
        (JSC::JSObject::locationForOffset):
            Make these methods private.
        (JSC::JSObject::putDirectInternal):
            When overwriting a property on a dictionary with a cached specific value,
            clear the cache if new value being written is different.
        * runtime/Structure.cpp:
        (JSC::Structure::despecifyDictionaryFunction):
            Reset the specific value field for a given property in a dictionary.
        (JSC::Structure::despecifyFunctionTransition):
            Rename of 'changeFunctionTransition' (this was already internally refered to as a despecification).
        * runtime/Structure.h:
            Declare new method.

2009-05-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver "pieces of eight" Hunt.

        When reseting RegexPattern class, should fully reset the class, not just bits of it.
        In particular, we delete the cached character classes (for wordchars, etc), but do
        not reset the set of pointers to the cached classes.  In the case of a repeated parse
        due to an illegal back-reference we will continue to use the deleted character class.

        * yarr/RegexPattern.h:
        (JSC::Yarr::RegexPattern::reset):

2009-05-26  Brent Fulgham  <bfulgham (a] webkit.org>

        Build fix to correct r44161.

        * wtf/FastAllocBase.h:

2009-05-26  Zoltan Horvath  <horvath.zoltan.6 (a] stud.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        Inherite HashTable from FastAllocBase, because it has been instantiated by
        'new' in JavaScriptCore/runtime/JSGlobalData.cpp.

        * wtf/HashTable.h:
        * wtf/FastAllocBase.h: Remove 'wtf' path from TypeTraits.h to allow use outside of wtf.

2009-05-25  David Levin  <levin (a] chromium.org>

        Reviewed by Maciej Stachowiak and Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=25126
        Allow the buffer underlying UString to be shared.

        In order to not grow the underlying size of any structure,
        there is a union in the Rep string which holds
         + m_sharedBuffer -- a pointer to the shared ref counted buffer
           if the class is BaseString and the buffer is being shared OR
         + m_baseString -- the BaseString if the class is only UString::Rep
           but not a UString::BaseString

        Ideally, m_sharedBuffer would be a RefPtr, but it cannot be because
        it is in a union.

        No change in sunspider perf.

        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/UString.cpp:
        (JSC::UString::Rep::share):
        (JSC::UString::Rep::destroy):
        (JSC::UString::BaseString::sharedBuffer):
        (JSC::UString::BaseString::setSharedBuffer):
        (JSC::UString::BaseString::slowIsBufferReadOnly):
        (JSC::expandCapacity):
        (JSC::UString::Rep::reserveCapacity):
        (JSC::UString::expandPreCapacity):
        (JSC::concatenate):
        (JSC::UString::append):
        * runtime/UString.h:
        (JSC::UString::Rep::Rep):
        (JSC::UString::Rep::):
        (JSC::UString::BaseString::isShared):
        (JSC::UString::BaseString::isBufferReadOnly):
        (JSC::UString::Rep::baseString):
        * wtf/CrossThreadRefCounted.h:
        (WTF::CrossThreadRefCounted::isShared):
        * wtf/OwnFastMallocPtr.h: Added.
        (WTF::OwnFastMallocPtr::OwnFastMallocPtr):
        (WTF::OwnFastMallocPtr::~OwnFastMallocPtr):
        (WTF::OwnFastMallocPtr::get):
        (WTF::OwnFastMallocPtr::release):

2009-05-25  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Re-add interpreter logic to jit-enabled builds as GCC mysteriously regresses without it

        * wtf/Platform.h:

2009-05-25  Fridrich Strba  <fridrich.strba (a] bluewin.ch>

        Reviewed by Maciej Stachowiak.

        The functions written in assembly need to have a leading
        underscore on Windows too.

        * jit/JITStubs.cpp:

2009-05-24  Steve Falkenburg  <sfalken (a] apple.com>

        Build fix for experimental PGO Windows target.
        
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2009-05-23  David Kilzer  <ddkilzer (a] apple.com>

        Part 1 of 2: Bug 25495: Implement PassOwnPtr and replace uses of std::auto_ptr

        <https://bugs.webkit.org/show_bug.cgi?id=25495>

        Reviewed by Oliver Hunt.

        * GNUmakefile.am: Added OwnPtrCommon.h and PassOwnPtr.h.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.

        * wtf/OwnPtr.h:
        (WTF::OwnPtr::OwnPtr): Added constructors that take a
        PassOwnPtr.  Also added a copy constructor declaration that's
        required when assigning a PassOwnPtr to a stack-based OwnPtr.
        (WTF::operator=): Added assignment operator methods that take a
        PassOwnPtr.
        (WTF::swap): Reformatted.
        (WTF::operator==): Whitespace changes.
        (WTF::operator!=): Ditto.

        * wtf/OwnPtrCommon.h: Added.
        (WTF::deleteOwnedPtr):

        * wtf/PassOwnPtr.h: Added.
        (WTF::PassOwnPtr::PassOwnPtr):
        (WTF::PassOwnPtr::~PassOwnPtr):
        (WTF::PassOwnPtr::get):
        (WTF::PassOwnPtr::clear):
        (WTF::PassOwnPtr::release):
        (WTF::PassOwnPtr::operator*):
        (WTF::PassOwnPtr::operator->):
        (WTF::PassOwnPtr::operator!):
        (WTF::PassOwnPtr::operator UnspecifiedBoolType):
        (WTF::::operator):
        (WTF::operator==):
        (WTF::operator!=):
        (WTF::static_pointer_cast):
        (WTF::const_pointer_cast):
        (WTF::getPtr):

2009-05-23  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Remove interpreter specific logic from the JIT builds.

        This saves ~100k in JSC release builds.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * wtf/Platform.h:

2009-05-22  Mark Rowe  <mrowe (a] apple.com>

        Part two of an attempted Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-22  Mark Rowe  <mrowe (a] apple.com>

        Part one of an attempted Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-21  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        op_method_check

        Optimize method calls, by caching specific function values within the Structure.
        The new opcode is used almost like an x86 opcode prefix byte to optimize op_get_by_id,
        where the property access is being used to read a function to be passed to op-call (i.e.
        'foo.bar();').  This patch modifies the Structure class such that when a property is
        put to an object for the first time we will check if the value is a function.  If it is,
        we will cache the function value on the Structure.  A Structure in such a state guarantees
        that not only does a property with the given identifier exist on the object, but also that
        its value is unchanged.  Upon any further attempt to put a property with the same identifier
        (but a different value) to the object, it will transition back to a normal Structure (where
        it will guarantee the presence but not the value of the property).

        op_method_check makes use of the new information made available by the Structure, by
        augmenting the functionality of op_get_by_id.  Upon generating a FunctionCallDotNode a
        check will be emitted prior to the property access reading the function value, and the JIT
        will generate an extra (initially unlinked but patchable) set of checks prior to the regular
        JIT code for get_by_id.  The new code will do inline structure and prototype structure check
        (unlike a regular get_by_id, which can only handle 'self' accesses inline), and then performs
        an immediate load of the function value, rather than using memory accesses to load the value
        from the obejct's property storage array.  If the method check fails it will revert, or if
        the access is polymorphic, the op_get_by_id will continue to operate - and optimize itself -
        just as any other regular op_get_by_id would.

        ~2.5% on v8-tests, due to a ~9% progression on richards.

        * API/JSCallbackObjectFunctions.h:
        (JSC::::put):
        (JSC::::staticFunctionGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor):
        * JavaScriptCore.exp:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::differenceBetween):
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::moveWithPatch):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/CodeBlock.h:
        (JSC::getMethodCallLinkInfoReturnLocation):
        (JSC::CodeBlock::getMethodCallLinkInfo):
        (JSC::CodeBlock::addMethodCallLinkInfos):
        (JSC::CodeBlock::methodCallLinkInfo):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitMethodCheck):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::MethodCallCompilationInfo::MethodCallCompilationInfo):
        * jit/JITOpcodes.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emitSlow_op_method_check):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::patchMethodCallProto):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_get_by_id_method_check):
        (JSC::JITStubs::cti_op_get_by_id_method_check_second):
        * jit/JITStubs.h:
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        * parser/Nodes.cpp:
        (JSC::FunctionCallDotNode::emitBytecode):
        * runtime/Arguments.cpp:
        (JSC::Arguments::put):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        (JSC::constructError):
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::put):
        (JSC::JSActivation::putWithAttributes):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::JSByteArray):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::getOwnPropertySlot):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::putWithAttributes):
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::mark):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::methodCallDummy):
        * runtime/JSObject.cpp:
        (JSC::JSObject::put):
        (JSC::JSObject::putWithAttributes):
        (JSC::JSObject::deleteProperty):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::getPropertyAttributes):
        (JSC::JSObject::getPropertySpecificFunction):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        * runtime/JSObject.h:
        (JSC::getJSFunction):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectWithoutTransition):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parseObject):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::lookupPut):
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        (JSC::NativeErrorConstructor::construct):
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * runtime/PropertyMapHashTable.h:
        (JSC::PropertyMapEntry::PropertyMapEntry):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PutPropertySlot.h:
        (JSC::PutPropertySlot::):
        (JSC::PutPropertySlot::PutPropertySlot):
        (JSC::PutPropertySlot::setNewProperty):
        (JSC::PutPropertySlot::setDespecifyFunctionProperty):
        (JSC::PutPropertySlot::isCacheable):
        (JSC::PutPropertySlot::cachedOffset):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::~Structure):
        (JSC::Structure::materializePropertyMap):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::changeFunctionTransition):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::get):
        (JSC::Structure::despecifyFunction):
        (JSC::Structure::put):
        (JSC::Structure::remove):
        * runtime/Structure.h:
        (JSC::Structure::get):
        (JSC::Structure::specificFunction):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTableHashTraits::emptyValue):
        * wtf/Platform.h:

2009-05-22  Brent Fulgham <bfulgham (a] webkit.org>

        Reviewed by Steve Falkenburg.

        https://bugs.webkit.org/show_bug.cgi?id=25950
        JavaScriptCore Fails to build on Windows (Cairo) due to CoreFoundation
        link requirement.

        Modify project to add new Debug_CFLite and Release_CFLite targets.  These
        use the new JavaScriptCoreCFLite.vsprops to link against CFLite.dll.
        Existing projects are changed to use the new JavaScriptCoreCF.vsprops
        to link against CoreFoundation.dll.

        The JavaScriptCoreCommon.vsprops is modified to remove the link
        against CoreFoundation.dll.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCF.vsprops: Added.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCFLite.vsprops: Added.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:

2009-05-22  Dominik Rttsches  <dominik.roettsches (a] access-company.com>

        Reviewed by Gustavo Noronha.

        https://bugs.webkit.org/show_bug.cgi?id=15914
        [GTK] Implement Unicode functionality using GLib

        Original patch by Jrg Billeter and Naiem Shaik.
        Implementing WTF Unicode functionality based on GLib.

        * GNUmakefile.am:
        * wtf/unicode/Unicode.h:
        * wtf/unicode/glib: Added.
        * wtf/unicode/glib/UnicodeGLib.cpp: Added.
        (WTF::Unicode::foldCase):
        (WTF::Unicode::toLower):
        (WTF::Unicode::toUpper):
        (WTF::Unicode::direction):
        (WTF::Unicode::umemcasecmp):
        * wtf/unicode/glib/UnicodeGLib.h: Added.
        (WTF::Unicode::):
        (WTF::Unicode::toLower):
        (WTF::Unicode::toUpper):
        (WTF::Unicode::toTitleCase):
        (WTF::Unicode::isArabicChar):
        (WTF::Unicode::isFormatChar):
        (WTF::Unicode::isSeparatorSpace):
        (WTF::Unicode::isPrintableChar):
        (WTF::Unicode::isDigit):
        (WTF::Unicode::isPunct):
        (WTF::Unicode::mirroredChar):
        (WTF::Unicode::category):
        (WTF::Unicode::isLower):
        (WTF::Unicode::digitValue):
        (WTF::Unicode::combiningClass):
        (WTF::Unicode::decompositionType):
        * wtf/unicode/glib/UnicodeMacrosFromICU.h: Added.

2009-05-21  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed build fix.

        Add MacroAssemblerCodeRef.h to file list.

        * GNUmakefile.am:

2009-05-21  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Darin Adler.
        Addition of MacroAssemblerCodeRef.h rubber stamped by Geoff Garen.

        Refactor JIT code-handle objects.  The representation of generated code is currently
        a bit of a mess.  We have a class JITCode which wraps the pointer to a block of
        generated code, but this object does not reference the executable pool meaning that
        external events (the pool being derefed) could make the pointer become invalid.
        To overcome this both the JIT and Yarr implement further (and similar) objects to
        wrap the code pointer with a RefPtr to the pool.  To add to the mire, as well as the
        CodeBlock containing a handle onto the code the FunctionBodyNode also contains a
        copy of the code pointer which is used almost (but not entirely) uniquely to access
        the JIT code for a function.

        Rationalization of all this:

            * Add a new type 'MacroAssembler::CodeRef' as a handle for a block of JIT generated code.
            * Change the JIT & Yarr to internally handle code using CodeRefs.
            * Move the CodeRef (formerly anow defunct JITCodeRef) from CodeBlock to its owner node.
            * Remove the (now) redundant code pointer from FunctionBodyNode.

        While tidying this up I've made the PatchBuffer return code in new allocations using a CodeRef,
        and have enforced an interface that the PatchBuffer will always be used, and 'finalizeCode()' or
        'finalizeCodeAddendum()' will always be called exactly once on the PatchBuffer to complete code generation.

        This gives us a potentially useful hook ('PatchBuffer::performFinalization()') at the end of generation,
        which may have a number of uses.  It may be helpful should we wish to switch our generation
        model to allow RW/RX exclusive memory, and it may be useful on non-cache-coherent platforms to
        give us an oportunity to cache flush as necessary.

        No performance impact.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToTrampoline):
        (JSC::AbstractMacroAssembler::CodeRef::CodeRef):
        (JSC::AbstractMacroAssembler::CodeRef::trampolineAt):
        (JSC::AbstractMacroAssembler::PatchBuffer::PatchBuffer):
        (JSC::AbstractMacroAssembler::PatchBuffer::~PatchBuffer):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::AbstractMacroAssembler::PatchBuffer::linkTailRecursive):
        (JSC::AbstractMacroAssembler::PatchBuffer::patch):
        (JSC::AbstractMacroAssembler::PatchBuffer::complete):
        (JSC::AbstractMacroAssembler::PatchBuffer::finalize):
        (JSC::AbstractMacroAssembler::PatchBuffer::entry):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::setJITCode):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::executablePool):
        * interpreter/CallFrameClosure.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::linkCall):
        * jit/JIT.h:
        * jit/JITCode.h:
        (JSC::JITCode::JITCode):
        (JSC::JITCode::operator bool):
        (JSC::JITCode::addressForCall):
        (JSC::JITCode::offsetOf):
        (JSC::JITCode::execute):
        (JSC::JITCode::size):
        (JSC::JITCode::executablePool):
        (JSC::JITCode::HostFunction):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_vm_dontLazyLinkCall):
        (JSC::JITStubs::cti_vm_lazyLinkCall):
        * parser/Nodes.cpp:
        (JSC::ProgramNode::generateJITCode):
        (JSC::EvalNode::generateJITCode):
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::generateJITCode):
        * parser/Nodes.h:
        (JSC::ScopeNode::generatedJITCode):
        (JSC::ScopeNode::getExecutablePool):
        (JSC::ScopeNode::setJITCode):
        (JSC::ProgramNode::jitCode):
        (JSC::EvalNode::jitCode):
        (JSC::FunctionBodyNode::jitCode):
        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::compile):
        (JSC::Yarr::jitCompileRegex):
        (JSC::Yarr::executeRegex):
        * yarr/RegexJIT.h:
        (JSC::Yarr::RegexCodeBlock::RegexCodeBlock):
        (JSC::Yarr::RegexCodeBlock::pcreFallback):
        (JSC::Yarr::RegexCodeBlock::setFallback):
        (JSC::Yarr::RegexCodeBlock::operator bool):
        (JSC::Yarr::RegexCodeBlock::set):
        (JSC::Yarr::RegexCodeBlock::execute):

2009-05-21  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        <rdar://problem/6910264> REGRESSION: Cached DOM global object property access fails in browser (25921)
        <https://bugs.webkit.org/show_bug.cgi?id=25921>

        When caching properties on the global object we need to ensure that we're
        not attempting to cache through a shell object.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_resolve_global):

2009-05-21  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:

2009-05-21  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Mark Rowe.

        Bug 25945: Add support for MADV_FREE to TCMalloc
        <https://bugs.webkit.org/show_bug.cgi?id=25945>
        <rdar://problem/6910754>

        Add support for MADV_FREE to TCMalloc_SystemRelease for platforms that
        don't also support MADV_FREE_REUSE. The code is identical to the MADV_DONTNEED
        case except for the advice passed to madvise(), so combining the two cases
        makes the most sense.

        * wtf/Platform.h: Only define HAVE_MADV_FREE when not building on Tiger or
        Leopard, because while it is defined on these platforms it actually does
        nothing.
        * wtf/TCSystemAlloc.cpp:
        (TCMalloc_SystemRelease): use MADV_FREE if it is available; otherwise use
        MADV_DONTNEED.

2009-05-21  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix <https://bugs.webkit.org/show_bug.cgi?id=25917> / <rdar://problem/6910066>.
        Bug 25917: REGRESSION (r43559?): Javascript debugger crashes when pausing page

        The debugger currently retrieves the arguments object from an activation rather than pulling
        it from a call frame.  This is unreliable to due to the recent optimization to lazily create
        the arguments object.  In the long-term it should stop doing that (<rdar://problem/6911886>),
        but for now we force eager creation of the arguments object when debugging.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):

2009-05-21  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 25912: Harden NumberPrototype.cpp by removing use of strcpy()
        <https://bugs.webkit.org/show_bug.cgi?id=25912>

        This causes no change on SunSpider.

        * runtime/NumberPrototype.cpp:
        (JSC::integerPartNoExp): replace strcpy() with memcpy(), ASSERT that the
        temporary buffer has sufficient space to store the result, and move the
        explicit null-termination closer to the memcpy() for easier visual inspection
        of the code.
        (JSC::fractionalPartToString): replace strcpy() with memcpy(), and ASSERT
        that the temporary buffer has sufficient space to store the result. There
        is no explicit null-termination because this is done by the caller. The
        same is already true for exponentialPartToString().
        (JSC::numberProtoFuncToExponential): replace strcpy() with memcpy(), explicitly
        null-terminate the result, and ASSERT that the temporary buffer has sufficient
        space to store the result.

2009-05-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Cleanup the JSGlobalData when exiting early with the usage statement in jsc.

        * jsc.cpp:
        (printUsageStatement):
        (parseArguments):
        (jscmain):

2009-05-20  Stephanie Lewis  <slewis (a] apple.com>

        Update the order files.  <rdar://problem/6881750> Generate new order files.

        * JavaScriptCore.order:

2009-05-19  Kenneth Rohde Christiansen  <kenneth.christiansen (a] openbossa.org>

        Reviewed by Simon Hausmann.

        Replace WREC with YARR + YARR_JIT for the Qt port. This is only
        used when compiled with JIT support for now, so it is a drop-in
        replacement for the WREC usage. Still including the wrec headers
        as they are being referred from RegExp.h, though the contents of
        that header it protected by "#if ENABLE(WREC)".

        * JavaScriptCore.pri:

2009-05-20  Xan Lopez  <xlopez (a] igalia.com>

        Reviewed by Eric Seidel.

        Fix GTK debug build.

        The function dumpDisjunction, compiled with debug enabled, uses
        printf, which needs stdio.h to be included.

        * yarr/RegexInterpreter.cpp:

2009-05-20  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by George Staikos.

        BUG 25843: [Qt] Remove qt-port build flag
        <https://bugs.webkit.org/show_bug.cgi?id=25843>

        * JavaScriptCore.pro:


2009-05-19  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::releaseExcessCapacity): Copy-paste typo.

2009-05-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed <rdar://problem/6885680> CrashTracer: [USER] 1 crash in Install
        Mac OS X at <unknown binary>  0x9274241c
        
        (Original patch by Joe Sokol and Ronnie Misra.)
        
        SunSpider says 1.004x faster.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::releaseExcessCapacity): Instead of doing complicated
        math that sometimes used to overflow, just release the full range of the
        register file.

        * interpreter/RegisterFile.h:
        (JSC::isPageAligned):
        (JSC::RegisterFile::RegisterFile): Added ASSERTs to verify that it's
        safe to release the full range of the register file.

        (JSC::RegisterFile::shrink): No need to releaseExcessCapacity() if the
        new end is not smaller than the old end. (Also, doing so used to cause
        numeric overflow, unmapping basically the whole process from memory.)

2009-05-19  Oliver Hunt  <oliver (a] apple.com>

        RS=Mark Rowe.

        <rdar://problem/6888393> REGRESSION: Start Debugging JavaScript crashes browser (nightly builds only?)
        <https://bugs.webkit.org/show_bug.cgi?id=25717>

        Remove JSC_FAST_CALL as it wasn't gaining us anything, and was
        resulting in weird bugs in the nightly builds.

        * parser/Nodes.cpp:
        * parser/Nodes.h:
        (JSC::ExpressionNode::isNumber):
        (JSC::ExpressionNode::isString):
        (JSC::ExpressionNode::isNull):
        (JSC::ExpressionNode::isPure):
        (JSC::ExpressionNode::isLocation):
        (JSC::ExpressionNode::isResolveNode):
        (JSC::ExpressionNode::isBracketAccessorNode):
        (JSC::ExpressionNode::isDotAccessorNode):
        (JSC::ExpressionNode::isFuncExprNode):
        (JSC::ExpressionNode::isSimpleArray):
        (JSC::ExpressionNode::isAdd):
        (JSC::ExpressionNode::resultDescriptor):
        (JSC::StatementNode::firstLine):
        (JSC::StatementNode::lastLine):
        (JSC::StatementNode::isEmptyStatement):
        (JSC::StatementNode::isReturnNode):
        (JSC::StatementNode::isExprStatement):
        (JSC::StatementNode::isBlock):
        (JSC::NullNode::isNull):
        (JSC::BooleanNode::isPure):
        (JSC::NumberNode::value):
        (JSC::NumberNode::setValue):
        (JSC::NumberNode::isNumber):
        (JSC::NumberNode::isPure):
        (JSC::StringNode::isPure):
        (JSC::StringNode::isString):
        (JSC::ResolveNode::identifier):
        (JSC::ResolveNode::isLocation):
        (JSC::ResolveNode::isResolveNode):
        (JSC::BracketAccessorNode::isLocation):
        (JSC::BracketAccessorNode::isBracketAccessorNode):
        (JSC::DotAccessorNode::base):
        (JSC::DotAccessorNode::identifier):
        (JSC::DotAccessorNode::isLocation):
        (JSC::DotAccessorNode::isDotAccessorNode):
        (JSC::TypeOfResolveNode::identifier):
        (JSC::AddNode::isAdd):
        (JSC::BlockNode::isBlock):
        (JSC::EmptyStatementNode::isEmptyStatement):
        (JSC::ExprStatementNode::isExprStatement):
        (JSC::ReturnNode::isReturnNode):
        (JSC::ScopeNode::sourceURL):
        (JSC::ProgramNode::bytecode):
        (JSC::EvalNode::bytecode):
        (JSC::FunctionBodyNode::parameters):
        (JSC::FunctionBodyNode::toSourceString):
        (JSC::FunctionBodyNode::bytecode):
        (JSC::FuncExprNode::isFuncExprNode):

2009-05-19  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Gavin Barraclough.
        
        - speed up string comparison, especially for short strings
        
        ~1% on SunSpider

        * JavaScriptCore.exp:
        * runtime/UString.cpp:
        * runtime/UString.h:
        (JSC::operator==): Inline UString's operator==, since it is called from
        hot places in the runtime. Also, specialize 2-char strings in a similar way to
        1-char, since we're taking the hit of a switch anyway.

2009-05-18  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Gavin Barraclough.
        
        - for polymorphic prototype lookups, increase the number of slots from 4 to 8
        
        ~4% faster on v8 raytrace benchmark

        * bytecode/Instruction.h:

2009-05-18  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - tighten up the code for the load_varargs stub
        
        ~1-2% on v8-raytrace
        
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_load_varargs): Hoist some loop invariants that
        the compiler didn't feel like hoisting for us. Remove unneeded exception check.

2009-05-18  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Geoff Garen.

        - Improve code generation for access to prototype properties
        
        ~0.4% speedup on SunSpider.
        
        Based on a suggestion from Geoff Garen.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-05-18  Gustavo Noronha Silva  <gustavo.noronha (a] collabora.co.uk>

        Reviewed by Gavin Barraclough.

        Enable YARR, and disable WREC for GTK+.

        * GNUmakefile.am:
        * yarr/RegexParser.h:

2009-05-18  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

         Reviewed by Xan Lopez.

         [Gtk] Various autotools build refactoring and fixes
         https://bugs.webkit.org/show_bug.cgi?id=25286

         Add -no-install and -no-fast-install to programs and tests that we
         don't install. Also remove -O2 since this is already handled at
         configure time.

         * GNUmakefile.am:

2009-05-17  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Reviewed by Xan Lopez.

        [Gtk] Various autotools build refactoring and fixes
        https://bugs.webkit.org/show_bug.cgi?id=25286

        Add JavaScriptCore/ to JSC include path only since it's not
        required when building WebCore.

        * GNUmakefile.am:

2009-05-17  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix

        * JavaScriptCore.vcproj/JavaScriptCore.make:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2009-05-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Looking like MSVC doesn't like static variables in inline methods?
        Make the state of the SSE2 check a static variable on the class
        MacroAssemblerX86Common as a speculative build fix for Windows.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::convertInt32ToDouble):
        (JSC::MacroAssemblerX86Common::branchDouble):
        (JSC::MacroAssemblerX86Common::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerX86Common::isSSE2Present):
        (JSC::MacroAssemblerX86Common::):
        * jit/JIT.cpp:

2009-05-15  Adam Roben  <aroben (a] apple.com>

        Add some assembler headers to JavaScriptCore.vcproj

        This is just a convenience for Windows developers.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2009-05-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Add FP support to the MacroAssembler, port JITArithmetic over to make use of this. Also add
        API to determine whether FP support is available 'MacroAssembler::supportsFloatingPoint()',
        FP is presently only supported on SSE2 platforms, not x87.  On platforms where a suitable
        hardware FPU is not available 'supportsFloatingPoint()' may simply return false, and all
        other methods ASSERT_NOT_REACHED().

        * assembler/AbstractMacroAssembler.h:
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::MacroAssemblerX86):
        (JSC::MacroAssemblerX86::branch32):
        (JSC::MacroAssemblerX86::branchPtrWithPatch):
        (JSC::MacroAssemblerX86::supportsFloatingPoint):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::):
        (JSC::MacroAssemblerX86Common::loadDouble):
        (JSC::MacroAssemblerX86Common::storeDouble):
        (JSC::MacroAssemblerX86Common::addDouble):
        (JSC::MacroAssemblerX86Common::subDouble):
        (JSC::MacroAssemblerX86Common::mulDouble):
        (JSC::MacroAssemblerX86Common::convertInt32ToDouble):
        (JSC::MacroAssemblerX86Common::branchDouble):
        (JSC::MacroAssemblerX86Common::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerX86Common::branch32):
        (JSC::MacroAssemblerX86Common::branch16):
        (JSC::MacroAssemblerX86Common::branchTest32):
        (JSC::MacroAssemblerX86Common::branchAdd32):
        (JSC::MacroAssemblerX86Common::branchMul32):
        (JSC::MacroAssemblerX86Common::branchSub32):
        (JSC::MacroAssemblerX86Common::set32):
        (JSC::MacroAssemblerX86Common::setTest32):
        (JSC::MacroAssemblerX86Common::x86Condition):
        (JSC::MacroAssemblerX86Common::isSSE2Present):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::movePtrToDouble):
        (JSC::MacroAssemblerX86_64::moveDoubleToPtr):
        (JSC::MacroAssemblerX86_64::setPtr):
        (JSC::MacroAssemblerX86_64::branchPtr):
        (JSC::MacroAssemblerX86_64::branchTestPtr):
        (JSC::MacroAssemblerX86_64::branchAddPtr):
        (JSC::MacroAssemblerX86_64::branchSubPtr):
        (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
        * assembler/X86Assembler.h:
        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):

2009-05-15  Francisco Tolmasky  <francisco (a] 280north.com>

        BUG 25467: JavaScript debugger should use function.displayName as the function's name in the call stack
        <https://bugs.webkit.org/show_bug.cgi?id=25467>
        
        Reviewed by Adam Roben.

        * JavaScriptCore.exp: Added calculatedFunctionName
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Added calculatedFunctionName
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Added calculatedFunctionName
        * debugger/DebuggerCallFrame.cpp: Added calculatedFunctionName to match existing one in ProfileNode.
        (JSC::DebuggerCallFrame::calculatedFunctionName):
        * debugger/DebuggerCallFrame.h: Added calculatedFunctionName to match existing one in ProfileNode.

2009-05-14  Gavin Barraclough  <barraclough (a] apple.com>

        Build fix, not reviewed.

        Quick fixes for JIT builds with OPTIMIZE flags disabled.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compilePutByIdHotPath):

2009-05-14  Steve Falkenburg  <sfalken (a] apple.com>

        Back out incorrect Windows build fix

        * JavaScriptCore.vcproj/JavaScriptCore.make:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2009-05-14  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix

        * JavaScriptCore.vcproj/JavaScriptCore.make:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2009-05-14  Adam Roben  <aroben (a] apple.com>

        Windows jsc build fix

        r43648 modified jsc.vcproj's post-build event not to try to copy files
        that aren't present. Then r43661 mistakenly un-did that modification.
        This patch restores the modification from r43648, but puts the code in
        jscCommon.vsprops (where it should have been added in r43648).

        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Restored empty
        VCPostBuildEventTool tags.
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Modified the post-build
        event command line to match the one in jsc.vcproj from r43648.

2009-05-14  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=25325

        Make sure pthread_self() is declared before it gets called in Collector.cpp

        * runtime/Collector.cpp: Include pthread.h in most Unix-like platforms
        (not just for OPENBSD)

2009-05-14  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix <https://bugs.webkit.org/show_bug.cgi?id=25785>.
        Bug 25785: Segfault in mark when using JSObjectMakeConstructor

        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor): OpaqueJSClass::prototype can return 0.  We need to use the default object prototype when it does.
        * API/tests/testapi.c:
        (main): Add a test case.
        * runtime/JSObject.h:
        (JSC::JSObject::putDirect): Add a clearer assertion for a null value.  The assertion on the next line does catch this,
        but the cause of the failure is not clear from the assertion itself.

2009-05-14  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Darin Adler.

        <rdar://problem/6681868> When building with Xcode 3.1.3 should be using gcc 4.2

        The meaning of XCODE_VERSION_ACTUAL is more sensible in newer versions of Xcode.
        Update our logic to select the compiler version to use the more appropriate XCODE_VERSION_MINOR
        if the version of Xcode supports it, and fall back to XCODE_VERSION_ACTUAL if not.

        * Configurations/Base.xcconfig:

2009-05-14  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Checking register file bounds should be a ptr comparison (m_end is a Register*).
        Also, the compare should be unsigned, pointers don'ts go negative.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):

2009-05-13  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix <rdar://problem/6882919> REGRESSION: page at Metroauto site crashes in cti_op_loop_if_less (25730)

        op_loop_if_less (imm < op) was loading op into regT1, but in the slow path spills regT0.
        This leads to bad happen.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emitSlow_op_loop_if_less):

2009-05-13  Dmitry Titov  <dimich (a] chromium.org>

        Rubber-stamped by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=25746
        Revert http://trac.webkit.org/changeset/43507 which caused crash in PPC nightlies with Safari 4.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingThread::start):
        (JSC::SamplingThread::stop):
        * bytecode/SamplingTool.h:
        * wtf/CrossThreadRefCounted.h:
        (WTF::CrossThreadRefCounted::CrossThreadRefCounted):
        (WTF::::ref):
        (WTF::::deref):
        * wtf/Threading.h:
        * wtf/ThreadingNone.cpp:
        * wtf/ThreadingPthreads.cpp:
        (WTF::threadMapMutex):
        (WTF::initializeThreading):
        (WTF::threadMap):
        (WTF::identifierByPthreadHandle):
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::pthreadHandleForIdentifier):
        (WTF::clearPthreadHandleForIdentifier):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):
        (WTF::currentThread):
        * wtf/ThreadingWin.cpp:
        (WTF::threadMapMutex):
        (WTF::initializeThreading):
        (WTF::threadMap):
        (WTF::storeThreadHandleByIdentifier):
        (WTF::threadHandleForIdentifier):
        (WTF::clearThreadHandleForIdentifier):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):
        (WTF::currentThread):
        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::threadMapMutex):
        (WTF::initializeThreading):
        (WTF::threadMap):
        (WTF::identifierByGthreadHandle):
        (WTF::establishIdentifierForThread):
        (WTF::threadForIdentifier):
        (WTF::clearThreadForIdentifier):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):
        * wtf/qt/ThreadingQt.cpp:
        (WTF::threadMapMutex):
        (WTF::threadMap):
        (WTF::identifierByQthreadHandle):
        (WTF::establishIdentifierForThread):
        (WTF::clearThreadForIdentifier):
        (WTF::threadForIdentifier):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):

2009-05-13  Darin Adler  <darin (a] apple.com>

        Revert the parser arena change. It was a slowdown, not a speedup.
        Better luck next time (I'll break it up into pieces).

2009-05-13  Darin Adler  <darin (a] apple.com>

        Tiger build fix.

        * parser/Grammar.y: Add back empty code blocks, needed by older
        versions of bison on certain rules.

2009-05-13  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2009-05-13  Adam Roben  <aroben (a] apple.com>

        Windows build fixes after r43642

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Updated.

        * debugger/Debugger.cpp:
        * runtime/ArrayConstructor.cpp:
        * runtime/JSArray.cpp:
        * runtime/RegExp.cpp:
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpPrototype.cpp:
        * runtime/StringPrototype.cpp:
        Added missing #includes.

2009-05-13  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 25674: syntax tree nodes should use arena allocation
        https://bugs.webkit.org/show_bug.cgi?id=25674

        Step 3: Add some actual arena allocation. About 1% SunSpider speedup.

        * JavaScriptCore.exp: Updated.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): Updated since VarStack
        contains const Identifier* now.
        (JSC::BytecodeGenerator::emitPushNewScope): Updated to take a const
        Identifier&.
        * bytecompiler/BytecodeGenerator.h: Ditto

        * bytecompiler/SegmentedVector.h: Added isEmpty.

        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions): Moved this function here from
        WebCore so WebCore doesn't need the details of FunctionBodyNode.
        * debugger/Debugger.h: Ditto.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute): Updated since VarStack contains const
        Identifier* now.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_vm_lazyLinkCall): Call isHostFunction on the body
        rather than on the function object, since we can't easily have inlined
        access to the FunctionBodyNode in JSFunction.h since WebCore needs
        access to that header.
        (JSC::JITStubs::cti_op_construct_JSConstruct): Ditto.
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier): Ditto.

        * parser/Grammar.y: Use JSGlobalData* to pass the global data pointer
        around whenever possible instead of using void*. Changed
        SET_EXCEPTION_LOCATION from a macro to an inline function. Marked
        the structure-creating functions inline. Changed the VarStack to use
        identifier pointers instead of actual identifiers. This takes
        advantage of the fact that all identifier pointers come from the
        arena and avoids reference count churn. Changed Identifier* to
        const Identifier* to make sure we don't modify any by accident.
        Used identifiers for regular expression strings too, using the new
        scanRegExp that has out parameters instead of the old one that relied
        on side effects in the Lexer. Move the creation of numeric identifiers
        out of this file and into the PropertyNode constructor.

        * parser/Lexer.cpp:
        (JSC::Lexer::setCode): Pass in ParserArena, used for identifiers.
        (JSC::Lexer::makeIdentifier): Changed return type to const Identifier*
        and changed to call ParserArena.
        (JSC::Lexer::scanRegExp): Added out arguments that are const Identifier*
        as well as a prefix character argument so we can handle the /= case
        without a string append.
        (JSC::Lexer::skipRegExp): Added. Skips a regular expression without
        allocating Identifier objects.
        (JSC::Lexer::clear): Removed the code to manage m_identifiers, m_pattern,
        and m_flags, and added code to set m_arena to 0.
        * parser/Lexer.h: Updated for changes above.

        * parser/NodeConstructors.h:
        (JSC::ParserArenaFreeable::operator new): Added. Calls allocateFreeable
        on the arena.
        (JSC::ParserArenaDeletable::operator new): Changed to call the
        allocateDeletable function on the arena instead of deleteWithArena.
        (JSC::RegExpNode::RegExpNode): Changed arguments to Identifier instead
        of UString since these come from the parser which makes identifiers.
        (JSC::PropertyNode::PropertyNode): Added new constructor that makes
        numeric identifiers. Some day we might want to optimize this for
        integers so it doesn't create a string for each one.
        (JSC::ContinueNode::ContinueNode): Initialize m_ident to nullIdentifier
        since it's now a const Identifier& so it can't be left uninitialized.
        (JSC::BreakNode::BreakNode): Ditto.
        (JSC::CaseClauseNode::CaseClauseNode): Updated to use SourceElements*
        to keep track of the statements rather than a separate statement vector.
        (JSC::BlockNode::BlockNode): Ditto.
        (JSC::ForInNode::ForInNode): Initialize m_ident to nullIdentifier.

        * parser/Nodes.cpp: Moved the comment explaining emitBytecode in here.
        It seemed strangely out of place in the header.
        (JSC::ThrowableExpressionData::emitThrowError): Added an overload for
        UString as well as Identifier.
        (JSC::SourceElements::singleStatement): Added.
        (JSC::SourceElements::lastStatement): Added.
        (JSC::RegExpNode::emitBytecode): Updated since the pattern and flags
        are now Identifier instead of UString. Also changed the throwError code
        to use the substitution mechanism instead of doing a string append.
        (JSC::SourceElements::emitBytecode): Added. Replaces the old
        statementListEmitCode function, since we now keep the SourceElements
        objects around.
        (JSC::BlockNode::lastStatement): Added.
        (JSC::BlockNode::emitBytecode): Changed to use emitBytecode instead of
        statementListEmitCode.
        (JSC::CaseClauseNode::emitBytecode): Added.
        (JSC::CaseBlockNode::emitBytecodeForBlock): Changed to use emitBytecode
        instead of statementListEmitCode.
        (JSC::ScopeNodeData::ScopeNodeData): Changed to store the
        SourceElements* instead of using releaseContentsIntoVector.
        (JSC::ScopeNode::emitStatementsBytecode): Added.
        (JSC::ScopeNode::singleStatement): Added.
        (JSC::ProgramNode::emitBytecode): Call emitStatementsBytecode instead
        of statementListEmitCode.
        (JSC::EvalNode::emitBytecode): Ditto.
        (JSC::EvalNode::generateBytecode): Removed code to clear the children
        vector. This optimization is no longer possible since everything is in
        a single arena.
        (JSC::FunctionBodyNode::emitBytecode): Call emitStatementsBytecode
        insetad of statementListEmitCode and check for the return node using
        the new functions.

        * parser/Nodes.h: Changed VarStack to store const Identifier* instead
        of Identifier and rely on the arena to control lifetime. Added a new
        ParserArenaFreeable class. Made ParserArenaDeletable inherit from
        FastAllocBase instead of having its own operator new. Base the Node
        class on ParserArenaFreeable. Changed the various Node classes
        to use const Identifier& instead of Identifier to avoid the need to
        call their destructors and allow them to function as "freeable" in the
        arena. Removed extraneous JSC_FAST_CALL on definitions of inline functions.
        Changed ElementNode, PropertyNode, ArgumentsNode, ParameterNode,
        CaseClauseNode, ClauseListNode, and CaseBlockNode to use ParserArenaFreeable
        as a base class since they do not descend from Node. Eliminated the
        StatementVector type and instead have various classes use SourceElements*
        instead of StatementVector. This prevents those classes from having th
        use ParserArenaDeletable to make sure the vector destructor is called.

        * parser/Parser.cpp:
        (JSC::Parser::parse): Pass the arena to the lexer.

        * parser/Parser.h: Added an include of ParserArena.h, which is no longer
        included by Nodes.h.

        * parser/ParserArena.cpp:
        (JSC::ParserArena::ParserArena): Added. Initializes the new members,
        m_freeableMemory, m_freeablePoolEnd, and m_identifiers.
        (JSC::ParserArena::freeablePool): Added. Computes the pool pointer,
        since we store only the current pointer and the end of pool pointer.
        (JSC::ParserArena::deallocateObjects): Added. Contains the common
        memory-deallocation logic used by both the destructor and the
        reset function.
        (JSC::ParserArena::~ParserArena): Changed to call deallocateObjects.
        (JSC::ParserArena::reset): Ditto. Also added code to zero out the
        new structures, and switched to use clear() instead of shrink(0) since
        we don't really reuse arenas.
        (JSC::ParserArena::makeNumericIdentifier): Added.
        (JSC::ParserArena::allocateFreeablePool): Added. Used when the pool
        is empty.
        (JSC::ParserArena::isEmpty): Added. No longer inline, which is fine
        since this is used only for assertions at the moment.

        * parser/ParserArena.h: Added an actual arena of "freeable" objects,
        ones that don't need destructors to be called. Also added the segmented
        vector of identifiers that used to be in the Lexer.

        * runtime/FunctionConstructor.cpp:
        (JSC::extractFunctionBody): Use singleStatement function rather than
        getting at a StatementVector.

        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString): Call isHostFunction on the body
        rather than the function object.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction): Moved the structure version of this in
        here from the header. It's not hot enough that it needs to be inlined.
        (JSC::JSFunction::isHostFunction): Moved this in here from the header.
        It's now a helper to be used only within the class.
        (JSC::JSFunction::setBody): Moved this in here. It's not hot enough that
        it needs to be inlined, and we want to be able to compile the header
        without the definition of FunctionBodyNode.

        * runtime/JSFunction.h: Eliminated the include of "Nodes.h". This was
        exposing too much JavaScriptCore dependency to WebCore. Because of this
        change and some changes made to WebCore, we could now export a lot fewer
        headers from JavaScriptCore, but I have not done that yet in this check-in.
        Made a couple functions non-inline. Removes some isHostFunction() assertions.
        
        * wtf/FastAllocBase.h: Added the conventional using statements we use in
        WTF so we can use identifiers from the WTF namespace without explicit
        namespace qualification or namespace directive. This is the usual WTF style,
        although it's unconventional in the C++ world. We use the namespace primarily
        for link-time disambiguation, not compile-time.

        * wtf/FastMalloc.cpp: Fixed an incorrect comment.

2009-05-13  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed build fix: add JITStubCall.h to files list.

        * GNUmakefile.am:

2009-05-13  Ariya Hidayat  <ariya.hidayat (a] nokia.com>

        Unreviewed build fix, as suggested by Yael Aharon <yael.aharon (a] nokia.com>.

        * wtf/qt/ThreadingQt.cpp:
        (WTF::waitForThreadCompletion): renamed IsValid to isValid.

2009-05-13  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Revert r43562 - [Gtk] WTF_USE_JSC is already defined in
        WebCore/config.h.

        * wtf/Platform.h:

2009-05-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Add SamplingCounter tool to provide a simple mechanism for counting events in JSC
        (enabled using ENABLE(SAMPLING_COUNTERS)).  To count events within a single function
        use the class 'SamplingCounter', where the counter may be incremented from multiple
        functions 'GlobalSamplingCounter' may be convenient; all other counters (stack or
        heap allocated, rather than statically declared) should use the DeletableSamplingCounter.
        Further description of these classes is provided alongside their definition in 
        SamplingTool.h.

        Counters may be incremented from c++ by calling the 'count()' method on the counter,
        or may be incremented by JIT code by using the 'emitCount()' method within the JIT.

        This patch also fixes CODEBLOCK_SAMPLING, which was missing a null pointer check.

        * JavaScriptCore.exp:
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::addWithCarry32):
        (JSC::MacroAssemblerX86::and32):
        (JSC::MacroAssemblerX86::or32):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::and32):
        (JSC::MacroAssemblerX86Common::or32):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::and32):
        (JSC::MacroAssemblerX86_64::or32):
        (JSC::MacroAssemblerX86_64::addPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::adcl_im):
        (JSC::X86Assembler::addq_im):
        (JSC::X86Assembler::andl_im):
        (JSC::X86Assembler::orl_im):
        * bytecode/SamplingTool.cpp:
        (JSC::AbstractSamplingCounter::dump):
        * bytecode/SamplingTool.h:
        (JSC::AbstractSamplingCounter::count):
        (JSC::GlobalSamplingCounter::name):
        (JSC::SamplingCounter::SamplingCounter):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::):
        * jit/JITInlineMethods.h:
        (JSC::JIT::setSamplingFlag):
        (JSC::JIT::clearSamplingFlag):
        (JSC::JIT::emitCount):
        * jsc.cpp:
        (runWithScripts):
        * parser/Nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        * wtf/Platform.h:

2009-05-13  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore.make:

2009-05-12  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore.make:

2009-05-12  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6881457> Crash occurs at JSC::Interpreter::execute() when loading http://www.sears.com

        We created the arguments objects before an op_push_scope but not
        before op_push_new_scope, this meant a null arguments object could
        be resolved inside catch blocks.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitPushNewScope):

2009-05-12  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6879881> Crash occurs at JSC::JSActivation::mark() when loading http://www.monster.com; http://www.cnet.com
        <https://bugs.webkit.org/show_bug.cgi?id=25736> Crash loading www.google.dk/ig (and other igoogle's as well)

        Following on from the lazy arguments creation patch, it's now
        possible for an activation to to have a null register in the callframe
        so we can't just blindly mark the local registers in an activation,
        and must null check first instead.

        * API/tests/testapi.c:
        (functionGC):
        * API/tests/testapi.js:
        (bludgeonArguments.return.g):
        (bludgeonArguments):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::mark):

2009-05-12  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Geoff Garen.

        WTF_USE_CTI_REPATCH_PIC is no longer used, remove.

        * jit/JIT.h:
        * jit/JITStubCall.h:

2009-05-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.

        We've run into some problems where changing the size of the class JIT leads to
        performance fluctuations.  Try forcing alignment in an attempt to stabalize this.

        * jit/JIT.h:

2009-05-12  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fix. Add ParserArena.cpp to the build.

        * JavaScriptCoreSources.bkl:

2009-05-12  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Unsigned underflow on 64bit cannot be treated as a negative number

        This code included some placeswhere we deliberately create negative offsets
        from unsigned values, on 32bit this is "safe", but in 64bit builds much
        badness occurs. Solution is to use signed types as nature intended.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_load_varargs):

2009-05-12  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Reviewed by Holger Freyther.

        [Gtk] Various autotools build refactoring and fixes
        https://bugs.webkit.org/show_bug.cgi?id=25286

        Define WTF_USE_JSC for the Gtk port.

        * wtf/Platform.h:

2009-05-12  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - allow all of strictEqual to be inlined into cti_op_stricteq once again
        
        We had this optimization once but accidentally lost it at some point.

        * runtime/Operations.h:
        (JSC::JSValue::strictEqualSlowCaseInline):
        (JSC::JSValue::strictEqual):

2009-05-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        instanceof should throw if the constructor being tested does not implement
        'HasInstance" (i.e. is a function).  Instead we were returning false.

        * interpreter/Interpreter.cpp:
        (JSC::isInvalidParamForIn):
        (JSC::isInvalidParamForInstanceOf):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_instanceof):
        * tests/mozilla/ecma_2/instanceof/instanceof-003.js:
            Fix broken test case.
        * tests/mozilla/ecma_2/instanceof/regress-7635.js:
            Remove broken test case (was an exact duplicate of a test in instanceof-003.js).

2009-05-12  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Improve function call forwarding performance

        Make creation of the Arguments object occur lazily, so it
        is not necessarily created for every function that references
        it.  Then add logic to Function.apply to allow it to avoid
        allocating the Arguments object at all.  Helps a lot with
        the function forwarding/binding logic in jQuery, Prototype,
        and numerous other JS libraries.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::registerFor):
        (JSC::BytecodeGenerator::willResolveToArguments):
        (JSC::BytecodeGenerator::uncheckedRegisterForArguments):
        (JSC::BytecodeGenerator::createArgumentsIfNecessary):
        (JSC::BytecodeGenerator::emitCallEval):
        (JSC::BytecodeGenerator::emitPushScope):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_create_arguments):
        (JSC::JIT::emit_op_init_arguments):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_tear_off_arguments):
        (JSC::JITStubs::cti_op_load_varargs):
        * parser/Nodes.cpp:
        (JSC::ApplyFunctionCallDotNode::emitBytecode):

2009-05-11  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Enable use of SamplingFlags directly from JIT code.

        * bytecode/SamplingTool.h:
        * jit/JIT.h:
        (JSC::JIT::sampleCodeBlock):
        (JSC::JIT::sampleInstruction):
        * jit/JITInlineMethods.h:
        (JSC::JIT::setSamplingFlag):
        (JSC::JIT::clearSamplingFlag):

2009-05-11  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Implement JIT generation for instanceof for non-objects (always returns false).
        Also fixes the sequencing of the prototype and value isObject checks, to no match the spec.

        0.5% progression on v8 tests overall, due to 3.5% on early-boyer.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * runtime/JSObject.cpp:
        (JSC::JSObject::hasInstance):
        * runtime/TypeInfo.h:
        (JSC::TypeInfo::TypeInfo):

2009-05-11  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        A little more JIT refactoring.
        
        Rearranged code to more clearly indicate what's conditionally compiled
        and why. Now, all shared code is at the top of our JIT files, and all
        #if'd code is at the bottom. #if'd code is delineated by large comments.
        
        Moved functions that relate to the JIT but don't explicitly do codegen
        into JIT.cpp. Refactored SSE2 check to store its result as a data member
        in the JIT.

        * jit/JIT.cpp:
        (JSC::isSSE2Present):
        (JSC::JIT::JIT):
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
        * jit/JIT.h:
        (JSC::JIT::isSSE2Present):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):

2009-05-11  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Build fix.

        * JavaScriptCore.pri: Build the new JITOpcodes.cpp

2009-05-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        More re-factoring of JIT code generation.  Use a macro to
        forward the main switch-statement cases to the helper functions.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):

2009-05-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        More re-factoring of JIT code generation to move opcode generation
        to helper functions outside the main switch-statement and gave those
        helper functions standardized names. This patch covers the remaining
        slow cases.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:

2009-05-11  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix.

        * GNUmakefile.am: Added JITOpcodes.cpp and JITStubCall.h to the project.

2009-05-11  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Added
        JITOpcodes.cpp and JITStubCall.h to the project.

2009-05-11  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Some JIT refactoring.
        
        Moved JITStubCall* into its own header.
        
        Modified JITStubCall to ASSERT that its return value is handled correctly.
        Also, replaced function template with explicit instantiations to resolve
        some confusion.
        
        Replaced all uses of emit{Get,Put}CTIArgument with explicit peeks, pokes,
        and calls to killLastResultRegister().

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * jit/JITCall.cpp:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITPropertyAccess.cpp:
        * jit/JITStubCall.h: Copied from jit/JIT.h.
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::addArgument):
        (JSC::JITStubCall::call):
        (JSC::JITStubCall::):

2009-05-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Start re-factoring JIT code generation to move opcode generation
        to helper functions outside the main switch-statement and gave those
        helper functions standardized names.  This patch only covers the main
        pass and all the arithmetic opcodes in the slow path.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * jit/JITOpcodes.cpp: Copied from jit/JIT.cpp.
        * jit/JITPropertyAccess.cpp:

2009-05-11  Steve Falkenburg  <sfalken (a] apple.com>

        Re-add experimental PGO configs.
        
        Reviewed by Adam Roben.

        * JavaScriptCore.vcproj/JavaScriptCore.make:
        * JavaScriptCore.vcproj/JavaScriptCore.sln:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCoreSubmit.sln:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2009-05-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey "1" Garen.

        Rip out the !USE(CTI_REPATCH_PIC) code.  It was untested and unused.

        * jit/JIT.h:
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compileCTIMachineTrampolines):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::tryCachePutByID):
        (JSC::JITStubs::tryCacheGetByID):

2009-05-11  Dmitry Titov  <dimich (a] chromium.org>

        GTK build fix - the deprecated waitForThreadCompletion is not needed on GTK.

        * wtf/ThreadingPthreads.cpp: used #ifdef PLATFORM(DARWIN) around waitForThreadCompletion().

2009-05-11  Adam Roben  <aroben (a] apple.com>

        Build fix for newer versions of GCC

        * wtf/ThreadingPthreads.cpp: Added a declaration of
        waitForThreadCompletion before its definition to silence a warning.

2009-05-11  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Alexey Proskuryakov and Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=25348
        Change WTF::ThreadIdentifier to be an actual (but wrapped) thread id, remove ThreadMap.

        * wtf/Threading.h:
        (WTF::ThreadIdentifier::ThreadIdentifier):
        (WTF::ThreadIdentifier::isValid):
        (WTF::ThreadIdentifier::invalidate):
        (WTF::ThreadIdentifier::platformId):
        ThreadIdentifier is now a class, containing a PlatformThreadIdentifier and
        methods that are used across the code on thread ids: construction, comparisons,
        check for 'valid' state etc. '0' is used as invalid id, which happens to just work
        with all platform-specific thread id implementations.

        All the following files repeatedly reflect the new ThreadIdentifier for each platform.
        We remove ThreadMap and threadMapMutex from all of them, remove the functions that
        populated/searched/cleared the map and add platform-specific comparison operators
        for ThreadIdentifier.

        There are specific temporary workarounds for Safari 4 beta on OSX and Win32 since the
        public build uses WTF threading functions with old type of ThreadingIdentifier.
        The next time Safari 4 is rebuilt, it will 'automatically' pick up the new type and new
        functions so the deprecated ones can be removed.

        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):

        * wtf/ThreadingNone.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):

        * wtf/ThreadingPthreads.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):
        (WTF::currentThread):
        (WTF::waitForThreadCompletion): This is a workaround for Safari 4 beta on Mac.
        Safari 4 is linked against old definition of ThreadIdentifier so it treats it as uint32_t.
        This 'old' variant of waitForThreadCompletion takes uint32_t and has the old decorated name, so Safari can
        load it from JavaScriptCore library. The other functions (CurrentThread() etc) happen to match their previous
        decorated names and, while they return pthread_t now, it is a pointer which round-trips through a uint32_t.
        This function will be removed as soon as Safari 4 will release next public build.

        * wtf/qt/ThreadingQt.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):

        * wtf/ThreadingWin.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal): All the platforms (except Windows) used a sequential
        counter as a thread ID and mapped it into platform ID. Windows was using native thread
        id and mapped it into thread handle. Since we can always obtain a thread handle
        by thread id, createThread now closes the handle.
        (WTF::waitForThreadCompletion): obtains another one using OpenThread(id) API. If can not obtain a handle,
        it means the thread already exited.
        (WTF::detachThread):
        (WTF::currentThread):
        (WTF::detachThreadDeprecated): old function, renamed (for Win Safari 4 beta which uses it for now).
        (WTF::waitForThreadCompletionDeprecated): same.
        (WTF::currentThreadDeprecated): same.
        (WTF::createThreadDeprecated): same.

        * bytecode/SamplingTool.h:
        * bytecode/SamplingTool.cpp: Use DEFINE_STATIC_LOCAL for a static ThreadIdentifier variable, to avoid static constructor.

        * JavaScriptCore.exp: export lists - updated decorated names of the WTF threading functions
        since they now take a different type as a parameter.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: ditto for Windows, plus added "deprecated" functions
        that take old parameter type - turns out public beta of Safari 4 uses those, so they need to be kept along for a while.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: ditto.

2009-05-11  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 25560: REGRESSION (r34821): "string value".__proto__ gets the wrong object.
        https://bugs.webkit.org/show_bug.cgi?id=25560
        rdar://problem/6861069

        I missed this case back a year ago when I sped up handling
        of JavaScript wrappers. Easy to fix.

        * runtime/JSObject.h:
        (JSC::JSValue::get): Return the prototype itself if the property name
        is __proto__.
        * runtime/JSString.cpp:
        (JSC::JSString::getOwnPropertySlot): Ditto.

2009-05-09  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Rename emitGetFromCallFrameHeader to emitGetFromCallFrameHeaderPtr

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetFromCallFrameHeaderPtr):
        (JSC::JIT::emitGetFromCallFrameHeader32):

2009-05-11  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Unreviewed build fix. Build ParserAreana.cpp for Qt

        * JavaScriptCore.pri:

2009-05-11  Norbert Leser  <norbert.leser (a] nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24536

        Symbian compilers cannot resolve WTF::PassRefPtr<JSC::Profile>
        unless Profile.h is included.

        * profiler/ProfileGenerator.h:

2009-05-11  Csaba Osztrogonac  <oszi (a] inf.u-szeged.hu>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=24284

        * JavaScriptCore.pri: coding style modified
        * jsc.pro: duplicated values removed from INCLUDEPATH, DEFINES

2009-05-11  Gustavo Noronha Silva  <gustavo.noronha (a] collabora.co.uk>

        Reviewed by NOBODY (build fix).

        Also add ParserArena, in addition to AllInOne, for release builds,
        since adding it to AllInOne breaks Mac.

        * GNUmakefile.am:

2009-05-11  Gustavo Noronha Silva  <gustavo.noronha (a] collabora.co.uk>

        Unreviewed build fix. Adding ParserArena to the autotools build.

        * GNUmakefile.am:

2009-05-11  Adam Roben  <aroben (a] apple.com>

        More Windows build fixes after r43479

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Export ParserArena::reset.

2009-05-11  Adam Roben  <aroben (a] apple.com>

        Windows build fixes after r43479

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Added
        ParserArena to the project.

        * parser/NodeConstructors.h: Added a missing include.
        (JSC::ParserArenaDeletable::operator new): Marked these as inline.

2009-05-10  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Geoff Garen.
        
        - fixed REGRESSION(r43432): Many JavaScriptCore tests crash in 64-bit
        https://bugs.webkit.org/show_bug.cgi?id=25680

        Accound for the 64-bit instruction prefix when rewriting mov to lea on 64-bit.
        
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):

2009-05-10  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 25674: syntax tree nodes should use arena allocation
        https://bugs.webkit.org/show_bug.cgi?id=25674

        Part two: Remove reference counting from most nodes.

        * JavaScriptCore.exp: Updated.

        * JavaScriptCore.xcodeproj/project.pbxproj: Added ParserArena.h and .cpp.

        * parser/Grammar.y: Replaced uses of ParserRefCountedData with uses of
        ParserArenaData. Took out now-nonfunctional code that tries to manually
        release declaration list. Changed the new calls that create FuncDeclNode
        and FuncExprNode so that they use the proper version of operator new for
        the reference-counted idiom, not the deletion idiom.

        * parser/NodeConstructors.h:
        (JSC::ParserArenaDeletable::operator new): Added.
        (JSC::ParserArenaRefCounted::ParserArenaRefCounted): Added.
        (JSC::Node::Node): Removed ParserRefCounted initializer.
        (JSC::ElementNode::ElementNode): Ditto.
        (JSC::PropertyNode::PropertyNode): Ditto.
        (JSC::ArgumentsNode::ArgumentsNode): Ditto.
        (JSC::SourceElements::SourceElements): Ditto.
        (JSC::ParameterNode::ParameterNode): Ditto.
        (JSC::FuncExprNode::FuncExprNode): Added ParserArenaRefCounted initializer.
        (JSC::FuncDeclNode::FuncDeclNode): Ditto.
        (JSC::CaseClauseNode::CaseClauseNode): Removed ParserRefCounted initializer.
        (JSC::ClauseListNode::ClauseListNode): Ditto.
        (JSC::CaseBlockNode::CaseBlockNode): Ditto.

        * parser/NodeInfo.h: Replaced uses of ParserRefCountedData with uses of
        ParserArenaData.

        * parser/Nodes.cpp:
        (JSC::ScopeNode::ScopeNode): Added ParserArenaRefCounted initializer.
        (JSC::ProgramNode::create): Use the proper version of operator new for
        the reference-counted idiom, not the deletion idiom. Use the arena
        contains function instead of the vecctor find function.
        (JSC::EvalNode::create): Use the proper version of operator new for
        the reference-counted idiom, not the deletion idiom. Use the arena
        reset function instead of the vector shrink function.
        (JSC::FunctionBodyNode::createNativeThunk): Use the proper version
        of operator new for the reference-counted idiom, not the deletion idiom.
        (JSC::FunctionBodyNode::create): More of the same.

        * parser/Nodes.h: Added ParserArenaDeletable and ParserArenaRefCounted
        to replace ParserRefCounted. Fixed inheritance so only the classes that
        need reference counting inherit from ParserArenaRefCounted.

        * parser/Parser.cpp:
        (JSC::Parser::parse): Set m_sourceElements to 0 since it now starts
        uninitialized. Just set it to 0 again in the failure case, since it's
        now just a raw pointer, not an owning one.
        (JSC::Parser::reparseInPlace): Removed now-unneeded get() function.
        (JSC::Parser::didFinishParsing): Replaced uses of ParserRefCountedData
        with uses of ParserArenaData.

        * parser/Parser.h: Less RefPtr, more arena.

        * parser/ParserArena.cpp: Added.
        * parser/ParserArena.h: Added.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData): Removed arena-related code, since it's
        now in the Parser.
        (JSC::JSGlobalData::createLeaked): Removed unneeded #ifndef.
        (JSC::JSGlobalData::createNativeThunk): Tweaked #if a bit.

        * runtime/JSGlobalData.h: Removed parserArena, which is now in Parser.

        * wtf/RefCounted.h: Added deletionHasBegun function, for use in
        assertions to catch deletion not done by the deref function.

2009-05-10  David Kilzer  <ddkilzer (a] apple.com>

        Part 2: Try to fix the Windows build by adding a symbol which is really just a re-mangling of a changed method signature

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-10  David Kilzer  <ddkilzer (a] apple.com>

        Try to fix the Windows build by removing an unknown symbol

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-10  David Kilzer  <ddkilzer (a] apple.com>

        Touch Nodes.cpp to try to fix Windows build

        * parser/Nodes.cpp: Removed whitespace.

2009-05-10  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Quick fix for failures seen on buildbot. Maciej plans a better fix later.

        * wtf/dtoa.cpp: Change the hardcoded number of 32-bit words in a BigInt
        from 32 to 64. Parsing "1e500", for example, requires more than 32 words.

2009-05-10  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 25674: syntax tree nodes should use arena allocation
        Part one: Change lifetimes so we won't have to use reference
        counting so much, but don't eliminate the reference counts
        entirely yet.

        * JavaScriptCore.exp: Updated.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): Update for use of raw pointers
        instead of RefPtr.
        (JSC::BytecodeGenerator::emitCall): Ditto.
        (JSC::BytecodeGenerator::emitConstruct): Ditto.

        * parser/Grammar.y: Update node creating code to use new (JSGlobalData*)
        instead of the plain new. At the moment this is just a hook for future
        arena allocation; it's inline and JSGlobalData* is not used.

        * parser/NodeConstructors.h: Updated for name change of parserObjects to
        parserArena. Also added explicit initialization for raw pointers that used
        to be RefPtr. Also removed some uses of get() that aren't needed now that
        the pointers are raw pointers. Also eliminated m_parameter from FuncExprNode
        and FuncDeclNode. Also changed node-creating code to use new (JSGlobalData*)
        as above.

        * parser/Nodes.cpp: Eliminated NodeReleaser and all use of it.
        (JSC::ParserRefCounted::ParserRefCounted): Updated for name change of
        parserObjects to parserArena.
        (JSC::SourceElements::append): Use raw pointers.
        (JSC::ArrayNode::emitBytecode): Ditto.
        (JSC::ArrayNode::isSimpleArray): Ditto.
        (JSC::ArrayNode::toArgumentList): Ditto.
        (JSC::ObjectLiteralNode::emitBytecode): Ditto.
        (JSC::PropertyListNode::emitBytecode): Ditto.
        (JSC::BracketAccessorNode::emitBytecode): Ditto.
        (JSC::DotAccessorNode::emitBytecode): Ditto.
        (JSC::ArgumentListNode::emitBytecode): Ditto.
        (JSC::NewExprNode::emitBytecode): Ditto.
        (JSC::EvalFunctionCallNode::emitBytecode): Ditto.
        (JSC::FunctionCallValueNode::emitBytecode): Ditto.
        (JSC::FunctionCallResolveNode::emitBytecode): Ditto.
        (JSC::FunctionCallBracketNode::emitBytecode): Ditto.
        (JSC::FunctionCallDotNode::emitBytecode): Ditto.
        (JSC::CallFunctionCallDotNode::emitBytecode): Ditto.
        (JSC::ApplyFunctionCallDotNode::emitBytecode): Ditto.
        (JSC::PostfixBracketNode::emitBytecode): Ditto.
        (JSC::PostfixDotNode::emitBytecode): Ditto.
        (JSC::DeleteBracketNode::emitBytecode): Ditto.
        (JSC::DeleteDotNode::emitBytecode): Ditto.
        (JSC::DeleteValueNode::emitBytecode): Ditto.
        (JSC::VoidNode::emitBytecode): Ditto.
        (JSC::TypeOfValueNode::emitBytecode): Ditto.
        (JSC::PrefixBracketNode::emitBytecode): Ditto.
        (JSC::PrefixDotNode::emitBytecode): Ditto.
        (JSC::UnaryOpNode::emitBytecode): Ditto.
        (JSC::BinaryOpNode::emitStrcat): Ditto.
        (JSC::BinaryOpNode::emitBytecode): Ditto.
        (JSC::EqualNode::emitBytecode): Ditto.
        (JSC::StrictEqualNode::emitBytecode): Ditto.
        (JSC::ReverseBinaryOpNode::emitBytecode): Ditto.
        (JSC::ThrowableBinaryOpNode::emitBytecode): Ditto.
        (JSC::InstanceOfNode::emitBytecode): Ditto.
        (JSC::LogicalOpNode::emitBytecode): Ditto.
        (JSC::ConditionalNode::emitBytecode): Ditto.
        (JSC::ReadModifyResolveNode::emitBytecode): Ditto.
        (JSC::AssignResolveNode::emitBytecode): Ditto.
        (JSC::AssignDotNode::emitBytecode): Ditto.
        (JSC::ReadModifyDotNode::emitBytecode): Ditto.
        (JSC::AssignBracketNode::emitBytecode): Ditto.
        (JSC::ReadModifyBracketNode::emitBytecode): Ditto.
        (JSC::CommaNode::emitBytecode): Ditto.
        (JSC::ConstDeclNode::emitCodeSingle): Ditto.
        (JSC::ConstDeclNode::emitBytecode): Ditto.
        (JSC::ConstStatementNode::emitBytecode): Ditto.
        (JSC::statementListEmitCode): Ditto.
        (JSC::BlockNode::emitBytecode): Ditto.
        (JSC::ExprStatementNode::emitBytecode): Ditto.
        (JSC::VarStatementNode::emitBytecode): Ditto.
        (JSC::IfNode::emitBytecode): Ditto.
        (JSC::IfElseNode::emitBytecode): Ditto.
        (JSC::DoWhileNode::emitBytecode): Ditto.
        (JSC::WhileNode::emitBytecode): Ditto.
        (JSC::ForNode::emitBytecode): Ditto.
        (JSC::ForInNode::emitBytecode): Ditto.
        (JSC::ReturnNode::emitBytecode): Ditto.
        (JSC::WithNode::emitBytecode): Ditto.
        (JSC::CaseBlockNode::tryOptimizedSwitch): Ditto.
        (JSC::CaseBlockNode::emitBytecodeForBlock): Ditto.
        (JSC::SwitchNode::emitBytecode): Ditto.
        (JSC::LabelNode::emitBytecode): Ditto.
        (JSC::ThrowNode::emitBytecode): Ditto.
        (JSC::TryNode::emitBytecode): Ditto.
        (JSC::ScopeNodeData::ScopeNodeData): Use swap to transfer ownership
        of the arena, varStack and functionStack.
        (JSC::ScopeNode::ScopeNode): Pass in the arena when creating the
        ScopeNodeData.
        (JSC::ProgramNode::ProgramNode): Made this inline since it's used
        in only one place.
        (JSC::ProgramNode::create): Changed this to return a PassRefPtr since
        we plan to have the scope nodes be outside the arena, so they will need
        some kind of ownership transfer (maybe auto_ptr instead of PassRefPtr
        in the future, though). Remove the node from the newly-created arena to
        avoid a circular reference. Later we'll keep the node out of the arena
        by using a different operator new, but for now it's the ParserRefCounted
        constructor that puts the node into the arena, and there's no way to
        bypass that.
        (JSC::EvalNode::EvalNode): Ditto.
        (JSC::EvalNode::create): Ditto.
        (JSC::FunctionBodyNode::FunctionBodyNode): Ditto.
        (JSC::FunctionBodyNode::createNativeThunk): Moved the code that
        reseets the arena here instead of the caller.
        (JSC::FunctionBodyNode::create): Same change as the other create
        functions above.
        (JSC::FunctionBodyNode::emitBytecode): Use raw pointers.

        * parser/Nodes.h: Removed NodeReleaser. Changed FunctionStack to
        use raw pointers. Removed the releaseNodes function. Added an override
        of operator new that takes a JSGlobalData* to prepare for future arena use.
        Use raw pointers instead of RefPtr everywhere possible.

        * parser/Parser.cpp:
        (JSC::Parser::reparseInPlace): Pass the arena in.

        * parser/Parser.h:
        (JSC::Parser::parse): Updated for name change of parserObjects to parserArena.
        (JSC::Parser::reparse): Ditto.
        * runtime/FunctionConstructor.cpp:
        (JSC::extractFunctionBody): Ditto.
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData): Ditto.
        (JSC::JSGlobalData::createNativeThunk): Moved arena manipulation into the
        FunctionBodyNode::createNativeThunk function.

        * runtime/JSGlobalData.h: Tweaked formatting and renamed parserObjects to
        parserArena.

        * wtf/NotFound.h: Added the usual "using WTF" to this header to match the
        rest of WTF.

2009-05-10  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Geoffrey Garen.

        https://bugs.webkit.org/show_bug.cgi?id=25670
        Remove no longer valid chunk of code from dtoa.

        * wtf/dtoa.cpp:
        (WTF::dtoa): Removed invalid code.

2009-05-10  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Geoff Garen.

        "Class const *" is the same as "const Class*", use the latter syntax consistently.

        See <http://www.parashift.com/c++-faq-lite/const-correctness.html#faq-18.9>.

        * pcre/pcre_compile.cpp:
        (calculateCompiledPatternLength):
        * runtime/JSObject.h:
        (JSC::JSObject::offsetForLocation):
        (JSC::JSObject::locationForOffset):

2009-05-10  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Alexey Proskuryakov.
        
        - speedup dtoa/strtod
        
        Added a bunch of inlining, and replaced malloc with stack allocation.
        
        0.5% SunSpider speedup (7% on string-tagcloud).

        * runtime/NumberPrototype.cpp:
        (JSC::integerPartNoExp):
        (JSC::numberProtoFuncToExponential):
        * runtime/UString.cpp:
        (JSC::concatenate):
        (JSC::UString::from):
        * wtf/dtoa.cpp:
        (WTF::BigInt::BigInt):
        (WTF::BigInt::operator=):
        (WTF::Balloc):
        (WTF::Bfree):
        (WTF::multadd):
        (WTF::s2b):
        (WTF::i2b):
        (WTF::mult):
        (WTF::pow5mult):
        (WTF::lshift):
        (WTF::cmp):
        (WTF::diff):
        (WTF::b2d):
        (WTF::d2b):
        (WTF::ratio):
        (WTF::strtod):
        (WTF::quorem):
        (WTF::freedtoa):
        (WTF::dtoa):
        * wtf/dtoa.h:

2009-05-09  Mike Hommey  <glandium (a] debian.org>

        Reviewed by Geoffrey Garen. Landed by Jan Alonzo.

        Enable JIT on x86-64 gtk+
        https://bugs.webkit.org/show_bug.cgi?id=24724

        * GNUmakefile.am:

2009-05-09  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Removed the last non-call-related manually managed JIT stub call.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_rshift): Fully use the JITStubCall
        abstraction, instead of emitPutJITStubArg.

2009-05-09  Sebastian Andrzej Siewior  <sebastian (a] breakpoint.cc>

        Reviewed by Gustavo Noronha.

        https://bugs.webkit.org/show_bug.cgi?id=25653
        PLATFORM(X86_64) inherits ia64

        __ia64__ is defined by gcc in an IA64 arch and has completely
        nothing in common with X86-64 exept both are from Intel and have
        an 64bit address space. That's it. Since code seems to expect x86
        here, ia64 has to go.

        * wtf/Platform.h:

2009-05-09  Gustavo Noronha Silva  <gns (a] gnome.org>

        Suggested by Geoffrey Garen.

        Assume SSE2 is present on X86-64 and on MAC X86-32. This fixes a
        build breakage on non-Mac X86-64 when JIT is enabled.

        * jit/JITArithmetic.cpp:

2009-05-09  Gustavo Noronha Silva  <gns (a] gnome.org>

        Build fix, adding missing files to make dist.

        * GNUmakefile.am:

2009-05-09  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::patchLoadToLEA):

2009-05-09  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::patchLoadToLEA):

2009-05-09  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Gavin Barraclough.
        
        Original patch by John McCall. Updated by Cameron Zwarich. Further refined by me.
        
        - Assorted speedups to property access
        
        ~.3%-1% speedup on SunSpider
        
        1) When we know from the structure ID that an object is using inline storage, plant direct
        loads and stores against it; no need to indirect through storage pointer.
        
        2) Also because of the above, union the property storage pointer with the first inline property
        slot and add an extra inline property slot.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::CodeLocationInstruction::CodeLocationInstruction):
        (JSC::AbstractMacroAssembler::CodeLocationInstruction::patchLoadToLEA):
        (JSC::::CodeLocationCommon::instructionAtOffset):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::storePtr):
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::store32):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::storePtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movq_EAXm):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::patchLoadToLEA):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * runtime/JSObject.cpp:
        (JSC::JSObject::mark):
        (JSC::JSObject::removeDirect):
        * runtime/JSObject.h:
        (JSC::JSObject::propertyStorage):
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getOffset):
        (JSC::JSObject::offsetForLocation):
        (JSC::JSObject::locationForOffset):
        (JSC::JSObject::getDirectOffset):
        (JSC::JSObject::putDirectOffset):
        (JSC::JSObject::isUsingInlineStorage):
        (JSC::JSObject::):
        (JSC::JSObject::JSObject):
        (JSC::JSObject::~JSObject):
        (JSC::Structure::isUsingInlineStorage):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::allocatePropertyStorageInline):
        * runtime/Structure.h:

2009-05-09  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Gavin Barraclough.

        Changed all our JIT stubs so that they return a maximum of 1 JS value or
        two non-JS pointers, and do all other value returning through out
        parameters, in preparation for 64bit JS values on a 32bit system.

        Stubs that used to return two JSValues now return one JSValue and take
        and out parameter specifying where in the register array the second
        value should go.
        
        SunSpider reports no change.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_post_inc):
        (JSC::JIT::compileFastArithSlow_op_post_dec):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_call_arityCheck):
        (JSC::JITStubs::cti_op_resolve_func):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_resolve_with_base):
        (JSC::JITStubs::cti_op_post_dec):
        * jit/JITStubs.h:
        (JSC::):

2009-05-08  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed <rdar://problem/6634956> CrashTracer: [REGRESSION] >400 crashes
        in Safari at com.apple.JavaScriptCore  JSC::BytecodeGenerator::emitComplexJumpScopes + 468
        https://bugs.webkit.org/show_bug.cgi?id=25658

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitComplexJumpScopes): Guard the whole loop
        with a bounds check. The old loop logic would decrement and read topScope
        without a bounds check, which could cause crashes on page boundaries.

2009-05-08  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Reviewed by NOBODY (BuildFix).

        Gtk fix: add LiteralParser to the build script per r43424.

        Add LiteralParser to the Qt and Wx build scripts too.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCoreSources.bkl:

2009-05-08  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough and Darin Adler.

        Add a limited literal parser for eval to handle object and array literals fired at eval

        This is a simplified parser and lexer that we can throw at strings passed to eval
        in case a site is using eval to parse JSON (eg. json2.js).  The lexer is intentionally
        limited (in effect it's whitelisting a limited "common" subset of the JSON grammar)
        as this decreases the likelihood of us wating time attempting to parse any significant
        amount of non-JSON content.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * runtime/LiteralParser.cpp: Added.
        (JSC::isStringCharacter):
        (JSC::LiteralParser::Lexer::lex):
        (JSC::LiteralParser::Lexer::lexString):
        (JSC::LiteralParser::Lexer::lexNumber):
        (JSC::LiteralParser::parseStatement):
        (JSC::LiteralParser::parseExpression):
        (JSC::LiteralParser::parseArray):
        (JSC::LiteralParser::parseObject):
        (JSC::LiteralParser::StackGuard::StackGuard):
        (JSC::LiteralParser::StackGuard::~StackGuard):
        (JSC::LiteralParser::StackGuard::isSafe):
        * runtime/LiteralParser.h: Added.
        (JSC::LiteralParser::LiteralParser):
        (JSC::LiteralParser::attemptJSONParse):
        (JSC::LiteralParser::):
        (JSC::LiteralParser::Lexer::Lexer):
        (JSC::LiteralParser::Lexer::next):
        (JSC::LiteralParser::Lexer::currentToken):
        (JSC::LiteralParser::abortParse):

2009-05-08  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Restored a Mozilla JS test I accidentally gutted.

        * tests/mozilla/ecma/Array/15.4.4.2.js:
        (getTestCases):
        (test):

2009-05-08  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Gavin Barraclough.
        
        More abstraction for JITStub calls from JITed code.
        
        Added a JITStubCall class that automatically handles things like assigning
        arguments to different stack slots and storing return values. Deployed
        the class in about a billion places. A bunch more places remain to be
        fixed up, but this is a good stopping point for now.

        * jit/JIT.cpp:
        (JSC::JIT::emitTimeoutCheck):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::JIT::JSRInfo::JSRInfo):
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::addArgument):
        (JSC::JITStubCall::call):
        (JSC::JITStubCall::):
        (JSC::CallEvalJITStub::CallEvalJITStub):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_lshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_jnless):
        (JSC::JIT::compileFastArithSlow_op_bitand):
        (JSC::JIT::compileFastArithSlow_op_mod):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArithSlow_op_post_inc):
        (JSC::JIT::compileFastArithSlow_op_post_dec):
        (JSC::JIT::compileFastArithSlow_op_pre_inc):
        (JSC::JIT::compileFastArithSlow_op_pre_dec):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArith_op_sub):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::compileFastArithSlow_op_add):
        (JSC::JIT::compileFastArithSlow_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_resolve_func):
        (JSC::JITStubs::cti_op_resolve_with_base):

2009-05-08  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Add a new opcode jnlesseq, and optimize its compilation in the JIT using
        techniques similar to what were used to optimize jnless in r43363.

        This gives a 0.7% speedup on SunSpider, particularly on the tests 3d-cube,
        control-flow-recursive, date-format-xparb, and string-base64.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Add support for dumping op_jnlesseq.
        * bytecode/Opcode.h: Add op_jnlesseq to the list of opcodes.
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpIfFalse): Add a peephole optimization
        for op_jnlesseq when emitting lesseq followed by a jump.
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute): Add case for op_jnlesseq.
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass): Add case for op_jnlesseq.
        (JSC::JIT::privateCompileSlowCases): Add case for op_jnlesseq.
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_jnlesseq): Added.
        (JSC::JIT::compileFastArithSlow_op_jnlesseq): Added.
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_jlesseq): Added.
        * jit/JITStubs.h:

2009-05-08  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix test failures on 64-bit

        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_jnless): Avoid accidentaly treating an
        immediate int as an immediate float in the 64-bit value representation.

2009-05-08  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Oliver Hunt.

        Removing an empty constructor and an uncalled, empty function seems to be a
        pretty solid 1% regeression on my machine, so I'm going to put them back.
        Um.  Yeah, this this pretty pointles and makes no sense at all.  I officially
        lose the will to live in 3... 2...

        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::notifyOfScope):
        * bytecode/SamplingTool.h:
        (JSC::SamplingTool::~SamplingTool):

2009-05-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver "I see lots of ifdefs" Hunt.

        Fix (kinda) for sampling tool breakage.  The codeblock sampling tool has become
        b0rked due to recent changes in native function calling.  The initialization of
        a ScopeNode appears to now occur before the sampling tool (or possibly the
        interpreter has been brought into existence, wihich leads to crashyness).

        This patch doesn't fix the problem.  The crash occurs when tracking a Scope, but
        we shouldn't need to track scopes when we're just sampling opcodes, not
        codeblocks.  Not retaining Scopes when just opcode sampling will reduce sampling
        overhead reducing any instrumentation skew, which is a good thing.  As a side
        benefit this patch also gets the opcode sampling going again, albeit in a bit of
        a lame way.  Will come back later with a proper fix from codeblock sampling. 

        * JavaScriptCore.exp:
        * bytecode/SamplingTool.cpp:
        (JSC::compareLineCountInfoSampling):
        (JSC::SamplingTool::dump):
        * bytecode/SamplingTool.h:
        (JSC::SamplingTool::SamplingTool):
        * parser/Nodes.cpp:
        (JSC::ScopeNode::ScopeNode):

2009-05-07  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Oliver Hunt.

        Fix <https://bugs.webkit.org/show_bug.cgi?id=25640>.
        Bug 25640: Crash on quit in r43384 nightly build on Leopard w/ Safari 4 beta installed
        
        Roll out r43366 as it removed symbols that Safari 4 Beta uses.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingThread::start):
        (JSC::SamplingThread::stop):
        * bytecode/SamplingTool.h:
        * wtf/CrossThreadRefCounted.h:
        (WTF::CrossThreadRefCounted::CrossThreadRefCounted):
        (WTF::::ref):
        (WTF::::deref):
        * wtf/Threading.h:
        * wtf/ThreadingNone.cpp:
        * wtf/ThreadingPthreads.cpp:
        (WTF::threadMapMutex):
        (WTF::initializeThreading):
        (WTF::threadMap):
        (WTF::identifierByPthreadHandle):
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::pthreadHandleForIdentifier):
        (WTF::clearPthreadHandleForIdentifier):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):
        (WTF::currentThread):
        * wtf/ThreadingWin.cpp:
        (WTF::threadMapMutex):
        (WTF::initializeThreading):
        (WTF::threadMap):
        (WTF::storeThreadHandleByIdentifier):
        (WTF::threadHandleForIdentifier):
        (WTF::clearThreadHandleForIdentifier):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):
        (WTF::currentThread):
        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::threadMapMutex):
        (WTF::initializeThreading):
        (WTF::threadMap):
        (WTF::identifierByGthreadHandle):
        (WTF::establishIdentifierForThread):
        (WTF::threadForIdentifier):
        (WTF::clearThreadForIdentifier):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):
        * wtf/qt/ThreadingQt.cpp:
        (WTF::threadMapMutex):
        (WTF::threadMap):
        (WTF::identifierByQthreadHandle):
        (WTF::establishIdentifierForThread):
        (WTF::clearThreadForIdentifier):
        (WTF::threadForIdentifier):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):

2009-05-07  Gustavo Noronha Silva  <gns (a] gnome.org>

        Suggested by Oliver Hunt.

        Also check for Linux for the special-cased calling convention.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * wtf/Platform.h:

2009-05-07  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Previously, when appending to an existing string and growing the underlying buffer,
        we would actually allocate 110% of the required size in order to give us some space
        to expand into.  Now we treat strings differently based on their size:

        Small Strings (up to 4 pages):
        Expand the allocation size to 112.5% of the amount requested.  This is largely sicking
        to our previous policy, however 112.5% is cheaper to calculate.

        Medium Strings (up to 128 pages):
        For pages covering multiple pages over-allocation is less of a concern - any unused
        space will not be paged in if it is not used, so this is purely a VM overhead.  For
        these strings allocate 2x the requested size.

        Large Strings (to infinity and beyond!):
        Revert to our 112.5% policy - probably best to limit the amount of unused VM we allow
        any individual string be responsible for.

        Additionally, round small allocations up to a multiple of 16 bytes, and medium and
        large allocations up to a multiple of page size.

        ~1.5% progression on Sunspider, due to 5% improvement on tagcloud & 15% on validate.

        * runtime/UString.cpp:
        (JSC::expandedSize):

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed a minor sequencing error introduced by recent Parser speedups.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::createNativeThunk): Missed a spot in my last patch.

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.

        * wtf/Platform.h: Reverted an accidental (and performance-catastrophic)
        change.

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed a minor sequencing error introduced by recent Parser speedups.

        * parser/Parser.cpp:
        (JSC::Parser::reparseInPlace): Missed a spot in my last patch.

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed a minor sequencing error introduced by recent Parser speedups.

        * parser/Parser.cpp:
        (JSC::Parser::parse):
        * parser/Parser.h:
        (JSC::Parser::parse):
        (JSC::Parser::reparse): Shrink the parsedObjects vector after allocating
        the root node, to avoid leaving a stray node in the vector, since that's
        a slight memory leak, and it causes problems during JSGlobalData teardown.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData): ASSERT that we're not being torn
        down while we think we're still parsing, since that would cause lots of
        bad memory references during our destruction.

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Replaced two more macros with references to the JITStackFrame structure.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITStubs.cpp:
        (JSC::):
        * jit/JITStubs.h:

2009-05-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Improve native call performance

        Fix the windows build by adding calling convention declarations everywhere,
        chose fastcall as that seemed most sensible given we were having to declare
        the convention explicitly.  In addition switched to fastcall on mac in the
        deluded belief that documented fastcall behavior on windows would match 
        actual its actual behavior.

        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.h:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * interpreter/CallFrame.h:
        (JSC::ExecState::argumentCount):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jsc.cpp:
        (functionPrint):
        (functionDebug):
        (functionGC):
        (functionVersion):
        (functionRun):
        (functionLoad):
        (functionSetSamplingFlags):
        (functionClearSamplingFlags):
        (functionReadline):
        (functionQuit):
        * runtime/ArrayConstructor.cpp:
        (JSC::callArrayConstructor):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        (JSC::arrayProtoFuncConcat):
        (JSC::arrayProtoFuncPop):
        (JSC::arrayProtoFuncPush):
        (JSC::arrayProtoFuncReverse):
        (JSC::arrayProtoFuncShift):
        (JSC::arrayProtoFuncSlice):
        (JSC::arrayProtoFuncSort):
        (JSC::arrayProtoFuncSplice):
        (JSC::arrayProtoFuncUnShift):
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):
        (JSC::arrayProtoFuncReduce):
        (JSC::arrayProtoFuncReduceRight):
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/BooleanConstructor.cpp:
        (JSC::callBooleanConstructor):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString):
        (JSC::booleanProtoFuncValueOf):
        * runtime/CallData.h:
        * runtime/DateConstructor.cpp:
        (JSC::callDate):
        (JSC::dateParse):
        (JSC::dateNow):
        (JSC::dateUTC):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetMilliSeconds):
        (JSC::dateProtoFuncGetUTCMilliseconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::dateProtoFuncSetTime):
        (JSC::dateProtoFuncSetMilliSeconds):
        (JSC::dateProtoFuncSetUTCMilliseconds):
        (JSC::dateProtoFuncSetSeconds):
        (JSC::dateProtoFuncSetUTCSeconds):
        (JSC::dateProtoFuncSetMinutes):
        (JSC::dateProtoFuncSetUTCMinutes):
        (JSC::dateProtoFuncSetHours):
        (JSC::dateProtoFuncSetUTCHours):
        (JSC::dateProtoFuncSetDate):
        (JSC::dateProtoFuncSetUTCDate):
        (JSC::dateProtoFuncSetMonth):
        (JSC::dateProtoFuncSetUTCMonth):
        (JSC::dateProtoFuncSetFullYear):
        (JSC::dateProtoFuncSetUTCFullYear):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear):
        * runtime/ErrorConstructor.cpp:
        (JSC::callErrorConstructor):
        * runtime/ErrorPrototype.cpp:
        (JSC::errorProtoFuncToString):
        * runtime/FunctionConstructor.cpp:
        (JSC::callFunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::callFunctionPrototype):
        (JSC::functionProtoFuncToString):
        (JSC::functionProtoFuncApply):
        (JSC::functionProtoFuncCall):
        * runtime/JSFunction.h:
        (JSC::JSFunction::nativeFunction):
        (JSC::JSFunction::setScopeChain):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        (JSC::globalFuncParseInt):
        (JSC::globalFuncParseFloat):
        (JSC::globalFuncIsNaN):
        (JSC::globalFuncIsFinite):
        (JSC::globalFuncDecodeURI):
        (JSC::globalFuncDecodeURIComponent):
        (JSC::globalFuncEncodeURI):
        (JSC::globalFuncEncodeURIComponent):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        (JSC::globalFuncJSCPrint):
        * runtime/JSGlobalObjectFunctions.h:
        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncAbs):
        (JSC::mathProtoFuncACos):
        (JSC::mathProtoFuncASin):
        (JSC::mathProtoFuncATan):
        (JSC::mathProtoFuncATan2):
        (JSC::mathProtoFuncCeil):
        (JSC::mathProtoFuncCos):
        (JSC::mathProtoFuncExp):
        (JSC::mathProtoFuncFloor):
        (JSC::mathProtoFuncLog):
        (JSC::mathProtoFuncMax):
        (JSC::mathProtoFuncMin):
        (JSC::mathProtoFuncPow):
        (JSC::mathProtoFuncRandom):
        (JSC::mathProtoFuncRound):
        (JSC::mathProtoFuncSin):
        (JSC::mathProtoFuncSqrt):
        (JSC::mathProtoFuncTan):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::callNativeErrorConstructor):
        * runtime/NativeFunctionWrapper.h:
        * runtime/NumberConstructor.cpp:
        (JSC::callNumberConstructor):
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString):
        (JSC::numberProtoFuncToLocaleString):
        (JSC::numberProtoFuncValueOf):
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToExponential):
        (JSC::numberProtoFuncToPrecision):
        * runtime/ObjectConstructor.cpp:
        (JSC::callObjectConstructor):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncValueOf):
        (JSC::objectProtoFuncHasOwnProperty):
        (JSC::objectProtoFuncIsPrototypeOf):
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        (JSC::objectProtoFuncLookupGetter):
        (JSC::objectProtoFuncLookupSetter):
        (JSC::objectProtoFuncPropertyIsEnumerable):
        (JSC::objectProtoFuncToLocaleString):
        (JSC::objectProtoFuncToString):
        * runtime/ObjectPrototype.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::callRegExpConstructor):
        * runtime/RegExpObject.cpp:
        (JSC::callRegExpObject):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest):
        (JSC::regExpProtoFuncExec):
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCode):
        (JSC::callStringConstructor):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToString):
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncConcat):
        (JSC::stringProtoFuncIndexOf):
        (JSC::stringProtoFuncLastIndexOf):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSlice):
        (JSC::stringProtoFuncSplit):
        (JSC::stringProtoFuncSubstr):
        (JSC::stringProtoFuncSubstring):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):
        (JSC::stringProtoFuncLocaleCompare):
        (JSC::stringProtoFuncBig):
        (JSC::stringProtoFuncSmall):
        (JSC::stringProtoFuncBlink):
        (JSC::stringProtoFuncBold):
        (JSC::stringProtoFuncFixed):
        (JSC::stringProtoFuncItalics):
        (JSC::stringProtoFuncStrike):
        (JSC::stringProtoFuncSub):
        (JSC::stringProtoFuncSup):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):
        (JSC::stringProtoFuncLink):
        * wtf/Platform.h:

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Rolled out a portion of r43352 because it broke 64bit.

        * jit/JITStubs.h:

2009-05-07  Kevin Ollivier  <kevino (a] theolliviers.com>

        Build fix for functions reaturning ThreadIdentifier.

        * wtf/ThreadingNone.cpp:
        (WTF::createThreadInternal):
        (WTF::currentThread):

2009-05-07  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by John Honeycutt.
        
        - enable optimization case im the last patch that I accidentally had disabled.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_jnless):

2009-05-07  Dmitry Titov  <dimich (a] chromium.org>

        Attempt to fix Win build.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_jnless):

2009-05-07  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Alexey Proskuryakov and Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=25348
        Change WTF::ThreadIdentifier to be an actual (but wrapped) thread id, remove ThreadMap.

        * wtf/Threading.h:
        (WTF::ThreadIdentifier::ThreadIdentifier):
        (WTF::ThreadIdentifier::isValid):
        (WTF::ThreadIdentifier::invalidate):
        (WTF::ThreadIdentifier::platformId):
        ThreadIdentifier is now a class, containing a PlatformThreadIdentifier and
        methods that are used across the code on thread ids: construction, comparisons,
        check for 'valid' state etc. '0' is used as invalid id, which happens to just work
        with all platform-specific thread id implementations.

        All the following files repeatedly reflect the new ThreadIdentifier for each platform.
        We remove ThreadMap and threadMapMutex from all of them, remove the functions that
        populated/searched/cleared the map and add platform-specific comparison operators
        for ThreadIdentifier.

        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):

        * wtf/ThreadingNone.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):

        * wtf/ThreadingPthreads.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):
        (WTF::currentThread):

        * wtf/qt/ThreadingQt.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal):
        (WTF::waitForThreadCompletion):
        (WTF::currentThread):

        * wtf/ThreadingWin.cpp:
        (WTF::ThreadIdentifier::operator==):
        (WTF::ThreadIdentifier::operator!=):
        (WTF::initializeThreading):
        (WTF::createThreadInternal): All the platforms (except Windows) used a sequential
        counter as a thread ID and mapped it into platform ID. Windows was using native thread
        id and mapped it into thread handle. Since we can always obtain a thread handle
        by thread id, createThread now closes the handle.
        (WTF::waitForThreadCompletion): obtains another one using OpenThread(id) API. If can not obtain a handle,
        it means the thread already exited.
        (WTF::detachThread):
        (WTF::currentThread):
        (WTF::detachThreadDeprecated): old function, renamed (for Win Safari 4 beta which uses it for now).
        (WTF::waitForThreadCompletionDeprecated): same.
        (WTF::currentThreadDeprecated): same.
        (WTF::createThreadDeprecated): same.

        * bytecode/SamplingTool.h:
        * bytecode/SamplingTool.cpp: Use DEFINE_STATIC_LOCAL for a static ThreadIdentifier variable, to avoid static constructor.

        * JavaScriptCore.exp: export lists - updated the WTF threading functions decorated names
        since they now take a different type as a parameter.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: ditto for Windows, plus added "deprecated" functions
        that take old parameter type - turns out public beta of Safari 4 uses those, so they need to be kept along for a while.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: ditto.

2009-05-07  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Sam Weinig.
        
        - optimize various cases of branch-fused less
        
        1% speedup on SunSpider overall
        13% speedup on math-cordic

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        op_loop_if_less: Optimize case of constant as first operand, just as case of constant as
        second operand.
        op_jnless: Factored out into compileFastArith_op_jnless.
        (JSC::JIT::privateCompileSlowCases):
        op_jnless: Factored out into compileFastArithSlow_op_jnless.
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_jnless): Factored out from main compile loop.
        - Generate inline code for comparison of constant immediate int as first operand to another
        immediate int, as for loop_if_less

        (JSC::JIT::compileFastArithSlow_op_jnless):
        - Generate inline code for comparing two floating point numbers.
        - Generate code for both cases of comparing a floating point number to a constant immediate 
        int.
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Fix dumping of op_jnless (tangentially related bugfix).

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Added the return address of a stub function to the JITStackFrame abstraction.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::StackHack::StackHack):
        (JSC::StackHack::~StackHack):
        (JSC::returnToThrowTrampoline):
        (JSC::JITStubs::cti_op_convert_this):
        (JSC::JITStubs::cti_op_end):
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_timeout_check):
        (JSC::JITStubs::cti_register_file_check):
        (JSC::JITStubs::cti_op_loop_if_less):
        (JSC::JITStubs::cti_op_loop_if_lesseq):
        (JSC::JITStubs::cti_op_new_object):
        (JSC::JITStubs::cti_op_put_by_id_generic):
        (JSC::JITStubs::cti_op_get_by_id_generic):
        (JSC::JITStubs::cti_op_put_by_id):
        (JSC::JITStubs::cti_op_put_by_id_second):
        (JSC::JITStubs::cti_op_put_by_id_fail):
        (JSC::JITStubs::cti_op_get_by_id):
        (JSC::JITStubs::cti_op_get_by_id_second):
        (JSC::JITStubs::cti_op_get_by_id_self_fail):
        (JSC::JITStubs::cti_op_get_by_id_proto_list):
        (JSC::JITStubs::cti_op_get_by_id_proto_list_full):
        (JSC::JITStubs::cti_op_get_by_id_proto_fail):
        (JSC::JITStubs::cti_op_get_by_id_array_fail):
        (JSC::JITStubs::cti_op_get_by_id_string_fail):
        (JSC::JITStubs::cti_op_instanceof):
        (JSC::JITStubs::cti_op_del_by_id):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_new_func):
        (JSC::JITStubs::cti_op_call_JSFunction):
        (JSC::JITStubs::cti_op_call_arityCheck):
        (JSC::JITStubs::cti_vm_dontLazyLinkCall):
        (JSC::JITStubs::cti_vm_lazyLinkCall):
        (JSC::JITStubs::cti_op_push_activation):
        (JSC::JITStubs::cti_op_call_NotJSFunction):
        (JSC::JITStubs::cti_op_create_arguments):
        (JSC::JITStubs::cti_op_create_arguments_no_params):
        (JSC::JITStubs::cti_op_tear_off_activation):
        (JSC::JITStubs::cti_op_tear_off_arguments):
        (JSC::JITStubs::cti_op_profile_will_call):
        (JSC::JITStubs::cti_op_profile_did_call):
        (JSC::JITStubs::cti_op_ret_scopeChain):
        (JSC::JITStubs::cti_op_new_array):
        (JSC::JITStubs::cti_op_resolve):
        (JSC::JITStubs::cti_op_construct_JSConstruct):
        (JSC::JITStubs::cti_op_construct_NotJSConstruct):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_resolve_func):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_lesseq):
        (JSC::JITStubs::cti_op_loop_if_true):
        (JSC::JITStubs::cti_op_load_varargs):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_resolve_base):
        (JSC::JITStubs::cti_op_resolve_skip):
        (JSC::JITStubs::cti_op_resolve_global):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_jless):
        (JSC::JITStubs::cti_op_not):
        (JSC::JITStubs::cti_op_jtrue):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_resolve_with_base):
        (JSC::JITStubs::cti_op_new_func_exp):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_less):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_post_dec):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_new_regexp):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_call_eval):
        (JSC::JITStubs::cti_op_throw):
        (JSC::JITStubs::cti_op_get_pnames):
        (JSC::JITStubs::cti_op_next_pname):
        (JSC::JITStubs::cti_op_push_scope):
        (JSC::JITStubs::cti_op_pop_scope):
        (JSC::JITStubs::cti_op_typeof):
        (JSC::JITStubs::cti_op_is_undefined):
        (JSC::JITStubs::cti_op_is_boolean):
        (JSC::JITStubs::cti_op_is_number):
        (JSC::JITStubs::cti_op_is_string):
        (JSC::JITStubs::cti_op_is_object):
        (JSC::JITStubs::cti_op_is_function):
        (JSC::JITStubs::cti_op_stricteq):
        (JSC::JITStubs::cti_op_to_primitive):
        (JSC::JITStubs::cti_op_strcat):
        (JSC::JITStubs::cti_op_nstricteq):
        (JSC::JITStubs::cti_op_to_jsnumber):
        (JSC::JITStubs::cti_op_in):
        (JSC::JITStubs::cti_op_push_new_scope):
        (JSC::JITStubs::cti_op_jmp_scopes):
        (JSC::JITStubs::cti_op_put_by_index):
        (JSC::JITStubs::cti_op_switch_imm):
        (JSC::JITStubs::cti_op_switch_char):
        (JSC::JITStubs::cti_op_switch_string):
        (JSC::JITStubs::cti_op_del_by_val):
        (JSC::JITStubs::cti_op_put_getter):
        (JSC::JITStubs::cti_op_put_setter):
        (JSC::JITStubs::cti_op_new_error):
        (JSC::JITStubs::cti_op_debug):
        (JSC::JITStubs::cti_vm_throw):
        * jit/JITStubs.h:
        (JSC::JITStackFrame::returnAddressSlot):

2009-05-07  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoff Garen.

        * parser/Lexer.cpp:
        (JSC::Lexer::lex): Fix missing braces. This would make us always
        take the slower case for string parsing and Visual Studio correctly
        noticed unreachable code.

2009-05-07  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 25589: goto instead of state machine in lexer
        https://bugs.webkit.org/show_bug.cgi?id=25589

        SunSpider is 0.8% faster.

        * parser/Lexer.cpp:
        (JSC::Lexer::currentCharacter): Added.
        (JSC::Lexer::currentOffset): Changed to call currentCharacter for clarity.
        (JSC::Lexer::setCode): Removed code to set now-obsolete m_skipLineEnd.
        (JSC::Lexer::shiftLineTerminator): Added. Handles line numbers and the
        two-character line terminators.
        (JSC::Lexer::makeIdentifier): Changed to take characters and length rather
        than a vector, since we now make these directly out of the source buffer
        when possible.
        (JSC::Lexer::lastTokenWasRestrKeyword): Added.
        (JSC::isNonASCIIIdentStart): Broke out the non-inline part.
        (JSC::isIdentStart): Moved here.
        (JSC::isNonASCIIIdentPart): Broke out the non-inline part.
        (JSC::isIdentPart): Moved here.
        (JSC::singleEscape): Moved here, and removed some unneeded cases.
        (JSC::Lexer::record8): Moved here.
        (JSC::Lexer::record16): Moved here.
        (JSC::Lexer::lex): Rewrote this whole function to use goto and not use
        a state machine. Got rid of most of the local variables. Also rolled the
        matchPunctuator function in here.
        (JSC::Lexer::scanRegExp): Changed to use the new version of isLineTerminator.
        Clear m_buffer16 after using it instead of before.

        * parser/Lexer.h: Removed State enum, setDone function, nextLine function,
        lookupKeywordFunction, one of the isLineTerminator functions, m_done data member,
        m_skipLineEnd data member, and m_state data member. Added shiftLineTerminator
        function, currentCharacter function, and changed the arguments to the makeIdentifier
        function. Removed one branch from the isLineTerminator function.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace): Streamlined the case where we don't replace anything.

2009-05-07  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Gavin Barraclough.

        Removed a few more special constants, and replaced them with uses of
        the JITStackFrame struct.

        Removed one of the two possible definitions of VoidPtrPair. The Mac
        definition was more elegant, but SunSpider doesn't think it's any
        faster, and it's net less elegant to have two ways of doing things.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        * jit/JITStubs.h:
        (JSC::):

2009-05-07  Darin Adler  <darin (a] apple.com>

        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::~ScopeChainNode): Tweak formatting.

2009-05-07  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Tor Arne Vestb.

        Fix the build thread stack base determination build on Symbian,
        by moving the code block before PLATFORM(UNIX), which is also
        enabled on Symbian builds.

        * runtime/Collector.cpp:
        (JSC::currentThreadStackBase):

2009-05-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Fix crash due to incorrectly using an invalid scopechain 

        stringProtoFuncReplace was checking for an exception on a CachedCall
        by asking for the cached callframes exception.  Unfortunately this
        could crash in certain circumstances as CachedCall does not guarantee
        a valid callframe following a call.  Even more unfortunately the check
        was entirely unnecessary as there is only a single exception slot per
        global data, so it was already checked via the initial exec->hadException()
        check.

        To make bugs like this more obvious, i've added a debug only destructor
        to ScopeChainNode that 0's all of its fields.  This exposed a crash in
        the standard javascriptcore tests.

        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::~ScopeChainNode):
        (JSC::ScopeChain::~ScopeChain):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):

2009-05-07  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Enable op_strcat across += assignments.  This patch allows the lhs of a read/modify node
        to be included within the concatenation operation, and also modifies the implementation
        of the concatenation to attempt to reuse and cat onto the leftmost string, rather than
        always allocating a new empty output string to copy into (as was previously the behaviour).

        ~0.5% progression, due to a 3%-3.5% progression on the string tests (particularly validate).

        * parser/Nodes.cpp:
        (JSC::BinaryOpNode::emitStrcat):
        (JSC::emitReadModifyAssignment):
        (JSC::ReadModifyResolveNode::emitBytecode):
        (JSC::ReadModifyDotNode::emitBytecode):
        (JSC::ReadModifyBracketNode::emitBytecode):
        * parser/Nodes.h:
        * runtime/Operations.h:
        (JSC::concatenateStrings):
        * runtime/UString.cpp:
        (JSC::UString::reserveCapacity):
        * runtime/UString.h:

2009-05-07  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Oliver Hunt.

        Fix the build on Windows without JIT: interpreter/RegisterFile.h needs
        roundUpAllocationSize, which is protected by #if ENABLED(ASSEMBLER).
        Moved the #ifdef down and always offer the function.

        * jit/ExecutableAllocator.h:

2009-05-06  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Gavin "++" Barraclough.
        
        Added some abstraction around the JIT stub calling convention by creating
        a struct to represent the persistent stack frame JIT code shares with
        JIT stubs.
        
        SunSpider reports no change.

        * jit/JIT.h:
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_convert_this):
        (JSC::JITStubs::cti_op_end):
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_timeout_check):
        (JSC::JITStubs::cti_register_file_check):
        (JSC::JITStubs::cti_op_loop_if_less):
        (JSC::JITStubs::cti_op_loop_if_lesseq):
        (JSC::JITStubs::cti_op_new_object):
        (JSC::JITStubs::cti_op_put_by_id_generic):
        (JSC::JITStubs::cti_op_get_by_id_generic):
        (JSC::JITStubs::cti_op_put_by_id):
        (JSC::JITStubs::cti_op_put_by_id_second):
        (JSC::JITStubs::cti_op_put_by_id_fail):
        (JSC::JITStubs::cti_op_get_by_id):
        (JSC::JITStubs::cti_op_get_by_id_second):
        (JSC::JITStubs::cti_op_get_by_id_self_fail):
        (JSC::JITStubs::cti_op_get_by_id_proto_list):
        (JSC::JITStubs::cti_op_get_by_id_proto_list_full):
        (JSC::JITStubs::cti_op_get_by_id_proto_fail):
        (JSC::JITStubs::cti_op_get_by_id_array_fail):
        (JSC::JITStubs::cti_op_get_by_id_string_fail):
        (JSC::JITStubs::cti_op_instanceof):
        (JSC::JITStubs::cti_op_del_by_id):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_new_func):
        (JSC::JITStubs::cti_op_call_JSFunction):
        (JSC::JITStubs::cti_op_call_arityCheck):
        (JSC::JITStubs::cti_vm_dontLazyLinkCall):
        (JSC::JITStubs::cti_vm_lazyLinkCall):
        (JSC::JITStubs::cti_op_push_activation):
        (JSC::JITStubs::cti_op_call_NotJSFunction):
        (JSC::JITStubs::cti_op_create_arguments):
        (JSC::JITStubs::cti_op_create_arguments_no_params):
        (JSC::JITStubs::cti_op_tear_off_activation):
        (JSC::JITStubs::cti_op_tear_off_arguments):
        (JSC::JITStubs::cti_op_profile_will_call):
        (JSC::JITStubs::cti_op_profile_did_call):
        (JSC::JITStubs::cti_op_ret_scopeChain):
        (JSC::JITStubs::cti_op_new_array):
        (JSC::JITStubs::cti_op_resolve):
        (JSC::JITStubs::cti_op_construct_JSConstruct):
        (JSC::JITStubs::cti_op_construct_NotJSConstruct):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_resolve_func):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_lesseq):
        (JSC::JITStubs::cti_op_loop_if_true):
        (JSC::JITStubs::cti_op_load_varargs):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_resolve_base):
        (JSC::JITStubs::cti_op_resolve_skip):
        (JSC::JITStubs::cti_op_resolve_global):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_jless):
        (JSC::JITStubs::cti_op_not):
        (JSC::JITStubs::cti_op_jtrue):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_resolve_with_base):
        (JSC::JITStubs::cti_op_new_func_exp):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_less):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_post_dec):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_new_regexp):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_call_eval):
        (JSC::JITStubs::cti_op_throw):
        (JSC::JITStubs::cti_op_get_pnames):
        (JSC::JITStubs::cti_op_next_pname):
        (JSC::JITStubs::cti_op_push_scope):
        (JSC::JITStubs::cti_op_pop_scope):
        (JSC::JITStubs::cti_op_typeof):
        (JSC::JITStubs::cti_op_is_undefined):
        (JSC::JITStubs::cti_op_is_boolean):
        (JSC::JITStubs::cti_op_is_number):
        (JSC::JITStubs::cti_op_is_string):
        (JSC::JITStubs::cti_op_is_object):
        (JSC::JITStubs::cti_op_is_function):
        (JSC::JITStubs::cti_op_stricteq):
        (JSC::JITStubs::cti_op_to_primitive):
        (JSC::JITStubs::cti_op_strcat):
        (JSC::JITStubs::cti_op_nstricteq):
        (JSC::JITStubs::cti_op_to_jsnumber):
        (JSC::JITStubs::cti_op_in):
        (JSC::JITStubs::cti_op_push_new_scope):
        (JSC::JITStubs::cti_op_jmp_scopes):
        (JSC::JITStubs::cti_op_put_by_index):
        (JSC::JITStubs::cti_op_switch_imm):
        (JSC::JITStubs::cti_op_switch_char):
        (JSC::JITStubs::cti_op_switch_string):
        (JSC::JITStubs::cti_op_del_by_val):
        (JSC::JITStubs::cti_op_put_getter):
        (JSC::JITStubs::cti_op_put_setter):
        (JSC::JITStubs::cti_op_new_error):
        (JSC::JITStubs::cti_op_debug):
        (JSC::JITStubs::cti_vm_throw):
        * jit/JITStubs.h:
        (JSC::):

2009-05-06  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak & Darin Adler.

        Improve string concatenation (as coded in JS as a sequence of adds).

        Detect patterns corresponding to string concatenation, and change the bytecode
        generation to emit a new op_strcat instruction.  By handling the full set of
        additions within a single function we do not need allocate JSString wrappers
        for intermediate results, and we can calculate the size of the output string
        prior to allocating storage, in order to prevent reallocation of the buffer.

        1.5%-2% progression on Sunspider, largely due to a 30% progression on date-format-xparb.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
            Add new opcodes.
        * bytecode/Opcode.h:
            Add new opcodes.
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitStrcat):
        (JSC::BytecodeGenerator::emitToPrimitive):
            Add generation of new opcodes.
        * bytecompiler/BytecodeGenerator.h:
            Add generation of new opcodes.
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
            Add implmentation of new opcodes.
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
            Add implmentation of new opcodes.
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_to_primitive):
        (JSC::JITStubs::cti_op_strcat):
            Add implmentation of new opcodes.
        * jit/JITStubs.h:
            Add implmentation of new opcodes.
        * parser/Nodes.cpp:
        (JSC::BinaryOpNode::emitStrcat):
        (JSC::BinaryOpNode::emitBytecode):
        (JSC::ReadModifyResolveNode::emitBytecode):
            Add generation of new opcodes.
        * parser/Nodes.h:
        (JSC::ExpressionNode::):
        (JSC::AddNode::):
            Add methods to allow identification of add nodes.
        * parser/ResultType.h:
        (JSC::ResultType::definitelyIsString):
        (JSC::ResultType::forAdd):
            Fix error in detection of adds that will produce string results.
        * runtime/Operations.h:
        (JSC::concatenateStrings):
            Add implmentation of new opcodes.
        * runtime/UString.cpp:
        (JSC::UString::appendNumeric):
            Add methods to append numbers to an existing string.
        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        (JSC::UString::BaseString::BaseString):
            Add support for creating an empty string with a non-zero capacity available in the BaseString.

2009-05-06  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Made RefCounted::m_refCount private.

        * runtime/Structure.h: Removed addressOfCount.
        * wtf/RefCounted.h: Made m_refCount private.
        Added addressOfCount.

2009-05-06  Darin Adler  <darin (a] apple.com>

        Fixed assertion seen a lot!

        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::~FunctionBodyNode): Removed now-bogus assertion.

2009-05-06  Darin Adler  <darin (a] apple.com>

        Working with Sam Weinig.

        Redo parse tree constructor optimization without breaking the Windows
        build the way I did yesterday. The previous try broke the build by adding
        an include of Lexer.h and all its dependencies that had to work outside
        the JavaScriptCore project.

        * GNUmakefile.am: Added NodeConstructors.h.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        Removed byteocde directory -- we no longer are trying to include Lexer.h
        outside JavaScriptCore.

        * JavaScriptCore.xcodeproj/project.pbxproj: Change SegmentedVector.h
        and Lexer.h back to internal files. Added NodeConstructors.h.

        * parser/Grammar.y: Added include of NodeConstructors.h.
        Changed use of ConstDeclNode to use public functions.

        * parser/NodeConstructors.h: Copied from parser/Nodes.h.
        Just contains the inlined constructors now.

        * parser/Nodes.cpp: Added include of NodeConstructors.h.
        Moved node constructors into the header.
        (JSC::FunctionBodyNode::FunctionBodyNode): Removed m_refCount
        initialization.

        * parser/Nodes.h: Removed all the constructor definitions, and also
        removed the JSC_FAST_CALL from them since these are all inlined, so the
        calling convention is irrelevant. Made more things private. Used a data
        member for operator opcodes instead of a virtual function. Removed the
        special FunctionBodyNode::ref/deref functions since the default functions
        are now just as fast.

        * runtime/FunctionConstructor.cpp:
        (JSC::extractFunctionBody): Fixed types here so we don't typecast until
        after we do type checking.

2009-05-06  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Ariya Hidayat.

        Fix the Qt build on Windows.

        * JavaScriptCore.pri: Define BUILDING_JavaScriptCore/WTF to get the meaning
        of the JS_EXPORTDATA macros correct

2009-05-06  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Ariya Hidayat.

        Enable the JIT for the Qt build on Windows.

        * JavaScriptCore.pri:

2009-05-06  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Tor Arne Vestb.

        Tweak JavaScriptCore.pri for being able to override the generated sources dir for the
        generated_files target.

        * JavaScriptCore.pri:

2009-05-06  Tor Arne Vestb  <tor.arne.vestbo (a] nokia.com>

        Reviewed by Simon Hausmann.

        Build QtWebKit as a framework on Mac

        This implies both debug and release build by default, unless
        one of the --debug or --release config options are passed to
        the build-webkit script.

        Frameworks can be disabled by passing CONFIG+=webkit_no_framework
        to the build-webkit script.

        To be able to build both debug and release targets in parallel
        we have to use separate output directories for the generated
        sources, which is not optimal, but required to avoid race conditions.

        An optimization would be to only require this spit-up on Mac.

        * JavaScriptCore.pri:
        * JavaScriptCore.pro:
        * jsc.pro:

2009-05-06  Tor Arne Vestb  <tor.arne.vestbo (a] nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Use $$GENERATED_SOURCES_DIR as output when running bison

        A couple of the generators left the bison output file in the source
        tree, and then moved it into $$GENERATED_SOURCES_DIR, which did not
        work well when building release and debug configurations in parallel.

        * JavaScriptCore.pri:

2009-05-05  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Simplified a bit of codegen.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2009-05-05  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Moved all the JIT stub related code into one place.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITCode.h:
        * jit/JITStubs.cpp:
        (JSC::):
        * jit/JITStubs.h:

2009-05-05  Sam Weinig  <sam (a] webkit.org>

        Try to fix Windows build.

        Move Node constructor to the .cpp file.

        * parser/Nodes.cpp: 
        * parser/Nodes.h:

2009-05-05  Darin Adler  <darin (a] apple.com>

        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

        Try to fix Mac build.

        * JavaScriptCore.xcodeproj/project.pbxproj: Made SegmentedVector.h private.

2009-05-05  Darin Adler  <darin (a] apple.com>

        Try to fix Mac build.

        * JavaScriptCore.xcodeproj/project.pbxproj: Made Lexer.h private.

2009-05-05  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 25569: make ParserRefCounted use conventional reference counting
        https://bugs.webkit.org/show_bug.cgi?id=25569

        SunSpider speedup of about 1.6%.

        * JavaScriptCore.exp: Updated.

        * parser/Nodes.cpp:
        (JSC::NodeReleaser::releaseAllNodes): ALWAYS_INLINE.
        (JSC::NodeReleaser::adopt): Ditto.
        (JSC::ParserRefCounted::ParserRefCounted): Removed most of the code.
        Add the object to a Vector<RefPtr> that gets cleared after parsing.
        (JSC::ParserRefCounted::~ParserRefCounted): Removed most of the code.

        * parser/Nodes.h: Made ParserRefCounted inherit from RefCounted and
        made inline versions of the constructor and destructor. Made the
        Node constructor inline.

        * parser/Parser.cpp:
        (JSC::Parser::parse): Call globalData->parserObjects.shrink(0) after
        parsing, where it used to call ParserRefCounted::deleteNewObjects.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Eliminated code to manage the
        newParserObjects and parserObjectExtraRefCounts.
        (JSC::JSGlobalData::~JSGlobalData): Ditto.

        * runtime/JSGlobalData.h: Replaced the HashSet and HashCountedSet
        with a Vector.

        * wtf/PassRefPtr.h:
        (WTF::PassRefPtr::~PassRefPtr): The most common thing to do with a
        PassRefPtr in hot code is to pass it and then destroy it once it's
        set to zero. Help the optimizer by telling it that's true.

2009-05-05  Xan Lopez  <xlopez (a] igalia.com> and Gustavo Noronha Silva  <gustavo.noronha (a] collabora.co.uk>

        Reviewed by Oliver Hunt.

        Disable the NativeFunctionWrapper for all non-Mac ports for now,
        as it is also crashing on Linux/x86.

        * runtime/NativeFunctionWrapper.h:

2009-05-05  Steve Falkenburg  <sfalken (a] apple.com>

        Fix build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Expose toThisObject for the DOM Window

        * JavaScriptCore.exp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Make windows go again until i work out the
        accursed calling convention).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * jit/JIT.cpp:
        * runtime/NativeFunctionWrapper.h:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Fix windows debug builds).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Hopefully the last fix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Fix the build fix caused by a different build fix).

        * parser/Nodes.cpp:
        * parser/Nodes.h:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (No idea how my changes could have broken these).

        * runtime/DatePrototype.cpp:
        * runtime/RegExpObject.cpp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Why should i expect msvc to list all the errors in a file?).

        * parser/Nodes.cpp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Fix warning, and another missing include).

        * jit/JIT.cpp:
        * parser/Nodes.h:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (More build fixes).

        * runtime/ErrorPrototype.cpp:
        * runtime/JSGlobalObject.cpp:
        * runtime/NumberPrototype.cpp:
        * runtime/ObjectPrototype.cpp:
        * runtime/StringConstructor.cpp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Will the fixes never end?).

        * runtime/FunctionPrototype.h:
        * runtime/Lookup.cpp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (More build fixes).

        * jit/JIT.cpp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (More build fixing).

        * runtime/CallData.h:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        * runtime/ArrayConstructor.cpp:
        * runtime/BooleanPrototype.cpp:
        * runtime/DateConstructor.cpp:
        * runtime/Error.cpp:
        * runtime/ObjectConstructor.cpp:
        * runtime/RegExpPrototype.cpp:

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Buildfix).

        Add missing file

        * runtime/NativeFunctionWrapper.h: Copied from JavaScriptCore/jit/ExecutableAllocator.cpp.

2009-05-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bug 25559: Improve native function call performance
        <https://bugs.webkit.org/show_bug.cgi?id=25559>

        In order to cache calls to native functions we now make the standard
        prototype functions use a small assembly thunk that converts the JS
        calling convention into the native calling convention.  As this is
        only beneficial in the JIT we use the NativeFunctionWrapper typedef
        to alternate between PrototypeFunction and JSFunction to keep the
        code sane.  This change from PrototypeFunction to NativeFunctionWrapper
        is the bulk of this patch.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::call):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::addPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::leaq_mr):
        (JSC::X86Assembler::call_m):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
        * jit/JITCall.cpp:
        (JSC::JIT::linkCall):
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITCode.h:
        (JSC::JITCode::operator bool):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetFromCallFrameHeader):
        (JSC::JIT::emitGetFromCallFrameHeader32):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::JITStubs):
        (JSC::JITStubs::cti_op_call_JSFunction):
        (JSC::JITStubs::cti_vm_dontLazyLinkCall):
        (JSC::JITStubs::cti_vm_lazyLinkCall):
        (JSC::JITStubs::cti_op_construct_JSConstruct):
        * jit/JITStubs.h:
        (JSC::JITStubs::ctiNativeCallThunk):
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::generateJITCode):
        * parser/Nodes.h:
        (JSC::FunctionBodyNode::):
        (JSC::FunctionBodyNode::generatedJITCode):
        (JSC::FunctionBodyNode::jitCode):
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        * runtime/ArgList.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::addFunctionProperties):
        (JSC::functionProtoFuncToString):
        * runtime/FunctionPrototype.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::mark):
        (JSC::JSFunction::getCallData):
        (JSC::JSFunction::call):
        (JSC::JSFunction::argumentsGetter):
        (JSC::JSFunction::callerGetter):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getOwnPropertySlot):
        (JSC::JSFunction::put):
        (JSC::JSFunction::deleteProperty):
        (JSC::JSFunction::getConstructData):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::setScope):
        (JSC::JSFunction::scope):
        (JSC::JSFunction::isHostFunction):
        (JSC::JSFunction::scopeChain):
        (JSC::JSFunction::clearScopeChain):
        (JSC::JSFunction::setScopeChain):
        (JSC::JSFunction::nativeFunction):
        (JSC::JSFunction::setNativeFunction):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData):
        (JSC::JSGlobalData::createNativeThunk):
        * runtime/JSGlobalData.h:
        (JSC::JSGlobalData::nativeFunctionThunk):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * runtime/JSGlobalObject.h:
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):

2009-05-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        For convenience, let the sampling flags tool clear multiple flags at once.

        * jsc.cpp:
        (GlobalObject::GlobalObject):
        (functionSetSamplingFlags):
        (functionClearSamplingFlags):

2009-05-04  Maciej Stachowiak  <mjs (a] apple.com>

        Rubber stamped by Gavin.

        - inline Vector::resize for a ~1.5% speedup on string-tagcloud

        * wtf/Vector.h:
        (WTF::Vector::resize): Inline

2009-05-03  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCoreSubmit.sln:

2009-05-03  Mark Rowe  <mrowe (a] apple.com>

        Fix the 64-bit build.

        * API/APICast.h:
        (toJS):
        (toRef):
        * runtime/JSNumberCell.cpp:
        (JSC::jsAPIMangledNumber):
        * runtime/JSNumberCell.h:

2009-05-02  Sam Weinig  <sam (a] webkit.org>

        Roll JSC API number marshaling back in one last time (I hope).

2009-05-03  Sam Weinig  <sam (a] webkit.org>

        Roll JSC API number marshaling back out. It still breaks windows.

2009-05-03  Sam Weinig  <sam (a] webkit.org>

        Roll JSC API number marshaling back in.

2009-05-02  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 25519: streamline lexer by handling BOMs differently
        https://bugs.webkit.org/show_bug.cgi?id=25519

        Roughly 1% faster SunSpider.

        * parser/Grammar.y: Tweak formatting a bit.

        * parser/Lexer.cpp:
        (JSC::Lexer::Lexer): Remove unnnecessary initialization of data members
        that are set up by setCode.
        (JSC::Lexer::currentOffset): Added. Used where the old code would look at
        m_currentOffset.
        (JSC::Lexer::shift1): Replaces the old shift function. No longer does anything
        to handle BOM characters.
        (JSC::Lexer::shift2): Ditto.
        (JSC::Lexer::shift3): Ditto.
        (JSC::Lexer::shift4): Ditto.
        (JSC::Lexer::setCode): Updated for name change from yylineno to m_line.
        Removed now-unused m_eatNextIdentifier, m_stackToken, and m_restrKeyword.
        Replaced m_skipLF and m_skipCR with m_skipLineEnd. Replaced the old
        m_length with m_codeEnd and m_currentOffset with m_codeStart. Added code
        to scan for a BOM character and call copyCodeWithoutBOMs() if we find any.
        (JSC::Lexer::copyCodeWithoutBOMs): Added.
        (JSC::Lexer::nextLine): Updated for name change from yylineno to m_line.
        (JSC::Lexer::makeIdentifier): Moved up higher in the file.
        (JSC::Lexer::matchPunctuator): Moved up higher in the file and changed to
        use a switch statement instead of just if statements.
        (JSC::Lexer::isLineTerminator): Moved up higher in the file and changed to
        have fewer branches.
        (JSC::Lexer::lastTokenWasRestrKeyword): Added. This replaces the old
        m_restrKeyword boolean.
        (JSC::Lexer::isIdentStart): Moved up higher in the file. Changed to use
        fewer branches in the ASCII but not identifier case.
        (JSC::Lexer::isIdentPart): Ditto.
        (JSC::Lexer::singleEscape): Moved up higher in the file.
        (JSC::Lexer::convertOctal): Moved up higher in the file.
        (JSC::Lexer::convertHex): Moved up higher in the file. Changed to use
        toASCIIHexValue instead of rolling our own here.
        (JSC::Lexer::convertUnicode): Ditto.
        (JSC::Lexer::record8): Moved up higher in the file.
        (JSC::Lexer::record16): Moved up higher in the file.
        (JSC::Lexer::lex): Changed type of stringType to int. Replaced m_skipLF
        and m_skipCR with m_skipLineEnd, which requires fewer branches in the
        main lexer loop. Use currentOffset instead of m_currentOffset. Removed
        unneeded m_stackToken. Use isASCIIDigit instead of isDecimalDigit.
        Split out the two cases for InIdentifierOrKeyword and InIdentifier.
        Added special case tight loops for identifiers and other simple states.
        Removed a branch from the code that sets m_atLineStart to false using goto.
        Streamlined the number-handling code so we don't check for the same types
        twice for non-numeric cases and don't add a null to m_buffer8 when it's
        not being used. Removed m_eatNextIdentifier, which wasn't working anyway,
        and m_restrKeyword, which is redundant with m_lastToken. Set the
        m_delimited flag without using a branch.
        (JSC::Lexer::scanRegExp): Tweaked style a bit.
        (JSC::Lexer::clear): Clear m_codeWithoutBOMs so we don't use memory after
        parsing. Clear out UString objects in the more conventional way.
        (JSC::Lexer::sourceCode): Made this no-longer inline since it has more
        work to do in the case where we stripped BOMs.

        * parser/Lexer.h: Renamed yylineno to m_lineNumber. Removed convertHex
        function, which is the same as toASCIIHexValue. Removed isHexDigit
        function, which is the same as isASCIIHedDigit. Replaced shift with four
        separate shift functions. Removed isWhiteSpace function that passes
        m_current, instead just passing m_current explicitly. Removed isOctalDigit,
        which is the same as isASCIIOctalDigit. Eliminated unused arguments from
        matchPunctuator. Added copyCoodeWithoutBOMs and currentOffset. Moved the
        makeIdentifier function out of the header. Added lastTokenWasRestrKeyword
        function. Added new constants for m_skipLineEnd. Removed unused yycolumn,
        m_restrKeyword, m_skipLF, m_skipCR, m_eatNextIdentifier, m_stackToken,
        m_position, m_length, m_currentOffset, m_nextOffset1, m_nextOffset2,
        m_nextOffset3. Added m_skipLineEnd, m_codeStart, m_codeEnd, and
        m_codeWithoutBOMs.

        * parser/SourceProvider.h: Added hasBOMs function. In the future this can
        be used to tell the lexer about strings known not to have BOMs.

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncUnescape): Changed to use isASCIIHexDigit.

        * wtf/ASCIICType.h: Added using statements to match the design of the
        other WTF headers.

2009-05-02  Ada Chan  <adachan (a] apple.com>

        Fix windows build (when doing a clean build)

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Simplified null-ish JSValues.
        
        Replaced calls to noValue() with calls to JSValue() (which is what
        noValue() returned). Removed noValue().
        
        Replaced almost all uses of jsImpossibleValue() with uses of JSValue().
        Its one remaining use is for construction of hash table deleted values.
        For that specific task, I made a new, private constructor with a special
        tag. Removed jsImpossibleValue().
        
        Removed "JSValue()" initialiazers, since default construction happens...
        by default.

        * API/JSCallbackObjectFunctions.h:
        (JSC::::call):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitLoad):
        * bytecompiler/BytecodeGenerator.h:
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * debugger/DebuggerCallFrame.h:
        (JSC::DebuggerCallFrame::DebuggerCallFrame):
        * interpreter/CallFrame.h:
        (JSC::ExecState::clearException):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveLastCaller):
        * interpreter/Register.h:
        (JSC::Register::Register):
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_call_eval):
        (JSC::JITStubs::cti_vm_throw):
        * profiler/Profiler.cpp:
        (JSC::Profiler::willExecute):
        (JSC::Profiler::didExecute):
        * runtime/ArrayPrototype.cpp:
        (JSC::getProperty):
        * runtime/Completion.cpp:
        (JSC::evaluate):
        * runtime/Completion.h:
        (JSC::Completion::Completion):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::getPrimitiveNumber):
        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::increaseVectorLength):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::sort):
        (JSC::JSArray::compactForSorting):
        * runtime/JSCell.cpp:
        (JSC::JSCell::getJSNumber):
        * runtime/JSCell.h:
        (JSC::JSValue::getJSNumber):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSImmediate.h:
        (JSC::JSImmediate::fromNumberOutsideIntegerRange):
        (JSC::JSImmediate::from):
        * runtime/JSNumberCell.cpp:
        (JSC::jsNumberCell):
        * runtime/JSObject.cpp:
        (JSC::callDefaultValueFunction):
        * runtime/JSObject.h:
        (JSC::JSObject::getDirect):
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::toPrimitive):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::next):
        * runtime/JSValue.h:
        (JSC::JSValue::):
        (JSC::JSValueHashTraits::constructDeletedValue):
        (JSC::JSValueHashTraits::isDeletedValue):
        (JSC::JSValue::JSValue):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::JSWrapperObject):
        * runtime/Operations.h:
        (JSC::resolveBase):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::clearBase):
        (JSC::PropertySlot::clearValue):

2009-05-02  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.

        - speed up the lexer in various ways

        ~2% command-line SunSpider speedup

        * parser/Lexer.cpp:
        (JSC::Lexer::setCode): Moved below shift() so it can inline.
        (JSC::Lexer::scanRegExp):  Use resize(0) instead of clear() on Vectors, since the intent
        here is not to free the underlying buffer.
        (JSC::Lexer::lex): ditto; also, change the loop logic a bit for the main lexing loop
        to avoid branching on !m_done twice per iteration. Now we only check it once.
        (JSC::Lexer::shift): Make this ALWAYS_INLINE and tag an unusual branch as UNLIKELY
        * parser/Lexer.h:
        (JSC::Lexer::makeIdentifier): force to be ALWAYS_INLINE
        * wtf/Vector.h:
        (WTF::::append): force to be ALWAYS_INLINE (may have helped in ways other than parsing but it wasn't
        getting inlined in a hot code path in the lexer)

2009-05-01  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore.make:

2009-05-01  Sam Weinig  <sam (a] webkit.org>

        Fix 64bit build.

        * runtime/JSNumberCell.h:
        (JSC::JSValue::JSValue):
        * runtime/JSValue.h:
        (JSC::jsNumber):

2009-05-01  Sam Weinig  <sam (a] webkit.org>

        Roll out JavaScriptCore API number marshaling.

        * API/APICast.h:
        (toJS):
        (toRef):
        * API/JSBase.cpp:
        (JSEvaluateScript):
        (JSCheckScriptSyntax):
        * API/JSCallbackConstructor.cpp:
        (JSC::constructJSCallback):
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertySlot):
        (JSC::::put):
        (JSC::::deleteProperty):
        (JSC::::construct):
        (JSC::::hasInstance):
        (JSC::::call):
        (JSC::::toNumber):
        (JSC::::toString):
        (JSC::::staticValueGetter):
        (JSC::::callbackGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMakeFunction):
        (JSObjectMakeArray):
        (JSObjectMakeDate):
        (JSObjectMakeError):
        (JSObjectMakeRegExp):
        (JSObjectGetPrototype):
        (JSObjectSetPrototype):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectGetPropertyAtIndex):
        (JSObjectSetPropertyAtIndex):
        (JSObjectDeleteProperty):
        (JSObjectCallAsFunction):
        (JSObjectCallAsConstructor):
        * API/JSValueRef.cpp:
        (JSValueGetType):
        (JSValueIsUndefined):
        (JSValueIsNull):
        (JSValueIsBoolean):
        (JSValueIsNumber):
        (JSValueIsString):
        (JSValueIsObject):
        (JSValueIsObjectOfClass):
        (JSValueIsEqual):
        (JSValueIsStrictEqual):
        (JSValueIsInstanceOfConstructor):
        (JSValueMakeUndefined):
        (JSValueMakeNull):
        (JSValueMakeBoolean):
        (JSValueMakeNumber):
        (JSValueMakeString):
        (JSValueToBoolean):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        (JSValueProtect):
        (JSValueUnprotect):
        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * runtime/JSNumberCell.cpp:
        * runtime/JSNumberCell.h:
        * runtime/JSValue.h:

2009-05-01  Sam Weinig  <sam (a] webkit.org>

        Fix windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-01  Sam Weinig  <sam (a] webkit.org>

        Fix the build.

        * JavaScriptCore.exp:

2009-05-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey "Too Far!" Garen.

        Move JS number construction into JSValue.

        * runtime/JSImmediate.h:
        * runtime/JSNumberCell.h:
        (JSC::JSValue::JSValue):
        * runtime/JSValue.h:
        (JSC::jsNumber):

2009-05-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoff "The Minneapolis" Garen.

        Add mechanism to vend heap allocated JS numbers to JavaScriptCore API clients with a
        representation that is independent of the number representation in the VM.
        - Numbers leaving the interpreter are converted to a tagged JSNumberCell.
        - The numbers coming into the interpreter (asserted to be the tagged JSNumberCell) are
          converted back to the VM's internal number representation.

        * API/APICast.h:
        (toJS):
        (toRef):
        * API/JSBase.cpp:
        (JSEvaluateScript):
        (JSCheckScriptSyntax):
        * API/JSCallbackConstructor.cpp:
        (JSC::constructJSCallback):
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertySlot):
        (JSC::::put):
        (JSC::::deleteProperty):
        (JSC::::construct):
        (JSC::::hasInstance):
        (JSC::::call):
        (JSC::::toNumber):
        (JSC::::toString):
        (JSC::::staticValueGetter):
        (JSC::::callbackGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMakeFunction):
        (JSObjectMakeArray):
        (JSObjectMakeDate):
        (JSObjectMakeError):
        (JSObjectMakeRegExp):
        (JSObjectGetPrototype):
        (JSObjectSetPrototype):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectGetPropertyAtIndex):
        (JSObjectSetPropertyAtIndex):
        (JSObjectDeleteProperty):
        (JSObjectCallAsFunction):
        (JSObjectCallAsConstructor):
        * API/JSValueRef.cpp:
        (JSValueGetType):
        (JSValueIsUndefined):
        (JSValueIsNull):
        (JSValueIsBoolean):
        (JSValueIsNumber):
        (JSValueIsString):
        (JSValueIsObject):
        (JSValueIsObjectOfClass):
        (JSValueIsEqual):
        (JSValueIsStrictEqual):
        (JSValueIsInstanceOfConstructor):
        (JSValueMakeUndefined):
        (JSValueMakeNull):
        (JSValueMakeBoolean):
        (JSValueMakeNumber):
        (JSValueMakeString):
        (JSValueToBoolean):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        (JSValueProtect):
        (JSValueUnprotect):
        * runtime/JSNumberCell.cpp:
        (JSC::jsAPIMangledNumber):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::isAPIMangledNumber):
        (JSC::JSNumberCell::):
        (JSC::JSNumberCell::JSNumberCell):
        (JSC::JSValue::isAPIMangledNumber):
        * runtime/JSValue.h:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix take 6.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix take 5.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix take 4.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix take 3.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix take 2.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Windows build fix take 1.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Rubber Stamped by Sam Weinig.
        
        Renamed JSValuePtr => JSValue.

