JavaScriptCore-7601.1.46.3.tar.gz

[apple/javascriptcore.git] / ChangeLog-2010-05-24

2010-05-24  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Sam Weinig.

        Accidentally committed double write of codeblock in Interpreter.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2010-05-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=39583
        Move creation of 'this' object from caller to callee in construction.

        Presently the caller of a constructor is responsible for providing a this
        object.  Instead, move the object creation into a new op_create_this opcode,
        planted in the head of the contructor bytecode for a function.  Since the
        prototype for the object is provided by performing a get_by_id on the callee,
        also add a new get_callee opcode (this is used to get the callee JSFunction
        into a register so that a normal get_by_id can be used).

        Currently the caller is also responsible for detecting when op_construct is
        performed on a JSFunction representing a host function, in which case an
        exception is thrown – and this check currently takes place when constructing
        the this object.  Instead, mirroring the recent changes for non-host functions,
        add a parallel code-path for native constructors to follow, with a thunk for
        invoking native constructors provided by JITStubs, and a constructor-specific
        NativeFunction on NativeExecutable.  Provide an implementation of a host
        constructor which will throw an exception.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        * bytecode/CodeBlock.h:
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitConstruct):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITCall32_64.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::privateCompileCTINativeCall):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_get_callee):
        (JSC::JIT::emit_op_create_this):
        * jit/JITOpcodes32_64.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::privateCompileCTINativeCall):
        (JSC::JIT::emit_op_get_callee):
        (JSC::JIT::emit_op_create_this):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        (JSC::JITThunks::hostFunctionStub):
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiNativeConstruct):
        (JSC::):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createNotAnObjectError):
        * runtime/Executable.h:
        (JSC::NativeExecutable::create):
        (JSC::NativeExecutable::NativeExecutable):
        * runtime/JSFunction.cpp:
        (JSC::callHostFunctionAsConstructor):
        * runtime/JSFunction.h:

2010-05-23  Sam Weinig  <sam@webkit.org>

        Fix windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=39575
        Make JS DOMObject inherit from JSObjectWithGlobalObject instead of JSObject

        Expose the global object stored in JSObjectWithGlobalObject.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSObjectWithGlobalObject.cpp:
        (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
        (JSC::JSObjectWithGlobalObject::globalObject):
        * runtime/JSObjectWithGlobalObject.h:

2010-05-21  Oliver Hunt  <oliver@apple.com>

        "asm volatile" isn't valid outside of functions.

        Reviewed by Gavin Barraclough.

        * jit/JITStubs.cpp:

2010-05-21  Gavin Barraclough  <barraclough@apple.com>

        Unreviewed build fix.

        Interpreter fix following r59974.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::get):
        * runtime/JSPropertyNameIterator.h:

2010-05-21  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Oliver Hunt.

        Interpreter fix following r59939.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2010-05-21  David Levin  <levin@chromium.org>

        Unreviewed build fix.

        * wtf/SizeLimits.cpp: Removed a check while I figure out how to write it properly.

2010-05-21  David Levin  <levin@chromium.org>

        Reviewed by Darin Adler.

        Enforce size constraints on various data structures in JavaScriptCore/wtf.
        https://bugs.webkit.org/show_bug.cgi?id=39327

        I only modified the default build for OSX and Chromium's build file to include WTFCompileAsserts.cpp
        as those should be sufficient to catch regressions on the size of the data structures.

        * JavaScriptCore.gypi: Added the WTFCompileAsserts.cpp file.
        * JavaScriptCore.xcodeproj/project.pbxproj: Added the WTFCompileAsserts.cpp file.
        * runtime/UString.cpp: Added a compile assert for UString size.
        * wtf/SizeLimits.cpp: Added compile asserts for data structures that didn't have cpp files.
        * wtf/text/StringImpl.cpp: Added a compile assert for StringImpl size.

2010-05-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 39509 - Exceptions raised when JSString::value() is called not always properly thrown.
        Missing some CHECK_FOR_EXCEPTION()s, cleanup NativeError construction (adding a property
        via the prototype was inefficient, and whilst trivially true that the property is is not
        a rope - and thus couldn't except - it would be hard to prove this).

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::name):
        (JSC::InternalFunction::displayName):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::name):
        (JSC::JSFunction::displayName):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * runtime/JSPropertyNameIterator.cpp:
        * runtime/JSPropertyNameIterator.h:
        * runtime/JSString.h:
        (JSC::RopeBuilder::tryGetValue):
        (JSC::JSString::getIndex):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorConstructor.h:
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NativeErrorPrototype.h:
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):

2010-05-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Fix interpreter build.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2010-05-21  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Split out JITCall32_64.cpp, and tightened up some #ifdefs in the hopes
        of improving compile times.
        https://bugs.webkit.org/show_bug.cgi?id=39507

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.cpp:
        * jit/JITArithmetic.cpp:
        * jit/JITArithmetic32_64.cpp:
        * jit/JITCall.cpp:
        * jit/JITCall32_64.cpp: Copied from jit/JITCall.cpp.
        * jit/JITOpcodes.cpp:
        * jit/JITOpcodes32_64.cpp:
        * jit/JITPropertyAccess.cpp:
        * jit/JITPropertyAccess32_64.cpp:
        * jit/JITStubs.cpp:

2010-05-21  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed buildfix for Qt after r59941.

        * JavaScriptCore.pro: missing runtime/JSObjectWithGlobalObject.cpp added to SOURCES.

2010-05-21  Oliver Hunt  <oliver@apple.com>

        Windows build fix #3

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-21  Oliver Hunt  <oliver@apple.com>

        Windows build fix #2

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-21  Oliver Hunt  <oliver@apple.com>

        Windows build fix #1

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        All callable objects should have a global object reference
        https://bugs.webkit.org/show_bug.cgi?id=39495

        All objects that may ever return a value other CallTypeNone
        or ConstructTypeNone now get a global object in their constructor
        and store that in their first anonymous slot.  We add a new type
        JSObjectWithGlobalObject to allow us to share this logic as much
        as possible, however some objects have specific inheritance 
        requirements so we can't just use it universally.

        To enforce this requirement JSValue::getCallData and getConstructData
        make use of a new "isValidCallee" function to assert that any object
        that returns a value other than CallType/ConstructTypeNone has a
        global object in anonymous slot 0.

        In order to ensure that static function slots are converted into
        function objects with the correct global object, all prototype objects
        and other classes with static function slots also gain a global object
        reference.  Happily this fixes the long standing issue where host
        function objects get a prototype from the lexical global object of the
        first function that calls them, instead of the global object that they
        are defined on.

        * API/JSCallbackConstructor.cpp:
        (JSC::JSCallbackConstructor::JSCallbackConstructor):
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::JSCallbackFunction):
        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.cpp:
        (JSC::):
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::JSCallbackObject):
        (JSC::::staticFunctionGetter):
        * API/JSClassRef.cpp:
        (OpaqueJSClass::prototype):
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        (JSObjectMake):
        (JSObjectMakeFunctionWithCallback):
        (JSObjectMakeConstructor):
        (JSObjectGetPrivate):
        (JSObjectSetPrivate):
        (JSObjectGetPrivateProperty):
        (JSObjectSetPrivateProperty):
        (JSObjectDeletePrivateProperty):
        * API/JSValueRef.cpp:
        (JSValueIsObjectOfClass):
        * API/JSWeakObjectMapRefPrivate.cpp:
        * CMakeLists.txt:
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * runtime/ArrayConstructor.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::ArrayPrototype):
        * runtime/ArrayPrototype.h:
        (JSC::ArrayPrototype::createStructure):
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * runtime/BooleanConstructor.h:
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/BooleanPrototype.h:
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateConstructor.h:
        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::DatePrototype):
        * runtime/DatePrototype.h:
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorConstructor.h:
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/ErrorPrototype.h:
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionConstructor.h:
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        (JSC::FunctionPrototype::addFunctionProperties):
        * runtime/FunctionPrototype.h:
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        * runtime/GlobalEvalFunction.h:
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/InternalFunction.h:
        * runtime/JSCell.h:
        (JSC::JSValue::getCallData):
        (JSC::JSValue::getConstructData):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        * runtime/JSFunction.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObject):
        * runtime/JSONObject.cpp:
        (JSC::JSONObject::JSONObject):
        * runtime/JSONObject.h:
        * runtime/JSObject.h:
        * runtime/JSObjectWithGlobalObject.cpp: Added.
        (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
        * runtime/JSObjectWithGlobalObject.h: Added.
        (JSC::JSObjectWithGlobalObject::createStructure):
        (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
        * runtime/JSValue.cpp:
        (JSC::JSValue::isValidCallee):
        * runtime/JSValue.h:
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/MathObject.h:
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorConstructor.h:
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NativeErrorPrototype.h:
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * runtime/NumberConstructor.h:
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/NumberPrototype.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * runtime/ObjectConstructor.h:
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PrototypeFunction.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        (JSC::constructRegExp):
        * runtime/RegExpConstructor.h:
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::RegExpObject):
        * runtime/RegExpObject.h:
        * runtime/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * runtime/RegExpPrototype.h:
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringConstructor.h:
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/StringPrototype.h:

2010-05-21  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Removed the unused entry in the CallFrame
        https://bugs.webkit.org/show_bug.cgi?id=39470
        
        Removed the unused entry in the CallFrame, and reordered CallFrame
        writes on the hot path to be in forwards order.
        
        SunSpider says 0.3% faster.

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):

2010-05-21  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Split the QScriptValue autotest into smaller chunks.

        File tst_qscriptvalue_generated.cpp was huge and it was difficult to compile
        it with MSVS2008, because of the code optimization.

        Tests were splited into a few files for better use of distributed
        compilation.
        Repeated calls to insert() and operator<<() where replaced by loops,
        that should reduce time of code optimizing.

        New files were generated by the same application, test logic wasn't changed.

        [Qt] The QScriptValue autotest should be refactored.
        https://bugs.webkit.org/show_bug.cgi?id=38987

        * qt/tests/qscriptvalue/qscriptvalue.pro:
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp: Removed.
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated_init.cpp: Added.
        (tst_QScriptValue::initScriptValues):
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated_istype.cpp: Added.
        (tst_QScriptValue::isValid_initData):
        (tst_QScriptValue::isValid_makeData):
        (tst_QScriptValue::isValid_test):
        (tst_QScriptValue::isBool_initData):
        (tst_QScriptValue::isBool_makeData):
        (tst_QScriptValue::isBool_test):
        (tst_QScriptValue::isBoolean_initData):
        (tst_QScriptValue::isBoolean_makeData):
        (tst_QScriptValue::isBoolean_test):
        (tst_QScriptValue::isNumber_initData):
        (tst_QScriptValue::isNumber_makeData):
        (tst_QScriptValue::isNumber_test):
        (tst_QScriptValue::isFunction_initData):
        (tst_QScriptValue::isFunction_makeData):
        (tst_QScriptValue::isFunction_test):
        (tst_QScriptValue::isNull_initData):
        (tst_QScriptValue::isNull_makeData):
        (tst_QScriptValue::isNull_test):
        (tst_QScriptValue::isString_initData):
        (tst_QScriptValue::isString_makeData):
        (tst_QScriptValue::isString_test):
        (tst_QScriptValue::isUndefined_initData):
        (tst_QScriptValue::isUndefined_makeData):
        (tst_QScriptValue::isUndefined_test):
        (tst_QScriptValue::isObject_initData):
        (tst_QScriptValue::isObject_makeData):
        (tst_QScriptValue::isObject_test):
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated_totype.cpp: Added.
        (tst_QScriptValue::toString_initData):
        (tst_QScriptValue::toString_makeData):
        (tst_QScriptValue::toString_test):
        (tst_QScriptValue::toNumber_initData):
        (tst_QScriptValue::toNumber_makeData):
        (tst_QScriptValue::toNumber_test):
        (tst_QScriptValue::toBool_initData):
        (tst_QScriptValue::toBool_makeData):
        (tst_QScriptValue::toBool_test):
        (tst_QScriptValue::toBoolean_initData):
        (tst_QScriptValue::toBoolean_makeData):
        (tst_QScriptValue::toBoolean_test):
        (tst_QScriptValue::toInteger_initData):
        (tst_QScriptValue::toInteger_makeData):
        (tst_QScriptValue::toInteger_test):
        (tst_QScriptValue::toInt32_initData):
        (tst_QScriptValue::toInt32_makeData):
        (tst_QScriptValue::toInt32_test):
        (tst_QScriptValue::toUInt32_initData):
        (tst_QScriptValue::toUInt32_makeData):
        (tst_QScriptValue::toUInt32_test):
        (tst_QScriptValue::toUInt16_initData):
        (tst_QScriptValue::toUInt16_makeData):
        (tst_QScriptValue::toUInt16_test):

2010-05-21  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        Add COMPILER(MSVC) guard for strnstr
        https://bugs.webkit.org/show_bug.cgi?id=39397

        BREWMP uses MSVC for simulator build, but it is not OS(WINDOWS).
        Add COMPILER(MSVC) guard for strnstr.

        * wtf/StringExtras.h:

2010-05-21  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Add !PLATFORM(BREWMP) guard for isMainThread
        https://bugs.webkit.org/show_bug.cgi?id=39396

        BREWMP sets ENABLE(SINGLE_THREADED), so it uses isMainThread from ThreadingNone.cpp.
        Exclude isMainThread in MainThread.cpp.

        * wtf/MainThread.cpp:

2010-05-20  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Use skia as BREW MP's graphics backend.
        https://bugs.webkit.org/show_bug.cgi?id=39407

        Define WTF_PLATFORM_SKIA=1 for BREW MP.

        * wtf/Platform.h:

2010-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Beth Dakin.

        Fixed naming mixup: it's op_call_put_result, not ret_result.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2010-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Whittling away at CodeBlock use: Removed a little wonkiness in closure lookup
        https://bugs.webkit.org/show_bug.cgi?id=39444
        
        Calculate all lookup depths at compile time. I'm not sure why we couldn't
        do this before, but whatever the reason, it seems to be gone now.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::findScopedProperty):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobalDynamic):
        (JSC::Interpreter::privateExecute):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_resolve_skip):
        (JSC::JIT::emit_op_resolve_global_dynamic):
        (JSC::JIT::emitSlow_op_resolve_global_dynamic):
        * jit/JITOpcodes32_64.cpp:
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_resolve_skip):

2010-05-20  Darin Adler  <darin@apple.com>

        Reviewed by Eric Seidel.

        Fix warnings seen on the buildbots today
        https://bugs.webkit.org/show_bug.cgi?id=39368

        * profiler/ProfileNode.cpp:
        (JSC::getCount): Removed unneeded initialization of global variable.
        These are all initialized to zero anyway, so no need to try to initialize
        it and get a warning.

        * wtf/CurrentTime.cpp:
        (WTF::currentTime): Removed unused global variable.

2010-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Removed some reliance on callFame[CodeBlock] by storing CodeBlock in a
        local variable in the Interpreter.
        https://bugs.webkit.org/show_bug.cgi?id=39447

        Small speedup on SunSpider in Interpreter mode.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jsc.cpp:
        * wtf/Platform.h:

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 39408 - Unify JIT/interpreter return behaviour.

        Presently the JIT and the interpreter have differing implementations in how
        they handle storing the result of a function call back to the register file.
        In both cases the op_call ( / _eval / _varargs / op_construct) opcode has an
        operand indicating the VM register in which the result should be stored.
        The JIT plants code after the call to store the result, so the value will be
        stored as soon as the callee has returned.  In the interpreter the call
        passes the return value register id into the callee via the callee callframe,
        and the callee is responsible for writing the result back into its callers
        register file after it has restored the parents callframe pointer, but before
        returning.

        Instead, move the task of writing the call result to the register file into a
        new opcode (op_call_put_result), and after returning the callee should leave
        the return value in a canonical location.  In the case of the interpreter,
        this canonical location is a local variable in privateExecute
        (functionReturnValue), in the case of the JIT this is the normal return value
        registers (regT0, or regT1:regT0 in JSVALUE32_64).  op_call_put_result stores
        the result from the canonical location to the registerfile.

        In addition to unifying JIT & interpreter behaviour this change allows us to
        remove a slot from the callframe, omit the write of the result where the
        return value from the call is not used, and provides a 2% speedup on sunspider
        in the interpreter.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitCall):
        (JSC::BytecodeGenerator::emitCallVarargs):
        (JSC::BytecodeGenerator::emitConstruct):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::finalDestinationOrIgnored):
        * bytecompiler/NodesCodegen.cpp:
        (JSC::NewExprNode::emitBytecode):
        (JSC::FunctionCallValueNode::emitBytecode):
        (JSC::FunctionCallResolveNode::emitBytecode):
        (JSC::FunctionCallBracketNode::emitBytecode):
        (JSC::FunctionCallDotNode::emitBytecode):
        (JSC::CallFunctionCallDotNode::emitBytecode):
        (JSC::ApplyFunctionCallDotNode::emitBytecode):
        * interpreter/CallFrame.h:
        (JSC::ExecState::init):
        (JSC::ExecState::noCaller):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::privateExecute):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::emit_op_call_put_result):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        (JSC::JIT::compileOpCallVarargsSetupArgs):

2010-05-20  Steve Block  <steveblock@google.com>

        Reviewed by Jeremy Orlow.

        Provide bindings for DeviceOrientation
        https://bugs.webkit.org/show_bug.cgi?id=39210

        Adds ENABLE_DEVICE_ORIENTATION to XCode project file, always disabled.

        * Configurations/FeatureDefines.xcconfig:

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Errk! rename op_constructor_ret as requested in review of Bug 39399.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitReturn):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_ret_object_or_this):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_ret_object_or_this):

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 39399 - Move responsibility for verifying constructors return objects from the caller to the callee.
        
        This is a necessary step to move object creation from caller to callee.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitReturn):
        (JSC::BytecodeGenerator::emitConstruct):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::isConstructor):
        * bytecompiler/NodesCodegen.cpp:
        (JSC::FunctionBodyNode::emitBytecode):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_constructor_ret):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_constructor_ret):

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Fix windows build II.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Fix windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 39393 - JSFunction need not be a subclass of InternalFunction.

        re-landing r59800.

        * JavaScriptCore.exp:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::findFunctionCallFrame):
        * interpreter/Interpreter.h:
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSFunction.cpp:
        (JSC::):
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::name):
        (JSC::JSFunction::displayName):
        (JSC::JSFunction::calculatedDisplayName):
        * runtime/JSFunction.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        * runtime/JSObject.h:
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Reverting r59800, this b0rked stuff.

        * JavaScriptCore.exp:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::findFunctionCallFrame):
        * interpreter/Interpreter.h:
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSFunction.cpp:
        (JSC::):
        (JSC::JSFunction::JSFunction):
        * runtime/JSFunction.h:
        * runtime/JSObject.cpp:
        * runtime/JSObject.h:
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):

2010-05-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 39393 - JSFunction need not be a subclass of InternalFunction.

        This may prevent us from introducing a more useful parent class to
        JSFunction, e.g. a JSObject that holds an executable, which could
        also reference an eval or program executable.

        * JavaScriptCore.exp:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::retrieveCaller):
        (JSC::Interpreter::findFunctionCallFrame):
        * interpreter/Interpreter.h:
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSFunction.cpp:
        (JSC::):
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::name):
        (JSC::JSFunction::displayName):
        (JSC::JSFunction::calculatedDisplayName):
        * runtime/JSFunction.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        * runtime/JSObject.h:
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):

2010-05-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        emitJumpIfNotJSCell should special case constant immediate values
        https://bugs.webkit.org/show_bug.cgi?id=39392
        <rdar://problem/8001324>

        Make emitJumpSlowCaseIfNotJSCell special case constant immediate
        values, in addition to the immediate JSCell optimisation.

        Also add assertions to make sure no one else produces code that
        attempts to load constants from the register file.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        * jit/JSInterfaceJIT.h:
        (JSC::JSInterfaceJIT::emitJumpIfNotJSCell):
        (JSC::JSInterfaceJIT::emitLoadInt32):
        (JSC::JSInterfaceJIT::tagFor):
        (JSC::JSInterfaceJIT::payloadFor):
        (JSC::JSInterfaceJIT::emitLoadDouble):
        (JSC::JSInterfaceJIT::addressFor):
        * jit/ThunkGenerators.cpp:

2010-05-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Slight refactoring to CodeBlock bytecode access
        https://bugs.webkit.org/show_bug.cgi?id=39384

        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::bytecodeOffset):
        * interpreter/CallFrame.h:
        (JSC::ExecState::returnPC):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::retrieveLastCaller): Moved bytecode access into a
        CodeBlock helper function. Changed CallFrame to accurately represent
        how the returnPC is stored in JIT vs Interpreter.

2010-05-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Don't build the Interpreter into JIT builds.
        https://bugs.webkit.org/show_bug.cgi?id=39373

        SunSpider says no change.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * wtf/Platform.h:

2010-05-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.
        
        Standardized naming: "bytecode offset" wins; "bytecode index" loses.
        
        Also renamed getBytecodeOffset to bytecodeOffset, to match the WebKit
        naming style.

        * bytecode/CodeBlock.h:
        (JSC::CallReturnOffsetToBytecodeOffset::CallReturnOffsetToBytecodeOffset):
        (JSC::getCallReturnOffset):
        (JSC::CodeBlock::bytecodeOffset):
        (JSC::CodeBlock::callReturnIndexVector):
        * interpreter/Interpreter.cpp:
        (JSC::bytecodeOffsetForPC):
        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileLinkPass):
        (JSC::JIT::privateCompileSlowCases):
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JumpTable::JumpTable):
        (JSC::SwitchRecord::SwitchRecord):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargsSlowCase):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitNakedCall):
        (JSC::JIT::addSlowCase):
        (JSC::JIT::addJump):
        (JSC::JIT::emitJumpSlowToHot):
        (JSC::JIT::isLabeled):
        (JSC::JIT::map):
        (JSC::JIT::unmap):
        (JSC::JIT::isMapped):
        (JSC::JIT::getMappedPayload):
        (JSC::JIT::getMappedTag):
        (JSC::JIT::emitGetVirtualRegister):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_switch_imm):
        (JSC::JIT::emit_op_switch_char):
        (JSC::JIT::emit_op_switch_string):
        (JSC::JIT::emit_op_new_error):
        * jit/JITOpcodes32_64.cpp:
        (JSC::JIT::emit_op_mov):
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_switch_imm):
        (JSC::JIT::emit_op_switch_char):
        (JSC::JIT::emit_op_switch_string):
        (JSC::JIT::emit_op_new_error):
        (JSC::JIT::emit_op_convert_this):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emitSlow_op_method_check):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emitSlow_op_method_check):
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emit_op_get_by_pname):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):

2010-05-19  Peter Varga  <pvarga@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        The backtrackParenthesesOnceEnd function should store the start position
        of the subpattern's non-greedy match at the place of the subpattern's
        start index in the output array instead of the place of the
        subpattern's end index.
        Add layout test for checking of non-greedy matching of subpattern in
        regular expressions.
        https://bugs.webkit.org/show_bug.cgi?id=39289

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::backtrackParenthesesOnceEnd):

2010-05-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 39343 - Dynamically generate a native call thunk per NativeFunction
        
        https://bugs.webkit.org/show_bug.cgi?id=39252 regressed performance on i386,
        by adding an extra indirection to making a native call.  By introducing per-
        NativeFunction thunks we can hard code the function pointer into the thunk
        so that it need not be loaded from the callee.

        * jit/JIT.h:
        (JSC::JIT::compileCTINativeCall):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTINativeCall):
        * jit/JITOpcodes32_64.cpp:
        (JSC::JIT::privateCompileCTINativeCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::ctiStub):
        (JSC::JITThunks::hostFunctionStub):
        * jit/JITStubs.h:
        * jit/SpecializedThunkJIT.h:
        (JSC::SpecializedThunkJIT::finalize):
        * jit/ThunkGenerators.cpp:
        (JSC::charCodeAtThunkGenerator):
        (JSC::charAtThunkGenerator):
        (JSC::fromCharCodeThunkGenerator):
        (JSC::sqrtThunkGenerator):
        (JSC::powThunkGenerator):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::getHostFunction):
        * runtime/JSGlobalData.h:
        (JSC::JSGlobalData::getCTIStub):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * wtf/Platform.h:

2010-05-18  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Simplified handling of 'arguments' -- 1.2% SunSpider speedup
        https://bugs.webkit.org/show_bug.cgi?id=39200
        
        Removed the reserved OptionalCalleeArguments slot from the CallFrame.
        Now, slots for 'arguments' are allocated and initialized only by
        functions that might need them.
        
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Updated for new bytecode operands.

        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::unmodifiedArgumentsRegister): Added a helper function for mapping
        from the arguments register to its unmodified counterpart.

        (JSC::CodeBlock::setArgumentsRegister):
        (JSC::CodeBlock::argumentsRegister):
        (JSC::CodeBlock::usesArguments):  Changed from a "usesArguments" bool to
        an optional int index representing the arguments register.

        * bytecode/Opcode.h: Updated for new bytecode operands.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::addVar): Factored out a helper function for
        allocating an anonymous var.

        (JSC::BytecodeGenerator::BytecodeGenerator): Merged / simplified some
        arguments vs activation logic, and added code to allocate the arguments
        registers when needed.

        (JSC::BytecodeGenerator::createArgumentsIfNecessary): Updated for new bytecode operands.

        (JSC::BytecodeGenerator::emitCallEval): No need to create the arguments
        object before calling eval; the activation object will lazily create the
        arguments object if eval resolves it.

        (JSC::BytecodeGenerator::emitReturn): Updated for new bytecode operands.

        (JSC::BytecodeGenerator::emitPushScope):
        (JSC::BytecodeGenerator::emitPushNewScope): Ditto emitCallEval.

        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::addVar): Factored out a helper function for
        allocating an anonymous var.

        (JSC::BytecodeGenerator::registerFor): No more need for special handling
        of the arguments registers; they're allocated just like normal registers
        now.

        * interpreter/CallFrame.h:
        (JSC::ExecState::callerFrame):
        (JSC::ExecState::init):
        * interpreter/CallFrameClosure.h:
        (JSC::CallFrameClosure::resetCallFrame): Nixed optionalCalleeArguments.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments): Opcodes accessing 'arguments' now
        take operands specifying registers, just like all other opcodes.
        JSActivation::copyRegisters is no longer responsible for tearing off the
        arguments object; instead, the VM is responsible for both.

        Also, a behavior change: Each access to f.arguments creates a new object,
        unless f itself uses 'arguments'. This matches Chrome, and is necessary
        for the optimization. f.arguments is a nonstandard, deprecated feature,
        so high fidelity to a given implementation is not necessarily a goal.
        Also, as illustrated by the new test case, the identity of f.arguments
        has been broken since 2008, except in the case where f itself accesses
        f.arguments -- but nobody seemed to notice. So, hopefully this change won't
        break the web.
        
        * interpreter/Register.h: Nixed the special arguments accessor. It's no
        longer needed.

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_tear_off_activation):
        (JSC::JIT::emit_op_tear_off_arguments):
        (JSC::JIT::emit_op_create_arguments):
        (JSC::JIT::emit_op_init_arguments):
        * jit/JITOpcodes32_64.cpp:
        (JSC::JIT::emit_op_tear_off_activation):
        (JSC::JIT::emit_op_tear_off_arguments):
        (JSC::JIT::emit_op_create_arguments):
        (JSC::JIT::emit_op_init_arguments): The actual optimization: Removed
        OptionalCalleeArguments from the callframe slot. Now, it doesn't need
        to be initialized for most calls.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::): Updated stubs to support arbitrary 'arguments' registers,
        instead of hard-coding something in the call frame.

        * runtime/Arguments.h:
        (JSC::JSActivation::copyRegisters): Removed some obfuscatory abstraction.

        * runtime/Executable.h:
        (JSC::FunctionExecutable::generatedByteCode): Added a helper for accessing
        the 'arguments' register. In a future patch, that kind of data should
        probably move out of CodeBlock and into Executable.

        * runtime/JSActivation.cpp:
        (JSC::JSActivation::getOwnPropertySlot):
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h: Simplified / fixed access to 'arguments' via
        the activation object. It now implements the same behavior implemented
        by optimized variable access in the VM. This simplifies some other
        things, too -- like eval code generation.

2010-05-18  Sam Weinig  <sam@webkit.org>

        Try to fix the windows build.

        * API/JSStringRefBSTR.cpp:

2010-05-18  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Add an inlineCapacity template parameter to ListHashSet and use it to shrink the positioned object list hash set.
        https://bugs.webkit.org/show_bug.cgi?id=39304
        <rdar://problem/7998366>

        Add an inlineCapacity template parameter to ListHashSet.

        * wtf/ListHashSet.h:
        (WTF::::ListHashSet):
        (WTF::::operator):
        (WTF::::swap):
        (WTF::::~ListHashSet):
        (WTF::::size):
        (WTF::::capacity):
        (WTF::::isEmpty):
        (WTF::::begin):
        (WTF::::end):
        (WTF::::find):
        (WTF::::contains):
        (WTF::::add):
        (WTF::::insertBefore):
        (WTF::::remove):
        (WTF::::clear):
        (WTF::::unlinkAndDelete):
        (WTF::::appendNode):
        (WTF::::insertNodeBefore):
        (WTF::::deleteAllNodes):
        (WTF::::makeIterator):
        (WTF::::makeConstIterator):
        (WTF::deleteAllValues):

2010-05-18  Gabor Loki  <loki@webkit.org>

        Reviewed by Darin Adler.

        Fix the interpreter after r59637
        https://bugs.webkit.org/show_bug.cgi?id=39287

        * runtime/Executable.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::getCallData):
        * runtime/JSGlobalData.cpp:
        * runtime/JSGlobalData.h:

2010-05-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Oops, meant ebx not eax there.  Fix Qt (and probably Win too).

        * jit/JITOpcodes32_64.cpp:

2010-05-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 39252 - Move host/native JSFunction's NativeFunction onto NativeExecutable.

        Currently host functions reuse JSFunction's ScopeChain as storage for their
        NativeFunction (the C function pointer to the host function implementation).
        Instead, move this onto NativeExecutable.  This will allow host functions to
        have a scopechain (which will be implemented as a separate patch).

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITOpcodes32_64.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::stringGetByValStubGenerator):
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::stringGetByValStubGenerator):
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::specializedThunk):
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiNativeCall):
        * jit/SpecializedThunkJIT.h:
        (JSC::SpecializedThunkJIT::finalize):
        * jit/ThunkGenerators.cpp:
        (JSC::charCodeAtThunkGenerator):
        (JSC::charAtThunkGenerator):
        (JSC::fromCharCodeThunkGenerator):
        (JSC::sqrtThunkGenerator):
        (JSC::powThunkGenerator):
        * jit/ThunkGenerators.h:
        * runtime/Executable.h:
        (JSC::NativeExecutable::create):
        (JSC::NativeExecutable::function):
        (JSC::NativeExecutable::NativeExecutable):
        (JSC::JSFunction::nativeFunction):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::markChildren):
        (JSC::JSFunction::getCallData):
        (JSC::JSFunction::call):
        (JSC::JSFunction::getOwnPropertySlot):
        (JSC::JSFunction::getConstructData):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::scope):
        * runtime/JSGlobalData.h:
        (JSC::JSGlobalData::getThunk):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):

2010-05-17  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Laszlo Gombos.

        [Qt] Remove WinCE endian dedection.
        https://bugs.webkit.org/show_bug.cgi?id=38511

        Windows CE supports little-endian format only.
        Correct dedection was added in r57804.

        * wtf/Platform.h:

2010-05-16  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Darin Adler.

        Reduce the size of FunctionExecutable
        https://bugs.webkit.org/show_bug.cgi?id=39180
        
        Change m_numVariables from a size_t to 31 bits in a bitfield,
        packed with another bit for m_forceUsesArguments (which in turn
        get packed with the base class).
        
        Reduces the size of FunctionExecutable from 160 to 152 bytes.

        * runtime/Executable.h:
        (JSC::FunctionExecutable::variableCount):
        (JSC::FunctionExecutable::FunctionExecutable):

2010-05-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Incorrect codegen for slowcase of < in 64-bit
        https://bugs.webkit.org/show_bug.cgi?id=39151

        Call the correct stud for the slowcases of the < operator.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jless):

2010-05-15  Leo Yang  <leo.yang@torchmobile.com.cn>

        Reviewed by Darin Adler.

        Fix bug https://bugs.webkit.org/show_bug.cgi?id=38890

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2010-05-15  Leandro Pereira  <leandro@profusion.mobi>

        Reviewed by Adam Treat.

        [EFL] Add build system for the EFL port.
        http://webkit.org/b/37945

        * CMakeLists.txt: Added.
        * CMakeListsEfl.txt: Added.
        * config.h: Add conditional to look for cmakeconfig.h.
        * jsc/CMakeLists.txt: Added.
        * jsc/CMakeListsEfl.txt: Added.
        * wtf/CMakeLists.txt: Added.
        * wtf/CMakeListsEfl.txt: Added.

2010-05-15  Chao-ying Fu  <fu@mips.com>

        Reviewed by Oliver Hunt.

        Update MIPS JIT for unsigned right shift, Math.sqrt, load16
        https://bugs.webkit.org/show_bug.cgi?id=38412

        Fixed MIPS build failure.

        * assembler/MIPSAssembler.h:
        (JSC::MIPSAssembler::srl):
        (JSC::MIPSAssembler::srlv):
        (JSC::MIPSAssembler::sqrtd):
        * assembler/MacroAssemblerMIPS.h:
        (JSC::MacroAssemblerMIPS::urshift32):
        (JSC::MacroAssemblerMIPS::sqrtDouble):
        (JSC::MacroAssemblerMIPS::load16):
        (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
        * jit/JSInterfaceJIT.h:

2010-05-15  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Geoffrey Garen.

        WebInspector: JSC Should provide heap size info for Timeline panel.
        https://bugs.webkit.org/show_bug.cgi?id=38420

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * runtime/Collector.cpp:
        (JSC::Heap::size):
        * runtime/Collector.h:

2010-05-15  Dave Tapuska  <dtapuska@rim.com>

        Reviewed by Darin Adler.

        Add a new define for we need strict arena alignment. ARMv5 with
        double word instructions set this value.

        * wtf/Platform.h:

2010-05-14  Stephanie Lewis  <slewis@apple.com>

        Rubber-stamped by Mark Rowe.

        Update order files.

        * JavaScriptCore.order:

2010-05-14  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Implementation of QtScript API that provide method to convert a value to an object.

        [Qt] QtScript is missing toObject API
        https://bugs.webkit.org/show_bug.cgi?id=36594

        * qt/api/qscriptengine.cpp:
        (QScriptEngine::toObject):
        * qt/api/qscriptengine.h:
        * qt/api/qscriptvalue.cpp:
        (QScriptValue::toObject):
        * qt/api/qscriptvalue.h:
        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::toObject):
        * qt/tests/qscriptengine/tst_qscriptengine.cpp:
        (tst_QScriptEngine::toObject):
        (tst_QScriptEngine::toObjectTwoEngines):
        * qt/tests/qscriptvalue/tst_qscriptvalue.cpp:
        (tst_QScriptValue::toObjectSimple):
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:

2010-05-14  Chao-ying Fu  <fu@mips.com>

        Reviewed by Oliver Hunt.

        String Indexing Failure on JSVALUE32 targets
        https://bugs.webkit.org/show_bug.cgi?id=39034

        Remove zero-extend/shift-right code on regT1, because we already have
        it in emit_op_get_by_val().

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::stringGetByValStubGenerator):

2010-05-10  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Alexey Proskuryakov.

        Fix a VS2010 assert in std::copy
        https://bugs.webkit.org/show_bug.cgi?id=38630

        The assert complains that the output iterator is null.

        * wtf/Vector.h:
        (WTF::::operator):

2010-05-13  Maciej Stachowiak  <mjs@apple.com>

        No review, attempted build fix.

        Try to fix Tiger build with some gratuitous initialization of
        seemingly uninitialized variables.

        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::tryCreateUninitialized):

2010-05-13  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Mark Rowe.

        Various JavaScript string optimizations
        https://bugs.webkit.org/show_bug.cgi?id=39051

        Approximately 1% SunSpider speedup.
        
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncJoin): Remove branches from the hot code path
        by moving the first pass outside the loop, and duplicating the hot loop
        to extract the loop-invariant branch.
        * runtime/RegExp.cpp:
        (JSC::RegExp::match): resize ovector to 0 instead of clearing to avoid
        thrash in case of large matches.
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::performMatch): Mark ALWAYS_INLINE to make the
        compiler respect our authority.
        * runtime/StringPrototype.cpp:
        (JSC::jsSpliceSubstringsWithSeparators): Inline.
        (JSC::stringProtoFuncSubstring): Rewrite boundary condition checks to
        reduce the number of floating point comparisons and branches.

2010-05-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=39039
        Provide support for separate bytecode/JIT code translations for call/construct usage
        This will allow us to produce code generated specifically for use as a constructor, not for general function use.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::getJITCode):
        (JSC::CodeBlock::executablePool):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::executeCall):
        (JSC::Interpreter::executeConstruct):
        (JSC::Interpreter::prepareForRepeatCall):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::unlinkCallOrConstruct):
        (JSC::JIT::linkConstruct):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITOpcodes32_64.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiVirtualConstructLink):
        (JSC::JITThunks::ctiVirtualConstruct):
        (JSC::):
        * jit/SpecializedThunkJIT.h:
        (JSC::SpecializedThunkJIT::finalize):
        * runtime/Arguments.h:
        (JSC::JSActivation::copyRegisters):
        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::~FunctionExecutable):
        (JSC::FunctionExecutable::compileForCall):
        (JSC::FunctionExecutable::compileForConstruct):
        (JSC::EvalExecutable::generateJITCode):
        (JSC::ProgramExecutable::generateJITCode):
        (JSC::FunctionExecutable::generateJITCodeForCall):
        (JSC::FunctionExecutable::generateJITCodeForConstruct):
        (JSC::FunctionExecutable::markAggregate):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::recompile):
        * runtime/Executable.h:
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::ExecutableBase::isHostFunction):
        (JSC::ExecutableBase::generatedJITCodeForCall):
        (JSC::ExecutableBase::generatedJITCodeForConstruct):
        (JSC::NativeExecutable::NativeExecutable):
        (JSC::EvalExecutable::jitCode):
        (JSC::ProgramExecutable::jitCode):
        (JSC::FunctionExecutable::bytecodeForCall):
        (JSC::FunctionExecutable::isGeneratedForCall):
        (JSC::FunctionExecutable::generatedBytecodeForCall):
        (JSC::FunctionExecutable::bytecodeForConstruct):
        (JSC::FunctionExecutable::isGeneratedForConstruct):
        (JSC::FunctionExecutable::generatedBytecodeForConstruct):
        (JSC::FunctionExecutable::symbolTable):
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::jitCodeForCall):
        (JSC::FunctionExecutable::jitCodeForConstruct):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::call):
        (JSC::JSFunction::construct):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::numericCompareFunction):

2010-05-12  Oliver Hunt  <oliver@apple.com>

        build fix

        <rdar://problem/7977960> REGRESSION (r59282): Tiger PPC build broken

        * runtime/UString.h:
        (JSC::tryMakeString):

2010-05-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://7969718> Incorrect 32-bit codegen for op_jnlesseq
        https://bugs.webkit.org/show_bug.cgi?id=39038

        Correct the use of incorrect comparison operators.

        * jit/JITArithmetic32_64.cpp:
        (JSC::JIT::emit_op_jlesseq):
        (JSC::JIT::emitBinaryDoubleOp):

2010-05-12  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>

        Reviewed by Eric Seidel.

        JavaScriptCore: fix build when some optimizations are disabled
        https://bugs.webkit.org/show_bug.cgi?id=38800

        Remove outdated UNUSED_PARAMs when using JIT but with
        ENABLE_JIT_OPTIMIZE_CALL and ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
        disabled.

        * jit/JITOpcodes.cpp:
        * jit/JITOpcodes32_64.cpp:

2010-05-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Work around GCC stupidity by either explicitly inlining or by
        using ALWAYS_INLINE

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        * runtime/UString.h:
        (JSC::UString::~UString):
        * wtf/RefPtr.h:
        (WTF::RefPtr::RefPtr):
        (WTF::RefPtr::~RefPtr):
        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::create):
        (WebCore::StringImpl::tryCreateUninitialized):

2010-05-12  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Detect debug mode consistently
        https://bugs.webkit.org/show_bug.cgi?id=38863

        * JavaScriptCore.pri:
        * JavaScriptCore.pro:
        * jsc.pro:
        * qt/api/QtScript.pro:

2010-05-12  Peter Varga  <pvarga@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Remove a direct jump in generatePatternCharacterGreedy() and
        generatePatternCharacterClassGreedy() functions if quantityCount of the term
        is unlimited.
        https://bugs.webkit.org/show_bug.cgi?id=38898

        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generatePatternCharacterGreedy):
        (JSC::Yarr::RegexGenerator::generateCharacterClassGreedy):

2010-05-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Slight simplification to the calling convention: read RegisterFile::end()
        from an absolute address, instead of from a pointer to the RegisterFile
        on the stack.
        
        SunSpider reports no change.
        
        This should free us to remove the RegisterFile argument from the stack.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):

2010-05-11  Brian Weinstein  <bweinstein@apple.com>

        Possible Gtk build fix - use ALWAYS_INLINE on functions that were inlined.

        * wtf/text/AtomicString.h:
        (WebCore::AtomicString::add): Use ALWAYS_INLINE.
        * wtf/text/WTFString.h:
        (WebCore::String::length): Ditto.
        (WebCore::String::isEmpty): Ditto.

2010-05-11  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Add a compile time assert that sizeof(String) == sizeof(AtomicString).

        * wtf/text/AtomicString.cpp:

2010-05-11  Anders Carlsson  <andersca@apple.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=38961
        Move some member variables around to reduce class sizes.
        
        Make AtomicString no longer inherit from FastAllocBase.

        Since AtomicString's first (and only) member variable, a RefPtr, also inherits from FastAllocBase this
        was causing the size of AtomicString to contain sizeof(void*) bytes of padding.

        * wtf/text/AtomicString.h:

2010-05-11  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Maciej Stachowiak.
        Patch by Gavin Barraclough.
        
        Rest of REGRESSION (r57900-57919): 3% PLT Regression from moving strings into WTF.
        https://bugs.webkit.org/show_bug.cgi?id=38930
        <rdar://problem/7937188>
        
        Inline string functions that are commonly used in WTFString, CString, and AtomicString.

        * JavaScriptCore.exp: Remove exports of inline functions.
        * wtf/text/AtomicString.cpp:
        (WebCore::AtomicString::addSlowCase): Rename add to addSlowCase, and inline the fast path
            of add.
        * wtf/text/AtomicString.h:
        (WebCore::AtomicString::add): Inline the fast path of add.
        * wtf/text/CString.cpp: Inline implementation of data and length in the header.
        * wtf/text/CString.h:
        (WTF::CString::data): Inline implementation of data.
        (WTF::CString::length): Inline implementation of length.
        * wtf/text/WTFString.cpp: Remove implementations of functions to be inlined.
        * wtf/text/WTFString.h:
        (WebCore::String::String): Inline implementation.
        (WebCore::String::length): Ditto.
        (WebCore::String::characters): Ditto.
        (WebCore::String::operator[]): Ditto.
        (WebCore::String::isEmpty): Ditto.

2010-05-11  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Steve Falkenburg and Jon Honeycutt.
        Patch by Gavin Barraclough.
        
        REGRESSION (r57900-57919): 3% PLT Regression from moving strings into WTF.
        https://bugs.webkit.org/show_bug.cgi?id=38930
        <rdar://problem/7937188>
        
        When the String classes were moved from WebCore to WTF, it meant that on Windows, all operations
        on Strings in WebCore had to cross a DLL boundary (from WebKit.dll to JavaScript.dll).
        
        We fix this by refactoring some of the WTF string code, so the code in AtomicString, StringImpl, and
        WTFString can be built by both WebCore and WTF, and we don't need to talk across a DLL to do operations
        on Strings.

        * GNUmakefile.am: Add new file to build system.
        * JavaScriptCore.gypi: Ditto.
        * JavaScriptCore.pro: Ditto.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Remove string exports, because these are now
            handled in WebCore.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Remove the post-build step that was added
            here (the post build step is in JavaScriptCoreCommon.vsprops).
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Copy the three cpp files that need to be compiled
            by WebCore into the WebKitOutputDir directory.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Add the StringStatics file.
        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Add the three WTF string cpp files to this project.
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Remove the need to link against WTF.lib (since jsc links against JavaScriptCore).
        * JavaScriptCore.xcodeproj/project.pbxproj: Add the StringStatics file.
        * wtf/text/AtomicString.cpp: Moved code to StringStatics.
        * wtf/text/StringImpl.cpp: Ditto.
        * wtf/text/StringStatics.cpp: Added. Move functions in WTF Strings that define static variables to here, so 
            the rest of the files can be compiled in WebCore.
        (WebCore::StringImpl::empty): Moved from StringImpl.cpp to here.
        (WebCore::AtomicString::init): Moved from AtomicString.cpp to here.

2010-05-11  Alice Liu  <alice.liu@apple.com>

        Rubber-stamped by Gavin Barraclough.

        Fix build error when enabling debugging block in WebKit win painting code

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-11  Mark Rowe  <mrowe@apple.com>

        Fix the world.

        In r59162 a change was made to WebCore's FeatureDefines.xcconfig that enabled FILE_READER and FILE_WRITER.
        The author and reviewer of that patch ignored the carefully-worded warning at the top of that file asking
        that changes to the file be kept in sync across JavaScriptCore, WebCore and WebKit, as well as being kept
        in sync with build-webkit.  This led to WebCore and WebKit having different views of Document's vtable
        and results in crashes in Safari shortly after launch when virtual function calls resulted in the wrong
        function in WebCore being called.

        We fix this by bringing the FeatureDefines.xcconfig files in to sync.  Based on the ChangeLog message and
        other changes in r59162 it appears that enabling FILE_WRITER was unintentional so that particular change
        has been reverted.

        * Configurations/FeatureDefines.xcconfig:

2010-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r59171.
        http://trac.webkit.org/changeset/59171
        https://bugs.webkit.org/show_bug.cgi?id=38933

        "Broke the world" (Requested by bweinstein on #webkit).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wtf/text/AtomicString.cpp:
        (WebCore::AtomicString::init):
        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::empty):
        * wtf/text/StringStatics.cpp: Removed.

2010-05-11  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Steve Falkenburg.
        Patch by Gavin Barraclough.
        
        REGRESSION (r57900-57919): 3% PLT Regression from moving strings into WTF.
        https://bugs.webkit.org/show_bug.cgi?id=38930
        <rdar://problem/7937188>
        
        When the String classes were moved from WebCore to WTF, it meant that on Windows, all operations
        on Strings in WebCore had to cross a DLL boundary (from WebKit.dll to JavaScript.dll).
        
        We fix this by refactoring some of the WTF string code, so the code in AtomicString, StringImpl, and
        WTFString can be built by both WebCore and WTF, and we don't need to talk across a DLL to do operations
        on Strings.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Remove string exports, because these are now
            handled in WebCore.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Remove the post-build step that was added
            here (the post build step is in JavaScriptCoreCommon.vsprops).
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Copy the three cpp files that need to be compiled
            by WebCore into the WebKitOutputDir directory.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Add the StringStatics file.
        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Add the three WTF string cpp files to this project.
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Remove the need to link against WTF.lib (since jsc links against JavaScriptCore).
        * JavaScriptCore.xcodeproj/project.pbxproj: Add the StringStatics file.
        * wtf/text/AtomicString.cpp: Moved code to StringStatics.
        * wtf/text/StringImpl.cpp: Ditto.
        * wtf/text/StringStatics.cpp: Added. Move functions in WTF Strings that define static variables to here, so 
            the rest of the files can be compiled in WebCore.
        (WebCore::StringImpl::empty): Moved from StringImpl.cpp to here.
        (WebCore::AtomicString::init): Moved from AtomicString.cpp to here.

2010-05-11  Geoffrey Garen  <ggaren@apple.com>

        Fixed test failures seen on SnowLeopard buildbot.

        * runtime/JSString.cpp:
        (JSC::JSString::replaceCharacter): Don't use size_t and wtf::notFound.
        Instead, use the individual types and notFound values of the string APIs
        we're using, since they're not necessarily the same in 64bit.

2010-05-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt and Darin Adler.

        Start using ropes in String.prototype.replace.
        
        1%-1.5% speedup on SunSpider.

        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope): Updated for RopeImpl refactoring.

        (JSC::JSString::replaceCharacter): Added a replaceCharacter function, which creates
        a rope for the resulting replacement.

        * runtime/JSString.h: A few changes here:
        (JSC::):
        (JSC::RopeBuilder::RopeIterator::RopeIterator):
        (JSC::RopeBuilder::RopeIterator::operator++):
        (JSC::RopeBuilder::RopeIterator::operator*):
        (JSC::RopeBuilder::RopeIterator::operator!=):
        (JSC::RopeBuilder::RopeIterator::WorkItem::WorkItem):
        (JSC::RopeBuilder::RopeIterator::WorkItem::operator!=):
        (JSC::RopeBuilder::RopeIterator::skipRopes): Created a RopeIterator abstraction.
        We use this to do a substring find without having to resolve the rope.
        (We could use this iterator when resolving ropes, too, but resolving
        ropes backwards is usually more efficient.)

        (JSC::RopeBuilder::JSString): Added constructors for 2 & 3 UStrings.

        (JSC::RopeBuilder::appendValueInConstructAndIncrementLength):
        (JSC::RopeBuilder::size): Updated for RopeImpl refactoring.

        * runtime/Operations.h: Updated for RopeImpl refactoring.
        (JSC::jsString): Added jsString functions for 2 & 3 UStrings.

        * runtime/RopeImpl.cpp:
        (JSC::RopeImpl::derefFibersNonRecursive):
        * runtime/RopeImpl.h:
        (JSC::RopeImpl::initializeFiber):
        (JSC::RopeImpl::size):
        (JSC::RopeImpl::fibers):
        (JSC::RopeImpl::deref):
        (JSC::RopeImpl::RopeImpl): A little refactoring to make this patch easier:
        Moved statics to the top of the class; put multi-statement functions on
        multiple lines; renamed "fiberCount" to "size" to match other collections;
        changed the "fibers" accessor to return the fibers buffer, instead of an
        item in the buffer, to make iteration easier.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace): Don't resolve a rope unless we need to. Do
        use our new replaceCharacter function if possible. Do use a rope to
        represent splicing three strings together.

2010-05-10  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        [Qt] Disable JIT support for mingw-w64
        https://bugs.webkit.org/show_bug.cgi?id=38747

        Disale JIT for mingw-w64 as it is reportedly
        unstable.

        Thanks for Vanboxem Rruben for the investigation.

        * wtf/Platform.h:

2010-05-09  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Eric Seidel.

        JavaScriptCore/wtf/MD5.h: checksum should take a reference to output.
        https://bugs.webkit.org/show_bug.cgi?id=38723

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * wtf/MD5.cpp:
        (WTF::expectMD5):
          Fix for checksum change.
        (WTF::MD5::checksum):
          Take a reference to output, instead of returning the result by value, to reduce coping for performance.
        * wtf/MD5.h:

2010-05-09  Oliver Hunt  <oliver@apple.com>

        Build fix.

        Fix accidental repeat addition of emit_op_new_regexp

        * jit/JITOpcodes.cpp:

2010-05-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION(r57955): RegExp literals should not actually be cached, so r57955 should be rolled out.
        https://bugs.webkit.org/show_bug.cgi?id=38828
        <rdar://problem/7961634>

        Rollout r57955

        * bytecode/CodeBlock.cpp:
        (JSC::regexpToSourceString):
        (JSC::regexpName):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::addRegExp):
        (JSC::CodeBlock::regexp):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::addRegExp):
        (JSC::BytecodeGenerator::emitNewRegExp):
        * bytecompiler/BytecodeGenerator.h:
        * bytecompiler/NodesCodegen.cpp:
        (JSC::RegExpNode::emitBytecode):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_regexp):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):

2010-05-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Reserve a large-ish initial capacity for Lexer::m_buffer16.
        
        SunSpider says 0.3% faster.
        
        m_buffer16 is used when parsing complex strings -- for example, strings
        with escape sequences in them. These kinds of strings can be really long,
        and we want to avoid repeatedly copying as we grow m_buffer16.
        
        The net memory cost is quite low, since it's proporitional to source
        code we already have in memory, and we throw away m_buffer16 right when
        we're done parsing.

        * parser/Lexer.cpp:
        (JSC::Lexer::Lexer): No need to reserve initial capacity in our constructor,
        since setCode will be called before we're asked to lex anything.
        (JSC::Lexer::setCode): Reserve enough space to lex half the source code
        as a complex string without having to copy.
        (JSC::Lexer::clear): No need to reserve initial capacity here either,
        since setCode will be called before we're asked to lex anything.

2010-05-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        [Qt] Remove YARR configuration rules from Qt make system
        https://bugs.webkit.org/show_bug.cgi?id=38819

        Setting YARR based on JIT seeting is now in Platform.h 
        for all ports. This patch essentially reverses r49238.

        * JavaScriptCore.pri:

2010-05-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Improve string indexing performance
        https://bugs.webkit.org/show_bug.cgi?id=38814

        Add an assembly stub to do indexed loads from strings much
        more cheaply than the current stub dispatch logic.  We can
        do this because we are able to make guarantees about the
        register contents when entering the stub so the call overhead
        is negligible.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        * jit/JITOpcodes.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::stringGetByValStubGenerator):
        (JSC::JIT::emitSlow_op_get_by_val):
           Moved from JITOpcodes.cpp to keep the slowcase next to
           the normal case codegen as we do for everything else.
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::stringGetByValStubGenerator):
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JSInterfaceJIT.h:
        (JSC::JSInterfaceJIT::emitFastArithImmToInt):

2010-05-09  Maciej Stachowiak  <mjs@apple.com>

        Fixed version of: "Optimized o[s] where o is a cell and s is a string"
        https://bugs.webkit.org/show_bug.cgi?id=38815
        
        Fixed the previous patch for this from Geoff Garen.
        
        The two problems were a missing exception check and a PropertySlot
        initialized improperly, leading to crashes and failures in the case
        of getters accessed with bracket syntax.

    Previous patch:

        Optimized o[s] where o is a cell and s is a string, removing some old
        code that wasn't really tuned for the JIT.
        
        SunSpider says 0.8% faster.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSCell.h:

2010-05-08  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, build fix.

        Fix missing terminating ' character warning

        The warning has been only seen on the Gtk buildbots.

        * wtf/Platform.h:

2010-05-08  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Gavin Barraclough.

        Refactor YARR and YARR_JIT default rules in Platform.h
        https://bugs.webkit.org/show_bug.cgi?id=38727

        Turn on YARR and YARR JIT by default of JIT is enabled.
        Ports can overrule this default decisions as they wish.

        * wtf/Platform.h:

2010-05-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Split JSVALUE32_64 code out of JITOpcodes.cpp and into JITOpcodes32_64.cpp
        https://bugs.webkit.org/show_bug.cgi?id=38808

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JITOpcodes.cpp:
        * jit/JITOpcodes32_64.cpp: Added.
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::emit_op_mov):
        (JSC::JIT::emit_op_end):
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emitSlow_op_loop_if_lesseq):
        (JSC::JIT::emit_op_new_object):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emitSlow_op_instanceof):
        (JSC::JIT::emit_op_new_func):
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_tear_off_activation):
        (JSC::JIT::emit_op_tear_off_arguments):
        (JSC::JIT::emit_op_new_array):
        (JSC::JIT::emit_op_resolve):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emitSlow_op_to_primitive):
        (JSC::JIT::emit_op_strcat):
        (JSC::JIT::emit_op_resolve_base):
        (JSC::JIT::emit_op_resolve_skip):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emitSlow_op_resolve_global):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emitSlow_op_not):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emitSlow_op_jfalse):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emitSlow_op_jtrue):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_jsr):
        (JSC::JIT::emit_op_sret):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emit_op_stricteq):
        (JSC::JIT::emitSlow_op_stricteq):
        (JSC::JIT::emit_op_nstricteq):
        (JSC::JIT::emitSlow_op_nstricteq):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_resolve_with_base):
        (JSC::JIT::emit_op_new_func_exp):
        (JSC::JIT::emit_op_throw):
        (JSC::JIT::emit_op_get_pnames):
        (JSC::JIT::emit_op_next_pname):
        (JSC::JIT::emit_op_push_scope):
        (JSC::JIT::emit_op_pop_scope):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emitSlow_op_to_jsnumber):
        (JSC::JIT::emit_op_push_new_scope):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_jmp_scopes):
        (JSC::JIT::emit_op_switch_imm):
        (JSC::JIT::emit_op_switch_char):
        (JSC::JIT::emit_op_switch_string):
        (JSC::JIT::emit_op_new_error):
        (JSC::JIT::emit_op_debug):
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):
        (JSC::JIT::emit_op_create_arguments):
        (JSC::JIT::emit_op_init_arguments):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emitSlow_op_convert_this):
        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call):

2010-05-08  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Fix halfword loads on ARM
        https://bugs.webkit.org/show_bug.cgi?id=38741

        The BaseIndex and ImplicitAddress are contain 32bit wide offset, but
        the load16 functions were working with 8 bit data (encoded in the
        instruction). If the offset cannot be encoded in an instruction, it
        should be stored in a temporary register.

        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::getOffsetForHalfwordDataTransfer):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::load16):

2010-05-08  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Fix spanning branch instruction on Cortex-A8 with Thumb-2 JIT
        https://bugs.webkit.org/show_bug.cgi?id=38280

        If the 32-bit Thumb-2 branch instruction spans two 4KiB regions and
        the target of the branch falls within the first region it is
        possible for the processor to incorrectly determine the branch
        instruction, and it is also possible in some cases for the processor
        to enter a deadlock state.

        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::linkJumpAbsolute):

2010-05-08  Adam Barth  <abarth@webkit.org>

        Reviewed by Darin Fisher.

        [WTFURL] Add a buffer for managing the output of the canonicalizer
        https://bugs.webkit.org/show_bug.cgi?id=38671

        The canonicalizer produces a stream of canonicalized characters, which
        we will store in a URLBuffer.  URLBuffer is quite similar to Vector,
        but serves as an abstraction to isolate us from the underlying
        character storage.  In the case of WebKit, we'll probably implement a
        subclass of URLBuffer with Vector.  In Chromium, the backing store is a
        std::string, which avoids an unnecessary memcpy that would be caused by
        using Vector instead.

        * wtf/url/src/URLBuffer.h: Added.
        (WTF::URLBuffer::URLBuffer):
        (WTF::URLBuffer::~URLBuffer):
        (WTF::URLBuffer::at):
        (WTF::URLBuffer::set):
        (WTF::URLBuffer::capacity):
        (WTF::URLBuffer::length):
        (WTF::URLBuffer::data):
        (WTF::URLBuffer::setLength):
        (WTF::URLBuffer::append):
        (WTF::URLBuffer::grow):

2010-05-08  Eric Seidel  <eric@webkit.org>

        Unreviewed, just reverting commit.

        REGRESSION(59000): r59000 contained all sorts of changes it should not have, needs revert.
        https://bugs.webkit.org/show_bug.cgi?id=38798

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitResolve):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_resolve_global):

2010-05-04  Jer Noble  <jer.noble@apple.com>

        Reviewed by Maciej Stachowiak

        Safari pegs CPU and drops tons of frames using HTML5 Vimeo player
        <https://bugs.webkit.org/show_bug.cgi?id=34005>
        <rdar://problem/7569713>
        
        Added cancelCallOnMainThread.  callOnMainThread should always now be paired
        with cancelCallOnMainThread in situations where the refcon passed to callOnMainThread
        may be dealloced before the main thread function can be dispatched.  
        
        * wtf/MainThread.cpp:
        (WTF::FunctionWithContext::operator == ): Supports the FunctionWithContextFinder predicate functor.
        (WTF::FunctionWithContextFinder::FunctionWithContextFinder):  Predicate functor for use with Dequeue::findIf
        (WTF::FunctionWithContextFinder::operator()):
        (WTF::cancelCallOnMainThread):
        * wtf/MainThread.h:

2010-05-07  Oliver Hunt  <oliver@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-07  Eric Seidel  <eric@webkit.org>

        Unreviewed, rolling out r58990.
        http://trac.webkit.org/changeset/58990

        Broke 4 tests on Snow Leopard and Qt.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSCell.h:

2010-05-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Optimize access to the global object from a function that uses eval
        https://bugs.webkit.org/show_bug.cgi?id=38644

        Fix bug where cross scope access to a global var (vs. property) would
        be allowed without checking for intervening dynamic scopes.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitResolve):

2010-05-07  Oliver Hunt  <oliver@apple.com>

        32-bit buildfix.

        Macro expansion I stab at thee!

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_resolve_global):

2010-05-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Optimized o[s] where o is a cell and s is a string, removing some old
        code that wasn't really tuned for the JIT.
        
        SunSpider says 0.8% faster.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSCell.h:

2010-05-07  Oliver Hunt  <oliver@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Optimize access to the global object from a function that uses eval
        https://bugs.webkit.org/show_bug.cgi?id=38644

        Add op_resolve_global_dynamic, a variant of op_resolve_global that
        checks each node in the scope chain for dynamically inserted properties
        and falls back to the normal resolve logic in that case.

        * JavaScriptCore.exp:
        * bytecode/CodeBlock.cpp:
        (JSC::isGlobalResolve):
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructures):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::findScopedProperty):
           Now take an additional reference parameter to used to indicate that
           there were nodes that may gain dynamic properties
        (JSC::BytecodeGenerator::emitResolve):
        (JSC::BytecodeGenerator::emitResolveBase):
        (JSC::BytecodeGenerator::emitResolveWithBase):
           deal with additional argument to findScopedProperty
        * bytecompiler/BytecodeGenerator.h:
        * bytecompiler/NodesCodegen.cpp:
        (JSC::FunctionCallResolveNode::emitBytecode):
        (JSC::PostfixResolveNode::emitBytecode):
        (JSC::PrefixResolveNode::emitBytecode):
        (JSC::ReadModifyResolveNode::emitBytecode):
        (JSC::AssignResolveNode::emitBytecode):
           These functions use findScopedProperty directly in order to
           optimise lookup.  They cannot trivially handle any degree of
           dynamism in the lookup so we just give up in such case.
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobalDynamic):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_resolve_global_dynamic):
        (JSC::JIT::emitSlow_op_resolve_global):
        (JSC::JIT::emitSlow_op_resolve_global_dynamic):
           Happily resolve_global_dynamic can share the slow case!
        * jit/JITStubs.h:
        (JSC::):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::isDynamicScope):
        * runtime/JSActivation.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::isDynamicScope):
        * runtime/JSGlobalObject.h:
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::isDynamicScope):
        * runtime/JSStaticScopeObject.h:
        * runtime/JSVariableObject.h:

2010-05-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Fixed Sputnik failure seen on buildbot.

        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString): Cast to unsigned before checking magnitude,
        to efficiently exclude negative numbers, which require two characters
        instead of one.

2010-05-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Alexey Proskuryakov.
        
        Slightly more effective way to guarantee a compile-time constant, at
        least on gcc.

        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString): Use pointer notation instead of array
        notation, so the compiler treats the string and its contents as constant.

2010-05-07  Adam Barth  <abarth@webkit.org>

        Reviewed by Alexey Proskuryakov.

        [WTFURL] Add core URL parser
        https://bugs.webkit.org/show_bug.cgi?id=38572

        This patch adds the core of the URL parser.  The URL parser uses a
        templated notion of a code unit to support different string types.
        Later we'll add some non-templated APIs with concrete types that
        clients can use more conveniently.

        The URLParser has a couple calls to ASSERT(), which I've commented out
        for now.  I'm not 100% sure how to handle the dependency issues there
        yet, so I've punted on the issue for now.

        Also, there are a number of methods that are declared public in this
        patch that are only used by the canonicalizer.  My plan is to make
        those private or protected and make the canonicalizer a friend of the
        parser.  The details will be in a later patch.

        * wtf/url/src/URLComponent.h:
        (WTF::URLComponent::fromRange):
        (WTF::URLComponent::isNonEmpty):
        (WTF::URLComponent::isEmptyOrInvalid):
        * wtf/url/src/URLParser.h: Added.
        (WTF::URLParser::):
        (WTF::URLParser::isPossibleAuthorityTerminator):
        (WTF::URLParser::parseAuthority):
        (WTF::URLParser::extractScheme):
        (WTF::URLParser::parseAfterScheme):
        (WTF::URLParser::parseStandardURL):
        (WTF::URLParser::parsePath):
        (WTF::URLParser::parsePathURL):
        (WTF::URLParser::parseMailtoURL):
        (WTF::URLParser::parsePort):
        (WTF::URLParser::extractFileName):
        (WTF::URLParser::extractQueryKeyValue):
        (WTF::URLParser::isURLSlash):
        (WTF::URLParser::shouldTrimFromURL):
        (WTF::URLParser::trimURL):
        (WTF::URLParser::consecutiveSlashes):
        (WTF::URLParser::isPortDigit):
        (WTF::URLParser::nextAuthorityTerminator):
        (WTF::URLParser::parseUserInfo):
        (WTF::URLParser::parseServerInfo):

2010-05-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Added a fast path for number-to-character conversion via
        Number.prototype.toString base 36.
        
        0.7% speedup on SunSpider.

        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToString): Made radix interpretation a little more
        efficient by keeping it in int space. Turned "const char" into
        "static const char" just in case. Added a fast path for base 36
        conversion of something that will turn into a character.

2010-05-07  Adam Barth  <abarth@webkit.org>

        Reviewed by Darin Fisher.

        [WTFURL] Add a malloc-backed URLBuffer
        https://bugs.webkit.org/show_bug.cgi?id=38694

        This patch adds a URLBuffer that uses new/delete to manage the backing
        store for the buffer.

        * wtf/url/src/RawURLBuffer.h: Added.
        (WTF::RawURLBuffer::RawURLBuffer):
        (WTF::RawURLBuffer::~RawURLBuffer):
        (WTF::RawURLBuffer::resize):

2010-05-06  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        JavaScriptCore/wtf/RandomNumber.h should provide using WTF::*
        https://bugs.webkit.org/show_bug.cgi?id=38719

        * wtf/RandomNumber.h:
          Add using directives.

2010-05-06  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Enable YARR_JIT for X86 Mac for QtWebKit
        https://bugs.webkit.org/show_bug.cgi?id=38668

        * wtf/Platform.h:

2010-05-06  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 38714 - Add result caching for Math.sin

        Math.sin is frequently called with the same operand, caching the result should
        improve performance.  CachedTranscendentalFunction adds a generic mechanism to
        cache results for pure functions with the signature "double func(double)", and
        where NaN maps to NaN.

        CachedTranscendentalFunction uses a very simple hash function designed to be
        fast to execute since we cannot cache the result, and trivial to JIT generate,
        should we wish to do so.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/CachedTranscendentalFunction.h: Added.
        (JSC::CachedTranscendentalFunction::CachedTranscendentalFunction):
        (JSC::CachedTranscendentalFunction::~CachedTranscendentalFunction):
        (JSC::CachedTranscendentalFunction::operator()):
        (JSC::CachedTranscendentalFunction::initialize):
        (JSC::CachedTranscendentalFunction::hash):
        * runtime/JSGlobalData.h:
        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncSin):
        * wtf/Platform.h:

2010-05-06  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix.

        * bytecode/SamplingTool.cpp:
        (JSC::SamplingFlags::sample): Use a cast, so Windows will be happy when
        this code is enabled.
        * wtf/Platform.h: Reverted last change to this file, which seems to have
        been accidental.

2010-05-06  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Add compile switch to make debugger keyword plant breakpoint instructions.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitDebugHook):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_debug):
        * wtf/Platform.h:

2010-05-06  Oliver Hunt  <oliver@apple.com>

        Build fix

        Fix ARM builds

        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::load16):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::load16):

2010-05-06  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Improve performance of single character string compares
        https://bugs.webkit.org/show_bug.cgi?id=38659

        Add logic to the jit to identify comparisons to single character string literals
        and then just perform the comparison inline, rather than ignoring the evidence
        and attempting to perform an integer comparison.

        Multiple changes required -- add jnlesseq opcode, add helper function to identify
        single character string constants, add a helper to load single character strings.
        Then add the 32_64 and normal codepaths to the JIT.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::load16):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpIfTrue):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jless):
        (JSC::JIT::emitSlow_op_jless):
        (JSC::JIT::emit_op_jlesseq):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        * jit/JITArithmetic32_64.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jless):
        (JSC::JIT::emitSlow_op_jless):
        (JSC::JIT::emit_op_jlesseq):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emitBinaryDoubleOp):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadCharacterString):
        (JSC::JIT::isOperandConstantImmediateChar):
        * jit/JSInterfaceJIT.h:
        (JSC::ThunkHelpers::stringImplDataOffset):
        (JSC::ThunkHelpers::jsStringLengthOffset):
        (JSC::ThunkHelpers::jsStringValueOffset):
         Moved from ThunkGenerators to make it possible to share.
        * jit/ThunkGenerators.cpp:

2010-05-06  Martin Robinson  <mrobinson@webkit.org>

        Reviewed by Gustavo Noronha Silva.

        [GTK] Enable DOM clipboard and drag-and-drop access
        https://bugs.webkit.org/show_bug.cgi?id=30623

        Convert dragging portion of drag-and-drop to use DataObjectGtk.

        * wtf/gobject/GRefPtr.h: Add forward declarations for GObject functions.

2010-05-06  Steve Block  <steveblock@google.com>

        Reviewed by Eric Seidel.

        MAC_JAVA_BRIDGE should be renamed JAVA_BRIDGE
        https://bugs.webkit.org/show_bug.cgi?id=38544

        * wtf/Platform.h:

2010-05-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Maciej Stachowiak.

        [WTFURL] Add a class to represent the segments of a URL
        https://bugs.webkit.org/show_bug.cgi?id=38566

        When paired with a string, this class represents a parsed URL.

        * wtf/url/src/URLSegments.cpp: Added.
        (WTF::URLSegments::length):
        (WTF::URLSegments::charactersBefore):
        * wtf/url/src/URLSegments.h: Added.
        (WTF::URLSegments::):
        (WTF::URLSegments::URLSegments):
        * wtf/url/wtfurl.gyp:

2010-05-05  Tony Gentilcore  <tonyg@chromium.org>

        Reviewed by Adam Barth.

        Adding comment with link to RefPtr documentation.
        https://bugs.webkit.org/show_bug.cgi?id=38601

        * wtf/RefPtr.h:

2010-05-05  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        Bug 38604 - workers-gc2 crashing on Qt

        This appears to be due to a couple of issues.
        (1) When the atomic string table is deleted it does not clear the 'inTable' bit
        on AtomicStrings - it implicitly assumes that all AtomicStrings have already
        been deleted at this point (otherwise they will crash in their destructor when
        they try to remove themselves from the atomic string table).
        (2) We don't fix the ordering in which WTF::WTFThreadData and
        WebCore::ThreadGlobalData are destructed.

        We should make sure that ThreadGlobalData is cleaned up before worker threads
        terminate and WTF::WTFThreadData is destroyed, and we should clear the inTable
        bit of members on atomic string table destruction.

        WTF changes (fix issue 1, above) - ensure inTable property is cleared when the
        atomic string table is destroyed (also, rename InTable to IsAtomic, to make it
        clear which table we are refering to!)

        * wtf/text/AtomicString.cpp:
        (WebCore::AtomicStringTable::destroy):
        (WebCore::CStringTranslator::translate):
        (WebCore::UCharBufferTranslator::translate):
        (WebCore::HashAndCharactersTranslator::translate):
        (WebCore::AtomicString::add):
        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::~StringImpl):
        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::isAtomic):
        (WebCore::StringImpl::setIsAtomic):
        * wtf/text/StringImplBase.h:

2010-05-05  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Make Array.join specialised for actual arrays
        https://bugs.webkit.org/show_bug.cgi?id=38592

        Bring Array.join in line with the other array methods by specialising for
        this === an array.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncJoin):

2010-05-04  Yongjun Zhang  <yongjun_zhang@apple.com>

        Reviewed by Darin Adler.

        WebKit crashes at DebuggerCallFrame::functionName() if m_callFrame is the top global callframe.
        https://bugs.webkit.org/show_bug.cgi?id=38535

        Don't call asFunction if callee is not a FunctionType to prevent assertion failure
        in JSCell::isObject().

        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName):
        (JSC::DebuggerCallFrame::calculatedFunctionName):

2010-05-04  Steve Falkenburg  <sfalken@apple.com>

        Remove redundant exports to fix Windows build warnings.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-05-04  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Holger Freyther.

        Fix a memory leak inside the QScriptValue.

        QSciptValuePrivate::toString should release all temporary variables.

        [Qt] QScriptValue::toString have a memory leak.
        https://bugs.webkit.org/show_bug.cgi?id=38112

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::toString):

2010-05-04  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Reviewed by Darin Adler.

        Does not work on SPARC because of alignment issues
        https://bugs.webkit.org/show_bug.cgi?id=38455

        Use AllocAlignmentInteger instead of void* on pageheap_memory to
        avoid crashing at runtime in some architectures. Investigated by
        Mike Hommey <mh@glandium.org>, change suggested by Darin Adler.

        * wtf/FastMalloc.cpp:

2010-05-04  Adam Barth  <abarth@webkit.org>

        Reviewed by Maciej Stachowiak.

        Add first WTFURL file
        https://bugs.webkit.org/show_bug.cgi?id=38470

        This class represents a component of a URL, such as the scheme or path.
        Essentially, the class is an index into a string buffer.

        * wtf/url: Added.
            - There was some discussion about where to put the URL library.
              There are a number of reasonable options, but putting the library
              in the WTF directory seems like a reasonable alternative.  This
              location will make more sense once WTF is moved out of
              JavaScriptCore and into a top-level directory.
        * wtf/url/src: Added.
            - I've added this extra directory to the usual structure because we
              eventually want a "public" folder that defines the public
              interface to this library that clients outside of svn.webkit.org
              can rely upon, much like the various subfolders of the WebKit
              directory often define a public API.
        * wtf/url/src/URLComponent.h: Added.
            - I've added this somewhat trivial class to get the ball rolling.
        (WTF::URLComponent::URLComponent):
        (WTF::URLComponent::isValid):
        (WTF::URLComponent::isNonempty):
        (WTF::URLComponent::reset):
        (WTF::URLComponent::operator==):
        (WTF::URLComponent::begin):
        (WTF::URLComponent::setBegin):
        (WTF::URLComponent::length):
        (WTF::URLComponent::setLength):
        (WTF::URLComponent::end):
        * wtf/url/wtfurl.gyp: Added.
            - WTFURL will be an independently buildable library, hence the
              beginnings of a wtfurl.gyp file.

2010-05-03  Stephanie Lewis  <slewis@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=38368
        <rdar://problem/7834433> REGRESSSION: 1.5% PLT regression due to 56028 
        (return memory quicker).
        Instead of returning everything but the smallest spans spread out 
        the spans kept over several size lists.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::scavenge):

2010-05-03  James Robinson  <jamesr@chromium.org>

        Reviewed by Eric Seidel.

        Clean up a few compiler warnings
        https://bugs.webkit.org/show_bug.cgi?id=38073

        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::ascii):

2010-05-03  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (reverting previous commit).

        Rolling out r58114 - this introduced memory leaks of
        AtomicStrings then workers terminated.

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/ThunkGenerators.cpp:
        (JSC::ThunkHelpers::stringImplDataOffset):
        * runtime/Identifier.cpp:
        (JSC::IdentifierTable::~IdentifierTable):
        (JSC::IdentifierTable::add):
        (JSC::IdentifierCStringTranslator::hash):
        (JSC::IdentifierCStringTranslator::equal):
        (JSC::IdentifierCStringTranslator::translate):
        (JSC::Identifier::add):
        (JSC::IdentifierUCharBufferTranslator::hash):
        (JSC::IdentifierUCharBufferTranslator::equal):
        (JSC::IdentifierUCharBufferTranslator::translate):
        (JSC::Identifier::addSlowCase):
        * runtime/Identifier.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:
        * wtf/WTFThreadData.cpp:
        (WTF::WTFThreadData::WTFThreadData):
        (WTF::WTFThreadData::~WTFThreadData):
        * wtf/WTFThreadData.h:
        (JSC::IdentifierTable::remove):
        (JSC::IdentifierTable::literalTable):
        (WTF::WTFThreadData::atomicStringTable):
        * wtf/text/AtomicString.cpp:
        (WebCore::AtomicStringTable::create):
        (WebCore::AtomicStringTable::table):
        (WebCore::AtomicStringTable::destroy):
        (WebCore::stringTable):
        (WebCore::CStringTranslator::hash):
        (WebCore::CStringTranslator::equal):
        (WebCore::CStringTranslator::translate):
        (WebCore::operator==):
        (WebCore::AtomicString::add):
        (WebCore::equal):
        (WebCore::UCharBufferTranslator::hash):
        (WebCore::UCharBufferTranslator::equal):
        (WebCore::UCharBufferTranslator::translate):
        (WebCore::HashAndCharactersTranslator::hash):
        (WebCore::HashAndCharactersTranslator::equal):
        (WebCore::HashAndCharactersTranslator::translate):
        (WebCore::AtomicString::find):
        (WebCore::AtomicString::remove):
        * wtf/text/AtomicStringTable.h: Removed.
        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::~StringImpl):
        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::inTable):
        (WebCore::StringImpl::setInTable):
        (WebCore::equal):
        * wtf/text/StringImplBase.h:
        (WTF::StringImplBase::StringImplBase):

2010-05-03  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Implement scheduleDispatchFunctionsOnMainThread for wx port.
        https://bugs.webkit.org/show_bug.cgi?id=38480

        * wtf/wx/MainThreadWx.cpp:
        (wxCallAfter::wxCallAfter):
        (wxCallAfter::OnCallback):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2010-05-03  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Build and use Mac's ComplexTextController to support complex text in wx.
        https://bugs.webkit.org/show_bug.cgi?id=38482

        * wtf/Platform.h:

2010-05-03  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Interpreter crashes due to incorrect refcounting of cached structures.
        https://bugs.webkit.org/show_bug.cgi?id=38491
        rdar://problem/7926160

        Make sure we ref/deref structures used for cached custom property getters

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):

2010-05-02  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        [Qt] Enable JIT for QtWebKit on Symbian
        https://bugs.webkit.org/show_bug.cgi?id=38339

        JIT on Symbian has been stable for quite some time, it
        is time to turn it on by default.

        * wtf/Platform.h:

2010-04-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Add codegen support for unsigned right shift
        https://bugs.webkit.org/show_bug.cgi?id=38375

        Expose unsigned right shift in the macro assembler, and make use of it
        from the jit.  Currently if the result is outside the range 0..2^31-1
        we simply fall back to the slow case, even in JSVALUE64 and JSVALUE32_64
        where technically we could still return an immediate value.

        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::urshift32):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::urshift32):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::urshift32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::shrl_i8r):
        (JSC::X86Assembler::shrl_CLr):
           Add unsigned right shift to the x86 assembler
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
           op_rshift no longer simply get thrown to a stub function
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_urshift):
        (JSC::JIT::emitSlow_op_urshift):
          JSVALUE32 and JSVALUE64 implementation.  Only supports
          double lhs in JSVALUE64.
        * jit/JITArithmetic32_64.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emit_op_urshift):
        (JSC::JIT::emitSlow_op_urshift):
          Refactor right shift code to have shared implementation between signed
          and unsigned versions.

2010-04-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Handle double on righthand side of a right shift
        https://bugs.webkit.org/show_bug.cgi?id=38363

        In 64-bit we support right shift of a double, and there's no
        reason not to in 32-bit either.  This is a 1.1% sunspider
        improvement in 32bit.

        Given high performance javascript code frequently makes
        use of bit operators to perform double->int conversion i'll
        follow this patch up with similar patches for bitwise 'and'
        and 'or'.

        * jit/JITArithmetic32_64.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):

2010-04-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Hoist JSVALUE32_64 arithmetic implementations into a separate file.

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITArithmetic32_64.cpp: Added.
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emitSlow_op_negate):
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jless):
        (JSC::JIT::emitSlow_op_jless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitSlow_op_bitand):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitSlow_op_bitor):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitSlow_op_bitxor):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSub32Constant):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emitSlow_op_div):
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):

2010-04-29  Zoltan Herczeg  <zherczeg@webkit.org>

        Reviewed by Oliver Hunt

        Add sqrt() instruction support for ARM assembler (using VFP)
        https://bugs.webkit.org/show_bug.cgi?id=38312

        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::fsqrtd_r):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
        (JSC::MacroAssemblerARM::sqrtDouble):

2010-04-29  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Refactor qtscriptglobal.h
        https://bugs.webkit.org/show_bug.cgi?id=37953

        Use the same pattern in qtscriptglobal.h as in 
        qwebkitglobal.h without checking for specific OSs.

        * qt/api/qtscriptglobal.h:

2010-04-29  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Small cleanup.

        QScriptValuePrivate constructor shouldn't take QScriptEngine pointer
        as a parameter, because it breaks a private / public separation rule.
        QScriptEnginePrivate::get(QScriptEngine*) should return
        a QScriptEnginePrivate pointer instead of a QScriptEnginePtr, it simplifies
        implementation.

        [Qt] QScriptValuePrivate class needs some cleanup.
        https://bugs.webkit.org/show_bug.cgi?id=37729

        * qt/api/qscriptengine_p.h:
        (QScriptEnginePrivate::get):
        * qt/api/qscriptvalue.cpp:
        (QScriptValue::QScriptValue):
        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::QScriptValuePrivate):

2010-04-29  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Simon Hausmann.

        [WINCE] Export g_stackBase with JS_EXPORTDATA
        https://bugs.webkit.org/show_bug.cgi?id=37437

        Export g_stackBase with JS_EXPORTDATA as it is used by SharedTimerWince.cpp.

        * runtime/Collector.cpp:

2010-04-28  Oliver Hunt  <oliver@apple.com>

        Do an unordered compare so that we don't treat NaN incorrectly.

        RS=Gavin Barraclough

        * jit/ThunkGenerators.cpp:
        (JSC::powThunkGenerator):

2010-04-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Add fast paths for Math.pow and Math.sqrt
        https://bugs.webkit.org/show_bug.cgi?id=38294

        Add specialized thunks for Math.pow and Math.sqrt.
        This requires adding a sqrtDouble function to the MacroAssembler
        and sqrtsd to the x86 assembler.

        Math.pow is slightly more complicated, in that we have
        to implement exponentiation ourselves rather than relying
        on hardware support.  The inline exponentiation is restricted
        to positive integer exponents on a numeric base.  Exponentiation
        is finally performed through the "Exponentiation by Squaring"
        algorithm.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::ImmPtr::ImmPtr):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
        (JSC::MacroAssemblerARM::loadDouble):
        (JSC::MacroAssemblerARM::sqrtDouble):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
        (JSC::MacroAssemblerARMv7::sqrtDouble):
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::loadDouble):
        (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::sqrtDouble):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::loadDouble):
        (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::movsd_mr):
        (JSC::X86Assembler::sqrtsd_rr):
        (JSC::X86Assembler::X86InstructionFormatter::twoByteOp):
        (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
        * create_hash_table:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiNativeCallThunk):
        * jit/JSInterfaceJIT.h:
        (JSC::JSInterfaceJIT::emitLoadDouble):
        (JSC::JSInterfaceJIT::emitJumpIfImmediateNumber):
        (JSC::JSInterfaceJIT::emitJumpIfNotImmediateNumber):
        (JSC::JSInterfaceJIT::emitLoadInt32):
        * jit/SpecializedThunkJIT.h:
        (JSC::SpecializedThunkJIT::loadDoubleArgument):
        (JSC::SpecializedThunkJIT::loadInt32Argument):
        (JSC::SpecializedThunkJIT::returnJSValue):
        (JSC::SpecializedThunkJIT::returnDouble):
        (JSC::SpecializedThunkJIT::finalize):
        * jit/ThunkGenerators.cpp:
        (JSC::sqrtThunkGenerator):
        (JSC::powThunkGenerator):
        * jit/ThunkGenerators.h:
        * runtime/Executable.h:
        (JSC::NativeExecutable::NativeExecutable):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):

2010-04-28  Mike Thole  <mthole@apple.com>

        Reviewed by Mark Rowe.

        Reenable WTF_USE_PROTECTION_SPACE_AUTH_CALLBACK now that an
        exports file for it has been added.

        * wtf/Platform.h:

2010-04-28  Mike Thole  <mthole@apple.com>

        Build fix, not reviewed.

        * wtf/Platform.h:
        Disable WTF_USE_PROTECTION_SPACE_AUTH_CALLBACK until an exports file is created.

2010-04-28  Mike Thole  <mthole@apple.com>

        Reviewed by David Kilzer.

        Add canAuthenticateAgainstProtectionSpace() to frame loader so that a protection space 
        can be inspected before attempting to authenticate against it
        https://bugs.webkit.org/show_bug.cgi?id=38271

        * wtf/Platform.h: Add WTF_USE_PROTECTION_SPACE_AUTH_CALLBACK define.

2010-04-28  Darin Adler  <darin@apple.com>

        Reviewed by Sam Weinig.

        Don't use CFAbsoluteTimeGetCurrent on Mac OS X, since it's just a cover
        for gettimeofday anyway.

        * wtf/CurrentTime.cpp:
        (WTF::currentTime): Remove the CF version of this. Change the "other POSIX"
        version to pass 0 for the time zone instead of ignoring a return value.
        Also get rid of unneeded type casts, since operations involving both
        integers and doubles are always evaluated as doubles in C without explicit
        type casting.

2010-04-28  Darin Fisher  <darin@chromium.org>

        Reviewed by David Levin.

        [Chromium] callOnMainThread should equate to MessageLoop::PostTask
        https://bugs.webkit.org/show_bug.cgi?id=38276

        * JavaScriptCore.gyp/JavaScriptCore.gyp:
        * wtf/MainThread.cpp:
        * wtf/chromium/ChromiumThreading.h:
        * wtf/chromium/MainThreadChromium.cpp:
        (WTF::initializeMainThread):
        (WTF::callOnMainThread):
        (WTF::callOnMainThreadAndWait):
        (WTF::setMainThreadCallbacksPaused):
        (WTF::isMainThread):

2010-04-28  Simon Hausmann  <simon.hausmann@nokia.com>, Kent Hansen <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        JSC's currentThreadStackBase is not reentrant on some platforms
        https://bugs.webkit.org/show_bug.cgi?id=37195

        This function needs to be reentrant to avoid memory corruption on platforms where
        the implementation uses global variables.

        This patch adds a mutex lock where necessary and makes the Symbian implementation
        reentrant.

        * runtime/Collector.cpp:
        (JSC::currentThreadStackBaseMutex):
        (JSC::currentThreadStackBase):

2010-04-28  Thiago Macieira <thiago.macieira@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compilation with gcc 3.4.

        AtomicStringImpl.h:29: error: base `WebCore::StringImpl' with only
        non-default constructor in class without a constructor

        * wtf/text/AtomicStringImpl.h:
        (WebCore::AtomicStringImpl::AtomicStringImpl): Provide a default constructor.
        * wtf/text/StringImpl.h: Allow AtomicStringImpl to call a StringImpl constructor through a friend declaration.

2010-04-27  Stephanie Lewis  <slewis@apple.com>

        Fix Tiger build.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::Carve):

2010-04-26  Stephanie Lewis  <slewis@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=38154 FastMalloc calls madvise too often.
        <rdar://problem/7834433> REGRESSSION: 1.5% PLT regression due to 56028 (return memory quicker).  
        To save on madvise calls when recommitting memory recommit the entire span and then carve it
        instead of carving the span up and only committing the part that will be used immediately.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::New):
        (WTF::TCMalloc_PageHeap::AllocLarge):
        (WTF::TCMalloc_PageHeap::Carve):

2010-04-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Add specialized thunks for a char code related string functions
        https://bugs.webkit.org/show_bug.cgi?id=38177

        This is a simple extension to my prior patch.  Basically hoist the
        existing character loading logic from the charCodeAt thunk and into
        a helper function, then add a helper to load strings from the small
        string cache.  This allows trivial implementations of fromCharCode
        and charAt. 

        * create_hash_table:
        * jit/SpecializedThunkJIT.h:
        (JSC::SpecializedThunkJIT::returnJSCell):
        (JSC::SpecializedThunkJIT::tagReturnAsJSCell):
        * jit/ThunkGenerators.cpp:
        (JSC::stringCharLoad):
        (JSC::charToString):
        (JSC::charCodeAtThunkGenerator):
        (JSC::charAtThunkGenerator):
        (JSC::fromCharCodeThunkGenerator):
        * jit/ThunkGenerators.h:
        * runtime/SmallStrings.h:
        (JSC::SmallStrings::singleCharacterStrings):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):

2010-04-27  Thomas Zander <t.zander@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix the build on Symbian on Linux using the Makefile based mkspec

        * JavaScriptCore.pri: It is necessary to specify the library search path
        when linking against JavaScriptCore.

2010-04-21  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        Compile fix for Visual Studio 2010
        https://bugs.webkit.org/show_bug.cgi?id=37867

        Patch by Prasanth Ullattil <prasanth.ullattil@nokia.com>

        * runtime/Structure.cpp:
        (JSC::Structure::transitionTableAdd):
        * wtf/MathExtras.h:
        * wtf/Platform.h:

2010-04-27  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        Rename COMPILER(MSVC7) to COMPILER(MSVC7_OR_LOWER)

        * config.h:
        (JSC::Structure::transitionTableAdd):
        * wtf/Assertions.h:
        * wtf/Atomics.h:
        * wtf/CurrentTime.h:
        (WTF::getLocalTime):
        * wtf/Platform.h:
        * wtf/StaticConstructors.h:
        * wtf/StringExtras.h:
        * wtf/Vector.h:
        (WTF::::append):

2010-04-15  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Fix Mac build break.

        https://bugs.webkit.org/show_bug.cgi?id=37867
        - Make sure JavaScriptCore's debug_and_release config follows that
          of WebCore.
        - Use different name for JavaScriptCore target in debug and release
          since they might be written in the same path at the same time on
          parallel builds
        - Consolidate the DESTDIR determination logic in JavaScriptCore.pri

        * JavaScriptCore.pri:
        * JavaScriptCore.pro:

2010-04-21  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Make sure WebKit is not compiled using C++0x.
        https://bugs.webkit.org/show_bug.cgi?id=37867

        As the rest of Qt compiles in the C++0x mode, people might start
        compiling it in this mode. WebKit don't support this yet.

        Patch by Thiago Macieira <thiago.macieira@nokia.com>

        * JavaScriptCore.pro:

2010-04-26  Oliver Hunt  <oliver@apple.com>

        Fix windows

        * jit/SpecializedThunkJIT.h:
        (JSC::SpecializedThunkJIT::argumentToVirtualRegister):

2010-04-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Need to support more efficient dispatch of lightweight builtins
        https://bugs.webkit.org/show_bug.cgi?id=38155

        The problem with calling lightweight builtins is that marshalling
        the call from the nitro calling convention to the system calling
        convention is very expensive relative to the cost of the actually
        evaluating the function.  To work around this problem this patch
        adds the ability to define a custom thunk for a builtin.

        This allows us to use high performance custom implementations of
        the common and sensible versions of simple builtins.  This patch
        includes a simple (use of which is currently hardcoded) thunk for
        charCodeAt.

        This adds a JSInterfaceJIT subclass called SpecializedThunkJIT
        that has helper functions to remove (or at least reduce) the need
        to have separate thunk implementations for each JSValue encoding.

        * GNUmakefile.am:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
          Many project file updates

        * create_hash_table:
          Add thunk generation callbacks to the hash tables, currently
          we hardcode the script to only support charCodeAt

        * jit/JITStubCall.h:
        * jit/JITStubs.cpp:
        (JSC::JITThunks::~JITThunks):
        (JSC::JITThunks::specializedThunk):
        * jit/JITStubs.h:
        * jit/SpecializedThunkJIT.h: Added.
        (JSC::SpecializedThunkJIT::SpecializedThunkJIT):
        (JSC::SpecializedThunkJIT::loadCellArgument):
        (JSC::SpecializedThunkJIT::loadJSStringArgument):
        (JSC::SpecializedThunkJIT::loadInt32Argument):
        (JSC::SpecializedThunkJIT::appendFailure):
        (JSC::SpecializedThunkJIT::returnInt32):
        (JSC::SpecializedThunkJIT::finalize):
        (JSC::SpecializedThunkJIT::argumentToVirtualRegister):
        (JSC::SpecializedThunkJIT::tagReturnAsInt32):
        * jit/ThunkGenerators.cpp: Added.
        (JSC::ThunkHelpers::stringImplDataOffset):
        (JSC::ThunkHelpers::jsStringLengthOffset):
        (JSC::ThunkHelpers::jsStringValueOffset):
        (JSC::charCodeAtThunkGenerator):
        * jit/ThunkGenerators.h: Added.
        * runtime/Executable.h:
        (JSC::NativeExecutable::NativeExecutable):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.h:
        (JSC::JSGlobalData::getThunk):
        * runtime/JSString.h:
        (JSC::):
        * runtime/JSValue.h:
          Protect some of the JSVALUE32 and JSVALUE32_64 only constants
          and function behind appropriate USE() guards to make it harder
          to use the wrong flags for the target build.
        * runtime/Lookup.cpp:
        (JSC::HashTable::createTable):
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::HashEntry::initialize):
        (JSC::HashEntry::generator):
        (JSC::HashEntry::):
          Make the lookup tables use a specialized thunkGenerator
          if present
        * wtf/text/StringImpl.h:

2010-04-26  Oliver Hunt  <oliver@apple.com>

        Build fix

        * runtime/JSImmediate.h:
        * runtime/JSValue.h:

2010-04-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Factor some basic JS interface logic out of JIT and into a superclass
        https://bugs.webkit.org/show_bug.cgi?id=38163

        Create JSInterfaceJIT to hold some common low level functions for
        interacting with the JS RegisterFile.  Doing this separately from
        https://bugs.webkit.org/show_bug.cgi?id=38155 to ease reviewing.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        * jit/JSInterfaceJIT.h: Added.
        (JSC::JSInterfaceJIT::emitLoadJSCell):
        (JSC::JSInterfaceJIT::emitJumpIfNotJSCell):
        (JSC::JSInterfaceJIT::emitLoadInt32):
        (JSC::JSInterfaceJIT::tagFor):
        (JSC::JSInterfaceJIT::payloadFor):
        (JSC::JSInterfaceJIT::addressFor):

2010-04-26  Sam Weinig  <sam@webkit.org>

        Fix Tiger build.

        * wtf/mac/MainThreadMac.mm:
        (WTF::isMainThread):

2010-04-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/7766413>
        
        Fixed a crash seen when using the JavaScriptCore API with WebKit.
        
        No layout test because DumpRenderTree doesn't use the JavaScriptCore API
        in this way.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::setGlobalObject):
        (JSC::RegisterFile::clearGlobalObject):
        (JSC::RegisterFile::globalObject):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile): Use WeakGCPtr for managing m_globalObject,
        since it's a weak pointer. (We never noticed this error before because,
        in WebKit, global objects always have a self-reference in a global variable,
        so marking the register file's global variables would keep m_globalObject
        alive. In the JavaScriptCore API, you can allocate a global object with
        no self-reference.)

        * runtime/JSActivation.h: Removed unneeded #include.

        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::~JSGlobalObject): Don't use ==, since a weak
        pointer is 0 when the object it points to runs its destructor.

        * runtime/WeakGCPtr.h:
        (JSC::WeakGCPtr::clear): Changed to return a bool indicating whether the
        clear actually happened.
        (JSC::WeakGCPtr::assign): Changed to forbid assignment of 0 as a shorthand
        for calling clear(). A client should never clear by assigning 0, since
        clear() should be conditional on whether the object doing the clearing
        is still pointed to by the weak pointer. (Otherwise, a zombie object might
        clear a pointer to a new, valid object.)

2010-04-25  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38097
        Disentangle initializing the main thread from initializing threading

        This is the first step in getting rid of the WEB_THREAD #define and
        paving the way to allowing mac both WebKit and WebKit2 to use the same
        WebCore.

        * JavaScriptCore.exp: Export initializeMainThread and initializeMainThreadToProcessMainThread.
        * JavaScriptCore.xcodeproj/project.pbxproj: Sort files.

        * wtf/MainThread.cpp:
        (WTF::mainThreadInitializationMutex):
        (WTF::mainThreadFunctionQueueMutex):
        (WTF::initializeMainThread):
        (WTF::deprecatedInitializeMainThread):
        * wtf/MainThread.h:
        Added Mac only initializeMainThreadToProcessMainThread which sets up callOnMainThread
        and isMainThead calls to assume that WebCore's main thread is also the
        process's main thread. Since it is possible that both initializeMainThread
        and initializeMainThreadToProcessMainThread could be called, the first one called
        wins (either will work).

        * wtf/Threading.h: Moved to top of file.

        * wtf/ThreadingPthreads.cpp:
        (WTF::initializeThreading): Remove call to initializeMainThread.
        * wtf/ThreadingWin.cpp:
        (WTF::initializeThreading): Ditto.
        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::initializeThreading): Ditto.

        * wtf/mac/MainThreadMac.mm:
        (WTF::initializeMainThreadPlatform):
        (WTF::initializeMainThreadToProcessMainThread):
        (WTF::scheduleDispatchFunctionsOnMainThread):
        (WTF::isMainThread):
        Add runtime switch between the old behavior of using the system's main
        thread and a stored pointer to the main thread. Tiger always uses the
        system's main thread.

        * wtf/qt/ThreadingQt.cpp:
        (WTF::initializeThreading): Remove call to initializeMainThread.
        * wtf/win/MainThreadWin.cpp:
        (WTF::initializeMainThreadPlatform): Add call to initializeCurrentThreadInternal
        removed from initializeThreading.

2010-04-26  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix a memory leak in the QScriptString.

        QScriptStringPrivate's constructor shouldn't call JSStringRetain as
        QScriptConverter implicitly pass a JSStringRef ownership.

        [Qt] QScriptStringPrivate c'tor problem
        https://bugs.webkit.org/show_bug.cgi?id=38110

        * qt/api/qscriptstring_p.h:
        (QScriptStringPrivate::QScriptStringPrivate):

2010-04-24  Darin Adler  <darin@apple.com>

        Reviewed by Dan Bernstein.

        REGRESSION (r56560): Crash in parseFloat if passed invalid UTF-16 data
        https://bugs.webkit.org/show_bug.cgi?id=38083
        rdar://problem/7901044

        Tests: fast/js/ToNumber.html
               fast/js/parseFloat.html

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::parseInt): Added a FIXME comment about a problem I noticed.
        (JSC::parseFloat): Added a FIXME comment about a problem I noticed;
        covered by test cases in the test I added.
        * runtime/UString.cpp:
        (JSC::UString::toDouble): Added FIXME comments about two problems I
        noticed; covered by test cases in the tests I added. Added a return
        statement so we don't crash when illegal UTF-16 sequences are present.

2010-04-24  Anton Muhin  <antonm@chromium.org>

        Reviewed by Darin Adler.

        Allow to construct HashTraits<WebCore::QualifiedName>::constructDeletedValue

        Former implementation attempted to use AtomicString(HashTableDeletedValue)
        however those values cannot be used that way: one cannot construct
        QualifiedNameImpl out of such AtomicString as we'll try to lookup this string
        in the table, for example.
        https://bugs.webkit.org/show_bug.cgi?id=37722

        * wtf/RefPtr.h: expose hash table deleted value

2010-04-23  Sam Weinig  <sam@webkit.org>

        Reviewed by David Levin.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38060
        Split up Threading.h

        Move bits for of Threading.h into 3 new files.
        - Atomics.h for atomic operations.
        - ThreadSafeShared.h for the ThreadSafeShared class.
        - ThreadingPrimitives.h for the primitives and platform types.

        Basic threading operations (creation, etc.) remain in Threading.h.

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wtf/Atomics.h: Copied from wtf/Threading.h.
        * wtf/ThreadSafeShared.h: Copied from wtf/Threading.h.
        * wtf/Threading.h:
        * wtf/ThreadingPrimitives.h: Copied from wtf/Threading.h.

2010-04-23  Sam Weinig  <sam@webkit.org>

        Fix Qt build.

        * wtf/qt/MainThreadQt.cpp: #include <QThread>

2010-04-22  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=38022
        Move isMainThread predicate function to MainThread.h

        * wtf/MainThread.cpp:
        (WTF::initializeMainThread):
        (WTF::isMainThread):
        * wtf/MainThread.h:
        * wtf/Threading.h:
        * wtf/ThreadingPthreads.cpp:
        (WTF::initializeThreading):
        * wtf/ThreadingWin.cpp:
        (WTF::initializeThreading):
        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::initializeThreading):
        * wtf/mac/MainThreadMac.mm:
        (WTF::initializeMainThreadPlatform):
        (WTF::isMainThread):
        * wtf/qt/MainThreadQt.cpp:
        (WTF::isMainThread):
        * wtf/qt/ThreadingQt.cpp:
        (WTF::initializeThreading):
        * wtf/text/AtomicString.cpp:

2010-04-23  Gabor Rapcsanyi  <rgabor@inf.u-szeged.hu>

        Reviewed by Laszlo Gombos.

        Add RVCT support for Linux

        Developed in cooperation with Gabor Loki.

        * API/JSStringRef.h:
        * jit/ExecutableAllocator.h:
        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutableAllocator::cacheFlush):
        * jit/JITStubs.cpp:
        * wtf/MathExtras.h:
        * wtf/unicode/qt4/UnicodeQt4.h:

2010-04-23  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Laszlo Gombos.

        [WIN] Move OwnPtrWin.cpp into platform specific folder.
        https://bugs.webkit.org/show_bug.cgi?id=38042

        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * wtf/OwnPtrWin.cpp: Removed.
        * wtf/win/OwnPtrWin.cpp: Copied from JavaScriptCore/wtf/OwnPtrWin.cpp.

2010-04-23  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Laszlo Gombos.

        [BREWMP] Move OwnPtrBrew.cpp into platform specific folder.
        https://bugs.webkit.org/show_bug.cgi?id=38042

        * wtf/OwnPtrBrew.cpp: Removed.
        * wtf/brew/OwnPtrBrew.cpp: Copied from JavaScriptCore/wtf/OwnPtrBrew.cpp.

2010-04-22  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Update Android to use isfinite, isinf, isnan and signbit from namespace std.
        https://bugs.webkit.org/show_bug.cgi?id=37948

        * wtf/MathExtras.h:

2010-04-22  Fumitoshi Ukai  <ukai@chromium.org>

        Unreviewed build fix.

        * wtf/MD5.cpp: fix include path of CString.h

2010-04-22  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Adam Barth.

        MD5 is required for WebSocket new protocol implementation
        https://bugs.webkit.org/show_bug.cgi?id=37913

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wtf/MD5.cpp: Added.
        * wtf/MD5.h: Added.

2010-04-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).
        Errk, accidentally committed commenting out two ASSERTs! reverting.

        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):

2010-04-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=38006
        Change lifetime of JSC::IdentifierTables used by WebCores to match AtomicStringTable

        Presently JSC's IdentifierTables are owned by the JSGlobalData.  For
        JSGlobalData objects created via the API this should continue to be the case,
        but for the JSGlobalData objects used by WebCore (the main thread's common
        global data, and those for workers) use a IdentifierTable provided (and owned)
        by wtfThreadData.  This allow the lifetime of these IdentifierTable to match
        those of the corresponding AtomicStringTables.

        * API/APIShims.h:
        (JSC::APIEntryShim::APIEntryShim):
        * API/JSContextRef.cpp:
        (JSContextGroupCreate):
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::markRoots):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        (JSC::JSGlobalData::createContextGroup):
        (JSC::JSGlobalData::create):
        (JSC::JSGlobalData::sharedInstance):
        * runtime/JSGlobalData.h:
        (JSC::JSGlobalData::):
        (JSC::JSGlobalData::isSharedInstance):
        * runtime/JSLock.cpp:
        (JSC::JSLock::JSLock):
        (JSC::JSLock::lock):
        (JSC::JSLock::unlock):
        (JSC::JSLock::DropAllLocks::DropAllLocks):
        * wtf/WTFThreadData.cpp:
        (WTF::WTFThreadData::WTFThreadData):
        (WTF::WTFThreadData::~WTFThreadData):

2010-04-22  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r58110.
        http://trac.webkit.org/changeset/58110
        https://bugs.webkit.org/show_bug.cgi?id=38007

        Caused an internal compiler error on Qt (Requested by abarth
        on #webkit).

        * wtf/MathExtras.h:

2010-04-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        * API/JSWeakObjectMapRefPrivate.cpp:

2010-04-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        * API/JSBase.cpp:
        * API/JSCallbackObject.cpp:

2010-04-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=37978
        Unify JSC::IdentifierTable and WebCore::AtomicStringTable implementations.

        These two classes both implement a HashSet of uniqued StringImpls, with
        translator classes to avoid unnecessary object creation. The only difference
        between the classes is which flag (isIdentifier or inTable) is set.
        Combine the two classes using a template predicated on which flag to use.

        New class AtomicStringTable created, containing all the goodness from
        IdentifierTable & AtomicStringTable, expect for Identifier's literalTable,
        which has been moved onto JSGlobalData. Removed duplicate string translator
        classes. Renamed StringImpl's inTable flag to more explicit 'isAtomic',
        and set this on the empty string (which matches Identifier behaviour, and
        removes a redundant check for zero-length).

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Identifier.cpp:
        (JSC::createLiteralTable):
        (JSC::deleteLiteralTable):
        (JSC::Identifier::add):
        (JSC::Identifier::addSlowCase):
        * runtime/Identifier.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:
        * wtf/WTFThreadData.cpp:
        (WTF::WTFThreadData::WTFThreadData):
        (WTF::WTFThreadData::~WTFThreadData):
        * wtf/WTFThreadData.h:
        (WTF::WTFThreadData::atomicStringTable):
        * wtf/text/AtomicString.cpp:
        (WebCore::table):
        (WebCore::operator==):
        (WebCore::AtomicString::add):
        (WebCore::AtomicString::find):
        (WebCore::AtomicString::remove):
        * wtf/text/AtomicStringTable.h: Added.
        (WTF::CStringTranslator::hash):
        (WTF::CStringTranslator::equal):
        (WTF::CStringTranslator::translate):
        (WTF::UCharBufferTranslator::hash):
        (WTF::UCharBufferTranslator::equal):
        (WTF::UCharBufferTranslator::translate):
        (WTF::HashAndCharactersTranslator::hash):
        (WTF::HashAndCharactersTranslator::equal):
        (WTF::HashAndCharactersTranslator::translate):
        (WTF::IdentifierOrAtomicStringTable::remove):
        (WTF::::~IdentifierOrAtomicStringTable):
        (WTF::::add):
        (WTF::::find):
        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::~StringImpl):
        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::isAtomic):
        (WebCore::StringImpl::setIsAtomic):
        (WebCore::equal):
        * wtf/text/StringImplBase.h:
        (WTF::StringImplBase::StringImplBase):

2010-04-22  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Update Android to use isfinite, isinf, isnan and signbit from namespace std.
        https://bugs.webkit.org/show_bug.cgi?id=37948

        * wtf/MathExtras.h:

2010-04-22  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Remove dependency of JSC to QtGui
        https://bugs.webkit.org/show_bug.cgi?id=37867

        The patch also make sure that hal.h is in the include path on Symbian.
        The dependency to QtGui took care of that before.

        Patch by Thiago Macieira <thiago.macieira@nokia.com>
             and Rohan McGovern <rohan.mcgovern@nokia.com>

        * JavaScriptCore.pri:
        * JavaScriptCore.pro:

2010-04-22  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Corrects symbols visibility for JavaScriptCore.

        https://bugs.webkit.org/show_bug.cgi?id=37867

        * JavaScriptCore.pro:

2010-04-22  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Use BLX and BX to keep happy the return stack predictor above ARMv4
        https://bugs.webkit.org/show_bug.cgi?id=37862

        Inspired by Jacob Bramley's patch from JaegerMonkey

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::executableCopy):
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::bx):
        (JSC::ARMAssembler::blx):
        (JSC::ARMAssembler::loadBranchTarget):
        (JSC::ARMAssembler::jmp):
        (JSC::ARMAssembler::getLdrImmAddress):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::jump):
        (JSC::MacroAssemblerARM::nearCall):
        (JSC::MacroAssemblerARM::call):
        (JSC::MacroAssemblerARM::ret):
        (JSC::MacroAssemblerARM::prepareCall):
        (JSC::MacroAssemblerARM::call32):

2010-04-21  Andy Estes  <aestes@apple.com>

        Rubber stamped by Mark Rowe.

        Export WTF::deleteOwnedPtr(HFONT).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Oliver Hunt.

        Make SmallStrings store an array of RefPtr<StringImpl>,
        instead of a direct array of StringImpls.  This allows
        us to remove a friend (and a layering violation) from
        WTF::StringImpl, and makes it so that all StringImpls
        are individually heap allocated.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStringsStorage::rep):
        (JSC::SmallStringsStorage::SmallStringsStorage):
        * wtf/text/StringImpl.h:

2010-04-21  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=37937
        Wean JavaScriptCore off calls to isMainThread()

        - Replace use of isMainThread() for interpreter reentry checks
          with a stored value on the JSGlobalData.
        - Replace use of isMainThread() for useMainThread only check in the
          collector with a stored exclusive thread.

        * API/JSContextRef.cpp:
        (JSContextGroupCreate):
        Always default to a small stack type for uses of the JSC API. It is
        unlikely that the interpreter reentry required on the web will be as
        important for other uses of JavaScriptCore. 

        * JavaScriptCore.exp: 
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        Update exports.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        Use new stored JSGlobalData::maxReentryDepth instead of isMainThread().

        * interpreter/Interpreter.h:
        Rename MaxMainThreadReentryDepth to MaxLargeThreadReentryDepth and 
        MaxSecondaryThreadReentryDepth to MaxSmallThreadReentryDepth.

        * jsc.cpp:
        (main): Use the a large stack for jsc since it is always using the
        main thread.
        
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        Use new stored JSGlobalData::maxReentryDepth instead of isMainThread().

        * runtime/Collector.cpp:
        (JSC::Heap::registerThread):
        Use the concept of making JSC run on an exclusiveThread instead of
        forcing a mainThreadOnly assertion.
        
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::createNonDefault):
        (JSC::JSGlobalData::create):
        (JSC::JSGlobalData::createLeaked):
        (JSC::JSGlobalData::sharedInstance):
        * runtime/JSGlobalData.h:
        Add ThreadStackType argument to JSGlobalData constructors and set
        maxReentryDepth based on it.

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix pt. 3).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix pt. 2).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Qt build fix).

        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * wtf/qt/StringQt.cpp: Copied from WebCore/platform/text/qt/StringQt.cpp.

2010-04-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        * API/JSValueRef.cpp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * runtime/Identifier.cpp:
        (JSC::IdentifierTable::~IdentifierTable):
        (JSC::IdentifierTable::add):
        * runtime/Identifier.h:
        * wtf/WTFThreadData.h:
        (JSC::IdentifierTable::remove):
        (JSC::IdentifierTable::literalTable):
        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::~StringImpl):

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt, Darin Adler.

        Bug 37906 - Remove JSC::UStringImpl; unify with StringImpl.

        JSC::UStringImpl and WebCore::StringImpl (soon to be renamed to
        WTF::StringImpl) are almost identical.  Remove duplication of code by unifying
        the two, move missing features from UStringImpl into StringImpl & delete the
        class UStringImpl.

        * API/JSClassRef.cpp:
        * API/JSContextRef.cpp:
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.pro:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/EvalCodeCache.h:
        * bytecode/JumpTable.cpp:
        * profiler/ProfileNode.cpp:
        * runtime/Identifier.cpp:
        (JSC::Identifier::add):
        * runtime/Identifier.h:
        (JSC::Identifier::equal):
        * runtime/UString.cpp:
        * runtime/UString.h:
        (WTF::):
        * runtime/UStringImpl.cpp: Removed.
        * runtime/UStringImpl.h:
        * wtf/text/StringHash.h:
        (WebCore::StringHash::equal):
        (WebCore::CaseFoldingHash::equal):
        * wtf/text/StringImpl.cpp:
        (WebCore::StringImpl::~StringImpl):
        (WebCore::StringImpl::empty):
        (WebCore::StringImpl::sharedBuffer):
        (WebCore::equal):
        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::StringImpl):
        (WebCore::StringImpl::create):
        (WebCore::StringImpl::tryCreateUninitialized):
        (WebCore::StringImpl::cost):
        (WebCore::StringImpl::isIdentifier):
        (WebCore::StringImpl::setIsIdentifier):
        (WebCore::StringImpl::computeHash):
        (WebCore::StringImpl::copyChars):
        (WebCore::StringImpl::):

2010-04-21  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        Added missing #include "Lookup.h" in LUT source files.
        https://bugs.webkit.org/show_bug.cgi?id=37903

        * runtime/ArrayPrototype.cpp:
        * runtime/DatePrototype.cpp:
        * runtime/JSONObject.cpp:
        * runtime/MathObject.cpp:
        * runtime/NumberConstructor.cpp:
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpObject.cpp:
        * runtime/StringPrototype.cpp:

2010-04-21  Gustavo Sverzut Barbieri  <barbieri@profusion.mobi>

        Reviewed by Nikolas Zimmermann.

        Add missing EFL JavaScriptCore file.
        http://webkit.org/b/37854

        * wtf/efl: Added.
        * wtf/efl/MainThreadEfl.cpp: Added.
        (WTF::initializeMainThreadPlatform):
        (WTF::timeoutFired):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2010-04-20  Xan Lopez  <xlopez@igalia.com>

        Another attempt to fix the build.

        * GNUmakefile.am:

2010-04-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        [ES5] RegExp literals are constants that should be persistent across multiple function calls.
        https://bugs.webkit.org/show_bug.cgi?id=37908

        Dump the separate RegExp constant pool, and just use the standard JS constant pool
        in codeblock.  This allows us to drop op_new_regexp and all associated code as well.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitLoad):
        * bytecompiler/BytecodeGenerator.h:
        * bytecompiler/NodesCodegen.cpp:
        (JSC::RegExpNode::emitBytecode):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        (JSC::):

2010-04-20  Oliver Hunt  <oliver@apple.com>

        Fix license on create_regex_tables

        * create_regex_tables:

2010-04-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Fix gtk

        * GNUmakefile.am:
        * make-generated-sources.sh:

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 37895 - Share common code from UStringImplBase with StringImpl

        The implementation of StringImpl & UStringImpl is very similar.  Restructure
        StringImpl to match UStringImpl, moving the flags and length into a base class,
        so that this can be shared between both string types to increase code reuse.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/RopeImpl.h:
        (JSC::RopeImpl::RopeImpl):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::UStringImpl):
        * wtf/text/StringImpl.h:
        (WebCore::StringImpl::StringImpl):
        (WebCore::StringImpl::characters):
        * wtf/text/StringImplBase.h: Copied from JavaScriptCore/runtime/UStringImpl.h.
        (WTF::StringImplBase::length):
        (WTF::StringImplBase::operator new):
        (WTF::StringImplBase::StringImplBase):

2010-04-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Autogenerate yarr character tables
        https://bugs.webkit.org/show_bug.cgi?id=37877

        Use a python script to automatically generate character tables
        for the builtin YARR character classes.  This allows us to generate
        actual tables as well, by using these tables we can both increase
        performance of the check (for complex builtins) and reduce the actual
        code size.

        4-8% win on string-unpack-code, but lots of noise on other tests so
        i'm only confident saying its a 1% win overall.

        * DerivedSources.make:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::ExtendedAddress::ExtendedAddress):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::branchTest8):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::branchTest8):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::branchTest8):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::cmpb_im):
        (JSC::X86Assembler::testb_im):
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::dump):
        * create_regex_tables: Added.
        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::CharacterClassConstructor::charClass):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::matchCharacterClass):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterGreedy):
        (JSC::Yarr::RegexGenerator::generatePatternCharacterNonGreedy):
        (JSC::Yarr::RegexGenerator::generateCharacterClassGreedy):
        * yarr/RegexPattern.h:
        (JSC::Yarr::CharacterClassTable::create):
        (JSC::Yarr::CharacterClassTable::CharacterClassTable):
        (JSC::Yarr::CharacterClass::CharacterClass):

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (speculative windows fix - missed a bit!).

        * wtf/text/AtomicString.h:

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (speculative windows fix).

        * wtf/text/AtomicString.h:

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        Add missing .def file entries.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 37869 - Move URopeImpl to its own .h/.cpp
        
        Currently Ropes are implemented by the class URopeImpl, which is defined in
        UStringImpl.h, and then typedefed to the name JSString::Rope. Remove the
        typedef, and rename all uses of URopeImpl and JSString::Rope to just RopeImpl.

        Move RopeImpl to its own header, and remove all remaining references to ropes
        from UStringImpl (rename UStringOrRopeImpl to UStringImplBase, rename or move
        the isRope & deref methods from UStringOrRopeImpl).

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/JSString.h:
        (JSC::):
        (JSC::RopeBuilder::JSString):
        (JSC::RopeBuilder::~JSString):
        (JSC::RopeBuilder::appendStringInConstruct):
        (JSC::RopeBuilder::JSStringFinalizerStruct::):
        * runtime/RopeImpl.cpp: Copied from JavaScriptCore/runtime/UStringImpl.cpp.
        (JSC::RopeImpl::derefFibersNonRecursive):
        (JSC::RopeImpl::destructNonRecursive):
        * runtime/RopeImpl.h: Copied from JavaScriptCore/runtime/UStringImpl.h.
        (JSC::RopeImpl::tryCreateUninitialized):
        (JSC::RopeImpl::isRope):
        (JSC::RopeImpl::deref):
        (JSC::RopeImpl::RopeImpl):
        * runtime/UStringImpl.cpp:
        * runtime/UStringImpl.h:
        (JSC::UStringImplBase::isInvalid):
        (JSC::UStringImplBase::ref):
        (JSC::UStringImplBase::UStringImplBase):
        (JSC::UStringImplBase::):
        (JSC::UStringImpl::UStringImpl):

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 37828 - Move WebCore's String classes to WTF

        Move these classes up to WTF so they are available to all clients of WTF (in
        particular JSC).

        As a first patch, making the most minimal change possible, since this patch
        could easily grow rather large since we'll have to change every class forward
        declaration ( e.g. every "namespace WebCore { class String; }" much change to
        "namespace WTF { class String; }").

        Moving the files, but leaving the classes logically in the WebCore namespace -
        which is technically a layering violation - I'll come back and fix this up in a
        subsequent patch.

        * Android.mk:
        * Android.v8.wtf.mk:
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * config.h:
        * wtf/StaticConstructors.h: Copied from WebCore/platform/StaticConstructors.h.
        * wtf/text/AtomicString.cpp: Copied from WebCore/platform/text/AtomicString.cpp.
        * wtf/text/AtomicString.h: Copied from WebCore/platform/text/AtomicString.h.
        * wtf/text/AtomicStringImpl.h: Copied from WebCore/platform/text/AtomicStringImpl.h.
        * wtf/text/StringBuffer.h: Copied from WebCore/platform/text/StringBuffer.h.
        * wtf/text/StringHash.h: Copied from WebCore/platform/text/StringHash.h.
        * wtf/text/StringImpl.cpp: Copied from WebCore/platform/text/StringImpl.cpp.
        * wtf/text/StringImpl.h: Copied from WebCore/platform/text/StringImpl.h.
        * wtf/text/WTFString.cpp: Copied from WebCore/platform/text/String.cpp.
        (WebCore::charactersToFloat):
        * wtf/text/WTFString.h: Copied from WebCore/platform/text/PlatformString.h.

2010-04-20  Csaba Osztrogonác  <ossy@webkit.org>

        [Qt] Unreviewed speculative buildfix for WinCE after r57882
        https://bugs.webkit.org/show_bug.cgi?id=37701

        * JavaScriptCore.pri: missing wince* case added.

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).
        Speculative Chromium/Win build fix, attempt #2.

        * config.h:

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).
        Speculative Chromium/Win build fix.

        * config.h: JS_EXPORTDATA should do nothing on !JSC builds.

2010-04-20  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] Target(WebCore,jsc,...) must depends on static library of JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=37701

        * JavaScriptCore.pri: dependency added.

2010-04-20  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Maciej Stachowiak (relanding r57829).
        Added missing JS_EXPORTDATA

        * API/APIShims.h:
        (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
        (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim):
        * API/JSContextRef.cpp:
        * Android.mk:
        * Android.v8.wtf.mk:
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Identifier.cpp:
        (JSC::Identifier::remove):
        (JSC::Identifier::checkCurrentIdentifierTable):
        * runtime/Identifier.h:
        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreadingOnce):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::create):
        * wtf/WTFThreadData.cpp: Copied from JavaScriptCore/wtf/WTFThreadData.cpp.
        * wtf/WTFThreadData.h: Copied from JavaScriptCore/wtf/WTFThreadData.h.

2010-04-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (rolling out r57829).
        This broke windows.

        * API/APIShims.h:
        (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
        (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim):
        * API/JSContextRef.cpp:
        * Android.mk:
        * Android.v8.wtf.mk:
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Identifier.cpp:
        (JSC::Identifier::remove):
        (JSC::Identifier::checkCurrentIdentifierTable):
        (JSC::createIdentifierTableSpecificCallback):
        (JSC::createIdentifierTableSpecific):
        * runtime/Identifier.h:
        (JSC::ThreadIdentifierTableData::ThreadIdentifierTableData):
        (JSC::defaultIdentifierTable):
        (JSC::setDefaultIdentifierTable):
        (JSC::currentIdentifierTable):
        (JSC::setCurrentIdentifierTable):
        (JSC::resetCurrentIdentifierTable):
        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreadingOnce):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::create):
        * wtf/WTFThreadData.cpp: Removed.
        * wtf/WTFThreadData.h: Removed.

2010-04-19  Douglas Gregor  <dgregor@apple.com>

        Reviewed and landed by Anders Carlsson.

        * runtime/UStringImpl.h:
        Fix class/struct declaration mismatches.

2010-04-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Beth Dakin.

        Checked in these tests I wrote becuase Balazs Kelemen wanted to use them.

        * tests/perf: Added.
        * tests/perf/bench-allocate-nonretained.js: Added.
        * tests/perf/bench-allocate-retained.js: Added.

2010-04-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=37745
        Move string uniquing tables to (new) WTFThreadData class.

        Remove AtomicString's dependency on ThreadGlobalData so that we can move
        WebCore's string classes up to WTF.

        WTFThreadData.cpp/.h are based on ThreadGlobalData from WebCore.
        Moved JSC & WebCore's string uniquing tables to this class.

        This patch introduces a temporary layering violation in providing forward
        declarations of classes from JSC and WTF; this will be resolved as we move
        more string code up to WTF.

        * API/APIShims.h:
        (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
        (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim):
        * API/JSContextRef.cpp:
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Identifier.cpp:
        (JSC::Identifier::remove):
        (JSC::Identifier::checkCurrentIdentifierTable):
        * runtime/Identifier.h:
        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreadingOnce):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::create):
        * wtf/WTFThreadData.cpp: Copied from WebCore/platform/ThreadGlobalData.cpp.
        (WTF::WTFThreadData::WTFThreadData):
        (WTF::WTFThreadData::~WTFThreadData):
        * wtf/WTFThreadData.h: Copied from WebCore/platform/ThreadGlobalData.h.
        (WTF::WTFThreadData::atomicStringTable):
        (WTF::WTFThreadData::initializeIdentifierTable):
        (WTF::WTFThreadData::currentIdentifierTable):
        (WTF::WTFThreadData::setCurrentIdentifierTable):
        (WTF::WTFThreadData::resetCurrentIdentifierTable):
        (WTF::wtfThreadData):

2010-04-19  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Build fix for WinCE.

        Moved the include of the non-existing errno.h header file inside
        platform guard macros.

        * jit/ExecutableAllocatorFixedVMPool.cpp:

2010-04-18  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Laszlo Gombos.

        [WINCE] Don't define WTF_CPU_MIDDLE_ENDIAN=1
        https://bugs.webkit.org/show_bug.cgi?id=37434

        Windows CE supports little-endian format only, so don't define
        WTF_CPU_MIDDLE_ENDIAN=1.

        * wtf/Platform.h:

2010-04-18  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] Fix JavaScriptCore's include path for WinCE builds

        https://bugs.webkit.org/show_bug.cgi?id=36751

        * JavaScriptCore.pri:

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by nobody, build fix.

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by nobody, build fix.

2010-04-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 37730 - Remove JSC::UString dependencies from WebCore::StringImpl
        (Following on from bug #37675).

        Make the argument ordering for UStringImpl's constructor & create
        methods match, when passed a shared buffer.

        * JavaScriptCore.exp:
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::create):
        * runtime/UStringImpl.h:

2010-04-15  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix memory leak in QScriptEngine::evaluate().

        QScriptEnginePrivate::evaluate should release temporary variables.

        [Qt] QScriptEngine::evaluate has memory leak.
        https://bugs.webkit.org/show_bug.cgi?id=37596

        * qt/api/qscriptengine_p.cpp:
        (QScriptEnginePrivate::evaluate):
        * qt/api/qscriptengine_p.h:

2010-04-14  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix a memory leak in QScriptValue::inherits.

        [Qt] QScriptValue::inherits has a memory leak.
        https://bugs.webkit.org/show_bug.cgi?id=37617

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::inherits):

2010-04-14  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix a few memory leaks in QScriptEngine.

        Syntax checking caused memory leak, not all temporary variables were released.

        [Qt] Syntax checking  in the QtScript cause a memory leak.
        https://bugs.webkit.org/show_bug.cgi?id=37610

        * qt/api/qscriptengine_p.cpp:
        (QScriptEnginePrivate::checkSyntax):
        * qt/api/qscriptsyntaxcheckresult.cpp:
        (QScriptSyntaxCheckResultPrivate::errorMessage):
        (QScriptSyntaxCheckResultPrivate::errorLineNumber):

2010-04-14  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix memory leak inside QScriptEnginePrivate::makeJSValue.

        QScriptEnginePrivate::makeJSValue should release temporary JSStringRef variable.

        [Qt] tst_QScriptValue::toString has a memory leak.
        https://bugs.webkit.org/show_bug.cgi?id=37598

        * qt/api/qscriptengine_p.h:
        (QScriptEnginePrivate::makeJSValue):

2010-04-14  Peter Varga  <pvarga@inf.u-szeged.hu>

        Reviewed by Geoffrey Garen.

        Move the YARR JIT fallback detection from RegexJIT.cpp to
        RegexCompiler.cpp.

        https://bugs.webkit.org/show_bug.cgi?id=37571

        * yarr/RegexCompiler.cpp:
        (JSC::Yarr::RegexPatternConstructor::atomBackReference):
        (JSC::Yarr::RegexPatternConstructor::quantifyAtom):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateTerm):
        (JSC::Yarr::RegexGenerator::RegexGenerator):
        (JSC::Yarr::jitCompileRegex):
        * yarr/RegexJIT.h:
        (JSC::Yarr::RegexCodeBlock::operator!):
        * yarr/RegexPattern.h:
        (JSC::Yarr::RegexPattern::RegexPattern):
        (JSC::Yarr::RegexPattern::reset):

2010-04-14  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Maciej Stachowiak.

        Mac OS X: Use deployment target to determine whether memory tagging should be enabled
        https://bugs.webkit.org/show_bug.cgi?id=34888

        When building on (Snow) Leopard but targeting Tiger
        (TARGETING_TIGER defined, BUILDING_ON_TIGER not defined),
        WebKit would crash on Tiger because the tags passed to mmap
        caused those function calls to fail.

        Conversely, when building on Tiger but targeting Leopard
        (BUILDING_ON_TIGER defined, TARGETING_LEOPARD defined), WebKit
        would crash on Leopard because the tags passed to vm_map and
        vm_allocate caused those function calls to fail.

        Solution: Use TARGETING_TIGER rather than BUILDING_ON_TIGER to
        govern the tag definitions. Use the same tags for vm_map and
        vm_allocate regardless of target, since they work on
        both. Fall back to the mmap tags that work on Tiger (that is,
        "no tags") if targeting Tiger, since those tags also work on
        Leopard.

        * wtf/VMTags.h:

2010-04-12  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by nobody, build fix.

        [Qt] Build fix for Mac when building with build-webkit --qt

        Specifying no configuration on Mac builds WebCore both in debug
        and release. JavaScriptCore has to follow this rule as well.

        * JavaScriptCore.pro:

2010-04-11  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/7851332> Fix the build.

        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::): Initialize extra members of malloc_introspection_t to zero.

2010-04-09  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Pavel Feldman.

        Make CallIdentifier constructor to handle null urls.

        https://bugs.webkit.org/show_bug.cgi?id=37341

        * profiler/CallIdentifier.h:
        (JSC::CallIdentifier::CallIdentifier):

2010-04-09  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix crashes with package builds in release

        Add NDEBUG to the defines for package build in JavaScriptCore.pri,
        so that it's consistently used for JavaScriptCore, WebCore, jsc and all
        other tools using wtf, etc. data structures directly. Mixing NDEBUG with
        non-NDEBUG builds causes crashes due to differences in data structures when
        assertions/checks are enabled.

        * JavaScriptCore.pri:

2010-04-09  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        Implement NO_RETURN for COMPILER(MSVC).
        https://bugs.webkit.org/show_bug.cgi?id=33056 

        Added NO_RETURN_WITH_VALUE for functions with non-void return type.

        * jsc.cpp:
        * wtf/AlwaysInline.h:
        * wtf/FastMalloc.cpp:

2010-04-08  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Simon Hausmann.

        [WINCE] Check if ARM or _ARM_ is defined
        https://bugs.webkit.org/show_bug.cgi?id=37200

        MSVC defines ARM and _ARM_ for Windows CE ARM. Define WTF_CPU_ARM=1
        when either ARM or _ARM_ is defined.

        * wtf/Platform.h:

2010-04-08  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed Oliver Hunt.

        [Qt]r57240 broke Qt build (might be a gcc bug)
        https://bugs.webkit.org/show_bug.cgi?id=37253

        Workaround until fix. On PLATFORM(QT) use inline instead of ALWAYS_INLINE.

        * wtf/PassRefPtr.h: Qt guards added.

2010-04-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Anders Carlsson.

        Vector<UString> makes many needless calls to UString::UString and UString::~UString

        Add a VectorTrait<UString> specialisation to allow vector to simply memset/memcpy
        data around.  Only difference from the VectorTrait<RefPtr<T> > traits is the inability
        to use memset to initialize data.

        * runtime/UString.h:
        (WTF::):

2010-04-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Beat gcc with a clue bat -- force inlining of refIfNotNull and derefIfNotNull

        * wtf/PassRefPtr.h:

2010-04-07  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        Replace isprint with isASCIIPrintable
        https://bugs.webkit.org/show_bug.cgi?id=37223

        WebKit does not use functions in <ctype.h> as they are dependent on the current
        locale. Use the equivalent functions in <wtf/ASCIICType.h>. isASCIIPrintable
        replaces isprint.

        * pcre/pcre_exec.cpp:
        (pchars):

2010-04-07  Enrica Casucci  <enrica@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=37219
        
        This change disables text caret for the iPhone platflorm.
        
        * wtf/Platform.h: Disabled text caret for iPhone.

2010-04-06  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        REGRESSION: Worker termination via JS timeout may cause worker tests like fast/workers/worker-terminate.html fail.
        https://bugs.webkit.org/show_bug.cgi?id=36646

        Add a new exception type for forcibly terminating a JavaScript stack.
        The new exception functions similarly to the
        InterruptedExecutionException but is conceptually different because
        execution is terminated instead of just interrupted.

        * GNUmakefile.am:
            - Added new Terminator.h file.
        * JavaScriptCore.gypi:
            - Added new Terminator.h file.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
            - Added new Terminator.h file.
        * JavaScriptCore.xcodeproj/project.pbxproj:
            - Added new Terminator.h file.
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException):
            - Fully unwind the stack for TerminatedExecutionException.
        (JSC::Interpreter::privateExecute):
            - Check if we've been terminated at the same time we check if we've
              timed out.
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
            - Check if we've been terminated at the same time we check if we've
              timed out.
        * runtime/Completion.cpp:
            - Some exceptions define special completion types so that calls can
              see why we terminated evaluation.
        (JSC::evaluate):
        * runtime/Completion.h:
            - Define a new completion type for termination.
        (JSC::):
        * runtime/ExceptionHelpers.cpp:
            - Define TerminatedExecutionException and refactor pseudo-RTTI
              virtual function to be more semantic.
        (JSC::InterruptedExecutionError::exceptionType):
        (JSC::TerminatedExecutionError::TerminatedExecutionError):
        (JSC::TerminatedExecutionError::exceptionType):
        (JSC::TerminatedExecutionError::toString):
        (JSC::createTerminatedExecutionException):
        * runtime/ExceptionHelpers.h:
            - Entry point for generating a TerminatedExecutionException.
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
            - Add a Terminator object that can be used to asynchronously
              terminate a JavaScript execution stack.
        * runtime/JSGlobalData.h:
        * runtime/JSObject.h:
        (JSC::JSObject::exceptionType):
            - Define that, by default, thrown objects have a normal exception
              type.
        * runtime/Terminator.h: Added.
            - Added a new controller object that can be used to terminate
              execution asynchronously.  This object is more or less a
              glorified bool.
        (JSC::Terminator::Terminator):
        (JSC::Terminator::termianteSoon):
        (JSC::Terminator::shouldTerminate):

2010-04-05  Oliver Hunt  <oliver@apple.com>

        And another one.

        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:

2010-04-05  Oliver Hunt  <oliver@apple.com>

        And another build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:

2010-04-05  Oliver Hunt  <oliver@apple.com>

        Build fix

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2010-04-05  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Support weak maps in JSC
        https://bugs.webkit.org/show_bug.cgi?id=37132

        Expose an API to allow creation of a map for storing
        weak JS references.

        * API/JSWeakObjectMapRefInternal.h: Added.
        (OpaqueJSWeakObjectMap::create):
        (OpaqueJSWeakObjectMap::map):
        (OpaqueJSWeakObjectMap::~OpaqueJSWeakObjectMap):
        (OpaqueJSWeakObjectMap::OpaqueJSWeakObjectMap):
        * API/JSWeakObjectMapRefPrivate.cpp: Added.
        * API/JSWeakObjectMapRefPrivate.h: Added.
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::registerWeakMap):
        (JSC::JSGlobalObject::deregisterWeakMap):

2010-04-05  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Symbian] Consolidate Symbian WINSCW environment configuration
        https://bugs.webkit.org/show_bug.cgi?id=37100

        Move the "undefinition" of WIN32 and _WIN32 from WebCore/config.h
        to JavaScriptCore/wtf/Platform.h as it is not specific to WebCore.

        PLATFORM(WIN) and OS(WIN) no longer needs to be undefined as
        undefining WIN32 takes care of it.

        * wtf/Platform.h:

2010-04-03  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=37068
        Change UString to use a 0 rep for null strings instead of a null object.

        No performance impact.

        * JavaScriptCore.exp:
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSString.h:
        (JSC::RopeBuilder::JSString):
        * runtime/UString.cpp:
        (JSC::initializeUString):
        * runtime/UString.h:
        (JSC::UString::UString):
        (JSC::UString::data):
        (JSC::UString::size):
        (JSC::UString::isNull):
        (JSC::UString::isEmpty):
        (JSC::UString::cost):

2010-04-03  Balazs Kelemen  <kb@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Fix uninitalised members in CallLinkInfo and BytecodeGenerator.

        https://bugs.webkit.org/show_bug.cgi?id=36816

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CallLinkInfo::CallLinkInfo):

2010-04-03  yael aharon  <yael.aharon@nokia.com>

        Reviewed by Darin Adler.

        Enable HTMLProgressElement for Safari on OSX
        https://bugs.webkit.org/show_bug.cgi?id=36961

        * Configurations/FeatureDefines.xcconfig:

2010-04-02  Ruben Van Boxem  <vanboxem.ruben@gmail.com>

        Reviewed by Eric Seidel.

        Mingw-w64 fixes for JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=35607

        * runtime/Collector.cpp: use the msvc code for mingw-w64 (but not mingw-w32)
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlockPtr):
        (JSC::currentThreadStackBase):
        (JSC::currentThreadStackBase):
        * wtf/Platform.h: added COMPILER(MINGW64) check to differentiate between mingw.org and mingw-w64 functions

2010-04-02  Geoffrey Garen  <ggaren@apple.com>

        Build fix: updated the .def file.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-04-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Inlined toThisString and toThisJSString to avoid virtual function call overhead
        https://bugs.webkit.org/show_bug.cgi?id=37039
        
        Maybe a 1% speedup on iBench JS.

        * JavaScriptCore.exp: New exports.

        * runtime/JSCell.cpp:
        * runtime/JSCell.h:
        * runtime/JSNumberCell.cpp:
        * runtime/JSNumberCell.h:
        * runtime/JSString.cpp:
        * runtime/JSString.h:
        * runtime/JSValue.h:
        * runtime/JSZombie.h:
        (JSC::JSZombie::toThisObject): Nixed the old virtual-type implementation.

        * runtime/JSObject.h:
        (JSC::JSValue::toThisString):
        (JSC::JSValue::toThisJSString): Added the inlined implementation.

2010-04-02  Jeremy Moskovich  <jeremy@chromium.org>

        Reviewed by Geoffrey Garen.

        Beef up documentation for ASSERT* and CRASH macros a bit.

        https://bugs.webkit.org/show_bug.cgi?id=36527

        * wtf/Assertions.h:

2010-04-02  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, minor build fix.

        Change the order of the member initialisation list
        in constructor to match declaration order

        * runtime/Collector.cpp:
        (JSC::Heap::Heap):

2010-04-01  Kinuko Yasuda  <kinuko@chromium.org>

        Reviewed by Dmitry Titov.

        Add FileThread for async file operation support in FileReader and FileWriter
        https://bugs.webkit.org/show_bug.cgi?id=36896

        Add ENABLE_FILE_READER and ENABLE_FILE_WRITER flags.

        * Configurations/FeatureDefines.xcconfig:

2010-03-31  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix pt II).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-31  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-31  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 36871 - Remove JSC::CString
        Use WTF::CString instead (which until recently was WebCore::CString).

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * runtime/UString.cpp:
        * runtime/UString.h:

2010-03-31  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, fix after r56842.

        Add UNUSED_PARAM a to silence warning.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):

2010-03-31  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed, Symbian build fix.

        Refactor JITStubs.cpp so that the list of STUB_FUNCTIONs
        are not dependent on the JSVALUE32_64 guard.

        * jit/JITStubs.cpp: Place the JSVALUE32_64 guard inside 
        the body of cti_op_eq_strings.
        * jit/JITStubs.h: Remove JSVALUE32_64 guard from 
        cti_op_eq_strings stub.

2010-03-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        Fixing b0rked version of JavaScriptCore.vcproj - added lines were truncated.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2010-03-30  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=36866
        Move CString to WTF

        * Android.mk:
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pro:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wtf/text: Added.
        * wtf/text/CString.cpp: Copied from WebCore/platform/text/CString.cpp.
        * wtf/text/CString.h: Copied from WebCore/platform/text/CString.h.
        (WTF::CStringBuffer::data):
        (WTF::CStringBuffer::length):
        (WTF::CStringBuffer::create):
        (WTF::CStringBuffer::CStringBuffer):
        (WTF::CStringBuffer::mutableData):
        (WTF::CString::CString):
        (WTF::CString::isNull):
        (WTF::CString::buffer):
        (WTF::operator!=):

2010-03-30  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by nobody, build break.

        [Qt] Fix build break on Qt Mac.

        DESTDIR path on Mac do not include the configuration path by default
        like on Windows. Have to force it.

        * JavaScriptCore.pro:

2010-03-29  Alice Liu  <alice.liu@apple.com>

        Reviewed by NOBODY (build fix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
        add JSObjectRefPrivate.h

2010-03-29  Chao-ying Fu  <fu@mips.com>

        Reviewed by Oliver Hunt.

        MIPS JIT Supports
        https://bugs.webkit.org/show_bug.cgi?id=30144

        The following changes enable MIPS JIT.

        * assembler/MIPSAssembler.h:
        (JSC::MIPSAssembler::lbu):
        (JSC::MIPSAssembler::linkWithOffset):
        * assembler/MacroAssemblerMIPS.h:
        (JSC::MacroAssemblerMIPS::load8):
        (JSC::MacroAssemblerMIPS::branch8):
        (JSC::MacroAssemblerMIPS::branchTest8):
        (JSC::MacroAssemblerMIPS::setTest8):
        (JSC::MacroAssemblerMIPS::setTest32):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::preserveReturnAddressAfterCall):
        (JSC::JIT::restoreReturnAddressBeforeReturn):
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:
        (JSC::JITStackFrame::returnAddressSlot):
        * wtf/Platform.h:

2010-02-26  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Simon Fraser.

        Add support for Widgets 1.0: View Mode Media Feature
        https://bugs.webkit.org/show_bug.cgi?id=35446

        Add an enable flag for the Widgets (http://www.w3.org/TR/widgets-reqs/)
        and turn it on for Qt only.

        * wtf/Platform.h:

2010-03-29  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        Corrected name of (u)int64_t compile time assert.
        https://bugs.webkit.org/show_bug.cgi?id=36739

        int64_t_is_four_bytes -> int64_t_is_eight_bytes

        * os-win32/stdint.h:

2010-03-29  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Use the -l syntax for linking against JavaScriptCore on Windows.
        This allow qmake to extract dependencies correctly when generating VS
        solutions.

        * JavaScriptCore.pri:

2010-03-29  Thomas Zander  <t.zander@nokia.com>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=36742

        gcc for Symbian doesn't support gcc extensions like atomicity.h - disable

        * wtf/Threading.h: also detect os symbian

2010-03-28  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Remove the definition of WTF_CHANGES guards from the build system
        https://bugs.webkit.org/show_bug.cgi?id=31670
  
        * JavaScriptCore.pro: Remove the definition of WTF_CHANGES
        as it is already defined in config.h

2010-03-28  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Add API for reporting additional memory cost of JavaScript objects
        https://bugs.webkit.org/show_bug.cgi?id=36650

        * qt/api/qscriptengine.cpp:
        (QScriptEngine::reportAdditionalMemoryCost):
        * qt/api/qscriptengine.h:
        * qt/api/qscriptengine_p.h:
        (QScriptEnginePrivate::reportAdditionalMemoryCost):
        * qt/tests/qscriptengine/tst_qscriptengine.cpp:
        (tst_QScriptEngine::reportAdditionalMemoryCost):

2010-03-28  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        QScriptEngine API was enriched by globalObject() method
        which give an access to the global object.

        [Qt] QScriptEngine doesn't give an access to global object
        https://bugs.webkit.org/show_bug.cgi?id=36603

        * qt/api/qscriptengine.cpp:
        (QScriptEngine::globalObject):
        * qt/api/qscriptengine.h:
        * qt/api/qscriptengine_p.cpp:
        (QScriptEnginePrivate::globalObject):
        * qt/api/qscriptengine_p.h:
        * qt/tests/qscriptengine/tst_qscriptengine.cpp:
        (tst_QScriptEngine::globalObject):

2010-03-26  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Build JavaScriptCore as a static library.
        https://bugs.webkit.org/show_bug.cgi?id=36590

        This patch takes what was left of the unused JavaScriptCore.pro
        and moved the compilation logic from JavaScriptCore.pri to
        JavaScriptCore.pro.

        * JavaScriptCore.pri:
        * JavaScriptCore.pro:
        * jsc.pro:
        * qt/api/QtScript.pro:

2010-03-25  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::willExecute):
        (JSC::ProfileGenerator::didExecute):

2010-03-25  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 36611 - Cleanup JSC::CString
        Rename CString::c_str() -> CString::data(), CString::size() -> CString::length(),
        remove UString::getCString() (all uses are wrong, should use UString::UTF8String()).

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::printUnaryOp):
        (JSC::CodeBlock::printBinaryOp):
        (JSC::CodeBlock::printConditionalJump):
        (JSC::CodeBlock::printGetByIdOp):
        (JSC::CodeBlock::printPutByIdOp):
        (JSC::printGlobalResolveInfo):
        (JSC::printStructureStubInfo):
        (JSC::CodeBlock::printStructure):
        (JSC::CodeBlock::printStructures):
        (JSC::CodeBlock::dump):
        * jsc.cpp:
        (functionPrint):
        (functionDebug):
        (runInteractive):
        (fillBufferWithContentsOfFile):
        * profiler/CallIdentifier.h:
        (JSC::CallIdentifier::c_str):
        * profiler/Profile.cpp:
        (JSC::Profile::debugPrintDataSampleStyle):
        * profiler/ProfileNode.cpp:
        (JSC::ProfileNode::debugPrintData):
        (JSC::ProfileNode::debugPrintDataSampleStyle):
        * runtime/DateConversion.cpp:
        (JSC::parseDate):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::globalFuncJSCPrint):
        * runtime/UString.cpp:
        (JSC::operator==):
        (JSC::UString::toDouble):
        * runtime/UString.h:
        (JSC::CString::length):
        (JSC::CString::data):

2010-03-25  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by nobody, build fix.

        [Qt] Build fix on MSVC. Reverts r55633 for stdint.h

        This file gets included in generated moc files which don't
        include the prefix header.

        * os-win32/stdint.h:

2010-03-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

2010-03-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Switch String::latin1, String::utf8, String::fromUTF8 to
        use WTF's Unicode conversion methods rather than TextEncoder.
        These methods only perform simple conversion, and don't need
        really require TextEncoder's full capability (to look up arbitrary
        encodings by name), switching to only be dependent on WTF will
        make it easier if we chose to move WebCore::String to WTF.

        * JavaScriptCore.exp:

2010-03-24  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoff Garen.

        * wtf/FastMalloc.h: Added a using directive for fastMallocSize, like we do for all public
        WTF symbols. Also sorted the list alphabetically.

2010-03-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (speculative windows build fix part II).

2010-03-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (speculative windows build fix).

2010-03-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 36519 - JSGlobalContextRelease is unnecessarily slow

        Since [ http://trac.webkit.org/changeset/35917 ], calling
        JSGlobalContextRelease always triggers a GC heap collection
        (if not a full destroy). As per 35917's changelog "This is
        only really necessary when the (JSGlobalObject's) last
        reference is released, but there is no way to determine that,
        and no harm in collecting slightly more often."
        
        Well, we now know of cases of API clients who are harmed by
        the performance penalty of collecting too often, so it's time
        to add a way to determine whether a call to JSGlobalContextRelease
        is removing the last protect from it's global object.  If further
        protects are retaining the global object (likely from other
        JSGlobalContextRefs), then don't trigger a GC collection.

        * API/JSContextRef.cpp:
        * runtime/Collector.cpp:
        (JSC::Heap::unprotect): return a boolean indicating that the value is now unprotected.
        * runtime/Collector.h:
        * wtf/HashCountedSet.h:
        (WTF::::remove): return a boolean indicating whether the value was removed from the set.

2010-03-23  Mark Rowe  <mrowe@apple.com>

        Build fix.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncSplice): Some versions of GCC emit a warning about the implicit 64- to 32-bit truncation
        that takes place here. An explicit cast is sufficient to silence it.

2010-03-23  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): Fixed a typo - length doesn't
        need to be converted with toInteger().

2010-03-23  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=36511
        <rdar://problem/7753498> Safari freezes when using SPUTNIK JavaScript conformance check

        Test: fast/js/sputnik-S15.4.4.12_A3_T3.html

        * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): We were incorrectly computing
        the start offset, and iterated over (almost) all integers. Note that this can be fixed
        without using doubles, but the code would be much more complicated, and there is no important
        reason to stick to integers here.

2010-03-23  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        Fix compilation on Itanium in 32-bit mode
        https://bugs.webkit.org/show_bug.cgi?id=36494

        * wtf/Platform.h: Introduce CPU(IA64_32). Don't define
          WTF_USE_JSVALUE64 if the CPU is in 32-bit mode.

2010-03-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.

        Interpreter fix for <rdar://problem/7728196> REGRESSION (r46701): -(-2147483648)
        evaluates to -2147483648 on 32 bit (35842)

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute): Only take the fast negate path if
        a bit other than bit 31 is set. If none of bits 0-30 are set, then the
        value we're negating can only be 0 or -2147483648, and neither can be
        negated in int space.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emitSlow_op_negate): Updated the JIT implementation to match
        the interpreter, since it's slightly simpler.

2010-03-22  Siddharth Mathur  <siddharth.mathur@nokia.com>

        Reviewed by Laszlo Gombos.

        [Symbian] More efficient aligned memory allocation for JSC Collector
        https://bugs.webkit.org/show_bug.cgi?id=34350

        * JavaScriptCore.pri: Added 2 new Symbian source files and HAL linkage

        * runtime/Collector.cpp: Reduced port-specific code and added private data member
        (JSC::Heap::Heap):
        (JSC::Heap::~Heap):
        (JSC::Heap::destroy):
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlockPtr):

        * runtime/Collector.h: Added private data member

        * wtf/symbian: Added.
        * wtf/symbian/BlockAllocatorSymbian.cpp: Added.
        (WTF::AlignedBlockAllocator::AlignedBlockAllocator): Helper class to allocate 
        aligned blocks more efficiently as required by Collector
        (WTF::AlignedBlockAllocator::alloc):
        (WTF::AlignedBlockAllocator::free):
        (WTF::AlignedBlockAllocator::destroy):
        (WTF::AlignedBlockAllocator::~AlignedBlockAllocator):
        * wtf/symbian/BlockAllocatorSymbian.h: Added.

2010-03-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Fixed <rdar://problem/7728196> REGRESSION (r46701): -(-2147483648)
        evaluates to -2147483648 on 32 bit (35842)
        
        Two ways to fix the same bug:
        
        1. Check for overflow when negating, since negating the largest negative
        int causes overflow.
        
        2. Constant-fold even when negating a negative, since, like they say in
        high school, "math works."

        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::branchNeg32):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::branchNeg32): Added a branching version
        of the negate operator.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate): Use the branching version of the negate 
        operator to check for overflow.

        (JSC::JIT::emitSlow_op_negate): Link the check for overflow to a slow case.
        (We could emit inline code for this, since we know what the result would
        be, but that's probably just a waste of generated code.)

        * parser/Grammar.y: Constant fold even when negating a negative.

2010-03-22  David Kilzer  <ddkilzer@apple.com>

        <http://webkit.org/b/36431> Clean up 'int' use in UString.cpp after r54789

        Reviewed by Darin Adler.

        * runtime/UString.cpp:
        (JSC::UString::from): Changed argument type from 'unsigned int'
        to 'unsigned' to match WebKit coding style.
        (JSC::UString::find): Changed static_cast<int>() to
        static_cast<unsigned>() now that this method returns unsigned.
        (JSC::UString::rfind): Ditto.
        * runtime/UString.h:
        (JSC::UString::from): Changed argument type from 'unsigned int'
        to 'unsigned' to match WebKit coding style.

2010-03-22  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Add support for syntax checking in the QtScript API.

        New class was created; the QScriptSyntaxCheckResult which main
        responsibility is to provide results of the ECMA Script code
        syntax check. The class is not fully functional as the JSC C API
        doesn't expose an error column number, but it is a good start point
        for a future development.

        [Qt] QtScript functionality should be extended by syntax checking.
        https://bugs.webkit.org/show_bug.cgi?id=36123

        * qt/api/QtScript.pro:
        * qt/api/qscriptengine.cpp:
        (QScriptEngine::checkSyntax):
        * qt/api/qscriptengine.h:
        * qt/api/qscriptengine_p.cpp:
        (QScriptEnginePrivate::checkSyntax):
        * qt/api/qscriptengine_p.h:
        * qt/api/qscriptsyntaxcheckresult.cpp: Added.
        (QScriptSyntaxCheckResult::QScriptSyntaxCheckResult):
        (QScriptSyntaxCheckResult::~QScriptSyntaxCheckResult):
        (QScriptSyntaxCheckResult::operator=):
        (QScriptSyntaxCheckResult::state):
        (QScriptSyntaxCheckResult::errorLineNumber):
        (QScriptSyntaxCheckResult::errorColumnNumber):
        (QScriptSyntaxCheckResult::errorMessage):
        * qt/api/qscriptsyntaxcheckresult.h: Added.
        * qt/api/qscriptsyntaxcheckresult_p.cpp: Added.
        (QScriptSyntaxCheckResultPrivate::~QScriptSyntaxCheckResultPrivate):
        (QScriptSyntaxCheckResultPrivate::errorMessage):
        (QScriptSyntaxCheckResultPrivate::errorLineNumber):
        * qt/api/qscriptsyntaxcheckresult_p.h: Added.
        (QScriptSyntaxCheckResultPrivate::get):
        (QScriptSyntaxCheckResultPrivate::QScriptSyntaxCheckResultPrivate):
        (QScriptSyntaxCheckResultPrivate::state):
        (QScriptSyntaxCheckResultPrivate::errorColumnNumber):
        * qt/tests/qscriptengine/tst_qscriptengine.cpp:
        (tst_QScriptEngine::checkSyntax_data):
        (tst_QScriptEngine::checkSyntax):

2010-03-21  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        New class; QScriptProgram.

        The class should be used to evaluate the same script multiple times
        more efficiently.

        [Qt] QtScript should have QScriptProgram class
        https://bugs.webkit.org/show_bug.cgi?id=36008

        * qt/api/QtScript.pro:
        * qt/api/qscriptengine.cpp:
        (QScriptEngine::evaluate):
        * qt/api/qscriptengine.h:
        * qt/api/qscriptengine_p.cpp:
        (QScriptEnginePrivate::evaluate):
        * qt/api/qscriptengine_p.h:
        (QScriptEnginePrivate::evaluate):
        * qt/api/qscriptprogram.cpp: Added.
        (QScriptProgram::QScriptProgram):
        (QScriptProgram::~QScriptProgram):
        (QScriptProgram::operator=):
        (QScriptProgram::isNull):
        (QScriptProgram::sourceCode):
        (QScriptProgram::fileName):
        (QScriptProgram::firstLineNumber):
        (QScriptProgram::operator==):
        (QScriptProgram::operator!=):
        * qt/api/qscriptprogram.h: Added.
        * qt/api/qscriptprogram_p.h: Added.
        (QScriptProgramPrivate::get):
        (QScriptProgramPrivate::QScriptProgramPrivate):
        (QScriptProgramPrivate::~QScriptProgramPrivate):
        (QScriptProgramPrivate::isNull):
        (QScriptProgramPrivate::sourceCode):
        (QScriptProgramPrivate::fileName):
        (QScriptProgramPrivate::firstLineNumber):
        (QScriptProgramPrivate::operator==):
        (QScriptProgramPrivate::operator!=):
        (QScriptProgramPrivate::program):
        (QScriptProgramPrivate::file):
        (QScriptProgramPrivate::line):
        * qt/tests/qscriptengine/tst_qscriptengine.cpp:
        (tst_QScriptEngine::evaluateProgram):

2010-03-21  David Kilzer  <ddkilzer@apple.com>

        Blind attempt #2 to fix the Windows build after r56314

        * API/tests/testapi.c: Include JSObjectRefPrivate.h for the new
        methods instead of declaring them locally (and non-extern).
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        Backed out previous change.

2010-03-21  David Kilzer  <ddkilzer@apple.com>

        Blind attempt to fix the Windows build after r56314

        Try to fix the following errors on the Windows buildbot:

            Linking...
            testapi.obj : error LNK2001: unresolved external symbol "bool __cdecl JSObjectSetPrivateProperty(struct OpaqueJSContext const *,struct OpaqueJSValue *,struct OpaqueJSString *,struct OpaqueJSValue const *)" (?JSObjectSetPrivateProperty@@YA_NPBUOpaqueJSContext@@PAUOpaqueJSValue@@PAUOpaqueJSString@@PBU2@@Z)
            testapi.obj : error LNK2001: unresolved external symbol "struct OpaqueJSValue const * __cdecl JSObjectGetPrivateProperty(struct OpaqueJSContext const *,struct OpaqueJSValue *,struct OpaqueJSString *)" (?JSObjectGetPrivateProperty@@YAPBUOpaqueJSValue@@PBUOpaqueJSContext@@PAU1@PAUOpaqueJSString@@@Z)
            C:\cygwin\home\buildbot\slave\win-release\build\WebKitBuild\bin\testapi.exe : fatal error LNK1120: 2 unresolved externals

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Added
        missing symbols to be exported.

2010-03-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Documentation fix for previous patch.

        * API/JSObjectRefPrivate.h:

2010-03-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        JSC needs an API to allow custom objects to have aprivate GC-accessible properties
        https://bugs.webkit.org/show_bug.cgi?id=36420

        Add new API methods to support "private" properties on custom
        objects.

        * API/JSCallbackObject.h:
        (JSC::JSCallbackObjectData::JSCallbackObjectData):
        (JSC::JSCallbackObjectData::~JSCallbackObjectData):
        (JSC::JSCallbackObjectData::getPrivateProperty):
        (JSC::JSCallbackObjectData::setPrivateProperty):
        (JSC::JSCallbackObjectData::deletePrivateProperty):
        (JSC::JSCallbackObjectData::markChildren):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::deletePrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
        (JSC::JSCallbackObject::getPrivateProperty):
        (JSC::JSCallbackObject::setPrivateProperty):
        (JSC::JSCallbackObject::deletePrivateProperty):
        (JSC::JSCallbackObject::markChildren):
        * API/JSObjectRef.cpp:
        (JSObjectGetPrivateProperty):
        (JSObjectSetPrivateProperty):
        (JSObjectDeletePrivateProperty):
        * API/JSObjectRefPrivate.h: Added.
        * API/tests/testapi.c:
        (main):
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2010-03-20  Kevin Ollivier  <kevino@theolliviers.com>

        [wx] Build fixes after introduction of Brew files.

        * wscript:

2010-03-18  Tom Callaway  <tcallawa@redhat.com>

        Reviewed by Darin Adler.

        Bug 35429: Fix compile on SPARC64
        https://bugs.webkit.org/show_bug.cgi?id=35429

        * wtf/Platform.h: Set WTF_USE_JSVALUE64 for SPARC64

2010-03-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Add API to directly expose JSON parsing
        https://bugs.webkit.org/show_bug.cgi?id=34887

        Add API to expose JSON parsing directly, and add tests to testapi

        * API/JSValueRef.cpp:
        (JSValueMakeFromJSONString):
        (JSValueCreateJSONString):
        * API/tests/testapi.c:
        (main):
        * JavaScriptCore.exp:
        * runtime/JSONObject.cpp:
        (JSC::JSONStringify):
        * runtime/JSONObject.h:

2010-03-16  Sam Weinig  <sam@webkit.org>

        Reviewed by Darin Adler and Mark Rowe.

        Update WebKit availability macros for release after 4.0.

        * API/WebKitAvailability.h:

2010-03-17  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        undefined, NaN, and Infinity should be ReadOnly
        https://bugs.webkit.org/show_bug.cgi?id=36263

        Simply add the ReadOnly flag to these properties.

        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):

2010-03-17  Darin Adler  <darin@apple.com>

        Reviewed by Oliver Hunt.

        Speed up Math.round a little by removing unneeded special case
        https://bugs.webkit.org/show_bug.cgi?id=36107

        Test: fast/js/math.html

        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncRound): This function had a special case for numbers
        between -0.5 and -0.0 to return -0.0. But the algorithm in the function
        already yields -0.0 for those cases, so the extra checking and branching
        is unneeded.

2010-03-17  Mike Homey  <glandium@debian.org>

        Reviewed by Gustavo Noronha.

        Build fix for SPARC. Fix missing macro value.

        * wtf/Platform.h:

2010-03-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt, Darin Adler.

        Bug 36083 - REGRESSION (r55772-r55834): Crash in JavaScriptCore RegExp code on PowerPC

        The problem is a bug in our port of PCRE - that a read may take place from the first character in an
        empty string.  For the time being, revert to using a valid pointer in the data segment rather than
        an invalid non-null pointer into the zero-page for the empty string's data pointer.  A better fix for
        this will be to remove PCRE.

        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::empty):

2010-03-16  Darin Adler  <darin@apple.com>

        Rolled out r56081 since it broke the Windows build.

2010-03-16  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Remove extra <new> include and add guards to operator new/delete definitions
        https://bugs.webkit.org/show_bug.cgi?id=35967

        Remove extra <new> header include from FastAlloc.cpp since it is included in 
        FastAlloc.h. Add ENABLE(GLOBAL_FASTMALLOC_NEW) macro guard to operator
        new/delete/new []/delete [] definitions.

        * wtf/FastMalloc.cpp:

2010-03-15  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Add a function to create a BREW instance without local variable declarations.
        https://bugs.webkit.org/show_bug.cgi?id=34705

        Add a template function to create a BREW instance in one line.

        * wtf/brew/ShellBrew.h: Added.
        (WTF::createInstance):

2010-03-15  Geoffrey Garen  <ggaren@apple.com>

        Not reviewed.

        Removed a now-incorrect comment I forgot to remove in my last check-in.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::scavenge):

2010-03-15  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Fixed a portion of:
        <rdar://problem/7165917> | https://bugs.webkit.org/show_bug.cgi?id=28676
        Safari 4 does not release memory back to the operating system fast enough (28676)

        Every few seconds, release a percentage of the minimum unused page count
        during that time period.

        SunSpider reports no change, command-line or in-browser, Mac or Windows.
        
        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::init):
        (WTF::TCMalloc_PageHeap::signalScavenger):
        (WTF::TCMalloc_PageHeap::initializeScavenger): Renamed shouldContinueScavenging
        to shouldScavenge, since scavenging is no longer something that we interrupt.

        (WTF::TCMalloc_PageHeap::scavenge): The new scavenging algorithm. Fixes
        a bug where the old code would release only one item from each size class
        per scavenge, potentially leaving large numbers of large-sized objects
        unreleased for a long time.

        (WTF::TCMalloc_PageHeap::shouldScavenge):
        (WTF::TCMalloc_PageHeap::New):
        (WTF::TCMalloc_PageHeap::AllocLarge):
        (WTF::TCMalloc_PageHeap::Delete):
        (WTF::TCMalloc_PageHeap::GrowHeap):
        (WTF::TCMalloc_PageHeap::scavengerThread):
        (WTF::TCMalloc_PageHeap::periodicScavenge): Updated to track the minimum
        value of free_committed_pages_ during a given scavenge period.

2010-03-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=35843
        Re-land reverted fix to JSString::getIndex()

        Calling getIndex() on a JSString in rope form may result in a JSException being thrown
        if there is insuficient memory so value(exec) returns UString() with length zero,
        which will be passed to jsSingleCharacterSubstring.
        Add a slow case function to trap the error & return a safe null value, until the
        exception is handled.

        * runtime/JSString.cpp:
        (JSC::JSString::getIndexSlowCase):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::jsSingleCharacterSubstring):
        (JSC::JSString::getIndex):
        (JSC::jsSingleCharacterString):
        (JSC::JSString::getStringPropertySlot):

2010-03-04  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        Reviewed by Adam Roben.