        * API/APICast.h:
        (toJS):
        (toRef):
        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::asCallbackObject):
        (JSC::::put):
        (JSC::::hasInstance):
        (JSC::::call):
        (JSC::::staticValueGetter):
        (JSC::::staticFunctionGetter):
        (JSC::::callbackGetter):
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor):
        (JSObjectSetPrototype):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectGetPropertyAtIndex):
        (JSObjectSetPropertyAtIndex):
        * API/JSValueRef.cpp:
        (JSValueGetType):
        (JSValueIsUndefined):
        (JSValueIsNull):
        (JSValueIsBoolean):
        (JSValueIsNumber):
        (JSValueIsString):
        (JSValueIsObject):
        (JSValueIsObjectOfClass):
        (JSValueIsEqual):
        (JSValueIsStrictEqual):
        (JSValueIsInstanceOfConstructor):
        (JSValueToBoolean):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        (JSValueProtect):
        (JSValueUnprotect):
        * JavaScriptCore.exp:
        * bytecode/CodeBlock.cpp:
        (JSC::valueToSourceString):
        (JSC::constantName):
        (JSC::CodeBlock::dump):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getConstant):
        (JSC::CodeBlock::addUnexpectedConstant):
        (JSC::CodeBlock::unexpectedConstant):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::addConstant):
        (JSC::BytecodeGenerator::addUnexpectedConstant):
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitGetScopedVar):
        (JSC::BytecodeGenerator::emitPutScopedVar):
        (JSC::BytecodeGenerator::emitNewError):
        (JSC::keyForImmediateSwitch):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::JSValueHashTraits::constructDeletedValue):
        (JSC::BytecodeGenerator::JSValueHashTraits::isDeletedValue):
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/Debugger.h:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::put):
        (JSC::DebuggerActivation::putWithAttributes):
        (JSC::DebuggerActivation::lookupGetter):
        (JSC::DebuggerActivation::lookupSetter):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * debugger/DebuggerCallFrame.h:
        (JSC::DebuggerCallFrame::DebuggerCallFrame):
        (JSC::DebuggerCallFrame::exception):
        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        (JSC::CachedCall::call):
        (JSC::CachedCall::setThis):
        (JSC::CachedCall::setArgument):
        * interpreter/CallFrame.cpp:
        (JSC::CallFrame::thisValue):
        (JSC::CallFrame::dumpCaller):
        * interpreter/CallFrame.h:
        (JSC::ExecState::setException):
        (JSC::ExecState::exception):
        (JSC::ExecState::exceptionSlot):
        * interpreter/CallFrameClosure.h:
        (JSC::CallFrameClosure::setArgument):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::resolveBaseAndFunc):
        (JSC::isNotObject):
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::retrieveLastCaller):
        * interpreter/Interpreter.h:
        * interpreter/Register.h:
        (JSC::Register::):
        (JSC::Register::Register):
        (JSC::Register::jsValue):
        * jit/JIT.cpp:
        (JSC::):
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITCode.h:
        (JSC::):
        (JSC::JITCode::execute):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::getConstantOperand):
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        (JSC::JIT::emitInitRegister):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::tryCachePutByID):
        (JSC::JITStubs::tryCacheGetByID):
        (JSC::JITStubs::cti_op_convert_this):
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_op_loop_if_less):
        (JSC::JITStubs::cti_op_loop_if_lesseq):
        (JSC::JITStubs::cti_op_get_by_id_generic):
        (JSC::JITStubs::cti_op_get_by_id):
        (JSC::JITStubs::cti_op_get_by_id_second):
        (JSC::JITStubs::cti_op_get_by_id_self_fail):
        (JSC::JITStubs::cti_op_get_by_id_proto_list):
        (JSC::JITStubs::cti_op_get_by_id_proto_list_full):
        (JSC::JITStubs::cti_op_get_by_id_proto_fail):
        (JSC::JITStubs::cti_op_get_by_id_array_fail):
        (JSC::JITStubs::cti_op_get_by_id_string_fail):
        (JSC::JITStubs::cti_op_instanceof):
        (JSC::JITStubs::cti_op_del_by_id):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_call_NotJSFunction):
        (JSC::JITStubs::cti_op_resolve):
        (JSC::JITStubs::cti_op_construct_NotJSConstruct):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_resolve_func):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_lesseq):
        (JSC::JITStubs::cti_op_loop_if_true):
        (JSC::JITStubs::cti_op_load_varargs):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_resolve_base):
        (JSC::JITStubs::cti_op_resolve_skip):
        (JSC::JITStubs::cti_op_resolve_global):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_jless):
        (JSC::JITStubs::cti_op_not):
        (JSC::JITStubs::cti_op_jtrue):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_resolve_with_base):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_less):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_post_dec):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_call_eval):
        (JSC::JITStubs::cti_op_throw):
        (JSC::JITStubs::cti_op_next_pname):
        (JSC::JITStubs::cti_op_typeof):
        (JSC::JITStubs::cti_op_is_undefined):
        (JSC::JITStubs::cti_op_is_boolean):
        (JSC::JITStubs::cti_op_is_number):
        (JSC::JITStubs::cti_op_is_string):
        (JSC::JITStubs::cti_op_is_object):
        (JSC::JITStubs::cti_op_is_function):
        (JSC::JITStubs::cti_op_stricteq):
        (JSC::JITStubs::cti_op_nstricteq):
        (JSC::JITStubs::cti_op_to_jsnumber):
        (JSC::JITStubs::cti_op_in):
        (JSC::JITStubs::cti_op_switch_imm):
        (JSC::JITStubs::cti_op_switch_char):
        (JSC::JITStubs::cti_op_switch_string):
        (JSC::JITStubs::cti_op_del_by_val):
        (JSC::JITStubs::cti_op_new_error):
        (JSC::JITStubs::cti_vm_throw):
        * jit/JITStubs.h:
        * jsc.cpp:
        (functionPrint):
        (functionDebug):
        (functionGC):
        (functionVersion):
        (functionRun):
        (functionLoad):
        (functionSetSamplingFlag):
        (functionClearSamplingFlag):
        (functionReadline):
        (functionQuit):
        * parser/Nodes.cpp:
        (JSC::processClauseList):
        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::addParentForConsoleStart):
        * profiler/Profiler.cpp:
        (JSC::Profiler::willExecute):
        (JSC::Profiler::didExecute):
        (JSC::Profiler::createCallIdentifier):
        * profiler/Profiler.h:
        * runtime/ArgList.cpp:
        (JSC::MarkedArgumentBuffer::slowAppend):
        * runtime/ArgList.h:
        (JSC::MarkedArgumentBuffer::at):
        (JSC::MarkedArgumentBuffer::append):
        (JSC::ArgList::ArgList):
        (JSC::ArgList::at):
        * runtime/Arguments.cpp:
        (JSC::Arguments::put):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        (JSC::asArguments):
        * runtime/ArrayConstructor.cpp:
        (JSC::callArrayConstructor):
        * runtime/ArrayPrototype.cpp:
        (JSC::getProperty):
        (JSC::putProperty):
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        (JSC::arrayProtoFuncConcat):
        (JSC::arrayProtoFuncPop):
        (JSC::arrayProtoFuncPush):
        (JSC::arrayProtoFuncReverse):
        (JSC::arrayProtoFuncShift):
        (JSC::arrayProtoFuncSlice):
        (JSC::arrayProtoFuncSort):
        (JSC::arrayProtoFuncSplice):
        (JSC::arrayProtoFuncUnShift):
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):
        (JSC::arrayProtoFuncReduce):
        (JSC::arrayProtoFuncReduceRight):
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/BooleanConstructor.cpp:
        (JSC::callBooleanConstructor):
        (JSC::constructBooleanFromImmediateBoolean):
        * runtime/BooleanConstructor.h:
        * runtime/BooleanObject.h:
        (JSC::asBooleanObject):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString):
        (JSC::booleanProtoFuncValueOf):
        * runtime/CallData.cpp:
        (JSC::call):
        * runtime/CallData.h:
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::heap):
        * runtime/Collector.h:
        * runtime/Completion.cpp:
        (JSC::evaluate):
        * runtime/Completion.h:
        (JSC::Completion::Completion):
        (JSC::Completion::value):
        (JSC::Completion::setValue):
        * runtime/ConstructData.cpp:
        (JSC::construct):
        * runtime/ConstructData.h:
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        (JSC::callDate):
        (JSC::dateParse):
        (JSC::dateNow):
        (JSC::dateUTC):
        * runtime/DateInstance.h:
        (JSC::asDateInstance):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetMilliSeconds):
        (JSC::dateProtoFuncGetUTCMilliseconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetMilliSeconds):
        (JSC::dateProtoFuncSetUTCMilliseconds):
        (JSC::dateProtoFuncSetSeconds):
        (JSC::dateProtoFuncSetUTCSeconds):
        (JSC::dateProtoFuncSetMinutes):
        (JSC::dateProtoFuncSetUTCMinutes):
        (JSC::dateProtoFuncSetHours):
        (JSC::dateProtoFuncSetUTCHours):
        (JSC::dateProtoFuncSetDate):
        (JSC::dateProtoFuncSetUTCDate):
        (JSC::dateProtoFuncSetMonth):
        (JSC::dateProtoFuncSetUTCMonth):
        (JSC::dateProtoFuncSetFullYear):
        (JSC::dateProtoFuncSetUTCFullYear):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/ErrorConstructor.cpp:
        (JSC::callErrorConstructor):
        * runtime/ErrorPrototype.cpp:
        (JSC::errorProtoFuncToString):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createInterruptedExecutionException):
        (JSC::createError):
        (JSC::createStackOverflowError):
        (JSC::createUndefinedVariableError):
        (JSC::createErrorMessage):
        (JSC::createInvalidParamError):
        (JSC::createNotAConstructorError):
        (JSC::createNotAFunctionError):
        * runtime/ExceptionHelpers.h:
        * runtime/FunctionConstructor.cpp:
        (JSC::callFunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::callFunctionPrototype):
        (JSC::functionProtoFuncToString):
        (JSC::functionProtoFuncApply):
        (JSC::functionProtoFuncCall):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::toPrimitive):
        (JSC::GetterSetter::getPrimitiveNumber):
        * runtime/GetterSetter.h:
        (JSC::asGetterSetter):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::displayName):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        (JSC::asInternalFunction):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::getOwnPropertySlot):
        (JSC::JSActivation::put):
        (JSC::JSActivation::putWithAttributes):
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        (JSC::asActivation):
        * runtime/JSArray.cpp:
        (JSC::storageSize):
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::mark):
        (JSC::compareNumbersForQSort):
        (JSC::JSArray::sortNumeric):
        (JSC::JSArray::sort):
        (JSC::JSArray::compactForSorting):
        (JSC::JSArray::checkConsistency):
        (JSC::constructArray):
        * runtime/JSArray.h:
        (JSC::JSArray::getIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::createStructure):
        (JSC::asArray):
        (JSC::isJSArray):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        (JSC::JSByteArray::put):
        * runtime/JSByteArray.h:
        (JSC::JSByteArray::getIndex):
        (JSC::JSByteArray::setIndex):
        (JSC::asByteArray):
        (JSC::isJSByteArray):
        * runtime/JSCell.cpp:
        (JSC::JSCell::put):
        (JSC::JSCell::getJSNumber):
        * runtime/JSCell.h:
        (JSC::asCell):
        (JSC::JSValue::asCell):
        (JSC::JSValue::isString):
        (JSC::JSValue::isGetterSetter):
        (JSC::JSValue::isObject):
        (JSC::JSValue::getString):
        (JSC::JSValue::getObject):
        (JSC::JSValue::getCallData):
        (JSC::JSValue::getConstructData):
        (JSC::JSValue::getUInt32):
        (JSC::JSValue::getTruncatedInt32):
        (JSC::JSValue::getTruncatedUInt32):
        (JSC::JSValue::mark):
        (JSC::JSValue::marked):
        (JSC::JSValue::toPrimitive):
        (JSC::JSValue::getPrimitiveNumber):
        (JSC::JSValue::toBoolean):
        (JSC::JSValue::toNumber):
        (JSC::JSValue::toString):
        (JSC::JSValue::toObject):
        (JSC::JSValue::toThisObject):
        (JSC::JSValue::needsThisConversion):
        (JSC::JSValue::toThisString):
        (JSC::JSValue::getJSNumber):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::call):
        (JSC::JSFunction::argumentsGetter):
        (JSC::JSFunction::callerGetter):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getOwnPropertySlot):
        (JSC::JSFunction::put):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        (JSC::asFunction):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::put):
        (JSC::JSGlobalObject::putWithAttributes):
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::resetPrototype):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        (JSC::JSGlobalObject::GlobalPropertyInfo::GlobalPropertyInfo):
        (JSC::asGlobalObject):
        (JSC::Structure::prototypeForLookup):
        (JSC::Structure::prototypeChain):
        (JSC::Structure::isValid):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEval):
        (JSC::globalFuncParseInt):
        (JSC::globalFuncParseFloat):
        (JSC::globalFuncIsNaN):
        (JSC::globalFuncIsFinite):
        (JSC::globalFuncDecodeURI):
        (JSC::globalFuncDecodeURIComponent):
        (JSC::globalFuncEncodeURI):
        (JSC::globalFuncEncodeURIComponent):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        (JSC::globalFuncJSCPrint):
        * runtime/JSGlobalObjectFunctions.h:
        * runtime/JSImmediate.cpp:
        (JSC::JSImmediate::toThisObject):
        (JSC::JSImmediate::toObject):
        (JSC::JSImmediate::prototype):
        (JSC::JSImmediate::toString):
        * runtime/JSImmediate.h:
        (JSC::JSImmediate::isImmediate):
        (JSC::JSImmediate::isNumber):
        (JSC::JSImmediate::isIntegerNumber):
        (JSC::JSImmediate::isDoubleNumber):
        (JSC::JSImmediate::isPositiveIntegerNumber):
        (JSC::JSImmediate::isBoolean):
        (JSC::JSImmediate::isUndefinedOrNull):
        (JSC::JSImmediate::isEitherImmediate):
        (JSC::JSImmediate::areBothImmediate):
        (JSC::JSImmediate::areBothImmediateIntegerNumbers):
        (JSC::JSImmediate::makeValue):
        (JSC::JSImmediate::makeInt):
        (JSC::JSImmediate::makeDouble):
        (JSC::JSImmediate::makeBool):
        (JSC::JSImmediate::makeUndefined):
        (JSC::JSImmediate::makeNull):
        (JSC::JSImmediate::doubleValue):
        (JSC::JSImmediate::intValue):
        (JSC::JSImmediate::uintValue):
        (JSC::JSImmediate::boolValue):
        (JSC::JSImmediate::rawValue):
        (JSC::JSImmediate::trueImmediate):
        (JSC::JSImmediate::falseImmediate):
        (JSC::JSImmediate::undefinedImmediate):
        (JSC::JSImmediate::nullImmediate):
        (JSC::JSImmediate::zeroImmediate):
        (JSC::JSImmediate::oneImmediate):
        (JSC::JSImmediate::impossibleValue):
        (JSC::JSImmediate::toBoolean):
        (JSC::JSImmediate::getTruncatedUInt32):
        (JSC::JSImmediate::fromNumberOutsideIntegerRange):
        (JSC::JSImmediate::from):
        (JSC::JSImmediate::getTruncatedInt32):
        (JSC::JSImmediate::toDouble):
        (JSC::JSImmediate::getUInt32):
        (JSC::JSValue::JSValue):
        (JSC::JSValue::isUndefinedOrNull):
        (JSC::JSValue::isBoolean):
        (JSC::JSValue::getBoolean):
        (JSC::JSValue::toInt32):
        (JSC::JSValue::toUInt32):
        (JSC::JSValue::isCell):
        (JSC::JSValue::isInt32Fast):
        (JSC::JSValue::getInt32Fast):
        (JSC::JSValue::isUInt32Fast):
        (JSC::JSValue::getUInt32Fast):
        (JSC::JSValue::makeInt32Fast):
        (JSC::JSValue::areBothInt32Fast):
        (JSC::JSFastMath::canDoFastBitwiseOperations):
        (JSC::JSFastMath::equal):
        (JSC::JSFastMath::notEqual):
        (JSC::JSFastMath::andImmediateNumbers):
        (JSC::JSFastMath::xorImmediateNumbers):
        (JSC::JSFastMath::orImmediateNumbers):
        (JSC::JSFastMath::canDoFastRshift):
        (JSC::JSFastMath::canDoFastUrshift):
        (JSC::JSFastMath::rightShiftImmediateNumbers):
        (JSC::JSFastMath::canDoFastAdditiveOperations):
        (JSC::JSFastMath::addImmediateNumbers):
        (JSC::JSFastMath::subImmediateNumbers):
        (JSC::JSFastMath::incImmediateNumber):
        (JSC::JSFastMath::decImmediateNumber):
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::toPrimitive):
        (JSC::JSNotAnObject::getPrimitiveNumber):
        (JSC::JSNotAnObject::put):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSNumberCell.cpp:
        (JSC::JSNumberCell::toPrimitive):
        (JSC::JSNumberCell::getPrimitiveNumber):
        (JSC::JSNumberCell::getJSNumber):
        (JSC::jsNumberCell):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        (JSC::isNumberCell):
        (JSC::asNumberCell):
        (JSC::jsNumber):
        (JSC::JSValue::isDoubleNumber):
        (JSC::JSValue::getDoubleNumber):
        (JSC::JSValue::isNumber):
        (JSC::JSValue::uncheckedGetNumber):
        (JSC::jsNaN):
        (JSC::JSValue::toJSNumber):
        (JSC::JSValue::getNumber):
        (JSC::JSValue::numberToInt32):
        (JSC::JSValue::numberToUInt32):
        * runtime/JSObject.cpp:
        (JSC::JSObject::mark):
        (JSC::JSObject::put):
        (JSC::JSObject::putWithAttributes):
        (JSC::callDefaultValueFunction):
        (JSC::JSObject::getPrimitiveNumber):
        (JSC::JSObject::defaultValue):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::lookupGetter):
        (JSC::JSObject::lookupSetter):
        (JSC::JSObject::hasInstance):
        (JSC::JSObject::toNumber):
        (JSC::JSObject::toString):
        (JSC::JSObject::fillGetterPropertySlot):
        * runtime/JSObject.h:
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::offsetForLocation):
        (JSC::JSObject::locationForOffset):
        (JSC::JSObject::getDirectOffset):
        (JSC::JSObject::putDirectOffset):
        (JSC::JSObject::createStructure):
        (JSC::asObject):
        (JSC::JSObject::prototype):
        (JSC::JSObject::setPrototype):
        (JSC::JSValue::isObject):
        (JSC::JSObject::inlineGetOwnPropertySlot):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSObject::getPropertySlot):
        (JSC::JSObject::get):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::toPrimitive):
        (JSC::JSValue::get):
        (JSC::JSValue::put):
        (JSC::JSObject::allocatePropertyStorageInline):
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::toPrimitive):
        (JSC::JSPropertyNameIterator::getPrimitiveNumber):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::create):
        (JSC::JSPropertyNameIterator::next):
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::put):
        (JSC::JSStaticScopeObject::putWithAttributes):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::JSStaticScopeObject):
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSString.cpp:
        (JSC::JSString::toPrimitive):
        (JSC::JSString::getPrimitiveNumber):
        (JSC::JSString::getOwnPropertySlot):
        * runtime/JSString.h:
        (JSC::JSString::createStructure):
        (JSC::asString):
        (JSC::isJSString):
        (JSC::JSValue::toThisJSString):
        * runtime/JSValue.cpp:
        (JSC::JSValue::toInteger):
        (JSC::JSValue::toIntegerPreserveNaN):
        * runtime/JSValue.h:
        (JSC::JSValue::makeImmediate):
        (JSC::JSValue::asValue):
        (JSC::noValue):
        (JSC::jsImpossibleValue):
        (JSC::jsNull):
        (JSC::jsUndefined):
        (JSC::jsBoolean):
        (JSC::operator==):
        (JSC::operator!=):
        (JSC::JSValue::encode):
        (JSC::JSValue::decode):
        (JSC::JSValue::JSValue):
        (JSC::JSValue::operator bool):
        (JSC::JSValue::operator==):
        (JSC::JSValue::operator!=):
        (JSC::JSValue::isUndefined):
        (JSC::JSValue::isNull):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::symbolTablePut):
        (JSC::JSVariableObject::symbolTablePutWithAttributes):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::internalValue):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::lookupPut):
        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncAbs):
        (JSC::mathProtoFuncACos):
        (JSC::mathProtoFuncASin):
        (JSC::mathProtoFuncATan):
        (JSC::mathProtoFuncATan2):
        (JSC::mathProtoFuncCeil):
        (JSC::mathProtoFuncCos):
        (JSC::mathProtoFuncExp):
        (JSC::mathProtoFuncFloor):
        (JSC::mathProtoFuncLog):
        (JSC::mathProtoFuncMax):
        (JSC::mathProtoFuncMin):
        (JSC::mathProtoFuncPow):
        (JSC::mathProtoFuncRandom):
        (JSC::mathProtoFuncRound):
        (JSC::mathProtoFuncSin):
        (JSC::mathProtoFuncSqrt):
        (JSC::mathProtoFuncTan):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::callNativeErrorConstructor):
        * runtime/NumberConstructor.cpp:
        (JSC::numberConstructorNaNValue):
        (JSC::numberConstructorNegInfinity):
        (JSC::numberConstructorPosInfinity):
        (JSC::numberConstructorMaxValue):
        (JSC::numberConstructorMinValue):
        (JSC::callNumberConstructor):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.cpp:
        (JSC::NumberObject::getJSNumber):
        (JSC::constructNumber):
        * runtime/NumberObject.h:
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString):
        (JSC::numberProtoFuncToLocaleString):
        (JSC::numberProtoFuncValueOf):
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToExponential):
        (JSC::numberProtoFuncToPrecision):
        * runtime/ObjectConstructor.cpp:
        (JSC::constructObject):
        (JSC::callObjectConstructor):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncValueOf):
        (JSC::objectProtoFuncHasOwnProperty):
        (JSC::objectProtoFuncIsPrototypeOf):
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        (JSC::objectProtoFuncLookupGetter):
        (JSC::objectProtoFuncLookupSetter):
        (JSC::objectProtoFuncPropertyIsEnumerable):
        (JSC::objectProtoFuncToLocaleString):
        (JSC::objectProtoFuncToString):
        * runtime/ObjectPrototype.h:
        * runtime/Operations.cpp:
        (JSC::JSValue::equalSlowCase):
        (JSC::JSValue::strictEqualSlowCase):
        (JSC::throwOutOfMemoryError):
        (JSC::jsAddSlowCase):
        (JSC::jsTypeStringForValue):
        (JSC::jsIsObjectType):
        (JSC::jsIsFunctionType):
        * runtime/Operations.h:
        (JSC::JSValue::equal):
        (JSC::JSValue::equalSlowCaseInline):
        (JSC::JSValue::strictEqual):
        (JSC::JSValue::strictEqualSlowCaseInline):
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAdd):
        (JSC::countPrototypeChainEntriesAndCheckForProxies):
        (JSC::resolveBase):
        * runtime/PropertySlot.cpp:
        (JSC::PropertySlot::functionGetter):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::PropertySlot):
        (JSC::PropertySlot::getValue):
        (JSC::PropertySlot::putValue):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setValue):
        (JSC::PropertySlot::setCustom):
        (JSC::PropertySlot::setCustomIndex):
        (JSC::PropertySlot::slotBase):
        (JSC::PropertySlot::setBase):
        (JSC::PropertySlot::):
        * runtime/Protect.h:
        (JSC::gcProtect):
        (JSC::gcUnprotect):
        (JSC::ProtectedPtr::operator JSValue):
        (JSC::ProtectedJSValue::ProtectedJSValue):
        (JSC::ProtectedJSValue::get):
        (JSC::ProtectedJSValue::operator JSValue):
        (JSC::ProtectedJSValue::operator->):
        (JSC::ProtectedJSValue::~ProtectedJSValue):
        (JSC::ProtectedJSValue::operator=):
        (JSC::operator==):
        (JSC::operator!=):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::getBackref):
        (JSC::RegExpConstructor::getLastParen):
        (JSC::RegExpConstructor::getLeftContext):
        (JSC::RegExpConstructor::getRightContext):
        (JSC::regExpConstructorDollar1):
        (JSC::regExpConstructorDollar2):
        (JSC::regExpConstructorDollar3):
        (JSC::regExpConstructorDollar4):
        (JSC::regExpConstructorDollar5):
        (JSC::regExpConstructorDollar6):
        (JSC::regExpConstructorDollar7):
        (JSC::regExpConstructorDollar8):
        (JSC::regExpConstructorDollar9):
        (JSC::regExpConstructorInput):
        (JSC::regExpConstructorMultiline):
        (JSC::regExpConstructorLastMatch):
        (JSC::regExpConstructorLastParen):
        (JSC::regExpConstructorLeftContext):
        (JSC::regExpConstructorRightContext):
        (JSC::RegExpConstructor::put):
        (JSC::setRegExpConstructorInput):
        (JSC::setRegExpConstructorMultiline):
        (JSC::constructRegExp):
        (JSC::callRegExpConstructor):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        (JSC::asRegExpConstructor):
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::put):
        * runtime/RegExpObject.cpp:
        (JSC::regExpObjectGlobal):
        (JSC::regExpObjectIgnoreCase):
        (JSC::regExpObjectMultiline):
        (JSC::regExpObjectSource):
        (JSC::regExpObjectLastIndex):
        (JSC::RegExpObject::put):
        (JSC::setRegExpObjectLastIndex):
        (JSC::RegExpObject::test):
        (JSC::RegExpObject::exec):
        (JSC::callRegExpObject):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        (JSC::asRegExpObject):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest):
        (JSC::regExpProtoFuncExec):
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        (JSC::stringFromCharCode):
        (JSC::callStringConstructor):
        * runtime/StringObject.cpp:
        (JSC::StringObject::put):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        (JSC::asStringObject):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToString):
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncConcat):
        (JSC::stringProtoFuncIndexOf):
        (JSC::stringProtoFuncLastIndexOf):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSlice):
        (JSC::stringProtoFuncSplit):
        (JSC::stringProtoFuncSubstr):
        (JSC::stringProtoFuncSubstring):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):
        (JSC::stringProtoFuncLocaleCompare):
        (JSC::stringProtoFuncBig):
        (JSC::stringProtoFuncSmall):
        (JSC::stringProtoFuncBlink):
        (JSC::stringProtoFuncBold):
        (JSC::stringProtoFuncFixed):
        (JSC::stringProtoFuncItalics):
        (JSC::stringProtoFuncStrike):
        (JSC::stringProtoFuncSub):
        (JSC::stringProtoFuncSup):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):
        (JSC::stringProtoFuncLink):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::changePrototypeTransition):
        * runtime/Structure.h:
        (JSC::Structure::create):
        (JSC::Structure::setPrototypeWithoutTransition):
        (JSC::Structure::storedPrototype):

2009-05-01  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam "That doesn't look like what I thought it looks like" Weinig.
        
        Beefed up the JSValuePtr class and removed some non-JSValuePtr dependencies
        on JSImmediate, in prepapration for making JSImmediate an implementation
        detail of JSValuePtr.
        
        SunSpider reports no change.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_mod):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt): Updated for interface changes.

        * runtime/JSImmediate.h:
        (JSC::JSValuePtr::JSValuePtr):
        * runtime/JSValue.h:
        (JSC::JSValuePtr::):
        (JSC::jsImpossibleValue):
        (JSC::jsNull):
        (JSC::jsUndefined):
        (JSC::jsBoolean):
        (JSC::JSValuePtr::encode):
        (JSC::JSValuePtr::decode):
        (JSC::JSValuePtr::JSValuePtr):
        (JSC::JSValuePtr::operator bool):
        (JSC::JSValuePtr::operator==):
        (JSC::JSValuePtr::operator!=):
        (JSC::JSValuePtr::isUndefined):
        (JSC::JSValuePtr::isNull): Changed jsImpossibleValue(), jsNull(),
        jsUndefined(), and jsBoolean() to operate in terms of JSValuePtr instead
        of JSImmediate.

        * wtf/StdLibExtras.h:
        (WTF::bitwise_cast): Fixed up for clarity.

2009-04-30  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Bug fix for rdar:/6845379.  If a case-insensitive regex contains
        a character class containing a range with an upper bound of \uFFFF
        the parser will infinite-loop whist adding other-case characters
        for characters in the range that do have another case.

        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::CharacterClassConstructor::putRange):

2009-04-30  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        OPCODE_SAMPLING without CODEBLOCK_SAMPLING is currently broken,
        since SamplingTool::Sample::isNull() checks the m_codeBlock
        member (which is always null without CODEBLOCK_SAMPLING).

        Restructure the checks so make this work again.

        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::doRun):
        * bytecode/SamplingTool.h:
        (JSC::SamplingTool::Sample::isNull):

2009-04-30  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Gavin Barraclough.

        - Concatenate final three strings in simple replace case at one go

        ~0.2% SunSpider speedup

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace): Use new replaceRange helper instead of
        taking substrings and concatenating three strings.
        * runtime/UString.cpp:
        (JSC::UString::replaceRange): New helper function.
        * runtime/UString.h:

2009-04-30  Geoffrey Garen  <ggaren (a] apple.com>

        Rubber Stamped by Gavin Barraclough.
        
        Changed JSValueEncodedAsPtr* => EncodedJSValuePtr to support a non-pointer
        encoding for JSValuePtrs.

        * API/APICast.h:
        (toJS):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::JSValueHashTraits::constructDeletedValue):
        (JSC::BytecodeGenerator::JSValueHashTraits::isDeletedValue):
        * interpreter/Register.h:
        (JSC::Register::):
        * jit/JIT.cpp:
        (JSC::):
        * jit/JIT.h:
        * jit/JITCode.h:
        (JSC::):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_op_get_by_id_generic):
        (JSC::JITStubs::cti_op_get_by_id):
        (JSC::JITStubs::cti_op_get_by_id_second):
        (JSC::JITStubs::cti_op_get_by_id_self_fail):
        (JSC::JITStubs::cti_op_get_by_id_proto_list):
        (JSC::JITStubs::cti_op_get_by_id_proto_list_full):
        (JSC::JITStubs::cti_op_get_by_id_proto_fail):
        (JSC::JITStubs::cti_op_get_by_id_array_fail):
        (JSC::JITStubs::cti_op_get_by_id_string_fail):
        (JSC::JITStubs::cti_op_instanceof):
        (JSC::JITStubs::cti_op_del_by_id):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_call_NotJSFunction):
        (JSC::JITStubs::cti_op_resolve):
        (JSC::JITStubs::cti_op_construct_NotJSConstruct):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_lesseq):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_resolve_base):
        (JSC::JITStubs::cti_op_resolve_skip):
        (JSC::JITStubs::cti_op_resolve_global):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_not):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_less):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_call_eval):
        (JSC::JITStubs::cti_op_throw):
        (JSC::JITStubs::cti_op_next_pname):
        (JSC::JITStubs::cti_op_typeof):
        (JSC::JITStubs::cti_op_is_undefined):
        (JSC::JITStubs::cti_op_is_boolean):
        (JSC::JITStubs::cti_op_is_number):
        (JSC::JITStubs::cti_op_is_string):
        (JSC::JITStubs::cti_op_is_object):
        (JSC::JITStubs::cti_op_is_function):
        (JSC::JITStubs::cti_op_stricteq):
        (JSC::JITStubs::cti_op_nstricteq):
        (JSC::JITStubs::cti_op_to_jsnumber):
        (JSC::JITStubs::cti_op_in):
        (JSC::JITStubs::cti_op_del_by_val):
        (JSC::JITStubs::cti_vm_throw):
        * jit/JITStubs.h:
        * runtime/JSValue.h:
        (JSC::JSValuePtr::encode):
        (JSC::JSValuePtr::decode):

2009-04-30  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver "Abandon Ship!" Hunt.

        Fix a leak in Yarr.

        All Disjunctions should be recorded in RegexPattern::m_disjunctions,
        so that they can be freed at the end of compilation - copyDisjunction
        is failing to do so.

        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::RegexPatternConstructor::copyDisjunction):

2009-04-30  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Add function to CallFrame for dumping the current JS caller

        Added debug only method CallFrame::dumpCaller() that provide the call location
        of the deepest currently executing JS function.

        * interpreter/CallFrame.cpp:
        (JSC::CallFrame::dumpCaller):
        * interpreter/CallFrame.h:

2009-04-30  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Geoff Garen.

        - make BaseStrings have themselves as a base, instead of nothing, to remove common branches

        ~0.7% SunSpider speedup

        * runtime/UString.h:
        (JSC::UString::Rep::Rep): For the constructor without a base, set self as base instead of null.
        (JSC::UString::Rep::baseString): Just read m_baseString - no more branching.

2009-04-30  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Two quick improvements to SamplingFlags mechanism.

        SamplingFlags::ScopedFlag class to provide support for automagically
        clearing a flag as it goes out of scope, and add a little more detail
        to the output generated by the tool.

        * bytecode/SamplingTool.cpp:
        (JSC::SamplingFlags::stop):
        * bytecode/SamplingTool.h:
        (JSC::SamplingFlags::ScopedFlag::ScopedFlag):
        (JSC::SamplingFlags::ScopedFlag::~ScopedFlag):

2009-04-30  Adam Roben  <aroben (a] apple.com>

        Restore build event steps that were truncated in r43082

        Rubber-stamped by Steve Falkenburg.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:
        Re-copied the command lines for the build events from the pre-r43082
        .vcproj files.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Removed an unnecessary
        attribute.

2009-04-30  Adam Roben  <aroben (a] apple.com>

        Move settings from .vcproj files to .vsprops files within the
        JavaScriptCore directory

        Moving the settings to a .vsprops file means that we will only have to
        change a single setting to affect all configurations, instead of one
        setting per configuration.

        Reviewed by Steve Falkenburg.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        Moved settings from these files to the new .vsprops files. Note that
        testapi.vcproj had a lot of overrides of default settings that were
        the same as the defaults, which I've removed.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Added.
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops: Added.
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Added.
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops: Added.

2009-04-30  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Timothy Hatcher.

        https://bugs.webkit.org/show_bug.cgi?id=25470
        Extend the cover of ENABLE_JAVASCRIPT_DEBUGGER to profiler.

        * Configurations/FeatureDefines.xcconfig: Added ENABLE_JAVASCRIPT_DEBUGGER define.

2009-04-30  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        - speed up string concatenation by reorganizing some simple cases

        0.7% SunSpider speedup

        * runtime/UString.cpp:
        (JSC::concatenate): Put fast case for appending a single character
        before the empty string special cases; streamline code a bit to
        delay computing values that are not needed in the fast path.

2009-04-30  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Add SamplingFlags mechanism.

        This mechanism allows fine-grained JSC and JavaScript program aware
        performance measurement.  The mechanism provides a set of 32 flags,
        numbered #1..#32.  Flag #16 is initially set, and all other flags
        are cleared.  Flags may be set and cleared from within

        Enable by setting ENABLE_SAMPLING_FLAGS to 1 in wtf/Platform.h.
        Disabled by default, no performance impact.  Flags may be modified
        by calling SamplingFlags::setFlag() and SamplingFlags::clearFlag()
        from within JSC implementation, or by calling setSamplingFlag() and
        clearSamplingFlag() from JavaScript.

        The flags are sampled with a frequency of 10000Hz, and the highest
        set flag in recorded, allowing multiple events to be measured (with
        the highest flag number representing the highest priority).

        Disabled by default; no performance impact.

        * JavaScriptCore.exp:
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingFlags::sample):
        (JSC::SamplingFlags::start):
        (JSC::SamplingFlags::stop):
        (JSC::SamplingThread::threadStartFunc):
        (JSC::SamplingThread::start):
        (JSC::SamplingThread::stop):
        (JSC::ScopeSampleRecord::sample):
        (JSC::SamplingTool::doRun):
        (JSC::SamplingTool::sample):
        (JSC::SamplingTool::start):
        (JSC::SamplingTool::stop):
        * bytecode/SamplingTool.h:
        (JSC::SamplingFlags::setFlag):
        (JSC::SamplingFlags::clearFlag):
        (JSC::SamplingTool::SamplingTool):
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        (functionSetSamplingFlag):
        (functionClearSamplingFlag):
        (runWithScripts):
        * wtf/Platform.h:

2009-04-29  Sam Weinig  <sam (a] webkit.org>

        Another attempt to fix the windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-04-29  Sam Weinig  <sam (a] webkit.org>

        Try and fix the windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-04-29  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver "Peg-Leg" Hunt.

        Coallesce input checking and reduce futzing with the index position
        between alternatives and iterations of the main loop of a regex,
        when run in YARR.

        Consider the following regex:  /foo|bar/
        
        Prior to this patch, this will be implemented something like this pseudo-code description:
        
        loop:
            check_for_available_input(3) // this increments the index by 3, for the first alterantive.
                if (available) { test "foo" }
            decrement_index(3)
            check_for_available_input(3) // this increments the index by 3, for the second alterantive.
                if (available) { test "bar" }
            decrement_index(3)
            check_for_available_input(1) // can we loop again?
                if (available) { goto loop }

        With these changes it will look more like this:

            check_for_available_input(3) // this increments the index by 3, for the first alterantive.
            if (!available) { goto fail }
        loop:
            test "foo"
            test "bar"
            check_for_available_input(1) // can we loop again?
                if (available) { goto loop }
        fail:


        This gives about a 5% gain on v8-regex, no change on Sunspider.

        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::TermGenerationState::linkAlternativeBacktracksTo):
        (JSC::Yarr::RegexGenerator::generateDisjunction):

2009-04-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Clean up ArgList to be a trivial type

        Separate out old ArgList logic to handle buffering and marking arguments
        into a distinct MarkedArgumentBuffer type.  ArgList becomes a trivial
        struct of a pointer and length.

        * API/JSObjectRef.cpp:
        (JSObjectMakeFunction):
        (JSObjectMakeArray):
        (JSObjectMakeDate):
        (JSObjectMakeError):
        (JSObjectMakeRegExp):
        (JSObjectCallAsFunction):
        (JSObjectCallAsConstructor):
        * JavaScriptCore.exp:
        * interpreter/CallFrame.h:
        (JSC::ExecState::emptyList):
        * runtime/ArgList.cpp:
        (JSC::ArgList::getSlice):
        (JSC::MarkedArgumentBuffer::markLists):
        (JSC::MarkedArgumentBuffer::slowAppend):
        * runtime/ArgList.h:
        (JSC::MarkedArgumentBuffer::MarkedArgumentBuffer):
        (JSC::MarkedArgumentBuffer::~MarkedArgumentBuffer):
        (JSC::ArgList::ArgList):
        (JSC::ArgList::at):
        (JSC::ArgList::isEmpty):
        (JSC::ArgList::size):
        (JSC::ArgList::begin):
        (JSC::ArgList::end):
        * runtime/Arguments.cpp:
        (JSC::Arguments::fillArgList):
        * runtime/Arguments.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncConcat):
        (JSC::arrayProtoFuncPush):
        (JSC::arrayProtoFuncSort):
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):
        (JSC::arrayProtoFuncReduce):
        (JSC::arrayProtoFuncReduceRight):
        * runtime/Collector.cpp:
        (JSC::Heap::collect):
        * runtime/Collector.h:
        (JSC::Heap::markListSet):
        * runtime/CommonIdentifiers.h:
        * runtime/Error.cpp:
        (JSC::Error::create):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::AVLTreeAbstractorForArrayCompare::compare_key_key):
        (JSC::JSArray::fillArgList):
        (JSC::constructArray):
        * runtime/JSArray.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::put):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncConcat):
        (JSC::stringProtoFuncMatch):

2009-04-29  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=25334

        Fix Qt build when ENABLE_JIT is explicitly set to 1
        to overrule defaults.

        * JavaScriptCore.pri:

2009-04-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Steve Falkenburg.

        Crash in profiler due to incorrect assuming displayName would be a string.

        Fixed by adding a type guard.

        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::displayName):

2009-04-28  Geoffrey Garen  <ggaren (a] apple.com>

        Rubber stamped by Beth Dakin.
        
        Removed scaffolding supporting dynamically converting between 32bit and
        64bit value representations. 

        * API/JSCallbackConstructor.cpp:
        (JSC::constructJSCallback):
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::construct):
        (JSC::::call):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getConstant):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitEqualityOp):
        * interpreter/CallFrame.cpp:
        (JSC::CallFrame::thisValue):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * interpreter/Register.h:
        (JSC::Register::):
        (JSC::Register::Register):
        (JSC::Register::jsValue):
        (JSC::Register::marked):
        (JSC::Register::mark):
        (JSC::Register::i):
        (JSC::Register::activation):
        (JSC::Register::arguments):
        (JSC::Register::callFrame):
        (JSC::Register::codeBlock):
        (JSC::Register::function):
        (JSC::Register::propertyNameIterator):
        (JSC::Register::scopeChain):
        (JSC::Register::vPC):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_call_NotJSFunction):
        (JSC::JITStubs::cti_op_load_varargs):
        (JSC::JITStubs::cti_op_call_eval):
        * jsc.cpp:
        (functionPrint):
        (functionDebug):
        (functionRun):
        (functionLoad):
        * runtime/ArgList.h:
        (JSC::ArgList::at):
        * runtime/Arguments.cpp:
        (JSC::Arguments::copyToRegisters):
        (JSC::Arguments::fillArgList):
        (JSC::Arguments::getOwnPropertySlot):
        * runtime/ArrayConstructor.cpp:
        (JSC::constructArrayWithSizeQuirk):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncJoin):
        (JSC::arrayProtoFuncConcat):
        (JSC::arrayProtoFuncPush):
        (JSC::arrayProtoFuncSlice):
        (JSC::arrayProtoFuncSort):
        (JSC::arrayProtoFuncSplice):
        (JSC::arrayProtoFuncUnShift):
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):
        (JSC::arrayProtoFuncReduce):
        (JSC::arrayProtoFuncReduceRight):
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/BooleanConstructor.cpp:
        (JSC::constructBoolean):
        (JSC::callBooleanConstructor):
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        (JSC::dateParse):
        (JSC::dateUTC):
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        (JSC::fillStructuresUsingTimeArgs):
        (JSC::fillStructuresUsingDateArgs):
        (JSC::dateProtoFuncSetTime):
        (JSC::dateProtoFuncSetYear):
        * runtime/ErrorConstructor.cpp:
        (JSC::constructError):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply):
        (JSC::functionProtoFuncCall):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::constructArray):
        * runtime/JSArray.h:
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEval):
        (JSC::globalFuncParseInt):
        (JSC::globalFuncParseFloat):
        (JSC::globalFuncIsNaN):
        (JSC::globalFuncIsFinite):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        (JSC::globalFuncJSCPrint):
        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncAbs):
        (JSC::mathProtoFuncACos):
        (JSC::mathProtoFuncASin):
        (JSC::mathProtoFuncATan):
        (JSC::mathProtoFuncATan2):
        (JSC::mathProtoFuncCeil):
        (JSC::mathProtoFuncCos):
        (JSC::mathProtoFuncExp):
        (JSC::mathProtoFuncFloor):
        (JSC::mathProtoFuncLog):
        (JSC::mathProtoFuncMax):
        (JSC::mathProtoFuncMin):
        (JSC::mathProtoFuncPow):
        (JSC::mathProtoFuncRound):
        (JSC::mathProtoFuncSin):
        (JSC::mathProtoFuncSqrt):
        (JSC::mathProtoFuncTan):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::construct):
        * runtime/NumberConstructor.cpp:
        (JSC::constructWithNumberConstructor):
        (JSC::callNumberConstructor):
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString):
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToExponential):
        (JSC::numberProtoFuncToPrecision):
        * runtime/ObjectConstructor.cpp:
        (JSC::constructObject):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncHasOwnProperty):
        (JSC::objectProtoFuncIsPrototypeOf):
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        (JSC::objectProtoFuncLookupGetter):
        (JSC::objectProtoFuncLookupSetter):
        (JSC::objectProtoFuncPropertyIsEnumerable):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::getValue):
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::match):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncCompile):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        (JSC::stringFromCharCode):
        (JSC::constructWithStringConstructor):
        (JSC::callStringConstructor):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncConcat):
        (JSC::stringProtoFuncIndexOf):
        (JSC::stringProtoFuncLastIndexOf):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSlice):
        (JSC::stringProtoFuncSplit):
        (JSC::stringProtoFuncSubstr):
        (JSC::stringProtoFuncSubstring):
        (JSC::stringProtoFuncLocaleCompare):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):
        (JSC::stringProtoFuncLink):

2009-04-28  David Kilzer  <ddkilzer (a] apple.com>

        A little more hardening for UString

        Reviewed by Maciej Stachowiak.

        Revised fix for <rdar://problem/5861045> in r42644.

        * runtime/UString.cpp:
        (JSC::newCapacityWithOverflowCheck): Added.
        (JSC::concatenate): Used newCapacityWithOverflowCheck().
        (JSC::UString::append): Ditto.

2009-04-28  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bring back r42969, this time with correct codegen

        Add logic to the codegen for right shift to avoid jumping to a helper function
        when shifting a small floating point value.

        * jit/JITArithmetic.cpp:
        (isSSE2Present):
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):

2009-04-28  Kevin Ollivier <kevino (a] theolliviers.com>

        wxMSW build fix. Switch JSCore build back to static. 

        * API/JSBase.h:
        * config.h:
        * jscore.bkl:

2009-04-28  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Roll out r42969, due to hangs in build bot.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):
        (JSC::isSSE2Present):

2009-04-28  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed: fix distcheck build, add (even more) missing files to list.

        * GNUmakefile.am:

2009-04-28  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Improve performance of string indexing

        Add a cti_get_by_val_string function to specialise indexing into a string object.
        This gives us a slight performance win on a number of string tests.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        * jit/JITStubs.h:

2009-04-28  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Improve performance of right shifts of large or otherwise floating point values.

        Add logic to the codegen for right shift to avoid jumping to a helper function
        when shifting a small floating point value.

        * jit/JITArithmetic.cpp:
        (isSSE2Present): Moved to the head of file.
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):

2009-04-28  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed: fix distcheck build, add (more) missing files to list.

        * GNUmakefile.am:

2009-04-28  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed: fix distcheck build, add missing header to file list.

        * GNUmakefile.am:

2009-04-28  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Maciej "Henry Morgan" Stachowiak.

        Enable YARR.
        (Again.)

        * wtf/Platform.h:

2009-04-27  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Tweak a loop condition to keep GCC happy,
        some GCCs seem to be having issues with this. :-/

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::breakTarget):
        * wtf/Platform.h:

2009-04-27  Adam Roben  <aroben (a] apple.com>

        Windows Debug build fix

        Not sure why the buildbots weren't affected by this problem.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Let VS
        re-order the file list, and added JavaScriptCore[_debug].def to the
        project. This was not necessary for the fix, but made making the fix
        easier.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Removed a function that no longer exists.

2009-04-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Weinig Sam.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=25416
        "Cached prototype accesses unsafely hoist property storage load above structure checks."
        
        Do not hoist the load of the pointer to the property storage array.

        No performance impact.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):

2009-04-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoffrey "Gaffe or energy?" Garen.

        Randomize address requested by ExecutableAllocatorFixedVMPool.

        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):

2009-04-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Eric Seidel.

        Remove scons-based build system.

        * JavaScriptCore.scons: Removed.

2009-04-25  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Buildfix).

        Make HAVE_MADV_FREE darwin only for now

        * wtf/Platform.h:

2009-04-25  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Reviewed by Oliver Hunt.

        Gtk build fix - check if we have MADV_FREE before using it.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::releaseExcessCapacity):
        * wtf/Platform.h:

2009-04-24  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fix. Switching JSCore from a static lib to a dynamic lib
        to match the Apple build and fix symbol exports.

        * jscore.bkl:

2009-04-24  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Rubber-stamped by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=25337
        Move ThreadingQt.cpp under the qt directory.

        * JavaScriptCore.pri:
        * wtf/ThreadingQt.cpp: Removed.
        * wtf/qt/ThreadingQt.cpp: Copied from JavaScriptCore/wtf/ThreadingQt.cpp.

2009-04-24  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Rubber-stamped by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=25338
        Move ThreadingGtk.cpp under the gtk directory.

        * GNUmakefile.am:
        * wtf/ThreadingGtk.cpp: Removed.
        * wtf/gtk/ThreadingGtk.cpp: Copied from JavaScriptCore/wtf/ThreadingGtk.cpp.

2009-04-24  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam "Wesley" Weinig.

        Improve performance to YARR interpreter.
        (From about 3x slower than PCRE on regex-dna to about 30% slower).

        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::RegexPatternConstructor::setupAlternativeOffsets):
        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::checkCharacter):
        (JSC::Yarr::Interpreter::checkCasedCharacter):
        (JSC::Yarr::Interpreter::backtrackPatternCharacter):
        (JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
        (JSC::Yarr::Interpreter::matchParentheticalAssertionBegin):
        (JSC::Yarr::Interpreter::matchParentheticalAssertionEnd):
        (JSC::Yarr::Interpreter::backtrackParentheticalAssertionBegin):
        (JSC::Yarr::Interpreter::backtrackParentheticalAssertionEnd):
        (JSC::Yarr::Interpreter::matchDisjunction):
        (JSC::Yarr::Interpreter::interpret):
        (JSC::Yarr::ByteCompiler::atomPatternCharacter):
        (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
        (JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
        (JSC::Yarr::ByteCompiler::closeAlternative):
        (JSC::Yarr::ByteCompiler::closeBodyAlternative):
        (JSC::Yarr::ByteCompiler::atomParenthesesEnd):
        (JSC::Yarr::ByteCompiler::regexBegin):
        (JSC::Yarr::ByteCompiler::regexEnd):
        (JSC::Yarr::ByteCompiler::alterantiveBodyDisjunction):
        (JSC::Yarr::ByteCompiler::alterantiveDisjunction):
        (JSC::Yarr::ByteCompiler::emitDisjunction):
        * yarr/RegexInterpreter.h:
        (JSC::Yarr::ByteTerm::):
        (JSC::Yarr::ByteTerm::ByteTerm):
        (JSC::Yarr::ByteTerm::BodyAlternativeBegin):
        (JSC::Yarr::ByteTerm::BodyAlternativeDisjunction):
        (JSC::Yarr::ByteTerm::BodyAlternativeEnd):
        (JSC::Yarr::ByteTerm::AlternativeBegin):
        (JSC::Yarr::ByteTerm::AlternativeDisjunction):
        (JSC::Yarr::ByteTerm::AlternativeEnd):
        (JSC::Yarr::ByteTerm::SubpatternBegin):
        (JSC::Yarr::ByteTerm::SubpatternEnd):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateParentheticalAssertion):
        * yarr/RegexPattern.h:

2009-04-24  Rob Raguet-Schofield  <ragfield (a] gmail.com>

        Rubber-stamped by Mark Rowe.

        * wtf/CurrentTime.h: Fix a typo in a comment.

2009-04-24  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Add reinterpret_cast

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::releaseExcessCapacity):

2009-04-23  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        <rdar://problem/6050421> JavaScript register file should remap to release physical pages accumulated during deep recursion

        We now track the maximum extent of the RegisterFile, and when we reach the final
        return from JS (so the stack portion of the registerfile becomes empty) we see
        if that extent is greater than maxExcessCapacity.  If it is we use madvise or
        VirtualFree to release the physical pages that were backing the excess.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::releaseExcessCapacity):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::shrink):
        (JSC::RegisterFile::grow):

2009-04-23  Mark Rowe  <mrowe (a] apple.com>

        With great sadness and a heavy heart I switch us back from YARR to WREC in
        order to restore greenness to the world once more.

        * wtf/Platform.h:

2009-04-23  Mark Rowe  <mrowe (a] apple.com>

        More Windows build fixage.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-04-23  Mark Rowe  <mrowe (a] apple.com>

        Attempt to fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:  Remove a symbol that no longer exists.

2009-04-23  Francisco Tolmasky  <francisco (a] 280north.com>

        BUG 24604: WebKit profiler reports incorrect total times
        <https://bugs.webkit.org/show_bug.cgi?id=24604>

        Reviewed by Timothy Hatcher and Kevin McCullough.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * profiler/CallIdentifier.h:
        (JSC::CallIdentifier::Hash::hash):
        (JSC::CallIdentifier::Hash::equal):
        (JSC::CallIdentifier::hash):
        (WTF::):
        * profiler/HeavyProfile.cpp: Removed.
        * profiler/HeavyProfile.h: Removed.
        * profiler/Profile.cpp: No more need for TreeProfile/HeavyProfile
        (JSC::Profile::create):
        * profiler/Profile.h:
        * profiler/ProfileNode.cpp:
        * profiler/ProfileNode.h:
        * profiler/TreeProfile.cpp: Removed.
        * profiler/TreeProfile.h: Removed.

2009-04-23  Gavin Barraclough  <barraclough (a] apple.com>

        Not Reviewed.

        Speculative Windows build fix II.

        * yarr/RegexInterpreter.cpp:

2009-04-23  Gavin Barraclough  <barraclough (a] apple.com>

        Not Reviewed.

        Speculative Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * runtime/RegExp.cpp:

2009-04-23  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by salty sea dogs Sam & Geoff.

        Enable YARR_JIT by default (where supported), replacing WREC.

        * wtf/Platform.h:

2009-04-23  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff "Dread Pirate Roberts" Garen.

        Various small fixes to YARR JIT, in preparation for enabling it by default.

        * Correctly index into the callframe when storing restart addresses for
          nested alternatives.
        * Allow backtracking back into matched alternatives of parentheses.
        * Fix callframe offset calculation for parenthetical assertions.
        * When a set of parenthese are quantified with a fixed and variable portion,
          and the variable portion is quantified once, this should not reset the
          pattern match on failure to match (the last match from the firxed portion
          should be preserved).
        * Up the pattern size limit to match PCRE's new limit.
        * Unlclosed parentheses should be reported with the message "missing )".

        * wtf/Platform.h:
        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::RegexPatternConstructor::quantifyAtom):
        (JSC::Yarr::RegexPatternConstructor::setupAlternativeOffsets):
        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::matchParentheses):
        (JSC::Yarr::Interpreter::backtrackParentheses):
        (JSC::Yarr::ByteCompiler::emitDisjunction):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::loadFromFrameAndJump):
        (JSC::Yarr::RegexGenerator::generateParenthesesDisjunction):
        (JSC::Yarr::RegexGenerator::generateParentheticalAssertion):
        (JSC::Yarr::RegexGenerator::generateTerm):
        (JSC::Yarr::executeRegex):
        * yarr/RegexParser.h:
        (JSC::Yarr::Parser::):
        (JSC::Yarr::Parser::parseTokens):
        (JSC::Yarr::Parser::parse):
        * yarr/RegexPattern.h:
        (JSC::Yarr::PatternTerm::):
        (JSC::Yarr::PatternTerm::PatternTerm):

2009-04-22  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Gavin Barraclough.

        Add the m_ prefix on FixedVMPoolAllocator's member variables, and fix typos in a few comments.

        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::addToFreeList):
        (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        (JSC::FixedVMPoolAllocator::alloc):
        (JSC::FixedVMPoolAllocator::free):
        (JSC::FixedVMPoolAllocator::isWithinVMPool):

2009-04-22  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Gavin Barraclough.

        Add some assertions to FixedVMPoolAllocator to guard against cases where we
        attempt to free memory that didn't originate from the pool, or we attempt to
        hand out a bogus address from alloc.

        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::release):
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        (JSC::FixedVMPoolAllocator::alloc):
        (JSC::FixedVMPoolAllocator::free):
        (JSC::FixedVMPoolAllocator::isWithinVMPool):

2009-04-22  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Sam "Blackbeard" Weinig.

        Although pirates do spell the word 'generate' as 'genertate',
        webkit developers do not.  Fixertate.

        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateAssertionBOL):
        (JSC::Yarr::RegexGenerator::generateAssertionEOL):
        (JSC::Yarr::RegexGenerator::generateAssertionWordBoundary):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterSingle):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterPair):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterFixed):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterGreedy):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterNonGreedy):
        (JSC::Yarr::RegexGenerator::generateCharacterClassSingle):
        (JSC::Yarr::RegexGenerator::generateCharacterClassFixed):
        (JSC::Yarr::RegexGenerator::generateCharacterClassGreedy):
        (JSC::Yarr::RegexGenerator::generateCharacterClassNonGreedy):
        (JSC::Yarr::RegexGenerator::generateTerm):

2009-04-22  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam "Blackbeard" Weinig.

        Improvements to YARR JIT.  This patch expands support in three key areas:
            * Add (temporary) support for falling back to PCRE for expressions not supported.
            * Add support for x86_64 and Windows.
            * Add support for singly quantified parentheses (? and ??), alternatives within
              parentheses, and parenthetical assertions.

        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::storeToFrame):
        (JSC::Yarr::RegexGenerator::storeToFrameWithPatch):
        (JSC::Yarr::RegexGenerator::loadFromFrameAndJump):
        (JSC::Yarr::RegexGenerator::AlternativeBacktrackRecord::AlternativeBacktrackRecord):
        (JSC::Yarr::RegexGenerator::TermGenerationState::resetAlternative):
        (JSC::Yarr::RegexGenerator::TermGenerationState::resetTerm):
        (JSC::Yarr::RegexGenerator::TermGenerationState::jumpToBacktrack):
        (JSC::Yarr::RegexGenerator::TermGenerationState::plantJumpToBacktrackIfExists):
        (JSC::Yarr::RegexGenerator::TermGenerationState::addBacktrackJump):
        (JSC::Yarr::RegexGenerator::TermGenerationState::linkAlternativeBacktracks):
        (JSC::Yarr::RegexGenerator::TermGenerationState::propagateBacktrackingFrom):
        (JSC::Yarr::RegexGenerator::genertateAssertionBOL):
        (JSC::Yarr::RegexGenerator::genertateAssertionEOL):
        (JSC::Yarr::RegexGenerator::matchAssertionWordchar):
        (JSC::Yarr::RegexGenerator::genertateAssertionWordBoundary):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterSingle):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterPair):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterFixed):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterGreedy):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterNonGreedy):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassSingle):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassFixed):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassGreedy):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassNonGreedy):
        (JSC::Yarr::RegexGenerator::generateParenthesesDisjunction):
        (JSC::Yarr::RegexGenerator::generateParenthesesSingle):
        (JSC::Yarr::RegexGenerator::generateParentheticalAssertion):
        (JSC::Yarr::RegexGenerator::generateTerm):
        (JSC::Yarr::RegexGenerator::generateDisjunction):
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):
        (JSC::Yarr::RegexGenerator::RegexGenerator):
        (JSC::Yarr::RegexGenerator::generate):
        (JSC::Yarr::RegexGenerator::compile):
        (JSC::Yarr::RegexGenerator::generationFailed):
        (JSC::Yarr::jitCompileRegex):
        (JSC::Yarr::executeRegex):
        * yarr/RegexJIT.h:
        (JSC::Yarr::RegexCodeBlock::RegexCodeBlock):
        (JSC::Yarr::RegexCodeBlock::~RegexCodeBlock):

2009-04-22  Sam Weinig  <sam (a] webkit.org>

        Rubber-stamped by Darin Adler.

        Fix for <rdar://problem/6816957>
        Turn off Geolocation by default

        * Configurations/FeatureDefines.xcconfig:

2009-04-22  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Buildfix).

        * interpreter/CachedCall.h:

2009-04-21  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        * runtime/StringPrototype.cpp:

2009-04-21  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Improve String.replace performance slightly

        Apply our vm reentry caching logic to String.replace with global
        regexes.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):

2009-04-21  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich and Oliver Hunt.
        
        Re-Fixed <rdar://problem/6406045> REGRESSION: Stack overflow on PowerPC on
        fast/workers/use-machine-stack.html (22531)
        
        SunSpider reports no change.
        
        Use a larger recursion limit on the main thread (because we can, and
        there's some evidence that it may improve compatibility), and a smaller
        recursion limit on secondary threads (because they tend to have smaller
        stacks).

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        * interpreter/Interpreter.h:
        (JSC::): Ditto. I wrote the recursion test slightly funny, so that the
        common case remains a simple compare to constant.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin): Conservatively, set the array recursion limits
        to the lower, secondary thread limit. We can do something fancier if
        compatibility moves us, but this seems sufficient for now.

2009-04-21  Geoffrey Garen  <ggaren (a] apple.com>

        Rubber-stamped by Adam Roben.
        
        Disabled one more Mozilla JS test because it fails intermittently on Windows.
        (See https://bugs.webkit.org/show_bug.cgi?id=25160.)

        * tests/mozilla/expected.html:

2009-04-21  Adam Roben  <aroben (a] apple.com>

        Rename JavaScriptCore_debug.dll to JavaScriptCore.dll in the Debug
        configuration

        This matches the naming scheme for WebKit.dll, and will be necessary
        once Safari links against JavaScriptCore.dll. This change also causes
        run-safari not to fail (because the launcher printed by FindSafari was
        always looking for JavaScriptCore.dll, never
        JavaScriptCore_debug.dll).

        Part of Bug 25305: can't run safari or drt on windows
        <https://bugs.webkit.org/show_bug.cgi?id=25305>

        Reviewed by Steve Falkenburg and Sam Weinig.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        Use $(WebKitDLLConfigSuffix) for naming JavaScriptCore.{dll,lib}.

2009-04-21  Adam Roben  <aroben (a] apple.com>

        Fix JavaScriptCore build on VC++ Express

        Reviewed by Steve Falkenburg and Sam Weinig.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Link
        explicitly against gdi32.lib and oleaut32.lib.

2009-04-21  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Mark Rowe.
        
        Tiger crash fix: Put VM tags in their own header file, and fixed up the
        #ifdefs so they're not used on Tiger.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemAlloc):
        * runtime/Collector.cpp:
        (JSC::allocateBlock):
        * wtf/VMTags.h: Added.

2009-04-20  Steve Falkenburg  <sfalken (a] apple.com>

        More Windows build fixes.

        * JavaScriptCore.vcproj/JavaScriptCore.make: Copy DLLs, PDBs.
        * JavaScriptCore.vcproj/JavaScriptCore.resources: Added.
        * JavaScriptCore.vcproj/JavaScriptCore.resources/Info.plist: Added.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc: Added.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Add version stamping, resource copying.

2009-04-20  Steve Falkenburg  <sfalken (a] apple.com>

        Separate JavaScriptCore.dll from WebKit.dll.
        Slight performance improvement or no change on benchmarks.
        
        Allows us to break a circular dependency between CFNetwork and WebKit on Windows,
        and simplifies standalone JavaScriptCore builds.

        Reviewed by Oliver Hunt.

        * API/JSBase.h: Export symbols with JS_EXPORT when using MSVC.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Build JavaScriptCore as a DLL instead of a static library.
        * config.h: Specify __declspec(dllexport/dllimport) appropriately when exporting data.
        * runtime/InternalFunction.h: Specify JS_EXPORTDATA on exported data.
        * runtime/JSArray.h: Specify JS_EXPORTDATA on exported data.
        * runtime/JSFunction.h: Specify JS_EXPORTDATA on exported data.
        * runtime/StringObject.h: Specify JS_EXPORTDATA on exported data.
        * runtime/UString.h: Specify JS_EXPORTDATA on exported data.

2009-04-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Kevin McCullough.

        Always tag mmaped memory on darwin and clean up #defines
        now that they are a little bigger.

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemAlloc):
        * runtime/Collector.cpp:
        (JSC::allocateBlock):

2009-04-20  Sam Weinig  <sam (a] webkit.org>

        Rubber-stamped by Tim Hatcher.

        Add licenses for xcconfig files.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/JavaScriptCore.xcconfig:
        * Configurations/Version.xcconfig:

2009-04-20  Ariya Hidayat  <ariya.hidayat (a] nokia.com>

        Build fix for Qt port (after r42646). Not reviewed.

        * wtf/unicode/qt4/UnicodeQt4.h: Added U16_PREV.

2009-04-19  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Better fix for JSStringCreateWithCFString hardening.

        * API/JSStringRefCF.cpp:
        (JSStringCreateWithCFString):

2009-04-19  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Dan Bernstein.

        Fix for <rdar://problem/5860954>
        Harden JSStringCreateWithCFString against malformed CFStringRefs.

        * API/JSStringRefCF.cpp:
        (JSStringCreateWithCFString):

2009-04-19  David Kilzer  <ddkilzer (a] apple.com>

        Make FEATURE_DEFINES completely dynamic

        Reviewed by Darin Adler.

        Make FEATURE_DEFINES depend on individual ENABLE_FEATURE_NAME
        variables for each feature, making it possible to remove all
        knowledge of FEATURE_DEFINES from build-webkit.

        * Configurations/FeatureDefines.xcconfig: Extract a variable
        from FEATURE_DEFINES for each feature setting.

2009-04-18  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Dan Bernstein.

        Fix typo.  s/VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE/VM_MEMORY_JAVASCRIPT_CORE/

        * runtime/Collector.cpp:
        (JSC::allocateBlock): Fix bozo typo.

2009-04-18  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Anders Carlsson.

        Fix for <rdar://problem/6801555> Tag JavaScript memory on SnowLeopard

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        * jit/ExecutableAllocatorFixedVMPool.cpp:
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemAlloc):
        * runtime/Collector.cpp:
        (JSC::allocateBlock):

2009-04-18  Drew Wilson  <amw (a] apple.com>

        <rdar://problem/6781407> VisiblePosition.characterAfter should return UChar32

        Reviewed by Dan Bernstein.

        * wtf/unicode/icu/UnicodeIcu.h:
        (WTF::Unicode::hasLineBreakingPropertyComplexContextOrIdeographic): Added.

2009-04-18  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Fix for <rdar://problem/5861045>
        A little bit of hardening for UString.

        * runtime/UString.cpp:
        (JSC::concatenate):
        (JSC::UString::append):

2009-04-18  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe and Dan Bernstein.

        Fix for <rdar://problem/5861188>
        A little bit of hardening for Vector.

        * wtf/Vector.h:
        (WTF::Vector<T, inlineCapacity>::append):
        (WTF::Vector<T, inlineCapacity>::insert):

2009-04-17  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        On x86_64, make all JIT-code allocations from a new heap, managed
        by FixedVMPoolAllocator.  This class allocates a single large (2Gb)
        pool of virtual memory from which all further allocations take place.
        Since all JIT code is allocated from this pool, we can continue to
        safely assume (as is already asserted) that it will always be possible
        to link any JIT-code to JIT-code jumps and calls.

        * JavaScriptCore.xcodeproj/project.pbxproj:
            Add new file.
        * jit/ExecutableAllocatorFixedVMPool.cpp: Added.
        (JSC::FreeListEntry::FreeListEntry):
        (JSC::AVLTreeAbstractorForFreeList::get_less):
        (JSC::AVLTreeAbstractorForFreeList::set_less):
        (JSC::AVLTreeAbstractorForFreeList::get_greater):
        (JSC::AVLTreeAbstractorForFreeList::set_greater):
        (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
        (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
        (JSC::AVLTreeAbstractorForFreeList::null):
        (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
        (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
        (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
        (JSC::sortFreeListEntriesByPointer):
        (JSC::sortCommonSizedAllocations):
        (JSC::FixedVMPoolAllocator::release):
        (JSC::FixedVMPoolAllocator::reuse):
        (JSC::FixedVMPoolAllocator::addToFreeList):
        (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
        (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
        (JSC::FixedVMPoolAllocator::alloc):
        (JSC::FixedVMPoolAllocator::free):
        (JSC::ExecutableAllocator::intializePageSize):
        (JSC::ExecutablePool::systemAlloc):
        (JSC::ExecutablePool::systemRelease):
            The new 2Gb heap class!
        * jit/ExecutableAllocatorPosix.cpp:
            Disable use of this implementation on x86_64.
        * wtf/AVLTree.h:
            Add missing variable initialization.
        (WTF::::remove):

2009-04-17  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Darin Adler.

        Fix bug where the VM reentry cache would not correctly unroll the cached callframe

        Fix a check that was intended to mark a cached call as invalid when the callframe could
        not be constructed.  Instead it was just checking that there was a place to put the
        exception.  This eventually results in a non-recoverable RegisterFile starvation.

        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        (JSC::CachedCall::call): add assertion to ensure we don't use a bad callframe

2009-04-17  David Kilzer  <ddkilzer (a] apple.com>

        Simplify FEATURE_DEFINES definition

        Reviewed by Darin Adler.

        This moves FEATURE_DEFINES and its related ENABLE_FEATURE_NAME
        variables to their own FeatureDefines.xcconfig file.  It also
        extracts a new ENABLE_GEOLOCATION variable so that
        FEATURE_DEFINES only needs to be defined once.

        * Configurations/FeatureDefines.xcconfig: Added.
        * Configurations/JavaScriptCore.xcconfig: Removed definition of
        ENABLE_SVG_DOM_OBJC_BINDINGS and FEATURE_DEFINES.  Added include
        of FeatureDefines.xcconfig.
        * JavaScriptCore.xcodeproj/project.pbxproj: Added
        FeatureDefines.xcconfig file.

2009-04-08  Mihnea Ovidenie  <mihnea (a] adobe.com>

        Reviewed by Oliver Hunt.

        Bug 25027: JavaScript parseInt wrong on negative numbers
        <https://bugs.webkit.org/show_bug.cgi?id=25027>

        When dealing with negative numbers, parseInt should use ceil instead of floor.

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):

2009-04-16  Stephanie Lewis  <slewis (a] apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6744652> 32-bit to 64-bit: Javascript hash tables double in size

        Remove perfect hash optimization which removes 1 MB of overhead on 32-bit and almost 2 MB on 64-bit.  Removing the optimization was not a regression on SunSpider and the acid 3 test still passes.

        * create_hash_table:
        * runtime/Lookup.cpp:
        (JSC::HashTable::createTable):
        (JSC::HashTable::deleteTable):
        * runtime/Lookup.h:
        (JSC::HashEntry::initialize):
        (JSC::HashEntry::next):
        (JSC::HashTable::entry):
        * runtime/Structure.cpp:
        (JSC::Structure::getEnumerableNamesFromClassInfoTable):

2009-04-16  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Fix subtle error in optimised VM reentry in Array.sort

        Basically to ensure we don't accidentally invalidate the cached callframe
        we should be using the cached callframe rather than our own exec state.
        While the old behaviour was wrong i have been unable to actually create a
        test case where anything actually ends up going wrong.

        * interpreter/CachedCall.h:
        (JSC::CachedCall::newCallFrame):
        * runtime/JSArray.cpp:
        (JSC::AVLTreeAbstractorForArrayCompare::compare_key_key):

2009-04-16  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Optimise op_resolve_base

        If we can statically find a property we are trying to resolve
        the base of, the base is guaranteed to be the global object.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitResolveBase):

2009-04-16  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Improve performance of read-write-modify operators

        Implement cross scope optimisation for read-write-modify
        operators, to avoid unnecessary calls to property resolve
        helper functions.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitLoadGlobalObject):
        (JSC::BytecodeGenerator::emitResolveWithBase):
        * bytecompiler/BytecodeGenerator.h:

2009-04-16  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Improve performance of remaining array enumeration functions

        Make use of function entry cache for remaining Array enumeration functions.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):

2009-04-15  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Improve performance of Array.sort

        Cache the VM entry for Array.sort when using a JS comparison function.

        * runtime/JSArray.cpp:
        (JSC::AVLTreeAbstractorForArrayCompare::compare_key_key):
        (JSC::JSArray::sort):

2009-04-15  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bug 25229: Need support for Array.prototype.reduceRight
        <https://bugs.webkit.org/show_bug.cgi?id=25229>

        Implement Array.reduceRight

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncReduceRight):

2009-04-15  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bug 25227: Array.filter triggers an assertion when the target array shrinks while being filtered
        <https://bugs.webkit.org/show_bug.cgi?id=25227>

        We correct this simply by making the fast array path fall back on the slow path if
        we ever discover the fast access is unsafe.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncFilter):

2009-04-13  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bug 25159: Support Array.prototype.reduce
        <https://bugs.webkit.org/show_bug.cgi?id=25159>

        Implement Array.prototype.reduce

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncReduce):

2009-04-15  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Move CallFrameClosure from inside the Interpreter class to its own file.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/CachedCall.h:
        * interpreter/CallFrameClosure.h: Copied from JavaScriptCore/yarr/RegexJIT.h.
        (JSC::CallFrameClosure::setArgument):
        (JSC::CallFrameClosure::resetCallFrame):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::prepareForRepeatCall):
        * interpreter/Interpreter.h:

2009-04-14  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 25202: Improve performance of repeated callbacks into the VM

        Add the concept of a CachedCall to native code for use in Array
        prototype and similar functions where a single callback function
        is called repeatedly with the same number of arguments.

        Used Array.prototype.filter as the test function and got a 50% win
        over a naive non-caching specialised version.  This makes the native
        implementation of Array.prototype.filter faster than the JS one once
        more.

        * JavaScriptCore.vcproj/JavaScriptCore.sln:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/CachedCall.h: Added.
        (JSC::CachedCall::CachedCall):
        (JSC::CachedCall::call):
        (JSC::CachedCall::setThis):
        (JSC::CachedCall::setArgument):
        (JSC::CachedCall::~CachedCall):
           CachedCall is a wrapper that automates the calling and teardown
           for a CallFrameClosure
        * interpreter/CallFrame.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::prepareForRepeatCall):
           Create the basic entry closure for a function
        (JSC::Interpreter::execute):
           A new ::execute method to enter the interpreter from a closure
        (JSC::Interpreter::endRepeatCall):
           Clear the entry closure
        * interpreter/Interpreter.h:
        (JSC::Interpreter::CallFrameClosure::setArgument):
        (JSC::Interpreter::CallFrameClosure::resetCallFrame):
           Helper functions to simplify setting up the closure's callframe
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncFilter):

2009-04-14  Xan Lopez  <xlopez (a] igalia.com>

        Fix the build.

        Add the yarr headers (and only the headers) to the build, so that
        RegExp.cpp can compile. The headers are ifdefed out with yarr
        disabled, so we don't need anything else for now.

        * GNUmakefile.am:

2009-04-14  Adam Roben  <aroben (a] apple.com>

        Remove support for profile-guided optimization on Windows

        Rubber-stamped by Steve Falkenburg.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Removed
        the Release_PGO configuration. Also let VS re-order the source files
        list.

2009-04-14  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed build fix.

        * GNUmakefile.am:

2009-04-14  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Gtk build fix when building minidom. Not reviewed.

        Use C-style comment instead of C++ style since autotools builds
        minidom using gcc and not g++.

        * wtf/Platform.h:

2009-04-14  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by NOBODY - speculative build fix.

        * runtime/RegExp.h:

2009-04-13  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cap'n Geoff Garen.

        Yarr!
        (Yet another regex runtime).

        Currently disabled by default since the interpreter, whilst awesomely
        functional, has not been optimized and is likely slower than PCRE, and
        the JIT, whilst faster than WREC, is presently incomplete and does not
        fallback to using an interpreter for the cases it cannot handle.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::move):
        (JSC::MacroAssemblerX86Common::swap):
        (JSC::MacroAssemblerX86Common::signExtend32ToPtr):
        (JSC::MacroAssemblerX86Common::zeroExtend32ToPtr):
        (JSC::MacroAssemblerX86Common::branch32):
        (JSC::MacroAssemblerX86Common::branch16):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::cmpw_im):
        (JSC::X86Assembler::testw_rr):
        (JSC::X86Assembler::X86InstructionFormatter::immediate16):
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::~RegExp):
        (JSC::RegExp::create):
        (JSC::RegExp::compile):
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * wtf/Platform.h:
        * yarr: Added.
        * yarr/RegexCompiler.cpp: Added.
        (JSC::Yarr::CharacterClassConstructor::CharacterClassConstructor):
        (JSC::Yarr::CharacterClassConstructor::reset):
        (JSC::Yarr::CharacterClassConstructor::append):
        (JSC::Yarr::CharacterClassConstructor::putChar):
        (JSC::Yarr::CharacterClassConstructor::isUnicodeUpper):
        (JSC::Yarr::CharacterClassConstructor::isUnicodeLower):
        (JSC::Yarr::CharacterClassConstructor::putRange):
        (JSC::Yarr::CharacterClassConstructor::charClass):
        (JSC::Yarr::CharacterClassConstructor::addSorted):
        (JSC::Yarr::CharacterClassConstructor::addSortedRange):
        (JSC::Yarr::newlineCreate):
        (JSC::Yarr::digitsCreate):
        (JSC::Yarr::spacesCreate):
        (JSC::Yarr::wordcharCreate):
        (JSC::Yarr::nondigitsCreate):
        (JSC::Yarr::nonspacesCreate):
        (JSC::Yarr::nonwordcharCreate):
        (JSC::Yarr::RegexPatternConstructor::RegexPatternConstructor):
        (JSC::Yarr::RegexPatternConstructor::~RegexPatternConstructor):
        (JSC::Yarr::RegexPatternConstructor::reset):
        (JSC::Yarr::RegexPatternConstructor::assertionBOL):
        (JSC::Yarr::RegexPatternConstructor::assertionEOL):
        (JSC::Yarr::RegexPatternConstructor::assertionWordBoundary):
        (JSC::Yarr::RegexPatternConstructor::atomPatternCharacter):
        (JSC::Yarr::RegexPatternConstructor::atomBuiltInCharacterClass):
        (JSC::Yarr::RegexPatternConstructor::atomCharacterClassBegin):
        (JSC::Yarr::RegexPatternConstructor::atomCharacterClassAtom):
        (JSC::Yarr::RegexPatternConstructor::atomCharacterClassRange):
        (JSC::Yarr::RegexPatternConstructor::atomCharacterClassBuiltIn):
        (JSC::Yarr::RegexPatternConstructor::atomCharacterClassEnd):
        (JSC::Yarr::RegexPatternConstructor::atomParenthesesSubpatternBegin):
        (JSC::Yarr::RegexPatternConstructor::atomParentheticalAssertionBegin):
        (JSC::Yarr::RegexPatternConstructor::atomParenthesesEnd):
        (JSC::Yarr::RegexPatternConstructor::atomBackReference):
        (JSC::Yarr::RegexPatternConstructor::copyDisjunction):
        (JSC::Yarr::RegexPatternConstructor::copyTerm):
        (JSC::Yarr::RegexPatternConstructor::quantifyAtom):
        (JSC::Yarr::RegexPatternConstructor::disjunction):
        (JSC::Yarr::RegexPatternConstructor::regexBegin):
        (JSC::Yarr::RegexPatternConstructor::regexEnd):
        (JSC::Yarr::RegexPatternConstructor::regexError):
        (JSC::Yarr::RegexPatternConstructor::setupAlternativeOffsets):
        (JSC::Yarr::RegexPatternConstructor::setupDisjunctionOffsets):
        (JSC::Yarr::RegexPatternConstructor::setupOffsets):
        (JSC::Yarr::compileRegex):
        * yarr/RegexCompiler.h: Added.
        * yarr/RegexInterpreter.cpp: Added.
        (JSC::Yarr::Interpreter::appendParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::popParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::DisjunctionContext::DisjunctionContext):
        (JSC::Yarr::Interpreter::DisjunctionContext::operator new):
        (JSC::Yarr::Interpreter::allocDisjunctionContext):
        (JSC::Yarr::Interpreter::freeDisjunctionContext):
        (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::ParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::operator new):
        (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::restoreOutput):
        (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::getDisjunctionContext):
        (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::freeParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::InputStream::InputStream):
        (JSC::Yarr::Interpreter::InputStream::next):
        (JSC::Yarr::Interpreter::InputStream::rewind):
        (JSC::Yarr::Interpreter::InputStream::read):
        (JSC::Yarr::Interpreter::InputStream::readChecked):
        (JSC::Yarr::Interpreter::InputStream::reread):
        (JSC::Yarr::Interpreter::InputStream::prev):
        (JSC::Yarr::Interpreter::InputStream::getPos):
        (JSC::Yarr::Interpreter::InputStream::setPos):
        (JSC::Yarr::Interpreter::InputStream::atStart):
        (JSC::Yarr::Interpreter::InputStream::atEnd):
        (JSC::Yarr::Interpreter::InputStream::checkInput):
        (JSC::Yarr::Interpreter::InputStream::uncheckInput):
        (JSC::Yarr::Interpreter::testCharacterClass):
        (JSC::Yarr::Interpreter::tryConsumeCharacter):
        (JSC::Yarr::Interpreter::checkCharacter):
        (JSC::Yarr::Interpreter::tryConsumeCharacterClass):
        (JSC::Yarr::Interpreter::checkCharacterClass):
        (JSC::Yarr::Interpreter::tryConsumeBackReference):
        (JSC::Yarr::Interpreter::matchAssertionBOL):
        (JSC::Yarr::Interpreter::matchAssertionEOL):
        (JSC::Yarr::Interpreter::matchAssertionWordBoundary):
        (JSC::Yarr::Interpreter::matchPatternCharacter):
        (JSC::Yarr::Interpreter::backtrackPatternCharacter):
        (JSC::Yarr::Interpreter::matchCharacterClass):
        (JSC::Yarr::Interpreter::backtrackCharacterClass):
        (JSC::Yarr::Interpreter::matchBackReference):
        (JSC::Yarr::Interpreter::backtrackBackReference):
        (JSC::Yarr::Interpreter::recordParenthesesMatch):
        (JSC::Yarr::Interpreter::resetMatches):
        (JSC::Yarr::Interpreter::resetAssertionMatches):
        (JSC::Yarr::Interpreter::parenthesesDoBacktrack):
        (JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
        (JSC::Yarr::Interpreter::matchParenthesesOnceEnd):
        (JSC::Yarr::Interpreter::backtrackParenthesesOnceBegin):
        (JSC::Yarr::Interpreter::backtrackParenthesesOnceEnd):
        (JSC::Yarr::Interpreter::matchParentheticalAssertionOnceBegin):
        (JSC::Yarr::Interpreter::matchParentheticalAssertionOnceEnd):
        (JSC::Yarr::Interpreter::backtrackParentheticalAssertionOnceBegin):
        (JSC::Yarr::Interpreter::backtrackParentheticalAssertionOnceEnd):
        (JSC::Yarr::Interpreter::matchParentheses):
        (JSC::Yarr::Interpreter::backtrackParentheses):
        (JSC::Yarr::Interpreter::matchTerm):
        (JSC::Yarr::Interpreter::backtrackTerm):
        (JSC::Yarr::Interpreter::matchAlternative):
        (JSC::Yarr::Interpreter::matchDisjunction):
        (JSC::Yarr::Interpreter::matchNonZeroDisjunction):
        (JSC::Yarr::Interpreter::interpret):
        (JSC::Yarr::Interpreter::Interpreter):
        (JSC::Yarr::ByteCompiler::ParenthesesStackEntry::ParenthesesStackEntry):
        (JSC::Yarr::ByteCompiler::ByteCompiler):
        (JSC::Yarr::ByteCompiler::compile):
        (JSC::Yarr::ByteCompiler::checkInput):
        (JSC::Yarr::ByteCompiler::assertionBOL):
        (JSC::Yarr::ByteCompiler::assertionEOL):
        (JSC::Yarr::ByteCompiler::assertionWordBoundary):
        (JSC::Yarr::ByteCompiler::atomPatternCharacter):
        (JSC::Yarr::ByteCompiler::atomCharacterClass):
        (JSC::Yarr::ByteCompiler::atomBackReference):
        (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
        (JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
        (JSC::Yarr::ByteCompiler::popParenthesesStack):
        (JSC::Yarr::ByteCompiler::dumpDisjunction):
        (JSC::Yarr::ByteCompiler::closeAlternative):
        (JSC::Yarr::ByteCompiler::atomParenthesesEnd):
        (JSC::Yarr::ByteCompiler::regexBegin):
        (JSC::Yarr::ByteCompiler::regexEnd):
        (JSC::Yarr::ByteCompiler::alterantiveDisjunction):
        (JSC::Yarr::ByteCompiler::emitDisjunction):
        (JSC::Yarr::byteCompileRegex):
        (JSC::Yarr::interpretRegex):
        * yarr/RegexInterpreter.h: Added.
        (JSC::Yarr::ByteTerm::):
        (JSC::Yarr::ByteTerm::ByteTerm):
        (JSC::Yarr::ByteTerm::BOL):
        (JSC::Yarr::ByteTerm::CheckInput):
        (JSC::Yarr::ByteTerm::EOL):
        (JSC::Yarr::ByteTerm::WordBoundary):
        (JSC::Yarr::ByteTerm::BackReference):
        (JSC::Yarr::ByteTerm::AlternativeBegin):
        (JSC::Yarr::ByteTerm::AlternativeDisjunction):
        (JSC::Yarr::ByteTerm::AlternativeEnd):
        (JSC::Yarr::ByteTerm::PatternEnd):
        (JSC::Yarr::ByteTerm::invert):
        (JSC::Yarr::ByteTerm::capture):
        (JSC::Yarr::ByteDisjunction::ByteDisjunction):
        (JSC::Yarr::BytecodePattern::BytecodePattern):
        (JSC::Yarr::BytecodePattern::~BytecodePattern):
        * yarr/RegexJIT.cpp: Added.
        (JSC::Yarr::RegexGenerator::optimizeAlternative):
        (JSC::Yarr::RegexGenerator::matchCharacterClassRange):
        (JSC::Yarr::RegexGenerator::matchCharacterClass):
        (JSC::Yarr::RegexGenerator::jumpIfNoAvailableInput):
        (JSC::Yarr::RegexGenerator::jumpIfAvailableInput):
        (JSC::Yarr::RegexGenerator::checkInput):
        (JSC::Yarr::RegexGenerator::atEndOfInput):
        (JSC::Yarr::RegexGenerator::notAtEndOfInput):
        (JSC::Yarr::RegexGenerator::jumpIfCharEquals):
        (JSC::Yarr::RegexGenerator::jumpIfCharNotEquals):
        (JSC::Yarr::RegexGenerator::readCharacter):
        (JSC::Yarr::RegexGenerator::storeToFrame):
        (JSC::Yarr::RegexGenerator::loadFromFrame):
        (JSC::Yarr::RegexGenerator::TermGenerationState::TermGenerationState):
        (JSC::Yarr::RegexGenerator::TermGenerationState::resetAlternative):
        (JSC::Yarr::RegexGenerator::TermGenerationState::alternativeValid):
        (JSC::Yarr::RegexGenerator::TermGenerationState::nextAlternative):
        (JSC::Yarr::RegexGenerator::TermGenerationState::alternative):
        (JSC::Yarr::RegexGenerator::TermGenerationState::resetTerm):
        (JSC::Yarr::RegexGenerator::TermGenerationState::termValid):
        (JSC::Yarr::RegexGenerator::TermGenerationState::nextTerm):
        (JSC::Yarr::RegexGenerator::TermGenerationState::term):
        (JSC::Yarr::RegexGenerator::TermGenerationState::lookaheadTerm):
        (JSC::Yarr::RegexGenerator::TermGenerationState::isSinglePatternCharacterLookaheadTerm):
        (JSC::Yarr::RegexGenerator::TermGenerationState::inputOffset):
        (JSC::Yarr::RegexGenerator::TermGenerationState::jumpToBacktrack):
        (JSC::Yarr::RegexGenerator::TermGenerationState::setBacktrackGenerated):
        (JSC::Yarr::RegexGenerator::jumpToBacktrackCheckEmitPending):
        (JSC::Yarr::RegexGenerator::genertateAssertionBOL):
        (JSC::Yarr::RegexGenerator::genertateAssertionEOL):
        (JSC::Yarr::RegexGenerator::matchAssertionWordchar):
        (JSC::Yarr::RegexGenerator::genertateAssertionWordBoundary):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterSingle):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterPair):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterFixed):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterGreedy):
        (JSC::Yarr::RegexGenerator::genertatePatternCharacterNonGreedy):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassSingle):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassFixed):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassGreedy):
        (JSC::Yarr::RegexGenerator::genertateCharacterClassNonGreedy):
        (JSC::Yarr::RegexGenerator::generateParenthesesSingleDisjunctionOneAlternative):
        (JSC::Yarr::RegexGenerator::generateParenthesesSingle):
        (JSC::Yarr::RegexGenerator::generateTerm):
        (JSC::Yarr::RegexGenerator::generateDisjunction):
        (JSC::Yarr::RegexGenerator::RegexGenerator):
        (JSC::Yarr::RegexGenerator::generate):
        (JSC::Yarr::jitCompileRegex):
        (JSC::Yarr::executeRegex):
        * yarr/RegexJIT.h: Added.
        (JSC::Yarr::RegexCodeBlock::RegexCodeBlock):
        * yarr/RegexParser.h: Added.
        (JSC::Yarr::):
        (JSC::Yarr::Parser::):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::CharacterClassParserDelegate):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::begin):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::atomPatternCharacterUnescaped):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::atomPatternCharacter):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::atomBuiltInCharacterClass):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::end):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::assertionWordBoundary):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::atomBackReference):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::flush):
        (JSC::Yarr::Parser::CharacterClassParserDelegate::):
        (JSC::Yarr::Parser::Parser):
        (JSC::Yarr::Parser::parseEscape):
        (JSC::Yarr::Parser::parseAtomEscape):
        (JSC::Yarr::Parser::parseCharacterClassEscape):
        (JSC::Yarr::Parser::parseCharacterClass):
        (JSC::Yarr::Parser::parseParenthesesBegin):
        (JSC::Yarr::Parser::parseParenthesesEnd):
        (JSC::Yarr::Parser::parseQuantifier):
        (JSC::Yarr::Parser::parseTokens):
        (JSC::Yarr::Parser::parse):
        (JSC::Yarr::Parser::saveState):
        (JSC::Yarr::Parser::restoreState):
        (JSC::Yarr::Parser::atEndOfPattern):
        (JSC::Yarr::Parser::peek):
        (JSC::Yarr::Parser::peekIsDigit):
        (JSC::Yarr::Parser::peekDigit):
        (JSC::Yarr::Parser::consume):
        (JSC::Yarr::Parser::consumeDigit):
        (JSC::Yarr::Parser::consumeNumber):
        (JSC::Yarr::Parser::consumeOctal):
        (JSC::Yarr::Parser::tryConsume):
        (JSC::Yarr::Parser::tryConsumeHex):
        (JSC::Yarr::parse):
        * yarr/RegexPattern.h: Added.
        (JSC::Yarr::CharacterRange::CharacterRange):
        (JSC::Yarr::):
        (JSC::Yarr::PatternTerm::):
        (JSC::Yarr::PatternTerm::PatternTerm):
        (JSC::Yarr::PatternTerm::BOL):
        (JSC::Yarr::PatternTerm::EOL):
        (JSC::Yarr::PatternTerm::WordBoundary):
        (JSC::Yarr::PatternTerm::invert):
        (JSC::Yarr::PatternTerm::capture):
        (JSC::Yarr::PatternTerm::quantify):
        (JSC::Yarr::PatternAlternative::PatternAlternative):
        (JSC::Yarr::PatternAlternative::lastTerm):
        (JSC::Yarr::PatternAlternative::removeLastTerm):
        (JSC::Yarr::PatternDisjunction::PatternDisjunction):
        (JSC::Yarr::PatternDisjunction::~PatternDisjunction):
        (JSC::Yarr::PatternDisjunction::addNewAlternative):
        (JSC::Yarr::RegexPattern::RegexPattern):
        (JSC::Yarr::RegexPattern::~RegexPattern):
        (JSC::Yarr::RegexPattern::reset):
        (JSC::Yarr::RegexPattern::containsIllegalBackReference):
        (JSC::Yarr::RegexPattern::newlineCharacterClass):
        (JSC::Yarr::RegexPattern::digitsCharacterClass):
        (JSC::Yarr::RegexPattern::spacesCharacterClass):
        (JSC::Yarr::RegexPattern::wordcharCharacterClass):
        (JSC::Yarr::RegexPattern::nondigitsCharacterClass):
        (JSC::Yarr::RegexPattern::nonspacesCharacterClass):
        (JSC::Yarr::RegexPattern::nonwordcharCharacterClass):

2009-04-13  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Missed code from last patch).

        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::displayName):
        (JSC::InternalFunction::calculatedDisplayName):
        * runtime/InternalFunction.h:

2009-04-13  Francisco Tolmasky  <francisco (a] 280north.com>

        Reviewed by Oliver Hunt.
        
        BUG 25171: It should be possible to manually set the name of an anonymous function
        <https://bugs.webkit.org/show_bug.cgi?id=25171>

        This change adds the displayName property to functions, which when set overrides the 
        normal name when appearing in the console.

        * profiler/Profiler.cpp:
        (JSC::createCallIdentifierFromFunctionImp): Changed call to InternalFunction::name to InternalFunction::calculatedDisplayName
        * runtime/CommonIdentifiers.h: Added displayName common identifier.
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::displayName): Access to user settable displayName property
        (JSC::InternalFunction::calculatedDisplayName): Returns displayName if it exists, if not then the natural name

2009-04-13  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Disabled another JavaScriptCore test because it fails on Windows but
        not Mac, so it makes the bots red.

        * tests/mozilla/expected.html:

2009-04-13  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Disabled two JavaScriptCore tests because they fail on Window or Mac but
        not both, so they make the bots red.

        * tests/mozilla/expected.html: Updated expected results.

2009-04-09  Ben Murdoch  <benm (a] google.com>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=25091
        The Android platform requires threads to be registered with the VM.
        This patch implements this behaviour inside ThreadingPthreads.cpp.

        * wtf/ThreadingPthreads.cpp: Add a level above threadEntryPoint that takes care of (un)registering threads with the VM.
        (WTF::runThreadWithRegistration): register the thread and run entryPoint. Unregister the thread afterwards.
        (WTF::createThreadInternal): call runThreadWithRegistration instead of entryPoint directly.

2009-04-09  David Kilzer  <ddkilzer (a] apple.com>

        Reinstating <rdar://problem/6718589> Option to turn off SVG DOM Objective-C bindings

        Rolled r42345 back in.  The build failure was caused by an
        internal script which had not been updated the same way that
        build-webkit was updated.

        * Configurations/JavaScriptCore.xcconfig:

2009-04-09  Alexey Proskuryakov  <ap (a] webkit.org>

        Reverting <rdar://problem/6718589> Option to turn off SVG DOM Objective-C bindings.
        It broke Mac build, and I don't know how to fix it.

        * Configurations/JavaScriptCore.xcconfig:

2009-04-09  Xan Lopez  <xlopez (a] igalia.com>

        Unreviewed build fix.

        Checking for __GLIBCXX__ being bigger than some date is not enough
        to get std::tr1, C++0x has to be in use too. Add another check for
        __GXX_EXPERIMENTAL_CXX0X__.

        * wtf/TypeTraits.h:

2009-04-08  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Adam Roben.

        Fix assertion failure in function.apply

        The result of excess arguments to function.apply is irrelevant
        so we don't need to provide a result register.  We were providing
        temporary result register but not ref'ing it resulting in an
        assertion failure.

        * parser/Nodes.cpp:
        (JSC::ApplyFunctionCallDotNode::emitBytecode):

2009-04-08  David Kilzer  <ddkilzer (a] apple.com>

        <rdar://problem/6718589> Option to turn off SVG DOM Objective-C bindings

        Reviewed by Darin Adler and Maciej Stachowiak.

        Introduce the ENABLE_SVG_DOM_OBJC_BINDINGS feature define so
        that SVG DOM Objective-C bindings may be optionally disabled.

        * Configurations/JavaScriptCore.xcconfig: Added
        ENABLE_SVG_DOM_OBJC_BINDINGS variable and use it in
        FEATURE_DEFINES.

2009-04-08  Paul Pedriana <ppedriana (a] ea.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=20422
        Allow custom memory allocation control.
        
        * wtf/FastAllocBase.h:
        New added file. Implements allocation base class.
        * wtf/TypeTraits.h:
        Augments existing type traits support as needed by FastAllocBase.
        * wtf/FastMalloc.h:
        Changed to support FastMalloc match validation.
        * wtf/FastMalloc.cpp:
        Changed to support FastMalloc match validation.
        * wtf/Platform.h:
        Added ENABLE_FAST_MALLOC_MATCH_VALIDATION; defaults to 0.
        * GNUmakefile.am:
        Updated to include added FastAllocBase.h.
        * JavaScriptCore.xcodeproj/project.pbxproj:
        Updated to include added FastAllocBase.h.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        Updated to include added FastAllocBase.h.

2009-04-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Improve function.apply performance

        Jump through a few hoops to improve performance of function.apply in the general case.

        In the case of zero or one arguments, or if there are only two arguments and the
        second is an array literal we treat function.apply as function.call.

        Otherwise we use the new opcodes op_load_varargs and op_call_varargs to do the .apply call
        without re-entering the virtual machine.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
        (JSC::BytecodeGenerator::emitLoadVarargs):
        (JSC::BytecodeGenerator::emitCallVarargs):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_load_varargs):
        * jit/JITStubs.h:
        * parser/Grammar.y:
        * parser/Nodes.cpp:
        (JSC::ArrayNode::isSimpleArray):
        (JSC::ArrayNode::toArgumentList):
        (JSC::CallFunctionCallDotNode::emitBytecode):
        (JSC::ApplyFunctionCallDotNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::ExpressionNode::):
        (JSC::ApplyFunctionCallDotNode::):
        * runtime/Arguments.cpp:
        (JSC::Arguments::copyToRegisters):
        (JSC::Arguments::fillArgList):
        * runtime/Arguments.h:
        (JSC::Arguments::numProvidedArguments):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::addFunctionProperties):
        * runtime/FunctionPrototype.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::copyToRegisters):
        * runtime/JSArray.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::mark):
        * runtime/JSGlobalObject.h:

2009-04-08  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=25073
        JavaScriptCore tests don't run if time zone is not PST

        * API/tests/testapi.c:
        (timeZoneIsPST): Added a function that checks whether the time zone is PST, using the same
        method as functions in DateMath.cpp do for formatting the result.
        (main): Skip date string format test if the time zone is not PST.

2009-04-07  David Levin  <levin (a] chromium.org>

        Reviewed by Sam Weinig and Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=25039
        UString refactoring to support UChar* sharing.

        No change in sunspider perf.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStringsStorage::SmallStringsStorage):
        * runtime/UString.cpp:
        (JSC::initializeStaticBaseString):
        (JSC::initializeUString):
        (JSC::UString::BaseString::isShared):
        Encapsulate the meaning behind the refcount == 1 checks because
        this needs to do slightly more when sharing is added.
        (JSC::concatenate):
        (JSC::UString::append):
        (JSC::UString::operator=):
        * runtime/UString.h:
        Make m_baseString part of a union to get rid of casts, but make it protected because
        it is tricky to use it correctly since it is only valid when the Rep is not a BaseString.
        The void* will be filled in when sharing is added.

        Add constructors due to the making members protected and it make ensuring proper
        initialization work better (like in SmallStringsStorage).
        (JSC::UString::Rep::create):
        (JSC::UString::Rep::Rep):
        (JSC::UString::Rep::):
        (JSC::UString::BaseString::BaseString):
        (JSC::UString::Rep::setBaseString):
        (JSC::UString::Rep::baseString):

2009-04-04  Xan Lopez  <xlopez (a] igalia.com>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=25033
        dtoa.cpp segfaults with g++ 4.4.0

        g++ 4.4.0 seems to be more strict about aliasing rules, so it
        produces incorrect code if dtoa.cpp is compiled with
        -fstrict-aliasing (it also emits a ton of warnings, so fair enough
        I guess). The problem was that we were only casting variables to
        union types in order to do type punning, but GCC and the C
        standard require that we actually use a union to store the value.

        This patch does just that, the code is mostly copied from the dtoa
        version in GCC:
        http://gcc.gnu.org/viewcvs/trunk/libjava/classpath/native/fdlibm/dtoa.c?view=markup.

        * wtf/dtoa.cpp:
        (WTF::ulp):
        (WTF::b2d):
        (WTF::ratio):
        (WTF::hexnan):
        (WTF::strtod):
        (WTF::dtoa):

2009-04-04  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fix for Win port. Build the assembler sources to get missing functions.

        * JavaScriptCoreSources.bkl:
        * jscore.bkl:
        * wtf/Platform.h:

2009-04-02  Darin Adler  <darin (a] apple.com>

        Reviewed by Kevin Decker.

        <rdar://problem/6744471> crash in GC due to uninitialized callFunction pointer

        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): Initialize
        callFunction as we do the other data members that are used in the mark function.

2009-04-02  Yael Aharon  <yael.aharon (a] nokia.com>

        Reviewed by Simon Hausmann

        https://bugs.webkit.org/show_bug.cgi?id=24490

        Implement WTF::ThreadSpecific in the Qt build using
        QThreadStorage.

        * wtf/ThreadSpecific.h:

2009-04-01  Greg Bolsinga  <bolsinga (a] apple.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=24990
        Put SECTORDER_FLAGS into xcconfig files.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-03-27  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Fix non-AllInOneFile builds.

        * bytecompiler/BytecodeGenerator.cpp:

2009-03-27  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Improve performance of Function.prototype.call
        <https://bugs.webkit.org/show_bug.cgi?id=24907>

        Optimistically assume that expression.call(..) is going to be a call to
        Function.prototype.call, and handle it specially to attempt to reduce the
        degree of VM reentrancy.

        When everything goes right this removes the vm reentry improving .call()
        by around a factor of 10.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * parser/Grammar.y:
        * parser/Nodes.cpp:
        (JSC::CallFunctionCallDotNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::CallFunctionCallDotNode::):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::addFunctionProperties):
        * runtime/FunctionPrototype.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::mark):
        * runtime/JSGlobalObject.h:

2009-03-27  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Darin Adler.

        Bug 24884: Include strings.h for strcasecmp()
        https://bugs.webkit.org/show_bug.cgi?id=24884

        * runtime/DateMath.cpp: Reversed previous change including strings.h
        * wtf/StringExtras.h: Include strings.h here is available

2009-03-26  Adam Roben  <aroben (a] apple.com>

        Copy testapi.js to $WebKitOutputDir on Windows

        Part of Bug 24856: run-javascriptcore-tests should run testapi on
        Windows
        <https://bugs.webkit.org/show_bug.cgi?id=24856>

        This matches what Mac does, which will help once we enable running
        testapi from run-javascriptcore-tests on Windows.

        Reviewed by Steve Falkenburg.

        * JavaScriptCore.vcproj/testapi/testapi.vcproj: Copy testapi.js next
        to testapi.exe.

2009-03-25  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Fix exception handling for instanceof in the interpreter.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-03-25  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed <rdar://problem/6724011> Write to freed memory in JSC::Label::deref
        when reloading http://helpme.att.net/speedtest/

        * bytecompiler/BytecodeGenerator.h: Reversed the declaration order for
        m_labelScopes and m_labels to reverse their destruction order.
        m_labelScopes has references to memory within m_labels, so its destructor
        needs to run first.

2009-03-24  Eli Fidler  <eli.fidler (a] torchmobile.com>

        Reviewed by George Staikos.

        Correct warnings which in some environments are treated as errors.

        * wtf/dtoa.cpp:
        (WTF::b2d):
        (WTF::d2b):
        (WTF::strtod):
        (WTF::dtoa):

2009-03-24  Kevin Ollivier  <kevino (a] theolliviers.com>

        Reviewed by Darin Adler.
        
        Explicitly define HAVE_LANGINFO_H on Darwin. Fixes the wx build bot jscore 
        test failure. 
        
        https://bugs.webkit.org/show_bug.cgi?id=24780

        * wtf/Platform.h:

2009-03-23  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fix className() for API defined class

        * API/JSCallbackObjectFunctions.h:
        (JSC::::className):
        * API/tests/testapi.c:
        (EmptyObject_class):
        (main):
        * API/tests/testapi.js:

2009-03-23  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Make testapi assertions run in release builds, so that testapi actually
        works in a release build.

        Many of the testapi assertions have side effects that are necessary, and
        given testapi is a testing program, perf impact of an assertion is not
        important, so it makes sense to apply the assertions in release builds
        anyway.

        * API/tests/testapi.c:
        (EvilExceptionObject_hasInstance):

2009-03-23  David Kilzer  <ddkilzer (a] apple.com>

        Provide JavaScript exception information after slow script timeout

        Reviewed by Oliver Hunt.

        * runtime/Completion.cpp:
        (JSC::evaluate): Set the exception object as the Completion
        object's value for slow script timeouts.  This is used in
        WebCore when reporting the exception.
        * runtime/ExceptionHelpers.cpp:
        (JSC::InterruptedExecutionError::toString): Added.  Provides a
        description message for the exception when it is reported.

2009-03-23  Gustavo Noronha Silva  <gns (a] gnome.org> and Thadeu Lima de Souza Cascardo <cascardo (a] holoscopio.com>

        Reviewed by Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=24674
        Crashes in !PLATFORM(MAC)'s formatLocaleDate, in very specific situations

        Make sure strftime never returns 2-digits years to avoid ambiguity
        and a crash. We wrap this new code option in HAVE_LANGINFO_H,
        since it is apparently not available in all platforms.

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        * wtf/Platform.h:

2009-03-22  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fix exception handling in API

        We can't just use the ExecState exception slot for returning exceptions
        from class introspection functions provided through the API as many JSC
        functions will explicitly clear the ExecState exception when returning.

        * API/JSCallbackObjectFunctions.h:
        (JSC::JSCallbackObject<Base>::getOwnPropertySlot):
        (JSC::JSCallbackObject<Base>::put):
        (JSC::JSCallbackObject<Base>::deleteProperty):
        (JSC::JSCallbackObject<Base>::construct):
        (JSC::JSCallbackObject<Base>::hasInstance):
        (JSC::JSCallbackObject<Base>::call):
        (JSC::JSCallbackObject<Base>::toNumber):
        (JSC::JSCallbackObject<Base>::toString):
        (JSC::JSCallbackObject<Base>::staticValueGetter):
        (JSC::JSCallbackObject<Base>::callbackGetter):
        * API/tests/testapi.c:
        (MyObject_hasProperty):
        (MyObject_getProperty):
        (MyObject_setProperty):
        (MyObject_deleteProperty):
        (MyObject_callAsFunction):
        (MyObject_callAsConstructor):
        (MyObject_hasInstance):
        (EvilExceptionObject_hasInstance):
        (EvilExceptionObject_convertToType):
        (EvilExceptionObject_class):
        (main):
        * API/tests/testapi.js:
        (EvilExceptionObject.hasInstance):
        (EvilExceptionObject.toNumber):
        (EvilExceptionObject.toStringExplicit):

2009-03-21  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20049: testapi failure: MyObject - 0 should be NaN but instead is 1.
        <https://bugs.webkit.org/show_bug.cgi?id=20049>
        <rdar://problem/6079127>

        In this case, the test is wrong. According to the ECMA spec, subtraction
        uses ToNumber, not ToPrimitive. Change the test to match the spec.

        * API/tests/testapi.js:

2009-03-21  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Ensure that JSObjectMakeFunction doesn't produce incorrect line numbers.

        Also make test api correctly propagate failures.

        * API/tests/testapi.c:
        (main):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):

2009-03-21  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Mark Rowe.

        Improve testapi by making it report failures in a way we can pick up
        from our test scripts.

        * API/tests/testapi.c:
        (assertEqualsAsBoolean):
        (assertEqualsAsNumber):
        (assertEqualsAsUTF8String):
        (assertEqualsAsCharactersPtr):
        (main):
        * API/tests/testapi.js:
        (pass):
        (fail):
        (shouldBe):
        (shouldThrow):

2009-03-20  Norbert Leser  <norbert.leser (a] nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24535

        Fixes missing line terminator character (;) after macro call.
        It is common practice to add the trailing ";" where macros are substituted
        and not where they are defined with #define.
        This change is consistent with other macro declarations across webkit,
        and it also solves compilation failure with symbian compilers. 
 
        * runtime/UString.cpp:
        * wtf/Assertions.h:

2009-03-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed a JavaScriptCore crash on the Windows buildbot.

        * bytecompiler/BytecodeGenerator.h: Reduced the AST recursion limit.
        Apparently, Windows has small stacks.

2009-03-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        A little cleanup in the RegisterFile code.
        
        Moved large inline functions out of the class declaration, to make it
        more readable.
        
        Switched over to using the roundUpAllocationSize function to avoid
        duplicate code and subtle bugs.
        
        Renamed m_maxCommitted to m_commitEnd, to match m_end.
        
        Renamed allocationSize to commitSize because it's the chunk size for
        committing memory, not allocating memory.
        
        SunSpider reports no change.

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::shrink):
        (JSC::RegisterFile::grow):
        * jit/ExecutableAllocator.h:
        (JSC::roundUpAllocationSize):

2009-03-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Fixed <rdar://problem/6033712> -- a little bit of hardening in the Collector.
        
        SunSpider reports no change. I also verified in the disassembly that
        we end up with a single compare to constant.

        * runtime/Collector.cpp:
        (JSC::Heap::heapAllocate):

2009-03-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich and Oliver Hunt.

        Fixed <rdar://problem/6406045> REGRESSION: Stack overflow on PowerPC on
        fast/workers/use-machine-stack.html (22531)

        Dialed down the re-entry allowance to 64 (from 128).
        
        On a 512K stack, this leaves about 64K for other code on the stack while
        JavaScript is running. Not perfect, but it solves our crash on PPC.

        Different platforms may want to dial this down even more.

        Also, substantially shrunk BytecodeGenerator. Since we allocate one on
        the stack in order to throw a stack overflow exception -- well, let's
        just say the old code had an appreciation for irony.

        SunSpider reports no change.

        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.h:
        (JSC::):

2009-03-19  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 24350: REGRESSION: Safari 4 breaks SPAW wysiwyg editor multiple instances
        <https://bugs.webkit.org/show_bug.cgi?id=24350>
        <rdar://problem/6674182>

        The SPAW editor's JavaScript assumes that toString() on a function
        constructed with the Function constructor produces a function with
        a newline after the opening brace.

        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction): Add a newline after the opening brace of the
        function's source code.

2009-03-19  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Geoff Garen.

        Bug 23771: REGRESSION (r36016): JSObjectHasProperty freezes on global class without kJSClassAttributeNoAutomaticPrototype
        <https://bugs.webkit.org/show_bug.cgi?id=23771>
        <rdar://problem/6561016>

        * API/tests/testapi.c:
        (main): Add a test for this bug.
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::resetPrototype): Don't set the prototype of the
        last object in the prototype chain to the object prototype when the
        object prototype is already the last object in the prototype chain.

2009-03-19  Timothy Hatcher  <timothy (a] apple.com>

        <rdar://problem/6687342> -[WebView scheduleInRunLoop:forMode:] has no affect on timers

        Reviewed by Darin Adler.

        * wtf/Platform.h: Added HAVE_RUNLOOP_TIMER for PLATFORM(MAC).

2009-03-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Fixed <rdar://problem/6279213> Regular expression run-time complexity
        limit too low for long inputs (21485)
        
        I raised PCRE's "matchLimit" (limit on backtracking) by an order of
        magnitude. This fixes all the reported examples of timing out on legitimate
        regular expression matches.
        
        In my testing on a Core Duo MacBook Pro, the longest you can get stuck
        trying to match a string is still under 1s, so this seems like a safe change.
        
        I can think of a number of better solutions that are more complicated,
        but this is a good improvement for now.

        * pcre/pcre_exec.cpp:

2009-03-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed <rdar://problem/6603562> REGRESSION (Safari 4): regular expression
        pattern size limit lower than Safari 3.2, other browsers, breaks SAP (14873)
        
        Bumped the pattern size limit to 1MB, and standardized it between PCRE
        and WREC. (Empirical testing says that we can easily compile a 1MB regular
        expression without risking a hang. Other browsers support bigger regular
        expressions, but also hang.)
        
        SunSpider reports no change.
        
        I started with a patch posted to Bugzilla by Erik Corry (erikcorry (a] google.com).
        
        * pcre/pcre_internal.h:
        (put3ByteValue):
        (get3ByteValue):
        (put3ByteValueAndAdvance):
        (putLinkValueAllowZero):
        (getLinkValueAllowZero): Made PCRE's "LINK_SIZE" (the number of bytes
        used to record jumps between bytecodes) 3, to accomodate larger potential
        jumps. Bumped PCRE's "MAX_PATTERN_SIZE" to 1MB. (Technically, at this
        LINK_SIZE, we can support even larger patterns, but we risk a hang during
        compilation, and it's not clear that such large patterns are important
        on the web.)

        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp): Match PCRE's maximum pattern size,
        to avoid quirks between platforms.

2009-03-18  Ada Chan  <adachan (a] apple.com>

        Rolling out r41818 since it broke the windows build.
        Error: ..\..\runtime\DatePrototype.cpp(30) : fatal error C1083: Cannot open include file: 'langinfo.h': No such file or directory

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2009-03-17  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        <rdar://problem/6692138> REGRESSION (Safari 4): Incorrect function return value when using IE "try ... finally" memory leak work-around (24654)
        <https://bugs.webkit.org/show_bug.cgi?id=24654>

        If the return value for a function is in a local register we need
        to copy it before executing any finalisers, otherwise it is possible
        for the finaliser to clobber the result.

        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::hasFinaliser):
        * parser/Nodes.cpp:
        (JSC::ReturnNode::emitBytecode):

2009-03-17  Kevin Ollivier  <kevino (a] theolliviers.com>

        Reviewed by Mark Rowe.
        
        Move BUILDING_ON_* defines into Platform.h to make them available to other ports.
        Also tweak the defines so that they work with the default values set by 
        AvailabilityMacros.h.

        https://bugs.webkit.org/show_bug.cgi?id=24630

        * JavaScriptCorePrefix.h:
        * wtf/Platform.h:

2009-03-15  Simon Fraser  <simon.fraser (a] apple.com>

        Revert r41718 because it broke DumpRenderTree on Tiger.

        * JavaScriptCorePrefix.h:
        * wtf/Platform.h:

2009-03-15  Kevin Ollivier  <kevino (a] theolliviers.com>

        Non-Apple Mac ports build fix. Move defines for the BUILDING_ON_ macros into
        Platform.h so that they're defined for all ports building on Mac, and tweak
        the definitions of those macros based on Mark Rowe's suggestions to accomodate
        cases where the values may not be <= to the .0 release for that version.

        * JavaScriptCorePrefix.h:
        * wtf/Platform.h:

2009-03-13  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Dan Bernstein.

        Take advantage of the ability of recent versions of Xcode to easily switch the active
        architecture.

        * Configurations/DebugRelease.xcconfig:

2009-03-13  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by David Kilzer.

        Prevent AllInOneFile.cpp and ProfileGenerator.cpp from rebuilding unnecessarily when
        switching between building in Xcode and via build-webkit.

        build-webkit passes FEATURE_DEFINES to xcodebuild, resulting in it being present in the
        Derived Sources build settings.  When building in Xcode, this setting isn't present so
        Xcode reruns the script build phases.  This results in a new version of TracingDtrace.h
        being generated, and the files that include it being rebuilt.

        * JavaScriptCore.xcodeproj/project.pbxproj:  Don't regenerate TracingDtrace.h if it is
        already newer than the input file.

2009-03-13  Norbert Leser  <norbert.leser (a] nokia.com>

        Reviewed by Darin Adler.

        Resolved name conflict with globally defined tzname in Symbian.
        Replaced with different name instead of using namespace qualifier
        (appeared to be less clumsy).

        * runtime/DateMath.cpp:

2009-03-12  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6548446> TCMalloc_SystemRelease should use madvise rather than re-mmaping span of pages

        * wtf/FastMalloc.cpp:
        (WTF::mergeDecommittedStates): If either of the spans has been released to the system, release the other
        span as well so that the flag in the merged span is accurate.
        * wtf/Platform.h:
        * wtf/TCSystemAlloc.cpp: Track decommitted spans when using MADV_FREE_REUSABLE / MADV_FREE_REUSE.
        (TCMalloc_SystemRelease): Use madvise with MADV_FREE_REUSABLE when it is available.
        (TCMalloc_SystemCommit): Use madvise with MADV_FREE_REUSE when it is available.
        * wtf/TCSystemAlloc.h:

2009-03-12  Adam Treat  <adam.treat (a] torchmobile.com>

        Reviewed by NOBODY (Build fix).

        Include string.h for strlen usage.

        * wtf/Threading.cpp:

2009-03-12  David Kilzer  <ddkilzer (a] apple.com>

        Add NO_RETURN attribute to runInteractive() when not using readline

        Reviewed by Darin Adler.

        * jsc.cpp:
        (runInteractive): If the readline library is not used, this method
        will never return, thus the NO_RETURN attribute is needed to prevent
        a gcc warning.

2009-03-12  Adam Roben  <aroben (a] apple.com>

        Adopt setThreadNameInternal on Windows

        Also changed a Windows-only assertion about thread name length to an
        all-platform log message.

        Reviewed by Adam Treat.

        * wtf/Threading.cpp:
        (WTF::createThread): Warn if the thread name is longer than 31
        characters, as Visual Studio will truncate names longer than that
        length.

        * wtf/ThreadingWin.cpp:
        (WTF::setThreadNameInternal): Renamed from setThreadName and changed
        to always operate on the current thread.
        (WTF::initializeThreading): Changed to use setThreadNameInternal.
        (WTF::createThreadInternal): Removed call to setThreadName. This is
        now handled by threadEntryPoint and setThreadNameInternal.

2009-03-11  David Kilzer  <ddkilzer (a] apple.com>

        Clarify comments regarding order of FEATURE_DEFINES

        Rubber-stamped by Mark Rowe.

        * Configurations/JavaScriptCore.xcconfig: Added warning about
        the consequences when FEATURE_DEFINES are not kept in sync.

2009-03-11  Dan Bernstein  <mitz (a] apple.com>

        Reviewed by Darin Adler.

        - WTF support for fixing <rdar://problem/3919124> Thai text selection
          in Safari is incorrect

        * wtf/unicode/icu/UnicodeIcu.h:
        (WTF::Unicode::hasLineBreakingPropertyComplexContext): Added. Returns
        whether the character has Unicode line breaking property value SA
        ("Complex Context").
        * wtf/unicode/qt4/UnicodeQt4.h:
        (WTF::Unicode::hasLineBreakingPropertyComplexContext): Added an
        implementation that always returns false.

2009-03-11  Darin Adler  <darin (a] apple.com>

        Reviewed by Mark Rowe.

        Give threads names on platforms with pthread_setname_np.

        * wtf/Threading.cpp:
        (WTF::NewThreadContext::NewThreadContext): Initialize thread name.
        (WTF::threadEntryPoint): Call setThreadNameInternal.
        (WTF::createThread): Pass thread name.

        * wtf/Threading.h: Added new comments, setThreadNameInternal.

        * wtf/ThreadingGtk.cpp:
        (WTF::setThreadNameInternal): Added. Empty.
        * wtf/ThreadingNone.cpp:
        (WTF::setThreadNameInternal): Added. Empty.
        * wtf/ThreadingPthreads.cpp:
        (WTF::setThreadNameInternal): Call pthread_setname_np when available.
        * wtf/ThreadingQt.cpp:
        (WTF::setThreadNameInternal): Added. Empty.
        * wtf/ThreadingWin.cpp:
        (WTF::setThreadNameInternal): Added. Empty.

2009-03-11  Adam Roben  <aroben (a] apple.com>

        Change the Windows implementation of ThreadSpecific to use functions
        instead of extern globals

        This will make it easier to export ThreadSpecific from WebKit.

        Reviewed by John Sullivan.

        * API/JSBase.cpp:
        (JSEvaluateScript): 
        Touched this file to force ThreadSpecific.h to be copied into
        $WebKitOutputDir.

        * wtf/ThreadSpecific.h: Replaced g_tls_key_count with tlsKeyCount()
        and g_tls_keys with tlsKeys().

        (WTF::::ThreadSpecific):
        (WTF::::~ThreadSpecific):
        (WTF::::get):
        (WTF::::set):
        (WTF::::destroy):
        Updated to use the new functions.

        * wtf/ThreadSpecificWin.cpp:
        (WTF::tlsKeyCount):
        (WTF::tlsKeys):
        Added.

        (WTF::ThreadSpecificThreadExit): Changed to use the new functions.

2009-03-10  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Geoff Garen.

        Bug 24291: REGRESSION (r38635): Single line JavaScript comment prevents HTML button click handler execution
        <https://bugs.webkit.org/show_bug.cgi?id=24291>
        <rdar://problem/6663472>

        Add an extra newline to the end of the body of the program text constructed
        by the Function constructor for parsing. This allows single line comments to
        be handled correctly by the parser.

        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):

2009-03-09  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        Bug 24447: REGRESSION (r41508): Google Maps does not complete initialization
        <rdar://problem/6657774>

        r41508 actually exposed a pre-existing bug where we were not invalidating the result
        register cache at jump targets.  This causes problems when condition loads occur in an
        expression -- namely through the ?: and || operators.  This patch corrects these issues
        by marking the target of all forward jumps as being a jump target, and then clears the
        result register cache when ever it starts generating code for a targeted instruction.

        I do not believe it is possible to cause this class of failure outside of a single
        expression, and expressions only provide forward branches, so this should resolve this
        entire class of bug.  That said i've included a test case that gets as close as possible
        to hitting this bug with a back branch, to hopefully prevent anyone from introducing the
        problem in future.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Label::isUsed):
        (JSC::AbstractMacroAssembler::Label::used):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::JmpDst::JmpDst):
        (JSC::X86Assembler::JmpDst::isUsed):
        (JSC::X86Assembler::JmpDst::used):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2009-03-09  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        Bug 23175: String and UString should be able to share a UChar* buffer.
        <https://bugs.webkit.org/show_bug.cgi?id=23175>

        Add CrossThreadRefCounted.

        * wtf/CrossThreadRefCounted.h: Added.
        (WTF::CrossThreadRefCounted::create):
        (WTF::CrossThreadRefCounted::isShared):
        (WTF::CrossThreadRefCounted::dataAccessMustBeThreadSafe):
        (WTF::CrossThreadRefCounted::mayBePassedToAnotherThread):
        (WTF::CrossThreadRefCounted::CrossThreadRefCounted):
        (WTF::CrossThreadRefCounted::~CrossThreadRefCounted):
        (WTF::CrossThreadRefCounted::ref):
        (WTF::CrossThreadRefCounted::deref):
        (WTF::CrossThreadRefCounted::release):
        (WTF::CrossThreadRefCounted::copy):
        (WTF::CrossThreadRefCounted::threadSafeDeref):
        * wtf/RefCounted.h:
        * wtf/Threading.h:
        (WTF::ThreadSafeSharedBase::ThreadSafeSharedBase):
        (WTF::ThreadSafeSharedBase::derefBase):
        (WTF::ThreadSafeShared::ThreadSafeShared):
        (WTF::ThreadSafeShared::deref):

2009-03-09  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=24353
        Allow to overrule default build options for Qt build.

        * JavaScriptCore.pri: Allow to overrule ENABLE_JIT

2009-03-08  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (build fix).

        Build fix.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncConcat):

2009-03-01  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 24268: RuntimeArray is not a fully implemented JSArray
        <https://bugs.webkit.org/show_bug.cgi?id=24268>

        Don't cast a type to JSArray, just because it reportsArray as a supertype
        in the JS type system.  Doesn't appear feasible to create a testcase
        unfortunately as setting up the failure conditions requires internal access 
        to JSC not present in DRT.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncConcat):

2009-03-06  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        When preforming an op_mov, preserve any existing register mapping.

        ~0.5% progression on v8 tests x86-64.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2009-03-05  Simone Fiorentino  <simone.fiorentino (a] consulenti.fastweb.it>

        Bug 24382: request to add SH4 platform

        <https://bugs.webkit.org/show_bug.cgi?id=24382>

        Reviewed by David Kilzer.

        * wtf/Platform.h: Added support for SH4 platform.

2009-03-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Writes of constant values to SF registers should be made with direct memory
        writes where possible, rather than moving the value via a hardware register.

        ~3% win on SunSpider tests on x86, ~1.5% win on v8 tests on x86-64.

        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::storePtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movq_i32m):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2009-03-05  Mark Rowe  <mrowe (a] apple.com>

        Fix the build.

        Sprinkle "static" around NumberConstructor.cpp in order to please the compiler.

        * runtime/NumberConstructor.cpp:
        (JSC::numberConstructorNaNValue):
        (JSC::numberConstructorNegInfinity):
        (JSC::numberConstructorPosInfinity):
        (JSC::numberConstructorMaxValue):
        (JSC::numberConstructorMinValue):

2009-03-04  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6354858> FastMallocZone's enumeration code reports fragmented administration space

        The handling of MALLOC_ADMIN_REGION_RANGE_TYPE in FastMalloc's zone was incorrect.  It was attempting
        to record the memory containing and individual span as an administrative region, when all memory
        allocated via MetaDataAlloc should in fact be recorded.  This was causing memory regions allocated
        via MetaDataAlloc to appear as "VM_ALLOCATE ?" in vmmap output.  They are now correctly reported as
        "MALLOC_OTHER" regions associated with the JavaScriptCore FastMalloc zone.

        Memory is allocated via MetaDataAlloc from two locations: PageHeapAllocator, and TCMalloc_PageMap{2,3}.
        These two cases are handled differently.

        PageHeapAllocator is extended to keep a linked list of memory regions that it has allocated.  The
        first object in an allocated region contains the link to the previously allocated region. To record
        the administrative regions of a PageHeapAllocator we can simply walk the linked list and record
        each allocated region we encounter.

        TCMalloc_PageMaps allocate memory via MetaDataAlloc to store each level of the radix tree.  To record
        the administrative regions of a TCMalloc_PageMap we walk the tree and record the storage used for nodes
        at each position rather than the nodes themselves.

        A small performance improvement is achieved by coalescing adjacent memory regions inside the PageMapMemoryUsageRecorder
        so that fewer calls in to the range recorder are necessary.  We further reduce the number of calls to the
        range recorder by aggregating the in-use ranges of a given memory region into a local buffer before recording
        them with a single call.  A similar approach is also used by AdminRegionRecorder.

        * wtf/FastMalloc.cpp:
        (WTF::PageHeapAllocator::Init):
        (WTF::PageHeapAllocator::New):
        (WTF::PageHeapAllocator::recordAdministrativeRegions):
        (WTF::TCMallocStats::FreeObjectFinder::isFreeObject):
        (WTF::TCMallocStats::PageMapMemoryUsageRecorder::~PageMapMemoryUsageRecorder):
        (WTF::TCMallocStats::PageMapMemoryUsageRecorder::recordPendingRegions):
        (WTF::TCMallocStats::PageMapMemoryUsageRecorder::visit):
        (WTF::TCMallocStats::AdminRegionRecorder::AdminRegionRecorder):
        (WTF::TCMallocStats::AdminRegionRecorder::recordRegion):
        (WTF::TCMallocStats::AdminRegionRecorder::visit):
        (WTF::TCMallocStats::AdminRegionRecorder::recordPendingRegions):
        (WTF::TCMallocStats::AdminRegionRecorder::~AdminRegionRecorder):
        (WTF::TCMallocStats::FastMallocZone::enumerate):
        (WTF::TCMallocStats::FastMallocZone::FastMallocZone):
        (WTF::TCMallocStats::FastMallocZone::init):
        * wtf/TCPageMap.h:
        (TCMalloc_PageMap2::visitValues):
        (TCMalloc_PageMap2::visitAllocations):
        (TCMalloc_PageMap3::visitValues):
        (TCMalloc_PageMap3::visitAllocations):

2009-03-04  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Dave Hyatt.

        https://bugs.webkit.org/show_bug.cgi?id=24359
        Repaint throttling mechanism
        
        Set ENABLE_REPAINT_THROTTLING to 0 by default.

        * wtf/Platform.h:

2009-03-03  David Kilzer  <ddkilzer (a] apple.com>

        <rdar://problem/6581203> WebCore and WebKit should install the same set of headers during installhdrs phase as build phase

        Reviewed by Mark Rowe.

        * Configurations/Base.xcconfig: Defined REAL_PLATFORM_NAME based
        on PLATFORM_NAME to work around the missing definition on Tiger.
        Updated HAVE_DTRACE to use REAL_PLATFORM_NAME.

2009-03-03  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6639110> console.profile() doesn't work without a title

        * profiler/Profiler.cpp:
        (JSC::Profiler::startProfiling): assert if there is not title to ensure
        we don't start profiling without one.

2009-03-02  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Enable Geolocation (except on Tiger and Leopard).

        * Configurations/JavaScriptCore.xcconfig:

2009-03-01  David Kilzer  <ddkilzer (a] apple.com>

        <rdar://problem/6635688> Move HAVE_DTRACE check to Base.xcconfig

        Reviewed by Mark Rowe.

        * Configurations/Base.xcconfig: Set HAVE_DTRACE Xcode variable
        based on PLATFORM_NAME and MAC_OS_X_VERSION_MAJOR.  Also define
        it as a preprocessor macro by modifying
        GCC_PREPROCESSOR_DEFINITIONS.
        * JavaScriptCore.xcodeproj/project.pbxproj: Changed "Generate
        DTrace header" script phase to check for HAVE_DTRACE instead of
        MACOSX_DEPLOYMENT_TARGET.
        * wtf/Platform.h: Removed definition of HAVE_DTRACE macro since
        it's defined in Base.xcconfig now.

2009-03-01  Horia Olaru  <olaru (a] adobe.com>

        By looking in grammar.y there are only a few types of statement nodes
        on which the debugger should stop. 

        Removed isBlock and isLoop virtual calls. No need to emit debug hooks in
        the "statementListEmitCode" method as long as the necessary hooks can be
        added in each "emitCode".

        https://bugs.webkit.org/show_bug.cgi?id=21073

        Reviewed by Kevin McCullough.

        * parser/Nodes.cpp:
        (JSC::ConstStatementNode::emitBytecode):
        (JSC::statementListEmitCode):
        (JSC::EmptyStatementNode::emitBytecode):
        (JSC::ExprStatementNode::emitBytecode):
        (JSC::VarStatementNode::emitBytecode):
        (JSC::IfNode::emitBytecode):
        (JSC::IfElseNode::emitBytecode):
        (JSC::DoWhileNode::emitBytecode):
        (JSC::WhileNode::emitBytecode):
        (JSC::ForNode::emitBytecode):
        (JSC::ForInNode::emitBytecode):
        (JSC::ContinueNode::emitBytecode):
        (JSC::BreakNode::emitBytecode):
        (JSC::ReturnNode::emitBytecode):
        (JSC::WithNode::emitBytecode):
        (JSC::SwitchNode::emitBytecode):
        (JSC::LabelNode::emitBytecode):
        (JSC::ThrowNode::emitBytecode):
        (JSC::TryNode::emitBytecode):
        * parser/Nodes.h:

2009-02-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Fix bug #23614.  Switches on double precision values were incorrectly
        truncating the scrutinee value.  E.g.:

            switch (1.1) { case 1: print("FAIL"); }

        Was resulting in FAIL.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_switch_imm):

2009-02-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Integer Immediate representation need not be canonical in x86 JIT code.
        On x86-64 we already have loosened the requirement that the int immediate
        representation in canonical, we should bring x86 into line.

        This patch is a minor (~0.5%) improvement on sunspider & v8-tests, and
        should reduce memory footoprint (reduces JIT code size).

        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        (JSC::JIT::emitJumpIfImmediateNumber):
        (JSC::JIT::emitJumpIfNotImmediateNumber):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):

2009-02-26  Carol Szabo  <carol.szabo (a] nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=24099
        ARM Compiler Warnings in pcre_exec.cpp

        * pcre/pcre_exec.cpp:
        (match):

2009-02-25  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Gavin Barraclough.

        Bug 24086: Regression (r40993): WebKit crashes after logging in to lists.zenbe
        <https://bugs.webkit.org/show_bug.cgi?id=24086>
        <rdar://problem/6625111>

        The numeric sort optimization in r40993 generated bytecode for a function
        without generating JIT code. This breaks an assumption in some parts of
        the JIT's function calling logic that the presence of a CodeBlock implies
        the existence of JIT code.

        In order to fix this, we simply generate JIT code whenever we check whether
        a function is a numeric sort function. This only incurs an additional cost
        in the case when the function is a numeric sort function, in which case it
        is not expensive to generate JIT code for it.

        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):

2009-02-25  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Fixed <rdar://problem/6611174> REGRESSION (r36701): Unable to select
        messages on hotmail (24052)
        
        The bug was that for-in enumeration used a cached prototype chain without
        validating that it was up-to-date.
        
        This led me to refactor prototype chain caching so it was easier to work
        with and harder to get wrong.
        
        After a bit of inlining, this patch is performance-neutral on SunSpider
        and the v8 benchmarks.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::tryCachePutByID):
        (JSC::JITStubs::tryCacheGetByID):
        (JSC::JITStubs::cti_op_get_by_id_proto_list): Use the new refactored goodness. See
        lines beginning with "-" and smile.

        * runtime/JSGlobalObject.h:
        (JSC::Structure::prototypeForLookup): A shout out to const.

        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::next): We can use a pointer comparison to
        see if our cached structure chain is equal to the object's structure chain,
        since in the case of a cache hit, we share references to the same structure
        chain.

        * runtime/Operations.h:
        (JSC::countPrototypeChainEntriesAndCheckForProxies): Use the new refactored
        goodness.

        * runtime/PropertyNameArray.h:
        (JSC::PropertyNameArray::PropertyNameArray):
        (JSC::PropertyNameArray::setShouldCache):
        (JSC::PropertyNameArray::shouldCache): Renamed "cacheable" to "shouldCache"
        to communicate that the client is specifying a recommendation, not a
        capability.
        
        * runtime/Structure.cpp:
        (JSC::Structure::Structure): No need to initialize a RefPtr.
        (JSC::Structure::getEnumerablePropertyNames): Moved some code into helper
        functions.

        (JSC::Structure::prototypeChain): New centralized accessor for a prototype
        chain. Revalidates on every access, since the objects in the prototype
        chain may have mutated.

        (JSC::Structure::isValid): Helper function for revalidating a cached
        prototype chain.

        (JSC::Structure::getEnumerableNamesFromPropertyTable):
        (JSC::Structure::getEnumerableNamesFromClassInfoTable): Factored out of
        getEnumerablePropertyNames.

        * runtime/Structure.h:

        * runtime/StructureChain.cpp:
        (JSC::StructureChain::StructureChain):
        * runtime/StructureChain.h:
        (JSC::StructureChain::create): No need for structureChainsAreEqual, since
        we use pointer equality now. Refactored StructureChain to make a little
        more sense and eliminate special cases for null prototypes.

2009-02-25  Steve Falkenburg  <sfalken (a] apple.com>

        Use timeBeginPeriod to enable timing resolution greater than 16ms in command line jsc for Windows.
        Allows more accurate reporting of benchmark times via command line jsc.exe. Doesn't affect WebKit's use of JavaScriptCore.
        
        Reviewed by Adam Roben.

        * jsc.cpp:
        (main):

2009-02-24  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix?

        * GNUmakefile.am:

2009-02-24  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6259220> Rename AVAILABLE_AFTER_WEBKIT_VERSION_3_1 (etc.) to match the other macros

        * API/JSBasePrivate.h:
        * API/JSContextRef.h:
        * API/JSObjectRef.h:
        * API/WebKitAvailability.h:

2009-02-23  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Next step in splitting JIT functionality out of the Interpreter class:
        Moved vptr storage from Interpreter to JSGlobalData, so it could be shared
        between Interpreter and JITStubs, and moved the *Trampoline JIT stubs
        into the JITStubs class. Also added a VPtrSet class to encapsulate vptr
        hacks during JSGlobalData initialization.
        
        SunSpider says 0.4% faster. Meh.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::JITStubs):
        (JSC::JITStubs::tryCacheGetByID):
        (JSC::JITStubs::cti_vm_dontLazyLinkCall):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_is_string):
        * jit/JITStubs.h:
        (JSC::JITStubs::ctiArrayLengthTrampoline):
        (JSC::JITStubs::ctiStringLengthTrampoline):
        (JSC::JITStubs::ctiVirtualCallPreLink):
        (JSC::JITStubs::ctiVirtualCallLink):
        (JSC::JITStubs::ctiVirtualCall):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncPop):
        (JSC::arrayProtoFuncPush):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply):
        * runtime/JSArray.h:
        (JSC::isJSArray):
        * runtime/JSByteArray.h:
        (JSC::asByteArray):
        (JSC::isJSByteArray):
        * runtime/JSCell.h:
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::VPtrSet::VPtrSet):
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::create):
        (JSC::JSGlobalData::sharedInstance):
        * runtime/JSGlobalData.h:
        * runtime/JSString.h:
        (JSC::isJSString):
        * runtime/Operations.h:
        (JSC::jsLess):
        (JSC::jsLessEq):
        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp):

2009-02-23  Csaba Osztrogonac  <oszi (a] inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Bug 23787: Allow JIT to generate SSE2 code if using GCC
        <https://bugs.webkit.org/show_bug.cgi?id=23787>

        GCC version of the cpuid check.

        * jit/JITArithmetic.cpp:
        (JSC::isSSE2Present): previous assembly code fixed.

2009-02-23  David Levin  <levin (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Bug 24047: Need to simplify nested if's in WorkerRunLoop::runInMode
        <https://bugs.webkit.org/show_bug.cgi?id=24047>

        * wtf/MessageQueue.h:
        (WTF::MessageQueue::infiniteTime):
        Allows for one to call waitForMessageFilteredWithTimeout and wait forever.

        (WTF::MessageQueue::alwaysTruePredicate):
        (WTF::MessageQueue::waitForMessage):
        Made waitForMessage call waitForMessageFilteredWithTimeout, so that there is less
        duplicate code.

        (WTF::MessageQueue::waitForMessageFilteredWithTimeout):

        * wtf/ThreadingQt.cpp:
        (WTF::ThreadCondition::timedWait):
        * wtf/ThreadingWin.cpp:
        (WTF::ThreadCondition::timedWait):
        Made these two implementations consistent with the pthread and gtk implementations.
        Currently, the time calculations would overflow when passed large values.

2009-02-23  Jeremy Moskovich  <jeremy (a] chromium.org>

        Reviewed by Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=24096
        PLATFORM(MAC)->PLATFORM(CF) since we want to use the CF functions in Chrome on OS X.

        * wtf/CurrentTime.cpp:

2009-02-22  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix?

        * GNUmakefile.am:

2009-02-22  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix.

        * GNUmakefile.am:

2009-02-22  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Next step in splitting JIT functionality out of the Interpreter class:
        Created a JITStubs class and renamed Interpreter::cti_* to JITStubs::cti_*.
        
        Also, moved timeout checking into its own class, located in JSGlobalData,
        so both the Interpreter and the JIT could have access to it.

        * JavaScriptCore.exp:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * interpreter/CallFrame.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * interpreter/Register.h:
        * jit/JIT.cpp:
        (JSC::):
        (JSC::JIT::emitTimeoutCheck):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArithSlow_op_lshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_bitand):
        (JSC::JIT::compileFastArithSlow_op_mod):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArithSlow_op_post_inc):
        (JSC::JIT::compileFastArithSlow_op_post_dec):
        (JSC::JIT::compileFastArithSlow_op_pre_inc):
        (JSC::JIT::compileFastArithSlow_op_pre_dec):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArith_op_sub):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::compileFastArithSlow_op_add):
        (JSC::JIT::compileFastArithSlow_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::tryCachePutByID):
        (JSC::JITStubs::tryCacheGetByID):
        (JSC::JITStubs::cti_op_convert_this):
        (JSC::JITStubs::cti_op_end):
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_timeout_check):
        (JSC::JITStubs::cti_register_file_check):
        (JSC::JITStubs::cti_op_loop_if_less):
        (JSC::JITStubs::cti_op_loop_if_lesseq):
        (JSC::JITStubs::cti_op_new_object):
        (JSC::JITStubs::cti_op_put_by_id_generic):
        (JSC::JITStubs::cti_op_get_by_id_generic):
        (JSC::JITStubs::cti_op_put_by_id):
        (JSC::JITStubs::cti_op_put_by_id_second):
        (JSC::JITStubs::cti_op_put_by_id_fail):
        (JSC::JITStubs::cti_op_get_by_id):
        (JSC::JITStubs::cti_op_get_by_id_second):
        (JSC::JITStubs::cti_op_get_by_id_self_fail):
        (JSC::JITStubs::cti_op_get_by_id_proto_list):
        (JSC::JITStubs::cti_op_get_by_id_proto_list_full):
        (JSC::JITStubs::cti_op_get_by_id_proto_fail):
        (JSC::JITStubs::cti_op_get_by_id_array_fail):
        (JSC::JITStubs::cti_op_get_by_id_string_fail):
        (JSC::JITStubs::cti_op_instanceof):
        (JSC::JITStubs::cti_op_del_by_id):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_new_func):
        (JSC::JITStubs::cti_op_call_JSFunction):
        (JSC::JITStubs::cti_op_call_arityCheck):
        (JSC::JITStubs::cti_vm_dontLazyLinkCall):
        (JSC::JITStubs::cti_vm_lazyLinkCall):
        (JSC::JITStubs::cti_op_push_activation):
        (JSC::JITStubs::cti_op_call_NotJSFunction):
        (JSC::JITStubs::cti_op_create_arguments):
        (JSC::JITStubs::cti_op_create_arguments_no_params):
        (JSC::JITStubs::cti_op_tear_off_activation):
        (JSC::JITStubs::cti_op_tear_off_arguments):
        (JSC::JITStubs::cti_op_profile_will_call):
        (JSC::JITStubs::cti_op_profile_did_call):
        (JSC::JITStubs::cti_op_ret_scopeChain):
        (JSC::JITStubs::cti_op_new_array):
        (JSC::JITStubs::cti_op_resolve):
        (JSC::JITStubs::cti_op_construct_JSConstruct):
        (JSC::JITStubs::cti_op_construct_NotJSConstruct):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_resolve_func):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_lesseq):
        (JSC::JITStubs::cti_op_loop_if_true):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_resolve_base):
        (JSC::JITStubs::cti_op_resolve_skip):
        (JSC::JITStubs::cti_op_resolve_global):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_jless):
        (JSC::JITStubs::cti_op_not):
        (JSC::JITStubs::cti_op_jtrue):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_resolve_with_base):
        (JSC::JITStubs::cti_op_new_func_exp):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_less):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_post_dec):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_new_regexp):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_call_eval):
        (JSC::JITStubs::cti_op_throw):
        (JSC::JITStubs::cti_op_get_pnames):
        (JSC::JITStubs::cti_op_next_pname):
        (JSC::JITStubs::cti_op_push_scope):
        (JSC::JITStubs::cti_op_pop_scope):
        (JSC::JITStubs::cti_op_typeof):
        (JSC::JITStubs::cti_op_is_undefined):
        (JSC::JITStubs::cti_op_is_boolean):
        (JSC::JITStubs::cti_op_is_number):
        (JSC::JITStubs::cti_op_is_string):
        (JSC::JITStubs::cti_op_is_object):
        (JSC::JITStubs::cti_op_is_function):
        (JSC::JITStubs::cti_op_stricteq):
        (JSC::JITStubs::cti_op_nstricteq):
        (JSC::JITStubs::cti_op_to_jsnumber):
        (JSC::JITStubs::cti_op_in):
        (JSC::JITStubs::cti_op_push_new_scope):
        (JSC::JITStubs::cti_op_jmp_scopes):
        (JSC::JITStubs::cti_op_put_by_index):
        (JSC::JITStubs::cti_op_switch_imm):
        (JSC::JITStubs::cti_op_switch_char):
        (JSC::JITStubs::cti_op_switch_string):
        (JSC::JITStubs::cti_op_del_by_val):
        (JSC::JITStubs::cti_op_put_getter):
        (JSC::JITStubs::cti_op_put_setter):
        (JSC::JITStubs::cti_op_new_error):
        (JSC::JITStubs::cti_op_debug):
        (JSC::JITStubs::cti_vm_throw):
        * jit/JITStubs.h:
        (JSC::):
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        * runtime/JSGlobalObject.h:
        * runtime/TimeoutChecker.cpp: Copied from interpreter/Interpreter.cpp.
        (JSC::TimeoutChecker::TimeoutChecker):
        (JSC::TimeoutChecker::reset):
        (JSC::TimeoutChecker::didTimeOut):
        * runtime/TimeoutChecker.h: Copied from interpreter/Interpreter.h.
        (JSC::TimeoutChecker::setTimeoutInterval):
        (JSC::TimeoutChecker::ticksUntilNextCheck):
        (JSC::TimeoutChecker::start):
        (JSC::TimeoutChecker::stop):

2009-02-20  Gustavo Noronha Silva  <gns (a] gnome.org>

        Unreviewed build fix after r41100.

        * GNUmakefile.am:

2009-02-20  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6606660> 2==null returns true in 64bit jit

        Code for op_eq_null and op_neq_null was incorrectly performing
        a 32bit compare, which truncated the type tag from an integer
        immediate, leading to incorrect behaviour.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::setPtr):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::setPtr):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2009-02-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Gavin Barraclough.
        
        First step in splitting JIT functionality out of the Interpreter class:
        Created JITStubs.h/.cpp, and moved Interpreter::cti_* into JITStubs.cpp.
        
        Functions that the Interpreter and JITStubs share moved to Operations.h/.cpp.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::checkTimeout):
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * jit/JITStubs.cpp: Copied from interpreter/Interpreter.cpp.
        (JSC::Interpreter::cti_op_resolve_base):
        * jit/JITStubs.h: Copied from interpreter/Interpreter.h.
        * runtime/Operations.cpp:
        (JSC::jsAddSlowCase):
        (JSC::jsTypeStringForValue):
        (JSC::jsIsObjectType):
        (JSC::jsIsFunctionType):
        * runtime/Operations.h:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAdd):
        (JSC::cachePrototypeChain):
        (JSC::countPrototypeChainEntriesAndCheckForProxies):
        (JSC::resolveBase):

2009-02-19  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix for x86-64. Where the JavaScriptCore text segment lies outside
        a 2gb range of the heap containing JIT generated code, callbacks
        from JIT code to the stub functions in Interpreter will be incorrectly
        linked.

        No performance impact on Sunspider, 1% regression on v8-tests,
        due to a 3% regression on richards.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Call::Call):
        (JSC::AbstractMacroAssembler::Jump::link):
        (JSC::AbstractMacroAssembler::Jump::linkTo):
        (JSC::AbstractMacroAssembler::CodeLocationJump::relink):
        (JSC::AbstractMacroAssembler::CodeLocationCall::relink):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::AbstractMacroAssembler::PatchBuffer::linkTailRecursive):
        (JSC::AbstractMacroAssembler::differenceBetween):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::tailRecursiveCall):
        (JSC::MacroAssembler::makeTailRecursiveCall):
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::call):
        * assembler/MacroAssemblerX86Common.h:
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::call):
        (JSC::MacroAssemblerX86_64::moveWithPatch):
        (JSC::MacroAssemblerX86_64::branchPtrWithPatch):
        (JSC::MacroAssemblerX86_64::storePtrWithPatch):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::jmp_r):
        (JSC::X86Assembler::linkJump):
        (JSC::X86Assembler::patchJump):
        (JSC::X86Assembler::patchCall):
        (JSC::X86Assembler::linkCall):
        (JSC::X86Assembler::patchAddress):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCTICachePutByID):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompilePutByIdReplace):

2009-02-18  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Simplified .call and .apply in preparation for optimizing them. Also,
        a little cleanup.

        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply):
        (JSC::functionProtoFuncCall): No need to do any specific conversion on
        'this' -- op_convert_this will do it if necessary.

        * runtime/JSImmediate.cpp:
        (JSC::JSImmediate::toThisObject): Slightly relaxed the rules on
        toThisObject to allow for 'undefined', which can be passed through
        .call and .apply.

2009-02-19  David Levin  <levin (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Bug 23976: MessageQueue needs a way to wait for a message that satisfies an arbitrary criteria.
        <https://bugs.webkit.org/show_bug.cgi?id=23976>

        * wtf/Deque.h:
        (WTF::Deque<T>::findIf):
        * wtf/MessageQueue.h:
        (WTF::MessageQueue<T>::waitForMessageFiltered):

2009-02-18  David Levin  <levin (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Bug 23974: Deque::Remove would be a useful method.
        <https://bugs.webkit.org/show_bug.cgi?id=23974>

        Add Deque::remove and DequeIteratorBase<T>::operator=.

        Why was operator= added? Every concrete iterator (DequeIterator..DequeConstReverseIterator)
        was calling DequeIteratorBase::assign(), which called Base::operator=(). Base::operator=()
        was not implemented. This went unnoticed because the iterator copy code has been unused.

        * wtf/Deque.h:
        (WTF::Deque<T>::remove):
        (WTF::DequeIteratorBase<T>::removeFromIteratorsList):
        (WTF::DequeIteratorBase<T>::operator=):
        (WTF::DequeIteratorBase<T>::~DequeIteratorBase):

2009-02-18  Gustavo Noronha Silva  <gns (a] gnome.org>

        Reviewed by Holger Freyther.

        Fix symbols.filter location, and add other missing files to the
        autotools build, so that make dist works.

        * GNUmakefile.am:

2009-02-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed failure in js1_5/Regress/regress-168347.js, as seen on the Oliver
        bot.
        
        Technically, both behaviors are OK, but we might as well keep this test
        passing.

        * runtime/FunctionPrototype.cpp:
        (JSC::insertSemicolonIfNeeded): No need to add a trailing semicolon
        after a trailing '}', since '}' ends a block, indicating the end of a
        statement.

2009-02-17  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix.

        * runtime/FunctionPrototype.cpp:

2009-02-17  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Add assertion to guard against oversized pc relative calls.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::link):

2009-02-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed <rdar://problem/6595040> REGRESSION: http://www.amnestyusa.org/
        fails to load.
        
        amnestyusa.org uses the Optimist JavaScript library, which adds event
        listeners by concatenating string-ified functions. This is only sure to
        be syntactically valid if the string-ified functions end in semicolons.

        * parser/Lexer.cpp:
        (JSC::Lexer::isWhiteSpace):
        * parser/Lexer.h:
        (JSC::Lexer::isWhiteSpace):
        (JSC::Lexer::isLineTerminator): Added some helper functions for examining
        whitespace.

        * runtime/FunctionPrototype.cpp:
        (JSC::appendSemicolonIfNeeded):
        (JSC::functionProtoFuncToString): When string-ifying a function, insert
        a semicolon in the last non-whitespace position, if one doesn't already exist.

2009-02-16  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Roll out r41022 as it breaks qt and gtk builds

        * jit/JITArithmetic.cpp:
        (JSC::isSSE2Present):

2009-02-16  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Fix for <rdar://problem/6468156>
        REGRESSION (r36779): Adding link, images, flash in TinyMCE blocks entire page (21382)

        No performance regression.

        * runtime/Arguments.cpp:
        (JSC::Arguments::fillArgList): Add codepath for when the "length" property has been
        overridden.

2009-02-16  Mark Rowe  <mrowe (a] apple.com>

        Build fix.

        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::):
        (WTF::TCMallocStats::FastMallocZone::FastMallocZone):

2009-02-16  Csaba Osztrogonac  <oszi (a] inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Bug 23787: Allow JIT to generate SSE2 code if using GCC
        <https://bugs.webkit.org/show_bug.cgi?id=23787>

        GCC version of the cpuid check.

        * jit/JITArithmetic.cpp:
        (JSC::isSSE2Present): GCC assembly code added.
        6.6% progression on x86 Linux with JIT and WREC on SunSpider if using SSE2 capable machine.

2009-02-13  Adam Treat  <adam.treat (a] torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=23960
        Crash Fix.

        Don't depend on 'initializeThreading()' to come before a call to 'isMainThread()'
        as QtWebKit only calls 'initializeThreading()' during QWebPage construction.

        A client app may well make a call to QWebSettings::iconForUrl() for instance
        before creating a QWebPage and that call to QWebSettings triggers an
        ASSERT(isMainThread()) deep within WebCore.

        * wtf/ThreadingQt.cpp:
        (WTF::isMainThread):

2009-02-13  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Darin Adler.

        Some data in the instruction stream is potentially uninitialized - fix this.

        Change the OperandTypes constructor so that uninitialized memory in the int
        is zeroed, and modify the Instruction constructor taking an Opcode so that
        if !HAVE(COMPUTED_GOTO) (i.e. when Opcode is an enum, and is potentially only
        a byte) it zeros the Instruction first before writing the opcode.

        * bytecode/Instruction.h:
        (JSC::Instruction::Instruction):
        * parser/ResultType.h:
        (JSC::OperandTypes::OperandTypes):

2009-02-13  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix for non_JIT platforms.

        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::setIsNumericCompareFunction):
        (JSC::CodeBlock::isNumericCompareFunction):

2009-02-13  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed <rdar://problem/6584057> Optimize sort by JS numeric comparison
        function not to run the comparison function
        
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::setIsNumericCompareFunction):
        (JSC::CodeBlock::isNumericCompareFunction): Added the ability to track
        whether a CodeBlock performs a sort-like numeric comparison.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate): Set the isNumericCompareFunction bit
        after compiling.

        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::emitBytecode): Fixed a bug that caused us to
        codegen an extra return at the end of all functions (eek!), since this
        made it harder / weirder to detect the numeric comparison pattern in
        bytecode.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncSort): Use the isNumericCompareFunction bit to do
        a faster sort if we can.

        * runtime/FunctionConstructor.cpp:
        (JSC::extractFunctionBody):
        (JSC::constructFunction):
        * runtime/FunctionConstructor.h: Renamed and exported extractFunctionBody for
        use in initializing lazyNumericCompareFunction.

        * runtime/JSArray.cpp:
        (JSC::compareNumbersForQSort):
        (JSC::compareByStringPairForQSort):
        (JSC::JSArray::sortNumeric):
        (JSC::JSArray::sort):
        * runtime/JSArray.h: Added a fast numeric sort. Renamed ArrayQSortPair
        to be more specific since we do different kinds of qsort now.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::numericCompareFunction):
        (JSC::JSGlobalData::ClientData::~ClientData):
        * runtime/JSGlobalData.h: Added helper data for computing the
        isNumericCompareFunction bit.

2009-02-13  Darin Adler  <darin (a] apple.com>

        * Configurations/JavaScriptCore.xcconfig: Undo accidental commit of this file.

2009-02-12  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt and Alexey Proskuryakov.

        Speed up a couple string functions.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncIndexOf): Added a fast path for cases where the second
        argument is either missing or an integer.
        (JSC::stringProtoFuncBig): Use jsNontrivialString since the string is guaranteed
        to be 2 or more characters long.
        (JSC::stringProtoFuncSmall): Ditto.
        (JSC::stringProtoFuncBlink): Ditto.
        (JSC::stringProtoFuncBold): Ditto.
        (JSC::stringProtoFuncItalics): Ditto.
        (JSC::stringProtoFuncStrike): Ditto.
        (JSC::stringProtoFuncSub): Ditto.
        (JSC::stringProtoFuncSup): Ditto.
        (JSC::stringProtoFuncFontcolor): Ditto.
        (JSC::stringProtoFuncFontsize): Make the fast path Sam recently added even faster
        by avoiding all but the minimum memory allocation.
        (JSC::stringProtoFuncAnchor): Use jsNontrivialString.
        (JSC::stringProtoFuncLink): Added a fast path.

        * runtime/UString.cpp:
        (JSC::UString::find): Added a fast path for single-character search strings.

2009-02-13  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        Bug 23926: Race condition in callOnMainThreadAndWait
        <https://bugs.webkit.org/show_bug.cgi?id=23926>

        * wtf/MainThread.cpp:
        Removed callOnMainThreadAndWait since it isn't used.

2009-02-13  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Jon Honeycutt.

        Math.random is really slow on windows.

        Math.random calls WTF::randomNumber which is implemented as
        the secure rand_s on windows.  Unfortunately rand_s is an order
        of magnitude slower than arc4random.  For this reason I've
        added "weakRandomNumber" for use by JavaScript's Math Object.
        In the long term we should look at using our own secure PRNG
        in place of the system, but this will do for now.