        Add a long long version of abs() for MSVC.

        * wtf/MathExtras.h:
        (abs):

2010-03-15  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Combine ctiTrampolines on ARM and Thumb-2
        https://bugs.webkit.org/show_bug.cgi?id=36014

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2010-03-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 36075 - Clean up screwyness re static string impls & Identifiers.

        * API/JSClassRef.cpp:
        (OpaqueJSClass::~OpaqueJSClass): Classname may be null/empty, and these are an identifer.  This is okay, since the null/empty strings are shared across all threads.
        * JavaScriptCore.exp:
        * runtime/Identifier.cpp:
        (JSC::Identifier::add): No need to explicitly hash null reps, this is done in the ststic UStringImpl constructor.
        (JSC::Identifier::addSlowCase): UStringImpl::empty() handled & checkCurrentIdentifierTable now called in the header.
        (JSC::Identifier::checkCurrentIdentifierTable): Replaces checkSameIdentifierTable (this no longer checked the rep since the identifierTable pointer was removed from UString::Rep long ago).
        * runtime/Identifier.h:
        (JSC::Identifier::add): Replace call to checkSameIdentifierTable with call to checkCurrentIdentifierTable at head of function.
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::~UStringImpl): Remove call to checkConsistency - this function no longer checks anything interesting.
        * runtime/UStringImpl.h:
        (JSC::UStringOrRopeImpl::UStringOrRopeImpl): Set s_refCountFlagIsIdentifier in static constructor.
        (JSC::UStringImpl::UStringImpl): remove calls to checkConsistency (see above), add new ASSERT to substring constructor.
        (JSC::UStringImpl::setHash): ASSERT not static (static strings set the hash in their constructor, should not reach this code path).
        (JSC::UStringImpl::create): Add missing ASSERT.
        (JSC::UStringImpl::setIsIdentifier): ASSERT !isStatic() (static strings hash set in constructor).

2010-03-12  Peter Varga  <pvarga@inf.u-szeged.hu>

        Reviewed by David Levin.

        Two functions tryConsumeCharacter() and tryConsumeCharacterClass() are
        removed from yarr/RegexInterpreter.cpp because they are never called.

        * yarr/RegexInterpreter.cpp:

2010-03-11  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        The JSNative state was renamed to JSPrimitive. The new name better
        coresponds to the ECMAScript standard.

        Enum QScriptValuePrivate::States was renamed to State to obey Qt
        coding style rules ("States" name suggests that a state could
        mixed together with an other state using bitwise logic operators.

        [Qt] QScriptValuePrivate::States has naming issues
        https://bugs.webkit.org/show_bug.cgi?id=35968

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::):
        (QScriptValuePrivate::QScriptValuePrivate):
        (QScriptValuePrivate::isBool):
        (QScriptValuePrivate::isNumber):
        (QScriptValuePrivate::isNull):
        (QScriptValuePrivate::isString):
        (QScriptValuePrivate::isUndefined):
        (QScriptValuePrivate::toString):
        (QScriptValuePrivate::toNumber):
        (QScriptValuePrivate::toBool):
        (QScriptValuePrivate::assignEngine):
        (QScriptValuePrivate::refinedJSValue):

2010-03-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        Add export.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        Add export.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-11  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Oliver Hunt.

        Remove nonsense comments used in development & commited in error.

        * runtime/UStringImpl.h:

2010-03-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        Remove export.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=36041
        Remove unnecessary differences in common code between WebCore::StringImpl & JSC::UStringImpl

        Much of the code in WebCore::StringImpl and JSC::UStringImpl is now very similar,
        but has trivial and unnecessary formatting differences, such as the exact wording
        of comments, missing ASSERTs, functions implemented in the .h vs .cpp etc.

        * runtime/Identifier.cpp:
        (JSC::Identifier::add): UStringImpl::empty() now automatically hashes, uas per WebCore strings.
        (JSC::Identifier::addSlowCase): UStringImpl::empty() now automatically hashes, uas per WebCore strings.
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::~UStringImpl): Only call bufferOwnership() once, add missing ASSERTs.
        (JSC::UStringImpl::createUninitialized): Move from .h, not commonly called, no need to inline.
        (JSC::UStringImpl::create): Move from .h, not commonly called, no need to inline.
        (JSC::UStringImpl::sharedBuffer): Rewritten to more closely match WebCore implementation, remove need for separate baseSharedBuffer() method.
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::UStringImpl): Automatically hash static strings, ASSERT m_data & m_length are non-null/non-zero in non-static strings.
        (JSC::UStringImpl::setHash): Add missing ASSERT.
        (JSC::UStringImpl::create): Moved to .cpp / added missing check for empty string creation.
        (JSC::UStringImpl::adopt): Vector.size() returns size_t, not unsigned.
        (JSC::UStringImpl::cost): Renamed m_bufferSubstring -> m_substringBuffer
        (JSC::UStringImpl::hash): Reordered in file.
        (JSC::UStringImpl::existingHash): Reordered in file.
        (JSC::UStringImpl::computeHash): Reordered in file, renamed parameter.
        (JSC::UStringImpl::checkConsistency): rewrote ASSERT.
        (JSC::UStringImpl::bufferOwnership): Return type should be BufferOwnership.
        (JSC::UStringImpl::): Moved friends to head of class.

2010-03-11  Mark Rowe  <mrowe@apple.com>

        Reviewed by David Kilzer.

        <rdar://problem/7745082> Make it possible to build WebKit for older Mac OS X versions from the current Mac OS X version

        Default to using the appropriate SDK if the target Mac OS X version is not the current Mac OS X version.

        * Configurations/Base.xcconfig:

2010-03-11  Mark Rowe  <mrowe@apple.com>

        Reviewed by Tim Hatcher.

        <rdar://problem/7745082> Make it possible to build WebKit for older Mac OS X versions from the current Mac OS X version

        Introduce TARGET_MAC_OS_X_VERSION_MAJOR to represent the Mac OS X version that is being targeted.  It defaults to the
        current Mac OS X version unless otherwise specified.

        Key off TARGET_MAC_OS_X_VERSION_MAJOR where we'd previously been keying off MAC_OS_X_VERSION_MAJOR.

        Explicitly map from the target Mac OS X version to the preferred compiler since Xcode's default compiler choice
        may not be usable when targetting a different Mac OS X version.

        Key off TARGET_GCC_VERSION rather than MAC_OS_X_VERSION_MAJOR in locations where we'd previously been keying off
        MAC_OS_X_VERSION_MAJOR but the decision is really related to the compiler version being used.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/JavaScriptCore.xcconfig:
        * Configurations/Version.xcconfig:

2010-03-11  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Mark Rowe.

        Sort the project file.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2010-03-11  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Mark Rowe.

        Sort the project file .

        * JavaScriptCore.xcodeproj/project.pbxproj:

2010-03-11  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Buildfix for Thumb-2 after r55684. Add branch8 and branchTest8 functions.
        https://bugs.webkit.org/show_bug.cgi?id=35892

        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::):
        (JSC::ARMv7Assembler::ldrb):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::load8):
        (JSC::MacroAssemblerARMv7::branch8):
        (JSC::MacroAssemblerARMv7::branchTest8):
        (JSC::MacroAssemblerARMv7::setTest8):

2010-03-10  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Oliver Hunt.
        
        Rename JSC::UStringImpl::data() to characters(), to match WebCore::StringImpl.

        * API/JSClassRef.cpp:
        (OpaqueJSClassContextData::OpaqueJSClassContextData):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::keyForCharacterSwitch):
        * bytecompiler/NodesCodegen.cpp:
        (JSC::processClauseList):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        * runtime/Identifier.cpp:
        (JSC::Identifier::equal):
        (JSC::Identifier::addSlowCase):
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/UString.cpp:
        (JSC::UString::toStrictUInt32):
        (JSC::equal):
        * runtime/UString.h:
        (JSC::UString::data):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::characters):
        (JSC::UStringImpl::hash):
        (JSC::UStringImpl::setHash):

2010-03-10  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler, Geoffrey Garen, Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=35991
        Would be faster to not use a thread specific to implement StringImpl::empty()

        Change JSC::UStringImpl's implementation of empty() match to match StringImpl's new implementation
        (use a static defined within the empty() method), and change the interface to match too (return
        a pointer not a reference). 

        ~0% performance impact (possible minor progression from moving empty() from .h to .cpp).

        * JavaScriptCore.exp:
        * runtime/Identifier.cpp:
        (JSC::Identifier::add):
        (JSC::Identifier::addSlowCase):
        * runtime/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * runtime/UString.cpp:
        (JSC::initializeUString):
        (JSC::UString::UString):
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::empty):
        (JSC::UStringImpl::create):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::adopt):
        (JSC::UStringImpl::createUninitialized):
        (JSC::UStringImpl::tryCreateUninitialized):

2010-03-10  Dmitry Titov  <dimich@chromium.org>

        Not reviewed, fixing Snow Leopard build.

        * wtf/mac/MainThreadMac.mm: Forgot 'static' for a new local function.
        (WTF::postTimer):

2010-03-10  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Darin Adler.

        Make Document::postTask to use a single queue of tasks, to fire them in order
        https://bugs.webkit.org/show_bug.cgi?id=35943

        The patch uses CFRunLoopTimer to schedule execution of tasks instead of performSelectorOnMainThread which apparently can starve other event sources.
        The timer is used when the schedule request is coming on the main thread itself. This happens when the task is posted on the main thread or
        when too many tasks are posted and the queue does 'stop and re-schedule' to make sure run loop has a chance to execute other events.

        * wtf/mac/MainThreadMac.mm:
        (WTF::timerFired):
        (WTF::postTimer):
        (WTF::scheduleDispatchFunctionsOnMainThread): Use timer posted to the current RunLoop if scheduling the task execution while on the main thread.

2010-03-10  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: added new symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-10  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed old symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Alexey Proskuryakov, Darin Adler, and Sam Weinig.

        Refactored fastCheckConsistency to match some review comments:
            - renamed fastCheckConsistency to fastMallocSize, and changed ValueCheck
              to ASSERT that a pointer's fastMallocSize is not 0.
            - implemented a version of fastMallocSize for tcmalloc.
            
        Also moved some pre-existing code around to avoid a problem related to
        mismatched #define/#undef of malloc/free in this source file.

        * JavaScriptCore.exp:
        * wtf/FastMalloc.cpp:
        (WTF::fastMallocSize): Renamed. Fixed indentation.

        (WTF::TCMalloc_PageHeap::scavenge): Removed an incorrect ASSERT that
        got in the way of testing the tcmalloc implementation. (More information
        on why this ASSERT is incorrect is in <rdar://problem/7165917>.)

        (WTF::TCMallocStats::fastMallocSize): Implemented for tcmalloc.

        * wtf/FastMalloc.h: Updated for rename.

        * wtf/ValueCheck.h:
        (WTF::): Moved the ASSERT that used to be in fastCheckConsistency here.

2010-03-10  Kevin Ollivier  <kevino@theolliviers.com>

        Reviewed by Eric Seidel.

        Make global new/delete operators configurable for all ports and disable it
        for the wx port for now.

        * wtf/FastMalloc.h:
        * wtf/Platform.h:

2010-03-09  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (reverting r54510).

        This caused a performance regression, by breaking the code
        generator's logic to calculate the skip level for resolving
        variables (traced by rdar:7683350)  Reverting for now.

        * parser/Grammar.y:
        * parser/NodeConstructors.h:
        (JSC::ContinueNode::ContinueNode):
        (JSC::BreakNode::BreakNode):
        (JSC::ForInNode::ForInNode):
        * runtime/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers):
        * runtime/CommonIdentifiers.h:
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/Identifier.cpp:
        (JSC::Identifier::add):
        * runtime/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):

2010-03-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Changed FastMalloc statistics reporting to be a bit clearer. We now
        report:
            - Reserved VM Bytes: the VM that has been mapped into the process.
            - Committed VM Bytes: the subset of Reserved VM Bytes actually in use.
            - Free List Bytes: the subset of Committed VM Bytes in a free list.

        * wtf/FastMalloc.cpp:
        (WTF::fastMallocStatistics):
        (WTF::TCMallocStats::fastMallocStatistics): Updated to report the statistics
        above. Standardized use of "ifdef WTF_CHANGES". Added a SpinLockHolder
        around all statistics gathering, since it reads from the page heap.

        * wtf/FastMalloc.h: Updated to report the statistics above. 

2010-03-09  Gabor Loki  <loki@webkit.org>

        Rubber-stamped by Maciej Stachowiak.

        Buildfix for ARM after r55684. Add branch8 and branchTest8 functions.
        https://bugs.webkit.org/show_bug.cgi?id=35892

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::dataTransfer32):
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::load8):
        (JSC::MacroAssemblerARM::branch8):
        (JSC::MacroAssemblerARM::branchTest8):

2010-03-08  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: 'P' is not a type. Luckily, 'void' is.

        * wtf/FastMalloc.cpp:
        (WTF::fastCheckConsistency):

2010-03-08  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: export a new symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-08  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.

        Switching malloc implementations requires a world rebuild
        https://bugs.webkit.org/show_bug.cgi?id=35899

        * wtf/FastMalloc.cpp:
        (WTF::fastCheckConsistency):
        (WTF::TCMallocStats::fastCheckConsistency):
        * wtf/FastMalloc.h:
        * wtf/ValueCheck.h:
        (WTF::): Moved pointer checking into a helper function in FastMalloc.cpp,
        so you can switch malloc implementations without rebuilding the world.

2010-03-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        TypeInfo is unnecessarily large
        https://bugs.webkit.org/show_bug.cgi?id=35850

        Reduce the size of the type and flags members to a single
        byte each, reducing the size of Structure by 8 bytes.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::branch8):
        (JSC::MacroAssemblerX86Common::branchTest8):
        (JSC::MacroAssemblerX86Common::setTest8):
          Add single byte branches, and correct setTest8 to do a
          single byte read from memory, and actually store the result
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::cmpb_im):
        (JSC::X86Assembler::testb_im):
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_construct_verify):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_get_pnames):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        * runtime/JSTypeInfo.h:
        (JSC::TypeInfo::TypeInfo):
        (JSC::TypeInfo::type):

2010-03-08  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (reverting regression).

        Reverting 55035, this caused a regression.
        (https://bugs.webkit.org/show_bug.cgi?id=35843)

        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::jsSingleCharacterSubstring):
        (JSC::JSString::getIndex):
        (JSC::JSString::getStringPropertySlot):
        * runtime/UStringImpl.cpp:
        * runtime/UStringImpl.h:

2010-03-08  Stuart Morgan  <stuartmorgan@chromium.org>

        Reviewed by Darin Adler.

        Added a new USE definition for secure text mode on the Mac.
        https://bugs.webkit.org/show_bug.cgi?id=31265

        * wtf/Platform.h:

2010-03-08  Jian Li  <jianli@chromium.org>

        Reviewed by Dmitry Titov.

        Blob.slice support.
        https://bugs.webkit.org/show_bug.cgi?id=32993

        Add ENABLE_BLOB_SLICE feature define.
        Also fix a problem that JSValue.toInteger is not exposed on Windows.

        * Configurations/FeatureDefines.xcconfig:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-07  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Small performance fix in the QScriptConverter::toString().

        The QByteArray was replaced by the QVarLengthArray which doesn't
        have to allocate any memory on heap.

        [Qt] QScriptConverter::toString() should use QVarLengthArray instead of QByteArray
        https://bugs.webkit.org/show_bug.cgi?id=35577

        * qt/api/qscriptconverter_p.h:
        (QScriptConverter::toString):

2010-03-06  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Sam Weinig.

        Remove unnecessary includes of wtf/Platform.h.  This is already pulled in by config.h.

        * API/APICast.h:
        * API/JSCallbackFunction.cpp:
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        * API/JSValueRef.cpp:
        * assembler/ARMAssembler.h:
        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        * assembler/AssemblerBuffer.h:
        * assembler/AssemblerBufferWithConstantPool.h:
        * assembler/CodeLocation.h:
        * assembler/LinkBuffer.h:
        * assembler/MIPSAssembler.h:
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.h:
        * assembler/MacroAssemblerARMv7.h:
        * assembler/MacroAssemblerCodeRef.h:
        * assembler/MacroAssemblerMIPS.h:
        * assembler/MacroAssemblerX86.h:
        * assembler/MacroAssemblerX86Common.h:
        * assembler/MacroAssemblerX86_64.h:
        * assembler/RepatchBuffer.h:
        * assembler/X86Assembler.h:
        * jit/JIT.h:
        * jit/JITCode.h:
        * jit/JITInlineMethods.h:
        * jit/JITStubs.h:
        * os-win32/stdint.h:
        * runtime/JSAPIValueWrapper.h:
        * runtime/JSImmediate.h:
        * wtf/ASCIICType.h:
        * wtf/StdLibExtras.h:
        * wtf/VMTags.h:
        * yarr/RegexCompiler.h:
        * yarr/RegexInterpreter.h:
        * yarr/RegexJIT.h:
        * yarr/RegexParser.h:
        * yarr/RegexPattern.h:

2010-03-06  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Share OwnPtr.
        https://bugs.webkit.org/show_bug.cgi?id=35776

        Share OwnPtr implementation with BREW MP and remove OwnPtrBrew.

        * wtf/OwnPtrBrew.cpp: Added.
        (WTF::deleteOwnedPtr):
        * wtf/OwnPtrCommon.h:
        * wtf/brew/OwnPtrBrew.cpp: Removed.
        * wtf/brew/OwnPtrBrew.h: Removed.

2010-03-06  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Eric Seidel.

        Implemented JIT_OPTIMIZE_NATIVE_CALL for WinCE
        https://bugs.webkit.org/show_bug.cgi?id=33426

        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):

2010-03-05  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (build fix).

        Add enw exports to windows

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-05  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        JSC should cache int to Identifier conversion as it does for ordinary strings
        https://bugs.webkit.org/show_bug.cgi?id=35814

        Make the NumericStrings cache cache unsigned ints in addition to signed.
        We keep them separate from the int cache as it both simplifies code, and
        also because the unsigned path is exclusive to property access and therefore
        seems to have different usage patterns.

        The primary trigger for the unsigned to Identifier propertyName conversion
        is the construction of array-like objects out of normal objects.  Given these
        tend to be relative small numbers, and the array-like behaviour lends itself
        to sequential values this patch also adds a non-colliding cache for all small
        numbers.

        * JavaScriptCore.exp:
        * runtime/Identifier.cpp:
        (JSC::Identifier::from):
        * runtime/Identifier.h:
        * runtime/NumericStrings.h:
        (JSC::NumericStrings::add):
        (JSC::NumericStrings::lookup):
        (JSC::NumericStrings::lookupSmallString):

2010-03-03  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Allow static property getters to interact with JSCs caching
        https://bugs.webkit.org/show_bug.cgi?id=35716

        Add new opcodes for handling cached lookup of static value getters.
        More or less the same as with JS getters, all that changes is that
        instead of calling through a JSFunction we always know that we have
        a C function to call.

        For the patching routines in the JIT we now need to pass a few
        new parameters to allow us to pass enough information to the stub
        function to allow us to call the C function correctly.  Logically
        this shouldn't actually be necessary as all of these functions ignore
        the identifier, but removing the ident parameter would require
        somewhat involved changes to the way we implement getOwnPropertySlot,
        etc.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        * bytecode/Instruction.h:
        (JSC::Instruction::Instruction):
        (JSC::Instruction::):
        * bytecode/Opcode.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::getOwnPropertySlot):
        * runtime/Lookup.h:
        (JSC::getStaticPropertySlot):
        (JSC::getStaticValueSlot):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::):
        (JSC::PropertySlot::PropertySlot):
        (JSC::PropertySlot::cachedPropertyType):
        (JSC::PropertySlot::isCacheable):
        (JSC::PropertySlot::isCacheableValue):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setCacheableCustom):
        (JSC::PropertySlot::setGetterSlot):
        (JSC::PropertySlot::setCacheableGetterSlot):
        (JSC::PropertySlot::clearOffset):
        (JSC::PropertySlot::customGetter):

2010-03-04  Shinichiro Hamaji  <hamaji@chromium.org>

        Unreviewed. Remove a non-ASCII character introduced in the following bug.

        put_by_id does will incorrectly cache writes where a specific value exists, where at the point of caching the same value is being written.
        https://bugs.webkit.org/show_bug.cgi?id=35537

        * runtime/JSObject.h:
        (JSC::JSObject::putDirectInternal):

2010-03-04  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Make the OUTPUT_DIR variable in qmake projects independent of build-webkit's logic.

        This also allows shadow builds relying only on qmake to work properly.
        * jsc.pro:
        * qt/api/QtScript.pro:
        * qt/tests/qscriptengine/qscriptengine.pro:
        * qt/tests/qscriptvalue/qscriptvalue.pro:
        * qt/tests/tests.pri:

2010-03-03  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        QScriptValue::isObject fix.

        Fix broken internal state evaluation from JSValue to JSNative / JSObject.
        New function was introduced which should take care about promoting
        JSValue state inside QScriptValuePrivate. It should be used instead of a
        direct JSC C API call.

        The bug exposed a weakness in autotest suite, as the QScriptValuePrivate
        is based on state machine with lazy state evaluation, there is a possibility
        that serial sequencial calls to the same public const function could return
        different results. The patch fix the issue.

        [Qt] Sometimes QScriptValue::isObject returns an incorrect value
        https://bugs.webkit.org/show_bug.cgi?id=35387

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::isBool):
        (QScriptValuePrivate::isNumber):
        (QScriptValuePrivate::isNull):
        (QScriptValuePrivate::isString):
        (QScriptValuePrivate::isUndefined):
        (QScriptValuePrivate::isError):
        (QScriptValuePrivate::isObject):
        (QScriptValuePrivate::isFunction):
        (QScriptValuePrivate::call):
        (QScriptValuePrivate::refineJSValue):
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp:
        (tst_QScriptValue::initScriptValues):
        (tst_QScriptValue::isValid_makeData):
        (tst_QScriptValue::isValid_test):
        (tst_QScriptValue::isBool_makeData):
        (tst_QScriptValue::isBool_test):
        (tst_QScriptValue::isBoolean_makeData):
        (tst_QScriptValue::isBoolean_test):
        (tst_QScriptValue::isNumber_makeData):
        (tst_QScriptValue::isNumber_test):
        (tst_QScriptValue::isFunction_test):
        (tst_QScriptValue::isNull_makeData):
        (tst_QScriptValue::isNull_test):
        (tst_QScriptValue::isString_makeData):
        (tst_QScriptValue::isString_test):
        (tst_QScriptValue::isUndefined_makeData):
        (tst_QScriptValue::isUndefined_test):
        (tst_QScriptValue::isObject_makeData):
        (tst_QScriptValue::isObject_test):
        (tst_QScriptValue::toString_makeData):
        (tst_QScriptValue::toString_test):
        (tst_QScriptValue::toNumber_makeData):
        (tst_QScriptValue::toNumber_test):
        (tst_QScriptValue::toBool_makeData):
        (tst_QScriptValue::toBool_test):
        (tst_QScriptValue::toBoolean_makeData):
        (tst_QScriptValue::toBoolean_test):
        (tst_QScriptValue::toInteger_makeData):
        (tst_QScriptValue::toInteger_test):
        (tst_QScriptValue::toInt32_makeData):
        (tst_QScriptValue::toInt32_test):
        (tst_QScriptValue::toUInt32_makeData):
        (tst_QScriptValue::toUInt32_test):
        (tst_QScriptValue::toUInt16_makeData):
        (tst_QScriptValue::toUInt16_test):

2010-03-03  Chao-ying Fu  <fu@mips.com>

        Reviewed by Gavin Barraclough.

        MIPS JIT Supports
        https://bugs.webkit.org/show_bug.cgi?id=30144

        The following changes enable MIPS YARR and YARR_JIT.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MIPSAssembler.h: Added.
        (JSC::MIPSRegisters::):
        (JSC::MIPSAssembler::MIPSAssembler):
        (JSC::MIPSAssembler::):
        (JSC::MIPSAssembler::JmpSrc::JmpSrc):
        (JSC::MIPSAssembler::JmpDst::JmpDst):
        (JSC::MIPSAssembler::JmpDst::isUsed):
        (JSC::MIPSAssembler::JmpDst::used):
        (JSC::MIPSAssembler::emitInst):
        (JSC::MIPSAssembler::nop):
        (JSC::MIPSAssembler::loadDelayNop):
        (JSC::MIPSAssembler::copDelayNop):
        (JSC::MIPSAssembler::move):
        (JSC::MIPSAssembler::li):
        (JSC::MIPSAssembler::lui):
        (JSC::MIPSAssembler::addiu):
        (JSC::MIPSAssembler::addu):
        (JSC::MIPSAssembler::subu):
        (JSC::MIPSAssembler::mult):
        (JSC::MIPSAssembler::mfhi):
        (JSC::MIPSAssembler::mflo):
        (JSC::MIPSAssembler::mul):
        (JSC::MIPSAssembler::andInsn):
        (JSC::MIPSAssembler::andi):
        (JSC::MIPSAssembler::nor):
        (JSC::MIPSAssembler::orInsn):
        (JSC::MIPSAssembler::ori):
        (JSC::MIPSAssembler::xorInsn):
        (JSC::MIPSAssembler::xori):
        (JSC::MIPSAssembler::slt):
        (JSC::MIPSAssembler::sltu):
        (JSC::MIPSAssembler::sltiu):
        (JSC::MIPSAssembler::sll):
        (JSC::MIPSAssembler::sllv):
        (JSC::MIPSAssembler::sra):
        (JSC::MIPSAssembler::srav):
        (JSC::MIPSAssembler::lw):
        (JSC::MIPSAssembler::lwl):
        (JSC::MIPSAssembler::lwr):
        (JSC::MIPSAssembler::lhu):
        (JSC::MIPSAssembler::sw):
        (JSC::MIPSAssembler::jr):
        (JSC::MIPSAssembler::jalr):
        (JSC::MIPSAssembler::jal):
        (JSC::MIPSAssembler::bkpt):
        (JSC::MIPSAssembler::bgez):
        (JSC::MIPSAssembler::bltz):
        (JSC::MIPSAssembler::beq):
        (JSC::MIPSAssembler::bne):
        (JSC::MIPSAssembler::bc1t):
        (JSC::MIPSAssembler::bc1f):
        (JSC::MIPSAssembler::newJmpSrc):
        (JSC::MIPSAssembler::appendJump):
        (JSC::MIPSAssembler::addd):
        (JSC::MIPSAssembler::subd):
        (JSC::MIPSAssembler::muld):
        (JSC::MIPSAssembler::lwc1):
        (JSC::MIPSAssembler::ldc1):
        (JSC::MIPSAssembler::swc1):
        (JSC::MIPSAssembler::sdc1):
        (JSC::MIPSAssembler::mtc1):
        (JSC::MIPSAssembler::mfc1):
        (JSC::MIPSAssembler::truncwd):
        (JSC::MIPSAssembler::cvtdw):
        (JSC::MIPSAssembler::ceqd):
        (JSC::MIPSAssembler::cngtd):
        (JSC::MIPSAssembler::cnged):
        (JSC::MIPSAssembler::cltd):
        (JSC::MIPSAssembler::cled):
        (JSC::MIPSAssembler::cueqd):
        (JSC::MIPSAssembler::coled):
        (JSC::MIPSAssembler::coltd):
        (JSC::MIPSAssembler::culed):
        (JSC::MIPSAssembler::cultd):
        (JSC::MIPSAssembler::label):
        (JSC::MIPSAssembler::align):
        (JSC::MIPSAssembler::getRelocatedAddress):
        (JSC::MIPSAssembler::getDifferenceBetweenLabels):
        (JSC::MIPSAssembler::size):
        (JSC::MIPSAssembler::executableCopy):
        (JSC::MIPSAssembler::getCallReturnOffset):
        (JSC::MIPSAssembler::linkJump):
        (JSC::MIPSAssembler::linkCall):
        (JSC::MIPSAssembler::linkPointer):
        (JSC::MIPSAssembler::relinkJump):
        (JSC::MIPSAssembler::relinkCall):
        (JSC::MIPSAssembler::repatchInt32):
        (JSC::MIPSAssembler::repatchPointer):
        (JSC::MIPSAssembler::repatchLoadPtrToLEA):
        (JSC::MIPSAssembler::relocateJumps):
        (JSC::MIPSAssembler::linkWithOffset):
        (JSC::MIPSAssembler::linkCallInternal):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerMIPS.h: Added.
        (JSC::MacroAssemblerMIPS::MacroAssemblerMIPS):
        (JSC::MacroAssemblerMIPS::):
        (JSC::MacroAssemblerMIPS::add32):
        (JSC::MacroAssemblerMIPS::and32):
        (JSC::MacroAssemblerMIPS::lshift32):
        (JSC::MacroAssemblerMIPS::mul32):
        (JSC::MacroAssemblerMIPS::not32):
        (JSC::MacroAssemblerMIPS::or32):
        (JSC::MacroAssemblerMIPS::rshift32):
        (JSC::MacroAssemblerMIPS::sub32):
        (JSC::MacroAssemblerMIPS::xor32):
        (JSC::MacroAssemblerMIPS::load32):
        (JSC::MacroAssemblerMIPS::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerMIPS::load32WithAddressOffsetPatch):
        (JSC::MacroAssemblerMIPS::loadPtrWithPatchToLEA):
        (JSC::MacroAssemblerMIPS::loadPtrWithAddressOffsetPatch):
        (JSC::MacroAssemblerMIPS::load16):
        (JSC::MacroAssemblerMIPS::store32WithAddressOffsetPatch):
        (JSC::MacroAssemblerMIPS::store32):
        (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
        (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
        (JSC::MacroAssemblerMIPS::pop):
        (JSC::MacroAssemblerMIPS::push):
        (JSC::MacroAssemblerMIPS::move):
        (JSC::MacroAssemblerMIPS::swap):
        (JSC::MacroAssemblerMIPS::signExtend32ToPtr):
        (JSC::MacroAssemblerMIPS::zeroExtend32ToPtr):
        (JSC::MacroAssemblerMIPS::branch32):
        (JSC::MacroAssemblerMIPS::branch32WithUnalignedHalfWords):
        (JSC::MacroAssemblerMIPS::branch16):
        (JSC::MacroAssemblerMIPS::branchTest32):
        (JSC::MacroAssemblerMIPS::jump):
        (JSC::MacroAssemblerMIPS::branchAdd32):
        (JSC::MacroAssemblerMIPS::branchMul32):
        (JSC::MacroAssemblerMIPS::branchSub32):
        (JSC::MacroAssemblerMIPS::breakpoint):
        (JSC::MacroAssemblerMIPS::nearCall):
        (JSC::MacroAssemblerMIPS::call):
        (JSC::MacroAssemblerMIPS::ret):
        (JSC::MacroAssemblerMIPS::set32):
        (JSC::MacroAssemblerMIPS::setTest32):
        (JSC::MacroAssemblerMIPS::moveWithPatch):
        (JSC::MacroAssemblerMIPS::branchPtrWithPatch):
        (JSC::MacroAssemblerMIPS::storePtrWithPatch):
        (JSC::MacroAssemblerMIPS::tailRecursiveCall):
        (JSC::MacroAssemblerMIPS::makeTailRecursiveCall):
        (JSC::MacroAssemblerMIPS::loadDouble):
        (JSC::MacroAssemblerMIPS::storeDouble):
        (JSC::MacroAssemblerMIPS::addDouble):
        (JSC::MacroAssemblerMIPS::subDouble):
        (JSC::MacroAssemblerMIPS::mulDouble):
        (JSC::MacroAssemblerMIPS::convertInt32ToDouble):
        (JSC::MacroAssemblerMIPS::insertRelaxationWords):
        (JSC::MacroAssemblerMIPS::branchTrue):
        (JSC::MacroAssemblerMIPS::branchFalse):
        (JSC::MacroAssemblerMIPS::branchEqual):
        (JSC::MacroAssemblerMIPS::branchNotEqual):
        (JSC::MacroAssemblerMIPS::branchDouble):
        (JSC::MacroAssemblerMIPS::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerMIPS::linkCall):
        (JSC::MacroAssemblerMIPS::repatchCall):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):

2010-03-03  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:

2010-03-03  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/jsc/jsc.vcproj:

2010-03-03  Mark Rowe  <mrowe@apple.com>

        Reviewed by Geoff Garen.

        Add virtual memory tags for TCMalloc and WebCore's purgeable buffers.

        * wtf/TCSystemAlloc.cpp:
        (TryMmap): Use the VM tag.
        * wtf/VMTags.h: Make use of VM_MEMORY_TCMALLOC and VM_MEMORY_WEBCORE_PURGEABLE_BUFFERS.

2010-03-03  Steve Falkenburg  <sfalken@apple.com>

        Rubber stamped by Adam Roben.

        Fix bogus xcopy that was polluting source tree at build time.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:

2010-03-02  Fridrich Strba  <fridrich.strba@bluewin.ch>

        Reviewed by Oliver Hunt.

        Allow building smoothly on win32 and win64 using GCC
        https://bugs.webkit.org/show_bug.cgi?id=35607

        * jit/JITStubs.h:
        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlockPtr):
        (JSC::currentThreadStackBase):

2010-03-02  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by David Levin.

        Revert database thread changes that are no longer required
        https://bugs.webkit.org/show_bug.cgi?id=35519

        Jochen Eisinger created 55214 and 55247 to track which database
        owns which thread.  Dmitry suggested that this could also
        be done via TLS, though.  After exploring the options, Jochen
        chose to go the TLS route, so these patches are no longer needed.

        * wtf/Threading.h:
        * wtf/ThreadingNone.cpp:
        (WTF::isMainThread):
        * wtf/ThreadingPthreads.cpp:
        (WTF::identifierByPthreadHandle):
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::pthreadHandleForIdentifier):
        (WTF::createThreadInternal):
        (WTF::currentThread):
        * wtf/ThreadingWin.cpp:
        (WTF::threadMap):
        (WTF::storeThreadHandleByIdentifier):
        (WTF::threadHandleForIdentifier):
        (WTF::createThreadInternal):

2010-03-02  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Fix QScriptValue::toString().

        More ECMA Script compliance, especially for values as NaN, Inifinite
        and really big/small numbers.

        [Qt] QScriptValue::toString() returns incorrect values
        https://bugs.webkit.org/show_bug.cgi?id=34850

        * qt/api/qscriptconverter_p.h:
        (QScriptConverter::toString):
        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::toString):
        * qt/tests/qscriptvalue/tst_qscriptvalue.cpp:
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp:
        (tst_QScriptValue::toString_initData):
        (tst_QScriptValue::toString_makeData):
        (tst_QScriptValue::toString_test):

2010-03-02  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Introduce a new class; QScriptString.

        The QScriptString class should act as a handle to "interned"
        strings in a QScriptEngine.

        [Qt] QtScript should provide QScriptString
        https://bugs.webkit.org/show_bug.cgi?id=34843

        * qt/api/QtScript.pro:
        * qt/api/qscriptengine.cpp:
        (QScriptEngine::toStringHandle):
        * qt/api/qscriptengine.h:
        * qt/api/qscriptengine_p.h:
        (QScriptEnginePrivate::toStringHandle):
        * qt/api/qscriptstring.cpp: Added.
        (QScriptString::QScriptString):
        (QScriptString::~QScriptString):
        (QScriptString::operator=):
        (QScriptString::isValid):
        (QScriptString::operator==):
        (QScriptString::operator!=):
        (QScriptString::toArrayIndex):
        (QScriptString::toString):
        (QScriptString::operator QString):
        (qHash):
        * qt/api/qscriptstring.h: Added.
        * qt/api/qscriptstring_p.h: Added.
        (QScriptStringPrivate::QScriptStringPrivate):
        (QScriptStringPrivate::~QScriptStringPrivate):
        (QScriptStringPrivate::get):
        (QScriptStringPrivate::isValid):
        (QScriptStringPrivate::operator==):
        (QScriptStringPrivate::operator!=):
        (QScriptStringPrivate::toArrayIndex):
        (QScriptStringPrivate::toString):
        (QScriptStringPrivate::id):
        * qt/tests/qscriptstring/qscriptstring.pro: Added.
        * qt/tests/qscriptstring/tst_qscriptstring.cpp: Added.
        (tst_QScriptString::tst_QScriptString):
        (tst_QScriptString::~tst_QScriptString):
        (tst_QScriptString::test):
        (tst_QScriptString::hash):
        (tst_QScriptString::toArrayIndex_data):
        (tst_QScriptString::toArrayIndex):
        * qt/tests/tests.pro:

2010-03-02  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Export function on windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-03-01  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Refactor named getter function signature to be in line with indexing getter signature
        https://bugs.webkit.org/show_bug.cgi?id=35563

        This removes the PropertySlot argument from getter functions, and makes them directly
        pass the slot base.  This makes the semantics for the functions match that of the
        indexing getters.

        On the down side, this means that we can no longer simply use a proxy function for
        JS getters, so we now add another marker value to indicate that a getter is present
        and branch accordingly.

        Against all rationality sunspider reports this as a perf win, but i suspect it's just noise.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::staticValueGetter):
        (JSC::::staticFunctionGetter):
        (JSC::::callbackGetter):
        * JavaScriptCore.exp:
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::argumentsGetter):
        (JSC::JSFunction::callerGetter):
        (JSC::JSFunction::lengthGetter):
        * runtime/JSFunction.h:
        * runtime/NumberConstructor.cpp:
        (JSC::numberConstructorNaNValue):
        (JSC::numberConstructorNegInfinity):
        (JSC::numberConstructorPosInfinity):
        (JSC::numberConstructorMaxValue):
        (JSC::numberConstructorMinValue):
        * runtime/PropertySlot.cpp:
        (JSC::PropertySlot::functionGetter):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::getValue):
        (JSC::PropertySlot::setGetterSlot):
        (JSC::PropertySlot::setCacheableGetterSlot):
        * runtime/RegExpConstructor.cpp:
        (JSC::regExpConstructorDollar1):
        (JSC::regExpConstructorDollar2):
        (JSC::regExpConstructorDollar3):
        (JSC::regExpConstructorDollar4):
        (JSC::regExpConstructorDollar5):
        (JSC::regExpConstructorDollar6):
        (JSC::regExpConstructorDollar7):
        (JSC::regExpConstructorDollar8):
        (JSC::regExpConstructorDollar9):
        (JSC::regExpConstructorInput):
        (JSC::regExpConstructorMultiline):
        (JSC::regExpConstructorLastMatch):
        (JSC::regExpConstructorLastParen):
        (JSC::regExpConstructorLeftContext):
        (JSC::regExpConstructorRightContext):
        * runtime/RegExpObject.cpp:
        (JSC::regExpObjectGlobal):
        (JSC::regExpObjectIgnoreCase):
        (JSC::regExpObjectMultiline):
        (JSC::regExpObjectSource):
        (JSC::regExpObjectLastIndex):

2010-03-01  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        PropertySlot::getValue(ExecState, unsigned) unnecessarily converts index to an Identifier
        https://bugs.webkit.org/show_bug.cgi?id=35561

        Fix this by defining a separate property getter function for index getters.  This allows
        us to pass an unsigned number without the conversion to an Identifier.  We then update
        setCustomIndex to take this new getter type.

        * runtime/PropertySlot.h:
        (JSC::PropertySlot::getValue):
        (JSC::PropertySlot::setCustom):
        (JSC::PropertySlot::setCustomIndex):

2010-03-01  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Bug 35537 - put_by_id does will incorrectly cache writes where a specific value exists,
                    where at the point of caching the same value is being written.

        When performing a put_by_id that is replacing a property already present on the object,
        there are three interesting cases regarding the state of the specific value:

        (1) No specific value set - nothing to do, leave the structure in it's current state,
            can cache.
        (2) A specific value was set, the new put is not of a specified value (i.e. function),
            or is of a different specific value - in these cases we need to perform a despecifying
            transition to clear the specific value in the structure, but having done so this is a
            normal property so as such we can again cache normally.
        (3) A specific value was set, and we are overwriting with the same value - in these cases
            leave the structure unchanged, but since a specific value is set we cannot cache this
            put (we would need the JIT to dynamically check the value being written matched).

        Unfortunately, the current behaviour does not match this.  the checks for a specific value
        being present & the value matching are combined in such a way that in case (2), above we
        will unnecessarily prevent the transition being cached, but in case (3) we will incorrectly
        fail to prevent caching.

        The bug exposes itself if multiple puts of the same specific value are performed to a
        property, and erroneously the put is allowed to be cached by the JIT.  Method checks may be
        generated caching calls of this structure.  Subsequent puts performed from JIT code may
        write different values without triggering a despecify transition, and as such cached method
        checks will continue to pass, despite the value having changed.

        * runtime/JSObject.h:
        (JSC::JSObject::putDirectInternal):

2010-03-01  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        Fix the Qt build on Mac OS X/Cocoa 64-bit

        * JavaScriptCore.pri: Add missing implementation file to resolve JSC symbols

2010-02-26  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Geoff Garen.

        Remove wrec.  All builds should have switched to yarr by now.

        * Android.mk:
        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * wrec: Removed.
        * wrec/CharacterClass.cpp: Removed.
        * wrec/CharacterClass.h: Removed.
        * wrec/CharacterClassConstructor.cpp: Removed.
        * wrec/CharacterClassConstructor.h: Removed.
        * wrec/Escapes.h: Removed.
        * wrec/Quantifier.h: Removed.
        * wrec/WREC.cpp: Removed.
        * wrec/WREC.h: Removed.
        * wrec/WRECFunctors.cpp: Removed.
        * wrec/WRECFunctors.h: Removed.
        * wrec/WRECGenerator.cpp: Removed.
        * wrec/WRECGenerator.h: Removed.
        * wrec/WRECParser.cpp: Removed.
        * wrec/WRECParser.h: Removed.
        * wscript:

2010-02-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Make the lookup table generator include an explicit cast to expected
        type of the function.  We do this because otherwise the blind intptr_t
        cast that is subsequently applied allows incorrectly typed functions
        to be inserted into the table, where they will only fail at runtime.
        This change makes such errors produce a compile time failure.

        * create_hash_table:

2010-02-26  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        [Qt] Symbian specific getCPUTime implemetation
        https://bugs.webkit.org/show_bug.cgi?id=34742

        Default implementation doesn't work on Symbian devices.
        This change adds a proper implementation by
        asking thread execution time from the current thread.

        * runtime/TimeoutChecker.cpp:
        (JSC::getCPUTime):

2010-02-25  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Anders Carlsson.

        https://bugs.webkit.org/show_bug.cgi?id=35406
        <rdar://problem/6945502> Make generic array methods work with JavaArray

        Renamed lazyCreationData to subclassData. This is extra data that can be used by JSArray
        subclasses (you can't add new data members, because it wouldn't fit in JSCell otherwise).

        * JavaScriptCore.exp:
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::JSArray::subclassData):
        (JSC::JSArray::setSubclassData):
        * runtime/JSArray.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpMatchesArray::RegExpMatchesArray):
        (JSC::RegExpMatchesArray::~RegExpMatchesArray):
        (JSC::RegExpMatchesArray::fillArrayInstance):
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertySlot):
        (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
        (JSC::RegExpMatchesArray::put):
        (JSC::RegExpMatchesArray::deleteProperty):
        (JSC::RegExpMatchesArray::getOwnPropertyNames):

2010-02-25  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        JSC crashes like crazy in the JSPropertyNameIterator destructor

        Add back null check of m_cachedStructure.  Curse last minute changes.

        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):

2010-02-25  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Race condition in JSPropertyNameIterator and Structure destruction
        https://bugs.webkit.org/show_bug.cgi?id=35398

        JSPropertyNameIterator and Structure have a cyclic dependency that they
        manage by clearing the appropriate reference in each other during their
        destruction.  However if the Structure is destroyed while the 
        JSPropertyNameIterator is dead but not yet finalized the Structures
        WeakGCPtr will return null, and so prevent Structure from clearing
        the m_cachedStructure pointer of the iterator.  When the iterator is
        then finalised the m_cachedStructure is invalid, and the attempt to
        clear the structures back reference fails.

        To fix this we simply make JSPropertyNameIterator keep the Structure
        alive, using the weak pointer to break the ref cycle.

        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
          The iterator now keeps m_cachedStructure alive itself, so no longer needs
          to check for it being cleared
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::setCachedStructure):
          Add an assertion to ensure correct usage
        (JSC::JSPropertyNameIterator::cachedStructure):
          Add .get()
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
          Add an assertion that our iterator isn't already dead, and remove
          the now unnecessary attempt to clear the ref in the iterator
        * runtime/WeakGCPtr.h:
        (JSC::WeakGCPtr::hasDeadObject):
          An assert-only function to allow us to assert correct behaviour
          in the Structure destructor

2010-02-25  Jochen Eisinger  <jochen@chromium.org>
 
        Reviewed by Jeremy Orlow.
 
        Make the context that was passed to the ThreadFunction accessible.
        https://bugs.webkit.org/show_bug.cgi?id=35379

        When a database is opened, right now you
        don't have any context from where it is opened. The problem is that
        the actual calls that open a database go through the sqlite3 vfs
        layer, so there's no easy way to pass this function down to to
        platform/sql/chromium/SQLFileSystemChromium*.cpp

        This patch will allow you to get from anywhere within webkit a pointer
        to the Thread object that actually created the thread you're currently
        on (in case of the database, this can be either a thread forked of
        from the main thread or from a worker thread), and query the object
        for context information.

        * wtf/Threading.h:
        * wtf/ThreadingNone.cpp:
        (WTF::threadContext):
        * wtf/ThreadingPthreads.cpp:
        (WTF::):
        (WTF::identifierByPthreadHandle):
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::pthreadHandleForIdentifier):
        (WTF::contextForIdentifier):
        (WTF::createThreadInternal):
        (WTF::currentThread):
        (WTF::threadContext):
        * wtf/ThreadingWin.cpp:
        (WTF::):
        (WTF::threadMap):
        (WTF::storeThreadHandleByIdentifier):
        (WTF::threadHandleForIdentifier):
        (WTF::contextForIdentifier):
        (WTF::createThreadInternal):
        (WTF::threadContext):

2010-02-25  Jeremy Orlow  <jorlow@chromium.org>

        Reverting to re-submit with better change log.

        * wtf/Threading.h:
        * wtf/ThreadingNone.cpp:
        (WTF::isMainThread):
        * wtf/ThreadingPthreads.cpp:
        (WTF::identifierByPthreadHandle):
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::pthreadHandleForIdentifier):
        (WTF::createThreadInternal):
        (WTF::currentThread):
        * wtf/ThreadingWin.cpp:
        (WTF::threadMap):
        (WTF::storeThreadHandleByIdentifier):
        (WTF::threadHandleForIdentifier):
        (WTF::createThreadInternal):

2010-02-25  Jochen Eisinger  <jochen@chromium.org>

        Reviewed by Jeremy Orlow.

        Make the context that was passed to the ThreadFunction accessible.
        https://bugs.webkit.org/show_bug.cgi?id=35379

        * wtf/Threading.h:
        * wtf/ThreadingNone.cpp:
        (WTF::threadContext):
        * wtf/ThreadingPthreads.cpp:
        (WTF::):
        (WTF::identifierByPthreadHandle):
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::pthreadHandleForIdentifier):
        (WTF::contextForIdentifier):
        (WTF::createThreadInternal):
        (WTF::currentThread):
        (WTF::threadContext):
        * wtf/ThreadingWin.cpp:
        (WTF::):
        (WTF::threadMap):
        (WTF::storeThreadHandleByIdentifier):
        (WTF::threadHandleForIdentifier):
        (WTF::contextForIdentifier):
        (WTF::createThreadInternal):
        (WTF::threadContext):

2010-02-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        [REGRESSION in r55185] EXC_BAD_ACCESS on opening inspector.
        https://bugs.webkit.org/show_bug.cgi?id=35335

        compileGetDirectOffset modifies the contents of the object register
        when the object is not using the inline storage array.  As the object
        register contains our 'this' pointer we can't allow it to be clobbered.
        The fix is simply to copy the register into a separate scratch register
        when we're loading off an object that doesn't use inline storage.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdSelfList):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::privateCompileGetByIdSelfList):

2010-02-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Speed up getter performance in the jit
        https://bugs.webkit.org/show_bug.cgi?id=35332

        Implement getter lookup caching in the interpreter.
        The getter stubs are generated through basically the
        same code paths as the normal get_by_id caching.
        Instead of simply loading a property and returning,
        we load the getter slot, and pass the getter, base value
        and return address to a shared stub used for getter
        dispatch.

        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITPropertyAccess32_64.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
        * runtime/GetterSetter.h:

2010-02-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Web Inspector: Regression: r55027+: Inspector broken
        https://bugs.webkit.org/show_bug.cgi?id=35253

        op_get_by_id_getter_chain was not passing the correct this parameter.
        The bug was caused by incorrect use of baseCell instead of baseValue,
        baseValue contains the original object for the lookup (and hence the
        correct this object), baseCell is clobbered as part of walking the
        prototype chain.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2010-02-23  Gustavo Noronha Silva  <gns@gnome.org>

        Rubber-stamped by Dimitri Glazkov.

        Chromium build fix.

        * JavaScriptCore.gyp/JavaScriptCore.gyp:

2010-02-23  Leandro Pereira  <leandro@profusion.mobi>

        Reviewed by Gustavo Noronha Silva.

        Changes references of GOwnPtr to reflect their new place.
        http://webkit.org/b/35084

        * JavaScriptCore/JavaScriptCore.gypi:
        * JavaScriptCore/wtf/Threading.h:
        * JavaScriptCore/wtf/unicode/glib/UnicodeGLib.h:

2010-02-23  Leandro Pereira  <leandro@profusion.mobi>

        Reviewed by Kenneth Rohde Christiansen.

        Adding the EFL implementation of JavaScriptCore.
        See https://bugs.webkit.org/show_bug.cgi?id=35084 for details.

        * GNUmakefile.am: Updated to reflect the new location of GOwnPtr and
                          GRefPtr.
        * wtf/efl/MainThreadEfl.cpp: Added.
        * wtf/gobject/GOwnPtr.cpp: Moved from wtf/gtk.
        * wtf/gobject/GOwnPtr.h: Moved from wtf/gtk.
        * wtf/gobject/GRefPtr.cpp: Moved from wtf/gtk.
        * wtf/gobject/GRefPtr.h: Moved from wtf/gtk.

2010-02-22  Julien Chaffraix  <jchaffraix@webkit.org>

        Reviewed by Darin Adler.

        Remove auto_ptr usage in JavaScriptCore.
        https://bugs.webkit.org/show_bug.cgi?id=35221

        * parser/Nodes.h: Removed now unneeded adopt method.
        * parser/Parser.cpp: Removed <memory> include as it is not required anymore.
        * wtf/OwnPtr.h: Removed the constructor from auto_ptr.
        * wtf/VectorTraits.h: Removed a template specialization for auto_ptr.
        * wtf/unicode/Collator.h: Made userDefault return a PassOwnPtr.
        * wtf/unicode/CollatorDefault.cpp:
        (WTF::Collator::userDefault): Changed the method to match the next signature.
        * wtf/unicode/icu/CollatorICU.cpp:
        (WTF::Collator::userDefault): Ditto.

2010-02-22  Huahui Wu  <hwu@google.com>

        Reviewed by Eric Seidel.

        Add code that enables SquirrelFish Extreme (a.k.a JSCX, JSC JIT)
        in Android. It's disabled by default, but is enabled when the 
        enveronment variable ENABLE_JSC_JIT is set to true.
        https://bugs.webkit.org/show_bug.cgi?id=34855

        * Android.mk:
        * wtf/Platform.h:

2010-02-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        JSStringBuilder should not CRASH if allocation fails, it should throw a JSException.

        * runtime/JSGlobalObjectFunctions.cpp:
        * runtime/JSStringBuilder.h:
        (JSC::JSStringBuilder::JSStringBuilder):
        (JSC::JSStringBuilder::append):
        (JSC::JSStringBuilder::build):
        * runtime/StringBuilder.h:
        (JSC::StringBuilder::build):
        * wtf/Vector.h:
        (WTF::VectorBufferBase::tryAllocateBuffer):
        (WTF::):
        (WTF::VectorBuffer::tryAllocateBuffer):
        (WTF::::tryExpandCapacity):
        (WTF::::tryReserveCapacity):
        (WTF::::tryAppend):

2010-02-22  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Map FastMalloc to BREW memory allocator
        https://bugs.webkit.org/show_bug.cgi?id=33570

        Use MALLOC macro instead of the standard malloc function.
        Although RVCT provides malloc, we can't use it in BREW
        because the loader does not initialize the base address properly.

        * wtf/FastMalloc.cpp:
        * wtf/brew/SystemMallocBrew.h: Added.
        (mallocBrew):
        (callocBrew):
        (freeBrew):
        (reallocBrew):

2010-02-22  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Build fix for make distcheck.

        * GNUmakefile.am:

2010-02-22  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed build fix.

        [Qt] Build fix for RVCT.

        Fix after r55024. The "-i" option is for perl not for the
        script.

        * DerivedSources.pro:

2010-02-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Make UString::m_data be const, and make the UChar owned/ref-counted by CrossThreadRefCounted be const too.

        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::baseSharedBuffer):
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::create):
        (JSC::UStringImpl::data):
        (JSC::UStringImpl::UStringImpl):
        * wtf/OwnFastMallocPtr.h:
        (WTF::OwnFastMallocPtr::~OwnFastMallocPtr):

2010-02-21  Yuta Kitamura  <yutak@chromium.org>

        Reviewed by Darin Adler.

        HashMapTranslatorAdapter::translate() needs to set the mapped value.

        HTTPHeaderMap::add(const char*, const String&) does not work
        https://bugs.webkit.org/show_bug.cgi?id=35227

        * wtf/HashMap.h:
        (WTF::HashMapTranslatorAdapter::translate):

2010-02-19  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by David Levin.

        Add an ENABLE flag for sandboxed iframes to make it possible to disable it in releases
        https://bugs.webkit.org/show_bug.cgi?id=35147

        * Configurations/FeatureDefines.xcconfig:

2010-02-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        JSString::getIndex() calls value() to resolve the string value (is a rope)
        to a UString, then passes the result to jsSingleCharacterSubstring without
        checking for an exception.  In case of out-of-memory the returned UString
        is null(), which may result in an out-of-buounds substring being created.
        This is bad.

        Simple fix is to be able to get an index from a rope without resolving to
        UString.  This may be a useful optimization in some test cases.

        The same bug exists in some other methods is JSString, these can be fixed
        by changing them to call getIndex().

        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::jsSingleCharacterSubstring):
        (JSC::JSString::getIndex):
        (JSC::jsSingleCharacterString):
        (JSC::JSString::getStringPropertySlot):
        * runtime/UStringImpl.cpp:
        (JSC::singleCharacterSubstring):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::singleCharacterSubstring):

2010-02-19  Oliver Hunt  <oliver@apple.com>

        RS = Gavin Barraclough.

        Split the 32/64 version of JITPropertyAccess into a separate file.

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * jit/JITPropertyAccess.cpp:
        * jit/JITPropertyAccess32_64.cpp: Added.
        (JSC::JIT::emit_op_put_by_index):
        (JSC::JIT::emit_op_put_getter):
        (JSC::JIT::emit_op_put_setter):
        (JSC::JIT::emit_op_del_by_id):
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emitSlow_op_method_check):
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::testPrototype):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchMethodCallProto):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        (JSC::JIT::emit_op_get_by_pname):
        (JSC::JIT::emitSlow_op_get_by_pname):

2010-02-19  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Laszlo Gombos.

        Added additional parameter to create_rvct_stubs 
        for setting the regularexpression prefix.
        Renamed it because it now works for other platforms too.
        https://bugs.webkit.org/show_bug.cgi?id=34951

        * DerivedSources.pro:
        * create_jit_stubs: Copied from JavaScriptCore/create_rvct_stubs.
        * create_rvct_stubs: Removed.

2010-02-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Improve interpreter getter performance
        https://bugs.webkit.org/show_bug.cgi?id=35138

        Improve the performance of getter dispatch by making it possible
        for the interpreter to cache the GetterSetter object lookup.

        To do this we simply need to make PropertySlot aware of getters
        as a potentially cacheable property, and record the base and this
        objects for a getter access.  This allows us to use more-or-less
        identical code to that used by the normal get_by_id caching, with
        the dispatch being the only actual difference.

        I'm holding off of implementing this in the JIT until I do some
        cleanup to try and making coding in the JIT not be as horrible
        as it is currently.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        * bytecode/Opcode.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSObject.cpp:
        (JSC::JSObject::fillGetterPropertySlot):
        * runtime/PropertySlot.cpp:
        (JSC::PropertySlot::functionGetter):
        * runtime/PropertySlot.h:
        (JSC::PropertySlot::isGetter):
        (JSC::PropertySlot::isCacheable):
        (JSC::PropertySlot::isCacheableValue):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setGetterSlot):
        (JSC::PropertySlot::setCacheableGetterSlot):
        (JSC::PropertySlot::clearOffset):
        (JSC::PropertySlot::thisValue):

2010-02-17  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed a portion of:
        <rdar://problem/7165917> | https://bugs.webkit.org/show_bug.cgi?id=28676
        Safari 4 does not release memory back to the operating system fast enough (28676)
        
        This patch fixes a surprisingly common edge case in which the page heap
        would have only one free span, but that span would be larger than the
        minimum free size, so we would decide not to free it, even though it
        could be as large as 100MB or more!
        
        SunSpider reports no change on Mac or Windows.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::scavenge): Call shouldContinueScavenging() instead
        of doing the math ourselves. Don't keep a local value for pagesDecommitted
        because that lets free_committed_pages_ be wrong temporarily. Instead,
        update free_committed_pages_ as we go. ASSERT that we aren't releasing
        a span that has already been released, because we think this is impossible.
        Finally, don't be afraid to release all free memory in the page heap when
        scavenging. We only scavenge after 5 seconds of the application's working
        set not growing, and we keep both thread caches and a central cache on
        top of the page heap, so the extra free pages in the page heap were just
        overkill.

2010-02-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=35070
        Addition of 2 strings of length 2^31 may result in a string of length 0.

        Check for overflow when creating a new JSString as a result of an addition
        or concatenation, throw an out of memory exception.

        * runtime/JSString.h:
        (JSC::):
        * runtime/Operations.h:
        (JSC::jsString):

2010-02-17  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Gustavo Noronha.

        [Linux] Webkit incompatible with Java plugins
        https://bugs.webkit.org/show_bug.cgi?id=24912

        Add support for GFile to GOwnPtr.

        Based on original work by Gustavo Noronha.

        * wtf/gtk/GOwnPtr.cpp:
        (WTF::GFile):
        * wtf/gtk/GOwnPtr.h:

2010-02-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Mark Rowe.

        Fix a handful of other leaks seen on the buildbot.

        * runtime/UStringImpl.h:
        (JSC::UStringOrRopeImpl::deref): Delegate through to the subclass version of deref to ensure that
        the correct cleanup takes place.  This function previously featured some code that attempted to
        skip deletion of static UStringImpl's.  Closer inspection revealed that it was in fact equivalent
        to "if (false)", meaning that UStringImpl's which had their final deref performed via this function
        were leaked.

2010-02-16  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough.

        Fix a handful of leaks seen on the buildbot.

        * runtime/UStringImpl.h:
        (JSC::UStringOrRopeImpl::deref): Call URopeImpl::destructNonRecursive rather than delete
        to ensure that the rope's fibers are also destroyed.

2010-02-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=34964
        Leaks tool reports false memory leaks due to Rope implementation.

        A rope is a recursive data structure where each node in the rope holds a set of
        pointers, each of which may reference either a string (in UStringImpl form) or
        another rope node.  A low bit in each pointer is used to distinguish between
        rope & string elements, in a fashion similar to the recently-removed
        PtrAndFlags class (see https://bugs.webkit.org/show_bug.cgi?id=33731 ).  Again,
        this causes a problem for Leaks - refactor to remove the magic pointer
        mangling.

        Move Rope out from JSString.h and rename to URopeImpl, to match UStringImpl.
        Give UStringImpl and URopeImpl a common parent class, UStringOrRopeImpl.
        Repurpose an otherwise invalid permutation to flags (static & should report
        memory cost) to identify ropes.

        This allows us to change the rope's fibers to interrogate the object rather
        than storing a bool within the low bits of the pointer (or in some cases the
        use of a common parent class removes the need to determine the type at all -
        there is a common interface to ref or get the length of either ropes or strings).

        * API/JSClassRef.cpp:
        (OpaqueJSClass::OpaqueJSClass):
        (OpaqueJSClassContextData::OpaqueJSClassContextData):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::keyForCharacterSwitch):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        * runtime/Identifier.cpp:
        (JSC::Identifier::equal):
        (JSC::Identifier::addSlowCase):
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/JSString.h:
        (JSC::):
        (JSC::RopeBuilder::JSString):
        (JSC::RopeBuilder::~JSString):
        (JSC::RopeBuilder::appendStringInConstruct):
        (JSC::RopeBuilder::appendValueInConstructAndIncrementLength):
        (JSC::RopeBuilder::JSStringFinalizerStruct::JSStringFinalizerStruct):
        (JSC::RopeBuilder::JSStringFinalizerStruct::):
        * runtime/UString.cpp:
        (JSC::UString::toStrictUInt32):
        (JSC::equal):
        * runtime/UString.h:
        (JSC::UString::isEmpty):
        (JSC::UString::size):
        * runtime/UStringImpl.cpp:
        (JSC::URopeImpl::derefFibersNonRecursive):
        (JSC::URopeImpl::destructNonRecursive):
        * runtime/UStringImpl.h:
        (JSC::UStringOrRopeImpl::isRope):
        (JSC::UStringOrRopeImpl::length):
        (JSC::UStringOrRopeImpl::ref):
        (JSC::UStringOrRopeImpl::):
        (JSC::UStringOrRopeImpl::operator new):
        (JSC::UStringOrRopeImpl::UStringOrRopeImpl):
        (JSC::UStringImpl::adopt):
        (JSC::UStringImpl::createUninitialized):
        (JSC::UStringImpl::tryCreateUninitialized):
        (JSC::UStringImpl::data):
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::deref):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::):
        (JSC::URopeImpl::tryCreateUninitialized):
        (JSC::URopeImpl::initializeFiber):
        (JSC::URopeImpl::fiberCount):
        (JSC::URopeImpl::fibers):
        (JSC::URopeImpl::deref):
        (JSC::URopeImpl::URopeImpl):
        (JSC::URopeImpl::hasOneRef):
        (JSC::UStringOrRopeImpl::deref):

2010-02-15  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Fix the SP at ctiOpThrowNotCaught on Thumb2 (JSVALUE32)
        https://bugs.webkit.org/show_bug.cgi?id=34939

        * jit/JITStubs.cpp:

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Build Fix!).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Some general Rope related refactoring.

        Rename Rope::m_ropeLength to m_fiberCount, to be more descriptive.
        Rename Rope::m_stringLength to simply m_length (since this is the
        more conventional name for the length of a string).  Move append
        behaviour out into a new RopeBuilder class, so that Rope no longer
        needs any knowledge of the JSString or UString implementation.

        Make Rope no longer be nested within JSString.
        (Rope now no-longer need reside within JSString.h, but leaving
        the change of moving this out to a different header as a separate
        change from these renames).

        * JavaScriptCore.exp:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * runtime/JSString.cpp:
        (JSC::Rope::destructNonRecursive):
        (JSC::Rope::~Rope):
        (JSC::JSString::resolveRope):
        (JSC::JSString::toBoolean):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::Rope::Fiber::Fiber):
        (JSC::Rope::Fiber::deref):
        (JSC::Rope::Fiber::ref):
        (JSC::Rope::Fiber::refAndGetLength):
        (JSC::Rope::Fiber::isRope):
        (JSC::Rope::Fiber::rope):
        (JSC::Rope::Fiber::isString):
        (JSC::Rope::Fiber::string):
        (JSC::Rope::Fiber::nonFiber):
        (JSC::Rope::tryCreateUninitialized):
        (JSC::Rope::append):
        (JSC::Rope::fiberCount):
        (JSC::Rope::length):
        (JSC::Rope::fibers):
        (JSC::Rope::Rope):
        (JSC::Rope::operator new):
        (JSC::):
        (JSC::RopeBuilder::JSString):
        (JSC::RopeBuilder::~JSString):
        (JSC::RopeBuilder::length):
        (JSC::RopeBuilder::canGetIndex):
        (JSC::RopeBuilder::appendStringInConstruct):
        (JSC::RopeBuilder::appendValueInConstructAndIncrementLength):
        (JSC::RopeBuilder::isRope):
        (JSC::RopeBuilder::fiberCount):
        (JSC::JSString::getStringPropertySlot):
        * runtime/Operations.h:
        (JSC::jsString):

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Build fix).

        Add missing cast for !YARR (PPC) builds.

        * runtime/RegExp.cpp:
        (JSC::RegExp::match):

2010-02-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Many false leaks in release builds due to PtrAndFlags

        StructureTransitionTable was effectively a smart pointer type,
        one machine word in size and wholly contained as a member of
        of Structure.  It either pointed to an actual table, or could
        be used to describe a single transtion entry without use of a
        table.

        This, however, worked by using a PtrAndFlags, which is not
        compatible with the leaks tool.  Since there is no clear way to
        obtain another bit for 'free' here, and since there are bits
        available up in Structure, merge this functionality back up into
        Structure.  Having this in a separate class was quite clean
        from an enacapsulation perspective, but this solution doesn't
        seem to bad - all table access is now intermediated through the
        Structure::structureTransitionTableFoo methods, keeping the
        optimization fairly well contained.

        This was the last use of PtrAndFlags, so removing the file too.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.h:
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::~Structure):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::Structure::):
        (JSC::Structure::structureTransitionTableContains):
        (JSC::Structure::structureTransitionTableGet):
        (JSC::Structure::structureTransitionTableHasTransition):
        (JSC::Structure::structureTransitionTableRemove):
        (JSC::Structure::structureTransitionTableAdd):
        (JSC::Structure::structureTransitionTable):
        (JSC::Structure::setStructureTransitionTable):
        (JSC::Structure::singleTransition):
        (JSC::Structure::setSingleTransition):
        * runtime/StructureTransitionTable.h:
        * wtf/PtrAndFlags.h: Removed.

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Geoff Garen.

        Bug 34948 - tryMakeString should fail on error in length calculation

        Ooops! - "bool overflow" argument should have been "bool& overflow".

        * runtime/UString.h:
        (JSC::sumWithOverflow):
        (JSC::tryMakeString):

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Build Fix (pt 2!)).

        Some symbol names have changed, remove, will readd if required.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Build Fix (pt 1?)).

        Some symbol names have changed, remove, will readd if required.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-02-15  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Removed some mistaken code added in http://trac.webkit.org/changeset/53860.

        * API/APIShims.h:
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim): No need to start/stop the
        timeout checker when calling out from the API to the client; we want to
        monitor the VM for timeouts, not the client. This mistake was harmless /
        undetectable, since it's totally redundant with the APIEntryShim, which
        also starts / stops the timeout checker.

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 34952 - String lengths in UString should be unsigned.
        This matches WebCore::StringImpl, and better unifies behaviour throughout JSC.

        * JavaScriptCore.exp:
        * bytecode/EvalCodeCache.h:
        * runtime/Identifier.cpp:
        (JSC::Identifier::equal):
        * runtime/Identifier.h:
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEscape):
        * runtime/JSONObject.cpp:
        (JSC::gap):
        (JSC::Stringifier::indent):
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToPrecision):
        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferencesSlow):
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncSplit):
        (JSC::trimString):
        * runtime/UString.cpp:
        (JSC::UString::UString):
        (JSC::UString::from):
        (JSC::UString::getCString):
        (JSC::UString::ascii):
        (JSC::UString::operator[]):
        (JSC::UString::toStrictUInt32):
        (JSC::UString::find):
        (JSC::UString::rfind):
        (JSC::UString::substr):
        (JSC::operator<):
        (JSC::operator>):
        (JSC::compare):
        (JSC::equal):
        (JSC::UString::UTF8String):
        * runtime/UString.h:
        (JSC::UString::size):
        (JSC::operator==):
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::create):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::create):
        (JSC::UStringImpl::size):
        (JSC::UStringImpl::computeHash):
        (JSC::UStringImpl::UStringImpl):

2010-02-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 34948 - tryMakeString should fail on error in length calculation

        The sum of the length of substrings could overflow.

        * runtime/UString.h:
        (JSC::sumWithOverflow):
        (JSC::tryMakeString):

2010-02-15  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed <rdar://problem/7628524> Crash beneath JSGlobalContextRelease when
        typing in Google search field with GuardMalloc/full page heap enabled

        * API/JSContextRef.cpp: Don't use APIEntryShim, since that requires
        a JSGlobalData, which this function destroys. Do use setCurrentIdentifierTable
        and JSLock instead, since those are the two features of APIEntryShim we
        require.

2010-02-15  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Laszlo Gombos.

        Added additional parameter to create_rvct_stubs 
        for setting the offset of thunkReturnAddress.
        https://bugs.webkit.org/show_bug.cgi?id=34657

        * create_rvct_stubs:
        * jit/JITStubs.cpp:

2010-02-15  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Fix QScriptValue::toIntXX methods.

        More ECMA Script compliance.

        [Qt] QScriptValue::toIntXX returns incorrect values
        https://bugs.webkit.org/show_bug.cgi?id=34847

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::toInteger):
        (QScriptValuePrivate::toInt32):
        (QScriptValuePrivate::toUInt32):
        (QScriptValuePrivate::toUInt16):
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp:
        (tst_QScriptValue::toInteger_initData):
        (tst_QScriptValue::toInteger_makeData):
        (tst_QScriptValue::toInteger_test):
        (tst_QScriptValue::toInt32_initData):
        (tst_QScriptValue::toInt32_makeData):
        (tst_QScriptValue::toInt32_test):
        (tst_QScriptValue::toUInt32_initData):
        (tst_QScriptValue::toUInt32_makeData):
        (tst_QScriptValue::toUInt32_test):
        (tst_QScriptValue::toUInt16_initData):
        (tst_QScriptValue::toUInt16_makeData):
        (tst_QScriptValue::toUInt16_test):

2010-02-14  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Adam Barth.

        Implement NEVER_INLINE and NO_RETURN for RVCT
        https://bugs.webkit.org/show_bug.cgi?id=34740

        * wtf/AlwaysInline.h:

2010-02-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Remove uses of PtrAndFlags from JIT data stuctures.

        These break the OS X Leaks tool.  Free up a bit in CallLinkInfo, and invalid
        permutation of pointer states in MethodCallLinkInfo to represent the removed bits.

        * bytecode/CodeBlock.h:
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::MethodCallLinkInfo):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
        * jit/JIT.cpp:
        (JSC::JIT::unlinkCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchMethodCallProto):
        * runtime/UString.h:

2010-02-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Many false leaks in release builds due to PtrAndFlags

        Remove UntypedPtrAndBitfield (similar to PtrAndFlags) in UStringImpl,
        and steal bits from the refCount instead.

        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::baseSharedBuffer):
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::isIdentifier):
        (JSC::UStringImpl::setIsIdentifier):
        (JSC::UStringImpl::ref):
        (JSC::UStringImpl::deref):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::bufferOwnerString):
        (JSC::UStringImpl::bufferOwnership):
        (JSC::UStringImpl::isStatic):
        (JSC::UStringImpl::):

2010-02-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Removed an unnecessary data dependency from my last patch.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::markChildren): Since isAnyStringMarked being false
        is a condition of entering the loop, we can just use '=' instead of '|='.

2010-02-12  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Tor Arne Vestbø.

        Additional refptr/passrefptr workarounds for WINSCW compiler
        https://bugs.webkit.org/show_bug.cgi?id=28054

        * wtf/PassRefPtr.h:
        (WTF::refIfNotNull):
        (WTF::PassRefPtr::PassRefPtr):
        (WTF::PassRefPtr::~PassRefPtr):
        (WTF::PassRefPtr::clear):
        (WTF::::operator):
        * wtf/RefPtr.h:
        (WTF::RefPtr::RefPtr):
        (WTF::::operator):

2010-02-12  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Tor Arne Vestbø.

        Additional refptr/passrefptr workarounds for WINSCW compiler
        https://bugs.webkit.org/show_bug.cgi?id=28054

        * wtf/PassRefPtr.h:
        (WTF::refIfNotNull):
        (WTF::PassRefPtr::PassRefPtr):
        (WTF::PassRefPtr::~PassRefPtr):
        (WTF::PassRefPtr::clear):
        (WTF::::operator):
        * wtf/RefPtr.h:
        (WTF::RefPtr::RefPtr):
        (WTF::::operator):

2010-02-12  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Tor Arne Vestbø.

        Additional refptr/passrefptr workarounds for WINSCW compiler
        https://bugs.webkit.org/show_bug.cgi?id=28054

        * wtf/PassRefPtr.h:
        (WTF::refIfNotNull):
        (WTF::PassRefPtr::PassRefPtr):
        (WTF::PassRefPtr::~PassRefPtr):
        (WTF::PassRefPtr::clear):
        (WTF::::operator):
        * wtf/RefPtr.h:
        (WTF::RefPtr::RefPtr):
        (WTF::::operator):

2010-02-12  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        Don't import the cmath functions from std:: for WINSCW.

        * wtf/MathExtras.h:

2010-02-12  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Adam Barth.

        Typedef both JSChar and UChar to wchar_t in RVCT.
        https://bugs.webkit.org/show_bug.cgi?id=34560

        Define both JSChar and UChar to wchar_t as the size
        of wchar_t is 2 bytes in RVCT.

        * API/JSStringRef.h:
        * wtf/unicode/qt4/UnicodeQt4.h:

2010-02-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt and Darin Adler.

        The rest of the fix for
        https://bugs.webkit.org/show_bug.cgi?id=34864 | <rdar://problem/7594198>
        Many objects left uncollected after visiting mail.google.com and closing
        window
        
        Don't unconditionally hang onto small strings. Instead, hang onto all
        small strings as long as any small string is still referenced.
        
        SunSpider reports no change.

        * runtime/Collector.cpp:
        (JSC::Heap::markRoots): Mark the small strings cache last, so it can
        check if anything else has kept any strings alive.

        * runtime/SmallStrings.cpp:
        (JSC::isMarked):
        (JSC::SmallStrings::markChildren): Only keep our strings alive if some
        other reference to at least one of them exists, too.

2010-02-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Some progress toward fixing
        https://bugs.webkit.org/show_bug.cgi?id=34864 | <rdar://problem/7594198>
        Many objects left uncollected after visiting mail.google.com and closing
        window
        
        SunSpider reports no change.
        
        Keep weak references, rather than protected references, to cached for-in
        property name enumerators.
        
        One problem with protected references is that a chain like 
            [ gc object 1 ] => [ non-gc object ] => [ gc object 2 ]
        takes two GC passes to break, since the first pass collects [ gc object 1 ],
        releasing [ non-gc object ] and unprotecting [ gc object 2 ], and only
        then can a second pass collect [ gc object 2 ].
        
        Another problem with protected references is that they can keep a bunch
        of strings alive long after they're useful. In SunSpider and a few popular
        websites, the size-speed tradeoff seems to favor weak references.

        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator): Moved this constructor
        into the .cpp file, since it's not used elsewhere.

        (JSC::JSPropertyNameIterator::~JSPropertyNameIterator): Added a destructor
        to support our weak reference.

        * runtime/JSPropertyNameIterator.h:
        (JSC::Structure::setEnumerationCache):
        (JSC::Structure::clearEnumerationCache):
        (JSC::Structure::enumerationCache): Added a function for clearing a
        Structure's enumeration cache, used by our new destructor. Also fixed
        indentation to match the rest of the file.

        * runtime/Structure.h: Changed from protected pointer to weak pointer.

2010-02-11  Chris Rogers  <crogers@google.com>

        Reviewed by David Levin.

        audio engine: add Complex number class
        https://bugs.webkit.org/show_bug.cgi?id=34538

        * wtf/Complex.h: Added.
        (WebCore::complexFromMagnitudePhase):

2010-02-10  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Added an SPI for asking about all the different live objects on the heap.
        Useful for memory debugging.

        * JavaScriptCore.exp: Export the new SPI.

        * runtime/Collector.cpp:
        (JSC::typeName): Use a little capitalization. Don't crash in the case of
        a non-object cell, since it might just be an uninitialized cell.

        (JSC::Heap::objectTypeCounts): The new SPI.

        * runtime/Collector.h:
        * runtime/CollectorHeapIterator.h:
        (JSC::CollectorHeapIterator::advance):
        (JSC::LiveObjectIterator::operator++):
        (JSC::DeadObjectIterator::operator++):
        (JSC::ObjectIterator::operator++): Made 2 tweaks to these iterators:
        (1) Skip the last cell in the block, since it's a dummy sentinel, and
        we don't want it to confuse the object count; (2) Fixed a logic error
        in LiveObjectIterator that could cause it to iterate dead objects if
        m_block were equal to m_heap.nextBlock and m_cell were less than
        m_heap.nextCell. No test for this since I can't think of a way that this
        could make WebKit behave badly.

2010-02-11  Steve Block  <steveblock@google.com>

        Reviewed by Darin Adler.

        Guard cmath using declarations in MathExtras.h on Android
        https://bugs.webkit.org/show_bug.cgi?id=34840

        Android does not provide these functions.

        * wtf/MathExtras.h:

2010-02-08  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Cameron Zwarich.

        Restore ENABLE_RUBY flag so vendors can ship with Ruby disabled if they choose.
        https://bugs.webkit.org/show_bug.cgi?id=34698

        * Configurations/FeatureDefines.xcconfig:

2010-02-10  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Add Windows complex text support and Mac support for containsCharacters.
        
        https://bugs.webkit.org/show_bug.cgi?id=34759

        * wscript:

2010-02-10  Alexey Proskuryakov  <ap@apple.com>

        Addressing issues found by style bot.

        * wtf/ValueCheck.h: Renamed header guard to match final file name.

        * wtf/Vector.h: (WTF::::checkConsistency): Remove braces around a one-line clause.

2010-02-09  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoffrey Garen.

        https://bugs.webkit.org/show_bug.cgi?id=34490
        WebCore::ImageEventSender::dispatchPendingEvents() crashes in certain conditions

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        Added ValueCheck.h.

        * wtf/ValueCheck.h: Added. Moved code out of HashTraits, since it would be awkward to
        include that from Vector.h.
        (WTF::ValueCheck::checkConsistency): Allow null pointers, those are pretty consistent.

        * wtf/HashTraits.h: Moved value checking code out of here.

        * wtf/HashTable.h: (WTF::::checkTableConsistencyExceptSize): Updated for the above changes.

        * wtf/Vector.h:
        (WTF::::checkConsistency): Check all vector elements.
        (WTF::ValueCheck): Support checking a Vector as an element in other containers. Currently
        unused.

2010-02-10  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Fix QScriptValue::toBool.

        Fix ECMA compliance in the QScriptValue for values like 0, NaN and
        empty strings.

        [Qt] QScriptValue::toBool problem
        https://bugs.webkit.org/show_bug.cgi?id=34793

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::toBool):
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp:
        (tst_QScriptValue::toBool_initData):
        (tst_QScriptValue::toBool_makeData):
        (tst_QScriptValue::toBool_test):
        (tst_QScriptValue::toBoolean_initData):
        (tst_QScriptValue::toBoolean_makeData):
        (tst_QScriptValue::toBoolean_test):

2009-10-06  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Simon Hausmann.

        Use derefIfNotNull() to work around WINSCW compiler forward declaration bug

        The compiler bug is reported at
        https://xdabug001.ext.nokia.com/bugzilla/show_bug.cgi?id=9812.

        The change should be reverted when the above bug is fixed in WINSCW compiler.

        https://bugs.webkit.org/show_bug.cgi?id=28054

2009-10-06  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Simon Hausmann.

        Get rid of WINSCW hack for UnSpecifiedBoolType

        Add parenthesis around (RefPtr::*UnspecifiedBoolType) to make the WINSCW
        compiler work with the default UnSpecifiedBoolType() operator.

        https://bugs.webkit.org/show_bug.cgi?id=28054

        * wtf/RefPtr.h:

2010-02-09  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        New functions nullValue() and undefinedValue().

        [Qt] QScriptEngine should contain nullValue and undefinedValue methods
        https://bugs.webkit.org/show_bug.cgi?id=34749

        * qt/api/qscriptengine.cpp:
        (QScriptEngine::nullValue):
        (QScriptEngine::undefinedValue):
        * qt/api/qscriptengine.h:
        * qt/tests/qscriptengine/tst_qscriptengine.cpp:
        (tst_QScriptEngine::nullValue):
        (tst_QScriptEngine::undefinedValue):

2010-02-09  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Fixes for QScriptValue::toNumber().

        Fix ECMA compliance in QScriptValue for values unbound
        to a QScriptEngine.

        [Qt] QScriptValue::toNumber() is broken
        https://bugs.webkit.org/show_bug.cgi?id=34592

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::toNumber):
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp:
        (tst_QScriptValue::toNumber_initData):
        (tst_QScriptValue::toNumber_makeData):
        (tst_QScriptValue::toNumber_test):

2010-02-09  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Fix QScriptValue::isNumber().

        The isNumber() should return 'true' if the value is in the CNumber
        state.

        [Qt] QScriptValue::isNumber() returns an incorrect value
        https://bugs.webkit.org/show_bug.cgi?id=34575

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::isNumber):
        * qt/tests/qscriptvalue/tst_qscriptvalue.h:
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp:
        (tst_QScriptValue::isNumber_initData):
        (tst_QScriptValue::isNumber_makeData):
        (tst_QScriptValue::isNumber_test):

2010-02-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Small refactoring to the small strings cache to allow it to be cleared
        dynamically.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::SmallStrings):
        (JSC::SmallStrings::clear):
        * runtime/SmallStrings.h: Moved initialization code into a shared function,
        and changed the constructor to call it.

2010-02-09  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Geoff Garen.

        Rename StringBuilder::release && JSStringBuilder::releaseJSString
        to 'build()'.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::paramString):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::stringify):
        * runtime/JSStringBuilder.h:
        (JSC::JSStringBuilder::build):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexString):
        * runtime/NumberPrototype.cpp:
        (JSC::integerPartNoExp):
        (JSC::numberProtoFuncToFixed):
        * runtime/StringBuilder.h:
        (JSC::StringBuilder::build):

2010-02-09  John Sullivan  <sullivan@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=34772
        Overzealous new assertion in URStringImpl::adopt()

        Reviewed by Adam Barth.

        * runtime/UStringImpl.h:
        (JSC::UStringImpl::adopt):
        Only assert that vector.data() is non-zero if vector.size() is non-zero.

2010-02-09  Nikolas Zimmermann  <nzimmermann@rim.com>

        Not reviewed. Try to fix build problem on SnowLeopard slaves to bring them back.

        * API/JSClassRef.cpp:
        (tryCreateStringFromUTF8): Mark method as 'static inline' to suppress "warning: no previous prototype for ..."

2010-02-09  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Three small string fixes:
        (1) StringBuilder::release should CRASH if the buffer allocation failed.
        (2) Remove weird, dead code from JSString::tryGetValue, replace with an ASSERT.
        (3) Move UString::createFromUTF8 out to the API, as tryCreateStringFromUTF8.
            This is only used from the API, and (now) unlike other UString::create
            methods may return UString::null() to indicate failure cases.  Better
            handle these in the API.

        * API/JSClassRef.cpp:
        (tryCreateStringFromUTF8):
        (OpaqueJSClass::OpaqueJSClass):
        (OpaqueJSClassContextData::OpaqueJSClassContextData):
        * runtime/JSString.h:
        (JSC::Fiber::tryGetValue):
        * runtime/StringBuilder.h:
        (JSC::StringBuilder::release):
        * runtime/UString.cpp:
        (JSC::UString::UString):
        (JSC::UString::from):
        (JSC::UString::find):
        * runtime/UString.h:

2010-02-09  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Laszlo Gombos.

        [Qt] use nanval() for Symbian as nonInlineNaN
        https://bugs.webkit.org/show_bug.cgi?id=34170

        numeric_limits<double>::quiet_NaN is broken in Symbian
        causing NaN to be evaluated as a number.

        * runtime/JSValue.cpp:
        (JSC::nonInlineNaN):

2010-02-09  Tamas Szirbucz  <szirbucz@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add a soft modulo operation to ARM JIT using a trampoline function.
        The performance progression is about ~1.8% on ARMv7
        https://bugs.webkit.org/show_bug.cgi?id=34424

        Developed in cooperation with Gabor Loki.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::softModulo):
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiSoftModulo):
        * wtf/Platform.h:

2010-02-08  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (SL/win build fixes).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * runtime/StringPrototype.cpp:

2010-02-08  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt

        Make String.replace throw an exception on out-of-memory, rather than
        returning a null (err, empty-ish) string.  Move String::replaceRange
        and String::spliceSubstringsWithSeparators out to StringPrototype -
        these were fairly specific use anyway, and we can better integrate
        throwing the JS expcetion this way.

        Also removes redundant assignment operator from UString.

        * JavaScriptCore.exp:
        * runtime/StringPrototype.cpp:
        (JSC::StringRange::StringRange):
        (JSC::jsSpliceSubstringsWithSeparators):
        (JSC::jsReplaceRange):
        (JSC::stringProtoFuncReplace):
        * runtime/UString.cpp:
        * runtime/UString.h:

2010-02-08  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Undefine WTF_OS_WINDOWS and WTF_PLATFORM_WIN
        https://bugs.webkit.org/show_bug.cgi?id=34561

        As the binary for simulator is built with MSVC 2005,
        WTF_OS_WINDOWS and WTF_PLATFORM_WIN are defined.
        Undefine them as we don't target Windows.

        * wtf/Platform.h:

2010-02-08  Chris Rogers  <crogers@google.com>

        Reviewed by Darin Adler.

        audio engine: add Vector3 class
        https://bugs.webkit.org/show_bug.cgi?id=34548

        * wtf/Vector3.h: Added.
        (WebCore::Vector3::Vector3):
        (WebCore::Vector3::abs):
        (WebCore::Vector3::isZero):
        (WebCore::Vector3::normalize):
        (WebCore::Vector3::x):
        (WebCore::Vector3::y):
        (WebCore::Vector3::z):
        (WebCore::operator+):
        (WebCore::operator-):
        (WebCore::operator*):
        (WebCore::dot):
        (WebCore::cross):
        (WebCore::distance):

2010-02-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Fix warning in clang++

        * runtime/Structure.h:
        (JSC::Structure::propertyStorageSize):

2010-02-08  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Make makeString CRASH if we fail to allocate a string.

        (tryMakeString or jsMakeNontrivialString can be used where we
        expect allocation may fail and want to handle the error).

        * runtime/JSStringBuilder.h:
        (JSC::jsMakeNontrivialString):
        * runtime/UString.h:
        (JSC::tryMakeString):
        (JSC::makeString):

2010-02-08  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Oliver Hunt.

        Remove a couple of unnecesary C-style casts spotted by Darin.

        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::globalFuncEscape):

2010-02-08  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Switch some more StringBuilder/jsNontrivialString code to use
        JSStringBuilder/jsMakeNontrivialString - these methods will
        throw an exception if we hit out-of-memory, rather than just
        CRASHing.

        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEscape):

2010-02-08  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Use an empty identifier instead of a null identifier for parse
        tokens without an identifier.

        This helps encapsulate the null UStringImpl within UString.

        * parser/Grammar.y:
        * parser/NodeConstructors.h:
        (JSC::ContinueNode::ContinueNode):
        (JSC::BreakNode::BreakNode):
        (JSC::ForInNode::ForInNode):
        * runtime/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers):
        * runtime/CommonIdentifiers.h:
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):

2010-02-08  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Build fix for make distcheck.

        * GNUmakefile.am:

2010-02-08  Simon Hausmann  <simon.hausmann@nokia.com>

        Unreviewed RVCT build fix.

        Similar to r54391, don't import the cmath functions from std:: for RVCT.

        * wtf/MathExtras.h:

2010-02-05  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Change UStringImpl::create to CRASH if the string cannot be allocated,
        rather than returning a null string (which will behave like a zero-length
        string if used).

        Also move createRep function from UString to become new overloaded
        UStringImpl::create methods.  In doing so, bring their behaviour closer to
        being in line with WebCore::StringImpl, in removing the behaviour that they
        can be used to produce null UStrings (ASSERT the char* provided is non-null).
        This behaviour of converting null C-strings to null UStrings is inefficient
        (cmompared to just using UString::null()), incompatible with WebCore::StringImpl's
        behaviour, and may generate unexpected behaviour, since in many cases a null
        UString can be used like an empty string.

        With these changes UStringImpl need not have a concept of null impls, we can
        start transitioning this to become an implementation detail of UString, that
        internally it chooses to use a null-object rather than an actually zero impl
        pointer.

        * JavaScriptCore.exp:
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::calculatedFunctionName):
        * parser/Parser.cpp:
        (JSC::Parser::parse):
        * profiler/Profile.cpp:
        (JSC::Profile::Profile):
        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::stopProfiling):
        * runtime/Error.cpp:
        (JSC::Error::create):
        (JSC::throwError):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createError):
        * runtime/Identifier.cpp:
        (JSC::Identifier::add):
        * runtime/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * runtime/UString.cpp:
        (JSC::initializeUString):
        (JSC::UString::UString):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::isNull):
        (JSC::UString::null):
        (JSC::UString::rep):
        (JSC::UString::UString):
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::create):
        * runtime/UStringImpl.h:

2010-02-05  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Define SYSTEM_MALLOC 1
        https://bugs.webkit.org/show_bug.cgi?id=34640

        Make BREWMP use system malloc because FastMalloc is not ported.

        * wtf/Platform.h:

2010-02-05  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Alexey Proskuryakov.

        Don't call CRASH() in fastMalloc and fastCalloc when the requested memory size is 0
        https://bugs.webkit.org/show_bug.cgi?id=34569

        With USE_SYSTEM_MALLOC=1, fastMalloc and fastCalloc call CRASH()
        if the return value of malloc and calloc is 0.
        
        However, these functions can return 0 when the request size is 0.
        Libc manual says, "If size is 0, then malloc() returns either NULL,
        or a unique pointer value that can later be successfully passed to free()."
        Though malloc returns a unique pointer in most systems,
        0 can be returned in some systems. For instance, BREW's MALLOC returns 0
        when size is 0.

        If malloc or calloc returns 0 due to allocation size, increase the size
        to 1 and try again.

        * wtf/FastMalloc.cpp:
        (WTF::fastMalloc):
        (WTF::fastCalloc):

2010-02-04  Mark Rowe  <mrowe@apple.com>

        Reviewed by Timothy Hatcher.

        Build fix.  Remove a symbol corresponding to an inline function from the linker export
        file to prevent a weak external failure.

        * JavaScriptCore.xcodeproj/project.pbxproj: Accommodate rename of script.

2010-02-04  Daniel Bates  <dbates@webkit.org>

        [Qt] Unreviewed, build fix for Qt bot.

        * runtime/JSStringBuilder.h: Changed #include <X.h> notation #include "X.h".

2010-02-04  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Clearing a WeakGCPtr is weird
        https://bugs.webkit.org/show_bug.cgi?id=34627

        Added a WeakGCPtr::clear interface.
        
        As discussed in https://bugs.webkit.org/show_bug.cgi?id=33383, the old
        interface made it pretty weird for a client to conditionally clear a
        WeakGCPtr, which is exactly what clients want to do when objects are
        finalized.

        * API/JSClassRef.cpp:
        (clearReferenceToPrototype): Use the new WeakGCPtr::clear() interface. 

        * runtime/WeakGCPtr.h:
        (JSC::WeakGCPtr::clear): Added an interface for clearing a WeakGCPtr,
        iff its current value is the value passed in. It's cumbersome for the
        client to do this test, since WeakGCPtr sometimes pretends to be null.

2010-02-04  Geoffrey Garen  <ggaren@apple.com>

        Build fix: export a header.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2010-02-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Add a JSStringBuilder class (similar-to, and derived-from StringBuilder) to
        construct JSStrings, throwing a JS exception should we run out of memory whilst
        allocating storage for the string.

        Similarly, add jsMakeNontrivialString methods to use in cases where previously
        we were calling makeString & passing the result to jsNontrivialString.  Again,
        these new methods throw if we hit an out of memory condition.

        Move throwOutOfMemoryError into ExceptionHelpers, to make it more widely available.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncJoin):
        * runtime/DateConstructor.cpp:
        (JSC::callDate):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToGMTString):
        * runtime/ErrorPrototype.cpp:
        (JSC::errorProtoFuncToString):
        * runtime/ExceptionHelpers.cpp:
        (JSC::throwOutOfMemoryError):
        * runtime/ExceptionHelpers.h:
        * runtime/JSStringBuilder.h: Added.
        (JSC::JSStringBuilder::releaseJSString):
        (JSC::jsMakeNontrivialString):
        * runtime/NumberPrototype.cpp:
        (JSC::numberProtoFuncToPrecision):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncToString):
        * runtime/Operations.cpp:
        * runtime/Operations.h:
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncToString):
        * runtime/StringBuilder.h:
        (JSC::StringBuilder::append):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncBig):
        (JSC::stringProtoFuncSmall):
        (JSC::stringProtoFuncBlink):
        (JSC::stringProtoFuncBold):
        (JSC::stringProtoFuncFixed):
        (JSC::stringProtoFuncItalics):
        (JSC::stringProtoFuncStrike):
        (JSC::stringProtoFuncSub):
        (JSC::stringProtoFuncSup):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):

2010-02-04  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * wtf/MathExtras.h:

2010-02-04  Darin Adler  <darin@apple.com>

        Reviewed by David Levin.

        Make MathExtras.h compatible with <cmath>
        https://bugs.webkit.org/show_bug.cgi?id=34618

        * wtf/MathExtras.h: Include <cmath> instead of <math.h>.
        Use "using" as we do elsewhere in WTF for the four functions from <cmath>
        we want to use without the prefix. Later we could consider making the std
        explicit at call sites instead.

2010-02-04  Tamas Szirbucz  <szirbucz@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Use an easily appendable structure for trampolines instead of pointer parameters.
        https://bugs.webkit.org/show_bug.cgi?id=34424

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::executableCopy):
        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:
        (JSC::JITThunks::ctiStringLengthTrampoline):
        (JSC::JITThunks::ctiVirtualCallLink):
        (JSC::JITThunks::ctiVirtualCall):
        (JSC::JITThunks::ctiNativeCallThunk):

2010-02-04  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Increase test coverage for the QScriptValue.

        https://bugs.webkit.org/show_bug.cgi?id=34533

        * qt/tests/qscriptvalue/qscriptvalue.pro:
        * qt/tests/qscriptvalue/tst_qscriptvalue.cpp:
        (tst_QScriptValue::tst_QScriptValue):
        (tst_QScriptValue::~tst_QScriptValue):
        (tst_QScriptValue::dataHelper):
        (tst_QScriptValue::newRow):
        (tst_QScriptValue::testHelper):
        (tst_QScriptValue::ctor):
        * qt/tests/qscriptvalue/tst_qscriptvalue.h: Added.
        * qt/tests/qscriptvalue/tst_qscriptvalue_generated.cpp: Added.
        (tst_QScriptValue::initScriptValues):
        (tst_QScriptValue::isValid_initData):
        (tst_QScriptValue::isValid_makeData):
        (tst_QScriptValue::isValid_test):
        (tst_QScriptValue::isBool_initData):
        (tst_QScriptValue::isBool_makeData):
        (tst_QScriptValue::isBool_test):
        (tst_QScriptValue::isBoolean_initData):
        (tst_QScriptValue::isBoolean_makeData):
        (tst_QScriptValue::isBoolean_test):
        (tst_QScriptValue::isFunction_initData):
        (tst_QScriptValue::isFunction_makeData):
        (tst_QScriptValue::isFunction_test):
        (tst_QScriptValue::isNull_initData):
        (tst_QScriptValue::isNull_makeData):
        (tst_QScriptValue::isNull_test):
        (tst_QScriptValue::isString_initData):
        (tst_QScriptValue::isString_makeData):
        (tst_QScriptValue::isString_test):
        (tst_QScriptValue::isUndefined_initData):
        (tst_QScriptValue::isUndefined_makeData):
        (tst_QScriptValue::isUndefined_test):
        (tst_QScriptValue::isObject_initData):
        (tst_QScriptValue::isObject_makeData):
        (tst_QScriptValue::isObject_test):

2010-02-03  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Define WTF_PLATFORM_BREWMP_SIMULATOR when AEE_SIMULATOR is defined
        https://bugs.webkit.org/show_bug.cgi?id=34514

        PLATFORM(BREWMP_SIMULATOR) guard is needed to make distinction between BREWMP
        and BREWMP simulator.

        * wtf/Platform.h:

2010-02-03  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Remove COMPILE_ASSERT conflict with the underlying PLATFORM
        https://bugs.webkit.org/show_bug.cgi?id=34190

        COMPILE_ASSERT conflicts with the underlying PLATFORM because it is defined
        both in WTF's Assertions.h and BREWMP's AEEClassIDs.h. Include AEEClassIDs.h
        in Assertions.h and undef COMPILE_ASSERT to avoid redefining COMPILE_ASSERT.

        * wtf/Assertions.h:

2010-02-03  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Implement OwnPtrBrew to make sure BREW instances are freed.
        https://bugs.webkit.org/show_bug.cgi?id=34518

        Add OwnPtrBrew to release IFile, IFileMgr and IBitmap instances.

        * wtf/brew/OwnPtrBrew.cpp: Added.
        (WTF::IFileMgr):
        (WTF::IFile):
        (WTF::IBitmap):
        (WTF::freeOwnedPtrBrew):
        * wtf/brew/OwnPtrBrew.h: Added.
        (WTF::OwnPtrBrew::OwnPtrBrew):
        (WTF::OwnPtrBrew::~OwnPtrBrew):
        (WTF::OwnPtrBrew::get):
        (WTF::OwnPtrBrew::release):
        (WTF::OwnPtrBrew::outPtr):
        (WTF::OwnPtrBrew::set):
        (WTF::OwnPtrBrew::clear):
        (WTF::OwnPtrBrew::operator*):
        (WTF::OwnPtrBrew::operator->):
        (WTF::OwnPtrBrew::operator!):
        (WTF::OwnPtrBrew::operator UnspecifiedBoolType):
        (WTF::OwnPtrBrew::swap):
        (WTF::swap):
        (WTF::operator==):
        (WTF::operator!=):
        (WTF::getPtr):

2010-02-03  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        Export WTF::fastStrDup symbol
        https://bugs.webkit.org/show_bug.cgi?id=34526

        * JavaScriptCore.exp:

2010-02-03  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Enable JIT compilation for wx.
        
        https://bugs.webkit.org/show_bug.cgi?id=34536

        * wtf/Platform.h:

2010-02-02  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Crash in CollectorBitmap::get at nbcolympics.com
        https://bugs.webkit.org/show_bug.cgi?id=34504

        This was caused by the use of m_offset to determine the offset of
        a new property into the property storage.  This patch corrects
        the effected cases by incorporating the anonymous slot count. It
        also removes the duplicate copy of anonymous slot count from the
        property table as keeping this up to date merely increased the
        chance of a mismatch.  Finally I've added a large number of
        assertions in an attempt to prevent such a bug from happening
        again.

        With the new assertions in place the existing anonymous slot tests
        all fail without the m_offset fixes.

        * runtime/PropertyMapHashTable.h:
        * runtime/Structure.cpp:
        (JSC::Structure::materializePropertyMap):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::removePropertyTransition):
        (JSC::Structure::flattenDictionaryStructure):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        (JSC::Structure::copyPropertyTable):
        (JSC::Structure::get):
        (JSC::Structure::put):
        (JSC::Structure::remove):
        (JSC::Structure::insertIntoPropertyMapHashTable):
        (JSC::Structure::createPropertyMapHashTable):
        (JSC::Structure::rehashPropertyMapHashTable):
        (JSC::Structure::checkConsistency):

2010-02-02  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Darin Adler.

        Copyright year updating for Windows version resources should be automatic
        https://bugs.webkit.org/show_bug.cgi?id=34503

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc:

2010-02-02  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Add dummy main thread functions
        https://bugs.webkit.org/show_bug.cgi?id=33569

        Add dummy initializeMainThreadPlatform and
        scheduleDispatchFunctionsOnMainThread.

        * wtf/brew/MainThreadBrew.cpp: Added.
        (WTF::initializeMainThreadPlatform):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2010-02-02  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        Add using WTF::getLocalTime to CurrentTime.h
        https://bugs.webkit.org/show_bug.cgi?id=34493

        * wtf/CurrentTime.h:

2010-02-02  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Add HAVE_XXX definitions
        https://bugs.webkit.org/show_bug.cgi?id=34414

        Add HAVE_ERRNO_H=1

        * wtf/Platform.h:

2010-02-02  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Don't define HAVE_TM_GMTOFF, HAVE_TM_ZONE and HAVE_TIMEGM
        https://bugs.webkit.org/show_bug.cgi?id=34388

        BREWMP does not have these features.

        * wtf/Platform.h:

2010-02-02  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Define WTF_PLATFORM_BREWMP=1 when BUILDING_BREWMP is defined
        https://bugs.webkit.org/show_bug.cgi?id=34386

        Define WTF_PLATFORM_BREWMP=1 so that PLATFORM(BREWMP) guard can be used.

        * wtf/Platform.h:

2010-02-01  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Date.UTC() should apply TimeClip operation.
        https://bugs.webkit.org/show_bug.cgi?id=34461

        ECMAScript 5 15.9.4.3:
        > 9 Return TimeClip(MakeDate(MakeDay(yr, m, dt), MakeTime(h, min, s, milli))).

        * runtime/DateConstructor.cpp:
        (JSC::dateUTC): Calls WTF::timeClip().

2010-02-01  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Fix a bug that Math.round() retunrs incorrect results for huge integers
        https://bugs.webkit.org/show_bug.cgi?id=34462

        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncRound): Avoid "arg + 0.5".

2010-02-01  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Port WTF's currentTime
        https://bugs.webkit.org/show_bug.cgi?id=33567

        Combine GETUTCSECONDS and GETTIMEMS to calculate the number
        of milliseconds since 1970/01/01 00:00:00 UTC.

        * wtf/CurrentTime.cpp:
        (WTF::currentTime):

2010-02-01  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        [Qt] WinCE buildfix after r52729 and fix for Q_BIG_ENDIAN typo.
        https://bugs.webkit.org/show_bug.cgi?id=34378

        * wtf/Platform.h:

2010-02-01  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Structure not accounting for anonymous slots when computing property storage size
        https://bugs.webkit.org/show_bug.cgi?id=34441

        Previously any Structure with anonymous storage would have a property map, so we
        were only including anonymous slot size if there was a property map.  Given this
        is no longer the case we should always include the anonymous slot count in the
        property storage size.

        * runtime/Structure.h:
        (JSC::Structure::propertyStorageSize):

2010-02-01  Oliver Hunt  <oliver@apple.com>

        Windows build fix, update exports file (again)

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-02-01  Oliver Hunt  <oliver@apple.com>

        Windows build fix, update exports file

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-01-31  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        JSC is failing to propagate anonymous slot count on some transitions
        https://bugs.webkit.org/show_bug.cgi?id=34321

        Remove secondary Structure constructor, and make Structure store a copy
        of the number of anonymous slots directly so saving an immediate allocation
        of a property map for all structures with anonymous storage, which also
        avoids the leaked property map on new property transition in the original
        version of this patch.

        We need to propagate the the anonymous slot count otherwise we can end up
        with a structure recording incorrect information about the available and
        needed space for property storage, or alternatively incorrectly reusing
        some slots.

        * JavaScriptCore.exp:
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::materializePropertyMap):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::changePrototypeTransition):
        (JSC::Structure::despecifyFunctionTransition):
        (JSC::Structure::getterSetterTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::flattenDictionaryStructure):
        (JSC::Structure::copyPropertyTable):
        (JSC::Structure::put):
        (JSC::Structure::remove):
        (JSC::Structure::insertIntoPropertyMapHashTable):
        (JSC::Structure::createPropertyMapHashTable):
        * runtime/Structure.h:
        (JSC::Structure::create):
        (JSC::Structure::hasAnonymousSlots):
        (JSC::Structure::anonymousSlotCount):

2010-01-31  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        Buildfix for WinCE + style fixes (TLS_OUT_OF_INDEXES is not defined).
        https://bugs.webkit.org/show_bug.cgi?id=34380

        * wtf/ThreadSpecific.h:

2010-01-31  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        [Windows] Fix a bug of round() with huge integral numbers
        https://bugs.webkit.org/show_bug.cgi?id=34297

        Fix a bug that round() for huge integral numbers returns incorrect
        results. For example, round(8639999913600001) returns
        8639999913600002 without this change though the double type can
        represent 8639999913600001 precisely.

        Math.round() of JavaScript has a similar problem. But this change
        doesn't fix it because Math.round() doesn't use round() of
        MathExtra.h.

        * wtf/MathExtras.h:
        (round): Avoid to do "num + 0.5" or "num - 0.5".
        (roundf): Fixed similarly.
        (llround): Calls round().
        (llroundf): Calls roundf().
        (lround): Calls round().
        (lroundf): Calls roundf().

2010-01-29  Mark Rowe  <mrowe@apple.com>

        Sort Xcode projects.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2010-01-29  Mark Rowe  <mrowe@apple.com>

        Fix the Mac build.

        Disable ENABLE_INDEXED_DATABASE since it is "completely non-functional".

        As the comment in FeatureDefines.xcconfig notes, the list of feature defines
        needs to be kept in sync across the various files.  The default values also
        need to be kept in sync between these files and build-webkit.

        * Configurations/FeatureDefines.xcconfig:

2010-01-29  Simon Hausmann  <simon.hausmann@nokia.com>

        Rubber-stamped by Maciej Stachowiak.

        Fix the ARM build.

        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure): Call the right Structure::create overload.

2010-01-28  Kevin Ollivier  <kevino@theolliviers.com>

        [wx] Build fix for MSW, use ThreadingWin.cpp as the Windows pthreads implementation
        implements pthread_t in a way that makes it impossible to check its validity,
        which is needed by ThreadingPthreads.cpp.

        * wscript:

2010-01-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        DOM Objects shouldn't all require custom mark functions
        https://bugs.webkit.org/show_bug.cgi?id=34291

        Make getAnonymousValue const-friendly

        * runtime/JSObject.h:
        (JSC::JSObject::getAnonymousValue):

2010-01-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Simplify anonymous slot implementation
        https://bugs.webkit.org/show_bug.cgi?id=34282

        A class must now specify the number of slots it needs at construction time
        rather than later on with a transition.  This makes many things simpler,
        we no longer need to need an additional transition on object creation to
        add the anonymous slots, and we remove the need for a number of transition
        type checks. 

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * JavaScriptCore.exp:
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DateInstance.h:
        (JSC::DateInstance::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::createStructure):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::createStructure):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        * runtime/JSArray.h:
        (JSC::JSArray::createStructure):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSCell.h:
        (JSC::JSCell::createDummyStructure):
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        (JSC::JSObject::putAnonymousValue):
        (JSC::JSObject::getAnonymousValue):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::createStructure):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSString.h:
        (JSC::Fiber::createStructure):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        (JSC::JSWrapperObject::JSWrapperObject):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
        (JSC::Structure::materializePropertyMap):
        * runtime/Structure.h:
        (JSC::Structure::create):
        (JSC::Structure::anonymousSlotCount):
        * runtime/StructureTransitionTable.h:

2010-01-27  Oliver Hunt  <oliver@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        MessageEvent.data should deserialize in the context of the MessageEvent's global object
        https://bugs.webkit.org/show_bug.cgi?id=34227

        Add logic to allow us to create an Object, Array, or Date instance
        so we can create them in the context of a specific global object,
        rather than just using the current lexical global object.

        * JavaScriptCore.exp:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h:
        * runtime/JSGlobalObject.h:
        (JSC::constructEmptyObject):
        (JSC::constructEmptyArray):

2010-01-27  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=34150
        WebKit needs a mechanism to catch stale HashMap entries

        It is very difficult to catch stale pointers that are HashMap keys - since a pointer's hash
        is just its value, it is very unlikely that any observable problem is reproducible.

        This extends hash table consistency checks to check that pointers are referencing allocated
        memory blocks, and makes it possible to invoke the checks explicitly (it is not feasible
        to enable CHECK_HASHTABLE_CONSISTENCY by default, because that affects performance too much).

        * wtf/HashMap.h: (WTF::::checkConsistency): Call through to HashTable implementation. We can
        add similar calls to HashSet and HashCountedSet, but I haven't seen hard to debug problems
        with those yet.

        * wtf/HashSet.h: (WTF::::remove): The version of checkTableConsistency that's guarded by
        CHECK_HASHTABLE_CONSISTENCY is now called internalCheckTableConsistency().

        * wtf/HashTable.h:
        (WTF::HashTable::internalCheckTableConsistency):
        (WTF::HashTable::internalCheckTableConsistencyExceptSize):
        (WTF::HashTable::checkTableConsistencyExceptSize):
        Expose checkTableConsistency() even if CHECK_HASHTABLE_CONSISTENCY is off.
        (WTF::::add): Updated for checkTableConsistency renaming.
        (WTF::::addPassingHashCode): Ditto.
        (WTF::::removeAndInvalidate): Ditto.
        (WTF::::remove): Ditto.
        (WTF::::rehash): Ditto.
        (WTF::::checkTableConsistency): The assertion for !shouldExpand() was not correct - this
        function returns true for tables with m_table == 0.
        (WTF::::checkTableConsistencyExceptSize): Call checkValueConsistency for key. Potentially,
        we could do the same for values.

        * wtf/HashTraits.h:
        (WTF::GenericHashTraits::checkValueConsistency): An empty function that can be overridden
        to add checks. Currently, the only override is for pointer hashes.

        * wtf/RefPtrHashMap.h: (WTF::::remove): Updated for checkTableConsistency renaming.

2010-01-27  Anton Muhin  <antonm@chromium.org>

        Reviewed by Darin Adler.

        Remove trailing \ from inline function code
        https://bugs.webkit.org/show_bug.cgi?id=34223

        * assembler/ARMv7Assembler.h:
        (JSC::ARMThumbImmediate::countLeadingZerosPartial):

2010-01-27  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Port WTF's randomNumber
        https://bugs.webkit.org/show_bug.cgi?id=33566

        Use GETRAND to generate 4 byte random byte sequence to implement
        weakRandomNumber. Create a secure random number generator with
        AEECLSID_RANDOM to implement randomNumber.

        * wtf/RandomNumber.cpp:
        (WTF::weakRandomNumber):
        (WTF::randomNumber):

2010-01-27  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Port getCPUTime
        https://bugs.webkit.org/show_bug.cgi?id=33572

        Use GETUPTIMEMS which returns a continuously and
        linearly increasing millisecond timer from the time the device
        was powered on. This function is enough to implement getCPUTime.

        * runtime/TimeoutChecker.cpp:
        (JSC::getCPUTime):

2010-01-27  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Oliver Hunt.

        [BREWMP] Add MarkStack fastMalloc implementation for platforms without VirtualAlloc or mmap.
        https://bugs.webkit.org/show_bug.cgi?id=33582

        Use fastMalloc and fastFree to implement MarkStack::allocateStack and
        MarkStack::releaseStack for platforms without page level allocation.

        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackNone.cpp: Added.
        (JSC::MarkStack::initializePagesize):
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):

2010-01-27  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        [BREWMP] Don't use time function
        https://bugs.webkit.org/show_bug.cgi?id=33577

        Calling time(0) in BREW devices causes a crash because time
        is not properly ported in most devices. Cast currentTime() to
        time_t to get the same result as time(0).

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2010-01-27  Alexey Proskuryakov  <ap@apple.com>

        Revert r53899 (HashMap<AtomicStringImpl*, Value> key checks) and subsequent build fixes,
        because they make SVG tests crash in release builds.

        * wtf/HashMap.h:
        (WTF::::remove):
        * wtf/HashSet.h:
        (WTF::::remove):
        * wtf/HashTable.h:
        (WTF::::add):
        (WTF::::addPassingHashCode):
        (WTF::::removeAndInvalidate):
        (WTF::::remove):
        (WTF::::rehash):
        (WTF::::checkTableConsistency):
        (WTF::::checkTableConsistencyExceptSize):
        * wtf/HashTraits.h:
        (WTF::GenericHashTraits::emptyValue):
        (WTF::):
        * wtf/RefPtrHashMap.h:
        (WTF::::remove):

2010-01-26  Alexey Proskuryakov  <ap@apple.com>

        More Windows build fixing.

        * wtf/HashTraits.h: _msize takes void*, remove const qualifier from type.

2010-01-26  Alexey Proskuryakov  <ap@apple.com>

        Windows build fix.

        * wtf/HashTraits.h: Include malloc.h for _msize().

2010-01-26  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * wtf/HashTable.h: (WTF::HashTable::checkTableConsistencyExceptSize): Remove const from a
        static (empty) version of this function.

2010-01-26  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=34150
        WebKit needs a mechanism to catch stale HashMap entries

        It is very difficult to catch stale pointers that are HashMap keys - since a pointer's hash
        is just its value, it is very unlikely that any observable problem is reproducible.

        This extends hash table consistency checks to check that pointers are referencing allocated
        memory blocks, and makes it possible to invoke the checks explicitly (it is not feasible
        to enable CHECK_HASHTABLE_CONSISTENCY by default, because that affects performance too much).

        * wtf/HashMap.h: (WTF::::checkConsistency): Call through to HashTable implementation. We can
        add similar calls to HashSet and HashCountedSet, but I haven't seen hard to debug problems
        with those yet.

        * wtf/HashSet.h: (WTF::::remove): The version of checkTableConsistency that's guarded by
        CHECK_HASHTABLE_CONSISTENCY is now called internalCheckTableConsistency().

        * wtf/HashTable.h:
        (WTF::HashTable::internalCheckTableConsistency):
        (WTF::HashTable::internalCheckTableConsistencyExceptSize):
        (WTF::HashTable::checkTableConsistencyExceptSize):
        Expose checkTableConsistency() even if CHECK_HASHTABLE_CONSISTENCY is off.
        (WTF::::add): Updated for checkTableConsistency renaming.
        (WTF::::addPassingHashCode): Ditto.
        (WTF::::removeAndInvalidate): Ditto.
        (WTF::::remove): Ditto.
        (WTF::::rehash): Ditto.
        (WTF::::checkTableConsistency): The assertion for !shouldExpand() was not correct - this
        function returns true for tables with m_table == 0.
        (WTF::::checkTableConsistencyExceptSize): Call checkValueConsistency for key. Potentially,
        we could do the same for values.

        * wtf/HashTraits.h:
        (WTF::GenericHashTraits::checkValueConsistency): An empty function that can be overridden
        to add checks. Currently, the only override is for pointer hashes.

        * wtf/RefPtrHashMap.h: (WTF::::remove): Updated for checkTableConsistency renaming.

2010-01-26  Lyon Chen  <liachen@rim.com>

        Reviewed by Maciej Stachowiak.

        Opcode.h use const void* for Opcode cause error #1211 for RVCT compiler
        https://bugs.webkit.org/show_bug.cgi?id=33902

        * bytecode/Opcode.h:

2010-01-26  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Oliver Hunt.

        Windows build references non-existent include paths
        https://bugs.webkit.org/show_bug.cgi?id=34175

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2010-01-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Using JavaScriptCore API with a webkit vended context can result in slow script dialog
        https://bugs.webkit.org/show_bug.cgi?id=34172

        Make the APIShim correctly increment and decrement the timeout
        entry counter.

        * API/APIShims.h:
        (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
        (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim):

2010-01-26  Simon Hausmann  <simon.hausmann@nokia.com>

        [Qt] Fix compilation of QtScript with non-gcc compilers

        Variable length stack arrays are a gcc extension. Use QVarLengthArray
        as a more portable solution that still tries to allocate on the stack
        first.

        * qt/api/qscriptvalue_p.h:
        (QScriptValuePrivate::call):

2010-01-26  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Fix the build on platforms without JIT support.

        The JIT support should be determined at compile-time via wtf/Platform.h

        * qt/api/QtScript.pro:

2010-01-26  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        First steps of the QtScript API.
        
        Two new classes were created; QScriptEngine and QScriptValue.
        The first should encapsulate a javascript context and the second a script
        value.
        
        This API is still in development, so it isn't compiled by default.
        To trigger compilation, pass --qmakearg="CONFIG+=build-qtscript" to
        build-webkit.

        https://bugs.webkit.org/show_bug.cgi?id=32565

        * qt/api/QtScript.pro: Added.
        * qt/api/qscriptconverter_p.h: Added.
        (QScriptConverter::toString):
        * qt/api/qscriptengine.cpp: Added.
        (QScriptEngine::QScriptEngine):
        (QScriptEngine::~QScriptEngine):
        (QScriptEngine::evaluate):
        (QScriptEngine::collectGarbage):
        * qt/api/qscriptengine.h: Added.
        * qt/api/qscriptengine_p.cpp: Added.
        (QScriptEnginePrivate::QScriptEnginePrivate):
        (QScriptEnginePrivate::~QScriptEnginePrivate):
        (QScriptEnginePrivate::evaluate):
        * qt/api/qscriptengine_p.h: Added.
        (QScriptEnginePrivate::get):
        (QScriptEnginePrivate::collectGarbage):
        (QScriptEnginePrivate::makeJSValue):
        (QScriptEnginePrivate::context):
        * qt/api/qscriptvalue.cpp: Added.
        (QScriptValue::QScriptValue):
        (QScriptValue::~QScriptValue):
        (QScriptValue::isValid):
        (QScriptValue::isBool):
        (QScriptValue::isBoolean):
        (QScriptValue::isNumber):
        (QScriptValue::isNull):
        (QScriptValue::isString):
        (QScriptValue::isUndefined):
        (QScriptValue::isError):
        (QScriptValue::isObject):
        (QScriptValue::isFunction):
        (QScriptValue::toString):
        (QScriptValue::toNumber):
        (QScriptValue::toBool):
        (QScriptValue::toBoolean):
        (QScriptValue::toInteger):
        (QScriptValue::toInt32):
        (QScriptValue::toUInt32):
        (QScriptValue::toUInt16):
        (QScriptValue::call):
        (QScriptValue::engine):
        (QScriptValue::operator=):
        (QScriptValue::equals):
        (QScriptValue::strictlyEquals):
        * qt/api/qscriptvalue.h: Added.
        (QScriptValue::):
        * qt/api/qscriptvalue_p.h: Added.
        (QScriptValuePrivate::):
        (QScriptValuePrivate::get):
        (QScriptValuePrivate::QScriptValuePrivate):
        (QScriptValuePrivate::isValid):
        (QScriptValuePrivate::isBool):
        (QScriptValuePrivate::isNumber):
        (QScriptValuePrivate::isNull):
        (QScriptValuePrivate::isString):
        (QScriptValuePrivate::isUndefined):
        (QScriptValuePrivate::isError):
        (QScriptValuePrivate::isObject):
        (QScriptValuePrivate::isFunction):
        (QScriptValuePrivate::toString):
        (QScriptValuePrivate::toNumber):
        (QScriptValuePrivate::toBool):
        (QScriptValuePrivate::toInteger):
        (QScriptValuePrivate::toInt32):
        (QScriptValuePrivate::toUInt32):
        (QScriptValuePrivate::toUInt16):
        (QScriptValuePrivate::equals):
        (QScriptValuePrivate::strictlyEquals):
        (QScriptValuePrivate::assignEngine):
        (QScriptValuePrivate::call):
        (QScriptValuePrivate::engine):
        (QScriptValuePrivate::context):
        (QScriptValuePrivate::value):
        (QScriptValuePrivate::object):
        (QScriptValuePrivate::inherits):
        (QScriptValuePrivate::isJSBased):
        (QScriptValuePrivate::isNumberBased):
        (QScriptValuePrivate::isStringBased):
        * qt/api/qtscriptglobal.h: Added.
        * qt/tests/qscriptengine/qscriptengine.pro: Added.
        * qt/tests/qscriptengine/tst_qscriptengine.cpp: Added.
        (tst_QScriptEngine::tst_QScriptEngine):
        (tst_QScriptEngine::~tst_QScriptEngine):
        (tst_QScriptEngine::init):
        (tst_QScriptEngine::cleanup):
        (tst_QScriptEngine::collectGarbage):
        (tst_QScriptEngine::evaluate):
        * qt/tests/qscriptvalue/qscriptvalue.pro: Added.
        * qt/tests/qscriptvalue/tst_qscriptvalue.cpp: Added.
        (tst_QScriptValue::tst_QScriptValue):
        (tst_QScriptValue::~tst_QScriptValue):
        (tst_QScriptValue::init):
        (tst_QScriptValue::cleanup):
        (tst_QScriptValue::ctor):
        (tst_QScriptValue::toString_data):
        (tst_QScriptValue::toString):
        (tst_QScriptValue::copyConstructor_data):
        (tst_QScriptValue::copyConstructor):
        (tst_QScriptValue::assignOperator_data):
        (tst_QScriptValue::assignOperator):
        (tst_QScriptValue::dataSharing):
        (tst_QScriptValue::constructors_data):
        (tst_QScriptValue::constructors):
        (tst_QScriptValue::call):
        * qt/tests/tests.pri: Added.
        * qt/tests/tests.pro: Added.

2010-01-25  Dmitry Titov  <dimich@chromium.org>

        Reviewed by David Levin.

        Fix Chromium Linux tests: the pthread functions on Linux produce segfault if they receive 0 thread handle.
        After r53714, we can have 0 thread handles passed to pthread_join and pthread_detach if corresponding threads
        were already terminated and their threadMap entries cleared.
        Add a 0 check.

        * wtf/ThreadingPthreads.cpp:
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):

2010-01-24  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Maciej Stachowiak.

        Refactor JITStubs.cpp so that DEFINE_STUB_FUNCTION is only used once for each function
        https://bugs.webkit.org/show_bug.cgi?id=33866

        Place the guard USE(JSVALUE32_64) inside the body of the DEFINE_STUB_FUNCTION
        macro for those functions that are always present.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):

2010-01-22  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Remove the Bakefile build system, which is no longer being used.
        
        https://bugs.webkit.org/show_bug.cgi?id=34022

        * JavaScriptCoreSources.bkl: Removed.
        * jscore.bkl: Removed.

2010-01-22  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=34025
        Enable client-based Geolocation abstraction for Mac, Windows AppleWebKit targets.

        * Configurations/FeatureDefines.xcconfig:

2010-01-22  Dmitry Titov  <dimich@chromium.org>

        Not reviewed, attempted Snow Leopard build fix.

        * wtf/ThreadingPthreads.cpp: Add a forward declaration of a function which is not 'static'.

2009-01-22  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Maciej Stachowiak.

        Fix the leak of ThreadIdentifiers in threadMap across threads.
        https://bugs.webkit.org/show_bug.cgi?id=32689

        Test is added to DumpRenderTree.mm.

        * Android.mk: Added file ThreadIdentifierDataPthreads.(h|cpp) to build.
        * Android.v8.wtf.mk: Ditto.
        * GNUmakefile.am: Ditto.
        * JavaScriptCore.gyp/JavaScriptCore.gyp: Ditto.
        * JavaScriptCore.gypi: Ditto.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.

        * wtf/ThreadIdentifierDataPthreads.cpp: Added. Contains custom implementation of thread-specific data that uses custom destructor.
        (WTF::ThreadIdentifierData::~ThreadIdentifierData): Removes the ThreadIdentifier from the threadMap.
        (WTF::ThreadIdentifierData::identifier):
        (WTF::ThreadIdentifierData::initialize):
        (WTF::ThreadIdentifierData::destruct): Custom thread-specific destructor. Resets the value for the key again to cause second invoke.
        (WTF::ThreadIdentifierData::initializeKeyOnceHelper):
        (WTF::ThreadIdentifierData::initializeKeyOnce): Need to use pthread_once since initialization may come on any thread(s).
        * wtf/ThreadIdentifierDataPthreads.h: Added.
        (WTF::ThreadIdentifierData::ThreadIdentifierData):

        * wtf/Threading.cpp:
        (WTF::threadEntryPoint): Move initializeCurrentThreadInternal to after the lock to make
                                 sure it is invoked when ThreadIdentifier is already established.

        * wtf/Threading.h: Rename setThreadNameInternal -> initializeCurrentThreadInternal since it does more then only set the name now.
        * wtf/ThreadingNone.cpp:
        (WTF::initializeCurrentThreadInternal): Ditto.
        * wtf/ThreadingWin.cpp:
        (WTF::initializeCurrentThreadInternal): Ditto.
        (WTF::initializeThreading): Ditto.
        * wtf/gtk/ThreadingGtk.cpp:
        (WTF::initializeCurrentThreadInternal): Ditto.
        * wtf/qt/ThreadingQt.cpp:
        (WTF::initializeCurrentThreadInternal): Ditto.

        * wtf/ThreadingPthreads.cpp:
        (WTF::establishIdentifierForPthreadHandle):
        (WTF::clearPthreadHandleForIdentifier): Make it not 'static' so the ~ThreadIdentifierData() in another file can call it.
        (WTF::initializeCurrentThreadInternal): Set the thread-specific data. The ThreadIdentifier is already established by creating thread.
        (WTF::waitForThreadCompletion): Remove call to clearPthreadHandleForIdentifier(threadID) since it is now done in ~ThreadIdentifierData().
        (WTF::detachThread): Ditto.
        (WTF::currentThread): Use the thread-specific data to get the ThreadIdentifier. It's many times faster then Mutex-protected iteration through the map.
                              Also, set the thread-specific data if called first time on the thread.

2010-01-21  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Alexey Proskuryakov.

        Add ThreadSpecific for ENABLE(SINGLE_THREADED)
        https://bugs.webkit.org/show_bug.cgi?id=33878

        Implement ThreadSpecific with a simple getter/setter
        when ENABLE(SINGLE_THREADED) is true.

        Due to the change in https://bugs.webkit.org/show_bug.cgi?id=33236,
        an implementation of ThreadSpecific must be available to build WebKit.
        This causes a build failure for platforms without a proper
        ThreadSpecific implementation.

        * wtf/ThreadSpecific.h:
        (WTF::::ThreadSpecific):
        (WTF::::~ThreadSpecific):
        (WTF::::get):
        (WTF::::set):
        (WTF::::destroy):

2010-01-21  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Maciej Stachowiak.

        Add fastStrDup to FastMalloc
        https://bugs.webkit.org/show_bug.cgi?id=33937

        The new string returned by fastStrDup is obtained with fastMalloc,
        and can be freed with fastFree. This makes the memory management 
        more consistent because we don't need to keep strdup allocated pointers
        and free them with free(). Instead we can use fastFree everywhere.

        * wtf/FastMalloc.cpp:
        (WTF::fastStrDup):
        * wtf/FastMalloc.h:

2010-01-21  Brady Eidson  <beidson@apple.com>

        Reviewed by Maciej Stachowiak.

        history.back() for same-document history traversals isn't synchronous as the specification states.
        <rdar://problem/7535011> and https://bugs.webkit.org/show_bug.cgi?id=33538

        * wtf/Platform.h: Add a "HISTORY_ALWAYS_ASYNC" enable and turn it on for Chromium.

2010-01-21  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Always create a prototype for automatically managed classes.
        
        This fixes some errors where prototype chains were not correctly hooked
        up, and also ensures that API classes work correctly with features like
        instanceof.

        * API/JSClassRef.cpp:
        (OpaqueJSClass::create): Cleaned up some of this code. Also changed it
        to always create a prototype class.

        * API/tests/testapi.c:
        (Derived2_class):
        (main): Fixed a null value crash in the exception checking code.
        * API/tests/testapi.js: Added some tests for the case where a prototype
        chain would not be hooked up correctly.

2010-01-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Force JSC to create a prototype chain for API classes with a
        parent class but no static functions.

        * API/JSClassRef.cpp:
        (OpaqueJSClass::create):

2010-01-21  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Geoffrey Garen.

        Object.getOwnPropertyDescriptor always returns undefined for JS API objects
        https://bugs.webkit.org/show_bug.cgi?id=33946

        Ideally the getOwnPropertyDescriptor() reimplementation should return an
        access descriptor that wraps the property getter and setter callbacks, but
        that approach is much more involved than returning a value descriptor.
        Keep it simple for now.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertyDescriptor):
        * API/tests/testapi.js:

2010-01-20  Mark Rowe  <mrowe@apple.com>

        Build fix.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::initializeScavenger): Remove unnecessary function call.

2010-01-20  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Use the inline i386 assembly for x86_64 as well rather than falling back to using pthread mutexes.

        * wtf/TCSpinLock.h:
        (TCMalloc_SpinLock::Lock):
        (TCMalloc_SpinLock::Unlock):
        (TCMalloc_SlowLock):

2010-01-20  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/7215063> Use GCD instead of an extra thread for FastMalloc scavenging on platforms where it is supported

        Abstract the background scavenging slightly so that an alternate implementation that uses GCD can be used on platforms
        where it is supported.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::init):
        (WTF::TCMalloc_PageHeap::initializeScavenger):
        (WTF::TCMalloc_PageHeap::signalScavenger):
        (WTF::TCMalloc_PageHeap::shouldContinueScavenging):
        (WTF::TCMalloc_PageHeap::Delete):
        (WTF::TCMalloc_PageHeap::periodicScavenge):
        * wtf/Platform.h:

2010-01-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/7562708> REGRESSION(53460): Heap::destroy may not run
        all destructors

        * runtime/Collector.cpp:
        (JSC::Heap::freeBlocks): Instead of fully marking protected objects,
        just set their mark bits. This prevents protected objects from keeping
        unprotected objects alive. Destructor order is not guaranteed, so it's
        OK to destroy objects pointed to by protected objects before destroying
        protected objects.

2010-01-19  David Levin  <levin@chromium.org>

        Reviewed by Oliver Hunt.

        CrossThreadCopier needs to support ThreadSafeShared better.
        https://bugs.webkit.org/show_bug.cgi?id=33698

        * wtf/TypeTraits.cpp: Added tests for the new type traits.
        * wtf/TypeTraits.h:
        (WTF::IsSubclass): Determines if a class is a derived from another class.
        (WTF::IsSubclassOfTemplate): Determines if a class is a derived from a
        template class (with one parameter that is unknown).
        (WTF::RemoveTemplate): Reveals the type for a template parameter.

2010-01-20  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Darin Adler and Adam Roben.

        Feature defines are difficult to maintain on Windows builds
        https://bugs.webkit.org/show_bug.cgi?id=33883

        FeatureDefines.vsprops are now maintained in a way similar to
        Configurations/FeatureDefines.xcconfig, with the added advantage
        of having a single FeatureDefines file across all projects.

        * Configurations/FeatureDefines.xcconfig: Add comments about keeping feature definitions in sync.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Add FeatureDefines.vsprops inherited property sheet.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Add FeatureDefines.vsprops inherited property sheet.

2010-01-20  Csaba Osztrogonác  <ossy@webkit.org>

        [Qt] Unreviewed buildfix for r53547.

        * DerivedSources.pro:

2010-01-20  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Make extraCompilers for generated sources depend on their scripts

        * DerivedSources.pro:

2010-01-19  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Tim Hatcher.

        When JavaScriptCore calls Debugger::Exception, have it pass a
        hasHandler variable that represents if exception is being handled
        in the same function (not in a parent on the call stack).
        
        This just adds a new parameter, no behavior is changed.

        * debugger/Debugger.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException):

2010-01-18  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Adam Barth.

        Inline functions that are hot in DOM manipulation
        https://bugs.webkit.org/show_bug.cgi?id=33820
        
        (3% speedup on Dromaeo DOM Core tests)

        * runtime/WeakGCMap.h:
        (JSC::::get): inline

2010-01-19  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed build fix for JIT with RVCT.

        Remove IMPORT statement; cti_vm_throw is already defined in JITStubs.h.
        Remove extra ')'.

        * jit/JITStubs.cpp:
        (JSC::ctiVMThrowTrampoline):

2010-01-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        REGRESSION (52082): Crash on worker thread when reloading http://radnan.public.iastate.edu/procedural/
        https://bugs.webkit.org/show_bug.cgi?id=33826

        This bug was caused by a GC-protected object being destroyed early by
        Heap::destroy. Clients of the GC protect APIs (reasonably) expect pointers
        to GC-protected memory to be valid.

        The solution is to do two passes of tear-down in Heap::destroy. The first
        pass tears down all unprotected objects. The second pass ASSERTs that all
        previously protected objects are now unprotected, and then tears down
        all perviously protected objects. These two passes simulate the two passes
        that would have been required to free a protected object during normal GC.
        
        * API/JSContextRef.cpp: Removed some ASSERTs that have moved into Heap.

        * runtime/Collector.cpp:
        (JSC::Heap::destroy): Moved ASSERTs to here.
        (JSC::Heap::freeBlock): Tidied up the use of didShrink by moving its
        setter to the function that does the shrinking.
        (JSC::Heap::freeBlocks): Implemented above algorithm.
        (JSC::Heap::shrinkBlocks): Tidied up the use of didShrink.

2010-01-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Reverting r53455, breaks 2 javascriptcore tests.

        * API/JSContextRef.cpp:
        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        (JSC::Heap::freeBlock):
        (JSC::Heap::freeBlocks):
        (JSC::Heap::shrinkBlocks):

2010-01-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Revert r53454, since it causes much sadness in this world.

        * runtime/UString.cpp:
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::baseSharedBuffer):
        (JSC::UStringImpl::sharedBuffer):
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UntypedPtrAndBitfield::UntypedPtrAndBitfield):
        (JSC::UntypedPtrAndBitfield::asPtr):
        (JSC::UntypedPtrAndBitfield::operator&=):
        (JSC::UntypedPtrAndBitfield::operator|=):
        (JSC::UntypedPtrAndBitfield::operator&):
        (JSC::UStringImpl::create):
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::isIdentifier):
        (JSC::UStringImpl::setIsIdentifier):
        (JSC::UStringImpl::ref):
        (JSC::UStringImpl::deref):
        (JSC::UStringImpl::checkConsistency):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::bufferOwnerString):
        (JSC::UStringImpl::bufferOwnership):
        (JSC::UStringImpl::isStatic):
        * wtf/StringHashFunctions.h:
        (WTF::stringHash):

2010-01-18  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        REGRESSION (52082): Crash on worker thread when reloading http://radnan.public.iastate.edu/procedural/
        https://bugs.webkit.org/show_bug.cgi?id=33826

        This bug was caused by a GC-protected object being destroyed early by
        Heap::destroy. Clients of the GC protect APIs (reasonably) expect pointers
        to GC-protected memory to be valid.

        The solution is to do two passes of tear-down in Heap::destroy. The first
        pass tears down all unprotected objects. The second pass ASSERTs that all
        previously protected objects are now unprotected, and then tears down
        all perviously protected objects. These two passes simulate the two passes
        that would have been required to free a protected object during normal GC.
        
        * API/JSContextRef.cpp: Removed some ASSERTs that have moved into Heap.

        * runtime/Collector.cpp:
        (JSC::Heap::destroy): Moved ASSERTs to here.
        (JSC::Heap::freeBlock): Tidied up the use of didShrink by moving its
        setter to the function that does the shrinking.
        (JSC::Heap::freeBlocks): Implemented above algorithm.
        (JSC::Heap::shrinkBlocks): Tidied up the use of didShrink.

2010-01-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Remove UntypedPtrAndBitfield from UStringImpl (akin to PtrAndFlags).

        This break the OS X Leaks tool.  Instead, free up some more bits from the refCount.

        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::sharedBuffer):
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::checkConsistency):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::bufferOwnerString):
        (JSC::UStringImpl::):
        * wtf/StringHashFunctions.h:
        (WTF::stringHash):

2010-01-18  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        HTMLInputElement::valueAsDate setter support for type=month.
        https://bugs.webkit.org/show_bug.cgi?id=33021

        Expose the following functions to be used by WebCore:
         - WTF::msToyear()
         - WTF::dayInYear()
         - WTF::monthFromDayInYear()
         - WTF::dayInMonthFromDayInYear()

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * wtf/DateMath.cpp:
        (WTF::msToYear): Remove "static inline".
        (WTF::dayInYear): Remove "static inline".
        (WTF::monthFromDayInYear): Remove "static inline".
        (WTF::dayInMonthFromDayInYear): Remove "static inline".
        * wtf/DateMath.h: Declare the above functions.

2010-01-18  Darin Adler  <darin@apple.com>

        Fix build by reverting the previous change.

        * runtime/UString.h: Rolled out the FastAllocBase base class.
        It was making UString larger, and therefore JSString larger,
        and too big for a garbage collection cell.

        This raises the unpleasant possibility that many classes became
        larger because we added the FastAllocBase base class. I am
        worried about this, and it needs to be investigated.

2010-01-18  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for UString class
        https://bugs.webkit.org/show_bug.cgi?id=27831

        Inherits the following class from FastAllocBase because it is
        instantiated by 'new' and no need to be copyable:

        class name     - instantiated at:
        classs UString - JavaScriptCore/runtime/UString.cpp:160

        * runtime/UString.h:

2010-01-18  Evan Cheng  <evan.cheng@apple.com>

        Reviewed by Darin Adler.

        Add some ALWAYS_INLINE for key functions not inlined by some versions of GCC.
        rdar://problem/7553780

        * runtime/JSObject.h:
        (JSC::JSObject::getPropertySlot): ALWAYS_INLINE both overloads.
        * runtime/JSString.h:
        (JSC::JSString::JSString): ALWAYS_INLINE the version that takes a UString.
        * runtime/UString.h:
        (JSC::operator==): ALWAYS_INLINE the version that compares two UString objects.

2010-01-18  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Darin Adler.

        Delete dftables-xxxxxxxx.in files automatically.
        https://bugs.webkit.org/show_bug.cgi?id=33796

        * pcre/dftables: unlink unnecessary temporary file.

2010-01-18  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Force qmake to generate a single makefile for DerivedSources.pro

        * DerivedSources.pro:

2010-01-18  Csaba Osztrogonác  <ossy@webkit.org>

        Rubber-stamped by Gustavo Noronha Silva.

        Rolling out r53391 and r53392 because of random crashes on buildbots.
        https://bugs.webkit.org/show_bug.cgi?id=33731

        * bytecode/CodeBlock.h:
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::MethodCallLinkInfo):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
        * jit/JIT.cpp:
        (JSC::JIT::unlinkCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchMethodCallProto):
        * runtime/UString.cpp:
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        * runtime/UString.h:
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::baseSharedBuffer):
        (JSC::UStringImpl::sharedBuffer):
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UntypedPtrAndBitfield::UntypedPtrAndBitfield):
        (JSC::UntypedPtrAndBitfield::asPtr):
        (JSC::UntypedPtrAndBitfield::operator&=):
        (JSC::UntypedPtrAndBitfield::operator|=):
        (JSC::UntypedPtrAndBitfield::operator&):
        (JSC::UStringImpl::create):
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::isIdentifier):
        (JSC::UStringImpl::setIsIdentifier):
        (JSC::UStringImpl::ref):
        (JSC::UStringImpl::deref):
        (JSC::UStringImpl::checkConsistency):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::bufferOwnerString):
        (JSC::UStringImpl::bufferOwnership):
        (JSC::UStringImpl::isStatic):
        * wtf/StringHashFunctions.h:
        (WTF::stringHash):

2010-01-18  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Fix the build with strict gcc and RVCT versions: It's not legal to cast a
        pointer to a function to a void* without an intermediate cast to a non-pointer
        type. A cast to a ptrdiff_t inbetween fixes it.

        * runtime/JSString.h:
        (JSC::Fiber::JSString):

2010-01-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Remove UntypedPtrAndBitfield from UStringImpl (akin to PtrAndFlags).

        This break the OS X Leaks tool.  Instead, free up some more bits from the refCount.

        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::sharedBuffer):
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::checkConsistency):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::bufferOwnerString):
        (JSC::UStringImpl::):
        * wtf/StringHashFunctions.h:
        (WTF::stringHash):

2010-01-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Remove uses of PtrAndFlags from JIT data stuctures.

        These break the OS X Leaks tool.  Free up a bit in CallLinkInfo, and invalid
        permutation of pointer states in MethodCallLinkInfo to represent the removed bits.

        * bytecode/CodeBlock.h:
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::MethodCallLinkInfo):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
        * jit/JIT.cpp:
        (JSC::JIT::unlinkCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchMethodCallProto):
        * runtime/UString.h:

2010-01-16  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver Hunt.

        Cache JS string values made from DOM strings (Dromaeo speedup)
        https://bugs.webkit.org/show_bug.cgi?id=33768
        <rdar://problem/7353576>

        * runtime/JSString.h:
        (JSC::jsStringWithFinalizer): Added new mechanism for a string to have an optional
        finalizer callback, for the benefit of weak-referencing caches.
        (JSC::):
        (JSC::Fiber::JSString):
        (JSC::Fiber::~JSString):
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope): Clear fibers so this doesn't look like a string with a finalizer.
        * runtime/WeakGCMap.h: Include "Collector.h" to make this header includable by itself.

2010-01-15  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Fix for <rdar://problem/7548432>
        Add ALWAYS_INLINE to jsLess for a 1% speedup on llvm-gcc.

        * runtime/Operations.h:
        (JSC::jsLess):

2010-01-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        REGRESISON: Google maps buttons not working properly
        https://bugs.webkit.org/show_bug.cgi?id=31871

        REGRESSION(r52948): JavaScript exceptions thrown on Google Maps when
        getting directions for a second time
        https://bugs.webkit.org/show_bug.cgi?id=33446
        
        SunSpider and v8 report no change.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID): Update our cached offset in case
        flattening the dictionary changed any of its offsets.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/Operations.h:
        (JSC::normalizePrototypeChain): ditto

2010-01-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33705
        UStringImpl::create() should use internal storage

        When creating a UStringImpl copying of a UChar*, we can use an internal buffer,
        by calling UStringImpl::tryCreateUninitialized().

        Also, remove duplicate of copyChars from JSString, call UStringImpl's version.

        Small (max 0.5%) progression on Sunspidey.

        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::create):

2010-01-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Make naming & behaviour of UString[Impl] methods more consistent.
        https://bugs.webkit.org/show_bug.cgi?id=33702

        UString::create() creates a copy of the UChar* passed, but UStringImpl::create() assumes
        that it should assume ownership of the provided buffer (with UString::createNonCopying()
        and UStringImpl::createCopying() providing the alternate behaviours).  Unify on create()
        taking a copy of the provided buffer.  For non-copying cases, use the name 'adopt', and
        make this method take a Vector<UChar>&.  For cases where non-copying construction was being
        used, other than from a Vector<UChar>, change the code to allocate the storage along with
        the UStringImpl using UStringImpl::createUninitialized().  (The adopt() method also more
        closely matches that of WebCore::StringImpl).

        Also, UString::createUninitialized() and UStringImpl::createUninitialized() have incompatible
        behaviours, in that the UString form sets the provided UChar* to a null or non-null value to
        indicate success or failure, but UStringImpl uses the returned PassRefPtr<UStringImpl> to
        indicate when allocation has failed (potentially leaving the output Char* uninitialized).
        This is also incompatible with WebCore::StringImpl's behaviour, in that
        StringImpl::createUninitialized() will CRASH() if unable to allocate.  Some uses of
        createUninitialized() in JSC are unsafe, since they do not test the result for null.
        UStringImpl's indication is preferable, since we may want a successful call to set the result
        buffer to 0 (specifically, StringImpl returns 0 for the buffer where createUninitialized()
        returns the empty string, which seems reasonable to catch bugs early).  UString's method
        cannot support UStringImpl's behaviour directly, since it returns an object rather than a
        pointer.
            - remove UString::createUninitialized(), replace with calls to UStringImpl::createUninitialized()
            - create a UStringImpl::tryCreateUninitialized() form UStringImpl::createUninitialized(),
              with current behaviour, make createUninitialized() crash on failure to allocate.
            - make cases in JSC that do not check the result call createUninitialized(), and cases that do
              check call tryCreateUninitialized().

        Rename computedHash() to existingHash(), to bring this in line wih WebCore::StringImpl.

        * API/JSClassRef.cpp:
        (OpaqueJSClassContextData::OpaqueJSClassContextData):
        * JavaScriptCore.exp:
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        * runtime/Identifier.cpp:
        (JSC::CStringTranslator::translate):
        (JSC::UCharBufferTranslator::translate):
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/Lookup.cpp:
        (JSC::HashTable::createTable):
        * runtime/Lookup.h:
        (JSC::HashTable::entry):
        * runtime/StringBuilder.h:
        (JSC::StringBuilder::release):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferencesSlow):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncLink):
        * runtime/Structure.cpp:
        (JSC::Structure::despecifyDictionaryFunction):
        (JSC::Structure::get):
        (JSC::Structure::despecifyFunction):
        (JSC::Structure::put):
        (JSC::Structure::remove):
        (JSC::Structure::insertIntoPropertyMapHashTable):
        (JSC::Structure::checkConsistency):
        * runtime/Structure.h:
        (JSC::Structure::get):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTableHash::hash):
        * runtime/UString.cpp:
        (JSC::createRep):
        (JSC::UString::UString):
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::adopt):
        (JSC::IdentifierRepHash::hash):
        (JSC::makeString):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::adopt):
        (JSC::UStringImpl::create):
        (JSC::UStringImpl::createUninitialized):
        (JSC::UStringImpl::tryCreateUninitialized):
        (JSC::UStringImpl::existingHash):

2010-01-13  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Oliver Hunt.

        JSON.stringify and JSON.parse needlessly process properties in the prototype chain
        https://bugs.webkit.org/show_bug.cgi?id=33053

        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Holder::appendNextProperty):
        (JSC::Walker::walk):

2010-01-13  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (buildfix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-01-13  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33641
        Assertion failure in Lexer.cpp if input stream ends while in string escape

        Test: fast/js/end-in-string-escape.html

        * parser/Lexer.cpp: (JSC::Lexer::lex): Bail out quickly on end of stream, not giving the
        assertion a chance to fire.

2010-01-13  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (buildfix).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-01-13  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Sam Weinig & Darin Adler.

        Three quick fixes to UStringImpl.
            - The destroy() method can be switched back to a normal destructor; since we've switched
              the way we protect static strings to be using an odd ref-count the destroy() won't abort.
            - The cost() calculation logic was wrong.  If you have multiple JSStrings wrapping substrings
              of a base string, they would each report the full cost of the base string to the heap.
              Instead we should only be reporting once for the base string.
            - Remove the overloaded new operator calling fastMalloc, replace this with a 'using' to pick
              up the implementation from the parent class.

        * JavaScriptCore.exp:
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::~UStringImpl):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::deref):

2010-01-13  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Split the build process in two different .pro files.
        This allows qmake to be run once all source files are available.

        * DerivedSources.pro: Added.
        * JavaScriptCore.pri: Moved source generation to DerivedSources.pro
        * pcre/pcre.pri: Moved source generation to DerivedSources.pro

2010-01-12  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Geoffrey Garen.

        [ES5] Implement Object.getOwnPropertyNames
        https://bugs.webkit.org/show_bug.cgi?id=32242

        Add an extra argument to getPropertyNames() and getOwnPropertyNames()
        (and all reimplementations thereof) that indicates whether non-enumerable
        properties should be added.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertyNames):
        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::getOwnPropertyNames):
        * debugger/DebuggerActivation.h:
        * runtime/Arguments.cpp:
        (JSC::Arguments::getOwnPropertyNames):
        * runtime/Arguments.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertyNames):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::getOwnPropertyNames):
        * runtime/JSByteArray.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::getOwnPropertyNames):
        * runtime/JSFunction.h:
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::getOwnPropertyNames):
        * runtime/JSNotAnObject.h:
        * runtime/JSObject.cpp:
        (JSC::getClassPropertyNames):
        (JSC::JSObject::getPropertyNames):
        (JSC::JSObject::getOwnPropertyNames):
        * runtime/JSObject.h:
        * runtime/JSVariableObject.cpp:
        (JSC::JSVariableObject::getOwnPropertyNames):
        * runtime/JSVariableObject.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyNames):
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertyNames):
        * runtime/StringObject.cpp:
        (JSC::StringObject::getOwnPropertyNames):
        * runtime/StringObject.h:
        * runtime/Structure.cpp: Rename getEnumerablePropertyNames() to getPropertyNames(), which takes an extra argument.
        (JSC::Structure::getPropertyNames):
        * runtime/Structure.h:
        (JSC::):

2010-01-12  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33540
        Make it possible to build in debug mode with assertions disabled

        * jit/JITStubs.cpp: (JSC::DEFINE_STUB_FUNCTION):
        * runtime/Identifier.cpp: (JSC::Identifier::checkSameIdentifierTable):
        * wtf/FastMalloc.cpp:
        * wtf/HashTable.h: (WTF::HashTableConstIterator::checkValidity):
        * yarr/RegexCompiler.cpp: (JSC::Yarr::compileRegex):

2009-11-23  Yong Li  <yoli@rim.com>

        Reviewed by Adam Treat.

        Make GIF decoder support down-sampling
        https://bugs.webkit.org/show_bug.cgi?id=31806

        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::upperBoundScaledY):
        (WebCore::ImageDecoder::lowerBoundScaledY):
        * platform/image-decoders/ImageDecoder.h:
        (WebCore::RGBA32Buffer::scaledRect):
        (WebCore::RGBA32Buffer::setScaledRect):
        (WebCore::ImageDecoder::scaledSize):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::sizeNowAvailable):
        (WebCore::GIFImageDecoder::initFrameBuffer):
        (WebCore::copyOnePixel):
        (WebCore::GIFImageDecoder::haveDecodedRow):
        (WebCore::GIFImageDecoder::frameComplete):

2010-01-12  Adam Barth  <abarth@webkit.org>

        Reviewed by Eric Seidel.

        ecma/Date/15.9.5.12-1.js fails every night at midnight
        https://bugs.webkit.org/show_bug.cgi?id=28041

        Change the test to use a concrete time instead of "now".

        * tests/mozilla/ecma/Date/15.9.5.10-1.js:
        * tests/mozilla/ecma/Date/15.9.5.12-1.js:

2010-01-11  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Ariya Hidayat.

        [Qt] Enable JIT and YARR_JIT if (CPU(X86_64) && OS(LINUX) && GCC_VERSION >= 40100)

        * wtf/Platform.h:

2010-01-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=33481
        Uninitialized data members in ArrayStorage
        
        SunSpider reports no change.

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray): Initialize missing data members in the two cases
        where we don't use fastZeroedMalloc, so it doesn't happen automatically.

2010-01-11  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=33480
        
        Improve debugging reliability for WTF on Windows.
        Store WTF static library's PDB file into a better location.

        * JavaScriptCore.vcproj/WTF/WTF.vcproj:

2010-01-11  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.
        Remove extraneous entries from def file causing build warning.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-01-10  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        RegExp.prototype.toString returns "//" for empty regular expressions
        https://bugs.webkit.org/show_bug.cgi?id=33319

        "//" starts a single-line comment, hence "/(?:)/" should be used, according to ECMA.

        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncToString):

        * tests/mozilla/ecma_2/RegExp/properties-001.js:
        (AddRegExpCases):
        * tests/mozilla/js1_2/regexp/toString.js:
        Update relevant Mozilla tests (Mozilla has had this behavior since November 2003).

2010-01-10  Darin Adler  <darin@apple.com>

        * tests/mozilla/ecma/Array/15.4.1.1.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.1.2.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.2.1-1.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.2.2-1.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.2.2-2.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.2.3.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.3.2.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.3.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.4.1.js: Added property allow-tabs.
        * tests/mozilla/ecma/Array/15.4.4.js: Added property allow-tabs.
        * tests/mozilla/ecma/LexicalConventions/7.7.4.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.13.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.16.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.18.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.2.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.4.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.5.js: Added property allow-tabs.
        * tests/mozilla/ecma/Math/15.8.2.7.js: Added property allow-tabs.
        * tests/mozilla/ecma/String/15.5.1.js: Added property allow-tabs.
        * tests/mozilla/ecma/String/15.5.2.js: Added property allow-tabs.
        * tests/mozilla/ecma/String/15.5.3.1-3.js: Added property allow-tabs.
        * tests/mozilla/ecma/String/15.5.3.1-4.js: Added property allow-tabs.
        * tests/mozilla/ecma/String/15.5.3.js: Added property allow-tabs.
        * tests/mozilla/ecma/TypeConversion/9.5-2.js: Added property allow-tabs.
        * tests/mozilla/ecma/jsref.js: Modified property allow-tabs.
        * tests/mozilla/ecma/shell.js: Modified property allow-tabs.
        * tests/mozilla/ecma_2/LexicalConventions/keywords-001.js: Added property allow-tabs.
        * tests/mozilla/ecma_2/RegExp/exec-001.js: Added property allow-tabs.
        * tests/mozilla/ecma_2/String/match-004.js: Added property allow-tabs.
        * tests/mozilla/ecma_2/String/replace-001.js: Added property allow-tabs.
        * tests/mozilla/ecma_2/String/split-002.js: Added property allow-tabs.
        * tests/mozilla/ecma_2/jsref.js: Modified property allow-tabs.
        * tests/mozilla/ecma_2/shell.js: Added property allow-tabs.
        * tests/mozilla/ecma_3/Date/shell.js: Modified property allow-tabs.
        * tests/mozilla/ecma_3/Exceptions/regress-181654.js: Added property allow-tabs.
        * tests/mozilla/ecma_3/RegExp/regress-209067.js: Added property allow-tabs.
        * tests/mozilla/ecma_3/RegExp/regress-85721.js: Added property allow-tabs.
        * tests/mozilla/importList.html: Added property allow-tabs.
        * tests/mozilla/js1_1/shell.js: Added property allow-tabs.
        * tests/mozilla/js1_2/Array/general1.js: Added property allow-tabs.
        * tests/mozilla/js1_2/Array/general2.js: Added property allow-tabs.
        * tests/mozilla/js1_2/Array/slice.js: Added property allow-tabs.
        * tests/mozilla/js1_2/Array/splice1.js: Added property allow-tabs.
        * tests/mozilla/js1_2/Array/splice2.js: Added property allow-tabs.
        * tests/mozilla/js1_2/Objects/toString-001.js: Added property allow-tabs.
        * tests/mozilla/js1_2/String/charCodeAt.js: Added property allow-tabs.
        * tests/mozilla/js1_2/String/concat.js: Modified property allow-tabs.
        * tests/mozilla/js1_2/String/match.js: Added property allow-tabs.
        * tests/mozilla/js1_2/String/slice.js: Added property allow-tabs.
        * tests/mozilla/js1_2/function/Function_object.js: Added property allow-tabs.
        * tests/mozilla/js1_2/function/Number.js: Modified property allow-tabs.
        * tests/mozilla/js1_2/function/String.js: Modified property allow-tabs.
        * tests/mozilla/js1_2/function/nesting.js: Added property allow-tabs.
        * tests/mozilla/js1_2/function/regexparg-1.js: Added property allow-tabs.
        * tests/mozilla/js1_2/function/regexparg-2-n.js: Added property allow-tabs.
        * tests/mozilla/js1_2/jsref.js: Added property allow-tabs.
        * tests/mozilla/js1_2/operator/equality.js: Added property allow-tabs.
        * tests/mozilla/js1_2/operator/strictEquality.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_dollar_number.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_input.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_input_as_array.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_lastIndex.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_lastMatch.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_lastMatch_as_array.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_lastParen.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_lastParen_as_array.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_leftContext.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_leftContext_as_array.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_multiline.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_multiline_as_array.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_object.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_rightContext.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/RegExp_rightContext_as_array.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/alphanumeric.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/asterisk.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/backslash.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/backspace.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/beginLine.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/character_class.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/compile.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/control_characters.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/digit.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/dot.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/endLine.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/everything.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/exec.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/flags.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/global.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/hexadecimal.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/ignoreCase.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/interval.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/octal.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/parentheses.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/plus.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/question_mark.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/simple_form.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/source.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/special_characters.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/string_replace.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/string_search.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/string_split.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/test.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/toString.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/vertical_bar.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/whitespace.js: Added property allow-tabs.
        * tests/mozilla/js1_2/regexp/word_boundary.js: Added property allow-tabs.
        * tests/mozilla/js1_2/shell.js: Added property allow-tabs.
        * tests/mozilla/js1_2/statements/break.js: Added property allow-tabs.
        * tests/mozilla/js1_2/statements/continue.js: Added property allow-tabs.
        * tests/mozilla/js1_2/statements/do_while.js: Added property allow-tabs.
        * tests/mozilla/js1_2/statements/switch.js: Added property allow-tabs.
        * tests/mozilla/js1_2/statements/switch2.js: Added property allow-tabs.
        * tests/mozilla/js1_3/shell.js: Added property allow-tabs.
        * tests/mozilla/js1_4/shell.js: Added property allow-tabs.
        * tests/mozilla/js1_5/Regress/regress-111557.js: Added property allow-tabs.
        * tests/mozilla/js1_5/Regress/regress-216320.js: Added property allow-tabs.
        * tests/mozilla/menuhead.html: Added property allow-tabs.
        * tests/mozilla/mklistpage.pl: Added property allow-tabs.
        * tests/mozilla/runtests.pl: Added property allow-tabs.

2010-01-08  Daniel Bates  <dbates@webkit.org>

        Reviewed by Adam Barth.

        https://bugs.webkit.org/show_bug.cgi?id=33417

        Cleans up style errors exposed by the patch for bug #33198.
        Moreover, fixes all "Weird number of spaces at line-start. Are you using a 4-space indent?"
        errors reported by check-webkit-style.

        No functionality was changed. So, no new tests.

        * wtf/Platform.h:

2010-01-08  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Eric Seidel.

        Don't store RegExp flags string representation
        https://bugs.webkit.org/show_bug.cgi?id=33321

        It's unused; the string representation is reconstructed from flags.

        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        * runtime/RegExp.h:

2010-01-08  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Memory use grows grows possibly unbounded in this JavaScript Array test case
        https://bugs.webkit.org/show_bug.cgi?id=31675

        This fixes one observed bug in this test case, which is that
        arrays don't report extra cost for the sparse value maps.

        SunSpider reports a small speedup.

        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase): Report extra memory cost for
        the sparse value map.
        * runtime/JSArray.h: 

2010-01-08  Yong Li  <yoli@rim.com>

        Reviewed by Darin Adler.

        Remove unnecessary #include from FastMalloc.cpp
        https://bugs.webkit.org/show_bug.cgi?id=33393

        * wtf/FastMalloc.cpp:

2010-01-08  Eric Seidel  <eric@webkit.org>

        No review, rolling out r52983.
        http://trac.webkit.org/changeset/52983
        https://bugs.webkit.org/show_bug.cgi?id=33321

        Broke 59 JavaScriptCore tests.  I don't think Kent knew about
        run-javascriptcore-tests.  Sadly neither does the commit-bot,
        yet.

        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        * runtime/RegExp.h:
        (JSC::RegExp::flags):

2010-01-08  Eric Seidel  <eric@webkit.org>

        No review, rolling out r52981.
        http://trac.webkit.org/changeset/52981
        https://bugs.webkit.org/show_bug.cgi?id=33319

        Caused two JS tests to start failing:
        ecma_2/RegExp/properties-001.js and js1_2/regexp/toString.js

        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncToString):

2010-01-08  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        Don't store RegExp flags string representation
        https://bugs.webkit.org/show_bug.cgi?id=33321

        It's unused; the string representation is reconstructed from flags.

        * runtime/RegExp.cpp:
        (JSC::RegExp::RegExp):
        * runtime/RegExp.h:

2010-01-08  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        RegExp.prototype.toString returns "//" for empty regular expressions
        https://bugs.webkit.org/show_bug.cgi?id=33319

        "//" starts a single-line comment, hence "/(?:)/" should be used, according to ECMA.

        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncToString):

2010-01-08  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        RVCT compiler with "-Otime -O3" optimization tries to optimize out 
        inline new'ed pointers that are passed as arguments.
        Proposed patch assigns new'ed pointer explicitly outside function call.

        https://bugs.webkit.org/show_bug.cgi?id=33084

        * API/JSClassRef.cpp:
        (OpaqueJSClass::OpaqueJSClass):
        (OpaqueJSClassContextData::OpaqueJSClassContextData):

2010-01-08  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Remove an unnecessary cacheFlush from ARM_TRADITIONAL JIT
        https://bugs.webkit.org/show_bug.cgi?id=33203

        * assembler/ARMAssembler.cpp: Remove obsolete linkBranch function.
        (JSC::ARMAssembler::executableCopy): Inline a clean linkBranch code.
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::getLdrImmAddress): Use inline function.
        (JSC::ARMAssembler::getLdrImmAddressOnPool): Ditto.
        (JSC::ARMAssembler::patchPointerInternal): Remove an unnecessary cacheFlush.
        (JSC::ARMAssembler::linkJump): Use patchPointerInternal instead of linkBranch.
        (JSC::ARMAssembler::linkCall): Ditto.
        (JSC::ARMAssembler::relinkCall): Ditto.

2010-01-07  Gabor Loki  <loki@webkit.org>

        Reviewed by Gavin Barraclough.

        Build fix for JSVALUE32 when ENABLE_JIT_OPTIMIZE* are disabled
        https://bugs.webkit.org/show_bug.cgi?id=33311

        Move compileGetDirectOffset function to common part of JSVALUE32

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetDirectOffset):

2010-01-07  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Maciej Stachowiak.

        Allow call sites to determine if ASSERT_* and LOG_* macros are operational
        https://bugs.webkit.org/show_bug.cgi?id=33020

        * wtf/Assertions.h: Set ASSERT_MSG_DISABLED, FATAL_DISABLED,
        ERROR_DISABLED, LOG_DISABLED to 1 if the compiler does not support
        variadic macros. Refactor for better readibility.

2010-01-07  Daniel Bates  <dbates@rim.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=32987

        Added ENABLE_XHTMLMP flag. Disabled by default.

        * Configurations/FeatureDefines.xcconfig:

2010-01-07  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Gavin Barraclough.

        [Symbian] Port ARM traditional JIT Trampolines to RVCT
        https://bugs.webkit.org/show_bug.cgi?id=30552

        Take the GCC implementation and mechanically convert
        it to RVCT syntax.

        Use 'bx rX' instead of 'mov pc, rX' when it is available.

        Developed in cooperation with Iain Campbell and Gabor Loki.

        * JavaScriptCore.pri: Extra step to generate RVCT stubs. The 
        script generation intentionally executed all the time not just
        for RVCT targets.

        * create_rvct_stubs: Added. Perl script to expand precompiler macros
        for RVCT assembler - the template is defined in JITStubs.cpp.

        * jit/JITStubs.cpp:
        (JSC::ctiTrampoline):
        (JSC::ctiVMThrowTrampoline):
        (JSC::ctiOpThrowNotCaught):

2010-01-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Fix a crash seen on the buildbots.

        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init): Disable specific function tracking here,
        instead of in WebCore, to ensure that the disabling happens before a
        specific function can be registered.

2010-01-07  Alexey Proskuryakov  <ap@apple.com>

        Mac build fix.

        * JavaScriptCore.exp: Export new JSGlobalData static data members.