        30% win on SunSpider on Windows, resolving most of the remaining
        disparity vs. Mac.

        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        (JSC::mathProtoFuncRandom):
        * wtf/RandomNumber.cpp:
        (WTF::weakRandomNumber):
        (WTF::randomNumber):
        * wtf/RandomNumber.h:
        * wtf/RandomNumberSeed.h:
        (WTF::initializeWeakRandomNumberGenerator):

2009-02-12  Mark Rowe  <mrowe (a] apple.com>

        Fix the build for other platforms.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):

2009-02-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Remove (/reduce) use of hard-wired register names from the JIT.
        Currently there is no abstraction of registers used in the JIT,
        which has a number of negative consequences.  Hard-wiring x86
        register names makes the JIT less portable to other platforms,
        and prevents us from performing dynamic register allocation to
        attempt to maintain more temporary values in machine registers.
        (The latter will be more important on x86-64, where we have more
        registers to make use of).

        Also, remove MacroAssembler::mod32.  This was not providing a
        useful abstraction, and was not in keeping with the rest of the
        MacroAssembler interface, in having specific register requirements.

        * assembler/MacroAssemblerX86Common.h:
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_lshift):
        (JSC::JIT::compileFastArithSlow_op_lshift):
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):
        (JSC::JIT::compileFastArith_op_bitand):
        (JSC::JIT::compileFastArithSlow_op_bitand):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArithSlow_op_mod):
        (JSC::JIT::compileFastArith_op_post_inc):
        (JSC::JIT::compileFastArithSlow_op_post_inc):
        (JSC::JIT::compileFastArith_op_post_dec):
        (JSC::JIT::compileFastArithSlow_op_post_dec):
        (JSC::JIT::compileFastArith_op_pre_inc):
        (JSC::JIT::compileFastArithSlow_op_pre_inc):
        (JSC::JIT::compileFastArith_op_pre_dec):
        (JSC::JIT::compileFastArithSlow_op_pre_dec):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArith_op_sub):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallEvalSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::emitPutVirtualRegister):
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):

2009-02-12  Horia Olaru  <olaru (a] adobe.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=23400

        When throwing an exception within an eval argument string, the dst parameter was
        modified in the functions below and the return value for eval was altered. Changed
        the emitNode call in JSC::ThrowNode::emitBytecode to use a temporary register
        to store its results instead of dst. The JSC::FunctionCallResolveNode::emitBytecode
        would load the function within the dst registry, also altering the result returned
        by eval. Replaced it with another temporary.

        * parser/Nodes.cpp:
        (JSC::FunctionCallResolveNode::emitBytecode):
        (JSC::ThrowNode::emitBytecode):

2009-02-12  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Speed up String.prototype.fontsize.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncFontsize): Specialize for defined/commonly used values.

2009-02-12  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Correctness fix.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber): Divide by the maximum representable value, which
        is different on each platform now, to get values between 0 and 1.

2009-02-12  Geoffrey Garen  <ggaren (a] apple.com>

        Build fix.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):

2009-02-12  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed <rdar://problem/6582048>.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber): Make only one call to the random number generator
        on platforms where the generator is cryptographically secure. The value
        of randomness over and above cryptographically secure randomness is not
        clear, and it caused some performance problems.

2009-02-12  Adam Roben  <aroben (a] apple.com>

        Fix lots of Perl warnings when building JavaScriptCoreGenerated on
        Windows

        Reviewed by John Sullivan.

        * JavaScriptCore.vcproj/JavaScriptCore/build-generated-files.sh:
        Create the docs/ directory so that we can write bytecode.html into it.
        This matches what JavaScriptCore.xcodeproj does.

2009-02-12  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Rubber-stamped by Lars.

        Re-enable the JIT in the Qt build with -fno-stack-protector on Linux.

        * JavaScriptCore.pri:

2009-02-11  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=23705
        Fix the UI freeze caused by Worker generating a flood of messages.
        Measure time we spend in executing posted work items. If too much time is spent
        without returning to the run loop, exit and reschedule.

        * wtf/MainThread.h:
        Added initializeMainThreadPlatform() to initialize low-level mechanism for posting
        work items from thread to thread. This removes #ifdefs for WIN and CHROMIUM from platform-independent code.

        * wtf/MainThread.cpp:
        (WTF::initializeMainThread):
        (WTF::dispatchFunctionsFromMainThread):
        Instead of dispatching all work items in the queue, dispatch them one by one
        and measure elapsed time. After a threshold, reschedule and quit.

        (WTF::callOnMainThread):
        (WTF::callOnMainThreadAndWait):
        Only schedule dispatch if the queue was empty - to avoid many posted messages in the run loop queue.

        * wtf/mac/MainThreadMac.mm:
        (WTF::scheduleDispatchFunctionsOnMainThread):
        Use static instance of the mainThreadCaller instead of allocating and releasing it each time.
        (WTF::initializeMainThreadPlatform):
        * wtf/gtk/MainThreadChromium.cpp:
        (WTF::initializeMainThreadPlatform):
        * wtf/gtk/MainThreadGtk.cpp:
        (WTF::initializeMainThreadPlatform):
        * wtf/qt/MainThreadQt.cpp:
        (WTF::initializeMainThreadPlatform):
        * wtf/win/MainThreadWin.cpp:
        (WTF::initializeMainThreadPlatform):
        * wtf/wx/MainThreadWx.cpp:
        (WTF::initializeMainThreadPlatform):

2009-02-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        Style cleanup.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::CodeLocationCommon::CodeLocationCommon):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::operator bool):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::reset):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForSwitch):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForExceptionHandler):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForJSR):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::getJumpDestination):
        (JSC::AbstractMacroAssembler::CodeLocationJump::relink):
        (JSC::AbstractMacroAssembler::CodeLocationJump::CodeLocationJump):
        (JSC::AbstractMacroAssembler::CodeLocationCall::relink):
        (JSC::AbstractMacroAssembler::CodeLocationCall::calleeReturnAddressValue):
        (JSC::AbstractMacroAssembler::CodeLocationCall::CodeLocationCall):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::repatch):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::CodeLocationDataLabel32):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::repatch):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::CodeLocationDataLabelPtr):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::ProcessorReturnAddress):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::operator void*):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::::CodeLocationCommon::labelAtOffset):
        (JSC::::CodeLocationCommon::jumpAtOffset):
        (JSC::::CodeLocationCommon::callAtOffset):
        (JSC::::CodeLocationCommon::dataLabelPtrAtOffset):
        (JSC::::CodeLocationCommon::dataLabel32AtOffset):

2009-02-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        * assembler/AbstractMacroAssembler.h: Fix comments.

2009-02-11  Alexey Proskuryakov  <ap (a] webkit.org>

        Trying to fix wx build.

        * bytecode/JumpTable.h: Include "MacroAssembler.h", not <MacroAssembler.h>.
        * jscore.bkl: Added assembler directory to search paths.

2009-02-10  Gavin Barraclough  <barraclough (a] apple.com>

        Build
        fix.
        (Narrow
        changelog
        for
        dhyatt).

        * bytecode/Instruction.h:
        (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
        (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):

2009-02-10  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Reduce use of void* / reinterpret_cast in JIT repatching code,
        add strong types for Calls and for the various types of pointers
        we retain into the JIT generated instruction stream.

        No performance impact.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::ImmPtr::ImmPtr):
        (JSC::AbstractMacroAssembler::ImmPtr::asIntptr):
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        (JSC::AbstractMacroAssembler::Label::Label):
        (JSC::AbstractMacroAssembler::DataLabelPtr::DataLabelPtr):
        (JSC::AbstractMacroAssembler::Call::Call):
        (JSC::AbstractMacroAssembler::Call::link):
        (JSC::AbstractMacroAssembler::Call::linkTo):
        (JSC::AbstractMacroAssembler::Jump::Jump):
        (JSC::AbstractMacroAssembler::Jump::linkTo):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::CodeLocationCommon):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::operator bool):
        (JSC::AbstractMacroAssembler::CodeLocationCommon::reset):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::CodeLocationLabel):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForSwitch):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForExceptionHandler):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::addressForJSR):
        (JSC::AbstractMacroAssembler::CodeLocationLabel::getJumpDestination):
        (JSC::AbstractMacroAssembler::CodeLocationJump::CodeLocationJump):
        (JSC::AbstractMacroAssembler::CodeLocationJump::relink):
        (JSC::AbstractMacroAssembler::CodeLocationCall::CodeLocationCall):
        (JSC::AbstractMacroAssembler::CodeLocationCall::relink):
        (JSC::AbstractMacroAssembler::CodeLocationCall::calleeReturnAddressValue):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::CodeLocationDataLabel32):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabel32::repatch):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::CodeLocationDataLabelPtr):
        (JSC::AbstractMacroAssembler::CodeLocationDataLabelPtr::repatch):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::ProcessorReturnAddress):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::relinkCallerToFunction):
        (JSC::AbstractMacroAssembler::ProcessorReturnAddress::operator void*):
        (JSC::AbstractMacroAssembler::PatchBuffer::entry):
        (JSC::AbstractMacroAssembler::PatchBuffer::trampolineAt):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::AbstractMacroAssembler::PatchBuffer::linkTailRecursive):
        (JSC::AbstractMacroAssembler::PatchBuffer::patch):
        (JSC::AbstractMacroAssembler::PatchBuffer::locationOf):
        (JSC::AbstractMacroAssembler::PatchBuffer::returnAddressOffset):
        (JSC::AbstractMacroAssembler::differenceBetween):
        (JSC::::CodeLocationCommon::labelAtOffset):
        (JSC::::CodeLocationCommon::jumpAtOffset):
        (JSC::::CodeLocationCommon::callAtOffset):
        (JSC::::CodeLocationCommon::dataLabelPtrAtOffset):
        (JSC::::CodeLocationCommon::dataLabel32AtOffset):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::call):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::getCallReturnOffset):
        * bytecode/CodeBlock.h:
        (JSC::CallLinkInfo::CallLinkInfo):
        (JSC::getStructureStubInfoReturnLocation):
        (JSC::getCallLinkInfoReturnLocation):
        * bytecode/Instruction.h:
        (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
        (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
        * bytecode/JumpTable.h:
        (JSC::StringJumpTable::ctiForValue):
        (JSC::SimpleJumpTable::ctiForValue):
        * bytecode/StructureStubInfo.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitCatch):
        (JSC::prepareJumpTableForStringSwitch):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::getPolymorphicAccessStructureListSlot):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        (JSC::Interpreter::cti_vm_throw):
        * jit/JIT.cpp:
        (JSC::ctiSetReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JIT::compileGetByIdSelf):
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdReplace):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compilePatchGetArrayLength):
        (JSC::JIT::emitCTICall):
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::emitCTICall_internal):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):

2009-02-10  Adam Roben  <aroben (a] apple.com>

        Windows build fix after r40813

        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Added profiler/ to the include
        path so that Profiler.h can be found.

2009-02-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Provide a class type for a generated block of JIT code.
        Also changes the return address -> bytecode index map to
        track the return addess as an unsigned offset into the code
        instead of a ptrdiff_t in terms of void**s - the latter is
        equal to the actual offset / sizeof(void*), making it a
        potentially lossy representation.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::PatchBuffer::returnAddressOffset):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::getCallReturnOffset):
        * bytecode/CodeBlock.h:
        (JSC::CallReturnOffsetToBytecodeIndex::CallReturnOffsetToBytecodeIndex):
        (JSC::getCallReturnOffset):
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::jitCode):
        (JSC::CodeBlock::callReturnIndexVector):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        (JSC::Interpreter::cti_vm_lazyLinkCall):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::):
        * jit/JITCall.cpp:
        (JSC::JIT::linkCall):
        * jit/JITCode.h: Added.
        (JSC::):
        (JSC::JITCode::JITCode):
        (JSC::JITCode::operator bool):
        (JSC::JITCode::addressForCall):
        (JSC::JITCode::offsetOf):
        (JSC::JITCode::execute):

2009-02-09  John Grabowski  <jrg (a] chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23856
        Change the definition of "main thread" for Chromium on OSX.
        It does not match the DARWIN definition.

        * wtf/ThreadingPthreads.cpp:
        (WTF::initializeThreading):
        (WTF::isMainThread):

2009-02-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Minor bugfix, incorrect check meant that subtraction causing integer overflow
        would be missed on x86-64 JIT.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOp):

2009-02-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        A more sensible register allocation for x86-64.

        When WREC was ported to x86-64 it stuck with the same register allocation as x86.
        This requires registers to be reordered on entry into WREC generated code, since
        argument passing is different on x86-64 and x86 (regparm(3)).  This patch switches
        x86-64 to use a native register allocation, that does not require argument registers
        to be reordered.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateReturnSuccess):
        (JSC::WREC::Generator::generateReturnFailure):
        * wrec/WRECGenerator.h:

2009-02-05  Adam Roben  <aroben (a] apple.com>

        Build fix

        Rubberstamped by Sam Weinig.

        * wtf/TypeTraits.h: Include Platform.h, since this header uses macros
        defined there.

2009-02-05  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=23747
        Add Chromium threading-related files.

        * wtf/MainThread.cpp: Added platform guard to initializeMainThread.
        * wtf/chromium/ChromiumThreading.h: Added.
        * wtf/chromium/MainThreadChromium.cpp: Added.
        (WTF::initializeMainThread):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2009-02-05  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        Bug 23713: COMPILE_ASSERTS should be moved out of TypeTraits.h and into .cpp file
        <https://bugs.webkit.org/show_bug.cgi?id=23713>

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:

        * wtf/HashTraits.h:
        Remove unnecessary header file that I missed when moving out the type traits form this file.

        * wtf/TypeTraits.cpp: Added.
        (WTF::):
        * wtf/TypeTraits.h:
        Moved the compile asserts into TypeTraits.cpp file.

2009-02-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver 'the nun' Hunt.

        Add -e switch to jsc to enable evaluation of scripts passed on the command line.

        * jsc.cpp:
        (Script::Script):
        (runWithScripts):
        (printUsageStatement):
        (parseArguments):
        (jscmain):

2009-02-04  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Sam 'Big Mac' Weinig.

        * assembler/AbstractMacroAssembler.h: Copied from assembler/MacroAssembler.h.
        * assembler/MacroAssemblerX86.h: Copied from assembler/MacroAssembler.h.
        * assembler/MacroAssemblerX86Common.h: Copied from assembler/MacroAssembler.h.
        * assembler/MacroAssemblerX86_64.h: Copied from assembler/MacroAssembler.h.

2009-02-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        This patch tidies up the MacroAssembler, cleaning up the code and refactoring out the
        platform-specific parts.  The MacroAssembler gets split up like a beef burger, with the
        platform-agnostic data types being the lower bun (in the form of the class AbstractMacroAssembler),
        the plaform-specific code generation forming a big meaty patty of methods like 'add32',
        'branch32', etc (MacroAssemblerX86), and finally topped off with the bun-lid of the
        MacroAssembler class itself, providing covenience methods such as the stack peek & poke,
        and backwards branch methods, all of which can be described in a platform independent
        way using methods from the base class.  The AbstractMacroAssembler is templated on the
        type of the assembler class that will be used for code generation, and the three layers
        are held together with the cocktail stick of inheritance.

        The above description is a slight simplification since the MacroAssemblerX86 is actually
        formed from two layers (in effect giving us a kind on bacon double cheeseburger) - with the
        bulk of methods that are common between x86 & x86-64 implemented in MacroAssemblerX86Common,
        which forms a base class for MacroAssemblerX86 and MacroAssemblerX86_64 (which add the methods
        specific to the given platform).

        I'm landing these changes first without splitting the classes across multiple files,
        I will follow up with a second patch to split up the file MacroAssembler.h.

        * assembler/MacroAssembler.h:
        (JSC::AbstractMacroAssembler::):
        (JSC::AbstractMacroAssembler::DataLabelPtr::DataLabelPtr):
        (JSC::AbstractMacroAssembler::DataLabelPtr::patch):
        (JSC::AbstractMacroAssembler::DataLabel32::DataLabel32):
        (JSC::AbstractMacroAssembler::DataLabel32::patch):
        (JSC::AbstractMacroAssembler::Label::Label):
        (JSC::AbstractMacroAssembler::Jump::Jump):
        (JSC::AbstractMacroAssembler::Jump::link):
        (JSC::AbstractMacroAssembler::Jump::linkTo):
        (JSC::AbstractMacroAssembler::Jump::patch):
        (JSC::AbstractMacroAssembler::JumpList::link):
        (JSC::AbstractMacroAssembler::JumpList::linkTo):
        (JSC::AbstractMacroAssembler::PatchBuffer::link):
        (JSC::AbstractMacroAssembler::PatchBuffer::addressOf):
        (JSC::AbstractMacroAssembler::PatchBuffer::setPtr):
        (JSC::AbstractMacroAssembler::size):
        (JSC::AbstractMacroAssembler::copyCode):
        (JSC::AbstractMacroAssembler::label):
        (JSC::AbstractMacroAssembler::align):
        (JSC::AbstractMacroAssembler::differenceBetween):
        (JSC::MacroAssemblerX86Common::xor32):
        (JSC::MacroAssemblerX86Common::load32WithAddressOffsetPatch):
        (JSC::MacroAssemblerX86Common::store32WithAddressOffsetPatch):
        (JSC::MacroAssemblerX86Common::move):
        (JSC::MacroAssemblerX86Common::swap):
        (JSC::MacroAssemblerX86Common::signExtend32ToPtr):
        (JSC::MacroAssemblerX86Common::zeroExtend32ToPtr):
        (JSC::MacroAssemblerX86Common::branch32):
        (JSC::MacroAssemblerX86Common::jump):
        (JSC::MacroAssemblerX86_64::add32):
        (JSC::MacroAssemblerX86_64::sub32):
        (JSC::MacroAssemblerX86_64::load32):
        (JSC::MacroAssemblerX86_64::store32):
        (JSC::MacroAssemblerX86_64::addPtr):
        (JSC::MacroAssemblerX86_64::andPtr):
        (JSC::MacroAssemblerX86_64::orPtr):
        (JSC::MacroAssemblerX86_64::rshiftPtr):
        (JSC::MacroAssemblerX86_64::subPtr):
        (JSC::MacroAssemblerX86_64::xorPtr):
        (JSC::MacroAssemblerX86_64::loadPtr):
        (JSC::MacroAssemblerX86_64::loadPtrWithAddressOffsetPatch):
        (JSC::MacroAssemblerX86_64::storePtr):
        (JSC::MacroAssemblerX86_64::storePtrWithAddressOffsetPatch):
        (JSC::MacroAssemblerX86_64::branchPtr):
        (JSC::MacroAssemblerX86_64::branchTestPtr):
        (JSC::MacroAssemblerX86_64::branchAddPtr):
        (JSC::MacroAssemblerX86_64::branchSubPtr):
        (JSC::MacroAssemblerX86_64::branchPtrWithPatch):
        (JSC::MacroAssemblerX86_64::storePtrWithPatch):
        (JSC::MacroAssemblerX86::add32):
        (JSC::MacroAssemblerX86::sub32):
        (JSC::MacroAssemblerX86::load32):
        (JSC::MacroAssemblerX86::store32):
        (JSC::MacroAssemblerX86::branch32):
        (JSC::MacroAssemblerX86::branchPtrWithPatch):
        (JSC::MacroAssemblerX86::storePtrWithPatch):
        (JSC::MacroAssembler::pop):
        (JSC::MacroAssembler::peek):
        (JSC::MacroAssembler::poke):
        (JSC::MacroAssembler::branchPtr):
        (JSC::MacroAssembler::branch32):
        (JSC::MacroAssembler::branch16):
        (JSC::MacroAssembler::branchTestPtr):
        (JSC::MacroAssembler::addPtr):
        (JSC::MacroAssembler::andPtr):
        (JSC::MacroAssembler::orPtr):
        (JSC::MacroAssembler::rshiftPtr):
        (JSC::MacroAssembler::subPtr):
        (JSC::MacroAssembler::xorPtr):
        (JSC::MacroAssembler::loadPtr):
        (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
        (JSC::MacroAssembler::branchAddPtr):
        (JSC::MacroAssembler::branchSubPtr):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOp):

2009-02-04  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=23681
        Worker tests crash in debug builds if run --singly

        The crash happened because worker threads continued running while debug-only static objects
        were already being destroyed on main thread.

        * runtime/Structure.cpp: Create static debug-only sets in heap, so that they don't get
        destroyed.

        * wtf/ThreadingPthreads.cpp: Changed assertions to conventional form.

2009-02-03  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=23715

        Simplify MacroAssembler interface, by combining comparison methods.
        Seprate operations are combined as follows:
            jz32/jnz32/jzPtr/jnzPtr -> branchTest32/branchTestPtr,
            j*(Add|Mul|Sub)32/j*(Add|Mul|Sub)Ptr -> branch(Add|Mul|Sub)32/branch(Add|Mul|Sub)Ptr
            j*32/j*Ptr (all other two op combparisons) -> branch32/brnachPtr
            set*32 -> set32

        Also, represent the Scale of BaseIndex addresses as a plain enum (0,1,2,3),
        instead of as multiplicands (1,2,4,8).

        This patch singificantly reduces replication of code, and increases functionality supported
        by the MacroAssembler.  No performance impact.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::):
        (JSC::MacroAssembler::branchPtr):
        (JSC::MacroAssembler::branchPtrWithPatch):
        (JSC::MacroAssembler::branch32):
        (JSC::MacroAssembler::branch16):
        (JSC::MacroAssembler::branchTestPtr):
        (JSC::MacroAssembler::branchTest32):
        (JSC::MacroAssembler::branchAddPtr):
        (JSC::MacroAssembler::branchAdd32):
        (JSC::MacroAssembler::branchMul32):
        (JSC::MacroAssembler::branchSubPtr):
        (JSC::MacroAssembler::branchSub32):
        (JSC::MacroAssembler::set32):
        (JSC::MacroAssembler::setTest32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::jccRel32):
        (JSC::X86Assembler::setccOpcode):
        (JSC::X86Assembler::cmpq_mr):
        (JSC::X86Assembler::setcc_r):
        (JSC::X86Assembler::sete_r):
        (JSC::X86Assembler::setne_r):
        (JSC::X86Assembler::jne):
        (JSC::X86Assembler::je):
        (JSC::X86Assembler::jl):
        (JSC::X86Assembler::jb):
        (JSC::X86Assembler::jle):
        (JSC::X86Assembler::jbe):
        (JSC::X86Assembler::jge):
        (JSC::X86Assembler::jg):
        (JSC::X86Assembler::ja):
        (JSC::X86Assembler::jae):
        (JSC::X86Assembler::jo):
        (JSC::X86Assembler::jp):
        (JSC::X86Assembler::js):
        (JSC::X86Assembler::jcc):
        (JSC::X86Assembler::X86InstructionFormatter::putModRmSib):
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_lshift):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArith_op_post_inc):
        (JSC::JIT::compileFastArith_op_post_dec):
        (JSC::JIT::compileFastArith_op_pre_inc):
        (JSC::JIT::compileFastArith_op_pre_dec):
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::checkStructure):
        (JSC::JIT::emitJumpIfJSCell):
        (JSC::JIT::emitJumpIfNotJSCell):
        (JSC::JIT::emitJumpIfImmediateNumber):
        (JSC::JIT::emitJumpIfNotImmediateNumber):
        (JSC::JIT::emitJumpIfImmediateInteger):
        (JSC::JIT::emitJumpIfNotImmediateInteger):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateIncrementIndex):
        (JSC::WREC::Generator::generateLoadCharacter):
        (JSC::WREC::Generator::generateJumpIfNotEndOfInput):
        (JSC::WREC::Generator::generateBackreferenceQuantifier):
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generatePatternCharacterPair):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        (JSC::WREC::Generator::generateBackreference):

2009-02-03  David Hyatt  <hyatt (a] apple.com>

        Fix a bug in Vector's shrinkCapacity method.  It did not properly copy elements into the inline buffer
        when shrinking down from a size that was greater than the inline capacity.

        Reviewed by Maciej

        * wtf/Vector.h:
        (WTF::VectorBuffer::VectorBuffer):
        (WTF::VectorBuffer::allocateBuffer):

2009-02-03  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Tor Arne Vestb.

        Added accessor for JSByteArray storage.

        * runtime/JSByteArray.h:
        (JSC::JSByteArray::storage):

2009-02-03  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=23560
        Implement SharedTimer on WorkerRunLoop

        * JavaScriptCore.exp:
        Forgot to expose ThreadCondition::timedWait() in one of previous patches.

2009-02-02  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        <https://bugs.webkit.org/show_bug.cgi?id=21414> REGRESSION: Regular Expressions and character classes, shorthands and ranges
        <rdar://problem/6543487>

        In certain circumstances when WREC::Generator::generateCharacterClassInvertedRange invokes
        itself recursively, it will incorrectly emit (and thus consume) the next single character
        match in the current character class.  As WREC uses a binary search this out of sequence
        codegen could result in a character match being missed and so cause the regex to produce
        incorrect results.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):

2009-02-02  Darin Adler  <darin (a] apple.com>

        Reviewed by Dave Hyatt.

        Bug 23676: Speed up uses of reserveCapacity on new vectors by adding a new reserveInitialCapacity
        https://bugs.webkit.org/show_bug.cgi?id=23676

        * API/JSObjectRef.cpp:
        (JSObjectCopyPropertyNames): Use reserveInitialCapacity.
        * parser/Lexer.cpp:
        (JSC::Lexer::Lexer): Ditto.
        (JSC::Lexer::clear): Ditto.

        * wtf/Vector.h: Added reserveInitialCapacity, a more efficient version of
        reserveCapacity for use when the vector is brand new (still size 0 with no
        capacity other than the inline capacity).

2009-01-30  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Oliver Hunt.

        <rdar://problem/6391501> Enable the JIT on Mac OS X x86_64 as it passes all tests.

        * wtf/Platform.h:

2009-01-30  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Mark Rowe and Sam Weinig.

        Finally fix load() to propagate exceptions correctly.

        * jsc.cpp:
        (functionLoad):

2009-01-30  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23618
        Templated worker tasks should be more error proof to use.
        Fix Chromium build.

        * wtf/TypeTraits.h:
        (WTF::IsConvertibleToInteger::IsConvertibleToDouble):
        Avoid "possible loss of data" warning when using Microsoft's C++ compiler
        by avoiding an implicit conversion of int types to doubles.

2009-01-30  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Simon Hausmann.

        Bug 23580: GNU mode RVCT compilation support
        <https://bugs.webkit.org/show_bug.cgi?id=23580>

        * pcre/pcre_exec.cpp: Use COMPILER(GCC) instead of __GNUC__.
        * wtf/FastMalloc.cpp: Ditto.
        (WTF::TCMallocStats::):
        * wtf/Platform.h: Don't define COMPILER(GCC) with RVCT --gnu.

2009-01-30  David Levin  <levin (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Bug 23618: Templated worker tasks should be more error proof to use
        <https://bugs.webkit.org/show_bug.cgi?id=23618>

        Add the type traits needed for the generic worker tasks
        and compile asserts for them.

        Add a summary header to the TypeTraits.h file to explain what is in there.

        Add a note to explain IsPod's deficiencies.

        * wtf/TypeTraits.h:

2009-01-30  David Levin  <levin (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Bug 23616: Various "template helpers" should be consolidated from isolated files in JavaScriptCore.
        <https://bugs.webkit.org/show_bug.cgi?id=23616>

        * wtf/TypeTraits.h: Moved RemovePointer, IsPod, IsInteger to this file.

        * wtf/OwnPtr.h: Use RemovePointer from TypeTraits.h.
        * wtf/RetainPtr.h:  Ditto.

        * wtf/HashTraits.h: Use IsInteger from TypeTraits.h.

        * wtf/VectorTraits.h: Use IsPod from TypeTraits.h.

        * GNUmakefile.am:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        Added TypeTraits.h.

2009-01-29  Stephanie Lewis <slewis (a] apple.com>

        RS by Oliver Hunt.

        Update the order files.

        * JavaScriptCore.order:

2009-01-29  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 23551: Crash on page load with profiler enabled and running
        <https://bugs.webkit.org/show_bug.cgi?id=23551>
        <rdar://problem/6529521>

        Interpreter::execute(FunctionBodyNode*, ...) calls Profiler::didExecute()
        with a stale CallFrame. If some part of the scope chain has already been
        freed, Profiler::didExecute() will crash when attempting to get the lexical
        global object. The fix is to make the didExecute() call use the caller's
        CallFrame, not the one made for the function call. In this case, the
        willExecute() call should also be changed to match.

        Since this occurs in the actual inspector JS, it is difficult to reduce.
        I couldn't make a layout test.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):

2009-01-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        Fix for <rdar://problem/6525537>
        Hang occurs when closing Installer window (iTunes, Aperture)

        * JavaScriptCore.exp: Export JSGlobalData::sharedInstance.

2009-01-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoff Garen.

        Initial patch by Mark Rowe.

        <rdar://problem/6519356>
        REGRESSION (r36006): "out of memory" alert running dromaeo on Windows

        Report the cost of the ArrayStorage vector more accurately/often.

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray): Report the extra cost even for a filled array
        because JSString using the single character optimization and immediates
        wont increase the cost themselves. 
        (JSC::JSArray::putSlowCase): Update the cost when increasing the size of
        the array.
        (JSC::JSArray::increaseVectorLength): Ditto.

2009-01-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoff Garen.

        Fix for <rdar://problem/6129678>
        REGRESSION (Safari 3-4): Local variable not accessible from Dashcode console or variables view

        Iterating the properties of activation objects accessed through the WebKit debugging
        APIs was broken by forced conversion of JSActivation to the global object. To fix this,
        we use a proxy activation object that acts more like a normal JSObject.

        * debugger/DebuggerActivation.cpp: Added.
        (JSC::DebuggerActivation::DebuggerActivation):
        (JSC::DebuggerActivation::mark):
        (JSC::DebuggerActivation::className):
        (JSC::DebuggerActivation::getOwnPropertySlot):
        (JSC::DebuggerActivation::put):
        (JSC::DebuggerActivation::putWithAttributes):
        (JSC::DebuggerActivation::deleteProperty):
        (JSC::DebuggerActivation::getPropertyNames):
        (JSC::DebuggerActivation::getPropertyAttributes):
        (JSC::DebuggerActivation::defineGetter):
        (JSC::DebuggerActivation::defineSetter):
        (JSC::DebuggerActivation::lookupGetter):
        (JSC::DebuggerActivation::lookupSetter):
        * debugger/DebuggerActivation.h: Added.
        Proxy JSActivation object for Debugging.

        * runtime/JSActivation.h:
        (JSC::JSActivation::isActivationObject): Added.
        * runtime/JSObject.h:
        (JSC::JSObject::isActivationObject): Added.

2009-01-28  David Kilzer  <ddkilzer (a] apple.com>

        Bug 23490: Remove initialRefCount argument from RefCounted class

        <https://bugs.webkit.org/show_bug.cgi?id=23490>

        Reviewed by Darin Adler.

        RefCountedBase now always starts with a ref count of 1, so there
        is no need to pass the initialRefCount into the class anymore.

        * wtf/ByteArray.h:
        (WTF::ByteArray::ByteArray): Removed call to RefCounted(1).
        * wtf/RefCounted.h:
        (WTF::RefCountedBase::RefCountedBase): Changed to start with a
        ref count of 1.
        (WTF::RefCounted::RefCounted): Removed initialRefCount argument
        and removed call to RefCounted(1).

2009-01-26  Adele Peterson  <adele (a] apple.com>

        Build fix.  

        * debugger/Debugger.cpp:

2009-01-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Darin Adler.

        Fixes for eq null & neq null, on 64-bit JIT.
        https://bugs.webkit.org/show_bug.cgi?id=23559

        This patch degrades 64-bit JIT performance on some benchmarks,
        due to the whole not-being-incorrect thing.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2009-01-26  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Gavin Barraclough.

        Bug 23552: Dashcode evaluator no longer works after making ExecStates actual call frames
        <https://bugs.webkit.org/show_bug.cgi?id=23552>
        <rdar://problem/6398839>

        * JavaScriptCore.exp:
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame): Added so that WebScriptCallFrame can
        evaluate JS starting from a global call frame.
        * debugger/Debugger.h:

2009-01-25  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Dan Bernstein.

        Improve the consistency of settings in our .xcconfig files.

        * Configurations/Base.xcconfig: Enable GCC_OBJC_CALL_CXX_CDTORS to match other projects.

2009-01-25  Darin Adler  <darin (a] apple.com>

        Reviewed by Mark Rowe.

        Bug 23352: Turn on more compiler warnings in the Mac build
        https://bugs.webkit.org/show_bug.cgi?id=23352

        Turn on the following warnings:

            -Wcast-qual
            -Wextra-tokens
            -Wformat=2
            -Winit-self
            -Wmissing-noreturn
            -Wpacked
            -Wrendundant-decls

        * Configurations/Base.xcconfig: Added the new warnings. Switched to -Wextra instead of
        -W for clarity since we don't have to support the older versions of gcc that require the
        old -W syntax. Since we now use -Wformat=2, removed -Wformat-security. Also removed
        -Wno-format-y2k since we can have that one on now.

2009-01-25  Judit Jasz  <jasy (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        Compilation problem fixing 
        http://bugs.webkit.org/show_bug.cgi?id=23497

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall): Use JSValuePtr::encode.

2009-01-25  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 23352: Turn on more compiler warnings in the Mac build
        https://bugs.webkit.org/show_bug.cgi?id=23352

        Fourth patch: Deal with the last few stray warnings.

        * parser/Parser.cpp: Only declare jscyyparse if it's not already declared.
        This makes both separate compilation and all-in-one compilation work with the
        -Wredundant-decls warning.

2009-01-25  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 23352: Turn on more compiler warnings in the Mac build
        https://bugs.webkit.org/show_bug.cgi?id=23352

        Third patch: Use the noreturn attribute on functions that don't
        return to prepare for the use of the -Wmissing-noreturn warning.

        * jit/JITCall.cpp:
        (JSC::unreachable): Added NO_RETURN.
        * jsc.cpp:
        (functionQuit): Ditto.
        (printUsageStatement): Ditto.
        * wtf/AlwaysInline.h: Added definition of NO_RETURN.

2009-01-24  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Force inlining of Lexer::matchPunctuator

        2.2% win when parsing jQuery, Mootools, Prototype, etc

        * parser/Lexer.h:

2009-01-23  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Fix for <rdar://problem/6126212>
        Ensure that callbacks out from the JSC interface are only allowed
        to return in reverse-chronological order to that in which they were
        made.  If we allow earlier callbacks to return first, then this may
        result in setions of the RegisterFile in use by another thread
        being trampled.

        See uber-comment in JSLock.h for details.

        * runtime/JSLock.cpp:
        (JSC::JSLock::DropAllLocks::DropAllLocks):
        (JSC::JSLock::DropAllLocks::~DropAllLocks):

2009-01-23  Darin Adler  <darin (a] apple.com>

        Try to fix WX build.

        * runtime/JSGlobalObjectFunctions.h: Include <wtf/unicode/Unicode.h>
        for the definition of UChar.

2009-01-23  Anders Carlsson  <andersca (a] apple.com>

        * Configurations/Base.xcconfig:
        GCC 4.0 build fix.
        
        * runtime/JSNumberCell.h:
        64-bit build fix.

2009-01-23  Anders Carlsson  <andersca (a] apple.com>

        Reviewed by Sam Weinig.
        
        Turn on -Wmissing-prototypes and fix the warnings.
        
        * API/JSClassRef.cpp:
        (clearReferenceToPrototype):
        * Configurations/Base.xcconfig:
        * runtime/Collector.cpp:
        (JSC::getPlatformThreadRegisters):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createError):
        * runtime/JSGlobalObjectFunctions.h:
        * runtime/JSNumberCell.h:
        * runtime/UString.cpp:
        (JSC::initializeStaticBaseString):
        (JSC::createRep):
        * wtf/FastMalloc.cpp:
        * wtf/Threading.cpp:

2009-01-22  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Anders Carlsson.

        Disable GCC_WARN_ABOUT_MISSING_PROTOTYPES temporarily.

        Current versions of Xcode only respect it for C and Objective-C files,
        and our code doesn't currently compile if it is applied to C++ and
        Objective-C++ files.

        * Configurations/Base.xcconfig:

2009-01-22  Steve Falkenburg  <sfalken (a] apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=23489
        
        Return currentTime() in correct units for the two early return cases.

        Reviewed by Mark Rowe.

        * wtf/CurrentTime.cpp:
        (WTF::currentTime):

2009-01-22  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Fix for <rdar://problem/6439247>
        FastMalloc allocating an extra 4MB of meta-data on 64-bit

        Rely on the fact that on all known x86-64 platforms only use 48 bits of
        address space to shrink the initial size of the PageMap from ~4MB to 120K.
        For 64-bit we still use a 3-level radix tree, but now each level is only 12
        bits wide.

        No performance change.

        * wtf/FastMalloc.cpp:
        (WTF::MapSelector): Add specialization for 64 bit that takes into account the
        16 bits of unused address space on x86-64.

2009-01-22  Beth Dakin  <bdakin (a] apple.com>

        Reviewed by Sam Weinig.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=23461 LayoutTests/
        fast/js/numeric-conversion.html is broken, and corresponding 
        <rdar://problem/6514842>

        The basic problem here is that parseInt(Infinity) should be NaN, 
        but we were returning 0. NaN matches Safari 3.2.1 and Firefox.

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):

2009-01-22  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        <rdar://problem/6516853> (r39682-r39736) JSFunFuzz: crash on "(function(){({ x2: x }), })()"
        <https://bugs.webkit.org/show_bug.cgi?id=23479>

        Automatic semicolon insertion was resulting in this being accepted in the initial
        nodeless parsing, but subsequent reparsing for code generation would fail, leading
        to a crash.  The solution is to ensure that reparsing a function performs parsing
        in the same state as the initial parse.  We do this by modifying the saved source
        ranges to include rather than exclude the opening and closing braces.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary): add an assertion for successful recompile
        * parser/Lexer.h:
        (JSC::Lexer::sourceCode): include rather than exclude braces.
        * parser/Nodes.h:
        (JSC::FunctionBodyNode::toSourceString):  No need to append braces anymore.

2009-01-22  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=23373

        Implement ThreadCondition::timedWait().
        Since we borrow the code for condition variables from other sources,
        I did the same for timedWait(). See comments in ThreadingWin.cpp for
        rationale and more info.

        * wtf/CONTRIBUTORS.pthreads-win32: 
        Added. A list of Pthreads-win32 contributors mentioned in their license. The license itself
        is included into wtf/ThreadingWin32.cpp.

        * wtf/Threading.h:
        * wtf/ThreadingWin.cpp:
        Additional info and Pthreads-win32 license at the beginning.
        (WTF::PlatformCondition::timedWait): new method, derived from Pthreads-win32.
        (WTF::PlatformCondition::signal): same
        (WTF::ThreadCondition::ThreadCondition):
        (WTF::ThreadCondition::~ThreadCondition):
        (WTF::ThreadCondition::wait): this now calls PlatformCondition::timedWait.
        (WTF::ThreadCondition::timedWait): same
        (WTF::ThreadCondition::signal): this now calls PlatformCondition::signal.
        (WTF::ThreadCondition::broadcast): same

2009-01-21  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=23469.

        We need to check all numbers in integer switches, not just those
        represented as integer JSImmediates.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::cti_op_switch_imm):

2009-01-21  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=23468.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-01-21  Alexey Proskuryakov  <ap (a] webkit.org>

        Suggested by Oliver Hunt. Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=23456
        Function argument names leak

        * parser/Nodes.cpp: (JSC::FunctionBodyNode::~FunctionBodyNode): Destruct parameter names.

2009-01-20  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Windows build fix

        * JavaScriptCore.vcproj/WTF/WTF.vcproj:

2009-01-20  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Mark Rowe.

        Structure property table deleted offset maps are being leaked.
        Probably shouldn't be doing that.

        https://bugs.webkit.org/show_bug.cgi?id=23442

        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):

2009-01-20  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (build fix).

        Attempt to fix gtk build

        * GNUmakefile.am:

2009-01-20  Darin Adler  <darin (a] apple.com>

        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferences): Add back the initialization to fix the build.

2009-01-20  Darin Adler  <darin (a] apple.com>

        Reviewed by Mark Rowe.

        Bug 23352: Turn on more compiler warnings in the Mac build
        https://bugs.webkit.org/show_bug.cgi?id=23352

        First patch: Fix some simple cases of various warnings.

        * pcre/pcre_compile.cpp:
        (jsRegExpCompile): Use const_cast to change const-ness.

        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferences): Remove unneeded initialization and
        use UChar instead of unsigned short for UTF-16 values.

        * wtf/dtoa.cpp:
        (WTF::strtod): Use const_cast to change const-ness.

2009-01-20  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (build fix).

        Whoops, remove runtime/ByteArray references from .pri and .scons builds, update .bkl

        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCoreSources.bkl:

2009-01-20  Oliver Hunt  <oliver (a] apple.com>

        RS=Dan Bernstein.

        Move runtime/ByteArray to wtf/ByteArray

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSByteArray.cpp:
        * runtime/JSByteArray.h:
        * wtf/ByteArray.cpp: Renamed from JavaScriptCore/runtime/ByteArray.cpp.
        (WTF::ByteArray::create):
        * wtf/ByteArray.h: Renamed from JavaScriptCore/runtime/ByteArray.h.
        (WTF::ByteArray::length):
        (WTF::ByteArray::set):
        (WTF::ByteArray::get):
        (WTF::ByteArray::data):
        (WTF::ByteArray::deref):
        (WTF::ByteArray::ByteArray):

2009-01-19  Sam Weinig  <sam (a] webkit.org>

        Rubber-stamped by Gavin Barraclough.

        Remove temporary operator-> from JSValuePtr.

        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::call):
        (JSC::::toNumber):
        (JSC::::toString):
        * API/JSObjectRef.cpp:
        (JSObjectSetPrototype):
        * API/JSValueRef.cpp:
        (JSValueGetType):
        (JSValueIsUndefined):
        (JSValueIsNull):
        (JSValueIsBoolean):
        (JSValueIsNumber):
        (JSValueIsString):
        (JSValueIsObject):
        (JSValueIsObjectOfClass):
        (JSValueToBoolean):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        * bytecode/CodeBlock.cpp:
        (JSC::valueToSourceString):
        (JSC::CodeBlock::mark):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::isKnownNotImmediate):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitEqualityOp):
        (JSC::keyForImmediateSwitch):
        * interpreter/Interpreter.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAddSlowCase):
        (JSC::jsAdd):
        (JSC::jsTypeStringForValue):
        (JSC::jsIsObjectType):
        (JSC::jsIsFunctionType):
        (JSC::isNotObject):
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::throwException):
        (JSC::cachePrototypeChain):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::countPrototypeChainEntriesAndCheckForProxies):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_convert_this):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_pre_inc):
        (JSC::Interpreter::cti_op_put_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_put_by_id_second):
        (JSC::Interpreter::cti_op_put_by_id_fail):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_second):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
        (JSC::Interpreter::cti_op_get_by_id_proto_fail):
        (JSC::Interpreter::cti_op_get_by_id_array_fail):
        (JSC::Interpreter::cti_op_get_by_id_string_fail):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_del_by_id):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_call_JSFunction):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_construct_JSConstruct):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_get_by_val_byte_array):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_put_by_val_byte_array):
        (JSC::Interpreter::cti_op_loop_if_true):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_pre_dec):
        (JSC::Interpreter::cti_op_not):
        (JSC::Interpreter::cti_op_jtrue):
        (JSC::Interpreter::cti_op_post_inc):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_mod):
        (JSC::Interpreter::cti_op_post_dec):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_bitxor):
        (JSC::Interpreter::cti_op_bitor):
        (JSC::Interpreter::cti_op_push_scope):
        (JSC::Interpreter::cti_op_is_undefined):
        (JSC::Interpreter::cti_op_is_boolean):
        (JSC::Interpreter::cti_op_is_number):
        (JSC::Interpreter::cti_op_to_jsnumber):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_op_put_by_index):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        (JSC::Interpreter::cti_op_del_by_val):
        (JSC::Interpreter::cti_op_put_getter):
        (JSC::Interpreter::cti_op_put_setter):
        (JSC::Interpreter::cti_op_new_error):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::isJSArray):
        (JSC::Interpreter::isJSString):
        (JSC::Interpreter::isJSByteArray):
        * interpreter/Register.h:
        (JSC::Register::marked):
        (JSC::Register::mark):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperandImmediateInt):
        (JSC::JIT::isOperandConstantImmediateInt):
        * jsc.cpp:
        (functionPrint):
        (functionDebug):
        (functionRun):
        (functionLoad):
        (runWithScripts):
        (runInteractive):
        * parser/Nodes.cpp:
        (JSC::processClauseList):
        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::addParentForConsoleStart):
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        * runtime/ArrayConstructor.cpp:
        (JSC::constructArrayWithSizeQuirk):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        (JSC::arrayProtoFuncConcat):
        (JSC::arrayProtoFuncPop):
        (JSC::arrayProtoFuncPush):
        (JSC::arrayProtoFuncReverse):
        (JSC::arrayProtoFuncShift):
        (JSC::arrayProtoFuncSlice):
        (JSC::arrayProtoFuncSort):
        (JSC::arrayProtoFuncSplice):
        (JSC::arrayProtoFuncUnShift):
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/BooleanConstructor.cpp:
        (JSC::constructBoolean):
        (JSC::callBooleanConstructor):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString):
        (JSC::booleanProtoFuncValueOf):
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::heap):
        (JSC::Heap::collect):
        (JSC::typeName):
        * runtime/Completion.cpp:
        (JSC::evaluate):
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        (JSC::dateParse):
        (JSC::dateUTC):
        * runtime/DateInstance.h:
        (JSC::DateInstance::internalNumber):
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        (JSC::fillStructuresUsingTimeArgs):
        (JSC::fillStructuresUsingDateArgs):
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetMilliSeconds):
        (JSC::dateProtoFuncGetUTCMilliseconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear):
        * runtime/ErrorConstructor.cpp:
        (JSC::constructError):
        * runtime/ErrorPrototype.cpp:
        (JSC::errorProtoFuncToString):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createError):
        (JSC::createErrorMessage):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        (JSC::functionProtoFuncApply):
        (JSC::functionProtoFuncCall):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::toObject):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::getOwnPropertySlot):
        * runtime/JSArray.cpp:
        (JSC::JSArray::put):
        (JSC::JSArray::mark):
        (JSC::JSArray::sort):
        (JSC::AVLTreeAbstractorForArrayCompare::compare_key_key):
        (JSC::JSArray::compactForSorting):
        * runtime/JSByteArray.h:
        (JSC::JSByteArray::setIndex):
        * runtime/JSCell.h:
        (JSC::asCell):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::call):
        (JSC::JSFunction::construct):
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::lastInPrototypeChain):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEval):
        (JSC::globalFuncParseInt):
        (JSC::globalFuncParseFloat):
        (JSC::globalFuncIsNaN):
        (JSC::globalFuncIsFinite):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        (JSC::globalFuncJSCPrint):
        * runtime/JSImmediate.cpp:
        (JSC::JSImmediate::toThisObject):
        (JSC::JSImmediate::toObject):
        (JSC::JSImmediate::prototype):
        (JSC::JSImmediate::toString):
        * runtime/JSImmediate.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::mark):
        (JSC::JSObject::put):
        (JSC::callDefaultValueFunction):
        (JSC::JSObject::getPrimitiveNumber):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::lookupGetter):
        (JSC::JSObject::lookupSetter):
        (JSC::JSObject::hasInstance):
        (JSC::JSObject::toNumber):
        (JSC::JSObject::toString):
        * runtime/JSObject.h:
        (JSC::JSObject::JSObject):
        (JSC::JSObject::inlineGetOwnPropertySlot):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSObject::getPropertySlot):
        (JSC::JSValuePtr::get):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::create):
        * runtime/JSString.cpp:
        (JSC::JSString::getOwnPropertySlot):
        * runtime/JSValue.h:
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::mark):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncAbs):
        (JSC::mathProtoFuncACos):
        (JSC::mathProtoFuncASin):
        (JSC::mathProtoFuncATan):
        (JSC::mathProtoFuncATan2):
        (JSC::mathProtoFuncCeil):
        (JSC::mathProtoFuncCos):
        (JSC::mathProtoFuncExp):
        (JSC::mathProtoFuncFloor):
        (JSC::mathProtoFuncLog):
        (JSC::mathProtoFuncMax):
        (JSC::mathProtoFuncMin):
        (JSC::mathProtoFuncPow):
        (JSC::mathProtoFuncRound):
        (JSC::mathProtoFuncSin):
        (JSC::mathProtoFuncSqrt):
        (JSC::mathProtoFuncTan):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        (JSC::NativeErrorConstructor::construct):
        * runtime/NumberConstructor.cpp:
        (JSC::constructWithNumberConstructor):
        (JSC::callNumberConstructor):
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString):
        (JSC::numberProtoFuncToLocaleString):
        (JSC::numberProtoFuncValueOf):
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToExponential):
        (JSC::numberProtoFuncToPrecision):
        * runtime/ObjectConstructor.cpp:
        (JSC::constructObject):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncValueOf):
        (JSC::objectProtoFuncHasOwnProperty):
        (JSC::objectProtoFuncIsPrototypeOf):
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        (JSC::objectProtoFuncLookupGetter):
        (JSC::objectProtoFuncLookupSetter):
        (JSC::objectProtoFuncPropertyIsEnumerable):
        (JSC::objectProtoFuncToLocaleString):
        (JSC::objectProtoFuncToString):
        * runtime/Operations.h:
        (JSC::JSValuePtr::equalSlowCaseInline):
        (JSC::JSValuePtr::strictEqual):
        (JSC::JSValuePtr::strictEqualSlowCaseInline):
        * runtime/Protect.h:
        (JSC::gcProtect):
        (JSC::gcUnprotect):
        * runtime/RegExpConstructor.cpp:
        (JSC::setRegExpConstructorInput):
        (JSC::setRegExpConstructorMultiline):
        (JSC::constructRegExp):
        * runtime/RegExpObject.cpp:
        (JSC::setRegExpObjectLastIndex):
        (JSC::RegExpObject::match):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest):
        (JSC::regExpProtoFuncExec):
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        (JSC::stringFromCharCode):
        (JSC::constructWithStringConstructor):
        (JSC::callStringConstructor):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToString):
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncConcat):
        (JSC::stringProtoFuncIndexOf):
        (JSC::stringProtoFuncLastIndexOf):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSlice):
        (JSC::stringProtoFuncSplit):
        (JSC::stringProtoFuncSubstr):
        (JSC::stringProtoFuncSubstring):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):
        (JSC::stringProtoFuncLocaleCompare):
        (JSC::stringProtoFuncBig):
        (JSC::stringProtoFuncSmall):
        (JSC::stringProtoFuncBlink):
        (JSC::stringProtoFuncBold):
        (JSC::stringProtoFuncFixed):
        (JSC::stringProtoFuncItalics):
        (JSC::stringProtoFuncStrike):
        (JSC::stringProtoFuncSub):
        (JSC::stringProtoFuncSup):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):
        (JSC::stringProtoFuncLink):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::createCachedPrototypeChain):
        * runtime/Structure.h:
        (JSC::Structure::mark):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::StructureChain):

2009-01-19  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 23409: REGRESSION: RegExp 'replace()' function improperly processes '$$'
        <https://bugs.webkit.org/show_bug.cgi?id=23409>
        <rdar://problem/6505723>

        Test: fast/js/string-replace-3.html

        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferences): Remove code that adds an extra $ -- not sure
        how this ever worked.

2009-01-16  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        On x86-64 jit, cache JSImmedate::TagMask & JSImmedate::TagTypeNumber in
        registers, save reloading them every time they're used.

        Draws x86-64 jit performance close to that of i386 jit.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::subPtr):
        (JSC::MacroAssembler::jnzPtr):
        (JSC::MacroAssembler::jzPtr):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpIfJSCell):
        (JSC::JIT::emitJumpIfNotJSCell):
        (JSC::JIT::emitJumpIfImmediateNumber):
        (JSC::JIT::emitJumpIfNotImmediateNumber):
        (JSC::JIT::emitJumpIfImmediateInteger):
        (JSC::JIT::emitJumpIfNotImmediateInteger):
        (JSC::JIT::emitFastArithIntToImmNoCheck):

2009-01-16  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Add support to x86-64 JIT for inline double precision arithmetic ops.
        +5/6% on x86-64, JIT enabled, sunspider.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::addPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movq_rr):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_pre_inc):
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArithSlow_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArithSlow_op_mul):
        (JSC::JIT::compileFastArith_op_sub):
        (JSC::JIT::compileFastArithSlow_op_sub):
        * parser/ResultType.h:
        (JSC::ResultType::isReusable):
        (JSC::ResultType::isInt32):
        (JSC::ResultType::definitelyIsNumber):
        (JSC::ResultType::mightBeNumber):
        (JSC::ResultType::isNotNumber):
        (JSC::ResultType::unknownType):

2009-01-16  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Fixes for SamplingTool.

        https://bugs.webkit.org/show_bug.cgi?id=23390

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::storePtr):
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::run):
        (JSC::SamplingTool::dump):
        * bytecode/SamplingTool.h:
        (JSC::SamplingTool::encodeSample):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::JIT::samplingToolTrackCodeBlock):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitCTICall_internal):

2009-01-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed <rdar://problem/6452301> REGRESSION: Latest WebKit nightlies
        turn "c" into "" when stripping \\c_ character

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::consumeEscape): Mimic a Firefox quirk when parsing
        control escapes inside character classes.

2009-01-16  Adam Roben  <aroben (a] apple.com>

        Windows build fix

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::parseParentheses): Removed unreachable code.

2009-01-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed <rdar://problem/6471394> REGRESSION (r39164): Discarding quantifier
        on assertion gives incorrect result (23075)
        
        https://bugs.webkit.org/show_bug.cgi?id=23075

        * pcre/pcre_compile.cpp:
        (compileBranch): Throw away an assertion if it's followed by a quantifier
        with a 0 minimum, to match SpiderMonkey, v8, and the ECMA spec.

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::parseParentheses): Fall back on PCRE for the rare
        case of an assertion with a quantifier with a 0 minimum, since we
        don't handle quantified subexpressions yet, and in this special case,
        we can't just throw away the quantifier.

2009-01-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Add support in ResultType to track that the results of bitops
        are always of type int32_t.

        * parser/Nodes.cpp:
        (JSC::ReadModifyResolveNode::emitBytecode):
        (JSC::ReadModifyDotNode::emitBytecode):
        (JSC::ReadModifyBracketNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::ExpressionNode::):
        (JSC::BooleanNode::):
        (JSC::NumberNode::):
        (JSC::StringNode::):
        (JSC::PrePostResolveNode::):
        (JSC::TypeOfResolveNode::):
        (JSC::TypeOfValueNode::):
        (JSC::UnaryPlusNode::):
        (JSC::NegateNode::):
        (JSC::BitwiseNotNode::):
        (JSC::LogicalNotNode::):
        (JSC::MultNode::):
        (JSC::DivNode::):
        (JSC::ModNode::):
        (JSC::SubNode::):
        (JSC::LeftShiftNode::):
        (JSC::RightShiftNode::):
        (JSC::UnsignedRightShiftNode::):
        (JSC::LessNode::):
        (JSC::GreaterNode::):
        (JSC::LessEqNode::):
        (JSC::GreaterEqNode::):
        (JSC::InstanceOfNode::):
        (JSC::EqualNode::):
        (JSC::NotEqualNode::):
        (JSC::StrictEqualNode::):
        (JSC::NotStrictEqualNode::):
        (JSC::BitAndNode::):
        (JSC::BitOrNode::):
        (JSC::BitXOrNode::):
        (JSC::LogicalOpNode::):
        * parser/ResultType.h:
        (JSC::ResultType::isInt32):
        (JSC::ResultType::isNotNumber):
        (JSC::ResultType::booleanType):
        (JSC::ResultType::numberType):
        (JSC::ResultType::numberTypeCanReuse):
        (JSC::ResultType::numberTypeCanReuseIsInt32):
        (JSC::ResultType::stringOrNumberTypeCanReuse):
        (JSC::ResultType::stringType):
        (JSC::ResultType::unknownType):
        (JSC::ResultType::forAdd):
        (JSC::ResultType::forBitOp):
        (JSC::OperandTypes::OperandTypes):

2009-01-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Add support for integer addition, subtraction and multiplication
        in JIT code on x86-64.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::mul32):
        (JSC::MacroAssembler::sub32):
        (JSC::MacroAssembler::joMul32):
        (JSC::MacroAssembler::joSub32):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArithSlow_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArithSlow_op_mul):
        (JSC::JIT::compileFastArith_op_sub):
        (JSC::JIT::compileFastArithSlow_op_sub):

2009-01-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        On x86-64 allow JSImmediate to encode 64-bit double precision values.
        This patch only affects builds that set USE(ALTERNATE_JSIMMEDIATE).
        Updates the implementation of JSValuePtr:: and JSImmediate:: methods
        that operate on neumeric values to be be aware of the new representation.
        When this representation is in use, the class JSNumberCell is redundant
        and is compiled out.

        The format of the new immediate representation is documented in JSImmediate.h.

        * JavaScriptCore.exp:
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::subPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::subq_rr):
        (JSC::X86Assembler::movq_rr):
        (JSC::X86Assembler::ucomisd_rr):
        (JSC::X86Assembler::X86InstructionFormatter::twoByteOp64):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_stricteq):
        (JSC::Interpreter::cti_op_nstricteq):
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_lshift):
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArith_op_bitand):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArith_op_post_inc):
        (JSC::JIT::compileFastArith_op_post_dec):
        (JSC::JIT::compileFastArith_op_pre_inc):
        (JSC::JIT::compileFastArith_op_pre_dec):
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpIfBothJSCells):
        (JSC::JIT::emitJumpIfEitherNumber):
        (JSC::JIT::emitJumpIfNotEitherNumber):
        (JSC::JIT::emitJumpIfImmediateIntegerNumber):
        (JSC::JIT::emitJumpIfNotImmediateIntegerNumber):
        (JSC::JIT::emitJumpIfNotImmediateIntegerNumbers):
        (JSC::JIT::emitJumpSlowCaseIfNotImmediateIntegerNumber):
        (JSC::JIT::emitJumpSlowCaseIfNotImmediateIntegerNumbers):
        (JSC::JIT::emitFastArithDeTagImmediate):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::emitFastArithReTagImmediate):
        (JSC::JIT::emitFastArithIntToImmNoCheck):
        * runtime/JSCell.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSImmediate.cpp:
        (JSC::JSImmediate::toThisObject):
        (JSC::JSImmediate::toObject):
        (JSC::JSImmediate::toString):
        * runtime/JSImmediate.h:
        (JSC::wtf_reinterpret_cast):
        (JSC::JSImmediate::isNumber):
        (JSC::JSImmediate::isIntegerNumber):
        (JSC::JSImmediate::isDoubleNumber):
        (JSC::JSImmediate::isPositiveIntegerNumber):
        (JSC::JSImmediate::areBothImmediateIntegerNumbers):
        (JSC::JSImmediate::makeInt):
        (JSC::JSImmediate::makeDouble):
        (JSC::JSImmediate::doubleValue):
        (JSC::doubleToBoolean):
        (JSC::JSImmediate::toBoolean):
        (JSC::JSImmediate::getTruncatedUInt32):
        (JSC::JSImmediate::makeOutOfIntegerRange):
        (JSC::JSImmediate::from):
        (JSC::JSImmediate::getTruncatedInt32):
        (JSC::JSImmediate::toDouble):
        (JSC::JSImmediate::getUInt32):
        (JSC::JSValuePtr::isInt32Fast):
        (JSC::JSValuePtr::isUInt32Fast):
        (JSC::JSValuePtr::areBothInt32Fast):
        (JSC::JSFastMath::canDoFastBitwiseOperations):
        (JSC::JSFastMath::xorImmediateNumbers):
        (JSC::JSFastMath::canDoFastRshift):
        (JSC::JSFastMath::canDoFastUrshift):
        (JSC::JSFastMath::rightShiftImmediateNumbers):
        (JSC::JSFastMath::canDoFastAdditiveOperations):
        (JSC::JSFastMath::addImmediateNumbers):
        (JSC::JSFastMath::subImmediateNumbers):
        * runtime/JSNumberCell.cpp:
        (JSC::jsNumberCell):
        * runtime/JSNumberCell.h:
        (JSC::createNumberStructure):
        (JSC::isNumberCell):
        (JSC::asNumberCell):
        (JSC::jsNumber):
        (JSC::JSValuePtr::isDoubleNumber):
        (JSC::JSValuePtr::getDoubleNumber):
        (JSC::JSValuePtr::isNumber):
        (JSC::JSValuePtr::uncheckedGetNumber):
        (JSC::jsNaN):
        (JSC::JSValuePtr::getNumber):
        (JSC::JSValuePtr::numberToInt32):
        (JSC::JSValuePtr::numberToUInt32):
        * runtime/JSValue.h:
        * runtime/NumberConstructor.cpp:
        (JSC::numberConstructorNegInfinity):
        (JSC::numberConstructorPosInfinity):
        (JSC::numberConstructorMaxValue):
        (JSC::numberConstructorMinValue):
        * runtime/NumberObject.cpp:
        (JSC::constructNumber):
        * runtime/NumberObject.h:
        * runtime/Operations.h:
        (JSC::JSValuePtr::equal):
        (JSC::JSValuePtr::equalSlowCaseInline):
        (JSC::JSValuePtr::strictEqual):
        (JSC::JSValuePtr::strictEqualSlowCaseInline):
        * wtf/Platform.h:

2009-01-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        <rdar://problem/6045018>
        REGRESSION (r34838): JavaScript objects appear to be leaked after loading google.com

        Subtract the number of JSStrings cached in SmallStrings when calculating the
        number of live JSObjects.

        * runtime/Collector.cpp:
        (JSC::Heap::objectCount):
        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::count):
        * runtime/SmallStrings.h:

2009-01-15  Sam Weinig  <sam (a] webkit.org>

        Fix Qt build.

        * runtime/Collector.cpp:

2009-01-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        Fix crash seen running fast/canvas.

        Make sure to mark the ScopeNode and CodeBlock being created
        in the re-parse for exception information.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        * parser/Nodes.h:
        (JSC::ScopeNode::mark):
        * runtime/Collector.cpp:
        (JSC::Heap::collect):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:

2009-01-15  Craig Schlenter  <craig.schlenter (a] gmail.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23347
        Compilation of JavaScriptCore/wtf/ThreadingPthreads.cpp fails on Linux

        * wtf/ThreadingPthreads.cpp: included limits.h as INT_MAX is defined there.

2009-01-15  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 23225: REGRESSION: Assertion failure in reparseInPlace() (m_sourceElements) at sfgate.com
        <https://bugs.webkit.org/show_bug.cgi?id=23225> <rdar://problem/6487432>

        Character position for open and closing brace was incorrectly referencing m_position to
        record their position in a source document, however this is unsafe as BOMs may lead to
        m_position being an arbitrary position from the real position of the current character.

        * parser/Lexer.cpp:
        (JSC::Lexer::matchPunctuator):

2009-01-14  David Kilzer  <ddkilzer (a] apple.com>

        Bug 23153: JSC build always touches JavaScriptCore/docs/bytecode.html

        <https://bugs.webkit.org/show_bug.cgi?id=23153>

        Reviewed by Darin Adler.

        Instead of building bytecode.html into ${SRCROOT}/docs/bytecode.html, build it
        into ${BUILT_PRODUCTS_DIR}/DerivedSources/JavaScriptCore/docs/bytecode.html.

        Also fixes make-bytecode-docs.pl to actually generate documentation.

        * DerivedSources.make: Changed bytecode.html to be built into local docs
        directory in ${BUILT_PRODUCTS_DIR}/DerivedSources/JavaScriptCore.
        * JavaScriptCore.xcodeproj/project.pbxproj: Added "/docs" to the end of the
        "mkdir -p" command so that the docs subdirectory is automatically created.
        * docs/make-bytecode-docs.pl: Changed BEGIN_OPCODE to DEFINE_OPCODE so that
        documentation is actually generated.

2009-01-14  Adam Treat  <adam.treat (a] torchmobile.com>

        Build fix for Qt from Dmitry Titov.

        * wtf/ThreadingQt.cpp:
        (WTF::ThreadCondition::timedWait):

2009-01-14  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 22903: REGRESSION (r36267): visiting this site reliably crashes WebKit nightly

        EvalCodeBlock's do not reference the functions that are declared inside the eval
        code, this means that simply marking the EvalCodeBlock through the global object
        is insufficient to mark the declared functions.  This patch corrects this by
        explicitly marking the CodeBlocks of all the functions declared in the cached
        EvalNode.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::mark):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::hasFunctions):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::mark):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::mark):
        (JSC::EvalNode::mark):
        * parser/Nodes.h:

2009-01-14  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=23312
        Implement MessageQueue::waitForMessageTimed()
        Also fixed ThreadCondition::timedWait() to take absolute time, as discussed on webkit-dev.
        Win32 version of timedWait still has to be implemented.

        * wtf/MessageQueue.h:
        (WTF::MessageQueueWaitResult: new enum for the result of MessageQueue::waitForMessageTimed.
        (WTF::MessageQueue::waitForMessage):
        (WTF::MessageQueue::waitForMessageTimed): New method.
        * wtf/Threading.h:
        * wtf/ThreadingGtk.cpp:
        (WTF::ThreadCondition::timedWait): changed to use absolute time instead of interval.
        * wtf/ThreadingNone.cpp:
        (WTF::ThreadCondition::timedWait): ditto.
        * wtf/ThreadingPthreads.cpp:
        (WTF::ThreadCondition::timedWait): ditto.
        * wtf/ThreadingQt.cpp:
        (WTF::ThreadCondition::timedWait): ditto.
        * wtf/ThreadingWin.cpp:
        (WTF::ThreadCondition::timedWait): ditto. The actual Win32 code is still to be implemented.

2009-01-14  Dean McNamee  <deanm (a] chromium.org>

        Reviewed by Darin Adler and Oliver hunt.

        Correctly match allocation functions by implementing a custom deref().

        https://bugs.webkit.org/show_bug.cgi?id=23315

        * runtime/ByteArray.h:
        (JSC::ByteArray::deref):
        (JSC::ByteArray::ByteArray):

2009-01-14  Dan Bernstein  <mitz (a] apple.com>

        Reviewed by John Sullivan.

        - update copyright

        * Info.plist:

2009-01-13  Beth Dakin  <bdakin (a] apple.com>

        Reviewed by Darin Adler and Oliver Hunt.

        <rdar://problem/6489314> REGRESSION: Business widget's front side 
        fails to render correctly when flipping widget

        The problem here is that parseInt was parsing NaN as 0. This patch 
        corrects that by parsing NaN as NaN. This matches our old behavior 
        and Firefox. 

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):

2009-01-13  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix for: https://bugs.webkit.org/show_bug.cgi?id=23292

        Implementation of two argument canDoFastAdditiveOperations does not correlate well with reality.

        * runtime/JSImmediate.h:
        (JSC::JSFastMath::canDoFastAdditiveOperations):

2009-01-13  Zalan Bujtas  <zbujtas (a] gmail.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23290
        Fix JSImmediate::isImmediate(src) to !src->isCell()

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-01-13  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23281
        Fix the Chromium Win build.
        Need to use PLATFORM(WIN_OS) instead of PLATFORM(WIN).
        Moved GTK and WX up in #if sequence because they could come with WIN_OS too,
        while they have their own implementation even on Windows.

        * wtf/CurrentTime.cpp:
        (WTF::currentTime):

2009-01-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Make the JSImmediate interface private.

        All manipulation of JS values should be through the JSValuePtr class, not by using JSImmediate
        directly.  The key missing methods on JSValuePtr are:

            * isCell() - check for values that are JSCell*s, and as such where asCell() may be used.
            * isInt32Fast() getInt32Fast() - fast check/access for integer immediates.
            * isUInt32Fast() getUInt32Fast() - ditto for unsigned integer immediates.

        The JIT is allowed full access to JSImmediate, since it needs to be able to directly
        manipulate JSValuePtrs.  The Interpreter is provided access to perform operations directly
        on JSValuePtrs through the new JSFastMath interface.

        No performance impact.

        * API/JSCallbackObjectFunctions.h:
        (JSC::::toNumber):
        * API/JSValueRef.cpp:
        (JSValueIsEqual):
        (JSValueIsStrictEqual):
        * JavaScriptCore.exp:
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::isKnownNotImmediate):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::keyForImmediateSwitch):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::JSValueHashTraits::constructDeletedValue):
        (JSC::BytecodeGenerator::JSValueHashTraits::isDeletedValue):
        * interpreter/Interpreter.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAdd):
        (JSC::jsIsObjectType):
        (JSC::cachePrototypeChain):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_get_by_val_byte_array):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_put_by_val_byte_array):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_eq):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_neq):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_call_eval):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_is_undefined):
        (JSC::Interpreter::cti_op_stricteq):
        (JSC::Interpreter::cti_op_nstricteq):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_vm_throw):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::isJSArray):
        (JSC::Interpreter::isJSString):
        (JSC::Interpreter::isJSByteArray):
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        (JSC::JIT::isStrictEqCaseHandledInJITCode):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArith_op_bitand):
        (JSC::JIT::compileFastArith_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperandImmediateInt):
        (JSC::JIT::isOperandConstantImmediateInt):
        * parser/Nodes.cpp:
        (JSC::processClauseList):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncValueOf):
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::heap):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::getOwnPropertySlot):
        * runtime/JSByteArray.h:
        (JSC::JSByteArray::getIndex):
        * runtime/JSCell.cpp:
        * runtime/JSCell.h:
        (JSC::JSValuePtr::isNumberCell):
        (JSC::JSValuePtr::asCell):
        (JSC::JSValuePtr::isNumber):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):
        * runtime/JSImmediate.h:
        (JSC::js0):
        (JSC::jsImpossibleValue):
        (JSC::JSValuePtr::toInt32):
        (JSC::JSValuePtr::toUInt32):
        (JSC::JSValuePtr::isCell):
        (JSC::JSValuePtr::isInt32Fast):
        (JSC::JSValuePtr::getInt32Fast):
        (JSC::JSValuePtr::isUInt32Fast):
        (JSC::JSValuePtr::getUInt32Fast):
        (JSC::JSValuePtr::makeInt32Fast):
        (JSC::JSValuePtr::areBothInt32Fast):
        (JSC::JSFastMath::canDoFastBitwiseOperations):
        (JSC::JSFastMath::equal):
        (JSC::JSFastMath::notEqual):
        (JSC::JSFastMath::andImmediateNumbers):
        (JSC::JSFastMath::xorImmediateNumbers):
        (JSC::JSFastMath::orImmediateNumbers):
        (JSC::JSFastMath::canDoFastRshift):
        (JSC::JSFastMath::canDoFastUrshift):
        (JSC::JSFastMath::rightShiftImmediateNumbers):
        (JSC::JSFastMath::canDoFastAdditiveOperations):
        (JSC::JSFastMath::addImmediateNumbers):
        (JSC::JSFastMath::subImmediateNumbers):
        (JSC::JSFastMath::incImmediateNumber):
        (JSC::JSFastMath::decImmediateNumber):
        * runtime/JSNumberCell.h:
        (JSC::JSValuePtr::asNumberCell):
        (JSC::jsNumber):
        (JSC::JSValuePtr::uncheckedGetNumber):
        (JSC::JSNumberCell::toInt32):
        (JSC::JSNumberCell::toUInt32):
        (JSC::JSValuePtr::toJSNumber):
        (JSC::JSValuePtr::getNumber):
        (JSC::JSValuePtr::numberToInt32):
        (JSC::JSValuePtr::numberToUInt32):
        * runtime/JSObject.h:
        (JSC::JSValuePtr::isObject):
        (JSC::JSValuePtr::get):
        (JSC::JSValuePtr::put):
        * runtime/JSValue.cpp:
        (JSC::JSValuePtr::toInteger):
        (JSC::JSValuePtr::toIntegerPreserveNaN):
        * runtime/JSValue.h:
        * runtime/Operations.cpp:
        (JSC::JSValuePtr::equalSlowCase):
        (JSC::JSValuePtr::strictEqualSlowCase):
        * runtime/Operations.h:
        (JSC::JSValuePtr::equal):
        (JSC::JSValuePtr::equalSlowCaseInline):
        (JSC::JSValuePtr::strictEqual):
        (JSC::JSValuePtr::strictEqualSlowCaseInline):
        * runtime/Protect.h:
        (JSC::gcProtect):
        (JSC::gcUnprotect):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        * runtime/Structure.cpp:
        (JSC::Structure::createCachedPrototypeChain):

2009-01-12  Kevin Ollivier  <kevino (a] theolliviers.com>

        Since date time functions have moved here, now the wx port JSC
        needs to depend on wx.

        * jscore.bkl:

2009-01-11  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23245

        Add initializeThreading to key places in JS API to ensure that
        UString is properly initialized.

        * API/JSContextRef.cpp:
        (JSContextGroupCreate):
        (JSGlobalContextCreate):
        * API/JSObjectRef.cpp:
        (JSClassCreate):
        * API/JSStringRef.cpp:
        (JSStringCreateWithCharacters):
        (JSStringCreateWithUTF8CString):
        * API/JSStringRefCF.cpp:
        (JSStringCreateWithCFString):

2009-01-11  David Levin  <levin (a] chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23175

        Separate out BaseString information from UString::Rep and make all baseString access go through
        a member function, so that it may be used for something else (in the future) in the BaseString
        case.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStringsStorage::rep):
        (JSC::SmallStringsStorage::SmallStringsStorage):
        (JSC::SmallStrings::SmallStrings):
        (JSC::SmallStrings::mark):
        Adjust to account for the changes in UString and put the UString in place in
        SmallStringsStorage to aid in locality of reference among the UChar[] and UString::Rep's.

        * runtime/SmallStrings.h:
        * runtime/UString.cpp:
        (JSC::initializeStaticBaseString):
        (JSC::initializeUString):
        (JSC::UString::Rep::create):
        (JSC::UString::Rep::destroy):
        (JSC::UString::Rep::checkConsistency):
        (JSC::expandCapacity):
        (JSC::UString::expandPreCapacity):
        (JSC::concatenate):
        (JSC::UString::append):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::Rep::baseIsSelf):
        (JSC::UString::Rep::setBaseString):
        (JSC::UString::Rep::baseString):
        (JSC::UString::Rep::):
        (JSC::UString::Rep::null):
        (JSC::UString::Rep::empty):
        (JSC::UString::Rep::data):
        (JSC::UString::cost):
        Separate out the items out used by base strings from those used in Rep's that only
        point to base strings.  (This potentially saves 24 bytes per Rep.)

2009-01-11  Darin Adler  <darin (a] apple.com>

        Reviewed by Dan Bernstein.

        Bug 23239: improve handling of unused arguments in JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=23239

        * runtime/DatePrototype.cpp: Moved LocaleDateTimeFormat enum outside #if
        so we can use this on all platforms. Changed valueOf to share the same
        function with getTime, since the contents of the two are identical. Removed
        a FIXME since the idea isn't really specific enough or helpful enough to
        need to sit here in the source code.
        (JSC::formatLocaleDate): Changed the Mac version of this function to take
        the same arguments as the non-Mac version so the caller doesn't have to
        special-case the two platforms. Also made the formatString array be const;
        before the characters were, but the array was a modifiable global variable.
        (JSC::dateProtoFuncToLocaleString): Changed to call the new unified
        version of formatLocaleDate and remove the ifdef.
        (JSC::dateProtoFuncToLocaleDateString): Ditto.
        (JSC::dateProtoFuncToLocaleTimeString): Ditto.

        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::toObject): Use the new ASSERT_UNUSED instead of the
        old UNUSED_PARAM.

        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp): Changed to only use UNUSED_PARAM when the parameter
        is actually unused.

        * wtf/TCSystemAlloc.cpp:
        (TCMalloc_SystemRelease): Changed to only use UNUSED_PARAM when the parameter
        is actually unused.
        (TCMalloc_SystemCommit): Changed to omit the argument names instead of using
        UNUSED_PARAM.

2009-01-11  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Fix the build (whoops)

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_get_by_val):

2009-01-11  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Darin Adler and Anders Carlsson

        Bug 23128: get/put_by_val need to respecialise in the face of ByteArray

        Restructure the code slightly, and add comments per Darin's suggestions

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_get_by_val_byte_array):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_byte_array):

2009-01-11  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Anders Carlsson.

        Whoops, I accidentally removed an exception check from fast the
        fast path for string indexing when i originally landed the
        byte array logic.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_get_by_val):

2009-01-11  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Anders Carlsson.

        Bug 23128: get/put_by_val need to respecialise in the face of ByteArray
        <https://bugs.webkit.org/show_bug.cgi?id=23128>

        Fairly simple patch, add specialised versions of cti_op_get/put_by_val
        that assume ByteArray, thus avoiding a few branches in the case of bytearray
        manipulation.

        No effect on SunSpider.  15% win on the original testcase.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_get_by_val_byte_array):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_byte_array):
        * interpreter/Interpreter.h:

2009-01-11  Alexey Proskuryakov  <ap (a] webkit.org>

        Try to fix Windows build.

        * wtf/CurrentTime.cpp: Added a definition of msPerSecond (previously, this code was in
        DateMath.cpp, with constant definition in DateTime.h)

2009-01-11  Alexey Proskuryakov  <ap (a] webkit.org>

        Try to fix Windows build.

        * wtf/CurrentTime.cpp: Include <sys/types.h> and <sys/timeb.h>, as MSDN says to.

2009-01-11  Dmitry Titov  <dimich (a] chromium.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23207
        Moved currentTime() to from WebCore to WTF.

        * GNUmakefile.am:
        * JavaScriptCore.exp: added export for WTF::currentTime()
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * runtime/DateMath.cpp:
        (JSC::getCurrentUTCTimeWithMicroseconds): This function had another implementation of currentTime(), essentially. Now uses WTF version.
        * wtf/CurrentTime.cpp: Added.
        (WTF::currentTime):
        (WTF::highResUpTime):
        (WTF::lowResUTCTime):
        (WTF::qpcAvailable):
        * wtf/CurrentTime.h: Added.

2009-01-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Stage two of converting JSValue from a pointer to a class type.
        Remove the class JSValue.  The functionallity has been transitioned
        into the wrapper class type JSValuePtr.

        The last stage will be to rename JSValuePtr to JSValue, remove the
        overloaded -> operator, and switch operations on JSValuePtrs from
        using '->' to use '.' instead.

        * API/APICast.h:
        * JavaScriptCore.exp:
        * runtime/JSCell.h:
        (JSC::asCell):
        (JSC::JSValuePtr::asCell):
        (JSC::JSValuePtr::isNumber):
        (JSC::JSValuePtr::isString):
        (JSC::JSValuePtr::isGetterSetter):
        (JSC::JSValuePtr::isObject):
        (JSC::JSValuePtr::getNumber):
        (JSC::JSValuePtr::getString):
        (JSC::JSValuePtr::getObject):
        (JSC::JSValuePtr::getCallData):
        (JSC::JSValuePtr::getConstructData):
        (JSC::JSValuePtr::getUInt32):
        (JSC::JSValuePtr::getTruncatedInt32):
        (JSC::JSValuePtr::getTruncatedUInt32):
        (JSC::JSValuePtr::mark):
        (JSC::JSValuePtr::marked):
        (JSC::JSValuePtr::toPrimitive):
        (JSC::JSValuePtr::getPrimitiveNumber):
        (JSC::JSValuePtr::toBoolean):
        (JSC::JSValuePtr::toNumber):
        (JSC::JSValuePtr::toString):
        (JSC::JSValuePtr::toObject):
        (JSC::JSValuePtr::toThisObject):
        (JSC::JSValuePtr::needsThisConversion):
        (JSC::JSValuePtr::toThisString):
        (JSC::JSValuePtr::getJSNumber):
        * runtime/JSImmediate.h:
        (JSC::JSValuePtr::isUndefined):
        (JSC::JSValuePtr::isNull):
        (JSC::JSValuePtr::isUndefinedOrNull):
        (JSC::JSValuePtr::isBoolean):
        (JSC::JSValuePtr::getBoolean):
        (JSC::JSValuePtr::toInt32):
        (JSC::JSValuePtr::toUInt32):
        * runtime/JSNumberCell.h:
        (JSC::JSValuePtr::uncheckedGetNumber):
        (JSC::JSValuePtr::toJSNumber):
        * runtime/JSObject.h:
        (JSC::JSValuePtr::isObject):
        (JSC::JSValuePtr::get):
        (JSC::JSValuePtr::put):
        * runtime/JSString.h:
        (JSC::JSValuePtr::toThisJSString):
        * runtime/JSValue.cpp:
        (JSC::JSValuePtr::toInteger):
        (JSC::JSValuePtr::toIntegerPreserveNaN):
        (JSC::JSValuePtr::toInt32SlowCase):
        (JSC::JSValuePtr::toUInt32SlowCase):
        * runtime/JSValue.h:
        (JSC::JSValuePtr::makeImmediate):
        (JSC::JSValuePtr::immediateValue):
        (JSC::JSValuePtr::JSValuePtr):
        (JSC::JSValuePtr::operator->):
        (JSC::JSValuePtr::operator bool):
        (JSC::JSValuePtr::operator==):
        (JSC::JSValuePtr::operator!=):
        (JSC::JSValuePtr::encode):
        (JSC::JSValuePtr::decode):
        (JSC::JSValuePtr::toFloat):
        (JSC::JSValuePtr::asValue):
        (JSC::operator==):
        (JSC::operator!=):

2009-01-09  David Levin  <levin (a] chromium.org>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=23175

        Adjustment to previous patch.  Remove call to initilizeThreading from JSGlobalCreate
        and fix jsc.cpp instead.

        * jsc.cpp:
        (main):
        (jscmain):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::create):

2009-01-09  Sam Weinig  <sam (a] webkit.org>

        Roll r39720 back in with a working interpreted mode.

2009-01-09  David Levin  <levin (a] chromium.org>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=23175

        Added a template to make the pointer and flags combination
        in UString more readable and less error prone.

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        Added PtrAndFlags.h (and sorted the xcode project file).

        * runtime/Identifier.cpp:
        (JSC::Identifier::add):
        (JSC::Identifier::addSlowCase):
        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreadingOnce):
        Made the init threading initialize the UString globals.  Before
        these were initilized using {} but that became harder due to the
        addition of this tempalte class.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::create):
        * runtime/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * runtime/UString.cpp:
        (JSC::initializeStaticBaseString):
        (JSC::initializeUString):
        (JSC::UString::Rep::create):
        (JSC::UString::Rep::createFromUTF8):
        (JSC::createRep):
        (JSC::UString::UString):
        (JSC::concatenate):
        (JSC::UString::operator=):
        (JSC::UString::makeNull):
        (JSC::UString::nullRep):
        * runtime/UString.h:
        (JSC::UString::Rep::identifierTable):
        (JSC::UString::Rep::setIdentifierTable):
        (JSC::UString::Rep::isStatic):
        (JSC::UString::Rep::setStatic):
        (JSC::UString::Rep::):
        (JSC::UString::Rep::null):
        (JSC::UString::Rep::empty):
        (JSC::UString::isNull):
        (JSC::UString::null):
        (JSC::UString::UString):

        * wtf/PtrAndFlags.h: Added.
        (WTF::PtrAndFlags::PtrAndFlags):
        (WTF::PtrAndFlags::isFlagSet):
        (WTF::PtrAndFlags::setFlag):
        (WTF::PtrAndFlags::clearFlag):
        (WTF::PtrAndFlags::get):
        (WTF::PtrAndFlags::set):
        A simple way to layer together a pointer and 2 flags.  It relies on the pointer being 4 byte aligned,
        which should happen for all allocators (due to aligning pointers, int's, etc. on 4 byte boundaries).

2009-01-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by -O-l-i-v-e-r- -H-u-n-t- Sam Weinig (sorry, Sam!).

        Encode immediates in the low word of JSValuePtrs, on x86-64.

        On 32-bit platforms a JSValuePtr may represent a 31-bit signed integer.
        On 64-bit platforms, if USE(ALTERNATE_JSIMMEDIATE) is defined, a full
        32-bit integer may be stored in an immediate.
        
        Presently USE(ALTERNATE_JSIMMEDIATE) uses the same encoding as the default
        immediate format - the value is left shifted by one, so a one bit tag can
        be added to indicate the value is an immediate.  However this means that
        values must be commonly be detagged (by right shifting by one) before
        arithmetic operations can be performed on immediates.  This patch modifies
        the formattting so the the high bits of the immediate mark values as being
        integer.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::not32):
        (JSC::MacroAssembler::orPtr):
        (JSC::MacroAssembler::zeroExtend32ToPtr):
        (JSC::MacroAssembler::jaePtr):
        (JSC::MacroAssembler::jbPtr):
        (JSC::MacroAssembler::jnzPtr):
        (JSC::MacroAssembler::jzPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::notl_r):
        (JSC::X86Assembler::testq_i32r):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_lshift):
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArith_op_bitand):
        (JSC::JIT::compileFastArithSlow_op_bitand):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArithSlow_op_mod):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArith_op_post_inc):
        (JSC::JIT::compileFastArith_op_post_dec):
        (JSC::JIT::compileFastArith_op_pre_inc):
        (JSC::JIT::compileFastArith_op_pre_dec):
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpIfJSCell):
        (JSC::JIT::emitJumpIfNotJSCell):
        (JSC::JIT::emitJumpIfImmNum):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
        (JSC::JIT::emitFastArithDeTagImmediate):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::emitFastArithReTagImmediate):
        (JSC::JIT::emitFastArithImmToInt):
        (JSC::JIT::emitFastArithIntToImmNoCheck):
        (JSC::JIT::emitTagAsBoolImmediate):
        * jit/JITPropertyAccess.cpp:
        (JSC::resizePropertyStorage):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * runtime/JSImmediate.h:
        (JSC::JSImmediate::isNumber):
        (JSC::JSImmediate::isPositiveNumber):
        (JSC::JSImmediate::areBothImmediateNumbers):
        (JSC::JSImmediate::xorImmediateNumbers):
        (JSC::JSImmediate::rightShiftImmediateNumbers):
        (JSC::JSImmediate::canDoFastAdditiveOperations):
        (JSC::JSImmediate::addImmediateNumbers):
        (JSC::JSImmediate::subImmediateNumbers):
        (JSC::JSImmediate::makeInt):
        (JSC::JSImmediate::toBoolean):
        * wtf/Platform.h:

2009-01-08  Sam Weinig  <sam (a] webkit.org>

        Revert r39720. It broke Interpreted mode.

2009-01-08  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=23197
        Delay creating the PCVector until an exception is thrown
        Part of <rdar://problem/6469060>
        Don't store exception information for a CodeBlock until first exception is thrown

        - Change the process for re-parsing/re-generating bytecode for exception information
          to use data from the original CodeBlock (offsets of GlobalResolve instructions) to
          aid in creating an identical instruction stream on re-parse, instead of padding
          interchangeable opcodes, which would result in different JITed code.
        - Fix bug where the wrong ScopeChainNode was used when re-parsing/regenerating from
          within some odd modified scope chains.
        - Lazily create the pcVector by re-JITing the regenerated CodeBlock and stealing the
          the pcVector from it.

        Saves ~2MB on Membuster head.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
        * bytecode/CodeBlock.h:
        (JSC::JITCodeRef::JITCodeRef):
        (JSC::GlobalResolveInfo::GlobalResolveInfo):
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::addGlobalResolveInstruction):
        (JSC::CodeBlock::addGlobalResolveInfo):
        (JSC::CodeBlock::addFunctionRegisterInfo):
        (JSC::CodeBlock::hasExceptionInfo):
        (JSC::CodeBlock::pcVector):
        (JSC::EvalCodeBlock::EvalCodeBlock):
        (JSC::EvalCodeBlock::baseScopeDepth):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitResolve):
        (JSC::BytecodeGenerator::emitGetScopedVar):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::setRegeneratingForExceptionInfo):
        * interpreter/Interpreter.cpp:
        (JSC::bytecodeOffsetForPC):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveLastCaller):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_resolve):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_resolve_func):
        (JSC::Interpreter::cti_op_resolve_skip):
        (JSC::Interpreter::cti_op_resolve_global):
        (JSC::Interpreter::cti_op_resolve_with_base):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_vm_throw):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * parser/Nodes.cpp:
        (JSC::EvalNode::generateBytecode):
        (JSC::EvalNode::bytecodeForExceptionInfoReparse):
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):
        * parser/Nodes.h:

2009-01-08  Jian Li  <jianli (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Add Win32 implementation of ThreadSpecific.
        https://bugs.webkit.org/show_bug.cgi?id=22614

        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * wtf/ThreadSpecific.h:
        (WTF::ThreadSpecific::ThreadSpecific):
        (WTF::ThreadSpecific::~ThreadSpecific):
        (WTF::ThreadSpecific::get):
        (WTF::ThreadSpecific::set):
        (WTF::ThreadSpecific::destroy):
        * wtf/ThreadSpecificWin.cpp: Added.
        (WTF::ThreadSpecificThreadExit):
        * wtf/ThreadingWin.cpp:
        (WTF::wtfThreadEntryPoint):

2009-01-08  Justin McPherson <justin.mcpherson (a] nokia.com>

        Reviewed by Simon Hausmann.

        Fix compilation with Qt on NetBSD.

        * runtime/Collector.cpp:
        (JSC::currentThreadStackBase): Use PLATFORM(NETBSD) to enter the
        code path to retrieve the stack base using pthread_attr_get_np.
        The PTHREAD_NP_H define is not used because the header file does
        not exist on NetBSD, but the function is declared nevertheless.
        * wtf/Platform.h: Introduce WTF_PLATFORM_NETBSD.

2009-01-07  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        <rdar://problem/6469060> Don't store exception information for a CodeBlock until first exception is thrown

        Don't initially store exception information (lineNumber/expressionRange/getByIdExcecptionInfo)
        in CodeBlocks blocks.  Instead, re-parse for the data on demand and cache it then.

        One important change that was needed to make this work was to pad op_get_global_var with nops to
        be the same length as op_resolve_global, since one could be replaced for the other on re-parsing,
        and we want to keep the offsets bytecode offsets the same.

        1.3MB improvement on Membuster head.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Update op_get_global_var to account for the padding.
        (JSC::CodeBlock::dumpStatistics): Add more statistic dumping.
        (JSC::CodeBlock::CodeBlock): Initialize m_exceptionInfo.
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary): Re-parses the CodeBlocks
        associated SourceCode and steals the ExceptionInfo from it.
        (JSC::CodeBlock::lineNumberForBytecodeOffset): Creates the exception info on demand.
        (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::numberOfExceptionHandlers): Updated to account for m_exceptionInfo indirection.
        (JSC::CodeBlock::addExceptionHandler): Ditto.
        (JSC::CodeBlock::exceptionHandler): Ditto.
        (JSC::CodeBlock::clearExceptionInfo): Ditto.
        (JSC::CodeBlock::addExpressionInfo): Ditto.
        (JSC::CodeBlock::addGetByIdExceptionInfo): Ditto.
        (JSC::CodeBlock::numberOfLineInfos): Ditto.
        (JSC::CodeBlock::addLineInfo): Ditto.
        (JSC::CodeBlock::lastLineInfo): Ditto.

        * bytecode/Opcode.h: Change length of op_get_global_var to match op_resolve_global.

        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::dump): Add comment indicating why it is okay not to pass a CallFrame.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate): Clear the exception info after generation for Function and Eval
        Code when not in regenerate for exception info mode.
        (JSC::BytecodeGenerator::BytecodeGenerator): Initialize m_regeneratingForExceptionInfo to false.
        (JSC::BytecodeGenerator::emitGetScopedVar): Pad op_get_global_var with 2 nops.
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::setRegeneratingForExcpeptionInfo): Added.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException): Pass the CallFrame to exception info accessors.
        (JSC::Interpreter::privateExecute): Ditto.
        (JSC::Interpreter::retrieveLastCaller): Ditto.
        (JSC::Interpreter::cti_op_new_error): Ditto.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass): Pass the current bytecode offset instead of hard coding the
        line number, the stub will do the accessing if it gets called.

        * parser/Nodes.cpp:
        (JSC::ProgramNode::emitBytecode): Moved.
        (JSC::ProgramNode::generateBytecode): Moved.
        (JSC::EvalNode::create): Moved.
        (JSC::EvalNode::bytecodeForExceptionInfoReparse): Added.
        (JSC::FunctionBodyNode::generateBytecode): Rename reparse to reparseInPlace.
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse): Addded.

        * parser/Nodes.h:
        (JSC::ScopeNode::features): Added getter.
        * parser/Parser.cpp:
        (JSC::Parser::reparseInPlace): Renamed from reparse.
        * parser/Parser.h:
        (JSC::Parser::reparse): Added. Re-parses the passed in Node into
        a new Node.
        * runtime/ExceptionHelpers.cpp:
        (JSC::createUndefinedVariableError): Pass along CallFrame.
        (JSC::createInvalidParamError): Ditto.
        (JSC::createNotAConstructorError): Ditto.
        (JSC::createNotAFunctionError): Ditto.
        (JSC::createNotAnObjectError): Ditto.

2009-01-06  Gavin Barraclough  <baraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Replace accidentally removed references in BytecodeGenerator, deleting these
        will be hindering the sharing of constant numbers and strings.

        The code to add a new constant (either number or string) to their respective
        map works by attempting to add a null entry, then checking the result of the
        add for null.  The first time, this should return the null (or noValue).
        The code checks for null (to see if this is the initial add), and then allocates
        a new number / string object.  This code relies on the result returned from
        the add to the map being stored as a reference, such that the allocated object
        will be stored in the map, and will be resused if the same constant is encountered
        again.  By failing to use a reference we will be leaking GC object for each
        additional entry added to the map.  As GC objects they should be clollected,
        be we should no be allocatin them in the first place.

        https://bugs.webkit.org/show_bug.cgi?id=23158

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitLoad):

2009-01-06  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6040850> JavaScript register file should use VirtualAlloc on Windows

        Fairly simple, just reserve 4Mb of address space for the
        register file, and then commit one section at a time.  We
        don't release committed memory as we drop back, but then
        mac doesn't either so this probably not too much of a 
        problem.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::grow):

2009-01-06  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23142
        ThreadGlobalData leaks seen on buildbot

        * wtf/ThreadSpecific.h: (WTF::ThreadSpecific::destroy): Temporarily reset the thread
        specific value to make getter work on Mac OS X.

        * wtf/Platform.h: Touch this file again to make sure all Windows builds use the most recent
        version of ThreadSpecific.h.

2009-01-05  Gavin Barraclough  <baraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Replace all uses of JSValue* with a new smart pointer type, JSValuePtr.
        
        A JavaScript value may be a heap object or boxed primitive, represented by a
        pointer, or may be an unboxed immediate value, such as an integer.  Since a
        value may dynamically need to contain either a pointer value or an immediate,
        we encode immediates as pointer values (since all valid JSCell pointers are
        allocated at alligned addesses, unaligned addresses are available to encode
        immediates).  As such all JavaScript values are represented using a JSValue*.

        This implementation is encumbered by a number of constraints.  It ties the
        JSValue representation to the size of pointer on the platform, which, for
        example, means that we currently can represent different ranges of integers
        as immediates on x86 and x86-64.  It also prevents us from overloading the
        to-boolean conversion used to test for noValue() - effectively forcing us
        to represent noValue() as 0.  This would potentially be problematic were we
        to wish to encode integer values differently (e.g. were we to use the v8
        encoding, where pointers are tagged with 1 and integers with 0, then the
        immediate integer 0 would conflict with noValue()).

        This patch replaces all usage of JSValue* with a new class, JSValuePtr,
        which encapsulates the pointer.  JSValuePtr maintains the same interface as
        JSValue*, overloading operator-> and operator bool such that previous
        operations in the code on variables of type JSValue* are still supported.

        In order to provide a ProtectPtr<> type with support for the new value
        representation (without using the internal JSValue type directly), a new
        ProtectJSValuePtr type has been added, equivalent to the previous type
        ProtectPtr<JSValue>.

        This patch is likely the first in a sequence of three changes.  With the
        value now encapsulated it will likely make sense to migrate the functionality
        from JSValue into JSValuePtr, such that the internal pointer representation
        need not be exposed.  Through migrating the functionality to the wrapper
        class the existing JSValue should be rendered redundant, and the class is
        likely to be removed (the JSValuePtr now wrapping a pointer to a JSCell).
        At this stage it will likely make sense to rename JSValuePtr to JSValue.

        https://bugs.webkit.org/show_bug.cgi?id=23114

        * API/APICast.h:
        (toJS):
        (toRef):
        * API/JSBase.cpp:
        (JSEvaluateScript):
        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::asCallbackObject):
        (JSC::::put):
        (JSC::::hasInstance):
        (JSC::::call):
        (JSC::::staticValueGetter):
        (JSC::::staticFunctionGetter):
        (JSC::::callbackGetter):
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor):
        (JSObjectSetPrototype):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectGetPropertyAtIndex):
        (JSObjectSetPropertyAtIndex):
        * API/JSValueRef.cpp:
        (JSValueGetType):
        (JSValueIsUndefined):
        (JSValueIsNull):
        (JSValueIsBoolean):
        (JSValueIsNumber):
        (JSValueIsString):
        (JSValueIsObject):
        (JSValueIsObjectOfClass):
        (JSValueIsEqual):
        (JSValueIsStrictEqual):
        (JSValueIsInstanceOfConstructor):
        (JSValueToBoolean):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        (JSValueProtect):
        (JSValueUnprotect):
        * JavaScriptCore.exp:
        * bytecode/CodeBlock.cpp:
        (JSC::valueToSourceString):
        (JSC::constantName):
        (JSC::CodeBlock::dump):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getConstant):
        (JSC::CodeBlock::addUnexpectedConstant):
        (JSC::CodeBlock::unexpectedConstant):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::addConstant):
        (JSC::BytecodeGenerator::addUnexpectedConstant):
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitLoadJSV):
        (JSC::BytecodeGenerator::emitGetScopedVar):
        (JSC::BytecodeGenerator::emitPutScopedVar):
        (JSC::BytecodeGenerator::emitNewError):
        (JSC::keyForImmediateSwitch):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::JSValueHashTraits::constructDeletedValue):
        (JSC::BytecodeGenerator::JSValueHashTraits::isDeletedValue):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * debugger/DebuggerCallFrame.h:
        (JSC::DebuggerCallFrame::DebuggerCallFrame):
        (JSC::DebuggerCallFrame::exception):
        * interpreter/CallFrame.cpp:
        (JSC::CallFrame::thisValue):
        * interpreter/CallFrame.h:
        (JSC::ExecState::setException):
        (JSC::ExecState::exception):
        (JSC::ExecState::exceptionSlot):
        (JSC::ExecState::hadException):
        * interpreter/Interpreter.cpp:
        (JSC::fastIsNumber):
        (JSC::fastToInt32):
        (JSC::fastToUInt32):
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAddSlowCase):
        (JSC::jsAdd):
        (JSC::jsTypeStringForValue):
        (JSC::jsIsObjectType):
        (JSC::jsIsFunctionType):
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::inlineResolveBase):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::resolveBaseAndFunc):
        (JSC::isNotObject):
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::checkTimeout):
        (JSC::Interpreter::createExceptionScope):
        (JSC::cachePrototypeChain):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::countPrototypeChainEntriesAndCheckForProxies):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::retrieveLastCaller):
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::returnToThrowTrampoline):
        (JSC::Interpreter::cti_op_convert_this):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_pre_inc):
        (JSC::Interpreter::cti_op_loop_if_less):
        (JSC::Interpreter::cti_op_loop_if_lesseq):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_second):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
        (JSC::Interpreter::cti_op_get_by_id_proto_fail):
        (JSC::Interpreter::cti_op_get_by_id_array_fail):
        (JSC::Interpreter::cti_op_get_by_id_string_fail):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_del_by_id):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_resolve):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_resolve_func):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_lesseq):
        (JSC::Interpreter::cti_op_loop_if_true):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_resolve_base):
        (JSC::Interpreter::cti_op_resolve_skip):
        (JSC::Interpreter::cti_op_resolve_global):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_pre_dec):
        (JSC::Interpreter::cti_op_jless):
        (JSC::Interpreter::cti_op_not):
        (JSC::Interpreter::cti_op_jtrue):
        (JSC::Interpreter::cti_op_post_inc):
        (JSC::Interpreter::cti_op_eq):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_resolve_with_base):
        (JSC::Interpreter::cti_op_mod):
        (JSC::Interpreter::cti_op_less):
        (JSC::Interpreter::cti_op_neq):
        (JSC::Interpreter::cti_op_post_dec):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_bitxor):
        (JSC::Interpreter::cti_op_bitor):
        (JSC::Interpreter::cti_op_call_eval):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_next_pname):
        (JSC::Interpreter::cti_op_typeof):
        (JSC::Interpreter::cti_op_is_undefined):
        (JSC::Interpreter::cti_op_is_boolean):
        (JSC::Interpreter::cti_op_is_number):
        (JSC::Interpreter::cti_op_is_string):
        (JSC::Interpreter::cti_op_is_object):
        (JSC::Interpreter::cti_op_is_function):
        (JSC::Interpreter::cti_op_stricteq):
        (JSC::Interpreter::cti_op_nstricteq):
        (JSC::Interpreter::cti_op_to_jsnumber):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        (JSC::Interpreter::cti_op_del_by_val):
        (JSC::Interpreter::cti_op_new_error):
        (JSC::Interpreter::cti_vm_throw):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::isJSArray):
        (JSC::Interpreter::isJSString):
        * interpreter/Register.h:
        (JSC::Register::):
        (JSC::Register::Register):
        (JSC::Register::jsValue):
        (JSC::Register::getJSValue):
        * jit/JIT.cpp:
        (JSC::):
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        (JSC::):
        (JSC::JIT::execute):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::getConstantOperand):
        (JSC::JIT::isOperandConstant31BitImmediateInt):
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        (JSC::JIT::emitInitRegister):
        * jit/JITPropertyAccess.cpp:
        (JSC::resizePropertyStorage):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * jsc.cpp:
        (functionPrint):
        (functionDebug):
        (functionGC):
        (functionVersion):
        (functionRun):
        (functionLoad):
        (functionReadline):
        (functionQuit):
        * parser/Nodes.cpp:
        (JSC::NullNode::emitBytecode):
        (JSC::ArrayNode::emitBytecode):
        (JSC::FunctionCallValueNode::emitBytecode):
        (JSC::FunctionCallResolveNode::emitBytecode):
        (JSC::VoidNode::emitBytecode):
        (JSC::ConstDeclNode::emitCodeSingle):
        (JSC::ReturnNode::emitBytecode):
        (JSC::processClauseList):
        (JSC::EvalNode::emitBytecode):
        (JSC::FunctionBodyNode::emitBytecode):
        (JSC::ProgramNode::emitBytecode):
        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::addParentForConsoleStart):
        * profiler/Profiler.cpp:
        (JSC::Profiler::willExecute):
        (JSC::Profiler::didExecute):
        (JSC::Profiler::createCallIdentifier):
        * profiler/Profiler.h:
        * runtime/ArgList.cpp:
        (JSC::ArgList::slowAppend):
        * runtime/ArgList.h:
        (JSC::ArgList::at):
        (JSC::ArgList::append):
        * runtime/Arguments.cpp:
        (JSC::Arguments::put):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        (JSC::asArguments):
        * runtime/ArrayConstructor.cpp:
        (JSC::callArrayConstructor):
        * runtime/ArrayPrototype.cpp:
        (JSC::getProperty):
        (JSC::putProperty):
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        (JSC::arrayProtoFuncConcat):
        (JSC::arrayProtoFuncPop):
        (JSC::arrayProtoFuncPush):
        (JSC::arrayProtoFuncReverse):
        (JSC::arrayProtoFuncShift):
        (JSC::arrayProtoFuncSlice):
        (JSC::arrayProtoFuncSort):
        (JSC::arrayProtoFuncSplice):
        (JSC::arrayProtoFuncUnShift):
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncMap):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncForEach):
        (JSC::arrayProtoFuncSome):
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/BooleanConstructor.cpp:
        (JSC::callBooleanConstructor):
        (JSC::constructBooleanFromImmediateBoolean):
        * runtime/BooleanConstructor.h:
        * runtime/BooleanObject.h:
        (JSC::asBooleanObject):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString):
        (JSC::booleanProtoFuncValueOf):
        * runtime/CallData.cpp:
        (JSC::call):
        * runtime/CallData.h:
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::heap):
        (JSC::Heap::collect):
        * runtime/Collector.h:
        * runtime/Completion.cpp:
        (JSC::evaluate):
        * runtime/Completion.h:
        (JSC::Completion::Completion):
        (JSC::Completion::value):
        (JSC::Completion::setValue):
        (JSC::Completion::isValueCompletion):
        * runtime/ConstructData.cpp:
        (JSC::construct):
        * runtime/ConstructData.h:
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        (JSC::callDate):
        (JSC::dateParse):
        (JSC::dateNow):
        (JSC::dateUTC):
        * runtime/DateInstance.h:
        (JSC::asDateInstance):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncValueOf):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetMilliSeconds):
        (JSC::dateProtoFuncGetUTCMilliseconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetMilliSeconds):
        (JSC::dateProtoFuncSetUTCMilliseconds):
        (JSC::dateProtoFuncSetSeconds):
        (JSC::dateProtoFuncSetUTCSeconds):
        (JSC::dateProtoFuncSetMinutes):
        (JSC::dateProtoFuncSetUTCMinutes):
        (JSC::dateProtoFuncSetHours):
        (JSC::dateProtoFuncSetUTCHours):
        (JSC::dateProtoFuncSetDate):
        (JSC::dateProtoFuncSetUTCDate):
        (JSC::dateProtoFuncSetMonth):
        (JSC::dateProtoFuncSetUTCMonth):
        (JSC::dateProtoFuncSetFullYear):
        (JSC::dateProtoFuncSetUTCFullYear):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/ErrorConstructor.cpp:
        (JSC::callErrorConstructor):
        * runtime/ErrorPrototype.cpp:
        (JSC::errorProtoFuncToString):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createInterruptedExecutionException):
        (JSC::createError):
        (JSC::createStackOverflowError):
        (JSC::createUndefinedVariableError):
        (JSC::createErrorMessage):
        (JSC::createInvalidParamError):
        (JSC::createNotAConstructorError):
        (JSC::createNotAFunctionError):
        * runtime/ExceptionHelpers.h:
        * runtime/FunctionConstructor.cpp:
        (JSC::callFunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::callFunctionPrototype):
        (JSC::functionProtoFuncToString):
        (JSC::functionProtoFuncApply):
        (JSC::functionProtoFuncCall):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::toPrimitive):
        (JSC::GetterSetter::getPrimitiveNumber):
        * runtime/GetterSetter.h:
        (JSC::asGetterSetter):
        * runtime/InitializeThreading.cpp:
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        (JSC::asInternalFunction):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::getOwnPropertySlot):
        (JSC::JSActivation::put):
        (JSC::JSActivation::putWithAttributes):
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        (JSC::asActivation):
        * runtime/JSArray.cpp:
        (JSC::storageSize):
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::getPropertyNames):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::mark):
        (JSC::JSArray::sort):
        (JSC::JSArray::compactForSorting):
        (JSC::JSArray::checkConsistency):
        (JSC::constructArray):
        * runtime/JSArray.h:
        (JSC::JSArray::getIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::createStructure):
        (JSC::asArray):
        * runtime/JSCell.cpp:
        (JSC::JSCell::put):
        (JSC::JSCell::getJSNumber):
        * runtime/JSCell.h:
        (JSC::asCell):
        (JSC::JSValue::asCell):
        (JSC::JSValue::toPrimitive):
        (JSC::JSValue::getPrimitiveNumber):
        (JSC::JSValue::getJSNumber):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::call):
        (JSC::JSFunction::argumentsGetter):
        (JSC::JSFunction::callerGetter):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getOwnPropertySlot):
        (JSC::JSFunction::put):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        (JSC::asFunction):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::put):
        (JSC::JSGlobalObject::putWithAttributes):
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::resetPrototype):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        (JSC::JSGlobalObject::GlobalPropertyInfo::GlobalPropertyInfo):
        (JSC::asGlobalObject):
        (JSC::Structure::prototypeForLookup):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEval):
        (JSC::globalFuncParseInt):
        (JSC::globalFuncParseFloat):
        (JSC::globalFuncIsNaN):
        (JSC::globalFuncIsFinite):
        (JSC::globalFuncDecodeURI):
        (JSC::globalFuncDecodeURIComponent):
        (JSC::globalFuncEncodeURI):
        (JSC::globalFuncEncodeURIComponent):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        (JSC::globalFuncJSCPrint):
        * runtime/JSGlobalObjectFunctions.h:
        * runtime/JSImmediate.cpp:
        (JSC::JSImmediate::toThisObject):
        (JSC::JSImmediate::toObject):
        (JSC::JSImmediate::prototype):
        (JSC::JSImmediate::toString):
        * runtime/JSImmediate.h:
        (JSC::JSImmediate::isImmediate):
        (JSC::JSImmediate::isNumber):
        (JSC::JSImmediate::isPositiveNumber):
        (JSC::JSImmediate::isBoolean):
        (JSC::JSImmediate::isUndefinedOrNull):
        (JSC::JSImmediate::isNegative):
        (JSC::JSImmediate::isEitherImmediate):
        (JSC::JSImmediate::isAnyImmediate):
        (JSC::JSImmediate::areBothImmediate):
        (JSC::JSImmediate::areBothImmediateNumbers):
        (JSC::JSImmediate::andImmediateNumbers):
        (JSC::JSImmediate::xorImmediateNumbers):
        (JSC::JSImmediate::orImmediateNumbers):
        (JSC::JSImmediate::rightShiftImmediateNumbers):
        (JSC::JSImmediate::canDoFastAdditiveOperations):
        (JSC::JSImmediate::addImmediateNumbers):
        (JSC::JSImmediate::subImmediateNumbers):
        (JSC::JSImmediate::incImmediateNumber):
        (JSC::JSImmediate::decImmediateNumber):
        (JSC::JSImmediate::makeValue):
        (JSC::JSImmediate::makeInt):
        (JSC::JSImmediate::makeBool):
        (JSC::JSImmediate::makeUndefined):
        (JSC::JSImmediate::makeNull):
        (JSC::JSImmediate::intValue):
        (JSC::JSImmediate::uintValue):
        (JSC::JSImmediate::boolValue):
        (JSC::JSImmediate::rawValue):
        (JSC::JSImmediate::trueImmediate):
        (JSC::JSImmediate::falseImmediate):
        (JSC::JSImmediate::undefinedImmediate):
        (JSC::JSImmediate::nullImmediate):
        (JSC::JSImmediate::zeroImmediate):
        (JSC::JSImmediate::oneImmediate):
        (JSC::JSImmediate::impossibleValue):
        (JSC::JSImmediate::toBoolean):
        (JSC::JSImmediate::getTruncatedUInt32):
        (JSC::JSImmediate::from):
        (JSC::JSImmediate::getTruncatedInt32):
        (JSC::JSImmediate::toDouble):
        (JSC::JSImmediate::getUInt32):
        (JSC::jsNull):
        (JSC::jsBoolean):
        (JSC::jsUndefined):
        (JSC::JSValue::isUndefined):
        (JSC::JSValue::isNull):
        (JSC::JSValue::isUndefinedOrNull):
        (JSC::JSValue::isBoolean):
        (JSC::JSValue::getBoolean):
        (JSC::JSValue::toInt32):
        (JSC::JSValue::toUInt32):
        (JSC::toInt32):
        (JSC::toUInt32):
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::toPrimitive):
        (JSC::JSNotAnObject::getPrimitiveNumber):
        (JSC::JSNotAnObject::put):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSNumberCell.cpp:
        (JSC::JSNumberCell::toPrimitive):
        (JSC::JSNumberCell::getPrimitiveNumber):
        (JSC::JSNumberCell::getJSNumber):
        (JSC::jsNumberCell):
        (JSC::jsNaN):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        (JSC::asNumberCell):
        (JSC::jsNumber):
        (JSC::JSValue::toJSNumber):
        * runtime/JSObject.cpp:
        (JSC::JSObject::mark):
        (JSC::JSObject::put):
        (JSC::JSObject::putWithAttributes):
        (JSC::callDefaultValueFunction):
        (JSC::JSObject::getPrimitiveNumber):
        (JSC::JSObject::defaultValue):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::lookupGetter):
        (JSC::JSObject::lookupSetter):
        (JSC::JSObject::hasInstance):
        (JSC::JSObject::toNumber):
        (JSC::JSObject::toString):
        (JSC::JSObject::fillGetterPropertySlot):
        * runtime/JSObject.h:
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::offsetForLocation):
        (JSC::JSObject::locationForOffset):
        (JSC::JSObject::getDirectOffset):
        (JSC::JSObject::putDirectOffset):
        (JSC::JSObject::createStructure):
        (JSC::asObject):
        (JSC::JSObject::prototype):
        (JSC::JSObject::setPrototype):
        (JSC::JSObject::inlineGetOwnPropertySlot):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSObject::getPropertySlot):
        (JSC::JSObject::get):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::toPrimitive):
        (JSC::JSValue::get):
        (JSC::JSValue::put):
        (JSC::JSObject::allocatePropertyStorageInline):
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::toPrimitive):
        (JSC::JSPropertyNameIterator::getPrimitiveNumber):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::create):
        (JSC::JSPropertyNameIterator::next):
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::put):
        (JSC::JSStaticScopeObject::putWithAttributes):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::JSStaticScopeObject):
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSString.cpp:
        (JSC::JSString::toPrimitive):
        (JSC::JSString::getPrimitiveNumber):
        (JSC::JSString::getOwnPropertySlot):
        * runtime/JSString.h:
        (JSC::JSString::createStructure):
        (JSC::asString):
        * runtime/JSValue.h:
        (JSC::JSValuePtr::makeImmediate):
        (JSC::JSValuePtr::immediateValue):
        (JSC::JSValuePtr::JSValuePtr):
        (JSC::JSValuePtr::operator->):
        (JSC::JSValuePtr::hasValue):
        (JSC::JSValuePtr::operator==):
        (JSC::JSValuePtr::operator!=):
        (JSC::JSValuePtr::encode):
        (JSC::JSValuePtr::decode):
        (JSC::JSValue::asValue):
        (JSC::noValue):
        (JSC::operator==):
        (JSC::operator!=):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::symbolTablePut):
        (JSC::JSVariableObject::symbolTablePutWithAttributes):
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::mark):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::internalValue):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::lookupPut):
        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncAbs):
        (JSC::mathProtoFuncACos):
        (JSC::mathProtoFuncASin):
        (JSC::mathProtoFuncATan):
        (JSC::mathProtoFuncATan2):
        (JSC::mathProtoFuncCeil):
        (JSC::mathProtoFuncCos):
        (JSC::mathProtoFuncExp):
        (JSC::mathProtoFuncFloor):
        (JSC::mathProtoFuncLog):
        (JSC::mathProtoFuncMax):
        (JSC::mathProtoFuncMin):
        (JSC::mathProtoFuncPow):
        (JSC::mathProtoFuncRandom):
        (JSC::mathProtoFuncRound):
        (JSC::mathProtoFuncSin):
        (JSC::mathProtoFuncSqrt):
        (JSC::mathProtoFuncTan):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::callNativeErrorConstructor):
        * runtime/NumberConstructor.cpp:
        (JSC::numberConstructorNaNValue):
        (JSC::numberConstructorNegInfinity):
        (JSC::numberConstructorPosInfinity):
        (JSC::numberConstructorMaxValue):
        (JSC::numberConstructorMinValue):
        (JSC::callNumberConstructor):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.cpp:
        (JSC::NumberObject::getJSNumber):
        (JSC::constructNumberFromImmediateNumber):
        * runtime/NumberObject.h:
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString):
        (JSC::numberProtoFuncToLocaleString):
        (JSC::numberProtoFuncValueOf):
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToExponential):
        (JSC::numberProtoFuncToPrecision):
        * runtime/ObjectConstructor.cpp:
        (JSC::constructObject):
        (JSC::callObjectConstructor):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncValueOf):
        (JSC::objectProtoFuncHasOwnProperty):
        (JSC::objectProtoFuncIsPrototypeOf):
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        (JSC::objectProtoFuncLookupGetter):
        (JSC::objectProtoFuncLookupSetter):
        (JSC::objectProtoFuncPropertyIsEnumerable):
        (JSC::objectProtoFuncToLocaleString):
        (JSC::objectProtoFuncToString):
        * runtime/ObjectPrototype.h:
        * runtime/Operations.cpp:
        (JSC::equal):
        (JSC::equalSlowCase):
        (JSC::strictEqual):
        (JSC::strictEqualSlowCase):
        (JSC::throwOutOfMemoryError):
        * runtime/Operations.h:
        (JSC::equalSlowCaseInline):
        (JSC::strictEqualSlowCaseInline):
        * runtime/PropertySlot.cpp:
        (JSC::PropertySlot::functionGetter):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::PropertySlot):
        (JSC::PropertySlot::getValue):
        (JSC::PropertySlot::putValue):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setValue):
        (JSC::PropertySlot::setCustom):
        (JSC::PropertySlot::setCustomIndex):
        (JSC::PropertySlot::slotBase):
        (JSC::PropertySlot::setBase):
        (JSC::PropertySlot::):
        * runtime/Protect.h:
        (JSC::gcProtect):
        (JSC::gcUnprotect):
        (JSC::ProtectedPtr::ProtectedPtr):
        (JSC::ProtectedPtr::operator JSValuePtr):
        (JSC::ProtectedJSValuePtr::ProtectedJSValuePtr):
        (JSC::ProtectedJSValuePtr::get):
        (JSC::ProtectedJSValuePtr::operator JSValuePtr):
        (JSC::ProtectedJSValuePtr::operator->):
        (JSC::::ProtectedPtr):
        (JSC::::~ProtectedPtr):
        (JSC::::operator):
        (JSC::ProtectedJSValuePtr::~ProtectedJSValuePtr):
        (JSC::ProtectedJSValuePtr::operator=):
        (JSC::operator==):
        (JSC::operator!=):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::getBackref):
        (JSC::RegExpConstructor::getLastParen):
        (JSC::RegExpConstructor::getLeftContext):
        (JSC::RegExpConstructor::getRightContext):
        (JSC::regExpConstructorDollar1):
        (JSC::regExpConstructorDollar2):
        (JSC::regExpConstructorDollar3):
        (JSC::regExpConstructorDollar4):
        (JSC::regExpConstructorDollar5):
        (JSC::regExpConstructorDollar6):
        (JSC::regExpConstructorDollar7):
        (JSC::regExpConstructorDollar8):
        (JSC::regExpConstructorDollar9):
        (JSC::regExpConstructorInput):
        (JSC::regExpConstructorMultiline):
        (JSC::regExpConstructorLastMatch):
        (JSC::regExpConstructorLastParen):
        (JSC::regExpConstructorLeftContext):
        (JSC::regExpConstructorRightContext):
        (JSC::RegExpConstructor::put):
        (JSC::setRegExpConstructorInput):
        (JSC::setRegExpConstructorMultiline):
        (JSC::constructRegExp):
        (JSC::callRegExpConstructor):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        (JSC::asRegExpConstructor):
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::put):
        * runtime/RegExpObject.cpp:
        (JSC::regExpObjectGlobal):
        (JSC::regExpObjectIgnoreCase):
        (JSC::regExpObjectMultiline):
        (JSC::regExpObjectSource):
        (JSC::regExpObjectLastIndex):
        (JSC::RegExpObject::put):
        (JSC::setRegExpObjectLastIndex):
        (JSC::RegExpObject::test):
        (JSC::RegExpObject::exec):
        (JSC::callRegExpObject):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        (JSC::asRegExpObject):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest):
        (JSC::regExpProtoFuncExec):
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        (JSC::stringFromCharCode):
        (JSC::callStringConstructor):
        * runtime/StringObject.cpp:
        (JSC::StringObject::put):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        (JSC::asStringObject):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToString):
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncConcat):
        (JSC::stringProtoFuncIndexOf):
        (JSC::stringProtoFuncLastIndexOf):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSlice):
        (JSC::stringProtoFuncSplit):
        (JSC::stringProtoFuncSubstr):
        (JSC::stringProtoFuncSubstring):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):
        (JSC::stringProtoFuncLocaleCompare):
        (JSC::stringProtoFuncBig):
        (JSC::stringProtoFuncSmall):
        (JSC::stringProtoFuncBlink):
        (JSC::stringProtoFuncBold):
        (JSC::stringProtoFuncFixed):
        (JSC::stringProtoFuncItalics):
        (JSC::stringProtoFuncStrike):
        (JSC::stringProtoFuncSub):
        (JSC::stringProtoFuncSup):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):
        (JSC::stringProtoFuncLink):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::changePrototypeTransition):
        (JSC::Structure::createCachedPrototypeChain):
        * runtime/Structure.h:
        (JSC::Structure::create):
        (JSC::Structure::setPrototypeWithoutTransition):
        (JSC::Structure::storedPrototype):

2009-01-06  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        <https://bugs.webkit.org/show_bug.cgi?id=23085> [jsfunfuzz] Over released ScopeChainNode
        <rdar://problem/6474110>

        So this delightful bug was caused by our unwind code using a ScopeChain to perform
        the unwind.  The ScopeChain would ref the initial top of the scope chain, then deref
        the resultant top of scope chain, which is incorrect.

        This patch removes the dependency on ScopeChain for the unwind, and i've filed
        <https://bugs.webkit.org/show_bug.cgi?id=23144> to look into the unintuitive
        ScopeChain behaviour.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException):

2009-01-06  Adam Roben  <aroben (a] apple.com>

        Hopeful Windows crash-on-launch fix

        * wtf/Platform.h: Force a world rebuild by touching this file.

2009-01-06  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Reviewed by NOBODY (Build fix).

        * GNUmakefile.am:Add ByteArray.cpp too

2009-01-06  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Reviewed by NOBODY (Speculative build fix).

        AllInOneFile.cpp does not include the JSByteArray.cpp include it...

        * GNUmakefile.am:

2009-01-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Fix Wx build

        * JavaScriptCoreSources.bkl:

2009-01-05  Oliver Hunt  <oliver (a] apple.com>

        Windows build fixes

        Rubber-stamped by Alice Liu.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        * runtime/ByteArray.cpp:
        (JSC::ByteArray::create):
        * runtime/ByteArray.h:

2009-01-05  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        CanvasPixelArray performance is too slow 
        <https://bugs.webkit.org/show_bug.cgi?id=23123>

        The fix to this is to devirtualise get and put in a manner similar to
        JSString and JSArray.  To do this I've added a ByteArray implementation
        and JSByteArray wrapper to JSC.  We can then do vptr comparisons to
        devirtualise the calls.

        This devirtualisation improves performance by 1.5-2x in my somewhat ad
        hoc tests.

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_put_by_val):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::isJSByteArray):
        * runtime/ByteArray.cpp: Added.
        (JSC::ByteArray::create):
        * runtime/ByteArray.h: Added.
        (JSC::ByteArray::length):
        (JSC::ByteArray::set):
        (JSC::ByteArray::get):
        (JSC::ByteArray::data):
        (JSC::ByteArray::ByteArray):
        * runtime/JSByteArray.cpp: Added.
        (JSC::):
        (JSC::JSByteArray::JSByteArray):
        (JSC::JSByteArray::createStructure):
        (JSC::JSByteArray::getOwnPropertySlot):
        (JSC::JSByteArray::put):
        (JSC::JSByteArray::getPropertyNames):
        * runtime/JSByteArray.h: Added.
        (JSC::JSByteArray::canAccessIndex):
        (JSC::JSByteArray::getIndex):
        (JSC::JSByteArray::setIndex):
        (JSC::JSByteArray::classInfo):
        (JSC::JSByteArray::length):
        (JSC::JSByteArray::):
        (JSC::JSByteArray::JSByteArray):
        (JSC::asByteArray):

2009-01-05  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23073
        <rdar://problem/6471129> Workers crash on Windows Release builds

        * wtf/ThreadSpecific.h:
        (WTF::ThreadSpecific::destroy): Changed to clear the pointer only after data object
        destruction is finished - otherwise, WebCore::ThreadGlobalData destructor was re-creating
        the object in order to access atomic string table.
        (WTF::ThreadSpecific::operator T*): Symmetrically, set up the per-thread pointer before
        data constructor is called.

        * wtf/ThreadingWin.cpp: (WTF::wtfThreadEntryPoint): Remove a Windows-only hack to finalize
        a thread - pthreadVC2 is a DLL, so it gets thread detached messages, and cleans up thread
        specific data automatically. Besides, this code wasn't even compiled in for some time now.

2009-01-05  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=23115
        Create a version of ASSERT for use with otherwise unused variables

        * wtf/Assertions.h: Added ASSERT_UNUSED.

        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemRelease):
        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        (JSC::Heap::heapAllocate):
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::toPrimitive):
        (JSC::JSNotAnObject::getPrimitiveNumber):
        (JSC::JSNotAnObject::toBoolean):
        (JSC::JSNotAnObject::toNumber):
        (JSC::JSNotAnObject::toString):
        (JSC::JSNotAnObject::getOwnPropertySlot):
        (JSC::JSNotAnObject::put):
        (JSC::JSNotAnObject::deleteProperty):
        (JSC::JSNotAnObject::getPropertyNames):
        * wtf/TCSystemAlloc.cpp:
        (TCMalloc_SystemRelease):
        Use it in some places that used other idioms for this purpose.

2009-01-04  Alice Liu  <alice.liu (a] apple.com>

        <rdar://problem/6341776> Merge m_transitionCount and m_offset in Structure.

        Reviewed by Darin Adler.

        * runtime/Structure.cpp:
        (JSC::Structure::Structure): Remove m_transitionCount
        (JSC::Structure::addPropertyTransitionToExistingStructure): No need to wait until after the assignment to offset to assert if it's notFound; move it up.
        (JSC::Structure::addPropertyTransition): Use method for transitionCount instead of m_transitionCount. Remove line that maintains the m_transitionCount.
        (JSC::Structure::changePrototypeTransition): Remove line that maintains the m_transitionCount.
        (JSC::Structure::getterSetterTransition): Remove line that maintains the m_transitionCount.
        * runtime/Structure.h:
        Changed s_maxTransitionLength and m_offset from size_t to signed char.  m_offset will never become greater than 64 
        because the structure transitions to a dictionary at that time.
        (JSC::Structure::transitionCount): method to replace the data member

2009-01-04  Darin Adler  <darin (a] apple.com>

        Reviewed by David Kilzer.

        Bug 15114: Provide compile-time assertions for sizeof(UChar), sizeof(DeprecatedChar), etc.
        https://bugs.webkit.org/show_bug.cgi?id=15114

        * wtf/unicode/Unicode.h: Assert size of UChar. There is no DeprecatedChar any more.

2009-01-03  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Change the pcVector from storing native code pointers to storing offsets
        from the base pointer. This will allow us to generate the pcVector on demand
        for exceptions.

        * bytecode/CodeBlock.h:
        (JSC::PC::PC):
        (JSC::getNativePCOffset):
        (JSC::CodeBlock::getBytecodeIndex):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):

2009-01-02  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).
        
        * runtime/ScopeChain.cpp:

2009-01-02  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        [jsfunfuzz] unwind logic for exceptions in eval fails to account for dynamic scope external to the eval
        https://bugs.webkit.org/show_bug.cgi?id=23078

        This bug was caused by eval codeblocks being generated without accounting
        for the depth of the scope chain they inherited.  This meant that exception
        handlers would understate their expected scope chain depth, which in turn
        led to incorrectly removing nodes from the scope chain.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitCatch):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::depth):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChain::localDepth):
        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::deref):
        (JSC::ScopeChainNode::ref):

2009-01-02  David Smith  <catfish.man (a] gmail.com>

        Reviewed by Darin Adler.
        
        https://bugs.webkit.org/show_bug.cgi?id=22699
        Enable NodeList caching for getElementsByTagName

        * wtf/HashFunctions.h: Moved the definition of PHI here and renamed to stringHashingStartValue

2009-01-02  David Kilzer  <ddkilzer (a] apple.com>

        Attempt to fix Qt Linux build after r39553

        * wtf/RandomNumberSeed.h: Include <sys/time.h> for gettimeofday().
        Include <sys/types.h> and <unistd.h> for getpid().

2009-01-02  David Kilzer  <ddkilzer (a] apple.com>

        Bug 23081: These files are no longer part of the KDE libraries

        <https://bugs.webkit.org/show_bug.cgi?id=23081>

        Reviewed by Darin Adler.

        Removed "This file is part of the KDE libraries" comment from
        source files.  Added or updated Apple copyrights as well.

        * parser/Lexer.h:
        * wtf/HashCountedSet.h:
        * wtf/RetainPtr.h:
        * wtf/VectorTraits.h:

2009-01-02  David Kilzer  <ddkilzer (a] apple.com>

        Bug 23080: Remove last vestiges of KJS references

        <https://bugs.webkit.org/show_bug.cgi?id=23080>

        Reviewed by Darin Adler.

        Also updated Apple copyright statements.

        * DerivedSources.make: Changed bison "kjsyy" prefix to "jscyy".
        * GNUmakefile.am: Ditto.
        * JavaScriptCore.pri: Ditto.  Also changed KJSBISON to JSCBISON
        and kjsbison to jscbison.

        * JavaScriptCoreSources.bkl: Changed JSCORE_KJS_SOURCES to
        JSCORE_JSC_SOURCES.
        * jscore.bkl: Ditto.

        * create_hash_table: Updated copyright and removed old comment.

        * parser/Grammar.y: Changed "kjsyy" prefix to "jscyy" prefix.
        * parser/Lexer.cpp: Ditto.  Also changed KJS_DEBUG_LEX to
        JSC_DEBUG_LEX.
        (jscyylex):
        (JSC::Lexer::lex):
        * parser/Parser.cpp: Ditto.
        (JSC::Parser::parse):

        * pcre/dftables: Changed "kjs_pcre_" prefix to "jsc_pcre_".
        * pcre/pcre_compile.cpp: Ditto.
        (getOthercaseRange):
        (encodeUTF8):
        (compileBranch):
        (calculateCompiledPatternLength):
        * pcre/pcre_exec.cpp: Ditto.
        (matchRef):
        (getUTF8CharAndIncrementLength):
        (match):
        * pcre/pcre_internal.h: Ditto.
        (toLowerCase):
        (flipCase):
        (classBitmapForChar):
        (charTypeForChar):
        * pcre/pcre_tables.cpp: Ditto.
        * pcre/pcre_ucp_searchfuncs.cpp: Ditto.
        (jsc_pcre_ucp_othercase):
        * pcre/pcre_xclass.cpp: Ditto.
        (getUTF8CharAndAdvancePointer):
        (jsc_pcre_xclass):

        * runtime/Collector.h: Updated header guards using the
        clean-header-guards script.
        * runtime/CollectorHeapIterator.h: Added missing header guard.
        * runtime/Identifier.h: Updated header guards.
        * runtime/JSFunction.h: Fixed end-of-namespace comment.

        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset): Renamed "kjsprint" debug function
        to "jscprint".  Changed implementation method from
        globalFuncKJSPrint() to globalFuncJSCPrint().
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncJSCPrint): Renamed from globalFuncKJSPrint().
        * runtime/JSGlobalObjectFunctions.h: Ditto.

        * runtime/JSImmediate.h: Updated header guards.
        * runtime/JSLock.h: Ditto.
        * runtime/JSType.h: Ditto.
        * runtime/JSWrapperObject.h: Ditto.
        * runtime/Lookup.h: Ditto.
        * runtime/Operations.h: Ditto.
        * runtime/Protect.h: Ditto.
        * runtime/RegExp.h: Ditto.
        * runtime/UString.h: Ditto.

        * tests/mozilla/js1_5/Array/regress-157652.js: Changed "KJS"
        reference in comment to "JSC".

        * wrec/CharacterClassConstructor.cpp: Change "kjs_pcre_" function
        prefixes to "jsc_pcre_".
        (JSC::WREC::CharacterClassConstructor::put):
        (JSC::WREC::CharacterClassConstructor::flush):

        * wtf/unicode/Unicode.h: Change "KJS_" header guard to "WTF_".
        * wtf/unicode/icu/UnicodeIcu.h: Ditto.
        * wtf/unicode/qt4/UnicodeQt4.h: Ditto.

2009-01-02  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Make randomNumber generate 2^53 values instead of 2^32 (or 2^31 for rand() platforms)

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):

2009-01-02  David Kilzer  <ddkilzer (a] apple.com>

        Remove declaration for JSC::Identifier::initializeIdentifierThreading()

        Reviewed by Alexey Proskuryakov.

        * runtime/Identifier.h:
        (JSC::Identifier::initializeIdentifierThreading): Removed
        declaration since the implementation was removed in r34412.

2009-01-01  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt.

        String.replace does not support $& replacement metacharacter when search term is not a RegExp
        <https://bugs.webkit.org/show_bug.cgi?id=21431>
        <rdar://problem/6274993>

        Test: fast/js/string-replace-3.html

        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferences): Added a null check here so we won't try to handle $$-$9
        backreferences when the search term is a string, not a RegExp. Added a check for 0 so we
        won't try to handle $0 or $00 as a backreference.
        (JSC::stringProtoFuncReplace): Added a call to substituteBackreferences.

2009-01-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Darin Adler.

        Allow 32-bit integers to be stored in JSImmediates, on x64-bit.
        Presently the top 32-bits of a 64-bit JSImmediate serve as a sign extension of a 31-bit
        int stored in the low word (shifted left by one, to make room for a tag).  In the new
        format, the top 31-bits serve as a sign extension of a 32-bit int, still shifted left by
        one.

        The new behavior is enabled using a flag in Platform.h, 'WTF_USE_ALTERNATE_JSIMMEDIATE'.
        When this is set the constants defining the range of ints allowed to be stored as
        JSImmediate values is extended.  The code in JSImmediate.h can safely operate on either
        format.  This patch updates the JIT so that it can also operate with the new format.

        ~2% progression on x86-64, with & without the JIT, on sunspider & v8 tests.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::addPtr):
        (JSC::MacroAssembler::orPtr):
        (JSC::MacroAssembler::or32):
        (JSC::MacroAssembler::rshiftPtr):
        (JSC::MacroAssembler::rshift32):
        (JSC::MacroAssembler::subPtr):
        (JSC::MacroAssembler::xorPtr):
        (JSC::MacroAssembler::xor32):
        (JSC::MacroAssembler::move):
        (JSC::MacroAssembler::compareImm64ForBranch):
        (JSC::MacroAssembler::compareImm64ForBranchEquality):
        (JSC::MacroAssembler::jePtr):
        (JSC::MacroAssembler::jgePtr):
        (JSC::MacroAssembler::jlPtr):
        (JSC::MacroAssembler::jlePtr):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jnzSubPtr):
        (JSC::MacroAssembler::joAddPtr):
        (JSC::MacroAssembler::jzSubPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::addq_rr):
        (JSC::X86Assembler::orq_ir):
        (JSC::X86Assembler::subq_ir):
        (JSC::X86Assembler::xorq_rr):
        (JSC::X86Assembler::sarq_CLr):
        (JSC::X86Assembler::sarq_i8r):
        (JSC::X86Assembler::cmpq_ir):
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileFastArith_op_lshift):
        (JSC::JIT::compileFastArithSlow_op_lshift):
        (JSC::JIT::compileFastArith_op_rshift):
        (JSC::JIT::compileFastArithSlow_op_rshift):
        (JSC::JIT::compileFastArith_op_bitand):
        (JSC::JIT::compileFastArithSlow_op_bitand):
        (JSC::JIT::compileFastArith_op_mod):
        (JSC::JIT::compileFastArithSlow_op_mod):
        (JSC::JIT::compileFastArith_op_add):
        (JSC::JIT::compileFastArithSlow_op_add):
        (JSC::JIT::compileFastArith_op_mul):
        (JSC::JIT::compileFastArithSlow_op_mul):
        (JSC::JIT::compileFastArith_op_post_inc):
        (JSC::JIT::compileFastArithSlow_op_post_inc):
        (JSC::JIT::compileFastArith_op_post_dec):
        (JSC::JIT::compileFastArithSlow_op_post_dec):
        (JSC::JIT::compileFastArith_op_pre_inc):
        (JSC::JIT::compileFastArithSlow_op_pre_inc):
        (JSC::JIT::compileFastArith_op_pre_dec):
        (JSC::JIT::compileFastArithSlow_op_pre_dec):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperand):
        (JSC::JIT::getConstantOperandImmediateInt):
        (JSC::JIT::isOperandConstantImmediateInt):
        (JSC::JIT::isOperandConstant31BitImmediateInt):
        (JSC::JIT::emitFastArithDeTagImmediate):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::emitFastArithReTagImmediate):
        (JSC::JIT::emitFastArithImmToInt):
        (JSC::JIT::emitFastArithIntToImmNoCheck):
        * runtime/JSImmediate.h:
        (JSC::JSImmediate::isPositiveNumber):
        (JSC::JSImmediate::isNegative):
        (JSC::JSImmediate::rightShiftImmediateNumbers):
        (JSC::JSImmediate::canDoFastAdditiveOperations):
        (JSC::JSImmediate::makeValue):
        (JSC::JSImmediate::makeInt):
        (JSC::JSImmediate::makeBool):
        (JSC::JSImmediate::intValue):
        (JSC::JSImmediate::rawValue):
        (JSC::JSImmediate::toBoolean):
        (JSC::JSImmediate::from):
        * wtf/Platform.h:

2008-12-31  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        [jsfunfuzz] Assertion + incorrect behaviour with dynamically created local variable in a catch block
        <https://bugs.webkit.org/show_bug.cgi?id=23063>

        Eval inside a catch block attempts to use the catch block's static scope in
        an unsafe way by attempting to add new properties to the scope.  This patch
        fixes this issue simply by preventing the catch block from using a static
        scope if it contains an eval.

        * parser/Grammar.y:
        * parser/Nodes.cpp:
        (JSC::TryNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::TryNode::):

2008-12-31  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough.

        [jsfunfuzz] Computed exception offset wrong when first instruction is attempt to resolve deleted eval
        <https://bugs.webkit.org/show_bug.cgi?id=23062>

        This was caused by the expression information for the initial resolve of
        eval not being emitted.  If this resolve was the first instruction that
        could throw an exception the information search would fail leading to an
        assertion failure.  If it was not the first throwable opcode the wrong
        expression information would used.

        Fix is simply to emit the expression info.

        * parser/Nodes.cpp:
        (JSC::EvalFunctionCallNode::emitBytecode):

2008-12-31  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 23054: Caching of global lookups occurs even when the global object has become a dictionary
        <https://bugs.webkit.org/show_bug.cgi?id=23054>
        <rdar://problem/6469905>

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal): Do not cache lookup if the global
        object has transitioned to a dictionary.
        (JSC::Interpreter::cti_op_resolve_global): Do not cache lookup if the
        global object has transitioned to a dictionary.

2008-12-30  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Darin Adler.

        <https://bugs.webkit.org/show_bug.cgi?id=23049> [jsfunfuzz] With blocks do not correctly protect their scope object
        <rdar://problem/6469742> Crash in JSC::TypeInfo::hasStandardGetOwnPropertySlot() running jsfunfuzz

        The problem that caused this was that with nodes were not correctly protecting
        the final object that was placed in the scope chain.  We correct this by forcing
        the use of a temporary register (which stops us relying on a local register
        protecting the scope) and changing the behaviour of op_push_scope so that it
        will store the final scope object.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitPushScope):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::cti_op_push_scope):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * parser/Nodes.cpp:
        (JSC::WithNode::emitBytecode):

2008-12-30  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Sam Weinig.

        Bug 23037: Parsing and reparsing disagree on automatic semicolon insertion
        <https://bugs.webkit.org/show_bug.cgi?id=23037>
        <rdar://problem/6467124>

        Parsing and reparsing disagree about automatic semicolon insertion, so that a
        function like

        function() { a = 1, }

        is parsed as being syntactically valid but gets a syntax error upon reparsing.
        This leads to an assertion failure in Parser::reparse(). It is not that big of
        an issue in practice, because in a Release build such a function will return
        'undefined' when called.

        In this case, we are not following the spec and it should be a syntax error.
        However, unless there is a newline separating the ',' and the '}', WebKit would
        not treat it as a syntax error in the past either. It would be a bit of work to
        make the automatic semicolon insertion match the spec exactly, so this patch
        changes it to match our past behaviour.

        The problem is that even during reparsing, the Lexer adds a semicolon at the
        end of the input, which confuses allowAutomaticSemicolon(), because it is
        expecting either a '}', the end of input, or a terminator like a newline.

        * parser/Lexer.cpp:
        (JSC::Lexer::Lexer): Initialize m_isReparsing to false.
        (JSC::Lexer::lex): Do not perform automatic semicolon insertion in the Lexer if
        we are in the middle of reparsing.
        (JSC::Lexer::clear): Set m_isReparsing to false.
        * parser/Lexer.h:
        (JSC::Lexer::setIsReparsing): Added.
        * parser/Parser.cpp:
        (JSC::Parser::reparse): Call Lexer::setIsReparsing() to notify the Lexer of
        reparsing.

2008-12-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Yet another attempt to fix Tiger.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):

2008-12-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Tiger build fix (correct this time)

        * wtf/RandomNumber.cpp:

2008-12-29  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Alexey Proskuryakov.

        Revert r39509, because kjsyydebug is used in the generated code if YYDEBUG is 1.

        * parser/Grammar.y:

2008-12-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Tiger build fix.

        * wtf/RandomNumber.cpp:

2008-12-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6358108> Insecure randomness in Math.random() leads to user tracking

        Switch to arc4random on PLATFORM(DARWIN), this is ~1.5x slower than random(), but the
        it is still so fast that there is no fathomable way it could be a bottleneck for anything.

        randomNumber is called in two places
          * During form submission where it is called once per form
          * Math.random in JSC.  For this difference to show up you have to be looping on
            a cached local copy of random, for a large (>10000) calls.

        No change in SunSpider.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):
        * wtf/RandomNumberSeed.h:
        (WTF::initializeRandomNumberGenerator):

2008-12-29  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Sam Weinig.

        Remove unused kjsyydebug #define.

        * parser/Grammar.y:

2008-12-29  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt and Sam Weinig.

        Bug 23029: REGRESSION (r39337): jsfunfuzz generates identical test files
        <https://bugs.webkit.org/show_bug.cgi?id=23029>
        <rdar://problem/6469185>

        The unification of random number generation in r39337 resulted in random()
        being initialized on Darwin, but rand() actually being used. Fix this by
        making randomNumber() use random() instead of rand() on Darwin.

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):

2008-12-29  Sam Weinig  <sam (a] webkit.org>

        Fix buildbots.

        * runtime/Structure.cpp:

2008-12-29  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=23026
        Move the deleted offsets vector into the PropertyMap

        Saves 3 words per Structure.

        * runtime/PropertyMapHashTable.h:
        * runtime/Structure.cpp:
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::changePrototypeTransition):
        (JSC::Structure::getterSetterTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::fromDictionaryTransition):
        (JSC::Structure::copyPropertyTable):
        (JSC::Structure::put):
        (JSC::Structure::remove):
        (JSC::Structure::rehashPropertyMapHashTable):
        * runtime/Structure.h:
        (JSC::Structure::propertyStorageSize):

2008-12-29  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Change code using m_body.get() as a boolean to take advantage of the 
        implicit conversion of RefPtr to boolean.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):

2008-12-28  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
        <https://bugs.webkit.org/show_bug.cgi?id=22840>
        <rdar://problem/6468077>

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range
        of registers passed to op_new_array is sequential.
        (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers
        when emitting profiler hooks so that registers aren't leaked. Also, add
        an assertion that the 'this' register is always ref'd (because it is),
        remove the needless protection of the 'this' register when relocating,
        and add an assertion that the range of registers passed to op_call for
        function call arguments is sequential.
        (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of
        registers when emitting profiler hooks so that registers aren't leaked.
        Also, add an assertion that the range of registers passed to op_construct
        for function call arguments is sequential.

2008-12-26  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        <rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime

        If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
        then more than one identifier will be used for the same thread.  We can avoid this by adding some extra synchronization
        during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
        an assertion to catch this problem should it reappear in the future.

        * wtf/Threading.cpp: Added.
        (WTF::NewThreadContext::NewThreadContext):
        (WTF::threadEntryPoint):
        (WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
        after the thread identifier has been set up.
        * wtf/Threading.h:
        * wtf/ThreadingGtk.cpp:
        (WTF::establishIdentifierForThread):
        (WTF::createThreadInternal):
        * wtf/ThreadingNone.cpp:
        (WTF::createThreadInternal):
        * wtf/ThreadingPthreads.cpp:
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::createThreadInternal):
        * wtf/ThreadingQt.cpp:
        (WTF::identifierByQthreadHandle):
        (WTF::establishIdentifierForThread):
        (WTF::createThreadInternal):
        * wtf/ThreadingWin.cpp:
        (WTF::storeThreadHandleByIdentifier):
        (WTF::createThreadInternal):

        Add Threading.cpp to the build.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:

2008-12-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Alexey Proskuryakov.

        Remove unused method.

        * runtime/Structure.h: Remove mutableTypeInfo.

2008-12-22  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix rounding / bounds / signed comparison bug in ExecutableAllocator.

        ExecutableAllocator::alloc assumed that m_freePtr would be aligned.  This was
        not always true, since the first allocation from an additional pool would not
        be rounded up.  Subsequent allocations would be unaligned, and too much memory
        could be erroneously allocated from the pool, when the size requested was
        available, but the size rounded up to word granularity was not available in the
        pool.  This may result in the value of m_freePtr being greater than m_end.

        Under these circumstances, the unsigned check for space will always pass,
        resulting in pointers to memory outside of the arena being returned, and
        ultimately segfaulty goodness when attempting to memcpy the hot freshly jitted
        code from the AssemblerBuffer.

        https://bugs.webkit.org/show_bug.cgi?id=22974
        ... and probably many, many more.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutablePool::alloc):
        (JSC::ExecutablePool::roundUpAllocationSize):
        (JSC::ExecutablePool::ExecutablePool):
        (JSC::ExecutablePool::poolAllocate):

2008-12-22  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        Rename all uses of the term "repatch" to "patch".

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::DataLabelPtr::patch):
        (JSC::MacroAssembler::DataLabel32::patch):
        (JSC::MacroAssembler::Jump::patch):
        (JSC::MacroAssembler::PatchBuffer::PatchBuffer):
        (JSC::MacroAssembler::PatchBuffer::setPtr):
        (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
        (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
        (JSC::MacroAssembler::storePtrWithPatch):
        (JSC::MacroAssembler::jnePtrWithPatch):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::patchAddress):
        (JSC::X86Assembler::patchImmediate):
        (JSC::X86Assembler::patchPointer):
        (JSC::X86Assembler::patchBranchOffset):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        * jit/JIT.cpp:
        (JSC::ctiPatchCallByReturnAddress):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
        (JSC::JIT::compileOpCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):

2008-12-22  Adam Roben  <aroben (a] apple.com>

        Build fix after r39428

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase): Added a missing MacroAssembler::

2008-12-22  Nikolas Zimmermann  <nikolas.zimmermann (a] torchmobile.com>

        Rubber-stamped by George Staikos.

        Unify all TorchMobile copyright lines. Consolidate in a single line, as requested by Mark Rowe, some time ago.

        * wtf/RandomNumber.cpp:
        * wtf/RandomNumber.h:
        * wtf/RandomNumberSeed.h:

2008-12-21  Nikolas Zimmermann  <nikolas.zimmermann (a] torchmobile.com>

        Rubber-stamped by George Staikos.

        Fix copyright of the new RandomNumber* files.

        * wtf/RandomNumber.cpp:
        * wtf/RandomNumber.h:
        * wtf/RandomNumberSeed.h:

2008-12-21  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt & Cameron Zwarich.

        Add support for call and property access repatching on x86-64.

        No change in performance on current configurations (2x impovement on v8-tests with JIT enabled on x86-64).

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::DataLabelPtr::repatch):
        (JSC::MacroAssembler::DataLabelPtr::operator X86Assembler::JmpDst):
        (JSC::MacroAssembler::DataLabel32::repatch):
        (JSC::MacroAssembler::RepatchBuffer::addressOf):
        (JSC::MacroAssembler::add32):
        (JSC::MacroAssembler::sub32):
        (JSC::MacroAssembler::loadPtrWithAddressOffsetRepatch):
        (JSC::MacroAssembler::storePtrWithAddressOffsetRepatch):
        (JSC::MacroAssembler::jePtr):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jnePtrWithRepatch):
        (JSC::MacroAssembler::differenceBetween):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::addl_im):
        (JSC::X86Assembler::subl_im):
        (JSC::X86Assembler::cmpl_rm):
        (JSC::X86Assembler::movq_rm_disp32):
        (JSC::X86Assembler::movq_mr_disp32):
        (JSC::X86Assembler::repatchPointer):
        (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp32):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::resizePropertyStorage):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * wtf/Platform.h:

2008-12-20  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Port optimized property access generation to the MacroAssembler.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::AbsoluteAddress::AbsoluteAddress):
        (JSC::MacroAssembler::DataLabelPtr::repatch):
        (JSC::MacroAssembler::DataLabel32::DataLabel32):
        (JSC::MacroAssembler::DataLabel32::repatch):
        (JSC::MacroAssembler::Label::operator X86Assembler::JmpDst):
        (JSC::MacroAssembler::Jump::repatch):
        (JSC::MacroAssembler::JumpList::empty):
        (JSC::MacroAssembler::RepatchBuffer::link):
        (JSC::MacroAssembler::add32):
        (JSC::MacroAssembler::and32):
        (JSC::MacroAssembler::sub32):
        (JSC::MacroAssembler::loadPtrWithAddressRepatch):
        (JSC::MacroAssembler::storePtrWithAddressRepatch):
        (JSC::MacroAssembler::push):
        (JSC::MacroAssembler::ja32):
        (JSC::MacroAssembler::jePtr):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jnePtrWithRepatch):
        (JSC::MacroAssembler::align):
        (JSC::MacroAssembler::differenceBetween):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movl_rm_disp32):
        (JSC::X86Assembler::movl_mr_disp32):
        (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp32):
        (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
        * jit/JIT.cpp:
        (JSC::ctiRepatchCallByReturnAddress):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::resizePropertyStorage):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * wtf/RefCounted.h:
        (WTF::RefCountedBase::addressOfCount):

2008-12-19  Gustavo Noronha Silva  <gns (a] gnome.org>

        Reviewed by Holger Freyther.

        https://bugs.webkit.org/show_bug.cgi?id=22686

        Added file which was missing to the javascriptcore_sources
        variable, so that it shows up in the tarball created by `make
        dist'.

        * GNUmakefile.am:

2008-12-19  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Reviewed by Antti Koivisto.

        Build fix when building JS API tests with a c89 c compiler

        Do not use C++ style comments and convert them to C comments.

        * wtf/Platform.h:

2008-12-18  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Same as last revision, adding cases for pre & post inc & dec.

        https://bugs.webkit.org/show_bug.cgi?id=22928

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2008-12-18  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Fixes for the JIT's handling of JSImmediate values on x86-64.
        On 64-bit systems, the code in JSImmediate.h relies on the upper
        bits of a JSImmediate being a sign extension of the low 32-bits.
        This was not being enforced by the JIT, since a number of inline
        operations were being performed on 32-bit values in registers, and
        when a 32-bit result is written to a register on x86-64 the value
        is zero-extended to 64-bits.
        
        This fix honors previous behavoir.  A better fix in the long run
        (when the JIT is enabled by default) may be to change JSImmediate.h
        so it no longer relies on the upper bits of the pointer,... though
        if we're going to change JSImmediate.h for 64-bit, we probably may
        as well change the format so that the full range of 32-bit ints can
        be stored, rather than just 31-bits.

        https://bugs.webkit.org/show_bug.cgi?id=22925

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::addPtr):
        (JSC::MacroAssembler::andPtr):
        (JSC::MacroAssembler::orPtr):
        (JSC::MacroAssembler::or32):
        (JSC::MacroAssembler::xor32):
        (JSC::MacroAssembler::xorPtr):
        (JSC::MacroAssembler::signExtend32ToPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::andq_rr):
        (JSC::X86Assembler::andq_ir):
        (JSC::X86Assembler::orq_rr):
        (JSC::X86Assembler::xorq_ir):
        (JSC::X86Assembler::movsxd_rr):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitFastArithReTagImmediate):
        (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
        (JSC::JIT::emitFastArithImmToInt):

2008-12-18  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Just a tidy up - rename & refactor some the #defines configuring the JIT.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_convert_this):
        (JSC::Interpreter::cti_op_end):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_pre_inc):
        (JSC::Interpreter::cti_timeout_check):
        (JSC::Interpreter::cti_register_file_check):
        (JSC::Interpreter::cti_op_loop_if_less):
        (JSC::Interpreter::cti_op_loop_if_lesseq):
        (JSC::Interpreter::cti_op_new_object):
        (JSC::Interpreter::cti_op_put_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_put_by_id_second):
        (JSC::Interpreter::cti_op_put_by_id_fail):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_second):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
        (JSC::Interpreter::cti_op_get_by_id_proto_fail):
        (JSC::Interpreter::cti_op_get_by_id_array_fail):
        (JSC::Interpreter::cti_op_get_by_id_string_fail):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_del_by_id):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_new_func):
        (JSC::Interpreter::cti_op_call_JSFunction):
        (JSC::Interpreter::cti_op_call_arityCheck):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        (JSC::Interpreter::cti_vm_lazyLinkCall):
        (JSC::Interpreter::cti_op_push_activation):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_create_arguments):
        (JSC::Interpreter::cti_op_create_arguments_no_params):
        (JSC::Interpreter::cti_op_tear_off_activation):
        (JSC::Interpreter::cti_op_tear_off_arguments):
        (JSC::Interpreter::cti_op_profile_will_call):
        (JSC::Interpreter::cti_op_profile_did_call):
        (JSC::Interpreter::cti_op_ret_scopeChain):
        (JSC::Interpreter::cti_op_new_array):
        (JSC::Interpreter::cti_op_resolve):
        (JSC::Interpreter::cti_op_construct_JSConstruct):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_resolve_func):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_lesseq):
        (JSC::Interpreter::cti_op_loop_if_true):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_resolve_base):
        (JSC::Interpreter::cti_op_resolve_skip):
        (JSC::Interpreter::cti_op_resolve_global):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_pre_dec):
        (JSC::Interpreter::cti_op_jless):
        (JSC::Interpreter::cti_op_not):
        (JSC::Interpreter::cti_op_jtrue):
        (JSC::Interpreter::cti_op_post_inc):
        (JSC::Interpreter::cti_op_eq):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_resolve_with_base):
        (JSC::Interpreter::cti_op_new_func_exp):
        (JSC::Interpreter::cti_op_mod):
        (JSC::Interpreter::cti_op_less):
        (JSC::Interpreter::cti_op_neq):
        (JSC::Interpreter::cti_op_post_dec):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_bitxor):
        (JSC::Interpreter::cti_op_new_regexp):
        (JSC::Interpreter::cti_op_bitor):
        (JSC::Interpreter::cti_op_call_eval):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_get_pnames):
        (JSC::Interpreter::cti_op_next_pname):
        (JSC::Interpreter::cti_op_push_scope):
        (JSC::Interpreter::cti_op_pop_scope):
        (JSC::Interpreter::cti_op_typeof):
        (JSC::Interpreter::cti_op_is_undefined):
        (JSC::Interpreter::cti_op_is_boolean):
        (JSC::Interpreter::cti_op_is_number):
        (JSC::Interpreter::cti_op_is_string):
        (JSC::Interpreter::cti_op_is_object):
        (JSC::Interpreter::cti_op_is_function):
        (JSC::Interpreter::cti_op_stricteq):
        (JSC::Interpreter::cti_op_nstricteq):
        (JSC::Interpreter::cti_op_to_jsnumber):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_op_push_new_scope):
        (JSC::Interpreter::cti_op_jmp_scopes):
        (JSC::Interpreter::cti_op_put_by_index):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        (JSC::Interpreter::cti_op_del_by_val):
        (JSC::Interpreter::cti_op_put_getter):
        (JSC::Interpreter::cti_op_put_setter):
        (JSC::Interpreter::cti_op_new_error):
        (JSC::Interpreter::cti_op_debug):
        (JSC::Interpreter::cti_vm_throw):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * wtf/Platform.h:

2008-12-18  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
        <https://bugs.webkit.org/show_bug.cgi?id=21855>
        <rdar://problem/6278244>

        Move DynamicGlobalObjectScope to JSGlobalObject.h so that it can be used
        from WebCore.

        * interpreter/Interpreter.cpp:
        * runtime/JSGlobalObject.h:
        (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
        (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):

2008-12-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Gavin Barraclough.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=22393
        Segfault when caching property accesses to primitive cells.
        
        Changed some asObject casts to asCell casts in cases where a primitive
        value may be a cell and not an object.
        
        Re-enabled property caching for primitives in cases where it had been
        disabled because of this bug.
        
        Updated a comment to better explain something Darin thought needed
        explaining in an old patch review.

        * interpreter/Interpreter.cpp:
        (JSC::countPrototypeChainEntriesAndCheckForProxies):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):

2008-12-17  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fixes for Sunspider failures with the JIT enabled on x86-64.

        * assembler/MacroAssembler.h:
            Switch the order of the RegisterID & Address form of je32, to keep it consistent with jne32.
        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
            Port the m_ctiVirtualCall tramopline generation to use the MacroAssembler interface.
        * jit/JITCall.cpp:
            Fix bug in the non-optimizing code path, vptr check should have been to the memory address pointer
            to by the register, not to the register itself.
        * wrec/WRECGenerator.cpp:
            See assembler/MacroAssembler.h, above.

2008-12-17  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        print("Hello, 64-bit jitted world!");
        Get hello-world working through the JIT, on x86-64.

        * assembler/X86Assembler.h:
            Fix encoding of opcode + RegisterID format instructions for 64-bit.
        * interpreter/Interpreter.cpp:
        * interpreter/Interpreter.h:
            Make VoidPtrPair actually be a pair of void*s.
            (Possibly should make this change for 32-bit Mac platforms, too - but won't change 32-bit behaviour in this patch).
        * jit/JIT.cpp:
        * jit/JIT.h:
            Provide names for the timeoutCheckRegister & callFrameRegister on x86-64,
            force x86-64 ctiTrampoline arguments onto the stack,
            implement the asm trampolines for x86-64,
            implement the restoreArgumentReference methods for x86-64 calling conventions.
        * jit/JITCall.cpp:
        * jit/JITInlineMethods.h:
        * wtf/Platform.h:
            Add switch settings to ENABLE(JIT), on PLATFORM(X86_64) (currently still disabled).

2008-12-17  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        Add more CodeBlock statistics.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dumpStatistics):

2008-12-17  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22897
        <rdar://problem/6428342>
        Look into feasibility of discarding bytecode after native codegen

        Clear the bytecode Instruction vector at the end JIT generation.

        Saves 4.8 MB on Membuster head.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Add logging for the case that someone tries
        to dump the instructions of a CodeBlock that has had its bytecode
        vector cleared.
        (JSC::CodeBlock::CodeBlock): Initialize the instructionCount
        (JSC::CodeBlock::handlerForBytecodeOffset): Use instructionCount instead
        of the size of the instruction vector in the assertion.
        (JSC::CodeBlock::lineNumberForBytecodeOffset): Ditto.
        (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
        (JSC::CodeBlock::functionRegisterForBytecodeOffset): Ditto.
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::setInstructionCount): Store the instruction vector size
        in debug builds for assertions.
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile): Clear the bytecode vector unless we
        have compiled with Opcode sampling where we will continue to require it

2008-12-17  Cary Clark  <caryclark (a] google.com>

        Reviewed by Darin Adler.
        Landed by Adam Barth.

        Add ENABLE_TEXT_CARET to permit the ANDROID platform
        to invalidate and draw the caret in a separate thread.

        * wtf/Platform.h:
        Default ENABLE_TEXT_CARET to 1.

2008-12-17  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard, take two.

        * API/JSContextRef.cpp: The previous patch that claimed to do this was making Tiger and
        Leopard always use unique context group instead.

2008-12-16  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22838
        Remove dependency on the bytecode Instruction buffer in Interpreter::throwException
        Part of <rdar://problem/6428342>

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::functionRegisterForBytecodeOffset): Added. Function to get
        a function Register index in a callFrame for a bytecode offset.
        (JSC::CodeBlock::shrinkToFit): Shrink m_getByIdExceptionInfo and m_functionRegisterInfos.
        * bytecode/CodeBlock.h:
        (JSC::FunctionRegisterInfo::FunctionRegisterInfo): Added.
        (JSC::CodeBlock::addFunctionRegisterInfo):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitCall):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException): Use functionRegisterForBytecodeOffset in JIT
        mode.

2008-12-16  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22837
        Remove dependency on the bytecode Instruction buffer in Interpreter::cti_op_call_NotJSFunction
        Part of <rdar://problem/6428342>

        * interpreter/CallFrame.h: Added comment regarding returnPC storing a void*.
        * interpreter/Interpreter.cpp:
        (JSC::bytecodeOffsetForPC): We no longer have any cases of the PC
        being in the instruction stream for JIT, so we can remove the check.
        (JSC::Interpreter::cti_op_call_NotJSFunction): Use the CTI_RETURN_ADDRESS
        as the call frame returnPC as it is only necessary for looking up when
        throwing an exception.
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::): Added comment regarding returnPC storing a void*.
        * jit/JIT.h: Remove ARG_instr4.
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs): Don't pass the instruction pointer.

2008-12-16  Darin Adler  <darin (a] apple.com>

        Reviewed and landed by Cameron Zwarich.

        Preparatory work for fixing

        Bug 22887: Make UString::Rep use RefCounted rather than implementing its own ref counting
        <https://bugs.webkit.org/show_bug.cgi?id=22887>

        Change the various string translators used by Identifier:add() so that
        they never zero the ref count of a newly created UString::Rep.

        * runtime/Identifier.cpp:
        (JSC::CStringTranslator::translate):
        (JSC::Identifier::add):
        (JSC::UCharBufferTranslator::translate):

2008-12-16  Gavin Barraclough  <barraclough (a] apple.com>

        Build fix for 'doze.

        * assembler/AssemblerBuffer.h:

2008-12-16  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Make the JIT compile on x86-64.
        This largely involves populting the missing calls in MacroAssembler.h.
        In addition some reinterpret_casts need removing from the JIT, and the
        repatching property access code will need to be fully compiled out for
        now.  The changes in interpret.cpp are to reorder the functions so that
        the _generic forms come before all other property access methods, and
        then to place all property access methods other than the generic forms
        under control of the ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS macro.

        No performance impact.

        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::putInt64Unchecked):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::loadPtr):
        (JSC::MacroAssembler::load32):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::storePtrWithRepatch):
        (JSC::MacroAssembler::store32):
        (JSC::MacroAssembler::poke):
        (JSC::MacroAssembler::move):
        (JSC::MacroAssembler::testImm64):
        (JSC::MacroAssembler::jePtr):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jnzPtr):
        (JSC::MacroAssembler::jzPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::cmpq_rr):
        (JSC::X86Assembler::cmpq_rm):
        (JSC::X86Assembler::cmpq_im):
        (JSC::X86Assembler::testq_i32m):
        (JSC::X86Assembler::movl_mEAX):
        (JSC::X86Assembler::movl_i32r):
        (JSC::X86Assembler::movl_EAXm):
        (JSC::X86Assembler::movq_rm):
        (JSC::X86Assembler::movq_mEAX):
        (JSC::X86Assembler::movq_mr):
        (JSC::X86Assembler::movq_i64r):
        (JSC::X86Assembler::movl_mr):
        (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64):
        (JSC::X86Assembler::X86InstructionFormatter::immediate64):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_put_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_put_by_id_second):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        * runtime/JSImmediate.h:
        (JSC::JSImmediate::makeInt):

2008-12-16  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22869: REGRESSION (r38407): http://news.cnet.com/8301-13579_3-9953533-37.html crashes
        <https://bugs.webkit.org/show_bug.cgi?id=22869>
        <rdar://problem/6402499>

        Before r38407, Structure::m_nameInPrevious was ref'd due to it being
        stored in a PropertyMap. However, PropertyMaps are created lazily after
        r38407, so Structure::m_nameInPrevious is not necessarily ref'd while
        it is being used. Making it a RefPtr instead of a raw pointer fixes
        the problem.

        Unfortunately, the crash in the bug is rather intermittent, and it is
        impossible to add an assertion in UString::Ref::ref() to catch this bug
        because some users of UString::Rep deliberately zero out the reference
        count. Therefore, there is no layout test accompanying this bug fix.

        * runtime/Structure.cpp:
        (JSC::Structure::~Structure): Use get().
        (JSC::Structure::materializePropertyMap): Use get().
        (JSC::Structure::addPropertyTransitionToExistingStructure): Use get().
        (JSC::Structure::addPropertyTransition): Use get().
        * runtime/Structure.h: Make Structure::m_nameInPrevious a RefPtr instead
        of a raw pointer.

2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann (a] torchmobile.com>

        Not reviewed. Attempt to fix win build. No 'using namespace WTF' in this file, needs manual WTF:: prefix.
        Not sure why the build works as is here.

        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncRandom):

2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann (a] torchmobile.com>

        Reviewed by Darin Adler.

        Fixes: https://bugs.webkit.org/show_bug.cgi?id=22876

        Unify random number generation in JavaScriptCore & WebCore, by introducing
        wtf/RandomNumber.h and moving wtf_random/wtf_random_init out of MathExtras.h.

        wtf_random_init() has been renamed to initializeRandomNumberGenerator() and
        lives in it's own private header: wtf/RandomNumberSeed.h, only intended to
        be used from within JavaScriptCore.

        wtf_random() has been renamed to randomNumber() and lives in a public header
        wtf/RandomNumber.h, usable from within JavaScriptCore & WebCore. It encapsulates
        the code taking care of initializing the random number generator (only when
        building without ENABLE(JSC_MULTIPLE_THREADS), otherwhise initializeThreading()
        already took care of that).

        Functional change on darwin: Use random() instead of rand(), as it got a larger
        period (more randomness). HTMLFormElement already contains this implementation
        and I just moved it in randomNumber(), as  special case for PLATFORM(DARWIN).

        * GNUmakefile.am: Add RandomNumber.(cpp/h) / RandomNumberSeed.h.
        * JavaScriptCore.exp: Ditto.
        * JavaScriptCore.pri: Ditto.
        * JavaScriptCore.scons: Ditto.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
        * JavaScriptCoreSources.bkl: Ditto.
        * runtime/MathObject.cpp: Use new WTF::randomNumber() functionality.
        (JSC::mathProtoFuncRandom):
        * wtf/MathExtras.h: Move wtf_random / wtf_random_init to new files.
        * wtf/RandomNumber.cpp: Added.
        (WTF::randomNumber):
        * wtf/RandomNumber.h: Added.
        * wtf/RandomNumberSeed.h: Added. Internal usage within JSC only.
        (WTF::initializeRandomNumberGenerator):
        * wtf/ThreadingGtk.cpp: Rename wtf_random_init() to initializeRandomNumberGenerator().
        (WTF::initializeThreading):
        * wtf/ThreadingPthreads.cpp: Ditto.
        (WTF::initializeThreading):
        * wtf/ThreadingQt.cpp: Ditto.
        (WTF::initializeThreading):
        * wtf/ThreadingWin.cpp: Ditto.
        (WTF::initializeThreading):

2008-12-16 Yael Aharon <yael.aharon (a] nokia.com>

        Reviewed by Tor Arne Vestb.

        Qt/Win build fix

        * JavaScriptCore.pri:

2008-12-15  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fix the build with GCC 4.0.

        * Configurations/JavaScriptCore.xcconfig:  GCC 4.0 appears to have a bug when compiling with -funwind-tables on,
        so don't use it with that compiler version.

2008-12-15  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Cameron Zwarich.

        <rdar://problem/6289933> Change WebKit-related projects to build with GCC 4.2 on Leopard.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:

2008-12-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard.

        * API/JSContextRef.cpp: (JSGlobalContextCreate):

2008-12-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        <rdar://problem/6445089> Mach ports leak from worker threads

        * interpreter/Interpreter.cpp: (JSC::getCPUTime):
        Deallocate the thread self port.

2008-12-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Mark Rowe.

        Construct stack frames in JIT code, so that backtracing can still work.
        <rdar://problem/6447870> JIT should play nice with attempts to take stack traces

        * jit/JIT.cpp:
        (JSC::):
        (JSC::JIT::privateCompileMainPass):

2008-12-15  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6402262> JavaScriptCore needs exception handling tables in order to get stack traces without frame pointers

        * Configurations/JavaScriptCore.xcconfig:

2008-12-15  Gavin Barraclough  <barraclough (a] apple.com>

        Rubber stamped by Mark Rowe.

        Revert r39226 / Bug 22818: Unify JIT callback argument access OS X / Windows
        This causes Acid3 failures  reverting for now & will revisit later.
        https://bugs.webkit.org/show_bug.cgi?id=22873

        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        (JSC::JIT::emitCTICall_internal):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        * wtf/Platform.h:

2008-12-15  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - fix <rdar://problem/6427048> crash due to infinite recursion after setting window.__proto__ = window

        Replaced toGlobalObject with the more generally useful unwrappedObject and used it to
        fix the cycle detection code in put(__proto__).

        * JavaScriptCore.exp: Updated.

        * runtime/JSGlobalObject.cpp: Removed toGlobalObject. We now use unwrappedObject instead.
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::isGlobalObject): Ditto.

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval): Use unwrappedObject and isGlobalObject here rather than toGlobalObject.

        * runtime/JSObject.cpp:
        (JSC::JSObject::put): Rewrote prototype cycle checking loop. Use unwrappedObject in the loop now.
        (JSC::JSObject::unwrappedObject): Replaced toGlobalObject with this new function.
        * runtime/JSObject.h: More of the same.

2008-12-15  Steve Falkenburg  <sfalken (a] apple.com>

        Windows build fix.
        
        Visual Studio requires visibility of forward declarations to match class declaration.

        * assembler/X86Assembler.h:

2008-12-15  Gustavo Noronha Silva  <kov (a] kov.eti.br>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=22686

        GTK+ build fix.

        * GNUmakefile.am:

2008-12-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Add support to X86Assembler emitting instructions that access all 16 registers on x86-64.
        Add a new formating class, that is reponsible for both emitting the opcode bytes and the
        ModRm  bytes of an instruction in a single call; this can insert the REX byte as necessary
        before the opcode, but has access to the register numbers to build the REX.

        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::isAligned):
        (JSC::AssemblerBuffer::data):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::addPtr):
        (JSC::MacroAssembler::add32):
        (JSC::MacroAssembler::and32):
        (JSC::MacroAssembler::or32):
        (JSC::MacroAssembler::sub32):
        (JSC::MacroAssembler::xor32):
        (JSC::MacroAssembler::loadPtr):
        (JSC::MacroAssembler::load32):
        (JSC::MacroAssembler::load16):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::storePtrWithRepatch):
        (JSC::MacroAssembler::store32):
        (JSC::MacroAssembler::pop):
        (JSC::MacroAssembler::push):
        (JSC::MacroAssembler::compareImm32ForBranch):
        (JSC::MacroAssembler::compareImm32ForBranchEquality):
        (JSC::MacroAssembler::testImm32):
        (JSC::MacroAssembler::jae32):
        (JSC::MacroAssembler::jb32):
        (JSC::MacroAssembler::je16):
        (JSC::MacroAssembler::jg32):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jne32):
        (JSC::MacroAssembler::jump):
        * assembler/X86Assembler.h:
        (JSC::X86::):
        (JSC::X86Assembler::):
        (JSC::X86Assembler::size):
        (JSC::X86Assembler::push_r):
        (JSC::X86Assembler::pop_r):
        (JSC::X86Assembler::push_i32):
        (JSC::X86Assembler::push_m):
        (JSC::X86Assembler::pop_m):
        (JSC::X86Assembler::addl_rr):
        (JSC::X86Assembler::addl_mr):
        (JSC::X86Assembler::addl_ir):
        (JSC::X86Assembler::addq_ir):
        (JSC::X86Assembler::addl_im):
        (JSC::X86Assembler::andl_rr):
        (JSC::X86Assembler::andl_ir):
        (JSC::X86Assembler::orl_rr):
        (JSC::X86Assembler::orl_mr):
        (JSC::X86Assembler::orl_ir):
        (JSC::X86Assembler::subl_rr):
        (JSC::X86Assembler::subl_mr):
        (JSC::X86Assembler::subl_ir):
        (JSC::X86Assembler::subl_im):
        (JSC::X86Assembler::xorl_rr):
        (JSC::X86Assembler::xorl_ir):
        (JSC::X86Assembler::sarl_i8r):
        (JSC::X86Assembler::sarl_CLr):
        (JSC::X86Assembler::shll_i8r):
        (JSC::X86Assembler::shll_CLr):
        (JSC::X86Assembler::imull_rr):
        (JSC::X86Assembler::imull_i32r):
        (JSC::X86Assembler::idivl_r):
        (JSC::X86Assembler::cmpl_rr):
        (JSC::X86Assembler::cmpl_rm):
        (JSC::X86Assembler::cmpl_mr):
        (JSC::X86Assembler::cmpl_ir):
        (JSC::X86Assembler::cmpl_ir_force32):
        (JSC::X86Assembler::cmpl_im):
        (JSC::X86Assembler::cmpl_im_force32):
        (JSC::X86Assembler::cmpw_rm):
        (JSC::X86Assembler::testl_rr):
        (JSC::X86Assembler::testl_i32r):
        (JSC::X86Assembler::testl_i32m):
        (JSC::X86Assembler::testq_rr):
        (JSC::X86Assembler::testq_i32r):
        (JSC::X86Assembler::testb_i8r):
        (JSC::X86Assembler::sete_r):
        (JSC::X86Assembler::setz_r):
        (JSC::X86Assembler::setne_r):
        (JSC::X86Assembler::setnz_r):
        (JSC::X86Assembler::cdq):
        (JSC::X86Assembler::xchgl_rr):
        (JSC::X86Assembler::movl_rr):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::movl_mr):
        (JSC::X86Assembler::movl_i32r):
        (JSC::X86Assembler::movl_i32m):
        (JSC::X86Assembler::movq_rr):
        (JSC::X86Assembler::movq_rm):
        (JSC::X86Assembler::movq_mr):
        (JSC::X86Assembler::movzwl_mr):
        (JSC::X86Assembler::movzbl_rr):
        (JSC::X86Assembler::leal_mr):
        (JSC::X86Assembler::call):
        (JSC::X86Assembler::jmp):
        (JSC::X86Assembler::jmp_r):
        (JSC::X86Assembler::jmp_m):
        (JSC::X86Assembler::jne):
        (JSC::X86Assembler::jnz):
        (JSC::X86Assembler::je):
        (JSC::X86Assembler::jl):
        (JSC::X86Assembler::jb):
        (JSC::X86Assembler::jle):
        (JSC::X86Assembler::jbe):
        (JSC::X86Assembler::jge):
        (JSC::X86Assembler::jg):
        (JSC::X86Assembler::ja):
        (JSC::X86Assembler::jae):
        (JSC::X86Assembler::jo):
        (JSC::X86Assembler::jp):
        (JSC::X86Assembler::js):
        (JSC::X86Assembler::addsd_rr):
        (JSC::X86Assembler::addsd_mr):
        (JSC::X86Assembler::cvtsi2sd_rr):
        (JSC::X86Assembler::cvttsd2si_rr):
        (JSC::X86Assembler::movd_rr):
        (JSC::X86Assembler::movsd_rm):
        (JSC::X86Assembler::movsd_mr):
        (JSC::X86Assembler::mulsd_rr):
        (JSC::X86Assembler::mulsd_mr):
        (JSC::X86Assembler::pextrw_irr):
        (JSC::X86Assembler::subsd_rr):
        (JSC::X86Assembler::subsd_mr):
        (JSC::X86Assembler::ucomis_rr):
        (JSC::X86Assembler::int3):
        (JSC::X86Assembler::ret):
        (JSC::X86Assembler::predictNotTaken):
        (JSC::X86Assembler::label):
        (JSC::X86Assembler::align):
        (JSC::X86Assembler::link):
        (JSC::X86Assembler::executableCopy):
        (JSC::X86Assembler::X86InstructionFormater::prefix):
        (JSC::X86Assembler::X86InstructionFormater::oneByteOp):
        (JSC::X86Assembler::X86InstructionFormater::twoByteOp):
        (JSC::X86Assembler::X86InstructionFormater::oneByteOp64):
        (JSC::X86Assembler::X86InstructionFormater::oneByteOp8):
        (JSC::X86Assembler::X86InstructionFormater::twoByteOp8):
        (JSC::X86Assembler::X86InstructionFormater::instructionImmediate8):
        (JSC::X86Assembler::X86InstructionFormater::instructionImmediate32):
        (JSC::X86Assembler::X86InstructionFormater::instructionRel32):
        (JSC::X86Assembler::X86InstructionFormater::size):
        (JSC::X86Assembler::X86InstructionFormater::isAligned):
        (JSC::X86Assembler::X86InstructionFormater::data):
        (JSC::X86Assembler::X86InstructionFormater::executableCopy):
        (JSC::X86Assembler::X86InstructionFormater::registerModRM):
        (JSC::X86Assembler::X86InstructionFormater::memoryModRM):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2008-12-15  Darin Adler  <darin (a] apple.com>

        * interpreter/RegisterFile.h: Tweak include formatting.

2008-12-15  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Build fix for Gtk+.

        * interpreter/RegisterFile.h: Include stdio.h for fprintf

2008-12-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Oliver Hunt.

        <rdar://problem/6444455> Worker Thread crash running multiple workers for a moderate amount of time

        * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile):
        Improve error handling: if mmap fails, crash immediately, and print out the reason.

2008-12-13  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Re-enable WREC on 64-bit.
        Implements one of the MacroAssembler::jnzPtr methods, previously only implemented for 32-bit x86.

        https://bugs.webkit.org/show_bug.cgi?id=22849

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::testImm64):
        (JSC::MacroAssembler::jnzPtr):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::testq_i32r):
        (JSC::X86Assembler::testq_rr):
        * wtf/Platform.h:

2008-12-13  Gavin Barraclough  <barraclough (a] apple.com>

        Fix PPC builds.

        * assembler/MacroAssembler.h:

2008-12-13  Gavin Barraclough  <barraclough (a] apple.com>

        Build fix only, no review.

        * bytecode/CodeBlock.h:

2008-12-13  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Port the remainder of the JIT, bar calling convention related code, and code
        implementing optimizations which can be disabled, to use the MacroAssembler.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::DataLabelPtr::DataLabelPtr):
        (JSC::MacroAssembler::RepatchBuffer::RepatchBuffer):
        (JSC::MacroAssembler::RepatchBuffer::link):
        (JSC::MacroAssembler::RepatchBuffer::addressOf):
        (JSC::MacroAssembler::RepatchBuffer::setPtr):
        (JSC::MacroAssembler::addPtr):
        (JSC::MacroAssembler::lshift32):
        (JSC::MacroAssembler::mod32):
        (JSC::MacroAssembler::rshift32):
        (JSC::MacroAssembler::storePtrWithRepatch):
        (JSC::MacroAssembler::jnzPtr):
        (JSC::MacroAssembler::jzPtr):
        (JSC::MacroAssembler::jump):
        (JSC::MacroAssembler::label):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::xchgl_rr):
        (JSC::X86Assembler::jmp_m):
        (JSC::X86Assembler::repatchAddress):
        (JSC::X86Assembler::getRelocatedAddress):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::JITCodeRef::JITCodeRef):
        (JSC::CodeBlock::setJITCode):
        (JSC::CodeBlock::jitCode):
        (JSC::CodeBlock::executablePool):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileLinkPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JumpTable::JumpTable):
        (JSC::JIT::emitCTICall):
        (JSC::JIT::JSRInfo::JSRInfo):
        * jit/JITArithmetic.cpp:
        * jit/JITCall.cpp:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::emitCTICall_internal):
        (JSC::JIT::checkStructure):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::addSlowCase):
        (JSC::JIT::addJump):
        (JSC::JIT::emitJumpSlowToHot):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2008-12-12  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Fix the failures of the following layout tests, which regressed in
        r39255:

        fast/dom/StyleSheet/ownerNode-lifetime-2.html
        fast/xsl/transform-xhr-doc.xhtml

        The binary search in CodeBlock::getByIdExceptionInfoForBytecodeOffset()
        doesn't guarantee that it actually finds a match, so add an explicit check
        for this.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):

2008-12-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Replace emitPutCallArg methods with emitPutJITStubArg methods.  Primarily to make the argument numbering
        more sensible (1-based incrementing by 1, rather than 0-based incrementing by 4).  The CTI name also seems
        to be being deprecated from the code generally.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallEvalSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArg):
        (JSC::JIT::emitPutJITStubArgConstant):
        (JSC::JIT::emitGetJITStubArg):
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):

2008-12-12  Gavin Barraclough  <barraclough (a] apple.com>

        Fix windows builds.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):

2008-12-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Remove loop counter 'i' from the JIT generation passes, replace with a member m_bytecodeIndex.

        No impact on performance.

        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JmpTable::JmpTable):
        (JSC::JIT::emitCTICall):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::emitGetVirtualRegisters):
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::emitCTICall_internal):
        (JSC::JIT::emitJumpSlowCaseIfJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
        (JSC::JIT::emitFastArithIntToImmOrSlowCase):
        (JSC::JIT::addSlowCase):
        (JSC::JIT::addJump):
        (JSC::JIT::emitJumpSlowToHot):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compilePutByIdSlowCase):

2008-12-12  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        <rdar://problem/6428342> Look into feasibility of discarding bytecode after native codegen

        Move more JIT functionality to using offsets into the Instruction buffer
        instead of raw pointers. Two to go!

        * interpreter/Interpreter.cpp:
        (JSC::bytecodeOffsetForPC): Rename from vPCForPC.
        (JSC::Interpreter::resolve): Pass offset to exception helper.
        (JSC::Interpreter::resolveSkip): Ditto.
        (JSC::Interpreter::resolveGlobal): Ditto.
        (JSC::Interpreter::resolveBaseAndProperty): Ditto.
        (JSC::Interpreter::resolveBaseAndFunc): Ditto.
        (JSC::isNotObject): Ditto.
        (JSC::Interpreter::unwindCallFrame): Call bytecodeOffsetForPC.
        (JSC::Interpreter::throwException): Use offsets instead of vPCs.
        (JSC::Interpreter::privateExecute): Pass offset to exception helper.
        (JSC::Interpreter::retrieveLastCaller): Ditto.
        (JSC::Interpreter::cti_op_instanceof): Ditto.
        (JSC::Interpreter::cti_op_call_NotJSFunction): Ditto.
        (JSC::Interpreter::cti_op_resolve): Pass offset to exception helper.
        (JSC::Interpreter::cti_op_construct_NotJSConstruct): Ditto.
        (JSC::Interpreter::cti_op_resolve_func): Ditto.
        (JSC::Interpreter::cti_op_resolve_skip): Ditto.
        (JSC::Interpreter::cti_op_resolve_global): Ditto.
        (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
        (JSC::Interpreter::cti_op_throw): Ditto.
        (JSC::Interpreter::cti_op_in): Ditto.
        (JSC::Interpreter::cti_vm_throw): Ditto.
        * interpreter/Interpreter.h:

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass): Don't pass unnecessary vPC to stub.
        * jit/JIT.h: Remove ARG_instr1 - ARG_instr3 and ARG_instr5 - ARG_instr6.
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallEvalSetupArgs): Don't pass unnecessary vPC to stub..
        (JSC::JIT::compileOpConstructSetupArgs): Ditto.

        * runtime/ExceptionHelpers.cpp:
        (JSC::createUndefinedVariableError): Take an offset instead of vPC.
        (JSC::createInvalidParamError): Ditto.
        (JSC::createNotAConstructorError): Ditto.
        (JSC::createNotAFunctionError): Ditto.
        (JSC::createNotAnObjectError): Ditto.
        * runtime/ExceptionHelpers.h:

2008-12-12  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 22835: Crash during bytecode generation when comparing to null
        <https://bugs.webkit.org/show_bug.cgi?id=22835>
        <rdar://problem/6286749>

        Change the special cases in bytecode generation for comparison to null
        to use tempDestination().

        * parser/Nodes.cpp:
        (JSC::BinaryOpNode::emitBytecode):
        (JSC::EqualNode::emitBytecode):

2008-12-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Move slow-cases of JIT code generation over to the MacroAssembler interface.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::Label::Label):
        (JSC::MacroAssembler::jae32):
        (JSC::MacroAssembler::jg32):
        (JSC::MacroAssembler::jzPtr):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        (JSC::JIT::emitGetVariableObjectRegister):
        (JSC::JIT::emitPutVariableObjectRegister):
        * jit/JIT.h:
        (JSC::SlowCaseEntry::SlowCaseEntry):
        (JSC::JIT::getSlowCase):
        (JSC::JIT::linkSlowCase):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::linkSlowCaseIfNotJSCell):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):

2008-12-12  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 22828: Do not inspect bytecode instruction stream for op_get_by_id exception information
        <https://bugs.webkit.org/show_bug.cgi?id=22828>

        In order to remove the bytecode instruction stream after generating
        native code, all inspection of bytecode instructions at runtime must
        be removed. One particular instance of this is the special handling of
        exceptions thrown by the op_get_by_id emitted directly before an
        op_construct or an op_instanceof. This patch moves that information to
        an auxiliary data structure in CodeBlock.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::addGetByIdExceptionInfo):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitConstruct):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
        * parser/Nodes.cpp:
        (JSC::InstanceOfNode::emitBytecode):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createNotAnObjectError):

2008-12-12  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Change exception information accessors to take offsets into the bytecode
        instruction buffer instead of pointers so that they can work even even
        if the bytecode buffer is purged.

        * bytecode/CodeBlock.cpp:
        (JSC::instructionOffsetForNth):
        (JSC::CodeBlock::handlerForBytecodeOffset):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
        * bytecode/CodeBlock.h:
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::dump):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveLastCaller):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createUndefinedVariableError):
        (JSC::createInvalidParamError):
        (JSC::createNotAConstructorError):
        (JSC::createNotAFunctionError):
        (JSC::createNotAnObjectError):

2008-12-12  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Tiny bit of refactoring in quantifier generation.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):

2008-12-11  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Remove dependancy on having the Instruction buffer in order to
        deref Structures used for property access and global resolves.
        Instead, we put references to the necessary Structures in auxiliary
        data structures on the CodeBlock. This is not an ideal solution,
        as we still pay for having the Structures in two places and we
        would like to eventually just hold on to offsets into the machine
        code buffer.

        - Also removes CodeBlock bloat in non-JIT by #ifdefing the JIT
          only data structures.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * bytecode/CodeBlock.cpp:
        (JSC::isGlobalResolve):
        (JSC::isPropertyAccess):
        (JSC::instructionOffsetForNth):
        (JSC::printGlobalResolveInfo):
        (JSC::printStructureStubInfo):
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::GlobalResolveInfo::GlobalResolveInfo):
        (JSC::getNativePC):
        (JSC::CodeBlock::instructions):
        (JSC::CodeBlock::getStubInfo):
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::addPropertyAccessInstruction):
        (JSC::CodeBlock::addGlobalResolveInstruction):
        (JSC::CodeBlock::numberOfStructureStubInfos):
        (JSC::CodeBlock::addStructureStubInfo):
        (JSC::CodeBlock::structureStubInfo):
        (JSC::CodeBlock::addGlobalResolveInfo):
        (JSC::CodeBlock::globalResolveInfo):
        (JSC::CodeBlock::numberOfCallLinkInfos):
        (JSC::CodeBlock::addCallLinkInfo):
        (JSC::CodeBlock::callLinkInfo):
        * bytecode/Instruction.h:
        (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
        (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
        * bytecode/Opcode.h:
        (JSC::):
        * bytecode/StructureStubInfo.cpp: Copied from bytecode/CodeBlock.cpp.
        (JSC::StructureStubInfo::deref):
        * bytecode/StructureStubInfo.h: Copied from bytecode/CodeBlock.h.
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::StructureStubInfo::initGetByIdSelf):
        (JSC::StructureStubInfo::initGetByIdProto):
        (JSC::StructureStubInfo::initGetByIdChain):
        (JSC::StructureStubInfo::initGetByIdSelfList):
        (JSC::StructureStubInfo::initGetByIdProtoList):
        (JSC::StructureStubInfo::initPutByIdTransition):
        (JSC::StructureStubInfo::initPutByIdReplace):
        (JSC::StructureStubInfo::):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitResolve):
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
        (JSC::BytecodeGenerator::emitCall):
        (JSC::BytecodeGenerator::emitConstruct):
        (JSC::BytecodeGenerator::emitCatch):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::getPolymorphicAccessStructureListSlot):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_op_resolve_global):
        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):

2008-12-11  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Remove CTI_ARGUMENTS mode, use va_start implementation on Windows,
        unifying JIT callback (cti_*) argument access on OS X & Windows

        No performance impact.

        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitCTICall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        * wtf/Platform.h:

2008-12-11  Holger Freyther  <zecke (a] selfish.org>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=20953

        For Qt it is not pratical to have a FontCache and GlyphPageTreeNode
        implementation. This is one of the reasons why the Qt port is currently not
        using WebCore/platform/graphics/Font.cpp. By allowing to not use
        the simple/fast-path the Qt port will be able to use it.

        Introduce USE(FONT_FAST_PATH) and define it for every port but the
        Qt one.

        * wtf/Platform.h: Enable USE(FONT_FAST_PATH)

2008-12-11  Gabor Loki  <loki (a] inf.u-szeged.hu>

        Reviewed by Darin Adler and landed by Holger Freyther.

        <https://bugs.webkit.org/show_bug.cgi?id=22648>
        Fix threading on Qt-port and Gtk-port for Sampling tool.

        * wtf/ThreadingGtk.cpp:
        (WTF::waitForThreadCompletion):
        * wtf/ThreadingQt.cpp:
        (WTF::waitForThreadCompletion):

2008-12-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 22734: Debugger crashes when stepping into a function call in a return statement
        <https://bugs.webkit.org/show_bug.cgi?id=22734>
        <rdar://problem/6426796>

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses
        the 'this' value stored in a callFrame, so op_convert_this should be
        emitted at the beginning of a function body when generating bytecode
        with debug hooks.
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call
        to asObject() here is valid, because any 'this' value should have been
        converted to a JSObject*.

2008-12-10  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Port more of the JIT to use the MacroAssembler interface.
        
        Everything in the main pass, bar a few corner cases (operations with required
        registers, or calling convention code).  Slightly refactors array creation,
        moving the offset calculation into the callFrame into C code (reducing code
        planted).

        Overall this appears to be a 1% win on v8-tests, due to the smaller immediates
        being planted (in jfalse in particular).

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_new_array):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):

2008-12-10  Sam Weinig  <sam (a] webkit.org>

        Fix non-JIT builds.

        * bytecode/CodeBlock.h:

2008-12-10  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        <rdar://problem/6428332> Remove the CTI return address table from CodeBlock

        Step 2:

        Convert the return address table from a HashMap to a sorted Vector.  This
        reduces the size of the data structure by ~4.5MB on Membuster head.

        SunSpider reports a 0.5% progression.

        * bytecode/CodeBlock.cpp:
        (JSC::sizeInBytes): Generic method to get the cost of a Vector.
        (JSC::CodeBlock::dumpStatistics): Add dumping of member sizes.
        * bytecode/CodeBlock.h:
        (JSC::PC::PC): Struct representing NativePC -> VirtualPC mappings.
        (JSC::getNativePC): Helper for binary chop.
        (JSC::CodeBlock::getBytecodeIndex): Used to get the VirtualPC from a
        NativePC using a binary chop of the pcVector.
        (JSC::CodeBlock::pcVector): Accessor.

        * interpreter/Interpreter.cpp:
        (JSC::vPCForPC): Use getBytecodeIndex instead of jitReturnAddressVPCMap().get().
        (JSC::Interpreter::cti_op_instanceof): Ditto.
        (JSC::Interpreter::cti_op_resolve): Ditto.
        (JSC::Interpreter::cti_op_resolve_func): Ditto.
        (JSC::Interpreter::cti_op_resolve_skip): Ditto.
        (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
        (JSC::Interpreter::cti_op_throw): Ditto.
        (JSC::Interpreter::cti_op_in): Ditto.
        (JSC::Interpreter::cti_vm_throw): Ditto.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile): Reserve exact capacity and fill the pcVector.

2008-12-09  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.

        Added WREC support for an assertion followed by a quantifier. Fixed
        PCRE to match.

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::parseParentheses): Throw away the quantifier, since
        it's meaningless. (Firefox does the same.)

        * pcre/pcre_compile.cpp:
        (compileBranch): ditto.

2008-12-09  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.

        In preparation for compiling WREC without PCRE:
        
        Further relaxed WREC's parsing to be more web-compatible. Fixed PCRE to
        match in cases where it didn't already.
        
        Changed JavaScriptCore to report syntax errors detected by WREC, rather
        than falling back on PCRE any time WREC sees an error.
        
        * pcre/pcre_compile.cpp:
        (checkEscape): Relaxed parsing of \c and \N escapes to be more
        web-compatible.
        
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp): Only fall back on PCRE if WREC has not reported
        a syntax error.

        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp): Fixed some error reporting to
        match PCRE.

        * wrec/WRECParser.cpp: Added error messages that match PCRE.

        (JSC::WREC::Parser::consumeGreedyQuantifier):
        (JSC::WREC::Parser::parseParentheses):
        (JSC::WREC::Parser::parseCharacterClass):
        (JSC::WREC::Parser::parseNonCharacterEscape): Updated the above functions to
        use the new setError API.

        (JSC::WREC::Parser::consumeEscape): Relaxed parsing of \c \N \u \x \B
        to be more web-compatible.

        (JSC::WREC::Parser::parseAlternative): Distinguish between a malformed
        quantifier and a quantifier with no prefix, like PCRE does.

        (JSC::WREC::Parser::consumeParenthesesType): Updated to use the new setError API.

        * wrec/WRECParser.h:
        (JSC::WREC::Parser::error):
        (JSC::WREC::Parser::syntaxError):
        (JSC::WREC::Parser::parsePattern):
        (JSC::WREC::Parser::reset):
        (JSC::WREC::Parser::setError): Store error messages instead of error codes,
        to provide for exception messages. Use a setter for reporting errors, so
        errors detected early are not overwritten by errors detected later.

2008-12-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Use va_args to access cti function arguments.
        https://bugs.webkit.org/show_bug.cgi?id=22774

        This may be a minor regression, but we'll take the hit if so to reduce fragility.

        * interpreter/Interpreter.cpp:
        * interpreter/Interpreter.h:

2008-12-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed twice by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22752
        Clear SymbolTable after codegen for Function codeblocks that
        don't require an activation

        This is a ~1.5MB improvement on Membuster-head.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dumpStatistics): Add logging of non-empty symbol tables
        and total size used by symbol tables.
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate): Clear the symbol table here.

2008-12-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Remove unnecessary extra lookup when throwing an exception.
        We used to first lookup the target offset using getHandlerForVPC
        and then we would lookup the native code stub using 
        nativeExceptionCodeForHandlerVPC.  Instead, we can just pass around
        the HandlerInfo.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::handlerForVPC): Return the HandlerInfo.
        * bytecode/CodeBlock.h: Remove nativeExceptionCodeForHandlerVPC.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException): Return a HandlerInfo instead of
        and Instruction offset.
        (JSC::Interpreter::privateExecute): Get the offset from HandlerInfo.
        (JSC::Interpreter::cti_op_throw): Get the native code from the HandleInfo.
        (JSC::Interpreter::cti_vm_throw): Ditto.
        * interpreter/Interpreter.h:

2008-12-09  Eric Seidel  <eric (a] webkit.org>

        Build fix only, no review.

        Speculative fix for the Chromium-Windows bot.
        Add JavaScriptCore/os-win32 to the include path (for stdint.h)
        Strangely it builds fine on my local windows box (or at least doesn't hit this error)

        * JavaScriptCore.scons:

2008-12-09  Eric Seidel  <eric (a] webkit.org>

        No review, build fix only.
        
        Add ExecutableAllocator files missing from Scons build.

        * JavaScriptCore.scons:

2008-12-09  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Timothy Hatcher.

        https://bugs.webkit.org/show_bug.cgi?id=22631
        Allow ScriptCallFrame query names of functions in the call stack.

        * JavaScriptCore.exp: added InternalFunction::name and
        UString operator==() as exported symbol

2008-12-08  Judit Jasz  <jasy (a] inf.u-szeged.hu>

        Reviewed and tweaked by Cameron Zwarich.

        Bug 22352: Annotate opcodes with their length
        <https://bugs.webkit.org/show_bug.cgi?id=22352>

        * bytecode/Opcode.cpp:
        * bytecode/Opcode.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):

2008-12-08  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Implemented more of the relaxed and somewhat weird rules for deciding
        how to interpret a non-pattern-character.
        
        * wrec/Escapes.h:
        (JSC::WREC::Escape::):
        (JSC::WREC::Escape::Escape): Eliminated Escape::None because it was
        unused. If you see an '\\', it's either a valid escape or an error.

        * wrec/Quantifier.h:
        (JSC::WREC::Quantifier::Quantifier):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier): Renamed "noMaxSpecified"
        to "Infinity", since that's what it means.

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::consumeGreedyQuantifier): Re-wrote {n,m} parsing rules
        because they were too strict before. Added support for backtracking
        in the case where the {n,m} fails to parse as a quantifier, and yet is
        not a syntax error.

        (JSC::WREC::Parser::parseCharacterClass):
        (JSC::WREC::Parser::parseNonCharacterEscape): Eliminated Escape::None,
        as above.

        (JSC::WREC::Parser::consumeEscape): Don't treat ASCII and _ escapes
        as syntax errors. See fast/regex/non-pattern-characters.html.
        
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::SavedState::SavedState):
        (JSC::WREC::Parser::SavedState::restore): Added a state backtracker,
        since parsing {n,m} forms requires backtracking if the form turns out
        not to be a quantifier.

2008-12-08  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Refactored WREC parsing so that only one piece of code needs to know
        the relaxed and somewhat weird rules for deciding how to interpret a
        non-pattern-character, in preparation for implementing those rules.
        
        Also, implemented the relaxed and somewhat weird rules for '}' and ']'.

        * wrec/WREC.cpp: Reduced the regular expression size limit. Now that
        WREC handles ']' properly, it compiles fast/js/regexp-charclass-crash.html,
        which makes it hang at the old limit. (The old limit was based on the
        misimpression that the same value in PCRE limited the regular expression
        pattern size; in reality, it limited the expected compiled regular
        expression size. WREC doesn't have a way to calculate an expected
        compiled regular expression size, but this should be good enough.)

        * wrec/WRECParser.cpp:
        (JSC::WREC::parsePatternCharacterSequence): Nixed this function because
        it contained a second copy of the logic for handling non-pattern-characters,
        which is about to get a lot more complicated.

        (JSC::WREC::PatternCharacterSequence::PatternCharacterSequence): 
        (JSC::WREC::PatternCharacterSequence::size):
        (JSC::WREC::PatternCharacterSequence::append):
        (JSC::WREC::PatternCharacterSequence::flush): Helper object for generating
        an optimized sequence of pattern characters.

        (JSC::WREC::Parser::parseNonCharacterEscape): Renamed to reflect the fact
        that the main parseAlternative loop handles character escapes.

        (JSC::WREC::Parser::parseAlternative): Moved pattern character sequence
        logic from parsePatternCharacterSequence to here, using
        PatternCharacterSequence to help with the details.

        * wrec/WRECParser.h: Updated for renames.

2008-12-08  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Geoff Garen.

        <rdar://problem/6166088> Give JSGlobalContextCreate a behavior that is concurrency aware,
        and un-deprecate it

        * API/JSContextRef.cpp: (JSGlobalContextCreate):
        * API/JSContextRef.h:
        Use a unique context group for the context, unless the application was linked against old
        JavaScriptCore.

2008-12-08  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix for <rdar://problem/6428332> Remove the CTI return address table from CodeBlock

        Step 1:

        Remove use of jitReturnAddressVPCMap when looking for vPC to store Structures
        in for cached lookup.  Instead, use the offset in the StructureStubInfo that is
        already required.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dumpStatistics): Fix extraneous semicolon.
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdSelf):
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdReplace):
        (JSC::JIT::compilePutByIdTransition):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength): Remove extra call to getStubInfo.
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):

2008-12-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Port the op_j?n?eq_null JIT code generation to use the MacroAssembler,
        and clean up slightly at the same time.  The 'j' forms currently compare,
        then set a register, then compare again, then branch.  Branch directly on
        the result of the first compare.

        Around a 1% progression on deltablue, crypto & early boyer, for about 1/2%
        overall on v8-tests.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdSlowCase):

2008-12-08  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Expand MacroAssembler to support more operations, required by the JIT.

        Generally adds more operations and permutations of operands to the existing
        interface.  Rename 'jset' to 'jnz' and 'jnset' to 'jz', which seem clearer,
        and require that immediate pointer operands (though not pointer addresses to
        load and store instructions) are wrapped in a ImmPtr() type, akin to Imm32().

        No performance impact.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::):
        (JSC::MacroAssembler::ImmPtr::ImmPtr):
        (JSC::MacroAssembler::add32):
        (JSC::MacroAssembler::and32):
        (JSC::MacroAssembler::or32):
        (JSC::MacroAssembler::sub32):
        (JSC::MacroAssembler::xor32):
        (JSC::MacroAssembler::loadPtr):
        (JSC::MacroAssembler::load32):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::store32):
        (JSC::MacroAssembler::poke):
        (JSC::MacroAssembler::move):
        (JSC::MacroAssembler::testImm32):
        (JSC::MacroAssembler::jae32):
        (JSC::MacroAssembler::jb32):
        (JSC::MacroAssembler::jePtr):
        (JSC::MacroAssembler::je32):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jne32):
        (JSC::MacroAssembler::jnzPtr):
        (JSC::MacroAssembler::jnz32):
        (JSC::MacroAssembler::jzPtr):
        (JSC::MacroAssembler::jz32):
        (JSC::MacroAssembler::joSub32):
        (JSC::MacroAssembler::jump):
        (JSC::MacroAssembler::sete32):
        (JSC::MacroAssembler::setne32):
        (JSC::MacroAssembler::setnz32):
        (JSC::MacroAssembler::setz32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::addl_mr):
        (JSC::X86Assembler::andl_i8r):
        (JSC::X86Assembler::cmpl_rm):
        (JSC::X86Assembler::cmpl_mr):
        (JSC::X86Assembler::cmpl_i8m):
        (JSC::X86Assembler::subl_mr):
        (JSC::X86Assembler::testl_i32m):
        (JSC::X86Assembler::xorl_i32r):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::modRm_opmsib):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::emitPutCTIArgConstant):
        (JSC::JIT::emitPutCTIParam):
        (JSC::JIT::emitPutImmediateToCallFrameHeader):
        (JSC::JIT::emitInitRegister):
        (JSC::JIT::checkStructure):
        (JSC::JIT::emitJumpIfJSCell):
        (JSC::JIT::emitJumpIfNotJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNum):

2008-12-08  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a bug where WREC would allow a quantifier whose minimum was
        greater than its maximum.
        
        * wrec/Quantifier.h:
        (JSC::WREC::Quantifier::Quantifier): ASSERT that the quantifier is not
        backwards.
        
        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::consumeGreedyQuantifier): Verify that the minimum
        is not greater than the maximum.

2008-12-08  Eric Seidel  <eric (a] webkit.org>
        
        Build fix only, no review.

        * JavaScriptCore.scons: add bytecode/JumpTable.cpp

2008-12-08  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=22716
        <rdar://problem/6428315>
        Add RareData structure to CodeBlock for infrequently used auxiliary data
        members.

        Reduces memory on Membuster-head by ~.5MB 

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::dumpStatistics):
        (JSC::CodeBlock::mark):
        (JSC::CodeBlock::getHandlerForVPC):
        (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::numberOfExceptionHandlers):
        (JSC::CodeBlock::addExceptionHandler):
        (JSC::CodeBlock::exceptionHandler):
        (JSC::CodeBlock::addFunction):
        (JSC::CodeBlock::function):
        (JSC::CodeBlock::addUnexpectedConstant):
        (JSC::CodeBlock::unexpectedConstant):
        (JSC::CodeBlock::addRegExp):
        (JSC::CodeBlock::regexp):
        (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
        (JSC::CodeBlock::addImmediateSwitchJumpTable):
        (JSC::CodeBlock::immediateSwitchJumpTable):
        (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
        (JSC::CodeBlock::addCharacterSwitchJumpTable):
        (JSC::CodeBlock::characterSwitchJumpTable):
        (JSC::CodeBlock::numberOfStringSwitchJumpTables):
        (JSC::CodeBlock::addStringSwitchJumpTable):
        (JSC::CodeBlock::stringSwitchJumpTable):
        (JSC::CodeBlock::evalCodeCache):
        (JSC::CodeBlock::createRareDataIfNecessary):

2008-11-26  Peter Kasting  <pkasting (a] google.com>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=16814
        Allow ports to disable ActiveX->NPAPI conversion for Media Player.
        Improve handling of miscellaneous ActiveX objects.

        * wtf/Platform.h: Add another ENABLE(...).

2008-12-08  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Add dumping of CodeBlock member structure usage.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dumpStatistics):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::isEmpty):

2008-12-08  David Kilzer  <ddkilzer (a] apple.com>

        Bug 22555: Sort "children" sections in Xcode project files

        <https://bugs.webkit.org/show_bug.cgi?id=22555>

        Reviewed by Eric Seidel.

        * JavaScriptCore.xcodeproj/project.pbxproj: Sorted.

2008-12-08  Tony Chang  <tony (a] chromium.org>

        Reviewed by Eric Seidel.

        Enable Pan scrolling only when building on PLATFORM(WIN_OS)
        Previously platforms like Apple Windows WebKit, Cairo Windows WebKit,
        Wx and Chromium were enabling it explicitly, now we just turn it on
        for all WIN_OS, later platforms can turn it off as needed on Windows
        (or turn it on under Linux, etc.)
        https://bugs.webkit.org/show_bug.cgi?id=22698

        * wtf/Platform.h:

2008-12-08  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Add basic memory statistics dumping for CodeBlock.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dumpStatistics):
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::~CodeBlock):
        * bytecode/CodeBlock.h:

2008-12-08  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Fix the Linux build with newer gcc/glibc.

        * jit/ExecutableAllocatorPosix.cpp: Include unistd.h for
        getpagesize(), according to
        http://opengroup.org/onlinepubs/007908775/xsh/getpagesize.html

2008-12-08  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Fix the build with Qt on Windows.

        * JavaScriptCore.pri: Compile ExecutableAllocatorWin.cpp on Windows.

2008-12-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Buildfix).

        Fix non-WREC builds

        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):

2008-12-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Put ENABLE(ASSEMBLER) guards around use of ExecutableAllocator in global data

        Correct Qt and Gtk project files

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * runtime/JSGlobalData.h:

2008-12-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Add new files to other projects.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.pro:

2008-12-07  Oliver Hunt  <oliver (a] apple.com>

        Rubber stamped by Mark Rowe.

        Rename ExecutableAllocatorMMAP to the more sensible ExecutableAllocatorPosix

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/ExecutableAllocator.h:
        * jit/ExecutableAllocatorPosix.cpp: Renamed from JavaScriptCore/jit/ExecutableAllocatorMMAP.cpp.
        (JSC::ExecutableAllocator::intializePageSize):
        (JSC::ExecutablePool::systemAlloc):
        (JSC::ExecutablePool::systemRelease):

2008-12-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich and Sam Weinig

        <rdar://problem/6309878> Need more granular control over allocation of executable memory (21783)
        <https://bugs.webkit.org/show_bug.cgi?id=21783>

        Add a new allocator for use by the JIT that provides executable pages, so
        we can get rid of the current hack that makes the entire heap executable.

        1-2% progression on SunSpider-v8, 1% on SunSpider.  Reduces memory usage as well!

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::size):
        (JSC::AssemblerBuffer::executableCopy):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::size):
        (JSC::MacroAssembler::copyCode):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::size):
        (JSC::X86Assembler::executableCopy):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::executablePool):
        (JSC::CodeBlock::setExecutablePool):
        * bytecode/Instruction.h:
        (JSC::PolymorphicAccessStructureList::derefStructures):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::~Interpreter):
        * interpreter/Interpreter.h:
        * jit/ExecutableAllocator.cpp: Added.
        * jit/ExecutableAllocator.h: Added.
        (JSC::ExecutablePool::create):
        (JSC::ExecutablePool::alloc):
        (JSC::ExecutablePool::~ExecutablePool):
        (JSC::ExecutablePool::available):
        (JSC::ExecutablePool::ExecutablePool):
        (JSC::ExecutablePool::poolAllocate):
        (JSC::ExecutableAllocator::ExecutableAllocator):
        (JSC::ExecutableAllocator::poolForSize):
        (JSC::ExecutablePool::sizeForAllocation):
        * jit/ExecutableAllocatorMMAP.cpp: Added.
        (JSC::ExecutableAllocator::intializePageSize):
        (JSC::ExecutablePool::systemAlloc):
        (JSC::ExecutablePool::systemRelease):
        * jit/ExecutableAllocatorWin.cpp: Added.
        (JSC::ExecutableAllocator::intializePageSize):
        (JSC::ExecutablePool::systemAlloc):
        (JSC::ExecutablePool::systemRelease):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        * parser/Nodes.cpp:
        (JSC::RegExpNode::emitBytecode):
        * runtime/JSGlobalData.h:
        (JSC::JSGlobalData::poolForSize):
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::create):
        (JSC::RegExp::~RegExp):
        * runtime/RegExp.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncCompile):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp):
        * wrec/WRECGenerator.h:
        * wtf/FastMalloc.cpp:
        * wtf/FastMalloc.h:
        * wtf/TCSystemAlloc.cpp:
        (TryMmap):
        (TryVirtualAlloc):
        (TryDevMem):
        (TCMalloc_SystemRelease):

2008-12-06  Sam Weinig  <sam (a] webkit.org>

        Fix the Gtk build.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):

2008-12-06  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich,

        Move CodeBlock constructor into the .cpp file.

        Sunspider reports a .7% progression, but I can only assume this
        is noise.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:

2008-12-06  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Split JumpTable code into its own file.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * bytecode/CodeBlock.cpp:
        * bytecode/CodeBlock.h:
        * bytecode/JumpTable.cpp: Copied from bytecode/CodeBlock.cpp.
        * bytecode/JumpTable.h: Copied from bytecode/CodeBlock.h.

2008-12-05  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22715
        Encapsulate more CodeBlock members in preparation
        of moving some of them to a rare data structure.

        * bytecode/CodeBlock.cpp:
        (JSC::locationForOffset):
        (JSC::printConditionalJump):
        (JSC::printGetByIdOp):
        (JSC::printPutByIdOp):
        (JSC::CodeBlock::printStructure):
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        (JSC::CodeBlock::mark):
        (JSC::CodeBlock::getHandlerForVPC):
        (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
        (JSC::CodeBlock::lineNumberForVPC):
        (JSC::CodeBlock::expressionRangeForVPC):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::addCaller):
        (JSC::CodeBlock::removeCaller):
        (JSC::CodeBlock::isKnownNotImmediate):
        (JSC::CodeBlock::isConstantRegisterIndex):
        (JSC::CodeBlock::getConstant):
        (JSC::CodeBlock::isTemporaryRegisterIndex):
        (JSC::CodeBlock::getStubInfo):
        (JSC::CodeBlock::getCallLinkInfo):
        (JSC::CodeBlock::instructions):
        (JSC::CodeBlock::setJITCode):
        (JSC::CodeBlock::jitCode):
        (JSC::CodeBlock::ownerNode):
        (JSC::CodeBlock::setGlobalData):
        (JSC::CodeBlock::setThisRegister):
        (JSC::CodeBlock::thisRegister):
        (JSC::CodeBlock::setNeedsFullScopeChain):
        (JSC::CodeBlock::needsFullScopeChain):
        (JSC::CodeBlock::setUsesEval):
        (JSC::CodeBlock::usesEval):
        (JSC::CodeBlock::setUsesArguments):
        (JSC::CodeBlock::usesArguments):
        (JSC::CodeBlock::codeType):
        (JSC::CodeBlock::source):
        (JSC::CodeBlock::sourceOffset):
        (JSC::CodeBlock::addGlobalResolveInstruction):
        (JSC::CodeBlock::numberOfPropertyAccessInstructions):
        (JSC::CodeBlock::addPropertyAccessInstruction):
        (JSC::CodeBlock::propertyAccessInstruction):
        (JSC::CodeBlock::numberOfCallLinkInfos):
        (JSC::CodeBlock::addCallLinkInfo):
        (JSC::CodeBlock::callLinkInfo):
        (JSC::CodeBlock::numberOfJumpTargets):
        (JSC::CodeBlock::addJumpTarget):
        (JSC::CodeBlock::jumpTarget):
        (JSC::CodeBlock::lastJumpTarget):
        (JSC::CodeBlock::numberOfExceptionHandlers):
        (JSC::CodeBlock::addExceptionHandler):
        (JSC::CodeBlock::exceptionHandler):
        (JSC::CodeBlock::addExpressionInfo):
        (JSC::CodeBlock::numberOfLineInfos):
        (JSC::CodeBlock::addLineInfo):
        (JSC::CodeBlock::lastLineInfo):
        (JSC::CodeBlock::jitReturnAddressVPCMap):
        (JSC::CodeBlock::numberOfIdentifiers):
        (JSC::CodeBlock::addIdentifier):
        (JSC::CodeBlock::identifier):
        (JSC::CodeBlock::numberOfConstantRegisters):
        (JSC::CodeBlock::addConstantRegister):
        (JSC::CodeBlock::constantRegister):
        (JSC::CodeBlock::addFunction):
        (JSC::CodeBlock::function):
        (JSC::CodeBlock::addFunctionExpression):
        (JSC::CodeBlock::functionExpression):
        (JSC::CodeBlock::addUnexpectedConstant):
        (JSC::CodeBlock::unexpectedConstant):
        (JSC::CodeBlock::addRegExp):
        (JSC::CodeBlock::regexp):
        (JSC::CodeBlock::symbolTable):
        (JSC::CodeBlock::evalCodeCache):
        New inline setters/getters.

        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::ProgramCodeBlock::~ProgramCodeBlock):
        (JSC::ProgramCodeBlock::clearGlobalObject):
        * bytecode/SamplingTool.cpp:
        (JSC::ScopeSampleRecord::sample):
        (JSC::SamplingTool::dump):
        * bytecompiler/BytecodeGenerator.cpp:
        * bytecompiler/BytecodeGenerator.h:
        * bytecompiler/Label.h:
        * interpreter/CallFrame.cpp:
        * interpreter/Interpreter.cpp:
        * jit/JIT.cpp:
        * jit/JITCall.cpp:
        * jit/JITInlineMethods.h:
        * jit/JITPropertyAccess.cpp:
        * parser/Nodes.cpp:
        * runtime/Arguments.h:
        * runtime/ExceptionHelpers.cpp:
        * runtime/JSActivation.cpp:
        * runtime/JSActivation.h:
        * runtime/JSGlobalObject.cpp:
        Change direct access to use new getter/setters.

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Prevent GCC4.2 from hanging when trying to compile Interpreter.cpp.
        Added "-fno-var-tracking" compiler flag.

        https://bugs.webkit.org/show_bug.cgi?id=22704

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Ordering of branch operands in MacroAssembler in unnecessarily  inconsistent.

        je, jg etc take an immediate operand as the second argument, but for the
        equality branches (je, jne) the immediate operand was the first argument.  This
        was unnecessarily inconsistent.  Change je, jne methods to take the immediate
        as the second argument.

        https://bugs.webkit.org/show_bug.cgi?id=22703

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::je32):
        (JSC::MacroAssembler::jne32):
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generatePatternCharacterPair):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Second tranche of porting JIT.cpp to MacroAssembler interface.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::mul32):
        (JSC::MacroAssembler::jl32):
        (JSC::MacroAssembler::jnzSub32):
        (JSC::MacroAssembler::joAdd32):
        (JSC::MacroAssembler::joMul32):
        (JSC::MacroAssembler::jzSub32):
        * jit/JIT.cpp:
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpIfNotJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):

2008-12-05  David Kilzer  <ddkilzer (a] apple.com>

        Bug 22609: Provide a build-time choice when generating hash tables for properties of built-in DOM objects

        <https://bugs.webkit.org/show_bug.cgi?id=22609>
        <rdar://problem/6331749>

        Reviewed by Darin Adler.

        Initial patch by Yosen Lin.  Adapted for ToT WebKit by David Kilzer.

        Added back the code that generates a "compact" hash (instead of a
        perfect hash) as a build-time option using the
        ENABLE(PERFECT_HASH_SIZE) macro as defined in Lookup.h.

        * create_hash_table: Rename variables to differentiate perfect hash
        values from compact hash values.  Added back code to compute compact
        hash tables.  Generate both hash table sizes and emit
        conditionalized code based on ENABLE(PERFECT_HASH_SIZE).
        * runtime/Lookup.cpp:
        (JSC::HashTable::createTable): Added version of createTable() for
        use with compact hash tables.
        (JSC::HashTable::deleteTable): Updated to work with compact hash
        tables.
        * runtime/Lookup.h: Defined ENABLE(PERFECT_HASH_SIZE) macro here.
        (JSC::HashEntry::initialize): Set m_next to zero when using compact
        hash tables.
        (JSC::HashEntry::setNext): Added for compact hash tables.
        (JSC::HashEntry::next): Added for compact hash tables.
        (JSC::HashTable::entry): Added version of entry() for use with
        compact hash tables.
        * runtime/Structure.cpp:
        (JSC::Structure::getEnumerablePropertyNames): Updated to work with
        compact hash tables.

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Remove redundant calls to JIT::emitSlowScriptCheck.
        This is checked in the hot path, so is not needed on the slow path - and the code
        was being planted before the start of the slow case, so was completely unreachable!

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Move JIT::compileOpStrictEq to MacroAssembler interface.

        The rewrite also looks like a small (<1%) performance progression.

        https://bugs.webkit.org/show_bug.cgi?id=22697

        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpIfJSCell):
        (JSC::JIT::emitJumpSlowCaseIfJSCell):

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Remove m_assembler from MacroAssembler::Jump.
        Keeping a pointer allowed for some syntactic sugar - "link()" looks nicer
        than "link(this)".  But maintaining this doubles the size of Jump, which
        is even more unfortunate for the JIT, since there are many large structures
        holding JmpSrcs.  Probably best to remove it.

        https://bugs.webkit.org/show_bug.cgi?id=22693

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::Jump::Jump):
        (JSC::MacroAssembler::Jump::link):
        (JSC::MacroAssembler::Jump::linkTo):
        (JSC::MacroAssembler::JumpList::link):
        (JSC::MacroAssembler::JumpList::linkTo):
        (JSC::MacroAssembler::jae32):
        (JSC::MacroAssembler::je32):
        (JSC::MacroAssembler::je16):
        (JSC::MacroAssembler::jg32):
        (JSC::MacroAssembler::jge32):
        (JSC::MacroAssembler::jl32):
        (JSC::MacroAssembler::jle32):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jne32):
        (JSC::MacroAssembler::jnset32):
        (JSC::MacroAssembler::jset32):
        (JSC::MacroAssembler::jump):
        (JSC::MacroAssembler::jzSub32):
        (JSC::MacroAssembler::joAdd32):
        (JSC::MacroAssembler::call):
        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateBackreferenceQuantifier):
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateCharacterClass):
        (JSC::WREC::Generator::generateParenthesesAssertion):
        (JSC::WREC::Generator::generateParenthesesInvertedAssertion):
        (JSC::WREC::Generator::generateParenthesesNonGreedy):
        (JSC::WREC::Generator::generateParenthesesResetTrampoline):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        (JSC::WREC::Generator::generateBackreference):
        (JSC::WREC::Generator::terminateAlternative):
        (JSC::WREC::Generator::terminateDisjunction):
        * wrec/WRECParser.h:

2008-12-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoffrey Garen.

        Simplify JIT generated checks for timeout code, by moving more work into the C function.
        https://bugs.webkit.org/show_bug.cgi?id=22688

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_timeout_check):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::emitSlowScriptCheck):

2008-12-05  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Encapsulate access to jump tables in the CodeBlock in preparation
        of moving them to a rare data structure.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
        (JSC::CodeBlock::addImmediateSwitchJumpTable):
        (JSC::CodeBlock::immediateSwitchJumpTable):
        (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
        (JSC::CodeBlock::addCharacterSwitchJumpTable):
        (JSC::CodeBlock::characterSwitchJumpTable):
        (JSC::CodeBlock::numberOfStringSwitchJumpTables):
        (JSC::CodeBlock::addStringSwitchJumpTable):
        (JSC::CodeBlock::stringSwitchJumpTable):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate):
        (JSC::BytecodeGenerator::endSwitch):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):

2008-12-05  Adam Roben  <aroben (a] apple.com>

        Windows build fix after r39020

        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        Add some apparently-missing __.

2008-12-04  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        https://bugs.webkit.org/show_bug.cgi?id=22673
        
        Added support for the assertion (?=) and inverted assertion (?!) atoms
        in WREC.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateParenthesesAssertion):
        (JSC::WREC::Generator::generateParenthesesInvertedAssertion): Split the
        old (unused) generateParentheses into these two functions, with more
        limited capabilities.
        
        * wrec/WRECGenerator.h:
        (JSC::WREC::Generator::): Moved an enum to the top of the class definition,
        to match the WebKit style, and removed a defunct comment.

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::parseParentheses):
        (JSC::WREC::Parser::consumeParenthesesType):
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::): Added support for parsing (?=) and (?!).

2008-12-05  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Rubber-stamped by Tor Arne Vestb.

        Disable the JIT for the Qt build alltogether again, after observing
        more miscompilations in a wider range of newer gcc versions.

        * JavaScriptCore.pri:

2008-12-05  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Tor Arne Vestb.

        Disable the JIT for the Qt build on Linux unless gcc is >= 4.2,
        due to miscompilations.

        * JavaScriptCore.pri:

2008-12-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Start porting the JIT to use the MacroAssembler.

        https://bugs.webkit.org/show_bug.cgi?id=22671
        No change in performance.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::Jump::operator X86Assembler::JmpSrc):
        (JSC::MacroAssembler::add32):
        (JSC::MacroAssembler::and32):
        (JSC::MacroAssembler::lshift32):
        (JSC::MacroAssembler::rshift32):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::store32):
        (JSC::MacroAssembler::poke):
        (JSC::MacroAssembler::move):
        (JSC::MacroAssembler::compareImm32ForBranchEquality):
        (JSC::MacroAssembler::jnePtr):
        (JSC::MacroAssembler::jnset32):
        (JSC::MacroAssembler::jset32):
        (JSC::MacroAssembler::jzeroSub32):
        (JSC::MacroAssembler::joverAdd32):
        (JSC::MacroAssembler::call):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::shll_i8r):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::emitPutCTIArg):
        (JSC::JIT::emitPutCTIArgConstant):
        (JSC::JIT::emitGetCTIArg):
        (JSC::JIT::emitPutCTIArgFromVirtualRegister):
        (JSC::JIT::emitPutCTIParam):
        (JSC::JIT::emitGetCTIParam):
        (JSC::JIT::emitPutToCallFrameHeader):
        (JSC::JIT::emitPutImmediateToCallFrameHeader):
        (JSC::JIT::emitGetFromCallFrameHeader):
        (JSC::JIT::emitPutVirtualRegister):
        (JSC::JIT::emitInitRegister):
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        (JSC::JIT::emitCTICall):
        (JSC::JIT::checkStructure):
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
        (JSC::JIT::emitFastArithDeTagImmediate):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::emitFastArithReTagImmediate):
        (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
        (JSC::JIT::emitFastArithImmToInt):
        (JSC::JIT::emitFastArithIntToImmOrSlowCase):
        (JSC::JIT::emitFastArithIntToImmNoCheck):
        (JSC::JIT::emitTagAsBoolImmediate):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):

2008-12-04  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Some refactoring for generateGreedyQuantifier.
        
        SunSpider reports no change (possibly a 0.3% speedup).

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateGreedyQuantifier): Clarified label
        meanings and unified some logic to simplify things.

        * wrec/WRECParser.h:
        (JSC::WREC::Parser::parseAlternative): Added a version of parseAlternative
        that can jump to a Label, instead of a JumpList, upon failure. (Eventually,
        when we have a true Label class, this will be redundant.) This makes
        things easier for generateGreedyQuantifier, because it can avoid
        explicitly linking things.

2008-12-04  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Holger Freyther.

        Fix crashes in the Qt build on Linux/i386 with non-executable memory
        by enabling TCSystemAlloc and the PROT_EXEC flag for mmap.

        * JavaScriptCore.pri: Enable the use of TCSystemAlloc if the JIT is
        enabled.
        * wtf/TCSystemAlloc.cpp: Extend the PROT_EXEC permissions to
        PLATFORM(QT).

2008-12-04  Simon Hausmann  <simon.hausmann (a] nokia.com>

        Reviewed by Tor Arne Vestb.

        Enable ENABLE_JIT_OPTIMIZE_CALL, ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
        and ENABLE_JIT_OPTIMIZE_ARITHMETIC, as suggested by Niko.

        * JavaScriptCore.pri: 

2008-12-04  Kent Hansen  <khansen (a] trolltech.com>

        Reviewed by Simon Hausmann.

        Enable the JSC jit for the Qt build by default for release builds on
        linux-g++ and win32-msvc.

        * JavaScriptCore.pri:

2008-12-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Allow JIT to function without property access repatching and arithmetic optimizations.
        Controlled by ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS and ENABLE_JIT_OPTIMIZE_ARITHMETIC switches.

        https://bugs.webkit.org/show_bug.cgi?id=22643

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp: Copied from jit/JIT.cpp.
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        * jit/JITPropertyAccess.cpp: Copied from jit/JIT.cpp.
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutByIdHotPath):
        (JSC::JIT::compilePutByIdSlowCase):
        (JSC::resizePropertyStorage):
        (JSC::transitionWillNeedStorageRealloc):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * wtf/Platform.h:

2008-12-03  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Optimized sequences of characters in regular expressions by comparing
        two characters at a time.
        
        1-2% speedup on SunSpider, 19-25% speedup on regexp-dna.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::load32):
        (JSC::MacroAssembler::jge32): Filled out a few more macro methods.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movl_mr): Added a verion of movl_mr that operates
        without an offset, to allow the macro assembler to optmize for that case.
        
        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp): Test the saved value of index
        instead of the index register when checking for "end of input." The
        index register doesn't increment by 1 in an orderly fashion, so testing
        it for == "end of input" is not valid.
        
        Also, jump all the way to "return failure" upon reaching "end of input,"
        instead of executing the next alternative. This is more logical, and
        it's a slight optimization in the case of an expression with many alternatives.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateIncrementIndex): Added support for
        jumping to a failure label in the case where the index has reached "end
        of input."

        (JSC::WREC::Generator::generatePatternCharacterSequence):
        (JSC::WREC::Generator::generatePatternCharacterPair): This is the
        optmization. It's basically like generatePatternCharacter, but it runs two
        characters at a time.
        
        (JSC::WREC::Generator::generatePatternCharacter): Changed to use isASCII,
        since it's clearer than comparing to a magic hex value.
        
        * wrec/WRECGenerator.h:

2008-12-03  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Allow JIT to operate without the call-repatching optimization.
        Controlled by ENABLE(JIT_OPTIMIZE_CALL), defaults on, disabling
        this leads to significant performance regression.

        https://bugs.webkit.org/show_bug.cgi?id=22639

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITCall.cpp: Copied from jit/JIT.cpp.
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallEvalSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        (JSC::unreachable):
        * jit/JITInlineMethods.h: Copied from jit/JIT.cpp.
        (JSC::JIT::checkStructure):
        (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
        (JSC::JIT::emitTagAsBoolImmediate):
        * wtf/Platform.h:

2008-12-03  Eric Seidel  <eric (a] webkit.org>

        Rubber-stamped by David Hyatt.

        Make HAVE_ACCESSIBILITY only define if !defined

        * wtf/Platform.h:

2008-12-03  Sam Weinig  <sam (a] webkit.org>

        Fix build.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::orl_i32r):

2008-12-03  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Remove shared AssemblerBuffer 1MB buffer and instead give AssemblerBuffer
        an 256 byte inline capacity.

        1% progression on Sunspider.

        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::AssemblerBuffer):
        (JSC::AssemblerBuffer::~AssemblerBuffer):
        (JSC::AssemblerBuffer::grow):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::MacroAssembler):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::X86Assembler):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * parser/Nodes.cpp:
        (JSC::RegExpNode::emitBytecode):
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::create):
        * runtime/RegExp.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncCompile):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp):
        * wrec/WRECGenerator.h:
        (JSC::WREC::Generator::Generator):
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::Parser):

2008-12-03  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt, with help from Gavin Barraclough.
        
        orl_i32r was actually coded as an 8bit OR. So, I renamed orl_i32r to
        orl_i8r, changed all orl_i32r clients to use orl_i8r, and then added
        a new orl_i32r that actually does a 32bit OR.
        
        (32bit OR is currently unused, but a patch I'm working on uses it.)

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::or32): Updated to choose between 8bit and 32bit OR.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::orl_i8r): The old orl_i32r.
        (JSC::X86Assembler::orl_i32r): The new orl_i32r.
        
        * jit/JIT.cpp:
        (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
        (JSC::JIT::emitTagAsBoolImmediate): Use orl_i8r, since we're ORing 8bit
        values.

2008-12-03  Dean Jackson  <dino (a] apple.com>

        Reviewed by Dan Bernstein.

        Helper functions for turn -> degrees.
        https://bugs.webkit.org/show_bug.cgi?id=22497

        * wtf/MathExtras.h:
        (turn2deg):
        (deg2turn):

2008-12-02  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 22504: Crashes during code generation occur due to refing of ignoredResult()
        <https://bugs.webkit.org/show_bug.cgi?id=22504>

        Since ignoredResult() was implemented by casting 1 to a RegisterID*, any
        attempt to ref ignoredResult() results in a crash. This will occur in
        code generation of a function body where a node emits another node with
        the dst that was passed to it, and then refs the returned RegisterID*.

        To fix this problem, make ignoredResult() a member function of
        BytecodeGenerator that simply returns a pointe to a fixed RegisterID
        member of BytecodeGenerator.

        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::ignoredResult):
        * bytecompiler/RegisterID.h:
        * parser/Nodes.cpp:
        (JSC::NullNode::emitBytecode):
        (JSC::BooleanNode::emitBytecode):
        (JSC::NumberNode::emitBytecode):
        (JSC::StringNode::emitBytecode):
        (JSC::RegExpNode::emitBytecode):
        (JSC::ThisNode::emitBytecode):
        (JSC::ResolveNode::emitBytecode):
        (JSC::ObjectLiteralNode::emitBytecode):
        (JSC::PostfixResolveNode::emitBytecode):
        (JSC::PostfixBracketNode::emitBytecode):
        (JSC::PostfixDotNode::emitBytecode):
        (JSC::DeleteValueNode::emitBytecode):
        (JSC::VoidNode::emitBytecode):
        (JSC::TypeOfResolveNode::emitBytecode):
        (JSC::TypeOfValueNode::emitBytecode):
        (JSC::PrefixResolveNode::emitBytecode):
        (JSC::AssignResolveNode::emitBytecode):
        (JSC::CommaNode::emitBytecode):
        (JSC::ForNode::emitBytecode):
        (JSC::ForInNode::emitBytecode):
        (JSC::ReturnNode::emitBytecode):
        (JSC::ThrowNode::emitBytecode):
        (JSC::FunctionBodyNode::emitBytecode):
        (JSC::FuncDeclNode::emitBytecode):

2008-12-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=22537
        REGRESSION (r38745): Assertion failure in jsSubstring() at ge.com

        The bug was that index would become greater than length, so our
        "end of input" checks, which all check "index == length", would fail.
        
        The solution is to check for end of input before incrementing index,
        to ensure that index is always <= length.
        
        As a side benefit, generateJumpIfEndOfInput can now use je instead of
        jg, which should be slightly faster.

        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateJumpIfEndOfInput):

2008-12-02  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoffrey Garen.

        Plant shift right immediate instructions, which are awesome.
        https://bugs.webkit.org/show_bug.cgi?id=22610
        ~5% on the v8-crypto test.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):

2008-12-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Cleaned up SegmentedVector by abstracting segment access into helper
        functions.
        
        SunSpider reports no change.

        * bytecompiler/SegmentedVector.h:
        (JSC::SegmentedVector::SegmentedVector):
        (JSC::SegmentedVector::~SegmentedVector):
        (JSC::SegmentedVector::size):
        (JSC::SegmentedVector::at):
        (JSC::SegmentedVector::operator[]):
        (JSC::SegmentedVector::last):
        (JSC::SegmentedVector::append):
        (JSC::SegmentedVector::removeLast):
        (JSC::SegmentedVector::grow):
        (JSC::SegmentedVector::clear):
        (JSC::SegmentedVector::deleteAllSegments):
        (JSC::SegmentedVector::segmentFor):
        (JSC::SegmentedVector::subscriptFor):
        (JSC::SegmentedVector::ensureSegmentsFor):
        (JSC::SegmentedVector::ensureSegment):

2008-12-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Geoffrey Garen. (Patch by Cameron Zwarich <zwarich (a] apple.com>.)
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=22482
        REGRESSION (r37991): Occasionally see "Scene rendered incorrectly"
        message when running the V8 Raytrace benchmark
        
        Rolled out r37991. It didn't properly save xmm0, which is caller-save,
        before calling helper functions.
        
        SunSpider and v8 benchmarks show little change -- possibly a .2%
        SunSpider regression, possibly a .2% v8 benchmark speedup.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Instruction.h:
        (JSC::Instruction::):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitUnaryOp):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::emitToJSNumber):
        (JSC::BytecodeGenerator::emitTypeOf):
        (JSC::BytecodeGenerator::emitGetPropertyNames):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * parser/Nodes.cpp:
        (JSC::UnaryOpNode::emitBytecode):
        (JSC::BinaryOpNode::emitBytecode):
        (JSC::EqualNode::emitBytecode):
        * parser/ResultType.h:
        (JSC::ResultType::isReusable):
        (JSC::ResultType::mightBeNumber):
        * runtime/JSNumberCell.h:

2008-12-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoffrey Garen.

        Remove unused (sampling only, and derivable) argument to JIT::emitCTICall.
        https://bugs.webkit.org/show_bug.cgi?id=22587

        * jit/JIT.cpp:
        (JSC::JIT::emitCTICall):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:

2008-12-02  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Reviewed by Eric Seidel.
        
        Fix the inheritance chain for JSFunction.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::info): Add InternalFunction::info as parent class

2008-12-02  Simon Hausmann  <hausmann (a] webkit.org>

        Reviewed by Tor Arne Vestb.

        Fix ability to include JavaScriptCore.pri from other .pro files.

        * JavaScriptCore.pri: Moved -O3 setting into the .pro files.
        * JavaScriptCore.pro:
        * jsc.pro:

2008-12-01  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich, with help from Gavin Barraclough.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=22583.

        Refactored regular expression parsing to parse sequences of characters
        as a single unit, in preparation for optimizing sequences of characters.
        
        SunSpider reports no change.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wrec/Escapes.h: Added. Set of classes for representing an escaped
        token in a pattern.

        * wrec/Quantifier.h:
        (JSC::WREC::Quantifier::Quantifier): Simplified this constructor slightly,
        to match the new Escape constructor.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generatePatternCharacterSequence):
        * wrec/WRECGenerator.h: Added an interface for generating a sequence
        of pattern characters at a time. It doesn't do anything special yet.

        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::consumeGreedyQuantifier):
        (JSC::WREC::Parser::consumeQuantifier): Renamed "parse" to "consume" in
        these functions, to match "consumeEscape."

        (JSC::WREC::Parser::parsePatternCharacterSequence): New function for
        iteratively aggregating a sequence of characters in a pattern.

        (JSC::WREC::Parser::parseCharacterClassQuantifier):
        (JSC::WREC::Parser::parseBackreferenceQuantifier): Renamed "parse" to
        "consume" in these functions, to match "consumeEscape."

        (JSC::WREC::Parser::parseCharacterClass): Refactored to use the common
        escape processing code in consumeEscape.

        (JSC::WREC::Parser::parseEscape): Refactored to use the common
        escape processing code in consumeEscape.

        (JSC::WREC::Parser::consumeEscape): Factored escaped token processing
        into a common function, since we were doing this in a few places.

        (JSC::WREC::Parser::parseTerm): Refactored to use the common
        escape processing code in consumeEscape.

        * wrec/WRECParser.h:
        (JSC::WREC::Parser::consumeOctal): Refactored to use a helper function
        for reading a digit.

2008-12-01  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 20340: SegmentedVector segment allocations can lead to unsafe use of temporary registers
        <https://bugs.webkit.org/show_bug.cgi?id=20340>

        SegmentedVector currently frees segments and reallocates them when used
        as a stack. This can lead to unsafe use of pointers into freed segments.

        In order to fix this problem, SegmentedVector will be changed to only
        grow and never shrink. Also, rename the reserveCapacity() member
        function to grow() to match the actual usage in BytecodeGenerator, where
        this function is used to allocate a group of registers at once, rather
        than merely saving space for them.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): Use grow() instead of 
        reserveCapacity().
        * bytecompiler/SegmentedVector.h:
        (JSC::SegmentedVector::SegmentedVector):
        (JSC::SegmentedVector::last):
        (JSC::SegmentedVector::append):
        (JSC::SegmentedVector::removeLast):
        (JSC::SegmentedVector::grow): Renamed from reserveCapacity().
        (JSC::SegmentedVector::clear):

2008-12-01  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Anders Carlsson.

        Disable WREC for x86_64 since memory allocated by the system allocator is not marked executable,
        which causes 64-bit debug builds to crash.  Once we have a dedicated allocator for executable
        memory we can turn this back on.

        * wtf/Platform.h:

2008-12-01  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Restore inline buffer after vector is shrunk back below its inline capacity.

        * wtf/Vector.h:
        (WTF::):
        (WTF::VectorBuffer::restoreInlineBufferIfNeeded):
        (WTF::::shrinkCapacity):

2008-11-30  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Mark Rowe.
        
        Try to return free pages in the current thread cache too.

        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::releaseFastMallocFreeMemory):

2008-12-01  David Levin  <levin (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=22567
        Make HashTable work as expected with respect to threads. Specifically, it has class-level
        thread safety and constant methods work on constant objects without synchronization.
        
        No observable change in behavior, so no test. This only affects debug builds.

        * wtf/HashTable.cpp:
        (WTF::hashTableStatsMutex):
        (WTF::HashTableStats::~HashTableStats):
        (WTF::HashTableStats::recordCollisionAtCount):
        Guarded variable access with a mutex.

        * wtf/HashTable.h:
        (WTF::::lookup):
        (WTF::::lookupForWriting):
        (WTF::::fullLookupForWriting):
        (WTF::::add):
        (WTF::::reinsert):
        (WTF::::remove):
        (WTF::::rehash):
        Changed increments of static variables to use atomicIncrement.

        (WTF::::invalidateIterators):
        (WTF::addIterator):
        (WTF::removeIterator):
        Guarded mutable access with a mutex.

2008-11-29  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Enable WREC on PLATFORM(X86_64).  This change predominantly requires changes to the
        WREC::Generator::generateEnter method to support the x86-64 ABI, and addition of
        support for a limited number of quadword operations in the X86Assembler.

        This patch will cause the JS heap to be allocated with RWX permissions on 64-bit Mac
        platforms.  This is a regression with respect to previous 64-bit behaviour, but is no
        more permissive than on 32-bit builds.  This issue should be addressed at some point.
        (This is tracked by bug #21783.)

        https://bugs.webkit.org/show_bug.cgi?id=22554
        Greater than 4x speedup on regexp-dna, on x86-64.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::addPtr):
        (JSC::MacroAssembler::loadPtr):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::pop):
        (JSC::MacroAssembler::push):
        (JSC::MacroAssembler::move):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::movq_rr):
        (JSC::X86Assembler::addl_i8m):
        (JSC::X86Assembler::addl_i32r):
        (JSC::X86Assembler::addq_i8r):
        (JSC::X86Assembler::addq_i32r):
        (JSC::X86Assembler::movq_mr):
        (JSC::X86Assembler::movq_rm):
        * wrec/WREC.h:
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateReturnSuccess):
        (JSC::WREC::Generator::generateReturnFailure):
        * wtf/Platform.h:
        * wtf/TCSystemAlloc.cpp:

2008-12-01  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Preliminary work for bug 20340: SegmentedVector segment allocations can lead to unsafe use of temporary registers
        <https://bugs.webkit.org/show_bug.cgi?id=20340>

        SegmentedVector currently frees segments and reallocates them when used
        as a stack. This can lead to unsafe use of pointers into freed segments.

        In order to fix this problem, SegmentedVector will be changed to only
        grow and never shrink, with the sole exception of clearing all of its
        data, a capability that is required by Lexer. This patch changes the
        public interface to only allow for these capabilities.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): Use reserveCapacity()
        instead of resize() for m_globals and m_parameters.
        * bytecompiler/SegmentedVector.h:
        (JSC::SegmentedVector::resize): Removed.
        (JSC::SegmentedVector::reserveCapacity): Added.
        (JSC::SegmentedVector::clear): Added.
        (JSC::SegmentedVector::shrink): Removed.
        (JSC::SegmentedVector::grow): Removed.
        * parser/Lexer.cpp:
        (JSC::Lexer::clear): Use clear() instead of resize(0).

2008-11-30  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Renames jumps to m_jumps in JumpList.

        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::JumpList::link):
        (JSC::MacroAssembler::JumpList::linkTo):
        (JSC::MacroAssembler::JumpList::append):

2008-11-30  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Mark Rowe.
        
        https://bugs.webkit.org/show_bug.cgi?id=22557
        
        Report free size in central and thread caches too.

        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::fastMallocStatistics):
        * wtf/FastMalloc.h:

2008-11-29  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Dan Bernstein.
        
        https://bugs.webkit.org/show_bug.cgi?id=22557
        Add statistics for JavaScript GC heap.

        * JavaScriptCore.exp:
        * runtime/Collector.cpp:
        (JSC::Heap::objectCount):
        (JSC::addToStatistics):
        (JSC::Heap::statistics):
        * runtime/Collector.h:

2008-11-29  Antti Koivisto  <antti (a] apple.com>

        Fix debug build by adding a stub method.

        * wtf/FastMalloc.cpp:
        (WTF::fastMallocStatistics):

2008-11-29  Antti Koivisto  <antti (a] apple.com>

        Reviewed by Alexey Proskuryakov.
        
        https://bugs.webkit.org/show_bug.cgi?id=22557
        
        Add function for getting basic statistics from FastMalloc.

        * JavaScriptCore.exp:
        * wtf/FastMalloc.cpp:
        (WTF::DLL_Length):
        (WTF::TCMalloc_PageHeap::ReturnedBytes):
        (WTF::TCMallocStats::fastMallocStatistics):
        * wtf/FastMalloc.h:

2008-11-29  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        The C++ standard does not automatically grant the friendships of an
        enclosing class to its nested subclasses, so we should do so explicitly.
        This fixes the GCC 4.0 build, although both GCC 4.2 and Visual C++ 2005
        accept the incorrect code as it is.

        * assembler/MacroAssembler.h:

2008-11-29  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Add the class MacroAssembler to provide some abstraction of code generation,
        and change WREC to make use of this class, rather than directly accessing
        the X86Assembler.

        This patch also allows WREC to be compiled without the rest of the JIT enabled.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/MacroAssembler.h: Added.
        (JSC::MacroAssembler::):
        (JSC::MacroAssembler::MacroAssembler):
        (JSC::MacroAssembler::copyCode):
        (JSC::MacroAssembler::Address::Address):
        (JSC::MacroAssembler::ImplicitAddress::ImplicitAddress):
        (JSC::MacroAssembler::BaseIndex::BaseIndex):
        (JSC::MacroAssembler::Label::Label):
        (JSC::MacroAssembler::Jump::Jump):
        (JSC::MacroAssembler::Jump::link):
        (JSC::MacroAssembler::Jump::linkTo):
        (JSC::MacroAssembler::JumpList::link):
        (JSC::MacroAssembler::JumpList::linkTo):
        (JSC::MacroAssembler::JumpList::append):
        (JSC::MacroAssembler::Imm32::Imm32):
        (JSC::MacroAssembler::add32):
        (JSC::MacroAssembler::or32):
        (JSC::MacroAssembler::sub32):
        (JSC::MacroAssembler::loadPtr):
        (JSC::MacroAssembler::load32):
        (JSC::MacroAssembler::load16):
        (JSC::MacroAssembler::storePtr):
        (JSC::MacroAssembler::store32):
        (JSC::MacroAssembler::pop):
        (JSC::MacroAssembler::push):
        (JSC::MacroAssembler::peek):
        (JSC::MacroAssembler::poke):
        (JSC::MacroAssembler::move):
        (JSC::MacroAssembler::compareImm32ForBranch):
        (JSC::MacroAssembler::compareImm32ForBranchEquality):
        (JSC::MacroAssembler::jae32):
        (JSC::MacroAssembler::je32):
        (JSC::MacroAssembler::je16):
        (JSC::MacroAssembler::jg32):
        (JSC::MacroAssembler::jge32):
        (JSC::MacroAssembler::jl32):
        (JSC::MacroAssembler::jle32):
        (JSC::MacroAssembler::jne32):
        (JSC::MacroAssembler::jump):
        (JSC::MacroAssembler::breakpoint):
        (JSC::MacroAssembler::ret):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::cmpw_rm):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::assemblerBuffer):
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        * wrec/WREC.cpp:
        (JSC::WREC::Generator::compileRegExp):
        * wrec/WREC.h:
        * wrec/WRECFunctors.cpp:
        (JSC::WREC::GeneratePatternCharacterFunctor::generateAtom):
        (JSC::WREC::GenerateCharacterClassFunctor::generateAtom):
        (JSC::WREC::GenerateBackreferenceFunctor::generateAtom):
        (JSC::WREC::GenerateParenthesesNonGreedyFunctor::generateAtom):
        * wrec/WRECFunctors.h:
        (JSC::WREC::GenerateParenthesesNonGreedyFunctor::GenerateParenthesesNonGreedyFunctor):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateReturnSuccess):
        (JSC::WREC::Generator::generateSaveIndex):
        (JSC::WREC::Generator::generateIncrementIndex):
        (JSC::WREC::Generator::generateLoadCharacter):
        (JSC::WREC::Generator::generateJumpIfEndOfInput):
        (JSC::WREC::Generator::generateJumpIfNotEndOfInput):
        (JSC::WREC::Generator::generateReturnFailure):
        (JSC::WREC::Generator::generateBacktrack1):
        (JSC::WREC::Generator::generateBacktrackBackreference):
        (JSC::WREC::Generator::generateBackreferenceQuantifier):
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateCharacterClass):
        (JSC::WREC::Generator::generateParentheses):
        (JSC::WREC::Generator::generateParenthesesNonGreedy):
        (JSC::WREC::Generator::generateParenthesesResetTrampoline):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        (JSC::WREC::Generator::generateBackreference):
        (JSC::WREC::Generator::terminateAlternative):
        (JSC::WREC::Generator::terminateDisjunction):
        * wrec/WRECGenerator.h:
        (JSC::WREC::Generator::Generator):
        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::parsePatternCharacterQualifier):
        (JSC::WREC::Parser::parseCharacterClassQuantifier):
        (JSC::WREC::Parser::parseBackreferenceQuantifier):
        (JSC::WREC::Parser::parseParentheses):
        (JSC::WREC::Parser::parseCharacterClass):
        (JSC::WREC::Parser::parseOctalEscape):
        (JSC::WREC::Parser::parseEscape):
        (JSC::WREC::Parser::parseTerm):
        (JSC::WREC::Parser::parseDisjunction):
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::Parser):
        (JSC::WREC::Parser::parsePattern):
        (JSC::WREC::Parser::parseAlternative):
        * wtf/Platform.h:

2008-11-28  Simon Hausmann  <hausmann (a] webkit.org>

        Reviewed by Tor Arne Vestb.

        Fix compilation on Windows CE

        Port away from the use of errno after calling strtol(), instead
        detect conversion errors by checking the result and the stop
        position.

        * runtime/DateMath.cpp:
        (JSC::parseLong):
        (JSC::parseDate):

2008-11-28  Joerg Bornemann  <joerg.bornemann (a] trolltech.com>

        Reviewed by Simon Hausmann.

        Implement lowResUTCTime() on Windows CE using GetSystemTime as _ftime() is not available.

        * runtime/DateMath.cpp:
        (JSC::lowResUTCTime):

2008-11-28  Simon Hausmann  <hausmann (a] webkit.org>

        Rubber-stamped by Tor Arne Vestb.

        Removed unnecessary inclusion of errno.h, which also fixes compilation on Windows CE.

        * runtime/JSGlobalObjectFunctions.cpp:

2008-11-27  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        r38825 made JSFunction::m_body private, but some inspector code in
        WebCore sets the field. Add setters for it.

        * runtime/JSFunction.h:
        (JSC::JSFunction::setBody):

2008-11-27  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix FIXME by adding accessor for JSFunction's m_body property.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::cti_op_call_JSFunction):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        (JSC::Interpreter::cti_vm_lazyLinkCall):
        * profiler/Profiler.cpp:
        (JSC::createCallIdentifierFromFunctionImp):
        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        (JSC::Arguments::Arguments):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSFunction.h:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::body):

2008-11-27  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Remove unused member variables from ProgramNode.

        * parser/Nodes.h:

2008-11-27  Brent Fulgham  <bfulgham (a] gmail.com>

        Reviewed by Alexey Proskuryakov.

        Enable mouse panning feaure on Windows Cairo build.
        See http://bugs.webkit.org/show_bug.cgi?id=22525

        * wtf/Platform.h: Enable mouse panning feaure on Windows Cairo build.

2008-11-27  Alp Toker  <alp (a] nuanti.com>

        Change recently introduced C++ comments in Platform.h to C comments to
        fix the minidom build with traditional C.

        Build GtkLauncher and minidom with the '-ansi' compiler flag to detect
        API header breakage at build time.

        * GNUmakefile.am:
        * wtf/Platform.h:

2008-11-27  Alp Toker  <alp (a] nuanti.com>

        Remove C++ comment from JavaScriptCore API headers (introduced r35449).
        Fixes build for ANSI C applications using the public API.

        * API/WebKitAvailability.h:

2008-11-26  Eric Seidel  <eric (a] webkit.org>

        No review, build fix only.

        Fix the JSC Chromium Mac build by adding JavaScriptCore/icu into the include path

        * JavaScriptCore.scons:

2008-11-25  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Remove the unused member function JSFunction::getParameterName().

        * runtime/JSFunction.cpp:
        * runtime/JSFunction.h:

2008-11-24  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Polymorpic caching for get by id chain.  Similar to the polymorphic caching already implemented
        for self and proto accesses (implemented by allowing multiple trampolines to be JIT genertaed,
        and linked together) - the get by id chain caching is implemented as a genericization of the
        proto list caching, allowing cached access lists to contain a mix of proto and proto chain
        accesses (since in JS style inheritance hierarchies you may commonly see a mix of properties
        being overridden on the direct prototype, or higher up its prototype chain).

        In order to allow this patch to compile there is a fix to appease gcc 4.2 compiler issues
        (removing the jumps between fall-through cases in privateExecute).
        
        This patch also removes redundant immediate checking from the reptach code, and fixes a related
        memory leak (failure to deallocate trampolines). 

        ~2% progression on v8 tests (bulk on the win on deltablue)

        * bytecode/Instruction.h:
        (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::):
        (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
        (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
        (JSC::PolymorphicAccessStructureList::derefStructures):
        * interpreter/Interpreter.cpp:
        (JSC::countPrototypeChainEntriesAndCheckForProxies):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::getPolymorphicAccessStructureListSlot):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdChainList):

2008-11-25  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Move the collect() call in Heap::heapAllocate() that is conditionally
        compiled under COLLECT_ON_EVERY_ALLOCATION so that it is before we get
        information about the heap. This was causing assertion failures for me
        while I was reducing a bug.

        * runtime/Collector.cpp:
        (JSC::Heap::heapAllocate):

2008-11-24  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 13790: Function declarations are not treated as statements (used to affect starcraft2.com)
        <https://bugs.webkit.org/show_bug.cgi?id=13790>

        Modify the parser to treat function declarations as statements,
        simplifying the grammar in the process. Technically, according to the
        grammar in the ECMA spec, function declarations are not statements and
        can not be used everywhere that statements can, but it is not worth the
        possibility compatibility issues just to stick to the spec in this case.

        * parser/Grammar.y:
        * parser/Nodes.cpp:
        (JSC::FuncDeclNode::emitBytecode): Avoid returning ignoredResult()
        as a result, because it causes a crash in DoWhileNode::emitBytecode().

2008-11-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Unroll the regexp matching loop by 1. 10% speedup on simple matching
        stress test. No change on SunSpider.
        
        (I decided not to unroll to arbitrary levels because the returns diminsh
        quickly.)

        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateJumpIfEndOfInput):
        (JSC::WREC::Generator::generateJumpIfNotEndOfInput):
        * wrec/WRECGenerator.h:
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::error):
        (JSC::WREC::Parser::parsePattern):

2008-11-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Removed some unnecessary "Generator::" prefixes.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateReturnSuccess):
        (JSC::WREC::Generator::generateSaveIndex):
        (JSC::WREC::Generator::generateIncrementIndex):
        (JSC::WREC::Generator::generateLoopIfNotEndOfInput):
        (JSC::WREC::Generator::generateReturnFailure):

2008-11-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Made a bunch of WREC::Parser functions private, and added an explicit
        "reset()" function, so a parser can be reused.

        * wrec/WRECParser.h:
        (JSC::WREC::Parser::Parser):
        (JSC::WREC::Parser::generator):
        (JSC::WREC::Parser::ignoreCase):
        (JSC::WREC::Parser::multiline):
        (JSC::WREC::Parser::recordSubpattern):
        (JSC::WREC::Parser::numSubpatterns):
        (JSC::WREC::Parser::parsePattern):
        (JSC::WREC::Parser::parseAlternative):
        (JSC::WREC::Parser::reset):

2008-11-24  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Implement repatching for get by id chain.
        Previously the access is performed in a function stub, in the repatch form
        the trampoline is not called to; instead the hot path is relinked to jump
        directly to the trampoline, if it fails it will jump to the slow case.

        https://bugs.webkit.org/show_bug.cgi?id=22449
        3% progression on deltablue.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):

2008-11-24  Joerg Bornemann  <joerg.bornemann (a] trolltech.com>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=20746

        Various small compilation fixes to make the Qt port of WebKit
        compile on Windows CE.

        * config.h: Don't set _CRT_RAND_S for CE, it's not available.
        * jsc.cpp: Disabled use of debugger includes for CE. It
          does not have the debugging functions.
        * runtime/DateMath.cpp: Use localtime() on Windows CE.
        * wtf/Assertions.cpp: Compile on Windows CE without debugger.
        * wtf/Assertions.h: Include windows.h before defining ASSERT.
        * wtf/MathExtras.h: Include stdlib.h instead of xmath.h.
        * wtf/Platform.h: Disable ERRNO_H and detect endianess based
          on the Qt endianess. On Qt for Windows CE the endianess is
          defined by the vendor specific build spec.
        * wtf/Threading.h: Use the volatile-less atomic functions.
        * wtf/dtoa.cpp: Compile without errno.
        * wtf/win/MainThreadWin.cpp: Don't include windows.h on CE after
        Assertions.h due to the redefinition of ASSERT.

2008-11-22  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Replace accidentally deleted immediate check from get by id chain trampoline.
        https://bugs.webkit.org/show_bug.cgi?id=22413

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileGetByIdChain):

2008-11-21  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Add (really) polymorphic caching for get by id self.
        Very similar to caching of prototype accesses, described below.

        Oh, also, probably shouldn't have been leaking those structure list objects.
        
        4% preogression on deltablue.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructures):
        (JSC::PrototypeStructureList::derefStructures):
        * bytecode/Instruction.h:
        * bytecode/Opcode.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::patchGetByIdSelf):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdSelfList):

2008-11-21  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed many crashes seen 'round the world (but only in release builds).
        
        Update outputParameter offset to reflect slight re-ordering of push
        instructions in r38669.

        * wrec/WRECGenerator.cpp:

2008-11-21  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        A little more RegExp refactoring.
        
        Deployed a helper function for reading the next character. Used the "link
        vector of jumps" helper in a place I missed before.

        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateLoadCharacter):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClass):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        * wrec/WRECGenerator.h:

2008-11-21  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=22402
        Replace abort() with CRASH()

        * wtf/Assertions.h: Added a different method to crash, which should work even is 0xbbadbeef
        is a valid memory address.

        * runtime/Collector.cpp:
        * wtf/FastMalloc.cpp:
        * wtf/FastMalloc.h:
        * wtf/TCSpinLock.h:
        Replace abort() with CRASH().

2008-11-21  Alexey Proskuryakov  <ap (a] webkit.org>

        Reverted fix for bug 22042 (Replace abort() with CRASH()), because it was breaking
        FOR_EACH_OPCODE_ID macro somehow, making Safari crash.

        * runtime/Collector.cpp:
        (JSC::Heap::heapAllocate):
        (JSC::Heap::collect):
        * wtf/Assertions.h:
        * wtf/FastMalloc.cpp:
        (WTF::fastMalloc):
        (WTF::fastCalloc):
        (WTF::fastRealloc):
        (WTF::InitSizeClasses):
        (WTF::PageHeapAllocator::New):
        (WTF::TCMallocStats::do_malloc):
        * wtf/FastMalloc.h:
        * wtf/TCSpinLock.h:
        (TCMalloc_SpinLock::Init):
        (TCMalloc_SpinLock::Finalize):
        (TCMalloc_SpinLock::Lock):
        (TCMalloc_SpinLock::Unlock):

2008-11-21  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        A little more RegExp refactoring.
        
        Moved all assembly from WREC.cpp into WRECGenerator helper functions.
        This should help with portability and readability.
        
        Removed ASSERTs after calls to executableCopy(), and changed
        executableCopy() to ASSERT instead.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::executableCopy):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateReturnSuccess):
        (JSC::WREC::Generator::generateSaveIndex):
        (JSC::WREC::Generator::generateIncrementIndex):
        (JSC::WREC::Generator::generateLoopIfNotEndOfInput):
        (JSC::WREC::Generator::generateReturnFailure):
        * wrec/WRECGenerator.h:
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::ignoreCase):
        (JSC::WREC::Parser::generator):

2008-11-21  Alexey Proskuryakov  <ap (a] webkit.org>

        Build fix.

        * wtf/Assertions.h: Use ::abort for C++ code.

2008-11-21  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=22402
        Replace abort() with CRASH()

        * wtf/Assertions.h: Added abort() after an attempt to crash for extra safety.

        * runtime/Collector.cpp:
        * wtf/FastMalloc.cpp:
        * wtf/FastMalloc.h:
        * wtf/TCSpinLock.h:
        Replace abort() with CRASH().

2008-11-21  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed wrec => generator.

        * wrec/WRECFunctors.cpp:
        (JSC::WREC::GeneratePatternCharacterFunctor::generateAtom):
        (JSC::WREC::GeneratePatternCharacterFunctor::backtrack):
        (JSC::WREC::GenerateCharacterClassFunctor::generateAtom):
        (JSC::WREC::GenerateCharacterClassFunctor::backtrack):
        (JSC::WREC::GenerateBackreferenceFunctor::generateAtom):
        (JSC::WREC::GenerateBackreferenceFunctor::backtrack):
        (JSC::WREC::GenerateParenthesesNonGreedyFunctor::generateAtom):

2008-11-19  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Darin Adler.

        Add support for (really) polymorphic caching of prototype accesses.
        
        If a cached prototype access misses, cti_op_get_by_id_proto_list is called.
        When this occurs the Structure pointers from the instruction stream are copied
        off into a new ProtoStubInfo object.  A second prototype access trampoline is
        generated, and chained onto the first.  Subsequent missed call to
        cti_op_get_by_id_proto_list_append, which append futher new trampolines, up to
        PROTOTYPE_LIST_CACHE_SIZE (currently 4).  If any of the misses result in an
        access other than to a direct prototype property, list formation is halted (or
        for the initial miss, does not take place at all).

        Separate fail case functions are provided for each access since this contributes
        to the performance progression (enables better processor branch prediction).

        Overall this is a near 5% progression on v8, with around 10% wins on richards
        and deltablue.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructures):
        * bytecode/Instruction.h:
        (JSC::ProtoStructureList::ProtoStubInfo::set):
        (JSC::ProtoStructureList::ProtoStructureList):
        (JSC::Instruction::Instruction):
        (JSC::Instruction::):
        * bytecode/Opcode.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_put_by_id_fail):
        (JSC::Interpreter::cti_op_get_by_id_self_fail):
        (JSC::Interpreter::cti_op_get_by_id_proto_list):
        (JSC::Interpreter::cti_op_get_by_id_proto_list_append):
        (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
        (JSC::Interpreter::cti_op_get_by_id_proto_fail):
        (JSC::Interpreter::cti_op_get_by_id_chain_fail):
        (JSC::Interpreter::cti_op_get_by_id_array_fail):
        (JSC::Interpreter::cti_op_get_by_id_string_fail):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProtoList):

2008-11-20  Sam Weinig  <sam (a] webkit.org>

        Try and fix the tiger build.

        * parser/Grammar.y:

2008-11-20  Eric Seidel  <eric (a] webkit.org>

        Reviewed by Darin Adler.

        Make JavaScriptCore Chromium build under Windows (cmd only, cygwin almost works)
        https://bugs.webkit.org/show_bug.cgi?id=22347

        * JavaScriptCore.scons:
        * parser/Parser.cpp: Add using std::auto_ptr since we use auto_ptr

2008-11-20  Steve Falkenburg  <sfalken (a] apple.com>

        Fix build.
        
        Reviewed by Sam Weinig.

        * parser/Parser.cpp:
        (JSC::Parser::reparse):

2008-11-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        A little more RegExp refactoring.
        
        Created a helper function in the assembler for linking a vector of
        JmpSrc to a location, and deployed it in a bunch of places.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::link):
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateParentheses):
        (JSC::WREC::Generator::generateParenthesesResetTrampoline):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        (JSC::WREC::Generator::terminateAlternative):
        (JSC::WREC::Generator::terminateDisjunction):
        * wrec/WRECParser.cpp:
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::consumeHex):

2008-11-20  Sam Weinig  <sam (a] webkit.org>

        Fix non-mac builds.

        * parser/Lexer.cpp:
        * parser/Parser.cpp:

2008-11-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=22385
        <rdar://problem/6390179>
        Lazily reparse FunctionBodyNodes on first execution.

        - Saves 57MB on Membuster head.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate): Remove vector shrinking since this is now
        handled by destroying the ScopeNodeData after generation.

        * parser/Grammar.y: Add alternate NoNode version of the grammar
        that does not create nodes.  This is used to lazily create FunctionBodyNodes
        on first execution.

        * parser/Lexer.cpp:
        (JSC::Lexer::setCode): Fix bug where on reparse, the Lexer was confused about
        what position and length meant. Position is the current position in the original
        data buffer (important for getting correct line/column information) and length
        the end offset in the original buffer.
        * parser/Lexer.h:
        (JSC::Lexer::sourceCode): Positions are relative to the beginning of the buffer.

        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::ScopeNodeData): Move initialization of ScopeNode data here.
        (JSC::ScopeNode::ScopeNode): Add constructor that only sets the JSGlobalData
        for FunctionBodyNode stubs.
        (JSC::ScopeNode::~ScopeNode): Release m_children now that we don't inherit from
        BlockNode.
        (JSC::ScopeNode::releaseNodes): Ditto.
        (JSC::EvalNode::generateBytecode): Only shrink m_children, as we need to keep around
        the rest of the data.
        (JSC::FunctionBodyNode::FunctionBodyNode): Add constructor that only sets the
        JSGlobalData. 
        (JSC::FunctionBodyNode::create): Ditto.
        (JSC::FunctionBodyNode::generateBytecode): If we don't have the data, do a reparse
        to construct it. Then after generation, destroy the data.
        (JSC::ProgramNode::generateBytecode): After generation, destroy the AST data.
        * parser/Nodes.h:
        (JSC::ExpressionNode::): Add isFuncExprNode for FunctionConstructor.
        (JSC::StatementNode::): Add isExprStatementNode for FunctionConstructor.
        (JSC::ExprStatementNode::): Ditto.
        (JSC::ExprStatementNode::expr): Add accessor for FunctionConstructor.
        (JSC::FuncExprNode::): Add isFuncExprNode for FunctionConstructor

        (JSC::ScopeNode::adoptData): Adopts a ScopeNodeData.
        (JSC::ScopeNode::data): Accessor for ScopeNodeData.
        (JSC::ScopeNode::destroyData): Deletes the ScopeNodeData.
        (JSC::ScopeNode::setFeatures): Added.
        (JSC::ScopeNode::varStack): Added assert.
        (JSC::ScopeNode::functionStack): Ditto.
        (JSC::ScopeNode::children): Ditto.
        (JSC::ScopeNode::neededConstants): Ditto.
        Factor m_varStack, m_functionStack, m_children and m_numConstants into ScopeNodeData.

        * parser/Parser.cpp:
        (JSC::Parser::reparse): Reparse the SourceCode in the FunctionBodyNode and set
        set up the ScopeNodeData for it. 
        * parser/Parser.h:

        * parser/SourceCode.h:
        (JSC::SourceCode::endOffset): Added for use in the lexer.

        * runtime/FunctionConstructor.cpp:
        (JSC::getFunctionBody): Assuming a ProgramNode with one FunctionExpression in it,
        get the FunctionBodyNode.  Any issues signifies a parse failure in constructFunction. 
        (JSC::constructFunction): Make parsing functions in the form new Function(""), easier
        by concatenating the strings together (with some glue) and parsing the function expression
        as a ProgramNode from which we can receive the FunctionBodyNode. This has the added benefit
        of not having special parsing code for the arguments and lazily constructing the 
        FunctionBodyNode's AST on first execution.

        * runtime/Identifier.h:
        (JSC::operator!=): Added.

2008-11-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Speedup the lexer to offset coming re-parsing patch.

        - .6% progression on Sunspider.

        * bytecompiler/SegmentedVector.h:
        (JSC::SegmentedVector::shrink): Fixed bug where m_size would not be
        set when shrinking to 0.

        * parser/Lexer.cpp:
        (JSC::Lexer::Lexer):
        (JSC::Lexer::isIdentStart): Use isASCIIAlpha and isASCII to avoid going into ICU in the common cases.
        (JSC::Lexer::isIdentPart): Use isASCIIAlphanumeric and isASCII to avoid going into ICU in the common cases
        (JSC::isDecimalDigit): Use version in ASCIICType.h. Inlining it was a regression.
        (JSC::Lexer::isHexDigit): Ditto.
        (JSC::Lexer::isOctalDigit): Ditto.
        (JSC::Lexer::clear): Resize the m_identifiers SegmentedVector to initial
        capacity
        * parser/Lexer.h: Remove unused m_strings vector. Make m_identifiers
        a SegmentedVector<Identifier> to avoid allocating a new Identifier* for
        each identifier found.  The SegmentedVector is need so we can passes 
        references to the Identifier to the parser, which remain valid even when
        the vector is resized.
        (JSC::Lexer::makeIdentifier): Inline and return a reference to the added
        Identifier.

2008-11-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Add isASCII to ASCIICType.  Use coming soon!

        * wtf/ASCIICType.h:
        (WTF::isASCII):

2008-11-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Add OwnPtr constructor and OwnPtr::adopt that take an auto_ptr.

        * wtf/OwnPtr.h:
        (WTF::OwnPtr::OwnPtr):
        (WTF::OwnPtr::adopt):

2008-11-20  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=22364
        Crashes seen on Tiger buildbots due to worker threads exhausting pthread keys

        * runtime/Collector.cpp:
        (JSC::Heap::Heap):
        (JSC::Heap::destroy):
        (JSC::Heap::makeUsableFromMultipleThreads):
        (JSC::Heap::registerThread):
        * runtime/Collector.h:
        Pthread key for tracking threads is only created on request now, because this is a limited
        resource, and thread tracking is not needed for worker heaps, or for WebCore heap.

        * API/JSContextRef.cpp: (JSGlobalContextCreateInGroup): Call makeUsableFromMultipleThreads().

        * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::sharedInstance): Ditto.

        * runtime/JSGlobalData.h: (JSC::JSGlobalData::makeUsableFromMultipleThreads): Just forward
        the call to Heap, which clients need not know about, ideally.

2008-11-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        A little more WREC refactoring.
        
        Removed the "Register" suffix from register names in WREC, and renamed:
            currentPosition => index
            currentValue => character
            quantifierCount => repeatCount
            
        Added a top-level parsePattern function to the WREC parser, which
        allowed me to remove the error() and atEndOfPattern() accessors.
        
        Factored out an MSVC customization into a constant.
        
        Renamed nextLabel => beginPattern.

        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateBacktrack1):
        (JSC::WREC::Generator::generateBacktrackBackreference):
        (JSC::WREC::Generator::generateBackreferenceQuantifier):
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateCharacterClass):
        (JSC::WREC::Generator::generateParentheses):
        (JSC::WREC::Generator::generateParenthesesResetTrampoline):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        (JSC::WREC::Generator::generateBackreference):
        (JSC::WREC::Generator::generateDisjunction):
        (JSC::WREC::Generator::terminateDisjunction):
        * wrec/WRECGenerator.h:
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::parsePattern):

2008-11-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        https://bugs.webkit.org/show_bug.cgi?id=22361
        A little more RegExp refactoring.
        
        Consistently named variables holding the starting position at which
        regexp matching should begin to "startOffset".
        
        A few more "regExpObject" => "regExpConstructor" changes.
        
        Refactored RegExpObject::match for clarity, and replaced a slow "get"
        of the "global" property with a fast access to the global bit.
        
        Made the error message you see when RegExpObject::match has no input a
        little more informative, as in Firefox.

        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::match):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):

2008-11-19  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        A little more refactoring.
        
        Removed the "emit" and "emitUnlinked" prefixes from the assembler.
        
        Moved the JmpSrc and JmpDst class definitions to the top of the X86
        assembler class, in accordance with WebKit style guidelines.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::JmpSrc::JmpSrc):
        (JSC::X86Assembler::JmpDst::JmpDst):
        (JSC::X86Assembler::int3):
        (JSC::X86Assembler::pushl_m):
        (JSC::X86Assembler::popl_m):
        (JSC::X86Assembler::movl_rr):
        (JSC::X86Assembler::addl_rr):
        (JSC::X86Assembler::addl_i8r):
        (JSC::X86Assembler::addl_i8m):
        (JSC::X86Assembler::addl_i32r):
        (JSC::X86Assembler::addl_mr):
        (JSC::X86Assembler::andl_rr):
        (JSC::X86Assembler::andl_i32r):
        (JSC::X86Assembler::cmpl_i8r):
        (JSC::X86Assembler::cmpl_rr):
        (JSC::X86Assembler::cmpl_rm):
        (JSC::X86Assembler::cmpl_mr):
        (JSC::X86Assembler::cmpl_i32r):
        (JSC::X86Assembler::cmpl_i32m):
        (JSC::X86Assembler::cmpl_i8m):
        (JSC::X86Assembler::cmpw_rm):
        (JSC::X86Assembler::orl_rr):
        (JSC::X86Assembler::orl_mr):
        (JSC::X86Assembler::orl_i32r):
        (JSC::X86Assembler::subl_rr):
        (JSC::X86Assembler::subl_i8r):
        (JSC::X86Assembler::subl_i8m):
        (JSC::X86Assembler::subl_i32r):
        (JSC::X86Assembler::subl_mr):
        (JSC::X86Assembler::testl_i32r):
        (JSC::X86Assembler::testl_i32m):
        (JSC::X86Assembler::testl_rr):
        (JSC::X86Assembler::xorl_i8r):
        (JSC::X86Assembler::xorl_rr):
        (JSC::X86Assembler::sarl_i8r):
        (JSC::X86Assembler::sarl_CLr):
        (JSC::X86Assembler::shl_i8r):
        (JSC::X86Assembler::shll_CLr):
        (JSC::X86Assembler::imull_rr):
        (JSC::X86Assembler::imull_i32r):
        (JSC::X86Assembler::idivl_r):
        (JSC::X86Assembler::negl_r):
        (JSC::X86Assembler::movl_mr):
        (JSC::X86Assembler::movzbl_rr):
        (JSC::X86Assembler::movzwl_mr):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::movl_i32r):
        (JSC::X86Assembler::movl_i32m):
        (JSC::X86Assembler::leal_mr):
        (JSC::X86Assembler::jmp_r):
        (JSC::X86Assembler::jmp_m):
        (JSC::X86Assembler::movsd_mr):
        (JSC::X86Assembler::xorpd_mr):
        (JSC::X86Assembler::movsd_rm):
        (JSC::X86Assembler::movd_rr):
        (JSC::X86Assembler::cvtsi2sd_rr):
        (JSC::X86Assembler::cvttsd2si_rr):
        (JSC::X86Assembler::addsd_mr):
        (JSC::X86Assembler::subsd_mr):
        (JSC::X86Assembler::mulsd_mr):
        (JSC::X86Assembler::addsd_rr):
        (JSC::X86Assembler::subsd_rr):
        (JSC::X86Assembler::mulsd_rr):
        (JSC::X86Assembler::ucomis_rr):
        (JSC::X86Assembler::pextrw_irr):
        (JSC::X86Assembler::call):
        (JSC::X86Assembler::jmp):
        (JSC::X86Assembler::jne):
        (JSC::X86Assembler::jnz):
        (JSC::X86Assembler::je):
        (JSC::X86Assembler::jl):
        (JSC::X86Assembler::jb):
        (JSC::X86Assembler::jle):
        (JSC::X86Assembler::jbe):
        (JSC::X86Assembler::jge):
        (JSC::X86Assembler::jg):
        (JSC::X86Assembler::ja):
        (JSC::X86Assembler::jae):
        (JSC::X86Assembler::jo):
        (JSC::X86Assembler::jp):
        (JSC::X86Assembler::js):
        (JSC::X86Assembler::predictNotTaken):
        (JSC::X86Assembler::convertToFastCall):
        (JSC::X86Assembler::restoreArgumentReference):
        (JSC::X86Assembler::restoreArgumentReferenceForTrampoline):
        (JSC::X86Assembler::modRm_rr):
        (JSC::X86Assembler::modRm_rr_Unchecked):
        (JSC::X86Assembler::modRm_rm):
        (JSC::X86Assembler::modRm_rm_Unchecked):
        (JSC::X86Assembler::modRm_rmsib):
        (JSC::X86Assembler::modRm_opr):
        (JSC::X86Assembler::modRm_opr_Unchecked):
        (JSC::X86Assembler::modRm_opm):
        (JSC::X86Assembler::modRm_opm_Unchecked):
        (JSC::X86Assembler::modRm_opmsib):
        * jit/JIT.cpp:
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::emitNakedFastCall):
        (JSC::JIT::emitCTICall):
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::emitFastArithIntToImmOrSlowCase):
        (JSC::JIT::emitArithIntToImmWithJump):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateBackreferenceQuantifier):
        (JSC::WREC::Generator::generateNonGreedyQuantifier):
        (JSC::WREC::Generator::generateGreedyQuantifier):
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateCharacterClass):
        (JSC::WREC::Generator::generateParentheses):
        (JSC::WREC::Generator::generateParenthesesNonGreedy):
        (JSC::WREC::Generator::generateParenthesesResetTrampoline):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        (JSC::WREC::Generator::generateBackreference):
        (JSC::WREC::Generator::generateDisjunction):

2008-11-19  Simon Hausmann  <hausmann (a] webkit.org>

        Sun CC build fix, removed trailing comman for last enum value.

        * wtf/unicode/qt4/UnicodeQt4.h:
        (WTF::Unicode::):

2008-11-19  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Expand the workaround for Apple GCC compiler bug <rdar://problem/6354696> to all versions of GCC 4.0.1.
        It has been observed with builds 5465 (Xcode 3.0) and 5484 (Xcode 3.1), and there is no evidence
        that it has been fixed in newer builds of GCC 4.0.1.

        This addresses <https://bugs.webkit.org/show_bug.cgi?id=22351> (WebKit nightly crashes on launch on 10.4.11).

        * wtf/StdLibExtras.h:

2008-11-18  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak and Geoff Garen.

        Bug 22287: ASSERTION FAILED: Not enough jumps linked in slow case codegen in CTI::privateCompileSlowCases())
        <https://bugs.webkit.org/show_bug.cgi?id=22287>

        Fix a typo in the number cell reuse code where the first and second
        operands are sometimes confused.

        * jit/JIT.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):

2008-11-18  Dan Bernstein  <mitz (a] apple.com>

        - try to fix the Windows build

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2008-11-18  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Minor RegExp cleanup.
        
        SunSpider says no change.

        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::match): Renamed "regExpObj" to "regExpConstructor".

        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp): Instead of checking for a NULL output vector,
        ASSERT that the output vector is not NULL. (The rest of WREC is not
        safe to use with a NULL output vector, and we probably don't want to
        spend the time and/or performance to make it safe.)

2008-11-18  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        A little more renaming and refactoring.
        
        VM_CHECK_EXCEPTION() => CHECK_FOR_EXCEPTION().
        NEXT_INSTRUCTION => NEXT_INSTRUCTION().

        Removed the "Error_" and "TempError_" prefixes from WREC error types.

        Refactored the WREC parser so it doesn't need a "setError" function,
        and changed "isEndOfPattern" and its use -- they read kind of backwards
        before.
        
        Changed our "TODO:" error messages at least to say something, since you
        can't say "TODO:" in shipping software.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::cti_op_convert_this):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_pre_inc):
        (JSC::Interpreter::cti_op_loop_if_less):
        (JSC::Interpreter::cti_op_loop_if_lesseq):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_put_by_id_second):
        (JSC::Interpreter::cti_op_put_by_id_generic):
        (JSC::Interpreter::cti_op_put_by_id_fail):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_second):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id_fail):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_del_by_id):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_resolve):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_resolve_func):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_lesseq):
        (JSC::Interpreter::cti_op_loop_if_true):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_resolve_skip):
        (JSC::Interpreter::cti_op_resolve_global):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_pre_dec):
        (JSC::Interpreter::cti_op_jless):
        (JSC::Interpreter::cti_op_not):
        (JSC::Interpreter::cti_op_jtrue):
        (JSC::Interpreter::cti_op_post_inc):
        (JSC::Interpreter::cti_op_eq):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_resolve_with_base):
        (JSC::Interpreter::cti_op_mod):
        (JSC::Interpreter::cti_op_less):
        (JSC::Interpreter::cti_op_neq):
        (JSC::Interpreter::cti_op_post_dec):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_bitxor):
        (JSC::Interpreter::cti_op_bitor):
        (JSC::Interpreter::cti_op_push_scope):
        (JSC::Interpreter::cti_op_to_jsnumber):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_op_del_by_val):
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WRECParser.cpp:
        (JSC::WREC::Parser::parseGreedyQuantifier):
        (JSC::WREC::Parser::parseParentheses):
        (JSC::WREC::Parser::parseCharacterClass):
        (JSC::WREC::Parser::parseEscape):
        * wrec/WRECParser.h:
        (JSC::WREC::Parser::):
        (JSC::WREC::Parser::atEndOfPattern):

2008-11-18  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=22337
        Enable workers by default

        * Configurations/JavaScriptCore.xcconfig: Define ENABLE_WORKERS.

2008-11-18  Alexey Proskuryakov  <ap (a] webkit.org>

        - Windows build fix

        * wrec/WRECFunctors.h:
        * wrec/WRECGenerator.h:
        * wrec/WRECParser.h:
        CharacterClass is a struct, not a class, fix forward declarations.

2008-11-18  Dan Bernstein  <mitz (a] apple.com>

        - Windows build fix

        * assembler/X86Assembler.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix gtk build.

        * wrec/Quantifier.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix gtk build.

        * assembler/AssemblerBuffer.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Split WREC classes out into individual files, with a few modifications
        to more closely match the WebKit coding style.

        * GNUmakefile.am:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/X86Assembler.h:
        * runtime/RegExp.cpp:
        * wrec/CharacterClass.cpp: Copied from wrec/CharacterClassConstructor.cpp.
        (JSC::WREC::CharacterClass::newline):
        (JSC::WREC::CharacterClass::digits):
        (JSC::WREC::CharacterClass::spaces):
        (JSC::WREC::CharacterClass::wordchar):
        (JSC::WREC::CharacterClass::nondigits):
        (JSC::WREC::CharacterClass::nonspaces):
        (JSC::WREC::CharacterClass::nonwordchar):
        * wrec/CharacterClass.h: Copied from wrec/CharacterClassConstructor.h.
        * wrec/CharacterClassConstructor.cpp:
        (JSC::WREC::CharacterClassConstructor::addSortedRange):
        (JSC::WREC::CharacterClassConstructor::append):
        * wrec/CharacterClassConstructor.h:
        * wrec/Quantifier.h: Copied from wrec/WREC.h.
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WREC.h:
        * wrec/WRECFunctors.cpp: Copied from wrec/WREC.cpp.
        * wrec/WRECFunctors.h: Copied from wrec/WREC.cpp.
        (JSC::WREC::GenerateAtomFunctor::~GenerateAtomFunctor):
        (JSC::WREC::GeneratePatternCharacterFunctor::GeneratePatternCharacterFunctor):
        (JSC::WREC::GenerateCharacterClassFunctor::GenerateCharacterClassFunctor):
        (JSC::WREC::GenerateBackreferenceFunctor::GenerateBackreferenceFunctor):
        (JSC::WREC::GenerateParenthesesNonGreedyFunctor::GenerateParenthesesNonGreedyFunctor):
        * wrec/WRECGenerator.cpp: Copied from wrec/WREC.cpp.
        (JSC::WREC::Generator::generatePatternCharacter):
        (JSC::WREC::Generator::generateCharacterClassInvertedRange):
        (JSC::WREC::Generator::generateCharacterClassInverted):
        (JSC::WREC::Generator::generateCharacterClass):
        (JSC::WREC::Generator::generateParentheses):
        (JSC::WREC::Generator::generateAssertionBOL):
        (JSC::WREC::Generator::generateAssertionEOL):
        (JSC::WREC::Generator::generateAssertionWordBoundary):
        * wrec/WRECGenerator.h: Copied from wrec/WREC.h.
        * wrec/WRECParser.cpp: Copied from wrec/WREC.cpp.
        (JSC::WREC::Parser::parseGreedyQuantifier):
        (JSC::WREC::Parser::parseCharacterClassQuantifier):
        (JSC::WREC::Parser::parseParentheses):
        (JSC::WREC::Parser::parseCharacterClass):
        (JSC::WREC::Parser::parseEscape):
        (JSC::WREC::Parser::parseTerm):
        * wrec/WRECParser.h: Copied from wrec/WREC.h.
        (JSC::WREC::Parser::):
        (JSC::WREC::Parser::Parser):
        (JSC::WREC::Parser::setError):
        (JSC::WREC::Parser::error):
        (JSC::WREC::Parser::recordSubpattern):
        (JSC::WREC::Parser::numSubpatterns):
        (JSC::WREC::Parser::ignoreCase):
        (JSC::WREC::Parser::multiline):

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix a few builds.

        * JavaScriptCoreSources.bkl:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix a few builds.

        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved VM/CTI.* => jit/JIT.*.
        
        Removed VM.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp: Removed.
        * VM/CTI.h: Removed.
        * bytecode/CodeBlock.cpp:
        * interpreter/Interpreter.cpp:
        * jit: Added.
        * jit/JIT.cpp: Copied from VM/CTI.cpp.
        * jit/JIT.h: Copied from VM/CTI.h.
        * runtime/RegExp.cpp:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved runtime/ExecState.* => interpreter/CallFrame.*.

        * API/JSBase.cpp:
        * API/OpaqueJSString.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * debugger/DebuggerCallFrame.h:
        * interpreter/CallFrame.cpp: Copied from runtime/ExecState.cpp.
        * interpreter/CallFrame.h: Copied from runtime/ExecState.h.
        * interpreter/Interpreter.cpp:
        * parser/Nodes.cpp:
        * profiler/ProfileGenerator.cpp:
        * profiler/Profiler.cpp:
        * runtime/ClassInfo.h:
        * runtime/Collector.cpp:
        * runtime/Completion.cpp:
        * runtime/ExceptionHelpers.cpp:
        * runtime/ExecState.cpp: Removed.
        * runtime/ExecState.h: Removed.
        * runtime/Identifier.cpp:
        * runtime/JSFunction.cpp:
        * runtime/JSGlobalObjectFunctions.cpp:
        * runtime/JSLock.cpp:
        * runtime/JSNumberCell.h:
        * runtime/JSObject.h:
        * runtime/JSString.h:
        * runtime/Lookup.h:
        * runtime/PropertyNameArray.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * API/APICast.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * API/APICast.h:
        * runtime/ExecState.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved VM/SamplingTool.* => bytecode/SamplingTool.*.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/SamplingTool.cpp: Removed.
        * VM/SamplingTool.h: Removed.
        * bytecode/SamplingTool.cpp: Copied from VM/SamplingTool.cpp.
        * bytecode/SamplingTool.h: Copied from VM/SamplingTool.h.
        * jsc.cpp:
        (runWithScripts):

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * runtime/ExecState.h:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved VM/ExceptionHelpers.cpp => runtime/ExceptionHelpers.cpp.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/ExceptionHelpers.cpp: Removed.
        * runtime/ExceptionHelpers.cpp: Copied from VM/ExceptionHelpers.cpp.

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved VM/RegisterFile.cpp => interpreter/RegisterFile.cpp.

        * AllInOneFile.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/RegisterFile.cpp: Removed.
        * interpreter/RegisterFile.cpp: Copied from VM/RegisterFile.cpp.

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved:
            VM/ExceptionHelpers.h => runtime/ExceptionHelpers.h
            VM/Register.h => interpreter/Register.h
            VM/RegisterFile.h => interpreter/RegisterFile.h
        
        
        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/ExceptionHelpers.h: Removed.
        * VM/Register.h: Removed.
        * VM/RegisterFile.h: Removed.
        * interpreter/Register.h: Copied from VM/Register.h.
        * interpreter/RegisterFile.h: Copied from VM/RegisterFile.h.
        * runtime/ExceptionHelpers.h: Copied from VM/ExceptionHelpers.h.

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Qt build.

        * JavaScriptCore.pri:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved VM/Machine.cpp => interpreter/Interpreter.cpp.

        * DerivedSources.make:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/Machine.cpp: Removed.
        * interpreter/Interpreter.cpp: Copied from VM/Machine.cpp.

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved VM/Machine.h => interpreter/Interpreter.h

        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/ExceptionHelpers.cpp:
        * VM/Machine.cpp:
        * VM/Machine.h: Removed.
        * VM/SamplingTool.cpp:
        * bytecode/CodeBlock.cpp:
        * bytecompiler/BytecodeGenerator.cpp:
        * bytecompiler/BytecodeGenerator.h:
        * debugger/DebuggerCallFrame.cpp:
        * interpreter: Added.
        * interpreter/Interpreter.h: Copied from VM/Machine.h.
        * profiler/ProfileGenerator.cpp:
        * runtime/Arguments.h:
        * runtime/ArrayPrototype.cpp:
        * runtime/Collector.cpp:
        * runtime/Completion.cpp:
        * runtime/ExecState.h:
        * runtime/FunctionPrototype.cpp:
        * runtime/JSActivation.cpp:
        * runtime/JSFunction.cpp:
        * runtime/JSGlobalData.cpp:
        * runtime/JSGlobalObject.cpp:
        * runtime/JSGlobalObjectFunctions.cpp:
        * wrec/WREC.cpp:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved runtime/Interpreter.cpp => runtime/Completion.cpp.

        Moved functions from Interpreter.h to Completion.h, and removed
        Interpreter.h from the project.

        * API/JSBase.cpp:
        * AllInOneFile.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * jsc.cpp:
        * runtime/Completion.cpp: Copied from runtime/Interpreter.cpp.
        * runtime/Completion.h:
        * runtime/Interpreter.cpp: Removed.
        * runtime/Interpreter.h: Removed.

2008-11-17  Gabor Loki  <loki (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        <https://bugs.webkit.org/show_bug.cgi?id=22312>
        Fix PCRE include path problem on Qt-port

        * JavaScriptCore.pri:
        * pcre/pcre.pri:

2008-11-17  Gabor Loki  <loki (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        <https://bugs.webkit.org/show_bug.cgi?id=22313>
        Add missing CTI source to the build system on Qt-port

        * JavaScriptCore.pri:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix JSGlue build.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Qt build.

        * jsc.pro:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Qt build.

        * JavaScriptCore.pri:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Qt build.

        * JavaScriptCore.pri:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        More file moves:
        
        VM/CodeBlock.* => bytecode/CodeBlock.*
        VM/EvalCodeCache.h => bytecode/EvalCodeCache.h
        VM/Instruction.h => bytecode/Instruction.h
        VM/Opcode.* => bytecode/Opcode.*

        * GNUmakefile.am:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/CodeBlock.cpp: Removed.
        * VM/CodeBlock.h: Removed.
        * VM/EvalCodeCache.h: Removed.
        * VM/Instruction.h: Removed.
        * VM/Opcode.cpp: Removed.
        * VM/Opcode.h: Removed.
        * bytecode: Added.
        * bytecode/CodeBlock.cpp: Copied from VM/CodeBlock.cpp.
        * bytecode/CodeBlock.h: Copied from VM/CodeBlock.h.
        * bytecode/EvalCodeCache.h: Copied from VM/EvalCodeCache.h.
        * bytecode/Instruction.h: Copied from VM/Instruction.h.
        * bytecode/Opcode.cpp: Copied from VM/Opcode.cpp.
        * bytecode/Opcode.h: Copied from VM/Opcode.h.
        * jsc.pro:
        * jscore.bkl:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix a few more builds.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCoreSources.bkl:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix gtk build.

        * GNUmakefile.am:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Some file moves:
        
        VM/LabelID.h => bytecompiler/Label.h
        VM/RegisterID.h => bytecompiler/RegisterID.h
        VM/SegmentedVector.h => bytecompiler/SegmentedVector.h
        bytecompiler/CodeGenerator.* => bytecompiler/BytecodeGenerator.*

        * AllInOneFile.cpp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/LabelID.h: Removed.
        * VM/RegisterID.h: Removed.
        * VM/SegmentedVector.h: Removed.
        * bytecompiler/BytecodeGenerator.cpp: Copied from bytecompiler/CodeGenerator.cpp.
        * bytecompiler/BytecodeGenerator.h: Copied from bytecompiler/CodeGenerator.h.
        * bytecompiler/CodeGenerator.cpp: Removed.
        * bytecompiler/CodeGenerator.h: Removed.
        * bytecompiler/Label.h: Copied from VM/LabelID.h.
        * bytecompiler/LabelScope.h:
        * bytecompiler/RegisterID.h: Copied from VM/RegisterID.h.
        * bytecompiler/SegmentedVector.h: Copied from VM/SegmentedVector.h.
        * jsc.cpp:
        * parser/Nodes.cpp:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-17  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved masm => assembler and split "AssemblerBuffer.h" out of "X86Assembler.h".
        
        Also renamed ENABLE_MASM to ENABLE_ASSEMBLER.