2010-01-07  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoffrey Garen.

        https://bugs.webkit.org/show_bug.cgi?id=33057
        REGRESSION(r49365): typeof(xhr.responseText) != "string" in Windows

        <rdar://problem/7296920> REGRESSION: WebKit fails to start PeaceKeeper benchmark

        Test: fast/js/webcore-string-comparison.html

        In r49365, some code was moved from JSString.cpp to JSString.h, and as a result, WebCore
        got a way to directly instantiate JSStrings over DLL borders. Since vftable for JSString was
        not exported, objects created from WebCore got a different vptr, and JavaScriptCore
        optimizations that relied on vptr of all JSString objects being equal failed.

        * config.h: Added a JS_EXPORTCLASS macro for exporting classes. It's currently the same as
        JS_EXPORTDATA, but it clearly needed a new name.

        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreadingOnce):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::storeVPtrs):
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::createNonDefault):
        (JSC::JSGlobalData::create):
        (JSC::JSGlobalData::sharedInstance):
        * runtime/JSGlobalData.h:
        Store vptrs just once, no need to repeatedly pick and copy them. This makes it possible to
        assert vptr correctness in object destructors (which don't have access to JSGlobalData,
        and even Heap::heap(this) will fail for fake objects created from storeVPtrs()).

        * runtime/JSArray.cpp: (JSC::JSArray::~JSArray): Assert that vptr is what we expect it to be.
        It's important to assert in destructor, because MSVC changes the vptr after constructor
        is invoked.
        * runtime/JSByteArray.cpp: (JSC::JSByteArray::~JSByteArray): Ditto.
        * runtime/JSByteArray.h: Ditto.
        * runtime/JSFunction.h: Ditto.
        * runtime/JSFunction.cpp: (JSC::JSFunction::~JSFunction): Ditto.

        * runtime/JSCell.h: (JSC::JSCell::setVPtr): Added a method to substitute vptr for another
        one.

        * runtime/JSString.h: Export JSString class together with its vftable, and tell other
        libraries tp import it. This is needed on platforms that have a separate JavaScriptCore
        dynamic library - and on Mac, we already did the export via JavaScriptCore.exp.
        (JSC::JSString::~JSString): Assert tha vptr is what we expect it to be.
        (JSC::fixupVPtr): Store a previously saved primary vftable pointer (do nothing if building
        JavaScriptCore itself).
        (JSC::jsSingleCharacterString): Call fixupVPtr in case this is call across DLL boundary.
        (JSC::jsSingleCharacterSubstring): Ditto.
        (JSC::jsNontrivialString): Ditto.
        (JSC::jsString): Ditto.
        (JSC::jsSubstring): Ditto.
        (JSC::jsOwnedString): Ditto.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new static
        JSGlobalData members that are used in WebCore via inline functions.

2010-01-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Safari memory usage skyrockets using new Google AdWords interface
        https://bugs.webkit.org/show_bug.cgi?id=33343

        The memory use was caused by the global object creating too many structures
        as it thrashed between different specific functions.

        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::changePrototypeTransition):
        (JSC::Structure::despecifyFunctionTransition):
        (JSC::Structure::addAnonymousSlotsTransition):
        (JSC::Structure::getterSetterTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::despecifyAllFunctions):
        * runtime/Structure.h:
        (JSC::Structure::disableSpecificFunctionTracking): Track a thrash count
        for specific functions. Disable specific function tracking once the
        thrash count has been hit.

2010-01-07  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] Enable JIT in debug mode on win32 after r51141 fixed the crashes.

        * JavaScriptCore.pri:

2010-01-07  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Holger Freyther.

        [Mac] Build fix when FAST_MALLOC_MATCH_VALIDATION=1
        https://bugs.webkit.org/show_bug.cgi?id=33312

        Using of operator += cause compile error on Mac, so it is changed to
        "= static_cast<AllocAlignmentInteger*>(old_ptr) + 1".

        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::realloc):

2010-01-07  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Holger Freyther.

        [Qt] Build fix when FAST_MALLOC_MATCH_VALIDATION=1
        https://bugs.webkit.org/show_bug.cgi?id=33312

        Remove pByte (committed in r42344 from #20422), because pByte doesn't
        exist and it is unnecessary.

        * wtf/FastMalloc.cpp:
        (WTF::TCMallocStats::realloc):

2010-01-06  Gavin Barraclough  <barraclough@apple.com>

        QT build fix.

        * runtime/Identifier.cpp:
        (JSC::createIdentifierTableSpecific):

2010-01-06  Gavin Barraclough  <barraclough@apple.com>

        Windows build fix part I.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2010-01-06  Dan Bernstein  <mitz@apple.com>

        Build fix

        * runtime/Identifier.cpp:
        (JSC::createIdentifierTableSpecificCallback):

2010-01-05  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=33236
        Remove m_identifierTable pointer from UString

        Currently every string holds a pointer so that during destruction,
        if a string has been used as an identifier, it can remove itself
        from the table.  By instead accessing the identifierTable via a
        thread specific tracking the table associated with the current
        globaldata, we can save the memory cost of this pointer.

        * API/APIShims.h:
        (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
        (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim):

            - change the API shims to track the identifierTable of the current JSGlobalData.

        * API/JSContextRef.cpp:
        (JSContextGroupCreate):

            - update creation of JSGlobalData for API usage to use new create method.
            - fix shim instanciation bug in JSGlobalContextCreateInGroup.

        * JavaScriptCore.exp:
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):

            - add asserts to check the identifierTable is being tracked correctly.

        * runtime/Identifier.cpp:
        (JSC::IdentifierTable::~IdentifierTable):
        (JSC::IdentifierTable::add):
        (JSC::Identifier::remove):
        (JSC::Identifier::checkSameIdentifierTable):
        (JSC::createIdentifierTableSpecificCallback):
        (JSC::createIdentifierTableSpecific):
        (JSC::createDefaultDataSpecific):

            - Use currentIdentifierTable() instead of UStringImpl::m_identifierTable.
            - Define methods to access the thread specific identifier tables.

        * runtime/Identifier.h:
        (JSC::ThreadIdentifierTableData::ThreadIdentifierTableData):
        (JSC::defaultIdentifierTable):
        (JSC::setDefaultIdentifierTable):
        (JSC::currentIdentifierTable):
        (JSC::setCurrentIdentifierTable):
        (JSC::resetCurrentIdentifierTable):

            - Declare methods to access the thread specific identifier tables.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::createNonDefault):
        (JSC::JSGlobalData::create):
        (JSC::JSGlobalData::sharedInstance):

            - creation of JSGlobalData objects, other than for API usage, associate themselves with the current thread.

        * runtime/JSGlobalData.h:
        * runtime/UStringImpl.cpp:
        (JSC::UStringImpl::destroy):

            - destroy() method should be using isIdentifier().

        * runtime/UStringImpl.h:
        (JSC::UStringImpl::isIdentifier):
        (JSC::UStringImpl::setIsIdentifier):
        (JSC::UStringImpl::checkConsistency):
        (JSC::UStringImpl::UStringImpl):

            - replace m_identifierTable with a single m_isIdentifier bit.

        * wtf/StringHashFunctions.h:
        (WTF::stringHash):

            - change string hash result from 32-bit to 31-bit, to free a bit in UStringImpl for m_isIdentifier.

2009-12-25 Patrick Gansterer <paroga@paroga.com>
 
        Reviewed by Eric Seidel.

        Buildfix for WinCE + style fixes.
        https://bugs.webkit.org/show_bug.cgi?id=32939

        * jsc.cpp:
        (functionPrint):
        (functionQuit):
        (parseArguments):
        (fillBufferWithContentsOfFile):
 
2010-01-05  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Eric Seidel.

        WinCE buildfix after r52791 (renamed PLATFORM(WINCE) to OS(WINCE)).
        https://bugs.webkit.org/show_bug.cgi?id=33205

        * jit/ExecutableAllocator.h:

2010-01-05  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        Added compiler error for unsupported platforms.
        https://bugs.webkit.org/show_bug.cgi?id=33112

        * jit/JITStubs.cpp:

2010-01-05  Gabor Loki  <loki@webkit.org>

        Reviewed by Maciej Stachowiak.

        Follow r52729 in ARMAssembler.
        https://bugs.webkit.org/show_bug.cgi?id=33208

        Use WTF_ARM_ARCH_AT_LEAST instead of ARM_ARCH_VERSION

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::encodeComplexImm): Move tmp declaration to ARMv7
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::bkpt):

2010-01-05  Maciej Stachowiak  <mjs@apple.com>

        Unreviewed build fix for Gtk+

        Don't use // comments in Platform.h, at least some of them seem to make the version of GCC
        used on the Gtk buildbot unhappy.

        * wtf/Platform.h:

2010-01-04  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Fisher.

        Reorganize, document and rename OS() platform macros.
        https://bugs.webkit.org/show_bug.cgi?id=33198

        * wtf/Platform.h: Rename, reorganize and document OS() macros.

        Adapt to name changes. Also fixed a few incorrect OS checks.

        * API/JSContextRef.cpp:
        * assembler/MacroAssemblerARM.cpp:
        (JSC::isVFPPresent):
        * assembler/MacroAssemblerX86Common.h:
        * bytecode/SamplingTool.cpp:
        * config.h:
        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::grow):
        * jit/ExecutableAllocator.h:
        * jit/ExecutableAllocatorFixedVMPool.cpp:
        * jit/ExecutableAllocatorPosix.cpp:
        * jit/ExecutableAllocatorSymbian.cpp:
        * jit/ExecutableAllocatorWin.cpp:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITStubs.cpp:
        * jsc.cpp:
        (main):
        * parser/Grammar.y:
        * profiler/ProfileNode.cpp:
        (JSC::getCount):
        * runtime/Collector.cpp:
        (JSC::Heap::Heap):
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlockPtr):
        (JSC::currentThreadStackBase):
        (JSC::getCurrentPlatformThread):
        (JSC::suspendThread):
        (JSC::resumeThread):
        (JSC::getPlatformThreadRegisters):
        (JSC::otherThreadStackPointer):
        * runtime/Collector.h:
        * runtime/DateConstructor.cpp:
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreading):
        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackPosix.cpp:
        * runtime/MarkStackSymbian.cpp:
        * runtime/MarkStackWin.cpp:
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncLastIndexOf):
        * runtime/TimeoutChecker.cpp:
        (JSC::getCPUTime):
        * runtime/UString.cpp:
        (JSC::UString::from):
        * wtf/Assertions.cpp:
        * wtf/Assertions.h:
        * wtf/CurrentTime.cpp:
        (WTF::lowResUTCTime):
        * wtf/CurrentTime.h:
        (WTF::getLocalTime):
        * wtf/DateMath.cpp:
        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_ThreadCache::InitModule):
        (WTF::TCMallocStats::):
        * wtf/FastMalloc.h:
        * wtf/MathExtras.h:
        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):
        * wtf/RandomNumberSeed.h:
        (WTF::initializeRandomNumberGenerator):
        * wtf/StringExtras.h:
        * wtf/TCSpinLock.h:
        (TCMalloc_SpinLock::Unlock):
        (TCMalloc_SlowLock):
        * wtf/TCSystemAlloc.cpp:
        * wtf/ThreadSpecific.h:
        (WTF::::destroy):
        * wtf/Threading.h:
        * wtf/ThreadingPthreads.cpp:
        (WTF::initializeThreading):
        (WTF::isMainThread):
        * wtf/ThreadingWin.cpp:
        (WTF::wtfThreadEntryPoint):
        (WTF::createThreadInternal):
        * wtf/VMTags.h:
        * wtf/unicode/icu/CollatorICU.cpp:
        (WTF::Collator::userDefault):
        * wtf/win/MainThreadWin.cpp:
        (WTF::initializeMainThreadPlatform):

2010-01-04  Gustavo Noronha Silva  <gns@gnome.org>

        Add missing files to the build system - make distcheck build fix.

        * GNUmakefile.am:

2010-01-04  Gavin Barraclough <barraclough@apple.com>

        Reviewed by Sam Weinig, additional coding by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=33163
        Add string hashing functions to WTF.
        Use WTF's string hashing functions from UStringImpl.

        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/UStringImpl.cpp:
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::computeHash):
        * wtf/HashFunctions.h:
        * wtf/StringHashFunctions.h: Added.
        (WTF::stringHash):

2010-01-04  Dmitry Titov  <dimich@chromium.org>

        Not reviewed, attempt to fix ARM bulid.

        * wtf/Platform.h:

2010-01-04  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Geoff Garen.

        Add an 'isIdentifier' to UStringImpl, use this where appropriate
        (where previously 'identifierTable' was being tested).

        * API/JSClassRef.cpp:
        (OpaqueJSClass::~OpaqueJSClass):
        (OpaqueJSClassContextData::OpaqueJSClassContextData):
        * runtime/Identifier.cpp:
        (JSC::Identifier::addSlowCase):
        * runtime/Identifier.h:
        (JSC::Identifier::add):
        * runtime/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * runtime/UStringImpl.h:
        (JSC::UStringImpl::isIdentifier):

2010-01-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam "Shimmey Shimmey" Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=33158
        Refactor JSC API entry/exit to use RAII instead of copy/pasting code.
        Make it easier to change set of actions taken when passing across the API boundary.

        * API/APIShims.h: Added.
        (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
        (JSC::APIEntryShimWithoutLock::~APIEntryShimWithoutLock):
        (JSC::APIEntryShim::APIEntryShim):
        (JSC::APICallbackShim::APICallbackShim):
        (JSC::APICallbackShim::~APICallbackShim):
        * API/JSBase.cpp:
        (JSEvaluateScript):
        (JSCheckScriptSyntax):
        (JSGarbageCollect):
        (JSReportExtraMemoryCost):
        * API/JSCallbackConstructor.cpp:
        (JSC::constructJSCallback):
        * API/JSCallbackFunction.cpp:
        (JSC::JSCallbackFunction::call):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::init):
        (JSC::::getOwnPropertySlot):
        (JSC::::put):
        (JSC::::deleteProperty):
        (JSC::::construct):
        (JSC::::hasInstance):
        (JSC::::call):
        (JSC::::getOwnPropertyNames):
        (JSC::::toNumber):
        (JSC::::toString):
        (JSC::::staticValueGetter):
        (JSC::::callbackGetter):
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        (JSObjectMake):
        (JSObjectMakeFunctionWithCallback):
        (JSObjectMakeConstructor):
        (JSObjectMakeFunction):
        (JSObjectMakeArray):
        (JSObjectMakeDate):
        (JSObjectMakeError):
        (JSObjectMakeRegExp):
        (JSObjectGetPrototype):
        (JSObjectSetPrototype):
        (JSObjectHasProperty):
        (JSObjectGetProperty):
        (JSObjectSetProperty):
        (JSObjectGetPropertyAtIndex):
        (JSObjectSetPropertyAtIndex):
        (JSObjectDeleteProperty):
        (JSObjectCallAsFunction):
        (JSObjectCallAsConstructor):
        (JSObjectCopyPropertyNames):
        (JSPropertyNameArrayRelease):
        (JSPropertyNameAccumulatorAddName):
        * API/JSValueRef.cpp:
        (JSValueGetType):
        (JSValueIsUndefined):
        (JSValueIsNull):
        (JSValueIsBoolean):
        (JSValueIsNumber):
        (JSValueIsString):
        (JSValueIsObject):
        (JSValueIsObjectOfClass):
        (JSValueIsEqual):
        (JSValueIsStrictEqual):
        (JSValueIsInstanceOfConstructor):
        (JSValueMakeUndefined):
        (JSValueMakeNull):
        (JSValueMakeBoolean):
        (JSValueMakeNumber):
        (JSValueMakeString):
        (JSValueToBoolean):
        (JSValueToNumber):
        (JSValueToStringCopy):
        (JSValueToObject):
        (JSValueProtect):
        (JSValueUnprotect):
        * JavaScriptCore.xcodeproj/project.pbxproj:

2010-01-04  Dan Bernstein  <mitz@apple.com>

        Reviewed by Ada Chan and Mark Rowe.

        Updated copyright string

        * Info.plist:
        * JavaScriptCore.vcproj/JavaScriptCore.resources/Info.plist:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc:

2010-01-04  Adam Roben  <aroben@apple.com>

        No review, rolling out r52741.
        http://trac.webkit.org/changeset/52741
        https://bugs.webkit.org/show_bug.cgi?id=33056

        * wtf/AlwaysInline.h:

2010-01-04  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Darin Adler.

        Add cacheFlush support for WinCE
        https://bugs.webkit.org/show_bug.cgi?id=33110

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2010-01-04  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Adam Roben.

        Implement NO_RETURN for COMPILER(MSVC).
        https://bugs.webkit.org/show_bug.cgi?id=33056

        * wtf/AlwaysInline.h:

2010-01-04  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Simon Hausmann.

        Fix some PLATFORM(*_ENDIAN) uses to CPU()
        https://bugs.webkit.org/show_bug.cgi?id=33148

        * runtime/JSCell.cpp:
        (JSC::):
        * runtime/JSValue.h:
        (JSC::JSValue::):

2010-01-04  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Adam Barth.

        Document CPU() macros in comments.
        https://bugs.webkit.org/show_bug.cgi?id=33147

        * wtf/Platform.h:

2010-01-04  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Adam Barth.

        Reorganize, document and rename CPU() platform macros.
        https://bugs.webkit.org/show_bug.cgi?id=33145
        ExecutableAllocatorSymbian appears to have buggy ARM version check
        https://bugs.webkit.org/show_bug.cgi?id=33138
        
        * wtf/Platform.h:
        Rename all macros related to detection of particular CPUs or
        classes of CPUs to CPU(), reorganize and document them.

        All remaining changes are adapting to the renames, plus fixing the
        second bug cited above.
        
        * assembler/ARMAssembler.cpp:
        * assembler/ARMAssembler.h:
        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.cpp:
        * assembler/MacroAssemblerARM.h:
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        * assembler/MacroAssemblerX86.h:
        * assembler/MacroAssemblerX86Common.h:
        * assembler/MacroAssemblerX86_64.h:
        * assembler/X86Assembler.h:
        (JSC::X86Registers::):
        (JSC::X86Assembler::):
        (JSC::X86Assembler::movl_mEAX):
        (JSC::X86Assembler::movl_EAXm):
        (JSC::X86Assembler::repatchLoadPtrToLEA):
        (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
        * jit/ExecutableAllocator.h:
        * jit/ExecutableAllocatorFixedVMPool.cpp:
        * jit/ExecutableAllocatorPosix.cpp:
        * jit/ExecutableAllocatorSymbian.cpp:
        (JSC::ExecutableAllocator::intializePageSize):
        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * jit/JITInlineMethods.h:
        (JSC::JIT::beginUninterruptedSequence):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        (JSC::JIT::emitCount):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:
        * runtime/Collector.cpp:
        (JSC::currentThreadStackBase):
        (JSC::getPlatformThreadRegisters):
        (JSC::otherThreadStackPointer):
        * wrec/WREC.h:
        * wrec/WRECGenerator.cpp:
        (JSC::WREC::Generator::generateEnter):
        (JSC::WREC::Generator::generateReturnSuccess):
        (JSC::WREC::Generator::generateReturnFailure):
        * wrec/WRECGenerator.h:
        * wtf/FastMalloc.cpp:
        * wtf/TCSpinLock.h:
        (TCMalloc_SpinLock::Lock):
        (TCMalloc_SpinLock::Unlock):
        (TCMalloc_SlowLock):
        * wtf/Threading.h:
        * wtf/dtoa.cpp:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):
        * yarr/RegexJIT.h:

2010-01-04  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Adam Barth.

        Clean up COMPILER macros and remove unused ones.
        https://bugs.webkit.org/show_bug.cgi?id=33132
        
        Removed values are COMPILER(BORLAND) and COMPILER(CYGWIN) - they were
        not used anywhere.

        * wtf/Platform.h:

2010-01-03  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Eric Seidel.

        Update wtf/Platform.h to document the new system for porting macros.
        https://bugs.webkit.org/show_bug.cgi?id=33130

        * wtf/Platform.h:

2009-12-29  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Maciej Stachowiak.

        PLATFORM(CAIRO) should be defined by WIN_CAIRO define
        https://bugs.webkit.org/show_bug.cgi?id=22250

        * wtf/Platform.h: Define WTF_PLATFORM_CAIRO for GTK port only
        For the WinCairo port WTF_PLATFORM_CAIRO is already defined in config.h

2009-12-28  Shu Chang  <Chang.Shu@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] Delete ThreadPrivate instance after it is finished.
        https://bugs.webkit.org/show_bug.cgi?id=32614

        * wtf/qt/ThreadingQt.cpp:
        (WTF::ThreadMonitor::instance):
        (WTF::ThreadMonitor::threadFinished):
        (WTF::createThreadInternal):
        (WTF::detachThread):

2009-12-28  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Maciej Stachowiak.

        Cleanup of #define JS_EXPORT.

        * API/JSBase.h:

2009-12-27  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Adam Barth.

        WinCE buildfix (HWND_MESSAGE isn't supported there)

        * wtf/win/MainThreadWin.cpp:
        (WTF::initializeMainThreadPlatform):

2009-12-27  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Adam Barth.

        Added a file with WinMain function to link agains in WinCE.

        * os-win32/WinMain.cpp: Added.
        (convertToUtf8):
        (WinMain):

2009-12-24  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed; revert of r52550.

        The change regressed the following LayoutTests for QtWebKit.

        fast/workers/worker-call.html -> crashed
        fast/workers/worker-close.html -> crashed

        * wtf/qt/ThreadingQt.cpp:
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):

2009-12-24  Shu Chang  <Chang.Shu@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] Fix memory leak by deleting instance of ThreadPrivate
        in function waitForThreadCompletion(), synchronously, or in
        detachThread(), asynchronously.
        https://bugs.webkit.org/show_bug.cgi?id=32614 

        * wtf/qt/ThreadingQt.cpp:
        (WTF::waitForThreadCompletion):
        (WTF::detachThread):

2009-12-23  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Laszlo Gombos.

        Include stddef.h for ptrdiff_t
        https://bugs.webkit.org/show_bug.cgi?id=32891

        ptrdiff_t is typedef-ed in stddef.h.
        Include stddef.h in jit/ExecutableAllocator.h.

        * jit/ExecutableAllocator.h:

2009-12-23  Patrick Gansterer  <paroga@paroga.com>

        Reviewed by Eric Seidel.

        Buildfix after r47092.

        * wtf/wince/MemoryManager.cpp:
        (WTF::tryFastMalloc):
        (WTF::tryFastZeroedMalloc):
        (WTF::tryFastCalloc):
        (WTF::tryFastRealloc):

2009-12-23  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        HTMLInputElement::valueAsDate getter support.
        https://bugs.webkit.org/show_bug.cgi?id=32876

        Expose dateToDaysFrom1970().

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * wtf/DateMath.cpp:
        (WTF::dateToDaysFrom1970):
        * wtf/DateMath.h:

2009-12-22  Darin Adler  <darin@apple.com>

        Reviewed by Mark Rowe.

        Turn off datagrid by default, at least for all platforms Apple ships.
        The datagrid implementation isn't ready for general web use yet.

        * Configurations/FeatureDefines.xcconfig: Turn off datagrid by default.

2009-12-22  Steve Block  <steveblock@google.com>

        Reviewed by David Levin.

        Updates Android's scheduleDispatchFunctionsOnMainThread() to use new
        AndroidThreading class, rather than using JavaSharedClient directly.
        This fixes the current layering violation.
        https://bugs.webkit.org/show_bug.cgi?id=32651

        The pattern is copied from Chromium, which uses the ChromiumThreading
        class. This patch also fixes the style in ChromiumThreading.h.

        * wtf/android/AndroidThreading.h: Added. Declares AndroidThreading.
        * wtf/android/MainThreadAndroid.cpp: Modified
        (WTF::scheduleDispatchFunctionsOnMainThread): Uses AndroidThreading.
        * wtf/chromium/ChromiumThreading.h: Modified. Fixes style.

2009-12-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Fix a couple of problems with UntypedPtrAndBitfield.

        Add a m_leaksPtr to reduce false positives from leaks in debug builds
        (this isn't perfect because we'd like a solution for release builds,
        but this is now at least as good as a PtrAndFlags would be).

        Switch SmallStringsto use a regular string for the base, rather than
        a static one.  UntypedPtrAndBitfield assumes all strings are at least
        8 byte aligned; this migt not be true of static strings.  Shared buffers
        are heap allocated, as are all UStringImpls other than static strings.
        Static strings cannot end up being the owner string of substrings,
        since the only static strings are length 0.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStringsStorage::SmallStringsStorage):
        * runtime/UStringImpl.h:
        (JSC::UntypedPtrAndBitfield::UntypedPtrAndBitfield):
        (JSC::UStringImpl::UStringImpl):

2009-12-22  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        RVCT (__ARMCC_VERSION < 400000) does not provide strcasecmp and strncasecmp
        https://bugs.webkit.org/show_bug.cgi?id=32857

        Add implementation of strcasecmp and strncasecmp for RVCT < 4.0
        because earlier versions of RVCT 4.0 does not provide these functions.

        * wtf/StringExtras.cpp: Added.
        (strcasecmp):
        (strncasecmp):
        * wtf/StringExtras.h:

2009-12-22  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        Define ALWAYS_INLINE and WTF_PRIVATE_INLINE to __forceinline for RVCT
        https://bugs.webkit.org/show_bug.cgi?id=32853

        Use __forceinline forces RVCT to compile a C or C++ function
        inline. The compiler attempts to inline the function, regardless of
        the characteristics of the function.

        * wtf/AlwaysInline.h:
        * wtf/FastMalloc.h:

2009-12-21  Simon Hausmann  <simon.hausmann@nokia.com>

        Prospective GTK build fix: Add UStringImpl.cpp/h to the build.

        * GNUmakefile.am:

2009-12-21  Simon Hausmann  <simon.hausmann@nokia.com>

        Fix the Qt build, add UStringImpl.cpp to the build.

        * JavaScriptCore.pri:

2009-12-21  Gavin Barraclough  <barraclough@apple.com>

        Windows Build fix part 5.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2009-12-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).
        Fix breakage of world introduced in build fix to r52463.

        * runtime/UStringImpl.h:

2009-12-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=32831
        Replace UString::Rep implementation, following introduction of ropes to JSC.

            * Remove redundant overcapacity mechanisms.
            * Reduce memory cost of Rep's.
            * Add an inline storage mechanism akin to that in WebCore's StringImpl.

        ~1% Sunspider progression.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/SmallStrings.cpp:
        (JSC::SmallStringsStorage::SmallStringsStorage):
        * runtime/UString.cpp:
        (JSC::initializeUString):
        (JSC::createRep):
        (JSC::UString::createFromUTF8):
        (JSC::UString::createUninitialized):
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        (JSC::UString::ascii):
        (JSC::UString::operator=):
        (JSC::UString::toStrictUInt32):
        (JSC::equal):
        * runtime/UString.h:
        (JSC::UString::isEmpty):
        (JSC::UString::cost):
        (JSC::makeString):
        * runtime/UStringImpl.cpp: Added.
        (JSC::UStringImpl::baseSharedBuffer):
        (JSC::UStringImpl::sharedBuffer):
        (JSC::UStringImpl::destroy):
        (JSC::UStringImpl::computeHash):
        * runtime/UStringImpl.h: Added.
        (JSC::UntypedPtrAndBitfield::UntypedPtrAndBitfield):
        (JSC::UntypedPtrAndBitfield::asPtr):
        (JSC::UntypedPtrAndBitfield::operator&=):
        (JSC::UntypedPtrAndBitfield::operator|=):
        (JSC::UntypedPtrAndBitfield::operator&):
        (JSC::UStringImpl::create):
        (JSC::UStringImpl::createCopying):
        (JSC::UStringImpl::createUninitialized):
        (JSC::UStringImpl::data):
        (JSC::UStringImpl::size):
        (JSC::UStringImpl::cost):
        (JSC::UStringImpl::hash):
        (JSC::UStringImpl::computedHash):
        (JSC::UStringImpl::setHash):
        (JSC::UStringImpl::identifierTable):
        (JSC::UStringImpl::setIdentifierTable):
        (JSC::UStringImpl::ref):
        (JSC::UStringImpl::deref):
        (JSC::UStringImpl::allocChars):
        (JSC::UStringImpl::copyChars):
        (JSC::UStringImpl::computeHash):
        (JSC::UStringImpl::null):
        (JSC::UStringImpl::empty):
        (JSC::UStringImpl::checkConsistency):
        (JSC::UStringImpl::):
        (JSC::UStringImpl::UStringImpl):
        (JSC::UStringImpl::operator new):
        (JSC::UStringImpl::bufferOwnerString):
        (JSC::UStringImpl::bufferOwnership):
        (JSC::UStringImpl::isStatic):

2009-12-18  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Move some build decisions from Qt build system into source files
        https://bugs.webkit.org/show_bug.cgi?id=31956

        * JavaScriptCore.pri: Compile files unconditionally
        * jit/ExecutableAllocatorPosix.cpp: Guard with PLATFORM(UNIX) && !PLATFORM(SYMBIAN)
        * jit/ExecutableAllocatorWin.cpp: Guard with PLATFORM(WIN_OS)
        * runtime/MarkStackPosix.cpp: Guard with PLATFORM(UNIX) && !PLATFORM(SYMBIAN)
        * runtime/MarkStackSymbian.cpp: Guard with PLATFORM(SYMBIAN)
        * runtime/MarkStackWin.cpp: Guard with PLATFORM(WIN_OS)
        * wtf/Platform.h: Guard ENABLE_JSC_MULTIPLE_THREADS with ENABLE_SINGLE_THREADED for the Qt port
        * wtf/ThreadingNone.cpp: Guard with ENABLE(SINGLE_THREADED)
        * wtf/qt/ThreadingQt.cpp: Guard with !ENABLE(SINGLE_THREADED)

2009-12-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Add createNonCopying method to UString to make replace constructor passed bool,
        to make behaviour more explicit.  Add createFromUTF8 to UString (wrapping method
        on UString::Rep), since other cases of transliteration (e.g.  from ascii) are
        performed in UString constructors.  Add/use setHash & size() accessors on Rep,
        rather than accessing _hash/len directly.

        * API/JSClassRef.cpp:
        (OpaqueJSClass::OpaqueJSClass):
        * API/OpaqueJSString.cpp:
        (OpaqueJSString::ustring):
        * JavaScriptCore.exp:
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        * runtime/Identifier.cpp:
        (JSC::Identifier::equal):
        (JSC::CStringTranslator::translate):
        (JSC::UCharBufferTranslator::translate):
        (JSC::Identifier::addSlowCase):
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        * runtime/JSString.h:
        (JSC::JSString::Rope::Fiber::refAndGetLength):
        (JSC::JSString::Rope::append):
        * runtime/StringBuilder.h:
        (JSC::StringBuilder::release):
        * runtime/StringConstructor.cpp:
        (JSC::stringFromCharCodeSlowCase):
        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferencesSlow):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncLink):
        * runtime/UString.cpp:
        (JSC::UString::UString):
        (JSC::UString::createNonCopying):
        (JSC::UString::createFromUTF8):
        * runtime/UString.h:
        (JSC::UString::Rep::setHash):
        (JSC::UString::~UString):
        (JSC::makeString):

2009-12-18  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Cameron Zwarich and Gavin Barraclough.
        
        Changed Register constructors to assignment operators, to streamline
        moving values into registers. (In theory, there's no difference between
        the two, since the constructor should just inline away, but there seems
        to be a big difference in the addled mind of the GCC optimizer.)

        In the interpreter, this is a 3.5% SunSpider speedup and a 1K-2K
        reduction in stack usage per privateExecute stack frame.

        * interpreter/CallFrame.h:
        (JSC::ExecState::setCalleeArguments):
        (JSC::ExecState::setCallerFrame):
        (JSC::ExecState::setScopeChain):
        (JSC::ExecState::init):
        (JSC::ExecState::setArgumentCount):
        (JSC::ExecState::setCallee):
        (JSC::ExecState::setCodeBlock): Added a little bit of casting so these
        functions could use the new Register assignment operators.

        * interpreter/Register.h:
        (JSC::Register::withInt):
        (JSC::Register::Register):
        (JSC::Register::operator=): Swapped in assignment operators for constructors.

2009-12-18  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=32713
        [Qt] make wtf/Assertions.h compile in winscw compiler.

        Add string arg before ellipsis to help winscw compiler resolve variadic
        macro definitions in wtf/Assertions.h. 

        * wtf/Assertions.h:

2009-12-18  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Adam Roben.

        Fixed intermittent failure seen on Windows buildbot, and in other JSC
        API clients.
        
        Added a WeakGCPtr class and changed OpaqueJSClass::cachedPrototype to
        use it, to avoid vending a stale object as a prototype.

        * API/JSClassRef.cpp:
        (OpaqueJSClassContextData::OpaqueJSClassContextData):
        (OpaqueJSClass::prototype):
        * API/JSClassRef.h: Use WeakGCPtr.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/WeakGCPtr.h: Added.
        (JSC::WeakGCPtr::WeakGCPtr):
        (JSC::WeakGCPtr::get):
        (JSC::WeakGCPtr::clear):
        (JSC::WeakGCPtr::operator*):
        (JSC::WeakGCPtr::operator->):
        (JSC::WeakGCPtr::operator!):
        (JSC::WeakGCPtr::operator bool):
        (JSC::WeakGCPtr::operator UnspecifiedBoolType):
        (JSC::WeakGCPtr::assign):
        (JSC::::operator):
        (JSC::operator==):
        (JSC::operator!=):
        (JSC::static_pointer_cast):
        (JSC::const_pointer_cast):
        (JSC::getPtr): Added WeakGCPtr to the project.

2009-12-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=32720

        * JavaScriptCore.exp:
            - Remove exports for UString::append
        * JavaScriptCore.xcodeproj/project.pbxproj:
            - Make StringBuilder a private header (was project).

2009-12-18  Martin Robinson  <martin.james.robinson@gmail.com>

        Reviewed by Gustavo Noronha Silva.

        [GTK] GRefPtr does not take a reference when assigned a raw pointer
        https://bugs.webkit.org/show_bug.cgi?id=32709

        Ensure that when assigning a raw pointer to a GRefPtr, the reference
        count is incremented. Also remove the GRefPtr conversion overload as
        GRefPtr types have necessarily incompatible reference counting.

        * wtf/gtk/GRefPtr.h:
        (WTF::GRefPtr::operator=):

2009-12-18  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Clean up the qmake build system to distinguish between trunk builds and package builds

        https://bugs.webkit.org/show_bug.cgi?id=32716

        * pcre/pcre.pri: Use standalone_package instead of QTDIR_build

2009-12-18  Martin Robinson  <martin.james.robinson@gmail.com>

        Reviewed by Gustavo Noronha Silva.

        [GTK] Compile warning from line 29 of GRefPtr.cpp
        https://bugs.webkit.org/show_bug.cgi?id=32703

        Fix memory leak and compiler warning in GRefPtr GHashTable template
        specialization.

        * wtf/gtk/GRefPtr.cpp:
        (WTF::refGPtr):

2009-12-17  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Add BUILDING_ON_SNOW_LEOPARD and TARGETING_SNOW_LEOPARD #defines.

        * wtf/Platform.h:

2009-12-17  Adam Roben  <aroben@apple.com>

        Sync JavaScriptCore.vcproj with JavaScriptCore.xcodeproj and the
        source tree

        Fixes <http://webkit.org/b/32665>.

        Reviewed by Ada Chan.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Moved
        around files and filters so that the structure matches
        JavaScriptCore.xcodeproj and the source tree. A few headers that were
        previously omitted have been added, as well as JSZombie.{cpp,h}.

2009-12-17  Adam Roben  <aroben@apple.com>

        Remove HeavyProfile and TreeProfile completely

        These were mostly removed in r42808, but the empty files were left in
        place.

        Fixes <http://webkit.org/b/32664>.

        Reviewed by John Sullivan.

        * Android.mk:
        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCoreSources.bkl:
        Removed HeavyProfile/TreeProfile source files.

        * profiler/HeavyProfile.cpp: Removed.
        * profiler/HeavyProfile.h: Removed.
        * profiler/TreeProfile.cpp: Removed.
        * profiler/TreeProfile.h: Removed.

2009-12-17  Martin Robinson  <martin.james.robinson@gmail.com>

        Reviewed by Gustavo Noronha Silva.

        [GTK] WebKit GTK needs a wrapper for ref counted glib/gobject structs
        https://bugs.webkit.org/show_bug.cgi?id=21599

        Implement GRefPtr, a smart pointer for reference counted GObject types.

        * GNUmakefile.am:
        * wtf/gtk/GOwnPtr.cpp:
        (WTF::GDir):
        * wtf/gtk/GRefPtr.h: Added.
        (WTF::):
        (WTF::GRefPtr::GRefPtr):
        (WTF::GRefPtr::~GRefPtr):
        (WTF::GRefPtr::clear):
        (WTF::GRefPtr::get):
        (WTF::GRefPtr::operator*):
        (WTF::GRefPtr::operator->):
        (WTF::GRefPtr::operator!):
        (WTF::GRefPtr::operator UnspecifiedBoolType):
        (WTF::GRefPtr::hashTableDeletedValue):
        (WTF::::operator):
        (WTF::::swap):
        (WTF::swap):
        (WTF::operator==):
        (WTF::operator!=):
        (WTF::static_pointer_cast):
        (WTF::const_pointer_cast):
        (WTF::getPtr):
        (WTF::adoptGRef):
        (WTF::refGPtr):
        (WTF::derefGPtr):

2009-12-17  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed. Build fixes for make distcheck.

        * GNUmakefile.am:

2009-12-16  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed <rdar://problem/7355025> Interpreter::privateExecute macro generates
        bloated code
        
        This patch cuts Interpreter stack use by about a third.

        * bytecode/Opcode.h: Changed Opcode to const void* to work with the
        const static initiliazation we want to do in Interpreter::privateExecute.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter): Moved hashtable initialization here to
        avoid polluting Interpreter::privateExecute's stack, and changed it from a
        series of add() calls to one add() call in a loop, to cut down on code size.

        (JSC::Interpreter::privateExecute): Changed a series of label computations
        to a copy of a compile-time constant array to cut down on code size.

2009-12-16  Mark Rowe  <mrowe@apple.com>

        Build fix.  Disable debug variants of WebKit frameworks.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-12-15  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam "r=me" Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=32498
        <rdar://problem/7471495>
        REGRESSION(r51978-r52039): AJAX "Mark This Forum Read" function no longer
        works
        
        Fixed a tyop.

        * runtime/Operations.h:
        (JSC::jsAdd): Use the '&&' operator, not the ',' operator.

2009-12-15  Geoffrey Garen  <ggaren@apple.com>

        Try to fix the windows build: don't export this inlined function.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-12-15  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Beth Dakin.

        Inlined JSCell's operator new.
        
        3.7% speedup on bench-allocate-nonretained.js.

        * JavaScriptCore.exp:
        * runtime/JSCell.cpp:
        * runtime/JSCell.h:
        (JSC::JSCell::operator new):

2009-12-15  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Removed the number heap, replacing it with a one-item free list for
        numbers, taking advantage of the fact that two number cells fit inside
        the space for one regular cell, and number cells don't require destruction.
        
        SunSpider says 1.6% faster in JSVALUE32 mode (the only mode that
        heap-allocates numbers).
        
        SunSpider says 1.1% faster in JSVALUE32_64 mode. v8 says 0.8% faster
        in JSVALUE32_64 mode. 10% speedup on bench-alloc-nonretained.js. 6%
        speedup on bench-alloc-retained.js.
        
        There's a lot of formulaic change in this patch, but not much substance.

        * JavaScriptCore.exp:
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * runtime/Collector.cpp:
        (JSC::Heap::Heap):
        (JSC::Heap::destroy):
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlock):
        (JSC::Heap::freeBlockPtr):
        (JSC::Heap::freeBlocks):
        (JSC::Heap::recordExtraCost):
        (JSC::Heap::allocate):
        (JSC::Heap::resizeBlocks):
        (JSC::Heap::growBlocks):
        (JSC::Heap::shrinkBlocks):
        (JSC::Heap::markConservatively):
        (JSC::Heap::clearMarkBits):
        (JSC::Heap::markedCells):
        (JSC::Heap::sweep):
        (JSC::Heap::markRoots):
        (JSC::Heap::objectCount):
        (JSC::Heap::addToStatistics):
        (JSC::Heap::statistics):
        (JSC::Heap::isBusy):
        (JSC::Heap::reset):
        (JSC::Heap::collectAllGarbage):
        (JSC::Heap::primaryHeapBegin):
        (JSC::Heap::primaryHeapEnd):
        * runtime/Collector.h:
        (JSC::): Removed all code pertaining to the number heap, and changed all
        heap template functions and classes to non-template functions and classes.

        (JSC::Heap::allocateNumber): A new optimization to replace the number
        heap: allocate half-sized number cells in pairs, returning the first
        cell and caching the second cell for the next allocation.

        * runtime/CollectorHeapIterator.h:
        (JSC::LiveObjectIterator::LiveObjectIterator):
        (JSC::LiveObjectIterator::operator++):
        (JSC::DeadObjectIterator::DeadObjectIterator):
        (JSC::DeadObjectIterator::operator++):
        (JSC::ObjectIterator::ObjectIterator):
        (JSC::ObjectIterator::operator++):
        * runtime/JSCell.h:
        (JSC::JSCell::isNumber): Removed all code pertaining to the number heap,
        and changed all heap template functions and classes to non-template functions
        and classes.

2009-12-15  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for WeakGCMap class
        https://bugs.webkit.org/show_bug.cgi?id=32547

        Inherits WeakGCMap from FastAllocBase because it is instantiated by
        'new' at: WebCore/dom/Document.cpp:512.

        * runtime/WeakGCMap.h:

2009-12-15  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for dtoa's P5Node struct
        https://bugs.webkit.org/show_bug.cgi?id=32544

        Inherits P5Node struct from Noncopyable because it is instantiated by
        'new' at wtf/dtoa.cpp:588 and don't need to be copyable.

        * wtf/dtoa.cpp:

2009-12-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Simon Fraser.

        https://bugs.webkit.org/show_bug.cgi?id=32524
        REGRESSION(52084): fast/dom/prototypes.html failing two CSS tests

        * wtf/StdLibExtras.h:
        (WTF::bitCount): The original patch put the parentheses in the wrong
        place, completely changing the calculation and making it almost always
        wrong. Moved the parentheses around the '+' operation, like the original
        compiler warning suggested.

2009-12-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Unreviewed trivial buildfix.

        Fix crosses initialization of usedPrimaryBlocks for JSValue32

        * runtime/Collector.cpp:
        (JSC::Heap::markConservatively):

2009-12-14  Csaba Osztrogonác  <ossy@webkit.org>

        Reviewed by Simon Hausmann.

        GCC 4.3.x warning fixed. Suggested parantheses added.
        warning: ../../../JavaScriptCore/wtf/StdLibExtras.h:77: warning: suggest parentheses around + or - in operand of &

        * wtf/StdLibExtras.h:
        (WTF::bitCount):

2009-12-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Changed GC from mark-sweep to mark-allocate.
        
        Added WeakGCMap to keep WebCore blissfully ignorant about objects that
        have become garbage but haven't run their destructors yet.
        
        1% SunSpider speedup.
        7.6% v8 speedup (37% splay speedup).
        17% speedup on bench-alloc-nonretained.js.
        18% speedup on bench-alloc-retained.js.

        * API/JSBase.cpp:
        (JSGarbageCollect):
        * API/JSContextRef.cpp:
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj: Updated for renames and new
        files.

        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions): Updated to use the Collector
        iterator abstraction.

        * jsc.cpp:
        (functionGC): Updated for rename.

        * runtime/Collector.cpp: Slightly reduced the number of allocations per
        collection, so that small workloads only allocate on collector block,
        rather than two.

        (JSC::Heap::Heap): Updated to use the new allocateBlock function.

        (JSC::Heap::destroy): Updated to use the new freeBlocks function.

        (JSC::Heap::allocateBlock): New function to initialize a block when
        allocating it.

        (JSC::Heap::freeBlock): Consolidated the responsibility for running
        destructors into this function.

        (JSC::Heap::freeBlocks): Updated to use freeBlock.

        (JSC::Heap::recordExtraCost): Sweep the heap in this reporting function,
        so that allocation, which is more common, doesn't have to check extraCost.

        (JSC::Heap::heapAllocate): Run destructors right before recycling a
        garbage cell. This has better cache utilization than a separate sweep phase.

        (JSC::Heap::resizeBlocks):
        (JSC::Heap::growBlocks):
        (JSC::Heap::shrinkBlocks): New set of functions for managing the size of
        the heap, now that the heap doesn't maintain any information about its
        size.

        (JSC::isPointerAligned):
        (JSC::isHalfCellAligned):
        (JSC::isPossibleCell):
        (JSC::isCellAligned):
        (JSC::Heap::markConservatively): Cleaned up this code a bit.

        (JSC::Heap::clearMarkBits):
        (JSC::Heap::markedCells): Some helper functions for examining the the mark
        bitmap.

        (JSC::Heap::sweep): Simplified this function by using a DeadObjectIterator.

        (JSC::Heap::markRoots): Reordered some operations for clarity.

        (JSC::Heap::objectCount):
        (JSC::Heap::addToStatistics):
        (JSC::Heap::statistics): Rewrote these functions to calculate an object
        count on demand, since the heap doesn't maintain this information by 
        itself.

        (JSC::Heap::reset): New function for resetting the heap once we've
        exhausted heap space.

        (JSC::Heap::collectAllGarbage): This function matches the old collect()
        behavior, but it's now an uncommon function used only by API.

        * runtime/Collector.h:
        (JSC::CollectorBitmap::count):
        (JSC::CollectorBitmap::isEmpty): Added some helper functions for managing
        the collector mark bitmap.

        (JSC::Heap::reportExtraMemoryCost): Changed reporting from cell equivalents
        to bytes, so it's easier to understand.
        
        * runtime/CollectorHeapIterator.h:
        (JSC::CollectorHeapIterator::CollectorHeapIterator):
        (JSC::CollectorHeapIterator::operator!=):
        (JSC::CollectorHeapIterator::operator*):
        (JSC::CollectorHeapIterator::advance):
        (JSC::::LiveObjectIterator):
        (JSC::::operator):
        (JSC::::DeadObjectIterator):
        (JSC::::ObjectIterator): New iterators for encapsulating details about
        heap layout, and what's live and dead on the heap.

        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::increaseVectorLength): Delay reporting extra cost until
        we're fully constructed, so the heap mark phase won't visit us in an
        invalid state.

        * runtime/JSCell.h:
        (JSC::JSCell::):
        (JSC::JSCell::createDummyStructure):
        (JSC::JSCell::JSCell):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h: Added a dummy cell to simplify allocation logic.

        * runtime/JSString.h:
        (JSC::jsSubstring): Don't report extra cost for substrings, since they
        share a buffer that's already reported extra cost.

        * runtime/Tracing.d:
        * runtime/Tracing.h: Changed these dtrace hooks not to report object
        counts, since they're no longer cheap to compute.

        * runtime/UString.h: Updated for renames.

        * runtime/WeakGCMap.h: Added.
        (JSC::WeakGCMap::isEmpty):
        (JSC::WeakGCMap::uncheckedGet):
        (JSC::WeakGCMap::uncheckedBegin):
        (JSC::WeakGCMap::uncheckedEnd):
        (JSC::::get):
        (JSC::::take):
        (JSC::::set):
        (JSC::::uncheckedRemove): Mentioned above.

        * wtf/StdLibExtras.h:
        (WTF::bitCount): Added a bit population count function, so the heap can
        count live objects to fulfill statistics questions.

The very last cell in the block is not allocated -- should not be marked.

2009-12-13  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Export some new symbols.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-12-13  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Removed some old exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-12-13  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Use unsigned instead of uint32_t to avoid dependencies.

        * wtf/StdLibExtras.h:
        (WTF::bitCount):

2009-12-13  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (speculative Windows build fix).

        * runtime/JSGlobalObjectFunctions.cpp:

2009-12-13  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=32496
        Switch remaining cases of string construction to use StringBuilder.
        Builds strings using a vector rather than using string append / addition.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::paramString):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::encode):
        (JSC::decode):
        (JSC::globalFuncEscape):
        (JSC::globalFuncUnescape):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::stringify):
        (JSC::Stringifier::indent):
        * runtime/JSString.h:
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexString):
        * runtime/NumberPrototype.cpp:
        (JSC::integerPartNoExp):
        (JSC::numberProtoFuncToFixed):
        (JSC::numberProtoFuncToPrecision):
        * runtime/Operations.h:
        (JSC::jsString):
        * runtime/StringPrototype.cpp:
        (JSC::substituteBackreferencesSlow):
        (JSC::substituteBackreferences):
        (JSC::stringProtoFuncConcat):

2009-12-08  Jeremy Moskovich  <jeremy@chromium.org>

        Reviewed by Eric Seidel.

        Add code to allow toggling ATSUI/Core Text rendering at runtime in ComplexTextController.
        https://bugs.webkit.org/show_bug.cgi?id=31802

        The goal here is to allow for a zero runtime hit for ports that decide to select
        the API at compile time.
        When both USE(ATSUI) and USE(CORE_TEXT) are true, the API is toggled
        at runtime.  Core Text is used for OS Versions >= 10.6.

        * wtf/Platform.h: #define USE_CORE_TEXT and USE_ATSUI on Chrome/Mac.

2009-12-11  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver Hunt.

        Unify codegen for forward and backward variants of branches
        https://bugs.webkit.org/show_bug.cgi?id=32463

        * jit/JIT.h:
        (JSC::JIT::emit_op_loop): Implemented in terms of forward variant.
        (JSC::JIT::emit_op_loop_if_true): ditto
        (JSC::JIT::emitSlow_op_loop_if_true): ditto
        (JSC::JIT::emit_op_loop_if_false): ditto
        (JSC::JIT::emitSlow_op_loop_if_false): ditto
        (JSC::JIT::emit_op_loop_if_less): ditto
        (JSC::JIT::emitSlow_op_loop_if_less): ditto
        * jit/JITOpcodes.cpp:

2009-12-11  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Allow WTFs concept of the main thread to differ from pthreads when necessary.

        * wtf/ThreadingPthreads.cpp:
        (WTF::initializeThreading):
        (WTF::isMainThread):
        * wtf/mac/MainThreadMac.mm:
        (WTF::initializeMainThreadPlatform):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2009-12-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=32454
        Refactor construction of simple strings to avoid string concatenation.

        Building strings through concatenation has a memory and performance cost -
        a memory cost since we must over-allocate the buffer to leave space to append
        into, and performance in that the string may still require reallocation (and
        thus copying during construction).  Instead move the full construction to
        within a single function call (makeString), so that the arguments' lengths
        can be calculated and an appropriate sized buffer allocated before copying
        any characters.

        ~No performance change (~2% progression on date tests).

        * bytecode/CodeBlock.cpp:
        (JSC::escapeQuotes):
        (JSC::valueToSourceString):
        (JSC::constantName):
        (JSC::idName):
        (JSC::CodeBlock::registerName):
        (JSC::regexpToSourceString):
        (JSC::regexpName):
        * bytecompiler/NodesCodegen.cpp:
        (JSC::substitute):
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        * runtime/DateConstructor.cpp:
        (JSC::callDate):
        * runtime/DateConversion.cpp:
        (JSC::formatDate):
        (JSC::formatDateUTCVariant):
        (JSC::formatTime):
        (JSC::formatTimeUTC):
        * runtime/DateConversion.h:
        (JSC::):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToGMTString):
        * runtime/ErrorPrototype.cpp:
        (JSC::errorProtoFuncToString):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createUndefinedVariableError):
        (JSC::createErrorMessage):
        (JSC::createInvalidParamError):
        * runtime/FunctionPrototype.cpp:
        (JSC::insertSemicolonIfNeeded):
        (JSC::functionProtoFuncToString):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncToString):
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::match):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncBig):
        (JSC::stringProtoFuncSmall):
        (JSC::stringProtoFuncBlink):
        (JSC::stringProtoFuncBold):
        (JSC::stringProtoFuncFixed):
        (JSC::stringProtoFuncItalics):
        (JSC::stringProtoFuncStrike):
        (JSC::stringProtoFuncSub):
        (JSC::stringProtoFuncSup):
        (JSC::stringProtoFuncFontcolor):
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncAnchor):
        * runtime/UString.h:
        (JSC::):
        (JSC::makeString):

2009-12-10  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=32400
        Switch remaining cases of string addition to use ropes.

        Re-landing r51975 - added toPrimitiveString method,
        performs toPrimitive then subsequent toString operations.

        ~1% progression on Sunspidey.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSString.h:
        (JSC::JSString::JSString):
        (JSC::JSString::appendStringInConstruct):
        * runtime/Operations.cpp:
        (JSC::jsAddSlowCase):
        * runtime/Operations.h:
        (JSC::jsString):
        (JSC::jsAdd):

2009-12-11  Adam Roben  <aroben@apple.com>

        Windows build fix

        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Added
        $(WebKitOutputDir)/include/private to the include path.

2009-12-11  Adam Roben  <aroben@apple.com>

        Move QuartzCorePresent.h to include/private

        This fixes other projects that use wtf/Platform.h

        Rubber-stamped by Steve Falkenburg.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Let VS do its thang.
        * JavaScriptCore.vcproj/JavaScriptCore/build-generated-files.sh: Write
        QuartzCorePresent.h to $(WebKitOutputDir)/include/private.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        Added $(WebKitOutputDir)/include/private to the include path.

2009-12-11  Adam Roben  <aroben@apple.com>

        Fix clean builds and everything rebuilding on every build

        Reviewed by Sam Weinig.

        * JavaScriptCore.vcproj/JavaScriptCore/build-generated-files.sh: Don't
        write out QuartzCorePresent.h if it exists but is older than
        QuartzCore.h. Also, create the directory we write QuartzCorePresent.h
        into first.

2009-12-11  Adam Roben  <aroben@apple.com>

        Windows build fix for systems with spaces in their paths

        * JavaScriptCore.vcproj/JavaScriptCore/build-generated-files.sh: Quote some paths.

2009-12-11  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Adam Roben.

        Add check for presence of QuartzCore headers
        https://bugs.webkit.org/show_bug.cgi?id=31856
        
        The script now checks for the presence of QuartzCore.h. If present
        it will turn on ACCELERATED_COMPOSITING and 3D_RENDERING to enable
        HW compositing on Windows. The script writes QuartzCorePresent.h to
        the build directory which has a define telling whether QuartzCore is 
        present.

        * JavaScriptCore.vcproj/JavaScriptCore/build-generated-files.sh:
        * wtf/Platform.h:

2009-12-11  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Fix a problem that JSC::gregorianDateTimeToMS() returns a negative
        value for a huge year value.
        https://bugs.webkit.org/show_bug.cgi?id=32304

        * wtf/DateMath.cpp:
        (WTF::dateToDaysFrom1970): Renamed from dateToDayInYear, and changed the return type to double.
        (WTF::calculateDSTOffset): Follow the dateToDaysFrom1970() change.
        (WTF::timeClip): Use maxECMAScriptTime.
        (JSC::gregorianDateTimeToMS): Follow the dateToDaysFrom1970() change.

2009-12-10  Adam Barth  <abarth@webkit.org>

        No review, rolling out r51975.
        http://trac.webkit.org/changeset/51975

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSString.h:
        (JSC::JSString::JSString):
        (JSC::JSString::appendStringInConstruct):
        * runtime/Operations.cpp:
        (JSC::jsAddSlowCase):
        * runtime/Operations.h:
        (JSC::jsString):
        (JSC::jsAdd):

2009-12-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Incorrect caching of prototype lookup with dictionary base
        https://bugs.webkit.org/show_bug.cgi?id=32402

        Make sure we don't add cached prototype lookup to the proto_list
        lookup chain if the top level object is a dictionary.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):

2009-12-10  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=32400
        Switch remaining cases of string addition to use ropes.

        ~1% progression on Sunspidey.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSString.h:
        (JSC::JSString::JSString):
        (JSC::JSString::appendStringInConstruct):
        * runtime/Operations.cpp:
        (JSC::jsAddSlowCase):
        * runtime/Operations.h:
        (JSC::jsString):
        (JSC::jsAdd):

2009-12-10  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Geoffrey Garen.

        Remove JSObject::getPropertyAttributes() and all usage of it.
        https://bugs.webkit.org/show_bug.cgi?id=31933

        getOwnPropertyDescriptor() should be used instead.

        * JavaScriptCore.exp:
        * JavaScriptCore.order:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::getOwnPropertyDescriptor):
        * debugger/DebuggerActivation.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::propertyIsEnumerable):
        * runtime/JSObject.h:
        * runtime/JSVariableObject.cpp:
        * runtime/JSVariableObject.h:

2009-12-10  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt & Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=32367
        Add support for short Ropes (up to 3 entries) inline within JSString.
        (rather than externally allocating an object to hold the rope).
        Switch jsAdd of (JSString* + JSString*) to now make use of Ropes.

        ~1% progression on Sunspidey.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/JSString.cpp:
        (JSC::JSString::resolveRope):
        (JSC::JSString::toBoolean):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::JSString::Rope::Fiber::deref):
        (JSC::JSString::Rope::Fiber::ref):
        (JSC::JSString::Rope::Fiber::refAndGetLength):
        (JSC::JSString::Rope::append):
        (JSC::JSString::JSString):
        (JSC::JSString::~JSString):
        (JSC::JSString::value):
        (JSC::JSString::tryGetValue):
        (JSC::JSString::length):
        (JSC::JSString::canGetIndex):
        (JSC::JSString::appendStringInConstruct):
        (JSC::JSString::appendValueInConstructAndIncrementLength):
        (JSC::JSString::isRope):
        (JSC::JSString::string):
        (JSC::JSString::ropeLength):
        (JSC::JSString::getStringPropertySlot):
        * runtime/Operations.h:
        (JSC::jsString):
        (JSC::jsAdd):
        (JSC::resolveBase):

2009-12-09  Anders Carlsson  <andersca@apple.com>

        Reviewed by Geoffrey Garen.

        Fix three more things found by compiling with clang++.
        
        * runtime/Structure.h:
        (JSC::StructureTransitionTable::reifySingleTransition):
        Add the 'std' qualifier to the call to make_pair.

        * wtf/DateMath.cpp:
        (WTF::initializeDates):
        Incrementing a bool is deprecated according to the C++ specification.
        
        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):
        Name lookup should not be done in dependent bases, so explicitly qualify the call to set.

2009-12-09  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver Hunt.

        Google reader gets stuck in the "Loading..." state and does not complete
        https://bugs.webkit.org/show_bug.cgi?id=32256
        <rdar://problem/7456388>

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jless): Fix some backward branches.

2009-12-09  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=32228
        Make destruction of ropes non-recursive to prevent stack exhaustion.
        Also, pass a UString& into initializeFiber rather than a Ustring::Rep*,
        since the Rep is not being ref counted this could result in usage of a
        Rep with refcount zero (where the Rep comes from a temporary UString
        returned from a function).

        * runtime/JSString.cpp:
        (JSC::JSString::Rope::destructNonRecursive):
        (JSC::JSString::Rope::~Rope):
        * runtime/JSString.h:
        (JSC::JSString::Rope::initializeFiber):
        * runtime/Operations.h:
        (JSC::concatenateStrings):

2009-12-09  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=31930

        Update to r51457. ASSERTs changed to COMPILE_ASSERTs.
        The speedup is 25%.

        * runtime/JSGlobalData.cpp:
        (JSC::VPtrSet::VPtrSet):

2009-12-09  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Updates Android Makefiles with latest additions.
        https://bugs.webkit.org/show_bug.cgi?id=32278

        * Android.mk: Modified.
        * Android.v8.wtf.mk: Modified.

2009-12-09  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Fix a bug found while trying to compile JavaScriptCore with clang++.

        * yarr/RegexPattern.h:
        (JSC::Yarr::PatternTerm::PatternTerm): Don't self assign here.  Use false instead.

2009-12-09  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Attempt to fix the Windows build.
        
        * wtf/FastMalloc.h:

2009-12-09  Anders Carlsson  <andersca@apple.com>

        Reviewed by Sam Weinig.

        Fix some things found while trying to compile JavaScriptCore with clang++.

        * wtf/FastMalloc.h:
        Add correct exception specifications for the allocation/deallocation operators.
        
        * wtf/Vector.h:
        * wtf/VectorTraits.h:
        Fix a bunch of struct/class mismatches.

2009-12-08  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        move code generation portions of Nodes.cpp to bytecompiler directory
        https://bugs.webkit.org/show_bug.cgi?id=32284

        * bytecompiler/NodesCodegen.cpp: Copied from parser/Nodes.cpp. Removed parts that
        are not about codegen.
        * parser/Nodes.cpp: Removed everything that is about codegen.

        Update build systems:
        
        * Android.mk:
        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * JavaScriptCoreSources.bkl:

2009-12-08  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] Mac plugins support.
        
        https://bugs.webkit.org/show_bug.cgi?id=32236

        * wtf/Platform.h:

2009-12-08  Dmitry Titov  <dimich@chromium.org>

        Rubber-stamped by David Levin.

        Revert and reopen "Add asserts to RefCounted to make sure ref/deref happens on the right thread."
        It may have caused massive increase of reported leaks on the bots.
        https://bugs.webkit.org/show_bug.cgi?id=31639

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/WTF/WTF.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        * wtf/RefCounted.h:
        (WTF::RefCountedBase::ref):
        (WTF::RefCountedBase::hasOneRef):
        (WTF::RefCountedBase::refCount):
        (WTF::RefCountedBase::derefBase):
        * wtf/ThreadVerifier.h: Removed.

2009-12-08  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Reviewed by Darin Adler.

        Make WebKit build correctly on FreeBSD, IA64, and Alpha.
        Based on work by Petr Salinger <Petr.Salinger@seznam.cz>,
        and Colin Watson <cjwatson@ubuntu.com>.

        * wtf/Platform.h:

2009-12-08  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Darin Adler.

        Add asserts to RefCounted to make sure ref/deref happens on the right thread.
        https://bugs.webkit.org/show_bug.cgi?id=31639

        * runtime/Structure.cpp:
        (JSC::Structure::Structure): Disable thread verification on this class since it uses addressOfCount().
        * wtf/RefCounted.h:
        (WTF::RefCountedBase::ref): Add ASSERT.
        (WTF::RefCountedBase::hasOneRef): Ditto.
        (WTF::RefCountedBase::refCount): Ditto.
        (WTF::RefCountedBase::derefBase): Ditto.
        (WTF::RefCountedBase::disableThreadVerification): delegate to ThreadVerifier method.
        * wtf/ThreadVerifier.h: Added.
        (WTF::ThreadVerifier::ThreadVerifier): New Debug-only class to verify that ref/deref of RefCounted is done on the same thread.
        (WTF::ThreadVerifier::activate): Activates checks. Called when ref count becomes above 2.
        (WTF::ThreadVerifier::deactivate): Deactivates checks. Called when ref count drops below 2.
        (WTF::ThreadVerifier::disableThreadVerification): used on objects that should not be checked (StringImpl etc)
        (WTF::ThreadVerifier::verifyThread):
        * GNUmakefile.am: Add ThreadVerifier.h to the build file.
        * JavaScriptCore.gypi: Ditto.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
        * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.

2009-12-08  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        [Android] Adds Makefiles for Android port.
        https://bugs.webkit.org/show_bug.cgi?id=31325

        * Android.mk: Added.
        * Android.v8.wtf.mk: Added.

2009-12-07  Dmitry Titov  <dimich@chromium.org>

        Rubber-stamped by Darin Adler.

        Remove ENABLE_SHARED_SCRIPT flags
        https://bugs.webkit.org/show_bug.cgi?id=32245
        This patch was obtained by "git revert" command and then un-reverting of ChangeLog files.

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-12-07  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fixage part I).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-12-05  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=32184
        Handle out-of-memory conditions with JSC Ropes with a JS exception, rather than crashing.
        Switch from using fastMalloc to tryFastMalloc, pass an ExecState to record the exception on.

        * API/JSCallbackObjectFunctions.h:
        (JSC::::toString):
        * API/JSValueRef.cpp:
        (JSValueIsStrictEqual):
        * JavaScriptCore.exp:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitEqualityOp):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName):
        (JSC::DebuggerCallFrame::calculatedFunctionName):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * profiler/ProfileGenerator.cpp:
        (JSC::ProfileGenerator::addParentForConsoleStart):
        * profiler/Profiler.cpp:
        (JSC::Profiler::willExecute):
        (JSC::Profiler::didExecute):
        (JSC::Profiler::createCallIdentifier):
        (JSC::createCallIdentifierFromFunctionImp):
        * profiler/Profiler.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncIndexOf):
        (JSC::arrayProtoFuncLastIndexOf):
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::name):
        (JSC::InternalFunction::displayName):
        (JSC::InternalFunction::calculatedDisplayName):
        * runtime/InternalFunction.h:
        * runtime/JSCell.cpp:
        (JSC::JSCell::getString):
        * runtime/JSCell.h:
        (JSC::JSValue::getString):
        * runtime/JSONObject.cpp:
        (JSC::gap):
        (JSC::Stringifier::Stringifier):
        (JSC::Stringifier::appendStringifiedValue):
        * runtime/JSObject.cpp:
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::JSObject::defineOwnProperty):
        * runtime/JSObject.h:
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::get):
        * runtime/JSString.cpp:
        (JSC::JSString::Rope::~Rope):
        (JSC::JSString::resolveRope):
        (JSC::JSString::getPrimitiveNumber):
        (JSC::JSString::toNumber):
        (JSC::JSString::toString):
        (JSC::JSString::toThisString):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::JSString::Rope::createOrNull):
        (JSC::JSString::Rope::operator new):
        (JSC::JSString::value):
        (JSC::JSString::tryGetValue):
        (JSC::JSString::getIndex):
        (JSC::JSString::getStringPropertySlot):
        (JSC::JSValue::toString):
        * runtime/JSValue.h:
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/Operations.cpp:
        (JSC::JSValue::strictEqualSlowCase):
        * runtime/Operations.h:
        (JSC::JSValue::equalSlowCaseInline):
        (JSC::JSValue::strictEqualSlowCaseInline):
        (JSC::JSValue::strictEqual):
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAdd):
        (JSC::concatenateStrings):
        * runtime/PropertyDescriptor.cpp:
        (JSC::PropertyDescriptor::equalTo):
        * runtime/PropertyDescriptor.h:
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToLowerCase):
        (JSC::stringProtoFuncToUpperCase):

2009-12-07  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Holger Freyther.

        Turn on (SVG) Filters support, by default.
        https://bugs.webkit.org/show_bug.cgi?id=32224

        * Configurations/FeatureDefines.xcconfig: Enable FILTERS build flag.

2009-12-07  Steve Falkenburg  <sfalken@apple.com>

        Build fix. Be flexible about which version of ICU is used on Windows.

        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: Add optional xcopy commands to copy ICU 4.2.

2009-12-07  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver Hunt.

        op_loop_if_less JIT codegen is broken for 64-bit
        https://bugs.webkit.org/show_bug.cgi?id=32221

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_false): Fix codegen in this version - test was backwards.

2009-12-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Object.create fails if properties on the descriptor are getters
        https://bugs.webkit.org/show_bug.cgi?id=32219

        Correctly initialise the PropertySlots with the descriptor object.

        * runtime/ObjectConstructor.cpp:
        (JSC::toPropertyDescriptor):

2009-12-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Actually tested 64-bit *and* 32-bit build this time.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_false):

2009-12-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Really really fix 64-bit build for prior patch (actually tested this time).

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_false):
        (JSC::JIT::emitSlow_op_loop_if_false):

2009-12-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Really fix 64-bit build for prior patch.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jless):

2009-12-06  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Fix 64-bit build for prior patch.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_loop_if_less):

2009-12-05  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver Hunt.

        conway benchmark spends half it's time in op_less (jump fusion fails)
        https://bugs.webkit.org/show_bug.cgi?id=32190

        <1% speedup on SunSpider and V8
        2x speedup on "conway" benchmark
        
        Two optimizations:
        1) Improve codegen for logical operators &&, || and ! in a condition context
        
        When generating code for combinations of &&, || and !, in a
        condition context (i.e. in an if statement or loop condition), we
        used to produce a value, and then separately jump based on its
        truthiness. Now we pass the false and true targets in, and let the
        logical operators generate jumps directly. This helps in four
        ways:

        a) Individual clauses of a short-circuit logical operator can now
        jump directly to the then or else clause of an if statement (or to
        the top or exit of a loop) instead of jumping to a jump.
        
        b) It used to be that jump fusion with the condition of the first
        clause of a logical operator was inhibited, because the register
        was ref'd to be used later, in the actual condition jump; this no
        longer happens since a jump straight to the final target is
        generated directly.

        c) It used to be that jump fusion with the condition of the second
        clause of a logical operator was inhibited, because there was a
        jump target right after the second clause and before the actual
        condition jump. But now it's no longer necessary for the first
        clause to jump there so jump fusion is not blocked.

        d) We avoid generating excess mov statements in some cases.
        
        As a concrete example this source:
        
        if (!((x < q && y < q) || (t < q && z < q))) {
            // ...
        }
        
        Used to generate this bytecode:
        
        [  34] less              r1, r-15, r-19
        [  38] jfalse            r1, 7(->45)
        [  41] less              r1, r-16, r-19
        [  45] jtrue             r1, 14(->59)
        [  48] less              r1, r-17, r-19
        [  52] jfalse            r1, 7(->59)
        [  55] less              r1, r-18, r-19
        [  59] jtrue             r1, 17(->76)
        
        And now generates this bytecode (also taking advantage of the second optimization below):
        
        [  34] jnless            r-15, r-19, 8(->42)
        [  38] jless             r-16, r-19, 26(->64)
        [  42] jnless            r-17, r-19, 8(->50)
        [  46] jless             r-18, r-19, 18(->64)
        
        Note the jump fusion and the fact that there's less jump
        indirection - three of the four jumps go straight to the target
        clause instead of indirecting through another jump.
        
        2) Implement jless opcode to take advantage of the above, since we'll now often generate
        a less followed by a jtrue where fusion is not forbidden.
       
        * parser/Nodes.h:
        (JSC::ExpressionNode::hasConditionContextCodegen): Helper function to determine
        whether a node supports special conditional codegen. Return false as this is the default.
        (JSC::ExpressionNode::emitBytecodeInConditionContext): Assert not reached - only really
        defined for nodes that do have conditional codegen.
        (JSC::UnaryOpNode::expr): Add const version.
        (JSC::LogicalNotNode::hasConditionContextCodegen): Returne true only if subexpression
        supports it.
        (JSC::LogicalOpNode::hasConditionContextCodegen): Return true.
        * parser/Nodes.cpp:
        (JSC::LogicalNotNode::emitBytecodeInConditionContext): Implemented - just swap
        the true and false targets for the child node.
        (JSC::LogicalOpNode::emitBytecodeInConditionContext): Implemented - handle jumps
        directly, improving codegen quality. Also handles further nested conditional codegen.
        (JSC::ConditionalNode::emitBytecode): Use condition context codegen when available.
        (JSC::IfNode::emitBytecode): ditto
        (JSC::IfElseNode::emitBytecode): ditto
        (JSC::DoWhileNode::emitBytecode): ditto
        (JSC::WhileNode::emitBytecode): ditto
        (JSC::ForNode::emitBytecode): ditto

        * bytecode/Opcode.h: 
        - Added loop_if_false opcode - needed now that falsey jumps can be backwards.
        - Added jless opcode to take advantage of new fusion opportunities.
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Handle above.
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpIfTrue): Add peephole for less + jtrue ==> jless.
        (JSC::BytecodeGenerator::emitJumpIfFalse): Add handling of backwrds falsey jumps.
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::emitNodeInConditionContext): Wrapper to handle tracking of
        overly deep expressions etc.
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute): Implement the two new opcodes (loop_if_false, jless).
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass): Implement JIT support for the two new opcodes.
        (JSC::JIT::privateCompileSlowCases): ditto
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jless):
        (JSC::JIT::emitSlow_op_jless): ditto
        (JSC::JIT::emitBinaryDoubleOp): ditto
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_loop_if_less): ditto
        (JSC::JIT::emit_op_loop_if_false): ditto
        (JSC::JIT::emitSlow_op_loop_if_false): ditto
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        (JSC::):

2009-12-04  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        JavaScript delete operator should return false for string properties
        https://bugs.webkit.org/show_bug.cgi?id=32012

        * runtime/StringObject.cpp:
        (JSC::StringObject::deleteProperty):

2009-12-03  Drew Wilson  <atwilson@chromium.org>

        Rolled back r51633 because it causes a perf regression in Chromium.

        * wtf/Platform.h:

2009-12-03  Gavin Barraclough  <barraclough@apple.com>

        Try and fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:  Export a symbol that should be exported.

2009-12-03  Mark Rowe  <mrowe@apple.com>

        Try and fix the Mac build.

        * JavaScriptCore.exp:  Export a symbol that should be exported.

2009-12-03  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION(4.0.3-48777): Crash in JSC::ExecState::propertyNames() (Debug-only?)
        https://bugs.webkit.org/show_bug.cgi?id=32133

        Work around odd GCC-ism and correct the scopechain for use by
        calls made while a cachedcall is active on the callstack.

        * interpreter/CachedCall.h:
        (JSC::CachedCall::newCallFrame):
        * runtime/JSArray.cpp:
        (JSC::AVLTreeAbstractorForArrayCompare::compare_key_key):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):

2009-12-03  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver "Brraaaaiiiinnnnnzzzzzzzz" Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=32136
        Add a rope representation to JSString.  Presently JSString always holds its data in UString form.
        Instead, allow the result of a string concatenation to be represented in a tree form - with a
        variable sized, reference-counted rope node retaining a set of UString::Reps (or other rope nopes).

        Strings must still currently be resolved down to a flat UString representation before being used,
        but by holding the string in a rope representation during construction we can avoid copying data
        until we know the final size of the string.

        ~2% progression on SunSpider (~25% on date-format-xparb, ~20% on string-validate-input).

        * JavaScriptCore.exp:

            - Update exports.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

            - Make use of new JSString::length() method to avoid prematurely resolving ropes.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):

            - Switch the string length trampoline to read the length directly from JSString::m_length,
              rather than from the JSString's UString::Rep's 'len' property.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):

            - Modify op_add such that addition of two strings, where either or both strings are already
              in rope representation, produces a rope as a result.

        * runtime/JSString.cpp:
        (JSC::JSString::Rope::~Rope):
        (JSC::copyChars):
        (JSC::JSString::resolveRope):
        (JSC::JSString::getPrimitiveNumber):
        (JSC::JSString::toBoolean):
        (JSC::JSString::toNumber):
        (JSC::JSString::toString):
        (JSC::JSString::toThisString):
        (JSC::JSString::getStringPropertyDescriptor):
        * runtime/JSString.h:
        (JSC::JSString::Rope::Fiber::Fiber):
        (JSC::JSString::Rope::Fiber::destroy):
        (JSC::JSString::Rope::Fiber::isRope):
        (JSC::JSString::Rope::Fiber::rope):
        (JSC::JSString::Rope::Fiber::string):
        (JSC::JSString::Rope::create):
        (JSC::JSString::Rope::initializeFiber):
        (JSC::JSString::Rope::ropeLength):
        (JSC::JSString::Rope::stringLength):
        (JSC::JSString::Rope::fibers):
        (JSC::JSString::Rope::Rope):
        (JSC::JSString::Rope::operator new):
        (JSC::JSString::JSString):
        (JSC::JSString::value):
        (JSC::JSString::length):
        (JSC::JSString::isRope):
        (JSC::JSString::rope):
        (JSC::JSString::string):
        (JSC::JSString::canGetIndex):
        (JSC::jsSingleCharacterSubstring):
        (JSC::JSString::getIndex):
        (JSC::jsSubstring):
        (JSC::JSString::getStringPropertySlot):

            - Add rope form.

        * runtime/Operations.h:
        (JSC::jsAdd):
        (JSC::concatenateStrings):

            - Update string concatenation, and addition of ropes, to produce ropes.

        * runtime/StringObject.cpp:
        (JSC::StringObject::getOwnPropertyNames):

            - Make use of new JSString::length() method to avoid prematurely resolving ropes.

2009-11-23  Jeremy Moskovich  <jeremy@chromium.org>

        Reviewed by Eric Seidel.

        Switch Chrome/Mac to use Core Text APIs rather than ATSUI APIs.
        https://bugs.webkit.org/show_bug.cgi?id=31802

        No test since this is already covered by existing pixel tests.

        * wtf/Platform.h: #define USE_CORE_TEXT for Chrome/Mac.

2009-12-02  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Add files missed in prior patch.

        * runtime/JSZombie.cpp:
        (JSC::):
        (JSC::JSZombie::leakedZombieStructure):
        * runtime/JSZombie.h: Added.
        (JSC::JSZombie::JSZombie):
        (JSC::JSZombie::isZombie):
        (JSC::JSZombie::classInfo):
        (JSC::JSZombie::isGetterSetter):
        (JSC::JSZombie::isAPIValueWrapper):
        (JSC::JSZombie::isPropertyNameIterator):
        (JSC::JSZombie::getCallData):
        (JSC::JSZombie::getConstructData):
        (JSC::JSZombie::getUInt32):
        (JSC::JSZombie::toPrimitive):
        (JSC::JSZombie::getPrimitiveNumber):
        (JSC::JSZombie::toBoolean):
        (JSC::JSZombie::toNumber):
        (JSC::JSZombie::toString):
        (JSC::JSZombie::toObject):
        (JSC::JSZombie::markChildren):
        (JSC::JSZombie::put):
        (JSC::JSZombie::deleteProperty):
        (JSC::JSZombie::toThisObject):
        (JSC::JSZombie::toThisString):
        (JSC::JSZombie::toThisJSString):
        (JSC::JSZombie::getJSNumber):
        (JSC::JSZombie::getOwnPropertySlot):

2009-12-02  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Add zombies to JSC
        https://bugs.webkit.org/show_bug.cgi?id=32103

        Add a compile time flag to make the JSC collector replace "unreachable"
        objects with zombie objects.  The zombie object is a JSCell subclass that
        ASSERTs on any attempt to use the JSCell methods.  In addition there are
        a number of additional assertions in bottleneck code to catch zombie usage
        as quickly as possible.

        Grrr. Argh. Brains.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * interpreter/Register.h:
        (JSC::Register::Register):
        * runtime/ArgList.h:
        (JSC::MarkedArgumentBuffer::append):
        (JSC::ArgList::ArgList):
        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        (JSC::Heap::sweep):
        * runtime/Collector.h:
        * runtime/JSCell.h:
        (JSC::JSCell::isZombie):
        (JSC::JSValue::isZombie):
        * runtime/JSValue.h:
        (JSC::JSValue::decode):
        (JSC::JSValue::JSValue):
        * wtf/Platform.h:

2009-12-01  Jens Alfke  <snej@chromium.org>

        Reviewed by Darin Adler.

        Added variants of find/contains/add that allow a foreign key type to be used.
        This will allow AtomicString-keyed maps to be queried by C string without
        having to create a temporary AtomicString (see HTTPHeaderMap.)
        The code for this is adapted from the equivalent in HashSet.h.

        * wtf/HashMap.h:
        (WTF::HashMap::find):
        (WTF::HashMap::contains):
        (WTF::HashMap::add):
        * wtf/HashSet.h: Changed "method" to "function member" in a comment.

2009-12-01  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Revert 51551 because it broke GTK+.

        * wtf/Platform.h:

2009-11-30  Gavin Barraclough  <barraclough@apple.com>

        Windows Build fix.  Reviewed by NOBODY.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-11-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Bug 31859 - Make world selection for JSC IsolatedWorlds automagical.

        WebCore presently has to explicitly specify the world before entering into JSC,
        which is a little fragile (particularly since property access via a
        getter/setter might invoke execution). Instead derive the current world from
        the lexical global object.
        
        Remove the temporary duct tape of willExecute/didExecute virtual hooks on the JSGlobalData::ClientData - these are no longer necessary.

        * API/JSBase.cpp:
        (JSEvaluateScript):
        * API/JSObjectRef.cpp:
        (JSObjectCallAsFunction):
        * JavaScriptCore.exp:
        * runtime/JSGlobalData.cpp:
        * runtime/JSGlobalData.h:

2009-11-30  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Remove obsolete PLATFORM(KDE) code
        https://bugs.webkit.org/show_bug.cgi?id=31958

        KDE is now using unpatched QtWebKit.

        * parser/Lexer.cpp: Remove obsolete KDE_USE_FINAL guard
        * wtf/Platform.h: Remove PLATFORM(KDE) definition and code 
        section that is guarded with it.

2009-11-30  Jan-Arve Sæther  <jan-arve.saether@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix compilation with win32-icc

        The Intel compiler does not support the __has_trivial_constructor type
        trait.  The Intel Compiler can report itself as _MSC_VER >= 1400. The
        reason for that is that the Intel Compiler depends on the Microsoft
        Platform SDK, and in order to try to be "fully" MS compatible it will
        "pretend" to be the same MS compiler as was shipped with the MS PSDK.
        (Thus, compiling with win32-icc with VC8 SDK will make the source code
        "think" the compiler at hand supports this type trait).

        * wtf/TypeTraits.h:

2009-11-29  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        [Qt] Mac build has JIT disabled
        https://bugs.webkit.org/show_bug.cgi?id=31828

        * wtf/Platform.h: Enable JIT for Qt Mac builds

2009-11-28  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        Apply workaround for the limitation of VirtualFree with MEM_RELEASE to all ports running on Windows
        https://bugs.webkit.org/show_bug.cgi?id=31943

        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):

2009-11-28  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        https://bugs.webkit.org/show_bug.cgi?id=31930

        Seems a typo. We don't need ~270k memory to determine the vptrs.

        * runtime/JSGlobalData.cpp:
        (JSC::VPtrSet::VPtrSet):

2009-11-27  Shinichiro Hamaji  <hamaji@chromium.org>

        Unreviewed. 

        Move GOwnPtr* from wtf to wtf/gtk
        https://bugs.webkit.org/show_bug.cgi?id=31793

        Build fix for chromium after r51423.
        Exclude gtk directory from chromium build.

        * JavaScriptCore.gyp/JavaScriptCore.gyp:

2009-11-25  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Incorrect behaviour of jneq_null in the interpreter
        https://bugs.webkit.org/show_bug.cgi?id=31901

        Correct the logic of jneq_null.  This is already covered by existing tests.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-11-26  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Oliver Hunt.

        Move GOwnPtr* from wtf to wtf/gtk
        https://bugs.webkit.org/show_bug.cgi?id=31793

        * GNUmakefile.am: Change the path for GOwnPtr.*.
        * JavaScriptCore.gyp/JavaScriptCore.gyp: Remove
          GOwnPtr.cpp from the exclude list.
        * JavaScriptCore.gypi: Change the path for GOwnPtr.*.
        * wscript: Remove GOwnPtr.cpp from the exclude list.
        * wtf/GOwnPtr.cpp: Removed.
        * wtf/GOwnPtr.h: Removed.
        * wtf/Threading.h: Change the path for GOwnPtr.h.
        * wtf/gtk/GOwnPtr.cpp: Copied from JavaScriptCore/wtf/GOwnPtr.cpp.
        * wtf/gtk/GOwnPtr.h: Copied from JavaScriptCore/wtf/GOwnPtr.h.
        * wtf/unicode/glib/UnicodeGLib.h: Change the path for GOwnPtr.h.

2009-11-24  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Eric Seidel.

        Add ENABLE_SHARED_SCRIPT feature define and flag for build-webkit
        https://bugs.webkit.org/show_bug.cgi?id=31444

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-11-24  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Add ability to enable ACCELERATED_COMPOSITING on Windows (currently disabled)
        https://bugs.webkit.org/show_bug.cgi?id=27314

        * wtf/Platform.h:

2009-11-24  Jason Smith  <dark.panda@gmail.com>

        Reviewed by Alexey Proskuryakov.

        RegExp#exec's returned Array-like object behaves differently from
        regular Arrays
        https://bugs.webkit.org/show_bug.cgi?id=31689

        * JavaScriptCore/runtime/RegExpConstructor.cpp: ensure that undefined
        values are added to the returned RegExpMatchesArray

2009-11-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        JSON.stringify performance on undefined is very poor
        https://bugs.webkit.org/show_bug.cgi?id=31839

        Switch from a UString to a Vector<UChar> when building
        the JSON string, allowing us to safely remove the substr-copy
        we otherwise did when unwinding an undefined property.

        Also turns out to be a ~5% speedup on stringification.

        * runtime/JSONObject.cpp:
        (JSC::Stringifier::StringBuilder::append):
        (JSC::Stringifier::stringify):
        (JSC::Stringifier::Holder::appendNextProperty):

2009-11-24  Mark Rowe  <mrowe@apple.com>

        Fix production builds where the source tree may be read-only.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-11-23  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Include "config.h" to meet Coding Style Guidelines
        https://bugs.webkit.org/show_bug.cgi?id=31792

        * wtf/unicode/UTF8.cpp:
        * wtf/unicode/glib/UnicodeGLib.cpp:
        * wtf/unicode/wince/UnicodeWince.cpp:

2009-11-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Streamlined some Math functions where we expect or know the result not
        to be representable as an int.
        
        SunSpider says 0.6% faster.

        * runtime/JSNumberCell.h:
        (JSC::JSValue::JSValue):
        * runtime/JSValue.h:
        (JSC::JSValue::):
        (JSC::jsDoubleNumber):
        (JSC::JSValue::JSValue): Added a function for making a numeric JSValue
        and skipping the "can I encode this as an int?" check, avoiding the
        overhead of int <-> double roundtripping and double <-> double comparison
        and branching.

        * runtime/MathObject.cpp:
        (JSC::mathProtoFuncACos):
        (JSC::mathProtoFuncASin):
        (JSC::mathProtoFuncATan):
        (JSC::mathProtoFuncATan2):
        (JSC::mathProtoFuncCos):
        (JSC::mathProtoFuncExp):
        (JSC::mathProtoFuncLog):
        (JSC::mathProtoFuncRandom):
        (JSC::mathProtoFuncSin):
        (JSC::mathProtoFuncSqrt):
        (JSC::mathProtoFuncTan): For these functions, which we expect or know
        to produce results not representable as ints, call jsDoubleNumber instead
        of jsNumber.

2009-11-23  Mark Rowe  <mrowe@apple.com>

        Unreviewed. Unbreak the regression tests after r51329.

        * API/JSBase.cpp:
        (JSEvaluateScript): Null-check clientData before dereferencing it.
        * API/JSObjectRef.cpp:
        (JSObjectCallAsFunction): Ditto.

2009-11-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Part 1/3 of <rdar://problem/7377477> REGRESSION: Many web pages fail to render after interesting script runs in isolated world

        Some clients of the JavaScriptCore API expect to be able to make callbacks over the JSC API,
        and for this to automagically cause execution to take place in the world associated with the
        global object associated with the ExecState (JSContextRef) passed.  However this is not how
        things work - the world must be explicitly set within WebCore.

        Making this work just for API calls to evaluate & call will be a far from perfect solution,
        since direct (non-API) use of JSC still relies on WebCore setting the current world correctly.
        A better solution would be to make this all work automagically all throughout WebCore, but this
        will require more refactoring.

        Since the API is in JSC but worlds only exist in WebCore, add callbacks on the JSGlobalData::ClientData
        to allow it to update the current world on entry/exit via the JSC API.  This is temporary duck
        tape, and should be removed once the current world no longer needs to be explicitly tracked.

        * API/JSBase.cpp:
        (JSEvaluateScript):
        * API/JSObjectRef.cpp:
        (JSObjectCallAsFunction):
        * JavaScriptCore.exp:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::ClientData::beginningExecution):
        (JSC::JSGlobalData::ClientData::completedExecution):
        * runtime/JSGlobalData.h:

2009-11-23  Steve Block  <steveblock@google.com>

        Reviewed by Dmitry Titov.

        Adds MainThreadAndroid.cpp with Android-specific WTF threading functions.
        https://bugs.webkit.org/show_bug.cgi?id=31807

        * wtf/android: Added.
        * wtf/android/MainThreadAndroid.cpp: Added.
        (WTF::timeoutFired):
        (WTF::initializeMainThreadPlatform):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2009-11-23  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Brady Eidson.

        https://bugs.webkit.org/show_bug.cgi?id=31748
        Make WebSocketHandleCFNet respect proxy auto-configuration files via CFProxySupport

        * JavaScriptCore.exp: Export callOnMainThreadAndWait.

2009-11-23  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Symbian] Fix lastIndexOf() for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=31773

        Symbian soft floating point library has problems with operators
        comparing NaN to numbers. Without a workaround lastIndexOf() 
        function does not work.

        Patch developed by David Leong.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncLastIndexOf):Add an extra test 
        to check for NaN for Symbian.

2009-11-23  Steve Block  <steveblock@google.com>

        Reviewed by Eric Seidel.

        Android port lacks implementation of atomicIncrement and atomicDecrement.
        https://bugs.webkit.org/show_bug.cgi?id=31715

        * wtf/Threading.h: Modified.
        (WTF::atomicIncrement): Added Android implementation.
        (WTF::atomicDecrement): Added Android implementation.

2009-11-22  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Unreviewed.

        [Qt] Sort source lists and remove obsolete comments 
        from the build system.

        * JavaScriptCore.pri:

2009-11-21  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        [Qt][Mac] Turn on multiple JavaScript threads for QtWebkit on Mac
        https://bugs.webkit.org/show_bug.cgi?id=31753

        * wtf/Platform.h:

2009-11-19  Steve Block  <steveblock@google.com>

        Android port lacks configuration in Platform.h and config.h.
        https://bugs.webkit.org/show_bug.cgi?id=31671

        * wtf/Platform.h: Modified. Added Android-specific configuration.

2009-11-19  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=31690
        Make SocketStreamHandleCFNet work on Windows

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * wtf/MainThread.cpp:
        (WTF::FunctionWithContext::FunctionWithContext):
        (WTF::dispatchFunctionsFromMainThread):
        (WTF::callOnMainThreadAndWait):
        * wtf/MainThread.h:
        Re-add callOnMainThreadAndWait(), which was removed in bug 23926.

2009-11-19  Dmitry Titov  <dimich@chromium.org>

        Reviewed by David Levin.

        isMainThread() on Chromium (Mac and Linux) is so slow it timeouts LayoutTests..
        https://bugs.webkit.org/show_bug.cgi?id=31693

        * wtf/ThreadingPthreads.cpp:
        (WTF::initializeThreading): grab and use the pthread_t of the main thread instead of ThreadIdentifier.
        (WTF::isMainThread): Ditto.

2009-11-19  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Remove HAVE(STRING_H) guard from JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=31668

        * config.h:
        * runtime/UString.cpp:

2009-11-19  Dumitru Daniliuc  <dumi@chromium.org>

        Reviewed by Dmitry Titov.

        Fixing a bug in MessageQueue::removeIf() that leads to an
        assertion failure.

        https://bugs.webkit.org/show_bug.cgi?id=31657

        * wtf/MessageQueue.h:
        (WTF::MessageQueue::removeIf):

2009-11-19  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Remove HAVE(FLOAT_H) guard
        https://bugs.webkit.org/show_bug.cgi?id=31661

        JavaScriptCore has a dependency on float.h, there is
        no need to guard float.h.

        * runtime/DatePrototype.cpp: Remove include directive 
        for float.h as it is included in MathExtras.h already.
        * runtime/Operations.cpp: Ditto.
        * runtime/UString.cpp: Ditto.
        * wtf/dtoa.cpp: Ditto.
        * wtf/MathExtras.h: Remove HAVE(FLOAT_H) guard.
        * wtf/Platform.h: Ditto.

2009-11-19  Thiago Macieira <thiago.macieira@nokia.com>

        Reviewed by Simon Hausmann.

        Build fix for 32-bit Sparc machines: these machines are big-endian.

        * wtf/Platform.h:

2009-11-18  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Remove support for Qt v4.3 or older versions
        https://bugs.webkit.org/show_bug.cgi?id=29469

        * JavaScriptCore.pro:
        * jsc.pro:
        * wtf/unicode/qt4/UnicodeQt4.h:

2009-11-18  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        Move UString::from(double) implementation to new
        WTF::doubleToStringInJavaScriptFormat(), and expose it because WebCore
        code will use it.
        https://bugs.webkit.org/show_bug.cgi?id=31330

        - Introduce new function createRep(const char*, unsigned) and
          UString::UString(const char*, unsigned) to reduce 2 calls to strlen().
        - Fix a bug that dtoa() doesn't update *rve if the input value is NaN
          or Infinity.

        No new tests because this doesn't change the behavior.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * runtime/UString.cpp:
        (JSC::createRep):
        (JSC::UString::UString):
        (JSC::UString::from): Move the code to doubleToStringInJavaScriptFormat().
        * runtime/UString.h:
        * wtf/dtoa.cpp:
        (WTF::dtoa): Fix a bug about rve.
        (WTF::append): A helper for doubleToStringInJavaScriptFormat().
        (WTF::doubleToStringInJavaScriptFormat): Move the code from UString::from(double).
        * wtf/dtoa.h:

2009-11-18  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Remove WTF_USE_JAVASCRIPTCORE_BINDINGS as it is no longer used
        https://bugs.webkit.org/show_bug.cgi?id=31643

        * JavaScriptCore.pro:

2009-11-18  Nate Chapin  <japhet@chromium.org>

        Reviewed by Darin Fisher.

        Remove Chromium's unnecessary dependency on wtf's tcmalloc files.

        https://bugs.webkit.org/show_bug.cgi?id=31648

        * JavaScriptCore.gyp/JavaScriptCore.gyp:

2009-11-18  Thiago Macieira <thiago.macieira@nokia.com>

        Reviewed by Gavin Barraclough.

        [Qt] Implement symbol hiding for JSC's JIT functions.

        These functions are implemented directly in assembly, so they need the
        proper directives to enable/disable visibility. On ELF systems, it's
        .hidden, whereas on Mach-O systems (Mac) it's .private_extern. On
        Windows, it's not necessary since you have to explicitly export. I
        also implemented the AIX idiom, though it's unlikely anyone will
        implement AIX/POWER JIT.
        https://bugs.webkit.org/show_bug.cgi?id=30864

        * jit/JITStubs.cpp:

2009-11-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Interpreter may do an out of range access when throwing an exception in the profiler.
        https://bugs.webkit.org/show_bug.cgi?id=31635

        Add bounds check.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::throwException):

2009-11-18  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Fix the clobber list of cacheFlush for ARM and Thumb2 on Linux
        https://bugs.webkit.org/show_bug.cgi?id=31631

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-11-18  Harald Fernengel  <harald.fernengel@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix detection of linux-g++

        Never use "linux-g++*" to check for linux-g++, since this will break embedded
        builds which use linux-arm-g++ and friends. Use 'linux*-g++*' to check for any
        g++ on linux mkspec.

        * JavaScriptCore.pri:

2009-11-17  Jon Honeycutt  <jhoneycutt@apple.com>

        Add JSContextRefPrivate.h to list of copied files.

        Reviewed by Mark Rowe.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:

2009-11-17  Martin Robinson  <martin.james.robinson@gmail.com>

        Reviewed by Adam Barth.

        [GTK] Style cleanup for GOwnPtr
        https://bugs.webkit.org/show_bug.cgi?id=31506

        Remove forward declaration in GOwnPtr and do some style cleanup.

        * wtf/GOwnPtr.cpp:
        * wtf/GOwnPtr.h:
        (WTF::GOwnPtr::GOwnPtr):
        (WTF::GOwnPtr::~GOwnPtr):
        (WTF::GOwnPtr::get):
        (WTF::GOwnPtr::release):
        (WTF::GOwnPtr::outPtr):
        (WTF::GOwnPtr::set):
        (WTF::GOwnPtr::clear):
        (WTF::GOwnPtr::operator*):
        (WTF::GOwnPtr::operator->):
        (WTF::GOwnPtr::operator!):
        (WTF::GOwnPtr::operator UnspecifiedBoolType):
        (WTF::GOwnPtr::swap):
        (WTF::swap):
        (WTF::operator==):
        (WTF::operator!=):
        (WTF::getPtr):
        (WTF::freeOwnedGPtr):

2009-11-17  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Incorrect use of JavaScriptCore API in DumpRenderTree
        https://bugs.webkit.org/show_bug.cgi?id=31577

        Add assertions to the 'toJS' functions to catch mistakes like
        this early.  Restructure existing code which blindly passed potentially
        null values to toJS when forwarding exceptions so that a null check is
        performed first.

        * API/APICast.h:
        (toJS):
        (toJSForGC):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertySlot):
        (JSC::::put):
        (JSC::::deleteProperty):
        (JSC::::construct):
        (JSC::::hasInstance):
        (JSC::::call):
        (JSC::::toNumber):
        (JSC::::toString):
        (JSC::::staticValueGetter):
        (JSC::::callbackGetter):
        * API/tests/testapi.c: Fix errors in the API tester.
        (MyObject_getProperty):
        (MyObject_convertToType):
        (EvilExceptionObject_convertToType):

2009-11-16  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        https://bugs.webkit.org/show_bug.cgi?id=31050

        Minor fixes for JSVALUE32_64: branchConvertDoubleToInt32
        failed on a CortexA8 CPU, but not on a simulator; and
        JITCall.cpp modifications was somehow not committed to mainline.

        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::fmrs_r):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::branchConvertDoubleToInt32):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):

2009-11-16  Joerg Bornemann  <joerg.bornemann@trolltech.com>

        Reviewed by Simon Hausmann.

        Fix Qt build on Windows CE 6.

        * JavaScriptCore.pri: Add missing include path.
        * wtf/Platform.h: Include ce_time.h for Windows CE 6.

2009-11-13  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        https://bugs.webkit.org/show_bug.cgi?id=31050

        Adding optimization support for mode JSVALUE32_64
        on ARM systems.

        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::emit_op_put_by_id):

2009-11-14  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        https://bugs.webkit.org/show_bug.cgi?id=31050

        Adding JSVALUE32_64 support for ARM (but not turning it
        on by default). All optimizations must be disabled, since
        this patch is only the first of a series of patches.

        During the work, a lot of x86 specific code revealed and
        made platform independent.
        See revisions: 50531 50541 50593 50594 50595

        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::fdivd_r):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::lshift32):
        (JSC::MacroAssemblerARM::neg32):
        (JSC::MacroAssemblerARM::rshift32):
        (JSC::MacroAssemblerARM::branchOr32):
        (JSC::MacroAssemblerARM::set8):
        (JSC::MacroAssemblerARM::setTest8):
        (JSC::MacroAssemblerARM::loadDouble):
        (JSC::MacroAssemblerARM::divDouble):
        (JSC::MacroAssemblerARM::convertInt32ToDouble):
        (JSC::MacroAssemblerARM::zeroDouble):
        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITStubs.cpp:
        * wtf/StdLibExtras.h:

2009-11-13  Dominik Röttsches  <dominik.roettsches@access-company.com>

        Reviewed by Eric Seidel.

        Unify TextBoundaries implementations by only relying on WTF Unicode abstractions
        https://bugs.webkit.org/show_bug.cgi?id=31468

        Adding isAlphanumeric abstraction, required
        by TextBoundaries.cpp.

        * wtf/unicode/glib/UnicodeGLib.h:
        (WTF::Unicode::isAlphanumeric):
        * wtf/unicode/icu/UnicodeIcu.h:
        (WTF::Unicode::isAlphanumeric):

2009-11-13  Norbert Leser  <norbert.leser&nokia.com>

        Reviewed by Eric Seidel.

        Added macros for USERINCLUDE paths within symbian blocks
        to guarantee inclusion of respective header files from local path
        first (to avoid clashes with same names of header files in system include path).

        * JavaScriptCore.pri:

2009-11-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        JSValueProtect and JSValueUnprotect don't protect API wrapper values
        https://bugs.webkit.org/show_bug.cgi?id=31485

        Make JSValueProtect/Unprotect use a new 'toJS' function, 'toJSForGC' that
        does not attempt to to strip out API wrapper objects.

        * API/APICast.h:
        (toJSForGC):
        * API/JSValueRef.cpp:
        (JSValueProtect):
        (JSValueUnprotect):
        * API/tests/testapi.c:
        (makeGlobalNumberValue):
        (main):

2009-11-13  İsmail Dönmez  <ismail@namtrac.org>

        Reviewed by Antti Koivisto.

        Fix typo, ce_time.cpp should be ce_time.c

        * JavaScriptCore.pri:

2009-11-12  Steve VanDeBogart  <vandebo@chromium.org>

        Reviewed by Adam Barth.

        Calculate the time offset only if we were able to parse
        the date string. This saves an IPC in Chromium for
        invalid date strings.
        https://bugs.webkit.org/show_bug.cgi?id=31416

        * wtf/DateMath.cpp:
        (WTF::parseDateFromNullTerminatedCharacters):
        (JSC::parseDateFromNullTerminatedCharacters):

2009-11-12  Oliver Hunt  <oliver@apple.com>

        Rollout r50896 until i can work out why it causes failures.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitReturn):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        * parser/Nodes.cpp:
        (JSC::EvalNode::emitBytecode):

2009-11-12  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Stephanie Lewis.

        Remove LIBRARY directive from def file to fix Debug_All target.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-11-12  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Rubber-stamped by Holger Freyther.

        Revert r50204, since it makes DRT crash on 32 bits release builds
        for GTK+.

        * wtf/FastMalloc.h:

2009-11-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Start unifying entry logic for function and eval code.

        Eval now uses a ret instruction to end execution, and sets up
        a callframe more in line with what we do for function entry.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitReturn):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        * parser/Nodes.cpp:
        (JSC::EvalNode::emitBytecode):

2009-11-12  Richard Moe Gustavsen  <richard.gustavsen@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Disable pthread_setname_np.

        This allows Qt builds on Mac from 10.6 to run on earlier version
        where this symbol is not present.
        https://bugs.webkit.org/show_bug.cgi?id=31403

        * wtf/Platform.h:

2009-11-12  Thiago Macieira <thiago.macieira@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        [Qt] Fix linking on Linux 32-bit.

        It was missing the ".text" directive at the top of the file,
        indicating that code would follow. Without it, the assembler created
        "NOTYPE" symbols, which would result in linker errors.
        https://bugs.webkit.org/show_bug.cgi?id=30863

        * jit/JITStubs.cpp:

2009-11-11  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Alexey Proskuryakov.

        Refactor multiple JavaScriptCore threads
        https://bugs.webkit.org/show_bug.cgi?id=31328

        Remove the id field from the PlatformThread structure 
        as it is not used.

        * runtime/Collector.cpp:
        (JSC::getCurrentPlatformThread):
        (JSC::suspendThread):
        (JSC::resumeThread):
        (JSC::getPlatformThreadRegisters):

2009-11-10  Geoffrey Garen  <ggaren@apple.com>

        Linux build fix: Added an #include for UINT_MAX.

        * runtime/WeakRandom.h:

2009-11-10  Geoffrey Garen  <ggaren@apple.com>

        JavaScriptGlue build fix: Marked a file 'private' instead of 'project'.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-11-10  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin "avGni arBalroguch" Barraclough.

        Faster Math.random, based on GameRand.
        
        SunSpider says 1.4% faster.

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj: Added the header to the project.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h: Use an object to track random number generation
        state, initialized to the current time.

        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        (JSC::mathProtoFuncRandom): Use the new hotness.

        * runtime/WeakRandom.h: Added.
        (JSC::WeakRandom::WeakRandom):
        (JSC::WeakRandom::get):
        (JSC::WeakRandom::advance): The new hotness.

2009-11-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Imported the v8 DST cache.
        
        SunSpider says 1.5% faster.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::resetDateCache): Reset the DST cache when resetting
        other date data.

        * runtime/JSGlobalData.h:
        (JSC::DSTOffsetCache::DSTOffsetCache):
        (JSC::DSTOffsetCache::reset): Added a struct for the DST cache.

        * wtf/DateMath.cpp:
        (WTF::calculateDSTOffsetSimple):
        (WTF::calculateDSTOffset):
        (WTF::parseDateFromNullTerminatedCharacters):
        (JSC::getDSTOffset):
        (JSC::gregorianDateTimeToMS):
        (JSC::msToGregorianDateTime):
        (JSC::parseDateFromNullTerminatedCharacters):
        * wtf/DateMath.h: The imported code for probing and updating the cache.

2009-11-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed an edge case that could cause the engine not to notice a timezone
        change.
        
        No test because this case would require manual intervention to change
        the timezone during the test.
        
        SunSpider reports no change.

        * runtime/DateInstanceCache.h:
        (JSC::DateInstanceCache::DateInstanceCache):
        (JSC::DateInstanceCache::reset): Added a helper function for resetting
        this cache. Also, shrank the cache, since we'll be resetting it often.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::resetDateCache): Include resetting the DateInstanceCache
        in resetting Date data. (Otherwise, a cache hit could bypass a necessary
        timezone update check.)

2009-11-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Some manual inlining and constant propogation in Date code.
        
        SunSpider reports a 0.4% speedup on date-*, no overall speedup. Shark
        says some previously evident stalls are now gone.

        * runtime/DateConstructor.cpp:
        (JSC::callDate):
        * runtime/DateConversion.cpp:
        (JSC::formatTime):
        (JSC::formatTimeUTC): Split formatTime into UTC and non-UTC variants.

        * runtime/DateConversion.h:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::calculateGregorianDateTime):
        (JSC::DateInstance::calculateGregorianDateTimeUTC):
        * runtime/DateInstance.h:
        (JSC::DateInstance::gregorianDateTime):
        (JSC::DateInstance::gregorianDateTimeUTC): Split gregorianDateTime into
        a UTC and non-UTC variant, and split each variant into a fast inline
        case and a slow out-of-line case.

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToISOString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear): Updated for the gregorianDateTime change above.

2009-11-09  Geoffrey Garen  <ggaren@apple.com>

        Build fix: export a new symbol.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-11-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam "Home Wrecker" Weinig.

        Added a tiny cache for Date parsing.
        
        SunSpider says 1.2% faster.

        * runtime/DateConversion.cpp:
        (JSC::parseDate): Try to reuse the last parsed Date, if present.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::resetDateCache):
        * runtime/JSGlobalData.h: Added storage for last parsed Date. Refactored
        this code to make resetting the date cache easier.

        * runtime/JSGlobalObject.h:
        (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): Updated for
        refactoring.

        * wtf/DateMath.cpp:
        (JSC::parseDateFromNullTerminatedCharacters):
        * wtf/DateMath.h: Changed ExecState to be first parameter, as is the JSC custom.

2009-11-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Can cache prototype lookups on uncacheable dictionaries.
        https://bugs.webkit.org/show_bug.cgi?id=31198

        Replace fromDictionaryTransition with flattenDictionaryObject and
        flattenDictionaryStructure.  This change is necessary as we need to
        guarantee that our attempt to convert away from a dictionary structure
        will definitely succeed, and in some cases this requires mutating the
        object storage itself.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
        * runtime/JSObject.h:
        (JSC::JSObject::flattenDictionaryObject):
        * runtime/Operations.h:
        (JSC::normalizePrototypeChain):
        * runtime/Structure.cpp:
        (JSC::Structure::flattenDictionaryStructure):
        (JSC::comparePropertyMapEntryIndices):
        * runtime/Structure.h:

2009-11-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Not reviewed, build fix.

        Remove extra character from r50701.

        * JavaScriptCore.pri:

2009-11-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Not reviewed, build fix.

        Revert r50695 because it broke QtWebKit (clean builds).

        * JavaScriptCore.pri:

2009-11-09  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Prepended $$PWD to GENERATED_SOURCES_DIR to avoid potential ambiguities when included from WebCore.pro.
        Some preprocessors consider this GENERATED_SOURCES_DIR relative to current invoking dir (e.g., ./WebCore),
        and not the working dir of JavaCriptCore.pri (i.e., ../JavaScriptCore/).

        * JavaScriptCore.pri:

2009-11-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Kenneth Rohde Christiansen.

        Use explicit parentheses to silence gcc 4.4 -Wparentheses warnings
        https://bugs.webkit.org/show_bug.cgi?id=31040

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-11-08  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (speculative snow leopard and windows build fixes).

        * wtf/DateMath.cpp:
        (WTF::parseDateFromNullTerminatedCharacters):
        (JSC::gregorianDateTimeToMS):
        (JSC::msToGregorianDateTime):
        (JSC::parseDateFromNullTerminatedCharacters):
        * wtf/DateMath.h:
        (JSC::GregorianDateTime::GregorianDateTime):

2009-11-08  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (chromium build fix).
        
        Hopefully, the last build fix.

        Create better separation in DateMath about the JSC
        and non-JSC portions. Also, only expose the non-JSC
        version in the exports.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * wtf/DateMath.cpp:
        (WTF::parseDateFromNullTerminatedCharacters):
        (JSC::getUTCOffset):
        (JSC::gregorianDateTimeToMS):
        (JSC::msToGregorianDateTime):
        (JSC::parseDateFromNullTerminatedCharacters):
        * wtf/DateMath.h:
        (JSC::gmtoffset):

2009-11-08  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (chromium build fix).

        For the change in DateMath.

        * config.h:
        * wtf/DateMath.cpp:

2009-11-06  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: export some symbols.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-11-06  Geoffrey Garen  <ggaren@apple.com>

        Build fix: updated export file.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:

2009-11-06  Geoffrey Garen  <ggaren@apple.com>

        Build fix: added some #includes.

        * wtf/CurrentTime.h:
        * wtf/DateMath.h:

2009-11-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        https://bugs.webkit.org/show_bug.cgi?id=31197
        Implemented a timezone cache not based on Mac OS X's notify_check API.
        
        If the VM calculates the local timezone offset from UTC, it caches the
        result until the end of the current VM invocation. (We don't want to cache
        forever, because the user's timezone may change over time.)
        
        This removes notify_* overhead on Mac, and, more significantly, removes
        OS time and date call overhead on non-Mac platforms.

        ~8% speedup on Date microbenchmark on Mac. SunSpider reports maybe a tiny
        speedup on Mac. (Speedup on non-Mac platforms should be even more noticeable.)

        * JavaScriptCore.exp:

        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        * runtime/JSGlobalObject.h:
        (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): Made the 
        DynamicGlobalObjectScope constructor responsible for checking whether a
        dynamicGlobalObject has already been set. This eliminated some duplicate
        client code, and allowed me to avoid adding even more duplicate client
        code. Made DynamicGlobalObjectScope responsible for resetting the
        local timezone cache upon first entry to the VM.

        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        (JSC::callDate):
        (JSC::dateParse):
        (JSC::dateUTC):
        * runtime/DateConversion.cpp:
        (JSC::parseDate):
        * runtime/DateConversion.h:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::gregorianDateTime):
        * runtime/DateInstance.h:
        * runtime/DateInstanceCache.h:
        * runtime/DatePrototype.cpp:
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        * runtime/InitializeThreading.cpp:
        (JSC::initializeThreadingOnce):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * wtf/DateMath.cpp:
        (WTF::getCurrentUTCTime):
        (WTF::getCurrentUTCTimeWithMicroseconds):
        (WTF::getLocalTime):
        (JSC::getUTCOffset): Use the new cache. Also, see below.
        (JSC::gregorianDateTimeToMS):
        (JSC::msToGregorianDateTime):
        (JSC::initializeDates):
        (JSC::parseDateFromNullTerminatedCharacters): Simplified the way this function
        accounts for the local timezone offset, to accomodate our new caching API,
        and a (possibly misguided) caller in WebCore. Also, see below.
        * wtf/DateMath.h:
        (JSC::GregorianDateTime::GregorianDateTime): Moved most of the code in
        DateMath.* into the JSC namespace. The code needed to move so it could
        naturally interact with ExecState and JSGlobalData to support caching.
        Logically, it seemed right to move it, too, since this code is not really
        as low-level as the WTF namespace might imply -- it implements a set of
        date parsing and conversion quirks that are finely tuned to the JavaScript
        language. Also removed the Mac OS X notify_* infrastructure.
        
        * wtf/CurrentTime.h:
        (WTF::currentTimeMS):
        (WTF::getLocalTime): Moved the rest of the DateMath code here, and renamed
        it to make it consistent with WTF's currentTime function.

2009-11-06  Gabor Loki  <loki@inf.u-szeged.hu>

        Unreviewed trivial buildfix after r50595.

        Rename the remaining rshiftPtr calls to rshift32

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitFastArithImmToInt):

2009-11-06  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Tidy up the shift methods on the macro-assembler interface.

        Currently behaviour of shifts of a magnitude > 0x1f is undefined.
        Instead defined that all shifts are masked to this range.  This makes a lot of
        practical sense, both since having undefined behaviour is not particularly
        desirable, and because this behaviour is commonly required (particularly since
        it is required bt ECMA-262 for shifts).

        Update the ARM assemblers to provide this behaviour.  Remove (now) redundant
        masks from JITArithmetic, and remove rshiftPtr (this was used in case that
        could be rewritten in a simpler form using rshift32, only optimized JSVALUE32
        on x86-64, which uses JSVALUE64!)

        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::lshift32):
        (JSC::MacroAssemblerARM::rshift32):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::lshift32):
        (JSC::MacroAssemblerARMv7::rshift32):
        * assembler/MacroAssemblerX86_64.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):

2009-11-05  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Oliver Hunt.

        Remove a magic number (1) from the JIT, instead compute the value with OBJECT_OFFSET.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArg):
        (JSC::JIT::emitPutJITStubArgConstant):
        (JSC::JIT::emitGetJITStubArg):
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::getArgument):
        * jit/JITStubs.h:

2009-11-05  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        https://bugs.webkit.org/show_bug.cgi?id=31159
        Fix branchDouble behaviour on ARM THUMB2 JIT.

        The x86 branchDouble behaviour is reworked, and all JIT
        ports should follow the x86 port. See bug 31104 and 31151

        This patch contains a fix for the traditional ARM port

        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::fmrs_r):
        (JSC::ARMAssembler::ftosid_r):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::):
        (JSC::MacroAssemblerARM::branchDouble):
        (JSC::MacroAssemblerARM::branchConvertDoubleToInt32):

2009-11-05  Chris Jerdonek  <chris.jerdonek@gmail.com>

        Reviewed by Eric Seidel.

        Removed the "this is part of the KDE project" comments from 
        all *.h, *.cpp, *.idl, and *.pm files.
        
        https://bugs.webkit.org/show_bug.cgi?id=31167
        
        The maintenance and architecture page in the project wiki lists
        this as a task.
        
        This change includes no changes or additions to test cases 
        since the change affects only comments.
        
        * wtf/wince/FastMallocWince.h:

2009-11-05  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Use ARMv7 specific encoding for immediate constants on ARMv7 target
        https://bugs.webkit.org/show_bug.cgi?id=31060

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::getOp2): Use INVALID_IMM
        (JSC::ARMAssembler::getImm): Use encodeComplexImm for complex immediate
        (JSC::ARMAssembler::moveImm): Ditto.
        (JSC::ARMAssembler::encodeComplexImm): Encode a constant by one or two
        instructions or a PC relative load.
        * assembler/ARMAssembler.h: Use INVALID_IMM if a constant cannot be
        encoded as an immediate constant.
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::movw_r): 16-bit immediate load
        (JSC::ARMAssembler::movt_r): High halfword 16-bit immediate load
        (JSC::ARMAssembler::getImm16Op2): Encode immediate constant for
        movw_r and mowt_r

2009-11-04  Mark Mentovai  <mark@chromium.org>

        Reviewed by Mark Rowe.

        Provide TARGETING_TIGER and TARGETING_LEOPARD as analogues to
        BUILDING_ON_TIGER and BUILDING_ON_LEOPARD.  The TARGETING_ macros
        consider the deployment target; the BUILDING_ON_ macros consider the
        headers being built against.

        * wtf/Platform.h:

2009-11-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=31151
        Fix branchDouble behaviour on ARM THUMB2 JIT.

        The ARMv7 JIT is currently using ARMv7Assembler::ConditionEQ to branch
        for DoubleEqualOrUnordered, however this is incorrect - ConditionEQ won't
        branch on unordered operands.  Similarly, DoubleLessThanOrUnordered &
        DoubleLessThanOrEqualOrUnordered use ARMv7Assembler::ConditionLO &
        ARMv7Assembler::ConditionLS, whereas they should be using
        ARMv7Assembler::ConditionLT & ARMv7Assembler::ConditionLE.

        Fix these, and fill out the missing DoubleConditions.

        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::):
        (JSC::MacroAssemblerARMv7::branchDouble):

2009-11-04  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Oliver Hunt.

        Enable native call optimizations on ARMv7.  (Existing ARM_TRADITIONAL
        implementation was generic, worked perfectly, just needed turning on).

        * jit/JITOpcodes.cpp:
        * wtf/Platform.h:

2009-11-04  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe, Oliver Hunt, and Sam Weinig.

        Add a missing assert to the ARMv7 JIT.

        * assembler/ARMv7Assembler.h:
        (JSC::ARMThumbImmediate::ARMThumbImmediate):

2009-11-04  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Remove bogus op_ prefix on dumped version of three opcodes.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):

2009-11-04  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Fix dumping of constants in bytecode so that they aren't printed as large positive register numbers.

        We do this by having the registerName function return information about the constant if the register
        number corresponds to a constant.  This requires that registerName, and several functions that call it,
        be converted to member functions of CodeBlock so that the constant value can be retrieved.  The
        ExecState also needs to be threaded down through these functions so that it can be passed on to
        constantName when needed.

        * bytecode/CodeBlock.cpp:
        (JSC::constantName):
        (JSC::CodeBlock::registerName):
        (JSC::CodeBlock::printUnaryOp):
        (JSC::CodeBlock::printBinaryOp):
        (JSC::CodeBlock::printConditionalJump):
        (JSC::CodeBlock::printGetByIdOp):
        (JSC::CodeBlock::printPutByIdOp):
        (JSC::CodeBlock::dump):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::isConstantRegisterIndex):

2009-11-04  Pavel Heimlich  <tropikhajma@gmail.com>

        Reviewed by Alexey Proskuryakov.

        https://bugs.webkit.org/show_bug.cgi?id=30647
        Solaris build failure due to strnstr.

        * wtf/StringExtras.h: Enable strnstr on Solaris, too.

2009-11-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=31104
        Refactor x86-specific behaviour out of the JIT.

        - Add explicit double branch conditions for ordered and unordered comparisons (presently the brehaviour is a mix).
        - Refactor double to int conversion out into the MacroAssembler.
        - Remove broken double to int conversion for !JSVALUE32_64 builds - this code was broken and slowing us down, fixing it showed it not to be an improvement.
        - Remove exclusion of double to int conversion from (1 % X) cases in JSVALUE32_64 builds - if this was of benefit this is no longer the case; simplify.

        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::):
        (JSC::MacroAssemblerX86Common::convertInt32ToDouble):
        (JSC::MacroAssemblerX86Common::branchDouble):
        (JSC::MacroAssemblerX86Common::branchConvertDoubleToInt32):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):

2009-11-04  Mark Mentovai  <mark@chromium.org>

        Reviewed by Eric Seidel.

        Remove BUILDING_ON_LEOPARD from JavaScriptCore.gyp.  This is supposed
        to be set as needed only in wtf/Platform.h.

        * JavaScriptCore.gyp/JavaScriptCore.gyp:

2009-11-02  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION (r48573): JSC may incorrectly cache chain lookups with a dictionary at the head of the chain
        https://bugs.webkit.org/show_bug.cgi?id=31045

        Add guards to prevent caching of prototype chain lookups with dictionaries at the
        head of the chain.  Also add a few tighter assertions to cached prototype lookups
        to catch this in future.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):

2009-11-02  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        PLATFORM(CF) should be set when building for Qt on Darwin
        https://bugs.webkit.org/show_bug.cgi?id=23671

        * wtf/Platform.h: Turn on CF support if both QT and DARWIN
        platforms are defined.

2009-11-02  Dmitry Titov  <dimich@chromium.org>

        Reviewed by David Levin.

        Remove threadsafe refcounting from tasks used with WTF::MessageQueue.
        https://bugs.webkit.org/show_bug.cgi?id=30612

        * wtf/MessageQueue.h:
        (WTF::MessageQueue::alwaysTruePredicate):
        (WTF::MessageQueue::~MessageQueue):
        (WTF::MessageQueue::append):
        (WTF::MessageQueue::appendAndCheckEmpty):
        (WTF::MessageQueue::prepend):
        (WTF::MessageQueue::waitForMessage):
        (WTF::MessageQueue::waitForMessageFilteredWithTimeout):
        (WTF::MessageQueue::tryGetMessage):
        (WTF::MessageQueue::removeIf):
        The MessageQueue is changed to act as a queue of OwnPtr<DataType>. It takes ownership
        of posted tasks and passes it to the new owner (in another thread) when the task is fetched.
        All methods have arguments of type PassOwnPtr<DataType> and return the same type.

        * wtf/Threading.cpp:
        (WTF::createThread):
        Superficial change to trigger rebuild of JSC project on Windows,
        workaround for https://bugs.webkit.org/show_bug.cgi?id=30890

2009-10-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed failing layout test: restore a special case I accidentally deleted.

        * runtime/DatePrototype.cpp:
        (JSC::setNewValueFromDateArgs): In the case of applying a change to a date
        that is NaN, reset the date to 0 *and* then apply the change; don't just
        reset the date to 0.

2009-10-30  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: update for object-to-pointer change.

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2009-10-29  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=30942
        Use pointers instead of copies to pass GregorianDateTime objects around.
        
        SunSpider reports a shocking 4.5% speedup on date-format-xparb, and 1.3%
        speedup on date-format-tofte.

        * runtime/DateInstance.cpp:
        (JSC::DateInstance::gregorianDateTime):
        * runtime/DateInstance.h:
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToISOString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear): Renamed getGregorianDateTime to gregorianDateTime,
        since it no longer has an out parameter. Uses 0 to indicate invalid dates.

2009-10-30  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's ListHashSet
        https://bugs.webkit.org/show_bug.cgi?id=30853

        Inherits ListHashSet class from FastAllocBase because it is
        instantiated by 'new' in WebCore/rendering/RenderBlock.cpp:1813.

        * wtf/ListHashSet.h:

2009-10-30  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Regression: crash enumerating properties of an object with getters or setters
        https://bugs.webkit.org/show_bug.cgi?id=30948

        Add a guard to prevent us trying to cache property enumeration on
        objects with getters or setters.

        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::create):

2009-10-30  Roland Steiner  <rolandsteiner@chromium.org>

        Reviewed by Eric Seidel.

        Remove ENABLE_RUBY guards as discussed with Dave Hyatt and Maciej Stachowiak.

        Bug 28420 -  Implement HTML5 <ruby> rendering
        (https://bugs.webkit.org/show_bug.cgi?id=28420)
 
        No new tests (no functional change).

        * Configurations/FeatureDefines.xcconfig:

2009-10-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        REGRESSION (r50218-r50262): E*TRADE accounts page is missing content
        https://bugs.webkit.org/show_bug.cgi?id=30947
        <rdar://problem/7348833>

        The logic for flagging that a structure has non-enumerable properties
        was in addPropertyWithoutTransition, rather than in the core Structure::put
        method.  Despite this I was unable to produce a testcase that caused
        the failure that etrade was experiencing, but the new assertion in
        getEnumerablePropertyNames triggers on numerous layout tests without
        the fix, so in effecti all for..in enumeration in any test ends up
        doing the required consistency check.

        * runtime/Structure.cpp:
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::put):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::checkConsistency):

2009-10-29  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add cacheFlush support for Thumb-2 on Linux
        https://bugs.webkit.org/show_bug.cgi?id=30865

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-10-28  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        JSC JIT on ARMv7 cannot link jumps >16Mb range
        https://bugs.webkit.org/show_bug.cgi?id=30891

        Start planing all relative jumps as move-32-bit-immediate-to-register-BX.
        In the cases where the jump would fall within a relative jump range, use a relative jump.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::~ARMv7Assembler):
        (JSC::ARMv7Assembler::LinkRecord::LinkRecord):
        (JSC::ARMv7Assembler::):
        (JSC::ARMv7Assembler::executableCopy):
        (JSC::ARMv7Assembler::linkJump):
        (JSC::ARMv7Assembler::relinkJump):
        (JSC::ARMv7Assembler::setInt32):
        (JSC::ARMv7Assembler::isB):
        (JSC::ARMv7Assembler::isBX):
        (JSC::ARMv7Assembler::isMOV_imm_T3):
        (JSC::ARMv7Assembler::isMOVT):
        (JSC::ARMv7Assembler::isNOP_T1):
        (JSC::ARMv7Assembler::isNOP_T2):
        (JSC::ARMv7Assembler::linkJumpAbsolute):
        (JSC::ARMv7Assembler::twoWordOp5i6Imm4Reg4EncodedImmFirst):
        (JSC::ARMv7Assembler::twoWordOp5i6Imm4Reg4EncodedImmSecond):
        (JSC::ARMv7Assembler::ARMInstructionFormatter::twoWordOp5i6Imm4Reg4EncodedImm):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::makeJump):
        (JSC::MacroAssemblerARMv7::makeBranch):
        * jit/JIT.h:
        * wtf/Platform.h:

2009-10-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Improve for..in enumeration performance
        https://bugs.webkit.org/show_bug.cgi?id=30887

        Improve indexing of an object with a for..in iterator by
        identifying cases where get_by_val is being used with a iterator
        as the subscript and replace it with a new get_by_pname
        bytecode.  get_by_pname then optimizes lookups that directly access
        the base object.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitGetByVal):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::pushOptimisedForIn):
        (JSC::BytecodeGenerator::popOptimisedForIn):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::emit_op_get_by_pname):
        (JSC::JIT::emitSlow_op_get_by_pname):
        * parser/Nodes.cpp:
        (JSC::ForInNode::emitBytecode):
        * runtime/JSObject.h:
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::create):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::getOffset):
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        * runtime/JSValue.h:
        (JSC::JSValue::):
        * runtime/Structure.cpp:
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::changePrototypeTransition):
        (JSC::Structure::despecifyFunctionTransition):
        (JSC::Structure::addAnonymousSlotsTransition):
        (JSC::Structure::getterSetterTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::addPropertyWithoutTransition):
          Track the existence (or not) of non-enumerable properties.
        * runtime/Structure.h:
        (JSC::Structure::propertyStorageCapacity):
        (JSC::Structure::propertyStorageSize):
        (JSC::Structure::hasNonEnumerableProperties):
        (JSC::Structure::hasAnonymousSlots):

2009-10-28  Dmitry Titov  <dimich@chromium.org>

        Not reviewed, attemp to fix Windows build.

        Touch the cpp file to cause recompile.

        * wtf/Threading.cpp:
        (WTF::threadEntryPoint):

2009-10-28  Dmitry Titov  <dimich@chromium.org>

        Reviewed by David Levin.

        https://bugs.webkit.org/show_bug.cgi?id=30805
        Add MessageQueue::removeIf(Predicate&) to remove certain tasks without pulling them from the queue.
        Existing Database tests cover this since Database removes tasks when it is stopped.

        * wtf/MessageQueue.h:
        (WTF::::removeIf):

2009-10-28  Afonso R. Costa Jr.  <afonso.costa@openbossa.org>

        Reviewed by Oliver Hunt.

        [Qt] Enable YARR when YARR_JIT is enabled
        https://bugs.webkit.org/show_bug.cgi?id=30730

        When enabling or disabling JIT using JAVASCRIPTCORE_JIT, the ENABLE_YARR should
        be toggled also.

        * JavaScriptCore.pri:

2009-10-24  Martin Robinson  <martin.james.robinson@gmail.com>

        Reviewed by Oliver Hunt.

        Fix strict aliasing warning by switching reinterpret_cast to bitwise_cast.

        strict-aliasing warnings in JSFunction.h
        https://bugs.webkit.org/show_bug.cgi?id=27869

        * runtime/JSFunction.h:
        (JSC::JSFunction::nativeFunction):
        (JSC::JSFunction::scopeChain):
        (JSC::JSFunction::setScopeChain):
        (JSC::JSFunction::setNativeFunction):

2009-10-28  Jan-Arve Sæther <jan-arve.saether@nokia.com>

        Reviewed by Tor Arne Vestbø.

        Build-fix for 64-bit Windows

        * wtf/Platform.h: Make sure to use WTF_USE_JSVALUE64

2009-10-28  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix!).

        * jit/JIT.h:

2009-10-26  Holger Hans Peter Freyther  <zecke@selfish.org>

        Rubber-stamped by Darin Adler.

        Export fastMalloc, fastCalloc, fastRealloc and fastFree on GCC/Unix
        https://bugs.webkit.org/show_bug.cgi?id=30769

        When using -fvisibility=hidden to hide all internal symbols by default
        the malloc symbols will be hidden as well. For memory instrumentation
        it is needed to provide an instrumented version of these symbols and
        override the normal routines and by changing the visibility back to
        default this becomes possible.

        The only other solution would be to use system malloc instead of the
        TCmalloc implementation but this will not allow to analyze memory
        behavior with the default allocator.

        * wtf/FastMalloc.h: Define WTF_FAST_MALLOC_EXPORT for GCC and !darwin

2009-10-27  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Samuel Q. Weinig.

        Make the asserts protecting the offsets in the JIT more descriptive.

        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::emit_op_put_by_id):

2009-10-27  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        A little bit of refactoring in the date code.

        * JavaScriptCore.exp: Don't export this unused symbol.

        * runtime/DateConstructor.cpp:
        (JSC::constructDate):

        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h: Removed some unused functions. Changed the default
        constructor to ensure that a DateInstance is always initialized.

        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::DatePrototype): Pass an initializer to our constructor,
        since it now requires one.

        * wtf/DateMath.cpp:
        (WTF::msToGregorianDateTime): Only compute our offset from UTC if our
        output will require it. Otherwise, our offset is 0.

2009-10-27  Geoffrey Garen  <ggaren@apple.com>

        Build fix: Mark DateInstaceCache.h private, so other frameworks can see it.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-10-27  Geoffrey Garen  <ggaren@apple.com>

        Build fix: re-readded this file.

        * runtime/DateInstanceCache.h: Added.
        (JSC::DateInstanceData::create):
        (JSC::DateInstanceData::DateInstanceData):
        (JSC::DateInstanceCache::DateInstanceCache):
        (JSC::DateInstanceCache::add):
        (JSC::DateInstanceCache::lookup):

2009-10-27  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler and Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=30800
        Cache recently computed date data.
        
        SunSpider reports a ~0.5% speedup, mostly from date-format-tofte.js.

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj: Added new file.

        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        (JSC::DateInstance::getGregorianDateTime): Use the shared cache.

        * runtime/DateInstance.h: Renamed m_cache to m_data, to avoid the confusion
        of a "cache cache".

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToISOString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear): Pass an ExecState to these functions, so they
        can access the DateInstanceCache.

        * runtime/JSGlobalData.h: Keep a DateInstanceCache.

2009-10-27  James Robinson  <jamesr@chromium.org>

        Reviewed by Darin Fisher.

        Ensures that JavaScriptCore/wtf/CurrentTime.cpp is not built in PLATFORM(CHROMIUM) builds.

        Chromium uses a different method to calculate the current time than is used in
        JavaScriptCore/wtf/CurrentTime.cpp. This can lead to time skew when calls to currentTime() and Chromium's time
        function are mixed.  In particular, timers can get scheduled in the past which leads to 100% CPU use.
        See http://code.google.com/p/chromium/issues/detail?id=25892 for an example.

        https://bugs.webkit.org/show_bug.cgi?id=30833

        * JavaScriptCore.gyp/JavaScriptCore.gyp:
        * wtf/CurrentTime.cpp:

2009-10-27  Peter Varga  <pvarga@inf.u-szeged.hu>

        Rubber-stamped by Tor Arne Vestbø.

        Fix typo in RegexInterpreter.cpp and RegexJIT.cpp alterantive to
        alternative.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::ByteCompiler::alternativeBodyDisjunction):
        (JSC::Yarr::ByteCompiler::alternativeDisjunction):
        (JSC::Yarr::ByteCompiler::emitDisjunction):
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateDisjunction):

2009-10-26  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Make .rc files compile on Windows without depending on MFC headers
        https://bugs.webkit.org/show_bug.cgi?id=30750

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc: Use
        winresrc.h because it exists even when MFC is not installed, and is
        all that's needed here.

2009-10-26  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        The thunkReturnAddress is on JITStackFrame on ARM JIT as well
        https://bugs.webkit.org/show_bug.cgi?id=30782

        Move the thunkReturnAddress from top of the stack into the JITStackFrame
        structure. This is a requirement for JSValue32_64 support on ARM.

        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::ret): Return with link register
        (JSC::MacroAssemblerARM::prepareCall): Store the return address in link register
        * jit/JIT.h: Remove unused ctiReturnRegister
        * jit/JITInlineMethods.h: Same as ARMv7
        (JSC::JIT::restoreArgumentReference): Ditto.
        (JSC::JIT::restoreArgumentReferenceForTrampoline): Ditto.
        * jit/JITOpcodes.cpp: Remove ctiReturnRegister related instruction
        * jit/JITStubs.cpp: Store thunkReturnAddress on JITStackFrame. Use
        small trampoline functions which handle return addresses for each
        CTI_STUB_FUNCTION.
        * jit/JITStubs.h: Store thunkReturnAddress on JITStackFrame
        (JSC::JITStackFrame::returnAddressSlot): Return with the address of thunkReturnAddress
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter): Remove the unnecessary instruction

2009-10-26  Steve Block  <steveblock@google.com>

        Reviewed by Darin Adler.

        Adds ability to disable ReadWriteLock on platforms (eg Android) that use pthreads but do not support pthread_rwlock.
        https://bugs.webkit.org/show_bug.cgi?id=30713

        * wtf/Platform.h: Modified. Defines HAVE_PTHREAD_RWLOCK for all platforms currently using pthreads.
        * wtf/Threading.h: Modified. Use pthread_rwlock_t only when HAVE_PTHREAD_RWLOCK is defined.
        * wtf/ThreadingPthreads.cpp: Modified. Build ReadWriteLock methods only when HAVE_PTHREAD_RWLOCK is defined.

2009-10-24  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Holger Freyther.

        [Qt] [Symbian] Set the capability and memory required to run QtWebKit for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=30476

        Assign ReadUserData WriteUserData NetworkServices Symbian capabilities
        to jsc.exe.

        * jsc.pro:

2009-10-23  Steve Block  <steveblock@google.com>

        Reviewed by Dmitry Titov.

        Fixes a leak in createThreadInternal on Android.
        https://bugs.webkit.org/show_bug.cgi?id=30698

        * wtf/ThreadingPthreads.cpp: Modified.
        (WTF::createThreadInternal): Avoid leaking a ThreadData object on failure.

2009-10-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Alexey Proskuryakov.

        Fixed ASSERT when opening Safari's Caches window while the Web Inspector
        is open.

        * runtime/Collector.cpp:
        (JSC::typeName): Added two new types to the type name list in the Collector.
        These types have been around for a while, but nobody remembered to consider them here.

        * runtime/JSCell.h:
        (JSC::JSCell::isPropertyNameIterator):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::isPropertyNameIterator): Give the Collector
        a way to tell if a cell is a JSPropertyNameIterator.

2009-10-22  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Jon Honeycutt.

        https://bugs.webkit.org/show_bug.cgi?id=30686
        Remove debug-specific def file.
        Only Debug_All target uses JavaScriptCore_debug.dll naming, and since
        that target is only used internally, maintaining two files just to
        suppress a single link warning isn't worthwhile.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Removed.

2009-10-21  Jon Honeycutt  <jhoneycutt@apple.com>

        <rdar://problem/7270320> Screenshots of off-screen plug-ins are blank
        <rdar://problem/7270314> After halting a transparent PluginView on
        Windows, the transparency is applied twice

        Reviewed by Dan Bernstein.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        Export WTF::deleteOwnedPtr(HDC).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Ditto.

2009-10-20  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: updated variable name.

        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2009-10-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_next_pname): Slightly tweaked this #ifdef to match the
        size of a JSValue because m_jsStrings is an array of JSValues.

2009-10-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.

        Fixed a 64-bit regression caused by the fix for
        https://bugs.webkit.org/show_bug.cgi?id=30570.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_next_pname): Use TimesEight stepping on 64-bit, since
        64-bit pointers are eight bytes long.

2009-10-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Refactored DateInstance::msToGregorianDateTime so that a DateInstance's
        caller doesn't need to supply the DateInstance's own internal value to
        the DateInstance.

        * runtime/DateInstance.cpp:
        (JSC::DateInstance::getGregorianDateTime): Renamed from "msToGregorianDateTime".

        * runtime/DateInstance.h:
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToISOString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear): Also renamed "utc" to "outputIsUTC", for clarity.

2009-10-20  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Geoffrey Garen.

        The op_next_pname should use 4 bytes addressing mode in case of JSValue32
        https://bugs.webkit.org/show_bug.cgi?id=30570

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_next_pname):

2009-10-20  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Move OverridesMarkChildren flag from DatePrototype to its parent class
        https://bugs.webkit.org/show_bug.cgi?id=30372

        * runtime/DateInstance.h:
        (JSC::DateInstance::createStructure):
        * runtime/DatePrototype.h:

2009-10-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Tightened up some put_by_id_transition code generation.
        https://bugs.webkit.org/show_bug.cgi?id=30539

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::testPrototype):
        (JSC::JIT::privateCompilePutByIdTransition): No need to do object type
        checks or read Structures and prototypes from objects: they're all known
        constants at compile time.

2009-10-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added a private API for getting a global context from a context, for
        clients who want to preserve a context for a later callback.

        * API/APICast.h:
        (toGlobalRef): Added an ASSERT, since this function is used more often
        than before.

        * API/JSContextRef.cpp:
        * API/JSContextRefPrivate.h: Added. The new API.

        * API/tests/testapi.c:
        (print_callAsFunction):
        (main): Test the new API.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj: Build and export the new API.

2009-10-17  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        Tightened up some instanceof code generation.
        https://bugs.webkit.org/show_bug.cgi?id=30488

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emitSlow_op_instanceof): No need to do object type checks - 
        cell type checks and ImplementsDefaultHasIntance checks implicitly
        supersede object type checks.

2009-10-18  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        Use _stricmp and _strnicmp instead of deprecated stricmp and strnicmp.
        https://bugs.webkit.org/show_bug.cgi?id=30474

        stricmp and strnicmp are deprecated beginning in Visual
        C++ 2005. Use _stricmp and _strnicmp instead in StringExtras.h.

        * wtf/StringExtras.h:
        (strncasecmp):
        (strcasecmp):

2009-10-16  Geoffrey Garen  <ggaren@apple.com>

        Build fix: apparently we shouldn't export those symbols?

        * JavaScriptCore.exp:

2009-10-16  Geoffrey Garen  <ggaren@apple.com>

        Build fix: export some symbols.

        * JavaScriptCore.exp:

2009-10-16  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        structure typeinfo flags should be inherited.
        https://bugs.webkit.org/show_bug.cgi?id=30468

        Add StructureFlag constant to the various JSC classes and use
        it for the TypeInfo construction.  This allows us to simply
        accumulate flags by basing each classes StructureInfo on its parents.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        * runtime/JSArray.h:
        (JSC::JSArray::createStructure):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSByteArray.h:
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):

2009-10-16  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        Fast for-in enumeration: Cache JSPropertyNameIterator; cache JSStrings
        in JSPropertyNameIterator; inline more code.

        1.024x as fast on SunSpider (fasta: 1.43x as fast).

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitGetPropertyNames):
        (JSC::BytecodeGenerator::emitNextPropertyName):
        * bytecompiler/BytecodeGenerator.h: Added a few extra operands to
        op_get_pnames and op_next_pname so that we can track iteration state
        in the register file instead of in the JSPropertyNameIterator. (To be
        cacheable, the JSPropertyNameIterator must be stateless.)

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID): Updated for rename to
        "normalizePrototypeChain" and removal of "isCacheable". 

        (JSC::Interpreter::privateExecute): Updated for in-RegisterFile
        iteration state tracking.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_get_pnames): Updated for in-RegisterFile
        iteration state tracking.

        (JSC::JIT::emit_op_next_pname): Inlined code generation for op_next_pname.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID): Updated for rename to
        "normalizePrototypeChain" and removal of "isCacheable". 

        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::): Added has_property and to_object stubs. Removed op_next_pname
        stub, since has_property is all we need anymore.

        * parser/Nodes.cpp:
        (JSC::ForInNode::emitBytecode): Updated for in-RegisterFile
        iteration state tracking.

        * runtime/JSCell.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::getPropertyNames): Don't do caching at this layer
        anymore, since we don't create a JSPropertyNameIterator at this layer.

        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::create): Do do caching at this layer.
        (JSC::JSPropertyNameIterator::get):  Updated for in-RegisterFile
        iteration state tracking.
        (JSC::JSPropertyNameIterator::markChildren): Mark our JSStrings.

        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::size):
        (JSC::JSPropertyNameIterator::setCachedStructure):
        (JSC::JSPropertyNameIterator::cachedStructure):
        (JSC::JSPropertyNameIterator::setCachedPrototypeChain):
        (JSC::JSPropertyNameIterator::cachedPrototypeChain):
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::Structure::setEnumerationCache): Don't store iteration state in
        a JSPropertyNameIterator. Do cache a JSPropertyNameIterator in a
        Structure.

        * runtime/JSValue.h:
        (JSC::asCell):
        * runtime/MarkStack.h: Make those mischievous #include gods happy.

        * runtime/ObjectConstructor.cpp:

        * runtime/Operations.h:
        (JSC::normalizePrototypeChain): Renamed countPrototypeChainEntriesAndCheckForProxies
        to normalizePrototypeChain, since it changes dictionary prototypes to
        non-dictionary objects.

        * runtime/PropertyNameArray.cpp:
        (JSC::PropertyNameArray::add):
        * runtime/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::PropertyNameArrayData):
        (JSC::PropertyNameArray::data):
        (JSC::PropertyNameArray::size):
        (JSC::PropertyNameArray::begin):
        (JSC::PropertyNameArray::end): Simplified some code here to help with
        current and future refactoring.

        * runtime/Protect.h:
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::removePropertyWithoutTransition): No need to clear
        the enumeration cache with adding / removing properties without
        transition. It is an error to add / remove properties without transition
        once an object has been observed, and we can ASSERT to catch that.

        * runtime/Structure.h:
        (JSC::Structure::enumerationCache): Changed the enumeration cache to
        hold a JSPropertyNameIterator.

        * runtime/StructureChain.cpp:
        * runtime/StructureChain.h:
        (JSC::StructureChain::head): Removed StructureChain::isCacheable because
        it was wrong-headed in two ways: (1) It gave up when a prototype was a
        dictionary, but instead we want un-dictionary heavily accessed
        prototypes; (2) It folded a test for hasDefaultGetPropertyNames() into
        a generic test for "cacheable-ness", but hasDefaultGetPropertyNames()
        is only releavant to for-in caching.

2009-10-16  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Adam Roben.

        Add a Debug_All configuration to build entire stack as debug.
        Change Debug_Internal to:
        - stop using _debug suffix for all WebKit/Safari binaries
        - not use _debug as a DLL naming suffix
        - use non-debug C runtime lib.

        * JavaScriptCore.vcproj/JavaScriptCore.make: Debug build in makefile should build Debug_All.
        * JavaScriptCore.vcproj/JavaScriptCore.sln: Add Debug_All configuration.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Add Debug_All configuration.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Renamed single configuration from "Release" to "all".
        * JavaScriptCore.vcproj/JavaScriptCoreSubmit.sln: Add Debug_All configuration.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Add Debug_All configuration.
        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Add Debug_All configuration.
        * JavaScriptCore.vcproj/testapi/testapi.vcproj: Add Debug_All configuration.

2009-10-16  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Make typeinfo flags default to false
        https://bugs.webkit.org/show_bug.cgi?id=30372

        Last part -- replace HasDefaultGetPropertyNames with OverridesGetPropertyNames
        flag.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::createStructure):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        * runtime/JSArray.h:
        (JSC::JSArray::createStructure):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSTypeInfo.h:
        (JSC::TypeInfo::overridesGetPropertyNames):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-10-16  Kevin Ollivier  <kevino@theolliviers.com>

        wxMSW build fix, we can't use the simple hash there because the PlatformModuleVersion 
        structure differs.

        * wtf/Platform.h:

2009-10-16  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Implement ExecutableAllocator for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29946

        Tested with YARR JIT enabled for Symbian; 
        This patch does not (yet) enable YARR JIT by default.

        * JavaScriptCore.pri:
        * jit/ExecutableAllocator.h:
        * jit/ExecutableAllocatorSymbian.cpp: Added.
        (JSC::ExecutableAllocator::intializePageSize):
        (JSC::ExecutablePool::systemAlloc):
        (JSC::ExecutablePool::systemRelease):

2009-10-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Make typeinfo flags default to false
        https://bugs.webkit.org/show_bug.cgi?id=30372

        Part 2 -- Reverse the TypeInfo HasDefaultMark flag to OverridesMarkChildren, etc

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::createStructure):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::createStructure):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        * runtime/JSArray.h:
        (JSC::JSArray::createStructure):
        (JSC::MarkStack::markChildren):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        * runtime/JSNotAnObject.h:
        (JSC::JSNotAnObject::createStructure):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::createStructure):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSString.h:
        (JSC::JSString::createStructure):
        * runtime/JSTypeInfo.h:
        (JSC::TypeInfo::overridesMarkChildren):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):

2009-10-14  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Make typeinfo flags default to false
        https://bugs.webkit.org/show_bug.cgi?id=30372
        
        Part 1. Reverse the HasStandardGetOwnPropertySlot flag.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * API/JSCallbackObject.h:
        (JSC::JSCallbackObject::createStructure):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/Arguments.h:
        (JSC::Arguments::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        * runtime/JSActivation.h:
        (JSC::JSActivation::createStructure):
        * runtime/JSArray.h:
        (JSC::JSArray::createStructure):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSFunction.h:
        (JSC::JSFunction::createStructure):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::createStructure):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        (JSC::JSCell::fastGetOwnPropertySlot):
        * runtime/JSStaticScopeObject.h:
        (JSC::JSStaticScopeObject::createStructure):
        * runtime/JSString.h:
        (JSC::JSString::createStructure):
        * runtime/JSTypeInfo.h:
        (JSC::TypeInfo::overridesGetOwnPropertySlot):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObject.h:
        (JSC::StringObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):

2009-10-14  Kevin Ollivier  <kevino@theolliviers.com>
2009-10-14  Darin Adler  <darin@apple.com>

        Additions so fix for https://bugs.webkit.org/show_bug.cgi?id=18994
        can build on Windows.

        * wtf/MathExtras.h: Added llround and llroundf for Windows.

2009-10-14  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix. Set ENABLE_PLUGIN_PACKAGE_SIMPLE_HASH for plugins while we're still building stubs.

        * wtf/Platform.h:

2009-10-13  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        Refactor ENABLE_PLUGIN_PACKAGE_SIMPLE_HASH
        https://bugs.webkit.org/show_bug.cgi?id=30278

        Move the definition of ENABLE_PLUGIN_PACKAGE_SIMPLE_HASH
        from the make system into common code.

        * wtf/Platform.h:

2009-10-13  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        ARM compiler does not understand reinterpret_cast<void*>
        https://bugs.webkit.org/show_bug.cgi?id=29034

        Change reinterpret_cast<void*> to regular C style (void*) cast 
        for the ARM RVCT compiler.

        * assembler/MacroAssemblerCodeRef.h:
        (JSC::FunctionPtr::FunctionPtr): 
        * jit/JITOpcodes.cpp: Cast to FunctionPtr first 
           instead of directly casting to reinterpret_cast
        * jit/JITStubCall.h: Ditto + change the type of m_stub
          from void* to FunctionPtr.
        (JSC::JITStubCall::JITStubCall): 
        (JSC::JITStubCall::call):
        * jit/JITStubs.cpp: Ditto.
        (JSC::DEFINE_STUB_FUNCTION(EncodedJSValue, op_throw)):

2009-10-11  Oliver Hunt  <oliver@apple.com>

        Re-enable the JIT.

        * wtf/Platform.h:

2009-10-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Support for String.trim(), String.trimLeft() and String.trimRight() methods
        https://bugs.webkit.org/show_bug.cgi?id=26590

        Implement trim, trimLeft, and trimRight

        * runtime/StringPrototype.cpp:
        (JSC::isTrimWhitespace):
           Our normal string whitespace function does not include U+200B which
           is needed for compatibility with mozilla's implementation of trim.
           U+200B does not appear to be expected according to spec, however I am
           choosing to be lax, and match mozilla behavior so have added this
           exception.
        (JSC::trimString):

2009-10-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Eliminated some legacy bytecode weirdness.
        
        Use vPC[x] subscripting instead of ++vPC to access instruction operands.
        This is simpler, and often more efficient.

        To support this, and to remove use of hard-coded offsets in bytecode and
        JIT code generation and dumping, calculate jump offsets from the beginning
        of an instruction, rather than the middle or end.
        
        Also, use OPCODE_LENGTH instead of hard-coded constants for the sizes of
        opcodes.
        
        SunSpider reports no change in JIT mode, and a 1.01x speedup in Interpreter
        mode.

        * bytecode/CodeBlock.cpp:
        (JSC::printConditionalJump):
        (JSC::CodeBlock::dump):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJump):
        (JSC::BytecodeGenerator::emitJumpIfTrue):
        (JSC::BytecodeGenerator::emitJumpIfFalse):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
        (JSC::BytecodeGenerator::emitComplexJumpScopes):
        (JSC::BytecodeGenerator::emitJumpScopes):
        (JSC::BytecodeGenerator::emitNextPropertyName):
        (JSC::BytecodeGenerator::emitCatch):
        (JSC::BytecodeGenerator::emitJumpSubroutine):
        (JSC::prepareJumpTableForImmediateSwitch):
        (JSC::prepareJumpTableForCharacterSwitch):
        (JSC::prepareJumpTableForStringSwitch):
        (JSC::BytecodeGenerator::endSwitch):
        * bytecompiler/Label.h:
        (JSC::Label::setLocation):
        (JSC::Label::bind):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::privateExecute):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emitBinaryDoubleOp):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_loop):
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emitSlow_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emitSlow_op_loop_if_lesseq):
        (JSC::JIT::emit_op_loop_if_true):
        (JSC::JIT::emitSlow_op_loop_if_true):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emitSlow_op_jfalse):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emitSlow_op_jtrue):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_jsr):
        (JSC::JIT::emit_op_next_pname):
        (JSC::JIT::emit_op_jmp_scopes):

2009-10-09  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Migrated some code that didn't belong out of Structure.
        
        SunSpider says maybe 1.03x faster.

        * runtime/JSCell.h: Nixed Structure::markAggregate, and made marking of
        a Structure's prototype the direct responsility of the object using it.
        (Giving Structure a mark function was misleading because it implied that
        all live structures get marked during GC, when they don't.)
        
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::markChildren): Added code to mark prototypes stored
        on the global object. Maybe this wasn't necessary, but now we don't have
        to wonder.

        * runtime/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        (JSC::JSObject::getOwnPropertyNames):
        (JSC::JSObject::getEnumerableNamesFromClassInfoTable):
        * runtime/JSObject.h:
        (JSC::JSObject::markChildrenDirect):
        * runtime/PropertyNameArray.h:
        * runtime/Structure.cpp:
        * runtime/Structure.h:
        (JSC::Structure::setEnumerationCache):
        (JSC::Structure::enumerationCache): Moved property name gathering code
        from Structure to JSObject because having a Structure iterate its JSObject
        was a layering violation. A JSObject is implemented using a Structure; not
        the other way around.

2009-10-09  Mark Rowe  <mrowe@apple.com>

        Attempt to fix the GTK release build.

        * GNUmakefile.am: Include Grammar.cpp in release builds now that
        AllInOneFile.cpp is gone.

2009-10-09  Gabor Loki  <loki@inf.u-szeged.hu>

        Rubber-stamped by Eric Seidel.

        Add ARM JIT support for Gtk port (disabled by default)
        https://bugs.webkit.org/show_bug.cgi?id=30228

        * GNUmakefile.am:

2009-10-08  Geoffrey Garen  <ggaren@apple.com>

        Tiger build fix: added a few more variable initializations.

        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncSearch):

2009-10-08  Geoffrey Garen  <ggaren@apple.com>

        Qt build fix: added missing #include.

        * jsc.cpp:

2009-10-08  Geoffrey Garen  <ggaren@apple.com>

        Tiger build fix: initialize variable whose initialization the compiler
        can't otherwise figure out.

        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::match):

2009-10-08  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: updated exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-10-08  Geoffrey Garen  <ggaren@apple.com>

        Tiger build fix: fixed file name case.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-10-08  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.

        At long last, I pronounce the death of AllInOneFile.cpp.
        
        SunSpider reports a 1.01x speedup.

        * AllInOneFile.cpp: Removed.
        * GNUmakefile.am:
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.xcodeproj/project.pbxproj: Added missing project files
        to compilation stages.

        * parser/Grammar.y:
        * parser/Lexer.cpp:
        * parser/Lexer.h:
        (JSC::jscyylex):
        * runtime/ArrayConstructor.cpp:
        (JSC::constructArrayWithSizeQuirk):
        * runtime/Collector.h:
        * runtime/JSCell.cpp:
        (JSC::JSCell::operator new):
        * runtime/JSCell.h:
        (JSC::JSCell::operator new):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::operator new):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::operator new):
        * runtime/JSString.cpp:
        * runtime/JSString.h:
        (JSC::jsString):
        (JSC::jsSubstring):
        (JSC::jsOwnedString):
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructorPrivate::RegExpConstructorPrivate):
        (JSC::RegExpConstructorPrivate::lastOvector):
        (JSC::RegExpConstructorPrivate::tempOvector):
        (JSC::RegExpConstructorPrivate::changeLastOvector):
        (JSC::RegExpConstructor::performMatch):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncMatch):
        * yarr/RegexJIT.cpp:
        * yarr/RegexJIT.h:
        (JSC::Yarr::executeRegex): Inlined a few things that Shark said
        were hot, on the presumption that AllInOneFile.cpp used to inline them
        automatically.

2009-10-08  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Fix for JIT'ed op_call instructions (evals, constructs, etc.)
        when !ENABLE(JIT_OPTIMIZE_CALL) && USE(JSVALUE32_64)

        https://bugs.webkit.org/show_bug.cgi?id=30201

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):

2009-10-07  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed no longer exported symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-10-07  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Fixed <rdar://problem/5751979> Database code takes JSLock on secondary
        thread, permanently slowing down JavaScript
        
        Removed the optional lock from Heap::protect, Heap::unprotect, and friends,
        since WebCore no longer uses it.

        * JavaScriptCore.exp:
        * runtime/Collector.cpp:
        (JSC::Heap::protect):
        (JSC::Heap::unprotect):
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::protectedGlobalObjectCount):
        (JSC::Heap::protectedObjectCount):
        (JSC::Heap::protectedObjectTypeCounts):
        * runtime/Collector.h:

2009-10-07  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's IdentifierArena
        https://bugs.webkit.org/show_bug.cgi?id=30158

        Inherits IdentifierArena class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/parser/ParserArena.cpp:36.

        * parser/ParserArena.h:

2009-10-07  Adam Roben  <aroben@apple.com>

        Export DateInstance::info in a way that works on Windows

        Fixes <http://webkit.org/b/30171>
        fast/dom/Window/window-postmessage-clone.html fails on Windows

        Reviewed by Anders Carlsson.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Removed the export of DateInstance::info from here.

        * runtime/DateInstance.h: Use JS_EXPORTDATA to export
        DateInstance::info, which is the required way of exporting data on
        Windows.

2009-10-07  Jørgen Lind  <jorgen.lind@nokia.com>

        Reviewed by Simon Hausmann.

        When enabling or disabling the JIT through .qmake.cache, make sure
        to also toggle ENABLE_YARR_JIT.

        * JavaScriptCore.pri:

2009-10-06  Priit Laes  <plaes@plaes.org>

        Reviewed by Gavin Barraclough.

        Linking fails with "relocation R_X86_64_PC32 against symbol
        `cti_vm_throw'"
        https://bugs.webkit.org/show_bug.cgi?id=28422

        * jit/JITStubs.cpp:
        Mark cti_vm_throw symbol as PLT-indirect symbol, so it doesn't end up
        in text segment causing relocation errors on amd64 architecture.
        Introduced new define SYMBOL_STRING_RELOCATION for such symbols.

2009-10-06  Oliver Hunt  <oliver@apple.com>

        Windows linking fix

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-10-06  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (build fix).

        Windows build fix.

        * runtime/DateInstance.cpp:

2009-10-05  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        It should be possible to post (clone) built-in JS objects to Workers
        https://bugs.webkit.org/show_bug.cgi?id=22878

        Expose helpers to throw correct exceptions during object graph walk
        used for cloning and add a helper function to create Date instances
        without going through the JS Date constructor function.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h:
        * runtime/ExceptionHelpers.cpp:
        (JSC::createTypeError):
        * runtime/ExceptionHelpers.h:

2009-10-06  David Levin  <levin@chromium.org>

        Reviewed by Oliver Hunt.

        StringImpl needs a method to get an instance for another thread which doesn't copy the underlying buffer.
        https://bugs.webkit.org/show_bug.cgi?id=30095

        * wtf/CrossThreadRefCounted.h:
        Removed an unused function and assert improvement.
        (WTF::CrossThreadRefCounted::isOwnedByCurrentThread): Moved out common code from asserts.
        (WTF::CrossThreadRefCounted::ref): Changed assert to use the common method.
        (WTF::CrossThreadRefCounted::deref): Changed assert to use the common method.
        (WTF::CrossThreadRefCounted::crossThreadCopy): Since this includes a potentially
        non-threadsafe operation, add an assert that the class is owned by the current thread.

2009-10-05  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix. Add Symbian files to the list of excludes.

        * wscript:

2009-10-05  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Remove precompiled header from JavaScriptCore compilation to
        prevent qmake warning during autonomous compilation.
        https://bugs.webkit.org/show_bug.cgi?id=30069

        * JavaScriptCore.pro:

2009-10-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Removed the concept of a "fast access cutoff" in arrays, because it
        punished some patterns of array access too much, and made things too
        complex for inlining in some cases.
        
        1.3% speedup on SunSpider.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        (JSC::): Check m_vectorLength instead of m_fastAccessCutoff when
        getting / putting from / to an array. Inline putting past the end of
        the array.

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::getOwnPropertyDescriptor):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::getOwnPropertyNames):
        (JSC::JSArray::increaseVectorLength):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::sort):
        (JSC::JSArray::fillArgList):
        (JSC::JSArray::copyToRegisters):
        (JSC::JSArray::compactForSorting):
        (JSC::JSArray::checkConsistency):
        * runtime/JSArray.h:
        (JSC::JSArray::canGetIndex):
        (JSC::JSArray::canSetIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::markChildrenDirect): Removed m_fastAccessCutoff, and
        replaced with checks for JSValue() to detect reads and writes from / to
        uninitialized parts of the array.

2009-10-02  Jonni Rainisto  <jonni.rainisto@nokia.com>

        Reviewed by Darin Adler.

        Math.random() gives too low values on Win32 when _CRT_RAND_S is not defined
        https://bugs.webkit.org/show_bug.cgi?id=29956

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber): Added PLATFORM(WIN_OS) to handle 15bit rand()

2009-10-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Take one branch instead of two to test for JSValue().
        
        1.1% SunSpider speedup.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_create_arguments):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val): Test for the empty value tag, instead
        of testing for the cell tag with a 0 payload.

        * runtime/JSValue.cpp:
        (JSC::JSValue::description): Added support for dumping the new empty value,
        and deleted values, in debug builds.

        * runtime/JSValue.h:
        (JSC::JSValue::JSValue()): Construct JSValue() with the empty value tag.

        (JSC::JSValue::JSValue(JSCell*)): Convert null pointer to the empty value
        tag, to avoid having two different c++ versions of null / empty.

        (JSC::JSValue::operator bool): Test for the empty value tag, instead
        of testing for the cell tag with a 0 payload.

2009-10-02  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Mark Rowe.

        <https://bugs.webkit.org/show_bug.cgi?id=29989>
        Safari version number shouldn't be exposed in WebKit code
        
        For a WebKit version of 532.3.4:
        Product version is: 5.32.3.4 (was 4.0.3.0)
        File version is: 5.32.3.4 (was 4.532.3.4)

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.rc:

2009-10-02  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Rubber-stamped by Simon Hausmann.

        Fix the Qt on Mac OS X build.

        * wtf/FastMalloc.cpp:

2009-10-02  Jørgen Lind  <jorgen.lind@nokia.com>

        Reviewed by Simon Hausmann.

        Allow enabling and disabling of the JIT through a qmake variable.

        Qt's configure may set this variable through .qmake.cache if a
        commandline option is given and/or the compile test for hwcap.h
        failed/succeeded.

        * JavaScriptCore.pri:

2009-10-01  Mark Rowe  <mrowe@apple.com>

        Fix the Tiger build.  Don't unconditionally enable 3D canvas as it is not supported on Tiger.

        * Configurations/FeatureDefines.xcconfig:

2009-10-01  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=29187

        Don't inline ~ListRefPtr() to work around winscw compiler forward declaration
        bug regarding templated classes.

        The compiler bug is reported at:
        https://xdabug001.ext.nokia.com/bugzilla/show_bug.cgi?id=9812

        The change will be reverted when the above bug is fixed in winscw compiler.

        * wtf/ListRefPtr.h:
        (WTF::::~ListRefPtr):

2009-10-01  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Simon Hausmann.

        [Qt] Allow custom memory allocation control for the whole JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=27029

        Since in JavaScriptCore almost every class which has been instantiated by operator new is
        inherited from FastAllocBase (bug #20422), we disable customizing global operator new for the Qt-port
        when USE_SYSTEM_MALLOC=0.

        Add #include <unistd.h> to FastMalloc.cpp because it's used by TCMalloc_PageHeap::scavengerThread().
        (It's needed for the functionality of TCmalloc.)

        Add TCSystemAlloc.cpp to JavaScriptCore.pri if USE_SYSTEM_MALLOC is disabled.

        * JavaScriptCore.pri:
        * wtf/FastMalloc.cpp:
        (WTF::sleep):
        * wtf/FastMalloc.h:

2009-09-30  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by George Staikos.

        Defines two pseudo-platforms for ARM and Thumb-2 instruction set.
        https://bugs.webkit.org/show_bug.cgi?id=29122

        Introduces WTF_PLATFORM_ARM_TRADITIONAL and WTF_PLATFORM_ARM_THUMB2
        macros on ARM platforms. The PLATFORM(ARM_THUMB2) should be used
        when Thumb-2 instruction set is the required target. The
        PLATFORM(ARM_TRADITIONAL) is for generic ARM instruction set. In
        case where the code is common the PLATFORM(ARM) have to be used.

        Modified by George Wright  <gwright@rim.com> to correctly work
        with the RVCT-defined __TARGET_ARCH_ARM and __TARGET_ARCH_THUMB
        compiler macros, as well as adding readability changes.