        * GNUmakefile.am:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler: Added.
        * assembler/AssemblerBuffer.h: Copied from masm/X86Assembler.h.
        (JSC::AssemblerBuffer::AssemblerBuffer):
        (JSC::AssemblerBuffer::~AssemblerBuffer):
        (JSC::AssemblerBuffer::ensureSpace):
        (JSC::AssemblerBuffer::isAligned):
        (JSC::AssemblerBuffer::putByteUnchecked):
        (JSC::AssemblerBuffer::putByte):
        (JSC::AssemblerBuffer::putShortUnchecked):
        (JSC::AssemblerBuffer::putShort):
        (JSC::AssemblerBuffer::putIntUnchecked):
        (JSC::AssemblerBuffer::putInt):
        (JSC::AssemblerBuffer::data):
        (JSC::AssemblerBuffer::size):
        (JSC::AssemblerBuffer::reset):
        (JSC::AssemblerBuffer::executableCopy):
        (JSC::AssemblerBuffer::grow):
        * assembler/X86Assembler.h: Copied from masm/X86Assembler.h.
        * masm: Removed.
        * masm/X86Assembler.h: Removed.
        * wtf/Platform.h:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix gtk build.

        * GNUmakefile.am:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Fixed tyop.

        * VM/CTI.cpp:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix windows build.

        * VM/CTI.cpp:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix gtk build.

        * GNUmakefile.am:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Renamed ENABLE_CTI and ENABLE(CTI) to ENABLE_JIT and ENABLE(JIT).

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * VM/CodeBlock.h:
        (JSC::CodeBlock::CodeBlock):
        * VM/Machine.cpp:
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::initialize):
        (JSC::Interpreter::~Interpreter):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * VM/Machine.h:
        * bytecompiler/CodeGenerator.cpp:
        (JSC::prepareJumpTableForStringSwitch):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * runtime/JSGlobalData.h:
        * wrec/WREC.h:
        * wtf/Platform.h:
        * wtf/TCSystemAlloc.cpp:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix gtk build.

        * VM/CTI.cpp:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by a few people on squirrelfish-dev.
        
        Renamed CTI => JIT.

        * VM/CTI.cpp:
        (JSC::JIT::killLastResultRegister):
        (JSC::JIT::emitGetVirtualRegister):
        (JSC::JIT::emitGetVirtualRegisters):
        (JSC::JIT::emitPutCTIArgFromVirtualRegister):
        (JSC::JIT::emitPutCTIArg):
        (JSC::JIT::emitGetCTIArg):
        (JSC::JIT::emitPutCTIArgConstant):
        (JSC::JIT::getConstantImmediateNumericArg):
        (JSC::JIT::emitPutCTIParam):
        (JSC::JIT::emitGetCTIParam):
        (JSC::JIT::emitPutToCallFrameHeader):
        (JSC::JIT::emitGetFromCallFrameHeader):
        (JSC::JIT::emitPutVirtualRegister):
        (JSC::JIT::emitInitRegister):
        (JSC::JIT::printBytecodeOperandTypes):
        (JSC::JIT::emitAllocateNumber):
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::emitNakedFastCall):
        (JSC::JIT::emitCTICall):
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::linkSlowCaseIfNotJSCell):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
        (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
        (JSC::JIT::getDeTaggedConstantImmediate):
        (JSC::JIT::emitFastArithDeTagImmediate):
        (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::JIT::emitFastArithReTagImmediate):
        (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
        (JSC::JIT::emitFastArithImmToInt):
        (JSC::JIT::emitFastArithIntToImmOrSlowCase):
        (JSC::JIT::emitFastArithIntToImmNoCheck):
        (JSC::JIT::emitArithIntToImmWithJump):
        (JSC::JIT::emitTagAsBoolImmediate):
        (JSC::JIT::JIT):
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallEvalSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlowScriptCheck):
        (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::JIT::compileBinaryArithOp):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileLinkPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileGetByIdSelf):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::privateCompilePutByIdReplace):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::freeCTIMachineTrampolines):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::emitGetVariableObjectRegister):
        (JSC::JIT::emitPutVariableObjectRegister):
        * VM/CTI.h:
        (JSC::JIT::compile):
        (JSC::JIT::compileGetByIdSelf):
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdReplace):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::unlinkCallers):
        * VM/Machine.cpp:
        (JSC::Interpreter::initialize):
        (JSC::Interpreter::~Interpreter):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_call_JSFunction):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        (JSC::Interpreter::cti_vm_lazyLinkCall):
        * VM/Machine.h:
        * VM/RegisterFile.h:
        * parser/Nodes.h:
        * runtime/JSArray.h:
        * runtime/JSCell.h:
        * runtime/JSFunction.h:
        * runtime/JSImmediate.h:
        * runtime/JSNumberCell.h:
        * runtime/JSObject.h:
        * runtime/JSString.h:
        * runtime/JSVariableObject.h:
        * runtime/ScopeChain.h:
        * runtime/Structure.h:
        * runtime/TypeInfo.h:
        * runtime/UString.h:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix wx build.

        * jscore.bkl:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Nixed X86:: and X86Assembler:: prefixes in a lot of places using typedefs.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetVirtualRegister):
        (JSC::CTI::emitGetVirtualRegisters):
        (JSC::CTI::emitPutCTIArgFromVirtualRegister):
        (JSC::CTI::emitPutCTIArg):
        (JSC::CTI::emitGetCTIArg):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutVirtualRegister):
        (JSC::CTI::emitNakedCall):
        (JSC::CTI::emitNakedFastCall):
        (JSC::CTI::emitCTICall):
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNum):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNums):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::emitArithIntToImmWithJump):
        (JSC::CTI::emitTagAsBoolImmediate):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileOpStrictEq):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::emitGetVariableObjectRegister):
        (JSC::CTI::emitPutVariableObjectRegister):
        * VM/CTI.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JmpTable::JmpTable):
        (JSC::SlowCaseEntry::SlowCaseEntry):
        (JSC::CTI::JSRInfo::JSRInfo):
        * wrec/WREC.h:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Qt build.

        * JavaScriptCore.pri:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed OBJECT_OFFSET => FIELD_OFFSET

        Nixed use of OBJECT_OFFSET outside of CTI.cpp by making CTI a friend in
        more places.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCallInitializeCallFrame):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::emitGetVariableObjectRegister):
        (JSC::CTI::emitPutVariableObjectRegister):
        * runtime/JSValue.h:
        * runtime/JSVariableObject.h:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renames:
        
        X86Assembler::copy => X86Assembler::executableCopy
        AssemblerBuffer::copy => AssemblerBuffer::executableCopy

        * VM/CTI.cpp:
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        * masm/X86Assembler.h:
        (JSC::AssemblerBuffer::executableCopy):
        (JSC::X86Assembler::executableCopy):
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed WREC => JSC::WREC, removing JSC:: prefix in a lot of places.
        Renamed WRECFunction => WREC::CompiledRegExp, and deployed this type
        name in place of a few casts.

        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::~RegExp):
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * wrec/CharacterClassConstructor.cpp:
        * wrec/CharacterClassConstructor.h:
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WREC.h:
        (JSC::WREC::Generator::Generator):
        (JSC::WREC::Parser::Parser):
        (JSC::WREC::Parser::parseAlternative):

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed BytecodeInterpreter => Interpreter.

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::freeCTIMachineTrampolines):
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        * VM/Machine.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::resolveBaseAndFunc):
        (JSC::Interpreter::slideRegisterWindowForCall):
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::initialize):
        (JSC::Interpreter::~Interpreter):
        (JSC::Interpreter::dumpCallFrame):
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::isOpcode):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::debug):
        (JSC::Interpreter::resetTimeoutCheck):
        (JSC::Interpreter::checkTimeout):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::uncachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::uncacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::retrieveLastCaller):
        (JSC::Interpreter::findFunctionCallFrame):
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::Interpreter::cti_op_convert_this):
        (JSC::Interpreter::cti_op_end):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_pre_inc):
        (JSC::Interpreter::cti_timeout_check):
        (JSC::Interpreter::cti_register_file_check):
        (JSC::Interpreter::cti_op_loop_if_less):
        (JSC::Interpreter::cti_op_loop_if_lesseq):
        (JSC::Interpreter::cti_op_new_object):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_put_by_id_second):
        (JSC::Interpreter::cti_op_put_by_id_generic):
        (JSC::Interpreter::cti_op_put_by_id_fail):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_second):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id_fail):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_del_by_id):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_new_func):
        (JSC::Interpreter::cti_op_call_JSFunction):
        (JSC::Interpreter::cti_op_call_arityCheck):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        (JSC::Interpreter::cti_vm_lazyLinkCall):
        (JSC::Interpreter::cti_op_push_activation):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_create_arguments):
        (JSC::Interpreter::cti_op_create_arguments_no_params):
        (JSC::Interpreter::cti_op_tear_off_activation):
        (JSC::Interpreter::cti_op_tear_off_arguments):
        (JSC::Interpreter::cti_op_profile_will_call):
        (JSC::Interpreter::cti_op_profile_did_call):
        (JSC::Interpreter::cti_op_ret_scopeChain):
        (JSC::Interpreter::cti_op_new_array):
        (JSC::Interpreter::cti_op_resolve):
        (JSC::Interpreter::cti_op_construct_JSConstruct):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_resolve_func):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_lesseq):
        (JSC::Interpreter::cti_op_loop_if_true):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_resolve_base):
        (JSC::Interpreter::cti_op_resolve_skip):
        (JSC::Interpreter::cti_op_resolve_global):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_pre_dec):
        (JSC::Interpreter::cti_op_jless):
        (JSC::Interpreter::cti_op_not):
        (JSC::Interpreter::cti_op_jtrue):
        (JSC::Interpreter::cti_op_post_inc):
        (JSC::Interpreter::cti_op_eq):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_resolve_with_base):
        (JSC::Interpreter::cti_op_new_func_exp):
        (JSC::Interpreter::cti_op_mod):
        (JSC::Interpreter::cti_op_less):
        (JSC::Interpreter::cti_op_neq):
        (JSC::Interpreter::cti_op_post_dec):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_bitxor):
        (JSC::Interpreter::cti_op_new_regexp):
        (JSC::Interpreter::cti_op_bitor):
        (JSC::Interpreter::cti_op_call_eval):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_get_pnames):
        (JSC::Interpreter::cti_op_next_pname):
        (JSC::Interpreter::cti_op_push_scope):
        (JSC::Interpreter::cti_op_pop_scope):
        (JSC::Interpreter::cti_op_typeof):
        (JSC::Interpreter::cti_op_is_undefined):
        (JSC::Interpreter::cti_op_is_boolean):
        (JSC::Interpreter::cti_op_is_number):
        (JSC::Interpreter::cti_op_is_string):
        (JSC::Interpreter::cti_op_is_object):
        (JSC::Interpreter::cti_op_is_function):
        (JSC::Interpreter::cti_op_stricteq):
        (JSC::Interpreter::cti_op_nstricteq):
        (JSC::Interpreter::cti_op_to_jsnumber):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_op_push_new_scope):
        (JSC::Interpreter::cti_op_jmp_scopes):
        (JSC::Interpreter::cti_op_put_by_index):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        (JSC::Interpreter::cti_op_del_by_val):
        (JSC::Interpreter::cti_op_put_getter):
        (JSC::Interpreter::cti_op_put_setter):
        (JSC::Interpreter::cti_op_new_error):
        (JSC::Interpreter::cti_op_debug):
        (JSC::Interpreter::cti_vm_throw):
        * VM/Machine.h:
        * VM/Register.h:
        * VM/SamplingTool.h:
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate):
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * jsc.cpp:
        (runWithScripts):
        * runtime/ExecState.h:
        (JSC::ExecState::interpreter):
        * runtime/JSCell.h:
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSString.h:
        * wrec/WREC.cpp:
        (WREC::compileRegExp):
        * wrec/WREC.h:

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Roll out r38461 (my last patch) because it broke the world.

2008-11-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        A few more renames:

        BytecodeInterpreter => Interpreter
        WREC => JSC::WREC, removing JSC:: prefix in a lot of places
        X86Assembler::copy => X86Assembler::executableCopy
        AssemblerBuffer::copy => AssemblerBuffer::executableCopy
        WRECFunction => WREC::RegExpFunction
        OBJECT_OFFSET => FIELD_OFFSET
        
        Also:

        Nixed use of OBJECT_OFFSET outside of CTI.cpp by making CTI a friend in more places.
        Nixed X86:: and X86Assembler:: prefixes in a lot of places using typedefs

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::emitGetVirtualRegister):
        (JSC::CTI::emitGetVirtualRegisters):
        (JSC::CTI::emitPutCTIArgFromVirtualRegister):
        (JSC::CTI::emitPutCTIArg):
        (JSC::CTI::emitGetCTIArg):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutVirtualRegister):
        (JSC::CTI::emitNakedCall):
        (JSC::CTI::emitNakedFastCall):
        (JSC::CTI::emitCTICall):
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNum):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNums):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::emitArithIntToImmWithJump):
        (JSC::CTI::emitTagAsBoolImmediate):
        (JSC::CTI::compileOpCallInitializeCallFrame):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileOpStrictEq):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::freeCTIMachineTrampolines):
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::emitGetVariableObjectRegister):
        (JSC::CTI::emitPutVariableObjectRegister):
        * VM/CTI.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JmpTable::JmpTable):
        (JSC::SlowCaseEntry::SlowCaseEntry):
        (JSC::CTI::JSRInfo::JSRInfo):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        * VM/Machine.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::resolveBaseAndFunc):
        (JSC::Interpreter::slideRegisterWindowForCall):
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::initialize):
        (JSC::Interpreter::~Interpreter):
        (JSC::Interpreter::dumpCallFrame):
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::isOpcode):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::debug):
        (JSC::Interpreter::resetTimeoutCheck):
        (JSC::Interpreter::checkTimeout):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::uncachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::uncacheGetByID):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::retrieveLastCaller):
        (JSC::Interpreter::findFunctionCallFrame):
        (JSC::Interpreter::tryCTICachePutByID):
        (JSC::Interpreter::tryCTICacheGetByID):
        (JSC::):
        (JSC::Interpreter::cti_op_convert_this):
        (JSC::Interpreter::cti_op_end):
        (JSC::Interpreter::cti_op_add):
        (JSC::Interpreter::cti_op_pre_inc):
        (JSC::Interpreter::cti_timeout_check):
        (JSC::Interpreter::cti_register_file_check):
        (JSC::Interpreter::cti_op_loop_if_less):
        (JSC::Interpreter::cti_op_loop_if_lesseq):
        (JSC::Interpreter::cti_op_new_object):
        (JSC::Interpreter::cti_op_put_by_id):
        (JSC::Interpreter::cti_op_put_by_id_second):
        (JSC::Interpreter::cti_op_put_by_id_generic):
        (JSC::Interpreter::cti_op_put_by_id_fail):
        (JSC::Interpreter::cti_op_get_by_id):
        (JSC::Interpreter::cti_op_get_by_id_second):
        (JSC::Interpreter::cti_op_get_by_id_generic):
        (JSC::Interpreter::cti_op_get_by_id_fail):
        (JSC::Interpreter::cti_op_instanceof):
        (JSC::Interpreter::cti_op_del_by_id):
        (JSC::Interpreter::cti_op_mul):
        (JSC::Interpreter::cti_op_new_func):
        (JSC::Interpreter::cti_op_call_JSFunction):
        (JSC::Interpreter::cti_op_call_arityCheck):
        (JSC::Interpreter::cti_vm_dontLazyLinkCall):
        (JSC::Interpreter::cti_vm_lazyLinkCall):
        (JSC::Interpreter::cti_op_push_activation):
        (JSC::Interpreter::cti_op_call_NotJSFunction):
        (JSC::Interpreter::cti_op_create_arguments):
        (JSC::Interpreter::cti_op_create_arguments_no_params):
        (JSC::Interpreter::cti_op_tear_off_activation):
        (JSC::Interpreter::cti_op_tear_off_arguments):
        (JSC::Interpreter::cti_op_profile_will_call):
        (JSC::Interpreter::cti_op_profile_did_call):
        (JSC::Interpreter::cti_op_ret_scopeChain):
        (JSC::Interpreter::cti_op_new_array):
        (JSC::Interpreter::cti_op_resolve):
        (JSC::Interpreter::cti_op_construct_JSConstruct):
        (JSC::Interpreter::cti_op_construct_NotJSConstruct):
        (JSC::Interpreter::cti_op_get_by_val):
        (JSC::Interpreter::cti_op_resolve_func):
        (JSC::Interpreter::cti_op_sub):
        (JSC::Interpreter::cti_op_put_by_val):
        (JSC::Interpreter::cti_op_put_by_val_array):
        (JSC::Interpreter::cti_op_lesseq):
        (JSC::Interpreter::cti_op_loop_if_true):
        (JSC::Interpreter::cti_op_negate):
        (JSC::Interpreter::cti_op_resolve_base):
        (JSC::Interpreter::cti_op_resolve_skip):
        (JSC::Interpreter::cti_op_resolve_global):
        (JSC::Interpreter::cti_op_div):
        (JSC::Interpreter::cti_op_pre_dec):
        (JSC::Interpreter::cti_op_jless):
        (JSC::Interpreter::cti_op_not):
        (JSC::Interpreter::cti_op_jtrue):
        (JSC::Interpreter::cti_op_post_inc):
        (JSC::Interpreter::cti_op_eq):
        (JSC::Interpreter::cti_op_lshift):
        (JSC::Interpreter::cti_op_bitand):
        (JSC::Interpreter::cti_op_rshift):
        (JSC::Interpreter::cti_op_bitnot):
        (JSC::Interpreter::cti_op_resolve_with_base):
        (JSC::Interpreter::cti_op_new_func_exp):
        (JSC::Interpreter::cti_op_mod):
        (JSC::Interpreter::cti_op_less):
        (JSC::Interpreter::cti_op_neq):
        (JSC::Interpreter::cti_op_post_dec):
        (JSC::Interpreter::cti_op_urshift):
        (JSC::Interpreter::cti_op_bitxor):
        (JSC::Interpreter::cti_op_new_regexp):
        (JSC::Interpreter::cti_op_bitor):
        (JSC::Interpreter::cti_op_call_eval):
        (JSC::Interpreter::cti_op_throw):
        (JSC::Interpreter::cti_op_get_pnames):
        (JSC::Interpreter::cti_op_next_pname):
        (JSC::Interpreter::cti_op_push_scope):
        (JSC::Interpreter::cti_op_pop_scope):
        (JSC::Interpreter::cti_op_typeof):
        (JSC::Interpreter::cti_op_is_undefined):
        (JSC::Interpreter::cti_op_is_boolean):
        (JSC::Interpreter::cti_op_is_number):
        (JSC::Interpreter::cti_op_is_string):
        (JSC::Interpreter::cti_op_is_object):
        (JSC::Interpreter::cti_op_is_function):
        (JSC::Interpreter::cti_op_stricteq):
        (JSC::Interpreter::cti_op_nstricteq):
        (JSC::Interpreter::cti_op_to_jsnumber):
        (JSC::Interpreter::cti_op_in):
        (JSC::Interpreter::cti_op_push_new_scope):
        (JSC::Interpreter::cti_op_jmp_scopes):
        (JSC::Interpreter::cti_op_put_by_index):
        (JSC::Interpreter::cti_op_switch_imm):
        (JSC::Interpreter::cti_op_switch_char):
        (JSC::Interpreter::cti_op_switch_string):
        (JSC::Interpreter::cti_op_del_by_val):
        (JSC::Interpreter::cti_op_put_getter):
        (JSC::Interpreter::cti_op_put_setter):
        (JSC::Interpreter::cti_op_new_error):
        (JSC::Interpreter::cti_op_debug):
        (JSC::Interpreter::cti_vm_throw):
        * VM/Machine.h:
        * VM/Register.h:
        * VM/SamplingTool.cpp:
        (JSC::SamplingTool::dump):
        * VM/SamplingTool.h:
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::BytecodeGenerator::generate):
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * jsc.cpp:
        (runWithScripts):
        * masm/X86Assembler.h:
        (JSC::AssemblerBuffer::executableCopy):
        (JSC::X86Assembler::executableCopy):
        * runtime/ExecState.h:
        (JSC::ExecState::interpreter):
        * runtime/JSCell.h:
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSImmediate.h:
        * runtime/JSString.h:
        * runtime/JSValue.h:
        * runtime/JSVariableObject.h:
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::~RegExp):
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * wrec/CharacterClassConstructor.cpp:
        * wrec/CharacterClassConstructor.h:
        * wrec/WREC.cpp:
        (JSC::WREC::compileRegExp):
        * wrec/WREC.h:
        (JSC::WREC::Generator::Generator):
        (JSC::WREC::Parser::):
        (JSC::WREC::Parser::Parser):
        (JSC::WREC::Parser::parseAlternative):

2008-11-16  Greg Bolsinga  <bolsinga (a] apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21810
        Remove use of static C++ objects that are destroyed at exit time (destructors)

        Conditionally have the DEFINE_STATIC_LOCAL workaround <rdar://problem/6354696> 
        (Codegen issue with C++ static reference in gcc build 5465) based upon the compiler 
        build versions. It will use the:
        static T& = *new T;
        style for all other compilers.

        * wtf/StdLibExtras.h:

2008-11-16  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Dan Bernstein.

        https://bugs.webkit.org/show_bug.cgi?id=22290
        Remove cross-heap GC and MessagePort multi-threading support

        It is broken (and may not be implementable at all), and no longer needed, as we
        don't use MessagePorts for communication with workers any more.

        * JavaScriptCore.exp:
        * runtime/Collector.cpp:
        (JSC::Heap::collect):
        * runtime/JSGlobalObject.cpp:
        * runtime/JSGlobalObject.h:
        Remove hooks for cross-heap GC.

2008-11-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Cleanup jsc command line code a little.

        * jsc.cpp:
        (functionQuit):
        (main): Use standard exit status macros
        (cleanupGlobalData): Factor out cleanup code into this function.
        (printUsageStatement): Use standard exit status macros.

2008-11-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Cleanup BytecodeGenerator constructors.

        * bytecompiler/CodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * bytecompiler/CodeGenerator.h:
        * parser/Nodes.cpp:
        (JSC::ProgramNode::generateBytecode):

2008-11-15  Darin Adler  <darin (a] apple.com>

        Rubber stamped by Geoff Garen.

        - do the long-planned StructureID -> Structure rename

        * API/JSCallbackConstructor.cpp:
        (JSC::JSCallbackConstructor::JSCallbackConstructor):
        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::JSCallbackObject):
        * API/JSValueRef.cpp:
        (JSValueIsInstanceOfConstructor):
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.pri:
        * JavaScriptCore.scons:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/CTI.cpp:
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::transitionWillNeedStorageRealloc):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        * VM/CTI.h:
        (JSC::CTI::compileGetByIdSelf):
        (JSC::CTI::compileGetByIdProto):
        (JSC::CTI::compileGetByIdChain):
        (JSC::CTI::compilePutByIdReplace):
        (JSC::CTI::compilePutByIdTransition):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructure):
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        * VM/CodeBlock.h:
        * VM/Instruction.h:
        (JSC::Instruction::Instruction):
        (JSC::Instruction::):
        * VM/Machine.cpp:
        (JSC::jsTypeStringForValue):
        (JSC::jsIsObjectType):
        (JSC::BytecodeInterpreter::resolveGlobal):
        (JSC::BytecodeInterpreter::BytecodeInterpreter):
        (JSC::cachePrototypeChain):
        (JSC::BytecodeInterpreter::tryCachePutByID):
        (JSC::BytecodeInterpreter::uncachePutByID):
        (JSC::BytecodeInterpreter::tryCacheGetByID):
        (JSC::BytecodeInterpreter::uncacheGetByID):
        (JSC::BytecodeInterpreter::privateExecute):
        (JSC::BytecodeInterpreter::tryCTICachePutByID):
        (JSC::BytecodeInterpreter::tryCTICacheGetByID):
        (JSC::BytecodeInterpreter::cti_op_instanceof):
        (JSC::BytecodeInterpreter::cti_op_construct_JSConstruct):
        (JSC::BytecodeInterpreter::cti_op_resolve_global):
        (JSC::BytecodeInterpreter::cti_op_is_undefined):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * runtime/ArrayConstructor.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::ArrayPrototype):
        * runtime/ArrayPrototype.h:
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * runtime/BooleanConstructor.h:
        * runtime/BooleanObject.cpp:
        (JSC::BooleanObject::BooleanObject):
        * runtime/BooleanObject.h:
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/BooleanPrototype.h:
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateConstructor.h:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h:
        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::DatePrototype):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorConstructor.h:
        * runtime/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * runtime/ErrorInstance.h:
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/ErrorPrototype.h:
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionConstructor.h:
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        (JSC::FunctionPrototype::addFunctionProperties):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        * runtime/GlobalEvalFunction.h:
        * runtime/Identifier.h:
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSArray.h:
        (JSC::JSArray::createStructure):
        * runtime/JSCell.h:
        (JSC::JSCell::JSCell):
        (JSC::JSCell::isObject):
        (JSC::JSCell::isString):
        (JSC::JSCell::structure):
        (JSC::JSValue::needsThisConversion):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::createStructure):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::createLeaked):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::reset):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObject):
        (JSC::JSGlobalObject::argumentsStructure):
        (JSC::JSGlobalObject::arrayStructure):
        (JSC::JSGlobalObject::booleanObjectStructure):
        (JSC::JSGlobalObject::callbackConstructorStructure):
        (JSC::JSGlobalObject::callbackFunctionStructure):
        (JSC::JSGlobalObject::callbackObjectStructure):
        (JSC::JSGlobalObject::dateStructure):
        (JSC::JSGlobalObject::emptyObjectStructure):
        (JSC::JSGlobalObject::errorStructure):
        (JSC::JSGlobalObject::functionStructure):
        (JSC::JSGlobalObject::numberObjectStructure):
        (JSC::JSGlobalObject::prototypeFunctionStructure):
        (JSC::JSGlobalObject::regExpMatchesArrayStructure):
        (JSC::JSGlobalObject::regExpStructure):
        (JSC::JSGlobalObject::stringObjectStructure):
        (JSC::JSGlobalObject::createStructure):
        (JSC::Structure::prototypeForLookup):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        (JSC::JSNumberCell::JSNumberCell):
        * runtime/JSObject.cpp:
        (JSC::JSObject::mark):
        (JSC::JSObject::put):
        (JSC::JSObject::deleteProperty):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::getPropertyAttributes):
        (JSC::JSObject::getPropertyNames):
        (JSC::JSObject::removeDirect):
        (JSC::JSObject::createInheritorID):
        * runtime/JSObject.h:
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::hasCustomProperties):
        (JSC::JSObject::hasGetterSetterProperties):
        (JSC::JSObject::createStructure):
        (JSC::JSObject::JSObject):
        (JSC::JSObject::~JSObject):
        (JSC::JSObject::prototype):
        (JSC::JSObject::setPrototype):
        (JSC::JSObject::setStructure):
        (JSC::JSObject::inheritorID):
        (JSC::JSObject::inlineGetOwnPropertySlot):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSCell::fastGetOwnPropertySlot):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::transitionTo):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::next):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::JSStaticScopeObject):
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSString.h:
        (JSC::JSString::JSString):
        (JSC::JSString::createStructure):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::JSVariableObject):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::JSWrapperObject):
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorConstructor.h:
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NativeErrorPrototype.h:
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.cpp:
        (JSC::NumberObject::NumberObject):
        * runtime/NumberObject.h:
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/NumberPrototype.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * runtime/ObjectConstructor.h:
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * runtime/Operations.h:
        (JSC::equalSlowCaseInline):
        * runtime/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::setCachedStructure):
        (JSC::PropertyNameArrayData::cachedStructure):
        (JSC::PropertyNameArrayData::setCachedPrototypeChain):
        (JSC::PropertyNameArrayData::cachedPrototypeChain):
        (JSC::PropertyNameArrayData::PropertyNameArrayData):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PrototypeFunction.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::RegExpObject):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * runtime/RegExpPrototype.h:
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringConstructor.h:
        * runtime/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::create):
        (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/StringPrototype.h:
        * runtime/Structure.cpp: Copied from JavaScriptCore/runtime/StructureID.cpp.
        (JSC::Structure::dumpStatistics):
        (JSC::Structure::Structure):
        (JSC::Structure::~Structure):
        (JSC::Structure::startIgnoringLeaks):
        (JSC::Structure::stopIgnoringLeaks):
        (JSC::Structure::materializePropertyMap):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::clearEnumerationCache):
        (JSC::Structure::growPropertyStorageCapacity):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::removePropertyTransition):
        (JSC::Structure::changePrototypeTransition):
        (JSC::Structure::getterSetterTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::fromDictionaryTransition):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        (JSC::Structure::createCachedPrototypeChain):
        (JSC::Structure::checkConsistency):
        (JSC::Structure::copyPropertyTable):
        (JSC::Structure::get):
        (JSC::Structure::put):
        (JSC::Structure::remove):
        (JSC::Structure::insertIntoPropertyMapHashTable):
        (JSC::Structure::createPropertyMapHashTable):
        (JSC::Structure::expandPropertyMapHashTable):
        (JSC::Structure::rehashPropertyMapHashTable):
        (JSC::Structure::getEnumerablePropertyNamesInternal):
        * runtime/Structure.h: Copied from JavaScriptCore/runtime/StructureID.h.
        (JSC::Structure::create):
        (JSC::Structure::previousID):
        (JSC::Structure::setCachedPrototypeChain):
        (JSC::Structure::cachedPrototypeChain):
        (JSC::Structure::):
        (JSC::Structure::get):
        * runtime/StructureChain.cpp: Copied from JavaScriptCore/runtime/StructureIDChain.cpp.
        (JSC::StructureChain::StructureChain):
        (JSC::structureChainsAreEqual):
        * runtime/StructureChain.h: Copied from JavaScriptCore/runtime/StructureIDChain.h.
        (JSC::StructureChain::create):
        (JSC::StructureChain::head):
        * runtime/StructureID.cpp: Removed.
        * runtime/StructureID.h: Removed.
        * runtime/StructureIDChain.cpp: Removed.
        * runtime/StructureIDChain.h: Removed.
        * runtime/StructureIDTransitionTable.h: Removed.
        * runtime/StructureTransitionTable.h: Copied from JavaScriptCore/runtime/StructureIDTransitionTable.h.

2008-11-15  Darin Adler  <darin (a] apple.com>

        - fix non-WREC build

        * runtime/RegExp.cpp: Put "using namespace WREC" inside #if ENABLE(WREC).

2008-11-15  Kevin Ollivier  <kevino (a] theolliviers.com>

        Reviewed by Timothy Hatcher.
        
        As ThreadingNone doesn't implement threads, isMainThread should return true,
        not false.
        
        https://bugs.webkit.org/show_bug.cgi?id=22285

        * wtf/ThreadingNone.cpp:
        (WTF::isMainThread):

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Moved all WREC-related code into WREC.cpp and put it in a WREC namespace.
        Removed the WREC prefix from class names.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/Machine.h:
        (JSC::BytecodeInterpreter::assemblerBuffer):
        * masm/X86Assembler.h:
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        * wrec/CharacterClassConstructor.cpp:
        * wrec/CharacterClassConstructor.h:
        * wrec/WREC.cpp:
        (WREC::GenerateParenthesesNonGreedyFunctor::GenerateParenthesesNonGreedyFunctor):
        (WREC::GeneratePatternCharacterFunctor::generateAtom):
        (WREC::GeneratePatternCharacterFunctor::backtrack):
        (WREC::GenerateCharacterClassFunctor::generateAtom):
        (WREC::GenerateCharacterClassFunctor::backtrack):
        (WREC::GenerateBackreferenceFunctor::generateAtom):
        (WREC::GenerateBackreferenceFunctor::backtrack):
        (WREC::GenerateParenthesesNonGreedyFunctor::generateAtom):
        (WREC::GenerateParenthesesNonGreedyFunctor::backtrack):
        (WREC::Generator::generateBacktrack1):
        (WREC::Generator::generateBacktrackBackreference):
        (WREC::Generator::generateBackreferenceQuantifier):
        (WREC::Generator::generateNonGreedyQuantifier):
        (WREC::Generator::generateGreedyQuantifier):
        (WREC::Generator::generatePatternCharacter):
        (WREC::Generator::generateCharacterClassInvertedRange):
        (WREC::Generator::generateCharacterClassInverted):
        (WREC::Generator::generateCharacterClass):
        (WREC::Generator::generateParentheses):
        (WREC::Generator::generateParenthesesNonGreedy):
        (WREC::Generator::generateParenthesesResetTrampoline):
        (WREC::Generator::generateAssertionBOL):
        (WREC::Generator::generateAssertionEOL):
        (WREC::Generator::generateAssertionWordBoundary):
        (WREC::Generator::generateBackreference):
        (WREC::Generator::generateDisjunction):
        (WREC::Generator::terminateDisjunction):
        (WREC::Parser::parseGreedyQuantifier):
        (WREC::Parser::parseQuantifier):
        (WREC::Parser::parsePatternCharacterQualifier):
        (WREC::Parser::parseCharacterClassQuantifier):
        (WREC::Parser::parseBackreferenceQuantifier):
        (WREC::Parser::parseParentheses):
        (WREC::Parser::parseCharacterClass):
        (WREC::Parser::parseOctalEscape):
        (WREC::Parser::parseEscape):
        (WREC::Parser::parseTerm):
        (WREC::Parser::parseDisjunction):
        (WREC::compileRegExp):
        * wrec/WREC.h:
        (WREC::Generator::Generator):
        (WREC::Parser::Parser):
        (WREC::Parser::parseAlternative):

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Changed another case of "m_jit" to "m_assembler".

        * VM/CTI.cpp:
        * wrec/WREC.cpp:
        * wrec/WREC.h:
        (JSC::WRECGenerator::WRECGenerator):
        (JSC::WRECParser::WRECParser):

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed "jit" to "assembler" and, for brevity, replaced *jit.* with __
        using a macro.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetVirtualRegister):
        (JSC::CTI::emitPutCTIArgFromVirtualRegister):
        (JSC::CTI::emitPutCTIArg):
        (JSC::CTI::emitGetCTIArg):
        (JSC::CTI::emitPutCTIArgConstant):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutVirtualRegister):
        (JSC::CTI::emitInitRegister):
        (JSC::CTI::emitAllocateNumber):
        (JSC::CTI::emitNakedCall):
        (JSC::CTI::emitNakedFastCall):
        (JSC::CTI::emitCTICall):
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::linkSlowCaseIfNotJSCell):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNum):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNums):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::emitArithIntToImmWithJump):
        (JSC::CTI::emitTagAsBoolImmediate):
        (JSC::CTI::CTI):
        (JSC::CTI::compileOpCallInitializeCallFrame):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileOpStrictEq):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileLinkPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::emitGetVariableObjectRegister):
        (JSC::CTI::emitPutVariableObjectRegister):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generateBacktrack1):
        (JSC::WRECGenerator::generateBacktrackBackreference):
        (JSC::WRECGenerator::generateBackreferenceQuantifier):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInvertedRange):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECGenerator::generateCharacterClass):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::generateParenthesesNonGreedy):
        (JSC::WRECGenerator::generateParenthesesResetTrampoline):
        (JSC::WRECGenerator::generateAssertionBOL):
        (JSC::WRECGenerator::generateAssertionEOL):
        (JSC::WRECGenerator::generateAssertionWordBoundary):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::generateDisjunction):
        (JSC::WRECGenerator::terminateDisjunction):

2008-11-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Remove dead method declaration.

        * bytecompiler/CodeGenerator.h:

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed LabelID to Label, Label::isForwardLabel to Label::isForward.

        * VM/LabelID.h:
        (JSC::Label::Label):
        (JSC::Label::isForward):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::BytecodeGenerator::newLabel):
        (JSC::BytecodeGenerator::emitLabel):
        (JSC::BytecodeGenerator::emitJump):
        (JSC::BytecodeGenerator::emitJumpIfTrue):
        (JSC::BytecodeGenerator::emitJumpIfFalse):
        (JSC::BytecodeGenerator::pushFinallyContext):
        (JSC::BytecodeGenerator::emitComplexJumpScopes):
        (JSC::BytecodeGenerator::emitJumpScopes):
        (JSC::BytecodeGenerator::emitNextPropertyName):
        (JSC::BytecodeGenerator::emitCatch):
        (JSC::BytecodeGenerator::emitJumpSubroutine):
        (JSC::prepareJumpTableForImmediateSwitch):
        (JSC::prepareJumpTableForCharacterSwitch):
        (JSC::prepareJumpTableForStringSwitch):
        (JSC::BytecodeGenerator::endSwitch):
        * bytecompiler/CodeGenerator.h:
        * bytecompiler/LabelScope.h:
        (JSC::LabelScope::LabelScope):
        (JSC::LabelScope::breakTarget):
        (JSC::LabelScope::continueTarget):
        * parser/Nodes.cpp:
        (JSC::LogicalOpNode::emitBytecode):
        (JSC::ConditionalNode::emitBytecode):
        (JSC::IfNode::emitBytecode):
        (JSC::IfElseNode::emitBytecode):
        (JSC::DoWhileNode::emitBytecode):
        (JSC::WhileNode::emitBytecode):
        (JSC::ForNode::emitBytecode):
        (JSC::ForInNode::emitBytecode):
        (JSC::ReturnNode::emitBytecode):
        (JSC::CaseBlockNode::emitBytecodeForBlock):
        (JSC::TryNode::emitBytecode):

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed JITCodeBuffer to AssemblerBuffer and renamed its data members
        to be more like the rest of our buffer classes, with a size and a
        capacity.
        
        Added an assert in the unchecked put case to match the test in the checked
        put case.
        
        Changed a C-style cast to a C++-style cast.
        
        Renamed MAX_INSTRUCTION_SIZE to maxInstructionSize.

        * VM/CTI.cpp:
        (JSC::CTI::CTI):
        (JSC::CTI::compileRegExp):
        * VM/Machine.cpp:
        (JSC::BytecodeInterpreter::BytecodeInterpreter):
        * VM/Machine.h:
        (JSC::BytecodeInterpreter::assemblerBuffer):
        * masm/X86Assembler.h:
        (JSC::AssemblerBuffer::AssemblerBuffer):
        (JSC::AssemblerBuffer::~AssemblerBuffer):
        (JSC::AssemblerBuffer::ensureSpace):
        (JSC::AssemblerBuffer::isAligned):
        (JSC::AssemblerBuffer::putByteUnchecked):
        (JSC::AssemblerBuffer::putByte):
        (JSC::AssemblerBuffer::putShortUnchecked):
        (JSC::AssemblerBuffer::putShort):
        (JSC::AssemblerBuffer::putIntUnchecked):
        (JSC::AssemblerBuffer::putInt):
        (JSC::AssemblerBuffer::data):
        (JSC::AssemblerBuffer::size):
        (JSC::AssemblerBuffer::reset):
        (JSC::AssemblerBuffer::copy):
        (JSC::AssemblerBuffer::grow):
        (JSC::X86Assembler::):
        (JSC::X86Assembler::X86Assembler):
        (JSC::X86Assembler::testl_i32r):
        (JSC::X86Assembler::movl_mr):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::movl_i32m):
        (JSC::X86Assembler::emitCall):
        (JSC::X86Assembler::label):
        (JSC::X86Assembler::emitUnlinkedJmp):
        (JSC::X86Assembler::emitUnlinkedJne):
        (JSC::X86Assembler::emitUnlinkedJe):
        (JSC::X86Assembler::emitUnlinkedJl):
        (JSC::X86Assembler::emitUnlinkedJb):
        (JSC::X86Assembler::emitUnlinkedJle):
        (JSC::X86Assembler::emitUnlinkedJbe):
        (JSC::X86Assembler::emitUnlinkedJge):
        (JSC::X86Assembler::emitUnlinkedJg):
        (JSC::X86Assembler::emitUnlinkedJa):
        (JSC::X86Assembler::emitUnlinkedJae):
        (JSC::X86Assembler::emitUnlinkedJo):
        (JSC::X86Assembler::emitUnlinkedJp):
        (JSC::X86Assembler::emitUnlinkedJs):
        (JSC::X86Assembler::link):
        (JSC::X86Assembler::emitModRm_rr):
        (JSC::X86Assembler::emitModRm_rm):
        (JSC::X86Assembler::emitModRm_opr):

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Suggested by Maciej Stachowiak.
        
        Reverted most "opcode" => "bytecode" renames. We use "bytecode" as a
        mass noun to refer to a stream of instructions. Each instruction may be
        an opcode or an operand.

        * VM/CTI.cpp:
        (JSC::CTI::emitCTICall):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructureIDs):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructureIDs):
        (JSC::CodeBlock::refStructureIDs):
        * VM/CodeBlock.h:
        * VM/ExceptionHelpers.cpp:
        (JSC::createNotAnObjectError):
        * VM/Instruction.h:
        (JSC::Instruction::Instruction):
        (JSC::Instruction::):
        * VM/Machine.cpp:
        (JSC::BytecodeInterpreter::isOpcode):
        (JSC::BytecodeInterpreter::throwException):
        (JSC::BytecodeInterpreter::tryCachePutByID):
        (JSC::BytecodeInterpreter::uncachePutByID):
        (JSC::BytecodeInterpreter::tryCacheGetByID):
        (JSC::BytecodeInterpreter::uncacheGetByID):
        (JSC::BytecodeInterpreter::privateExecute):
        (JSC::BytecodeInterpreter::tryCTICachePutByID):
        (JSC::BytecodeInterpreter::tryCTICacheGetByID):
        * VM/Machine.h:
        (JSC::BytecodeInterpreter::getOpcode):
        (JSC::BytecodeInterpreter::getOpcodeID):
        (JSC::BytecodeInterpreter::isCallBytecode):
        * VM/Opcode.cpp:
        (JSC::):
        (JSC::OpcodeStats::OpcodeStats):
        (JSC::compareOpcodeIndices):
        (JSC::compareOpcodePairIndices):
        (JSC::OpcodeStats::~OpcodeStats):
        (JSC::OpcodeStats::recordInstruction):
        (JSC::OpcodeStats::resetLastInstruction):
        * VM/Opcode.h:
        (JSC::):
        (JSC::padOpcodeName):
        * VM/SamplingTool.cpp:
        (JSC::ScopeSampleRecord::sample):
        (JSC::SamplingTool::run):
        (JSC::compareOpcodeIndicesSampling):
        (JSC::SamplingTool::dump):
        * VM/SamplingTool.h:
        (JSC::ScopeSampleRecord::ScopeSampleRecord):
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitLabel):
        (JSC::BytecodeGenerator::emitOpcode):
        (JSC::BytecodeGenerator::emitJump):
        (JSC::BytecodeGenerator::emitJumpIfTrue):
        (JSC::BytecodeGenerator::emitJumpIfFalse):
        (JSC::BytecodeGenerator::emitMove):
        (JSC::BytecodeGenerator::emitUnaryOp):
        (JSC::BytecodeGenerator::emitPreInc):
        (JSC::BytecodeGenerator::emitPreDec):
        (JSC::BytecodeGenerator::emitPostInc):
        (JSC::BytecodeGenerator::emitPostDec):
        (JSC::BytecodeGenerator::emitBinaryOp):
        (JSC::BytecodeGenerator::emitEqualityOp):
        (JSC::BytecodeGenerator::emitUnexpectedLoad):
        (JSC::BytecodeGenerator::emitInstanceOf):
        (JSC::BytecodeGenerator::emitResolve):
        (JSC::BytecodeGenerator::emitGetScopedVar):
        (JSC::BytecodeGenerator::emitPutScopedVar):
        (JSC::BytecodeGenerator::emitResolveBase):
        (JSC::BytecodeGenerator::emitResolveWithBase):
        (JSC::BytecodeGenerator::emitResolveFunction):
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
        (JSC::BytecodeGenerator::emitPutGetter):
        (JSC::BytecodeGenerator::emitPutSetter):
        (JSC::BytecodeGenerator::emitDeleteById):
        (JSC::BytecodeGenerator::emitGetByVal):
        (JSC::BytecodeGenerator::emitPutByVal):
        (JSC::BytecodeGenerator::emitDeleteByVal):
        (JSC::BytecodeGenerator::emitPutByIndex):
        (JSC::BytecodeGenerator::emitNewObject):
        (JSC::BytecodeGenerator::emitNewArray):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewRegExp):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        (JSC::BytecodeGenerator::emitCall):
        (JSC::BytecodeGenerator::emitReturn):
        (JSC::BytecodeGenerator::emitUnaryNoDstOp):
        (JSC::BytecodeGenerator::emitConstruct):
        (JSC::BytecodeGenerator::emitPopScope):
        (JSC::BytecodeGenerator::emitDebugHook):
        (JSC::BytecodeGenerator::emitComplexJumpScopes):
        (JSC::BytecodeGenerator::emitJumpScopes):
        (JSC::BytecodeGenerator::emitNextPropertyName):
        (JSC::BytecodeGenerator::emitCatch):
        (JSC::BytecodeGenerator::emitNewError):
        (JSC::BytecodeGenerator::emitJumpSubroutine):
        (JSC::BytecodeGenerator::emitSubroutineReturn):
        (JSC::BytecodeGenerator::emitPushNewScope):
        (JSC::BytecodeGenerator::beginSwitch):
        * bytecompiler/CodeGenerator.h:
        * jsc.cpp:
        (runWithScripts):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::emitModRm_opr):
        (JSC::X86Assembler::emitModRm_opr_Unchecked):
        (JSC::X86Assembler::emitModRm_opm):
        (JSC::X86Assembler::emitModRm_opm_Unchecked):
        (JSC::X86Assembler::emitModRm_opmsib):
        * parser/Nodes.cpp:
        (JSC::UnaryOpNode::emitBytecode):
        (JSC::BinaryOpNode::emitBytecode):
        (JSC::ReverseBinaryOpNode::emitBytecode):
        (JSC::ThrowableBinaryOpNode::emitBytecode):
        (JSC::emitReadModifyAssignment):
        (JSC::ScopeNode::ScopeNode):
        * parser/Nodes.h:
        (JSC::UnaryPlusNode::):
        (JSC::NegateNode::):
        (JSC::BitwiseNotNode::):
        (JSC::LogicalNotNode::):
        (JSC::MultNode::):
        (JSC::DivNode::):
        (JSC::ModNode::):
        (JSC::AddNode::):
        (JSC::SubNode::):
        (JSC::LeftShiftNode::):
        (JSC::RightShiftNode::):
        (JSC::UnsignedRightShiftNode::):
        (JSC::LessNode::):
        (JSC::GreaterNode::):
        (JSC::LessEqNode::):
        (JSC::GreaterEqNode::):
        (JSC::InstanceOfNode::):
        (JSC::InNode::):
        (JSC::EqualNode::):
        (JSC::NotEqualNode::):
        (JSC::StrictEqualNode::):
        (JSC::NotStrictEqualNode::):
        (JSC::BitAndNode::):
        (JSC::BitOrNode::):
        (JSC::BitXOrNode::):
        * runtime/StructureID.cpp:
        (JSC::StructureID::fromDictionaryTransition):
        * wtf/Platform.h:

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renames:
        
        CodeGenerator => BytecodeGenerator
        emitCodeForBlock => emitBytecodeForBlock
        generatedByteCode => generatedBytecode
        generateCode => generateBytecode

        * JavaScriptCore.exp:
        * bytecompiler/CodeGenerator.cpp:
        (JSC::BytecodeGenerator::setDumpsGeneratedCode):
        (JSC::BytecodeGenerator::generate):
        (JSC::BytecodeGenerator::addVar):
        (JSC::BytecodeGenerator::addGlobalVar):
        (JSC::BytecodeGenerator::allocateConstants):
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::addParameter):
        (JSC::BytecodeGenerator::registerFor):
        (JSC::BytecodeGenerator::constRegisterFor):
        (JSC::BytecodeGenerator::isLocal):
        (JSC::BytecodeGenerator::isLocalConstant):
        (JSC::BytecodeGenerator::newRegister):
        (JSC::BytecodeGenerator::newTemporary):
        (JSC::BytecodeGenerator::highestUsedRegister):
        (JSC::BytecodeGenerator::newLabelScope):
        (JSC::BytecodeGenerator::newLabel):
        (JSC::BytecodeGenerator::emitLabel):
        (JSC::BytecodeGenerator::emitBytecode):
        (JSC::BytecodeGenerator::retrieveLastBinaryOp):
        (JSC::BytecodeGenerator::retrieveLastUnaryOp):
        (JSC::BytecodeGenerator::rewindBinaryOp):
        (JSC::BytecodeGenerator::rewindUnaryOp):
        (JSC::BytecodeGenerator::emitJump):
        (JSC::BytecodeGenerator::emitJumpIfTrue):
        (JSC::BytecodeGenerator::emitJumpIfFalse):
        (JSC::BytecodeGenerator::addConstant):
        (JSC::BytecodeGenerator::addUnexpectedConstant):
        (JSC::BytecodeGenerator::addRegExp):
        (JSC::BytecodeGenerator::emitMove):
        (JSC::BytecodeGenerator::emitUnaryOp):
        (JSC::BytecodeGenerator::emitPreInc):
        (JSC::BytecodeGenerator::emitPreDec):
        (JSC::BytecodeGenerator::emitPostInc):
        (JSC::BytecodeGenerator::emitPostDec):
        (JSC::BytecodeGenerator::emitBinaryOp):
        (JSC::BytecodeGenerator::emitEqualityOp):
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitUnexpectedLoad):
        (JSC::BytecodeGenerator::findScopedProperty):
        (JSC::BytecodeGenerator::emitInstanceOf):
        (JSC::BytecodeGenerator::emitResolve):
        (JSC::BytecodeGenerator::emitGetScopedVar):
        (JSC::BytecodeGenerator::emitPutScopedVar):
        (JSC::BytecodeGenerator::emitResolveBase):
        (JSC::BytecodeGenerator::emitResolveWithBase):
        (JSC::BytecodeGenerator::emitResolveFunction):
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
        (JSC::BytecodeGenerator::emitPutGetter):
        (JSC::BytecodeGenerator::emitPutSetter):
        (JSC::BytecodeGenerator::emitDeleteById):
        (JSC::BytecodeGenerator::emitGetByVal):
        (JSC::BytecodeGenerator::emitPutByVal):
        (JSC::BytecodeGenerator::emitDeleteByVal):
        (JSC::BytecodeGenerator::emitPutByIndex):
        (JSC::BytecodeGenerator::emitNewObject):
        (JSC::BytecodeGenerator::emitNewArray):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewRegExp):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        (JSC::BytecodeGenerator::emitCall):
        (JSC::BytecodeGenerator::emitCallEval):
        (JSC::BytecodeGenerator::emitReturn):
        (JSC::BytecodeGenerator::emitUnaryNoDstOp):
        (JSC::BytecodeGenerator::emitConstruct):
        (JSC::BytecodeGenerator::emitPushScope):
        (JSC::BytecodeGenerator::emitPopScope):
        (JSC::BytecodeGenerator::emitDebugHook):
        (JSC::BytecodeGenerator::pushFinallyContext):
        (JSC::BytecodeGenerator::popFinallyContext):
        (JSC::BytecodeGenerator::breakTarget):
        (JSC::BytecodeGenerator::continueTarget):
        (JSC::BytecodeGenerator::emitComplexJumpScopes):
        (JSC::BytecodeGenerator::emitJumpScopes):
        (JSC::BytecodeGenerator::emitNextPropertyName):
        (JSC::BytecodeGenerator::emitCatch):
        (JSC::BytecodeGenerator::emitNewError):
        (JSC::BytecodeGenerator::emitJumpSubroutine):
        (JSC::BytecodeGenerator::emitSubroutineReturn):
        (JSC::BytecodeGenerator::emitPushNewScope):
        (JSC::BytecodeGenerator::beginSwitch):
        (JSC::BytecodeGenerator::endSwitch):
        (JSC::BytecodeGenerator::emitThrowExpressionTooDeepException):
        * bytecompiler/CodeGenerator.h:
        * jsc.cpp:
        (runWithScripts):
        * parser/Nodes.cpp:
        (JSC::ThrowableExpressionData::emitThrowError):
        (JSC::NullNode::emitBytecode):
        (JSC::BooleanNode::emitBytecode):
        (JSC::NumberNode::emitBytecode):
        (JSC::StringNode::emitBytecode):
        (JSC::RegExpNode::emitBytecode):
        (JSC::ThisNode::emitBytecode):
        (JSC::ResolveNode::isPure):
        (JSC::ResolveNode::emitBytecode):
        (JSC::ArrayNode::emitBytecode):
        (JSC::ObjectLiteralNode::emitBytecode):
        (JSC::PropertyListNode::emitBytecode):
        (JSC::BracketAccessorNode::emitBytecode):
        (JSC::DotAccessorNode::emitBytecode):
        (JSC::ArgumentListNode::emitBytecode):
        (JSC::NewExprNode::emitBytecode):
        (JSC::EvalFunctionCallNode::emitBytecode):
        (JSC::FunctionCallValueNode::emitBytecode):
        (JSC::FunctionCallResolveNode::emitBytecode):
        (JSC::FunctionCallBracketNode::emitBytecode):
        (JSC::FunctionCallDotNode::emitBytecode):
        (JSC::emitPreIncOrDec):
        (JSC::emitPostIncOrDec):
        (JSC::PostfixResolveNode::emitBytecode):
        (JSC::PostfixBracketNode::emitBytecode):
        (JSC::PostfixDotNode::emitBytecode):
        (JSC::PostfixErrorNode::emitBytecode):
        (JSC::DeleteResolveNode::emitBytecode):
        (JSC::DeleteBracketNode::emitBytecode):
        (JSC::DeleteDotNode::emitBytecode):
        (JSC::DeleteValueNode::emitBytecode):
        (JSC::VoidNode::emitBytecode):
        (JSC::TypeOfResolveNode::emitBytecode):
        (JSC::TypeOfValueNode::emitBytecode):
        (JSC::PrefixResolveNode::emitBytecode):
        (JSC::PrefixBracketNode::emitBytecode):
        (JSC::PrefixDotNode::emitBytecode):
        (JSC::PrefixErrorNode::emitBytecode):
        (JSC::UnaryOpNode::emitBytecode):
        (JSC::BinaryOpNode::emitBytecode):
        (JSC::EqualNode::emitBytecode):
        (JSC::StrictEqualNode::emitBytecode):
        (JSC::ReverseBinaryOpNode::emitBytecode):
        (JSC::ThrowableBinaryOpNode::emitBytecode):
        (JSC::InstanceOfNode::emitBytecode):
        (JSC::LogicalOpNode::emitBytecode):
        (JSC::ConditionalNode::emitBytecode):
        (JSC::emitReadModifyAssignment):
        (JSC::ReadModifyResolveNode::emitBytecode):
        (JSC::AssignResolveNode::emitBytecode):
        (JSC::AssignDotNode::emitBytecode):
        (JSC::ReadModifyDotNode::emitBytecode):
        (JSC::AssignErrorNode::emitBytecode):
        (JSC::AssignBracketNode::emitBytecode):
        (JSC::ReadModifyBracketNode::emitBytecode):
        (JSC::CommaNode::emitBytecode):
        (JSC::ConstDeclNode::emitCodeSingle):
        (JSC::ConstDeclNode::emitBytecode):
        (JSC::ConstStatementNode::emitBytecode):
        (JSC::statementListEmitCode):
        (JSC::BlockNode::emitBytecode):
        (JSC::EmptyStatementNode::emitBytecode):
        (JSC::DebuggerStatementNode::emitBytecode):
        (JSC::ExprStatementNode::emitBytecode):
        (JSC::VarStatementNode::emitBytecode):
        (JSC::IfNode::emitBytecode):
        (JSC::IfElseNode::emitBytecode):
        (JSC::DoWhileNode::emitBytecode):
        (JSC::WhileNode::emitBytecode):
        (JSC::ForNode::emitBytecode):
        (JSC::ForInNode::emitBytecode):
        (JSC::ContinueNode::emitBytecode):
        (JSC::BreakNode::emitBytecode):
        (JSC::ReturnNode::emitBytecode):
        (JSC::WithNode::emitBytecode):
        (JSC::CaseBlockNode::emitBytecodeForBlock):
        (JSC::SwitchNode::emitBytecode):
        (JSC::LabelNode::emitBytecode):
        (JSC::ThrowNode::emitBytecode):
        (JSC::TryNode::emitBytecode):
        (JSC::EvalNode::emitBytecode):
        (JSC::EvalNode::generateBytecode):
        (JSC::FunctionBodyNode::generateBytecode):
        (JSC::FunctionBodyNode::emitBytecode):
        (JSC::ProgramNode::emitBytecode):
        (JSC::ProgramNode::generateBytecode):
        (JSC::FuncDeclNode::emitBytecode):
        (JSC::FuncExprNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::ExpressionNode::):
        (JSC::BooleanNode::):
        (JSC::NumberNode::):
        (JSC::StringNode::):
        (JSC::ProgramNode::):
        (JSC::EvalNode::):
        (JSC::FunctionBodyNode::):
        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        (JSC::JSActivation::copyRegisters):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::mark):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed all forms of "byte code" "opcode" "op code" "code" "bitcode"
        etc. to "bytecode".

        * VM/CTI.cpp:
        (JSC::CTI::printBytecodeOperandTypes):
        (JSC::CTI::emitAllocateNumber):
        (JSC::CTI::emitNakedCall):
        (JSC::CTI::emitNakedFastCall):
        (JSC::CTI::emitCTICall):
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNum):
        (JSC::CTI::emitJumpSlowCaseIfNotImmNums):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        * VM/CTI.h:
        (JSC::CallRecord::CallRecord):
        (JSC::SwitchRecord::SwitchRecord):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructureIDs):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::derefStructureIDs):
        (JSC::CodeBlock::refStructureIDs):
        * VM/CodeBlock.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        * VM/ExceptionHelpers.cpp:
        (JSC::createNotAnObjectError):
        * VM/Instruction.h:
        (JSC::Instruction::Instruction):
        (JSC::Instruction::):
        * VM/Machine.cpp:
        (JSC::BytecodeInterpreter::isBytecode):
        (JSC::BytecodeInterpreter::throwException):
        (JSC::BytecodeInterpreter::execute):
        (JSC::BytecodeInterpreter::tryCachePutByID):
        (JSC::BytecodeInterpreter::uncachePutByID):
        (JSC::BytecodeInterpreter::tryCacheGetByID):
        (JSC::BytecodeInterpreter::uncacheGetByID):
        (JSC::BytecodeInterpreter::privateExecute):
        (JSC::BytecodeInterpreter::tryCTICachePutByID):
        (JSC::BytecodeInterpreter::tryCTICacheGetByID):
        (JSC::BytecodeInterpreter::cti_op_call_JSFunction):
        (JSC::BytecodeInterpreter::cti_vm_dontLazyLinkCall):
        (JSC::BytecodeInterpreter::cti_vm_lazyLinkCall):
        * VM/Machine.h:
        (JSC::BytecodeInterpreter::getBytecode):
        (JSC::BytecodeInterpreter::getBytecodeID):
        (JSC::BytecodeInterpreter::isCallBytecode):
        * VM/Opcode.cpp:
        (JSC::):
        (JSC::BytecodeStats::BytecodeStats):
        (JSC::compareBytecodeIndices):
        (JSC::compareBytecodePairIndices):
        (JSC::BytecodeStats::~BytecodeStats):
        (JSC::BytecodeStats::recordInstruction):
        (JSC::BytecodeStats::resetLastInstruction):
        * VM/Opcode.h:
        (JSC::):
        (JSC::padBytecodeName):
        * VM/SamplingTool.cpp:
        (JSC::ScopeSampleRecord::sample):
        (JSC::SamplingTool::run):
        (JSC::compareBytecodeIndicesSampling):
        (JSC::SamplingTool::dump):
        * VM/SamplingTool.h:
        (JSC::ScopeSampleRecord::ScopeSampleRecord):
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::generate):
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::emitLabel):
        (JSC::CodeGenerator::emitBytecode):
        (JSC::CodeGenerator::emitJump):
        (JSC::CodeGenerator::emitJumpIfTrue):
        (JSC::CodeGenerator::emitJumpIfFalse):
        (JSC::CodeGenerator::emitMove):
        (JSC::CodeGenerator::emitUnaryOp):
        (JSC::CodeGenerator::emitPreInc):
        (JSC::CodeGenerator::emitPreDec):
        (JSC::CodeGenerator::emitPostInc):
        (JSC::CodeGenerator::emitPostDec):
        (JSC::CodeGenerator::emitBinaryOp):
        (JSC::CodeGenerator::emitEqualityOp):
        (JSC::CodeGenerator::emitUnexpectedLoad):
        (JSC::CodeGenerator::emitInstanceOf):
        (JSC::CodeGenerator::emitResolve):
        (JSC::CodeGenerator::emitGetScopedVar):
        (JSC::CodeGenerator::emitPutScopedVar):
        (JSC::CodeGenerator::emitResolveBase):
        (JSC::CodeGenerator::emitResolveWithBase):
        (JSC::CodeGenerator::emitResolveFunction):
        (JSC::CodeGenerator::emitGetById):
        (JSC::CodeGenerator::emitPutById):
        (JSC::CodeGenerator::emitPutGetter):
        (JSC::CodeGenerator::emitPutSetter):
        (JSC::CodeGenerator::emitDeleteById):
        (JSC::CodeGenerator::emitGetByVal):
        (JSC::CodeGenerator::emitPutByVal):
        (JSC::CodeGenerator::emitDeleteByVal):
        (JSC::CodeGenerator::emitPutByIndex):
        (JSC::CodeGenerator::emitNewObject):
        (JSC::CodeGenerator::emitNewArray):
        (JSC::CodeGenerator::emitNewFunction):
        (JSC::CodeGenerator::emitNewRegExp):
        (JSC::CodeGenerator::emitNewFunctionExpression):
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitReturn):
        (JSC::CodeGenerator::emitUnaryNoDstOp):
        (JSC::CodeGenerator::emitConstruct):
        (JSC::CodeGenerator::emitPopScope):
        (JSC::CodeGenerator::emitDebugHook):
        (JSC::CodeGenerator::emitComplexJumpScopes):
        (JSC::CodeGenerator::emitJumpScopes):
        (JSC::CodeGenerator::emitNextPropertyName):
        (JSC::CodeGenerator::emitCatch):
        (JSC::CodeGenerator::emitNewError):
        (JSC::CodeGenerator::emitJumpSubroutine):
        (JSC::CodeGenerator::emitSubroutineReturn):
        (JSC::CodeGenerator::emitPushNewScope):
        (JSC::CodeGenerator::beginSwitch):
        (JSC::CodeGenerator::endSwitch):
        * bytecompiler/CodeGenerator.h:
        (JSC::CodeGenerator::emitNode):
        * jsc.cpp:
        (runWithScripts):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::emitModRm_opr):
        (JSC::X86Assembler::emitModRm_opr_Unchecked):
        (JSC::X86Assembler::emitModRm_opm):
        (JSC::X86Assembler::emitModRm_opm_Unchecked):
        (JSC::X86Assembler::emitModRm_opmsib):
        * parser/Nodes.cpp:
        (JSC::NullNode::emitBytecode):
        (JSC::BooleanNode::emitBytecode):
        (JSC::NumberNode::emitBytecode):
        (JSC::StringNode::emitBytecode):
        (JSC::RegExpNode::emitBytecode):
        (JSC::ThisNode::emitBytecode):
        (JSC::ResolveNode::emitBytecode):
        (JSC::ArrayNode::emitBytecode):
        (JSC::ObjectLiteralNode::emitBytecode):
        (JSC::PropertyListNode::emitBytecode):
        (JSC::BracketAccessorNode::emitBytecode):
        (JSC::DotAccessorNode::emitBytecode):
        (JSC::ArgumentListNode::emitBytecode):
        (JSC::NewExprNode::emitBytecode):
        (JSC::EvalFunctionCallNode::emitBytecode):
        (JSC::FunctionCallValueNode::emitBytecode):
        (JSC::FunctionCallResolveNode::emitBytecode):
        (JSC::FunctionCallBracketNode::emitBytecode):
        (JSC::FunctionCallDotNode::emitBytecode):
        (JSC::PostfixResolveNode::emitBytecode):
        (JSC::PostfixBracketNode::emitBytecode):
        (JSC::PostfixDotNode::emitBytecode):
        (JSC::PostfixErrorNode::emitBytecode):
        (JSC::DeleteResolveNode::emitBytecode):
        (JSC::DeleteBracketNode::emitBytecode):
        (JSC::DeleteDotNode::emitBytecode):
        (JSC::DeleteValueNode::emitBytecode):
        (JSC::VoidNode::emitBytecode):
        (JSC::TypeOfResolveNode::emitBytecode):
        (JSC::TypeOfValueNode::emitBytecode):
        (JSC::PrefixResolveNode::emitBytecode):
        (JSC::PrefixBracketNode::emitBytecode):
        (JSC::PrefixDotNode::emitBytecode):
        (JSC::PrefixErrorNode::emitBytecode):
        (JSC::UnaryOpNode::emitBytecode):
        (JSC::BinaryOpNode::emitBytecode):
        (JSC::EqualNode::emitBytecode):
        (JSC::StrictEqualNode::emitBytecode):
        (JSC::ReverseBinaryOpNode::emitBytecode):
        (JSC::ThrowableBinaryOpNode::emitBytecode):
        (JSC::InstanceOfNode::emitBytecode):
        (JSC::LogicalOpNode::emitBytecode):
        (JSC::ConditionalNode::emitBytecode):
        (JSC::emitReadModifyAssignment):
        (JSC::ReadModifyResolveNode::emitBytecode):
        (JSC::AssignResolveNode::emitBytecode):
        (JSC::AssignDotNode::emitBytecode):
        (JSC::ReadModifyDotNode::emitBytecode):
        (JSC::AssignErrorNode::emitBytecode):
        (JSC::AssignBracketNode::emitBytecode):
        (JSC::ReadModifyBracketNode::emitBytecode):
        (JSC::CommaNode::emitBytecode):
        (JSC::ConstDeclNode::emitBytecode):
        (JSC::ConstStatementNode::emitBytecode):
        (JSC::BlockNode::emitBytecode):
        (JSC::EmptyStatementNode::emitBytecode):
        (JSC::DebuggerStatementNode::emitBytecode):
        (JSC::ExprStatementNode::emitBytecode):
        (JSC::VarStatementNode::emitBytecode):
        (JSC::IfNode::emitBytecode):
        (JSC::IfElseNode::emitBytecode):
        (JSC::DoWhileNode::emitBytecode):
        (JSC::WhileNode::emitBytecode):
        (JSC::ForNode::emitBytecode):
        (JSC::ForInNode::emitBytecode):
        (JSC::ContinueNode::emitBytecode):
        (JSC::BreakNode::emitBytecode):
        (JSC::ReturnNode::emitBytecode):
        (JSC::WithNode::emitBytecode):
        (JSC::SwitchNode::emitBytecode):
        (JSC::LabelNode::emitBytecode):
        (JSC::ThrowNode::emitBytecode):
        (JSC::TryNode::emitBytecode):
        (JSC::ScopeNode::ScopeNode):
        (JSC::EvalNode::emitBytecode):
        (JSC::FunctionBodyNode::emitBytecode):
        (JSC::ProgramNode::emitBytecode):
        (JSC::FuncDeclNode::emitBytecode):
        (JSC::FuncExprNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::UnaryPlusNode::):
        (JSC::NegateNode::):
        (JSC::BitwiseNotNode::):
        (JSC::LogicalNotNode::):
        (JSC::MultNode::):
        (JSC::DivNode::):
        (JSC::ModNode::):
        (JSC::AddNode::):
        (JSC::SubNode::):
        (JSC::LeftShiftNode::):
        (JSC::RightShiftNode::):
        (JSC::UnsignedRightShiftNode::):
        (JSC::LessNode::):
        (JSC::GreaterNode::):
        (JSC::LessEqNode::):
        (JSC::GreaterEqNode::):
        (JSC::InstanceOfNode::):
        (JSC::InNode::):
        (JSC::EqualNode::):
        (JSC::NotEqualNode::):
        (JSC::StrictEqualNode::):
        (JSC::NotStrictEqualNode::):
        (JSC::BitAndNode::):
        (JSC::BitOrNode::):
        (JSC::BitXOrNode::):
        (JSC::ProgramNode::):
        (JSC::EvalNode::):
        (JSC::FunctionBodyNode::):
        * runtime/JSNotAnObject.h:
        * runtime/StructureID.cpp:
        (JSC::StructureID::fromDictionaryTransition):
        * wtf/Platform.h:

2008-11-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Renamed Machine to BytecodeInterpreter.
        
        Nixed the Interpreter class, and changed its two functions to stand-alone
        functions.

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::emitCTICall):
        (JSC::CTI::CTI):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::freeCTIMachineTrampolines):
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructureIDs):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructureIDs):
        (JSC::CodeBlock::refStructureIDs):
        * VM/ExceptionHelpers.cpp:
        (JSC::createNotAnObjectError):
        * VM/Machine.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::BytecodeInterpreter::resolve):
        (JSC::BytecodeInterpreter::resolveSkip):
        (JSC::BytecodeInterpreter::resolveGlobal):
        (JSC::BytecodeInterpreter::resolveBase):
        (JSC::BytecodeInterpreter::resolveBaseAndProperty):
        (JSC::BytecodeInterpreter::resolveBaseAndFunc):
        (JSC::BytecodeInterpreter::slideRegisterWindowForCall):
        (JSC::BytecodeInterpreter::callEval):
        (JSC::BytecodeInterpreter::BytecodeInterpreter):
        (JSC::BytecodeInterpreter::initialize):
        (JSC::BytecodeInterpreter::~BytecodeInterpreter):
        (JSC::BytecodeInterpreter::dumpCallFrame):
        (JSC::BytecodeInterpreter::dumpRegisters):
        (JSC::BytecodeInterpreter::isOpcode):
        (JSC::BytecodeInterpreter::unwindCallFrame):
        (JSC::BytecodeInterpreter::throwException):
        (JSC::BytecodeInterpreter::execute):
        (JSC::BytecodeInterpreter::debug):
        (JSC::BytecodeInterpreter::resetTimeoutCheck):
        (JSC::BytecodeInterpreter::checkTimeout):
        (JSC::BytecodeInterpreter::createExceptionScope):
        (JSC::BytecodeInterpreter::tryCachePutByID):
        (JSC::BytecodeInterpreter::uncachePutByID):
        (JSC::BytecodeInterpreter::tryCacheGetByID):
        (JSC::BytecodeInterpreter::uncacheGetByID):
        (JSC::BytecodeInterpreter::privateExecute):
        (JSC::BytecodeInterpreter::retrieveArguments):
        (JSC::BytecodeInterpreter::retrieveCaller):
        (JSC::BytecodeInterpreter::retrieveLastCaller):
        (JSC::BytecodeInterpreter::findFunctionCallFrame):
        (JSC::BytecodeInterpreter::tryCTICachePutByID):
        (JSC::BytecodeInterpreter::tryCTICacheGetByID):
        (JSC::BytecodeInterpreter::cti_op_convert_this):
        (JSC::BytecodeInterpreter::cti_op_end):
        (JSC::BytecodeInterpreter::cti_op_add):
        (JSC::BytecodeInterpreter::cti_op_pre_inc):
        (JSC::BytecodeInterpreter::cti_timeout_check):
        (JSC::BytecodeInterpreter::cti_register_file_check):
        (JSC::BytecodeInterpreter::cti_op_loop_if_less):
        (JSC::BytecodeInterpreter::cti_op_loop_if_lesseq):
        (JSC::BytecodeInterpreter::cti_op_new_object):
        (JSC::BytecodeInterpreter::cti_op_put_by_id):
        (JSC::BytecodeInterpreter::cti_op_put_by_id_second):
        (JSC::BytecodeInterpreter::cti_op_put_by_id_generic):
        (JSC::BytecodeInterpreter::cti_op_put_by_id_fail):
        (JSC::BytecodeInterpreter::cti_op_get_by_id):
        (JSC::BytecodeInterpreter::cti_op_get_by_id_second):
        (JSC::BytecodeInterpreter::cti_op_get_by_id_generic):
        (JSC::BytecodeInterpreter::cti_op_get_by_id_fail):
        (JSC::BytecodeInterpreter::cti_op_instanceof):
        (JSC::BytecodeInterpreter::cti_op_del_by_id):
        (JSC::BytecodeInterpreter::cti_op_mul):
        (JSC::BytecodeInterpreter::cti_op_new_func):
        (JSC::BytecodeInterpreter::cti_op_call_JSFunction):
        (JSC::BytecodeInterpreter::cti_op_call_arityCheck):
        (JSC::BytecodeInterpreter::cti_vm_dontLazyLinkCall):
        (JSC::BytecodeInterpreter::cti_vm_lazyLinkCall):
        (JSC::BytecodeInterpreter::cti_op_push_activation):
        (JSC::BytecodeInterpreter::cti_op_call_NotJSFunction):
        (JSC::BytecodeInterpreter::cti_op_create_arguments):
        (JSC::BytecodeInterpreter::cti_op_create_arguments_no_params):
        (JSC::BytecodeInterpreter::cti_op_tear_off_activation):
        (JSC::BytecodeInterpreter::cti_op_tear_off_arguments):
        (JSC::BytecodeInterpreter::cti_op_profile_will_call):
        (JSC::BytecodeInterpreter::cti_op_profile_did_call):
        (JSC::BytecodeInterpreter::cti_op_ret_scopeChain):
        (JSC::BytecodeInterpreter::cti_op_new_array):
        (JSC::BytecodeInterpreter::cti_op_resolve):
        (JSC::BytecodeInterpreter::cti_op_construct_JSConstruct):
        (JSC::BytecodeInterpreter::cti_op_construct_NotJSConstruct):
        (JSC::BytecodeInterpreter::cti_op_get_by_val):
        (JSC::BytecodeInterpreter::cti_op_resolve_func):
        (JSC::BytecodeInterpreter::cti_op_sub):
        (JSC::BytecodeInterpreter::cti_op_put_by_val):
        (JSC::BytecodeInterpreter::cti_op_put_by_val_array):
        (JSC::BytecodeInterpreter::cti_op_lesseq):
        (JSC::BytecodeInterpreter::cti_op_loop_if_true):
        (JSC::BytecodeInterpreter::cti_op_negate):
        (JSC::BytecodeInterpreter::cti_op_resolve_base):
        (JSC::BytecodeInterpreter::cti_op_resolve_skip):
        (JSC::BytecodeInterpreter::cti_op_resolve_global):
        (JSC::BytecodeInterpreter::cti_op_div):
        (JSC::BytecodeInterpreter::cti_op_pre_dec):
        (JSC::BytecodeInterpreter::cti_op_jless):
        (JSC::BytecodeInterpreter::cti_op_not):
        (JSC::BytecodeInterpreter::cti_op_jtrue):
        (JSC::BytecodeInterpreter::cti_op_post_inc):
        (JSC::BytecodeInterpreter::cti_op_eq):
        (JSC::BytecodeInterpreter::cti_op_lshift):
        (JSC::BytecodeInterpreter::cti_op_bitand):
        (JSC::BytecodeInterpreter::cti_op_rshift):
        (JSC::BytecodeInterpreter::cti_op_bitnot):
        (JSC::BytecodeInterpreter::cti_op_resolve_with_base):
        (JSC::BytecodeInterpreter::cti_op_new_func_exp):
        (JSC::BytecodeInterpreter::cti_op_mod):
        (JSC::BytecodeInterpreter::cti_op_less):
        (JSC::BytecodeInterpreter::cti_op_neq):
        (JSC::BytecodeInterpreter::cti_op_post_dec):
        (JSC::BytecodeInterpreter::cti_op_urshift):
        (JSC::BytecodeInterpreter::cti_op_bitxor):
        (JSC::BytecodeInterpreter::cti_op_new_regexp):
        (JSC::BytecodeInterpreter::cti_op_bitor):
        (JSC::BytecodeInterpreter::cti_op_call_eval):
        (JSC::BytecodeInterpreter::cti_op_throw):
        (JSC::BytecodeInterpreter::cti_op_get_pnames):
        (JSC::BytecodeInterpreter::cti_op_next_pname):
        (JSC::BytecodeInterpreter::cti_op_push_scope):
        (JSC::BytecodeInterpreter::cti_op_pop_scope):
        (JSC::BytecodeInterpreter::cti_op_typeof):
        (JSC::BytecodeInterpreter::cti_op_is_undefined):
        (JSC::BytecodeInterpreter::cti_op_is_boolean):
        (JSC::BytecodeInterpreter::cti_op_is_number):
        (JSC::BytecodeInterpreter::cti_op_is_string):
        (JSC::BytecodeInterpreter::cti_op_is_object):
        (JSC::BytecodeInterpreter::cti_op_is_function):
        (JSC::BytecodeInterpreter::cti_op_stricteq):
        (JSC::BytecodeInterpreter::cti_op_nstricteq):
        (JSC::BytecodeInterpreter::cti_op_to_jsnumber):
        (JSC::BytecodeInterpreter::cti_op_in):
        (JSC::BytecodeInterpreter::cti_op_push_new_scope):
        (JSC::BytecodeInterpreter::cti_op_jmp_scopes):
        (JSC::BytecodeInterpreter::cti_op_put_by_index):
        (JSC::BytecodeInterpreter::cti_op_switch_imm):
        (JSC::BytecodeInterpreter::cti_op_switch_char):
        (JSC::BytecodeInterpreter::cti_op_switch_string):
        (JSC::BytecodeInterpreter::cti_op_del_by_val):
        (JSC::BytecodeInterpreter::cti_op_put_getter):
        (JSC::BytecodeInterpreter::cti_op_put_setter):
        (JSC::BytecodeInterpreter::cti_op_new_error):
        (JSC::BytecodeInterpreter::cti_op_debug):
        (JSC::BytecodeInterpreter::cti_vm_throw):
        * VM/Machine.h:
        * VM/Register.h:
        * VM/SamplingTool.cpp:
        (JSC::SamplingTool::run):
        * VM/SamplingTool.h:
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::generate):
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::emitOpcode):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * jsc.cpp:
        (runWithScripts):
        * parser/Nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::addParentForConsoleStart):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncPop):
        (JSC::arrayProtoFuncPush):
        * runtime/Collector.cpp:
        (JSC::Heap::collect):
        * runtime/ExecState.h:
        (JSC::ExecState::interpreter):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply):
        * runtime/Interpreter.cpp:
        (JSC::Interpreter::evaluate):
        * runtime/JSCell.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::call):
        (JSC::JSFunction::argumentsGetter):
        (JSC::JSFunction::callerGetter):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::~JSGlobalObject):
        (JSC::JSGlobalObject::setTimeoutTime):
        (JSC::JSGlobalObject::startTimeoutCheck):
        (JSC::JSGlobalObject::stopTimeoutCheck):
        (JSC::JSGlobalObject::mark):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * runtime/JSString.h:
        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):

2008-11-15  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Sam Weinig.
        
        - Remove SymbolTable from FunctionBodyNode and move it to CodeBlock
        
        It's not needed for functions that have never been executed, so no
        need to waste the memory. Saves ~4M on membuster after 30 pages.

        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        (JSC::Machine::retrieveArguments):
        * parser/Nodes.cpp:
        (JSC::EvalNode::generateCode):
        (JSC::FunctionBodyNode::generateCode):
        * parser/Nodes.h:
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):

2008-11-14  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22259: Make all opcodes use eax as their final result register
        <https://bugs.webkit.org/show_bug.cgi?id=22259>

        Change one case of op_add (and the corresponding slow case) to use eax
        rather than edx. Also, change the order in which the two results of
        resolve_func and resolve_base are emitted so that the retrieved value is
        put last into eax.

        This gives no performance change on SunSpider or the V8 benchmark suite
        when run in either harness.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):

2008-11-14  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Geoff has this wacky notion that emitGetArg and emitPutArg should be related to
        doing the same thing.  Crazy.
        
        Rename the methods for accessing virtual registers to say 'VirtualRegister' in the
        name, and those for setting up the arguments for CTI methods to contain 'CTIArg'.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetVirtualRegister):
        (JSC::CTI::emitGetVirtualRegisters):
        (JSC::CTI::emitPutCTIArgFromVirtualRegister):
        (JSC::CTI::emitPutCTIArg):
        (JSC::CTI::emitGetCTIArg):
        (JSC::CTI::emitPutCTIArgConstant):
        (JSC::CTI::emitPutVirtualRegister):
        (JSC::CTI::compileOpCallSetupArgs):
        (JSC::CTI::compileOpCallEvalSetupArgs):
        (JSC::CTI::compileOpConstructSetupArgs):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileOpStrictEq):
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        * VM/CTI.h:

2008-11-14  Greg Bolsinga  <bolsinga (a] apple.com>

        Reviewed by Antti Koivisto

        Fix potential build break by adding StdLibExtras.h
        
        * GNUmakefile.am:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:

2008-11-14  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Generate less code for the slow cases of op_call and op_construct.
        https://bugs.webkit.org/show_bug.cgi?id=22272

        1% progression on v8 tests.

        * VM/CTI.cpp:
        (JSC::CTI::emitRetrieveArg):
        (JSC::CTI::emitNakedCall):
        (JSC::CTI::compileOpCallInitializeCallFrame):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        (JSC::getCallLinkInfoReturnLocation):
        (JSC::CodeBlock::getCallLinkInfo):
        * VM/Machine.cpp:
        (JSC::Machine::Machine):
        (JSC::Machine::cti_vm_dontLazyLinkCall):
        (JSC::Machine::cti_vm_lazyLinkCall):
        * VM/Machine.h:

2008-11-14  Greg Bolsinga  <bolsinga (a] apple.com>

        Reviewed by Darin Alder.

        https://bugs.webkit.org/show_bug.cgi?id=21810
        Remove use of static C++ objects that are destroyed at exit time (destructors)

        Create DEFINE_STATIC_LOCAL macro. Change static local objects to leak to avoid 
        exit-time destructor. Update code that was changed to fix this issue that ran 
        into a gcc bug (<rdar://problem/6354696> Codegen issue with C++ static reference 
        in gcc build 5465). Also typdefs for template types needed to be added in some 
        cases so the type could make it through the macro successfully.

        Basically code of the form:
        static T m;
        becomes:
        DEFINE_STATIC_LOCAL(T, m, ());

        Also any code of the form:
        static T& m = *new T;
        also becomes:
        DEFINE_STATIC_LOCAL(T, m, ());

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wtf/MainThread.cpp:
        (WTF::mainThreadFunctionQueueMutex):
        (WTF::functionQueue):
        * wtf/StdLibExtras.h: Added. Add DEFINE_STATIC_LOCAL macro
        * wtf/ThreadingPthreads.cpp:
        (WTF::threadMapMutex):
        (WTF::threadMap):
        (WTF::identifierByPthreadHandle):

2008-11-13  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22269
        Reduce PropertyMap usage

        From observation of StructureID statistics, it became clear that many
        StructureID's were not being used as StructureIDs themselves, but rather
        only being necessary as links in the transition chain.  Acknowledging this
        and that PropertyMaps stored in StructureIDs can be treated as caches, that
        is that they can be reconstructed on demand, it became clear that we could
        reduce the memory consumption of StructureIDs by only keeping PropertyMaps
        for the StructureIDs that need them the most.

        The specific strategy used to reduce the number of StructureIDs with
        PropertyMaps is to take the previous StructureIDs PropertyMap when initially
        transitioning (addPropertyTransition) from it and clearing out the pointer 
        in the process.  The next time we need to do the same transition, for instance
        repeated calls to the same constructor, we use the new addPropertyTransitionToExistingStructure
        first, which allows us not to need the PropertyMap to determine if the property
        exists already, since a transition to that property would require it not already
        be present in the StructureID.  Should there be no transition, the PropertyMap
        can be constructed on demand (via materializePropertyMap) to determine if the put is a 
        replace or a transition to a new StructureID.

        Reduces memory use on Membuster head test (30 pages open) by ~15MB.

        * JavaScriptCore.exp:
        * runtime/JSObject.h:
        (JSC::JSObject::putDirect): First use addPropertyTransitionToExistingStructure
        so that we can avoid building the PropertyMap on subsequent similar object
        creations.
        * runtime/PropertyMapHashTable.h:
        (JSC::PropertyMapEntry::PropertyMapEntry): Add version of constructor which takes
        all values to be used when lazily building the PropertyMap. 
        * runtime/StructureID.cpp:
        (JSC::StructureID::dumpStatistics): Add statistics on the number of StructureIDs
        with PropertyMaps.
        (JSC::StructureID::StructureID): Rename m_cachedTransistionOffset to m_offset
        (JSC::isPowerOf2):
        (JSC::nextPowerOf2):
        (JSC::sizeForKeyCount): Returns the expected size of a PropertyMap for a key count.
        (JSC::StructureID::materializePropertyMap): Builds the PropertyMap out of its previous pointer chain.
        (JSC::StructureID::addPropertyTransitionToExistingStructure): Only transitions if there is a
        an existing transition.
        (JSC::StructureID::addPropertyTransition): Instead of always copying the ProperyMap, try and take
        it from it previous pointer.
        (JSC::StructureID::removePropertyTransition): Simplify by calling toDictionaryTransition() to do
        transition work.
        (JSC::StructureID::changePrototypeTransition): Build the PropertyMap if necessary before transitioning
        because once you have transitioned, you will not be able to reconstruct it afterwards as there is no
        previous pointer, pinning the ProperyMap as well.
        (JSC::StructureID::getterSetterTransition): Ditto.
        (JSC::StructureID::toDictionaryTransition): Pin the PropertyMap so that it is not destroyed on further transitions.
        (JSC::StructureID::fromDictionaryTransition): We can only transition back from a dictionary transition if there
        are no deleted offsets.
        (JSC::StructureID::addPropertyWithoutTransition): Build PropertyMap on demands and pin.
        (JSC::StructureID::removePropertyWithoutTransition): Ditto.
        (JSC::StructureID::get): Build on demand.
        (JSC::StructureID::createPropertyMapHashTable): Add version of create that takes a size
        for on demand building.
        (JSC::StructureID::expandPropertyMapHashTable):
        (JSC::StructureID::rehashPropertyMapHashTable):
        (JSC::StructureID::getEnumerablePropertyNamesInternal): Build PropertyMap on demand.
        * runtime/StructureID.h:
        (JSC::StructureID::propertyStorageSize): Account for StructureIDs without PropertyMaps.
        (JSC::StructureID::isEmpty): Ditto.
        (JSC::StructureID::materializePropertyMapIfNecessary):
        (JSC::StructureID::get): Build PropertyMap on demand

2008-11-14  Csaba Osztrogonac  <oszi (a] inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        <https://bugs.webkit.org/show_bug.cgi?id=21500>

        JavaScriptCore build with -O3 flag instead of -O2 (gcc).
        2.02% speedup on SunSpider (Qt-port on Linux)
        1.10% speedup on V8 (Qt-port on Linux)
        3.45% speedup on WindScorpion (Qt-port on Linux)

        * JavaScriptCore.pri:

2008-11-14  Kristian Amlie  <kristian.amlie (a] trolltech.com>

        Reviewed by Darin Adler.

        Compile fix for RVCT.

        In reality, it is two fixes:

        1. Remove typename. I believe typename can only be used when the named
        type depends on the template parameters, which it doesn't in this
        case, so I think this is more correct.
        2. Replace ::iterator scope with specialized typedef. This is to work
        around a bug in RVCT.

        https://bugs.webkit.org/show_bug.cgi?id=22260

        * wtf/ListHashSet.h:
        (WTF::::find):

2008-11-14  Kristian Amlie  <kristian.amlie (a] trolltech.com>

        Reviewed by Darin Adler.

        Compile fix for WINSCW.

        This fix doesn't protect against implicit conversions from bool to
        integers, but most likely that will be caught on another platform.

        https://bugs.webkit.org/show_bug.cgi?id=22260

        * wtf/PassRefPtr.h:
        (WTF::PassRefPtr::operator bool):
        * wtf/RefPtr.h:
        (WTF::RefPtr::operator bool):

2008-11-14  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22245: Move wtf/dtoa.h into the WTF namespace
        <https://bugs.webkit.org/show_bug.cgi?id=22245>

        Move wtf/dtoa.h into the WTF namespace from the JSC namespace. This
        introduces some ambiguities in name lookups, so I changed all uses of
        the functions in wtf/dtoa.h to explicitly state the namespace.

        * JavaScriptCore.exp:
        * parser/Lexer.cpp:
        (JSC::Lexer::lex):
        * runtime/InitializeThreading.cpp:
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::parseInt):
        * runtime/NumberPrototype.cpp:
        (JSC::integerPartNoExp):
        (JSC::numberProtoFuncToExponential):
        * runtime/UString.cpp:
        (JSC::concatenate):
        (JSC::UString::from):
        (JSC::UString::toDouble):
        * wtf/dtoa.cpp:
        * wtf/dtoa.h:

2008-11-14  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 22257: Enable redundant read optimizations for results generated by compileBinaryArithOp()
        <https://bugs.webkit.org/show_bug.cgi?id=22257>

        This shows no change in performance on either SunSpider or the V8
        benchmark suite, but it removes an ugly special case and allows for
        future optimizations to be implemented in a cleaner fashion.

        This patch was essentially given to me by Gavin Barraclough upon my
        request, but I did regression and performance testing so that he could
        work on something else.

        * VM/CTI.cpp:
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate): Move the final
        result to eax if it is not already there.
        (JSC::CTI::compileBinaryArithOp): Remove the killing of the final result
        register that disables the optimization.

2008-11-13  Eric Seidel  <eric (a] webkit.org>

        Reviewed by Adam Roben.

        Add a Scons-based build system for building
        the Chromium-Mac build of JavaScriptCore.
        https://bugs.webkit.org/show_bug.cgi?id=21991

        * JavaScriptCore.scons: Added.
        * SConstruct: Added.

2008-11-13  Eric Seidel  <eric (a] webkit.org>

        Reviewed by Adam Roben.
        
        Add PLATFORM(CHROMIUM) to the "we don't use cairo" blacklist
        until https://bugs.webkit.org/show_bug.cgi?id=22250 is fixed.

        * wtf/Platform.h:

2008-11-13  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        In r38375 the 'jsc' shell was changed to improve teardown on quit. The
        main() function in jsc.cpp uses Structured Exception Handling, so Visual
        C++ emits a warning when destructors are used.
        
        In order to speculatively fix the Windows build, this patch changes that
        code to use explicit pointer manipulation and locking rather than smart
        pointers and RAII.

        * jsc.cpp:
        (main):

2008-11-13  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22246: Get arguments for opcodes together to eliminate more redundant memory reads
        <https://bugs.webkit.org/show_bug.cgi?id=22246>

        It is common for opcodes to read their first operand into eax and their
        second operand into edx. If the value intended for the second operand is
        in eax, we should first move eax to the register for the second operand
        and then read the first operand into eax.

        This is a 0.5% speedup on SunSpider and a 2.0% speedup on the V8
        benchmark suite when measured using the V8 harness.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArgs):
        (JSC::CTI::compileOpStrictEq):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:

2008-11-13  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22238: Avoid unnecessary reads of temporaries when the target machine register is not eax
        <https://bugs.webkit.org/show_bug.cgi?id=22238>

        Enable the optimization of not reading a value back from memory that we
        just wrote when the target machine register is not eax. In order to do
        this, the code generation for op_put_global_var must be changed to
        read its argument into a register before overwriting eax.

        This is a 0.5% speedup on SunSpider and shows no change on the V8
        benchmark suite when run in either harness.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::privateCompileMainPass):

2008-11-13  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Perform teardown in the 'jsc' shell in order to suppress annoying and
        misleading leak messages. There is still a lone JSC::Node leaking when
        quit() is called, but hopefully that can be fixed as well.

        * jsc.cpp:
        (functionQuit):
        (main):

2008-11-13  Mike Pinkerton  <pinkerton (a] chromium.org>

        Reviewed by Sam Weinig.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22087
        Need correct platform defines for Mac Chromium

        Set the appropriate platform defines for Mac Chromium, which is
        similar to PLATFORM(MAC), but isn't.

        * wtf/Platform.h:

2008-11-13  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - remove immediate checks from native codegen for known non-immediate cases like "this"
        
        ~.5% speedup on v8 benchmarks
        
        In the future we can extend this model to remove all sorts of
        typechecks based on local type info or type inference.
        
        I also added an assertion to verify that all slow cases linked as
        many slow case jumps as the corresponding fast case generated, and
        fixed the pre-existing cases where this was not true.
        
        * VM/CTI.cpp:
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::linkSlowCaseIfNotJSCell):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        (JSC::CodeBlock::isKnownNotImmediate):

2008-11-13  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21943: Avoid needless reads of temporary values in CTI code
        <https://bugs.webkit.org/show_bug.cgi?id=21943>

        If an opcode needs to load a virtual register and a previous opcode left
        the contents of that virtual register in a machine register, use the
        value in the machine register rather than getting it from memory.

        In order to perform this optimization, it is necessary to know the
        jump tagets in the CodeBlock. For temporaries, the only problematic
        jump targets are binary logical operators and the ternary conditional
        operator. However, if this optimization were to be extended to local 
        variable registers as well, other jump targets would need to be
        included, like switch statement cases and the beginnings of catch
        blocks.

        This optimization also requires that the fast case and the slow case
        of an opcode use emitPutResult() on the same register, which was chosen
        to be eax, as that is the register into which we read the first operand
        of opcodes. In order to make this the case, we needed to add some mov
        instructions to the slow cases of some instructions.

        This optimizaton is not applied whenever compileBinaryArithOp() is used
        to compile an opcode, because different machine registers may be used to
        store the final result. It seems possible to rewrite the code generation
        in compileBinaryArithOp() to allow for this optimization.

        This optimization is also not applied when generating slow cases,
        because some fast cases overwrite the value of eax before jumping to the
        slow case. In the future, it may be possible to apply this optimization
        to slow cases as well, but it did not seem to be a speedup when testing
        an early version of this patch.

        This is a 1.0% speedup on SunSpider and a 6.3% speedup on the V8
        benchmark suite.

        * VM/CTI.cpp:
        (JSC::CTI::killLastResultRegister):
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitCTICall):
        (JSC::CTI::CTI):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileOpStrictEq):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        (JSC::CodeBlock::isTemporaryRegisterIndex):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitLabel):

2008-11-12  Alp Toker  <alp (a] nuanti.com>

        autotools build system fix-up only. Add FloatQuad.h to the source
        lists and sort them.

        * GNUmakefile.am:

2008-11-12  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=22192
        +37 failures in fast/profiler
        
        along with Darin's review comments in
        https://bugs.webkit.org/show_bug.cgi?id=22174
        Simplified op_call by nixing its responsibility for moving the value of
        "this" into the first argument slot

        * VM/Machine.cpp:
        (JSC::returnToThrowTrampoline):
        (JSC::throwStackOverflowError):
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_call_arityCheck):
        (JSC::Machine::cti_vm_throw): Moved the throw logic into a function, since
        functions are better than macros.

        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitConstruct): Ensure that the function register
        is preserved if profiling is enabled, since the profiler uses that
        register.

        * runtime/JSGlobalData.h: Renamed throwReturnAddress to exceptionLocation,
        because I had a hard time understanding what "throwReturnAddress" meant.

2008-11-12  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Roll in r38322, now that test failures have been fixed.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCallSetupArgs):
        (JSC::CTI::compileOpCallEvalSetupArgs):
        (JSC::CTI::compileOpConstructSetupArgs):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/Machine.cpp:
        (JSC::Machine::callEval):
        (JSC::Machine::dumpCallFrame):
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::execute):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_call_arityCheck):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_vm_throw):
        * VM/Machine.h:
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitCallEval):
        (JSC::CodeGenerator::emitConstruct):
        * bytecompiler/CodeGenerator.h:
        * parser/Nodes.cpp:
        (JSC::EvalFunctionCallNode::emitCode):
        (JSC::FunctionCallValueNode::emitCode):
        (JSC::FunctionCallResolveNode::emitCode):
        (JSC::FunctionCallBracketNode::emitCode):
        (JSC::FunctionCallDotNode::emitCode):
        * parser/Nodes.h:
        (JSC::ScopeNode::neededConstants):

2008-11-12  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=22201
        Integer conversion in array.length was safe signed values,
        but the length is unsigned.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompilePatchGetArrayLength):

2008-11-12  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Mark Rowe.

        Roll out r38322 due to test failures on the bots.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCallSetupArgs):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/Machine.cpp:
        (JSC::Machine::callEval):
        (JSC::Machine::dumpCallFrame):
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::execute):
        (JSC::Machine::privateExecute):
        (JSC::Machine::throwStackOverflowPreviousFrame):
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_call_arityCheck):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_vm_throw):
        * VM/Machine.h:
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitCallEval):
        (JSC::CodeGenerator::emitConstruct):
        * bytecompiler/CodeGenerator.h:
        * parser/Nodes.cpp:
        (JSC::EvalFunctionCallNode::emitCode):
        (JSC::FunctionCallValueNode::emitCode):
        (JSC::FunctionCallResolveNode::emitCode):
        (JSC::FunctionCallBracketNode::emitCode):
        (JSC::FunctionCallDotNode::emitCode):
        * parser/Nodes.h:
        (JSC::ScopeNode::neededConstants):

2008-11-11  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=22174
        Simplified op_call by nixing its responsibility for moving the value of
        "this" into the first argument slot.

        Instead, the caller emits an explicit load or mov instruction, or relies
        on implicit knowledge that "this" is already in the first argument slot.
        As a result, two operands to op_call are gone: firstArg and thisVal.
        
        SunSpider and v8 tests show no change in bytecode or CTI.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCallSetupArgs):
        (JSC::CTI::compileOpCallEvalSetupArgs):
        (JSC::CTI::compileOpConstructSetupArgs): Split apart these three versions
        of setting up arguments to op_call, because they're more different than
        they are the same -- even more so with this patch.

        (JSC::CTI::compileOpCall): Updated for the fact that op_construct doesn't
        match op_call anymore.

        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases): Merged a few call cases. Updated
        for changes mentioned above.

        * VM/CTI.h:

        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Updated for new bytecode format of call / construct.

        * VM/Machine.cpp:
        (JSC::Machine::callEval): Updated for new bytecode format of call / construct.

        (JSC::Machine::dumpCallFrame):
        (JSC::Machine::dumpRegisters): Simplified these debugging functions, 
        taking advantage of the new call frame layout.

        (JSC::Machine::execute): Fixed up the eval version of execute to be
        friendlier to calls in the new format.

        (JSC::Machine::privateExecute): Implemented the new call format in
        bytecode.

        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_call_eval): Updated CTI helpers to match the new
        call format.
        
        Fixed a latent bug in stack overflow checking that is now hit because
        the register layout has changed a bit -- namely: when throwing a stack
        overflow exception inside an op_call helper, we need to account for the
        fact that the current call frame is only half-constructed, and use the
        parent call frame instead.

        * VM/Machine.h:

        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitCallEval):
        (JSC::CodeGenerator::emitConstruct):
        * bytecompiler/CodeGenerator.h: Updated codegen to match the new call
        format.

        * parser/Nodes.cpp:
        (JSC::EvalFunctionCallNode::emitCode):
        (JSC::FunctionCallValueNode::emitCode):
        (JSC::FunctionCallResolveNode::emitCode):
        (JSC::FunctionCallBracketNode::emitCode):
        (JSC::FunctionCallDotNode::emitCode):
        * parser/Nodes.h:
        (JSC::ScopeNode::neededConstants): ditto

2008-11-11  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Remove an unused forwarding header for a file that no longer exists.

        * ForwardingHeaders/JavaScriptCore/JSLock.h: Removed.

2008-11-11  Mark Rowe  <mrowe (a] apple.com>

        Fix broken dependencies building JavaScriptCore on a freezing cold cat, caused
        by failure to update all instances of "kjs" to their new locations.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-11-11  Alexey Proskuryakov  <ap (a] webkit.org>

        Rubber-stamped by Adam Roben.

        * wtf/AVLTree.h: (WTF::AVLTree::Iterator::start_iter):
        Fix indentation a little more.

2008-11-11  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Clean up EvalCodeCache to match our coding style a bit more.

        * VM/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):

2008-11-11  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Bug 22179: Move EvalCodeCache from CodeBlock.h into its own file
        <https://bugs.webkit.org/show_bug.cgi?id=22179>

        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CodeBlock.h:
        * VM/EvalCodeCache.h: Copied from VM/CodeBlock.h.
        * VM/Machine.cpp:

2008-11-11  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Remove the 'm_' prefix from the fields of the SwitchRecord struct.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompile):
        * VM/CTI.h:
        (JSC::SwitchRecord):
        (JSC::SwitchRecord::SwitchRecord):

2008-11-11  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Make asInteger() a static function so that it has internal linkage.

        * VM/CTI.cpp:
        (JSC::asInteger):

2008-11-11  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Mark Rowe.
        
        - shrink CodeBlock and AST related Vectors to exact fit (5-10M savings on membuster test)
        
        No perf regression combined with the last patch (each seems like a small regression individually)

        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::generate):
        * parser/Nodes.h:
        (JSC::SourceElements::releaseContentsIntoVector):
        * wtf/Vector.h:
        (WTF::Vector::shrinkToFit):

2008-11-11  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Mark Rowe.
        
        - remove inline capacity from declaration stacks (15M savings on membuster test)

        No perf regression on SunSpider or V8 test combined with other upcoming memory improvement patch.
        
        * JavaScriptCore.exp:
        * parser/Nodes.h:

2008-11-11  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        While r38286 removed the need for the m_callFrame member variable of
        CTI, it should be also be removed.

        * VM/CTI.h:

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Make CTI::asInteger() a non-member function, since it needs no access to
        any of CTI's member variables.

        * VM/CTI.cpp:
        (JSC::asInteger):
        * VM/CTI.h:

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Use 'value' instead of 'js' in CTI as a name for JSValue* to match our
        usual convention elsewhere.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Make CTI::getConstant() a member function of CodeBlock instead.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        (JSC::CodeBlock::getConstant):

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Rename CodeBlock::isConstant() to isConstantRegisterIndex().

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.h:
        (JSC::CodeBlock::isConstantRegisterIndex):
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp):

2008-11-10  Gavin Barraclough  <barraclough (a] apple.com>

        Build fix for non-CTI builds.

        * VM/Machine.cpp:
        (JSC::Machine::initialize):

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Remove the unused labels member variable of CodeBlock.

        * VM/CodeBlock.h:
        * VM/LabelID.h:
        (JSC::LabelID::setLocation):

2008-11-10  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Batch compile the set of static trampolines at the point Machine is constructed, using a single allocation.
        Refactor out m_callFrame from CTI, since this is only needed to access the global data (instead store a
        pointer to the global data directly, since this is available at the point the Machine is constructed).
        Add a method to align the code buffer, to allow JIT generation for multiple trampolines in one block.

        * VM/CTI.cpp:
        (JSC::CTI::getConstant):
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):
        (JSC::CTI::CTI):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompileCTIMachineTrampolines):
        (JSC::CTI::freeCTIMachineTrampolines):
        * VM/CTI.h:
        (JSC::CTI::compile):
        (JSC::CTI::compileGetByIdSelf):
        (JSC::CTI::compileGetByIdProto):
        (JSC::CTI::compileGetByIdChain):
        (JSC::CTI::compilePutByIdReplace):
        (JSC::CTI::compilePutByIdTransition):
        (JSC::CTI::compileCTIMachineTrampolines):
        (JSC::CTI::compilePatchGetArrayLength):
        * VM/Machine.cpp:
        (JSC::Machine::initialize):
        (JSC::Machine::~Machine):
        (JSC::Machine::execute):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_lazyLinkCall):
        * VM/Machine.h:
        * masm/X86Assembler.h:
        (JSC::JITCodeBuffer::isAligned):
        (JSC::X86Assembler::):
        (JSC::X86Assembler::align):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):

2008-11-10  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Antti Koivisto.
        
        - Make Vector::clear() release the Vector's memory (1MB savings on membuster)
        https://bugs.webkit.org/show_bug.cgi?id=22170

        * wtf/Vector.h:
        (WTF::VectorBufferBase::deallocateBuffer): Set capacity to 0 as
        well as size, otherwise shrinking capacity to 0 can fail to reset
        the capacity and thus cause a future crash.
        (WTF::Vector::~Vector): Shrink size not capacity; we only need
        to call destructors, the buffer will be freed anyway.
        (WTF::Vector::clear): Change this to shrinkCapacity(0), not just shrink(0).
        (WTF::::shrinkCapacity): Use shrink() instead of resize() for case where
        the size is greater than the new capacity, to work with types that have no
        default constructor.

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Split multiple definitions into separate lines.

        * VM/CTI.cpp:
        (JSC::CTI::compileBinaryArithOp):

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 22162: Remove cachedValueGetter from the JavaScriptCore API implementation
        <https://bugs.webkit.org/show_bug.cgi?id=22162>

        There is no more need for the cachedValueGetter hack now that we have
        PropertySlot::setValue(), so we should remove it.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertySlot):

2008-11-10  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22152: Remove asObject() call from JSCallbackObject::getOwnPropertySlot()
        <https://bugs.webkit.org/show_bug.cgi?id=22152>

        With the recent change to adopt asType() style cast functions with
        assertions instead of static_casts in many places, the assertion for
        the asObject() call in JSCallbackObject::getOwnPropertySlot() has been
        failing when using any nontrivial client of the JavaScriptCore API.
        The cast isn't even necessary to call slot.setCustom(), so it should
        be removed.

        * API/JSCallbackObjectFunctions.h:
        (JSC::JSCallbackObject::getOwnPropertySlot):

2008-11-10  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Adam Roben.

        A few coding style fixes for AVLTree.

        * wtf/AVLTree.h: Moved to WTF namespace, Removed "KJS_" from include guards.
        (WTF::AVLTree::Iterator::start_iter): Fixed indentation

        * runtime/JSArray.cpp: Added "using namepace WTF".

2008-11-09  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Speculatively fix the non-AllInOne build.

        * runtime/NativeErrorConstructor.cpp:

2008-11-09  Darin Adler  <darin (a] apple.com>

        Reviewed by Tim Hatcher.

        - https://bugs.webkit.org/show_bug.cgi?id=22149
          remove unused code from the parser

        * AllInOneFile.cpp: Removed nodes2string.cpp.
        * GNUmakefile.am: Ditto.
        * JavaScriptCore.exp: Ditto.
        * JavaScriptCore.pri: Ditto.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
        * JavaScriptCoreSources.bkl: Ditto.

        * VM/CodeBlock.h: Added include.

        * VM/Machine.cpp: (JSC::Machine::execute): Use the types from
        DeclarationStacks as DeclarationStacks:: rather than Node:: since
        "Node" really has little to do with it.
        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator): Ditto.

        * jsc.cpp:
        (Options::Options): Removed prettyPrint option.
        (runWithScripts): Ditto.
        (printUsageStatement): Ditto.
        (parseArguments): Ditto.
        (jscmain): Ditto.

        * parser/Grammar.y: Removed use of obsolete ImmediateNumberNode.

        * parser/Nodes.cpp:
        (JSC::ThrowableExpressionData::emitThrowError): Use inline functions
        instead of direct member access for ThrowableExpressionData values.
        (JSC::BracketAccessorNode::emitCode): Ditto.
        (JSC::DotAccessorNode::emitCode): Ditto.
        (JSC::NewExprNode::emitCode): Ditto.
        (JSC::EvalFunctionCallNode::emitCode): Ditto.
        (JSC::FunctionCallValueNode::emitCode): Ditto.
        (JSC::FunctionCallResolveNode::emitCode): Ditto.
        (JSC::FunctionCallBracketNode::emitCode): Ditto.
        (JSC::FunctionCallDotNode::emitCode): Ditto.
        (JSC::PostfixResolveNode::emitCode): Ditto.
        (JSC::PostfixBracketNode::emitCode): Ditto.
        (JSC::PostfixDotNode::emitCode): Ditto.
        (JSC::DeleteResolveNode::emitCode): Ditto.
        (JSC::DeleteBracketNode::emitCode): Ditto.
        (JSC::DeleteDotNode::emitCode): Ditto.
        (JSC::PrefixResolveNode::emitCode): Ditto.
        (JSC::PrefixBracketNode::emitCode): Ditto.
        (JSC::PrefixDotNode::emitCode): Ditto.
        (JSC::ThrowableBinaryOpNode::emitCode): Ditto.
        (JSC::InstanceOfNode::emitCode): Ditto.
        (JSC::ReadModifyResolveNode::emitCode): Ditto.
        (JSC::AssignResolveNode::emitCode): Ditto.
        (JSC::AssignDotNode::emitCode): Ditto.
        (JSC::ReadModifyDotNode::emitCode): Ditto.
        (JSC::AssignBracketNode::emitCode): Ditto.
        (JSC::ReadModifyBracketNode::emitCode): Ditto.
        (JSC::statementListEmitCode): Take a const StatementVector instead
        of a non-const one. Also removed unused statementListPushFIFO.
        (JSC::ForInNode::emitCode): Inline functions instead of member access.
        (JSC::ThrowNode::emitCode): Ditto.
        (JSC::EvalNode::emitCode): Ditto.
        (JSC::FunctionBodyNode::emitCode): Ditto.
        (JSC::ProgramNode::emitCode): Ditto.

        * parser/Nodes.h: Removed unused includes and forward declarations.
        Removed Precedence enum. Made many more members private instead of
        protected or public. Removed unused NodeStack typedef. Moved the
        VarStack and FunctionStack typedefs from Node to ScopeNode. Made
        Node::emitCode pure virtual and changed classes that don't emit
        any code to inherit from ParserRefCounted rather than Node.
        Moved isReturnNode from Node to StatementNode. Removed the
        streamTo, precedence, and needsParensIfLeftmost functions from
        all classes. Removed the ImmediateNumberNode class and make
        NumberNode::setValue nonvirtual.

        * parser/nodes2string.cpp: Removed.

2008-11-09  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig and Maciej Stachowiak.
        Includes some work done by Chris Brichford.

        - fix https://bugs.webkit.org/show_bug.cgi?id=14886
          Stack overflow due to deeply nested parse tree doing repeated string concatentation

        Test: fast/js/large-expressions.html

        1) Code generation is recursive, so takes stack proportional to the complexity
           of the source code expression. Fixed by setting an arbitrary recursion limit
           of 10,000 nodes.

        2) Destruction of the syntax tree was recursive. Fixed by introducing a
           non-recursive mechanism for destroying the tree.

        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator): Initialize depth to 0.
        (JSC::CodeGenerator::emitThrowExpressionTooDeepException): Added. Emits the code
        to throw a "too deep" exception.
        * bytecompiler/CodeGenerator.h:
        (JSC::CodeGenerator::emitNode): Check depth and emit an exception if we exceed
        the maximum depth.

        * parser/Nodes.cpp:
        (JSC::NodeReleaser::releaseAllNodes): Added. To be called inside node destructors
        to avoid recursive calls to destructors for nodes inside this one.
        (JSC::NodeReleaser::release): Added. To be called inside releaseNodes functions.
        Also added releaseNodes functions and calls to releaseAllNodes inside destructors
        for each class derived from Node that has RefPtr to other nodes.
        (JSC::NodeReleaser::adopt): Added. Used by the release function.
        (JSC::NodeReleaser::adoptFunctionBodyNode): Added.

        * parser/Nodes.h: Added declarations of releaseNodes and destructors in all classes
        that needed it. Eliminated use of ListRefPtr and releaseNext, which are the two parts
        of an older solution to the non-recursive destruction problem that works only for
        lists, whereas the new solution works for other graphs. Changed ReverseBinaryOpNode
        to use BinaryOpNode as a base class to avoid some duplicated code.

2008-11-08  Kevin Ollivier  <kevino (a] theolliviers.com>
        
        wx build fixes after addition of JSCore parser and bycompiler dirs. Also cleanup
        the JSCore Bakefile's group names to be consistent.

        * JavaScriptCoreSources.bkl:
        * jscore.bkl:

2008-11-07  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 21801: REGRESSION (r37821): YUI date formatting JavaScript puts the letter 'd' in place of the day
        <https://bugs.webkit.org/show_bug.cgi?id=21801>

        Fix the constant register check in the 'typeof' optimization in
        CodeGenerator, which was completely broken after r37821.

        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp):

2008-11-07  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 22129: Move CTI::isConstant() to CodeBlock
        <https://bugs.webkit.org/show_bug.cgi?id=22129>

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        (JSC::CodeBlock::isConstant):

2008-11-07  Alp Toker  <alp (a] nuanti.com>

        autotools fix. Always use the configured perl binary (which may be
        different to the one in $PATH) when generating sources.

        * GNUmakefile.am:

2008-11-07  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Change grammar.cpp to Grammar.cpp and grammar.h to Grammar.h in several
        build scripts.

        * DerivedSources.make:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCoreSources.bkl:

2008-11-07  Alp Toker  <alp (a] nuanti.com>

        More grammar.cpp -> Grammar.cpp build fixes.

        * AllInOneFile.cpp:
        * GNUmakefile.am:

2008-11-07  Simon Hausmann  <hausmann (a] webkit.org>

        Fix the build on case-sensitive file systems. grammar.y was renamed to
        Grammar.y but Lexer.cpp includes grammar.h. The build bots didn't
        notice this change because of stale files.

        * parser/Lexer.cpp:

2008-11-07  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Rename the m_nextGlobal, m_nextParameter, and m_nextConstant member
        variables of CodeGenerator to m_nextGlobalIndex, m_nextParameterIndex,
        and m_nextConstantIndex respectively. This is to distinguish these from
        member variables like m_lastConstant, which are actually RefPtrs to
        Registers.

        * bytecompiler/CodeGenerator.cpp:
        (JSC::CodeGenerator::addGlobalVar):
        (JSC::CodeGenerator::allocateConstants):
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::addParameter):
        (JSC::CodeGenerator::addConstant):
        * bytecompiler/CodeGenerator.h:

2008-11-06  Gavin Barraclough  barraclough (a] apple.com

        Reviewed by Oliver Hunt.

        Do not make a cti_* call to perform an op_call unless either:
        (1) The codeblock for the function body has not been generated.
        (2) The number of arguments passed does not match the callee arity.

        ~1% progression on sunspider --v8

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCallInitializeCallFrame):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_call_arityCheck):
        (JSC::Machine::cti_op_construct_JSConstruct):
        * VM/Machine.h:
        * kjs/nodes.h:

2008-11-06  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Move the remaining files in the kjs subdirectory of JavaScriptCore to
        a new parser subdirectory, and remove the kjs subdirectory entirely.

        * AllInOneFile.cpp:
        * DerivedSources.make:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/CodeBlock.h:
        * VM/ExceptionHelpers.cpp:
        * VM/SamplingTool.h:
        * bytecompiler/CodeGenerator.h:
        * jsc.pro:
        * jscore.bkl:
        * kjs: Removed.
        * kjs/NodeInfo.h: Removed.
        * kjs/Parser.cpp: Removed.
        * kjs/Parser.h: Removed.
        * kjs/ResultType.h: Removed.
        * kjs/SourceCode.h: Removed.
        * kjs/SourceProvider.h: Removed.
        * kjs/grammar.y: Removed.
        * kjs/keywords.table: Removed.
        * kjs/lexer.cpp: Removed.
        * kjs/lexer.h: Removed.
        * kjs/nodes.cpp: Removed.
        * kjs/nodes.h: Removed.
        * kjs/nodes2string.cpp: Removed.
        * parser: Added.
        * parser/Grammar.y: Copied from kjs/grammar.y.
        * parser/Keywords.table: Copied from kjs/keywords.table.
        * parser/Lexer.cpp: Copied from kjs/lexer.cpp.
        * parser/Lexer.h: Copied from kjs/lexer.h.
        * parser/NodeInfo.h: Copied from kjs/NodeInfo.h.
        * parser/Nodes.cpp: Copied from kjs/nodes.cpp.
        * parser/Nodes.h: Copied from kjs/nodes.h.
        * parser/Parser.cpp: Copied from kjs/Parser.cpp.
        * parser/Parser.h: Copied from kjs/Parser.h.
        * parser/ResultType.h: Copied from kjs/ResultType.h.
        * parser/SourceCode.h: Copied from kjs/SourceCode.h.
        * parser/SourceProvider.h: Copied from kjs/SourceProvider.h.
        * parser/nodes2string.cpp: Copied from kjs/nodes2string.cpp.
        * pcre/pcre.pri:
        * pcre/pcre_exec.cpp:
        * runtime/FunctionConstructor.cpp:
        * runtime/JSActivation.h:
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        * runtime/JSGlobalObjectFunctions.cpp:
        * runtime/JSObject.cpp:
        (JSC::JSObject::toNumber):
        * runtime/RegExp.cpp:

2008-11-06  Adam Roben  <aroben (a] apple.com>

        Windows build fix after r38196

        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Added bytecompiler/ to the
        include path.

2008-11-06  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Create a new bytecompiler subdirectory of JavaScriptCore and move some
        relevant files to it.

        * AllInOneFile.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/CodeGenerator.cpp: Removed.
        * VM/CodeGenerator.h: Removed.
        * bytecompiler: Added.
        * bytecompiler/CodeGenerator.cpp: Copied from VM/CodeGenerator.cpp.
        * bytecompiler/CodeGenerator.h: Copied from VM/CodeGenerator.h.
        * bytecompiler/LabelScope.h: Copied from kjs/LabelScope.h.
        * jscore.bkl:
        * kjs/LabelScope.h: Removed.

2008-11-06  Adam Roben  <aroben (a] apple.com>

        Windows clean build fix after r38155

        Rubberstamped by Cameron Zwarich.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Update
        the post-build event for the move of create_hash_table out of kjs/.

2008-11-06  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=22107

        Bug uncovered during RVCT port in functions not used. get_lt() and
        get_gt() takes only one argument - remove second argument where
        applicable.

        * wtf/AVLTree.h:
        (JSC::AVLTree::remove): Remove second argument of get_lt/get_gt().
        (JSC::AVLTree::subst): Ditto.

2008-11-06  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Cameron Zwarich.

        https://bugs.webkit.org/show_bug.cgi?id=22033
        [GTK] CTI/Linux r38064 crashes; JIT requires executable memory

        Mark pages allocated by the FastMalloc mmap code path executable with
        PROT_EXEC. This fixes crashes seen on CPUs and kernels that enforce
        non-executable memory (like ExecShield on Fedora Linux) when the JIT
        is enabled.

        This patch does not resolve the issue on debug builds so affected
        developers may still need to pass --disable-jit to configure.

        * wtf/TCSystemAlloc.cpp:
        (TryMmap):
        (TryDevMem):
        (TCMalloc_SystemRelease):

2008-11-06  Peter Gal  <galpeter (a] inf.u-szeged.hu>

        Reviewed by Cameron Zwarich.

        Bug 22099: Make the Qt port build the JSC shell in the correct place
        <https://bugs.webkit.org/show_bug.cgi?id=22099>

        Adjust include paths and build destination dir for the 'jsc' executable
        in the Qt build.

        * jsc.pro:

2008-11-06  Kristian Amlie  <kristian.amlie (a] nokia.com>

        Reviewed by Simon Hausmann.

        Implemented the block allocation on Symbian through heap allocation.

        Unfortunately there is no way to allocate virtual memory. The Posix
        layer provides mmap() but no anonymous mapping. So this is a very slow
        solution but it should work as a start.

        * runtime/Collector.cpp:
        (JSC::allocateBlock):
        (JSC::freeBlock):

2008-11-06  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Simon Hausmann.

        Borrow some math functions from the MSVC port to the build with the
        RVCT compiler.

        * wtf/MathExtras.h:
        (isinf):
        (isnan):
        (signbit):

2008-11-06  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Simon Hausmann.

        Include strings.h for strncasecmp().
        This is needed for compilation inside Symbian and it is also
        confirmed by the man-page on Linux.

        * runtime/DateMath.cpp:

2008-11-06  Norbert Leser  <norbert.leser (a] nokia.com>

        Reviewed by Simon Hausmann.

        Implemented currentThreadStackBase for Symbian.

        * runtime/Collector.cpp:
        (JSC::currentThreadStackBase):

2008-11-06  Laszlo Gombos  <laszlo.1.gombos (a] nokia.com>

        Reviewed by Simon Hausmann.

        RVCT does not support tm_gmtoff field, so disable that code just like
        for MSVC.

        * runtime/DateMath.h:
        (JSC::GregorianDateTime::GregorianDateTime):
        (JSC::GregorianDateTime::operator tm):

2008-11-06  Kristian Amlie  <kristian.amlie (a] nokia.com>

        Reviewed by Simon Hausmann.

        Define PLATFORM(UNIX) for S60. Effectively WebKit on S60 is compiled
        on top of the Posix layer.

        * wtf/Platform.h:

2008-11-06  Norbert Leser  <norbert.leser (a] nokia.com>

        Reviewed by Simon Hausmann.

        Added __SYMBIAN32__ condition for defining PLATFORM(SYMBIAN).

        * wtf/Platform.h:

2008-11-06  Ariya Hidayat  <ariya.hidayat (a] trolltech.com>

        Reviewed by Simon Hausmann.

        Added WINSCW compiler define for Symbian S60.

        * wtf/Platform.h:

2008-11-06  Kristian Amlie  <kristian.amlie (a] nokia.com>

        Reviewed by Simon Hausmann.

        Use the GCC defines of the WTF_ALIGN* macros for the RVCT and the
        MINSCW compiler.

        * wtf/Vector.h:

2008-11-06  Kristian Amlie  <kristian.amlie (a] nokia.com>

        Reviewed by Simon Hausmann.

        Define capabilities of the SYMBIAN platform. Some of the system
        headers are actually dependent on RVCT.

        * wtf/Platform.h:

2008-11-06  Kristian Amlie  <kristian.amlie (a] nokia.com>

        Reviewed by Simon Hausmann.

        Add missing stddef.h header needed for compilation in Symbian.

        * runtime/Collector.h:

2008-11-06  Kristian Amlie  <kristian.amlie (a] nokia.com>

        Reviewed by Simon Hausmann.

        Added COMPILER(RVCT) to detect the ARM RVCT compiler used in the Symbian environment.

        * wtf/Platform.h:

2008-11-06  Simon Hausmann  <hausmann (a] webkit.org>

        Fix the Qt build, adjust include paths after move of jsc.pro.

        * jsc.pro:

2008-11-06  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Move kjs/Shell.cpp to the top level of the JavaScriptCore directory and
        rename it to jsc.cpp to reflect the name of the binary compiled from it.

        * GNUmakefile.am:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jsc.cpp: Copied from kjs/Shell.cpp.
        * jsc.pro:
        * jscore.bkl:
        * kjs/Shell.cpp: Removed.

2008-11-06  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Move create_hash_table and jsc.pro out of the kjs directory and into the
        root directory of JavaScriptCore.

        * DerivedSources.make:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * create_hash_table: Copied from kjs/create_hash_table.
        * jsc.pro: Copied from kjs/jsc.pro.
        * kjs/create_hash_table: Removed.
        * kjs/jsc.pro: Removed.
        * make-generated-sources.sh:

2008-11-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=22094

        Fix for bug where the callee incorrectly recieves the caller's lexical
        global object as this, rather than its own.  Implementation closely
        follows the spec, passing jsNull, checking in the callee and replacing
        with the global object where necessary.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_call_eval):
        * runtime/JSCell.h:
        (JSC::JSValue::toThisObject):
        * runtime/JSImmediate.cpp:
        (JSC::JSImmediate::toThisObject):
        * runtime/JSImmediate.h:

2008-11-05  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fix after Operations.cpp move.

        * JavaScriptCoreSources.bkl:

2008-11-05  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Fix the build for case-sensitive build systems and wxWindows.

        * JavaScriptCoreSources.bkl:
        * kjs/create_hash_table:

2008-11-05  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Fix the build for case-sensitive build systems.

        * JavaScriptCoreSources.bkl:
        * kjs/Shell.cpp:
        * runtime/Interpreter.cpp:
        * runtime/JSArray.cpp:

2008-11-05  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Fix the build for case-sensitive build systems.

        * API/JSBase.cpp:
        * API/JSObjectRef.cpp:
        * runtime/CommonIdentifiers.h:
        * runtime/Identifier.cpp:
        * runtime/InitializeThreading.cpp:
        * runtime/InternalFunction.h:
        * runtime/JSString.h:
        * runtime/Lookup.h:
        * runtime/PropertyNameArray.h:
        * runtime/PropertySlot.h:
        * runtime/StructureID.cpp:
        * runtime/StructureID.h:
        * runtime/UString.cpp:

2008-11-05  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Move more files to the runtime subdirectory of JavaScriptCore.

        * API/APICast.h:
        * API/JSBase.cpp:
        * API/JSCallbackObject.cpp:
        * API/JSClassRef.cpp:
        * API/JSClassRef.h:
        * API/JSStringRefCF.cpp:
        * API/JSValueRef.cpp:
        * API/OpaqueJSString.cpp:
        * API/OpaqueJSString.h:
        * AllInOneFile.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        * VM/Machine.cpp:
        * VM/RegisterFile.h:
        * debugger/Debugger.h:
        * kjs/SourceProvider.h:
        * kjs/TypeInfo.h: Removed.
        * kjs/collector.cpp: Removed.
        * kjs/collector.h: Removed.
        * kjs/completion.h: Removed.
        * kjs/create_hash_table:
        * kjs/identifier.cpp: Removed.
        * kjs/identifier.h: Removed.
        * kjs/interpreter.cpp: Removed.
        * kjs/interpreter.h: Removed.
        * kjs/lexer.cpp:
        * kjs/lexer.h:
        * kjs/lookup.cpp: Removed.
        * kjs/lookup.h: Removed.
        * kjs/nodes.cpp:
        * kjs/nodes.h:
        * kjs/operations.cpp: Removed.
        * kjs/operations.h: Removed.
        * kjs/protect.h: Removed.
        * kjs/regexp.cpp: Removed.
        * kjs/regexp.h: Removed.
        * kjs/ustring.cpp: Removed.
        * kjs/ustring.h: Removed.
        * pcre/pcre_exec.cpp:
        * profiler/CallIdentifier.h:
        * profiler/Profile.h:
        * runtime/ArrayConstructor.cpp:
        * runtime/ArrayPrototype.cpp:
        * runtime/ArrayPrototype.h:
        * runtime/Collector.cpp: Copied from kjs/collector.cpp.
        * runtime/Collector.h: Copied from kjs/collector.h.
        * runtime/CollectorHeapIterator.h:
        * runtime/Completion.h: Copied from kjs/completion.h.
        * runtime/ErrorPrototype.cpp:
        * runtime/Identifier.cpp: Copied from kjs/identifier.cpp.
        * runtime/Identifier.h: Copied from kjs/identifier.h.
        * runtime/InitializeThreading.cpp:
        * runtime/Interpreter.cpp: Copied from kjs/interpreter.cpp.
        * runtime/Interpreter.h: Copied from kjs/interpreter.h.
        * runtime/JSCell.h:
        * runtime/JSGlobalData.cpp:
        * runtime/JSGlobalData.h:
        * runtime/JSLock.cpp:
        * runtime/JSNumberCell.cpp:
        * runtime/JSNumberCell.h:
        * runtime/JSObject.cpp:
        * runtime/JSValue.h:
        * runtime/Lookup.cpp: Copied from kjs/lookup.cpp.
        * runtime/Lookup.h: Copied from kjs/lookup.h.
        * runtime/MathObject.cpp:
        * runtime/NativeErrorPrototype.cpp:
        * runtime/NumberPrototype.cpp:
        * runtime/Operations.cpp: Copied from kjs/operations.cpp.
        * runtime/Operations.h: Copied from kjs/operations.h.
        * runtime/PropertyMapHashTable.h:
        * runtime/Protect.h: Copied from kjs/protect.h.
        * runtime/RegExp.cpp: Copied from kjs/regexp.cpp.
        * runtime/RegExp.h: Copied from kjs/regexp.h.
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpObject.h:
        * runtime/RegExpPrototype.cpp:
        * runtime/SmallStrings.h:
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        * runtime/StructureID.cpp:
        * runtime/StructureID.h:
        * runtime/StructureIDTransitionTable.h:
        * runtime/SymbolTable.h:
        * runtime/TypeInfo.h: Copied from kjs/TypeInfo.h.
        * runtime/UString.cpp: Copied from kjs/ustring.cpp.
        * runtime/UString.h: Copied from kjs/ustring.h.
        * wrec/CharacterClassConstructor.h:
        * wrec/WREC.h:

2008-11-05  Geoffrey Garen  <ggaren (a] apple.com>

        Suggested by Darin Adler.
        
        Removed two copy constructors that the compiler can generate for us
        automatically.

        * VM/LabelID.h:
        (JSC::LabelID::setLocation):
        (JSC::LabelID::offsetFrom):
        (JSC::LabelID::ref):
        (JSC::LabelID::refCount):
        * kjs/LabelScope.h:

2008-11-05  Anders Carlsson  <andersca (a] apple.com>

        Fix Snow Leopard build.
        
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-11-04  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Steve Falkenburg.

        Move dtoa.cpp and dtoa.h to the WTF Visual Studio project to reflect
        their movement in the filesystem.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:

2008-11-04  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Move kjs/dtoa.h to the wtf subdirectory of JavaScriptCore.

        * AllInOneFile.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * kjs/dtoa.cpp: Removed.
        * kjs/dtoa.h: Removed.
        * wtf/dtoa.cpp: Copied from kjs/dtoa.cpp.
        * wtf/dtoa.h: Copied from kjs/dtoa.h.

2008-11-04  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Move kjs/config.h to the top level of JavaScriptCore.

        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * config.h: Copied from kjs/config.h.
        * kjs/config.h: Removed.

2008-11-04  Darin Adler  <darin (a] apple.com>

        Reviewed by Tim Hatcher.

        * wtf/ThreadingNone.cpp: Tweak formatting.

2008-11-03  Darin Adler  <darin (a] apple.com>

        Reviewed by Tim Hatcher.

        - https://bugs.webkit.org/show_bug.cgi?id=22061
          create script to check for exit-time destructors

        * JavaScriptCore.exp: Changed to export functions rather than
        a global for the atomically initialized static mutex.

        * JavaScriptCore.xcodeproj/project.pbxproj: Added a script
        phase that runs the check-for-exit-time-destructors script.

        * wtf/MainThread.cpp:
        (WTF::mainThreadFunctionQueueMutex): Changed to leak an object
        rather than using an exit time destructor.
        (WTF::functionQueue): Ditto.
        * wtf/unicode/icu/CollatorICU.cpp:
        (WTF::cachedCollatorMutex): Ditto.

        * wtf/Threading.h: Changed other platforms to share the Windows
        approach where the mutex is internal and the functions are exported.
        * wtf/ThreadingGtk.cpp:
        (WTF::lockAtomicallyInitializedStaticMutex): Ditto.
        (WTF::unlockAtomicallyInitializedStaticMutex): Ditto.
        * wtf/ThreadingNone.cpp:
        (WTF::lockAtomicallyInitializedStaticMutex): Ditto.
        (WTF::unlockAtomicallyInitializedStaticMutex): Ditto.
        * wtf/ThreadingPthreads.cpp:
        (WTF::threadMapMutex): Changed to leak an object rather than using
        an exit time destructor.
        (WTF::lockAtomicallyInitializedStaticMutex): Mutex change.
        (WTF::unlockAtomicallyInitializedStaticMutex): Ditto.
        (WTF::threadMap): Changed to leak an object rather than using
        an exit time destructor.
        * wtf/ThreadingQt.cpp:
        (WTF::lockAtomicallyInitializedStaticMutex): Mutex change.
        (WTF::unlockAtomicallyInitializedStaticMutex): Ditto.
        * wtf/ThreadingWin.cpp:
        (WTF::lockAtomicallyInitializedStaticMutex): Added an assertion.

2008-11-04  Adam Roben  <aroben (a] apple.com>

        Windows build fix

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Update
        the location of JSStaticScopeObject.{cpp,h}.

2008-11-04  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Move AllInOneFile.cpp to the top level of JavaScriptCore.

        * AllInOneFile.cpp: Copied from kjs/AllInOneFile.cpp.
        * GNUmakefile.am:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/AllInOneFile.cpp: Removed.

2008-11-04  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Alexey Proskuryakov.

        Add NodeInfo.h to the JavaScriptCore Xcode project.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-11-03  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Maciej Stachowiak.

        Move more files into the runtime subdirectory of JavaScriptCore.

        * API/JSBase.cpp:
        * API/JSCallbackConstructor.cpp:
        * API/JSCallbackFunction.cpp:
        * API/JSClassRef.cpp:
        * API/OpaqueJSString.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * kjs/AllInOneFile.cpp:
        * kjs/ArgList.cpp: Removed.
        * kjs/ArgList.h: Removed.
        * kjs/Arguments.cpp: Removed.
        * kjs/Arguments.h: Removed.
        * kjs/BatchedTransitionOptimizer.h: Removed.
        * kjs/CollectorHeapIterator.h: Removed.
        * kjs/CommonIdentifiers.cpp: Removed.
        * kjs/CommonIdentifiers.h: Removed.
        * kjs/ExecState.cpp: Removed.
        * kjs/ExecState.h: Removed.
        * kjs/GetterSetter.cpp: Removed.
        * kjs/GetterSetter.h: Removed.
        * kjs/InitializeThreading.cpp: Removed.
        * kjs/InitializeThreading.h: Removed.
        * kjs/JSActivation.cpp: Removed.
        * kjs/JSActivation.h: Removed.
        * kjs/JSGlobalData.cpp: Removed.
        * kjs/JSGlobalData.h: Removed.
        * kjs/JSLock.cpp: Removed.
        * kjs/JSLock.h: Removed.
        * kjs/JSStaticScopeObject.cpp: Removed.
        * kjs/JSStaticScopeObject.h: Removed.
        * kjs/JSType.h: Removed.
        * kjs/PropertyNameArray.cpp: Removed.
        * kjs/PropertyNameArray.h: Removed.
        * kjs/ScopeChain.cpp: Removed.
        * kjs/ScopeChain.h: Removed.
        * kjs/ScopeChainMark.h: Removed.
        * kjs/SymbolTable.h: Removed.
        * kjs/Tracing.d: Removed.
        * kjs/Tracing.h: Removed.
        * runtime/ArgList.cpp: Copied from kjs/ArgList.cpp.
        * runtime/ArgList.h: Copied from kjs/ArgList.h.
        * runtime/Arguments.cpp: Copied from kjs/Arguments.cpp.
        * runtime/Arguments.h: Copied from kjs/Arguments.h.
        * runtime/BatchedTransitionOptimizer.h: Copied from kjs/BatchedTransitionOptimizer.h.
        * runtime/CollectorHeapIterator.h: Copied from kjs/CollectorHeapIterator.h.
        * runtime/CommonIdentifiers.cpp: Copied from kjs/CommonIdentifiers.cpp.
        * runtime/CommonIdentifiers.h: Copied from kjs/CommonIdentifiers.h.
        * runtime/ExecState.cpp: Copied from kjs/ExecState.cpp.
        * runtime/ExecState.h: Copied from kjs/ExecState.h.
        * runtime/GetterSetter.cpp: Copied from kjs/GetterSetter.cpp.
        * runtime/GetterSetter.h: Copied from kjs/GetterSetter.h.
        * runtime/InitializeThreading.cpp: Copied from kjs/InitializeThreading.cpp.
        * runtime/InitializeThreading.h: Copied from kjs/InitializeThreading.h.
        * runtime/JSActivation.cpp: Copied from kjs/JSActivation.cpp.
        * runtime/JSActivation.h: Copied from kjs/JSActivation.h.
        * runtime/JSGlobalData.cpp: Copied from kjs/JSGlobalData.cpp.
        * runtime/JSGlobalData.h: Copied from kjs/JSGlobalData.h.
        * runtime/JSLock.cpp: Copied from kjs/JSLock.cpp.
        * runtime/JSLock.h: Copied from kjs/JSLock.h.
        * runtime/JSStaticScopeObject.cpp: Copied from kjs/JSStaticScopeObject.cpp.
        * runtime/JSStaticScopeObject.h: Copied from kjs/JSStaticScopeObject.h.
        * runtime/JSType.h: Copied from kjs/JSType.h.
        * runtime/PropertyNameArray.cpp: Copied from kjs/PropertyNameArray.cpp.
        * runtime/PropertyNameArray.h: Copied from kjs/PropertyNameArray.h.
        * runtime/ScopeChain.cpp: Copied from kjs/ScopeChain.cpp.
        * runtime/ScopeChain.h: Copied from kjs/ScopeChain.h.
        * runtime/ScopeChainMark.h: Copied from kjs/ScopeChainMark.h.
        * runtime/SymbolTable.h: Copied from kjs/SymbolTable.h.
        * runtime/Tracing.d: Copied from kjs/Tracing.d.
        * runtime/Tracing.h: Copied from kjs/Tracing.h.

2008-11-03  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Move #define to turn on dumping StructureID statistics to StructureID.cpp so that
        turning it on does not require a full rebuild. 

        * runtime/StructureID.cpp:
        (JSC::StructureID::dumpStatistics):
        * runtime/StructureID.h:

2008-11-03  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Geoffrey Garen.

        Fix warning when building on Darwin without JSC_MULTIPLE_THREADS
        enabled.

        * kjs/InitializeThreading.cpp:

2008-11-02  Matt Lilek  <webkit (a] mattlilek.com>

        Reviewed by Cameron Zwarich.

        Bug 22042: REGRESSION(r38066): ASSERTION FAILED: source in CodeBlock
        <https://bugs.webkit.org/show_bug.cgi?id=22042>

        Rename parameter name to avoid ASSERT.

        * VM/CodeBlock.h:
        (JSC::CodeBlock::CodeBlock):
        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::EvalCodeBlock::EvalCodeBlock):

2008-11-02  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 22035: Remove the '_' suffix on constructor parameter names for structs
        <https://bugs.webkit.org/show_bug.cgi?id=22035>

        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::JSCallbackObjectData::JSCallbackObjectData):
        * VM/CodeBlock.h:
        (JSC::CodeBlock::CodeBlock):
        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::EvalCodeBlock::EvalCodeBlock):
        * wrec/WREC.h:
        (JSC::Quantifier::Quantifier):

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Geoff Garen.

        Rename SourceRange.h to SourceCode.h.

        * API/JSBase.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CodeBlock.h:
        * kjs/SourceCode.h: Copied from kjs/SourceRange.h.
        * kjs/SourceRange.h: Removed.
        * kjs/grammar.y:
        * kjs/lexer.h:
        * kjs/nodes.cpp:
        (JSC::ForInNode::ForInNode):
        * kjs/nodes.h:
        (JSC::ThrowableExpressionData::setExceptionSourceCode):

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22019: Move JSC::Interpreter::shouldPrintExceptions() to WebCore::Console
        <https://bugs.webkit.org/show_bug.cgi?id=22019>

        The JSC::Interpreter::shouldPrintExceptions() function is not used at
        all in JavaScriptCore, so it should be moved to WebCore::Console, its
        only user.

        * JavaScriptCore.exp:
        * kjs/interpreter.cpp:
        * kjs/interpreter.h:

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Remove the call to Interpreter::setShouldPrintExceptions() from the
        GlobalObject constructor in the shell. The shouldPrintExceptions()
        information is not used anywhere in JavaScriptCore, only in WebCore.

        * kjs/Shell.cpp:
        (GlobalObject::GlobalObject):

2008-10-31  Kevin Ollivier  <kevino (a] theolliviers.com>

        wxMSW build fix.

        * wtf/Threading.h:

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Move more files from the kjs subdirectory of JavaScriptCore to the
        runtime subdirectory.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * kjs/AllInOneFile.cpp:
        * kjs/RegExpConstructor.cpp: Removed.
        * kjs/RegExpConstructor.h: Removed.
        * kjs/RegExpMatchesArray.h: Removed.
        * kjs/RegExpObject.cpp: Removed.
        * kjs/RegExpObject.h: Removed.
        * kjs/RegExpPrototype.cpp: Removed.
        * kjs/RegExpPrototype.h: Removed.
        * runtime/RegExpConstructor.cpp: Copied from kjs/RegExpConstructor.cpp.
        * runtime/RegExpConstructor.h: Copied from kjs/RegExpConstructor.h.
        * runtime/RegExpMatchesArray.h: Copied from kjs/RegExpMatchesArray.h.
        * runtime/RegExpObject.cpp: Copied from kjs/RegExpObject.cpp.
        * runtime/RegExpObject.h: Copied from kjs/RegExpObject.h.
        * runtime/RegExpPrototype.cpp: Copied from kjs/RegExpPrototype.cpp.
        * runtime/RegExpPrototype.h: Copied from kjs/RegExpPrototype.h.

2008-10-31  Mark Rowe  <mrowe (a] apple.com>

        Revert an incorrect portion of r38034.

        * profiler/ProfilerServer.mm:

2008-10-31  Mark Rowe  <mrowe (a] apple.com>

        Fix the 64-bit build.

        Disable strict aliasing in ProfilerServer.mm as it leads to the compiler being unhappy
        with the common Obj-C idiom self = [super init];

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Change a header guard to match our coding style.

        * kjs/InitializeThreading.h:

2008-10-30  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Fixed a small bit of https://bugs.webkit.org/show_bug.cgi?id=21962
        AST uses way too much memory
        
        Removed a word from StatementNode by nixing LabelStack and turning it
        into a compile-time data structure managed by CodeGenerator.
        
        v8 tests and SunSpider, run by Gavin, report no change.

        * GNUmakefile.am:
        * JavaScriptCore.order:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/AllInOneFile.cpp:
        * JavaScriptCoreSources.bkl: I sure hope this builds!
        
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::newLabelScope):
        (JSC::CodeGenerator::breakTarget):
        (JSC::CodeGenerator::continueTarget):
        * VM/CodeGenerator.h: Nixed the JumpContext system because it depended
        on a LabelStack in the AST, and it was a little cumbersome on the client
        side. Replaced with LabelScope, which tracks all break / continue
        information in the CodeGenerator, just like we track LabelIDs and other
        stacks of compile-time data.

        * kjs/LabelScope.h: Added.
        (JSC::LabelScope::):
        (JSC::LabelScope::LabelScope):
        (JSC::LabelScope::ref):
        (JSC::LabelScope::deref):
        (JSC::LabelScope::refCount):
        (JSC::LabelScope::breakTarget):
        (JSC::LabelScope::continueTarget):
        (JSC::LabelScope::type):
        (JSC::LabelScope::name):
        (JSC::LabelScope::scopeDepth): Simple abstraction for holding everything
        you might want to know about a break-able / continue-able scope.

        * kjs/LabelStack.cpp: Removed.
        * kjs/LabelStack.h: Removed.

        * kjs/grammar.y: No need to push labels at parse time -- we don't store
        LabelStacks in the AST anymore.

        * kjs/nodes.cpp:
        (JSC::DoWhileNode::emitCode):
        (JSC::WhileNode::emitCode):
        (JSC::ForNode::emitCode):
        (JSC::ForInNode::emitCode):
        (JSC::ContinueNode::emitCode):
        (JSC::BreakNode::emitCode):
        (JSC::SwitchNode::emitCode):
        (JSC::LabelNode::emitCode):
        * kjs/nodes.h:
        (JSC::StatementNode::):
        (JSC::LabelNode::): Use LabelScope where we used to use JumpContext.
        Simplified a bunch of code. Touched up label-related error messages a
        bit.

        * kjs/nodes2string.cpp:
        (JSC::LabelNode::streamTo): Updated for rename.

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 22005: Move StructureIDChain into its own file
        <https://bugs.webkit.org/show_bug.cgi?id=22005>

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * runtime/StructureID.cpp:
        * runtime/StructureID.h:
        * runtime/StructureIDChain.cpp: Copied from runtime/StructureID.cpp.
        * runtime/StructureIDChain.h: Copied from runtime/StructureID.h.

2008-10-31  Steve Falkenburg  <sfalken (a] apple.com>

        Build fix.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2008-10-31  Steve Falkenburg  <sfalken (a] apple.com>

        Build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-10-31  Darin Adler  <darin (a] apple.com>

        Reviewed by Dan Bernstein.

        - fix storage leak seen on buildbot

        Some other cleanup too. The storage leak was caused by the fact
        that HashTraits<CallIdentifier>::needsDestruction was false, so
        the call identifier objects didn't get deleted.

        * profiler/CallIdentifier.h:
        
        Added a default constructor to create empty call identifiers.

        Changed the normal constructor to use const UString&
        to avoid extra copying and reference count thrash.
        
        Removed the explicit copy constructor definition, since it's what
        the compiler will automatically generate. (Rule of thumb: Either
        you need both a custom copy constructor and a custom assignment
        operator, or neither.)

        Moved the CallIdentifier hash function out of the WTF namespace;
        there's no reason to put it there.

        Changed the CallIdentifier hash function to be a struct rather than
        a specialization of the IntHash struct template. Having it be
        a specialization made no sense, since CallIdentifier is not an integer,
        and did no good.

        Removed explicit definition of emptyValueIsZero in the hash traits,
        since inheriting from GenericHashTraits already makes that false.

        Removed explicit definition of emptyValue, instead relying on the
        default constructor and GenericHashTraits.

        Removed explicit definition of needsDestruction, because we want it
        to have its default value: true, not false. This fixes the leak!

        Changed constructDeletedValue and isDeletedValue to use a line number
        of numeric_limits<unsigned>::max() to indicate a value is deleted.
        Previously this used empty strings for the empty value and null strings
        for the deleted value, but it's more efficient to use null for both.

2008-10-31  Timothy Hatcher  <timothy (a] apple.com>

        Emit the WillExecuteStatement debugger hook before the for loop body
        when the statement node for the body isn't a block. This allows
        breakpoints on those statements in the Web Inspector.

        https://bugs.webkit.org/show_bug.cgi?id=22004

        Reviewed by Darin Adler.

        * kjs/nodes.cpp:
        (JSC::ForNode::emitCode): Emit the WillExecuteStatement
        debugger hook before the statement node if isn't a block.
        Also emit the WillExecuteStatement debugger hook for the
        loop as the first op-code.
        (JSC::ForInNode::emitCode): Ditto.

2008-10-31  Timothy Hatcher  <timothy (a] apple.com>

        Fixes console warnings about not having an autorelease pool.
        Also fixes the build for Snow Leopard, by including individual
        Foundation headers instead of Foundation.h.

        https://bugs.webkit.org/show_bug.cgi?id=21995

        Reviewed by Oliver Hunt.

        * profiler/ProfilerServer.mm:
        (-[ProfilerServer init]): Create a NSAutoreleasePool and drain it.

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Speculative wxWindows build fix.

        * JavaScriptCoreSources.bkl:
        * jscore.bkl:

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Maciej Stachowiak.

        Move VM/JSPropertyNameIterator.cpp and VM/JSPropertyNameIterator.h to
        the runtime directory.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * VM/JSPropertyNameIterator.cpp: Removed.
        * VM/JSPropertyNameIterator.h: Removed.
        * runtime/JSPropertyNameIterator.cpp: Copied from VM/JSPropertyNameIterator.cpp.
        * runtime/JSPropertyNameIterator.h: Copied from VM/JSPropertyNameIterator.h.

2008-10-31  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Speculative wxWindows build fix.

        * jscore.bkl:

2008-10-30  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Jon Homeycutt.

        Explicitly default to building for only the native architecture in debug and release builds.

        * Configurations/DebugRelease.xcconfig:

2008-10-30  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Create a debugger directory in JavaScriptCore and move the relevant
        files to it.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CodeBlock.cpp:
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        * debugger: Added.
        * debugger/Debugger.cpp: Copied from kjs/debugger.cpp.
        * debugger/Debugger.h: Copied from kjs/debugger.h.
        * debugger/DebuggerCallFrame.cpp: Copied from kjs/DebuggerCallFrame.cpp.
        * debugger/DebuggerCallFrame.h: Copied from kjs/DebuggerCallFrame.h.
        * kjs/AllInOneFile.cpp:
        * kjs/DebuggerCallFrame.cpp: Removed.
        * kjs/DebuggerCallFrame.h: Removed.
        * kjs/Parser.cpp:
        * kjs/Parser.h:
        * kjs/debugger.cpp: Removed.
        * kjs/debugger.h: Removed.
        * kjs/interpreter.cpp:
        * kjs/nodes.cpp:
        * runtime/FunctionConstructor.cpp:
        * runtime/JSGlobalObject.cpp:

2008-10-30  Benjamin K. Stuhl  <bks24 (a] cornell.edu>

        gcc 4.3.3/linux-x86 generates "suggest parentheses around && within ||"
        warnings; add some parentheses to disambiguate things. No functional
        changes, so no tests.

        https://bugs.webkit.org/show_bug.cgi?id=21973
        Add parentheses to clean up some gcc warnings

        Reviewed by Dan Bernstein.

        * wtf/ASCIICType.h:
        (WTF::isASCIIAlphanumeric):
        (WTF::isASCIIHexDigit):

2008-10-30  Kevin Lindeman  <klindeman (a] apple.com>

        Adds ProfilerServer, which is a distributed notification listener
        that allows starting and stopping the profiler remotely for use
        in conjunction with the profiler's DTace probes.

        https://bugs.webkit.org/show_bug.cgi?id=21719

        Reviewed by Timothy Hatcher.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Calls startProfilerServerIfNeeded.
        * profiler/ProfilerServer.h: Added.
        * profiler/ProfilerServer.mm: Added.
        (+[ProfilerServer sharedProfileServer]):
        (-[ProfilerServer init]):
        (-[ProfilerServer startProfiling]):
        (-[ProfilerServer stopProfiling]):
        (JSC::startProfilerServerIfNeeded):

2008-10-30  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fix after PropertyMap and StructureID merge.

        * JavaScriptCoreSources.bkl:

2008-10-30  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Mark Rowe.

        Change the JavaScriptCore Xcode project to use relative paths for the
        PCRE source files.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-10-30  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich and Geoffrey Garen.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21989
        Merge PropertyMap and StructureID

        - Move PropertyMap code into StructureID in preparation for lazily
          creating the map on gets.
        - Make remove with transition explicit by adding removePropertyTransition.
        - Make the put/remove without transition explicit.
        - Make cache invalidation part of put/remove without transition.

        1% speedup on SunSpider; 0.5% speedup on v8 suite.

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * kjs/AllInOneFile.cpp:
        * kjs/identifier.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::removeDirect):
        * runtime/JSObject.h:
        (JSC::JSObject::putDirect):
        * runtime/PropertyMap.cpp: Removed.
        * runtime/PropertyMap.h: Removed.
        * runtime/PropertyMapHashTable.h: Copied from runtime/PropertyMap.h.
        * runtime/StructureID.cpp:
        (JSC::StructureID::dumpStatistics):
        (JSC::StructureID::StructureID):
        (JSC::StructureID::~StructureID):
        (JSC::StructureID::getEnumerablePropertyNames):
        (JSC::StructureID::addPropertyTransition):
        (JSC::StructureID::removePropertyTransition):
        (JSC::StructureID::toDictionaryTransition):
        (JSC::StructureID::changePrototypeTransition):
        (JSC::StructureID::getterSetterTransition):
        (JSC::StructureID::addPropertyWithoutTransition):
        (JSC::StructureID::removePropertyWithoutTransition):
        (JSC::PropertyMapStatisticsExitLogger::~PropertyMapStatisticsExitLogger):
        (JSC::StructureID::checkConsistency):
        (JSC::StructureID::copyPropertyTable):
        (JSC::StructureID::get):
        (JSC::StructureID::put):
        (JSC::StructureID::remove):
        (JSC::StructureID::insertIntoPropertyMapHashTable):
        (JSC::StructureID::expandPropertyMapHashTable):
        (JSC::StructureID::createPropertyMapHashTable):
        (JSC::StructureID::rehashPropertyMapHashTable):
        (JSC::comparePropertyMapEntryIndices):
        (JSC::StructureID::getEnumerablePropertyNamesInternal):
        * runtime/StructureID.h:
        (JSC::StructureID::propertyStorageSize):
        (JSC::StructureID::isEmpty):
        (JSC::StructureID::get):

2008-10-30  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 21987: CTI::putDoubleResultToJSNumberCellOrJSImmediate() hardcodes its result register
        <https://bugs.webkit.org/show_bug.cgi?id=21987>

        CTI::putDoubleResultToJSNumberCellOrJSImmediate() hardcodes its result
        register as ecx, but it should be tempReg1, which is ecx at all of its
        callsites.

        * VM/CTI.cpp:
        (JSC::CTI::putDoubleResultToJSNumberCellOrJSImmediate):

2008-10-30  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 21985: Opcodes should use eax as their destination register whenever possible
        <https://bugs.webkit.org/show_bug.cgi?id=21985>

        Change more opcodes to use eax as the register for their final result,
        and change calls to emitPutResult() that pass eax to rely on the default
        value of eax.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):

2008-10-30  Alp Toker  <alp (a] nuanti.com>

        Build fix attempt for older gcc on the trunk-mac-intel build bot
        (error: initializer for scalar variable requires one element).

        Modify the initializer syntax slightly with an additional comma.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_post_dec):

2008-10-30  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=21571
        VoidPtrPair breaks CTI on Linux

        The VoidPtrPair return change made in r37457 does not work on Linux
        since POD structs aren't passed in registers.

        This patch uses a union to vectorize VoidPtrPair to a uint64_t and
        matches Darwin/MSVC fixing CTI/WREC on Linux.

        Alexey reports no measurable change in Mac performance with this fix.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_post_dec):
        * VM/Machine.h:
        (JSC::):

2008-10-29  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Initial work to reduce cost of JSNumberCell allocation

        This does the initial work needed to bring more of number
        allocation into CTI code directly, rather than just falling
        back onto the slow paths if we can't guarantee that a number
        cell can be reused.

        Initial implementation only used by op_negate to make sure
        it all works.  In a negate heavy (though not dominated) test
        it results in a 10% win in the non-reusable cell case.

        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::emitAllocateNumber):
        (JSC::CTI::emitNakedFastCall):
        (JSC::CTI::emitArithIntToImmWithJump):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitUnaryOp):
        * VM/CodeGenerator.h:
        (JSC::CodeGenerator::emitToJSNumber):
        (JSC::CodeGenerator::emitTypeOf):
        (JSC::CodeGenerator::emitGetPropertyNames):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        * VM/Machine.h:
        * kjs/ResultType.h:
        (JSC::ResultType::isReusableNumber):
        (JSC::ResultType::toInt):
        * kjs/nodes.cpp:
        (JSC::UnaryOpNode::emitCode):
        (JSC::BinaryOpNode::emitCode):
        (JSC::EqualNode::emitCode):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::negl_r):
        (JSC::X86Assembler::xorpd_mr):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::JSNumberCell):

2008-10-29  Steve Falkenburg  <sfalken (a] apple.com>

        <rdar://problem/6326563> Crash on launch

        For Windows, export explicit functions rather than exporting data for atomicallyInitializedStaticMutex.
        
        Exporting data from a DLL on Windows requires specifying __declspec(dllimport) in the header used by
        callers, but __declspec(dllexport) when defined in the DLL implementation. By instead exporting
        the explicit lock/unlock functions, we can avoid this.
        
        Fixes a crash on launch, since we were previously erroneously exporting atomicallyInitializedStaticMutex as a function.
        
        Reviewed by Darin Adler.

        * wtf/Threading.h:
        (WTF::lockAtomicallyInitializedStaticMutex):
        (WTF::unlockAtomicallyInitializedStaticMutex):
        * wtf/ThreadingWin.cpp:
        (WTF::lockAtomicallyInitializedStaticMutex):
        (WTF::unlockAtomicallyInitializedStaticMutex):

2008-10-29  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Remove direct use of PropertyMap.

        * JavaScriptCore.exp:
        * runtime/JSObject.cpp:
        (JSC::JSObject::mark):
        (JSC::JSObject::put):
        (JSC::JSObject::deleteProperty):
        (JSC::JSObject::getPropertyAttributes):
        (JSC::JSObject::removeDirect):
        * runtime/JSObject.h:
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::hasCustomProperties):
        (JSC::JSObject::JSObject):
        (JSC::JSObject::putDirect):
        * runtime/PropertyMap.cpp:
        (JSC::PropertyMap::get):
        * runtime/PropertyMap.h:
        (JSC::PropertyMap::isEmpty):
        (JSC::PropertyMap::get):
        * runtime/StructureID.cpp:
        (JSC::StructureID::dumpStatistics):
        * runtime/StructureID.h:
        (JSC::StructureID::propertyStorageSize):
        (JSC::StructureID::get):
        (JSC::StructureID::put):
        (JSC::StructureID::remove):
        (JSC::StructureID::isEmpty):

2008-10-29  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Rename and move the StructureID transition table to its own file.

        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/StructureID.cpp:
        (JSC::StructureID::addPropertyTransition):
        * runtime/StructureID.h:
        (JSC::StructureID::):
        * runtime/StructureIDTransitionTable.h: Copied from runtime/StructureID.h.
        (JSC::StructureIDTransitionTableHash::hash):
        (JSC::StructureIDTransitionTableHash::equal):

2008-10-29  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21958
        Pack bits in StructureID to reduce the size of each StructureID by 2 words.

        * runtime/PropertyMap.h:
        (JSC::PropertyMap::propertyMapSize):
        * runtime/StructureID.cpp:
        (JSC::StructureID::dumpStatistics): Add additional size statistics when dumping.
        (JSC::StructureID::StructureID):
        * runtime/StructureID.h:

2008-10-29  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fixes after addition of runtime and ImageBuffer changes.

        * JavaScriptCoreSources.bkl:
        * jscore.bkl:

2008-10-29  Timothy Hatcher  <timothy (a] apple.com>

        Emit the WillExecuteStatement debugger hook before the "else" body
        when there is no block for the "else" body. This allows breakpoints
        on those statements in the Web Inspector.

        https://bugs.webkit.org/show_bug.cgi?id=21944

        Reviewed by Maciej Stachowiak.

        * kjs/nodes.cpp:
        (JSC::IfElseNode::emitCode): Emit the WillExecuteStatement
        debugger hook before the else node if isn't a block.

2008-10-29  Alexey Proskuryakov  <ap (a] webkit.org>

        Build fix.

        * JavaScriptCore.exp: Export HashTable::deleteTable().

2008-10-28  Alp Toker  <alp (a] nuanti.com>

        Fix builddir != srcdir builds after kjs -> runtime breakage. Sources
        may now be generated in both kjs/ and runtime/.

        Also sort the sources list for readability.

        * GNUmakefile.am:

2008-10-28  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Cameron Zwarich.

        Build fix attempt after kjs -> runtime rename.

        * GNUmakefile.am:

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Remove a duplicate includes directory.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Attempt to fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2008-10-28  Dan Bernstein  <mitz (a] apple.com>

        Reviewed by Mark Rowe.

        - export WTF::atomicallyInitializedStaticMutex

        * JavaScriptCore.exp:

2008-10-28  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed CodeBlock dumping to accurately report constant register indices.

        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        More Qt build fixes.

        * JavaScriptCore.pri:

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Fix the Qt build, hopefully for real this time.

        * JavaScriptCore.pri:

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Fix the Qt build.

        * JavaScriptCore.pri:

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-10-28  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Create a runtime directory in JavaScriptCore and begin moving files to
        it. This is the first step towards removing the kjs directory and
        placing files in more meaningful subdirectories of JavaScriptCore.

        * API/JSBase.cpp:
        * API/JSCallbackConstructor.cpp:
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        * API/JSClassRef.cpp:
        * API/JSClassRef.h:
        * API/JSStringRefCF.cpp:
        * API/JSValueRef.cpp:
        * API/OpaqueJSString.cpp:
        * DerivedSources.make:
        * GNUmakefile.am:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/AllInOneFile.cpp:
        * kjs/ArrayConstructor.cpp: Removed.
        * kjs/ArrayConstructor.h: Removed.
        * kjs/ArrayPrototype.cpp: Removed.
        * kjs/ArrayPrototype.h: Removed.
        * kjs/BooleanConstructor.cpp: Removed.
        * kjs/BooleanConstructor.h: Removed.
        * kjs/BooleanObject.cpp: Removed.
        * kjs/BooleanObject.h: Removed.
        * kjs/BooleanPrototype.cpp: Removed.
        * kjs/BooleanPrototype.h: Removed.
        * kjs/CallData.cpp: Removed.
        * kjs/CallData.h: Removed.
        * kjs/ClassInfo.h: Removed.
        * kjs/ConstructData.cpp: Removed.
        * kjs/ConstructData.h: Removed.
        * kjs/DateConstructor.cpp: Removed.
        * kjs/DateConstructor.h: Removed.
        * kjs/DateInstance.cpp: Removed.
        * kjs/DateInstance.h: Removed.
        * kjs/DateMath.cpp: Removed.
        * kjs/DateMath.h: Removed.
        * kjs/DatePrototype.cpp: Removed.
        * kjs/DatePrototype.h: Removed.
        * kjs/Error.cpp: Removed.
        * kjs/Error.h: Removed.
        * kjs/ErrorConstructor.cpp: Removed.
        * kjs/ErrorConstructor.h: Removed.
        * kjs/ErrorInstance.cpp: Removed.
        * kjs/ErrorInstance.h: Removed.
        * kjs/ErrorPrototype.cpp: Removed.
        * kjs/ErrorPrototype.h: Removed.
        * kjs/FunctionConstructor.cpp: Removed.
        * kjs/FunctionConstructor.h: Removed.
        * kjs/FunctionPrototype.cpp: Removed.
        * kjs/FunctionPrototype.h: Removed.
        * kjs/GlobalEvalFunction.cpp: Removed.
        * kjs/GlobalEvalFunction.h: Removed.
        * kjs/InternalFunction.cpp: Removed.
        * kjs/InternalFunction.h: Removed.
        * kjs/JSArray.cpp: Removed.
        * kjs/JSArray.h: Removed.
        * kjs/JSCell.cpp: Removed.
        * kjs/JSCell.h: Removed.
        * kjs/JSFunction.cpp: Removed.
        * kjs/JSFunction.h: Removed.
        * kjs/JSGlobalObject.cpp: Removed.
        * kjs/JSGlobalObject.h: Removed.
        * kjs/JSGlobalObjectFunctions.cpp: Removed.
        * kjs/JSGlobalObjectFunctions.h: Removed.
        * kjs/JSImmediate.cpp: Removed.
        * kjs/JSImmediate.h: Removed.
        * kjs/JSNotAnObject.cpp: Removed.
        * kjs/JSNotAnObject.h: Removed.
        * kjs/JSNumberCell.cpp: Removed.
        * kjs/JSNumberCell.h: Removed.
        * kjs/JSObject.cpp: Removed.
        * kjs/JSObject.h: Removed.
        * kjs/JSString.cpp: Removed.
        * kjs/JSString.h: Removed.
        * kjs/JSValue.cpp: Removed.
        * kjs/JSValue.h: Removed.
        * kjs/JSVariableObject.cpp: Removed.
        * kjs/JSVariableObject.h: Removed.
        * kjs/JSWrapperObject.cpp: Removed.
        * kjs/JSWrapperObject.h: Removed.
        * kjs/MathObject.cpp: Removed.
        * kjs/MathObject.h: Removed.
        * kjs/NativeErrorConstructor.cpp: Removed.
        * kjs/NativeErrorConstructor.h: Removed.
        * kjs/NativeErrorPrototype.cpp: Removed.
        * kjs/NativeErrorPrototype.h: Removed.
        * kjs/NumberConstructor.cpp: Removed.
        * kjs/NumberConstructor.h: Removed.
        * kjs/NumberObject.cpp: Removed.
        * kjs/NumberObject.h: Removed.
        * kjs/NumberPrototype.cpp: Removed.
        * kjs/NumberPrototype.h: Removed.
        * kjs/ObjectConstructor.cpp: Removed.
        * kjs/ObjectConstructor.h: Removed.
        * kjs/ObjectPrototype.cpp: Removed.
        * kjs/ObjectPrototype.h: Removed.
        * kjs/PropertyMap.cpp: Removed.
        * kjs/PropertyMap.h: Removed.
        * kjs/PropertySlot.cpp: Removed.
        * kjs/PropertySlot.h: Removed.
        * kjs/PrototypeFunction.cpp: Removed.
        * kjs/PrototypeFunction.h: Removed.
        * kjs/PutPropertySlot.h: Removed.
        * kjs/SmallStrings.cpp: Removed.
        * kjs/SmallStrings.h: Removed.
        * kjs/StringConstructor.cpp: Removed.
        * kjs/StringConstructor.h: Removed.
        * kjs/StringObject.cpp: Removed.
        * kjs/StringObject.h: Removed.
        * kjs/StringObjectThatMasqueradesAsUndefined.h: Removed.
        * kjs/StringPrototype.cpp: Removed.
        * kjs/StringPrototype.h: Removed.
        * kjs/StructureID.cpp: Removed.
        * kjs/StructureID.h: Removed.
        * kjs/completion.h:
        * kjs/interpreter.h:
        * runtime: Added.
        * runtime/ArrayConstructor.cpp: Copied from kjs/ArrayConstructor.cpp.
        * runtime/ArrayConstructor.h: Copied from kjs/ArrayConstructor.h.
        * runtime/ArrayPrototype.cpp: Copied from kjs/ArrayPrototype.cpp.
        * runtime/ArrayPrototype.h: Copied from kjs/ArrayPrototype.h.
        * runtime/BooleanConstructor.cpp: Copied from kjs/BooleanConstructor.cpp.
        * runtime/BooleanConstructor.h: Copied from kjs/BooleanConstructor.h.
        * runtime/BooleanObject.cpp: Copied from kjs/BooleanObject.cpp.
        * runtime/BooleanObject.h: Copied from kjs/BooleanObject.h.
        * runtime/BooleanPrototype.cpp: Copied from kjs/BooleanPrototype.cpp.
        * runtime/BooleanPrototype.h: Copied from kjs/BooleanPrototype.h.
        * runtime/CallData.cpp: Copied from kjs/CallData.cpp.
        * runtime/CallData.h: Copied from kjs/CallData.h.
        * runtime/ClassInfo.h: Copied from kjs/ClassInfo.h.
        * runtime/ConstructData.cpp: Copied from kjs/ConstructData.cpp.
        * runtime/ConstructData.h: Copied from kjs/ConstructData.h.
        * runtime/DateConstructor.cpp: Copied from kjs/DateConstructor.cpp.
        * runtime/DateConstructor.h: Copied from kjs/DateConstructor.h.
        * runtime/DateInstance.cpp: Copied from kjs/DateInstance.cpp.
        * runtime/DateInstance.h: Copied from kjs/DateInstance.h.
        * runtime/DateMath.cpp: Copied from kjs/DateMath.cpp.
        * runtime/DateMath.h: Copied from kjs/DateMath.h.
        * runtime/DatePrototype.cpp: Copied from kjs/DatePrototype.cpp.
        * runtime/DatePrototype.h: Copied from kjs/DatePrototype.h.
        * runtime/Error.cpp: Copied from kjs/Error.cpp.
        * runtime/Error.h: Copied from kjs/Error.h.
        * runtime/ErrorConstructor.cpp: Copied from kjs/ErrorConstructor.cpp.
        * runtime/ErrorConstructor.h: Copied from kjs/ErrorConstructor.h.
        * runtime/ErrorInstance.cpp: Copied from kjs/ErrorInstance.cpp.
        * runtime/ErrorInstance.h: Copied from kjs/ErrorInstance.h.
        * runtime/ErrorPrototype.cpp: Copied from kjs/ErrorPrototype.cpp.
        * runtime/ErrorPrototype.h: Copied from kjs/ErrorPrototype.h.
        * runtime/FunctionConstructor.cpp: Copied from kjs/FunctionConstructor.cpp.
        * runtime/FunctionConstructor.h: Copied from kjs/FunctionConstructor.h.
        * runtime/FunctionPrototype.cpp: Copied from kjs/FunctionPrototype.cpp.
        * runtime/FunctionPrototype.h: Copied from kjs/FunctionPrototype.h.
        * runtime/GlobalEvalFunction.cpp: Copied from kjs/GlobalEvalFunction.cpp.
        * runtime/GlobalEvalFunction.h: Copied from kjs/GlobalEvalFunction.h.
        * runtime/InternalFunction.cpp: Copied from kjs/InternalFunction.cpp.
        * runtime/InternalFunction.h: Copied from kjs/InternalFunction.h.
        * runtime/JSArray.cpp: Copied from kjs/JSArray.cpp.
        * runtime/JSArray.h: Copied from kjs/JSArray.h.
        * runtime/JSCell.cpp: Copied from kjs/JSCell.cpp.
        * runtime/JSCell.h: Copied from kjs/JSCell.h.
        * runtime/JSFunction.cpp: Copied from kjs/JSFunction.cpp.
        * runtime/JSFunction.h: Copied from kjs/JSFunction.h.
        * runtime/JSGlobalObject.cpp: Copied from kjs/JSGlobalObject.cpp.
        * runtime/JSGlobalObject.h: Copied from kjs/JSGlobalObject.h.
        * runtime/JSGlobalObjectFunctions.cpp: Copied from kjs/JSGlobalObjectFunctions.cpp.
        * runtime/JSGlobalObjectFunctions.h: Copied from kjs/JSGlobalObjectFunctions.h.
        * runtime/JSImmediate.cpp: Copied from kjs/JSImmediate.cpp.
        * runtime/JSImmediate.h: Copied from kjs/JSImmediate.h.
        * runtime/JSNotAnObject.cpp: Copied from kjs/JSNotAnObject.cpp.
        * runtime/JSNotAnObject.h: Copied from kjs/JSNotAnObject.h.
        * runtime/JSNumberCell.cpp: Copied from kjs/JSNumberCell.cpp.
        * runtime/JSNumberCell.h: Copied from kjs/JSNumberCell.h.
        * runtime/JSObject.cpp: Copied from kjs/JSObject.cpp.
        * runtime/JSObject.h: Copied from kjs/JSObject.h.
        * runtime/JSString.cpp: Copied from kjs/JSString.cpp.
        * runtime/JSString.h: Copied from kjs/JSString.h.
        * runtime/JSValue.cpp: Copied from kjs/JSValue.cpp.
        * runtime/JSValue.h: Copied from kjs/JSValue.h.
        * runtime/JSVariableObject.cpp: Copied from kjs/JSVariableObject.cpp.
        * runtime/JSVariableObject.h: Copied from kjs/JSVariableObject.h.
        * runtime/JSWrapperObject.cpp: Copied from kjs/JSWrapperObject.cpp.
        * runtime/JSWrapperObject.h: Copied from kjs/JSWrapperObject.h.
        * runtime/MathObject.cpp: Copied from kjs/MathObject.cpp.
        * runtime/MathObject.h: Copied from kjs/MathObject.h.
        * runtime/NativeErrorConstructor.cpp: Copied from kjs/NativeErrorConstructor.cpp.
        * runtime/NativeErrorConstructor.h: Copied from kjs/NativeErrorConstructor.h.
        * runtime/NativeErrorPrototype.cpp: Copied from kjs/NativeErrorPrototype.cpp.
        * runtime/NativeErrorPrototype.h: Copied from kjs/NativeErrorPrototype.h.
        * runtime/NumberConstructor.cpp: Copied from kjs/NumberConstructor.cpp.
        * runtime/NumberConstructor.h: Copied from kjs/NumberConstructor.h.
        * runtime/NumberObject.cpp: Copied from kjs/NumberObject.cpp.
        * runtime/NumberObject.h: Copied from kjs/NumberObject.h.
        * runtime/NumberPrototype.cpp: Copied from kjs/NumberPrototype.cpp.
        * runtime/NumberPrototype.h: Copied from kjs/NumberPrototype.h.
        * runtime/ObjectConstructor.cpp: Copied from kjs/ObjectConstructor.cpp.
        * runtime/ObjectConstructor.h: Copied from kjs/ObjectConstructor.h.
        * runtime/ObjectPrototype.cpp: Copied from kjs/ObjectPrototype.cpp.
        * runtime/ObjectPrototype.h: Copied from kjs/ObjectPrototype.h.
        * runtime/PropertyMap.cpp: Copied from kjs/PropertyMap.cpp.
        * runtime/PropertyMap.h: Copied from kjs/PropertyMap.h.
        * runtime/PropertySlot.cpp: Copied from kjs/PropertySlot.cpp.
        * runtime/PropertySlot.h: Copied from kjs/PropertySlot.h.
        * runtime/PrototypeFunction.cpp: Copied from kjs/PrototypeFunction.cpp.
        * runtime/PrototypeFunction.h: Copied from kjs/PrototypeFunction.h.
        * runtime/PutPropertySlot.h: Copied from kjs/PutPropertySlot.h.
        * runtime/SmallStrings.cpp: Copied from kjs/SmallStrings.cpp.
        * runtime/SmallStrings.h: Copied from kjs/SmallStrings.h.
        * runtime/StringConstructor.cpp: Copied from kjs/StringConstructor.cpp.
        * runtime/StringConstructor.h: Copied from kjs/StringConstructor.h.
        * runtime/StringObject.cpp: Copied from kjs/StringObject.cpp.
        * runtime/StringObject.h: Copied from kjs/StringObject.h.
        * runtime/StringObjectThatMasqueradesAsUndefined.h: Copied from kjs/StringObjectThatMasqueradesAsUndefined.h.
        * runtime/StringPrototype.cpp: Copied from kjs/StringPrototype.cpp.
        * runtime/StringPrototype.h: Copied from kjs/StringPrototype.h.
        * runtime/StructureID.cpp: Copied from kjs/StructureID.cpp.
        * runtime/StructureID.h: Copied from kjs/StructureID.h.

2008-10-28  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=21919
        Sampler reports bogus time in op_enter during 3d-raytrace.js
        
        Fixed a bug where we would pass the incorrect Instruction* during some
        parts of CTI codegen.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/SamplingTool.cpp:
        (JSC::SamplingTool::run):
        * wtf/Platform.h:

2008-10-28  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Dan Bernstein.

        -Removed unused includes.
        Apparent .4% speedup in Sunspider

        * kjs/JSObject.cpp:
        * kjs/interpreter.cpp:

2008-10-28  Alp Toker  <alp (a] nuanti.com>

        Include copyright license files in the autotools dist target.

        Change suggested by Mike Hommey.

        * GNUmakefile.am:

2008-10-27  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Stop discarding CodeBlock samples that can't be charged to a specific
        opcode. Instead, charge the relevant CodeBlock, and provide a footnote
        explaining the situation.
        
        This will help us tell which CodeBlocks are hot, even if we can't
        identify specific lines of code within the CodeBlocks.

        * VM/SamplingTool.cpp:
        (JSC::ScopeSampleRecord::sample):
        (JSC::compareScopeSampleRecords):
        (JSC::SamplingTool::dump):

        * VM/SamplingTool.h:
        (JSC::ScopeSampleRecord::ScopeSampleRecord):
        (JSC::ScopeSampleRecord::~ScopeSampleRecord):

2008-10-27  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Added a mutex around the SamplingTool's ScopeNode* map, to solve a crash
        when sampling the v8 tests.

        * VM/SamplingTool.cpp:
        (JSC::SamplingTool::run):
        (JSC::SamplingTool::notifyOfScope):
        * VM/SamplingTool.h: Since new ScopeNodes can be created after
        the SamplingTools has begun sampling, reads and writes to / from the
        map need to be synchronized. Shark says this doesn't measurably increase
        sampling overhead.

2008-10-25  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Provide a dummy value to the
        HostCallRecord in CTI non-sampling builds, to silence compiler warning.

2008-10-25  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Windows build.

        * VM/SamplingTool.h:
        (JSC::SamplingTool::encodeSample): Explicitly cast bool to int, to
        silence compiler warning.

2008-10-25  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig, with Gavin Barraclough's help.
        
        Fixed Sampling Tool:
            - Made CodeBlock sampling work with CTI
            - Improved accuracy by unifying most sampling data into a single
              32bit word, which can be written / read atomically.
            - Split out three different #ifdefs for modularity: OPCODE_SAMPLING;
              CODEBLOCK_SAMPLING; OPCODE_STATS.
            - Improved reporting clarity
            - Refactored for code clarity

        * JavaScriptCore.exp: Exported another symbol.

        * VM/CTI.cpp:
        (JSC::CTI::emitCTICall):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        * VM/CTI.h: Updated CTI codegen to use the unified SamplingTool interface
        for encoding samples. (This required passing the current vPC to a lot
        more functions, since the unified interface samples the current vPC.)
        Added hooks for writing the current CodeBlock* on function entry and
        after a function call, for the sake of the CodeBlock sampler. Removed
        obsolete hook for clearing the current sample inside op_end. Also removed
        the custom enum used to differentiate flavors of op_call, since the
        OpcodeID enum works just as well. (This was important in an earlier
        version of the patch, but now it's just cleanup.)

        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::lineNumberForVPC):
        * VM/CodeBlock.h: Upated for refactored #ifdefs. Changed lineNumberForVPC
        to be robust against vPCs not recorded for exception handling, since
        the Sampler may ask for an arbitrary vPC.

        * VM/Machine.cpp:
        (JSC::Machine::execute):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        * VM/Machine.h:
        (JSC::Machine::setSampler):
        (JSC::Machine::sampler):
        (JSC::Machine::jitCodeBuffer): Upated for refactored #ifdefs. Changed
        Machine to use SamplingTool helper objects to record movement in and
        out of host code. This makes samples a bit more precise.
        
        * VM/Opcode.cpp:
        (JSC::OpcodeStats::~OpcodeStats):
        * VM/Opcode.h: Upated for refactored #ifdefs. Added a little more padding,
        to accomodate our more verbose opcode names.

        * VM/SamplingTool.cpp:
        (JSC::ScopeSampleRecord::sample): Only count a sample toward our total
        if we actually record it. This solves cases where a CodeBlock will
        claim to have been sampled many times, with reported samples that don't
        match.

        (JSC::SamplingTool::run): Read the current sample into a Sample helper
        object, to ensure that the data doesn't change while we're analyzing it,
        and to help decode the data. Only access the CodeBlock sampling hash
        table if CodeBlock sampling has been enabled, so non-CodeBlock sampling
        runs can operate with even less overhead.

        (JSC::SamplingTool::dump): I reorganized this code a lot to print the
        most important info at the top, print as a table, annotate and document
        the stuff I didn't understand when I started, etc.

        * VM/SamplingTool.h: New helper classes, described above.

        * kjs/Parser.h:
        * kjs/Shell.cpp:
        (runWithScripts):
        * kjs/nodes.cpp:
        (JSC::ScopeNode::ScopeNode): Updated for new sampling APIs.

        * wtf/Platform.h: Moved sampling #defines here, since our custom is to
        put ENABLE #defines into Platform.h. Made explicit the fact that
        CODEBLOCK_SAMPLING depends on OPCODE_SAMPLING.

2008-10-25  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        JSC Build fix, not reviewed.

        * VM/CTI.cpp: add missing include stdio.h for debug builds

2008-10-24  Eric Seidel  <eric (a] webkit.org>

        Reviewed by Darin Adler.
        
        Get rid of a bonus ASSERT when using a null string as a regexp.
        Specifically calling: RegularExpression::match() with String::empty()
        will hit this ASSERT.
        Chromium hits this, but I don't know of any way to make a layout test.

        * pcre/pcre_exec.cpp:
        (jsRegExpExecute):

2008-10-24  Alexey Proskuryakov  <ap (a] webkit.org>

        Suggested and rubber-stamped by Geoff Garen.

        Fix a crash when opening Font Picker.

        The change also hopefully fixes this bug, which I could never reproduce:
        https://bugs.webkit.org/show_bug.cgi?id=20241
        <rdar://problem/6290576> Safari crashes at JSValueUnprotect() when fontpicker view close

        * API/JSContextRef.cpp: (JSContextGetGlobalObject): Use lexical global object instead of
        dynamic one.

2008-10-24  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Remove ScopeChainNode::bottom() and inline it into its only caller,
        ScopeChainnode::globalObject().

        * kjs/JSGlobalObject.h:
        (JSC::ScopeChainNode::globalObject):
        * kjs/ScopeChain.h:
        (JSC::ScopeChain::bottom):

2008-10-24  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21862: Create JSFunction prototype property lazily
        <https://bugs.webkit.org/show_bug.cgi?id=21862>

        This is a 1.5% speedup on SunSpider and a 1.4% speedup on the V8
        benchmark suite, including a 3.8% speedup on Earley-Boyer.

        * kjs/JSFunction.cpp:
        (JSC::JSFunction::getOwnPropertySlot):
        * kjs/nodes.cpp:
        (JSC::FuncDeclNode::makeFunction):
        (JSC::FuncExprNode::makeFunction):

2008-10-24  Greg Bolsinga  <bolsinga (a] apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=21475
        
        Provide support for the Geolocation API
        
        http://dev.w3.org/geo/api/spec-source.html

        * wtf/Platform.h: ENABLE_GEOLOCATION defaults to 0

2008-10-24  Darin Adler  <darin (a] apple.com>

        - finish rolling out https://bugs.webkit.org/show_bug.cgi?id=21732

        * API/APICast.h:
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        * API/JSValueRef.cpp:
        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        * VM/CodeGenerator.h:
        * VM/ExceptionHelpers.cpp:
        * VM/ExceptionHelpers.h:
        * VM/JSPropertyNameIterator.cpp:
        * VM/JSPropertyNameIterator.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * VM/Register.h:
        * kjs/ArgList.cpp:
        * kjs/ArgList.h:
        * kjs/Arguments.cpp:
        * kjs/Arguments.h:
        * kjs/ArrayConstructor.cpp:
        * kjs/ArrayPrototype.cpp:
        * kjs/BooleanConstructor.cpp:
        * kjs/BooleanConstructor.h:
        * kjs/BooleanObject.h:
        * kjs/BooleanPrototype.cpp:
        * kjs/CallData.cpp:
        * kjs/CallData.h:
        * kjs/ConstructData.cpp:
        * kjs/ConstructData.h:
        * kjs/DateConstructor.cpp:
        * kjs/DateInstance.h:
        * kjs/DatePrototype.cpp:
        * kjs/DatePrototype.h:
        * kjs/DebuggerCallFrame.cpp:
        * kjs/DebuggerCallFrame.h:
        * kjs/ErrorConstructor.cpp:
        * kjs/ErrorPrototype.cpp:
        * kjs/ExecState.cpp:
        * kjs/ExecState.h:
        * kjs/FunctionConstructor.cpp:
        * kjs/FunctionPrototype.cpp:
        * kjs/FunctionPrototype.h:
        * kjs/GetterSetter.cpp:
        * kjs/GetterSetter.h:
        * kjs/InternalFunction.h:
        * kjs/JSActivation.cpp:
        * kjs/JSActivation.h:
        * kjs/JSArray.cpp:
        * kjs/JSArray.h:
        * kjs/JSCell.cpp:
        * kjs/JSCell.h:
        * kjs/JSFunction.cpp:
        * kjs/JSFunction.h:
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.cpp:
        * kjs/JSGlobalObject.h:
        * kjs/JSGlobalObjectFunctions.cpp:
        * kjs/JSGlobalObjectFunctions.h:
        * kjs/JSImmediate.cpp:
        * kjs/JSImmediate.h:
        * kjs/JSNotAnObject.cpp:
        * kjs/JSNotAnObject.h:
        * kjs/JSNumberCell.cpp:
        * kjs/JSNumberCell.h:
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/JSStaticScopeObject.cpp:
        * kjs/JSStaticScopeObject.h:
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        * kjs/JSValue.h:
        * kjs/JSVariableObject.h:
        * kjs/JSWrapperObject.h:
        * kjs/MathObject.cpp:
        * kjs/MathObject.h:
        * kjs/NativeErrorConstructor.cpp:
        * kjs/NumberConstructor.cpp:
        * kjs/NumberConstructor.h:
        * kjs/NumberObject.cpp:
        * kjs/NumberObject.h:
        * kjs/NumberPrototype.cpp:
        * kjs/ObjectConstructor.cpp:
        * kjs/ObjectPrototype.cpp:
        * kjs/ObjectPrototype.h:
        * kjs/PropertyMap.h:
        * kjs/PropertySlot.cpp:
        * kjs/PropertySlot.h:
        * kjs/RegExpConstructor.cpp:
        * kjs/RegExpConstructor.h:
        * kjs/RegExpMatchesArray.h:
        * kjs/RegExpObject.cpp:
        * kjs/RegExpObject.h:
        * kjs/RegExpPrototype.cpp:
        * kjs/Shell.cpp:
        * kjs/StringConstructor.cpp:
        * kjs/StringObject.cpp:
        * kjs/StringObject.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        * kjs/StringPrototype.cpp:
        * kjs/StructureID.cpp:
        * kjs/StructureID.h:
        * kjs/collector.cpp:
        * kjs/collector.h:
        * kjs/completion.h:
        * kjs/grammar.y:
        * kjs/interpreter.cpp:
        * kjs/interpreter.h:
        * kjs/lookup.cpp:
        * kjs/lookup.h:
        * kjs/nodes.h:
        * kjs/operations.cpp:
        * kjs/operations.h:
        * kjs/protect.h:
        * profiler/ProfileGenerator.cpp:
        * profiler/Profiler.cpp:
        * profiler/Profiler.h:
        Use JSValue* instead of JSValuePtr.

2008-10-24  David Kilzer  <ddkilzer (a] apple.com>

        Rolled out r37840.

        * wtf/Platform.h:

2008-10-23  Greg Bolsinga  <bolsinga (a] apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=21475
        
        Provide support for the Geolocation API
        
        http://dev.w3.org/geo/api/spec-source.html

        * wtf/Platform.h: ENABLE_GEOLOCATION defaults to 0

2008-10-23  David Kilzer  <ddkilzer (a] apple.com>

        Bug 21832: Fix scripts using 'new File::Temp' for Perl 5.10

        <https://bugs.webkit.org/show_bug.cgi?id=21832>

        Reviewed by Sam Weinig.

        * pcre/dftables: Use imported tempfile() from File::Temp instead of
        'new File::Temp' to make the script work with Perl 5.10.

2008-10-23  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix hideous pathological case performance when looking up repatch info, bug #21727.

        When repatching JIT code to optimize we look up records providing information about
        the generated code (also used to track recsources used in linking to be later released). 
        The lookup was being performed using a linear scan of all such records.

        (1) Split up the different types of reptach information.  This means we can search them
            separately, and in some cases should reduce their size.
        (2) In the case of property accesses, search with a binary chop over the data.
        (3) In the case of calls, pass a pointer to the repatch info into the relink function.

        * VM/CTI.cpp:
        (JSC::CTI::CTI):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::unlinkCall):
        (JSC::CTI::linkCall):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        (JSC::CodeBlock::derefStructureIDs):
        * VM/CodeBlock.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::CallLinkInfo::CallLinkInfo):
        (JSC::CallLinkInfo::setUnlinked):
        (JSC::CallLinkInfo::isLinked):
        (JSC::getStructureStubInfoReturnLocation):
        (JSC::binaryChop):
        (JSC::CodeBlock::addCaller):
        (JSC::CodeBlock::getStubInfo):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitResolve):
        (JSC::CodeGenerator::emitGetById):
        (JSC::CodeGenerator::emitPutById):
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitConstruct):
        * VM/Machine.cpp:
        (JSC::Machine::cti_vm_lazyLinkCall):

2008-10-23  Peter Kasting  <pkasting (a] google.com>

        Reviewed by Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=21833
        Place JavaScript Debugger hooks under #if ENABLE(JAVASCRIPT_DEBUGGER).

        * wtf/Platform.h:

2008-10-23  David Kilzer  <ddkilzer (a] apple.com>

        Bug 21831: Fix create_hash_table for Perl 5.10

        <https://bugs.webkit.org/show_bug.cgi?id=21831>

        Reviewed by Sam Weinig.

        * kjs/create_hash_table: Escaped square brackets so that Perl 5.10
        doesn't try to use @nameEntries.

2008-10-23  Darin Adler  <darin (a] apple.com>

        - roll out https://bugs.webkit.org/show_bug.cgi?id=21732
          to remove the JSValuePtr class, to fix two problems

            1) slowness under MSVC, since it doesn't handle a
               class with a single pointer in it as efficiently
               as a pointer

            2) uninitialized pointers in Vector

        * JavaScriptCore.exp: Updated.

        * API/APICast.h:
        (toRef):
        * VM/CTI.cpp:
        (JSC::CTI::asInteger):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::addConstant):
        * VM/CodeGenerator.h:
        (JSC::CodeGenerator::JSValueHashTraits::constructDeletedValue):
        (JSC::CodeGenerator::JSValueHashTraits::isDeletedValue):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_vm_throw):
        Removed calls to payload functions.

        * VM/Register.h:
        (JSC::Register::Register): Removed overload for JSCell and call
        to payload function.

        * kjs/JSCell.h: Changed JSCell to derive from JSValue again.
        Removed JSValuePtr constructor.
        (JSC::asCell): Changed cast from reinterpret_cast to static_cast.

        * kjs/JSImmediate.h: Removed JSValuePtr class. Added typedef back.

        * kjs/JSValue.h:
        (JSC::JSValue::JSValue): Added empty protected inline constructor back.
        (JSC::JSValue::~JSValue): Same for destructor.
        Removed == and != operator for JSValuePtr.

        * kjs/PropertySlot.h:
        (JSC::PropertySlot::PropertySlot): Chnaged argument to const JSValue*
        and added a const_cast.

        * kjs/protect.h: Removed overloads and specialization for JSValuePtr.

2008-10-22  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Really "fix" CTI mode on windows 2k3.

        This adds new methods fastMallocExecutable and fastFreeExecutable
        to wrap allocation for cti code.  This still just makes fastMalloc
        return executable memory all the time, which will be fixed in a
        later patch.

        However in windows debug builds all executable allocations will be
        allocated on separate executable pages, which should resolve any
        remaining 2k3 issues.  Conveniently the 2k3 bot will now also fail
        if there are any fastFree vs. fastFreeExecutable errors.

        * ChangeLog:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * kjs/regexp.cpp:
        (JSC::RegExp::~RegExp):
        * masm/X86Assembler.h:
        (JSC::JITCodeBuffer::copy):
        * wtf/FastMalloc.cpp:
        (WTF::fastMallocExecutable):
        (WTF::fastFreeExecutable):
        (WTF::TCMallocStats::fastMallocExecutable):
        (WTF::TCMallocStats::fastFreeExecutable):
        * wtf/FastMalloc.h:

2008-10-22  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - fix https://bugs.webkit.org/show_bug.cgi?id=21294
          Bug 21294: Devirtualize getOwnPropertySlot()

        A bit over 3% faster on V8 tests.

        * JavascriptCore.exp: Export leak-related functions..

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructureID): Set HasStandardGetOwnPropertySlot
        since this class doesn't override getPropertySlot.
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructureID): Ditto.

        * VM/ExceptionHelpers.cpp:
        (JSC::InterruptedExecutionError::InterruptedExecutionError): Use a structure
        that's created just for this class instead of trying to share a single "null
        prototype" structure.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_create_arguments_no_params): Rename
        Arguments::ArgumentsNoParameters to Arguments::NoParameters.
        
        * kjs/Arguments.h: Rename the enum from Arguments::ArgumentsParameters to
        Arguments::NoParametersType and the value from Arguments::ArgumentsNoParameters
        to Arguments::NoParameters.
        (JSC::Arguments::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.
        (JSC::Arguments::Arguments): Added an assertion that there are no parameters.

        * kjs/DatePrototype.h:
        (JSC::DatePrototype::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.

        * kjs/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructureID): Set HasStandardGetOwnPropertySlot
        since this class doesn't override getPropertySlot.
        * kjs/InternalFunction.h:
        (JSC::InternalFunction::createStructureID): Ditto.

        * kjs/JSArray.h:
        (JSC::JSArray::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.

        * kjs/JSCell.h: Added declaration of fastGetOwnPropertySlot; a non-virtual
        version that uses the structure bit to decide whether to call the virtual
        version.

        * kjs/JSFunction.h:
        (JSC::JSFunction::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.

        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Initialize new structures; removed
        nullProtoStructureID.
        * kjs/JSGlobalData.h: Added new structures. Removed nullProtoStructureID.

        * kjs/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.

        * kjs/JSNotAnObject.h:
        (JSC::JSNotAnObjectErrorStub::JSNotAnObjectErrorStub): Use a structure
        that's created just for this class instead of trying to share a single "null
        prototype" structure.
        (JSC::JSNotAnObjectErrorStub::isNotAnObjectErrorStub): Marked this function
        virtual for clarity and made it private since no one should call it if they
        already have a pointer to this specific type.
        (JSC::JSNotAnObject::JSNotAnObject): Use a structure that's created just
        for this class instead of trying to share a single "null prototype" structure.
        (JSC::JSNotAnObject::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.

        * kjs/JSObject.h:
        (JSC::JSObject::createStructureID): Added HasStandardGetOwnPropertySlot.
        (JSC::JSObject::inlineGetOwnPropertySlot): Added. Used so we can share code
        between getOwnPropertySlot and fastGetOwnPropertySlot.
        (JSC::JSObject::getOwnPropertySlot): Moved so that functions are above the
        functions that call them. Moved the guts of this function into
        inlineGetOwnPropertySlot.
        (JSC::JSCell::fastGetOwnPropertySlot): Added. Checks the
        HasStandardGetOwnPropertySlot bit and if it's set, calls
        inlineGetOwnPropertySlot, otherwise calls getOwnPropertySlot.
        (JSC::JSObject::getPropertySlot): Changed to call fastGetOwnPropertySlot.
        (JSC::JSValue::get): Changed to call fastGetOwnPropertySlot.

        * kjs/JSWrapperObject.h: Made constructor protected to emphasize that
        this class is only a base class and never instantiated.

        * kjs/MathObject.h:
        (JSC::MathObject::createStructureID): Added. Returns a structure without
        HasStandardGetOwnPropertySlot since this class overrides getOwnPropertySlot.
        * kjs/NumberConstructor.h:
        (JSC::NumberConstructor::createStructureID): Ditto.
        * kjs/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructureID): Ditto.
        * kjs/RegExpObject.h:
        (JSC::RegExpObject::createStructureID): Ditto.
        * kjs/StringObject.h:
        (JSC::StringObject::createStructureID): Ditto.

        * kjs/TypeInfo.h: Added HasStandardGetOwnPropertySlot flag and
        hasStandardGetOwnPropertySlot accessor function.

2008-10-22  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 21803: Fuse op_jfalse with op_eq_null and op_neq_null
        <https://bugs.webkit.org/show_bug.cgi?id=21803>

        Fuse op_jfalse with op_eq_null and op_neq_null to make the new opcodes
        op_jeq_null and op_jneq_null.

        This is a 2.6% speedup on the V8 Raytrace benchmark, and strangely also
        a 4.7% speedup on the V8 Arguments benchmark, even though it uses
        neither of the two new opcodes.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitJumpIfTrue):
        (JSC::CodeGenerator::emitJumpIfFalse):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        * VM/Opcode.h:

2008-10-22  Darin Fisher  <darin (a] chromium.org>

        Reviewed by Eric Seidel.

        Should not define PLATFORM(WIN,MAC,GTK) when PLATFORM(CHROMIUM) is defined
        https://bugs.webkit.org/show_bug.cgi?id=21757

        PLATFORM(CHROMIUM) implies HAVE_ACCESSIBILITY

        * wtf/Platform.h:

2008-10-22  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Alexey Proskuryakov.

        Correct opcode names in documentation.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-10-21  Oliver Hunt <oliver (a] apple.com>

        RS=Maciej Stachowiak.

        Force FastMalloc to make all allocated pages executable in
        a vague hope this will allow the Win2k3 bot to be able to
        run tests.

        Filed Bug 21783: Need more granular control over allocation of executable memory
        to cover a more granular version of this patch.

        * wtf/TCSystemAlloc.cpp:
        (TryVirtualAlloc):

2008-10-21  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21769
        MessagePort should be GC protected if there are messages to be delivered

        * wtf/MessageQueue.h:
        (WTF::::isEmpty): Added. Also added a warning for methods that return a snapshot of queue
        state, thus likely to cause race conditions.

2008-10-21  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        - convert post-increment to pre-increment in a couple more places for speed

        Speeds up V8 benchmarks a little on most computers. (But, strangely, slows
        them down a little on my computer.)

        * kjs/nodes.cpp:
        (JSC::statementListEmitCode): Removed default argument, since we always want
        to specify this explicitly.
        (JSC::ForNode::emitCode): Tolerate ignoredResult() as the dst -- means the
        same thing as 0.
        (JSC::ReturnNode::emitCode): Ditto.
        (JSC::ThrowNode::emitCode): Ditto.
        (JSC::FunctionBodyNode::emitCode): Pass ignoredResult() so that we know we
        don't have to compute the result of function statements.

2008-10-21  Peter Kasting  <pkasting (a] google.com>

        Reviewed by Maciej Stachowiak.

        Fix an include of a non-public header to use "" instead of <>.

        * API/JSProfilerPrivate.cpp:

2008-10-20  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21766
        REGRESSION: 12 JSC tests fail

        The JSGlobalObject was mutating the shared nullProtoStructureID when
        used in jsc.  Instead of using nullProtoStructureID, use a new StructureID.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::JSCallbackObject):
        * API/JSContextRef.cpp:
        (JSGlobalContextCreateInGroup):
        * kjs/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObject):
        * kjs/Shell.cpp:
        (GlobalObject::GlobalObject):
        (jscmain):

2008-10-20  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Remove an untaken branch in CodeGenerator::emitJumpIfFalse(). This
        function is never called with a backwards target LabelID, and there is
        even an assertion to this effect at the top of the function body.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitJumpIfFalse):

2008-10-20  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Add opcode documentation for undocumented opcodes.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-10-16  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21683
        Don't create intermediate StructureIDs for builtin objects

        Second stage in reduce number of StructureIDs created when initializing the
        JSGlobalObject.

        - Use putDirectWithoutTransition for the remaining singleton objects to reduce
          the number of StructureIDs create for about:blank from 132 to 73.

        * kjs/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * kjs/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * kjs/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * kjs/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * kjs/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * kjs/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * kjs/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * kjs/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        (JSC::FunctionPrototype::addFunctionProperties):
        * kjs/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructureID):
        * kjs/InternalFunction.cpp:
        * kjs/InternalFunction.h:
        (JSC::InternalFunction::InternalFunction):
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * kjs/JSObject.h:
        * kjs/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * kjs/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * kjs/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * kjs/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * kjs/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * kjs/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * kjs/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * kjs/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * kjs/StructureID.cpp:
        (JSC::StructureID::dumpStatistics):
        * kjs/StructureID.h:
        (JSC::StructureID::setPrototypeWithoutTransition):

2008-10-20  Alp Toker  <alp (a] nuanti.com>

        Fix autotools dist build target by listing recently added header
        files only. Not reviewed.

        * GNUmakefile.am:

2008-10-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Anders Carlsson.

        * VM/Machine.cpp:
        (JSC::Machine::tryCacheGetByID): Removed a redundant and sometimes
        incorrect cast, which started ASSERTing after Darin's last checkin.

2008-10-20  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Re-enable CTI, which I accidentally disabled while checking in fixes
        to bytecode.

        * wtf/Platform.h:

2008-10-20  Alp Toker  <alp (a] nuanti.com>

        Rubber-stamped by Mark Rowe.

        Typo fix in function name: mimimum -> minimum.

        * kjs/DateMath.cpp:
        (JSC::minimumYearForDST):
        (JSC::equivalentYearForDST):

2008-10-20  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Mark Rowe.

        Use pthread instead of GThread where possible in the GTK+ port. This
        fixes issues with global initialisation, particularly on GTK+/Win32
        where a late g_thread_init() will cause hangs.

        * GNUmakefile.am:
        * wtf/Platform.h:
        * wtf/Threading.h:
        * wtf/ThreadingGtk.cpp:
        * wtf/ThreadingPthreads.cpp:

2008-10-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=21735
        Emit profiling instrumentation only if the Web Inspector's profiling
        feature is enabled

        22.2% speedup on empty function call benchmark.
        2.9% speedup on v8 benchmark.
        0.7% speedup on SunSpider.
        
        Lesser but similar speedups in bytecode.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases): Nixed JITed profiler hooks. Profiler
        hooks now have their own opcodes. Added support for compiling profiler
        hook opcodes.
        
        (JSC::CodeBlock::dump): Dump support for the new profiling opcodes.

        * VM/CodeGenerator.h:
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitConstruct): Conditionally emit profiling hooks
        around call and construct, at the call site. (It's easier to get things
        right this way, if you have profiled code calling non-profiled code.
        Also, you get a slightly more accurate profile, since you charge the full
        cost of the call / construct operation to the callee.)
        
        Also, fixed a bug where construct would fetch the ".prototype" property
        from the constructor before evaluating the arguments to the constructor,
        incorrectly allowing an "invalid constructor" exception to short-circuit
        argument evaluation. I encountered this bug when trying to make
        constructor exceptions work with profiling.

        * VM/Machine.cpp:
        (JSC::Machine::callEval): Removed obsolete profiler hooks.

        (JSC::Machine::throwException): Added a check for an exception thrown
        within a call instruction. We didn't need this before because the call
        instruction would check for a valid call before involing the profiler.
        (JSC::Machine::execute): Added a didExecute hook at the end of top-level
        function invocation, since op_ret no longer does this for us.

        (JSC::Machine::privateExecute): Removed obsolete profiler hooks. Added
        profiler opcodes. Changed some ++vPC to vPC[x] notation, since the
        latter is better for performance, and it makes reasoning about the
        current opcode in exception handling much simpler.

        (JSC::Machine::cti_op_call_NotJSFunction): Removed obsolete profiler
        hooks.

        (JSC::Machine::cti_op_create_arguments_no_params): Added missing
        CTI_STACK_HACK that I noticed when adding CTI_STACK_HACK to the new
        profiler opcode functions.

        (JSC::Machine::cti_op_profile_will_call):
        (JSC::Machine::cti_op_profile_did_call): The new profiler opcode
        functions.

        (JSC::Machine::cti_op_construct_NotJSConstruct): Removed obsolete profiler
        hooks.

        * VM/Machine.h:
        (JSC::Machine::isCallOpcode): Helper for exception handling.

        * VM/Opcode.h: Declare new opcodes.

        * kjs/JSGlobalObject.h:
        (JSC::JSGlobalObject::supportsProfiling): Added virtual interface that
        allows WebCore to specify whether the target global object has the Web
        Inspector's profiling feature enabled.

        * profiler/Profiler.cpp:
        (JSC::Profiler::willExecute):
        (JSC::Profiler::didExecute):
        (JSC::Profiler::createCallIdentifier):
        * profiler/Profiler.h: Added support for invoking the profiler with
        an arbitrary JSValue*, and not a known object. We didn't need this
        before because the call instruction would check for a valid call before
        involing the profiler.

2008-10-20  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoff Garen.

        - get CTI working on Windows again

        * VM/CTI.cpp:
        (JSC::CTI::emitCTICall): Add an overload for functions that
        return JSObject*.
        * VM/CTI.h: Use JSValue* and JSObject* as return types for
        cti_op functions. Apparently, MSVC doesn't handle returning
        the JSValuePtr struct in a register. We'll have to look into
        this more.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_convert_this):
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_op_new_object):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_new_func):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_new_array):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_JSConstructFast):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_new_func_exp):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_new_regexp):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_push_new_scope):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_op_new_error):
        (JSC::Machine::cti_vm_throw):
        Change these functions to return pointer types, and never
        JSValuePtr.
        * VM/Machine.h: Ditto.

2008-10-20  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed some recent break-age in bytecode mode.

        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::printStructureIDs): Fixed up an ASSERT caused by
        Gavin's last checkin. This is a temporary fix so I can keep on moving.
        I'll send email about what I think is an underlying problem soon.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Removed a redundant and sometimes
        incorrect cast, which started ASSERTing after Darin's last checkin.

2008-10-20  Darin Adler  <darin (a] apple.com>

        - another similar Windows build fix

        * VM/CTI.cpp: Changed return type to JSObject* instead of JSValuePtr.

2008-10-20  Darin Adler  <darin (a] apple.com>

        - try to fix Windows build

        * VM/CTI.cpp: Use JSValue* instead of JSValuePtr for ctiTrampoline.
        * VM/CTI.h: Ditto.

2008-10-19  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - finish https://bugs.webkit.org/show_bug.cgi?id=21732
          improve performance by eliminating JSValue as a base class for JSCell

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_profiler): Use asFunction.
        (JSC::Machine::cti_vm_lazyLinkCall): Ditto.
        (JSC::Machine::cti_op_construct_JSConstructFast): Use asObject.

        * kjs/JSCell.h: Re-sort friend classes. Eliminate inheritance from
        JSValue. Changed cast in asCell from static_cast to reinterpret_cast.
        Removed JSValue::getNumber(double&) and one of JSValue::getObject
        overloads.

        * kjs/JSValue.h: Made the private constructor and destructor both
        non-virtual and also remove the definitions. This class can never
        be instantiated or derived.

2008-10-19  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - next step of https://bugs.webkit.org/show_bug.cgi?id=21732
          improve performance by eliminating JSValue as a base class for JSCell

        Change JSValuePtr from a typedef into a class. This allows us to support
        conversion from JSCell* to JSValuePtr even if JSCell isn't derived from
        JSValue.

        * JavaScriptCore.exp: Updated symbols that involve JSValuePtr, since
        it's now a distinct type.

        * API/APICast.h:
        (toRef): Extract the JSValuePtr payload explicitly since we can't just
        cast any more.
        * VM/CTI.cpp:
        (JSC::CTI::asInteger): Ditto.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::addConstant): Get at the payload directly.
        (JSC::CodeGenerator::emitLoad): Added an overload of JSCell* because
        otherwise classes derived from JSValue end up calling the bool
        overload instead of JSValuePtr.
        * VM/CodeGenerator.h: Ditto. Also update traits to use JSValue*
        and the payload functions.

        * VM/Register.h: Added a JSCell* overload and use of payload functions.

        * kjs/JSCell.h:
        (JSC::asCell): Use payload function.
        (JSC::JSValue::asCell): Use JSValue* instead of JSValuePtr.
        (JSC::JSValuePtr::JSValuePtr): Added. Constructor that takes JSCell*
        and creates a JSValuePtr.

        * kjs/JSImmediate.h: Added JSValuePtr class. Also updated makeValue
        and makeInt to work with JSValue* and the payload function.

        * kjs/JSValue.h: Added == and != operators for JSValuePtr. Put them
        here because eventually all the JSValue functions should go here
        except what's needed by JSImmediate. Also fix asValue to use
        JSValue* instead of JSValuePtr.

        * kjs/PropertySlot.h: Change constructor to take JSValuePtr.

        * kjs/protect.h: Update gcProtect functions to work with JSCell*
        as well as JSValuePtr. Also updated the ProtectedPtr<JSValuePtr>
        specialization to work more directly. Also changed all the call
        sites to use gcProtectNullTolerant.

2008-10-19  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt.

        - next step of https://bugs.webkit.org/show_bug.cgi?id=21732
          improve performance by eliminating JSValue as a base class for JSCell

        Remove most uses of JSValue, which will be removed in a future patch.

        * VM/Machine.cpp:
        (JSC::fastToUInt32): Call toUInt32SlowCase function; no longer a member
        of JSValue.
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::toInt32): Ditto.
        (JSC::JSNumberCell::toUInt32): Ditto.

        * kjs/JSValue.cpp:
        (JSC::toInt32SlowCase): Made a non-member function.
        (JSC::JSValue::toInt32SlowCase): Changed to call non-member function.
        (JSC::toUInt32SlowCase): More of the same.
        (JSC::JSValue::toUInt32SlowCase): Ditto.

        * kjs/JSValue.h: Moved static member function so they are no longer
        member functions at all.

        * VM/CTI.h: Removed forward declaration of JSValue.
        * VM/ExceptionHelpers.h: Ditto.
        * kjs/CallData.h: Ditto.
        * kjs/ConstructData.h: Ditto.
        * kjs/JSGlobalObjectFunctions.h: Ditto.
        * kjs/PropertyMap.h: Ditto.
        * kjs/StructureID.h: Ditto.
        * kjs/collector.h: Ditto.
        * kjs/completion.h: Ditto.

        * kjs/grammar.y:
        (JSC::makeBitwiseNotNode): Call new non-member toInt32 function.
        (JSC::makeLeftShiftNode): More of the same.
        (JSC::makeRightShiftNode): Ditto.

        * kjs/protect.h: Added a specialization for ProtectedPtr<JSValuePtr>
        so this can be used with JSValuePtr.

2008-10-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt.

        - next step of https://bugs.webkit.org/show_bug.cgi?id=21732
          improve performance by eliminating JSValue as a base class for JSCell

        Tweak a little more to get closer to where we can make JSValuePtr a class.

        * API/APICast.h:
        (toJS): Change back to JSValue* here, since we're converting the
        pointer type.
        * VM/CTI.cpp:
        (JSC::CTI::unlinkCall): Call asPointer.
        * VM/CTI.h: Cast to JSValue* here, since it's a pointer cast.
        * kjs/DebuggerCallFrame.h:
        (JSC::DebuggerCallFrame::DebuggerCallFrame): Call noValue.
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Call noValue.
        * kjs/JSImmediate.cpp:
        (JSC::JSImmediate::toObject): Remove unneeded const_cast.
        * kjs/JSWrapperObject.h:
        (JSC::JSWrapperObject::JSWrapperObject): Call noValue.

2008-10-18  Darin Adler  <darin (a] apple.com>

        - fix non-all-in-one build

        * kjs/completion.h:
        (JSC::Completion::Completion): Add include of JSValue.h.

2008-10-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt.

        - fix assertions I introduced with my casting changes

        These were showing up as failures in the JavaScriptCore tests.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_instanceof): Remove the bogus asCell casting that
        was at the top of the function, and instead cast at the point of use.
        (JSC::Machine::cti_op_construct_NotJSConstruct): Moved the cast to
        object after checking the construct type.

2008-10-18  Darin Adler  <darin (a] apple.com>

        - fix non-all-in-one build

        * kjs/JSGlobalObjectFunctions.h: Add include of JSImmedate.h (for now).

2008-10-18  Darin Adler  <darin (a] apple.com>

        - fix build

        * kjs/interpreter.h: Include JSValue.h instead of JSImmediate.h.

2008-10-18  Darin Adler  <darin (a] apple.com>

        * kjs/interpreter.h: Fix include of JSImmediate.h.

2008-10-18  Darin Adler  <darin (a] apple.com>

        - fix non-all-in-one build

        * kjs/interpreter.h: Add include of JSImmediate.h.

2008-10-18  Darin Adler  <darin (a] apple.com>

        - fix non-all-in-one build

        * kjs/ConstructData.h: Add include of JSImmedate.h (for now).

2008-10-18  Darin Adler  <darin (a] apple.com>

        - try to fix Windows build

        * VM/Machine.cpp:
        (JSC::Machine::Machine): Use JSCell* type since MSVC seems to only allow
        calling ~JSCell directly if it's a JSCell*.

2008-10-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - next step on https://bugs.webkit.org/show_bug.cgi?id=21732
          improve performance by eliminating JSValue as a base class for JSCell

        Use JSValuePtr everywhere instead of JSValue*. In the future, we'll be
        changing JSValuePtr to be a class, and then eventually renaming it
        to JSValue once that's done.

        * JavaScriptCore.exp: Update entry points, since some now take JSValue*
        instead of const JSValue*.

        * API/APICast.h:
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        * API/JSValueRef.cpp:
        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        * VM/CodeGenerator.h:
        * VM/ExceptionHelpers.cpp:
        * VM/ExceptionHelpers.h:
        * VM/JSPropertyNameIterator.cpp:
        * VM/JSPropertyNameIterator.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * VM/Register.h:
        * kjs/ArgList.cpp:
        * kjs/ArgList.h:
        * kjs/Arguments.cpp:
        * kjs/Arguments.h:
        * kjs/ArrayConstructor.cpp:
        * kjs/ArrayPrototype.cpp:
        * kjs/BooleanConstructor.cpp:
        * kjs/BooleanConstructor.h:
        * kjs/BooleanObject.h:
        * kjs/BooleanPrototype.cpp:
        * kjs/CallData.cpp:
        * kjs/CallData.h:
        * kjs/ConstructData.cpp:
        * kjs/ConstructData.h:
        * kjs/DateConstructor.cpp:
        * kjs/DateInstance.h:
        * kjs/DatePrototype.cpp:
        * kjs/DebuggerCallFrame.cpp:
        * kjs/DebuggerCallFrame.h:
        * kjs/ErrorConstructor.cpp:
        * kjs/ErrorPrototype.cpp:
        * kjs/ExecState.cpp:
        * kjs/ExecState.h:
        * kjs/FunctionConstructor.cpp:
        * kjs/FunctionPrototype.cpp:
        * kjs/GetterSetter.cpp:
        * kjs/GetterSetter.h:
        * kjs/InternalFunction.h:
        * kjs/JSActivation.cpp:
        * kjs/JSActivation.h:
        * kjs/JSArray.cpp:
        * kjs/JSArray.h:
        * kjs/JSCell.cpp:
        * kjs/JSCell.h:
        * kjs/JSFunction.cpp:
        * kjs/JSFunction.h:
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.cpp:
        * kjs/JSGlobalObject.h:
        * kjs/JSGlobalObjectFunctions.cpp:
        * kjs/JSGlobalObjectFunctions.h:
        * kjs/JSImmediate.cpp:
        * kjs/JSImmediate.h:
        * kjs/JSNotAnObject.cpp:
        * kjs/JSNotAnObject.h:
        * kjs/JSNumberCell.cpp:
        * kjs/JSNumberCell.h:
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/JSStaticScopeObject.cpp:
        * kjs/JSStaticScopeObject.h:
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        * kjs/JSValue.h:
        * kjs/JSVariableObject.h:
        * kjs/JSWrapperObject.h:
        * kjs/MathObject.cpp:
        * kjs/NativeErrorConstructor.cpp:
        * kjs/NumberConstructor.cpp:
        * kjs/NumberConstructor.h:
        * kjs/NumberObject.cpp:
        * kjs/NumberObject.h:
        * kjs/NumberPrototype.cpp:
        * kjs/ObjectConstructor.cpp:
        * kjs/ObjectPrototype.cpp:
        * kjs/ObjectPrototype.h:
        * kjs/PropertyMap.h:
        * kjs/PropertySlot.cpp:
        * kjs/PropertySlot.h:
        * kjs/RegExpConstructor.cpp:
        * kjs/RegExpConstructor.h:
        * kjs/RegExpMatchesArray.h:
        * kjs/RegExpObject.cpp:
        * kjs/RegExpObject.h:
        * kjs/RegExpPrototype.cpp:
        * kjs/Shell.cpp:
        * kjs/StringConstructor.cpp:
        * kjs/StringObject.cpp:
        * kjs/StringObject.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        * kjs/StringPrototype.cpp:
        * kjs/StructureID.cpp:
        * kjs/StructureID.h:
        * kjs/collector.cpp:
        * kjs/collector.h:
        * kjs/completion.h:
        * kjs/grammar.y:
        * kjs/interpreter.cpp:
        * kjs/interpreter.h:
        * kjs/lookup.cpp:
        * kjs/lookup.h:
        * kjs/nodes.h:
        * kjs/operations.cpp:
        * kjs/operations.h:
        * kjs/protect.h:
        * profiler/ProfileGenerator.cpp:
        Replace JSValue* with JSValuePtr.

2008-10-18  Darin Adler  <darin (a] apple.com>

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_eval): Removed stray parentheses from my
        last check-in.

2008-10-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Oliver Hunt.

        - first step of https://bugs.webkit.org/show_bug.cgi?id=21732
          improve performance by eliminating JSValue as a base class for JSCell

        Remove casts from JSValue* to derived classes, replacing them with
        calls to inline casting functions. These functions are also a bit
        better than aidrect cast because they also do a runtime assertion.

        Removed use of 0 as for JSValue*, changing call sites to use a
        noValue() function instead.

        Move things needed by classes derived from JSValue out of the class,
        since the classes won't be deriving from JSValue any more soon.

        I did most of these changes by changing JSValue to not be JSValue* any
        more, then fixing a lot of the compilation problems, then rolling out
        the JSValue change.

        1.011x as fast on SunSpider (presumably due to some of the Machine.cpp changes)

        * API/APICast.h: Removed unneeded forward declarations.

        * API/JSCallbackObject.h: Added an asCallbackObject function for casting.
        * API/JSCallbackObjectFunctions.h:
        (JSC::JSCallbackObject::asCallbackObject): Added.
        (JSC::JSCallbackObject::getOwnPropertySlot): Use asObject.
        (JSC::JSCallbackObject::call): Use noValue.
        (JSC::JSCallbackObject::staticValueGetter): Use asCallbackObject.
        (JSC::JSCallbackObject::staticFunctionGetter): Ditto.
        (JSC::JSCallbackObject::callbackGetter): Ditto.

        * JavaScriptCore.exp: Updated.

        * JavaScriptCore.xcodeproj/project.pbxproj: Added RegExpMatchesArray.h.

        * VM/CTI.cpp:
        (JSC::CTI::asInteger): Added. For use casting a JSValue to an integer.
        (JSC::CTI::emitGetArg): Use asInteger.
        (JSC::CTI::emitGetPutArg): Ditto.
        (JSC::CTI::getConstantImmediateNumericArg): Ditto. Also use noValue.
        (JSC::CTI::emitInitRegister): Use asInteger.
        (JSC::CTI::getDeTaggedConstantImmediate): Ditto.
        (JSC::CTI::compileOpCallInitializeCallFrame): Ditto.
        (JSC::CTI::compileOpCall): Ditto.
        (JSC::CTI::compileOpStrictEq): Ditto.
        (JSC::CTI::privateCompileMainPass): Ditto.
        (JSC::CTI::privateCompileGetByIdProto): Ditto.
        (JSC::CTI::privateCompileGetByIdChain): Ditto.
        (JSC::CTI::privateCompilePutByIdTransition): Ditto.
        * VM/CTI.h: Rewrite the ARG-related macros to use C++ casts instead of
        C casts and get rid of some extra parentheses. Addd declaration of
        asInteger.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp): Use asString.
        (JSC::CodeGenerator::emitLoad): Use noValue.
        (JSC::CodeGenerator::findScopedProperty): Change globalObject argument
        to JSObject* instead of JSValue*.
        (JSC::CodeGenerator::emitResolve): Remove unneeded cast.
        (JSC::CodeGenerator::emitGetScopedVar): Use asCell.
        (JSC::CodeGenerator::emitPutScopedVar): Ditto.
        * VM/CodeGenerator.h: Changed out argument of findScopedProperty.
        Also change the JSValueMap to use PtrHash explicitly instead of
        getting it from DefaultHash.

        * VM/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::toPrimitive): Use noValue.
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::next): Ditto.

        * VM/Machine.cpp:
        (JSC::fastIsNumber): Moved isImmediate check here instead of
        checking for 0 inside Heap::isNumber. Use asCell and asNumberCell.
        (JSC::fastToInt32): Ditto.
        (JSC::fastToUInt32): Ditto.
        (JSC::jsLess): Use asString.
        (JSC::jsLessEq): Ditto.
        (JSC::jsAdd): Ditto.
        (JSC::jsTypeStringForValue): Use asObject.
        (JSC::jsIsObjectType): Ditto.
        (JSC::jsIsFunctionType): Ditto.
        (JSC::inlineResolveBase): Use noValue.
        (JSC::Machine::callEval): Use asString. Initialize result to
        undefined, not 0.
        (JSC::Machine::Machine): Remove unneeded casts to JSCell*.
        (JSC::Machine::throwException): Use asObject.
        (JSC::Machine::debug): Remove explicit calls to the DebuggerCallFrame
        constructor.
        (JSC::Machine::checkTimeout): Use noValue.
        (JSC::cachePrototypeChain): Use asObject.
        (JSC::Machine::tryCachePutByID): Use asCell.
        (JSC::Machine::tryCacheGetByID): Use aCell and asObject.
        (JSC::Machine::privateExecute): Use noValue, asCell, asObject, asString,
        asArray, asActivation, asFunction. Changed code that creates call frames
        for host functions to pass 0 for the function pointer -- the call frame
        needs a JSFunction* and a host function object is not one. This was
        caught by the assertions in the casting functions. Also remove some
        unneeded casts in cases where two values are compared.
        (JSC::Machine::retrieveLastCaller): Use noValue.
        (JSC::Machine::tryCTICachePutByID): Use asCell.
        (JSC::Machine::tryCTICacheGetByID): Use aCell and asObject.
        (JSC::setUpThrowTrampolineReturnAddress): Added this function to restore
        the PIC-branch-avoidance that was recently lost.
        (JSC::Machine::cti_op_add): Use asString.
        (JSC::Machine::cti_op_instanceof): Use asCell and asObject.
        (JSC::Machine::cti_op_call_JSFunction): Use asFunction.
        (JSC::Machine::cti_op_call_NotJSFunction): Changed code to pass 0 for
        the function pointer, since we don't have a JSFunction. Use asObject.
        (JSC::Machine::cti_op_tear_off_activation): Use asActivation.
        (JSC::Machine::cti_op_construct_JSConstruct): Use asFunction and asObject.
        (JSC::Machine::cti_op_construct_NotJSConstruct): use asObject.
        (JSC::Machine::cti_op_get_by_val): Use asArray and asString.
        (JSC::Machine::cti_op_resolve_func): Use asPointer; this helps prepare
        us for a situation where JSValue is not a pointer.
        (JSC::Machine::cti_op_put_by_val): Use asArray.
        (JSC::Machine::cti_op_put_by_val_array): Ditto.
        (JSC::Machine::cti_op_resolve_global): Use asGlobalObject.
        (JSC::Machine::cti_op_post_inc): Change VM_CHECK_EXCEPTION_2 to
        VM_CHECK_EXCEPTION_AT_END, since there's no observable work done after
        that point. Also use asPointer.
        (JSC::Machine::cti_op_resolve_with_base): Use asPointer.
        (JSC::Machine::cti_op_post_dec): Change VM_CHECK_EXCEPTION_2 to
        VM_CHECK_EXCEPTION_AT_END, since there's no observable work done after
        that point. Also use asPointer.
        (JSC::Machine::cti_op_call_eval): Use asObject, noValue, and change
        VM_CHECK_EXCEPTION_ARG to VM_THROW_EXCEPTION_AT_END.
        (JSC::Machine::cti_op_throw): Change return value to a JSValue*.
        (JSC::Machine::cti_op_in): Use asObject.
        (JSC::Machine::cti_op_switch_char): Use asString.
        (JSC::Machine::cti_op_switch_string): Ditto.
        (JSC::Machine::cti_op_put_getter): Use asObject.
        (JSC::Machine::cti_op_put_setter): Ditto.
        (JSC::Machine::cti_vm_throw): Change return value to a JSValue*.
        Use noValue.
        * VM/Machine.h: Change return values of both cti_op_throw and
        cti_vm_throw to JSValue*.

        * VM/Register.h: Remove nullJSValue, which is the same thing
        as noValue(). Also removed unneeded definition of JSValue.

        * kjs/ArgList.h: Removed unneeded definition of JSValue.

        * kjs/Arguments.h:
        (JSC::asArguments): Added.

        * kjs/ArrayPrototype.cpp:
        (JSC::getProperty): Use noValue.
        (JSC::arrayProtoFuncToString): Use asArray.
        (JSC::arrayProtoFuncToLocaleString): Ditto.
        (JSC::arrayProtoFuncConcat): Ditto.
        (JSC::arrayProtoFuncPop): Ditto. Also removed unneeded initialization
        of the result, which is set in both sides of the branch.
        (JSC::arrayProtoFuncPush): Ditto.
        (JSC::arrayProtoFuncShift): Removed unneeded initialization
        of the result, which is set in both sides of the branch.
        (JSC::arrayProtoFuncSort): Use asArray.

        * kjs/BooleanObject.h:
        (JSC::asBooleanObject): Added.

        * kjs/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString): Use asBooleanObject.
        (JSC::booleanProtoFuncValueOf): Ditto.

        * kjs/CallData.cpp:
        (JSC::call): Use asObject and asFunction.
        * kjs/ConstructData.cpp:
        (JSC::construct): Ditto.

        * kjs/DateConstructor.cpp:
        (JSC::constructDate): Use asDateInstance.

        * kjs/DateInstance.h:
        (JSC::asDateInstance): Added.

        * kjs/DatePrototype.cpp:
        (JSC::dateProtoFuncToString): Use asDateInstance.
        (JSC::dateProtoFuncToUTCString): Ditto.
        (JSC::dateProtoFuncToDateString): Ditto.
        (JSC::dateProtoFuncToTimeString): Ditto.
        (JSC::dateProtoFuncToLocaleString): Ditto.
        (JSC::dateProtoFuncToLocaleDateString): Ditto.
        (JSC::dateProtoFuncToLocaleTimeString): Ditto.
        (JSC::dateProtoFuncValueOf): Ditto.
        (JSC::dateProtoFuncGetTime): Ditto.
        (JSC::dateProtoFuncGetFullYear): Ditto.
        (JSC::dateProtoFuncGetUTCFullYear): Ditto.
        (JSC::dateProtoFuncToGMTString): Ditto.
        (JSC::dateProtoFuncGetMonth): Ditto.
        (JSC::dateProtoFuncGetUTCMonth): Ditto.
        (JSC::dateProtoFuncGetDate): Ditto.
        (JSC::dateProtoFuncGetUTCDate): Ditto.
        (JSC::dateProtoFuncGetDay): Ditto.
        (JSC::dateProtoFuncGetUTCDay): Ditto.
        (JSC::dateProtoFuncGetHours): Ditto.
        (JSC::dateProtoFuncGetUTCHours): Ditto.
        (JSC::dateProtoFuncGetMinutes): Ditto.
        (JSC::dateProtoFuncGetUTCMinutes): Ditto.
        (JSC::dateProtoFuncGetSeconds): Ditto.
        (JSC::dateProtoFuncGetUTCSeconds): Ditto.
        (JSC::dateProtoFuncGetMilliSeconds): Ditto.
        (JSC::dateProtoFuncGetUTCMilliseconds): Ditto.
        (JSC::dateProtoFuncGetTimezoneOffset): Ditto.
        (JSC::dateProtoFuncSetTime): Ditto.
        (JSC::setNewValueFromTimeArgs): Ditto.
        (JSC::setNewValueFromDateArgs): Ditto.
        (JSC::dateProtoFuncSetYear): Ditto.
        (JSC::dateProtoFuncGetYear): Ditto.

        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::thisObject): Use asObject.
        (JSC::DebuggerCallFrame::evaluate): Use noValue.
        * kjs/DebuggerCallFrame.h: Added a constructor that
        takes only a callFrame.

        * kjs/ExecState.h:
        (JSC::ExecState::clearException): Use noValue.

        * kjs/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString): Use asFunction.
        (JSC::functionProtoFuncApply): Use asArguments and asArray.

        * kjs/GetterSetter.cpp:
        (JSC::GetterSetter::getPrimitiveNumber): Use noValue.

        * kjs/GetterSetter.h:
        (JSC::asGetterSetter): Added.

        * kjs/InternalFunction.cpp:
        (JSC::InternalFunction::name): Use asString.

        * kjs/InternalFunction.h:
        (JSC::asInternalFunction): Added.

        * kjs/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter): Use asActivation.

        * kjs/JSActivation.h:
        (JSC::asActivation): Added.

        * kjs/JSArray.cpp:
        (JSC::JSArray::putSlowCase): Use noValue.
        (JSC::JSArray::deleteProperty): Ditto.
        (JSC::JSArray::increaseVectorLength): Ditto.
        (JSC::JSArray::setLength): Ditto.
        (JSC::JSArray::pop): Ditto.
        (JSC::JSArray::sort): Ditto.
        (JSC::JSArray::compactForSorting): Ditto.
        * kjs/JSArray.h:
        (JSC::asArray): Added.

        * kjs/JSCell.cpp:
        (JSC::JSCell::getJSNumber): Use noValue.

        * kjs/JSCell.h:
        (JSC::asCell): Added.
        (JSC::JSValue::asCell): Changed to not preserve const.
        Given the wide use of JSValue* and JSCell*, it's not
        really useful to use const.
        (JSC::JSValue::isNumber): Use asValue.
        (JSC::JSValue::isString): Ditto.
        (JSC::JSValue::isGetterSetter): Ditto.
        (JSC::JSValue::isObject): Ditto.
        (JSC::JSValue::getNumber): Ditto.
        (JSC::JSValue::getString): Ditto.
        (JSC::JSValue::getObject): Ditto.
        (JSC::JSValue::getCallData): Ditto.
        (JSC::JSValue::getConstructData): Ditto.
        (JSC::JSValue::getUInt32): Ditto.
        (JSC::JSValue::getTruncatedInt32): Ditto.
        (JSC::JSValue::getTruncatedUInt32): Ditto.
        (JSC::JSValue::mark): Ditto.
        (JSC::JSValue::marked): Ditto.
        (JSC::JSValue::toPrimitive): Ditto.
        (JSC::JSValue::getPrimitiveNumber): Ditto.
        (JSC::JSValue::toBoolean): Ditto.
        (JSC::JSValue::toNumber): Ditto.
        (JSC::JSValue::toString): Ditto.
        (JSC::JSValue::toObject): Ditto.
        (JSC::JSValue::toThisObject): Ditto.
        (JSC::JSValue::needsThisConversion): Ditto.
        (JSC::JSValue::toThisString): Ditto.
        (JSC::JSValue::getJSNumber): Ditto.

        * kjs/JSFunction.cpp:
        (JSC::JSFunction::argumentsGetter): Use asFunction.
        (JSC::JSFunction::callerGetter): Ditto.
        (JSC::JSFunction::lengthGetter): Ditto.
        (JSC::JSFunction::construct): Use asObject.

        * kjs/JSFunction.h:
        (JSC::asFunction): Added.

        * kjs/JSGlobalObject.cpp:
        (JSC::lastInPrototypeChain): Use asObject.

        * kjs/JSGlobalObject.h:
        (JSC::asGlobalObject): Added.
        (JSC::ScopeChainNode::globalObject): Use asGlobalObject.

        * kjs/JSImmediate.h: Added noValue, asPointer, and makeValue
        functions. Use rawValue, makeValue, and noValue consistently
        instead of doing reinterpret_cast in various functions.

        * kjs/JSNumberCell.h:
        (JSC::asNumberCell): Added.
        (JSC::JSValue::uncheckedGetNumber): Use asValue and asNumberCell.
        (JSC::JSValue::toJSNumber): Use asValue.

        * kjs/JSObject.cpp:
        (JSC::JSObject::put): Use asObject and asGetterSetter.
        (JSC::callDefaultValueFunction): Use noValue.
        (JSC::JSObject::defineGetter): Use asGetterSetter.
        (JSC::JSObject::defineSetter): Ditto.
        (JSC::JSObject::lookupGetter): Ditto. Also use asObject.
        (JSC::JSObject::lookupSetter): Ditto.
        (JSC::JSObject::hasInstance): Use asObject.
        (JSC::JSObject::fillGetterPropertySlot): Use asGetterSetter.

        * kjs/JSObject.h:
        (JSC::JSObject::getDirect): Use noValue.
        (JSC::asObject): Added.
        (JSC::JSValue::isObject): Use asValue.
        (JSC::JSObject::get): Removed unneeded const_cast.
        (JSC::JSObject::getPropertySlot): Use asObject.
        (JSC::JSValue::get): Removed unneeded const_cast.
        Use asValue, asCell, and asObject.
        (JSC::JSValue::put): Ditto.
        (JSC::JSObject::allocatePropertyStorageInline): Fixed spelling
        of "oldPropertStorage".

        * kjs/JSString.cpp:
        (JSC::JSString::getOwnPropertySlot): Use asObject.

        * kjs/JSString.h:
        (JSC::asString): Added.
        (JSC::JSValue::toThisJSString): Use asValue.

        * kjs/JSValue.h: Make PreferredPrimitiveType a top level enum
        instead of a member of JSValue. Added an asValue function that
        returns this. Removed overload of asCell for const. Use asValue
        instead of getting right at this.

        * kjs/ObjectPrototype.cpp:
        (JSC::objectProtoFuncIsPrototypeOf): Use asObject.
        (JSC::objectProtoFuncDefineGetter): Ditto.
        (JSC::objectProtoFuncDefineSetter): Ditto.

        * kjs/PropertySlot.h:
        (JSC::PropertySlot::PropertySlot): Take a const JSValue* so the
        callers don't have to worry about const.
        (JSC::PropertySlot::clearBase): Use noValue.
        (JSC::PropertySlot::clearValue): Ditto.

        * kjs/RegExpConstructor.cpp:
        (JSC::regExpConstructorDollar1): Use asRegExpConstructor.
        (JSC::regExpConstructorDollar2): Ditto.
        (JSC::regExpConstructorDollar3): Ditto.
        (JSC::regExpConstructorDollar4): Ditto.
        (JSC::regExpConstructorDollar5): Ditto.
        (JSC::regExpConstructorDollar6): Ditto.
        (JSC::regExpConstructorDollar7): Ditto.
        (JSC::regExpConstructorDollar8): Ditto.
        (JSC::regExpConstructorDollar9): Ditto.
        (JSC::regExpConstructorInput): Ditto.
        (JSC::regExpConstructorMultiline): Ditto.
        (JSC::regExpConstructorLastMatch): Ditto.
        (JSC::regExpConstructorLastParen): Ditto.
        (JSC::regExpConstructorLeftContext): Ditto.
        (JSC::regExpConstructorRightContext): Ditto.
        (JSC::setRegExpConstructorInput): Ditto.
        (JSC::setRegExpConstructorMultiline): Ditto.
        (JSC::constructRegExp): Use asObject.

        * kjs/RegExpConstructor.h:
        (JSC::asRegExpConstructor): Added.

        * kjs/RegExpObject.cpp:
        (JSC::regExpObjectGlobal): Use asRegExpObject.
        (JSC::regExpObjectIgnoreCase): Ditto.
        (JSC::regExpObjectMultiline): Ditto.
        (JSC::regExpObjectSource): Ditto.
        (JSC::regExpObjectLastIndex): Ditto.
        (JSC::setRegExpObjectLastIndex): Ditto.
        (JSC::callRegExpObject): Ditto.

        * kjs/RegExpObject.h:
        (JSC::asRegExpObject): Added.

        * kjs/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest): Use asRegExpObject.
        (JSC::regExpProtoFuncExec): Ditto.
        (JSC::regExpProtoFuncCompile): Ditto.
        (JSC::regExpProtoFuncToString): Ditto.

        * kjs/StringObject.h:
        (JSC::StringObject::internalValue): Use asString.
        (JSC::asStringObject): Added.

        * kjs/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace): Use asRegExpObject.
        (JSC::stringProtoFuncToString): Ue asStringObject.
        (JSC::stringProtoFuncMatch): Use asRegExpObject.
        (JSC::stringProtoFuncSearch): Ditto.
        (JSC::stringProtoFuncSplit): Ditto.

        * kjs/StructureID.cpp:
        (JSC::StructureID::getEnumerablePropertyNames): Use asObject.
        (JSC::StructureID::createCachedPrototypeChain): Ditto.
        (JSC::StructureIDChain::StructureIDChain): Use asCell and asObject.

        * kjs/collector.h:
        (JSC::Heap::isNumber): Removed null handling. This can only be called
        on valid cells.
        (JSC::Heap::cellBlock): Removed overload for const and non-const.
        Whether the JSCell* is const or not really should have no effect on
        whether you can modify the collector block it's in.

        * kjs/interpreter.cpp:
        (JSC::Interpreter::evaluate): Use noValue and noObject.

        * kjs/nodes.cpp:
        (JSC::FunctionCallResolveNode::emitCode): Use JSObject for the global
        object rather than JSValue.
        (JSC::PostfixResolveNode::emitCode): Ditto.
        (JSC::PrefixResolveNode::emitCode): Ditto.
        (JSC::ReadModifyResolveNode::emitCode): Ditto.
        (JSC::AssignResolveNode::emitCode): Ditto.

        * kjs/operations.h:
        (JSC::equalSlowCaseInline): Use asString, asCell, asNumberCell, 
        (JSC::strictEqualSlowCaseInline): Ditto.

2008-10-18  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 21702: Special op_create_activation for the case where there are no named parameters
        <https://bugs.webkit.org/show_bug.cgi?id=21702>

        This is a 2.5% speedup on the V8 Raytrace benchmark and a 1.1% speedup
        on the V8 Earley-Boyer benchmark.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_create_arguments_no_params):
        * VM/Machine.h:
        * kjs/Arguments.h:
        (JSC::Arguments::):
        (JSC::Arguments::Arguments):

2008-10-17  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - in debug builds, alter the stack to avoid blowing out MallocStackLogging
        
        (In essence, while executing a CTI function we alter the return
        address to jscGeneratedNativeCode so that a single consistent
        function is on the stack instead of many random functions without
        symbols.)

        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::doSetReturnAddress):
        (JSC::):
        (JSC::StackHack::StackHack):
        (JSC::StackHack::~StackHack):
        (JSC::Machine::cti_op_convert_this):
        (JSC::Machine::cti_op_end):
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_timeout_check):
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_loop_if_less):
        (JSC::Machine::cti_op_loop_if_lesseq):
        (JSC::Machine::cti_op_new_object):
        (JSC::Machine::cti_op_put_by_id):
        (JSC::Machine::cti_op_put_by_id_second):
        (JSC::Machine::cti_op_put_by_id_generic):
        (JSC::Machine::cti_op_put_by_id_fail):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_new_func):
        (JSC::Machine::cti_op_call_profiler):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_lazyLinkCall):
        (JSC::Machine::cti_vm_compile):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_tear_off_arguments):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_ret_scopeChain):
        (JSC::Machine::cti_op_new_array):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_JSConstructFast):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_put_by_val):
        (JSC::Machine::cti_op_put_by_val_array):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_jless):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_new_func_exp):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_post_dec):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_new_regexp):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_get_pnames):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_push_scope):
        (JSC::Machine::cti_op_pop_scope):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_push_new_scope):
        (JSC::Machine::cti_op_jmp_scopes):
        (JSC::Machine::cti_op_put_by_index):
        (JSC::Machine::cti_op_switch_imm):
        (JSC::Machine::cti_op_switch_char):
        (JSC::Machine::cti_op_switch_string):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_op_put_getter):
        (JSC::Machine::cti_op_put_setter):
        (JSC::Machine::cti_op_new_error):
        (JSC::Machine::cti_op_debug):
        (JSC::Machine::cti_vm_throw):

2008-10-17  Gavin Barraclough  <barraclough (a] apple.com>

        Optimize op_call by allowing call sites to be directly linked to callees.

        For the hot path of op_call, CTI now generates a check (initially for an impossible
        value), and the first time the call is executed we attempt to link the call directly
        to the callee.  We can currently only do so if the arity of the caller and callee
        match.  The (optimized) setup for the call on the hot path is linked directly to
        the ctiCode for the callee, without indirection.
        
        Two forms of the slow case of the call are generated, the first will be executed the
        first time the call is reached.  As well as this path attempting to link the call to
        a callee, it also relinks the slow case to a second slow case, which will not continue
        to attempt relinking the call.  (This policy could be changed in future, but for not
        this is intended to prevent thrashing).

        If a callee that the caller has been linked to is garbage collected, then the link
        in the caller's JIt code will be reset back to a value that cannot match - to prevent
        any false positive matches.

        ~20% progression on deltablue & richards, >12% overall reduction in v8-tests
        runtime, one or two percent progression on sunspider.

        Reviewed by Oliver Hunt.

        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::emitNakedCall):
        (JSC::unreachable):
        (JSC::CTI::compileOpCallInitializeCallFrame):
        (JSC::CTI::compileOpCallSetupArgs):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::unlinkCall):
        (JSC::CTI::linkCall):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        (JSC::CodeBlock::derefStructureIDs):
        * VM/CodeBlock.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::CallLinkInfo::CallLinkInfo):
        (JSC::CodeBlock::addCaller):
        (JSC::CodeBlock::removeCaller):
        (JSC::CodeBlock::getStubInfo):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitConstruct):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_profiler):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_lazyLinkCall):
        (JSC::Machine::cti_op_construct_JSConstructFast):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        * VM/Machine.h:
        * kjs/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * kjs/JSFunction.h:
        * kjs/nodes.h:
        (JSC::FunctionBodyNode::):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::getDifferenceBetweenLabels):

2008-10-17  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Geoff Garen.
        
        - remove ASSERT that makes the leaks buildbot cry

        * kjs/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):

2008-10-17  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich
        
        - don't bother to do arguments tearoff when it will have no effect

        ~1% on v8 raytrace
        
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitReturn):

2008-10-17  Marco Barisione  <marco.barisione (a] collabora.co.uk>

        Reviewed by Sam Weinig. Landed by Jan Alonzo.

        https://bugs.webkit.org/show_bug.cgi?id=21603
        [GTK] Minor fixes to GOwnPtr

        * wtf/GOwnPtr.cpp:
        (WTF::GError):
        (WTF::GList):
        (WTF::GCond):
        (WTF::GMutex):
        (WTF::GPatternSpec):
        (WTF::GDir):
        * wtf/GOwnPtr.h:
        (WTF::freeOwnedGPtr):
        (WTF::GOwnPtr::~GOwnPtr):
        (WTF::GOwnPtr::outPtr):
        (WTF::GOwnPtr::set):
        (WTF::GOwnPtr::clear):
        * wtf/Threading.h:

2008-10-17  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - speed up transitions that resize the property storage a fair bit
        
        ~3% speedup on v8 RayTrace benchmark, ~1% on DeltaBlue

        * VM/CTI.cpp:
        (JSC::resizePropertyStorage): renamed from transitionObject, and reduced to just resize
        the object's property storage with one inline call.
        (JSC::CTI::privateCompilePutByIdTransition): Use a separate function for property storage
        resize, but still do all the rest of the work in assembly in that case, and pass the known
        compile-time constants of old and new size rather than structureIDs, saving a bunch of
        redundant memory access.
        * kjs/JSObject.cpp:
        (JSC::JSObject::allocatePropertyStorage): Just call the inline version.
        * kjs/JSObject.h:
        (JSC::JSObject::allocatePropertyStorageInline): Inline version of allocatePropertyStorage
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::pushl_i32): Add code to assmeble push of a constant; code originally by Cameron Zwarich.

2008-10-17  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Remove some C style casts.

        * masm/X86Assembler.h:
        (JSC::JITCodeBuffer::putIntUnchecked):
        (JSC::X86Assembler::link):
        (JSC::X86Assembler::linkAbsoluteAddress):
        (JSC::X86Assembler::getRelocatedAddress):

2008-10-17  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Maciej Stachowiak.

        Remove some C style casts.

        * VM/CTI.cpp:
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        * VM/Machine.cpp:
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        (JSC::Machine::cti_op_put_by_id):
        (JSC::Machine::cti_op_put_by_id_fail):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_fail):

2008-10-17  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - Avoid restoring the caller's 'r' value in op_ret
        https://bugs.webkit.org/show_bug.cgi?id=21319

        This patch stops writing the call frame at call and return points;
        instead it does so immediately before any CTI call.
        
        0.5% speedup or so on the v8 benchmark
               
        * VM/CTI.cpp:
        (JSC::CTI::emitCTICall):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        * VM/CTI.h:

2008-10-17  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Make WREC require CTI because it won't actually compile otherwise.

        * wtf/Platform.h:

2008-10-16  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Geoff Garen.

        - fixed <rdar://problem/5806316> JavaScriptCore should not force building with gcc 4.0
        - use gcc 4.2 when building with Xcode 3.1 or newer on Leopard, even though this is not the default

        This time there is no performance regression; we can avoid having
        to use the fastcall calling convention for CTI functions by using
        varargs to prevent the compiler from moving things around on the
        stack.
        
        * Configurations/DebugRelease.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        * VM/Machine.h:
        * wtf/Platform.h:

2008-10-16  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.

        - fix for REGRESSION: r37631 causing crashes on buildbot
        https://bugs.webkit.org/show_bug.cgi?id=21682
        
        * kjs/collector.cpp:
        (JSC::Heap::collect): Avoid crashing when a GC occurs while no global objects are live.

2008-10-16  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21683
        Don't create intermediate StructureIDs for builtin objects

        First step in reduce number of StructureIDs created when initializing the
        JSGlobalObject.

        - In order to avoid creating the intermediate StructureIDs use the new putDirectWithoutTransition
          and putDirectFunctionWithoutTransition to add properties to JSObjects without transitioning
          the StructureID.  This patch just implements this strategy for ObjectPrototype but alone
          reduces the number of StructureIDs create for about:blank by 10, from 142 to 132.

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * kjs/JSObject.cpp:
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        * kjs/JSObject.h:
        (JSC::JSObject::putDirectWithoutTransition):
        * kjs/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * kjs/ObjectPrototype.h:
        * kjs/StructureID.cpp:
        (JSC::StructureID::addPropertyWithoutTransition):
        * kjs/StructureID.h:

2008-10-16  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix for: REGRESSION: over 100 StructureIDs leak loading about:blank (result of fix for bug 21633)
        
        Apparent slight progression (< 0.5%) on v8 benchmarks and SunSpider.

        * kjs/StructureID.cpp:
        (JSC::StructureID::~StructureID): Don't deref this object's parent's pointer to
        itself from the destructor; that doesn't even make sense.
        (JSC::StructureID::addPropertyTransition): Don't refer the single transition;
        the rule is that parent StructureIDs are ref'd but child ones are not. Refing
        the child creates a cycle.

2008-10-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21609
        Make MessagePorts protect their peers across heaps

        * JavaScriptCore.exp:
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::markCrossHeapDependentObjects):
        * kjs/JSGlobalObject.h:
        * kjs/collector.cpp:
        (JSC::Heap::collect):
        Before GC sweep phase, a function supplied by global object is now called for all global
        objects in the heap, making it possible to implement cross-heap dependencies.

2008-10-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21610
        run-webkit-threads --threaded crashes in StructureID destructor

        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::~StructureID):
        Protect access to a static (debug-only) HashSet with a lock.

2008-10-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Goeffrey Garen.

        Add function to dump statistics for StructureIDs.

        * kjs/StructureID.cpp:
        (JSC::StructureID::dumpStatistics):
        (JSC::StructureID::StructureID):
        (JSC::StructureID::~StructureID):
        * kjs/StructureID.h:

2008-10-15  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21633: Avoid using a HashMap when there is only a single transition
        <https://bugs.webkit.org/show_bug.cgi?id=21633>

        This is a 0.8% speedup on SunSpider and between a 0.5% and 1.0% speedup
        on the V8 benchmark suite, depending on which harness we use. It will
        also slightly reduce the memory footprint of a StructureID.

        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::~StructureID):
        (JSC::StructureID::addPropertyTransition):
        * kjs/StructureID.h:
        (JSC::StructureID::):

2008-10-15  Csaba Osztrogonac  <oszi (a] inf.u-szeged.hu>

        Reviewed by Geoffrey Garen.

        1.40% speedup on SunSpider, 1.44% speedup on V8. (Linux)
        
        No change on Mac.

        * VM/Machine.cpp:
        (JSC::fastIsNumber): ALWAYS_INLINE modifier added.

2008-10-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fixed https://bugs.webkit.org/show_bug.cgi?id=21345
        Start the debugger without reloading the inspected page

        * JavaScriptCore.exp: New symbols.
        * JavaScriptCore.xcodeproj/project.pbxproj: New files.

        * VM/CodeBlock.h:
        (JSC::EvalCodeCache::get): Updated for tweak to parsing API.

        * kjs/CollectorHeapIterator.h: Added. An iterator for the object heap,
        which we use to find all the live functions and recompile them.

        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate): Updated for tweak to parsing API.

        * kjs/FunctionConstructor.cpp:
        (JSC::constructFunction): Updated for tweak to parsing API.

        * kjs/JSFunction.cpp:
        (JSC::JSFunction::JSFunction): Try to validate our SourceCode in debug
        builds by ASSERTing that it's syntactically valid. This doesn't catch
        all SourceCode bugs, but it catches a lot of them.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval): Updated for tweak to parsing API.

        * kjs/Parser.cpp:
        (JSC::Parser::parse):
        * kjs/Parser.h:
        (JSC::Parser::parse): Tweaked the parser to make it possible to parse
        without an ExecState, and to allow the client to specify a debugger to
        notify (or not) about the source we parse. This allows the inspector
        to recompile even though no JavaScript is executing, then notify the
        debugger about all source code when it's done.

        * kjs/Shell.cpp:
        (prettyPrintScript): Updated for tweak to parsing API.

        * kjs/SourceRange.h:
        (JSC::SourceCode::isNull): Added to help with ASSERTs.

        * kjs/collector.cpp:
        (JSC::Heap::heapAllocate):
        (JSC::Heap::sweep):
        (JSC::Heap::primaryHeapBegin):
        (JSC::Heap::primaryHeapEnd):
        * kjs/collector.h:
        (JSC::): Moved a bunch of declarations around to enable compilation of
        CollectorHeapIterator.

        * kjs/interpreter.cpp:
        (JSC::Interpreter::checkSyntax):
        (JSC::Interpreter::evaluate): Updated for tweak to parsing API.

        * kjs/lexer.h:
        (JSC::Lexer::sourceCode): BUG FIX: Calculate SourceCode ranges relative
        to the SourceCode range in which we're lexing, otherwise nested functions
        that are compiled individually get SourceCode ranges that don't reflect
        their nesting.

        * kjs/nodes.cpp:
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::finishParsing):
        (JSC::FunctionBodyNode::create):
        (JSC::FunctionBodyNode::copyParameters):
        * kjs/nodes.h:
        (JSC::ScopeNode::setSource):
        (JSC::FunctionBodyNode::parameterCount): Added some helper functions for
        copying one FunctionBodyNode's parameters to another. The recompiler uses
        these when calling "finishParsing".

2008-10-15  Joerg Bornemann  <joerg.bornemann (a] trolltech.com>

        Reviewed by Darin Adler.

        - part of https://bugs.webkit.org/show_bug.cgi?id=20746
          Fix compilation on Windows CE.

        str(n)icmp, strdup and vsnprintf are not available on Windows CE,
        they are called _str(n)icmp, etc. instead

        * wtf/StringExtras.h: Added inline function implementations.

2008-10-15  Gabor Loki  <loki (a] inf.u-szeged.hu>

        Reviewed by Cameron Zwarich.

        <https://bugs.webkit.org/show_bug.cgi?id=20912>
        Use simple uint32_t multiplication on op_mul if both operands are
        immediate number and they are between zero and 0x7FFF.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-10-09  Darin Fisher  <darin (a] chromium.org>

        Reviewed by Sam Weinig.

        Make pan scrolling a platform configurable option.
        https://bugs.webkit.org/show_bug.cgi?id=21515

        * wtf/Platform.h: Add ENABLE_PAN_SCROLLING

2008-10-14  Maciej Stachowiak  <mjs (a] apple.com>

        Rubber stamped by Sam Weinig.
        
        - revert r37572 and r37581 for now
        
        Turns out GCC 4.2 is still a (small) regression, we'll have to do
        more work to turn it on.

        * Configurations/DebugRelease.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_convert_this):
        (JSC::Machine::cti_op_end):
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_timeout_check):
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_loop_if_less):
        (JSC::Machine::cti_op_loop_if_lesseq):
        (JSC::Machine::cti_op_new_object):
        (JSC::Machine::cti_op_put_by_id):
        (JSC::Machine::cti_op_put_by_id_second):
        (JSC::Machine::cti_op_put_by_id_generic):
        (JSC::Machine::cti_op_put_by_id_fail):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_new_func):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_compile):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_tear_off_arguments):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_ret_scopeChain):
        (JSC::Machine::cti_op_new_array):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_put_by_val):
        (JSC::Machine::cti_op_put_by_val_array):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_jless):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_new_func_exp):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_post_dec):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_new_regexp):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_get_pnames):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_push_scope):
        (JSC::Machine::cti_op_pop_scope):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_push_new_scope):
        (JSC::Machine::cti_op_jmp_scopes):
        (JSC::Machine::cti_op_put_by_index):
        (JSC::Machine::cti_op_switch_imm):
        (JSC::Machine::cti_op_switch_char):
        (JSC::Machine::cti_op_switch_string):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_op_put_getter):
        (JSC::Machine::cti_op_put_setter):
        (JSC::Machine::cti_op_new_error):
        (JSC::Machine::cti_op_debug):
        (JSC::Machine::cti_vm_throw):
        * VM/Machine.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitRestoreArgumentReference):
        (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
        * wtf/Platform.h:

2008-10-14  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=20256
        Array.push and other standard methods disappear

        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        Don't use static hash tables even on platforms that don't enable JSC_MULTIPLE_THREADS -
        these tables reference IdentifierTable, which is always per-GlobalData.

2008-10-14  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - always use CTI_ARGUMENTS and CTI_ARGUMENTS_FASTCALL
        
        This is a small regression for GCC 4.0, but simplifies the code
        for future improvements and lets us focus on GCC 4.2+ and MSVC.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_convert_this):
        (JSC::Machine::cti_op_end):
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_timeout_check):
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_loop_if_less):
        (JSC::Machine::cti_op_loop_if_lesseq):
        (JSC::Machine::cti_op_new_object):
        (JSC::Machine::cti_op_put_by_id):
        (JSC::Machine::cti_op_put_by_id_second):
        (JSC::Machine::cti_op_put_by_id_generic):
        (JSC::Machine::cti_op_put_by_id_fail):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_new_func):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_compile):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_tear_off_arguments):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_ret_scopeChain):
        (JSC::Machine::cti_op_new_array):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_put_by_val):
        (JSC::Machine::cti_op_put_by_val_array):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_jless):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_new_func_exp):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_post_dec):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_new_regexp):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_get_pnames):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_push_scope):
        (JSC::Machine::cti_op_pop_scope):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_push_new_scope):
        (JSC::Machine::cti_op_jmp_scopes):
        (JSC::Machine::cti_op_put_by_index):
        (JSC::Machine::cti_op_switch_imm):
        (JSC::Machine::cti_op_switch_char):
        (JSC::Machine::cti_op_switch_string):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_op_put_getter):
        (JSC::Machine::cti_op_put_setter):
        (JSC::Machine::cti_op_new_error):
        (JSC::Machine::cti_op_debug):
        (JSC::Machine::cti_vm_throw):
        * VM/Machine.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitRestoreArgumentReference):
        (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
        * wtf/Platform.h:

2008-10-13  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - make Machine::getArgumentsData an Arguments method and inline it
        
        ~2% on v8 raytrace

        * VM/Machine.cpp:
        * kjs/Arguments.h:
        (JSC::Machine::getArgumentsData):

2008-10-13  Alp Toker  <alp (a] nuanti.com>

        Fix autotools dist build target by listing recently added header
        files only. Not reviewed.

        * GNUmakefile.am:

2008-10-13  Maciej Stachowiak  <mjs (a] apple.com>

        Rubber stamped by Mark Rowe.
        
        - fixed <rdar://problem/5806316> JavaScriptCore should not force building with gcc 4.0
        - use gcc 4.2 when building with Xcode 3.1 or newer on Leopard, even though this is not the default

        * Configurations/DebugRelease.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-10-13  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 21541: Move RegisterFile growth check to callee
        <https://bugs.webkit.org/show_bug.cgi?id=21541>

        Move the RegisterFile growth check to the callee in the common case,
        where some of the information is known statically at JIT time. There is
        still a check in the caller in the case where the caller provides too
        few arguments.

        This is a 2.1% speedup on the V8 benchmark, including a 5.1% speedup on
        the Richards benchmark, a 4.1% speedup on the DeltaBlue benchmark, and a
        1.4% speedup on the Earley-Boyer benchmark. It is also a 0.5% speedup on
        SunSpider.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompile):
        * VM/Machine.cpp:
        (JSC::Machine::cti_register_file_check):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        * VM/Machine.h:
        * VM/RegisterFile.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::cmpl_mr):
        (JSC::X86Assembler::emitUnlinkedJg):

2008-10-13  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Dan Bernstein.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21577
        5 false positive StructureID leaks

        - Add leak ignore set to StructureID to selectively ignore leaking some StructureIDs.
        - Add create method to JSGlolalData to be used when the data will be intentionally
          leaked and ignore all leaks caused the StructureIDs stored in it.

        * JavaScriptCore.exp:
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::createLeaked):
        * kjs/JSGlobalData.h:
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::~StructureID):
        (JSC::StructureID::startIgnoringLeaks):
        (JSC::StructureID::stopIgnoringLeaks):
        * kjs/StructureID.h:

2008-10-13  Marco Barisione  <marco.barisione (a] collabora.co.uk>

        Reviewed by Darin Adler. Landed by Jan Alonzo.

        WebKit GTK Port needs a smartpointer to handle g_free (GFreePtr?)
        http://bugs.webkit.org/show_bug.cgi?id=20483

        Add a GOwnPtr smart pointer (similar to OwnPtr) to handle memory
        allocated by GLib and start the conversion to use it.

        * GNUmakefile.am:
        * wtf/GOwnPtr.cpp: Added.
        (WTF::GError):
        (WTF::GList):
        (WTF::GCond):
        (WTF::GMutex):
        (WTF::GPatternSpec):
        (WTF::GDir):
        * wtf/GOwnPtr.h: Added.
        (WTF::freeOwnedPtr):
        (WTF::GOwnPtr::GOwnPtr):
        (WTF::GOwnPtr::~GOwnPtr):
        (WTF::GOwnPtr::get):
        (WTF::GOwnPtr::release):
        (WTF::GOwnPtr::rawPtr):
        (WTF::GOwnPtr::set):
        (WTF::GOwnPtr::clear):
        (WTF::GOwnPtr::operator*):
        (WTF::GOwnPtr::operator->):
        (WTF::GOwnPtr::operator!):
        (WTF::GOwnPtr::operator UnspecifiedBoolType):
        (WTF::GOwnPtr::swap):
        (WTF::swap):
        (WTF::operator==):
        (WTF::operator!=):
        (WTF::getPtr):
        * wtf/Threading.h:
        * wtf/ThreadingGtk.cpp:
        (WTF::Mutex::~Mutex):
        (WTF::Mutex::lock):
        (WTF::Mutex::tryLock):
        (WTF::Mutex::unlock):
        (WTF::ThreadCondition::~ThreadCondition):
        (WTF::ThreadCondition::wait):
        (WTF::ThreadCondition::timedWait):
        (WTF::ThreadCondition::signal):
        (WTF::ThreadCondition::broadcast):

2008-10-12  Gabriella Toth  <gtoth (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        - part of https://bugs.webkit.org/show_bug.cgi?id=21055
          Bug 21055: not invoked functions

        * kjs/nodes.cpp: Deleted a function that is not invoked:
        statementListInitializeVariableAccessStack.

2008-10-12  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        * wtf/unicode/icu/UnicodeIcu.h: Fixed indentation to match WebKit coding style.
        * wtf/unicode/qt4/UnicodeQt4.h: Ditto.

2008-10-12  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - https://bugs.webkit.org/show_bug.cgi?id=21556
          Bug 21556: non-ASCII digits are allowed in places where only ASCII should be

        * wtf/unicode/icu/UnicodeIcu.h: Removed isDigit, digitValue, and isFormatChar.
        * wtf/unicode/qt4/UnicodeQt4.h: Ditto.

2008-10-12  Anders Carlsson  <andersca (a] apple.com>

        Reviewed by Darin Adler.

        Make the append method that takes a Vector more strict - it now requires the elements 
        of the vector to be appended same type as the elements of the Vector they're being appended to.
        
        This would cause problems when dealing with Vectors containing other Vectors.
        
        * wtf/Vector.h:
        (WTF::::append):

2008-10-11  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Clean up RegExpMatchesArray.h to match our coding style.

        * kjs/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertySlot):
        (JSC::RegExpMatchesArray::put):
        (JSC::RegExpMatchesArray::deleteProperty):
        (JSC::RegExpMatchesArray::getPropertyNames):

2008-10-11  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Sam Weinig.

        Bug 21525: 55 StructureID leaks on Wikitravel's main page
        <https://bugs.webkit.org/show_bug.cgi?id=21525>

        Bug 21533: Simple JavaScript code leaks StructureIDs
        <https://bugs.webkit.org/show_bug.cgi?id=21533>

        StructureID::getEnumerablePropertyNames() ends up calling back to itself
        via JSObject::getPropertyNames(), which causes the PropertyNameArray to
        be cached twice. This leads to a memory leak in almost every use of
        JSObject::getPropertyNames() on an object. The fix here is based on a
        suggestion of Sam Weinig.

        This patch also fixes every StructureID leaks that occurs while running
        the Mozilla MemBuster test.

        * kjs/PropertyNameArray.h:
        (JSC::PropertyNameArray::PropertyNameArray):
        (JSC::PropertyNameArray::setCacheable):
        (JSC::PropertyNameArray::cacheable):
        * kjs/StructureID.cpp:
        (JSC::StructureID::getEnumerablePropertyNames):

2008-10-10  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Use fastcall calling convention on GCC > 4.0

        Results in a 2-3% improvement in GCC 4.2 performance, so
        that it is no longer a regression vs. GCC 4.0

        * VM/CTI.cpp:
        * VM/Machine.h:
        * wtf/Platform.h:

2008-10-10  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        - Add a workaround for a bug in ceil in Darwin libc.
        - Remove old workarounds for JS math functions that are not needed
          anymore.

        The math functions are heavily tested by fast/js/math.html.

        * kjs/MathObject.cpp:
        (JSC::mathProtoFuncAbs): Remove workaround.
        (JSC::mathProtoFuncCeil): Ditto.
        (JSC::mathProtoFuncFloor): Ditto.
        * wtf/MathExtras.h:
        (wtf_ceil): Add ceil workaround for darwin.

2008-10-10  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler

        Add Assertions to JSObject constructor.

        * kjs/JSObject.h:
        (JSC::JSObject::JSObject):

2008-10-10  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Remove now unused m_getterSetterFlag variable from PropertyMap.

        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::operator=):
        * kjs/PropertyMap.h:
        (JSC::PropertyMap::PropertyMap):

2008-10-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak.

        Add leaks checking to StructureID.

        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::~StructureID):

2008-10-09  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=20760
        Implement support for x86 Linux in CTI

        Prepare to enable CTI/WREC on supported architectures.

        Make it possible to use the CTI_ARGUMENT workaround with GCC as well
        as MSVC by fixing some preprocessor conditionals.

        Note that CTI/WREC no longer requires CTI_ARGUMENT on Linux so we
        don't actually enable it except when building with MSVC. GCC on Win32
        remains untested.

        Adapt inline ASM code to use the global symbol underscore prefix only
        on Darwin and to call the properly mangled Machine::cti_vm_throw
        symbol name depending on CTI_ARGUMENT.

        Also avoid global inclusion of the JIT infrastructure headers
        throughout WebCore and WebKit causing recompilation of about ~1500
        source files after modification to X86Assembler.h, CTI.h, WREC.h,
        which are only used deep inside JavaScriptCore.

        * GNUmakefile.am:
        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * kjs/regexp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::~RegExp):
        (JSC::RegExp::match):
        * kjs/regexp.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitConvertToFastCall):
        (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
        (JSC::X86Assembler::emitRestoreArgumentReference):

2008-10-09  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fix for bug #21160, x=0;1/(x*-1) == -Infinity

        * ChangeLog:
        * VM/CTI.cpp:
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithDeTagImmediateJumpIfZero):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::emitUnlinkedJs):

2008-10-09  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 21459: REGRESSION (r37324): Safari crashes inside JavaScriptCore while browsing hulu.com
        <https://bugs.webkit.org/show_bug.cgi?id=21459>

        After r37324, an Arguments object does not mark an associated activation
        object. This change was made because Arguments no longer directly used
        the activation object in any way. However, if an activation is torn off,
        then the backing store of Arguments becomes the register array of the
        activation object. Arguments directly marks all of the arguments, but
        the activation object is being collected, which causes its register
        array to be freed and new memory to be allocated in its place.

        Unfortunately, it does not seem possible to reproduce this issue in a
        layout test.

        * kjs/Arguments.cpp:
        (JSC::Arguments::mark):
        * kjs/Arguments.h:
        (JSC::Arguments::setActivation):
        (JSC::Arguments::Arguments):
        (JSC::JSActivation::copyRegisters):

2008-10-09  Ariya Hidayat  <ariya.hidayat (a] trolltech.com>

        Reviewed by Simon.

        Build fix for MinGW.

        * wtf/AlwaysInline.h:

2008-10-08  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21497: REGRESSION (r37433): Bytecode JSC tests are severely broken
        <https://bugs.webkit.org/show_bug.cgi?id=21497>

        Fix a typo in r37433 that causes the failure of a large number of JSC
        tests with the bytecode interpreter enabled.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-10-08  Mark Rowe  <mrowe (a] apple.com>

        Windows build fix.

        * VM/CTI.cpp:
        (JSC::): Update type of argument to ctiTrampoline.

2008-10-08  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - https://bugs.webkit.org/show_bug.cgi?id=21403
          Bug 21403: use new CallFrame class rather than Register* for call frame manipulation

        Add CallFrame as a synonym for ExecState. Arguably, some day we should switch every
        client over to the new name.

        Use CallFrame* consistently rather than Register* or ExecState* in low-level code such
        as Machine.cpp and CTI.cpp. Similarly, use callFrame rather than r as its name and use
        accessor functions to get at things in the frame.

        Eliminate other uses of ExecState* that aren't needed, replacing in some cases with
        JSGlobalData* and in other cases eliminating them entirely.

        * API/JSObjectRef.cpp:
        (JSObjectMakeFunctionWithCallback):
        (JSObjectMakeFunction):
        (JSObjectHasProperty):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectDeleteProperty):
        * API/OpaqueJSString.cpp:
        * API/OpaqueJSString.h:
        * VM/CTI.cpp:
        (JSC::CTI::getConstant):
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):
        (JSC::CTI::CTI):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp):
        (JSC::CodeGenerator::emitLoad):
        (JSC::CodeGenerator::emitUnexpectedLoad):
        (JSC::CodeGenerator::emitConstruct):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAddSlowCase):
        (JSC::jsAdd):
        (JSC::jsTypeStringForValue):
        (JSC::Machine::resolve):
        (JSC::Machine::resolveSkip):
        (JSC::Machine::resolveGlobal):
        (JSC::inlineResolveBase):
        (JSC::Machine::resolveBase):
        (JSC::Machine::resolveBaseAndProperty):
        (JSC::Machine::resolveBaseAndFunc):
        (JSC::Machine::slideRegisterWindowForCall):
        (JSC::isNotObject):
        (JSC::Machine::callEval):
        (JSC::Machine::dumpCallFrame):
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::throwException):
        (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
        (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
        (JSC::Machine::execute):
        (JSC::Machine::debug):
        (JSC::Machine::createExceptionScope):
        (JSC::cachePrototypeChain):
        (JSC::Machine::tryCachePutByID):
        (JSC::Machine::tryCacheGetByID):
        (JSC::Machine::privateExecute):
        (JSC::Machine::retrieveArguments):
        (JSC::Machine::retrieveCaller):
        (JSC::Machine::retrieveLastCaller):
        (JSC::Machine::findFunctionCallFrame):
        (JSC::Machine::getArgumentsData):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::getCTIArrayLengthTrampoline):
        (JSC::Machine::getCTIStringLengthTrampoline):
        (JSC::Machine::tryCTICacheGetByID):
        (JSC::Machine::cti_op_convert_this):
        (JSC::Machine::cti_op_end):
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_timeout_check):
        (JSC::Machine::cti_op_loop_if_less):
        (JSC::Machine::cti_op_loop_if_lesseq):
        (JSC::Machine::cti_op_new_object):
        (JSC::Machine::cti_op_put_by_id):
        (JSC::Machine::cti_op_put_by_id_second):
        (JSC::Machine::cti_op_put_by_id_generic):
        (JSC::Machine::cti_op_put_by_id_fail):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_new_func):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_compile):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_tear_off_arguments):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_ret_scopeChain):
        (JSC::Machine::cti_op_new_array):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_put_by_val):
        (JSC::Machine::cti_op_put_by_val_array):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_jless):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_new_func_exp):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_post_dec):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_new_regexp):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_get_pnames):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_push_scope):
        (JSC::Machine::cti_op_pop_scope):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_push_new_scope):
        (JSC::Machine::cti_op_jmp_scopes):
        (JSC::Machine::cti_op_put_by_index):
        (JSC::Machine::cti_op_switch_imm):
        (JSC::Machine::cti_op_switch_char):
        (JSC::Machine::cti_op_switch_string):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_op_put_getter):
        (JSC::Machine::cti_op_put_setter):
        (JSC::Machine::cti_op_new_error):
        (JSC::Machine::cti_op_debug):
        (JSC::Machine::cti_vm_throw):
        * VM/Machine.h:
        * VM/Register.h:
        * VM/RegisterFile.h:
        * kjs/Arguments.h:
        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName):
        (JSC::DebuggerCallFrame::type):
        (JSC::DebuggerCallFrame::thisObject):
        (JSC::DebuggerCallFrame::evaluate):
        * kjs/DebuggerCallFrame.h:
        * kjs/ExecState.cpp:
        (JSC::CallFrame::thisValue):
        * kjs/ExecState.h:
        * kjs/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        (JSC::JSActivation::argumentsGetter):
        * kjs/JSActivation.h:
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init):
        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * kjs/JSVariableObject.h:
        * kjs/Parser.cpp:
        (JSC::Parser::parse):
        * kjs/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * kjs/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncCompile):
        * kjs/Shell.cpp:
        (prettyPrintScript):
        * kjs/StringPrototype.cpp:
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        * kjs/identifier.cpp:
        (JSC::Identifier::checkSameIdentifierTable):
        * kjs/interpreter.cpp:
        (JSC::Interpreter::checkSyntax):
        (JSC::Interpreter::evaluate):
        * kjs/nodes.cpp:
        (JSC::ThrowableExpressionData::emitThrowError):
        (JSC::RegExpNode::emitCode):
        (JSC::ArrayNode::emitCode):
        (JSC::InstanceOfNode::emitCode):
        * kjs/nodes.h:
        * kjs/regexp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::create):
        * kjs/regexp.h:
        * profiler/HeavyProfile.h:
        * profiler/Profile.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:

2008-10-08  Mark Rowe  <mrowe (a] apple.com>

        Typed by Maciej Stachowiak, reviewed by Mark Rowe.

        Fix crash in fast/js/constant-folding.html with CTI disabled.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-10-08  Timothy Hatcher  <timothy (a] apple.com>

        Roll out r37427 because it causes an infinite recursion loading about:blank.

        https://bugs.webkit.org/show_bug.cgi?id=21476

2008-10-08  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - https://bugs.webkit.org/show_bug.cgi?id=21403
          Bug 21403: use new CallFrame class rather than Register* for call frame manipulation

        Add CallFrame as a synonym for ExecState. Arguably, some day we should switch every
        client over to the new name.

        Use CallFrame* consistently rather than Register* or ExecState* in low-level code such
        as Machine.cpp and CTI.cpp. Similarly, use callFrame rather than r as its name and use
        accessor functions to get at things in the frame.

        Eliminate other uses of ExecState* that aren't needed, replacing in some cases with
        JSGlobalData* and in other cases eliminating them entirely.

        * API/JSObjectRef.cpp:
        (JSObjectMakeFunctionWithCallback):
        (JSObjectMakeFunction):
        (JSObjectHasProperty):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectDeleteProperty):
        * API/OpaqueJSString.cpp:
        * API/OpaqueJSString.h:
        * VM/CTI.cpp:
        (JSC::CTI::getConstant):
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):
        (JSC::CTI::printOpcodeOperandTypes):
        (JSC::CTI::CTI):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp):
        (JSC::CodeGenerator::emitLoad):
        (JSC::CodeGenerator::emitUnexpectedLoad):
        (JSC::CodeGenerator::emitConstruct):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAddSlowCase):
        (JSC::jsAdd):
        (JSC::jsTypeStringForValue):
        (JSC::Machine::resolve):
        (JSC::Machine::resolveSkip):
        (JSC::Machine::resolveGlobal):
        (JSC::inlineResolveBase):
        (JSC::Machine::resolveBase):
        (JSC::Machine::resolveBaseAndProperty):
        (JSC::Machine::resolveBaseAndFunc):
        (JSC::Machine::slideRegisterWindowForCall):
        (JSC::isNotObject):
        (JSC::Machine::callEval):
        (JSC::Machine::dumpCallFrame):
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::throwException):
        (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
        (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
        (JSC::Machine::execute):
        (JSC::Machine::debug):
        (JSC::Machine::createExceptionScope):
        (JSC::cachePrototypeChain):
        (JSC::Machine::tryCachePutByID):
        (JSC::Machine::tryCacheGetByID):
        (JSC::Machine::privateExecute):
        (JSC::Machine::retrieveArguments):
        (JSC::Machine::retrieveCaller):
        (JSC::Machine::retrieveLastCaller):
        (JSC::Machine::findFunctionCallFrame):
        (JSC::Machine::getArgumentsData):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::getCTIArrayLengthTrampoline):
        (JSC::Machine::getCTIStringLengthTrampoline):
        (JSC::Machine::tryCTICacheGetByID):
        (JSC::Machine::cti_op_convert_this):
        (JSC::Machine::cti_op_end):
        (JSC::Machine::cti_op_add):
        (JSC::Machine::cti_op_pre_inc):
        (JSC::Machine::cti_timeout_check):
        (JSC::Machine::cti_op_loop_if_less):
        (JSC::Machine::cti_op_loop_if_lesseq):
        (JSC::Machine::cti_op_new_object):
        (JSC::Machine::cti_op_put_by_id):
        (JSC::Machine::cti_op_put_by_id_second):
        (JSC::Machine::cti_op_put_by_id_generic):
        (JSC::Machine::cti_op_put_by_id_fail):
        (JSC::Machine::cti_op_get_by_id):
        (JSC::Machine::cti_op_get_by_id_second):
        (JSC::Machine::cti_op_get_by_id_generic):
        (JSC::Machine::cti_op_get_by_id_fail):
        (JSC::Machine::cti_op_instanceof):
        (JSC::Machine::cti_op_del_by_id):
        (JSC::Machine::cti_op_mul):
        (JSC::Machine::cti_op_new_func):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_compile):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_tear_off_arguments):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_ret_scopeChain):
        (JSC::Machine::cti_op_new_array):
        (JSC::Machine::cti_op_resolve):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_get_by_val):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_sub):
        (JSC::Machine::cti_op_put_by_val):
        (JSC::Machine::cti_op_put_by_val_array):
        (JSC::Machine::cti_op_lesseq):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_negate):
        (JSC::Machine::cti_op_resolve_base):
        (JSC::Machine::cti_op_resolve_skip):
        (JSC::Machine::cti_op_resolve_global):
        (JSC::Machine::cti_op_div):
        (JSC::Machine::cti_op_pre_dec):
        (JSC::Machine::cti_op_jless):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_lshift):
        (JSC::Machine::cti_op_bitand):
        (JSC::Machine::cti_op_rshift):
        (JSC::Machine::cti_op_bitnot):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_new_func_exp):
        (JSC::Machine::cti_op_mod):
        (JSC::Machine::cti_op_less):
        (JSC::Machine::cti_op_neq):
        (JSC::Machine::cti_op_post_dec):
        (JSC::Machine::cti_op_urshift):
        (JSC::Machine::cti_op_bitxor):
        (JSC::Machine::cti_op_new_regexp):
        (JSC::Machine::cti_op_bitor):
        (JSC::Machine::cti_op_call_eval):
        (JSC::Machine::cti_op_throw):
        (JSC::Machine::cti_op_get_pnames):
        (JSC::Machine::cti_op_next_pname):
        (JSC::Machine::cti_op_push_scope):
        (JSC::Machine::cti_op_pop_scope):
        (JSC::Machine::cti_op_typeof):
        (JSC::Machine::cti_op_to_jsnumber):
        (JSC::Machine::cti_op_in):
        (JSC::Machine::cti_op_push_new_scope):
        (JSC::Machine::cti_op_jmp_scopes):
        (JSC::Machine::cti_op_put_by_index):
        (JSC::Machine::cti_op_switch_imm):
        (JSC::Machine::cti_op_switch_char):
        (JSC::Machine::cti_op_switch_string):
        (JSC::Machine::cti_op_del_by_val):
        (JSC::Machine::cti_op_put_getter):
        (JSC::Machine::cti_op_put_setter):
        (JSC::Machine::cti_op_new_error):
        (JSC::Machine::cti_op_debug):
        (JSC::Machine::cti_vm_throw):
        * VM/Machine.h:
        * VM/Register.h:
        * VM/RegisterFile.h:
        * kjs/Arguments.h:
        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName):
        (JSC::DebuggerCallFrame::type):
        (JSC::DebuggerCallFrame::thisObject):
        (JSC::DebuggerCallFrame::evaluate):
        * kjs/DebuggerCallFrame.h:
        * kjs/ExecState.cpp:
        (JSC::CallFrame::thisValue):
        * kjs/ExecState.h:
        * kjs/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        (JSC::JSActivation::argumentsGetter):
        * kjs/JSActivation.h:
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init):
        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * kjs/JSVariableObject.h:
        * kjs/Parser.cpp:
        (JSC::Parser::parse):
        * kjs/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * kjs/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncCompile):
        * kjs/Shell.cpp:
        (prettyPrintScript):
        * kjs/StringPrototype.cpp:
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        * kjs/identifier.cpp:
        (JSC::Identifier::checkSameIdentifierTable):
        * kjs/interpreter.cpp:
        (JSC::Interpreter::checkSyntax):
        (JSC::Interpreter::evaluate):
        * kjs/nodes.cpp:
        (JSC::ThrowableExpressionData::emitThrowError):
        (JSC::RegExpNode::emitCode):
        (JSC::ArrayNode::emitCode):
        (JSC::InstanceOfNode::emitCode):
        * kjs/nodes.h:
        * kjs/regexp.cpp:
        (JSC::RegExp::RegExp):
        (JSC::RegExp::create):
        * kjs/regexp.h:
        * profiler/HeavyProfile.h:
        * profiler/Profile.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:

2008-10-08  Prasanth Ullattil  <pullatti (a] trolltech.com>

        Reviewed by Oliver Hunt.

        Avoid endless loops when compiling without the computed goto
        optimization.

        NEXT_OPCODE expands to "continue", which will not work inside
        loops.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-10-08  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.

        Re-landing the following fix with the crashing bug in it fixed (r37405):
        
        - optimize away multiplication by constant 1.0
        
        2.3% speedup on v8 RayTrace benchmark

        Apparently it's not uncommon for JavaScript code to multiply by
        constant 1.0 in the mistaken belief that this converts integer to
        floating point and that there is any operational difference.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass): Optimize to_jsnumber for
        case where parameter is already number.
        (JSC::CTI::privateCompileSlowCases): ditto
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): ditto
        * kjs/grammar.y:
        (makeMultNode): Transform as follows:
        +FOO * BAR ==> FOO * BAR
        FOO * +BAR ==> FOO * BAR
        FOO * 1 ==> +FOO
        1 * FOO ==> +FOO
        (makeDivNode): Transform as follows:
        +FOO / BAR ==> FOO / BAR
        FOO / +BAR ==> FOO / BAR
        (makeSubNode): Transform as follows:
        +FOO - BAR ==> FOO - BAR
        FOO - +BAR ==> FOO - BAR
        * kjs/nodes.h:
        (JSC::ExpressionNode::stripUnaryPlus): Helper for above
        grammar.y changes
        (JSC::UnaryPlusNode::stripUnaryPlus): ditto

2008-10-08  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - correctly handle appending -0 to a string, it should stringify as just 0

        * kjs/ustring.cpp:
        (JSC::concatenate):

2008-10-08  Prasanth Ullattil  <pullatti (a] trolltech.com>

        Reviewed by Simon.

        Fix WebKit compilation with VC2008SP1

        Apply the TR1 workaround for JavaScriptCore, too.

        * JavaScriptCore.pro:

2008-10-08  Prasanth Ullattil  <pullatti (a] trolltech.com>

        Reviewed by Simon.

        Fix compilation errors on VS2008 64Bit

        * kjs/collector.cpp:
        (JSC::currentThreadStackBase):

2008-10-08  Andr Pnitz  <apoenitz (a] trolltech.com>

        Reviewed by Simon.

        Fix compilation with Qt namespaces.

        * wtf/Threading.h:

2008-10-07  Sam Weinig  <sam (a] webkit.org>

        Roll out r37405.

2008-10-07  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Switch CTI runtime calls to the fastcall calling convention

        Basically this means that we get to store the argument for CTI
        calls in the ECX register, which saves a register->memory write
        and subsequent memory->register read.
        
        This is a 1.7% progression in SunSpider and 2.4% on commandline
        v8 tests on Windows

        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        * VM/CTI.h:
        * VM/Machine.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitRestoreArgumentReference):
        (JSC::X86Assembler::emitRestoreArgumentReferenceForTrampoline):
          We need this to correctly reload ecx from inside certain property access
          trampolines.
        * wtf/Platform.h:

2008-10-07  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Mark Rowe.
        
        - optimize away multiplication by constant 1.0
        
        2.3% speedup on v8 RayTrace benchmark

        Apparently it's not uncommon for JavaScript code to multiply by
        constant 1.0 in the mistaken belief that this converts integer to
        floating point and that there is any operational difference.
        
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass): Optimize to_jsnumber for
        case where parameter is already number.
        (JSC::CTI::privateCompileSlowCases): ditto
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): ditto
        * kjs/grammar.y:
        (makeMultNode): Transform as follows:
        +FOO * BAR ==> FOO * BAR
        FOO * +BAR ==> FOO * BAR
        FOO * 1 ==> +FOO
        1 * FOO ==> +FOO
        (makeDivNode): Transform as follows:
        +FOO / BAR ==> FOO / BAR
        FOO / +BAR ==> FOO / BAR
        (makeSubNode): Transform as follows:
        +FOO - BAR ==> FOO - BAR
        FOO - +BAR ==> FOO - BAR
        * kjs/nodes.h:
        (JSC::ExpressionNode::stripUnaryPlus): Helper for above
        grammar.y changes
        (JSC::UnaryPlusNode::stripUnaryPlus): ditto

2008-10-07  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - make constant folding code more consistent
        
        Added a makeSubNode to match add, mult and div; use the makeFooNode functions always,
        instead of allocating nodes directly in other places in the grammar.

        * kjs/grammar.y:

2008-10-07  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Move hasGetterSetterProperties flag from PropertyMap to StructureID.

        * kjs/JSObject.cpp:
        (JSC::JSObject::put):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        * kjs/JSObject.h:
        (JSC::JSObject::hasGetterSetterProperties):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSObject::getOwnPropertySlot):
        * kjs/PropertyMap.h:
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::addPropertyTransition):
        (JSC::StructureID::toDictionaryTransition):
        (JSC::StructureID::changePrototypeTransition):
        (JSC::StructureID::getterSetterTransition):
        * kjs/StructureID.h:
        (JSC::StructureID::hasGetterSetterProperties):
        (JSC::StructureID::setHasGetterSetterProperties):

2008-10-07  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Roll r37370 back in with bug fixes.

        - PropertyMap::storageSize() should reflect the number of keys + deletedOffsets
          and has nothing to do with the internal deletedSentinel count anymore.

2008-10-07  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Move callframe initialization into JIT code, again.
        
        As a part of the restructuring the second result from functions is now
        returned in edx, allowing the new value of 'r' to be returned via a
        register, and stored to the stack from JIT code, too.

        4.5% progression on v8-tests. (3% in their harness)

        * VM/CTI.cpp:
        (JSC::):
        (JSC::CTI::emitCall):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        * VM/CTI.h:
        (JSC::CallRecord::CallRecord):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_resolve_func):
        (JSC::Machine::cti_op_post_inc):
        (JSC::Machine::cti_op_resolve_with_base):
        (JSC::Machine::cti_op_post_dec):
        * VM/Machine.h:
        * kjs/JSFunction.h:
        * kjs/ScopeChain.h:

2008-10-07  Mark Rowe  <mrowe (a] apple.com>

        Fix typo in method name.

        * wrec/WREC.cpp:
        * wrec/WREC.h:

2008-10-07  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Mark Rowe.

        Roll out r37370.

2008-10-06  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21415
        Improve the division between PropertyStorageArray and PropertyMap

        - Rework ProperyMap to store offsets in the value so that they don't
          change when rehashing.  This allows us not to have to keep the 
          PropertyStorageArray in sync and thus not have to pass it in.
        - Rename PropertyMap::getOffset -> PropertyMap::get since put/remove
          now also return offsets.
        - A Vector of deleted offsets is now needed since the storage is out of
          band.

        1% win on SunSpider.  Wash on V8 suite.

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::transitionWillNeedStorageRealloc):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        Transition logic can be greatly simplified by the fact that
        the storage capacity is always known, and is correct for the
        inline case.
        * kjs/JSObject.cpp:
        (JSC::JSObject::put): Rename getOffset -> get.
        (JSC::JSObject::deleteProperty): Ditto.
        (JSC::JSObject::getPropertyAttributes): Ditto.
        (JSC::JSObject::removeDirect): Use returned offset to
        clear the value in the PropertyNameArray.
        (JSC::JSObject::allocatePropertyStorage): Add assert.
        * kjs/JSObject.h:
        (JSC::JSObject::getDirect): Rename getOffset -> get
        (JSC::JSObject::getDirectLocation): Rename getOffset -> get
        (JSC::JSObject::putDirect): Use propertyStorageCapacity to determine whether
        or not to resize.  Also, since put now returns an offset (and thus 
        addPropertyTransition does also) setting of the PropertyStorageArray is
        now done here.
        (JSC::JSObject::transitionTo):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::checkConsistency): PropertyStorageArray is no longer 
        passed in.
        (JSC::PropertyMap::operator=): Copy the delete offsets vector.
        (JSC::PropertyMap::put): Instead of setting the PropertyNameArray
        explicitly, return the offset where the value should go.
        (JSC::PropertyMap::remove): Instead of removing from the PropertyNameArray
        explicitly, return the offset where the value should be removed.
        (JSC::PropertyMap::get): Switch to using the stored offset, instead
        of the implicit one.
        (JSC::PropertyMap::insert):
        (JSC::PropertyMap::expand): This is never called when m_table is null,
        so remove that branch and add it as an assertion.
        (JSC::PropertyMap::createTable): Consistency checks no longer take
        a PropertyNameArray.
        (JSC::PropertyMap::rehash): No need to rehash the PropertyNameArray
        now that it is completely out of band.
        * kjs/PropertyMap.h:
        (JSC::PropertyMapEntry::PropertyMapEntry): Store offset into PropertyNameArray.
        (JSC::PropertyMap::get): Switch to using the stored offset, instead
        of the implicit one.
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID): Initialize the propertyStorageCapacity to 
        JSObject::inlineStorageCapacity.
        (JSC::StructureID::growPropertyStorageCapacity): Grow the storage capacity as
        described below.
        (JSC::StructureID::addPropertyTransition): Copy the storage capacity.
        (JSC::StructureID::toDictionaryTransition): Ditto.
        (JSC::StructureID::changePrototypeTransition): Ditto.
        (JSC::StructureID::getterSetterTransition): Ditto.
        * kjs/StructureID.h:
        (JSC::StructureID::propertyStorageCapacity): Add propertyStorageCapacity
        which is the current capacity for the JSObjects PropertyStorageArray.
        It starts at the JSObject::inlineStorageCapacity (currently 2), then
        when it first needs to be resized moves to the JSObject::nonInlineBaseStorageCapacity
        (currently 16), and after that doubles each time.

2008-10-06  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 21396: Remove the OptionalCalleeActivation call frame slot
        <https://bugs.webkit.org/show_bug.cgi?id=21396>

        Remove the OptionalCalleeActivation call frame slot. We have to be
        careful to store the activation object in a register, because objects
        in the scope chain do not get marked.

        This is a 0.3% speedup on both SunSpider and the V8 benchmark.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::emitReturn):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_push_activation):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_construct_JSConstruct):
        * VM/Machine.h:
        (JSC::Machine::initializeCallFrame):
        * VM/RegisterFile.h:
        (JSC::RegisterFile::):

2008-10-06  Tony Chang  <tony (a] chromium.org>

        Reviewed by Alexey Proskuryakov.

        Chromium doesn't use pthreads on windows, so make its use conditional.
        
        Also convert a WORD to a DWORD to avoid a compiler warning.  This
        matches the other methods around it.

        * wtf/ThreadingWin.cpp:
        (WTF::wtfThreadEntryPoint):
        (WTF::ThreadCondition::broadcast):

2008-10-06  Mark Mentovai  <mark (a] moxienet.com>

        Reviewed by Tim Hatcher.

        Allow ENABLE_DASHBOARD_SUPPORT and ENABLE_MAC_JAVA_BRIDGE to be
        disabled on the Mac.

        https://bugs.webkit.org/show_bug.cgi?id=21333

        * wtf/Platform.h:

2008-10-06  Steve Falkenburg  <sfalken (a] apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=21416
        Pass 0 for size to VirtualAlloc, as documented by MSDN.
        Identified by Application Verifier.
        
        Reviewed by Darin Adler.

        * kjs/collector.cpp:
        (KJS::freeBlock):

2008-10-06  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Tim Hatcheri and Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=21412
        Bug 21412: Refactor user initiated profile count to be more stable
        - Export UString::from for use with creating the profile title.

        * JavaScriptCore.exp:

2008-10-06  Maciej Stachowiak  <mjs (a] apple.com>

        Not reviewed. Build fix.
        
        - revert toBoolean changes (r37333 and r37335); need to make WebCore work with these

        * API/JSValueRef.cpp:
        (JSValueToBoolean):
        * ChangeLog:
        * JavaScriptCore.exp:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        * kjs/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncSome):
        * kjs/BooleanConstructor.cpp:
        (JSC::constructBoolean):
        (JSC::callBooleanConstructor):
        * kjs/GetterSetter.h:
        * kjs/JSCell.h:
        (JSC::JSValue::toBoolean):
        * kjs/JSNumberCell.cpp:
        (JSC::JSNumberCell::toBoolean):
        * kjs/JSNumberCell.h:
        * kjs/JSObject.cpp:
        (JSC::JSObject::toBoolean):
        * kjs/JSObject.h:
        * kjs/JSString.cpp:
        (JSC::JSString::toBoolean):
        * kjs/JSString.h:
        * kjs/JSValue.h:
        * kjs/RegExpConstructor.cpp:
        (JSC::setRegExpConstructorMultiline):
        * kjs/RegExpObject.cpp:
        (JSC::RegExpObject::match):
        * kjs/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncToString):

2008-10-06  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Sam Weinig.
        
        - optimize op_jtrue, op_loop_if_true and op_not in various ways
        https://bugs.webkit.org/show_bug.cgi?id=21404
        
        1) Make JSValue::toBoolean nonvirtual and completely inline by
        making use of the StructureID type field.
        
        2) Make JSValue::toBoolean not take an ExecState; doesn't need it.
        
        3) Make op_not, op_loop_if_true and op_jtrue not read the
        ExecState (toBoolean doesn't need it any more) and not check
        exceptions (toBoolean can't throw).

        * API/JSValueRef.cpp:
        (JSValueToBoolean):
        * JavaScriptCore.exp:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_loop_if_true):
        (JSC::Machine::cti_op_not):
        (JSC::Machine::cti_op_jtrue):
        * kjs/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncFilter):
        (JSC::arrayProtoFuncEvery):
        (JSC::arrayProtoFuncSome):
        * kjs/BooleanConstructor.cpp:
        (JSC::constructBoolean):
        (JSC::callBooleanConstructor):
        * kjs/GetterSetter.h:
        * kjs/JSCell.h:
        (JSC::JSValue::toBoolean):
        * kjs/JSNumberCell.cpp:
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::toBoolean):
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        (JSC::JSObject::toBoolean):
        (JSC::JSCell::toBoolean):
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        (JSC::JSString::toBoolean):
        * kjs/JSValue.h:
        * kjs/RegExpConstructor.cpp:
        (JSC::setRegExpConstructorMultiline):
        * kjs/RegExpObject.cpp:
        (JSC::RegExpObject::match):
        * kjs/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncToString):

2008-10-06  Ariya Hidayat  <ariya.hidayat (a] trolltech.com>

        Reviewed by Simon.

        Build fix for MinGW.

        * JavaScriptCore.pri:
        * kjs/DateMath.cpp:
        (JSC::highResUpTime):

2008-10-05  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Remove ScopeNode::containsClosures() now that it is unused.