        * wtf/Platform.h:

2009-09-30  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Devirtualise array toString conversion

        Tweak the implementation of Array.prototype.toString to have a fast path
        when acting on a true JSArray.

        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):

2009-09-30  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Geoffrey Garen.

        Buildfix for platforms using JSVALUE32.
        https://bugs.webkit.org/show_bug.cgi?id=29915

        After http://trac.webkit.org/changeset/48905 the build broke in JSVALUE32 case.
        Also removed unreachable code.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
         - Declaration of "OperandTypes types" moved before first use.
         - Typos fixed: dst modified to result, regT2 added.
         - Unreachable code removed.
        (JSC::JIT::emitSlow_op_add):
         - Missing declaration of "OperandTypes types" added.

2009-09-30  Janne Koskinen  <janne.p.koskinen@digia.com> 

        Reviewed by Simon Hausmann.

        Reduce heap size on Symbian from 64MB to 8MB.

        This is not a perfect fix, it requires more fine tuning.
        But this makes it possible again to debug in the emulator,
        which is more important in order to be able to fix other
        run-time issues.

        * runtime/Collector.h:

2009-09-30  Janne Koskinen  <janne.p.koskinen@digia.com> 

        Reviewed by Simon Hausmann.

        Fix CRASH() macro for Symbian build.

        * wtf/Assertions.h: Added missing }

2009-09-29  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Inlined a few math operations.
        
        ~1% SunSpider speedup.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub): Don't take a stub call when operating on
        a constant int and a double.

2009-09-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Tidy up codeblock sampler
        https://bugs.webkit.org/show_bug.cgi?id=29836

        Some rather simple refactoring of codeblock sampler so that
        it's easier for us to use it to find problems in non-jsc
        environments

        * JavaScriptCore.exp:
        * bytecode/SamplingTool.h:
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::Interpreter):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::enableSampler):
        (JSC::Interpreter::dumpSampleData):
        (JSC::Interpreter::startSampling):
        (JSC::Interpreter::stopSampling):
        * interpreter/Interpreter.h:
        (JSC::Interpreter::sampler):
        * jit/JIT.h:
        * jsc.cpp:
        (runWithScripts):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Executable.h:
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::ProgramExecutable::create):
        (JSC::ProgramExecutable::ProgramExecutable):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::startSampling):
        (JSC::JSGlobalData::stopSampling):
        (JSC::JSGlobalData::dumpSampleData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-09-29  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Dimitri Glazkov.

        Add GYP generated files to svn:ignore
        https://bugs.webkit.org/show_bug.cgi?id=29895

        The following files are generated by JavaScriptCore's GYP file and should be ignored:

        pcre.mk
        wtf.scons
        wtf.mk
        SConstruct
        wtf_config.scons
        wtf_config.mk
        pcre.scons

        * JavaScriptCore.gyp: Changed property svn:ignore.

2009-09-29  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Standardized an optimization for adding non-numbers.
        
        SunSpider says maybe a tiny speedup.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitSlow_op_add):

2009-09-29  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: export a new symbol.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Removed virtual destructor from JSGlobalObjectData to eliminate pointer
        fix-ups when accessing JSGlobalObject::d.
        
        Replaced with an explicit destructor function pointer.
        
        6% speedup on bench-alloc-nonretained.js.

        * JavaScriptCore.exp:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::~JSGlobalObject):
        (JSC::JSGlobalObject::destroyJSGlobalObjectData):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::JSGlobalObject):

2009-09-29  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by David Kilzer.

        [Qt] Assert messages prints visible in Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29808

        Asserts use vprintf to print the messages to stderr.
        In Symbian Open C it is not possible to see stderr so
        I routed the messages to stdout instead.

        * wtf/Assertions.cpp:

2009-09-29  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Darin Adler.

        [Qt] Symbian CRASH macro implementation

        Added Symbian specific crash macro that
        stops to crash line if JIT debugging is used.
        Additional differentiation of access violation
        (KERN-EXEC 3) and CRASH panic.

        * wtf/Assertions.h:

2009-09-28  Mark Rowe  <mrowe@apple.com>

        Fix the PowerPC build.

        * JavaScriptCore.exp:

2009-09-28  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/7195704> JavaScriptCore fails to mark registers when built for x86_64 using LLVM GCC.

        * runtime/Collector.cpp:
        (JSC::Heap::markCurrentThreadConservatively): Force jmp_buf to use the appropriate alignment for a pointer
        to ensure that we correctly interpret the contents of registers during marking.

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: added new exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed exports that no longer exist.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-28  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        NotNullPassRefPtr: smart pointer optimized for passing references that are not null
        https://bugs.webkit.org/show_bug.cgi?id=29822
        
        Added NotNullPassRefPtr, and deployed it in all places that initialize
        JavaScript objects.
        
        2.2% speedup on bench-allocate-nonretained.js.

        * API/JSCallbackConstructor.cpp:
        (JSC::JSCallbackConstructor::JSCallbackConstructor):
        * API/JSCallbackConstructor.h:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::JSCallbackObject::JSCallbackObject):
        * JavaScriptCore.exp:
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::addFunctionDecl):
        (JSC::CodeBlock::addFunctionExpr):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        * runtime/ArrayConstructor.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::ArrayPrototype):
        * runtime/ArrayPrototype.h:
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        * runtime/BooleanConstructor.h:
        * runtime/BooleanObject.cpp:
        (JSC::BooleanObject::BooleanObject):
        * runtime/BooleanObject.h:
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/BooleanPrototype.h:
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateConstructor.h:
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DateInstance.h:
        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::DatePrototype):
        * runtime/DatePrototype.h:
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorConstructor.h:
        * runtime/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * runtime/ErrorInstance.h:
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/ErrorPrototype.h:
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionConstructor.h:
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/FunctionPrototype.h:
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        * runtime/GlobalEvalFunction.h:
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::JSByteArray):
        * runtime/JSByteArray.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        * runtime/JSFunction.h:
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObject):
        * runtime/JSONObject.h:
        (JSC::JSONObject::JSONObject):
        * runtime/JSObject.h:
        (JSC::JSObject::JSObject):
        (JSC::JSObject::setStructure):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::JSVariableObject):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::JSWrapperObject):
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/MathObject.h:
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorConstructor.h:
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NativeErrorPrototype.h:
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        * runtime/NumberConstructor.h:
        * runtime/NumberObject.cpp:
        (JSC::NumberObject::NumberObject):
        * runtime/NumberObject.h:
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/NumberPrototype.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        * runtime/ObjectConstructor.h:
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * runtime/PropertyNameArray.h:
        (JSC::PropertyNameArrayData::setCachedPrototypeChain):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PrototypeFunction.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/RegExpConstructor.h:
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::RegExpObject):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
        * runtime/RegExpPrototype.cpp:
        (JSC::RegExpPrototype::RegExpPrototype):
        * runtime/RegExpPrototype.h:
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringConstructor.h:
        * runtime/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * runtime/StringObject.h:
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/StringPrototype.h:
        * wtf/PassRefPtr.h:
        (WTF::NotNullPassRefPtr::NotNullPassRefPtr):
        (WTF::NotNullPassRefPtr::~NotNullPassRefPtr):
        (WTF::NotNullPassRefPtr::get):
        (WTF::NotNullPassRefPtr::clear):
        (WTF::NotNullPassRefPtr::releaseRef):
        (WTF::NotNullPassRefPtr::operator*):
        (WTF::NotNullPassRefPtr::operator->):
        (WTF::NotNullPassRefPtr::operator!):
        (WTF::NotNullPassRefPtr::operator UnspecifiedBoolType):
        * wtf/RefPtr.h:
        (WTF::RefPtr::RefPtr):
        (WTF::operator==):

2009-09-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Hard dependency on SSE2 instruction set with JIT
        https://bugs.webkit.org/show_bug.cgi?id=29779

        Add floating point support checks to op_jfalse and op_jtrue, and
        fix the logic for the slow case of op_add

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_add):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-09-28  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by Dimitri Glazkov.

        Chromium port - recognize we are being built independently
        of chromium and look for dependencies under webkit/chromium rather
        than chromium/src.

        https://bugs.webkit.org/show_bug.cgi?id=29722

        * JavaScriptCore.gyp/JavaScriptCore.gyp:

2009-09-28  Jakub Wieczorek  <faw217@gmail.com>

        Reviewed by Simon Hausmann.

        [Qt] Implement XSLT support with QtXmlPatterns.
        https://bugs.webkit.org/show_bug.cgi?id=28303

        * wtf/Platform.h: Add a WTF_USE_QXMLQUERY #define.

2009-09-28  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Remove __clear_cache which is an internal function of GCC
        https://bugs.webkit.org/show_bug.cgi?id=28886

        Although __clear_cache is exported from GCC, this is an internal
        function. GCC makes no promises about it.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-09-28  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Fix an absolute path to somewhere in Oliver's machine to a relative path
        for derived JSONObject.lut.h.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-09-28  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by Simon Hausmann.

        Add ARM version detection for Windows CE.

        * wtf/Platform.h:

2009-09-26  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Simon Hausmann.

        Add MarkStackSymbian.cpp to build JavascriptCore for Symbian.

        Re-use Windows shrinkAllocation implementation because Symbian doesn't
        support releasing part of memory region.
        
        Use fastMalloc and fastFree to implement allocateStack and releaseStack
        for Symbian port.

        * JavaScriptCore.pri:
        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackSymbian.cpp: Added.
        (JSC::MarkStack::initializePagesize):
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):

2009-09-25  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Fix unaligned data access in YARR_JIT on ARMv5 and below.
        https://bugs.webkit.org/show_bug.cgi?id=29695

        On ARMv5 and below all data access should be naturally aligned.
        In the YARR_JIT there is a case when character pairs are
        loaded from the input string, but this data access is not
        naturally aligned. This fix introduces load32WithUnalignedHalfWords
        and branch32WithUnalignedHalfWords functions which contain
        naturally aligned memory loads - half word loads - on ARMv5 and below.

        * assembler/MacroAssemblerARM.cpp:
        (JSC::MacroAssemblerARM::load32WithUnalignedHalfWords):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerARM::branch32WithUnalignedHalfWords):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerARMv7::branch32):
        (JSC::MacroAssemblerARMv7::branch32WithUnalignedHalfWords):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::load32WithUnalignedHalfWords):
        (JSC::MacroAssemblerX86Common::branch32WithUnalignedHalfWords):
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generatePatternCharacterPair):

2009-09-25  Jeremy Orlow  <jorlow@chromium.org>

        This is breaking Chromium try bots, so I'm counting this as a build fix.

        Add more svn:ignore exceptions.  On different platforms, these files are
        generated with different case for JavaScriptCore.  Also there are some
        wtf project files that get built apparently.

        * JavaScriptCore.gyp: Changed property svn:ignore.

2009-09-25  Ada Chan  <adachan@apple.com>

        Build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Inlined some object creation code, including lexicalGlobalObject access
        https://bugs.webkit.org/show_bug.cgi?id=29750
        
        SunSpider says 0.5% faster.
        
        0.8% speedup on bench-alloc-nonretained.js.
        2.5% speedup on v8-splay.js.

        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/CallFrame.h:
        (JSC::ExecState::lexicalGlobalObject):
        (JSC::ExecState::globalThisValue):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChainNode::print):
        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::ScopeChainNode):
        (JSC::ScopeChainNode::~ScopeChainNode):
        (JSC::ScopeChainNode::push):
        (JSC::ScopeChain::ScopeChain):
        (JSC::ScopeChain::globalObject): Added a globalObject data member to ScopeChainNode.
        Replaced accessor function for globalObject() with data member. Replaced
        globalThisObject() accessor with direct access to globalThis, to match.

        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::init):
        * runtime/JSGlobalObject.h: Inlined array and object construction.

2009-09-25  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Gavin Barraclough.

        Add ARM version detection rules for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29715

        * wtf/Platform.h:

2009-09-24  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Mark "Do It!" Rowe.

        Some GCC versions don't like C++-style comments in preprocessor
        directives, change to C-style to shut them up.

        * wtf/Platform.h:

2009-09-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Division is needlessly slow in 64-bit
        https://bugs.webkit.org/show_bug.cgi?id=29723

        Add codegen for op_div on x86-64

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emitSlow_op_div):
        * jit/JITInlineMethods.h:
        (JSC::JIT::isOperandConstantImmediateDouble):
        (JSC::JIT::addressFor):
        (JSC::JIT::emitLoadDouble):
        (JSC::JIT::emitLoadInt32ToDouble):
        (JSC::JIT::emitJumpSlowCaseIfNotImmediateNumber):

2009-09-24  Jeremy Orlow  <jorlow@chromium.org>

        Reviewed by Dimitri Glazkov.

        Add GYP generated files to svn:ignore
        https://bugs.webkit.org/show_bug.cgi?id=29724

        Adding the following files to the svn:ignore list (all in the
        JavaScriptCore/JavaScriptCore.gyp directory)

        JavaScriptCore.xcodeproj
        JavaScriptCore.sln
        JavaScriptCore.vcproj
        JavaScriptCore_Debug.rules
        JavaScriptCore_Release.rules
        JavaScriptCore_Release - no tcmalloc.rules
        JavaScriptCore_Purify.rules
        JavaScriptCore.mk
        JavaScriptCore_Debug_rules.mk
        JavaScriptCore_Release_rules.mk
        JavaScriptCore_Release - no tcmalloc_rules.mk
        JavaScriptCore_Purify_rules.mk
        JavaScriptCore.scons
        JavaScriptCore_main.scons

        * JavaScriptCore.gyp: Changed property svn:ignore.

2009-09-24  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Adam Barth.

        Replace platform-dependent code with WTF::currentTime()
        https://bugs.webkit.org/show_bug.cgi?id=29148

        * jsc.cpp:
        (StopWatch::start):
        (StopWatch::stop):
        (StopWatch::getElapsedMS):
        * runtime/TimeoutChecker.cpp:
        (JSC::getCPUTime):

2009-09-24  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        <rdar://problem/7215058> FastMalloc scavenging thread should be named

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::scavengerThread): Set the thread name.
        * wtf/Platform.h: Move the knowledge of whether pthread_setname_np exists to here as HAVE(PTHREAD_SETNAME_NP).
        * wtf/ThreadingPthreads.cpp:
        (WTF::setThreadNameInternal): Use HAVE(PTHREAD_SETNAME_NP).

2009-09-24  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Renamed clear to removeAll, as suggested by Darin Adler.

        * wtf/HashCountedSet.h:
        (WTF::::removeAll):

2009-09-24  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough.

        Fix FastMalloc to build with assertions enabled.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_Central_FreeList::ReleaseToSpans):
        * wtf/TCSpinLock.h:
        (TCMalloc_SpinLock::IsHeld):

2009-09-24  Geoffrey Garen  <ggaren@apple.com>

        Suggested by Darin Adler.

        Removed some unnecessary parameter names.

        * wtf/HashCountedSet.h:

2009-09-24  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        On Windows JSChar is typedef'ed to wchar_t.

        When building with WINSCW for Symbian we need to do the
        same typedef.

        * API/JSStringRef.h:

2009-09-23  Geoffrey Garen  <ggaren@apple.com>

        A piece of my last patch that I forgot.

        * wtf/HashCountedSet.h:
        (WTF::::clear): Added HashCountedSet::clear.

2009-09-24  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Avoid __clear_cache built-in function if DISABLE_BUILTIN_CLEAR_CACHE define is set
        https://bugs.webkit.org/show_bug.cgi?id=28886

        There are some GCC packages (for example GCC-2006q3 from CodeSourcery)
        which contain __clear_cache built-in function only for C while the C++
        version of __clear_cache is missing on ARM architectures.

        Fixed a small bug in the inline assembly of cacheFlush function on
        ARM_TRADITIONAL.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-09-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added the ability to swap vectors with inline capacities, so you can
        store a vector with inline capacity in a hash table.

        * wtf/Vector.h:
        (WTF::swap):
        (WTF::VectorBuffer::swap):

2009-09-23  David Kilzer  <ddkilzer@apple.com>

        Move definition of USE(PLUGIN_HOST_PROCESS) from WebKitPrefix.h to Platform.h

        Reviewed by Mark Rowe.

        * wtf/Platform.h: Define WTF_USE_PLUGIN_HOST_PROCESS to 1 when
        building on 64-bit SnowLeopard.  Define to 0 elsewhere.

2009-09-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Code sampling builds are broken.
        https://bugs.webkit.org/show_bug.cgi?id=29662

        Fix build.

        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * bytecode/SamplingTool.cpp:
        (JSC::ScriptSampleRecord::sample):
        (JSC::SamplingTool::doRun):
        (JSC::SamplingTool::notifyOfScope):
        (JSC::compareScriptSampleRecords):
        (JSC::SamplingTool::dump):
        * bytecode/SamplingTool.h:
        (JSC::ScriptSampleRecord::ScriptSampleRecord):
        (JSC::ScriptSampleRecord::~ScriptSampleRecord):
        (JSC::SamplingTool::SamplingTool):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::makeFunction):
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * parser/Nodes.cpp:
        (JSC::ScopeNode::ScopeNode):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::fromGlobalCode):
        * runtime/Executable.h:
        (JSC::ScriptExecutable::ScriptExecutable):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::EvalExecutable::create):
        (JSC::ProgramExecutable::ProgramExecutable):
        (JSC::FunctionExecutable::create):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-09-22  Darin Adler  <darin@apple.com>

        Reviewed by Sam Weinig.

        * wtf/Forward.h: Added PassOwnPtr.

2009-09-22  Yaar Schnitman  <yaar@chromium.org>

        Reviewed by David Levin.

        Ported chromium.org's javascriptcore.gyp for the webkit chromium port.

        https://bugs.webkit.org/show_bug.cgi?id=29617

        * JavaScriptCore.gyp/JavaScriptCore.gyp: Added.

2009-09-22  Thiago Macieira  <thiago.macieira@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compilation with WINSCW: no varargs macros

        Disable variadic arguments for WINSCW just like we do
        for MSVC7.

        * wtf/Assertions.h:

2009-09-22  Kent Hansen  <khansen@trolltech.com>

        Reviewed by Simon Hausmann.

        Disable variadic macros on MSVC7.

        This was originally added in r26589 but not extended
        when LOG_DISABLED/ASSERT_DISABLED was introduced.

        * wtf/Assertions.h:

2009-09-22  Simon Hausmann  <simon.hausmann@nokia.com>

        Unreviewed build fix for Windows CE < 5

        Define WINCEBASIC to disable the IsDebuggerPresent() code in
        wtf/Assertions.cpp.

        * JavaScriptCore.pri:

2009-09-22  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by Simon Hausmann.

        Fix major memory leak in JavaScriptCore RegisterFile on Windows CE

        https://bugs.webkit.org/show_bug.cgi?id=29367

        On Widows CE we must decommit all committed pages before we release
        them. See VirtualFree documentation.
        Desktop Windows behaves much smoother in this situation.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):

2009-09-21  Greg Bolsinga  <bolsinga@apple.com>

        Reviewed by Simon Fraser & Sam Weinig.

        Add ENABLE(ORIENTATION_EVENTS)
        https://bugs.webkit.org/show_bug.cgi?id=29508

        * wtf/Platform.h: Also sort PLATFORM(IPHONE) #defines.

2009-09-21  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Eric Seidel.

        [Fix] SourceCode's uninitialized member
        
        Potential source of crashes and bugs was fixed. Default constructor
        didn't initialized m_provider member.

        https://bugs.webkit.org/show_bug.cgi?id=29364

        * parser/SourceCode.h:
        (JSC::SourceCode::SourceCode):

2009-09-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        REGRESSION (r48582): Crash in StructureStubInfo::initPutByIdTransition when reloading trac.webkit.org
        https://bugs.webkit.org/show_bug.cgi?id=29599

        It is unsafe to attempt to cache new property transitions on
        dictionaries of any type.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):

2009-09-21  Oliver Hunt  <oliver@apple.com>

        RS=Maciej Stachowiak.

        Re-land SNES fix with corrected assertion.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        * runtime/JSObject.cpp:
        (JSC::JSObject::removeDirect):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::despecifyDictionaryFunction):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::removePropertyTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::toCacheableDictionaryTransition):
        (JSC::Structure::toUncacheableDictionaryTransition):
        (JSC::Structure::fromDictionaryTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        * runtime/Structure.h:
        (JSC::Structure::isDictionary):
        (JSC::Structure::isUncacheableDictionary):
        (JSC::Structure::):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-09-21  Adam Roben  <aroben@apple.com>

        Revert r48573, as it caused many assertion failures

        * interpreter/Interpreter.cpp:
        * jit/JITStubs.cpp:
        * runtime/BatchedTransitionOptimizer.h:
        * runtime/JSObject.cpp:
        * runtime/Structure.cpp:
        * runtime/Structure.h:
        * runtime/StructureChain.cpp:

2009-09-21  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed make dist build fix. Missing files.

        * GNUmakefile.am:

2009-09-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam 'Cabin Boy' Weinig.

        Fix stack alignment with ARM THUMB2 JIT.
        https://bugs.webkit.org/show_bug.cgi?id=29526
        
        Stack is currently being decremented by 0x3c, bump this to 0x40 to make this a
        multiple of 16 bytes.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:

2009-09-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        SNES is too slow
        https://bugs.webkit.org/show_bug.cgi?id=29534

        The problem was that the emulator used multiple classes with
        more properties than our dictionary cutoff allowed, this resulted
        in more or less all critical logic inside the emulator requiring
        uncached property access.

        Rather than simply bumping the dictionary cutoff, this patch
        recognises that there are two ways to create a "dictionary"
        structure.  Either by adding a large number of properties, or
        by removing a property.  In the case of adding properties we
        know all the existing properties will maintain their existing
        offsets, so we could cache access to those properties, if we
        know they won't be removed.

        To make this possible, this patch adds the logic required to
        distinguish a dictionary created by addition from one created
        by removal.  With this logic in place we can now cache access
        to objects with large numbers of properties.

        SNES performance improved by more than 6x.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        * runtime/JSObject.cpp:
        (JSC::JSObject::removeDirect):
        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::despecifyDictionaryFunction):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::removePropertyTransition):
        (JSC::Structure::toDictionaryTransition):
        (JSC::Structure::toCacheableDictionaryTransition):
        (JSC::Structure::toUncacheableDictionaryTransition):
        (JSC::Structure::fromDictionaryTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        * runtime/Structure.h:
        (JSC::Structure::isDictionary):
        (JSC::Structure::isUncacheableDictionary):
        (JSC::Structure::):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Implement ES5 Object.create function
        https://bugs.webkit.org/show_bug.cgi?id=29524

        Implement Object.create.  Very simple patch, effectively Object.defineProperties
        only creating the target object itself.

        * runtime/CommonIdentifiers.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorCreate):

2009-09-19  Dan Bernstein  <mitz@apple.com>

        Fix clean debug builds.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-19  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by George Staikos.

        QtWebKit Windows CE compile fix

        https://bugs.webkit.org/show_bug.cgi?id=29379

        There is no _aligned_alloc or _aligned_free on Windows CE.
        We just use the Windows code that was there before and use VirtualAlloc.
        But that also means that the BLOCK_SIZE must be 64K as this function
        allocates on 64K boundaries.

        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlock):
        * runtime/Collector.h:

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Implement ES5 Object.defineProperties function
        https://bugs.webkit.org/show_bug.cgi?id=29522

        Implement Object.defineProperties.  Fairly simple patch, simply makes use of
        existing functionality used for defineProperty.

        * runtime/CommonIdentifiers.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::defineProperties):
        (JSC::objectConstructorDefineProperties):

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Windows build fix part2

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Buildfix).

        Windows build fix part 1.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Implement ES5 Object.defineProperty function
        https://bugs.webkit.org/show_bug.cgi?id=29503

        Implement Object.defineProperty.  This requires adding the API to
        ObjectConstructor, along with a helper function that implements the
        ES5 internal [[ToPropertyDescriptor]] function.  It then adds
        JSObject::defineOwnProperty that implements the appropriate ES5 semantics.
        Currently defineOwnProperty uses a delete followed by a put to redefine
        attributes of a property, clearly this is less efficient than it could be
        but we can improve this if it needs to be possible in future.

        * JavaScriptCore.exp:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::defineGetter):
        (JSC::DebuggerActivation::defineSetter):
        * debugger/DebuggerActivation.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
          Update defineGetter/Setter calls
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertySlot):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::defineGetter):
        (JSC::JSGlobalObject::defineSetter):
        * runtime/JSGlobalObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::putDescriptor):
        (JSC::JSObject::defineOwnProperty):
        * runtime/JSObject.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        (JSC::toPropertyDescriptor):
        (JSC::objectConstructorDefineProperty):
        * runtime/ObjectPrototype.cpp:
        (JSC::objectProtoFuncDefineGetter):
        (JSC::objectProtoFuncDefineSetter):
        * runtime/PropertyDescriptor.cpp:
        (JSC::PropertyDescriptor::writable):
        (JSC::PropertyDescriptor::enumerable):
        (JSC::PropertyDescriptor::configurable):
        (JSC::PropertyDescriptor::isDataDescriptor):
        (JSC::PropertyDescriptor::isGenericDescriptor):
        (JSC::PropertyDescriptor::isAccessorDescriptor):
        (JSC::PropertyDescriptor::getter):
        (JSC::PropertyDescriptor::setter):
        (JSC::PropertyDescriptor::setDescriptor):
        (JSC::PropertyDescriptor::setAccessorDescriptor):
        (JSC::PropertyDescriptor::setWritable):
        (JSC::PropertyDescriptor::setEnumerable):
        (JSC::PropertyDescriptor::setConfigurable):
        (JSC::PropertyDescriptor::setSetter):
        (JSC::PropertyDescriptor::setGetter):
        (JSC::PropertyDescriptor::equalTo):
        (JSC::PropertyDescriptor::attributesEqual):
        (JSC::PropertyDescriptor::attributesWithOverride):
        * runtime/PropertyDescriptor.h:
        (JSC::PropertyDescriptor::PropertyDescriptor):
        (JSC::PropertyDescriptor::value):
        (JSC::PropertyDescriptor::setValue):
        (JSC::PropertyDescriptor::isEmpty):
        (JSC::PropertyDescriptor::writablePresent):
        (JSC::PropertyDescriptor::enumerablePresent):
        (JSC::PropertyDescriptor::configurablePresent):
        (JSC::PropertyDescriptor::setterPresent):
        (JSC::PropertyDescriptor::getterPresent):
        (JSC::PropertyDescriptor::operator==):
        (JSC::PropertyDescriptor::):

2009-09-18  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Build fix to enable ARM_THUMB2 on Linux
        https://bugs.webkit.org/show_bug.cgi?id=

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * jit/JITStubs.cpp:
        * wtf/Platform.h:

2009-09-18  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Defines two pseudo-platforms for ARM and Thumb-2 instruction set.
        https://bugs.webkit.org/show_bug.cgi?id=29122

        Introduces WTF_PLATFORM_ARM_TRADITIONAL and WTF_PLATFORM_ARM_THUMB2
        macros on ARM platforms. The PLATFORM(ARM_THUMB2) should be used
        when Thumb-2 instruction set is the required target. The
        PLATFORM(ARM_TRADITIONAL) is for generic ARM instruction set. In
        case where the code is common the PLATFORM(ARM) have to be used.

        * assembler/ARMAssembler.cpp:
        * assembler/ARMAssembler.h:
        * assembler/ARMv7Assembler.h:
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.cpp:
        * assembler/MacroAssemblerARM.h:
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        * jit/ExecutableAllocator.h:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::beginUninterruptedSequence):
        (JSC::JIT::preserveReturnAddressAfterCall):
        (JSC::JIT::restoreReturnAddressBeforeReturn):
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        * jit/JITStubs.h:
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):

2009-09-18  Joerg Bornemann  <joerg.bornemann@nokia.com>

        Reviewed by Simon Hausmann.

        Fix the Qt/Windows CE build.

        * JavaScriptCore.pri: Build the ce_time.cpp functions from
        within Qt externally.
        * wtf/DateMath.cpp: Removed unnecessary Qt #ifdef, for the
        Qt build these functions are no external, too.

2009-09-17  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        Symbian/WINSCW build fox.

        Repeat Q_OS_WIN wchar_t hack for WINSCW, similar to
        revision 24774.

        WINSCW defines wchar_t, thus UChar has to be wchar_t

        * wtf/unicode/qt4/UnicodeQt4.h:

2009-09-17  Janne Koskinen  <janne.p.koskinen@digia.com>

        Reviewed by Simon Hausmann.

        Symbian/WINSCW build fix.

        https://bugs.webkit.org/show_bug.cgi?id=29186

        WINSCW Template specialisation name in declaration must the be the same as in implementation.

        * runtime/LiteralParser.h:

2009-09-15  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=27060

        Symbian compiler for emulator target (WINSCW) fails with
        "illegal operand" for m_attributesInPrevious in structure.ccp
        (when calling make_pair functions).
        This error is apparently due to the compiler not properly
        resolving the unsigned type of the declared bitfield.

        Initial patch explicitly casted m_attributesInPrevious
        to unsigned, but since bitfield optimization is not critical for
        the emulator target, this conditional change in header file
        appears to be least intrusive.

        * runtime/Structure.h:

2009-09-16  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Fix GCC warnings on ARM_THUMB2 platform

        * assembler/ARMv7Assembler.h:
        (JSC::ARMThumbImmediate::countLeadingZerosPartial):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerARMv7::moveFixedWidthEncoding):

2009-09-16  Greg Bolsinga  <bolsinga@apple.com>

        Add ENABLE(INSPECTOR)
        https://bugs.webkit.org/show_bug.cgi?id=29260

        Reviewed by David Kilzer.

        * wtf/Platform.h:

2009-09-16  Greg Bolsinga  <bolsinga@apple.com>

        Add ENABLE(CONTEXT_MENUS)
        https://bugs.webkit.org/show_bug.cgi?id=29225

        Reviewed by David Kilzer.

        * wtf/Platform.h:

2009-09-16  Benjamin C Meyer  <benjamin.meyer@torchmobile.com>

        Reviewed by Eric Seidel.

        The webkit stdint and stdbool headers exists because
        the compiler MSVC doesn't include them.  The check
        should not check for PLATFORM(WIN_OS) but for MSVC.

        * os-win32/stdbool.h:
        * os-win32/stdint.h:

2009-09-16  Greg Bolsinga  <bolsinga@apple.com>

        Add ENABLE(DRAG_SUPPORT)
        https://bugs.webkit.org/show_bug.cgi?id=29233

        Reviewed by David Kilzer.

        * wtf/Platform.h:

2009-09-16  Kevin Ollivier  <kevino@theolliviers.com>

        waf build fix after flag was moved to correct place.

        * wscript:

2009-09-16  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Build fix for 64-bit Qt on Mac OS X

        * wtf/Platform.h: Use JSVALUE64 on DARWIN, not only on MAC

2009-09-16  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        [Qt] Fix wtf/ThreadSpecific.h under Qt to free thread local objects.
        https://bugs.webkit.org/show_bug.cgi?id=29295

        This is an important fix when JavaScript workers are in use, since
        unfreed ThreadGlobalDatas leak a big amount of memory (50-100k each).
        QThreadStorage calls the destructor of a given object, which is the
        ThreadSpecific::Data. Unlike pthread, Qt is object oriented, and does
        not support the calling of a static utility function when the thread
        is about to close. In this patch we call the ThreadSpecific::destroy()
        utility function from the destructor of ThreadSpecific::Data. Moreover,
        since Qt resets all thread local values to 0 before the calling of the
        appropriate destructors, we set back the pointer to its original value.
        This is necessary because the get() method of the ThreadSpecific
        object may be called during the exuction of the destructor.

        * wtf/ThreadSpecific.h:
        (WTF::ThreadSpecific::Data::~Data):
        (WTF::::~ThreadSpecific):
        (WTF::::set):
        (WTF::::destroy):

2009-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Allow anonymous storage inside JSObject
        https://bugs.webkit.org/show_bug.cgi?id=29168

        Add the concept of anonymous slots to Structures so that it is
        possible to store references to values that need marking in the
        standard JSObject storage buffer.  This allows us to reduce the
        malloc overhead of some objects (by allowing them to store JS
        values in the inline storage of the object) and reduce the 
        dependence of custom mark functions (if all an objects children
        are in the standard object property storage there's no need to
        mark them manually).

        * JavaScriptCore.exp:
        * runtime/JSObject.h:
        (JSC::JSObject::putAnonymousValue):
        (JSC::JSObject::getAnonymousValue):
        (JSC::JSObject::addAnonymousSlots):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        (JSC::JSWrapperObject::JSWrapperObject):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/PropertyMapHashTable.h:
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
        (JSC::Structure::materializePropertyMap):
        (JSC::Structure::addAnonymousSlotsTransition):
        (JSC::Structure::copyPropertyTable):
        (JSC::Structure::put):
        (JSC::Structure::rehashPropertyMapHashTable):
        * runtime/Structure.h:
        (JSC::Structure::propertyStorageSize):
        (JSC::StructureTransitionTable::reifySingleTransition):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::TransitionTable::addSlotTransition):
        (JSC::StructureTransitionTable::TransitionTable::removeSlotTransition):
        (JSC::StructureTransitionTable::TransitionTable::getSlotTransition):
        (JSC::StructureTransitionTable::getAnonymousSlotTransition):
        (JSC::StructureTransitionTable::addAnonymousSlotTransition):
        (JSC::StructureTransitionTable::removeAnonymousSlotTransition):

2009-09-15  Alex Milowski  <alex@milowski.com>

        Reviewed by Tor Arne Vestbø.

        Added the ENABLE_MATHML define to the features

        * Configurations/FeatureDefines.xcconfig:

2009-09-15 Csaba Osztrogonac <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        [Qt] Build fix for windows.

        After http://trac.webkit.org/changeset/47795 the MinGW build broke,
        because MinGW has __mingw_aligned_malloc instead of _aligned_malloc.

        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock): MinGW case added.
        (JSC::Heap::freeBlock): MinGW case added.

2009-09-15  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        [Qt] Build fix for Windows/MinGW

        https://bugs.webkit.org/show_bug.cgi?id=29268

        * wtf/Platform.h: JSVALUE32_64 temporarily disabled on PLATFORM(WIN_OS) with COMPILER(MINGW)

2009-09-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Detect VFP at runtime in generic ARM port on Linux platform.
        https://bugs.webkit.org/show_bug.cgi?id=29076

        * JavaScriptCore.pri:
        * assembler/MacroAssemblerARM.cpp: Added.
        (JSC::isVFPPresent):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::supportsFloatingPoint):

2009-09-14  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        [Qt] Build fix for windows build.

        * JavaScriptCore.pri: Correct a logic error.
        * pcre/dftables: Add missing paranthesis for tmpdir function.

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Build fix for windows exports (again).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Build fix for windows exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Correct fix for non-allinonefile builds

        * runtime/ObjectConstructor.cpp:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Fix non-allinonefile builds

        * runtime/ObjectConstructor.cpp:

2009-09-12  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        [ES5] Implement Object.keys
        https://bugs.webkit.org/show_bug.cgi?id=29170

        This patch basically requires two separate steps, the first is to split getPropertyNames
        into two functions -- getOwnPropertyNames and getPropertyNames, basically making them behave
        in the same way as getOwnPropertySlot and getPropertySlot.  In essence getOwnPropertyNames
        produces the list of properties on an object excluding its prototype chain and getPropertyNames
        just iterates the the object and its prototype chain calling getOwnPropertyNames at each level.

        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        (JSC::::getOwnPropertyNames):
        * JavaScriptCore.exp:
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::getOwnPropertyNames):
        * debugger/DebuggerActivation.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertyNames):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::getOwnPropertyNames):
        * runtime/JSByteArray.h:
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::getOwnPropertyNames):
        * runtime/JSNotAnObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::getOwnPropertyNames):
        * runtime/JSObject.h:
        * runtime/JSVariableObject.cpp:
        (JSC::JSVariableObject::getOwnPropertyNames):
        * runtime/JSVariableObject.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorKeys):
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertyNames):
        * runtime/StringObject.cpp:
        (JSC::StringObject::getOwnPropertyNames):
        * runtime/StringObject.h:
        * runtime/Structure.cpp:
        (JSC::Structure::getOwnEnumerablePropertyNames):
        (JSC::Structure::getEnumerablePropertyNames):
        * runtime/Structure.h:

2009-09-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        getPropertyNames caching is invalid when the prototype chain contains objects with custom getPropertyNames
        https://bugs.webkit.org/show_bug.cgi?id=29214

        Add a flag to TypeInfo to indicate whether a type overrides getPropertyNames.
        This flag is used to make sure that caching of the property name data is safe.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * debugger/DebuggerActivation.h:
        (JSC::DebuggerActivation::createStructure):
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/DatePrototype.h:
        (JSC::DatePrototype::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.h:
        (JSC::JSObject::createStructure):
        * runtime/JSTypeInfo.h:
        (JSC::TypeInfo::hasDefaultGetPropertyNames):
        * runtime/JSVariableObject.h:
        (JSC::JSVariableObject::createStructure):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::createStructure):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):

2009-09-11  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Geoff Garen.

        https://bugs.webkit.org/show_bug.cgi?id=29207
        Add checks for using WebCore JS context on secondary threads

        * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        Added a new mainThreadOnly flag that WebCore would set.

        * runtime/Collector.cpp: (JSC::Heap::registerThread): JSC API methods always call this,
        so this is a good place to check that the API isn't used form a wrong thread.

2009-09-11  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>

        Reviewed by Simon Hausmann.

        Compiling JavaScriptCore on sparc 64 with gcc fails.

        ThreadSafeShared uses the atomic __gnu_cxx::__exchange_and_add with an int,
        however on sparc 64 the _Atomic_word argument is typedefed to long (8 bytes).

        The patch disables WTF_USE_LOCKFREE_THREADSAFESHARED in ThreadSafeShared to use
        a mutex instead when compiling for sparc 64 with gcc.

        https://bugs.webkit.org/show_bug.cgi?id=29175

        * wtf/Platform.h:
        __sparc64__ is not defined on all OS.
        Uses instead: __sparc__ && __arch64__ || __sparcv9
        * wtf/Threading.h:

2009-09-11  Prasanth Ullattil  <prasanth.ullattil@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compile error on Windows7(64Bit) with latest SDK.

        Added the missing include file.

        * runtime/UString.cpp:

2009-09-11  Joerg Bornemann  <joerg.bornemann@trolltech.com>

        Reviewed by Simon Hausmann.

        Qt/Windows CE compile fix, include the executable allocator and
        markstack implementation in the windows build.

        * JavaScriptCore.pri:

2009-09-08  John Abd-El-Malek  <jam@chromium.org>

        Reviewed by Dimitri Glazkov.

        Remove unneeded define for ActiveX.
        https://bugs.webkit.org/show_bug.cgi?id=29054

        * wtf/Platform.h:

2009-09-10  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Sam Weinig.

        Update JavaScriptCore and WebKit's FeatureDefines.xcconfig so that they are in sync with WebCore as they need to be.

        * Configurations/FeatureDefines.xcconfig:

2009-09-10  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        Export WTF::tryFastMalloc used in WebSocketChannel.
        https://bugs.webkit.org/show_bug.cgi?id=28038

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Make StructureTransitionTable use an enum for the PtrAndFlags member
        used for the single transition slot optimisation.

        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::StructureTransitionTable):
        (JSC::StructureTransitionTable::usingSingleTransitionSlot):
        (JSC::StructureTransitionTable::):

2009-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Refactor StructureTransitionTable and Structure to unify handling of the single slot optimization
        https://bugs.webkit.org/show_bug.cgi?id=29141

        Make StructureTransitionTable encapsulate the single transition slot optimization.

        * runtime/Structure.cpp:
        (JSC::Structure::Structure):
        (JSC::Structure::~Structure):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::addPropertyWithoutTransition):
        (JSC::Structure::removePropertyWithoutTransition):
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::StructureTransitionTable::contains):
        (JSC::StructureTransitionTable::get):
        (JSC::StructureTransitionTable::hasTransition):
        (JSC::StructureTransitionTable::reifySingleTransition):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::StructureTransitionTable):
        (JSC::StructureTransitionTable::~StructureTransitionTable):
        (JSC::StructureTransitionTable::remove):
        (JSC::StructureTransitionTable::add):
        (JSC::StructureTransitionTable::table):
        (JSC::StructureTransitionTable::singleTransition):
        (JSC::StructureTransitionTable::usingSingleTransitionSlot):
        (JSC::StructureTransitionTable::setSingleTransition):
        (JSC::StructureTransitionTable::setTransitionTable):
        (JSC::StructureTransitionTable::):
        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):

2009-09-10  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Implement fastDeleteSkippingDestructor for FastAllocBase and fastDeleteAllValues for HashSet
        https://bugs.webkit.org/show_bug.cgi?id=25930

        FastAllocBase has been extended with fastDeleteSkippingDestructor function which
        releases memory without destructor call. fastDeleteAllValues has been implemented 
        similar as deleteAllValues but it uses fastDelete function to release memory.

        * wtf/FastAllocBase.h:
        (WTF::fastDeleteSkippingDestructor):
        * wtf/HashSet.h:
        (WTF::fastDeleteAllValues):

2009-09-10  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        ARM compiler does not understand GCC visibility attribute
        https://bugs.webkit.org/show_bug.cgi?id=29079

        * API/JSBase.h: Make the test more specific to hit only
        the GCC compiler

2009-09-10  Adam Barth  <abarth@webkit.org>

        Unreviewed revert of the previous change.  It broke the tests.

        * wtf/dtoa.cpp:
        (WTF::dtoa):

2009-09-10  Ben Laurie  <benl@google.com>

        Reviewed by Adam Barth.

        <https://bugs.webkit.org/show_bug.cgi?id=26836>

        If dtoa was given a small buffer and the number was either infinite or
        NaN, then the buffer would be overflowed.

        * wtf/dtoa.cpp:

2009-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Change reinterpret_cast to static_cast in r48212.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):

2009-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Remove WTF_PLATFORM_FORCE_PACK as it is no longer used
        https://bugs.webkit.org/show_bug.cgi?id=29066

        * wtf/Platform.h:

2009-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Ariya Hidayat.

        Implement flushing the instruction cache for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=29075

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush): Call IMB_Range to flush
        the instruction cache on Symbian

2009-09-09  Kent Hansen  <khansen@trolltech.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=29024
        Make JavaScriptCore compile on platforms with case-insensitive file systems and typeinfo.h in STL

        These platforms include Microsoft Visual Studio 2003, and Symbian with Metrowerks compiler.

        * JavaScriptCore.gypi:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSTypeInfo.h: Copied from JavaScriptCore/runtime/TypeInfo.h.
        * runtime/Structure.h:
        * runtime/TypeInfo.h: Removed.

2009-09-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        JSON.stringify(Date) loses the milliseconds information
        https://bugs.webkit.org/show_bug.cgi?id=29063

        Make sure we include milliseconds in the output of toISOString.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToISOString):

2009-09-08  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix, generate derived sources earlier in order to make sure
        they're found by the build system when generating the list of sources to build.

        * wscript:

2009-09-08  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        Build fix when USE(LOCKFREE_THREADSAFESHARED) is not defined
        https://bugs.webkit.org/show_bug.cgi?id=29011

        * wtf/Threading.h: Use LOCKFREE_THREADSAFESHARED guard for 
        atomicIncrement and atomicDecrement

2009-09-07  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control in Yarr's RegexInterpreter
        https://bugs.webkit.org/show_bug.cgi?id=29025

        Inherits RegexInterpreter classes from FastAllocBase (bug #20422), which has
        been instantiated by 'new':

        class ByteDisjunction
        -> instantiated in JavaScriptCore/yarr/RegexInterpreter.cpp:1462

        struct BytecodePattern
        -> instantiated in JavaScriptCore/yarr/RegexInterpreter.cpp:1279

        * yarr/RegexInterpreter.h:

2009-09-07  Drew Wilson  <atwilson@google.com>

        Reverting r48121 to fix Windows build errors.

        * JavaScriptCore.exp:

2009-09-07  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        Enable SHARED_WORKERS by default
        https://bugs.webkit.org/show_bug.cgi?id=28959

        * Configurations/FeatureDefines.xcconfig:

2009-09-07  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Alexey Proskuryakov.

        Export WTF::tryFastMalloc used in WebSocketChannel.
        https://bugs.webkit.org/show_bug.cgi?id=28038

        * JavaScriptCore.exp:

2009-09-04  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Fix windows export files

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-09-04  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        [[ToString]] conversion should use the actual toString function for String objects.

        Remove incorrect specialisations of toString conversions on StringObject.

        * JavaScriptCore.exp:
        * runtime/StringObject.cpp:
        * runtime/StringObject.h:

2009-09-04  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Add new export.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Add new export.

2009-09-04  Steve Falkenburg  <sfalken@apple.com>

        Windows build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Remove unneeded export.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Remove unneeded export.

2009-09-04  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        DateInstance object collected on ARM JIT (JSValue: WTF_USE_JSVALUE32)
        https://bugs.webkit.org/show_bug.cgi?id=28909

        Part two.

        Make some improvements to garbage collection code:

            1) Create a runtime assertion that catches any classes that
               override markChildren but have the HasDefaultMark bit set.
            2) Remove checks of the mark bit outside the MarkStack::append
               function; they are redundant.
            3) Improve the efficiency of the asObject and asArray functions
               when called on JSCell* to avoid a round trip to JSValue.
            4) Make more callers use the checked asCell and asObject
               casting functions rather than unchecked casts.
            5) Removed the JSCell::marked function and other GC-related
               functions because these operations are no longer things that
               code other than the core GC code needs to do directly. Fixed
               callers that were calling them.

        * runtime/Collector.cpp:
        (JSC::Heap::markConservatively): Removed unneeded call to MarkStack::drain.
        (JSC::Heap::markProtectedObjects): Removed unneeded check of the mark
        bit and call to MarkStack::drain.
        (JSC::Heap::collect): Removed unneeded checks of the mark bit and also
        changed call to SmallStrings::mark to call markChildren instead to match
        the rest of the objects.
        (JSC::typeName): Removed unneeded cast to JSObject*.

        * runtime/JSArray.h:
        (JSC::asArray): Added an overload for JSCell* and changed the JSValue
        version to call it. Removed some unneeded casts.
        (JSC::JSArray::markChildrenDirect): Marked this function inline. It's in
        a header, and if not marked inline this could lead to linking problems.
        (JSC::MarkStack::markChildren): Added. This helper function is used by
        the drain function to avoid repating code. Also added the code here to
        check fro default mark violations in debug code. If a markChildren
        function adds something to the mark stack, but the type info claimed
        hasDefaultMark was true, then we will get an assertion now. Also fixed
        the assertion about the mark bit to use the Heap function directly
        because we don't have a JSCell::marked function any more.
        (JSC::MarkStack::drain): Changed a local variable from "v" to "value",
        and from "currentCell" to "cell". Changed to call markChildren in two
        places instead of repeating a chain of if statements twice. Changed
        code that reads and writes the mark bit to use Heap::isCellMarked and
        Heap::markCell so we can eliminate the JSCell::marked and
        JSCell::markCellDirect functions.

        * runtime/JSCell.h: Removed JSCell's markCellDirect and marked member
        functions. Added a comment explaining that asCell should be deprecated
        in favor of the JSValue asCell member function.
        (JSC::MarkStack::append): Added the assertion that catches callers
        that have set the HasDefaultMark bit incorrectly. Changed
        code that reads and writes the mark bit to use Heap::isCellMarked and
        Heap::markCell so we can eliminate the JSCell::marked and
        JSCell::markCellDirect functions. Moved the overload of
        MarkStack::append for JSValue here so it can call through to the cell
        version. The old version had a copy of all the code instead, but that
        repeated the conversion from JSValue to JSCell* and the check for
        whether a value is a cell multiple times.
        (JSC::Structure::markAggregate): Moved this function here to avoid
        dependencies for Structure.h, since this calls MarkStack::append.

        * runtime/JSObject.cpp:
        (JSC::JSObject::markChildren): Added code to clear
        m_isCheckingForDefaultMarkViolation so the marking done by JSObject
        doesn't trigger the assertion.

        * runtime/JSValue.h: Moved some stray includes that were outside the
        header guard inside it. Not sure how that happened! Removed the
        GC-related member functions markChildren, hasChildren, marked, and
        markDirect.

        * runtime/JSWrapperObject.h: Made markChildren private.
        (JSC::JSWrapperObject::createStructure): Added. Fixes a bug where the
        HasDefaultMark bit was set.

        * runtime/MarkStack.h: Added m_isCheckingForDefaultMarkViolation and
        initialized it to false. Moved the append function body from here to
        JSCell.h. Added a declaration of a private markChildren function used
        inside the drain function.

        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::markChildren): Changed the name and style of this
        function to match other functions. This allows us to share the normal
        mark stack code path.

        * runtime/SmallStrings.h: Changed the name and interface of mark to
        the more-normal markChildren style.

        * runtime/Structure.h: Moved the body of markAggregate into the
        JSCell.h to avoid a circular dependency with JSCell.h.

2009-09-04  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        DateInstance object collected on ARM JIT (JSValue: WTF_USE_JSVALUE32)
        https://bugs.webkit.org/show_bug.cgi?id=28909

        Part one.

        Make some improvements to garbage collection code:

            1) Fix the two classes that had the default mark bit set but
               should not.
            2) Remove checks of the mark bit outside the MarkStack::append
               function; they are redundant.
            3) Make more callers use the checked asCell and asObject
               casting functions rather than unchecked casts.
            4) Removed some GC-related functions because these operations are
               no longer things that code other than the core GC code needs
               to do directly. Fixed callers that were calling them.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate): Removed unneeded check of the mark
        bit before calling MarkStack::append.

        * interpreter/Register.h: Removed unneeded marked and markChildren
        functions.

        * jit/JITStubs.cpp:
        (op_eq): Removed unneeded assertions, instead using checked casting
        functions such as asObject.

        * runtime/ArgList.h: Added now-needed forward declaration of MarkStack.

        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren): Remmoved unneeded check of the mark bit.

        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::createStructure): Added. Fixes a bug where the
        HasDefaultMark bit was set.

        * runtime/JSCell.cpp:
        (JSC::JSCell::getObject): Use asObject to avoid a direct static_cast.

        * runtime/JSObject.h:
        (JSC::asObject): Added an overload for JSCell* and changed the JSValue
        version to call it.
        (JSC::JSValue::get): Use asObject to avoid a direct static_cast.

        * runtime/JSWrapperObject.h: Made markChildren private.
        (JSC::JSWrapperObject::createStructure): Added. Fixes a bug where the
        HasDefaultMark bit was set. Later we may want to optimize this for
        wrapper types that never have cells in their internal values, but there
        is no measured performance regression in SunSpider or V8 doing this
        all the time.

        * runtime/MarkStack.cpp: Tweaked formatting.

2009-09-04  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix. Switch USE_ defines over to the compiler so that they can be
        checked by files not including config.h (like WebCorePrefix.h).

        * wtf/Platform.h:

2009-09-03  Yong Li  <yong.li@torchmobile.com>

        Reviewed by David Levin.

        Remove unnecessary dependency on unistd.h
        https://bugs.webkit.org/show_bug.cgi?id=28962

        * runtime/Completion.cpp:

2009-09-03  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Eric Seidel.

        Add strnstr for Linux and Windows in StringExtras.h
        https://bugs.webkit.org/show_bug.cgi?id=28901

        * wtf/StringExtras.h:
        (strnstr):

2009-09-03  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's HashEntry class
        https://bugs.webkit.org/show_bug.cgi?id=27830

        Inherits HashEntry class from FastAllocBase because it has been
        instantiated by 'new' JavaScriptCore/runtime/Lookup.cpp:32.

        * runtime/Lookup.h:

2009-09-02  Gavin Barraclough  <barraclough@apple.com>

        Should crash if JIT code buffer allocation fails.

        https://bugs.webkit.org/show_bug.cgi?id=28926
        <rdar://problem/7031922>

        * jit/ExecutableAllocatorPosix.cpp:
        (JSC::ExecutablePool::systemAlloc):
        * jit/ExecutableAllocatorWin.cpp:
        (JSC::ExecutablePool::systemAlloc):

2009-09-02  Kevin Ollivier  <kevino@theolliviers.com>

        waf build fixes for Windows/MSVC.

        * wscript:

2009-09-02  Kevin Ollivier  <kevino@theolliviers.com>

        Build fix for building on Windows.

        * wtf/ThreadingPthreads.cpp:

2009-09-02  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Eric Seidel.

        Use fastMalloc when neither MMAP nor VIRTUALALLOC are enabled
        
        RegisterFile constructor currently throws #error when both
        MMAP and VIRTUALALLOC conditions fail.
        On any platform that does not provide these features
        (for instance, Symbian),
        the fallback should be regular malloc (or fastMalloc).
        It is functionally equivalent in this case, even though it may
        have certain drawbacks such as lack of dynamic pre-allocation.

        * interpreter/RegisterFile.cpp:
        (JSC::RegisterFile::~RegisterFile):
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):

2009-08-31  Robert Agoston  <Agoston.Robert@stud.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Fixed typo.
        https://bugs.webkit.org/show_bug.cgi?id=28691

        * parser/Parser.h:
        (JSC::Parser::parse):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        JSON Stringifier does not follow ES5 spec for handling of Number, String and Boolean objects
        https://bugs.webkit.org/show_bug.cgi?id=28797

        Fixed unwrapBoxedPrimitive to do the right thing, which necessitated a couple of new exception
        checks, and corrected the logic in gap to correctly convert Number and String objects.

        * runtime/JSONObject.cpp:
        (JSC::unwrapBoxedPrimitive):
        (JSC::gap):
        (JSC::Stringifier::Stringifier):
        (JSC::Stringifier::appendStringifiedValue):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Adam Roben.

        JSON.stringify replacer array does not accept values that are not string primitives.
        https://bugs.webkit.org/show_bug.cgi?id=28788

        Update the JSON stringifier to initialise its replacer array according to the most
        recent version of the spec.

        * runtime/Identifier.h:
        (JSC::Identifier::from):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Stringifier):

2009-08-27  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=28753
        <rdar://problem/7173448> Excessive number of threads (and a crash)

        * wtf/Threading.h: (WTF::atomicIncrement): Changed atomicIncrement to match decrement
        and return the new value. Also added using directives for these functions, to match
        te rest of WTF.

2009-08-27  Brent Fulgham  <bfulgham@webkit.org>

        Reviewed by Adam Roben.

        Link the testapi against CFLite when building the WinCairo port.

        * JavaScriptCore.vcproj/testapi/testapi.vcproj: Add new Release_CFLite
          target.  Update all targets to inherit from either the
          JavaScriptCF.vsprops (Apple target) or the JavaScriptCFLite.vsprops
          file (WinCairo target).
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops: Remove
          input file CoreFoundation.lib. This is provided by either the
          JavaScriptCF.vsprops or JavaScriptCFLite.vsprops file.

2009-08-27  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Geoff Garen.
        
        Fix Windows-specific crash due to missing memory clearing call.
        
        * runtime/Collector.cpp:
        (JSC::Heap::allocateBlock):

2009-08-27  Brent Fulgham  <bfulgham@webkit.org>

        Build fix: JavaScriptCore_debug.def missing some exports.  Apple
        Windows build does not use this file, so it was not noticed previously.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-27  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        x86-64 GTK broken due to code offsets changing, pointers sometimes packed into immediates.
        https://bugs.webkit.org/show_bug.cgi?id=28317

        Missed one, fix part II.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::move):
        * assembler/X86Assembler.h:
        (JSC::CAN_SIGN_EXTEND_8_32):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Adam Roben.

        JSON.stringify replacer array does not accept values that are not string primitives.
        https://bugs.webkit.org/show_bug.cgi?id=28788

        Update the JSON stringifier to initialise its replacer array according to the most
        recent version of the spec.

        * runtime/Identifier.h:
        (JSC::Identifier::from):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Stringifier):

2009-08-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        JSON parser accepts trailing comma in array literals
        https://bugs.webkit.org/show_bug.cgi?id=28779

        Update parser to correctly fail if there's a trailing comma.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        'this' in JSON.parse reviver is the global object
        https://bugs.webkit.org/show_bug.cgi?id=28752

        This is a technically simple change, we merely update the code for calling
        the reviver function to pass the correct this object.  Doing so however
        exposes the holder to arbitrary mutation by the reviver function so it is
        necessary for us to now guard all property accesses against the possibility
        of failure.

        * runtime/JSArray.h:
          JSON needs to delete a property from the array, so we friend its 
          Walker class so that we can make a non-virtual call to the arrays
          delete and getOwnPropertySlot methods.
        * runtime/JSONObject.cpp:
        (JSC::Walker::callReviver):
          We need to pass the correct this object
        (JSC::Walker::walk):
          Update calls to callReviver, and update property logic logic
          to correctly handle the holder being mutated by the reviver
          function.

2009-08-26  Alice Liu  <alice.liu@apple.com>

        Windows build fix: added some exported symbols

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Removed some exported symbols that no longer exist.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Olliejver Hunt.

        x86-64 GTK broken due to code offsets changing, pointers sometimes packed into immediates.
        https://bugs.webkit.org/show_bug.cgi?id=28317

        We rely on a slightly OS X specific behaviour, that x86-64 applications have a 4Gb zero page,
        so pointers are never representable as a 32-bit integer, and always have to be represented by
        a separate immediate load instruction, rather than within the immediate field of an arithmetic
        or memory operation.

        We explicitly check for a couple of cases where a value might be representable in 32-bit, but
        these probably never kick in on Mac OS, and only kick in to hose GTK.  Deleting these does not
        show a performance degradation on SunSpider.  Remove.

        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::storePtr):
        (JSC::MacroAssemblerX86_64::branchPtr):

2009-08-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        A bit of Collector refatoring.
        
        SunSpider says no change. v8 says 1.003x faster (1.02x faster on splay).

        * JavaScriptCore.exp:

        * runtime/JSCell.cpp:
        (JSC::JSCell::toPrimitive):
        (JSC::JSCell::getPrimitiveNumber):
        (JSC::JSCell::toBoolean):
        (JSC::JSCell::toNumber):
        (JSC::JSCell::toString):
        (JSC::JSCell::toObject): Removed pure virtual functions from
        JSCell, so the collector can construct one. This allowed
        me to remove a bunch of ASSERT_NOT_REACHED throughout the
        code, too.

        * runtime/JSCell.h:
        (JSC::JSCell::JSCell): ditto
        (JSC::Heap::heap): Inlined this function because it's trivial.

        * JavaScriptCore.exp:

        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        (JSC::Heap::allocateBlock):
        (JSC::Heap::freeBlock):
        (JSC::Heap::freeBlocks): Renamed freeHeap to freeBlocks, since
        it doesn't actually free the Heap object.
        (JSC::Heap::heapAllocate):
        (JSC::Heap::sweep):
        * runtime/Collector.h: Refactored block allocation and destruction
        into helper functions.
        
        * runtime/GetterSetter.cpp:
        * runtime/JSAPIValueWrapper.cpp:
        * runtime/JSPropertyNameIterator.cpp: Removed dummy implementations
        of pure virtual functions. (See above.)

=== End re-roll-in of r47738:47740 with Windows crash fixed ===

2009-08-26  Geoffrey Garen  <ggaren@apple.com>

        Build fix: start out with a 32-bit value to avoid a shortening warning.

        * runtime/Collector.cpp:
        (JSC::Heap::sweep):

2009-08-24  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        Substantially reduced VM thrash in the GC heap.
        
        1.08x faster on v8 (1.60x faster on v8-splay).
        
        1.40x faster on bench-alloc-nonretained.
        
        1.90x faster on bench-alloc-retained.
        
        SunSpider says no change.
        
        * runtime/Collector.cpp:
        (JSC::Heap::heapAllocate): Fixed a long-standing bug: update a few local
        variables unconditionally after calling collect(), since they may be used
        even if we don't "goto scan". (In the bug I saw, usedBlocks got out of
        sync with heap.usedBlocks).
        (JSC::Heap::sweep): Keep enough free heap space to accomodate 
        the number of objects we'll allocate before the next GC, plus 25%, for
        good measure.
        * runtime/Collector.h: Bumped the block size to 256k. This seems to give
        the best cache performance, and it prevents us from initiating lots of
        VM traffic to recover very small chunks of memory.

=== Begin re-roll-in of r47738:47740 with Windows crash fixed ===

2009-08-25  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        postMessage() spec now supports sending arrays of ports
        https://bugs.webkit.org/show_bug.cgi?id=26902

        Added OwnPtr to VectorTraits so we can store OwnPtrs in Vectors.

        * wtf/VectorTraits.h:

2009-08-26  Xan Lopez  <xlopez@igalia.com>

        Rubber-stamped by Gustavo Noronha.

        Remove duplicated files from file list.

        * GNUmakefile.am:

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        More export fixes.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Hopefully fix all the exports from JSC on windows

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fixes).

        Forgot I added files to JavaScriptCore. 

        * GNUmakefile.am:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCoreSources.bkl:

2009-08-25  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        [ES5] Implement getOwnPropertyDescriptor
        https://bugs.webkit.org/show_bug.cgi?id=28724

        Implement the core runtime support for getOwnPropertyDescriptor.
        This adds a virtual getOwnPropertyDescriptor method to every class
        that implements getOwnPropertySlot that shadows the behaviour of
        getOwnPropertySlot.  The alternative would be to make getOwnPropertySlot
        (or PropertySlots in general) provide property attribute information,
        but quick testing showed this to be a regression.

        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/Arguments.cpp:
        (JSC::Arguments::getOwnPropertyDescriptor):
        * runtime/Arguments.h:
        * runtime/ArrayPrototype.cpp:
        (JSC::ArrayPrototype::getOwnPropertyDescriptor):
        * runtime/ArrayPrototype.h:
        * runtime/CommonIdentifiers.h:
        * runtime/DatePrototype.cpp:
        (JSC::DatePrototype::getOwnPropertyDescriptor):
        * runtime/DatePrototype.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::getOwnPropertyDescriptor):
        * runtime/JSArray.h:
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::getOwnPropertyDescriptor):
        * runtime/JSByteArray.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::getOwnPropertyDescriptor):
        * runtime/JSFunction.h:
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::getOwnPropertyDescriptor):
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::getOwnPropertyDescriptor):
        * runtime/JSNotAnObject.h:
        * runtime/JSONObject.cpp:
        (JSC::JSONObject::getOwnPropertySlot):
        (JSC::JSONObject::getOwnPropertyDescriptor):
        * runtime/JSONObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::getOwnPropertyDescriptor):
        (JSC::JSObject::getPropertyDescriptor):
        * runtime/JSObject.h:
        * runtime/JSString.cpp:
        (JSC::JSString::getStringPropertyDescriptor):
        (JSC::JSString::getOwnPropertyDescriptor):
        * runtime/JSString.h:
        * runtime/JSVariableObject.cpp:
        (JSC::JSVariableObject::symbolTableGet):
        * runtime/JSVariableObject.h:
        * runtime/Lookup.h:
        (JSC::getStaticPropertyDescriptor):
        (JSC::getStaticFunctionDescriptor):
        (JSC::getStaticValueDescriptor):
          Add property descriptor equivalents of the lookup
          table access functions

        * runtime/MathObject.cpp:
        (JSC::MathObject::getOwnPropertySlot):
        (JSC::MathObject::getOwnPropertyDescriptor):
        * runtime/MathObject.h:
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::getOwnPropertyDescriptor):
        * runtime/NumberConstructor.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        * runtime/PropertyDescriptor.cpp: Added.
        (JSC::PropertyDescriptor::writable):
        (JSC::PropertyDescriptor::enumerable):
        (JSC::PropertyDescriptor::configurable):
        (JSC::PropertyDescriptor::hasAccessors):
        (JSC::PropertyDescriptor::setUndefined):
        (JSC::PropertyDescriptor::getter):
        (JSC::PropertyDescriptor::setter):
        (JSC::PropertyDescriptor::setDescriptor):
        (JSC::PropertyDescriptor::setAccessorDescriptor):
        * runtime/PropertyDescriptor.h: Added.
        (JSC::PropertyDescriptor::PropertyDescriptor):
        (JSC::PropertyDescriptor::attributes):
        (JSC::PropertyDescriptor::isValid):
        (JSC::PropertyDescriptor::value):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::getOwnPropertyDescriptor):
        * runtime/RegExpConstructor.h:
        * runtime/RegExpMatchesArray.h:
        (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
        * runtime/RegExpObject.cpp:
        (JSC::RegExpObject::getOwnPropertyDescriptor):
        * runtime/RegExpObject.h:
        * runtime/StringObject.cpp:
        (JSC::StringObject::getOwnPropertyDescriptor):
        * runtime/StringObject.h:
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::getOwnPropertyDescriptor):
        * runtime/StringPrototype.h:

2009-08-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        How many copies of the parameters do you need?
        https://bugs.webkit.org/show_bug.cgi?id=28701

        The function parameters in JSC get copied a lot - and unnecessarily so.

        Originally this happened due to duplicating FunctionBodyNodes on recompilation,
        though the problem has been exacerbated by copying the parameters from the
        original function body onto the executable, then back onto the real body that
        will be generated (this happens on every function).  And this is all made worse
        since the data structures in question are a little ugly - C style arrays of C++
        objects containing ref counts, so they need a full copy-construct (rather than
        a simple memcpy).

        This can all be greatly simplified by just punting the parameters off into
        their own ref-counted object, and forgoing all the copying.

        ~no performance change, possible slight progression.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::makeFunction):
        * parser/Nodes.cpp:
        (JSC::FunctionParameters::FunctionParameters):
        (JSC::FunctionBodyNode::FunctionBodyNode):
        (JSC::FunctionBodyNode::finishParsing):
        * parser/Nodes.h:
        (JSC::FunctionBodyNode::parameters):
        (JSC::FunctionBodyNode::parameterCount):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::~FunctionExecutable):
        (JSC::FunctionExecutable::compile):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::fromGlobalCode):
        (JSC::FunctionExecutable::paramString):
        * runtime/Executable.h:
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::parameterCount):

2009-08-25  Brent Fulgham  <bfulgham@webkit.org>

        Reviewed by NOBODY (Buildfix).

        * JavaScriptCore.vcproj/jsc/jsc.vcproj: Add Debug_CFLite target
          that inherits from the debug_wincairo property sheet and therefore
          links to the proper debug library.
        * JavaScriptCore.vcproj/testapi/testapi.vcproj: Add Debug_CFLite target
          that inherits from the debug_wincairo property sheet and therefore
          links to the proper debug library.

2009-08-25  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Simon Fraser.

        Export tryFastMalloc for Canvas3D work
        https://bugs.webkit.org/show_bug.cgi?id=28018

        * JavaScriptCore.exp:

2009-08-25  David Levin  <levin@chromium.org>

        Reviewed by Adam Roben.

        PLATFORM(CFNETWORK) should be USE(CFNETWORK).
        https://bugs.webkit.org/show_bug.cgi?id=28713

        * wtf/Platform.h: Added a #define to catch this issue in the
        future. The define would generate an error on gcc without the
        space in the expansion, but Visual C++ needs the space to cause an error.

2009-08-24  Brent Fulgham  <bfulgham@webkit.org>

        Reviewed by Steve Falkenburg.

        Revise CFLite Debug build to emit DLL's with _debug label.
        https://bugs.webkit.org/show_bug.cgi?id=28695.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Modify
          Cairo debug build to inherit from new debug_cairo property sheet.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCFLite.vsprops:
          Modify to look for debug CFLite when in debug build.

2009-08-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Adler & Darin Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=28691
        Do not retain ScopeNodes outside of parsing
        
        There is now no need for these to exist outside of parsing - their use in the runtime is replaced by Executable types.

        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::makeFunction):
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::ScopeNodeData):
        (JSC::ProgramNode::create):
        (JSC::EvalNode::create):
        (JSC::FunctionBodyNode::create):
        * parser/Nodes.h:
        (JSC::ScopeNode::adoptData):
        (JSC::FunctionBodyNode::parameterCount):
        * parser/Parser.cpp:
        * parser/Parser.h:
        (JSC::Parser::arena):
        (JSC::Parser::Parser):
        (JSC::Parser::parse):
        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):
        (JSC::arrayProtoFuncSort):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::~FunctionExecutable):
        (JSC::EvalExecutable::compile):
        (JSC::ProgramExecutable::checkSyntax):
        (JSC::ProgramExecutable::compile):
        (JSC::FunctionExecutable::compile):
        (JSC::EvalExecutable::generateJITCode):
        (JSC::ProgramExecutable::generateJITCode):
        (JSC::FunctionExecutable::generateJITCode):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::recompile):
        (JSC::FunctionExecutable::fromGlobalCode):
        (JSC::FunctionExecutable::copyParameters):
        (JSC::FunctionExecutable::paramString):
        * runtime/Executable.h:
        (JSC::ScriptExecutable::ScriptExecutable):
        (JSC::ScriptExecutable::sourceID):
        (JSC::ScriptExecutable::sourceURL):
        (JSC::ScriptExecutable::lineNo):
        (JSC::ScriptExecutable::lastLine):
        (JSC::ScriptExecutable::usesEval):
        (JSC::ScriptExecutable::usesArguments):
        (JSC::ScriptExecutable::needsActivation):
        (JSC::ScriptExecutable::recordParse):
        (JSC::EvalExecutable::bytecode):
        (JSC::EvalExecutable::jitCode):
        (JSC::ProgramExecutable::bytecode):
        (JSC::ProgramExecutable::reparseExceptionInfo):
        (JSC::ProgramExecutable::jitCode):
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::make):
        (JSC::FunctionExecutable::bytecode):
        (JSC::FunctionExecutable::isGenerated):
        (JSC::FunctionExecutable::name):
        (JSC::FunctionExecutable::parameterCount):
        (JSC::FunctionExecutable::jitCode):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::numericCompareFunction):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-08-24  Darin Adler  <darin@apple.com>

        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::put): Landed revised version I had tested but forgot
        to land. Leave out the branch, since we don't need one.

2009-08-24  Darin Adler  <darin@apple.com>

        Reviewed by Geoff Garen.

        Array index miss case creates a string every time
        https://bugs.webkit.org/show_bug.cgi?id=28664

        SunSpider test results I saw:

            0.5% faster overall
            1% faster on crypto-aes
            20% faster on crypto-md5
            13% faster on crypto-sha1

        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype): Initialize m_hasNoPropertiesWithUInt32Names
        to true.
        (JSC::ObjectPrototype::put): Clearly m_hasNoPropertiesWithUInt32Names if the new
        property has a name that is the string form of a UInt32.
        (JSC::ObjectPrototype::getOwnPropertySlot): Don't call JSObject::getOwnPropertySlot
        if m_hasNoPropertiesWithUInt32Names is true, and it is highly likely to be true.

        * runtime/ObjectPrototype.h: Added declarations for the above.

2009-08-24  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed. Fix a typo in my distcheck build fix.

        * GNUmakefile.am:

2009-08-23  Gustavo Noronha Silva  <gns@gnome.org>

        Unreviewed build fix for make distcheck.

        * GNUmakefile.am: Added files required for the build.

2009-08-22  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Mark Rowe.

        REGRESSION(r47639-r47660): Webkit crashes on launch on PowerPC
        https://bugs.webkit.org/show_bug.cgi?id=28655

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction): Initialize properly with a VPtrHackExecutable.
        * wtf/Platform.h:

2009-08-22  Darin Adler  <darin@apple.com>

        Fix storage leak from syntax tree arena allocation patch.

        * parser/Nodes.h: CommaNode needs to inherit from ParserArenaDeletable
        because it has a vector.

2009-08-21  Darin Adler  <darin@apple.com>

        Fix Qt build.

        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::ScopeNodeData): Made non-inline again.
        This is used outside Nodes.cpp so can't be inline unless
        it is in the header.

2009-08-21  Darin Adler  <darin@apple.com>

        Two loose ends from the last commit.

        * JavaScriptCore.xcodeproj/project.pbxproj: Made ParserArena.h
        and create_hash_table project-internal instead of "private".
        * runtime/Executable.h: Removed accidentally-added constructor.

2009-08-21  Darin Adler  <darin@apple.com>

        Reviewed by Gavin Barraclough.

        Syntax tree nodes should use arena allocation
        https://bugs.webkit.org/show_bug.cgi?id=25674

        Use an actual arena now. 0.6% speedup on SunSpider.

        New and improved with 100% less leaking of the universe.

        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        Removed all exports involving the class FunctionBodyNode, which no
        longer needs to be used outside JavaScriptCore.

        * JavaScriptCore.xcodeproj/project.pbxproj: Made Nodes.h and
        Executable.h project-internal instead of "private".

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator): Updated since VarStack
        contains const Identifier* now.

        * parser/Grammar.y: Made identifiers from the lexer be const
        Identifier* and updated since VarStack contains const Identifier* now.

        * parser/Lexer.cpp:
        (JSC::Lexer::setCode): Pass in ParserArena, used for identifiers.
        (JSC::Lexer::makeIdentifier): Changed return type to const Identifier*
        and changed to call ParserArena.
        (JSC::Lexer::clear): Removed the code to manage m_identifiers and
        added code to set m_arena to 0.
        * parser/Lexer.h: Updated for changes above.

        * parser/NodeConstructors.h:
        (JSC::ParserArenaFreeable::operator new): Added. Calls allocateFreeable
        on the arena.
        (JSC::ParserArenaDeletable::operator new): Changed to call the
        allocateDeletable function on the arena instead of deleteWithArena.
        (JSC::PropertyNode::PropertyNode): Added new constructor that makes
        numeric identifiers. Some day we might want to optimize this for
        integers so it doesn't create a string for each one.
        (JSC::ContinueNode::ContinueNode): Initialize m_ident to nullIdentifier
        since it's now a const Identifier& so it can't be left uninitialized.
        (JSC::BreakNode::BreakNode): Ditto.
        (JSC::CaseClauseNode::CaseClauseNode): Updated to use SourceElements*
        to keep track of the statements rather than a separate statement vector.
        (JSC::BlockNode::BlockNode): Ditto.
        (JSC::ForInNode::ForInNode): Initialize m_ident to nullIdentifier.

        * parser/Nodes.cpp: Moved the comment explaining emitBytecode in here.
        It seemed strangely out of place in the header.
        (JSC::ThrowableExpressionData::emitThrowError): Added an overload for
        UString as well as Identifier.
        (JSC::SourceElements::singleStatement): Added.
        (JSC::SourceElements::lastStatement): Added.
        (JSC::RegExpNode::emitBytecode): Changed the throwError code to use
        the substitution mechanism instead of doing a string append.
        (JSC::SourceElements::emitBytecode): Added. Replaces the old
        statementListEmitCode function, since we now keep the SourceElements
        objects around.
        (JSC::BlockNode::lastStatement): Added.
        (JSC::BlockNode::emitBytecode): Changed to use emitBytecode instead of
        statementListEmitCode.
        (JSC::CaseClauseNode::emitBytecode): Added.
        (JSC::CaseBlockNode::emitBytecodeForBlock): Changed to use emitBytecode
        instead of statementListEmitCode.
        (JSC::ScopeNodeData::ScopeNodeData): Changed to store the
        SourceElements* instead of using releaseContentsIntoVector.
        (JSC::ScopeNode::emitStatementsBytecode): Added.
        (JSC::ScopeNode::singleStatement): Added.
        (JSC::ProgramNode::emitBytecode): Call emitStatementsBytecode instead
        of statementListEmitCode.
        (JSC::EvalNode::emitBytecode): Ditto.
        (JSC::FunctionBodyNode::emitBytecode): Call emitStatementsBytecode
        insetad of statementListEmitCode and check for the return node using
        the new functions.

        * parser/Nodes.h: Changed VarStack to store const Identifier* instead
        of Identifier and rely on the arena to control lifetime. Added a new
        ParserArenaFreeable class. Made ParserArenaDeletable inherit from
        FastAllocBase instead of having its own operator new. Base the Node
        class on ParserArenaFreeable. Changed the various Node classes
        to use const Identifier& instead of Identifier to avoid the need to
        call their destructors and allow them to function as "freeable" in the
        arena. Removed extraneous JSC_FAST_CALL on definitions of inline functions.
        Changed ElementNode, PropertyNode, ArgumentsNode, ParameterNode,
        CaseClauseNode, ClauseListNode, and CaseBlockNode to use ParserArenaFreeable
        as a base class since they do not descend from Node. Eliminated the
        StatementVector type and instead have various classes use SourceElements*
        instead of StatementVector. This prevents those classes from having to
        use ParserArenaDeletable to make sure the vector destructor is called.

        * parser/Parser.cpp:
        (JSC::Parser::parse): Pass the arena to the lexer.

        * parser/Parser.h: Added an include of ParserArena.h, which is no longer
        included by Nodes.h.
        (JSC::Parser::parseFunctionFromGlobalCode): Changed to use the
        singleStatement function, since there is no longer any children function.
        Removed some unneeded use of RefPtr.

        * parser/ParserArena.cpp:
        (JSC::ParserArena::ParserArena): Added. Initializes the new members,
        m_freeableMemory, m_freeablePoolEnd, and m_identifiers.
        (JSC::ParserArena::freeablePool): Added. Computes the pool pointer,
        since we store only the current pointer and the end of pool pointer.
        (JSC::ParserArena::deallocateObjects): Added. Contains the common
        memory-deallocation logic used by both the destructor and the
        reset function.
        (JSC::ParserArena::~ParserArena): Changed to call deallocateObjects.
        (JSC::ParserArena::reset): Ditto. Also added code to zero out the
        new structures, and switched to use clear() instead of shrink(0) since
        we don't really reuse arenas.
        (JSC::ParserArena::makeNumericIdentifier): Added.
        (JSC::ParserArena::allocateFreeablePool): Added. Used when the pool
        is empty.
        (JSC::ParserArena::isEmpty): Added. No longer inline, which is fine
        since this is used only for assertions at the moment.
        (JSC::ParserArena::derefWithArena): Make non-inline.

        * parser/ParserArena.h: Added an actual arena of "freeable" objects,
        ones that don't need destructors to be called. Also added a separate
        IdentifierArena object, a segmented vector of identifiers that used
        to be in the Lexer.

        * runtime/Executable.h: Moved the definition of the
        FunctionExecutable::make function here. It can't go in JSFunction.h
        since that header has to be used outside JavaScriptCore and so can't
        include this, which includes Nodes.h. The function could be moved
        elswhere if we don't want to include JSFunction.h in this header, but
        for now this seems to be the best place.

        * runtime/JSFunction.h: Removed the include of Executable.h and
        definition of the FunctionExecutable::make function.

        * wtf/FastMalloc.cpp: Fixed an incorrect comment.

2009-08-21  Mark Rowe  <mrowe@apple.com>

        Fix the non-JIT build.

        * runtime/Executable.cpp:
        * runtime/Executable.h:

2009-08-21  Gavin Barraclough  <barraclough@apple.com>

        Speculative QuickTime build fix.

        * runtime/JSArray.cpp:

2009-08-21  Gavin Barraclough  <barraclough@apple.com>

        Speculative QT build fix.

        * runtime/StringPrototype.cpp:

2009-08-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Restructure Executable types so that host functions do not hold a FunctionExecutable.
        https://bugs.webkit.org/show_bug.cgi?id=28621

        All JSFunction objects have a pointer to an Executable*.  This is currently always a
        FunctionExecutable, however this has a couple of drawbacks.  Host functions do not
        store a range of information that the FunctionExecutable provides (source, name,
        CodeBlock & information presently held on the FunctionBodyNode). 

        [ * nearly all... see below! ]

        Instead, make JSFunctions hold a pointer to an ExecutableBase, move fields specific
        to JS sourced executable types (source, node) into a new subclass (ScriptExecutable),
        and create a new NativeExecutable type.  We now provide a new method in JSFunction
        to access & downcast to FunctionExecutable, but in doing so we can make an early
        check (with an ASSERT) to ensure that the Executable read from a function will only
        be treated as a FunctionExecutable (and thus the JS sepcific fields will only be
        accessed) if the JSFunction is not a host function.

        There is one JSFunction that currently does not have an Executable, which is the
        object created to allow us to read out the vtable pointer.  By making this change
        we can also add a new Executable type fror this object (VPtrHackExecutable).
        Since this means that really all JSFunctions have an Executable we no longer have
        to null-check m_executable before us it - particularly in isHostFunction().

        This patch removes CacheableEvalExecutable, since all subclasses of ExecutableBase
        can now be ref-counted - since both JSFunction holds (and ref-counts) an ExecutableBase
        that might be a FunctionExecutable or a NativeExecutable.  This does now mean that all
        ProgramExecutables and EvalExecutables (unnecessarily) provide an interface to be
        ref-counted, however this seems less-bad than host functions unnecessarily providing
        interface to access non-host specific information.

        The class hierarcy has changed from this:
        
        - ExecutableBase
            - ProgramExecutable
            - EvalExecutable
                - CacheableEvalExecutable (also RefCounted by multiple-inheritance)
            - FunctionExecutable (also RefCounted by multiple-inheritance, 'special' FunctionExecutable also used for host functions)

        To this:
        
        - RefCounted
            - ExecutableBase
                - NativeExecutable
                - VPtrHackExecutable
                - ScriptExecutable
                    - ProgramExecutable
                    - EvalExecutable
                    - FunctionExecutable

        This patch speeds up sunspidey by a couple of ms (presumably due to the changes to isHostFunction()).