        * kjs/nodes.h:
        (JSC::ScopeNode::containsClosures):

2008-10-05  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix releas-only test failures caused by the fix to bug 21375

        * VM/Machine.cpp:
        (JSC::Machine::unwindCallFrame): Update ExecState while unwinding call frames;
        it now matters more to have a still-valid ExecState, since dynamicGlobalObject
        will make use of the ExecState's scope chain.
        * VM/Machine.h:

2008-10-05  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Oliver Hunt.

        Bug 21364: Remove the branch in op_ret for OptionalCalleeActivation and OptionalCalleeArguments
        <https://bugs.webkit.org/show_bug.cgi?id=21364>

        Use information from the parser to detect whether an activation is
        needed or 'arguments' is used, and emit explicit instructions to tear
        them off before op_ret. This allows a branch to be removed from op_ret
        and simplifies some other code. This does cause a small change in the
        behaviour of 'f.arguments'; it is no longer live when 'arguments' is not
        mentioned in the lexical scope of the function.

        It should now be easy to remove the OptionaCalleeActivation slot in the
        call frame, but this will be done in a later patch.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitReturn):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::privateExecute):
        (JSC::Machine::retrieveArguments):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_tear_off_activation):
        (JSC::Machine::cti_op_tear_off_arguments):
        * VM/Machine.h:
        * VM/Opcode.h:
        * kjs/Arguments.cpp:
        (JSC::Arguments::mark):
        * kjs/Arguments.h:
        (JSC::Arguments::isTornOff):
        (JSC::Arguments::Arguments):
        (JSC::Arguments::copyRegisters):
        (JSC::JSActivation::copyRegisters):
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * kjs/JSActivation.h:

2008-10-05  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - fixed "REGRESSION (r37297): fast/js/deep-recursion-test takes too long and times out"
        https://bugs.webkit.org/show_bug.cgi?id=21375
        
        The problem is that dynamicGlobalObject had become O(N) in number
        of call frames, but unwinding the stack for an exception called it
        for every call frame, resulting in O(N^2) behavior for an
        exception thrown from inside deep recursion.

        Instead of doing it that way, stash the dynamic global object in JSGlobalData.
        
        * JavaScriptCore.exp:
        * VM/Machine.cpp:
        (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): Helper class to temporarily
        store and later restore a dynamicGlobalObject in JSGlobalData.
        (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
        (JSC::Machine::execute): In each version, establish a DynamicGlobalObjectScope.
        For ProgramNode, always establish set new dynamicGlobalObject, for FunctionBody and Eval,
        only if none is currently set.
        * VM/Machine.h:
        * kjs/ExecState.h:
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Ininitalize new dynamicGlobalObject field to 0.
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.h:
        (JSC::ExecState::dynamicGlobalObject): Moved here from ExecState for benefit of inlining.
        Return lexical global object if this is a globalExec(), otherwise look in JSGlobalData
        for the one stashed there.

2008-10-05  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak.

        Avoid an extra lookup when transitioning to an existing StructureID
        by caching the offset of property that caused the transition.

        1% win on V8 suite.  Wash on SunSpider.

        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::put):
        * kjs/PropertyMap.h:
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::addPropertyTransition):
        * kjs/StructureID.h:
        (JSC::StructureID::setCachedTransistionOffset):
        (JSC::StructureID::cachedTransistionOffset):

2008-10-05  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21364: Remove the branch in op_ret for OptionalCalleeActivation and OptionalCalleeArguments
        <https://bugs.webkit.org/show_bug.cgi?id=21364>

        This patch does not yet remove the branch, but it does a bit of refactoring
        so that a CodeGenerator now knows whether the associated CodeBlock will need
        a full scope before doing any code generation. This makes it possible to emit
        explicit tear-off instructions before every op_ret.

        * VM/CodeBlock.h:
        (JSC::CodeBlock::CodeBlock):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::generate):
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::emitPushScope):
        (JSC::CodeGenerator::emitPushNewScope):
        * kjs/nodes.h:
        (JSC::ScopeNode::needsActivation):

2008-10-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Cameron Zwarich.

        Fix for bug #21387 - using SamplingTool with CTI.

        (1) A repatch offset offset changes due to an additional instruction to update SamplingTool state.
        (2) Fix an incusion order problem due to ExecState changes.
        (3) Change to a MACHINE_SAMPLING macro, use of exec should now be accessing global data.

        * VM/CTI.h:
        (JSC::CTI::execute):
        * VM/SamplingTool.h:
        (JSC::SamplingTool::privateExecuteReturned):
        * kjs/Shell.cpp:

2008-10-04  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Tim Hatcher.

        Add a 'Check For Weak VTables' build phase to catch weak vtables as early as possible.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-10-04  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Fix https://bugs.webkit.org/show_bug.cgi?id=21320
        leaks of PropertyNameArrayData seen on buildbot

        - Fix RefPtr cycle by making PropertyNameArrayData's pointer back
          to the StructureID a weak pointer.

        * kjs/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::setCachedStructureID):
        (JSC::PropertyNameArrayData::cachedStructureID):
        * kjs/StructureID.cpp:
        (JSC::StructureID::getEnumerablePropertyNames):
        (JSC::StructureID::clearEnumerationCache):
        (JSC::StructureID::~StructureID):

2008-10-04  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - https://bugs.webkit.org/show_bug.cgi?id=21295
          Bug 21295: Replace ExecState with a call frame Register pointer

        10% faster on Richards; other v8 benchmarks faster too.
        A wash on SunSpider.

        This does the minimum necessary to get the speedup. Next step in
        cleaning this up is to replace ExecState with a CallFrame class,
        and be more judicious about when to pass a call frame and when
        to pass a global data pointer, global object pointer, or perhaps
        something else entirely.

        * VM/CTI.cpp: Remove the debug-only check of the exception in
        ctiVMThrowTrampoline -- already checked in the code the trampoline
        jumps to, so not all that useful. Removed the exec argument from
        ctiTrampoline. Removed emitDebugExceptionCheck -- no longer needed.
        (JSC::CTI::emitCall): Removed code to set ExecState::m_callFrame.
        (JSC::CTI::privateCompileMainPass): Removed code in catch to extract
        the exception from ExecState::m_exception; instead, the code that
        jumps into catch will make sure the exception is already in eax.
        * VM/CTI.h: Removed exec from the ctiTrampoline. Also removed the
        non-helpful "volatile". Temporarily left ARG_exec in as a synonym
        for ARG_r; I'll change that on a future cleanup pass when introducing
        more use of the CallFrame type.
        (JSC::CTI::execute): Removed the ExecState* argument.

        * VM/ExceptionHelpers.cpp:
        (JSC::InterruptedExecutionError::InterruptedExecutionError): Take
        JSGlobalData* instead of ExecState*.
        (JSC::createInterruptedExecutionException): Ditto.
        * VM/ExceptionHelpers.h: Ditto. Also removed an unneeded include.

        * VM/Machine.cpp:
        (JSC::slideRegisterWindowForCall): Removed the exec and
        exceptionValue arguments. Changed to return 0 when there's a stack
        overflow rather than using a separate exception argument to cut
        down on memory accesses in the calling convention.
        (JSC::Machine::unwindCallFrame): Removed the exec argument when
        constructing a DebuggerCallFrame. Also removed code to set
        ExecState::m_callFrame.
        (JSC::Machine::throwException): Removed the exec argument when
        construction a DebuggerCallFrame.
        (JSC::Machine::execute): Updated to use the register instead of
        ExecState and also removed various uses of ExecState.
        (JSC::Machine::debug):
        (JSC::Machine::privateExecute): Put globalData into a local
        variable so it can be used throughout the interpreter. Changed
        the VM_CHECK_EXCEPTION to get the exception in globalData instead
        of through ExecState.
        (JSC::Machine::retrieveLastCaller): Turn exec into a registers
        pointer by calling registers() instead of by getting m_callFrame.
        (JSC::Machine::callFrame): Ditto.
        Tweaked exception macros. Made new versions for when you know
        you have an exception. Get at global exception with ARG_globalData.
        Got rid of the need to pass in the return value type.
        (JSC::Machine::cti_op_add): Update to use new version of exception
        macros.
        (JSC::Machine::cti_op_pre_inc): Ditto.
        (JSC::Machine::cti_timeout_check): Ditto.
        (JSC::Machine::cti_op_instanceof): Ditto.
        (JSC::Machine::cti_op_new_func): Ditto.
        (JSC::Machine::cti_op_call_JSFunction): Optimized by using the
        ARG values directly instead of through local variables -- this gets
        rid of code that just shuffles things around in the stack frame.
        Also get rid of ExecState and update for the new way exceptions are
        handled in slideRegisterWindowForCall.
        (JSC::Machine::cti_vm_compile): Update to make exec out of r since
        they are both the same thing now.
        (JSC::Machine::cti_op_call_NotJSFunction): Ditto.
        (JSC::Machine::cti_op_init_arguments): Ditto.
        (JSC::Machine::cti_op_resolve): Ditto.
        (JSC::Machine::cti_op_construct_JSConstruct): Ditto.
        (JSC::Machine::cti_op_construct_NotJSConstruct): Ditto.
        (JSC::Machine::cti_op_resolve_func): Ditto.
        (JSC::Machine::cti_op_put_by_val): Ditto.
        (JSC::Machine::cti_op_put_by_val_array): Ditto.
        (JSC::Machine::cti_op_resolve_skip): Ditto.
        (JSC::Machine::cti_op_resolve_global): Ditto.
        (JSC::Machine::cti_op_post_inc): Ditto.
        (JSC::Machine::cti_op_resolve_with_base): Ditto.
        (JSC::Machine::cti_op_post_dec): Ditto.
        (JSC::Machine::cti_op_call_eval): Ditto.
        (JSC::Machine::cti_op_throw): Ditto. Also rearranged to return
        the exception value as the return value so it can be used by
        op_catch.
        (JSC::Machine::cti_op_push_scope): Ditto.
        (JSC::Machine::cti_op_in): Ditto.
        (JSC::Machine::cti_op_del_by_val): Ditto.
        (JSC::Machine::cti_vm_throw): Ditto. Also rearranged to return
        the exception value as the return value so it can be used by
        op_catch.

        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName): Pass globalData.
        (JSC::DebuggerCallFrame::evaluate): Eliminated code to make a
        new ExecState.
        * kjs/DebuggerCallFrame.h: Removed ExecState argument from
        constructor.

        * kjs/ExecState.h: Eliminated all data members and made ExecState
        inherit privately from Register instead. Also added a typedef to
        the future name for this class, which is CallFrame. It's just a
        Register* that knows it's a pointer at a call frame. The new class
        can't be constructed or copied. Changed all functions to use
        the this pointer instead of m_callFrame. Changed exception-related
        functions to access an exception in JSGlobalData. Removed functions
        used by CTI to pass the return address to the throw machinery --
        this is now done directly with a global in the global data.

        * kjs/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString): Pass globalData instead of exec.

        * kjs/InternalFunction.cpp:
        (JSC::InternalFunction::name): Take globalData instead of exec.
        * kjs/InternalFunction.h: Ditto.

        * kjs/JSGlobalData.cpp: Initialize the new exception global to 0.
        * kjs/JSGlobalData.h: Declare two new globals. One for the current
        exception and another for the return address used by CTI to
        implement the throw operation.

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init): Removed code to set up globalExec,
        which is now the same thing as globalCallFrame.
        (JSC::JSGlobalObject::reset): Get globalExec from our globalExec
        function so we don't have to repeat the logic twice.
        (JSC::JSGlobalObject::mark): Removed code to mark the exception;
        the exception is now stored in JSGlobalData and marked there.
        (JSC::JSGlobalObject::globalExec): Return a pointer to the end
        of the global call frame.
        * kjs/JSGlobalObject.h: Removed the globalExec data member.

        * kjs/JSObject.cpp:
        (JSC::JSObject::putDirectFunction): Pass globalData instead of exec.

        * kjs/collector.cpp:
        (JSC::Heap::collect): Mark the global exception.

        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::addParentForConsoleStart): Pass globalData
        instead of exec to createCallIdentifier.

        * profiler/Profiler.cpp:
        (JSC::Profiler::willExecute): Pass globalData instead of exec to
        createCallIdentifier.
        (JSC::Profiler::didExecute): Ditto.
        (JSC::Profiler::createCallIdentifier): Take globalData instead of
        exec.
        (JSC::createCallIdentifierFromFunctionImp): Ditto.
        * profiler/Profiler.h: Change interface to take a JSGlobalData
        instead of an ExecState.

2008-10-04  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 21369: Add opcode documentation for all undocumented opcodes
        <https://bugs.webkit.org/show_bug.cgi?id=21369>

        This patch adds opcode documentation for all undocumented opcodes, and
        it also renames op_init_arguments to op_create_arguments.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_create_arguments):
        * VM/Machine.h:
        * VM/Opcode.h:

2008-10-03  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - "this" object in methods called on primitives should be wrapper object
        https://bugs.webkit.org/show_bug.cgi?id=21362

        I changed things so that functions which use "this" do a fast
        version of toThisObject conversion if needed. Currently we miss
        the conversion entirely, at least for primitive types. Using
        TypeInfo and the primitive check, I made the fast case bail out
        pretty fast.
        
        This is inexplicably an 1.007x SunSpider speedup (and a wash on V8 benchmarks).
     
        Also renamed some opcodes for clarity:
        
        init ==> enter
        init_activation ==> enter_with_activation
        
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::generate):
        (JSC::CodeGenerator::CodeGenerator):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_convert_this):
        * VM/Machine.h:
        * VM/Opcode.h:
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        * kjs/JSActivation.h:
        (JSC::JSActivation::createStructureID):
        * kjs/JSCell.h:
        (JSC::JSValue::needsThisConversion):
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * kjs/JSGlobalData.h:
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::createStructureID):
        * kjs/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::JSStaticScopeObject):
        (JSC::JSStaticScopeObject::createStructureID):
        * kjs/JSString.h:
        (JSC::JSString::createStructureID):
        * kjs/JSValue.h:
        * kjs/TypeInfo.h:
        (JSC::TypeInfo::needsThisConversion):
        * kjs/nodes.h:
        (JSC::ScopeNode::usesThis):

2008-10-03  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21356: The size of the RegisterFile differs depending on 32-bit / 64-bit and Debug / Release
        <https://bugs.webkit.org/show_bug.cgi?id=21356>

        The RegisterFile decreases in size (measured in terms of numbers of
        Registers) as the size of a Register increases. This causes

            js1_5/Regress/regress-159334.js

        to fail in 64-bit debug builds. This fix makes the RegisterFile on all
        platforms the same size that it is in 32-bit Release builds.

        * VM/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):

2008-10-03  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - Some code cleanup to how we handle code features.
        
        1) Rename FeatureInfo typedef to CodeFeatures.
        2) Rename NodeFeatureInfo template to NodeInfo.
        3) Keep CodeFeature bitmask in ScopeNode instead of trying to break it out into individual bools.
        4) Rename misleadingly named "needsClosure" method to "containsClosures", which better describes the meaning
        of ClosureFeature.
        5) Make setUsersArguments() not take an argument since it only goes one way.

        * JavaScriptCore.exp:
        * VM/CodeBlock.h:
        (JSC::CodeBlock::CodeBlock):
        * kjs/NodeInfo.h:
        * kjs/Parser.cpp:
        (JSC::Parser::didFinishParsing):
        * kjs/Parser.h:
        (JSC::Parser::parse):
        * kjs/grammar.y:
        * kjs/nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        (JSC::ProgramNode::ProgramNode):
        (JSC::ProgramNode::create):
        (JSC::EvalNode::EvalNode):
        (JSC::EvalNode::create):
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::create):
        * kjs/nodes.h:
        (JSC::ScopeNode::usesEval):
        (JSC::ScopeNode::containsClosures):
        (JSC::ScopeNode::usesArguments):
        (JSC::ScopeNode::setUsesArguments):

2008-10-03  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21343: REGRESSSION (r37160): ecma_3/ExecutionContexts/10.1.3-1.js and js1_4/Functions/function-001.js fail on 64-bit
        <https://bugs.webkit.org/show_bug.cgi?id=21343>

        A fix was landed for this issue in r37253, and the ChangeLog assumes
        that it is a compiler bug, but it turns out that it is a subtle issue
        with mixing signed and unsigned 32-bit values in a 64-bit environment.
        In order to properly fix this bug, we should convert our signed offsets
        into the register file to use ptrdiff_t.

        This may not be the only instance of this issue, but I will land this
        fix first and look for more later.

        * VM/Machine.cpp:
        (JSC::Machine::getArgumentsData):
        * VM/Machine.h:
        * kjs/Arguments.cpp:
        (JSC::Arguments::getOwnPropertySlot):
        * kjs/Arguments.h:
        (JSC::Arguments::init):

2008-10-03  Darin Adler  <darin (a] apple.com>

        * VM/CTI.cpp: Another Windows build fix. Change the args of ctiTrampoline.

        * kjs/JSNumberCell.h: A build fix for newer versions of gcc. Added
        declarations of JSGlobalData overloads of jsNumberCell.

2008-10-03  Darin Adler  <darin (a] apple.com>

        - try to fix Windows build

        * kjs/ScopeChain.h: Add forward declaration of JSGlobalData.

2008-10-03  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoff Garen.

        - next step of https://bugs.webkit.org/show_bug.cgi?id=21295
          Turn ExecState into a call frame pointer.

        Remove m_globalObject and m_globalData from ExecState.

        SunSpider says this is a wash (slightly faster but not statistically
        significant); which is good enough since it's a preparation step and
        not supposed to be a spedup.

        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::JSCallbackFunction):
        * kjs/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * kjs/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * kjs/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * kjs/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * kjs/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * kjs/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        * kjs/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * kjs/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * kjs/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * kjs/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * kjs/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * kjs/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        Pass JSGlobalData* instead of ExecState* to the InternalFunction
        constructor.

        * API/OpaqueJSString.cpp: Added now-needed include.

        * JavaScriptCore.exp: Updated.

        * VM/CTI.cpp:
        (JSC::CTI::emitSlowScriptCheck): Changed to use ARGS_globalData
        instead of ARGS_exec.

        * VM/CTI.h: Added a new argument to the CTI, the global data pointer.
        While it's possible to get to the global data pointer using the
        ExecState pointer, it's slow enough that it's better to just keep
        it around in the CTI arguments.

        * VM/CodeBlock.h: Moved the CodeType enum here from ExecState.h.

        * VM/Machine.cpp:
        (JSC::Machine::execute): Pass fewer arguments when constructing
        ExecState, and pass the global data pointer when invoking CTI.
        (JSC::Machine::firstCallFrame): Added. Used to get the dynamic global
        object, which is in the scope chain of the first call frame.
        (JSC::Machine::cti_op_add): Use globalData instead of exec when
        possible, to keep fast cases fast, since it's now more expensive to
        get to it through the exec pointer.
        (JSC::Machine::cti_timeout_check): Ditto.
        (JSC::Machine::cti_op_put_by_id_second): Ditto.
        (JSC::Machine::cti_op_get_by_id_second): Ditto.
        (JSC::Machine::cti_op_mul): Ditto.
        (JSC::Machine::cti_vm_compile): Ditto.
        (JSC::Machine::cti_op_get_by_val): Ditto.
        (JSC::Machine::cti_op_sub): Ditto.
        (JSC::Machine::cti_op_put_by_val): Ditto.
        (JSC::Machine::cti_op_put_by_val_array): Ditto.
        (JSC::Machine::cti_op_negate): Ditto.
        (JSC::Machine::cti_op_div): Ditto.
        (JSC::Machine::cti_op_pre_dec): Ditto.
        (JSC::Machine::cti_op_post_inc): Ditto.
        (JSC::Machine::cti_op_lshift): Ditto.
        (JSC::Machine::cti_op_bitand): Ditto.
        (JSC::Machine::cti_op_rshift): Ditto.
        (JSC::Machine::cti_op_bitnot): Ditto.
        (JSC::Machine::cti_op_mod): Ditto.
        (JSC::Machine::cti_op_post_dec): Ditto.
        (JSC::Machine::cti_op_urshift): Ditto.
        (JSC::Machine::cti_op_bitxor): Ditto.
        (JSC::Machine::cti_op_bitor): Ditto.
        (JSC::Machine::cti_op_call_eval): Ditto.
        (JSC::Machine::cti_op_throw): Ditto.
        (JSC::Machine::cti_op_is_string): Ditto.
        (JSC::Machine::cti_op_debug): Ditto.
        (JSC::Machine::cti_vm_throw): Ditto.

        * VM/Machine.h: Added firstCallFrame.

        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate): Pass fewer arguments when
        constructing ExecState.

        * kjs/ExecState.cpp: Deleted contents. Later we'll remove the
        file altogether.

        * kjs/ExecState.h: Removed m_globalObject and m_globalData.
        Moved CodeType into another header.
        (JSC::ExecState::ExecState): Take only a single argument, a
        call frame pointer.
        (JSC::ExecState::dynamicGlobalObject): Get the object from
        the first call frame since it's no longer stored.
        (JSC::ExecState::globalData): Get the global data from the
        scope chain, since we no longer store a pointer to it here.
        (JSC::ExecState::identifierTable): Ditto.
        (JSC::ExecState::propertyNames): Ditto.
        (JSC::ExecState::emptyList): Ditto.
        (JSC::ExecState::lexer): Ditto.
        (JSC::ExecState::parser): Ditto.
        (JSC::ExecState::machine): Ditto.
        (JSC::ExecState::arrayTable): Ditto.
        (JSC::ExecState::dateTable): Ditto.
        (JSC::ExecState::mathTable): Ditto.
        (JSC::ExecState::numberTable): Ditto.
        (JSC::ExecState::regExpTable): Ditto.
        (JSC::ExecState::regExpConstructorTable): Ditto.
        (JSC::ExecState::stringTable): Ditto.
        (JSC::ExecState::heap): Ditto.

        * kjs/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor): Pass
        JSGlobalData* instead of ExecState* to the InternalFunction
        constructor.
        (JSC::constructFunction): Pass the global data pointer when
        constructing a new scope chain.

        * kjs/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction): Take a JSGlobalData*
        instead of an ExecState*. Later we can change more places to
        work this way -- it's more efficient to take the type you need
        since the caller might already have it.
        * kjs/InternalFunction.h: Ditto.

        * kjs/JSCell.h:
        (JSC::JSCell::operator new): Added an overload that takes a
        JSGlobalData* so you can construct without an ExecState*.

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init): Moved creation of the global scope
        chain in here, since it now requires a pointer to the global data.
        Moved the initialization of the call frame in here since it requires
        the global scope chain node. Removed the extra argument to ExecState
        when creating the global ExecState*.
        * kjs/JSGlobalObject.h: Removed initialization of globalScopeChain
        and the call frame from the JSGlobalObjectData constructor. Added
        a thisValue argument to the init function.

        * kjs/JSNumberCell.cpp: Added versions of jsNumberCell that take
        JSGlobalData* rather than ExecState*.
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::operator new): Added a version that takes
        JSGlobalData*.
        (JSC::JSNumberCell::JSNumberCell): Ditto.
        (JSC::jsNumber): Ditto.
        * kjs/JSString.cpp:
        (JSC::jsString): Ditto.
        (JSC::jsSubstring): Ditto.
        (JSC::jsOwnedString): Ditto.
        * kjs/JSString.h:
        (JSC::JSString::JSString): Changed to take JSGlobalData*.
        (JSC::jsEmptyString): Added a version that takes JSGlobalData*.
        (JSC::jsSingleCharacterString): Ditto.
        (JSC::jsSingleCharacterSubstring): Ditto.
        (JSC::jsNontrivialString): Ditto.
        (JSC::JSString::getIndex): Ditto.
        (JSC::jsString): Ditto.
        (JSC::jsSubstring): Ditto.
        (JSC::jsOwnedString): Ditto.

        * kjs/ScopeChain.h: Added a globalData pointer to each node.
        (JSC::ScopeChainNode::ScopeChainNode): Initialize the globalData
        pointer.
        (JSC::ScopeChainNode::push): Set the global data pointer in the
        new node.
        (JSC::ScopeChain::ScopeChain): Take a globalData argument.

        * kjs/SmallStrings.cpp:
        (JSC::SmallStrings::createEmptyString): Take JSGlobalData* instead of
        ExecState*.
        (JSC::SmallStrings::createSingleCharacterString): Ditto.
        * kjs/SmallStrings.h:
        (JSC::SmallStrings::emptyString): Ditto.
        (JSC::SmallStrings::singleCharacterString): Ditto.

2008-10-03  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 21343: REGRESSSION (r37160): ecma_3/ExecutionContexts/10.1.3-1.js and js1_4/Functions/function-001.js fail on 64-bit
        <https://bugs.webkit.org/show_bug.cgi?id=21343>

        Add a workaround for a bug in GCC, which affects GCC 4.0, GCC 4.2, and
        llvm-gcc 4.2. I put it in an #ifdef because it was a slight regression
        on SunSpider in 32-bit, although that might be entirely random.

        * kjs/Arguments.cpp:
        (JSC::Arguments::getOwnPropertySlot):

2008-10-03  Darin Adler  <darin (a] apple.com>

        Rubber stamped by Alexey Proskuryakov.

        * kjs/Shell.cpp: (main): Don't delete JSGlobalData. Later, we need to change
        this tool to use public JavaScriptCore API instead.

2008-10-03  Darin Adler  <darin (a] apple.com>

        Suggested by Alexey Proskuryakov.

        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData): Remove call to heap.destroy() because
        it's too late to ref the JSGlobalData object once it's already being
        destroyed. In practice this is not a problem because WebCore's JSGlobalData
        is never destroyed and JSGlobalContextRelease takes care of calling
        heap.destroy() in advance.

2008-10-02  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Replace SSE3 check with an SSE2 check, and implement SSE2 check on windows.

        5.6% win on SunSpider on windows.

        * VM/CTI.cpp:
        (JSC::isSSE2Present):
        (JSC::CTI::compileBinaryArithOp):
        (JSC::CTI::compileBinaryArithOpSlowCase):

2008-10-03  Maciej Stachowiak  <mjs (a] apple.com>

        Rubber stamped by Cameron Zwarich.
        
        - fix mistaken change of | to || which caused a big perf regression on EarleyBoyer

        * kjs/grammar.y:

2008-10-02  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoff Garen.

        - https://bugs.webkit.org/show_bug.cgi?id=21321
          Bug 21321: speed up JavaScriptCore by inlining Heap in JSGlobalData

        1.019x as fast on SunSpider.

        * API/JSBase.cpp:
        (JSEvaluateScript): Use heap. instead of heap-> to work with the heap.
        (JSCheckScriptSyntax): Ditto.
        (JSGarbageCollect): Ditto.
        (JSReportExtraMemoryCost): Ditto.
        * API/JSContextRef.cpp:
        (JSGlobalContextRetain): Ditto.
        (JSGlobalContextRelease): Destroy the heap with the destroy function instead
        of the delete operator.
        (JSContextGetGlobalObject): Use heap. instead of heap-> to work with the heap.
        * API/JSObjectRef.cpp:
        (JSObjectMake): Use heap. instead of heap-> to work with the heap.
        (JSObjectMakeFunctionWithCallback): Ditto.
        (JSObjectMakeConstructor): Ditto.
        (JSObjectMakeFunction): Ditto.
        (JSObjectMakeArray): Ditto.
        (JSObjectMakeDate): Ditto.
        (JSObjectMakeError): Ditto.
        (JSObjectMakeRegExp): Ditto.
        (JSObjectHasProperty): Ditto.
        (JSObjectGetProperty): Ditto.
        (JSObjectSetProperty): Ditto.
        (JSObjectGetPropertyAtIndex): Ditto.
        (JSObjectSetPropertyAtIndex): Ditto.
        (JSObjectDeleteProperty): Ditto.
        (JSObjectCallAsFunction): Ditto.
        (JSObjectCallAsConstructor): Ditto.
        (JSObjectCopyPropertyNames): Ditto.
        (JSPropertyNameAccumulatorAddName): Ditto.
        * API/JSValueRef.cpp:
        (JSValueIsEqual): Ditto.
        (JSValueIsInstanceOfConstructor): Ditto.
        (JSValueMakeNumber): Ditto.
        (JSValueMakeString): Ditto.
        (JSValueToNumber): Ditto.
        (JSValueToStringCopy): Ditto.
        (JSValueToObject): Ditto.
        (JSValueProtect): Ditto.
        (JSValueUnprotect): Ditto.

        * kjs/ExecState.h:
        (JSC::ExecState::heap): Update to use the & operator.

        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Update to initialize a heap member
        instead of calling new to make a heap.
        (JSC::JSGlobalData::~JSGlobalData): Destroy the heap with the destroy
        function instead of the delete operator.
        * kjs/JSGlobalData.h: Change from Heap* to a Heap.
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::mark): Use the & operator here.
        (JSC::JSGlobalObject::operator new): Use heap. instead of heap-> to work
        with the heap.

2008-10-02  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Bug 21317: Replace RegisterFile size and capacity information with Register pointers
        <https://bugs.webkit.org/show_bug.cgi?id=21317>

        This is a 2.3% speedup on the V8 DeltaBlue benchmark, a 3.3% speedup on
        the V8 Raytrace benchmark, and a 1.0% speedup on SunSpider.

        * VM/Machine.cpp:
        (JSC::slideRegisterWindowForCall):
        (JSC::Machine::callEval):
        (JSC::Machine::execute):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_construct_JSConstruct):
        * VM/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):
        * VM/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::start):
        (JSC::RegisterFile::end):
        (JSC::RegisterFile::size):
        (JSC::RegisterFile::shrink):
        (JSC::RegisterFile::grow):
        (JSC::RegisterFile::lastGlobal):
        (JSC::RegisterFile::markGlobals):
        (JSC::RegisterFile::markCallFrames):
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::copyGlobalsTo):

2008-10-02  Cameron Zwarich  <zwarich (a] apple.com>

        Rubber-stamped by Darin Adler.

        Change bitwise operations introduced in r37166 to boolean operations. We
        only use bitwise operations over boolean operations for increasing
        performance in extremely hot code, but that does not apply to anything
        in the parser.

        * kjs/grammar.y:

2008-10-02  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Darin Adler.

        Fix for bug #21232 - should reset m_isPendingDash on flush,
        and should allow '\-' as beginning or end of a range (though
        not to specifiy a range itself).

        * ChangeLog:
        * wrec/CharacterClassConstructor.cpp:
        (JSC::CharacterClassConstructor::put):
        (JSC::CharacterClassConstructor::flush):
        * wrec/CharacterClassConstructor.h:
        (JSC::CharacterClassConstructor::flushBeforeEscapedHyphen):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generateDisjunction):
        (JSC::WRECParser::parseCharacterClass):
        (JSC::WRECParser::parseDisjunction):
        * wrec/WREC.h:

2008-10-02  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - remove the "static" from declarations in a header file, since we
          don't want them to have internal linkage

        * VM/Machine.h: Remove the static keyword from the constant and the
        three inline functions that Geoff just moved here.

2008-10-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=21283.
        Profiler Crashes When Started

        * VM/Machine.cpp:
        * VM/Machine.h:
        (JSC::makeHostCallFramePointer):
        (JSC::isHostCallFrame):
        (JSC::stripHostCallFrameBit): Moved some things to the header so
        JSGlobalObject could use them.

        * kjs/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): Call the
        new makeHostCallFramePointer API, since 0 no longer indicates a host
        call frame.

2008-10-02  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21304
        Stop using a static wrapper map for WebCore JS bindings

        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        (JSC::JSGlobalData::ClientData::~ClientData):
        * kjs/JSGlobalData.h:
        Added a client data member to JSGlobalData. WebCore will use it to store bindings-related
        global data.

        * JavaScriptCore.exp: Export virtual ClientData destructor.

2008-10-02  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.
        
        Try to fix Qt build.

        * kjs/Error.h:

2008-10-01  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler and Cameron Zwarich.

        Preliminary step toward dynamic recompilation: Standardized and
        simplified the parsing interface.
        
        The main goal in this patch is to make it easy to ask for a duplicate
        compilation, and get back a duplicate result -- same source URL, same
        debugger / profiler ID, same toString behavior, etc.
        
        The basic unit of compilation and evaluation is now SourceCode, which
        encompasses a SourceProvider, a range in that provider, and a starting
        line number.

        A SourceProvider now encompasses a source URL, and *is* a source ID,
        since a pointer is a unique identifier.

        * API/JSBase.cpp:
        (JSEvaluateScript):
        (JSCheckScriptSyntax): Provide a SourceCode to the Interpreter, since
        other APIs are no longer supported.
        
        * VM/CodeBlock.h:
        (JSC::EvalCodeCache::get): Provide a SourceCode to the Interpreter, since
        other APIs are no longer supported.
        (JSC::CodeBlock::CodeBlock): ASSERT something that used to be ASSERTed
        by our caller -- this is a better bottleneck.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator): Updated for the fact that
        FunctionBodyNode's parameters are no longer a WTF::Vector.

        * kjs/Arguments.cpp:
        (JSC::Arguments::Arguments): ditto

        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate): Provide a SourceCode to the Parser,
        since other APIs are no longer supported.

        * kjs/FunctionConstructor.cpp:
        (JSC::constructFunction): Provide a SourceCode to the Parser, since
        other APIs are no longer supported. Adopt FunctionBodyNode's new
        "finishParsing" API.

        * kjs/JSFunction.cpp:
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getParameterName): Updated for the fact that
        FunctionBodyNode's parameters are no longer a wtf::Vector.

        * kjs/JSFunction.h: Nixed some cruft.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval): Provide a SourceCode to the Parser, since
        other APIs are no longer supported. 

        * kjs/Parser.cpp:
        (JSC::Parser::parse): Require a SourceCode argument, instead of a bunch
        of broken out parameters. Stop tracking sourceId as an integer, since we
        use the SourceProvider pointer for this now. Don't clamp the
        startingLineNumber, since SourceCode does that now.

        * kjs/Parser.h:
        (JSC::Parser::parse): Standardized the parsing interface to require a
        SourceCode.

        * kjs/Shell.cpp:
        (functionRun):
        (functionLoad):
        (prettyPrintScript):
        (runWithScripts):
        (runInteractive): Provide a SourceCode to the Interpreter, since
        other APIs are no longer supported.

        * kjs/SourceProvider.h:
        (JSC::SourceProvider::SourceProvider):
        (JSC::SourceProvider::url):
        (JSC::SourceProvider::asId):
        (JSC::UStringSourceProvider::create):
        (JSC::UStringSourceProvider::UStringSourceProvider): Added new
        responsibilities described above.

        * kjs/SourceRange.h:
        (JSC::SourceCode::SourceCode):
        (JSC::SourceCode::toString):
        (JSC::SourceCode::provider):
        (JSC::SourceCode::firstLine):
        (JSC::SourceCode::data):
        (JSC::SourceCode::length): Added new responsibilities described above.
        Renamed SourceRange to SourceCode, based on review feedback. Added
        a makeSource function for convenience.

        * kjs/debugger.h: Provide a SourceCode to the client, since other APIs
        are no longer supported.

        * kjs/grammar.y: Provide startingLineNumber when creating a SourceCode.

        * kjs/debugger.h: Treat sourceId as intptr_t to avoid loss of precision
        on 64bit platforms.

        * kjs/interpreter.cpp:
        (JSC::Interpreter::checkSyntax):
        (JSC::Interpreter::evaluate):
        * kjs/interpreter.h: Require a SourceCode instead of broken out arguments.

        * kjs/lexer.cpp:
        (JSC::Lexer::setCode):
        * kjs/lexer.h:
        (JSC::Lexer::sourceRange): Fold together the SourceProvider and line number
        into a SourceCode. Fixed a bug where the Lexer would accidentally keep
        alive the last SourceProvider forever.

        * kjs/nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        (JSC::ProgramNode::ProgramNode):
        (JSC::ProgramNode::create):
        (JSC::EvalNode::EvalNode):
        (JSC::EvalNode::generateCode):
        (JSC::EvalNode::create):
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::finishParsing):
        (JSC::FunctionBodyNode::create):
        (JSC::FunctionBodyNode::generateCode):
        (JSC::ProgramNode::generateCode):
        (JSC::FunctionBodyNode::paramString):
        * kjs/nodes.h:
        (JSC::ScopeNode::):
        (JSC::ScopeNode::sourceId):
        (JSC::FunctionBodyNode::):
        (JSC::FunctionBodyNode::parameterCount):
        (JSC::FuncExprNode::):
        (JSC::FuncDeclNode::): Store a SourceCode in all ScopeNodes, since
        SourceCode is now responsible for tracking URL, ID, etc. Streamlined
        some ad hoc FunctionBodyNode fixups into a "finishParsing" function, to
        help make clear what you need to do in order to finish parsing a
        FunctionBodyNode.

        * wtf/Vector.h:
        (WTF::::releaseBuffer): Don't ASSERT that releaseBuffer() is only called
        when buffer is not 0, since FunctionBodyNode is more than happy
        to get back a 0 buffer, and other functions like RefPtr::release() allow
        for 0, too.

2008-10-01  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 21289: REGRESSION (r37160): Inspector crashes on load
        <https://bugs.webkit.org/show_bug.cgi?id=21289>

        The code in Arguments::mark() in r37160 was wrong. It marks indices in
        d->registers, but that makes no sense (they are local variables, not
        arguments). It should mark those indices in d->registerArray instead.

        This patch also changes Arguments::copyRegisters() to use d->numParameters
        instead of recomputing it.

        * kjs/Arguments.cpp:
        (JSC::Arguments::mark):
        * kjs/Arguments.h:
        (JSC::Arguments::copyRegisters):

2008-09-30  Darin Adler  <darin (a] apple.com>

        Reviewed by Eric Seidel.

        - https://bugs.webkit.org/show_bug.cgi?id=21214
          work on getting rid of ExecState

        Eliminate some unneeded uses of dynamicGlobalObject.

        * API/JSClassRef.cpp:
        (OpaqueJSClass::contextData): Changed to use a map in the global data instead
        of on the global object. Also fixed to use only a single hash table lookup.

        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor): Use lexicalGlobalObject rather than dynamicGlobalObject
        to get the object prototype.

        * kjs/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString): Use arrayVisitedElements set in global data rather
        than in the global object.
        (JSC::arrayProtoFuncToLocaleString): Ditto.
        (JSC::arrayProtoFuncJoin): Ditto.

        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Don't initialize opaqueJSClassData, since
        it's no longer a pointer.
        (JSC::JSGlobalData::~JSGlobalData): We still need to delete all the values, but
        we don't need to delete the map since it's no longer a pointer.

        * kjs/JSGlobalData.h: Made opaqueJSClassData a map instead of a pointer to a map.
        Also added arrayVisitedElements.

        * kjs/JSGlobalObject.h: Removed arrayVisitedElements.

        * kjs/Shell.cpp:
        (functionRun): Use lexicalGlobalObject instead of dynamicGlobalObject.
        (functionLoad): Ditto.

2008-10-01  Cameron Zwarich  <zwarich (a] apple.com>

        Not reviewed.

        Speculative Windows build fix.

        * kjs/grammar.y:

2008-10-01  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Darin Adler.

        Bug 21123: using "arguments" in a function should not force creation of an activation object
        <https://bugs.webkit.org/show_bug.cgi?id=21123>

        Make the 'arguments' object not require a JSActivation. We store the
        'arguments' object in the OptionalCalleeArguments call frame slot. We
        need to be able to get the original 'arguments' object to tear it off
        when returning from a function, but 'arguments' may be assigned to in a
        number of ways.

        Therefore, we use the OptionalCalleeArguments slot when we want to get
        the original activation or we know that 'arguments' was not assigned a
        different value. When 'arguments' may have been assigned a new value,
        we use a new local variable that is initialized with 'arguments'. Since
        a function parameter named 'arguments' may overwrite the value of
        'arguments', we also need to be careful to look up 'arguments' in the
        symbol table, so we get the parameter named 'arguments' instead of the
        local variable that we have added for holding the 'arguments' object.

        This is a 19.1% win on the V8 Raytrace benchmark using the SunSpider
        harness, and a 20.7% win using the V8 harness. This amounts to a 6.5%
        total speedup on the V8 benchmark suite using the V8 harness.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        * VM/Machine.cpp:
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::privateExecute):
        (JSC::Machine::retrieveArguments):
        (JSC::Machine::cti_op_init_arguments):
        (JSC::Machine::cti_op_ret_activation_arguments):
        * VM/Machine.h:
        * VM/RegisterFile.h:
        (JSC::RegisterFile::):
        * kjs/Arguments.cpp:
        (JSC::Arguments::mark):
        (JSC::Arguments::fillArgList):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::put):
        * kjs/Arguments.h:
        (JSC::Arguments::setRegisters):
        (JSC::Arguments::init):
        (JSC::Arguments::Arguments):
        (JSC::Arguments::copyRegisters):
        (JSC::JSActivation::copyRegisters):
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * kjs/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * kjs/grammar.y:
        * kjs/nodes.h:
        (JSC::ScopeNode::setUsesArguments):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::orl_mr):

2008-10-01  Kevin McCullough  <kmccullough (a] apple.com>

        Rubberstamped by Geoff Garen.

        Remove BreakpointCheckStatement because it's not used anymore.
        No effect on sunspider or the jsc tests.

        * kjs/nodes.cpp:
        * kjs/nodes.h:

2008-09-30  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Improve performance of CTI on windows.

        Currently on platforms where the compiler doesn't allow us to safely
        index relative to the address of a parameter we need to actually
        provide a pointer to CTI runtime call arguments.  This patch improves
        performance in this case by making the CTI logic for restoring this
        parameter much less conservative by only resetting it before we actually
        make a call, rather than between each and every SF bytecode we generate
        code for.

        This results in a 3.6% progression on the v8 benchmark when compiled with MSVC.

        * VM/CTI.cpp:
        (JSC::CTI::emitCall):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompilePutByIdTransition):
        * VM/CTI.h:
        * masm/X86Assembler.h:
        * wtf/Platform.h:

2008-09-30  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.

        - track uses of "this", "with" and "catch" in the parser
        
        Knowing this up front will be useful for future optimizations.
        
        Perf and correctness remain the same.
        
        * kjs/NodeInfo.h:
        * kjs/grammar.y:

2008-09-30  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Add WebKitAvailability macros for JSObjectMakeArray, JSObjectMakeDate, JSObjectMakeError,
        and JSObjectMakeRegExp

        * API/JSObjectRef.h:

2008-09-30  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoff Garen.

        - https://bugs.webkit.org/show_bug.cgi?id=21214
          work on getting rid of ExecState

        Replaced the m_prev field of ExecState with a bit in the
        call frame pointer to indicate "host" call frames.

        * VM/Machine.cpp:
        (JSC::makeHostCallFramePointer): Added. Sets low bit.
        (JSC::isHostCallFrame): Added. Checks low bit.
        (JSC::stripHostCallFrameBit): Added. Clears low bit.
        (JSC::Machine::unwindCallFrame): Replaced null check that was
        formerly used to detect host call frames with an isHostCallFrame check.
        (JSC::Machine::execute): Pass in a host call frame pointer rather than
        always passing 0 when starting execution from the host. This allows us
        to follow the entire call frame pointer chain when desired, or to stop
        at the host calls when that's desired.
        (JSC::Machine::privateExecute): Replaced null check that was
        formerly used to detect host call frames with an isHostCallFrame check.
        (JSC::Machine::retrieveCaller): Ditto.
        (JSC::Machine::retrieveLastCaller): Ditto.
        (JSC::Machine::callFrame): Removed the code to walk up m_prev pointers
        and replaced it with code that uses the caller pointer and uses the
        stripHostCallFrameBit function.

        * kjs/ExecState.cpp: Removed m_prev.
        * kjs/ExecState.h: Ditto.

2008-09-30  Cameron Zwarich  <zwarich (a] apple.com>

        Reviewed by Geoff Garen.

        Move all detection of 'arguments' in a lexical scope to the parser, in
        preparation for fixing

        Bug 21123: using "arguments" in a function should not force creation of an activation object
        <https://bugs.webkit.org/show_bug.cgi?id=21123>

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        * kjs/NodeInfo.h:
        * kjs/grammar.y:

2008-09-30  Geoffrey Garen  <ggaren (a] apple.com>

        Not reviewed.

        * kjs/Shell.cpp:
        (runWithScripts): Fixed indentation.

2008-09-30  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Sam Weinig.

        Build fix.  Move InternalFunction::classInfo implementation into the .cpp
        file to prevent the vtable for InternalFunction being generated as a weak symbol.
        Has no effect on SunSpider.

        * kjs/InternalFunction.cpp:
        (JSC::InternalFunction::classInfo):
        * kjs/InternalFunction.h:

2008-09-29  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Darin Adler.
        
        - optimize appending a number to a string
        https://bugs.webkit.org/show_bug.cgi?id=21203
        
        It's pretty common in real-world code (and on some of the v8
        benchmarks) to append a number to a string, so I made this one of
        the fast cases, and also added support to UString to do it
        directly without allocating a temporary UString.
        
        ~1% speedup on v8 benchmark.

        * VM/Machine.cpp:
        (JSC::jsAddSlowCase): Make this NEVER_INLINE because somehow otherwise
        the change is a regression.
        (JSC::jsAdd): Handle number + string special case.
        (JSC::Machine::cti_op_add): Integrate much of the logic of jsAdd to
        avoid exception check in the str + str, num + num and str + num cases.
        * kjs/ustring.cpp:
        (JSC::expandedSize): Make this a non-member function, since it needs to be 
        called in non-member functions but not outside this file.
        (JSC::expandCapacity): Ditto.
        (JSC::UString::expandCapacity): Call the non-member version. 
        (JSC::createRep): Helper to make a rep from a char*.
        (JSC::UString::UString): Use above helper.
        (JSC::concatenate): Guts of concatenating constructor for cases where first
        item is a UString::Rep, and second is a UChar* and length, or a char*.
        (JSC::UString::append): Implement for cases where first item is a UString::Rep,
        and second is an int or double. Sadly duplicates logic of UString::from(int)
        and UString::from(double).
        * kjs/ustring.h:

2008-09-29  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - https://bugs.webkit.org/show_bug.cgi?id=21214
          work on getting rid of ExecState

        * JavaScriptCore.exp: Updated since JSGlobalObject::init
        no longer takes a parameter.

        * VM/Machine.cpp:
        (JSC::Machine::execute): Removed m_registerFile argument
        for ExecState constructors.

        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate): Removed globalThisValue
        argument for ExecState constructor.

        * kjs/ExecState.cpp:
        (JSC::ExecState::ExecState): Removed globalThisValue and
        registerFile arguments to constructors.

        * kjs/ExecState.h: Removed m_globalThisValue and
        m_registerFile data members.

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init): Removed globalThisValue
        argument for ExecState constructor.

        * kjs/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObject): Got rid of parameter
        for the init function.

2008-09-29  Geoffrey Garen  <ggaren (a] apple.com>

        Rubber-stamped by Cameron Zwarich.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=21225
        Machine::retrieveLastCaller should check for a NULL codeBlock
        
        In order to crash, you would need to call retrieveCaller in a situation
        where you had two host call frames in a row in the register file. I
        don't know how to make that happen, or if it's even possible, so I don't
        have a test case -- but better safe than sorry!

        * VM/Machine.cpp:
        (JSC::Machine::retrieveLastCaller):

2008-09-29  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Store the callee ScopeChain, not the caller ScopeChain, in the call frame
        header. Nix the "scopeChain" local variable and ExecState::m_scopeChain, and
        access the callee ScopeChain through the call frame header instead.

        Profit: call + return are simpler, because they don't have to update the
        "scopeChain" local variable, or ExecState::m_scopeChain.
        
        Because CTI keeps "r" in a register, reading the callee ScopeChain relative
        to "r" can be very fast, in any cases we care to optimize.

        0% speedup on empty function call benchmark. (5.5% speedup in bytecode.)
        0% speedup on SunSpider. (7.5% speedup on controlflow-recursive.)
        2% speedup on SunSpider --v8.
        2% speedup on v8 benchmark.

        * VM/CTI.cpp: Changed scope chain access to read the scope chain from
        the call frame header. Sped up op_ret by changing it not to fuss with
        the "scopeChain" local variable or ExecState::m_scopeChain.

        * VM/CTI.h: Updated CTI trampolines not to take a ScopeChainNode*
        argument, since that's stored in the call frame header now.

        * VM/Machine.cpp: Access "scopeChain" and "codeBlock" through new helper
        functions that read from the call frame header. Updated functions operating
        on ExecState::m_callFrame to account for / take advantage of the fact that
        Exec:m_callFrame is now never NULL.
        
        Fixed a bug in op_construct, where it would use the caller's default
        object prototype, rather than the callee's, when constructing a new object.

        * VM/Machine.h: Made some helper functions available. Removed
        ScopeChainNode* arguments to a lot of functions, since the ScopeChainNode*
        is now stored in the call frame header.

        * VM/RegisterFile.h: Renamed "CallerScopeChain" to "ScopeChain", since
        that's what it is now.

        * kjs/DebuggerCallFrame.cpp: Updated for change to ExecState signature.

        * kjs/ExecState.cpp:
        * kjs/ExecState.h: Nixed ExecState::m_callFrame, along with the unused
        isGlobalObject function.

        * kjs/JSGlobalObject.cpp:
        * kjs/JSGlobalObject.h: Gave the global object a fake call frame in
        which to store the global scope chain, since our code now assumes that
        it can always read the scope chain out of the ExecState's call frame.

2008-09-29  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Sam Weinig.

        Remove the isActivationObject() virtual method on JSObject and use
        StructureID information instead. This should be slightly faster, but
        isActivationObject() is only used in assertions and unwinding the stack
        for exceptions.

        * VM/Machine.cpp:
        (JSC::depth):
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_ret_activation):
        * kjs/JSActivation.cpp:
        * kjs/JSActivation.h:
        * kjs/JSObject.h:

2008-09-29  Peter Gal  <galpeter (a] inf.u-szeged.hu>

        Reviewed and tweaked by Darin Adler.

        Fix build for non-all-in-one platforms.

        * kjs/StringPrototype.cpp: Added missing ASCIICType.h include.

2008-09-29  Bradley T. Hughes  <bradley.hughes (a] nokia.com>

        Reviewed by Simon Hausmann.

        Fix compilation with icpc

        * wtf/HashSet.h:
        (WTF::::find):
        (WTF::::contains):

2008-09-29  Thiago Macieira  <thiago.macieira (a] nokia.com>

        Reviewed by Simon Hausmann.

        Changed copyright from Trolltech ASA to Nokia.
        
        Nokia acquired Trolltech ASA, assets were transferred on September 26th 2008.
        

        * wtf/qt/MainThreadQt.cpp:

2008-09-29  Simon Hausmann  <hausmann (a] webkit.org>

        Reviewed by Lars Knoll.

        Don't accidentially install libJavaScriptCore.a for the build inside
        Qt.

        * JavaScriptCore.pro:

2008-09-28  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 21200: Allow direct access to 'arguments' without using op_resolve
        <https://bugs.webkit.org/show_bug.cgi?id=21200>

        Allow fast access to the 'arguments' object by adding an extra slot to
        the callframe to store it.

        This is a 3.0% speedup on the V8 Raytrace benchmark.

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::registerFor):
        * VM/CodeGenerator.h:
        (JSC::CodeGenerator::registerFor):
        * VM/Machine.cpp:
        (JSC::Machine::initializeCallFrame):
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::privateExecute):
        (JSC::Machine::retrieveArguments):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_create_arguments):
        (JSC::Machine::cti_op_construct_JSConstruct):
        * VM/Machine.h:
        * VM/Opcode.h:
        * VM/RegisterFile.h:
        (JSC::RegisterFile::):
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::mark):
        (JSC::JSActivation::argumentsGetter):
        * kjs/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * kjs/NodeInfo.h:
        * kjs/Parser.cpp:
        (JSC::Parser::didFinishParsing):
        * kjs/Parser.h:
        (JSC::Parser::parse):
        * kjs/grammar.y:
        * kjs/nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        (JSC::ProgramNode::ProgramNode):
        (JSC::ProgramNode::create):
        (JSC::EvalNode::EvalNode):
        (JSC::EvalNode::create):
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::create):
        * kjs/nodes.h:
        (JSC::ScopeNode::usesArguments):

2008-09-28  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Add an ASCII fast-path to toLowerCase and toUpperCase.

        The fast path speeds up the common case of an ASCII-only string by up to 60% while adding a less than 5% penalty
        to the less common non-ASCII case.

        This also removes stringProtoFuncToLocaleLowerCase and stringProtoFuncToLocaleUpperCase, which were identical
        to the non-locale variants of the functions.  toLocaleLowerCase and toLocaleUpperCase now use the non-locale
        variants of the functions directly.

        * kjs/StringPrototype.cpp:
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):

2008-09-28  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Cameron Zwarich.

        Speed up parseInt and parseFloat.

        Repeatedly indexing into a UString is slow, so retrieve a pointer into the underlying buffer once up front
        and use that instead.  This is a 7% win on a parseInt/parseFloat micro-benchmark.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::parseInt):
        (JSC::parseFloat):

2008-09-28  Simon Hausmann  <hausmann (a] webkit.org>

        Reviewed by David Hyatt.

        In Qt's initializeThreading re-use an existing thread identifier for the main
        thread if it exists.

        currentThread() implicitly creates new identifiers and it could be that
        it is called before initializeThreading().

        * wtf/ThreadingQt.cpp:
        (WTF::initializeThreading):

2008-09-27  Keishi Hattori  <casey.hattori (a] gmail.com>

        Added Machine::retrieveCaller to the export list.

        Reviewed by Kevin McCullough and Tim Hatcher.

        * JavaScriptCore.exp: Added Machine::retrieveCaller.

2008-09-27  Anders Carlsson  <andersca (a] apple.com>

        Fix build.

        * VM/CTI.cpp:
        (JSC::):

2008-09-27  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        https://bugs.webkit.org/show_bug.cgi?id=21175

        Store the callee CodeBlock, not the caller CodeBlock, in the call frame
        header. Nix the "codeBlock" local variable, and access the callee
        CodeBlock through the call frame header instead.
        
        Profit: call + return are simpler, because they don't have to update the
        "codeBlock" local variable.
        
        Because CTI keeps "r" in a register, reading the callee CodeBlock relative
        to "r" can be very fast, in any cases we care to optimize. Presently,
        no such cases seem important.
        
        Also, stop writing "dst" to the call frame header. CTI doesn't use it.
        
        21.6% speedup on empty function call benchmark.
        3.8% speedup on SunSpider --v8.
        2.1% speedup on v8 benchmark.
        0.7% speedup on SunSpider (6% speedup on controlflow-recursive).
        
        Small regression in bytecode, because currently every op_ret reads the
        callee CodeBlock to check needsFullScopeChain, and bytecode does not
        keep "r" in a register. On-balance, this is probably OK, since CTI is
        our high-performance execution model. Also, this should go away once
        we make needsFullScopeChain statically determinable at parse time.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall): The speedup!
        (JSC::CTI::privateCompileSlowCases): ditto

        * VM/CTI.h:
        (JSC::): Fixed up magic trampoline constants to account for the nixed
        "codeBlock" argument.
        (JSC::CTI::execute): Changed trampoline function not to take a "codeBlock"
        argument, since codeBlock is now stored in the call frame header.
        
        * VM/Machine.cpp: Read the callee CodeBlock from the register file. Use
        a NULL CallerRegisters in the call frame header to signal a built-in
        caller, since CodeBlock is now never NULL.

        * VM/Machine.h: Made some stand-alone functions Machine member functions
        so they could call the private codeBlock() accessor in the Register
        class, of which Machine is a friend. Renamed "CallerCodeBlock" to
        "CodeBlock", since it's no longer the caller's CodeBlock.

        * VM/RegisterFile.h: Marked some methods const to accommodate a 
        const RegisterFile* being passed around in Machine.cpp.

2008-09-26  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Gtk build fix. Not reviewed.

        Narrow-down the target of the JavaScriptCore .lut.h generator so
        it won't try to create the WebCore .lut.hs.

        * GNUmakefile.am:

2008-09-26  Matt Lilek  <webkit (a] mattlilek.com>

        Reviewed by Tim Hatcher.

        Update FEATURE_DEFINES after ENABLE_CROSS_DOCUMENT_MESSAGING was removed.

        * Configurations/JavaScriptCore.xcconfig:

2008-09-26  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Anders Carlson.

        Change the name 'sc' to 'scopeChainNode' in a few places.

        * kjs/nodes.cpp:
        (JSC::EvalNode::generateCode):
        (JSC::FunctionBodyNode::generateCode):
        (JSC::ProgramNode::generateCode):

2008-09-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=21152
        Speedup static property get/put

        Convert getting/setting static property values to use static functions
        instead of storing an integer and switching in getValueProperty/putValueProperty.

        * kjs/JSObject.cpp:
        (JSC::JSObject::deleteProperty):
        (JSC::JSObject::getPropertyAttributes):
        * kjs/MathObject.cpp:
        (JSC::MathObject::getOwnPropertySlot):
        * kjs/NumberConstructor.cpp:
        (JSC::numberConstructorNaNValue):
        (JSC::numberConstructorNegInfinity):
        (JSC::numberConstructorPosInfinity):
        (JSC::numberConstructorMaxValue):
        (JSC::numberConstructorMinValue):
        * kjs/PropertySlot.h:
        (JSC::PropertySlot::):
        * kjs/RegExpConstructor.cpp:
        (JSC::regExpConstructorDollar1):
        (JSC::regExpConstructorDollar2):
        (JSC::regExpConstructorDollar3):
        (JSC::regExpConstructorDollar4):
        (JSC::regExpConstructorDollar5):
        (JSC::regExpConstructorDollar6):
        (JSC::regExpConstructorDollar7):
        (JSC::regExpConstructorDollar8):
        (JSC::regExpConstructorDollar9):
        (JSC::regExpConstructorInput):
        (JSC::regExpConstructorMultiline):
        (JSC::regExpConstructorLastMatch):
        (JSC::regExpConstructorLastParen):
        (JSC::regExpConstructorLeftContext):
        (JSC::regExpConstructorRightContext):
        (JSC::setRegExpConstructorInput):
        (JSC::setRegExpConstructorMultiline):
        (JSC::RegExpConstructor::setInput):
        (JSC::RegExpConstructor::setMultiline):
        (JSC::RegExpConstructor::multiline):
        * kjs/RegExpConstructor.h:
        * kjs/RegExpObject.cpp:
        (JSC::regExpObjectGlobal):
        (JSC::regExpObjectIgnoreCase):
        (JSC::regExpObjectMultiline):
        (JSC::regExpObjectSource):
        (JSC::regExpObjectLastIndex):
        (JSC::setRegExpObjectLastIndex):
        * kjs/RegExpObject.h:
        (JSC::RegExpObject::setLastIndex):
        (JSC::RegExpObject::lastIndex):
        (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
        * kjs/StructureID.cpp:
        (JSC::StructureID::getEnumerablePropertyNames):
        * kjs/create_hash_table:
        * kjs/lexer.cpp:
        (JSC::Lexer::lex):
        * kjs/lookup.cpp:
        (JSC::HashTable::createTable):
        (JSC::HashTable::deleteTable):
        (JSC::setUpStaticFunctionSlot):
        * kjs/lookup.h:
        (JSC::HashEntry::initialize):
        (JSC::HashEntry::setKey):
        (JSC::HashEntry::key):
        (JSC::HashEntry::attributes):
        (JSC::HashEntry::function):
        (JSC::HashEntry::functionLength):
        (JSC::HashEntry::propertyGetter):
        (JSC::HashEntry::propertyPutter):
        (JSC::HashEntry::lexerValue):
        (JSC::HashEntry::):
        (JSC::HashTable::entry):
        (JSC::getStaticPropertySlot):
        (JSC::getStaticValueSlot):
        (JSC::lookupPut):

2008-09-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak & Oliver Hunt.

        Add support for reusing temporary JSNumberCells.  This change is based on the observation
        that if the result of certain operations is a JSNumberCell and is consumed by a subsequent
        operation that would produce a JSNumberCell, we can reuse the object rather than allocating
        a fresh one.  E.g. given the expression ((a * b) * c), we can statically determine that
        (a * b) will have a numeric result (or else it will have thrown an exception), so the result
        will either be a JSNumberCell or a JSImmediate.

        This patch changes three areas of JSC:
            * The AST now tracks type information about the result of each node.
            * This information is consumed in bytecode compilation, and certain bytecode operations
              now carry the statically determined type information about their operands.
            * CTI uses the information in a number of fashions:
                * Where an operand to certain arithmetic operations is reusable, it will plant code
                  to try to perform the operation in JIT code & reuse the cell, where appropriate.
                * Where it can be statically determined that an operand can only be numeric (typically
                  the result of another arithmetic operation) the code will not redundantly check that
                  the JSCell is a JSNumberCell.
                * Where either of the operands to an add are non-numeric do not plant an optimized
                  arithmetic code path, just call straight out to the C function.

        +6% Sunspider (10% progression on 3D, 16% progression on math, 60% progression on access-nbody),
        +1% v8-tests (improvements in raytrace & crypto)

        * VM/CTI.cpp: Add optimized code generation with reuse of temporary JSNumberCells.
        * VM/CTI.h:
        * kjs/JSNumberCell.h:
        * masm/X86Assembler.h:

        * VM/CodeBlock.cpp: Add type information to specific bytecodes.
        * VM/CodeGenerator.cpp:
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:

        * kjs/nodes.cpp: Track static type information for nodes.
        * kjs/nodes.h:
        * kjs/ResultDescriptor.h: (Added)
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-09-26  Yichao Yin  <yichao.yin (a] torchmobile.com.cn>

        Reviewed by George Staikos, Maciej Stachowiak.

        Add utility functions needed for upcoming WML code.

        * wtf/ASCIICType.h:
        (WTF::isASCIIPrintable):

2008-09-26  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Reverted the part of r36614 that used static data because static data
        is not thread-safe.

2008-09-26  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Removed dynamic check for whether the callee needs an activation object.
        Replaced with callee code to create the activation object.

        0.5% speedup on SunSpider.
        No change on v8 benchmark. (Might be a speedup, but it's in range of the
        variance.)

        0.7% speedup on v8 benchmark in bytecode.
        1.3% speedup on empty call benchmark in bytecode.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass): Added support for op_init_activation,
        the new opcode that specifies that the callee's initialization should
        create an activation object.
        (JSC::CTI::privateCompile): Removed previous code that did a similar
        thing in an ad-hoc way.

        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Added a case for dumping op_init_activation.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::generate): Added fixup code to change op_init to
        op_init_activation if necessary. (With a better parser, we would know
        which to use from the beginning.)

        * VM/Instruction.h:
        (JSC::Instruction::Instruction):
        (WTF::): Faster traits for the instruction vector. An earlier version
        of this patch relied on inserting at the beginning of the vector, and
        depended on this change for speed.

        * VM/Machine.cpp:
        (JSC::Machine::execute): Removed clients of setScopeChain, the old
        abstraction for dynamically checking for whether an activation object
        needed to be created.
        (JSC::Machine::privateExecute): ditto

        (JSC::Machine::cti_op_push_activation): Renamed this function from
        cti_vm_updateScopeChain, and made it faster by removing the call to 
        setScopeChain.
        * VM/Machine.h:

        * VM/Opcode.h: Declared op_init_activation.

2008-09-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Move most of the return code back into the callee, now that the callee
        doesn't have to calculate anything dynamically.
        
        11.5% speedup on empty function call benchmark.
        
        SunSpider says 0.3% faster. SunSpider --v8 says no change.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):

2008-09-24  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak.

        Remove staticFunctionGetter.  There is only one remaining user of
        staticFunctionGetter and it can be converted to use setUpStaticFunctionSlot.

        * JavaScriptCore.exp:
        * kjs/lookup.cpp:
        * kjs/lookup.h:

2008-09-24  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - inline JIT fast case of op_neq
        - remove extra level of function call indirection from slow cases of eq and neq
        
        1% speedup on Richards

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_eq):
        (JSC::Machine::cti_op_neq):
        * kjs/operations.cpp:
        (JSC::equal):
        (JSC::equalSlowCase):
        * kjs/operations.h:
        (JSC::equalSlowCaseInline):

2008-09-24  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=21080
        <rdar://problem/6243534>
        Crash below Function.apply when using a runtime array as the argument list

        Test: plugins/bindings-array-apply-crash.html

        * kjs/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply): Revert to the slow case if the object inherits from 
        JSArray (via ClassInfo) but is not a JSArray.

2008-09-24  Kevin McCullough  <kmccullough (a] apple.com>

        Style change.

        * kjs/nodes.cpp:
        (JSC::statementListEmitCode):

2008-09-24  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Geoff.

        Bug 21031: Breakpoints in the condition of loops only breaks the first
        time
        - Now when setting breakpoints in the condition of a loop (for, while,
        for in, and do while) will successfully break each time throught the
        loop.
        - For 'for' loops we need a little more complicated behavior that cannot
        be accomplished without some more significant changes:
        https://bugs.webkit.org/show_bug.cgi?id=21073

        * kjs/nodes.cpp:
        (JSC::statementListEmitCode): We don't want to blindly emit a debug hook
        at the first line of loops, instead let the loop emit the debug hooks.
        (JSC::DoWhileNode::emitCode):
        (JSC::WhileNode::emitCode):
        (JSC::ForNode::emitCode):
        (JSC::ForInNode::emitCode):
        * kjs/nodes.h:
        (JSC::StatementNode::):
        (JSC::DoWhileNode::):
        (JSC::WhileNode::):
        (JSC::ForInNode::):

2008-09-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Fixed <rdar://problem/5605532> Need a SPI for telling JS the size of
        the objects it retains

        * API/tests/testapi.c: Test the new SPI a little.

        * API/JSSPI.cpp: Add the new SPI.
        * API/JSSPI.h: Add the new SPI.
        * JavaScriptCore.exp: Add the new SPI.
        * JavaScriptCore.xcodeproj/project.pbxproj: Add the new SPI.

2008-09-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.

        * API/JSBase.h: Filled in some missing function names.

2008-09-24  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=21057
        Crash in RegisterID::deref() running fast/canvas/canvas-putImageData.html

        * VM/CodeGenerator.h: Changed declaration order to ensure the
        m_lastConstant, which is a RefPtr that points into m_calleeRegisters,
        has its destructor called before the destructor for m_calleeRegisters.

2008-09-24  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - https://bugs.webkit.org/show_bug.cgi?id=21047
          speed up ret_activation with inlining

        About 1% on v8-raytrace.

        * JavaScriptCore.exp: Removed JSVariableObject::setRegisters.

        * kjs/JSActivation.cpp: Moved copyRegisters to the header to make it inline.
        * kjs/JSActivation.h:
        (JSC::JSActivation::copyRegisters): Moved here. Also removed the registerArraySize
        argument to setRegisters, since the object doesn't need to store the number of
        registers.

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset): Removed unnecessary clearing left over from when we
        used this on objects that weren't brand new. These days, this function is really
        just part of the constructor.

        * kjs/JSGlobalObject.h: Added registerArraySize to JSGlobalObjectData, since
        JSVariableObjectData no longer needs it. Added a setRegisters override here
        that handles storing the size.

        * kjs/JSStaticScopeObject.h: Removed code to set registerArraySize, since it
        no longer exists.

        * kjs/JSVariableObject.cpp: Moved copyRegisterArray and setRegisters to the
        header to make them inline.
        * kjs/JSVariableObject.h: Removed registerArraySize from JSVariableObjectData,
        since it was only used for the global object.
        (JSC::JSVariableObject::copyRegisterArray): Moved here ot make it inline.
        (JSC::JSVariableObject::setRegisters): Moved here to make it inline. Also
        removed the code to set registerArraySize and changed an if statement into
        an assert to save an unnnecessary branch.

2008-09-24  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver Hunt.
        
        - inline PropertyMap::getOffset to speed up polymorphic lookups
        
        ~1.5% speedup on v8 benchmark
        no effect on SunSpider

        * JavaScriptCore.exp:
        * kjs/PropertyMap.cpp:
        * kjs/PropertyMap.h:
        (JSC::PropertyMap::getOffset):

2008-09-24  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Reviewed by Alp Toker.

        https://bugs.webkit.org/show_bug.cgi?id=20992
        Build fails on GTK+ Mac OS

        * wtf/ThreadingGtk.cpp: Remove platform ifdef as suggested by
          Richard Hult.
        (WTF::initializeThreading):

2008-09-23  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 19968: Slow Script at www.huffingtonpost.com
        <https://bugs.webkit.org/show_bug.cgi?id=19968>

        Finally found the cause of this accursed issue.  It is triggered
        by synchronous creation of a new global object from JS.  The new
        global object resets the timer state in this execution group's
        Machine, taking timerCheckCount to 0.  Then when JS returns the
        timerCheckCount is decremented making it non-zero.  The next time
        we execute JS we will start the timeout counter, however the non-zero
        timeoutCheckCount means we don't reset the timer information. This
        means that the timeout check is now checking the cumulative time
        since the creation of the global object rather than the time since
        JS was last entered.  At this point the slow script dialog is guaranteed
        to eventually be displayed incorrectly unless a page is loaded
        asynchronously (which will reset everything into a sane state).

        The fix for this is rather trivial -- the JSGlobalObject constructor
        should not be resetting the machine timer state.

        * VM/Machine.cpp:
        (JSC::Machine::Machine):
          Now that we can't rely on the GlobalObject initialising the timeout
          state, we do it in the Machine constructor.

        * VM/Machine.h:
        (JSC::Machine::stopTimeoutCheck):
          Add assertions to guard against this happening.

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init):
          Don't reset the timeout state.

2008-09-23  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Fixed https://bugs.webkit.org/show_bug.cgi?id=21038 | <rdar://problem/6240812>
        Uncaught exceptions in regex replace callbacks crash webkit
        
        This was a combination of two problems:
        
        (1) the replace function would continue execution after an exception
        had been thrown.
        
        (2) In some cases, the Machine would return 0 in the case of an exception,
        despite the fact that a few clients dereference the Machine's return
        value without first checking for an exception.
        
        * VM/Machine.cpp:
        (JSC::Machine::execute):
        
        ^ Return jsNull() instead of 0 in the case of an exception, since some
        clients depend on using our return value.
        
        ^ ASSERT that execution does not continue after an exception has been
        thrown, to help catch problems like this in the future.

        * kjs/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        
        ^ Stop execution if an exception has been thrown.

2008-09-23  Geoffrey Garen  <ggaren (a] apple.com>

        Try to fix the windows build.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):

2008-09-23  Alp Toker  <alp (a] nuanti.com>

        Build fix.

        * VM/CTI.h:

2008-09-23  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.

        * wtf/Platform.h: Removed duplicate #if.

2008-09-23  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Changed the layout of the call frame from
        
        { header, parameters, locals | constants, temporaries }
        
        to
        
        { parameters, header | locals, constants, temporaries }
        
        This simplifies function entry+exit, and enables a number of future
        optimizations.
        
        13.5% speedup on empty call benchmark for bytecode; 23.6% speedup on
        empty call benchmark for CTI.
        
        SunSpider says no change. SunSpider --v8 says 1% faster.

        * VM/CTI.cpp:
        
        Added a bit of abstraction for calculating whether a register is a
        constant, since this patch changes that calculation:
        (JSC::CTI::isConstant):
        (JSC::CTI::getConstant):
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::getConstantImmediateNumericArg):

        Updated for changes to callframe header location:
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::printOpcodeOperandTypes):
        
        Renamed to spite Oliver:
        (JSC::CTI::emitInitRegister):
        
        Added an abstraction for emitting a call through a register, so that
        calls through registers generate exception info, too:
        (JSC::CTI::emitCall):

        Updated to match the new callframe header layout, and to support calls
        through registers, which have no destination address:
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):

        * VM/CTI.h:

        More of the above:
        (JSC::CallRecord::CallRecord):

        * VM/CodeBlock.cpp:

        Updated for new register layout:
        (JSC::registerName):
        (JSC::CodeBlock::dump):

        * VM/CodeBlock.h:
        
        Updated CodeBlock to track slightly different information about the
        register frame, and tweaked the style of an ASSERT_NOT_REACHED.
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::getStubInfo):

        * VM/CodeGenerator.cpp:
        
        Added some abstraction around constant register allocation, since this
        patch changes it, changed codegen to account for the new callframe
        layout, and added abstraction around register fetching code
        that used to assume that all local registers lived at negative indices,
        since vars now live at positive indices:
        (JSC::CodeGenerator::generate):
        (JSC::CodeGenerator::addVar):
        (JSC::CodeGenerator::addGlobalVar):
        (JSC::CodeGenerator::allocateConstants):
        (JSC::CodeGenerator::CodeGenerator):
        (JSC::CodeGenerator::addParameter):
        (JSC::CodeGenerator::registerFor):
        (JSC::CodeGenerator::constRegisterFor):
        (JSC::CodeGenerator::newRegister):
        (JSC::CodeGenerator::newTemporary):
        (JSC::CodeGenerator::highestUsedRegister):
        (JSC::CodeGenerator::addConstant):
        
        ASSERT that our caller referenced the registers it passed to us.
        Otherwise, we might overwrite them with parameters:
        (JSC::CodeGenerator::emitCall):
        (JSC::CodeGenerator::emitConstruct):

        * VM/CodeGenerator.h:
        
        Added some abstraction for getting a RegisterID for a given index,
        since the rules are a little weird:
        (JSC::CodeGenerator::registerFor):

        * VM/Machine.cpp:

        Utility function to transform a machine return PC to a virtual machine
        return VPC, for the sake of stack unwinding, since both PCs are stored
        in the same location now:
        (JSC::vPCForPC):

        Tweaked to account for new call frame:
        (JSC::Machine::initializeCallFrame):
        
        Tweaked to account for registerOffset supplied by caller:
        (JSC::slideRegisterWindowForCall):

        Tweaked to account for new register layout:
        (JSC::scopeChainForCall):
        (JSC::Machine::callEval):
        (JSC::Machine::dumpRegisters):
        (JSC::Machine::unwindCallFrame):
        (JSC::Machine::execute):

        Changed op_call and op_construct to implement the new calling convention:
        (JSC::Machine::privateExecute):

        Tweaked to account for the new register layout:
        (JSC::Machine::retrieveArguments):
        (JSC::Machine::retrieveCaller):
        (JSC::Machine::retrieveLastCaller):
        (JSC::Machine::callFrame):
        (JSC::Machine::getArgumentsData):

        Changed CTI call helpers to implement the new calling convention:
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_call_NotJSFunction):
        (JSC::Machine::cti_op_ret_activation):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_construct_JSConstruct):
        (JSC::Machine::cti_op_construct_NotJSConstruct):
        (JSC::Machine::cti_op_call_eval):

        * VM/Machine.h:

        * VM/Opcode.h:
        
        Renamed op_initialise_locals to op_init, because this opcode
        doesn't initialize all locals, and it doesn't initialize only locals.
        Also, to spite Oliver.
        
        * VM/RegisterFile.h:
        
        New call frame enumeration values:
        (JSC::RegisterFile::):

        Simplified the calculation of whether a RegisterID is a temporary,
        since we can no longer assume that all positive non-constant registers
        are temporaries:
        * VM/RegisterID.h:
        (JSC::RegisterID::RegisterID):
        (JSC::RegisterID::setTemporary):
        (JSC::RegisterID::isTemporary):

        Renamed firstArgumentIndex to firstParameterIndex because the assumption
        that this variable pertained to the actual arguments supplied by the
        caller caused me to write some buggy code:
        * kjs/Arguments.cpp:
        (JSC::ArgumentsData::ArgumentsData):
        (JSC::Arguments::Arguments):
        (JSC::Arguments::fillArgList):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::put):

        Updated for new call frame layout:
        * kjs/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName):
        (JSC::DebuggerCallFrame::type):
        * kjs/DebuggerCallFrame.h:

        Changed the activation object to account for the fact that a call frame
        header now sits between parameters and local variables. This change
        requires all variable objects to do their own marking, since they
        now use their register storage differently:
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::mark):
        (JSC::JSActivation::copyRegisters):
        (JSC::JSActivation::createArgumentsObject):
        * kjs/JSActivation.h:

        Updated global object to use the new interfaces required by the change
        to JSActivation above:
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::mark):
        (JSC::JSGlobalObject::copyGlobalsFrom):
        (JSC::JSGlobalObject::copyGlobalsTo):
        * kjs/JSGlobalObject.h:
        (JSC::JSGlobalObject::addStaticGlobals):

        Updated static scope object to use the new interfaces required by the 
        change to JSActivation above:
        * kjs/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::mark):
        (JSC::JSStaticScopeObject::~JSStaticScopeObject):
        * kjs/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::JSStaticScopeObject):
        (JSC::JSStaticScopeObject::d):

        Updated variable object to use the new interfaces required by the 
        change to JSActivation above:
        * kjs/JSVariableObject.cpp:
        (JSC::JSVariableObject::copyRegisterArray):
        (JSC::JSVariableObject::setRegisters):
        * kjs/JSVariableObject.h:

        Changed the bit twiddling in symbol table not to assume that all indices
        are negative, since they can be positive now:
        * kjs/SymbolTable.h:
        (JSC::SymbolTableEntry::SymbolTableEntry):
        (JSC::SymbolTableEntry::isNull):
        (JSC::SymbolTableEntry::getIndex):
        (JSC::SymbolTableEntry::getAttributes):
        (JSC::SymbolTableEntry::setAttributes):
        (JSC::SymbolTableEntry::isReadOnly):
        (JSC::SymbolTableEntry::pack):
        (JSC::SymbolTableEntry::isValidIndex):

        Changed call and construct nodes to ref their functions and/or bases,
        so that emitCall/emitConstruct doesn't overwrite them with parameters.
        Also, updated for rename to registerFor:
        * kjs/nodes.cpp:
        (JSC::ResolveNode::emitCode):
        (JSC::NewExprNode::emitCode):
        (JSC::EvalFunctionCallNode::emitCode):
        (JSC::FunctionCallValueNode::emitCode):
        (JSC::FunctionCallResolveNode::emitCode):
        (JSC::FunctionCallBracketNode::emitCode):
        (JSC::FunctionCallDotNode::emitCode):
        (JSC::PostfixResolveNode::emitCode):
        (JSC::DeleteResolveNode::emitCode):
        (JSC::TypeOfResolveNode::emitCode):
        (JSC::PrefixResolveNode::emitCode):
        (JSC::ReadModifyResolveNode::emitCode):
        (JSC::AssignResolveNode::emitCode):
        (JSC::ConstDeclNode::emitCodeSingle):
        (JSC::ForInNode::emitCode):

        Added abstraction for getting exception info out of a call through a
        register:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitCall):
        
        Removed duplicate #if:
        * wtf/Platform.h:

2008-09-23  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Darin.

        Bug 21030: The JS debugger breaks on the do of a do-while not the while
        (where the conditional statement is)
        https://bugs.webkit.org/show_bug.cgi?id=21030
        Now the statementListEmitCode detects if a do-while node is being
        emited and emits the debug hook on the last line instead of the first.

        This change had no effect on sunspider.

        * kjs/nodes.cpp:
        (JSC::statementListEmitCode):
        * kjs/nodes.h:
        (JSC::StatementNode::isDoWhile):
        (JSC::DoWhileNode::isDoWhile):

2008-09-23  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.

        - inline the fast case of instanceof
        https://bugs.webkit.org/show_bug.cgi?id=20818

        ~2% speedup on EarleyBoyer test.
        
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_instanceof):

2008-09-23  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - add forgotten slow case logic for !==

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileSlowCases):

2008-09-23  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.

        - inline the fast cases of !==, same as for ===
        
        2.9% speedup on EarleyBoyer benchmark

        * VM/CTI.cpp:
        (JSC::CTI::compileOpStrictEq): Factored stricteq codegen into this function,
        and parameterized so it can do the reverse version as well.
        (JSC::CTI::privateCompileMainPass): Use the above for stricteq and nstricteq.
        * VM/CTI.h:
        (JSC::CTI::): Declare above stuff.
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_nstricteq): Removed fast cases, now handled inline.

2008-09-23  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20989: Aguments constructor should put 'callee' and 'length' properties in a more efficient way
        <https://bugs.webkit.org/show_bug.cgi?id=20989>

        Make special cases for the 'callee' and 'length' properties in the
        Arguments object.

        This is somewhere between a 7.8% speedup and a 10% speedup on the V8
        Raytrace benchmark, depending on whether it is run alone or with the
        other V8 benchmarks.

        * kjs/Arguments.cpp:
        (JSC::ArgumentsData::ArgumentsData):
        (JSC::Arguments::Arguments):
        (JSC::Arguments::mark):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::put):
        (JSC::Arguments::deleteProperty):

2008-09-23  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Darin.

        - speed up instanceof some more
        https://bugs.webkit.org/show_bug.cgi?id=20818
        
        ~2% speedup on EarleyBoyer

        The idea here is to record in the StructureID whether the class
        needs a special hasInstance or if it can use the normal logic from
        JSObject. 
        
        Based on this I inlined the real work directly into
        cti_op_instanceof and put the fastest checks up front and the
        error handling at the end (so it should be fairly straightforward
        to split off the beginning to be inlined if desired).

        I only did this for CTI, not the bytecode interpreter.
        
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructureID):
        * ChangeLog:
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_instanceof):
        * kjs/JSImmediate.h:
        (JSC::JSImmediate::isAnyImmediate):
        * kjs/TypeInfo.h:
        (JSC::TypeInfo::overridesHasInstance):
        (JSC::TypeInfo::flags):

2008-09-22  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - https://bugs.webkit.org/show_bug.cgi?id=21019
          make FunctionBodyNode::ref/deref fast

        Speeds up v8-raytrace by 7.2%.

        * kjs/nodes.cpp:
        (JSC::FunctionBodyNode::FunctionBodyNode): Initialize m_refCount to 0.
        * kjs/nodes.h:
        (JSC::FunctionBodyNode::ref): Call base class ref once, and thereafter use
        m_refCount.
        (JSC::FunctionBodyNode::deref): Ditto, but the deref side.

2008-09-22  Darin Adler  <darin (a] apple.com>

        Pointed out by Sam Weinig.

        * kjs/Arguments.cpp:
        (JSC::Arguments::fillArgList): Fix bad copy and paste. Oops!

2008-09-22  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - https://bugs.webkit.org/show_bug.cgi?id=20983
          ArgumentsData should have some room to allocate some extra arguments inline

        Speeds up v8-raytrace by 5%.

        * kjs/Arguments.cpp:
        (JSC::ArgumentsData::ArgumentsData): Use a fixed buffer if there are 4 or fewer
        extra arguments.
        (JSC::Arguments::Arguments): Use a fixed buffer if there are 4 or fewer
        extra arguments.
        (JSC::Arguments::~Arguments): Delete the buffer if necessary.
        (JSC::Arguments::mark): Update since extraArguments are now Register.
        (JSC::Arguments::fillArgList): Added special case for the only case that's
        actually used in the practice, when there are no parameters. There are some
        other special cases in there too, but that's the only one that matters.
        (JSC::Arguments::getOwnPropertySlot): Updated to use setValueSlot since there's
        no operation to get you at the JSValue* inside a Register as a "slot".

2008-09-22  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=21014
        Speed up for..in by using StructureID to avoid calls to hasProperty

        Speeds up fasta by 8%.

        * VM/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::invalidate):
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::next):
        * kjs/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::begin):
        (JSC::PropertyNameArrayData::end):
        (JSC::PropertyNameArrayData::setCachedStructureID):
        (JSC::PropertyNameArrayData::cachedStructureID):
        * kjs/StructureID.cpp:
        (JSC::StructureID::getEnumerablePropertyNames):
        (JSC::structureIDChainsAreEqual):
        * kjs/StructureID.h:

2008-09-22  Kelvin Sherlock  <ksherlock (a] gmail.com>

        Updated and tweaked by Sam Weinig.

        Reviewed by Geoffrey Garen.

        Bug 20020: Proposed enhancement to JavaScriptCore API
        <https://bugs.webkit.org/show_bug.cgi?id=20020>

        Add JSObjectMakeArray, JSObjectMakeDate, JSObjectMakeError, and JSObjectMakeRegExp
        functions to create JavaScript Array, Date, Error, and RegExp objects, respectively.

        * API/JSObjectRef.cpp: The functions
        * API/JSObjectRef.h: Function prototype and documentation
        * JavaScriptCore.exp: Added functions to exported function list
        * API/tests/testapi.c: Added basic functionality tests.

        * kjs/DateConstructor.cpp:
        Replaced static JSObject* constructDate(ExecState* exec, JSObject*, const ArgList& args)
        with JSObject* constructDate(ExecState* exec, const ArgList& args).
        Added static JSObject* constructWithDateConstructor(ExecState* exec, JSObject*, const ArgList& args) function

        * kjs/DateConstructor.h:
        added prototype for JSObject* constructDate(ExecState* exec, const ArgList& args)

        * kjs/ErrorConstructor.cpp:
        removed static qualifier from ErrorInstance* constructError(ExecState* exec, const ArgList& args)

        * kjs/ErrorConstructor.h:
        added prototype for ErrorInstance* constructError(ExecState* exec, const ArgList& args)

        * kjs/RegExpConstructor.cpp:
        removed static qualifier from JSObject* constructRegExp(ExecState* exec, const ArgList& args)

        * kjs/RegExpConstructor.h:
        added prototype for JSObject* constructRegExp(ExecState* exec, const ArgList& args)

2008-09-22  Matt Lilek  <webkit (a] mattlilek.com>

        Not reviewed, Windows build fix.

        * kjs/Arguments.cpp:
        * kjs/FunctionPrototype.cpp:

2008-09-22  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=20982
        Speed up the apply method of functions by special-casing array and 'arguments' objects

        1% speedup on v8-raytrace.

        Test: fast/js/function-apply.html

        * kjs/Arguments.cpp:
        (JSC::Arguments::fillArgList):
        * kjs/Arguments.h:
        * kjs/FunctionPrototype.cpp:
        (JSC::functionProtoFuncApply):
        * kjs/JSArray.cpp:
        (JSC::JSArray::fillArgList):
        * kjs/JSArray.h:

2008-09-22  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - https://bugs.webkit.org/show_bug.cgi?id=20993
          Array.push/pop need optimized cases for JSArray

        3% or so speedup on DeltaBlue benchmark.

        * kjs/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncPop): Call JSArray::pop when appropriate.
        (JSC::arrayProtoFuncPush): Call JSArray::push when appropriate.

        * kjs/JSArray.cpp:
        (JSC::JSArray::putSlowCase): Set m_fastAccessCutoff when appropriate, getting
        us into the fast code path.
        (JSC::JSArray::pop): Added.
        (JSC::JSArray::push): Added.
        * kjs/JSArray.h: Added push and pop.

        * kjs/operations.cpp:
        (JSC::throwOutOfMemoryError): Don't inline this. Helps us avoid PIC branches.

2008-09-22  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - speed up instanceof operator by replacing implementsHasInstance method with a TypeInfo flag

        Partial work towards <https://bugs.webkit.org/show_bug.cgi?id=20818>
        
        2.2% speedup on EarleyBoyer benchmark.

        * API/JSCallbackConstructor.cpp:
        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructureID):
        * API/JSCallbackFunction.cpp:
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructureID):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructureID):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::hasInstance):
        * API/JSValueRef.cpp:
        (JSValueIsInstanceOfConstructor):
        * JavaScriptCore.exp:
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_instanceof):
        * kjs/InternalFunction.cpp:
        * kjs/InternalFunction.h:
        (JSC::InternalFunction::createStructureID):
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/TypeInfo.h:
        (JSC::TypeInfo::implementsHasInstance):

2008-09-22  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Dave Hyatt.
        
        Based on initial work by Darin Adler.
        
        - replace masqueradesAsUndefined virtual method with a flag in TypeInfo
        - use this to JIT inline code for eq_null and neq_null
        https://bugs.webkit.org/show_bug.cgi?id=20823

        0.5% speedup on SunSpider
        ~4% speedup on Richards benchmark
        
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/Machine.cpp:
        (JSC::jsTypeStringForValue):
        (JSC::jsIsObjectType):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_is_undefined):
        * VM/Machine.h:
        * kjs/JSCell.h:
        * kjs/JSValue.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::create):
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructureID):
        * kjs/StructureID.h:
        (JSC::StructureID::mutableTypeInfo):
        * kjs/TypeInfo.h:
        (JSC::TypeInfo::TypeInfo):
        (JSC::TypeInfo::masqueradesAsUndefined):
        * kjs/operations.cpp:
        (JSC::equal):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::setne_r):
        (JSC::X86Assembler::setnz_r):
        (JSC::X86Assembler::testl_i32m):

2008-09-22  Tor Arne Vestb  <tavestbo (a] trolltech.com>

        Reviewed by Simon.

        Initialize QCoreApplication in kjs binary/Shell.cpp
        
        This allows us to use QCoreApplication::instance() to
        get the main thread in ThreadingQt.cpp

        * kjs/Shell.cpp:
        (main):
        * wtf/ThreadingQt.cpp:
        (WTF::initializeThreading):

2008-09-21  Darin Adler  <darin (a] apple.com>

        - blind attempt to fix non-all-in-one builds

        * kjs/JSGlobalObject.cpp: Added includes of Arguments.h and RegExpObject.h.

2008-09-21  Darin Adler  <darin (a] apple.com>

        - fix debug build

        * kjs/StructureID.cpp:
        (JSC::StructureID::addPropertyTransition): Use typeInfo().type() instead of m_type.
        (JSC::StructureID::createCachedPrototypeChain): Ditto.

2008-09-21  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Darin Adler.
        
        - introduce a TypeInfo class, for holding per-type (in the C++ class sense) date in StructureID
        https://bugs.webkit.org/show_bug.cgi?id=20981

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompilePutByIdTransition):
        * VM/Machine.cpp:
        (JSC::jsIsObjectType):
        (JSC::Machine::Machine):
        * kjs/AllInOneFile.cpp:
        * kjs/JSCell.h:
        (JSC::JSCell::isObject):
        (JSC::JSCell::isString):
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * kjs/JSGlobalObject.h:
        (JSC::StructureID::prototypeForLookup):
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::createStructureID):
        * kjs/JSObject.cpp:
        (JSC::JSObject::createInheritorID):
        * kjs/JSObject.h:
        (JSC::JSObject::createStructureID):
        * kjs/JSString.h:
        (JSC::JSString::createStructureID):
        * kjs/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * kjs/RegExpConstructor.cpp:
        * kjs/RegExpMatchesArray.h: Added.
        (JSC::RegExpMatchesArray::getOwnPropertySlot):
        (JSC::RegExpMatchesArray::put):
        (JSC::RegExpMatchesArray::deleteProperty):
        (JSC::RegExpMatchesArray::getPropertyNames):
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::addPropertyTransition):
        (JSC::StructureID::toDictionaryTransition):
        (JSC::StructureID::changePrototypeTransition):
        (JSC::StructureID::getterSetterTransition):
        * kjs/StructureID.h:
        (JSC::StructureID::create):
        (JSC::StructureID::typeInfo):
        * kjs/TypeInfo.h: Added.
        (JSC::TypeInfo::TypeInfo):
        (JSC::TypeInfo::type):

2008-09-21  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - fix crash logging into Gmail due to recent Arguments change

        * kjs/Arguments.cpp:
        (JSC::Arguments::Arguments): Fix window where mark() function could
        see d->extraArguments with uninitialized contents.
        (JSC::Arguments::mark): Check d->extraArguments for 0 to handle two
        cases: 1) Inside the constructor before it's initialized.
        2) numArguments <= numParameters.

2008-09-21  Darin Adler  <darin (a] apple.com>

        - fix loose end from the "duplicate constant values" patch

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitLoad): Add a special case for values the
        hash table can't handle.

2008-09-21  Mark Rowe  <mrowe (a] apple.com>

        Fix the non-AllInOneFile build.

        * kjs/Arguments.cpp: Add missing #include.

2008-09-21  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich and Mark Rowe.

        - fix test failure caused by my recent IndexToNameMap patch

        * kjs/Arguments.cpp:
        (JSC::Arguments::deleteProperty): Added the accidentally-omitted
        check of the boolean result from toArrayIndex.

2008-09-21  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        - https://bugs.webkit.org/show_bug.cgi?id=20975
          inline immediate-number case of ==

        * VM/CTI.h: Renamed emitJumpSlowCaseIfNotImm to
        emitJumpSlowCaseIfNotImmNum, since the old name was incorrect.

        * VM/CTI.cpp: Updated for new name.
        (JSC::CTI::privateCompileMainPass): Added op_eq.
        (JSC::CTI::privateCompileSlowCases): Added op_eq.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_eq): Removed fast case, since it's now
        compiled.

2008-09-21  Peter Gal  <galpter (a] inf.u-szeged.hu>

        Reviewed by Tim Hatcher and Eric Seidel.

        Fix the QT/Linux JavaScriptCore segmentation fault.
        https://bugs.webkit.org/show_bug.cgi?id=20914

        * wtf/ThreadingQt.cpp:
        (WTF::initializeThreading): Use currentThread() if
        platform is not a MAC (like in pre 36541 revisions)

2008-09-21  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        * kjs/debugger.h: Removed some unneeded includes and declarations.

2008-09-21  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - https://bugs.webkit.org/show_bug.cgi?id=20972
          speed up Arguments further by eliminating the IndexToNameMap

        No change on SunSpider. 1.29x as fast on V8 Raytrace.

        * kjs/Arguments.cpp: Moved ArgumentsData in here. Eliminated the
        indexToNameMap and hadDeletes data members. Changed extraArguments into
        an OwnArrayPtr and added deletedArguments, another OwnArrayPtr.
        Replaced numExtraArguments with numParameters, since that's what's
        used more directly in hot code paths.
        (JSC::Arguments::Arguments): Pass in argument count instead of ArgList.
        Initialize ArgumentsData the new way.
        (JSC::Arguments::mark): Updated.
        (JSC::Arguments::getOwnPropertySlot): Overload for the integer form so
        we don't have to convert integers to identifiers just to get an argument.
        Integrated the deleted case with the fast case.
        (JSC::Arguments::put): Ditto.
        (JSC::Arguments::deleteProperty): Ditto.

        * kjs/Arguments.h: Minimized includes. Made everything private. Added
        overloads for the integral property name case. Eliminated mappedIndexSetter.
        Moved ArgumentsData into the .cpp file.

        * kjs/IndexToNameMap.cpp: Emptied out and prepared for deletion.
        * kjs/IndexToNameMap.h: Ditto.

        * kjs/JSActivation.cpp:
        (JSC::JSActivation::createArgumentsObject): Elminated ArgList.

        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * kjs/AllInOneFile.cpp:
        Removed IndexToNameMap.

2008-09-21  Darin Adler  <darin (a] apple.com>

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitLoad): One more tweak: Wrote this in a slightly
        clearer style.

2008-09-21  Judit Jasz  <jasy (a] inf.u-szeged.hu>

        Reviewed and tweaked by Darin Adler.

        - https://bugs.webkit.org/show_bug.cgi?id=20645
          Elminate duplicate constant values in CodeBlocks.

        Seems to be a wash on SunSpider.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitLoad): Use m_numberMap and m_stringMap to guarantee
        we emit the same JSValue* for identical numbers and strings.
        * VM/CodeGenerator.h: Added overload of emitLoad for const Identifier&.
        Add NumberMap and IdentifierStringMap types and m_numberMap and m_stringMap.
        * kjs/nodes.cpp:
        (JSC::StringNode::emitCode): Call the new emitLoad and let it do the
        JSString creation.

2008-09-21  Paul Pedriana  <webkit (a] pedriana.com>

        Reviewed and tweaked by Darin Adler.

        - https://bugs.webkit.org/show_bug.cgi?id=16925
          Fixed lack of Vector buffer alignment for both GCC and MSVC.
          Since there's no portable way to do this, for now we don't support
          other compilers.

        * wtf/Vector.h: Added WTF_ALIGH_ON, WTF_ALIGNED, AlignedBufferChar, and AlignedBuffer.
        Use AlignedBuffer insteadof an array of char in VectorBuffer.

2008-09-21  Gabor Loki  <loki (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        - https://bugs.webkit.org/show_bug.cgi?id=19408
          Add lightweight constant folding to the parser for *, /, + (only for numbers), <<, >>, ~ operators.

        1.008x as fast on SunSpider.

        * kjs/grammar.y:
        (makeNegateNode): Fold if expression is a number > 0.
        (makeBitwiseNotNode): Fold if expression is a number.
        (makeMultNode): Fold if expressions are both numbers.
        (makeDivNode): Fold if expressions are both numbers.
        (makeAddNode): Fold if expressions are both numbers.
        (makeLeftShiftNode): Fold if expressions are both numbers.
        (makeRightShiftNode): Fold if expressions are both numbers.

2008-09-21  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver.
        
        - speed up === operator by generating inline machine code for the fast paths
        https://bugs.webkit.org/show_bug.cgi?id=20820

        * VM/CTI.cpp:
        (JSC::CTI::emitJumpSlowCaseIfNotImmediateNumber):
        (JSC::CTI::emitJumpSlowCaseIfNotImmediateNumbers):
        (JSC::CTI::emitJumpSlowCaseIfNotImmediates):
        (JSC::CTI::emitTagAsBoolImmediate):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_stricteq):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::sete_r):
        (JSC::X86Assembler::setz_r):
        (JSC::X86Assembler::movzbl_rr):
        (JSC::X86Assembler::emitUnlinkedJnz):

2008-09-21  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Free memory allocated for extra arguments in the destructor of the
        Arguments object.

        * kjs/Arguments.cpp:
        (JSC::Arguments::~Arguments):
        * kjs/Arguments.h:

2008-09-21  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20815: 'arguments' object creation is non-optimal
        <https://bugs.webkit.org/show_bug.cgi?id=20815>

        Fix our inefficient way of creating the arguments object by only
        creating named properties for each of the arguments after a use of the
        'delete' statement. This patch also speeds up access to the 'arguments'
        object slightly, but it still does not use the array fast path for
        indexed access that exists for many opcodes.

        This is about a 20% improvement on the V8 Raytrace benchmark, and a 1.5%
        improvement on the Earley-Boyer benchmark, which gives a 4% improvement
        overall.

        * kjs/Arguments.cpp:
        (JSC::Arguments::Arguments):
        (JSC::Arguments::mark):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::put):
        (JSC::Arguments::deleteProperty):
        * kjs/Arguments.h:
        (JSC::Arguments::ArgumentsData::ArgumentsData):
        * kjs/IndexToNameMap.h:
        (JSC::IndexToNameMap::size):
        * kjs/JSActivation.cpp:
        (JSC::JSActivation::createArgumentsObject):
        * kjs/JSActivation.h:
        (JSC::JSActivation::uncheckedSymbolTableGet):
        (JSC::JSActivation::uncheckedSymbolTableGetValue):
        (JSC::JSActivation::uncheckedSymbolTablePut):
        * kjs/JSFunction.h:
        (JSC::JSFunction::numParameters):

2008-09-20  Darin Adler  <darin (a] apple.com>

        Reviewed by Mark Rowe.

        - fix crash seen on buildbot

        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::mark): Add back mark of arrayPrototype,
        deleted by accident in my recent check-in.

2008-09-20  Maciej Stachowiak  <mjs (a] apple.com>

        Not reviewed, build fix.
        
        - speculative fix for non-AllInOne builds

        * kjs/operations.h:

2008-09-20  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Darin Adler.
        
        - assorted optimizations to === and !== operators
        (work towards <https://bugs.webkit.org/show_bug.cgi?id=20820>)
        
        2.5% speedup on earley-boyer test

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_stricteq): Use inline version of
        strictEqualSlowCase; remove unneeded exception check.
        (JSC::Machine::cti_op_nstricteq): ditto
        * kjs/operations.cpp:
        (JSC::strictEqual): Use strictEqualSlowCaseInline
        (JSC::strictEqualSlowCase): ditto
        * kjs/operations.h:
        (JSC::strictEqualSlowCaseInline): Version of strictEqualSlowCase that can be inlined,
        since the extra function call indirection is a lose for CTI.

2008-09-20  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        - finish https://bugs.webkit.org/show_bug.cgi?id=20858
          make each distinct C++ class get a distinct JSC::Structure

        This also includes some optimizations that make the change an overall
        small speedup. Without those it was a bit of a slowdown.

        * API/JSCallbackConstructor.cpp:
        (JSC::JSCallbackConstructor::JSCallbackConstructor): Take a structure.
        * API/JSCallbackConstructor.h: Ditto.
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::JSCallbackFunction): Pass a structure.
        * API/JSCallbackObject.h: Take a structure.
        * API/JSCallbackObjectFunctions.h:
        (JSC::JSCallbackObject::JSCallbackObject): Ditto.

        * API/JSClassRef.cpp:
        (OpaqueJSClass::prototype): Pass in a structure. Call setPrototype
        if there's a custom prototype involved.
        * API/JSObjectRef.cpp:
        (JSObjectMake): Ditto.
        (JSObjectMakeConstructor): Pass in a structure.

        * JavaScriptCore.exp: Updated.

        * VM/Machine.cpp:
        (JSC::jsLess): Added a special case for when both arguments are strings.
        This avoids converting both strings to with UString::toDouble.
        (JSC::jsLessEq): Ditto.
        (JSC::Machine::privateExecute): Pass in a structure.
        (JSC::Machine::cti_op_construct_JSConstruct): Ditto.
        (JSC::Machine::cti_op_new_regexp): Ditto.
        (JSC::Machine::cti_op_is_string): Ditto.
        * VM/Machine.h: Made isJSString public so it can be used in the CTI.

        * kjs/Arguments.cpp:
        (JSC::Arguments::Arguments): Pass in a structure.

        * kjs/JSCell.h: Mark constructor explicit.

        * kjs/JSGlobalObject.cpp:
        (JSC::markIfNeeded): Added an overload for marking structures.
        (JSC::JSGlobalObject::reset): Eliminate code to set data members to
        zero. We now do that in the constructor, and we no longer use this
        anywhere except in the constructor. Added code to create structures.
        Pass structures rather than prototypes when creating objects.
        (JSC::JSGlobalObject::mark): Mark the structures.

        * kjs/JSGlobalObject.h: Removed unneeded class declarations.
        Added initializers for raw pointers in JSGlobalObjectData so
        everything starts with a 0. Added structure data and accessor
        functions.

        * kjs/JSImmediate.cpp:
        (JSC::JSImmediate::nonInlineNaN): Added.
        * kjs/JSImmediate.h:
        (JSC::JSImmediate::toDouble): Rewrote to avoid PIC branches.

        * kjs/JSNumberCell.cpp:
        (JSC::jsNumberCell): Made non-inline to avoid PIC branches
        in functions that call this one.
        (JSC::jsNaN): Ditto.
        * kjs/JSNumberCell.h: Ditto.

        * kjs/JSObject.h: Removed constructor that takes a prototype.
        All callers now pass structures.

        * kjs/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        (JSC::constructArrayWithSizeQuirk):
        * kjs/ArrayConstructor.h:
        * kjs/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::ArrayPrototype):
        * kjs/ArrayPrototype.h:
        * kjs/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        (JSC::constructBoolean):
        (JSC::constructBooleanFromImmediateBoolean):
        * kjs/BooleanConstructor.h:
        * kjs/BooleanObject.cpp:
        (JSC::BooleanObject::BooleanObject):
        * kjs/BooleanObject.h:
        * kjs/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * kjs/BooleanPrototype.h:
        * kjs/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        (JSC::constructDate):
        * kjs/DateConstructor.h:
        * kjs/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * kjs/DateInstance.h:
        * kjs/DatePrototype.cpp:
        (JSC::DatePrototype::DatePrototype):
        * kjs/DatePrototype.h:
        * kjs/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        (JSC::constructError):
        * kjs/ErrorConstructor.h:
        * kjs/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * kjs/ErrorInstance.h:
        * kjs/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * kjs/ErrorPrototype.h:
        * kjs/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * kjs/FunctionConstructor.h:
        * kjs/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        (JSC::FunctionPrototype::addFunctionProperties):
        * kjs/FunctionPrototype.h:
        * kjs/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        * kjs/GlobalEvalFunction.h:
        * kjs/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * kjs/InternalFunction.h:
        (JSC::InternalFunction::InternalFunction):
        * kjs/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::constructEmptyArray):
        (JSC::constructArray):
        * kjs/JSArray.h:
        * kjs/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::construct):
        * kjs/JSObject.cpp:
        (JSC::constructEmptyObject):
        * kjs/JSString.cpp:
        (JSC::StringObject::create):
        * kjs/JSWrapperObject.h:
        * kjs/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * kjs/MathObject.h:
        * kjs/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        (JSC::NativeErrorConstructor::construct):
        * kjs/NativeErrorConstructor.h:
        * kjs/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * kjs/NativeErrorPrototype.h:
        * kjs/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        (JSC::constructWithNumberConstructor):
        * kjs/NumberConstructor.h:
        * kjs/NumberObject.cpp:
        (JSC::NumberObject::NumberObject):
        (JSC::constructNumber):
        (JSC::constructNumberFromImmediateNumber):
        * kjs/NumberObject.h:
        * kjs/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * kjs/NumberPrototype.h:
        * kjs/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::constructObject):
        * kjs/ObjectConstructor.h:
        * kjs/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * kjs/ObjectPrototype.h:
        * kjs/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * kjs/PrototypeFunction.h:
        * kjs/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        (JSC::RegExpMatchesArray::RegExpMatchesArray):
        (JSC::constructRegExp):
        * kjs/RegExpConstructor.h:
        * kjs/RegExpObject.cpp:
        (JSC::RegExpObject::RegExpObject):
        * kjs/RegExpObject.h:
        * kjs/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * kjs/RegExpPrototype.h:
        * kjs/Shell.cpp:
        (GlobalObject::GlobalObject):
        * kjs/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        (JSC::constructWithStringConstructor):
        * kjs/StringConstructor.h:
        * kjs/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * kjs/StringObject.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
        * kjs/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * kjs/StringPrototype.h:
        Take and pass structures.

2008-09-19  Alp Toker  <alp (a] nuanti.com>

        Build fix for the 'gold' linker and recent binutils. New behaviour
        requires that we link to used libraries explicitly.

        * GNUmakefile.am:

2008-09-19  Sam Weinig  <sam (a] webkit.org>

        Roll r36694 back in.  It did not cause the crash.

        * JavaScriptCore.exp:
        * VM/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::invalidate):
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::create):
        * kjs/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h:
        * kjs/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * kjs/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::create):
        (JSC::PropertyNameArrayData::propertyNameVector):
        (JSC::PropertyNameArrayData::setCachedPrototypeChain):
        (JSC::PropertyNameArrayData::cachedPrototypeChain):
        (JSC::PropertyNameArrayData::begin):
        (JSC::PropertyNameArrayData::end):
        (JSC::PropertyNameArrayData::PropertyNameArrayData):
        (JSC::PropertyNameArray::PropertyNameArray):
        (JSC::PropertyNameArray::addKnownUnique):
        (JSC::PropertyNameArray::size):
        (JSC::PropertyNameArray::operator[]):
        (JSC::PropertyNameArray::begin):
        (JSC::PropertyNameArray::end):
        (JSC::PropertyNameArray::setData):
        (JSC::PropertyNameArray::data):
        (JSC::PropertyNameArray::releaseData):
        * kjs/StructureID.cpp:
        (JSC::structureIDChainsAreEqual):
        (JSC::StructureID::getEnumerablePropertyNames):
        (JSC::StructureID::clearEnumerationCache):
        (JSC::StructureID::createCachedPrototypeChain):
        * kjs/StructureID.h:

2008-09-19  Sam Weinig  <sam (a] webkit.org>

        Roll out r36694.

        * JavaScriptCore.exp:
        * VM/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::invalidate):
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::create):
        * kjs/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h:
        * kjs/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * kjs/PropertyNameArray.h:
        (JSC::PropertyNameArray::PropertyNameArray):
        (JSC::PropertyNameArray::addKnownUnique):
        (JSC::PropertyNameArray::begin):
        (JSC::PropertyNameArray::end):
        (JSC::PropertyNameArray::size):
        (JSC::PropertyNameArray::operator[]):
        (JSC::PropertyNameArray::releaseIdentifiers):
        * kjs/StructureID.cpp:
        (JSC::StructureID::getEnumerablePropertyNames):
        * kjs/StructureID.h:
        (JSC::StructureID::clearEnumerationCache):

2008-09-19  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Improve peformance of local variable initialisation.

        Pull local and constant initialisation out of slideRegisterWindowForCall
        and into its own opcode.  This allows the JIT to generate the initialisation
        code for a function directly into the instruction stream and so avoids a few
        branches on function entry.

        Results a 1% progression in SunSpider, particularly in a number of the bitop
        tests where the called functions are very fast. 

        * VM/CTI.cpp:
        (JSC::CTI::emitInitialiseRegister):
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::CodeGenerator):
        * VM/Machine.cpp:
        (JSC::slideRegisterWindowForCall):
        (JSC::Machine::privateExecute):
        * VM/Opcode.h:

2008-09-19  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Darin Adler.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=20928
        Speed up JS property enumeration by caching entire PropertyNameArray

        1.3% speedup on Sunspider, 30% on string-fasta.

        * JavaScriptCore.exp:
        * VM/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::invalidate):
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::create):
        * kjs/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h:
        * kjs/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * kjs/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::create):
        (JSC::PropertyNameArrayData::propertyNameVector):
        (JSC::PropertyNameArrayData::setCachedPrototypeChain):
        (JSC::PropertyNameArrayData::cachedPrototypeChain):
        (JSC::PropertyNameArrayData::begin):
        (JSC::PropertyNameArrayData::end):
        (JSC::PropertyNameArrayData::PropertyNameArrayData):
        (JSC::PropertyNameArray::PropertyNameArray):
        (JSC::PropertyNameArray::addKnownUnique):
        (JSC::PropertyNameArray::size):
        (JSC::PropertyNameArray::operator[]):
        (JSC::PropertyNameArray::begin):
        (JSC::PropertyNameArray::end):
        (JSC::PropertyNameArray::setData):
        (JSC::PropertyNameArray::data):
        (JSC::PropertyNameArray::releaseData):
        * kjs/ScopeChain.cpp:
        (JSC::ScopeChainNode::print):
        * kjs/StructureID.cpp:
        (JSC::structureIDChainsAreEqual):
        (JSC::StructureID::getEnumerablePropertyNames):
        (JSC::StructureID::clearEnumerationCache):
        (JSC::StructureID::createCachedPrototypeChain):
        * kjs/StructureID.h:

2008-09-19  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Reviewed by Maciej Stachowiak.

        Fix a mismatched new[]/delete in JSObject::allocatePropertyStorage

        * kjs/JSObject.cpp:
        (JSC::JSObject::allocatePropertyStorage): Spotted by valgrind.

2008-09-19  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - part 2 of https://bugs.webkit.org/show_bug.cgi?id=20858
          make each distinct C++ class get a distinct JSC::Structure

        * JavaScriptCore.exp: Exported constructEmptyObject for use in WebCore.

        * kjs/JSGlobalObject.h: Changed the protected constructor to take a
        structure instead of a prototype.

        * kjs/JSVariableObject.h: Removed constructor that takes a prototype.

2008-09-19  Julien Chaffraix  <jchaffraix (a] pleyo.com>

        Reviewed by Alexey Proskuryakov.

        Use the template hoisting technique on the RefCounted class. This reduces the code bloat due to
        non-template methods' code been copied for each instance of the template.
        The patch splits RefCounted between a base class that holds non-template methods and attributes
        and the template RefCounted class that keeps the same functionnality.

        On my Linux with gcc 4.3 for the Gtk port, this is:
        - a ~600KB save on libwebkit.so in release.
        - a ~1.6MB save on libwebkit.so in debug.

        It is a wash on Sunspider and a small win on Dromaeo (not sure it is relevant).
        On the whole, it should be a small win as we reduce the compiled code size and the only
        new function call should be inlined by the compiler.

        * wtf/RefCounted.h:
        (WTF::RefCountedBase::ref): Copied from RefCounted.
        (WTF::RefCountedBase::hasOneRef): Ditto.
        (WTF::RefCountedBase::refCount): Ditto.
        (WTF::RefCountedBase::RefCountedBase): Ditto.
        (WTF::RefCountedBase::~RefCountedBase): Ditto.
        (WTF::RefCountedBase::derefBase): Tweaked from the RefCounted version to remove
        template section.
        (WTF::RefCounted::RefCounted):
        (WTF::RefCounted::deref): Small wrapper around RefCountedBase::derefBase().
        (WTF::RefCounted::~RefCounted): Keep private destructor.

2008-09-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        - part 1 of https://bugs.webkit.org/show_bug.cgi?id=20858
          make each distinct C++ class get a distinct JSC::Structure

        * kjs/lookup.h: Removed things here that were used only in WebCore:
        cacheGlobalObject, JSC_DEFINE_PROTOTYPE, JSC_DEFINE_PROTOTYPE_WITH_PROTOTYPE,
        and JSC_IMPLEMENT_PROTOTYPE.

2008-09-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej Stachowiak.

        - https://bugs.webkit.org/show_bug.cgi?id=20927
          simplify/streamline the code to turn strings into identifiers while parsing

        * kjs/grammar.y: Get rid of string from the union, and use ident for STRING as
        well as for IDENT.

        * kjs/lexer.cpp:
        (JSC::Lexer::lex): Use makeIdentifier instead of makeUString for String.
        * kjs/lexer.h: Remove makeUString.

        * kjs/nodes.h: Changed StringNode to hold an Identifier instead of UString.

        * VM/CodeGenerator.cpp:
        (JSC::keyForCharacterSwitch): Updated since StringNode now holds an Identifier.
        (JSC::prepareJumpTableForStringSwitch): Ditto.
        * kjs/nodes.cpp:
        (JSC::StringNode::emitCode): Ditto. The comment from here is now in the lexer.
        (JSC::processClauseList): Ditto.
        * kjs/nodes2string.cpp:
        (JSC::StringNode::streamTo): Ditto.

2008-09-18  Sam Weinig  <sam (a] webkit.org>

        Fix style.

        * VM/Instruction.h:
        (JSC::Instruction::Instruction):

2008-09-18  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Bug 20911: REGRESSION(r36480?): Reproducible assertion failure below derefStructureIDs 64-bit JavaScriptCore
        <https://bugs.webkit.org/show_bug.cgi?id=20911>

        The problem was simply caused by the int constructor for Instruction
        failing to initialise the full struct in 64bit builds.

        * VM/Instruction.h:
        (JSC::Instruction::Instruction):

2008-09-18  Darin Adler  <darin (a] apple.com>

        - fix release build

        * wtf/RefCountedLeakCounter.cpp: Removed stray "static".

2008-09-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        * kjs/JSGlobalObject.h: Tiny style guideline tweak.

2008-09-18  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - fix https://bugs.webkit.org/show_bug.cgi?id=20925
          LEAK messages appear every time I quit

        * JavaScriptCore.exp: Updated, and also added an export
        needed for future WebCore use of JSC::StructureID.

        * wtf/RefCountedLeakCounter.cpp:
        (WTF::RefCountedLeakCounter::suppressMessages): Added.
        (WTF::RefCountedLeakCounter::cancelMessageSuppression): Added.
        (WTF::RefCountedLeakCounter::RefCountedLeakCounter): Tweaked a bit.
        (WTF::RefCountedLeakCounter::~RefCountedLeakCounter): Added code to
        log the reason there was no leak checking done.
        (WTF::RefCountedLeakCounter::increment): Tweaked a bit.
        (WTF::RefCountedLeakCounter::decrement): Ditto.

        * wtf/RefCountedLeakCounter.h: Replaced setLogLeakMessages with two
        new functions, suppressMessages and cancelMessageSuppression. Also
        added m_ prefixes to the data member names.

2008-09-18  Holger Hans Peter Freyther  <zecke (a] selfish.org>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=20437

        Add a proper #define to define which XML Parser implementation to use. Client
        code can use #if USE(QXMLSTREAM) to decide if the Qt XML StreamReader
        implementation is going to be used.

        * wtf/Platform.h:

2008-09-18  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Make a Unicode non-breaking space count as a whitespace character in
        PCRE. This change was already made in WREC, and it fixes one of the
        Mozilla JS tests. Since it is now fixed in PCRE as well, we can check
        in a new set of expected test results.

        * pcre/pcre_internal.h:
        (isSpaceChar):
        * tests/mozilla/expected.html:

2008-09-18  Stephanie Lewis  <slewis (a] apple.com>

        Reviewed by Mark Rowe and Maciej Stachowiak.

        add an option use arch to specify which architecture to run.

        * tests/mozilla/jsDriver.pl:

2008-09-17  Oliver Hunt  <oliver (a] apple.com>

        Correctly restore argument reference prior to SFX runtime calls.
        
        Reviewed by Steve Falkenburg.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):

2008-09-17  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20876: REGRESSION (r36417, r36427): fast/js/exception-expression-offset.html fails
        <https://bugs.webkit.org/show_bug.cgi?id=20876>

        r36417 and r36427 caused an get_by_id opcode to be emitted before the
        instanceof and construct opcodes, in order to enable inline caching of
        the prototype property. Unfortunately, this regressed some tests dealing
        with exceptions thrown by 'instanceof' and the 'new' operator. We fix
        these problems by detecting whether an "is not an object" exception is
        thrown before op_instanceof or op_construct, and emit the proper
        exception in those cases.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitConstruct):
        * VM/CodeGenerator.h:
        * VM/ExceptionHelpers.cpp:
        (JSC::createInvalidParamError):
        (JSC::createNotAConstructorError):
        (JSC::createNotAnObjectError):
        * VM/ExceptionHelpers.h:
        * VM/Machine.cpp:
        (JSC::Machine::getOpcode):
        (JSC::Machine::privateExecute):
        * VM/Machine.h:
        * kjs/nodes.cpp:
        (JSC::NewExprNode::emitCode):
        (JSC::InstanceOfNode::emitCode):

2008-09-17  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        JIT generation cti_op_construct_verify.
        
        Quarter to half percent progression on v8-tests.
        Roughly not change on SunSpider (possible minor progression).

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/Machine.cpp:
        * VM/Machine.h:

2008-09-15  Steve Falkenburg  <sfalken (a] apple.com>

        Improve timer accuracy for JavaScript Date object on Windows.
        
        Use a combination of ftime and QueryPerformanceCounter.
        ftime returns the information we want, but doesn't have sufficient resolution.
        QueryPerformanceCounter has high resolution, but is only usable to measure time intervals.
        To combine them, we call ftime and QueryPerformanceCounter initially. Later calls will use
        QueryPerformanceCounter by itself, adding the delta to the saved ftime.  We re-sync to
        correct for drift if the low-res and high-res elapsed time between calls differs by more
        than twice the low-resolution timer resolution.
        
        QueryPerformanceCounter may be inaccurate due to a problems with:
        - some PCI bridge chipsets (http://support.microsoft.com/kb/274323)
        - BIOS bugs (http://support.microsoft.com/kb/895980/)
        - BIOS/HAL bugs on multiprocessor/multicore systems (http://msdn.microsoft.com/en-us/library/ms644904.aspx)
        
        Reviewed by Darin Adler.

        * kjs/DateMath.cpp:
        (JSC::highResUpTime):
        (JSC::lowResUTCTime):
        (JSC::qpcAvailable):
        (JSC::getCurrentUTCTimeWithMicroseconds):

2008-09-17  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Implement JIT generation of CallFrame initialization, for op_call.

        1% sunspider 2.5% v8-tests.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall):
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_op_call_NotJSFunction):

2008-09-17  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Optimizations for op_call in CTI.  Move check for (ctiCode == 0) into JIT code,
        move copying of scopeChain for CodeBlocks that needFullScopeChain into head of
        functions, instead of checking prior to making the call.

        3% on v8-tests (4% on richards, 6% in delta-blue)

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        * VM/Machine.cpp:
        (JSC::Machine::execute):
        (JSC::Machine::cti_op_call_JSFunction):
        (JSC::Machine::cti_vm_compile):
        (JSC::Machine::cti_vm_updateScopeChain):
        (JSC::Machine::cti_op_construct_JSConstruct):
        * VM/Machine.h:

2008-09-17  Tor Arne Vestb  <tavestbo (a] trolltech.com>

        Fix the QtWebKit/Mac build

        * wtf/ThreadingQt.cpp:
        (WTF::initializeThreading): use QCoreApplication to get the main thread

2008-09-16  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20857: REGRESSION (r36427): ASSERTION FAILED: m_refCount >= 0 in RegisterID::deref()
        <https://bugs.webkit.org/show_bug.cgi?id=20857>

        Fix a problem stemming from the slightly unsafe behaviour of the
        CodeGenerator::finalDestination() method by putting the "func" argument
        of the emitConstruct() method in a RefPtr in its caller. Also, add an
        assertion guaranteeing that this is always the case.

        CodeGenerator::finalDestination() is still incorrect and can cause
        problems with a different allocator; see bug 20340 for more details.

        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitConstruct):
        * kjs/nodes.cpp:
        (JSC::NewExprNode::emitCode):

2008-09-16  Alice Liu  <alice.liu (a] apple.com>

        build fix.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):

2008-09-16  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        CTI code generation for op_ret.  The majority of the work
        (updating variables on the stack & on exec) can be performed
        directly in generated code.

        We still need to check, & to call out to C-code to handle
        activation records, profiling, and full scope chains.

        +1.5% Sunspider, +5/6% v8 tests.

        * VM/CTI.cpp:
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::cti_op_ret_activation):
        (JSC::Machine::cti_op_ret_profiler):
        (JSC::Machine::cti_op_ret_scopeChain):
        * VM/Machine.h:

2008-09-16  Dimitri Glazkov  <dglazkov (a] chromium.org>

        Fix the Windows build.

        Add some extra parentheses to stop MSVC from complaining so much.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        * kjs/operations.cpp:
        (JSC::strictEqual):

2008-09-15  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - speed up the === and !== operators by choosing the fast cases better
        
        No effect on SunSpider but speeds up the V8 EarlyBoyer benchmark about 4%.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_stricteq):
        (JSC::Machine::cti_op_nstricteq):
        * kjs/JSImmediate.h:
        (JSC::JSImmediate::areBothImmediate):
        * kjs/operations.cpp:
        (JSC::strictEqual):
        (JSC::strictEqualSlowCase):
        * kjs/operations.h:

2008-09-15  Oliver Hunt  <oliver (a] apple.com>

        RS=Sam Weinig.

        Coding style cleanup.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):

2008-09-15  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 20874: op_resolve does not do any form of caching
        <https://bugs.webkit.org/show_bug.cgi?id=20874>

        This patch adds an op_resolve_global opcode to handle (and cache)
        property lookup we can statically determine must occur on the global
        object (if at all).

        3% progression on sunspider, 3.2x improvement to bitops-bitwise-and, and
        10% in math-partial-sums

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::findScopedProperty):
        (JSC::CodeGenerator::emitResolve):
        * VM/Machine.cpp:
        (JSC::resolveGlobal):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_resolve_global):
        * VM/Machine.h:
        * VM/Opcode.h:

2008-09-15  Sam Weinig  <sam (a] webkit.org>

        Roll out r36462.  It broke document.all.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::Machine):
        (JSC::Machine::cti_op_eq_null):
        (JSC::Machine::cti_op_neq_null):
        * VM/Machine.h:
        (JSC::Machine::isJSString):
        * kjs/JSCell.h:
        * kjs/JSWrapperObject.h:
        * kjs/StringObject.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:

2008-09-15  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20863: ASSERTION FAILED: addressOffset < instructions.size() in CodeBlock::getHandlerForVPC
        <https://bugs.webkit.org/show_bug.cgi?id=20863>

        r36427 changed the number of arguments to op_construct without changing
        the argument index for the vPC in the call to initializeCallFrame() in
        the CTI case. This caused a JSC test failure. Correcting the argument
        index fixes the test failure.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_construct_JSConstruct):

2008-09-15  Mark Rowe  <mrowe (a] apple.com>

        Fix GCC 4.2 build.

        * VM/CTI.h:

2008-09-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Fixed a typo in op_get_by_id_chain that caused it to miss every time
        in the interpreter.
        
        Also, a little cleanup.

        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Set up baseObject before entering the
        loop, so we compare against the right values.

2008-09-15  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Removed the CalledAsConstructor flag from the call frame header. Now,
        we use an explicit opcode at the call site to fix up constructor results.

        SunSpider says 0.4% faster.
        
        cti_op_construct_verify is an out-of-line function call for now, but we
        can fix that once StructureID holds type information like isObject.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass): Codegen for the new opcode.

        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):

        * VM/CodeGenerator.cpp: Codegen for the new opcode. Also...
        (JSC::CodeGenerator::emitCall): ... don't test for known non-zero value.
        (JSC::CodeGenerator::emitConstruct): ... ditto.

        * VM/Machine.cpp: No more CalledAsConstructor
        (JSC::Machine::privateExecute): Implementation for the new opcode.
        (JSC::Machine::cti_op_ret): The speedup: no need to check whether we were
        called as a constructor.
        (JSC::Machine::cti_op_construct_verify): Implementation for the new opcode.
        * VM/Machine.h:

        * VM/Opcode.h: Declare new opcode.

        * VM/RegisterFile.h:
        (JSC::RegisterFile::): No more CalledAsConstructor

2008-09-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Inline code generation of eq_null/neq_null for CTI.  Uses vptr checking for
        StringObjectsThatAreMasqueradingAsBeingUndefined.  In the long run, the
        masquerading may be handled differently (through the StructureIDs - see bug
        #20823).

        >1% on v8-tests.

        * VM/CTI.cpp:
        (JSC::CTI::emitJumpSlowCaseIfIsJSCell):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::Machine):
        (JSC::Machine::cti_op_eq_null):
        (JSC::Machine::cti_op_neq_null):
        * VM/Machine.h:
        (JSC::Machine::doesMasqueradesAsUndefined):
        * kjs/JSWrapperObject.h:
        (JSC::JSWrapperObject::):
        (JSC::JSWrapperObject::JSWrapperObject):
        * kjs/StringObject.h:
        (JSC::StringObject::StringObject):
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):

2008-09-15  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Oliver Hunt.

        r36427 broke CodeBlock::dump() by changing the number of arguments to
        op_construct without changing the code that prints it. This patch fixes
        it by printing the additional argument.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):

2008-09-15  Adam Roben  <aroben (a] apple.com>

        Build fix

        * kjs/StructureID.cpp: Removed a stray semicolon.

2008-09-15  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Fix a crash in fast/js/exception-expression-offset.html caused by not
        updating all mentions of the length of op_construct in r36427.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_construct_NotJSConstruct):

2008-09-15  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix layout test failure introduced by fix for 20849
        
        (The failing test was fast/js/delete-then-put.html)

        * kjs/JSObject.cpp:
        (JSC::JSObject::removeDirect): Clear enumeration cache
        in the dictionary case.
        * kjs/JSObject.h:
        (JSC::JSObject::putDirect): Ditto.
        * kjs/StructureID.h:
        (JSC::StructureID::clearEnumerationCache): Inline to handle the
        clear.

2008-09-15  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix JSC test failures introduced by fix for 20849

        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames): Use the correct count.

2008-09-15  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20851: REGRESSION (r36410): fast/js/kde/GlobalObject.html fails
        <https://bugs.webkit.org/show_bug.cgi?id=20851>

        r36410 introduced an optimization for parseInt() that is incorrect when
        its argument is larger than the range of a 32-bit integer. If the
        argument is a number that is not an immediate integer, then the correct
        behaviour is to return the floor of its value, unless it is an infinite
        value, in which case the correct behaviour is to return 0.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):

2008-09-15  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=20849
        Cache property names for getEnumerablePropertyNames in the StructureID.

        ~0.5% speedup on Sunspider overall (9.7% speedup on string-fasta).  ~1% speedup
        on the v8 test suite.

        * kjs/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h:
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::getEnumerablePropertyNames):
        * kjs/StructureID.h:

2008-09-14  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - speed up JS construction by extracting "prototype" lookup so PIC applies.
        
        ~0.5% speedup on SunSpider
        Speeds up some of the V8 tests as well, most notably earley-boyer.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall): Account for extra arg for prototype.
        (JSC::CTI::privateCompileMainPass): Account for increased size of op_construct.
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitConstruct): Emit separate lookup to get prototype property.
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Expect prototype arg in op_construct.
        (JSC::Machine::cti_op_construct_JSConstruct): ditto
        (JSC::Machine::cti_op_construct_NotJSConstruct): ditto

2008-09-10  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Eric Seidel.

        Add a protected destructor for RefCounted.

        It is wrong to call its destructor directly, because (1) this should be taken care of by
        deref(), and (2) many classes that use RefCounted have non-virtual destructors.

        No change in behavior.

        * wtf/RefCounted.h: (WTF::RefCounted::~RefCounted):

2008-09-14  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Accelerated property accesses.

        Inline more of the array access code into the JIT code for get/put_by_val.
        Accelerate get/put_by_id by speculatively inlining a disable direct access
        into the hot path of the code, and repatch this with the correct StructureID
        and property map offset once these are known.  In the case of accesses to the
        prototype and reading the array-length a trampoline is genertaed, and the
        branch to the slow-case is relinked to jump to this.

        By repatching, we mean rewriting the x86 instruction stream.  Instructions are
        only modified in a simple fasion - altering immediate operands, memory access
        deisplacements, and branch offsets.
        
        For regular get_by_id/put_by_id accesses to an object, a StructureID in an
        instruction's immediate operant is updateded, and a memory access operation's
        displacement is updated to access the correct field on the object.  In the case
        of more complex accesses (array length and get_by_id_prototype) the offset on
        the branch to slow-case is updated, to now jump to a trampoline.

        +2.8% sunspider, +13% v8-tests

        * VM/CTI.cpp:
        (JSC::CTI::emitCall):
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::CTI):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileArrayLengthTrampoline):
        (JSC::CTI::privateCompileStringLengthTrampoline):
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::privateCompilePatchGetStringLength):
        * VM/CTI.h:
        (JSC::CTI::compileGetByIdSelf):
        (JSC::CTI::compileGetByIdProto):
        (JSC::CTI::compileGetByIdChain):
        (JSC::CTI::compilePutByIdReplace):
        (JSC::CTI::compilePutByIdTransition):
        (JSC::CTI::compileArrayLengthTrampoline):
        (JSC::CTI::compileStringLengthTrampoline):
        (JSC::CTI::compilePatchGetArrayLength):
        (JSC::CTI::compilePatchGetStringLength):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        * VM/CodeBlock.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::CodeBlock::getStubInfo):
        * VM/Machine.cpp:
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        (JSC::Machine::cti_op_put_by_val_array):
        * VM/Machine.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::cmpl_i8m):
        (JSC::X86Assembler::emitUnlinkedJa):
        (JSC::X86Assembler::getRelocatedAddress):
        (JSC::X86Assembler::getDifferenceBetweenLabels):
        (JSC::X86Assembler::emitModRm_opmsib):

2008-09-14  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        - split the "prototype" lookup for hasInstance into opcode stream so it can be cached
        
        ~5% speedup on v8 earley-boyer test

        * API/JSCallbackObject.h: Add a parameter for the pre-looked-up prototype.
        * API/JSCallbackObjectFunctions.h:
        (JSC::::hasInstance): Ditto.
        * API/JSValueRef.cpp:
        (JSValueIsInstanceOfConstructor): Look up and pass in prototype.
        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass): Pass along prototype.
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Print third arg.
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitInstanceOf): Implement this, now that there
        is a third argument.
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Pass along the prototype.
        (JSC::Machine::cti_op_instanceof): ditto
        * kjs/JSObject.cpp:
        (JSC::JSObject::hasInstance): Expect to get a pre-looked-up prototype.
        * kjs/JSObject.h:
        * kjs/nodes.cpp:
        (JSC::InstanceOfNode::emitCode): Emit a get_by_id of the prototype
        property and pass that register to instanceof.
        * kjs/nodes.h:

2008-09-14  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Remove unnecessary virtual function call from cti_op_call_JSFunction -
        ~5% on richards, ~2.5% on v8-tests, ~0.5% on sunspider.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):

2008-09-14  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20827: the 'typeof' operator is slow
        <https://bugs.webkit.org/show_bug.cgi?id=20827>

        Optimize the 'typeof' operator when its result is compared to a constant
        string.

        This is a 5.5% speedup on the V8 Earley-Boyer test.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::jsIsObjectType):
        (JSC::jsIsFunctionType):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        * VM/Machine.h:
        * VM/Opcode.h:
        * kjs/nodes.cpp:
        (JSC::BinaryOpNode::emitCode):
        (JSC::EqualNode::emitCode):
        (JSC::StrictEqualNode::emitCode):
        * kjs/nodes.h:

2008-09-14  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=20844
        Speed up parseInt for numbers

        Sunspider reports this as 1.029x as fast overall and 1.37x as fast on string-unpack-code.
        No change on the v8 suite.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt): Don't convert numbers to strings just to
        convert them back to numbers.

2008-09-14  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20816: op_lesseq should be optimized
        <https://bugs.webkit.org/show_bug.cgi?id=20816>

        Add a loop_if_lesseq opcode that is similar to the loop_if_less opcode.

        This is a 9.4% speedup on the V8 Crypto benchmark.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitJumpIfTrue):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_loop_if_lesseq):
        * VM/Machine.h:
        * VM/Opcode.h:

2008-09-14  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Cleanup Sampling code.

        * VM/CTI.cpp:
        (JSC::CTI::emitCall):
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        (JSC::CTI::execute):
        * VM/SamplingTool.cpp:
        (JSC::):
        (JSC::SamplingTool::run):
        (JSC::SamplingTool::dump):
        * VM/SamplingTool.h:
        (JSC::SamplingTool::callingHostFunction):

2008-09-13  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        Bug 20821: Cache property transitions to speed up object initialization
        https://bugs.webkit.org/show_bug.cgi?id=20821

        Implement a transition cache to improve the performance of new properties
        being added to objects.  This is extremely beneficial in constructors and
        shows up as a 34% improvement on access-binary-trees in SunSpider (0.8%
        overall)

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::):
        (JSC::transitionWillNeedStorageRealloc):
        (JSC::CTI::privateCompilePutByIdTransition):
        * VM/CTI.h:
        (JSC::CTI::compilePutByIdTransition):
        * VM/CodeBlock.cpp:
        (JSC::printPutByIdOp):
        (JSC::CodeBlock::printStructureIDs):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructureIDs):
        (JSC::CodeBlock::refStructureIDs):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitPutById):
        * VM/Machine.cpp:
        (JSC::cachePrototypeChain):
        (JSC::Machine::tryCachePutByID):
        (JSC::Machine::tryCacheGetByID):
        (JSC::Machine::privateExecute):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        * VM/Machine.h:
        * VM/Opcode.h:
        * kjs/JSObject.h:
        (JSC::JSObject::putDirect):
        (JSC::JSObject::transitionTo):
        * kjs/PutPropertySlot.h:
        (JSC::PutPropertySlot::PutPropertySlot):
        (JSC::PutPropertySlot::wasTransition):
        (JSC::PutPropertySlot::setWasTransition):
        * kjs/StructureID.cpp:
        (JSC::StructureID::transitionTo):
        (JSC::StructureIDChain::StructureIDChain):
        * kjs/StructureID.h:
        (JSC::StructureID::previousID):
        (JSC::StructureID::setCachedPrototypeChain):
        (JSC::StructureID::cachedPrototypeChain):
        (JSC::StructureID::propertyMap):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::addl_i8m):
        (JSC::X86Assembler::subl_i8m):

2008-09-12  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20819: JSValue::isObject() is slow
        <https://bugs.webkit.org/show_bug.cgi?id=20819>

        Optimize JSCell::isObject() and JSCell::isString() by making them
        non-virtual calls that rely on the StructureID type information.

        This is a 0.7% speedup on SunSpider and a 1.0% speedup on the V8
        benchmark suite.

        * JavaScriptCore.exp:
        * kjs/JSCell.cpp:
        * kjs/JSCell.h:
        (JSC::JSCell::isObject):
        (JSC::JSCell::isString):
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        (JSC::JSString::JSString):
        * kjs/StructureID.h:
        (JSC::StructureID::type):

2008-09-11  Stephanie Lewis  <slewis (a] apple.com>

        Reviewed by Oliver Hunt.

        Turn off PGO Optimization on CTI.cpp -> <rdar://problem/6207709>.  Fixes
        crash on CNN and on Dromaeo.
        Fix Missing close tag in vcproj. 

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-09-11  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Not reviewed.

        Correct an SVN problem with the last commit and actually add the new
        files.

        * wrec/CharacterClassConstructor.cpp: Added.
        (JSC::):
        (JSC::getCharacterClassNewline):
        (JSC::getCharacterClassDigits):
        (JSC::getCharacterClassSpaces):
        (JSC::getCharacterClassWordchar):
        (JSC::getCharacterClassNondigits):
        (JSC::getCharacterClassNonspaces):
        (JSC::getCharacterClassNonwordchar):
        (JSC::CharacterClassConstructor::addSorted):
        (JSC::CharacterClassConstructor::addSortedRange):
        (JSC::CharacterClassConstructor::put):
        (JSC::CharacterClassConstructor::flush):
        (JSC::CharacterClassConstructor::append):
        * wrec/CharacterClassConstructor.h: Added.
        (JSC::CharacterClassConstructor::CharacterClassConstructor):
        (JSC::CharacterClassConstructor::isUpsideDown):
        (JSC::CharacterClassConstructor::charClass):

2008-09-11  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20788: Split CharacterClassConstructor into its own file
        <https://bugs.webkit.org/show_bug.cgi?id=20788>

        Split CharacterClassConstructor into its own file and clean up some
        style issues.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wrec/CharacterClassConstructor.cpp: Added.
        (JSC::):
        (JSC::getCharacterClassNewline):
        (JSC::getCharacterClassDigits):
        (JSC::getCharacterClassSpaces):
        (JSC::getCharacterClassWordchar):
        (JSC::getCharacterClassNondigits):
        (JSC::getCharacterClassNonspaces):
        (JSC::getCharacterClassNonwordchar):
        (JSC::CharacterClassConstructor::addSorted):
        (JSC::CharacterClassConstructor::addSortedRange):
        (JSC::CharacterClassConstructor::put):
        (JSC::CharacterClassConstructor::flush):
        (JSC::CharacterClassConstructor::append):
        * wrec/CharacterClassConstructor.h: Added.
        (JSC::CharacterClassConstructor::CharacterClassConstructor):
        (JSC::CharacterClassConstructor::isUpsideDown):
        (JSC::CharacterClassConstructor::charClass):
        * wrec/WREC.cpp:
        (JSC::WRECParser::parseCharacterClass):

2008-09-10  Simon Hausmann  <hausmann (a] webkit.org>

        Not reviewed but trivial one-liner for yet unused macro.

        Changed PLATFORM(WINCE) to PLATFORM(WIN_CE) as requested by Mark.

        (part of https://bugs.webkit.org/show_bug.cgi?id=20746)

        * wtf/Platform.h:

2008-09-10  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Oliver Hunt.

        Fix a typo by renaming the overloaded orl_rr that takes an immediate to
        orl_i32r.

        * VM/CTI.cpp:
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::orl_i32r):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInverted):

2008-09-10  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoff Garen.

        Add inline property storage for JSObject.

        1.2% progression on Sunspider. .5% progression on the v8 test suite.

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        * kjs/JSObject.cpp:
        (JSC::JSObject::mark): There is no reason to check storageSize now that
        we start from 0.
        (JSC::JSObject::allocatePropertyStorage): Allocates/reallocates heap storage.
        * kjs/JSObject.h:
        (JSC::JSObject::offsetForLocation): m_propertyStorage is not an OwnArrayPtr
        now so there is no reason to .get()
        (JSC::JSObject::usingInlineStorage):
        (JSC::JSObject::JSObject): Start with m_propertyStorage pointing to the
        inline storage.
        (JSC::JSObject::~JSObject): Free the heap storage if not using the inline
        storage.
        (JSC::JSObject::putDirect): Switch to the heap storage only when we know
        we know that we are about to add a property that will overflow the inline
        storage.
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::createTable): Don't allocate the propertyStorage, that is
        now handled by JSObject.
        (JSC::PropertyMap::rehash): PropertyStorage is not a OwnArrayPtr anymore.
        * kjs/PropertyMap.h:
        (JSC::PropertyMap::storageSize): Rename from markingCount.
        * kjs/StructureID.cpp:
        (JSC::StructureID::addPropertyTransition): Don't resize the property storage
        if we are using inline storage.
        * kjs/StructureID.h:

2008-09-10  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Inline immediate number version of op_mul.

        Renamed mull_rr to imull_rr as that's what it's 
        actually doing, and added imull_i32r for the constant
        case immediate multiply.

        1.1% improvement to SunSpider.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::imull_rr):
        (JSC::X86Assembler::imull_i32r):

2008-09-10  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Not reviewed.

        Mac build fix.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-09-09  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Add optimised access to known properties on the global object.

        Improve cross scope access to the global object by emitting
        code to access it directly rather than by walking the scope chain.

        This is a 0.8% win in SunSpider and a 1.7% win in the v8 benchmarks.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::emitGetVariableObjectRegister):
        (JSC::CTI::emitPutVariableObjectRegister):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::findScopedProperty):
        (JSC::CodeGenerator::emitResolve):
        (JSC::CodeGenerator::emitGetScopedVar):
        (JSC::CodeGenerator::emitPutScopedVar):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        * VM/Opcode.h:
        * kjs/nodes.cpp:
        (JSC::FunctionCallResolveNode::emitCode):
        (JSC::PostfixResolveNode::emitCode):
        (JSC::PrefixResolveNode::emitCode):
        (JSC::ReadModifyResolveNode::emitCode):
        (JSC::AssignResolveNode::emitCode):

2008-09-10  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Oliver.
        
        - enable polymorphic inline caching of properties of primitives
        
        1.012x speedup on SunSpider.

        We create special structure IDs for JSString and
        JSNumberCell. Unlike normal structure IDs, these cannot hold the
        true prototype. Due to JS autoboxing semantics, the prototype used
        when looking up string or number properties depends on the lexical
        global object of the call site, not the creation site. Thus we
        enable StructureIDs to handle this quirk for primitives.
        
        Everything else should be straightforward.
        
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        * VM/CTI.h:
        (JSC::CTI::compileGetByIdProto):
        (JSC::CTI::compileGetByIdChain):
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        * VM/Machine.cpp:
        (JSC::Machine::Machine):
        (JSC::cachePrototypeChain):
        (JSC::Machine::tryCachePutByID):
        (JSC::Machine::tryCacheGetByID):
        (JSC::Machine::privateExecute):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        * kjs/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        * kjs/JSCell.h:
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.h:
        (JSC::StructureID::prototypeForLookup):
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::JSNumberCell):
        (JSC::jsNumberCell):
        * kjs/JSObject.h:
        (JSC::JSObject::prototype):
        * kjs/JSString.cpp:
        (JSC::jsString):
        (JSC::jsSubstring):
        (JSC::jsOwnedString):
        * kjs/JSString.h:
        (JSC::JSString::JSString):
        (JSC::JSString::):
        (JSC::jsSingleCharacterString):
        (JSC::jsSingleCharacterSubstring):
        (JSC::jsNontrivialString):
        * kjs/SmallStrings.cpp:
        (JSC::SmallStrings::createEmptyString):
        (JSC::SmallStrings::createSingleCharacterString):
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::addPropertyTransition):
        (JSC::StructureID::getterSetterTransition):
        (JSC::StructureIDChain::StructureIDChain):
        * kjs/StructureID.h:
        (JSC::StructureID::create):
        (JSC::StructureID::storedPrototype):

2008-09-09  Joerg Bornemann  <joerg.bornemann (a] trolltech.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=20746

        Added WINCE platform macro.

        * wtf/Platform.h:

2008-09-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Remove unnecessary override of getOffset.

        Sunspider reports this as a .6% progression.

        * JavaScriptCore.exp:
        * kjs/JSObject.h:
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSObject::putDirect):
        * kjs/PropertyMap.cpp:
        * kjs/PropertyMap.h:

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20759: Remove MacroAssembler
        <https://bugs.webkit.org/show_bug.cgi?id=20759>

        Remove MacroAssembler and move its functionality to X86Assembler.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitPutArg):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitDebugExceptionCheck):
        (JSC::CTI::emitJumpSlowCaseIfNotImm):
        (JSC::CTI::emitJumpSlowCaseIfNotImms):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateArrayLengthTrampoline):
        (JSC::CTI::privateStringLengthTrampoline):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JmpTable::JmpTable):
        (JSC::SlowCaseEntry::SlowCaseEntry):
        (JSC::CTI::JSRInfo::JSRInfo):
        * masm/MacroAssembler.h: Removed.
        * masm/MacroAssemblerWin.cpp: Removed.
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitConvertToFastCall):
        (JSC::X86Assembler::emitRestoreArgumentReference):
        * wrec/WREC.h:
        (JSC::WRECGenerator::WRECGenerator):
        (JSC::WRECParser::WRECParser):

2008-09-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Cameron Zwarich.

        Don't waste the first item in the PropertyStorage.

        - Fix typo (makingCount -> markingCount)
        - Remove undefined method declaration.

        No change on Sunspider.

        * kjs/JSObject.cpp:
        (JSC::JSObject::mark):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::put):
        (JSC::PropertyMap::remove):
        (JSC::PropertyMap::getOffset):
        (JSC::PropertyMap::insert):
        (JSC::PropertyMap::rehash):
        (JSC::PropertyMap::resizePropertyStorage):
        (JSC::PropertyMap::checkConsistency):
        * kjs/PropertyMap.h:
        (JSC::PropertyMap::markingCount): Fix typo.

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Not reviewed.

        Speculative Windows build fix.

        * masm/MacroAssemblerWin.cpp:
        (JSC::MacroAssembler::emitConvertToFastCall):
        (JSC::MacroAssembler::emitRestoreArgumentReference):

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20755: Create an X86 namespace for register names and other things
        <https://bugs.webkit.org/show_bug.cgi?id=20755>

        Create an X86 namespace to put X86 register names. Perhaps I will move
        opcode names here later as well.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitPutArg):
        (JSC::CTI::emitPutArgConstant):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitDebugExceptionCheck):
        (JSC::CTI::emitJumpSlowCaseIfNotImms):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateArrayLengthTrampoline):
        (JSC::CTI::privateStringLengthTrampoline):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        * masm/X86Assembler.h:
        (JSC::X86::):
        (JSC::X86Assembler::emitModRm_rm):
        (JSC::X86Assembler::emitModRm_rm_Unchecked):
        (JSC::X86Assembler::emitModRm_rmsib):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::gernerateDisjunction):
        * wrec/WREC.h:

2008-09-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Remove unnecessary friend declaration.

        * kjs/PropertyMap.h:

2008-09-09  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoffrey Garen.

        Replace uses of PropertyMap::get and PropertyMap::getLocation with
        PropertyMap::getOffset.

        Sunspider reports this as a .6% improvement.

        * JavaScriptCore.exp:
        * kjs/JSObject.cpp:
        (JSC::JSObject::put):
        (JSC::JSObject::deleteProperty):
        (JSC::JSObject::getPropertyAttributes):
        * kjs/JSObject.h:
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::locationForOffset):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::remove):
        (JSC::PropertyMap::getOffset):
        * kjs/PropertyMap.h:

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Sam Weinig.

        Bug 20754: Remove emit prefix from assembler opcode methods
        <https://bugs.webkit.org/show_bug.cgi?id=20754>

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitPutArg):
        (JSC::CTI::emitPutArgConstant):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitDebugExceptionCheck):
        (JSC::CTI::emitCall):
        (JSC::CTI::emitJumpSlowCaseIfNotImm):
        (JSC::CTI::emitJumpSlowCaseIfNotImms):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateArrayLengthTrampoline):
        (JSC::CTI::privateStringLengthTrampoline):
        (JSC::CTI::compileRegExp):
        * masm/MacroAssemblerWin.cpp:
        (JSC::MacroAssembler::emitConvertToFastCall):
        (JSC::MacroAssembler::emitRestoreArgumentReference):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::pushl_r):
        (JSC::X86Assembler::pushl_m):
        (JSC::X86Assembler::popl_r):
        (JSC::X86Assembler::popl_m):
        (JSC::X86Assembler::movl_rr):
        (JSC::X86Assembler::addl_rr):
        (JSC::X86Assembler::addl_i8r):
        (JSC::X86Assembler::addl_i32r):
        (JSC::X86Assembler::addl_mr):
        (JSC::X86Assembler::andl_rr):
        (JSC::X86Assembler::andl_i32r):
        (JSC::X86Assembler::cmpl_i8r):
        (JSC::X86Assembler::cmpl_rr):
        (JSC::X86Assembler::cmpl_rm):
        (JSC::X86Assembler::cmpl_i32r):
        (JSC::X86Assembler::cmpl_i32m):
        (JSC::X86Assembler::cmpw_rm):
        (JSC::X86Assembler::orl_rr):
        (JSC::X86Assembler::subl_rr):
        (JSC::X86Assembler::subl_i8r):
        (JSC::X86Assembler::subl_i32r):
        (JSC::X86Assembler::subl_mr):
        (JSC::X86Assembler::testl_i32r):
        (JSC::X86Assembler::testl_rr):
        (JSC::X86Assembler::xorl_i8r):
        (JSC::X86Assembler::xorl_rr):
        (JSC::X86Assembler::sarl_i8r):
        (JSC::X86Assembler::sarl_CLr):
        (JSC::X86Assembler::shl_i8r):
        (JSC::X86Assembler::shll_CLr):
        (JSC::X86Assembler::mull_rr):
        (JSC::X86Assembler::idivl_r):
        (JSC::X86Assembler::cdq):
        (JSC::X86Assembler::movl_mr):
        (JSC::X86Assembler::movzwl_mr):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::movl_i32r):
        (JSC::X86Assembler::movl_i32m):
        (JSC::X86Assembler::leal_mr):
        (JSC::X86Assembler::ret):
        (JSC::X86Assembler::jmp_r):
        (JSC::X86Assembler::jmp_m):
        (JSC::X86Assembler::call_r):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generateBacktrack1):
        (JSC::WRECGenerator::generateBacktrackBackreference):
        (JSC::WRECGenerator::generateBackreferenceQuantifier):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInvertedRange):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECGenerator::generateCharacterClass):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::gererateParenthesesResetTrampoline):
        (JSC::WRECGenerator::generateAssertionBOL):
        (JSC::WRECGenerator::generateAssertionEOL):
        (JSC::WRECGenerator::generateAssertionWordBoundary):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::gernerateDisjunction):

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Clean up the WREC code some more.

        * VM/CTI.cpp:
        (JSC::CTI::compileRegExp):
        * wrec/WREC.cpp:
        (JSC::getCharacterClassNewline):
        (JSC::getCharacterClassDigits):
        (JSC::getCharacterClassSpaces):
        (JSC::getCharacterClassWordchar):
        (JSC::getCharacterClassNondigits):
        (JSC::getCharacterClassNonspaces):
        (JSC::getCharacterClassNonwordchar):
        (JSC::WRECGenerator::generateBacktrack1):
        (JSC::WRECGenerator::generateBacktrackBackreference):
        (JSC::WRECGenerator::generateBackreferenceQuantifier):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInvertedRange):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECGenerator::generateCharacterClass):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::gererateParenthesesResetTrampoline):
        (JSC::WRECGenerator::generateAssertionBOL):
        (JSC::WRECGenerator::generateAssertionEOL):
        (JSC::WRECGenerator::generateAssertionWordBoundary):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::gernerateDisjunction):
        (JSC::WRECParser::parseCharacterClass):
        (JSC::WRECParser::parseEscape):
        (JSC::WRECParser::parseTerm):
        * wrec/WREC.h:

2008-09-09  Mark Rowe  <mrowe (a] apple.com>

        Build fix, rubber-stamped by Anders Carlsson.

        Silence spurious build warnings about missing format attributes on functions in Assertions.cpp.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-09-09  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Oliver Hunt.

        Fix builds using the "debug" variant.

        This reverts r36130 and tweaks Identifier to export the same symbols for Debug
        and Release configurations.

        * Configurations/JavaScriptCore.xcconfig:
        * DerivedSources.make:
        * JavaScriptCore.Debug.exp: Removed.
        * JavaScriptCore.base.exp: Removed.
        * JavaScriptCore.exp: Added.
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/identifier.cpp:
        (JSC::Identifier::addSlowCase): #ifdef the call to checkSameIdentifierTable so that
        there is no overhead in Release builds.
        (JSC::Identifier::checkSameIdentifierTable): Add empty functions for Release builds.
        * kjs/identifier.h:
        (JSC::Identifier::add): #ifdef the calls to checkSameIdentifierTable so that there is
        no overhead in Release builds, and remove the inline definitions of checkSameIdentifierTable.

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Clean up WREC a bit to bring it closer to our coding style guidelines.

        * wrec/WREC.cpp:
        (JSC::):
        (JSC::getCharacterClass_newline):
        (JSC::getCharacterClass_d):
        (JSC::getCharacterClass_s):
        (JSC::getCharacterClass_w):
        (JSC::getCharacterClass_D):
        (JSC::getCharacterClass_S):
        (JSC::getCharacterClass_W):
        (JSC::CharacterClassConstructor::append):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECParser::parseQuantifier):
        (JSC::WRECParser::parsePatternCharacterQualifier):
        (JSC::WRECParser::parseCharacterClassQuantifier):
        (JSC::WRECParser::parseBackreferenceQuantifier):
        * wrec/WREC.h:
        (JSC::Quantifier::):
        (JSC::Quantifier::Quantifier):

2008-09-09  Jungshik Shin  <jungshik.shin (a] gmail.com>

        Reviewed by Alexey Proskuryakov.

        Try MIME charset names before trying IANA names 
        ( https://bugs.webkit.org/show_bug.cgi?id=17537 )

        * wtf/StringExtras.h: (strcasecmp): Added.

2008-09-09  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Mark Rowe.

        Bug 20719: REGRESSION (r36135-36244): Hangs, then crashes after several seconds
        <https://bugs.webkit.org/show_bug.cgi?id=20719>
        <rdar://problem/6205787>

        Fix a typo in the case-insensitive matching of character patterns.

        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generatePatternCharacter):

2008-09-09  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Sam Weinig.
        
        - allow polymorphic inline cache to handle Math object functions and possibly other similar things
        
        1.012x speedup on SunSpider.

        * kjs/MathObject.cpp:
        (JSC::MathObject::getOwnPropertySlot):
        * kjs/lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * kjs/lookup.h:
        (JSC::getStaticPropertySlot):

2008-09-08  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Maciej Stachowiak and Oliver Hunt.

        Split storage of properties out of the PropertyMap and into the JSObject
        to allow sharing PropertyMap on the StructureID.  In order to get this
        function correctly, the StructureID's transition mappings were changed to
        transition based on property name and attribute pairs, instead of just
        property name.

        - Removes the single property optimization now that the PropertyMap is shared.
          This will be replaced by in-lining some values on the JSObject.

        This is a wash on Sunspider and a 6.7% win on the v8 test suite.

        * JavaScriptCore.base.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileGetByIdSelf): Get the storage directly off the JSObject.
        (JSC::CTI::privateCompileGetByIdProto): Ditto.
        (JSC::CTI::privateCompileGetByIdChain): Ditto.
        (JSC::CTI::privateCompilePutByIdReplace): Ditto.
        * kjs/JSObject.cpp:
        (JSC::JSObject::mark): Mark the PropertyStorage.
        (JSC::JSObject::put): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::deleteProperty): Ditto.
        (JSC::JSObject::defineGetter): Return early if the property is already a getter/setter.
        (JSC::JSObject::defineSetter): Ditto.
        (JSC::JSObject::getPropertyAttributes): Update to get the propertyMap of the StructureID
        (JSC::JSObject::getPropertyNames): Ditto.
        (JSC::JSObject::removeDirect): Ditto.
        * kjs/JSObject.h: Remove PropertyMap and add PropertyStorage.
        (JSC::JSObject::propertyStorage): return the PropertyStorage.
        (JSC::JSObject::getDirect): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::getDirectLocation): Ditto.
        (JSC::JSObject::offsetForLocation): Compute location directly.
        (JSC::JSObject::hasCustomProperties): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::hasGetterSetterProperties): Ditto.
        (JSC::JSObject::getDirectOffset): Get by indexing into PropertyStorage.
        (JSC::JSObject::putDirectOffset): Put by indexing into PropertyStorage.
        (JSC::JSObject::getOwnPropertySlotForWrite): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::getOwnPropertySlot): Ditto.
        (JSC::JSObject::putDirect): Move putting into the StructureID unless the property already exists.
        * kjs/PropertyMap.cpp: Use the propertyStorage as the storage for the JSValues.
        (JSC::PropertyMap::checkConsistency): 
        (JSC::PropertyMap::operator=):
        (JSC::PropertyMap::~PropertyMap):
        (JSC::PropertyMap::get):
        (JSC::PropertyMap::getLocation):
        (JSC::PropertyMap::put):
        (JSC::PropertyMap::getOffset):
        (JSC::PropertyMap::insert):
        (JSC::PropertyMap::expand):
        (JSC::PropertyMap::rehash):
        (JSC::PropertyMap::createTable):
        (JSC::PropertyMap::resizePropertyStorage): Resize the storage to match the size of the map
        (JSC::PropertyMap::remove):
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h: 
        (JSC::PropertyMapEntry::PropertyMapEntry):
        (JSC::PropertyMap::isEmpty):
        (JSC::PropertyMap::size):
        (JSC::PropertyMap::makingCount):
        (JSC::PropertyMap::PropertyMap):

        * kjs/StructureID.cpp: 
        (JSC::StructureID::addPropertyTransition): Transitions now are based off the property name
        and attributes. 
        (JSC::StructureID::toDictionaryTransition): Copy the map.
        (JSC::StructureID::changePrototypeTransition): Copy the map.
        (JSC::StructureID::getterSetterTransition): Copy the map.
        (JSC::StructureID::~StructureID): 
        * kjs/StructureID.h:
        (JSC::TransitionTableHash::hash): Custom hash for transition map.
        (JSC::TransitionTableHash::equal): Ditto.
        (JSC::TransitionTableHashTraits::emptyValue): Custom traits for transition map
        (JSC::TransitionTableHashTraits::constructDeletedValue): Ditto.
        (JSC::TransitionTableHashTraits::isDeletedValue): Ditto.
        (JSC::StructureID::propertyMap): Added.

2008-09-08  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Mark Rowe.

        Bug 20694: Slow Script error pops up when running Dromaeo tests

        Correct error in timeout logic where execution tick count would
        be reset to incorrect value due to incorrect offset and indirection.
        Codegen for the slow script dialog was factored out into a separate
        method (emitSlowScriptCheck) rather than having multiple copies of
        the same code.  Also added calls to generate slow script checks
        for loop_if_less and loop_if_true opcodes.

        * VM/CTI.cpp:
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:

2008-09-08  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Remove references to the removed WRECompiler class.

        * VM/Machine.h:
        * wrec/WREC.h:

2008-09-08  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Mark Rowe.

        Fix the build with CTI enabled but WREC disabled.

        * VM/CTI.cpp:
        * VM/CTI.h:

2008-09-08  Dan Bernstein  <mitz (a] apple.com>

        - build fix

        * kjs/nodes.h:
        (JSC::StatementNode::):
        (JSC::BlockNode::):

2008-09-08  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Geoff.

       <rdar://problem/6134407> Breakpoints in for loops, while loops or
       conditions without curly braces don't break. (19306)
       -Statement Lists already emit debug hooks but conditionals without
       brackets are not lists.

        * kjs/nodes.cpp:
        (KJS::IfNode::emitCode):
        (KJS::IfElseNode::emitCode):
        (KJS::DoWhileNode::emitCode):
        (KJS::WhileNode::emitCode):
        (KJS::ForNode::emitCode):
        (KJS::ForInNode::emitCode):
        * kjs/nodes.h:
        (KJS::StatementNode::):
        (KJS::BlockNode::):

2008-09-08  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Anders Carlsson.
        
        - Cache the code generated for eval to speed up SunSpider and web sites
        https://bugs.webkit.org/show_bug.cgi?id=20718
        
        1.052x on SunSpider
        2.29x on date-format-tofte
        
        Lots of real sites seem to get many hits on this cache as well,
        including GMail, Google Spreadsheets, Slate and Digg (the last of
        these gets over 100 hits on initial page load).

        * VM/CodeBlock.h:
        (JSC::EvalCodeCache::get):
        * VM/Machine.cpp:
        (JSC::Machine::callEval):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_call_eval):
        * VM/Machine.h:

2008-09-07  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20711: Change KJS prefix on preprocessor macros to JSC
        <https://bugs.webkit.org/show_bug.cgi?id=20711>

        * kjs/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers):
        * kjs/CommonIdentifiers.h:
        * kjs/PropertySlot.h:
        (JSC::PropertySlot::getValue):
        (JSC::PropertySlot::putValue):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setValue):
        (JSC::PropertySlot::setRegisterSlot):
        * kjs/lookup.h:
        * kjs/nodes.cpp:
        * kjs/nodes.h:
        (JSC::Node::):
        (JSC::ExpressionNode::):
        (JSC::StatementNode::):
        (JSC::NullNode::):
        (JSC::BooleanNode::):
        (JSC::NumberNode::):
        (JSC::ImmediateNumberNode::):
        (JSC::StringNode::):
        (JSC::RegExpNode::):
        (JSC::ThisNode::):
        (JSC::ResolveNode::):
        (JSC::ElementNode::):
        (JSC::ArrayNode::):
        (JSC::PropertyNode::):
        (JSC::PropertyListNode::):
        (JSC::ObjectLiteralNode::):
        (JSC::BracketAccessorNode::):
        (JSC::DotAccessorNode::):
        (JSC::ArgumentListNode::):
        (JSC::ArgumentsNode::):
        (JSC::NewExprNode::):
        (JSC::EvalFunctionCallNode::):
        (JSC::FunctionCallValueNode::):
        (JSC::FunctionCallResolveNode::):
        (JSC::FunctionCallBracketNode::):
        (JSC::FunctionCallDotNode::):
        (JSC::PrePostResolveNode::):
        (JSC::PostfixResolveNode::):
        (JSC::PostfixBracketNode::):
        (JSC::PostfixDotNode::):
        (JSC::PostfixErrorNode::):
        (JSC::DeleteResolveNode::):
        (JSC::DeleteBracketNode::):
        (JSC::DeleteDotNode::):
        (JSC::DeleteValueNode::):
        (JSC::VoidNode::):
        (JSC::TypeOfResolveNode::):
        (JSC::TypeOfValueNode::):
        (JSC::PrefixResolveNode::):
        (JSC::PrefixBracketNode::):
        (JSC::PrefixDotNode::):
        (JSC::PrefixErrorNode::):
        (JSC::UnaryPlusNode::):
        (JSC::NegateNode::):
        (JSC::BitwiseNotNode::):
        (JSC::LogicalNotNode::):
        (JSC::MultNode::):
        (JSC::DivNode::):
        (JSC::ModNode::):
        (JSC::AddNode::):
        (JSC::SubNode::):
        (JSC::LeftShiftNode::):
        (JSC::RightShiftNode::):
        (JSC::UnsignedRightShiftNode::):
        (JSC::LessNode::):
        (JSC::GreaterNode::):
        (JSC::LessEqNode::):
        (JSC::GreaterEqNode::):
        (JSC::ThrowableBinaryOpNode::):
        (JSC::InstanceOfNode::):
        (JSC::InNode::):
        (JSC::EqualNode::):
        (JSC::NotEqualNode::):
        (JSC::StrictEqualNode::):
        (JSC::NotStrictEqualNode::):
        (JSC::BitAndNode::):
        (JSC::BitOrNode::):
        (JSC::BitXOrNode::):
        (JSC::LogicalOpNode::):
        (JSC::ConditionalNode::):
        (JSC::ReadModifyResolveNode::):
        (JSC::AssignResolveNode::):
        (JSC::ReadModifyBracketNode::):
        (JSC::AssignBracketNode::):
        (JSC::AssignDotNode::):
        (JSC::ReadModifyDotNode::):
        (JSC::AssignErrorNode::):
        (JSC::CommaNode::):
        (JSC::VarDeclCommaNode::):
        (JSC::ConstDeclNode::):
        (JSC::ConstStatementNode::):
        (JSC::EmptyStatementNode::):
        (JSC::DebuggerStatementNode::):
        (JSC::ExprStatementNode::):
        (JSC::VarStatementNode::):
        (JSC::IfNode::):
        (JSC::IfElseNode::):
        (JSC::DoWhileNode::):
        (JSC::WhileNode::):
        (JSC::ForNode::):
        (JSC::ContinueNode::):
        (JSC::BreakNode::):
        (JSC::ReturnNode::):
        (JSC::WithNode::):
        (JSC::LabelNode::):
        (JSC::ThrowNode::):
        (JSC::TryNode::):
        (JSC::ParameterNode::):
        (JSC::ScopeNode::):
        (JSC::ProgramNode::):
        (JSC::EvalNode::):
        (JSC::FunctionBodyNode::):
        (JSC::FuncExprNode::):
        (JSC::FuncDeclNode::):
        (JSC::CaseClauseNode::):
        (JSC::ClauseListNode::):
        (JSC::CaseBlockNode::):
        (JSC::SwitchNode::):

2008-09-07  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20704: Replace the KJS namespace
        <https://bugs.webkit.org/show_bug.cgi?id=20704>

        Rename the KJS namespace to JSC. There are still some uses of KJS in
        preprocessor macros and comments, but these will also be changed some
        time in the near future.

        * API/APICast.h:
        (toJS):
        (toRef):
        (toGlobalRef):
        * API/JSBase.cpp:
        * API/JSCallbackConstructor.cpp:
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.cpp:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        * API/JSClassRef.cpp:
        (OpaqueJSClass::staticValues):
        (OpaqueJSClass::staticFunctions):
        * API/JSClassRef.h:
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        * API/JSProfilerPrivate.cpp:
        * API/JSStringRef.cpp:
        * API/JSValueRef.cpp:
        (JSValueGetType):
        * API/OpaqueJSString.cpp:
        * API/OpaqueJSString.h:
        * JavaScriptCore.Debug.exp:
        * JavaScriptCore.base.exp:
        * VM/CTI.cpp:
        (JSC::):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        * VM/CodeGenerator.h:
        * VM/ExceptionHelpers.cpp:
        * VM/ExceptionHelpers.h:
        * VM/Instruction.h:
        * VM/JSPropertyNameIterator.cpp:
        * VM/JSPropertyNameIterator.h:
        * VM/LabelID.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * VM/Opcode.cpp:
        * VM/Opcode.h:
        * VM/Register.h:
        (WTF::):
        * VM/RegisterFile.cpp:
        * VM/RegisterFile.h:
        * VM/RegisterID.h:
        (WTF::):
        * VM/SamplingTool.cpp:
        * VM/SamplingTool.h:
        * VM/SegmentedVector.h:
        * kjs/ArgList.cpp:
        * kjs/ArgList.h:
        * kjs/Arguments.cpp:
        * kjs/Arguments.h:
        * kjs/ArrayConstructor.cpp:
        * kjs/ArrayConstructor.h:
        * kjs/ArrayPrototype.cpp:
        * kjs/ArrayPrototype.h:
        * kjs/BatchedTransitionOptimizer.h:
        * kjs/BooleanConstructor.cpp:
        * kjs/BooleanConstructor.h:
        * kjs/BooleanObject.cpp:
        * kjs/BooleanObject.h:
        * kjs/BooleanPrototype.cpp:
        * kjs/BooleanPrototype.h:
        * kjs/CallData.cpp:
        * kjs/CallData.h:
        * kjs/ClassInfo.h:
        * kjs/CommonIdentifiers.cpp:
        * kjs/CommonIdentifiers.h:
        * kjs/ConstructData.cpp:
        * kjs/ConstructData.h:
        * kjs/DateConstructor.cpp:
        * kjs/DateConstructor.h:
        * kjs/DateInstance.cpp:
        (JSC::DateInstance::msToGregorianDateTime):
        * kjs/DateInstance.h:
        * kjs/DateMath.cpp:
        * kjs/DateMath.h:
        * kjs/DatePrototype.cpp:
        * kjs/DatePrototype.h:
        * kjs/DebuggerCallFrame.cpp:
        * kjs/DebuggerCallFrame.h:
        * kjs/Error.cpp:
        * kjs/Error.h:
        * kjs/ErrorConstructor.cpp:
        * kjs/ErrorConstructor.h:
        * kjs/ErrorInstance.cpp:
        * kjs/ErrorInstance.h:
        * kjs/ErrorPrototype.cpp:
        * kjs/ErrorPrototype.h:
        * kjs/ExecState.cpp:
        * kjs/ExecState.h:
        * kjs/FunctionConstructor.cpp:
        * kjs/FunctionConstructor.h:
        * kjs/FunctionPrototype.cpp:
        * kjs/FunctionPrototype.h:
        * kjs/GetterSetter.cpp:
        * kjs/GetterSetter.h:
        * kjs/GlobalEvalFunction.cpp:
        * kjs/GlobalEvalFunction.h:
        * kjs/IndexToNameMap.cpp:
        * kjs/IndexToNameMap.h:
        * kjs/InitializeThreading.cpp:
        * kjs/InitializeThreading.h:
        * kjs/InternalFunction.cpp:
        * kjs/InternalFunction.h:
        (JSC::InternalFunction::InternalFunction):
        * kjs/JSActivation.cpp:
        * kjs/JSActivation.h:
        * kjs/JSArray.cpp:
        * kjs/JSArray.h:
        * kjs/JSCell.cpp:
        * kjs/JSCell.h:
        * kjs/JSFunction.cpp:
        * kjs/JSFunction.h:
        (JSC::JSFunction::JSFunction):
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.cpp:
        * kjs/JSGlobalObject.h:
        * kjs/JSGlobalObjectFunctions.cpp:
        * kjs/JSGlobalObjectFunctions.h:
        * kjs/JSImmediate.cpp:
        * kjs/JSImmediate.h:
        * kjs/JSLock.cpp:
        * kjs/JSLock.h:
        * kjs/JSNotAnObject.cpp:
        * kjs/JSNotAnObject.h:
        * kjs/JSNumberCell.cpp:
        * kjs/JSNumberCell.h:
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/JSStaticScopeObject.cpp:
        * kjs/JSStaticScopeObject.h:
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        * kjs/JSType.h:
        * kjs/JSValue.cpp:
        * kjs/JSValue.h:
        * kjs/JSVariableObject.cpp:
        * kjs/JSVariableObject.h:
        * kjs/JSWrapperObject.cpp:
        * kjs/JSWrapperObject.h:
        * kjs/LabelStack.cpp:
        * kjs/LabelStack.h:
        * kjs/MathObject.cpp:
        * kjs/MathObject.h:
        * kjs/NativeErrorConstructor.cpp:
        * kjs/NativeErrorConstructor.h:
        * kjs/NativeErrorPrototype.cpp:
        * kjs/NativeErrorPrototype.h:
        * kjs/NodeInfo.h:
        * kjs/NumberConstructor.cpp:
        * kjs/NumberConstructor.h:
        * kjs/NumberObject.cpp:
        * kjs/NumberObject.h:
        * kjs/NumberPrototype.cpp:
        * kjs/NumberPrototype.h:
        * kjs/ObjectConstructor.cpp:
        * kjs/ObjectConstructor.h:
        * kjs/ObjectPrototype.cpp:
        * kjs/ObjectPrototype.h:
        * kjs/Parser.cpp:
        * kjs/Parser.h:
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMapStatisticsExitLogger::~PropertyMapStatisticsExitLogger):
        * kjs/PropertyMap.h:
        * kjs/PropertyNameArray.cpp:
        * kjs/PropertyNameArray.h:
        * kjs/PropertySlot.cpp:
        * kjs/PropertySlot.h:
        * kjs/PrototypeFunction.cpp:
        * kjs/PrototypeFunction.h:
        * kjs/PutPropertySlot.h:
        * kjs/RegExpConstructor.cpp:
        * kjs/RegExpConstructor.h:
        * kjs/RegExpObject.cpp:
        * kjs/RegExpObject.h:
        * kjs/RegExpPrototype.cpp:
        * kjs/RegExpPrototype.h:
        * kjs/ScopeChain.cpp:
        * kjs/ScopeChain.h:
        * kjs/ScopeChainMark.h:
        * kjs/Shell.cpp:
        (jscmain):
        * kjs/SmallStrings.cpp:
        * kjs/SmallStrings.h:
        * kjs/SourceProvider.h:
        * kjs/SourceRange.h:
        * kjs/StringConstructor.cpp:
        * kjs/StringConstructor.h:
        * kjs/StringObject.cpp:
        * kjs/StringObject.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        * kjs/StringPrototype.cpp:
        * kjs/StringPrototype.h:
        * kjs/StructureID.cpp:
        * kjs/StructureID.h:
        * kjs/SymbolTable.h:
        * kjs/collector.cpp:
        * kjs/collector.h:
        * kjs/completion.h:
        * kjs/create_hash_table:
        * kjs/debugger.cpp:
        * kjs/debugger.h:
        * kjs/dtoa.cpp:
        * kjs/dtoa.h:
        * kjs/grammar.y:
        * kjs/identifier.cpp:
        * kjs/identifier.h:
        (JSC::Identifier::equal):
        * kjs/interpreter.cpp:
        * kjs/interpreter.h:
        * kjs/lexer.cpp:
        (JSC::Lexer::Lexer):
        (JSC::Lexer::clear):
        (JSC::Lexer::makeIdentifier):
        * kjs/lexer.h:
        * kjs/lookup.cpp:
        * kjs/lookup.h:
        * kjs/nodes.cpp:
        * kjs/nodes.h:
        * kjs/nodes2string.cpp:
        * kjs/operations.cpp:
        * kjs/operations.h:
        * kjs/protect.h:
        * kjs/regexp.cpp:
        * kjs/regexp.h:
        * kjs/ustring.cpp:
        * kjs/ustring.h:
        (JSC::operator!=):
        (JSC::IdentifierRepHash::hash):
        (WTF::):
        * masm/MacroAssembler.h:
        * masm/MacroAssemblerWin.cpp:
        * masm/X86Assembler.h:
        * pcre/pcre_exec.cpp:
        * profiler/CallIdentifier.h:
        (WTF::):
        * profiler/HeavyProfile.cpp:
        * profiler/HeavyProfile.h:
        * profiler/Profile.cpp:
        * profiler/Profile.h:
        * profiler/ProfileGenerator.cpp:
        * profiler/ProfileGenerator.h:
        * profiler/ProfileNode.cpp:
        * profiler/ProfileNode.h:
        * profiler/Profiler.cpp:
        * profiler/Profiler.h:
        * profiler/TreeProfile.cpp:
        * profiler/TreeProfile.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:
        * wtf/AVLTree.h:

2008-09-07  Maciej Stachowiak  <mjs (a] apple.com>

        Reviewed by Dan Bernstein.
        
        - rename IA32MacroAssembler class to X86Assembler
        
        We otherwise call the platform X86, and also, I don't see any macros.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * masm/IA32MacroAsm.h: Removed.
        * masm/MacroAssembler.h:
        (KJS::MacroAssembler::MacroAssembler):
        * masm/MacroAssemblerWin.cpp:
        (KJS::MacroAssembler::emitRestoreArgumentReference):
        * masm/X86Assembler.h: Copied from masm/IA32MacroAsm.h.
        (KJS::X86Assembler::X86Assembler):
        * wrec/WREC.cpp:
        (KJS::WRECGenerator::generateNonGreedyQuantifier):
        (KJS::WRECGenerator::generateGreedyQuantifier):
        (KJS::WRECGenerator::generateParentheses):
        (KJS::WRECGenerator::generateBackreference):
        (KJS::WRECGenerator::gernerateDisjunction):
        * wrec/WREC.h:

2008-09-07  Cameron Zwarich  <cwzwarich (a] webkit.org>

        Not reviewed.

        Visual C++ seems to have some odd casting rules, so just convert the
        offending cast back to a C-style cast for now.

        * kjs/collector.cpp:
        (KJS::otherThreadStackPointer):

2008-09-07  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Mark Rowe.

        Attempt to fix the Windows build by using a const_cast to cast regs.Esp
        to a uintptr_t instead of a reinterpret_cast.

        * kjs/collector.cpp:
        (KJS::otherThreadStackPointer):

2008-09-07  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Sam Weinig.

        Remove C-style casts from kjs/collector.cpp.

        * kjs/collector.cpp:
        (KJS::Heap::heapAllocate):
        (KJS::currentThreadStackBase):
        (KJS::Heap::markConservatively):
        (KJS::otherThreadStackPointer):
        (KJS::Heap::markOtherThreadConservatively):
        (KJS::Heap::sweep):

2008-09-07  Mark Rowe  <mrowe (a] apple.com>

        Build fix for the debug variant.

        * DerivedSources.make: Also use the .Debug.exp exports file when building the debug variant.

2008-09-07  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Timothy Hatcher.

        Remove C-style casts from the CTI code.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetArg):
        (KJS::CTI::emitGetPutArg):
        (KJS::ctiRepatchCallByReturnAddress):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileGetByIdSelf):
        (KJS::CTI::privateCompileGetByIdProto):
        (KJS::CTI::privateCompileGetByIdChain):
        (KJS::CTI::privateCompilePutByIdReplace):
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):

=== End merge of squirrelfish-extreme ===

2008-09-06  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig. Adapted somewhat by Maciej Stachowiak.
        
        - refactor WREC to share more of the JIT infrastructure with CTI

        * VM/CTI.cpp:
        (KJS::CTI::emitGetArg):
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::emitPutArg):
        (KJS::CTI::emitPutArgConstant):
        (KJS::CTI::emitPutCTIParam):
        (KJS::CTI::emitGetCTIParam):
        (KJS::CTI::emitPutToCallFrameHeader):
        (KJS::CTI::emitGetFromCallFrameHeader):
        (KJS::CTI::emitPutResult):
        (KJS::CTI::emitDebugExceptionCheck):
        (KJS::CTI::emitJumpSlowCaseIfNotImm):
        (KJS::CTI::emitJumpSlowCaseIfNotImms):
        (KJS::CTI::emitFastArithDeTagImmediate):
        (KJS::CTI::emitFastArithReTagImmediate):
        (KJS::CTI::emitFastArithPotentiallyReTagImmediate):
        (KJS::CTI::emitFastArithImmToInt):
        (KJS::CTI::emitFastArithIntToImmOrSlowCase):
        (KJS::CTI::emitFastArithIntToImmNoCheck):
        (KJS::CTI::CTI):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileSlowCases):
        (KJS::CTI::privateCompile):
        (KJS::CTI::privateCompileGetByIdSelf):
        (KJS::CTI::privateCompileGetByIdProto):
        (KJS::CTI::privateCompileGetByIdChain):
        (KJS::CTI::privateCompilePutByIdReplace):
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):
        (KJS::CTI::compileRegExp):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::JmpTable::JmpTable):
        (KJS::SlowCaseEntry::SlowCaseEntry):
        (KJS::CTI::JSRInfo::JSRInfo):
        * kjs/regexp.cpp:
        (KJS::RegExp::RegExp):
        * wrec/WREC.cpp:
        (KJS::GenerateParenthesesNonGreedyFunctor::GenerateParenthesesNonGreedyFunctor):
        (KJS::GeneratePatternCharacterFunctor::generateAtom):
        (KJS::GeneratePatternCharacterFunctor::backtrack):
        (KJS::GenerateCharacterClassFunctor::generateAtom):
        (KJS::GenerateCharacterClassFunctor::backtrack):
        (KJS::GenerateBackreferenceFunctor::generateAtom):
        (KJS::GenerateBackreferenceFunctor::backtrack):
        (KJS::GenerateParenthesesNonGreedyFunctor::generateAtom):
        (KJS::GenerateParenthesesNonGreedyFunctor::backtrack):
        (KJS::WRECGenerate::generateBacktrack1):
        (KJS::WRECGenerate::generateBacktrackBackreference):
        (KJS::WRECGenerate::generateBackreferenceQuantifier):
        (KJS::WRECGenerate::generateNonGreedyQuantifier):
        (KJS::WRECGenerate::generateGreedyQuantifier):
        (KJS::WRECGenerate::generatePatternCharacter):
        (KJS::WRECGenerate::generateCharacterClassInvertedRange):
        (KJS::WRECGenerate::generateCharacterClassInverted):
        (KJS::WRECGenerate::generateCharacterClass):
        (KJS::WRECGenerate::generateParentheses):
        (KJS::WRECGenerate::generateParenthesesNonGreedy):
        (KJS::WRECGenerate::gererateParenthesesResetTrampoline):
        (KJS::WRECGenerate::generateAssertionBOL):
        (KJS::WRECGenerate::generateAssertionEOL):
        (KJS::WRECGenerate::generateAssertionWordBoundary):
        (KJS::WRECGenerate::generateBackreference):
        (KJS::WRECGenerate::gernerateDisjunction):
        (KJS::WRECGenerate::terminateDisjunction):
        (KJS::WRECParser::parseGreedyQuantifier):
        (KJS::WRECParser::parseQuantifier):
        (KJS::WRECParser::parsePatternCharacterQualifier):
        (KJS::WRECParser::parseCharacterClassQuantifier):
        (KJS::WRECParser::parseBackreferenceQuantifier):
        (KJS::WRECParser::parseParentheses):
        (KJS::WRECParser::parseCharacterClass):
        (KJS::WRECParser::parseOctalEscape):
        (KJS::WRECParser::parseEscape):
        (KJS::WRECParser::parseTerm):
        (KJS::WRECParser::parseDisjunction):
        * wrec/WREC.h:
        (KJS::WRECGenerate::WRECGenerate):
        (KJS::WRECParser::):
        (KJS::WRECParser::WRECParser):
        (KJS::WRECParser::parseAlternative):
        (KJS::WRECParser::isEndOfPattern):

2008-09-06  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by NOBODY (Build fix).

        Fix the sampler build.

        * VM/SamplingTool.h:

2008-09-06  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Jump through the necessary hoops required to make MSVC cooperate with SFX

        We now explicitly declare the calling convention on all cti_op_* cfunctions,
        and return int instead of bool where appropriate (despite the cdecl calling
        convention seems to state MSVC generates code that returns the result value
        through ecx).  SFX behaves slightly differently under MSVC, specifically it
        stores the base argument address for the cti_op_* functions in the first
        argument, and then does the required stack manipulation through that pointer.
        This is necessary as MSVC's optimisations assume they have complete control
        of the stack, and periodically elide our stack manipulations, or move
        values in unexpected ways.  MSVC also frequently produces tail calls which may
        clobber the first argument, so the MSVC path is slightly less efficient due
        to the need to restore it.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (KJS::):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * masm/MacroAssembler.h:
        (KJS::MacroAssembler::emitConvertToFastCall):
        * masm/MacroAssemblerIA32GCC.cpp: Removed.
           For performance reasons we need these no-op functions to be inlined.

        * masm/MacroAssemblerWin.cpp:
        (KJS::MacroAssembler::emitRestoreArgumentReference):
        * wtf/Platform.h:

2008-09-05  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Maciej Stachowiak, or maybe the other way around.
        
        Added the ability to coalesce JITCode buffer grow operations by first
        growing the buffer and then executing unchecked puts to it.
        
        About a 2% speedup on date-format-tofte.

        * VM/CTI.cpp:
        (KJS::CTI::compileOpCall):
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::ensureSpace):
        (KJS::JITCodeBuffer::putByteUnchecked):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShortUnchecked):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putIntUnchecked):
        (KJS::JITCodeBuffer::putInt):
        (KJS::IA32MacroAssembler::emitTestl_i32r):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):
        (KJS::IA32MacroAssembler::emitMovl_i32m):
        (KJS::IA32MacroAssembler::emitUnlinkedJe):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        (KJS::IA32MacroAssembler::emitModRm_rr_Unchecked):
        (KJS::IA32MacroAssembler::emitModRm_rm_Unchecked):
        (KJS::IA32MacroAssembler::emitModRm_rm):
        (KJS::IA32MacroAssembler::emitModRm_opr):
        (KJS::IA32MacroAssembler::emitModRm_opr_Unchecked):
        (KJS::IA32MacroAssembler::emitModRm_opm_Unchecked):

2008-09-05  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Disable WREC and CTI on platforms that we have not yet had a chance to test with.

        * wtf/Platform.h:

2008-09-05  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Use jo instead of a mask compare when fetching array.length and
        string.length. 4% speedup on array.length / string.length torture
        test.

        * VM/CTI.cpp:
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):

2008-09-05  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Removed a CTI compilation pass by recording labels during bytecode
        generation. This is more to reduce complexity than it is to improve
        performance.

        SunSpider reports no change.

        CodeBlock now keeps a "labels" set, which holds the offsets of all the
        instructions that can be jumped to.

        * VM/CTI.cpp: Nixed a pass.

        * VM/CodeBlock.h: Added a "labels" set.

        * VM/LabelID.h: No need for a special LableID for holding jump
        destinations, since the CodeBlock now knows all jump destinations.

        * wtf/HashTraits.h: New hash traits to accomodate putting offset 0 in
        the set.

        * kjs/nodes.cpp:
        (KJS::TryNode::emitCode): Emit a dummy label to record sret targets.

2008-09-05  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt and Gavin Barraclough.

        Move the JITCodeBuffer onto Machine and remove the static variables.

        * VM/CTI.cpp: Initialize m_jit with the Machine's code buffer.
        * VM/Machine.cpp:
        (KJS::Machine::Machine): Allocate a JITCodeBuffer.
        * VM/Machine.h:
        * kjs/RegExpConstructor.cpp:
        (KJS::constructRegExp): Pass the ExecState through.
        * kjs/RegExpPrototype.cpp:
        (KJS::regExpProtoFuncCompile): Ditto.
        * kjs/StringPrototype.cpp:
        (KJS::stringProtoFuncMatch): Ditto.
        (KJS::stringProtoFuncSearch): Ditto.
        * kjs/nodes.cpp:
        (KJS::RegExpNode::emitCode): Compile the pattern at code generation time
        so that we have access to an ExecState.
        * kjs/nodes.h:
        (KJS::RegExpNode::):
        * kjs/nodes2string.cpp:
        * kjs/regexp.cpp:
        (KJS::RegExp::RegExp): Pass the ExecState through.
        (KJS::RegExp::create): Ditto.
        * kjs/regexp.h:
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::IA32MacroAssembler): Reset the JITCodeBuffer when we are
        constructed.
        * wrec/WREC.cpp:
        (KJS::WRECompiler::compile): Retrieve the JITCodeBuffer from the Machine.
        * wrec/WREC.h:

2008-09-05  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt and Gavin Barraclough.

        Fix the build when CTI is disabled.

        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::~CodeBlock):
        * VM/CodeGenerator.cpp:
        (KJS::prepareJumpTableForStringSwitch):
        * VM/Machine.cpp:
        (KJS::Machine::Machine):
        (KJS::Machine::~Machine):

2008-09-05  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Mark Rowe.

        Fix some windows abi issues.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_post_inc):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_post_dec):
        * VM/Machine.h:

2008-09-05  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Fix ecma/FunctionObjects/15.3.5.3.js after I broke it in r93.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call_NotJSFunction): Restore m_callFrame to the correct value after making the native call.
        (KJS::Machine::cti_op_construct_NotJSConstruct): Ditto.

2008-09-04  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Fix fast/dom/Window/console-functions.html.

        The call frame on the ExecState was not being updated on calls into native functions.  This meant that functions
        such as console.log would use the line number of the last JS function on the call stack.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call_NotJSFunction): Update the ExecState's call frame before making a native function call,
        and restore it when the function is done.
        (KJS::Machine::cti_op_construct_NotJSConstruct): Ditto.

2008-09-05  Oliver Hunt  <oliver (a] apple.com>

        Start bringing up SFX on windows.

        Reviewed by Mark Rowe and Sam Weinig

        Start doing the work to bring up SFX on windows.  Initially
        just working on WREC, as it does not make any calls so reduces
        the amount of code that needs to be corrected.
        
        Start abstracting the CTI JIT codegen engine.

        * ChangeLog:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        * masm/IA32MacroAsm.h:
        * masm/MacroAssembler.h: Added.
        (KJS::MacroAssembler::MacroAssembler):
        * masm/MacroAssemblerIA32GCC.cpp: Added.
        (KJS::MacroAssembler::emitConvertToFastCall):
        * masm/MacroAssemblerWin.cpp: Added.
        (KJS::MacroAssembler::emitConvertToFastCall):
        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseGreedyQuantifier):
        (KJS::WRECompiler::parseCharacterClass):
        (KJS::WRECompiler::parseEscape):
        (KJS::WRECompiler::compilePattern):
        * wrec/WREC.h:

2008-09-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Support for slow scripts (timeout checking).

        * VM/CTI.cpp:
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompile):
        * VM/Machine.cpp:
        (KJS::slideRegisterWindowForCall):
        (KJS::Machine::cti_timeout_check):
        (KJS::Machine::cti_vm_throw):

2008-09-04  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Third round of style cleanup.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * kjs/ExecState.h:

2008-09-04  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Jon Honeycutt.

        Second round of style cleanup.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * wrec/WREC.h:

2008-09-04  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        First round of style cleanup.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * masm/IA32MacroAsm.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:

2008-09-04  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Mark Rowe.
        
        Merged http://trac.webkit.org/changeset/36081 to work with CTI.

        * VM/Machine.cpp:
        (KJS::Machine::tryCtiCacheGetByID):

2008-09-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Enable profiling in CTI.

        * VM/CTI.h:
        (KJS::):
        (KJS::CTI::execute):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call_JSFunction):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_ret):
        (KJS::Machine::cti_op_construct_JSConstruct):
        (KJS::Machine::cti_op_construct_NotJSConstruct):

2008-09-04  Victor Hernandez  <vhernandez (a] apple.com>

        Reviewed by Geoffrey Garen.
        
        Fixed an #if to support using WREC without CTI.

        * kjs/regexp.cpp:
        (KJS::RegExp::match):

2008-09-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        The array/string length trampolines are owned by the Machine, not the codeblock that compiled them.

        * VM/CTI.cpp:
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):
        * VM/Machine.cpp:
        (KJS::Machine::~Machine):
        * VM/Machine.h:

2008-09-04  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Gavin Barraclough and Sam Weinig.

        Fix a crash on launch of jsc when GuardMalloc is enabled.

        * kjs/ScopeChain.h:
        (KJS::ScopeChain::ScopeChain): Initialize m_node to 0 when we have no valid scope chain.
        (KJS::ScopeChain::~ScopeChain): Null-check m_node before calling deref.

2008-09-03  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix inspector and fast array access so that it bounds
        checks correctly.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitUnlinkedJb):
        (KJS::IA32MacroAssembler::emitUnlinkedJbe):

2008-09-03  Mark Rowe  <mrowe (a] apple.com>

        Move the assertion after the InitializeAndReturn block, as
        that is used even when CTI is enabled.

        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):

2008-09-03  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Replace calls to exit with ASSERT_WITH_MESSAGE or ASSERT_NOT_REACHED.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_vm_throw):

2008-09-03  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Tweak JavaScriptCore to compile on non-x86 platforms.  This is achieved
        by wrapping more code with ENABLE(CTI), ENABLE(WREC), and PLATFORM(X86)
        #if's.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::printStructureIDs): Use %td as the format specifier for
        printing a ptrdiff_t.
        * VM/Machine.cpp:
        * VM/Machine.h:
        * kjs/regexp.cpp:
        (KJS::RegExp::RegExp):
        (KJS::RegExp::~RegExp):
        (KJS::RegExp::match):
        * kjs/regexp.h:
        * masm/IA32MacroAsm.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:
        * wtf/Platform.h: Only enable CTI and WREC on x86.  Add an extra define to
        track whether any MASM-using features are enabled.

2008-09-03  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Copy Geoff's array/string length optimization for CTI.

        * VM/CTI.cpp:
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):
        * VM/CTI.h:
        (KJS::CTI::compileArrayLengthTrampoline):
        (KJS::CTI::compileStringLengthTrampoline):
        * VM/Machine.cpp:
        (KJS::Machine::Machine):
        (KJS::Machine::getCtiArrayLengthTrampoline):
        (KJS::Machine::getCtiStringLengthTrampoline):
        (KJS::Machine::tryCtiCacheGetByID):
        (KJS::Machine::cti_op_get_by_id_second):
        * VM/Machine.h:
        * kjs/JSString.h:
        * kjs/ustring.h:

2008-09-03  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Implement fast array accesses in CTI - 2-3% progression on sunspider.

        * VM/CTI.cpp:
        (KJS::CTI::emitFastArithIntToImmNoCheck):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        * VM/CTI.h:
        * kjs/JSArray.h:

2008-09-02  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Enable fast property access support in CTI.

        * VM/CTI.cpp:
        (KJS::ctiSetReturnAddress):
        (KJS::ctiRepatchCallByReturnAddress):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        (KJS::CTI::privateCompileGetByIdSelf):
        (KJS::CTI::privateCompileGetByIdProto):
        (KJS::CTI::privateCompileGetByIdChain):
        (KJS::CTI::privateCompilePutByIdReplace):
        * VM/CTI.h:
        (KJS::CTI::compileGetByIdSelf):
        (KJS::CTI::compileGetByIdProto):
        (KJS::CTI::compileGetByIdChain):
        (KJS::CTI::compilePutByIdReplace):
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::~CodeBlock):
        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        (KJS::doSetReturnAddressVmThrowTrampoline):
        (KJS::Machine::tryCtiCachePutByID):
        (KJS::Machine::tryCtiCacheGetByID):
        (KJS::Machine::cti_op_put_by_id):
        (KJS::Machine::cti_op_put_by_id_second):
        (KJS::Machine::cti_op_put_by_id_generic):
        (KJS::Machine::cti_op_put_by_id_fail):
        (KJS::Machine::cti_op_get_by_id):
        (KJS::Machine::cti_op_get_by_id_second):
        (KJS::Machine::cti_op_get_by_id_generic):
        (KJS::Machine::cti_op_get_by_id_fail):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_vm_throw):
        * VM/Machine.h:
        * kjs/JSCell.h:
        * kjs/JSObject.h:
        * kjs/PropertyMap.h:
        * kjs/StructureID.cpp:
        (KJS::StructureIDChain::StructureIDChain):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::emitCmpl_i32m):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):

2008-09-02  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        A backslash (\) at the of a RegEx should produce an error.
        Fixes fast/regex/test1.html.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseEscape):

2008-09-02  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Geoff Garen.

        Link jumps for the slow case of op_loop_if_less.  Fixes acid3.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass4_SlowCases):

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Rubber-stamped by Maciej Stachowiak.

        Switch WREC on by default.

        * wtf/Platform.h:

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Fix two failures in fast/regex/test1.html
          - \- in a character class should be treated as a literal -
          - A missing max quantifier needs to be treated differently than
            a null max quantifier.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateNonGreedyQuantifier):
        (KJS::WRECompiler::generateGreedyQuantifier):
        (KJS::WRECompiler::parseCharacterClass):
        * wrec/WREC.h:
        (KJS::Quantifier::Quantifier):

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Fix crash in fast/js/kde/evil-n.html

        * kjs/regexp.cpp: Always pass a non-null offset vector to the wrec function.

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Add pattern length limit fixing one test in fast/js.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::compile):
        * wrec/WREC.h:
        (KJS::WRECompiler::):

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Make octal escape parsing/back-reference parsing more closely match 
        prior behavior fixing one test in fast/js.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseCharacterClass): 8 and 9 should be IdentityEscaped
        (KJS::WRECompiler::parseEscape):
        * wrec/WREC.h:
        (KJS::WRECompiler::peekDigit):

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Fix one mozilla test.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateCharacterClassInverted): Fix incorrect not
        ascii upper check.

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Parse octal escapes in character classes fixing one mozilla test.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseCharacterClass):
        (KJS::WRECompiler::parseOctalEscape):
        * wrec/WREC.h:
        (KJS::WRECompiler::consumeOctal):

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Fixes two mozilla tests with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::CharacterClassConstructor::append): Keep the character class sorted
        when appending another character class.

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Fixes two mozilla tests with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::CharacterClassConstructor::addSortedRange): Insert the range at the correct position
        instead of appending it to the end.

2008-09-01  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Move cross-compilation unit call into NEVER_INLINE function.

        * VM/Machine.cpp:
        (KJS::doSetReturnAddressVmThrowTrampoline):

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix one test in fast/js.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_construct_NotJSConstruct): Throw a createNotAConstructorError,
        instead of a createNotAFunctionError.

2008-08-31  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Zero-cost exception handling.  This patch takes the exception checking
        back of the hot path.  When an exception occurs in a Machine::cti*
        method, the return address to JIT code is recorded, and is then
        overwritten with a pointer to a trampoline routine.  When the method
        returns the trampoline will cause the cti_vm_throw method to be invoked.

        cti_vm_throw uses the return address preserved above, to discover the
        vPC of the bytecode that raised the exception (using a map build during
        translation).  From the VPC of the faulting bytecode the vPC of a catch
        routine may be discovered (unwinding the stack where necesary), and then
        a bytecode address for the catch routine is looked up.  Final cti_vm_throw
        overwrites its return address to JIT code again, to trampoline directly
        to the catch routine.
        
        cti_op_throw is handled in a similar fashion.

        * VM/CTI.cpp:
        (KJS::CTI::emitPutCTIParam):
        (KJS::CTI::emitPutToCallFrameHeader):
        (KJS::CTI::emitGetFromCallFrameHeader):
        (KJS::ctiSetReturnAddressForArgs):
        (KJS::CTI::emitDebugExceptionCheck):
        (KJS::CTI::printOpcodeOperandTypes):
        (KJS::CTI::emitCall):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::):
        (KJS::CTI::execute):
        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_op_instanceof):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_op_in):
        (KJS::Machine::cti_vm_throw):
        * VM/RegisterFile.h:
        (KJS::RegisterFile::):
        * kjs/ExecState.h:
        (KJS::ExecState::setCtiReturnAddress):
        (KJS::ExecState::ctiReturnAddress):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitPushl_m):
        (KJS::IA32MacroAssembler::emitPopl_m):
        (KJS::IA32MacroAssembler::getRelocatedAddress):

2008-08-31  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fall back to PCRE for any regexp containing parentheses until we correctly backtrack within them.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseParentheses):
        * wrec/WREC.h:
        (KJS::WRECompiler::):

2008-08-31  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix several issues within ecma_3/RegExp/perlstress-001.js with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateNonGreedyQuantifier): Compare with the maximum quantifier count rather than the minimum.
        (KJS::WRECompiler::generateAssertionEOL): Do a register-to-register comparison rather than immediate-to-register.
        (KJS::WRECompiler::parseCharacterClass): Pass through the correct inversion flag.

2008-08-30  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Re-fix the six remaining failures in the Mozilla JavaScript tests in a manner that does not kill performance.
        This shows up as a 0.6% progression on SunSpider on my machine.

        Grow the JITCodeBuffer's underlying buffer when we run out of space rather than just bailing out.

        * VM/CodeBlock.h:
        (KJS::CodeBlock::~CodeBlock): Switch to using fastFree now that JITCodeBuffer::copy uses fastMalloc.
        * kjs/regexp.cpp: Ditto.
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::growBuffer):
        (KJS::JITCodeBuffer::JITCodeBuffer):
        (KJS::JITCodeBuffer::~JITCodeBuffer):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::reset):
        (KJS::JITCodeBuffer::copy):

2008-08-29  Oliver Hunt  <oliver (a] apple.com>

        RS=Maciej

        Roll out previous patch as it causes a 5% performance regression

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (KJS::getJCB):
        (KJS::CTI::privateCompile):
        * VM/CodeBlock.h:
        (KJS::CodeBlock::~CodeBlock):
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::JITCodeBuffer):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::getEIP):
        (KJS::JITCodeBuffer::start):
        (KJS::JITCodeBuffer::getOffset):
        (KJS::JITCodeBuffer::reset):
        (KJS::JITCodeBuffer::copy):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        (KJS::IA32MacroAssembler::emitModRm_rm):
        (KJS::IA32MacroAssembler::emitModRm_rmsib):
        (KJS::IA32MacroAssembler::IA32MacroAssembler):
        (KJS::IA32MacroAssembler::emitInt3):
        (KJS::IA32MacroAssembler::emitPushl_r):
        (KJS::IA32MacroAssembler::emitPopl_r):
        (KJS::IA32MacroAssembler::emitMovl_rr):
        (KJS::IA32MacroAssembler::emitAddl_rr):
        (KJS::IA32MacroAssembler::emitAddl_i8r):
        (KJS::IA32MacroAssembler::emitAddl_i32r):
        (KJS::IA32MacroAssembler::emitAddl_mr):
        (KJS::IA32MacroAssembler::emitAndl_rr):
        (KJS::IA32MacroAssembler::emitAndl_i32r):
        (KJS::IA32MacroAssembler::emitCmpl_i8r):
        (KJS::IA32MacroAssembler::emitCmpl_rr):
        (KJS::IA32MacroAssembler::emitCmpl_rm):
        (KJS::IA32MacroAssembler::emitCmpl_i32r):
        (KJS::IA32MacroAssembler::emitCmpl_i32m):
        (KJS::IA32MacroAssembler::emitCmpw_rm):
        (KJS::IA32MacroAssembler::emitOrl_rr):
        (KJS::IA32MacroAssembler::emitOrl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_rr):
        (KJS::IA32MacroAssembler::emitSubl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_i32r):
        (KJS::IA32MacroAssembler::emitSubl_mr):
        (KJS::IA32MacroAssembler::emitTestl_i32r):
        (KJS::IA32MacroAssembler::emitTestl_rr):
        (KJS::IA32MacroAssembler::emitXorl_i8r):
        (KJS::IA32MacroAssembler::emitXorl_rr):
        (KJS::IA32MacroAssembler::emitSarl_i8r):
        (KJS::IA32MacroAssembler::emitSarl_CLr):
        (KJS::IA32MacroAssembler::emitShl_i8r):
        (KJS::IA32MacroAssembler::emitShll_CLr):
        (KJS::IA32MacroAssembler::emitMull_rr):
        (KJS::IA32MacroAssembler::emitIdivl_r):
        (KJS::IA32MacroAssembler::emitCdq):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovzwl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):
        (KJS::IA32MacroAssembler::emitMovl_i32r):
        (KJS::IA32MacroAssembler::emitMovl_i32m):
        (KJS::IA32MacroAssembler::emitLeal_mr):
        (KJS::IA32MacroAssembler::emitRet):
        (KJS::IA32MacroAssembler::emitJmpN_r):
        (KJS::IA32MacroAssembler::emitJmpN_m):
        (KJS::IA32MacroAssembler::emitCall):
        (KJS::IA32MacroAssembler::label):
        (KJS::IA32MacroAssembler::emitUnlinkedJmp):
        (KJS::IA32MacroAssembler::emitUnlinkedJne):
        (KJS::IA32MacroAssembler::emitUnlinkedJe):
        (KJS::IA32MacroAssembler::emitUnlinkedJl):
        (KJS::IA32MacroAssembler::emitUnlinkedJle):
        (KJS::IA32MacroAssembler::emitUnlinkedJge):
        (KJS::IA32MacroAssembler::emitUnlinkedJae):
        (KJS::IA32MacroAssembler::emitUnlinkedJo):
        (KJS::IA32MacroAssembler::link):
        * wrec/WREC.cpp:
        (KJS::WRECompiler::compilePattern):
        (KJS::WRECompiler::compile):
        * wrec/WREC.h:

2008-08-29  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Have JITCodeBuffer manage a Vector containing the generated code so that it can grow
        as needed when generating code for a large function.  This fixes all six remaining failures
        in Mozilla tests in both debug and release builds.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile):
        * VM/CodeBlock.h:
        (KJS::CodeBlock::~CodeBlock):
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::getEIP):
        (KJS::JITCodeBuffer::start):
        (KJS::JITCodeBuffer::getOffset):
        (KJS::JITCodeBuffer::getCode):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        * wrec/WREC.cpp:
        (KJS::WRECompiler::compilePattern):
        * wrec/WREC.h:

2008-08-29  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Implement parsing of octal escapes in regular expressions.  This fixes three Mozilla tests.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseOctalEscape):
        (KJS::WRECompiler::parseEscape): Parse the escape sequence as an octal escape if it has a leading zero.
        Add a FIXME about treating invalid backreferences as octal escapes in the future.
        * wrec/WREC.h:
        (KJS::WRECompiler::consumeNumber): Multiply by 10 rather than 0 so that we handle numbers with more than
        one digit.
        * wtf/ASCIICType.h:
        (WTF::isASCIIOctalDigit):

2008-08-29  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Pass vPC to instanceof method.  Fixes 2 mozilla tests in debug.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_instanceof):

2008-08-29  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Pass vPCs to resolve methods for correct exception creation.  Fixes
        17 mozilla tests in debug.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):

2008-08-29  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Remembering to actually throw the exception passed to op throw helps.
        Regressions 19 -> 6.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_vm_throw):

2008-08-29  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Sam Weinig.

        Support for exception unwinding the stack.
        
        Once upon a time, Sam asked me for a bettr ChangeLog entry.  The return address
        is now preserved on entry to a JIT code function (if we preserve lazily we need
        restore the native return address during exception stack unwind).  This takes
        the number of regressions down from ~150 to 19.

        * VM/CTI.cpp:
        (KJS::getJCB):
        (KJS::CTI::emitExceptionCheck):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::):
        * VM/Machine.cpp:
        (KJS::Machine::throwException):
        (KJS::Machine::cti_op_call_JSFunction):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_construct_JSConstruct):
        (KJS::Machine::cti_op_construct_NotJSConstruct):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_vm_throw):

2008-08-29  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix js1_2/regexp/word_boundary.js and four other Mozilla tests with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateCharacterClassInvertedRange): If none of the exact matches
        succeeded, jump to failure.
        (KJS::WRECompiler::compilePattern): Restore and increment the current position stored
        on the stack to ensure that it will be reset to the correct position after a failed
        match has consumed input.

2008-08-29  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix a hang in ecma_3/RegExp/15.10.2-1.js with WREC enabled.
        A backreference with a quantifier would get stuck in an infinite
        loop if the captured range was empty.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateBackreferenceQuantifier): If the captured range
        was empty, do not attempt to match the backreference.
        (KJS::WRECompiler::parseBackreferenceQuantifier):
        * wrec/WREC.h:
        (KJS::Quantifier::):

2008-08-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Implement op_debug.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::debug):
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_op_debug):
        * VM/Machine.h:

2008-08-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_switch_string fixing 1 mozilla test and one test in fast/js.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::SwitchRecord::):
        (KJS::SwitchRecord::SwitchRecord):
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::dump):
        * VM/CodeBlock.h:
        (KJS::ExpressionRangeInfo::):
        (KJS::StringJumpTable::offsetForValue):
        (KJS::StringJumpTable::ctiForValue):
        (KJS::SimpleJumpTable::add):
        (KJS::SimpleJumpTable::ctiForValue):
        * VM/CodeGenerator.cpp:
        (KJS::prepareJumpTableForStringSwitch):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_op_switch_string):
        * VM/Machine.h:

2008-08-28  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Do not recurse on the machine stack when executing op_call.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::emitPutArg):
        (KJS::CTI::emitPutArgConstant):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::):
        (KJS::CTI::compile):
        (KJS::CTI::execute):
        (KJS::CTI::):
        * VM/Machine.cpp:
        (KJS::Machine::Machine):
        (KJS::Machine::execute):
        (KJS::Machine::cti_op_call_JSFunction):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_ret):
        (KJS::Machine::cti_op_construct_JSConstruct):
        (KJS::Machine::cti_op_construct_NotJSConstruct):
        (KJS::Machine::cti_op_call_eval):
        * VM/Machine.h:
        * VM/Register.h:
        (KJS::Register::Register):
        * VM/RegisterFile.h:
        (KJS::RegisterFile::):
        * kjs/InternalFunction.h:
        (KJS::InternalFunction::InternalFunction):
        * kjs/JSFunction.h:
        (KJS::JSFunction::JSFunction):
        * kjs/ScopeChain.h:
        (KJS::ScopeChain::ScopeChain):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitModRm_opm):
        (KJS::IA32MacroAssembler::emitCmpl_i32m):
        (KJS::IA32MacroAssembler::emitCallN_r):

2008-08-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Exit instead of crashing in ctiUnsupported and ctiTimedOut.

        * VM/Machine.cpp:
        (KJS::ctiUnsupported):
        (KJS::ctiTimedOut):

2008-08-28  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Implement codegen for op_jsr and op_sret.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::CTI::JSRInfo::JSRInfo):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::emitJmpN_m):
        (KJS::IA32MacroAssembler::linkAbsoluteAddress):

2008-08-28  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Initial support for exceptions (throw / catch must occur in same CodeBlock).

        * VM/CTI.cpp:
        (KJS::CTI::emitExceptionCheck):
        (KJS::CTI::emitCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::nativeExceptionCodeForHandlerVPC):
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        (KJS::CodeGenerator::emitCatch):
        * VM/Machine.cpp:
        (KJS::Machine::throwException):
        (KJS::Machine::privateExecute):
        (KJS::ctiUnsupported):
        (KJS::ctiTimedOut):
        (KJS::Machine::cti_op_add):
        (KJS::Machine::cti_op_pre_inc):
        (KJS::Machine::cti_timeout_check):
        (KJS::Machine::cti_op_loop_if_less):
        (KJS::Machine::cti_op_put_by_id):
        (KJS::Machine::cti_op_get_by_id):
        (KJS::Machine::cti_op_instanceof):
        (KJS::Machine::cti_op_del_by_id):
        (KJS::Machine::cti_op_mul):
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_get_by_val):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_sub):
        (KJS::Machine::cti_op_put_by_val):
        (KJS::Machine::cti_op_lesseq):
        (KJS::Machine::cti_op_loop_if_true):
        (KJS::Machine::cti_op_negate):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_div):
        (KJS::Machine::cti_op_pre_dec):
        (KJS::Machine::cti_op_jless):
        (KJS::Machine::cti_op_not):
        (KJS::Machine::cti_op_jtrue):
        (KJS::Machine::cti_op_post_inc):
        (KJS::Machine::cti_op_eq):
        (KJS::Machine::cti_op_lshift):
        (KJS::Machine::cti_op_bitand):
        (KJS::Machine::cti_op_rshift):
        (KJS::Machine::cti_op_bitnot):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_mod):
        (KJS::Machine::cti_op_less):
        (KJS::Machine::cti_op_neq):
        (KJS::Machine::cti_op_post_dec):
        (KJS::Machine::cti_op_urshift):
        (KJS::Machine::cti_op_bitxor):
        (KJS::Machine::cti_op_bitor):
        (KJS::Machine::cti_op_call_eval):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_op_push_scope):
        (KJS::Machine::cti_op_stricteq):
        (KJS::Machine::cti_op_nstricteq):
        (KJS::Machine::cti_op_to_jsnumber):
        (KJS::Machine::cti_op_in):
        (KJS::Machine::cti_op_del_by_val):
        (KJS::Machine::cti_vm_throw):
        * VM/Machine.h:
        * kjs/ExecState.h:
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::emitCmpl_i32m):

2008-08-28  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Oliver Hunt.

        Print debugging info to stderr so that run-webkit-tests can capture it.
        This makes it easy to check whether test failures are due to unimplemented
        op codes, missing support for exceptions, etc.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::printOpcodeOperandTypes):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::ctiException):
        (KJS::ctiUnsupported):
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_get_by_val):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_call_eval):

2008-08-27  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Gavin Barraclough and Maciej Stachowiak.

        Fix fast/js/bitwise-and-on-undefined.html.

        A temporary value in the slow path of op_bitand was being stored in edx, but was
        being clobbered by emitGetPutArg before we used it.  To fix this, emitGetPutArg
        now takes a third argument that specifies the scratch register to use when loading
        from memory.  This allows us to avoid clobbering the temporary in op_bitand.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        * VM/CTI.h:

2008-08-27  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Oliver Hunt.

        Switch CTI on by default.

        * wtf/Platform.h:

2008-08-27  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Fix the build of the full WebKit stack.

        * JavaScriptCore.xcodeproj/project.pbxproj: Mark two new headers as private so they can be pulled in from WebCore.
        * VM/CTI.h: Fix build issues that show up when compiled with GCC 4.2 as part of WebCore.
        * wrec/WREC.h: Ditto.

2008-08-27  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Implement op_new_error.  Does not fix any tests as it is always followed by the unimplemented op_throw.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_new_error):
        * VM/Machine.h:

2008-08-27  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_put_getter and op_put_setter.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_put_getter):
        (KJS::Machine::cti_op_put_setter):
        * VM/Machine.h:

2008-08-27  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_del_by_val fixing 3 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_del_by_val):
        * VM/Machine.h:

2008-08-27  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Quick & dirty fix to get SamplingTool sampling op_call.

        * VM/SamplingTool.h:
        (KJS::SamplingTool::callingHostFunction):

2008-08-27  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix op_put_by_index.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main): Use emitPutArgConstant instead of emitGetPutArg
        for the property value.
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_put_by_index): Get the property value from the correct argument.

2008-08-27  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_switch_imm in the CTI fixing 13 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_switch_imm):
        * VM/Machine.h:

2008-08-27  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        Implement op_switch_char in CTI.

        * VM/CTI.cpp:
        (KJS::CTI::emitCall):
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::SwitchRecord::SwitchRecord):
        * VM/CodeBlock.h:
        (KJS::SimpleJumpTable::SimpleJumpTable::ctiForValue):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_switch_char):
        * VM/Machine.h:
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitJmpN_r):
        (KJS::IA32MacroAssembler::getRelocatedAddress):
        * wtf/Platform.h:

2008-08-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Mark Rowe.

        Implement op_put_by_index to fix 1 mozilla test.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_put_by_index):
        * VM/Machine.h:

2008-08-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        More fixes from Geoff's review.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetArg):
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::emitPutArg):
        (KJS::CTI::emitPutArgConstant):
        (KJS::CTI::getConstantImmediateNumericArg):
        (KJS::CTI::emitGetCTIParam):
        (KJS::CTI::emitPutResult):
        (KJS::CTI::emitCall):
        (KJS::CTI::emitJumpSlowCaseIfNotImm):
        (KJS::CTI::emitJumpSlowCaseIfNotImms):
        (KJS::CTI::getDeTaggedConstantImmediate):
        (KJS::CTI::emitFastArithDeTagImmediate):
        (KJS::CTI::emitFastArithReTagImmediate):
        (KJS::CTI::emitFastArithPotentiallyReTagImmediate):
        (KJS::CTI::emitFastArithImmToInt):
        (KJS::CTI::emitFastArithIntToImmOrSlowCase):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:

2008-08-26  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_jmp_scopes to fix 2 Mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_push_new_scope): Update ExecState::m_scopeChain after calling ARG_setScopeChain.
        (KJS::Machine::cti_op_jmp_scopes):
        * VM/Machine.h:

2008-08-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Oliver Hunt.

        WebKit Regular Expression Compiler. (set ENABLE_WREC = 1 in Platform.h).

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/regexp.cpp:
        * kjs/regexp.h:
        * wrec: Added.
        * wrec/WREC.cpp: Added.
        * wrec/WREC.h: Added.
        * wtf/Platform.h:

2008-08-26  Sam Weinig  <sam (a] webkit.org>

        Rubber-stamped by Oliver Hunt.

        Remove bogus assertion.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_del_by_id):

2008-08-26  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Implement op_push_new_scope and stub out op_catch.  This fixes 11 Mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_push_new_scope):
        (KJS::Machine::cti_op_catch):
        * VM/Machine.h:

2008-08-26  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Clean up op_resolve_base so that it shares its implementation with the bytecode interpreter.

        * VM/Machine.cpp:
        (KJS::inlineResolveBase):
        (KJS::resolveBase):

2008-08-26  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Sam Weinig.

        Add codegen support for op_instanceof, fixing 15 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_instanceof):
        (KJS::Machine::cti_op_del_by_id):
        * VM/Machine.h:
        * wtf/Platform.h:

2008-08-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Fixes for initial review comments.

        * VM/CTI.cpp:
        (KJS::CTI::ctiCompileGetArg):
        (KJS::CTI::ctiCompileGetPutArg):
        (KJS::CTI::ctiCompilePutResult):
        (KJS::CTI::ctiCompileCall):
        (KJS::CTI::CTI):
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::printOpcodeOperandTypes):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        * VM/Register.h:
        * kjs/JSValue.h:

2008-08-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix up exception checking code.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_call_eval):

2008-08-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Fix slowcase for op_post_inc and op_post_dec fixing 2 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass4_SlowCases):

2008-08-26  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Implement op_in, fixing 8 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_in):
        * VM/Machine.h:

2008-08-26  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Oliver Hunt.

        Don't hardcode the size of a Register for op_new_array.  Fixes a crash
        seen during the Mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):

2008-08-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Add support for op_push_scope and op_pop_scope, fixing 20 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_push_scope):
        (KJS::Machine::cti_op_pop_scope):
        * VM/Machine.h:

2008-08-26  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.

        Add codegen support for op_del_by_id, fixing 49 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_del_by_id):
        * VM/Machine.h:

2008-08-26  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Don't hardcode the size of a Register for op_get_scoped_var and op_put_scoped_var 
        fixing 513 mozilla tests in debug build.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):

2008-08-26  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Maciej Stachowiak.
        
        Added code generator support for op_loop, fixing around 60 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):

2008-08-26  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Sam Weinig.

        Set -fomit-frame-pointer in the correct location.

        * Configurations/JavaScriptCore.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-08-26  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.
        
        Inital cut of CTI, Geoff's review fixes to follow.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp: Added.
        (KJS::getJCB):
        (KJS::CTI::ctiCompileGetArg):
        (KJS::CTI::ctiCompileGetPutArg):
        (KJS::CTI::ctiCompilePutArg):
        (KJS::CTI::ctiCompilePutArgImm):
        (KJS::CTI::ctiImmediateNumericArg):
        (KJS::CTI::ctiCompileGetCTIParam):
        (KJS::CTI::ctiCompilePutResult):
        (KJS::CTI::ctiCompileCall):
        (KJS::CTI::slowCaseIfNotImm):
        (KJS::CTI::slowCaseIfNotImms):
        (KJS::CTI::ctiFastArithDeTagConstImmediate):
        (KJS::CTI::ctiFastArithDeTagImmediate):
        (KJS::CTI::ctiFastArithReTagImmediate):
        (KJS::CTI::ctiFastArithPotentiallyReTagImmediate):
        (KJS::CTI::ctiFastArithImmToInt):
        (KJS::CTI::ctiFastArithIntToImmOrSlowCase):
        (KJS::CTI::CTI):
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::ctiCompileAdd):
        (KJS::CTI::ctiCompileAddImm):
        (KJS::CTI::ctiCompileAddImmNotInt):
        (KJS::CTI::TEMP_HACK_PRINT_TYPES):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass3_Link):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h: Added.
        (KJS::CTI2Result::CTI2Result):
        (KJS::CallRecord::CallRecord):
        (KJS::JmpTable::JmpTable):
        (KJS::SlowCaseEntry::SlowCaseEntry):
        (KJS::CTI::compile):
        (KJS::CTI::LabelInfo::LabelInfo):
        * VM/CodeBlock.h:
        (KJS::CodeBlock::CodeBlock):
        (KJS::CodeBlock::~CodeBlock):
        * VM/Machine.cpp:
        (KJS::Machine::execute):
        (KJS::Machine::privateExecute):
        (KJS::ctiException):
        (KJS::ctiUnsupported):
        (KJS::ctiTimedOut):
        (KJS::Machine::cti_op_end):
        (KJS::Machine::cti_op_add):
        (KJS::Machine::cti_op_pre_inc):
        (KJS::Machine::cti_timeout_check):
        (KJS::Machine::cti_op_loop_if_less):
        (KJS::Machine::cti_op_new_object):
        (KJS::Machine::cti_op_put_by_id):
        (KJS::Machine::cti_op_get_by_id):
        (KJS::Machine::cti_op_mul):
        (KJS::Machine::cti_op_new_func):
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_ret):
        (KJS::Machine::cti_op_new_array):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_get_by_val):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_sub):
        (KJS::Machine::cti_op_put_by_val):
        (KJS::Machine::cti_op_lesseq):
        (KJS::Machine::cti_op_loop_if_true):
        (KJS::Machine::cti_op_negate):
        (KJS::Machine::cti_op_resolve_base):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_div):
        (KJS::Machine::cti_op_pre_dec):
        (KJS::Machine::cti_op_jless):
        (KJS::Machine::cti_op_not):
        (KJS::Machine::cti_op_jtrue):
        (KJS::Machine::cti_op_post_inc):
        (KJS::Machine::cti_op_eq):
        (KJS::Machine::cti_op_lshift):
        (KJS::Machine::cti_op_bitand):
        (KJS::Machine::cti_op_rshift):
        (KJS::Machine::cti_op_bitnot):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_new_func_exp):
        (KJS::Machine::cti_op_mod):
        (KJS::Machine::cti_op_less):
        (KJS::Machine::cti_op_neq):
        (KJS::Machine::cti_op_post_dec):
        (KJS::Machine::cti_op_urshift):
        (KJS::Machine::cti_op_bitxor):
        (KJS::Machine::cti_op_new_regexp):
        (KJS::Machine::cti_op_bitor):
        (KJS::Machine::cti_op_call_eval):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_op_get_pnames):
        (KJS::Machine::cti_op_next_pname):
        (KJS::Machine::cti_op_typeof):
        (KJS::Machine::cti_op_stricteq):
        (KJS::Machine::cti_op_nstricteq):
        (KJS::Machine::cti_op_to_jsnumber):
        * VM/Machine.h:
        * VM/Register.h:
        (KJS::Register::jsValue):
        (KJS::Register::getJSValue):
        (KJS::Register::codeBlock):
        (KJS::Register::scopeChain):
        (KJS::Register::i):
        (KJS::Register::r):
        (KJS::Register::vPC):
        (KJS::Register::jsPropertyNameIterator):
        * VM/SamplingTool.cpp:
        (KJS::):
        (KJS::SamplingTool::run):
        (KJS::SamplingTool::dump):
        * VM/SamplingTool.h:
        * kjs/JSImmediate.h:
        (KJS::JSImmediate::zeroImmediate):
        (KJS::JSImmediate::oneImmediate):
        * kjs/JSValue.h:
        * kjs/JSVariableObject.h:
        (KJS::JSVariableObject::JSVariableObjectData::offsetOf_registers):
        (KJS::JSVariableObject::offsetOf_d):
        (KJS::JSVariableObject::offsetOf_Data_registers):
        * masm: Added.
        * masm/IA32MacroAsm.h: Added.
        (KJS::JITCodeBuffer::JITCodeBuffer):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::getEIP):
        (KJS::JITCodeBuffer::start):
        (KJS::JITCodeBuffer::getOffset):
        (KJS::JITCodeBuffer::reset):
        (KJS::JITCodeBuffer::copy):
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        (KJS::IA32MacroAssembler::emitModRm_rm):
        (KJS::IA32MacroAssembler::emitModRm_rmsib):
        (KJS::IA32MacroAssembler::emitModRm_opr):
        (KJS::IA32MacroAssembler::emitModRm_opm):
        (KJS::IA32MacroAssembler::IA32MacroAssembler):
        (KJS::IA32MacroAssembler::emitInt3):
        (KJS::IA32MacroAssembler::emitPushl_r):
        (KJS::IA32MacroAssembler::emitPopl_r):
        (KJS::IA32MacroAssembler::emitMovl_rr):
        (KJS::IA32MacroAssembler::emitAddl_rr):
        (KJS::IA32MacroAssembler::emitAddl_i8r):
        (KJS::IA32MacroAssembler::emitAddl_i32r):
        (KJS::IA32MacroAssembler::emitAddl_mr):
        (KJS::IA32MacroAssembler::emitAndl_rr):
        (KJS::IA32MacroAssembler::emitAndl_i32r):
        (KJS::IA32MacroAssembler::emitCmpl_i8r):
        (KJS::IA32MacroAssembler::emitCmpl_rr):
        (KJS::IA32MacroAssembler::emitCmpl_rm):
        (KJS::IA32MacroAssembler::emitCmpl_i32r):
        (KJS::IA32MacroAssembler::emitCmpw_rm):
        (KJS::IA32MacroAssembler::emitOrl_rr):
        (KJS::IA32MacroAssembler::emitOrl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_rr):
        (KJS::IA32MacroAssembler::emitSubl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_i32r):
        (KJS::IA32MacroAssembler::emitSubl_mr):
        (KJS::IA32MacroAssembler::emitTestl_i32r):
        (KJS::IA32MacroAssembler::emitTestl_rr):
        (KJS::IA32MacroAssembler::emitXorl_i8r):
        (KJS::IA32MacroAssembler::emitXorl_rr):
        (KJS::IA32MacroAssembler::emitSarl_i8r):
        (KJS::IA32MacroAssembler::emitSarl_CLr):
        (KJS::IA32MacroAssembler::emitShl_i8r):
        (KJS::IA32MacroAssembler::emitShll_CLr):
        (KJS::IA32MacroAssembler::emitMull_rr):
        (KJS::IA32MacroAssembler::emitIdivl_r):
        (KJS::IA32MacroAssembler::emitCdq):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovzwl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):
        (KJS::IA32MacroAssembler::emitMovl_i32r):
        (KJS::IA32MacroAssembler::emitMovl_i32m):
        (KJS::IA32MacroAssembler::emitLeal_mr):
        (KJS::IA32MacroAssembler::emitRet):
        (KJS::IA32MacroAssembler::JmpSrc::JmpSrc):
        (KJS::IA32MacroAssembler::JmpDst::JmpDst):
        (KJS::IA32MacroAssembler::emitCall):
        (KJS::IA32MacroAssembler::label):
        (KJS::IA32MacroAssembler::emitUnlinkedJmp):
        (KJS::IA32MacroAssembler::emitUnlinkedJne):
        (KJS::IA32MacroAssembler::emitUnlinkedJe):
        (KJS::IA32MacroAssembler::emitUnlinkedJl):
        (KJS::IA32MacroAssembler::emitUnlinkedJle):
        (KJS::IA32MacroAssembler::emitUnlinkedJge):
        (KJS::IA32MacroAssembler::emitUnlinkedJae):
        (KJS::IA32MacroAssembler::emitUnlinkedJo):
        (KJS::IA32MacroAssembler::emitPredictionNotTaken):
        (KJS::IA32MacroAssembler::link):
        (KJS::IA32MacroAssembler::copy):
        * wtf/Platform.h:

2008-08-26  Oliver Hunt  <oliver (a] apple.com>

        RS=Maciej.

        Enabled -fomit-frame-pointer on Release and Production builds, add additional Profiling build config for shark, etc.

        * JavaScriptCore.xcodeproj/project.pbxproj:

=== Start merge of squirrelfish-extreme ===

2008-09-06  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Fix the Mac Debug build by adding symbols that are exported only in a
        Debug configuration.

        * Configurations/JavaScriptCore.xcconfig:
        * DerivedSources.make:
        * JavaScriptCore.Debug.exp: Added.
        * JavaScriptCore.base.exp: Copied from JavaScriptCore.exp.
        * JavaScriptCore.exp: Removed.
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-09-05  Darin Adler  <darin (a] apple.com>

        Reviewed by Cameron Zwarich.

        - https://bugs.webkit.org/show_bug.cgi?id=20681
          JSPropertyNameIterator functions need to be inlined

        1.007x as fast on SunSpider overall
        1.081x as fast on SunSpider math-cordic

        * VM/JSPropertyNameIterator.cpp: Moved functions out of here.
        * VM/JSPropertyNameIterator.h:
        (KJS::JSPropertyNameIterator::JSPropertyNameIterator): Moved
        this into the header and marked it inline.
        (KJS::JSPropertyNameIterator::create): Ditto.
        (KJS::JSPropertyNameIterator::next): Ditto.

2008-09-05  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoffrey Garen.

        - fix https://bugs.webkit.org/show_bug.cgi?id=20673
          single-character strings are churning in the Identifier table

        1.007x as fast on SunSpider overall
        1.167x as fast on SunSpider string-fasta

        * JavaScriptCore.exp: Updated.
        * kjs/SmallStrings.cpp:
        (KJS::SmallStrings::singleCharacterStringRep): Added.
        * kjs/SmallStrings.h: Added singleCharacterStringRep for clients that
        need just a UString, not a JSString.
        * kjs/identifier.cpp:
        (KJS::Identifier::add): Added special cases for single character strings
        so that the UString::Rep that ends up in the identifier table is the one
        from the single-character string optimization; otherwise we end up having
        to look it up in the identifier table over and over again.
        (KJS::Identifier::addSlowCase): Ditto.
        (KJS::Identifier::checkSameIdentifierTable): Made this function an empty
        inline in release builds so that callers don't have to put #ifndef NDEBUG
        at each call site.
        * kjs/identifier.h:
        (KJS::Identifier::add): Removed #ifndef NDEBUG around the calls to
        checkSameIdentifierTable.
        (KJS::Identifier::checkSameIdentifierTable): Added. Empty inline version
        for NDEBUG builds.

2008-09-05  Mark Rowe  <mrowe (a] apple.com>

        Build fix.

        * kjs/JSObject.h: Move the inline virtual destructor after a non-inline
        virtual function so that the symbol for the vtable is not marked as a
        weakly exported symbol.

2008-09-05  Darin Adler  <darin (a] apple.com>

        Reviewed by Sam Weinig.

        - fix https://bugs.webkit.org/show_bug.cgi?id=20671
          JavaScriptCore string manipulation spends too much time in memcpy

        1.011x as fast on SunSpider overall
        1.028x as fast on SunSpider string tests

        For small strings, use a loop rather than calling memcpy. The loop can
        be faster because there's no function call overhead, and because it can
        assume the pointers are aligned instead of checking that. Currently the
        threshold is set at 20 characters, based on some testing on one particular
        computer. Later we can tune this for various platforms by setting
        USTRING_COPY_CHARS_INLINE_CUTOFF appropriately, but it does no great harm
        if not perfectly tuned.

        * kjs/ustring.cpp:
        (KJS::overflowIndicator): Removed bogus const.
        (KJS::maxUChars): Ditto.
        (KJS::copyChars): Added.
        (KJS::UString::Rep::createCopying): Call copyChars instead of memcpy.
        Also eliminated need for const_cast.
        (KJS::UString::expandPreCapacity): Ditto.
        (KJS::concatenate): Ditto.
        (KJS::UString::spliceSubstringsWithSeparators): Ditto.
        (KJS::UString::append): Ditto.

2008-09-05  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Sam and Alexey.

        Make the profiler work with a null exec state.  This will allow other
        applications start the profiler to get DTrace probes going without
        needing a WebView.

        * ChangeLog:
        * profiler/ProfileGenerator.cpp:
        (KJS::ProfileGenerator::ProfileGenerator):
        (KJS::ProfileGenerator::willExecute):
        (KJS::ProfileGenerator::didExecute):
        * profiler/Profiler.cpp:
        (KJS::Profiler::startProfiling):
        (KJS::Profiler::stopProfiling):
        (KJS::dispatchFunctionToProfiles):

2008-09-04  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoffrey Garen.
        
        Fixed an off-by-one error that would cause the StructureIDChain to
        be one object too short.
        
        Can't construct a test case because other factors make this not crash
        (yet!).

        * kjs/StructureID.cpp:
        (KJS::StructureIDChain::StructureIDChain):

2008-09-04  Kevin Ollivier  <kevino (a] theolliviers.com>

        wx build fixes.

        * JavaScriptCoreSources.bkl:

2008-09-04  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Eric Seidel.

        Fix https://bugs.webkit.org/show_bug.cgi?id=20639.
        Bug 20639: ENABLE_DASHBOARD_SUPPORT does not need to be a FEATURE_DEFINE

        * Configurations/JavaScriptCore.xcconfig: Remove ENABLE_DASHBOARD_SUPPORT from FEATURE_DEFINES.
        * wtf/Platform.h: Set ENABLE_DASHBOARD_SUPPORT for PLATFORM(MAC).

2008-09-04  Adele Peterson  <adele (a] apple.com>

        Build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2008-09-04  Mark Rowe  <mrowe (a] apple.com>

        Mac build fix.

        * kjs/config.h: Only check the value of HAVE_CONFIG_H if it is defined.

2008-09-04  Marco Barisione  <marco.barisione (a] collabora.co.uk>

        Reviewed by Eric Seidel.

        http://bugs.webkit.org/show_bug.cgi?id=20380
        [GTK][AUTOTOOLS] Include autotoolsconfig.h from config.h

        * kjs/config.h: Include the configuration header generated by
        autotools if available.

2008-09-04  Tor Arne Vestb  <tavestbo (a] trolltech.com>

        Reviewed by Simon.

        Fix the QtWebKit build to match changes in r36016

        * JavaScriptCore.pri:

2008-09-04  Mark Rowe  <mrowe (a] apple.com>

        Fix the 64-bit build.

        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::printStructureID): Store the instruction offset into an unsigned local
        to avoid a warning related to format specifiers.
        (KJS::CodeBlock::printStructureIDs): Ditto.

2008-09-04  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Oliver Hunt.

        Correct the spelling of 'entryIndices'.

        * kjs/PropertyMap.cpp:
        (KJS::PropertyMap::get):
        (KJS::PropertyMap::getLocation):
        (KJS::PropertyMap::put):
        (KJS::PropertyMap::insert):
        (KJS::PropertyMap::remove):
        (KJS::PropertyMap::checkConsistency):
        * kjs/PropertyMap.h:
        (KJS::PropertyMapHashTable::entries):
        (KJS::PropertyMap::getOffset):
        (KJS::PropertyMap::putOffset):
        (KJS::PropertyMap::offsetForTableLocation):

2008-09-03  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.
        
        Fixed <rdar://problem/6193925> REGRESSION: Crash occurs at
        KJS::Machine::privateExecute() when attempting to load my Mobile Gallery
        (http://www.me.com/gallery/#home)
        
        also
        
        https://bugs.webkit.org/show_bug.cgi?id=20633 Crash in privateExecute
        @ cs.byu.edu
        
        The underlying problem was that we would cache prototype properties
        even if the prototype was a dictionary.
        
        The fix is to transition a prototype back from dictionary to normal
        status when an opcode caches access to it. (This is better than just
        refusing to cache, since a heavily accessed prototype is almost
        certainly not a true dictionary.)

        * VM/Machine.cpp:
        (KJS::Machine::tryCacheGetByID):
        * kjs/JSObject.h:

2008-09-03  Eric Seidel  <eric (a] webkit.org>

        Reviewed by Sam.

        Clean up Platform.h and add PLATFORM(CHROMIUM), PLATFORM(SKIA) and USE(V8_BINDINGS)

        * Configurations/JavaScriptCore.xcconfig: add missing ENABLE_*
        * wtf/ASCIICType.h: include <wtf/Assertions.h> since it depends on it.
        * wtf/Platform.h:

2008-09-03  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Tim.

        Remove the rest of the "zombie" code from the profiler.
        - There is no longer a need for the ProfilerClient callback mechanism.

        * API/JSProfilerPrivate.cpp:
        (JSStartProfiling):
        * JavaScriptCore.exp:
        * profiler/HeavyProfile.h:
        * profiler/ProfileGenerator.cpp:
        (KJS::ProfileGenerator::create):
        (KJS::ProfileGenerator::ProfileGenerator):
        * profiler/ProfileGenerator.h:
        (KJS::ProfileGenerator::profileGroup):
        * profiler/Profiler.cpp:
        (KJS::Profiler::startProfiling):
        (KJS::Profiler::stopProfiling): Immediately return the profile when
        stopped instead of using a callback.
        * profiler/Profiler.h:
        * profiler/TreeProfile.h:

2008-09-03  Adele Peterson  <adele (a] apple.com>

        Build fix.

        * wtf/win/MainThreadWin.cpp:

2008-09-02  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Darin and Tim.

        Remove most of the "zombie" mode from the profiler.  Next we will need
        to remove the client callback mechanism in profiles.

        - This simplifies the code, leverages the recent changes I've made in
        getting line numbers from SquirrelFish, and is a slight speed
        improvement on SunSpider.
        - Also the "zombie" mode was a constant source of odd edge cases and
        obscure bugs so it's good to remove since all of its issues may not have
        been found.

        * API/JSProfilerPrivate.cpp: No need to call didFinishAllExecution() any
        more.
        (JSEndProfiling):
        * JavaScriptCore.exp: Export the new signature of retrieveLastCaller()
        * VM/Machine.cpp:
        (KJS::Machine::execute): No need to call didFinishAllExecution() any
        more.
        (KJS::Machine::retrieveCaller): Now operates on InternalFunctions now
        since the RegisterFile is no longer guaranteeded to store only
        JSFunctions
        (KJS::Machine::retrieveLastCaller): Now also retrieve the function's
        name
        (KJS::Machine::callFrame): A result of changing retrieveCaller()
        * VM/Machine.h:
        * VM/Register.h: 
        * kjs/JSGlobalObject.cpp:
        (KJS::JSGlobalObject::~JSGlobalObject):
        * kjs/nodes.h:
        * profiler/ProfileGenerator.cpp:
        (KJS::ProfileGenerator::create): Now pass the original exec and get the
        global exec and client when necessary.  We need the original exec so we
        can have the stack frame where profiling started.
        (KJS::ProfileGenerator::ProfileGenerator): ditto.
        (KJS::ProfileGenerator::addParentForConsoleStart): This is where the 
        parent to star of the profile is added, if there is one.
        (KJS::ProfileGenerator::willExecute): Remove uglyness!
        (KJS::ProfileGenerator::didExecute): Ditto!
        (KJS::ProfileGenerator::stopProfiling):
        (KJS::ProfileGenerator::removeProfileStart): Use a better way to find
        and remove the function we are looking for.
        (KJS::ProfileGenerator::removeProfileEnd): Ditto.
        * profiler/ProfileGenerator.h:
        (KJS::ProfileGenerator::client):
        * profiler/ProfileNode.cpp:
        (KJS::ProfileNode::removeChild): Add a better way to remove a child from
        a ProfileNode.
        (KJS::ProfileNode::stopProfiling):
        (KJS::ProfileNode::debugPrintData): Modified a debug-only diagnostic
        function to be sane.
        * profiler/ProfileNode.h:
        * profiler/Profiler.cpp: Change to pass the original exec state.
        (KJS::Profiler::startProfiling):
        (KJS::Profiler::stopProfiling):
        (KJS::Profiler::willExecute):
        (KJS::Profiler::didExecute):
        (KJS::Profiler::createCallIdentifier):
        * profiler/Profiler.h:

2008-09-01  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        Implement callOnMainThreadAndWait().

        This will be useful when a background thread needs to perform UI calls synchronously
        (e.g. an openDatabase() call cannot return until the user answers to a confirmation dialog).

        * wtf/MainThread.cpp:
        (WTF::FunctionWithContext::FunctionWithContext): Added a ThreadCondition member. When
        non-zero, the condition is signalled after the function is called.
        (WTF::mainThreadFunctionQueueMutex): Renamed from functionQueueMutex, sinc this is no longer
        static. Changed to be initialized from initializeThreading() to avoid lock contention.
        (WTF::initializeMainThread): On non-Windows platforms, just call mainThreadFunctionQueueMutex.
        (WTF::dispatchFunctionsFromMainThread): Signal synchronous calls when done.
        (WTF::callOnMainThread): Updated for functionQueueMutex rename.
        (WTF::callOnMainThreadAndWait):  Added.

        * wtf/MainThread.h: Added callOnMainThreadAndWait(); initializeMainThread() now exists on
        all platforms.

        * wtf/win/MainThreadWin.cpp: (WTF::initializeMainThread): Added a callOnMainThreadAndWait()
        call to initialize function queue mutex.

        * wtf/ThreadingGtk.cpp: (WTF::initializeThreading):
        * wtf/ThreadingPthreads.cpp: (WTF::initializeThreading):
        * wtf/ThreadingQt.cpp: (WTF::initializeThreading):
        Only initialize mainThreadIdentifier on non-Darwin platforms. It was not guaranteed to be
        accurate on Darwin.

2008-09-03  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.
        
        Use isUndefinedOrNull() instead of separate checks for each in op_eq_null
        and op_neq_null.

        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):

2008-09-02  Csaba Osztrogonac  <oszi (a] inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Bug 20296: OpcodeStats doesn't build on platforms which don't have mergesort().
        <https://bugs.webkit.org/show_bug.cgi?id=20296>

        * VM/Opcode.cpp:
        (KJS::OpcodeStats::~OpcodeStats): mergesort() replaced with qsort()

2008-09-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Fast path for array.length and string.length.
        
        SunSpider says 0.5% faster.

2008-09-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Anders Carlsson.
        
        Added optimized paths for comparing to null.
        
        SunSpider says 0.5% faster.

2008-09-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Changed jsDriver.pl to dump the exact text you would need in order to
        reproduce a test result. This enables a fast workflow where you copy
        and paste a test failure in the terminal.

        * tests/mozilla/jsDriver.pl:

2008-09-02  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.
        
        Implemented the rest of Darin's review comments for the 09-01 inline
        caching patch.
        
        SunSpider says 0.5% faster, but that seems like noise.

        * JavaScriptCore.xcodeproj/project.pbxproj: Put PutPropertySlot into
        its own file, and added BatchedTransitionOptimizer.

        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::~CodeBlock): Use array indexing instead of a pointer
        iterator.

        * VM/CodeGenerator.cpp:
        (KJS::CodeGenerator::CodeGenerator): Used BatchedTransitionOptimizer to
        make batched put and remove for declared variables fast, without forever
        pessimizing the global object. Removed the old getDirect/removeDirect hack
        that tried to do the same in a more limited way.

        * VM/CodeGenerator.h: Moved IdentifierRepHash to the KJS namespace since
        it doesn't specialize anything in WTF.

        * VM/Machine.cpp:
        (KJS::Machine::Machine): Nixed the DummyConstruct tag because it was
        confusingly named.

        (KJS::Machine::execute):  Used BatchedTransitionOptimizer, as above. Fixed
        up some comments.

        (KJS::cachePrototypeChain): Cast to JSObject*, since it's more specific.

        (KJS::Machine::tryCachePutByID): Use isNull() instead of comparing to
        jsNull(), since isNull() leaves more options open for the future.
        (KJS::Machine::tryCacheGetByID): ditto
        (KJS::Machine::privateExecute): ditto

        * VM/SamplingTool.cpp:
        (KJS::SamplingTool::dump): Use C++-style cast, to match our style
        guidelines.

        * kjs/BatchedTransitionOptimizer.h: Added. New class that allows host
        code to add a batch of properties to an object in an efficient way.

        * kjs/JSActivation.cpp: Use isNull(), as above.

        * kjs/JSArray.cpp: Get rid of DummyConstruct tag, as above.
        * kjs/JSArray.h:

        * kjs/JSGlobalData.cpp: Nixed two unused StructureIDs.
        * kjs/JSGlobalData.h:

        * kjs/JSImmediate.cpp: Use isNull(), as above.

        * kjs/JSObject.cpp:
        (KJS::JSObject::mark): Moved mark tracing code elsewhere, to make this
        function more readable.

        (KJS::JSObject::put): Use isNull(), as above.

        (KJS::JSObject::createInheritorID): Return a raw pointer, since the
        object is owned by a data member, not necessarily the caller.
        * kjs/JSObject.h:

        * kjs/JSString.cpp: Use isNull(), as above.

        * kjs/PropertyMap.h: Updated to use PropertySlot::invalidOffset.

        * kjs/PropertySlot.h: Changed KJS_INVALID_OFFSET to WTF::notFound
        because C macros are so 80's.

        * kjs/PutPropertySlot.h: Added. Split out of PropertySlot.h. Also renamed
        PutPropertySlot::SlotType to PutPropertySlot::Type, and slotBase to base,
        since "slot" was redundant.

        * kjs/StructureID.cpp: Added a new transition *away* from dictionary
        status, to support BatchedTransitionOptimizer.

        (KJS::StructureIDChain::StructureIDChain): No need to store m_size as
        a data member, so keep it in a local, which might be faster.
        * kjs/StructureID.h:

        * kjs/SymbolTable.h: Moved IdentifierRepHash to KJS namespace, as above.
        * kjs/ustring.h:

2008-09-02  Adam Roben  <aroben (a] apple.com>

        Windows build fixes

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Add
        StructureID.{cpp,h} to the project. Also let VS reorder this file.
        * VM/CodeBlock.cpp: Include StringExtras so that snprintf will be
        defined on Windows.

2008-09-01  Sam Weinig  <sam (a] webkit.org>

        Fix release build.

        * JavaScriptCore.exp:

2008-09-01  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Reviewed by Oliver Hunt.

        Gtk buildfix

        * GNUmakefile.am:
        * kjs/PropertyMap.cpp: rename Identifier.h to identifier.h
        * kjs/StructureID.cpp: include JSObject.h

2008-09-01  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Darin Adler.

        First cut at inline caching for access to vanilla JavaScript properties.
        
        SunSpider says 4% faster. Tests heavy on dictionary-like access have
        regressed a bit -- we have a lot of room to improve in this area,
        but this patch is over-ripe as-is.
        
        JSCells now have a StructureID that uniquely identifies their layout,
        and holds their prototype.
        
        JSValue::put takes a PropertySlot& argument, so it can fill in details
        about where it put a value, for the sake of caching.

        * VM/CodeGenerator.cpp:
        (KJS::CodeGenerator::CodeGenerator): Avoid calling removeDirect if we
        can, since it disables inline caching in the global object. This can
        probably improve in the future.

        * kjs/JSGlobalObject.cpp: Nixed reset(), since it complicates caching, and
        wasn't really necessary.

        * kjs/JSObject.cpp: Tweaked getter / setter behavior not to rely on the
        IsGetterSetter flag, since the flag was buggy. This is necessary in order
        to avoid accidentally accessing a getter / setter as a normal property.
        
        Also changed getter / setter creation to honor ReadOnly, matching Mozilla.
        
        * kjs/PropertyMap.cpp: Nixed clear(), since it complicates caching and
        isn't necessary.

        * kjs/Shell.cpp: Moved SamplingTool dumping outside the loop. This allows
        you to aggregate sampling of multiple files (or the same file repeatedly),
        which helped me track down regressions.

        * kjs/ustring.h: Moved IdentifierRepHash here to share it.

2008-09-01  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Sam Weinig.

        Eagerly allocate the Math object's numeric constants. This avoids
        constantly reallocating them in loops, and also ensures that the Math
        object will not use the single property optimization, which makes
        properties ineligible for caching.

        SunSpider reports a small speedup, in combination with inline caching.

        * kjs/MathObject.cpp:
        (KJS::MathObject::MathObject):
        (KJS::MathObject::getOwnPropertySlot):
        * kjs/MathObject.h:

2008-09-01  Jan Michael Alonzo  <jmalonzo (a] webkit.org>

        Gtk build fix, not reviewed.

        * GNUmakefile.am: Add SmallStrings.cpp in both release and debug builds

2008-08-31  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20577: REGRESSION (r36006): Gmail is broken
        <https://bugs.webkit.org/show_bug.cgi?id=20577>

        r36006 changed stringProtoFuncSubstr() so that it is uses the more
        efficient jsSubstring(), rather than using UString::substr() and then
        calling jsString(). However, the change did not account for the case
        where the start and the length of the substring extend beyond the length
        of the original string. This patch corrects that.

        * kjs/StringPrototype.cpp:
        (KJS::stringProtoFuncSubstr):

2008-08-31  Simon Hausmann  <hausmann (a] wekit.org>

        Unreviewed build fix (with gcc 4.3)

        * kjs/ustring.h: Properly forward declare operator== for UString and
        the the concatenate functions inside the KJS namespace.

2008-08-30  Darin Adler  <darin (a] apple.com>

        Reviewed by Maciej.

        - https://bugs.webkit.org/show_bug.cgi?id=20333
          improve JavaScript speed when handling single-character strings

        1.035x as fast on SunSpider overall.
        1.127x as fast on SunSpider string tests.
        1.910x as fast on SunSpider string-base64 test.

        * API/JSObjectRef.cpp:
        (JSObjectMakeFunction): Removed unneeded explicit construction of UString.

        * GNUmakefile.am: Added SmallStrings.h and SmallStrings.cpp.
        * JavaScriptCore.pri: Ditto.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        Ditto.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
        * JavaScriptCoreSources.bkl: Ditto.

        * JavaScriptCore.exp: Updated.

        * VM/Machine.cpp:
        (KJS::jsAddSlowCase): Changed to use a code path that doesn't involve
        a UString constructor. This avoids an extra jump caused by the "in charge"
        vs. "not in charge" constructors.
        (KJS::jsAdd): Ditto.
        (KJS::jsTypeStringForValue): Adopted jsNontrivialString.

        * kjs/ArrayPrototype.cpp:
        (KJS::arrayProtoFuncToString): Adopted jsEmptyString.
        (KJS::arrayProtoFuncToLocaleString): Ditto.
        (KJS::arrayProtoFuncJoin): Ditto.
        * kjs/BooleanPrototype.cpp:
        (KJS::booleanProtoFuncToString): Adopted jsNontrivialString.
        * kjs/DateConstructor.cpp:
        (KJS::callDate): Ditto.
        * kjs/DatePrototype.cpp:
        (KJS::formatLocaleDate): Adopted jsEmptyString and jsNontrivialString.
        (KJS::dateProtoFuncToString): Ditto.
        (KJS::dateProtoFuncToUTCString): Ditto.
        (KJS::dateProtoFuncToDateString): Ditto.
        (KJS::dateProtoFuncToTimeString): Ditto.
        (KJS::dateProtoFuncToLocaleString): Ditto.
        (KJS::dateProtoFuncToLocaleDateString): Ditto.
        (KJS::dateProtoFuncToLocaleTimeString): Ditto.
        (KJS::dateProtoFuncToGMTString): Ditto.

        * kjs/ErrorPrototype.cpp:
        (KJS::ErrorPrototype::ErrorPrototype): Ditto.
        (KJS::errorProtoFuncToString): Ditto.

        * kjs/JSGlobalData.h: Added SmallStrings.

        * kjs/JSString.cpp:
        (KJS::jsString): Eliminated the overload that takes a const char*.
        Added code to use SmallStrings to get strings of small sizes rather
        than creating a new JSString every time.
        (KJS::jsSubstring): Added. Used when creating a string from a substring
        to avoid creating a JSString in cases where the substring will end up
        empty or as one character.
        (KJS::jsOwnedString): Added the same code as in jsString.

        * kjs/JSString.h: Added new functions jsEmptyString, jsSingleCharacterString,
        jsSingleCharacterSubstring, jsSubstring, and jsNontrivialString for various
        cases where we want to create JSString, and want special handling for small
        strings.
        (KJS::JSString::JSString): Added an overload that takes a PassRefPtr of
        a UString::Rep so you don't have to construct a UString; PassRefPtr can be
        more efficient.
        (KJS::jsEmptyString): Added.
        (KJS::jsSingleCharacterString): Added.
        (KJS::jsSingleCharacterSubstring): Added.
        (KJS::jsNontrivialString): Added.
        (KJS::JSString::getIndex): Adopted jsSingleCharacterSubstring.
        (KJS::JSString::getStringPropertySlot): Ditto.

        * kjs/NumberPrototype.cpp:
        (KJS::numberProtoFuncToFixed): Adopted jsNontrivialString.
        (KJS::numberProtoFuncToExponential): Ditto.
        (KJS::numberProtoFuncToPrecision): Ditto.

        * kjs/ObjectPrototype.cpp:
        (KJS::objectProtoFuncToLocaleString): Adopted toThisJSString.
        (KJS::objectProtoFuncToString): Adopted jsNontrivialString.

        * kjs/RegExpConstructor.cpp: Separated the lastInput value that's used
        with the lastOvector to return matches from the input value that can be
        changed via JavaScript. They will be equal in many cases, but not all.
        (KJS::RegExpConstructor::performMatch): Set input.
        (KJS::RegExpMatchesArray::RegExpMatchesArray): Ditto.
        (KJS::RegExpMatchesArray::fillArrayInstance): Adopted jsSubstring. Also,
        use input rather than lastInput in the appropriate place.
        (KJS::RegExpConstructor::getBackref): Adopted jsSubstring and jsEmptyString.
        Added code to handle the case where there is no backref -- before this
        depended on range checking in UString::substr which is not present in
        jsSubstring.
        (KJS::RegExpConstructor::getLastParen): Ditto.
        (KJS::RegExpConstructor::getLeftContext): Ditto.
        (KJS::RegExpConstructor::getRightContext): Ditto.
        (KJS::RegExpConstructor::getValueProperty): Use input rather than lastInput.
        Also adopt jsEmptyString.
        (KJS::RegExpConstructor::putValueProperty): Ditto.
        (KJS::RegExpConstructor::input): Ditto.

        * kjs/RegExpPrototype.cpp:
        (KJS::regExpProtoFuncToString): Adopt jsNonTrivialString. Also changed to
        use UString::append to append single characters rather than using += and
        a C-style string.

        * kjs/SmallStrings.cpp: Added.
        (KJS::SmallStringsStorage::SmallStringsStorage): Construct the
        buffer and UString::Rep for all 256 single-character strings for
        the U+0000 through U+00FF. This covers all the values used in
        the base64 test as well as most values seen elsewhere on the web
        as well. It's possible that later we might fix this to only work
        for U+0000 through U+007F but the others are used quite a bit in
        the current version of the base64 test.
        (KJS::SmallStringsStorage::~SmallStringsStorage): Free memory.
        (KJS::SmallStrings::SmallStrings): Create a set of small strings,
        initially not created; created later when they are used.
        (KJS::SmallStrings::~SmallStrings): Deallocate. Not left compiler
        generated because the SmallStringsStorage class's destructor needs
        to be visible.
        (KJS::SmallStrings::mark): Mark all the strings.
        (KJS::SmallStrings::createEmptyString): Create a cell for the
        empty string. Called only the first time.
        (KJS::SmallStrings::createSingleCharacterString): Create a cell
        for one of the single-character strings. Called only the first time.
        * kjs/SmallStrings.h: Added.

        * kjs/StringConstructor.cpp:
        (KJS::stringFromCharCodeSlowCase): Factored out of strinFromCharCode.
        Only used for cases where the caller does not pass exactly one argument.
        (KJS::stringFromCharCode): Adopted jsSingleCharacterString.
        (KJS::callStringConstructor): Adopted jsEmptyString.

        * kjs/StringObject.cpp:
        (KJS::StringObject::StringObject): Adopted jsEmptyString.

        * kjs/StringPrototype.cpp:
        (KJS::stringProtoFuncReplace): Adopted jsSubstring.
        (KJS::stringProtoFuncCharAt): Adopted jsEmptyString and
        jsSingleCharacterSubstring and also added a special case when the
        index is an immediate number to avoid conversion to and from floating
        point, since that's the common case.
        (KJS::stringProtoFuncCharCodeAt): Ditto.
        (KJS::stringProtoFuncMatch): Adopted jsSubstring and jsEmptyString.
        (KJS::stringProtoFuncSlice): Adopted jsSubstring and
        jsSingleCharacterSubstring. Also got rid of some unneeded locals and
        removed unneeded code to set the length property of the array, since it
        is automatically updated as values are added to the array.
        (KJS::stringProtoFuncSplit): Adopted jsEmptyString.
        (KJS::stringProtoFuncSubstr): Adopted jsSubstring.
        (KJS::stringProtoFuncSubstring): Ditto.

        * kjs/collector.cpp:
        (KJS::Heap::collect): Added a call to mark SmallStrings.

        * kjs/ustring.cpp:
        (KJS::UString::expandedSize): Made this a static member function since
        it doesn't need to look at any data members.
        (KJS::UString::expandCapacity): Use a non-inline function, makeNull, to
        set the rep to null in failure cases. This avoids adding a PIC branch for
        the normal case when there is no failure.
        (KJS::UString::expandPreCapacity): Ditto.
        (KJS::UString::UString): Ditto.
        (KJS::concatenate): Refactored the concatenation constructor into this
        separate function. Calling the concatenation constructor was leading to
        an extra branch because of the in-charge vs. not-in-charge versions not
        both being inlined, and this was showing up as nearly 1% on Shark. Also
        added a special case for when the second string is a single character,
        since it's a common idiom to build up a string that way and we can do
        things much more quickly, without involving memcpy for example. Also
        adopted the non-inline function, nullRep, for the same reason given for
        makeNull above.
        (KJS::UString::append): Adopted makeNull for failure cases.
        (KJS::UString::operator=): Ditto.
        (KJS::UString::toDouble): Added a special case for converting single
        character strings to numbers. We're doing this a ton of times while
        running the base64 test.
        (KJS::operator==): Added special cases so we can compare single-character
        strings without calling memcmp. Later we might want to special case other
        short lengths similarly.
        (KJS::UString::makeNull): Added.
        (KJS::UString::nullRep): Added.
        * kjs/ustring.h: Added declarations for the nullRep and makeNull. Changed
        expandedSize to be a static member function. Added a declaration of the
        concatenate function. Removed the concatenation constructor. Rewrote
        operator+ to use the concatenate function.

2008-08-29  Anders Carlsson  <andersca (a] apple.com>

        Build fix.

        * VM/Machine.cpp:
        (KJS::getCPUTime):

2008-08-29  Anders Carlsson  <andersca (a] apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6174667> 
        When a machine is under heavy load, the Slow Script dialog often comes up many times and just gets in the way
        
        Instead of using clock time, use the CPU time spent executing the current thread when
        determining if the script has been running for too long.
        
        * VM/Machine.cpp:
        (KJS::getCPUTime):
        (KJS::Machine::checkTimeout):

2008-08-28  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Sam Weinig.

        Change 'term' to 'expr' in variable names to standardize terminology.

        * kjs/nodes.cpp:
        (KJS::BinaryOpNode::emitCode):
        (KJS::ReverseBinaryOpNode::emitCode):
        (KJS::ThrowableBinaryOpNode::emitCode):
        * kjs/nodes.h:
        (KJS::BinaryOpNode::BinaryOpNode):
        (KJS::ReverseBinaryOpNode::ReverseBinaryOpNode):
        (KJS::MultNode::):
        (KJS::DivNode::):
        (KJS::ModNode::):
        (KJS::AddNode::):
        (KJS::SubNode::):
        (KJS::LeftShiftNode::):
        (KJS::RightShiftNode::):
        (KJS::UnsignedRightShiftNode::):
        (KJS::LessNode::):
        (KJS::GreaterNode::):
        (KJS::LessEqNode::):
        (KJS::GreaterEqNode::):
        (KJS::ThrowableBinaryOpNode::):
        (KJS::InstanceOfNode::):
        (KJS::InNode::):
        (KJS::EqualNode::):
        (KJS::NotEqualNode::):
        (KJS::StrictEqualNode::):
        (KJS::NotStrictEqualNode::):
        (KJS::BitAndNode::):
        (KJS::BitOrNode::):
        (KJS::BitXOrNode::):
        * kjs/nodes2string.cpp:
        (KJS::MultNode::streamTo):
        (KJS::DivNode::streamTo):
        (KJS::ModNode::streamTo):
        (KJS::AddNode::streamTo):
        (KJS::SubNode::streamTo):
        (KJS::LeftShiftNode::streamTo):
        (KJS::RightShiftNode::streamTo):
        (KJS::UnsignedRightShiftNode::streamTo):
        (KJS::LessNode::streamTo):
        (KJS::GreaterNode::streamTo):
        (KJS::LessEqNode::streamTo):
        (KJS::GreaterEqNode::streamTo):
        (KJS::InstanceOfNode::streamTo):
        (KJS::InNode::streamTo):
        (KJS::EqualNode::streamTo):
        (KJS::NotEqualNode::streamTo):
        (KJS::StrictEqualNode::streamTo):
        (KJS::NotStrictEqualNode::streamTo):
        (KJS::BitAndNode::streamTo):
        (KJS::BitXOrNode::streamTo):
        (KJS::BitOrNode::streamTo):

2008-08-28  Alp Toker  <alp (a] nuanti.com>

        GTK+ dist/build fix. List newly added header files.

        * GNUmakefile.am:

2008-08-28  Sam Weinig  <sam (a] webkit.org>

        Reviewed by Oliver Hunt.

        Change to throw a ReferenceError at runtime instead of a ParseError
        at parse time, when the left hand side expression of a for-in statement
        is not an lvalue.

        * kjs/grammar.y:
        * kjs/nodes.cpp:
        (KJS::ForInNode::emitCode):

2008-08-28  Alexey Proskuryakov  <ap (a] webkit.org>

        Not reviewed, build fix (at least for OpenBSD, posssibly more).

        https://bugs.webkit.org/show_bug.cgi?id=20545
        missing #include <unistd.h> in JavaScriptCore/VM/SamplingTool.cpp

        * VM/SamplingTool.cpp: add the missing include.

2008-08-26  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Geoff and Cameron.

        <rdar://problem/6174603> Hitting assertion in Register::codeBlock when
        loading facebook (20516).

        - This was a result of my line numbers change.  After a host function is
        called the stack does not get reset correctly.
        - Oddly this also appears to be a slight speedup on SunSpider.

        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):

2008-08-26  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Geoff and Tim.

        Export new API methods.

        * JavaScriptCore.exp:

2008-08-25  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Geoff, Tim and Mark.

        <rdar://problem/6150623> JSProfiler: It would be nice if the profiles
        in the console said what file and line number they came from
        - Lay the foundation for getting line numbers and other data from the
        JavaScript engine.  With the cleanup in kjs/ExecState this is actually
        a slight performance improvement.

        * JavaScriptCore.exp: Export retrieveLastCaller() for WebCore.
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/Machine.cpp: Now Host and JS functions set a call frame on the
        exec state, so this and the profiler code were pulled out of the
        branches.
        (KJS::Machine::privateExecute):
        (KJS::Machine::retrieveLastCaller): This get's the lineNumber, sourceID
        and sourceURL for the previously called function.
        * VM/Machine.h:
        * kjs/ExecState.cpp: Remove references to JSFunction since it's not used
        anywhere.
        * kjs/ExecState.h:

2008-08-25  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Darin Adler.

        Ensure that JSGlobalContextRelease() performs garbage collection, even if there are other
        contexts in the current context's group.

        This is only really necessary when the last reference is released, but there is no way to
        determine that, and no harm in collecting slightly more often.

        * API/JSContextRef.cpp: (JSGlobalContextRelease): Explicitly collect the heap if it is not
        being destroyed.

2008-08-24  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20093: JSC shell does not clear exceptions after it executes toString on an expression
        <https://bugs.webkit.org/show_bug.cgi?id=20093>

        Clear exceptions after evaluating any code in the JSC shell. We do not
        report exceptions that are caused by calling toString on the final
        valued, but at least we avoid incorrect behaviour.

        Also, print any exceptions that occurred while evaluating code at the
        interactive prompt, not just while evaluating code from a file.

        * kjs/Shell.cpp:
        (runWithScripts):
        (runInteractive):

2008-08-24  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver.

        Remove an unnecessary RefPtr to a RegisterID.

        * kjs/nodes.cpp:
        (KJS::DeleteBracketNode::emitCode):

2008-08-24  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        Use the correct version number for when JSGlobalContextCreate was introduced.

        * API/JSContextRef.h:

2008-08-23  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Rubber-stamped by Mark Rowe.

        Remove modelines.

        * API/APICast.h:
        * API/JSBase.cpp:
        * API/JSCallbackConstructor.cpp:
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.cpp:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        * API/JSClassRef.cpp:
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        * API/JSProfilerPrivate.cpp:
        * API/JSStringRef.cpp:
        * API/JSStringRefBSTR.cpp:
        * API/JSStringRefCF.cpp:
        * API/JSValueRef.cpp:
        * API/tests/JSNode.c:
        * API/tests/JSNode.h:
        * API/tests/JSNodeList.c:
        * API/tests/JSNodeList.h:
        * API/tests/Node.c:
        * API/tests/Node.h:
        * API/tests/NodeList.c:
        * API/tests/NodeList.h:
        * API/tests/minidom.c:
        * API/tests/minidom.js:
        * API/tests/testapi.c:
        * API/tests/testapi.js:
        * JavaScriptCore.pro:
        * kjs/FunctionConstructor.h:
        * kjs/FunctionPrototype.h:
        * kjs/JSArray.h:
        * kjs/JSString.h:
        * kjs/JSWrapperObject.cpp:
        * kjs/NumberConstructor.h:
        * kjs/NumberObject.h:
        * kjs/NumberPrototype.h:
        * kjs/lexer.h:
        * kjs/lookup.h:
        * wtf/Assertions.cpp:
        * wtf/Assertions.h:
        * wtf/HashCountedSet.h:
        * wtf/HashFunctions.h:
        * wtf/HashIterators.h:
        * wtf/HashMap.h:
        * wtf/HashSet.h:
        * wtf/HashTable.h:
        * wtf/HashTraits.h:
        * wtf/ListHashSet.h:
        * wtf/ListRefPtr.h:
        * wtf/Noncopyable.h:
        * wtf/OwnArrayPtr.h:
        * wtf/OwnPtr.h:
        * wtf/PassRefPtr.h:
        * wtf/Platform.h:
        * wtf/RefPtr.h:
        * wtf/RefPtrHashMap.h:
        * wtf/RetainPtr.h:
        * wtf/UnusedParam.h:
        * wtf/Vector.h:
        * wtf/VectorTraits.h:
        * wtf/unicode/Unicode.h:
        * wtf/unicode/icu/UnicodeIcu.h:

2008-08-22  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Oliver.

        Some cleanup to match our coding style.

        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        * kjs/ExecState.cpp:
        * kjs/ExecState.h:
        * kjs/completion.h:
        * kjs/identifier.cpp:
        (KJS::Identifier::equal):
        (KJS::CStringTranslator::hash):
        (KJS::CStringTranslator::equal):
        (KJS::CStringTranslator::translate):
        (KJS::UCharBufferTranslator::equal):
        (KJS::UCharBufferTranslator::translate):
        (KJS::Identifier::remove):
        * kjs/operations.h:

2008-08-20  Alexey Proskuryakov  <ap (a] webkit.org>

        Windows build fix.

        * API/WebKitAvailability.h: Define DEPRECATED_ATTRIBUTE.

2008-08-19  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Geoff Garen.

        Bring back shared JSGlobalData and implicit locking, because too many clients rely on it.

        * kjs/JSGlobalData.cpp:
        (KJS::JSGlobalData::~JSGlobalData):
        (KJS::JSGlobalData::JSGlobalData): Re-add shared instance.
        (KJS::JSGlobalData::sharedInstanceExists): Ditto.
        (KJS::JSGlobalData::sharedInstance): Ditto.
        (KJS::JSGlobalData::sharedInstanceInternal): Ditto.

        * API/JSContextRef.h: Deprecated JSGlobalContextCreate(). Added a very conservative
        description of its threading model (nothing is allowed).

        * API/JSContextRef.cpp:
        (JSGlobalContextCreate): Use shared JSGlobalData.
        (JSGlobalContextCreateInGroup): Support passing NULL group to request a unique one.
        (JSGlobalContextRetain): Added back locking.
        (JSGlobalContextRelease): Ditto.
        (JSContextGetGlobalObject): Ditto.

        * API/tests/minidom.c: (main):
        * API/tests/testapi.c: (main):
        Switched to JSGlobalContextCreateInGroup() to avoid deprecation warnings.

        * JavaScriptCore.exp: Re-added JSLock methods. Added JSGlobalContextCreateInGroup (d'oh!).

        * API/JSBase.cpp:
        (JSEvaluateScript):
        (JSCheckScriptSyntax):
        (JSGarbageCollect):
        * API/JSCallbackConstructor.cpp:
        (KJS::constructJSCallback):
        * API/JSCallbackFunction.cpp:
        (KJS::JSCallbackFunction::call):
        * API/JSCallbackObjectFunctions.h:
        (KJS::::init):
        (KJS::::getOwnPropertySlot):
        (KJS::::put):
        (KJS::::deleteProperty):
        (KJS::::construct):
        (KJS::::hasInstance):
        (KJS::::call):
        (KJS::::getPropertyNames):
        (KJS::::toNumber):
        (KJS::::toString):
        (KJS::::staticValueGetter):
        (KJS::::callbackGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMake):
        (JSObjectMakeFunctionWithCallback):
        (JSObjectMakeConstructor):
        (JSObjectMakeFunction):
        (JSObjectHasProperty):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectGetPropertyAtIndex):
        (JSObjectSetPropertyAtIndex):
        (JSObjectDeleteProperty):
        (JSObjectCallAsFunction):
        (JSObjectCallAsConstructor):
        (JSObjectCopyPropertyNames):
        (JSPropertyNameArrayRelease):
        (JSPropertyNameAccumulatorAddName):
        * API/JSValueRef.cpp:
        (JSValueIsEqual):
        (JSValueIsInstanceOfConstructor):
        (JSValueMakeNumber):
        (JSValueMakeString):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        (JSValueProtect):
        (JSValueUnprotect):
        * ForwardingHeaders/JavaScriptCore/JSLock.h: Added.
        * GNUmakefile.am:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        * kjs/AllInOneFile.cpp:
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.cpp:
        (KJS::JSGlobalObject::~JSGlobalObject):
        (KJS::JSGlobalObject::init):
        * kjs/JSLock.cpp: Added.
        (KJS::createJSLockCount):
        (KJS::JSLock::lockCount):
        (KJS::setLockCount):
        (KJS::JSLock::JSLock):
        (KJS::JSLock::lock):
        (KJS::JSLock::unlock):
        (KJS::JSLock::currentThreadIsHoldingLock):
        (KJS::JSLock::DropAllLocks::DropAllLocks):
        (KJS::JSLock::DropAllLocks::~DropAllLocks):
        * kjs/JSLock.h: Added.
        (KJS::JSLock::JSLock):
        (KJS::JSLock::~JSLock):
        * kjs/Shell.cpp:
        (functionGC):
        (jscmain):
        * kjs/collector.cpp:
        (KJS::Heap::~Heap):
        (KJS::Heap::heapAllocate):
        (KJS::Heap::setGCProtectNeedsLocking):
        (KJS::Heap::protect):
        (KJS::Heap::unprotect):
        (KJS::Heap::collect):
        * kjs/identifier.cpp:
        * kjs/interpreter.cpp:
        (KJS::Interpreter::checkSyntax):
        (KJS::Interpreter::evaluate):
        Re-added implicit locking.

2008-08-19  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Tim and Mark.

        Implement DTrace hooks for dashcode and instruments.

        * API/JSProfilerPrivate.cpp: Added. Expose SPI so that profiling can be
        turned on from a client.  The DTrace probes were added within the
        profiler mechanism for performance reasons so the profiler must be
        started to enable tracing.
        (JSStartProfiling):
        (JSEndProfiling):
        * API/JSProfilerPrivate.h: Added. Ditto.
        * JavaScriptCore.exp: Exposing the start/stop methods to clients.
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/Tracing.d: Define the DTrace probes.
        * kjs/Tracing.h: Ditto.
        * profiler/ProfileGenerator.cpp: Implement the DTrace probes in the
        profiler.
        (KJS::ProfileGenerator::willExecute):
        (KJS::ProfileGenerator::didExecute):

2008-08-19  Steve Falkenburg  <sfalken (a] apple.com>

        Build fix.
        
        * kjs/operations.cpp:
        (KJS::equal):

2008-08-18  Timothy Hatcher  <timothy (a] apple.com>

        Fix an assertion when generating a heavy profile because the
        empty value and deleted value of CallIdentifier where equal.

        https://bugs.webkit.org/show_bug.cgi?id=20439

        Reviewed by Dan Bernstein.

        * profiler/CallIdentifier.h: Make the emptyValue for CallIdentifier
        use empty strings for URL and function name.

2008-08-12  Darin Adler  <darin (a] apple.com>

        Reviewed by Geoff.

        - eliminate JSValue::type()

        This will make it slightly easier to change the JSImmediate design without
        having to touch so many call sites.

        SunSpider says this change is a wash (looked like a slight speedup, but not
        statistically significant).

        * API/JSStringRef.cpp: Removed include of JSType.h.
        * API/JSValueRef.cpp: Removed include of JSType.h.
        (JSValueGetType): Replaced use of JSValue::type() with
        JSValue::is functions.

        * JavaScriptCore.exp: Updated.

        * VM/JSPropertyNameIterator.cpp: Removed type() implementation.
        (KJS::JSPropertyNameIterator::toPrimitive): Changed to take
        PreferredPrimitiveType argument instead of JSType.
        * VM/JSPropertyNameIterator.h: Ditto.

        * VM/Machine.cpp:
        (KJS::fastIsNumber): Updated for name change.
        (KJS::fastToInt32): Ditto.
        (KJS::fastToUInt32): Ditto.
        (KJS::jsAddSlowCase): Updated toPrimitive caller for change from
        JSType to PreferredPrimitiveType.
        (KJS::jsAdd): Replaced calls to JSValue::type() with calls to
        JSValue::isString().
        (KJS::jsTypeStringForValue): Replaced calls to JSValue::type()
        with multiple calls to JSValue::is -- we could make this a
        virtual function instead if we want to have faster performance.
        (KJS::Machine::privateExecute): Renamed JSImmediate::toTruncatedUInt32
        to JSImmediate::getTruncatedUInt32 for consistency with other functions.
        Changed two calls of JSValue::type() to JSValue::isString().

        * kjs/GetterSetter.cpp:
        (KJS::GetterSetter::toPrimitive): Changed to take
        PreferredPrimitiveType argument instead of JSType.
        (KJS::GetterSetter::isGetterSetter): Added.
        * kjs/GetterSetter.h:

        * kjs/JSCell.cpp:
        (KJS::JSCell::isString): Added.
        (KJS::JSCell::isGetterSetter): Added.
        (KJS::JSCell::isObject): Added.

        * kjs/JSCell.h: Eliminated type function. Added isGetterSetter.
        Made isString and isObject virtual. Changed toPrimitive to take
        PreferredPrimitiveType argument instead of JSType.
        (KJS::JSCell::isNumber): Use Heap::isNumber for faster performance.
        (KJS::JSValue::isGetterSetter): Added.
        (KJS::JSValue::toPrimitive): Changed to take
        PreferredPrimitiveType argument instead of JSType.

        * kjs/JSImmediate.h: Removed JSValue::type() and replaced
        JSValue::toTruncatedUInt32 with JSValue::getTruncatedUInt32.
        (KJS::JSImmediate::isEitherImmediate): Added.

        * kjs/JSNotAnObject.cpp:
        (KJS::JSNotAnObject::toPrimitive): Changed to take
        PreferredPrimitiveType argument instead of JSType.
        * kjs/JSNotAnObject.h: Ditto.
        * kjs/JSNumberCell.cpp:
        (KJS::JSNumberCell::toPrimitive): Ditto.
        * kjs/JSNumberCell.h:
        (KJS::JSNumberCell::toInt32): Renamed from fastToInt32. There's no
        other "slow" version of this once you have a JSNumberCell, so there's
        no need for "fast" in the name. It's a feature that this hides the
        base class toInt32, which does the same job less efficiently (and has
        an additional ExecState argument).
        (KJS::JSNumberCell::toUInt32): Ditto.

        * kjs/JSObject.cpp:
        (KJS::callDefaultValueFunction): Use isGetterSetter instead of type.
        (KJS::JSObject::getPrimitiveNumber): Use PreferredPrimitiveType.
        (KJS::JSObject::defaultValue): Ditto.
        (KJS::JSObject::defineGetter): Use isGetterSetter.
        (KJS::JSObject::defineSetter): Ditto.
        (KJS::JSObject::lookupGetter): Ditto.
        (KJS::JSObject::lookupSetter): Ditto.
        (KJS::JSObject::toNumber): Use PreferredPrimitiveType.
        (KJS::JSObject::toString): Ditto.
        (KJS::JSObject::isObject): Added.

        * kjs/JSObject.h:
        (KJS::JSObject::inherits): Call the isObject from JSCell; it's now
        hidden by our override of isObject.
        (KJS::JSObject::getOwnPropertySlotForWrite): Use isGetterSetter
        instead of type.
        (KJS::JSObject::getOwnPropertySlot): Ditto.
        (KJS::JSObject::toPrimitive): Use PreferredPrimitiveType.

        * kjs/JSString.cpp:
        (KJS::JSString::toPrimitive): Use PreferredPrimitiveType.
        (KJS::JSString::isString): Added.
        * kjs/JSString.h: Ditto.

        * kjs/JSValue.h: Removed type(), added isGetterSetter(). Added
        PreferredPrimitiveType enum and used it as the argument for the
        toPrimitive function.
        (KJS::JSValue::getBoolean): Simplified a bit an removed a branch.

        * kjs/collector.cpp:
        (KJS::typeName): Changed to use JSCell::is functions instead of
        calling JSCell::type.

        * kjs/collector.h:
        (KJS::Heap::isNumber): Renamed from fastIsNumber.

        * kjs/nodes.h: Added now-needed include of JSType, since the type
        is used here to record types of values in the tree.

        * kjs/operations.cpp:
        (KJS::equal): Rewrote to no longer depend on type().
        (KJS::strictEqual): Ditto.

2008-08-18  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Tim.

        If there are no nodes in a profile all the time should be attributed to
        (idle)

        * profiler/Profile.cpp: If ther are no nodes make sure we still process
        the head.
        (KJS::Profile::forEach):
        * profiler/ProfileGenerator.cpp: Remove some useless code.
        (KJS::ProfileGenerator::stopProfiling):

2008-08-18  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Maciej.

        Make JSGlobalContextRetain/Release actually work.

        * API/JSContextRef.cpp:
        (JSGlobalContextRetain):
        (JSGlobalContextRelease):
        Ref/deref global data to give checking for globalData.refCount() some sense.

        * API/tests/testapi.c: (main): Added a test for this bug.

        * kjs/JSGlobalData.cpp:
        (KJS::JSGlobalData::~JSGlobalData):
        While checking for memory leaks, found that JSGlobalData::emptyList has changed to
        a pointer, but it was not destructed, causing a huge leak in run-webkit-tests --threaded.

2008-08-17  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej.

        Change the counting of constants so that preincrement and predecrement of
        const local variables are considered unexpected loads.

        * kjs/nodes.cpp:
        (KJS::PrefixResolveNode::emitCode):
        * kjs/nodes.h:
        (KJS::ScopeNode::neededConstants):

2008-08-17  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Cameron Zwarich.

        <rdar://problem/6150322> In Gmail, a crash occurs at KJS::Machine::privateExecute() when applying list styling to text after a quote had been removed
        <https://bugs.webkit.org/show_bug.cgi?id=20386>

        This crash was caused by "depth()" incorrectly determining the scope depth 
        of a 0 depth function without a full scope chain.  Because such a function
        would not have an activation the depth function would return the scope depth
        of the parent frame, thus triggering an incorrect unwind.  Any subsequent 
        look up that walked the scope chain would result in incorrect behaviour,
        leading to a crash or incorrect variable resolution.  This can only actually
        happen in try...finally statements as that's the only path that can result in
        the need to unwind the scope chain, but not force the function to need a
        full scope chain.

        The fix is simply to check for this case before attempting to walk the scope chain.

        * VM/Machine.cpp:
        (KJS::depth):
        (KJS::Machine::throwException):

2008-08-17  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Maciej.

        Bug 20419: Remove op_jless
        <https://bugs.webkit.org/show_bug.cgi?id=20419>

        Remove op_jless, which is rarely used now that we have op_loop_if_less.

        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (KJS::CodeGenerator::emitJumpIfTrue):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        * VM/Opcode.h:

2008-08-17  Cameron Zwarich  <cwzwarich (a] uwaterloo.ca>

        Reviewed by Dan Bernstein.

        Fix a typo in r35807 that is also causing build failures for
        non-AllInOne builds.

        * kjs/NumberConstructor.cpp:

2008-08-17  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Cameron Zwarich.

        Made room for a free word in JSCell.
        
        SunSpider says no change.
        
        I changed JSCallbackObjectData, Arguments, JSArray, and RegExpObject to
        store auxiliary data in a secondary structure.

        I changed InternalFunction to store the function's name in the property
        map.
        
        I changed JSGlobalObjectData to use a virtual destructor, so WebCore's
        JSDOMWindowBaseData could inherit from it safely. (It's a strange design
        for JSDOMWindowBase to allocate an object that JSGlobalObject deletes,
        but that's really our only option, given the size constraint.)
        
        I also added a bunch of compile-time ASSERTs, and removed lots of comments
        in JSObject.h because they were often out of date, and they got in the
        way of reading what was actually going on.
        
        Also renamed JSArray::getLength to JSArray::length, to match our style
        guidelines.

2008-08-16  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Sped up property access for array.length and string.length by adding a
        mechanism for returning a temporary value directly instead of returning
        a pointer to a function that retrieves the value.
        
        Also removed some unused cruft from PropertySlot.
        
        SunSpider says 0.5% - 1.2% faster.

        NOTE: This optimization is not a good idea in general, because it's
        actually a pessimization in the case of resolve for assignment,
        and it may get in the way of other optimizations in the future.
        
2008-08-16  Dan Bernstein  <mitz (a] apple.com>

        Reviewed by Geoffrey Garen.

        Disable dead code stripping in debug builds.

        * Configurations/Base.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-08-15  Mark Rowe  <mrowe (a] apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6143072> FastMallocZone's enumeration code makes assumptions about handling of remote memory regions that overlap

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Don't directly compare pointers mapped into the local process with
        a pointer that has not been mapped.  Instead, calculate a local address for the pointer and compare with that.
        (WTF::TCMallocStats::FreeObjectFinder::findFreeObjects): Pass in the remote address of the central free list so that it can
        be used when calculating local addresses.
        (WTF::TCMallocStats::FastMallocZone::enumerate): Ditto.

2008-08-15  Mark Rowe  <mrowe (a] apple.com>

        Rubber-stamped by Geoff Garen.

        <rdar://problem/6139914> Please include a _debug version of JavaScriptCore framework

        * Configurations/Base.xcconfig: Factor out the debug-only settings so that they can shared
        between the Debug configuration and debug Production variant.
        * JavaScriptCore.xcodeproj/project.pbxproj: Enable the debug variant.

2008-08-15  Mark Rowe  <mrowe (a] apple.com>

        Fix the 64-bit build.

        Add extra cast to avoid warnings about loss of precision when casting from
        JSValue* to an integer type.

        * kjs/JSImmediate.h:
        (KJS::JSImmediate::intValue):
        (KJS::JSImmediate::uintValue):

2008-08-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Still fixing Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Added OpaqueJSString
        to yet another place.

2008-08-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Trying to fix non-Apple builds.

        * ForwardingHeaders/JavaScriptCore/OpaqueJSString.h: Added.

2008-08-15  Gavin Barraclough  <barraclough (a] apple.com>

        Reviewed by Geoff Garen.

        Allow JSImmediate to hold 31 bit signed integer immediate values.  The low two bits of a
        JSValue* are a tag, with the tag value 00 indicating the JSValue* is a pointer to a
        JSCell.  Non-zero tag values used to indicate that the JSValue* is not a real pointer,
        but instead holds an immediate value encoded within the pointer.  This patch changes the
        encoding so both the tag values 01 and 11 indicate the value is a signed integer, allowing
        a 31 bit value to be stored.  All other immediates are tagged with the value 10, and
        distinguished by a secondary tag.

        Roughly +2% on SunSpider.

        * kjs/JSImmediate.h: Encoding of JSImmediates has changed - see comment at head of file for
                             descption of new layout.

2008-08-15  Alexey Proskuryakov  <ap (a] webkit.org>

        More build fixes.

        * API/OpaqueJSString.h: Add a namespace to friend declaration to appease MSVC.
        * API/JSStringRefCF.h: (JSStringCreateWithCFString) Cast UniChar* to UChar* explicitly.
        * JavaScriptCore.exp: Added OpaqueJSString::create(const KJS::UString&) to fix WebCore build.

2008-08-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Build fix.

        * JavaScriptCore.xcodeproj/project.pbxproj: Marked OpaqueJSString as private

        * kjs/identifier.cpp:
        (KJS::Identifier::checkSameIdentifierTable):
        * kjs/identifier.h:
        (KJS::Identifier::add):
        Since checkSameIdentifierTable is exported for debug build's sake, gcc wants it to be
        non-inline in release builds, too.

        * JavaScriptCore.exp: Don't export inline OpaqueJSString destructor.

2008-08-15  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Geoff Garen.

        JSStringRef is created context-free, but can get linked to one via an identifier table,
        breaking an implicit API contract.

        Made JSStringRef point to OpaqueJSString, which is a new string object separate from UString.

        * API/APICast.h: Removed toRef/toJS conversions for JSStringRef, as this is no longer a
        simple typecast.

        * kjs/identifier.cpp:
        (KJS::Identifier::checkSameIdentifierTable):
        * kjs/identifier.h:
        (KJS::Identifier::add):
        (KJS::UString::checkSameIdentifierTable):
        Added assertions to verify that an identifier is not being added to a different JSGlobalData.

        * API/JSObjectRef.cpp:
        (OpaqueJSPropertyNameArray::OpaqueJSPropertyNameArray): Changed OpaqueJSPropertyNameArray to
        hold JSStringRefs. This is necessary to avoid having to construct (and leak) a new instance
        in JSPropertyNameArrayGetNameAtIndex(), now that making a JSStringRef is not just a typecast.

        * API/OpaqueJSString.cpp: Added.
        (OpaqueJSString::create):
        (OpaqueJSString::ustring):
        (OpaqueJSString::identifier):
        * API/OpaqueJSString.h: Added.
        (OpaqueJSString::create):
        (OpaqueJSString::characters):
        (OpaqueJSString::length):
        (OpaqueJSString::OpaqueJSString):
        (OpaqueJSString::~OpaqueJSString):

        * API/JSBase.cpp:
        (JSEvaluateScript):
        (JSCheckScriptSyntax):
        * API/JSCallbackObjectFunctions.h:
        (KJS::::getOwnPropertySlot):
        (KJS::::put):
        (KJS::::deleteProperty):
        (KJS::::staticValueGetter):
        (KJS::::callbackGetter):
        * API/JSStringRef.cpp:
        (JSStringCreateWithCharacters):
        (JSStringCreateWithUTF8CString):
        (JSStringRetain):
        (JSStringRelease):
        (JSStringGetLength):
        (JSStringGetCharactersPtr):
        (JSStringGetMaximumUTF8CStringSize):
        (JSStringGetUTF8CString):
        (JSStringIsEqual):
        * API/JSStringRefCF.cpp:
        (JSStringCreateWithCFString):
        (JSStringCopyCFString):
        * API/JSValueRef.cpp:
        (JSValueMakeString):
        (JSValueToStringCopy):
        Updated to use OpaqueJSString.

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:
        Added OpaqueJSString.

2008-08-14  Kevin McCullough  <kmccullough (a] apple.com>

        Reviewed by Tim.

        <rdar://problem/6115819> Notify of profile in console
        - Profiles now have a unique ID so that they can be linked to the
        console message that announces that a profile completed.

        * profiler/HeavyProfile.cpp: 
        (KJS::HeavyProfile::HeavyProfile):
        * profiler/Profile.cpp:
        (KJS::Profile::create):
        (KJS::Profile::Profile):
        * profiler/Profile.h:
        (KJS::Profile::uid):
        * profiler/ProfileGenerator.cpp:
        (KJS::ProfileGenerator::create):
        (KJS::ProfileGenerator::ProfileGenerator):
        * profiler/ProfileGenerator.h:
        * profiler/Profiler.cpp:
        (KJS::Profiler::startProfiling):
        * profiler/TreeProfile.cpp:
        (KJS::TreeProfile::create):
        (KJS::TreeProfile::TreeProfile):
        * profiler/TreeProfile.h:

2008-08-13  Geoffrey Garen  <ggaren (a] apple.com>

        Reviewed by Oliver Hunt.
        
        Nixed a PIC branch from JSObject::getOwnPropertySlot, by forcing
        fillGetterProperty, which references a global function pointer,
        out-of-line.
        
        .2% SunSpider speedup, 4.3% access-nbody speedup, 8.7% speedup on a
        custom property access benchmark for objects with one property.

        * kjs/JSObject.cpp:
        (KJS::JSObject::fillGetterPropertySlot):

2008-08-13  Alp Toker  <alp (a] nuanti.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=20349
        WTF::initializeThreading() fails if threading is already initialized

        Fix threading initialization logic to support cases where
        g_thread_init() has already been called elsewhere.

        Resolves database-related crashers reported in several applications.

        * wtf/ThreadingGtk.cpp:
        (WTF::initializeThreading):

2008-08-13  Brad Hughes <bhughes (a] trolltech.com>

        Reviewed by Simon.

        Fix compiling of QtWebKit in release mode with the Intel C++ Compiler for Linux

        The latest upgrade of the intel compiler allows us to compile all of
        Qt with optimizations enabled (yay!).

        * JavaScriptCore.pro:

2008-08-12  Oliver Hunt  <oliver (a] apple.com>

        Reviewed by Geoff Garen.

        Add peephole optimisation to 'op_not... jfalse...' (eg. if(!...) )

        This is a very slight win in sunspider, and a fairly substantial win
        in hot code that does if(!...), etc.

        * VM/CodeGenerator.cpp:
        (KJS::CodeGenerator::retrieveLastUnaryOp):
        (KJS::CodeGenerator::rewindBinaryOp):
        (KJS::CodeGenerator::rewindUnaryOp):
        (KJS::CodeGenerator::emitJumpIfFalse):
        * VM/CodeGenerator.h:

2008-08-12  Dan Bernstein  <mitz (a] apple.com>

        - JavaScriptCore part of <rdar://problem/6121636>
          Make fast*alloc() abort() on failure and add "try" variants that
          return NULL on failure.

        Reviewed by Darin Adler.

        * JavaScriptCore.exp: Exported tryFastCalloc().
        * VM/RegisterFile.h:
        (KJS::RegisterFile::RegisterFile): Removed an ASSERT().
        * kjs/JSArray.cpp:
        (KJS::JSArray::putSlowCase): Changed to use tryFastRealloc().
        (KJS::JSArray::increaseVectorLength): Ditto.
        * kjs/ustring.cpp:
        (KJS::allocChars): Changed to use tryFastMalloc().
        (KJS::reallocChars): Changed to use tryFastRealloc().
        * wtf/FastMalloc.cpp:
        (WTF::fastZeroedMalloc): Removed null checking of fastMalloc()'s result
        and removed extra call to InvokeNewHook().
        (WTF::tryFastZeroedMalloc): Added. Uses tryFastMalloc().
        (WTF::tryFastMalloc): Renamed fastMalloc() to this.
        (WTF::fastMalloc): Added. This version abort()s if allocation fails.
        (WTF::tryFastCalloc): Renamed fastCalloc() to this.
        (WTF::fastCalloc): Added. This version abort()s if allocation fails.
        (WTF::tryFastRealloc): Renamed fastRealloc() to this.
        (WTF::fastRealloc): Added. This version abort()s if allocation fails.
        (WTF::do_malloc): Made this a function template. When the abortOnFailure
        template parameter is set, the function abort()s on failure to allocate.
        Otherwise, it sets errno to ENOMEM and returns zero.
        (WTF::TCMallocStats::fastMalloc): Defined to abort() on failure.
        (WTF::TCMallocStats::tryFastMalloc): Added. Does not abort() on
        failure.
        (WTF::TCMallocStats::fastCalloc): Defined to abort() on failure.
        (WTF::TCMallocStats::tryFastCalloc): Added. Does not abort() on
        failure.
        (WTF::TCMallocStats::fastRealloc): Defined to abort() on failure.
        (WTF::TCMallocStats::tryFastRealloc): Added. Does not abort() on
        failure.
        * wtf/FastMalloc.h: Declared the "try" variants.

2008-08-11  Adam Roben  <aroben (a] apple.com>

        Move WTF::notFound into its own header so that it can be used
        independently of Vector

        Rubberstamped by Darin Adler.

        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        Added NotFound.h to the project.
        * wtf/NotFound.h: Added. Moved the notFound constant here...
        * wtf/Vector.h: ...from here.

2008-08-11  Alexey Proskuryakov  <ap (a] webkit.org>

        Reviewed by Mark Rowe.

        <rdar://problem/6130393> REGRESSION: PhotoBooth hangs after launching under TOT Webkit

        * API/JSContextRef.cpp: (JSGlobalContextRelease): Corrected a comment.

        * kjs/collector.cpp: (KJS::Heap::~Heap): Ensure that JSGlobalData is not deleted while
        sweeping the heap.

== Rolled over to ChangeLog-2008-08-10 ==