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::ownerExecutable):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::privateExecute):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * profiler/Profiler.cpp:
        (JSC::createCallIdentifierFromFunctionImp):
        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        (JSC::Arguments::Arguments):
        * runtime/Executable.cpp:
        (JSC::NativeExecutable::~NativeExecutable):
        (JSC::VPtrHackExecutable::~VPtrHackExecutable):
        * runtime/Executable.h:
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::ExecutableBase::~ExecutableBase):
        (JSC::ExecutableBase::isHostFunction):
        (JSC::NativeExecutable::NativeExecutable):
        (JSC::VPtrHackExecutable::VPtrHackExecutable):
        (JSC::ScriptExecutable::ScriptExecutable):
        (JSC::ScriptExecutable::source):
        (JSC::ScriptExecutable::sourceID):
        (JSC::ScriptExecutable::sourceURL):
        (JSC::ScriptExecutable::lineNo):
        (JSC::ScriptExecutable::lastLine):
        (JSC::ScriptExecutable::usesEval):
        (JSC::ScriptExecutable::usesArguments):
        (JSC::ScriptExecutable::needsActivation):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::EvalExecutable::create):
        (JSC::ProgramExecutable::ProgramExecutable):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::markChildren):
        (JSC::JSFunction::getCallData):
        (JSC::JSFunction::call):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getConstructData):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::executable):
        (JSC::JSFunction::jsExecutable):
        (JSC::JSFunction::isHostFunction):

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Browser hangs on opening Web Inspector.
        https://bugs.webkit.org/show_bug.cgi?id=28438

        Code generation needs to be able to walk the entire scopechain in some
        cases, however the symbol table used by activations was a member of the
        codeblock.  Following recompilation this may no longer exist, leading
        to a crash or hang on lookup.

        We fix this by introducing a refcounted SymbolTable subclass, SharedSymbolTable,
        for the CodeBlocks used by function code.  This allows activations to
        maintain ownership of a copy of the symbol table even after recompilation so
        they can continue to work.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::symbolTable):
        (JSC::CodeBlock::sharedSymbolTable):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        (JSC::FunctionCodeBlock::~FunctionCodeBlock):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::retrieveArguments):
        * runtime/Executable.cpp:
        (JSC::EvalExecutable::generateBytecode):
        (JSC::FunctionExecutable::generateBytecode):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        (JSC::JSActivation::JSActivationData::~JSActivationData):
        * runtime/SymbolTable.h:

2009-08-20  Xan Lopez  <xlopez@igalia.com>

        Add new file to GTK+ build.

        * GNUmakefile.am:

2009-08-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.

        Added a number => string cache.
        
        1.07x faster on v8 (1.7x faster on v8-splay).
        1.004x faster on SunSpider.

        * runtime/JSCell.h: Moved JSValue::toString to JSString.h.
        * runtime/JSGlobalData.h: Holds the cache.
        * runtime/JSNumberCell.cpp:
        (JSC::JSNumberCell::toString):
        (JSC::JSNumberCell::toThisString): Removed -0 special case.
        UString handles this now, since too many clients were
        special-casing it.

        * runtime/JSString.h:
        (JSC::JSValue::toString): Use the cache when converting
        an int or double to string.

        * runtime/Operations.h:
        (JSC::concatenateStrings): Call toString to take advantage
        of the cache.

        * runtime/SmallStrings.h:
        (JSC::NumericStrings::add):
        (JSC::NumericStrings::lookup): The cache.

        * runtime/UString.cpp:
        (JSC::UString::from): Added -0 special case mentioned above.
        Removed appendNumeric because it's mutually exclusive with the
        cache.

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION: fast/profiler/call.html is crashing occasionally
        https://bugs.webkit.org/show_bug.cgi?id=28476

        Using the codeblock for information about how many parameters and
        locals a function has is unsafe in certain circumstances.  The
        basic scenario is all function code being cleared in response to
        the debugger or profiler being enabled, and then an activation is
        marked before its associated function is re-executed.

        To deal with this scenario we store the variable count of a function
        directly in the FunctionExecutable, and then use that information.

        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::generateBytecode):
        * runtime/Executable.h:
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::variableCount):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::markChildren):

2009-08-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Numbering of arguments to emitGetJITStubArg/emitPutJITStubArg incorrect
        <bug lost in the great bug disasteroony of 08/20/09!>

        The argumentNumber argument to emitGetJITStubArg/emitPutJITStubArg should match
        the argument number used within the stub functions in JITStubs.cpp, but it doesn't.

        Firstly, all the numbers changed when we added a void* 'reserved' as the first slot
        (rather than leaving argument 0 unused), and secondly in 32_64 builds the index to
        peek/poke needs to be multiplies by 2 (since the argument to peek/poke is a number
        of machine words, and on 32_64 build the argument slots to stub functions are two
        words wide).

        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArg):
        (JSC::JIT::emitPutJITStubArgConstant):
        (JSC::JIT::emitGetJITStubArg):
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        REGRESSION: significant slowdown on Celtic Kane "AJAX declaration" subtest
        https://bugs.webkit.org/show_bug.cgi?id=28332

        Follow up style fixes that were missed in review.

        * runtime/Structure.cpp:
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::Structure::get):
        (JSC::StructureTransitionTable::contains):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTable::add):

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Add new exports to windows jsc build

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        REGRESSION: significant slowdown on Celtic Kane "AJAX declaration" subtest
        https://bugs.webkit.org/show_bug.cgi?id=28332

        The method check optimisation made transitions aware of the value being
        assigned when a transition was assigning a function.  This had the side
        effect of making every assignment of a function expression result in a
        new transition, and thus a new Structure.  The net result of this is that
        the common JS idiom of

            function MyObject() {
                this.myFunction = function(...){...};
            }
            new MyObject();

        Will produce a unique structure on every iteration, meaning that all
        caching is defeated and there is a significant amount of structure churn.

        The fix is to return the transition to its original form where it is
        keyed off a property name + attributes tuple, but have each transition
        support an optional transition on a specific value.

        * JavaScriptCore.exp:
        * runtime/JSObject.h:
        (JSC::JSObject::putDirectInternal):
        * runtime/Structure.cpp:
        (JSC::Structure::~Structure):
        (JSC::Structure::addPropertyTransitionToExistingStructure):
        (JSC::Structure::addPropertyTransition):
        (JSC::Structure::hasTransition):
        * runtime/Structure.h:
        (JSC::Structure::transitionedFor):
        (JSC::Structure::hasTransition):
        (JSC::Structure::):
        (JSC::StructureTransitionTable::contains):
        (JSC::StructureTransitionTable::get):
        * runtime/StructureTransitionTable.h:
        (JSC::StructureTransitionTableHashTraits::emptyValue):
        (JSC::StructureTransitionTable::hasTransition):
        (JSC::StructureTransitionTable::remove):
        (JSC::StructureTransitionTable::add):

2009-08-20  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Remove FunctionCodeBlock.
        https://bugs.webkit.org/show_bug.cgi?id=28502

        These only exist to allow JIT code to dereference properties off the
        CodeBlock for any callee, regardless of whether it is a host function.

        Instead just use the FunctionExecutable.  Copy the m_parameters field
        from the CodeBlock into the Executable, and use this to distinguish
        between host functions, functions that have been bytecompiled, and
        functions that have not.

        m_parameters is moved to ExecutableBase rather than FunctionExecutable
        so that (as a separate change) we can move make a separate class of
        executable for host code, which is not devived from FunctionExecutable
        (host code does not feature any of the properties that normal executable
        do and will provide, such as source, attributes, and a parsed name).

        1% win on v8 tests, 0.5% on sunspider.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::handlerForBytecodeOffset):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        (JSC::CodeBlock::functionRegisterForBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CodeBlock::source):
        (JSC::CodeBlock::sourceOffset):
        (JSC::CodeBlock::evalCodeCache):
        (JSC::CodeBlock::createRareDataIfNecessary):
        
            remove NativeCodeBlocks and the NativeCode code type.
        
        * jit/JIT.cpp:
        (JSC::JIT::linkCall):

            Revert to previous behaviour (as currently still commented!) that Hhost functions have a null codeblock.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):

            Bring the 32_64 & non-32_64 JITs into line with each other, callee in regT0.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):

            Rewrite call trampolines to not use the CodeBlock.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):

            Make call_JSFunction & call_arityCheck return the callee, don't expect to be passed the CodeBlock.

        * runtime/Executable.cpp:
        (JSC::FunctionExecutable::generateBytecode):
        (JSC::FunctionExecutable::recompile):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/Executable.h:
        (JSC::ExecutableBase::):
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::FunctionExecutable::isHostFunction):

            Add m_numParameters.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):

            Only call generatedBytecode() on JSFunctions non-host FunctionExecutables.

2009-08-20  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28054
       
        Use a helper function to work around winscw compiler forward declaration bug
        regarding templated classes.

        Add parenthesis around (PassRefPtr::*UnspecifiedBoolType) to make winscw compiler
        work with the default UnSpecifiedBoolType() operator, which removes the winscw
        specific bool cast hack.

        * wtf/PassRefPtr.h:
        (WTF::derefIfNotNull):
        (WTF::PassRefPtr::~PassRefPtr):

2009-08-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Gavin Barraclough.

        Change namespace ARM to ARMRegisters
        X86 to X86Registers to avoid conflict with macros
        https://bugs.webkit.org/show_bug.cgi?id=28428

        * assembler/ARMAssembler.cpp:
        * assembler/ARMAssembler.h:
        * assembler/ARMv7Assembler.h:
        * assembler/MacroAssemblerARM.h:
        * assembler/MacroAssemblerARMv7.h:
        * assembler/MacroAssemblerX86Common.h:
        * assembler/MacroAssemblerX86_64.h:
        * assembler/X86Assembler.h:
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * jit/JITInlineMethods.h:
        * jit/JITOpcodes.cpp:
        * wrec/WRECGenerator.cpp:
        * wrec/WRECGenerator.h:
        * yarr/RegexJIT.cpp:

2009-08-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Devirtualise marking
        https://bugs.webkit.org/show_bug.cgi?id=28294

        We actually need to mark the value in a number object if we're using the
        32bit number representation.

        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):

2009-08-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

         We probably shouldn't be keeping the AST for eval nodes around forevar.
        https://bugs.webkit.org/show_bug.cgi?id=28469

        EvalNodes don't destroyData() (delete their parser data) since they need to hold onto
        their varStack.  Copy a list of variable onto EvalCodeBlock, and this can go away.

        * bytecode/CodeBlock.h:
        (JSC::EvalCodeBlock::variable):
        (JSC::EvalCodeBlock::numVariables):
        (JSC::EvalCodeBlock::adoptVariables):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        * parser/Nodes.h:
        * runtime/Executable.cpp:
        (JSC::EvalExecutable::generateBytecode):
        * runtime/Executable.h:

2009-08-19  Jungshik Shin  <jshin@chromium.org>

        Reviewed by Darin Adler.

        http://bugs.webkit.org/show_bug.cgi?id=28441

        Fix a build issue with ICU 4.2 or later on Windows with Visual C++. 
        Instead of defining all isXXX and toupper/tolower as 
          WTF_Please_use_ASCIICType_instead_of_ctype_see_comment_in_ASCIICType_h,
        #define them to be different by prepending 'WTF_...ASCIIType_h' with
        the originial names like 'toupper_WTF_...ASCIIType_h'. 

        * wtf/DisallowCType.h:

2009-08-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Assigning a function to an object should always use the existing transition, even if the transition is not specialized
        https://bugs.webkit.org/show_bug.cgi?id=28442

        Check for an unspecialized transition as an alternative to always failing if specialisation does not match.

        * runtime/Structure.cpp:
        (JSC::Structure::addPropertyTransitionToExistingStructure):

2009-08-18  Dirk Schulze  <krit@webkit.org>

        Reviewed by Oliver Hunt.

        Added additional getter to ByteArray with an unsigned char as return.
        ByteArray can take unsigned char directly now.

        * wtf/ByteArray.h:
        (WTF::ByteArray::set):
        (WTF::ByteArray::get):

2009-08-18  Peter Kasting  <pkasting@google.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28415
        Set svn:eol-style CRLF on all .sln and .vcproj files that don't already
        have it.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        
2009-08-18  Xan Lopez  <xlopez@igalia.com>

        Try to fix the GTK+ build.

        * GNUmakefile.am:

2009-08-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        No, silly runtime, AST nodes are not for you.

        We still use AST nodes (ScopeNodes, particularly FunctionBodyNodes) within
        the runtime, which means that these nodes must be persisted outside of the
        arena, contain both parser & runtime data, etc.  This is all a bit of a mess.

        Move functionality into a new FunctionExecutable class.

        * API/JSCallbackFunction.cpp:
        * API/JSObjectRef.cpp:
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::markAggregate):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getBytecodeIndex):
        (JSC::CodeBlock::discardBytecode):
        (JSC::CodeBlock::instructionCount):
        (JSC::CodeBlock::getJITCode):
        (JSC::CodeBlock::executablePool):
        (JSC::CodeBlock::ownerExecutable):
        (JSC::CodeBlock::extractExceptionInfo):
        (JSC::CodeBlock::addFunctionDecl):
        (JSC::CodeBlock::functionDecl):
        (JSC::CodeBlock::numberOfFunctionDecls):
        (JSC::CodeBlock::addFunctionExpr):
        (JSC::CodeBlock::functionExpr):
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::EvalCodeBlock::EvalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        (JSC::NativeCodeBlock::NativeCodeBlock):
        * bytecode/EvalCodeCache.h:
        * bytecode/SamplingTool.cpp:
        (JSC::SamplingTool::doRun):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * interpreter/CachedCall.h:
        (JSC::CachedCall::CachedCall):
        * interpreter/CallFrameClosure.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::prepareForRepeatCall):
        (JSC::Interpreter::debug):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveLastCaller):
        * interpreter/Interpreter.h:
        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        * jit/JIT.h:
        (JSC::JIT::compile):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::emit_op_new_func):
        (JSC::JIT::emit_op_new_func_exp):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::reparseDataIfNecessary):
        * parser/Nodes.h:
        (JSC::EvalNode::partialDestroyData):
        * parser/Parser.h:
        * profiler/ProfileGenerator.cpp:
        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier):
        (JSC::createCallIdentifierFromFunctionImp):
        * runtime/Arguments.h:
        (JSC::Arguments::getArgumentsData):
        (JSC::Arguments::Arguments):
        (JSC::JSActivation::copyRegisters):
        * runtime/ArrayPrototype.cpp:
        (JSC::isNumericCompareFunction):
        * runtime/CallData.h:
        (JSC::):
        * runtime/Collector.cpp:
        (JSC::Heap::collect):
        * runtime/ConstructData.h:
        (JSC::):
        * runtime/ExceptionHelpers.cpp:
        (JSC::createUndefinedVariableError):
        (JSC::createInvalidParamError):
        (JSC::createNotAConstructorError):
        (JSC::createNotAFunctionError):
        (JSC::createNotAnObjectError):
        * runtime/Executable.cpp: Added.
        (JSC::EvalExecutable::generateBytecode):
        (JSC::ProgramExecutable::generateBytecode):
        (JSC::FunctionExecutable::generateBytecode):
        (JSC::EvalExecutable::generateJITCode):
        (JSC::ProgramExecutable::generateJITCode):
        (JSC::FunctionExecutable::generateJITCode):
        (JSC::FunctionExecutable::isHostFunction):
        (JSC::FunctionExecutable::markAggregate):
        (JSC::FunctionExecutable::reparseExceptionInfo):
        (JSC::EvalExecutable::reparseExceptionInfo):
        (JSC::FunctionExecutable::recompile):
        (JSC::FunctionExecutable::FunctionExecutable):
        * runtime/Executable.h:
        (JSC::ExecutableBase::~ExecutableBase):
        (JSC::ExecutableBase::ExecutableBase):
        (JSC::ExecutableBase::source):
        (JSC::ExecutableBase::sourceID):
        (JSC::ExecutableBase::lastLine):
        (JSC::ExecutableBase::usesEval):
        (JSC::ExecutableBase::usesArguments):
        (JSC::ExecutableBase::needsActivation):
        (JSC::ExecutableBase::astNode):
        (JSC::ExecutableBase::generatedJITCode):
        (JSC::ExecutableBase::getExecutablePool):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::EvalExecutable::bytecode):
        (JSC::EvalExecutable::varStack):
        (JSC::EvalExecutable::evalNode):
        (JSC::EvalExecutable::jitCode):
        (JSC::ProgramExecutable::ProgramExecutable):
        (JSC::ProgramExecutable::reparseExceptionInfo):
        (JSC::ProgramExecutable::bytecode):
        (JSC::ProgramExecutable::programNode):
        (JSC::ProgramExecutable::jitCode):
        (JSC::FunctionExecutable::FunctionExecutable):
        (JSC::FunctionExecutable::name):
        (JSC::FunctionExecutable::bytecode):
        (JSC::FunctionExecutable::generatedBytecode):
        (JSC::FunctionExecutable::usesEval):
        (JSC::FunctionExecutable::usesArguments):
        (JSC::FunctionExecutable::parameterCount):
        (JSC::FunctionExecutable::paramString):
        (JSC::FunctionExecutable::isGenerated):
        (JSC::FunctionExecutable::body):
        (JSC::FunctionExecutable::jitCode):
        (JSC::FunctionExecutable::createNativeThunk):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        (JSC::JSActivation::markChildren):
        (JSC::JSActivation::isDynamicScope):
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:
        (JSC::JSActivation::JSActivationData::JSActivationData):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::isHostFunction):
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::markChildren):
        (JSC::JSFunction::getCallData):
        (JSC::JSFunction::call):
        (JSC::JSFunction::lengthGetter):
        (JSC::JSFunction::getConstructData):
        (JSC::JSFunction::construct):
        * runtime/JSFunction.h:
        (JSC::JSFunction::executable):
        (JSC::FunctionExecutable::make):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        (JSC::JSGlobalData::numericCompareFunction):
        * runtime/JSGlobalData.h:

2009-08-17  Mark Rowe  <mrowe@apple.com>

        Reviewed by Darin Adler.

        Fix 300,000+ leaks seen during the regression tests.

        EvalCodeCache::get was heap-allocating an EvalExecutable instance without adopting the initial reference.
        While fixing this we noticed that EvalExecutable was a RefCounted type that was sometimes stack allocated.
        To make this cleaner and to prevent clients from attempting to ref a stack-allocated instance, we move the
        refcounting down to a new CacheableEvalExecutable class that derives from EvalExecutable. EvalCodeCache::get
        now uses CacheableEvalExecutable::create and avoids the leak.

        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        * runtime/Executable.h:
        (JSC::CacheableEvalExecutable::create):
        (JSC::CacheableEvalExecutable::CacheableEvalExecutable):

2009-08-17  Oliver Hunt  <oliver@apple.com>

        RS=Mark Rowe.

        REGRESSION (r47292): Prototype.js is broken by ES5 Arguments changes
        https://bugs.webkit.org/show_bug.cgi?id=28341
        <rdar://problem/7145615>

        Reverting r47292.  Alas Prototype.js breaks with Arguments inheriting
        from Array as ES5 attempted.  Prototype.js defines $A in terms of a 
        function it places on (among other global objects) the Array prototype,
        thus breaking $A for arrays.

        * runtime/Arguments.h:
        (JSC::Arguments::Arguments):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * tests/mozilla/ecma_3/Function/arguments-001.js:

2009-08-17  Peter Kasting  <pkasting@google.com>

        Reviewed by Steve Falkenburg.

        https://bugs.webkit.org/show_bug.cgi?id=27323
        Only add Cygwin to the path when it isn't already there.  This avoids
        causing problems for people who purposefully have non-Cygwin versions of
        executables like svn in front of the Cygwin ones in their paths.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-08-17  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Mark Rowe.

        Fix build with FAST_MALLOC_MATCH_VALIDATION enabled.

        * wtf/FastMalloc.cpp:
        (WTF::fastMalloc):
        (WTF::fastCalloc):
        (WTF::fastRealloc):

2009-08-16  Holger Hans Peter Freyther  <zecke@selfish.org>

        Reviewed by Mark Rowe.

        Fix crash on ./ecma_2/RegExp/exec-002.js.
        https://bugs.webkit.org/show_bug.cgi?id=28353

        Change the order of freeParenthesesDisjunctionContext and
        popParenthesesDisjunctionContext on all call sites as the pop
        method is accessing backTrack->lastContext which is the context
        that is about to be freed.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::parenthesesDoBacktrack):
        (JSC::Yarr::Interpreter::backtrackParentheses):

2009-08-16  Holger Hans Peter Freyther  <zecke@selfish.org>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=28352

        Fix coding style violations. Use m_ for C++ class members. Remove
        trailing whitespace on empty lines.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::ParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::tryConsumeCharacter):
        (JSC::Yarr::Interpreter::tryConsumeBackReference):
        (JSC::Yarr::Interpreter::parenthesesDoBacktrack):
        (JSC::Yarr::Interpreter::backtrackParentheses):
        (JSC::Yarr::ByteCompiler::ByteCompiler):
        (JSC::Yarr::ByteCompiler::compile):
        (JSC::Yarr::ByteCompiler::checkInput):
        (JSC::Yarr::ByteCompiler::assertionBOL):
        (JSC::Yarr::ByteCompiler::assertionEOL):
        (JSC::Yarr::ByteCompiler::assertionWordBoundary):
        (JSC::Yarr::ByteCompiler::atomPatternCharacter):
        (JSC::Yarr::ByteCompiler::atomCharacterClass):
        (JSC::Yarr::ByteCompiler::atomBackReference):
        (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
        (JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
        (JSC::Yarr::ByteCompiler::popParenthesesStack):
        (JSC::Yarr::ByteCompiler::closeAlternative):
        (JSC::Yarr::ByteCompiler::closeBodyAlternative):
        (JSC::Yarr::ByteCompiler::atomParenthesesEnd):
        (JSC::Yarr::ByteCompiler::regexBegin):
        (JSC::Yarr::ByteCompiler::alterantiveBodyDisjunction):
        (JSC::Yarr::ByteCompiler::alterantiveDisjunction):
        (JSC::Yarr::ByteCompiler::emitDisjunction):

2009-08-15  Mark Rowe  <mrowe@apple.com>

        Fix the build with JIT disabled.

        * runtime/Arguments.h: Only compile the jitCode method when the JIT is enabled.
        * runtime/Executable.h: Include PrototypeFunction.h so the compiler knows what
        NativeFunctionWrapper is when the JIT is disabled.

2009-08-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        Reviewed by Sam Weinig.

        Added ENABLE_EVENTSOURCE flag.
        https://bugs.webkit.org/show_bug.cgi?id=14997

        * Configurations/FeatureDefines.xcconfig:

2009-08-14  Gavin Barraclough  <barraclough@apple.com>

        * parser/Parser.h:
        (JSC::EvalExecutable::parse):
        (JSC::ProgramExecutable::parse):
        * runtime/Executable.h:

2009-08-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Remove AST nodes from use within the Runtime (outside of parsing), stage 1
        https://bugs.webkit.org/show_bug.cgi?id=28330

        Remove the EvalNode and ProgramNode from use in the runtime.  They still exist
        after this patch, but are hidden behind EvalExecutable and FunctionExecutable,
        and are also still reachable behind CodeBlock::m_ownerNode.

        The next step will be to beat back FunctionBodyNode in the same fashion.
        Then remove the usage via CodeBlock, then only construct these nodes only on
        demand during bytecode generation.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.h:
        (JSC::GlobalCodeBlock::GlobalCodeBlock):
        (JSC::GlobalCodeBlock::~GlobalCodeBlock):
        (JSC::ProgramCodeBlock::ProgramCodeBlock):
        (JSC::EvalCodeBlock::EvalCodeBlock):
        (JSC::FunctionCodeBlock::FunctionCodeBlock):
        (JSC::NativeCodeBlock::NativeCodeBlock):
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::get):
        * debugger/Debugger.cpp:
        (JSC::evaluateInGlobalCallFrame):
        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::evaluate):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        (JSC::Interpreter::execute):
        * interpreter/Interpreter.h:
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::generateBytecode):
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):
        * parser/Parser.h:
        (JSC::Parser::parse):
        (JSC::Parser::reparse):
        (JSC::Parser::parseFunctionFromGlobalCode):
        (JSC::::parse):
        * runtime/Completion.cpp:
        (JSC::checkSyntax):
        (JSC::evaluate):
        * runtime/Error.cpp:
        (JSC::throwError):
        * runtime/Error.h:
        * runtime/Executable.h: Added.
        (JSC::TemplateExecutable::TemplateExecutable):
        (JSC::TemplateExecutable::markAggregate):
        (JSC::TemplateExecutable::sourceURL):
        (JSC::TemplateExecutable::lineNo):
        (JSC::TemplateExecutable::bytecode):
        (JSC::TemplateExecutable::jitCode):
        (JSC::EvalExecutable::EvalExecutable):
        (JSC::ProgramExecutable::ProgramExecutable):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructFunction):
        * runtime/FunctionConstructor.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::numericCompareFunction):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::~JSGlobalObject):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::codeBlocks):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):

2009-08-14  Darin Adler  <darin@apple.com>

        Reviewed by Sam Weinig.

        Rename the confusing isObject(<class>) to inherits(<class>).
        It still works on non-objects, returning false.

        * runtime/ArrayConstructor.cpp:
        (JSC::arrayConstructorIsArray): Removed unneeded isObject call
        and updated remaining isObject call to new name, inherits.

        * runtime/JSCell.h: Renamed isObject(<class>) to inherits(<class>)
        but more importantly, made it non-virtual (it was already inline)
        so it is now as fast as JSObject::inherits was.

        * runtime/JSObject.h: Removed inherits function since the one
        in the base class is fine as-is. Also made various JSCell functions
        that should not be called on JSObject uncallable by making them
        both private and not implemented.
        (JSC::JSCell::inherits): Updated name.
        (JSC::JSValue::inherits): Ditto.

        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncToString):
        (JSC::arrayProtoFuncToLocaleString):
        (JSC::arrayProtoFuncConcat):
        * runtime/BooleanPrototype.cpp:
        (JSC::booleanProtoFuncToString):
        (JSC::booleanProtoFuncValueOf):
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToString):
        (JSC::dateProtoFuncToUTCString):
        (JSC::dateProtoFuncToISOString):
        (JSC::dateProtoFuncToDateString):
        (JSC::dateProtoFuncToTimeString):
        (JSC::dateProtoFuncToLocaleString):
        (JSC::dateProtoFuncToLocaleDateString):
        (JSC::dateProtoFuncToLocaleTimeString):
        (JSC::dateProtoFuncGetTime):
        (JSC::dateProtoFuncGetFullYear):
        (JSC::dateProtoFuncGetUTCFullYear):
        (JSC::dateProtoFuncToGMTString):
        (JSC::dateProtoFuncGetMonth):
        (JSC::dateProtoFuncGetUTCMonth):
        (JSC::dateProtoFuncGetDate):
        (JSC::dateProtoFuncGetUTCDate):
        (JSC::dateProtoFuncGetDay):
        (JSC::dateProtoFuncGetUTCDay):
        (JSC::dateProtoFuncGetHours):
        (JSC::dateProtoFuncGetUTCHours):
        (JSC::dateProtoFuncGetMinutes):
        (JSC::dateProtoFuncGetUTCMinutes):
        (JSC::dateProtoFuncGetSeconds):
        (JSC::dateProtoFuncGetUTCSeconds):
        (JSC::dateProtoFuncGetMilliSeconds):
        (JSC::dateProtoFuncGetUTCMilliseconds):
        (JSC::dateProtoFuncGetTimezoneOffset):
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        (JSC::dateProtoFuncGetYear):
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSValue.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        * runtime/RegExpPrototype.cpp:
        (JSC::regExpProtoFuncTest):
        (JSC::regExpProtoFuncExec):
        (JSC::regExpProtoFuncCompile):
        (JSC::regExpProtoFuncToString):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChain::localDepth):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncReplace):
        (JSC::stringProtoFuncToString):
        (JSC::stringProtoFuncMatch):
        (JSC::stringProtoFuncSearch):
        (JSC::stringProtoFuncSplit):
        Updated to new name, inherits, from old name, isObject.

2009-07-31  Harald Fernengel  <harald.fernengel@nokia.com>

        Reviewed by Simon Hausmann.

        Adding QNX as a platform. Currently only tested with Qt.

        https://bugs.webkit.org/show_bug.cgi?id=27885

        * JavaScriptCore/runtime/Collector.cpp: Added retrieving of stack base
          since QNX doesn't have the pthread _nt functions
        * JavaScriptCore/wtf/Platform.h: Added WTF_PLATFORM_QNX and corresponding
          defines
        * WebCore/bridge/npapi.h: Build fix for missing typedefs on QNX

2009-08-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Currently generic ARM and ARMv7 platforms work only with JSVALUE32
        https://bugs.webkit.org/show_bug.cgi?id=28300

        * wtf/Platform.h:

2009-08-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Enable JIT on ARM for QT by default
        https://bugs.webkit.org/show_bug.cgi?id=28259

        * wtf/Platform.h:

2009-08-14  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Enable YARR_JIT on ARM for QT by default
        https://bugs.webkit.org/show_bug.cgi?id=28259

        * wtf/Platform.h:

2009-08-14  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        [ES5] Arguments object should inherit from Array
        https://bugs.webkit.org/show_bug.cgi?id=28298

        Make the Arguments object conform to the behaviour specified in ES5.
        The simple portion of this is to make Arguments use Array.prototype
        as its prototype rather than Object.prototype.

        The spec then requires us to set instance.constructor to the pristine
        Object constructor, and instance.toString and instance.toLocaleString
        to the pristine versions from Object.prototype.  To do this we now 
        make the ObjectPrototype constructor return its toString and
        toLocaleString functions (similar to the call and apply functions
        from FunctionPrototype).

        Oddly enough this reports itself as a slight win, but given the code
        isn't hit in the tests that claim to have improved I put this down to
        code motion.

        * runtime/Arguments.h:
        (JSC::Arguments::Arguments):
        (JSC::Arguments::initializeStandardProperties):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::objectConstructor):
        (JSC::JSGlobalObject::objectToStringFunction):
        (JSC::JSGlobalObject::objectToLocaleStringFunction):
        * runtime/ObjectPrototype.cpp:
        (JSC::ObjectPrototype::ObjectPrototype):
        * runtime/ObjectPrototype.h:
        * tests/mozilla/ecma_3/Function/arguments-001.js:
          Update test to new es5 behaviour

2009-08-14  Oliver Hunt  <oliver@apple.com>

        Remove MarkStack::drain from the JSC exports file

        MarkStack::drain is now marked inline, the including it in the exports file
        produces an ld warning

        * JavaScriptCore.exp:

2009-08-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Remove accidentally left in debugging statement.

        * runtime/JSArray.h:
        (JSC::MarkStack::drain):

2009-08-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        [ES5] Implement Array.isArray
        https://bugs.webkit.org/show_bug.cgi?id=28296

        Add support for Array.isArray to the Array constructor

        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        (JSC::arrayConstructorIsArray):
        * runtime/ArrayConstructor.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSArray.h:
        (JSC::MarkStack::drain):
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):

2009-08-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Buildfix).

        Attempt to fix windows build

        * runtime/Collector.cpp:

2009-08-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Devirtualise marking
        https://bugs.webkit.org/show_bug.cgi?id=28294

        Add a bit to TypeInfo to indicate that an object uses the standard
        JSObject::markChildren method.  This allows us to devirtualise marking
        of most objects (though a branch is still needed).  We also add a branch
        to identify arrays thus devirtualising marking in that case as well.

        In order to make the best use of this devirtualisation I've also reworked
        the MarkStack::drain() logic to make the iteration more efficient.

        * API/JSCallbackConstructor.h:
        (JSC::JSCallbackConstructor::createStructure):
        * API/JSCallbackFunction.h:
        (JSC::JSCallbackFunction::createStructure):
        * JavaScriptCore.exp:
        * runtime/BooleanObject.h:
        (JSC::BooleanObject::createStructure):
        * runtime/FunctionPrototype.h:
        (JSC::FunctionPrototype::createStructure):
        * runtime/InternalFunction.h:
        (JSC::InternalFunction::createStructure):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        * runtime/JSArray.cpp:
        (JSC::JSArray::markChildren):
        * runtime/JSArray.h:
        (JSC::JSArray::markChildrenDirect):
        (JSC::MarkStack::drain):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::createStructure):
        * runtime/JSCell.h:
        (JSC::MarkStack::append):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSNumberCell.h:
        (JSC::JSNumberCell::createStructure):
        * runtime/JSONObject.h:
        (JSC::JSONObject::createStructure):
        * runtime/JSObject.cpp:
        (JSC::JSObject::markChildren):
        * runtime/JSObject.h:
        (JSC::JSObject::markChildrenDirect):
        (JSC::JSObject::createStructure):
        * runtime/JSString.h:
        (JSC::JSString::createStructure):
        * runtime/JSType.h:
        (JSC::):
        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStack):
        (JSC::MarkStack::MarkSet::MarkSet):
        (JSC::MarkStack::MarkStackArray::last):
        * runtime/MathObject.h:
        (JSC::MathObject::createStructure):
        * runtime/NumberConstructor.h:
        (JSC::NumberConstructor::createStructure):
        * runtime/NumberObject.h:
        (JSC::NumberObject::createStructure):
        * runtime/RegExpConstructor.h:
        (JSC::RegExpConstructor::createStructure):
        * runtime/RegExpObject.h:
        (JSC::RegExpObject::createStructure):
        * runtime/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
        * runtime/TypeInfo.h:
        (JSC::TypeInfo::hasDefaultMark):

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by Mark Rowe.

        Some small bits of housekeeping.

        * JavaScriptCore.xcodeproj/project.pbxproj: Make Parser.h
        project instead of private. Remove JSONObject.lut.h.

        * assembler/ARMAssembler.h: Remove unneeded WTF prefix.
        * assembler/AssemblerBufferWithConstantPool.h: Ditto.
        * bytecompiler/BytecodeGenerator.h: Ditto.

        * wtf/SegmentedVector.h: Add a "using" statement as we do
        with the other WTF headers.

2009-08-13  Darin Adler  <darin@apple.com>

        Fix Tiger build.

        * parser/Grammar.y: Use a template function so we can compile
        setStatementLocation even if it comes before YYLTYPE is defined.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Too much use of void* in Grammar.y
        https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Changed all the helper functions to
        take a JSGlobalData* instead of a void*. A couple formatting
        tweaks that I missed when breaking this into pieces.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Reduced and sorted includes. Tweaked comment
        format. Marked a few more functions inline.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Pass the number to the PropertyNode instead of
        first turning it into an Identifier.

        * parser/NodeConstructors.h:
        (JSC::PropertyNode::PropertyNode): Add an overload that takes a double
        so the code to convert to a string can be here instead of Grammar.y.
        * parser/Nodes.h: Ditto.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Eliminate the DBG macro.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        Another part of https://bugs.webkit.org/show_bug.cgi?id=28287

        * parser/Grammar.y: Eliminate the SET_EXCEPTION_LOCATION macro.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by George Staikos.

        George asked me to break the patch from
        https://bugs.webkit.org/show_bug.cgi?id=28287
        into smaller pieces and land it in stages.

        * parser/Grammar.y: Eliminate the LEXER macro.

2009-08-13  Mark Rowe  <mrowe@apple.com>

        Try some more to fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export a new symbol.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Ditto.

2009-08-13  Mark Rowe  <mrowe@apple.com>

        Try and fix the Windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export a new symbol.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Ditto.

2009-08-13  Darin Adler  <darin@apple.com>

        Reviewed by David Levin.

        JavaScriptCore tweaks to get ready for the parser arena
        https://bugs.webkit.org/show_bug.cgi?id=28243

        Eliminate dependencies on Nodes.h outside JavaScriptCore,
        and cut down on them inside JavaScriptCore.

        Change regular expression parsing to use identifiers as
        with other strings we parse.

        Fix a couple things that are needed to use const Identifier
        more, which will be part of the parser arena work.

        * JavaScriptCore.exp: Resorted and updated.

        * JavaScriptCore.xcodeproj/project.pbxproj: Changed
        CollectorHeapIterator.h to be project-internal.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitPushNewScope): Added const.
        * bytecompiler/BytecodeGenerator.h: Ditto.

        * debugger/Debugger.cpp:
        (JSC::Debugger::recompileAllJSFunctions): Moved this function
        here from WebCore. Here is better since it uses so many internals.
        Removed unimportant optimization for the no listener case.
        * debugger/Debugger.h: Ditto. Also removed unneeded include
        and tweaked formatting and comments.

        * debugger/DebuggerCallFrame.cpp:
        (JSC::DebuggerCallFrame::functionName): Call asFunction instead
        of doing the unchecked static_cast.
        (JSC::DebuggerCallFrame::calculatedFunctionName): Ditto.

        * jit/JITStubs.cpp:
        (JSC::op_call_JSFunction): Call isHostFunction on the body rather
        than on the JSFunction.
        (JSC::vm_lazyLinkCall): Ditto.
        (JSC::op_construct_JSConstruct): Ditto.

        * parser/Grammar.y: Changed callers to use new scanRegExp with
        out arguments instead of relying on state in the Lexer. And
        callers that just want to skip a regular expression to use
        skipRegExp.

        * parser/Lexer.cpp:
        (JSC::Lexer::scanRegExp): Changed to use out arguments, and to
        add a prefix argument so we can add in the "=" character as needed.
        Also rewrote to streamline the logic a bit inspired by suggestions
        by David Levin.
        (JSC::Lexer::skipRegExp): Added. Version of the function above that
        does not actually put the regular expression into a string.
        (JSC::Lexer::clear): Removed code to clear m_pattern and m_flags.
        * parser/Lexer.h: Changed scanRegExp to have out arguments. Added
        skipRegExp. Eliminated pattern, flags, m_pattern, and m_flags.

        * parser/NodeConstructors.h:
        (JSC::RegExpNode::RegExpNode): Changed to take const Identifier&.
        * parser/Nodes.cpp:
        (JSC::RegExpNode::emitBytecode): Changed since m_pattern and
        m_flags are now Identifier instead of UString.
        (JSC::FunctionBodyNode::make): Moved this function here instead
        of putting it in the JSFunction.h header.
        * parser/Nodes.h: Changed RegExpNode to use Identifier.

        * profiler/Profiler.cpp:
        (JSC::Profiler::createCallIdentifier): Changed to use isHostFunction
        on the body instead of on the JSFunction object.
        * runtime/FunctionPrototype.cpp:
        (JSC::functionProtoFuncToString): Ditto.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::isHostFunction): Moved here from header.
        (JSC::JSFunction::isHostFunctionNonInline): Added.
        (JSC::JSFunction::JSFunction): Removed unneeded initialization of
        m_body to 0.
        (JSC::JSFunction::setBody): Moved here from header.

        * runtime/JSFunction.h: Removed unneeded includes. Moved private
        constructor down to the private section. Made virtual functions
        private. Removed unneeded overload of setBody and moved the body
        of the function into the .cpp file. Changed assertions to use
        the non-inline version of isHostFunction.

        * runtime/PropertySlot.cpp:
        (JSC::PropertySlot::functionGetter): Use asFunction instead
        of doing the unchecked static_cast.

        * wtf/SegmentedVector.h:
        (WTF::SegmentedVector::isEmpty): Added.

2009-08-13  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Darin Adler.

        Use the version of operator new that takes a JSGlobalData when allocating FuncDeclNode and FuncExprNode
        from within the grammar to prevent these nodes from being leaked.

        * parser/Grammar.y:

2009-08-13  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Ariya Hidayat.

        Remove the special-case for Qt wrt JSVALUE_32 introduced in
        r46709. It must've been a dependency issue on the bot, as
        after a manual build all the tests pass on amd64 and ia32.

        * wtf/Platform.h:

2009-08-12  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add optimize call and property access support for ARM JIT.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        For tightly coupled sequences the BEGIN_UNINTERRUPTED_SEQUENCE and
        END_UNINTERRUPTED_SEQUENCE macros have been introduced which ensure
        space for instructions and constants of the named sequence. This
        method is vital for those architecture which are using constant pool.

        The 'latePatch' method - which was linked to JmpSrc - is replaced with
        a port specific solution (each calls are marked to place their address
        on the constant pool).

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::linkBranch):
        (JSC::ARMAssembler::executableCopy): Add extra align for constant pool.
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::JmpSrc::JmpSrc):
        (JSC::ARMAssembler::sizeOfConstantPool):
        (JSC::ARMAssembler::jmp):
        (JSC::ARMAssembler::linkCall):
        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        * assembler/AssemblerBufferWithConstantPool.h:
        (JSC::AssemblerBufferWithConstantPool::flushIfNoSpaceFor): Fix the
        computation of the remaining space.
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::branch32):
        (JSC::MacroAssemblerARM::nearCall):
        (JSC::MacroAssemblerARM::call):
        (JSC::MacroAssemblerARM::branchPtrWithPatch):
        (JSC::MacroAssemblerARM::ensureSpace):
        (JSC::MacroAssemblerARM::sizeOfConstantPool):
        (JSC::MacroAssemblerARM::prepareCall):
        * assembler/X86Assembler.h:
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::beginUninterruptedSequence):
        (JSC::JIT::endUninterruptedSequence):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::emit_op_put_by_id):

2009-08-12  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Dave Kilzer.

        Disable WTF_USE_JSVALUE32_64 on iPhone for now (support not yet added for ARMv7).

        * wtf/Platform.h:

2009-08-12  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Maciej Stachoviak.

        Ooops - moved code that had been accidentally added to op_new_func instead of
        op_new_func_exp, to where it shoulds be.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * wtf/Platform.h:

2009-08-12  Ada Chan  <adachan@apple.com>

        Added workaround for the limitation that VirtualFree with MEM_RELEASE
        can only accept the base address returned by VirtualAlloc when the region
        was reserved and it can only free the entire region, and not a part of it.

        Reviewed by Oliver Hunt.

        * runtime/MarkStack.h:
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackWin.cpp:
        (JSC::MarkStack::releaseStack):

2009-08-12  Balazs Kelemen  <kelemen.balazs.3@stud.u-szeged.hu>

        Reviewed by Ariya Hidayat.

        Build fix: use std::numeric_limits<long long>::min() instead of LLONG_MIN
        since LLONG_MIN is not defined in standard c++.

        * runtime/UString.cpp:
        (JSC::UString::from):

2009-08-12  Benjamin Otte  <otte@gnome.org>

        Reviewed by Jan Alonzo.

        Buildfix for Gtk platforms debug builds.

        * GNUmakefile.am: Choose MarkStackPosix.cpp or MarkStackWin.cpp
        depending on platform.

2009-08-12  Simon Hausmann  <simon.hausmann@nokia.com>

        Prospective build fix for Mac and 32-bit Windows.

        * runtime/UString.cpp: Include wtf/StringExtras.h for snprintf.
        (JSC::UString::from): Use %lld instead of %I64d for snprintf
        on non-windows platforms.

2009-08-12  Prasanth Ullattil  <prasanth.ullattil@nokia.com>

        Reviewed by Simon Hausmann.

        Fix compile error on 64Bit Windows, when UString::from
        is called with an intptr_t.

        Added new UString::From overload with long long parameter.

        Thanks to Holger for the long long idea.

        * runtime/UString.cpp:
        (JSC::UString::from):
        * runtime/UString.h:

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Mark Rowe.

        Minor style fixes.

        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        * wtf/FastMalloc.h:
        (WTF::TryMallocReturnValue::getValue):

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Make it harder to misuse try* allocation routines
        https://bugs.webkit.org/show_bug.cgi?id=27469

        Jump through a few hoops to make it much harder to accidentally
        miss null-checking of values returned by the try-* allocation
        routines.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::increaseVectorLength):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncLink):
        * runtime/UString.cpp:
        (JSC::allocChars):
        (JSC::reallocChars):
        (JSC::expandCapacity):
        (JSC::UString::Rep::reserveCapacity):
        (JSC::UString::expandPreCapacity):
        (JSC::createRep):
        (JSC::concatenate):
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        (JSC::UString::append):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        * wtf/FastMalloc.cpp:
        (WTF::tryFastZeroedMalloc):
        (WTF::tryFastMalloc):
        (WTF::tryFastCalloc):
        (WTF::tryFastRealloc):
        (WTF::TCMallocStats::tryFastMalloc):
        (WTF::TCMallocStats::tryFastCalloc):
        (WTF::TCMallocStats::tryFastRealloc):
        * wtf/FastMalloc.h:
        (WTF::TryMallocReturnValue::TryMallocReturnValue):
        (WTF::TryMallocReturnValue::~TryMallocReturnValue):
        (WTF::TryMallocReturnValue::operator PossiblyNull<T>):
        (WTF::TryMallocReturnValue::getValue):
        * wtf/Platform.h:
        * wtf/PossiblyNull.h: Added.
        (WTF::PossiblyNull::PossiblyNull):
        (WTF::PossiblyNull::~PossiblyNull):
        (WTF::::getValue):

2009-08-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix part deux).

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-11  Gavin Barraclough  <barraclough@apple.com>

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-11  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Restrict use of FuncDeclNode & FuncExprNode to the parser.
        https://bugs.webkit.org/show_bug.cgi?id=28209

        These objects were also being referenced from the CodeBlock.  By changing this
        to just retain pointers to FunctionBodyNodes these classes can be restricted to
        use during parsing.

        No performance impact (or sub-percent progression).

        * JavaScriptCore.exp:
            Update symbols.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::mark):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::addFunction):
        (JSC::CodeBlock::function):
            Unify m_functions & m_functionExpressions into a single Vector<RefPtr<FuncExprNode> >.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::addConstant):
        (JSC::BytecodeGenerator::emitNewFunction):
        (JSC::BytecodeGenerator::emitNewFunctionExpression):
        * bytecompiler/BytecodeGenerator.h:
            FunctionStacks now contain FunctionBodyNodes not FuncDeclNodes.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
            Update to reflect chnages in CodeBlock.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_func_exp):
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::):
            Update to reflect chnages in CodeBlock.

        * parser/Grammar.y:
            FunctionStacks now contain FunctionBodyNodes not FuncDeclNodes.

        * parser/NodeConstructors.h:
        (JSC::FuncExprNode::FuncExprNode):
        (JSC::FuncDeclNode::FuncDeclNode):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::mark):
        (JSC::FunctionBodyNode::finishParsing):
        * parser/Nodes.h:
        (JSC::FunctionBodyNode::ident):
            Move m_ident & make methods from FuncDeclNode & FuncExprNode to FunctionBodyNode.

        * runtime/JSFunction.h:
        (JSC::FunctionBodyNode::make):
            Make this method inline (was FuncDeclNode::makeFunction).

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Native JSON.stringify does not omit functions
        https://bugs.webkit.org/show_bug.cgi?id=28117

        Objects that are callable should be treated as undefined when
        serialising to JSON.

        * runtime/JSONObject.cpp:
        (JSC::Stringifier::appendStringifiedValue):

2009-08-11  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        REGRESSION: Hang/crash in BytecodeGenerator::constRegisterFor loading simple page
        https://bugs.webkit.org/show_bug.cgi?id=28169

        Handle the case where someone has attempted to shadow a property
        on the global object with a constant.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::constRegisterFor):
        * parser/Nodes.cpp:
        (JSC::ConstDeclNode::emitCodeSingle):

2009-08-11  John Gregg  <johnnyg@google.com>

        Reviewed by Maciej Stachowiak.

        Desktop Notifications API
        https://bugs.webkit.org/show_bug.cgi?id=25463

        Adds ENABLE_NOTIFICATION flag.

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-08-11  Maxime Simon  <simon.maxime@gmail.com>

        Reviewed by Eric Seidel.

        Modifications on JavaScriptCore to allow Haiku port.
        https://bugs.webkit.org/show_bug.cgi?id=28121

        * runtime/Collector.cpp: Haiku doesn't have sys/mman.h, using OS.h instead.
        (JSC::currentThreadStackBase): Haiku uses its own threading system.
        * wtf/Platform.h: Defining all Haiku platform values.
        * wtf/haiku/MainThreadHaiku.cpp: Adding a missing header (NotImplemented.h).

2009-08-11  Jessie Berlin  <jberlin@apple.com>

        Reviewed by Adam Roben.

        Fix windows build.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-11  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Tor Arne Vestbø.

        Buildfix for Qt-win platforms.

        * JavaScriptCore.pri: Choose MarkStackPosix.cpp or MarkStackWin.cpp depend on platform.

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (And another build fix).

        Add new exports for MSVC

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (yet another build fix).

        Remove obsolete entries from MSVC exports file

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Add includes needed for non-allinonefile builds

        * runtime/GetterSetter.h:
        * runtime/ScopeChain.h:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Fix export file for last build fix

        * JavaScriptCore.exp:

2009-08-10  Oliver Hunt  <oliver@apple.com>

        Hoist page size initialization into platform specific code.

        * jit/ExecutableAllocatorPosix.cpp:
        * jit/ExecutableAllocatorWin.cpp:
        * runtime/MarkStack.h:
        (JSC::MarkStack::pageSize):
        * runtime/MarkStackPosix.cpp:
        (JSC::MarkStack::initializePagesize):
        * runtime/MarkStackWin.cpp:
        (JSC::MarkStack::initializePagesize):

2009-08-07  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Stack overflow crash in JavaScript garbage collector mark pass
        https://bugs.webkit.org/show_bug.cgi?id=12216

        Make the GC mark phase iterative by using an explicit mark stack.
        To do this marking any single object is performed in multiple stages
          * The object is appended to the MarkStack, this sets the marked
            bit for the object using the new markDirect() function, and then
            returns
          * When the MarkStack is drain()ed the object is popped off the stack
            and markChildren(MarkStack&) is called on the object to collect 
            all of its children.  drain() then repeats until the stack is empty.

        Additionally I renamed a number of methods from 'mark' to 'markAggregate'
        in order to make it more clear that marking of those object was not
        going to result in an actual recursive mark.

        * GNUmakefile.am
        * JavaScriptCore.exp:
        * JavaScriptCore.gypi:
        * JavaScriptCore.pri:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate):
        * bytecode/CodeBlock.h:
        * bytecode/EvalCodeCache.h:
        (JSC::EvalCodeCache::markAggregate):
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::markChildren):
        * debugger/DebuggerActivation.h:
        * interpreter/Register.h:
        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::markGlobals):
        (JSC::RegisterFile::markCallFrames):
        * parser/Nodes.cpp:
        (JSC::ScopeNodeData::markAggregate):
        (JSC::EvalNode::markAggregate):
        (JSC::FunctionBodyNode::markAggregate):
        * parser/Nodes.h:
        (JSC::ScopeNode::markAggregate):
        * runtime/ArgList.cpp:
        (JSC::MarkedArgumentBuffer::markLists):
        * runtime/ArgList.h:
        * runtime/Arguments.cpp:
        (JSC::Arguments::markChildren):
        * runtime/Arguments.h:
        * runtime/Collector.cpp:
        (JSC::Heap::markConservatively):
        (JSC::Heap::markCurrentThreadConservativelyInternal):
        (JSC::Heap::markCurrentThreadConservatively):
        (JSC::Heap::markOtherThreadConservatively):
        (JSC::Heap::markStackObjectsConservatively):
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::collect):
        * runtime/Collector.h:
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        (JSC::GetterSetter::createStructure):
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::markChildren):
        * runtime/GlobalEvalFunction.h:
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::markChildren):
        * runtime/JSActivation.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::markChildren):
        * runtime/JSArray.h:
        * runtime/JSCell.h:
        (JSC::JSCell::markCellDirect):
        (JSC::JSCell::markChildren):
        (JSC::JSValue::markDirect):
        (JSC::JSValue::markChildren):
        (JSC::JSValue::hasChildren):
        (JSC::MarkStack::append):
        (JSC::MarkStack::drain):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::markChildren):
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::markChildren):
        * runtime/JSNotAnObject.h:
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::markAggregate):
        (JSC::JSONObject::markStringifiers):
        * runtime/JSONObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::markChildren):
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        * runtime/JSObject.h:
        * runtime/JSPropertyNameIterator.cpp:
        (JSC::JSPropertyNameIterator::markChildren):
        * runtime/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::createStructure):
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        (JSC::JSPropertyNameIterator::create):
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::markChildren):
        * runtime/JSStaticScopeObject.h:
        * runtime/JSType.h:
        (JSC::):
        * runtime/JSValue.h:
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::markChildren):
        * runtime/JSWrapperObject.h:
        * runtime/MarkStack.cpp: Added.
        (JSC::MarkStack::compact):
        * runtime/MarkStack.h: Added.
        (JSC::):
        (JSC::MarkStack::MarkStack):
        (JSC::MarkStack::append):
        (JSC::MarkStack::appendValues):
        (JSC::MarkStack::~MarkStack):
        (JSC::MarkStack::MarkSet::MarkSet):
        (JSC::MarkStack::pageSize):
        
        MarkStackArray is a non-shrinking, mmap-based vector type
        used for storing objects to be marked.
        (JSC::MarkStack::MarkStackArray::MarkStackArray):
        (JSC::MarkStack::MarkStackArray::~MarkStackArray):
        (JSC::MarkStack::MarkStackArray::expand):
        (JSC::MarkStack::MarkStackArray::append):
        (JSC::MarkStack::MarkStackArray::removeLast):
        (JSC::MarkStack::MarkStackArray::isEmpty):
        (JSC::MarkStack::MarkStackArray::size):
        (JSC::MarkStack::MarkStackArray::shrinkAllocation):
        * runtime/MarkStackPosix.cpp: Added.
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):
        * runtime/MarkStackWin.cpp: Added.
        (JSC::MarkStack::allocateStack):
        (JSC::MarkStack::releaseStack):

        * runtime/ScopeChain.h:
        * runtime/ScopeChainMark.h:
        (JSC::ScopeChain::markAggregate):
        * runtime/SmallStrings.cpp:
        (JSC::SmallStrings::mark):
        * runtime/Structure.h:
        (JSC::Structure::markAggregate):

2009-08-10  Mark Rowe  <mrowe@apple.com>
        
        Reviewed by Darin Adler.

        Fix hundreds of "pointer being freed was not allocated" errors seen on the build bot.

        * wtf/FastMalloc.h: Implement nothrow variants of the delete and delete[] operators since
        we implement the nothrow variants of new and new[].  The nothrow variant of delete is called
        explicitly in the implementation of std::sort which was resulting in FastMalloc-allocated
        memory being passed to the system allocator to free.

2009-08-10  Jan Michael Alonzo  <jmalonzo@webkit.org>

        [Gtk] Unreviewed build fix. Move JSAPIValueWrapper.cpp/.h in the debug
        section. This file is already part of AllInOneFile in Release builds.

        * GNUmakefile.am:

2009-08-10  Darin Adler  <darin@apple.com>

        * wtf/FastMalloc.h: Fix build.

2009-08-10  Darin Adler  <darin@apple.com>

        Reviewed by Mark Rowe.

        FastMalloc.h has cross-platform code but marked as WinCE-only
        https://bugs.webkit.org/show_bug.cgi?id=28160

        1) The support for nothrow was inside #if PLATFORM(WINCE) even though it is
           not platform-specific.
        2) The code tried to override operator delete nothrow, which does not exist.
        3) The code in the header checks the value of USE_SYSTEM_MALLOC, but the code
           in FastMalloc.cpp checks only if the macro is defined.

        * wtf/FastMalloc.h: See above.
        * wtf/FastMalloc.cpp: Ditto.

2009-08-10  Sam Weinig  <sam@webkit.org>

        Reviewed by Anders Carlsson.

        Fix an annoying indentation issue.

        * runtime/DateConstructor.cpp:
        (JSC::constructDate):

2009-08-10  Xan Lopez  <xlopez@igalia.com>

        Unreviewed build fix.

        Add new files to makefile.

        * GNUmakefile.am:

2009-08-10  Simon Hausmann  <simon.hausmann@nokia.com>

        Fix compilation with the interpreter instead of the JIT by including
        PrototypeFunction.h as forward-declared through NativeFunctionWrapper.h.

        * runtime/ObjectConstructor.cpp:

2009-08-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by George Staikos.

        JSON.stringify replacer returning undefined does not omit object properties
        https://bugs.webkit.org/show_bug.cgi?id=28118

        Correct behaviour of stringify when using a replacer function that returns
        undefined.  This is a simple change to move the undefined value check to
        after the replacer function is called.  This means that the replacer function
        is now called for properties with the value undefined, however i've confirmed
        that this behaviour is correct.
        
        In addition I've made the cyclic object exception have a more useful error
        message.

        * runtime/JSONObject.cpp:
        (JSC::Stringifier::appendStringifiedValue):

2009-08-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Eric Seidel and Sam Weinig.

        [ES5] Implement Object.getPrototypeOf
        https://bugs.webkit.org/show_bug.cgi?id=28114

        Implement getPrototypeOf

        * runtime/CommonIdentifiers.h:
        * runtime/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::reset):
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConsGetPrototypeOf):
        * runtime/ObjectConstructor.h:

2009-08-07  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        Allow custom memory allocation control for Noncopyable class
        https://bugs.webkit.org/show_bug.cgi?id=27879

        Several classes which are inherited from Noncopyable are instantiated by
        operator new, so Noncopyable class has been inherited from FastAllocBase.

        * wtf/Noncopyable.h:

2009-08-07  George Staikos <george.staikos@torchmobile.com> 

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=27305
        Implement WinCE-specific unicode layer.
        Written by George Staikos <george.staikos@torchmobile.com>
        with bug fixes by Yong Li <yong.li@torchmobile.com>
        refactored by Joe Mason <joe.mason@torchmobile.com> 

        * wtf/Platform.h:
        * wtf/unicode/Unicode.h:
        * wtf/unicode/wince/UnicodeWince.cpp: Added.
        (WTF::Unicode::toLower):
        (WTF::Unicode::toUpper):
        (WTF::Unicode::foldCase):
        (WTF::Unicode::isPrintableChar):
        (WTF::Unicode::isSpace):
        (WTF::Unicode::isLetter):
        (WTF::Unicode::isUpper):
        (WTF::Unicode::isLower):
        (WTF::Unicode::isDigit):
        (WTF::Unicode::isPunct):
        (WTF::Unicode::toTitleCase):
        (WTF::Unicode::direction):
        (WTF::Unicode::category):
        (WTF::Unicode::decompositionType):
        (WTF::Unicode::combiningClass):
        (WTF::Unicode::mirroredChar):
        (WTF::Unicode::digitValue):
        * wtf/unicode/wince/UnicodeWince.h: Added.
        (WTF::Unicode::):
        (WTF::Unicode::isSeparatorSpace):
        (WTF::Unicode::isHighSurrogate):
        (WTF::Unicode::isLowSurrogate):
        (WTF::Unicode::isArabicChar):
        (WTF::Unicode::hasLineBreakingPropertyComplexContext):
        (WTF::Unicode::umemcasecmp):
        (WTF::Unicode::surrogateToUcs4):

2009-08-07  Yongjun Zhang  <yongjun.zhang@nokia.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=28069

        Add inline to help winscw compiler resolve specialized argument in 
        templated functions.  

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexString):

2009-08-07  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        Allow custom memory allocation control for RegExpObjectData struct
        http://bugs.webkit.org/show_bug.cgi?id=26750

        Inherits RegExpObjectData struct from FastAllocBase because
        it has been instantiated by 'new' in JavaScriptCore/runtime/RegExpObject.cpp:62

        * runtime/RegExpObject.h:

2009-08-06  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        Updated patch for bug #27059:
        Symbian platform always uses little endian encoding,
        regardless of compiler.
        We need to make sure that we correctly detect EABI architecture
        for armv5 targets on Symbian,
        where __EABI__ is set but not __ARM_EABI__

        * wtf/Platform.h:

2009-08-06  Adam Barth  <abarth@webkit.org>

        Unreviewed revert.

        http://bugs.webkit.org/show_bug.cgi?id=27879

        Revert 46877 because it broke GTK.

        * wtf/Noncopyable.h:

2009-08-06  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Make get_by_id/put_by_id/method_check/call defer optimization using a data flag rather than a code modification.
        ( https://bugs.webkit.org/show_bug.cgi?id=27635 )

        This improves performance of ENABLE(ASSEMBLER_WX_EXCLUSIVE) builds by 2-2.5%, reducing the overhead to about 2.5%.
        (No performance impact with ASSEMBLER_WX_EXCLUSIVE disabled).

        * bytecode/CodeBlock.cpp:
        (JSC::printStructureStubInfo):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
            - Change a pointer in CallLinkInfo/MethodCallLinkInfo to use a PtrAndFlags, use a flag to track when an op has been executed once.

        * bytecode/StructureStubInfo.cpp:
        (JSC::StructureStubInfo::deref):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/StructureStubInfo.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::StructureStubInfo::initGetByIdSelf):
        (JSC::StructureStubInfo::initGetByIdProto):
        (JSC::StructureStubInfo::initGetByIdChain):
        (JSC::StructureStubInfo::initGetByIdSelfList):
        (JSC::StructureStubInfo::initGetByIdProtoList):
        (JSC::StructureStubInfo::initPutByIdTransition):
        (JSC::StructureStubInfo::initPutByIdReplace):
        (JSC::StructureStubInfo::seenOnce):
        (JSC::StructureStubInfo::setSeen):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID, add a flag to track when an op has been executed once.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::unlinkCall):
            - Remove the "don't lazy link" stage of calls.

        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        (JSC::JITStubs::getPolymorphicAccessStructureListSlot):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * jit/JITStubs.h:
        (JSC::JITThunks::ctiStringLengthTrampoline):
        (JSC::JITStubs::):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):
        (WTF::PtrAndFlags::operator!):
        (WTF::PtrAndFlags::operator->):
            - Add ! and -> operators, add constuctor with pointer argument.

2009-08-06  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Adam Barth.

        Allow custom memory allocation control for Noncopyable class
        https://bugs.webkit.org/show_bug.cgi?id=27879

        Several classes which inherited from Noncopyable are instantiated by
        operator new, so Noncopyable class has been inherited from FastAllocBase.

        * wtf/Noncopyable.h:

2009-08-06  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Sam Weinig.

        Add explicit dependencies for our build verification scripts to ensure that they always run after linking has completed.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-08-06  Mark Rowe  <mrowe@apple.com>

        Bring a little order to our otherwise out of control lives.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-08-06  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's PolymorphicAccessStructureList struct
        https://bugs.webkit.org/show_bug.cgi?id=27877

        Inherits PolymorphicAccessStructureList struct from FastAllocBase because it has been instantiated by
        'new' in JavaScriptCore/jit/JITStubs.cpp:1229.

        * bytecode/Instruction.h:

2009-08-05  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's ScopeNodeData struct
        https://bugs.webkit.org/show_bug.cgi?id=27875

        Inherits ScopeNodeData struct from FastAllocBase because it has been instantiated by
        'new' in JavaScriptCore/parser/Nodes.cpp:1848.

        * parser/Nodes.h:

2009-08-05  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add floating point support for generic ARM port.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::doubleTransfer):
        * assembler/ARMAssembler.h:
        (JSC::ARM::):
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::faddd_r):
        (JSC::ARMAssembler::fsubd_r):
        (JSC::ARMAssembler::fmuld_r):
        (JSC::ARMAssembler::fcmpd_r):
        (JSC::ARMAssembler::fdtr_u):
        (JSC::ARMAssembler::fdtr_d):
        (JSC::ARMAssembler::fmsr_r):
        (JSC::ARMAssembler::fsitod_r):
        (JSC::ARMAssembler::fmstat):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::):
        (JSC::MacroAssemblerARM::supportsFloatingPoint):
        (JSC::MacroAssemblerARM::loadDouble):
        (JSC::MacroAssemblerARM::storeDouble):
        (JSC::MacroAssemblerARM::addDouble):
        (JSC::MacroAssemblerARM::subDouble):
        (JSC::MacroAssemblerARM::mulDouble):
        (JSC::MacroAssemblerARM::convertInt32ToDouble):
        (JSC::MacroAssemblerARM::branchDouble):
        * jit/JIT.h:

2009-08-05  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add JIT support for generic ARM port without optimizations.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        All JIT optimizations are disabled.

        Signed off by Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
        Signed off by Gabor Loki <loki@inf.u-szeged.hu>

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::baseIndexTransfer32):
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::store32):
        (JSC::MacroAssemblerARM::move):
        (JSC::MacroAssemblerARM::branch32):
        (JSC::MacroAssemblerARM::add32):
        (JSC::MacroAssemblerARM::sub32):
        (JSC::MacroAssemblerARM::load32):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getBytecodeIndex):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        (JSC::JITStackFrame::returnAddressSlot):
        * wtf/Platform.h:

2009-08-04  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Oiver Hunt.

        Revert r46643 since this breaks the Yarr::Interpreter running the v8 tests.
        https://bugs.webkit.org/show_bug.cgi?id=27874

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::allocDisjunctionContext):
        (JSC::Yarr::Interpreter::freeDisjunctionContext):
        (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::freeParenthesesDisjunctionContext):

2009-08-04  Oliver Hunt  <oliver@apple.com>

        PPC64 Build fix

        * wtf/Platform.h:

2009-08-04  Benjamin C Meyer  <benjamin.meyer@torchmobile.com>

        Reviewed by Adam Treat

        Explicitly include limits.h header when using INT_MAX and INT_MIN

        * interpreter/Interpreter.cpp

2009-08-03  Harald Fernengel  <harald.fernengel@nokia.com>

        Reviewed by Darin Adler.

        Fix compile error for ambigous call to abs()
        https://bugs.webkit.org/show_bug.cgi?id=27873

        Fix ambiguity in abs(long int) call by calling labs() instead

        * wtf/DateMath.cpp: replace call to abs() with labs()

2009-08-03  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Eric Seidel.

        [Qt] Consolidate common gcc flags to WebKit.pri
        https://bugs.webkit.org/show_bug.cgi?id=27934

        * JavaScriptCore.pro:

2009-08-03  Ada Chan  <adachan@apple.com>

        Fixed the Tiger build.

        * wtf/FastMalloc.cpp:

2009-08-03  Ada Chan  <adachan@apple.com>

        Reviewed by Darin Adler.

        Don't use background thread to scavenge memory on Tiger until we figure out why it causes a crash.
        https://bugs.webkit.org/show_bug.cgi?id=27900

        * wtf/FastMalloc.cpp:

2009-08-03  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by Jan Alonzo.

        Fix build break on Gtk/x86_64.
        https://bugs.webkit.org/show_bug.cgi?id=27936

        Use JSVALUE64 for X86_64 LINUX, except Qt.

        * wtf/Platform.h:

2009-08-02  Xan Lopez  <xlopez@igalia.com>

        Fix the GTK+ build.

        * wtf/Platform.h:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Disabled JSVALUE32_64 on Qt builds, since all layout tests mysteriously
        crash with it enabled.

        * wtf/Platform.h:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Qt build fix.

        Added JSAPIValueWrapper.cpp to the build.

        * JavaScriptCore.pri:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix.

        Exported symbols for JSAPIValueWrapper.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        GTK build fix.

        * jit/JITStubs.cpp: #include <stdarg.h>, for a definition of va_start.

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Qt build fix.
        
        * runtime/Collector.cpp: #include <limits.h>, for a definition of ULONG_MAX.

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: Nixed JSImmediate::prototype, JSImmediate::toObject,
        and JSImmediate::toThisObject, and removed their exported symbols.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * runtime/JSImmediate.cpp:
        * runtime/JSImmediate.h:

2009-08-02  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.

        Enabled JSVALUE32_64 by default on all platforms other than x86_64 (which uses JSVALUE64).

        * wtf/Platform.h:

2009-08-02  Kevin Ollivier  <kevino@theolliviers.com>

        Reviewed by Jan Alonzo.

        Script for building the JavaScriptCore library for wx.
        https://bugs.webkit.org/show_bug.cgi?id=27619

        * wscript: Added.

2009-08-02  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        DateMath depends on strftime and localtime, which need to be imported manually on WinCE
        https://bugs.webkit.org/show_bug.cgi?id=26558

        * wtf/DateMath.cpp:

2009-08-01  David Kilzer  <ddkilzer@apple.com>

        wtf/Threading.h: added include of Platform.h

        Reviewed by Mark Rowe.

        * wtf/Threading.h: Added #include "Platform.h" since this header
        uses PLATFORM() and other macros.

2009-08-01  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Roll out r46668 as it was misinformed.  ScopeChain is only used with placement new.

        * runtime/ScopeChain.h:

2009-08-01  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Allow custom memory allocation control for JavaScriptCore's HashMap class
        http://bugs.webkit.org/show_bug.cgi?id=27871

        Inherits HashMap class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/API/JSClassRef.cpp:148.

        * wtf/RefPtrHashMap.h:
        (WTF::):

2009-08-01  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Allow custom memory allocation control for JavaScriptCore's ScopeChain class
        https://bugs.webkit.org/show_bug.cgi?id=27834

        Inherits ScopeChain class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/JSFunction.h:109.

        * runtime/ScopeChain.h:

2009-08-01  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's RegExpConstructorPrivate struct 
        https://bugs.webkit.org/show_bug.cgi?id=27833

        Inherits RegExpConstructorPrivate class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/RegExpConstructor.cpp:152.

        * runtime/RegExpConstructor.cpp:

2009-07-31  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        Resurrect the old GetTickCount implementation of currentTime, controlled by WTF_USE_QUERY_PERFORMANCE_COUNTER
        currentSystemTime taken from older WebKit; currentTime written by Yong Li <yong.li@torchmobile.com>; cleanup by Joe Mason <joe.mason@torchmobile.com>
        https://bugs.webkit.org/show_bug.cgi?id=27848

        * wtf/CurrentTime.cpp:
        (WTF::currentSystemTime): get current time with GetCurrentFT
        (WTF::currentTime): track msec elapsed since first currentSystemTime call using GetTickCount
        * wtf/Platform.h:

2009-07-31  Ada Chan  <adachan@apple.com>

        Fixes the Windows release-PGO build.

        Reviewed by Jon Honeycutt.

        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Suppresses the warning about unreachable code that we get by adding "return 0" to WTF::TCMalloc_PageHeap::runScavengerThread().
        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::runScavengerThread): Fixes the error about the method not returning a value in the release-PGO build.

2009-07-31  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Change malloc to fastMalloc and free to fastFree in Yarr's RegexInterpreter.cpp
        https://bugs.webkit.org/show_bug.cgi?id=27874

        Use fastMalloc and fastFree instead of malloc and free in RegexInterpreter.cpp's methods.

        * yarr/RegexInterpreter.cpp:
        (JSC::Yarr::Interpreter::allocDisjunctionContext):
        (JSC::Yarr::Interpreter::freeDisjunctionContext):
        (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
        (JSC::Yarr::Interpreter::freeParenthesesDisjunctionContext):

2009-07-30  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Jan Alonzo.

        Fix compiler warning.

        GCC does not like C++-style comments in preprocessor directives.

        * wtf/Platform.h:

2009-07-30  John McCall  <rjmccall@apple.com>

        Reviewed by Gavin Barraclough.

        Optimize the X86_64 trampolines: avoid the need for filler arguments
        and move the stub-args area closer to the stack pointer.

        * jit/JIT.h: adjust patch offsets because of slight code-size change 
        * jit/JITCode.h:
        (JSC::JITCode::execute): don't pass filler args
        * jit/JITStubs.cpp:
        (ctiTrampoline): (X86_64): push args onto stack, use args directly
        (ctiVMThrowTrampoline): (X86_64): adjust %rsp by correct displacement
        (ctiOpThrowNotCaught): (X86_64): adjust %rsp by correct displacement
        * jit/JITStubs.h:
        (JITStackFrame): (X86_64): move args area earlier
        (ctiTrampoline): remove filler args from prototype

2009-07-30  Gavin Barraclough  <barraclough@apple.com>

        Temporarily revert r46618 since this is b0rking on Linux.

2009-07-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Make get_by_id/put_by_id/method_check/call defer optimization using a data flag rather than a code modification.
        ( https://bugs.webkit.org/show_bug.cgi?id=27635 )

        This improves performance of ENABLE(ASSEMBLER_WX_EXCLUSIVE) builds by 2-2.5%, reducing the overhead to about 2.5%.
        (No performance impact with ASSEMBLER_WX_EXCLUSIVE disabled).

        * bytecode/CodeBlock.cpp:
        (JSC::printStructureStubInfo):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CallLinkInfo::seenOnce):
        (JSC::CallLinkInfo::setSeen):
        (JSC::MethodCallLinkInfo::seenOnce):
        (JSC::MethodCallLinkInfo::setSeen):
            - Change a pointer in CallLinkInfo/MethodCallLinkInfo to use a PtrAndFlags, use a flag to track when an op has been executed once.

        * bytecode/StructureStubInfo.cpp:
        (JSC::StructureStubInfo::deref):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * bytecode/StructureStubInfo.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::StructureStubInfo::initGetByIdSelf):
        (JSC::StructureStubInfo::initGetByIdProto):
        (JSC::StructureStubInfo::initGetByIdChain):
        (JSC::StructureStubInfo::initGetByIdSelfList):
        (JSC::StructureStubInfo::initGetByIdProtoList):
        (JSC::StructureStubInfo::initPutByIdTransition):
        (JSC::StructureStubInfo::initPutByIdReplace):
        (JSC::StructureStubInfo::seenOnce):
        (JSC::StructureStubInfo::setSeen):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID, add a flag to track when an op has been executed once.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitGetById):
        (JSC::BytecodeGenerator::emitPutById):
            - Make StructureStubInfo store the type as an integer, rather than an OpcodeID.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::unlinkCall):
            - Remove the "don't lazy link" stage of calls.

        * jit/JIT.h:
        (JSC::JIT::compileCTIMachineTrampolines):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSlowCase):
            - Remove the "don't lazy link" stage of calls.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        (JSC::JITStubs::getPolymorphicAccessStructureListSlot):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * jit/JITStubs.h:
        (JSC::JITThunks::ctiStringLengthTrampoline):
        (JSC::JITStubs::):
            - Remove the "don't lazy link" stage of calls, and the "_second" stage of get_by_id/put_by_id/method_check.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::PtrAndFlags):
        (WTF::PtrAndFlags::operator!):
        (WTF::PtrAndFlags::operator->):
            - Add ! and -> operators, add constuctor with pointer argument.

2009-07-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.

        Fixed failing tests seen on Windows buildbot.

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::): Use "int" instead of "bool" to guarantee a 32-bit result,
        regardless of compiler. gcc on mac uses 32-bit values for bool,
        but gcc on linux and MSVC on Windows use 8-bit values.

2009-07-30  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: added missing symbols on Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-30  Geoffrey Garen  <ggaren@apple.com>

        Windows build fix: removed stale symbols on Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

=== End merge of nitro-extreme branch 2009-07-30 ===

2009-07-20  Geoffrey Garen  <ggaren@apple.com>

        Fixed a post-review typo in r46066 that caused tons of test failures.
        
        SunSpider reports no change.

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray): Initialize the full vector capacity, to avoid
        uninitialized members at the end.

2009-07-20  Geoffrey Garen  <ggaren@apple.com>

        Windows WebKit build fix: Added some missing exports.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-17  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Get the branch working on windows.
        https://bugs.webkit.org/show_bug.cgi?id=27391
        
        SunSpider says 0.3% faster.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def: Updated
        MSVC export lists to fix linker errors.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Added / removed
        new / old project files.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines): Used #pragma pack to tell
        MSVC that these structures represent actual memory layout, and should not be
        automatically aligned. Changed the return value load to load a 64bit quantity
        into the canonical registers.

        * jit/JIT.h: Moved OBJECT_OFFSETOF definition to StdLibExtras.h because
        it's needed by more than just the JIT, and it supplements a standard library
        macro (offsetof).

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame): Fixed an incorrectly signed
        cast to resolve an MSVC warning.

        * jit/JITStubs.h: Used #pragma pack to tell MSVC that these structures
        represent actual memory layout, and should not be automatically aligned. 

        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray): Replaced memset_pattern8 with a for loop, since
        memset_pattern8 is not portable. (I verified that this version of the loop
        gives the best performance / generated code in GCC.)

        * runtime/JSObject.h:
        (JSC::JSObject::JSObject): Removed accidental usage of FIELD_OFFSET --
        OBJECT_OFFSETOF is our new macro name. (FIELD_OFFSET conflicts with a
        definition in winnt.h.)

        * runtime/JSValue.cpp: Added some headers needed by non-all-in-one builds.
        
        * runtime/JSValue.h:
        (JSC::JSValue::): Made the tag signed, to match MSVC's signed enum values.
        (GCC doesn't seem to care one way or the other.)

        * wtf/MainThread.cpp: Moved the StdLibExtras.h #include -- I did this a
        while ago to resolve a conflict with winnt.h. I can't remember if it's truly
        still needed, but what the heck.

        * wtf/StdLibExtras.h: Moved OBJECT_OFFSETOF definition here.

2009-07-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig (?).
        
        Fixed an assertion seen during the stress test.
        
        Don't assume that, if op1 is constant, op2 is not, and vice versa. Sadly,
        not all constants get folded.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):

2009-07-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Include op_convert_this in result caching.
        
        No change on SunSpider or v8.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_convert_this):

        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:
        (JSC::): Made the op_convert_this JIT stub return an EncodedJSValue, so
        to maintain the result caching contract that { tag, payload } can be
        found in { regT1, regT0 }.

2009-07-06  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented result chaining.
        
        1% faster on SunSpider. 4%-5% faster on v8.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::move):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movl_rr): Added an optimization to eliminate
        no-op mov instructions, to simplify chaining.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * jit/JIT.h: Added data members and helper functions for recording
        chained results. We record both a mapping from virtual to machine register
        and the opcode for which the mapping is valid, to help ensure that the
        mapping isn't used after the mapped register has been stomped by other
        instructions.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):
        (JSC::JIT::emit_op_ret):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase): Chain function call results.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadTag):
        (JSC::JIT::emitLoadPayload):
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitLoad2):
        (JSC::JIT::isLabeled):
        (JSC::JIT::map):
        (JSC::JIT::unmap):
        (JSC::JIT::isMapped):
        (JSC::JIT::getMappedPayload):
        (JSC::JIT::getMappedTag): Use helper functions when loading virtual
        registers into machine registers, in case the loads can be eliminated
        by chaining.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_mov):
        (JSC::JIT::emit_op_end):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_next_pname):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_catch): Chain results from these opcodes.

        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call): Load the profiler into regT2 to
        avoid stomping a chained result.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_get_by_id): Chain results from these opcodes.

        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument): Always use { regT1, regT0 }, to facilitate
        chaining.

        (JSC::JITStubCall::call): Unmap all mapped registers, since our callee
        stub might stomp them.

2009-07-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Don't reload values in emitBinaryDoubleOp.

        SunSpider reports a 0.6% progression. 

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitBinaryDoubleOp):

2009-07-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Convert op_div to load op1 and op2 up front.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_div):

2009-07-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Don't emit code in emitBinaryDoubleOp if code is unreachable, observable
        via an empty (unlinked) jumplist passed in.  This only effects op_jnless
        and op_jnlesseq at present.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emitBinaryDoubleOp):

2009-07-01  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Converted op_mod to put { tag, payload } in { regT1, regT0 }, and
        tidied up its constant case.
        
        SunSpider reports a 0.2% regression, but a micro-benchmark of op_mod
        shows a 12% speedup, and the SunSpider test that uses op_mod most should
        benefit a lot from result caching in the end, since it almost always
        performs (expression) % constant.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):

2009-06-30  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Converted some more arithmetic ops to put { tag, payload } in
        { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Converted some more arithmetic ops to put { tag, payload } in
        { regT1, regT0 }, and added a case for subtract constant.
        
        SunSpider says no change. v8 says 0.3% slower.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSub32Constant):
        (JSC::JIT::emitSlow_op_sub):

2009-06-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove more uses of addressFor(), load double constants directly from
        the constantpool in the CodeBlock, rather than from the register file.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitBinaryDoubleOp):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a bug in postfix ops, where we would treat x = x++ and x = x--
        as a no-op, even if x were not an int, and the ++/-- could have side-effects.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Converted some arithmetic ops to put { tag, payload } in
        { regT1, regT0 }.
        
        SunSpider says 0.7% faster. v8 says no change.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emit_op_bitxor):
        * jit/JITInlineMethods.h:
        (JSC::JIT::isOperandConstantImmediateInt):
        (JSC::JIT::getOperandConstantImmediateInt):

2009-06-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Start removing cases of addressFor().

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadDouble):
        (JSC::JIT::emitLoadInt32ToDouble):
        (JSC::JIT::emitStoreDouble):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Rolled back in my last patch with regression fixed.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emitSlow_op_resolve_global):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Rolled out my last patch because it was a 2% SunSpider regression.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin "Sam Weinig" Barraclough.
        
        Standardized the rest of our opcodes to put { tag, payload } in
        { regT1, regT0 } where possible.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emitSlow_op_resolve_global):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):

2009-06-30  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoffrey Garen.

        Replace calls to store32(tagFor()) and store32(payloadFor())
        with emitStoreInt32(), emitStoreBool(), and emitStoreCell().

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitBitAnd32Constant):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitBitOr32Constant):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitBitXor32Constant):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSub32ConstantLeft):
        (JSC::JIT::emitSub32ConstantRight):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emit_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_load_varargs):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitStoreInt32):
        (JSC::JIT::emitStoreCell):
        (JSC::JIT::emitStoreBool):
        (JSC::JIT::emitStore):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

2009-06-30  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized the rest of the property access instructions to put { tag,
        payload } in { regT1, regT0 }.

        Small v8 speedup, 0.2% SunSpider slowdown.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitLoad2):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::patchPutByIdReplace):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Various cleanups.
        - Use fpRegT* instead of X86::xmm*.
        - Use a switch statement in emitBinaryDoubleOp instead of a bunch of
          if/elses.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add inline code dealing with doubles for op_jfalse and op_jtrue.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::):
        (JSC::MacroAssemblerX86Common::zeroDouble):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-06-28  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Standardized op_get_by_id to put { tag, payload } in { regT1, regT0 }.
        
        SunSpider and v8 report maybe 0.2%-0.4% regressions, but the optimization
        this enables will win much more than that back.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compileGetByIdSlowCase):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-06-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Standardized op_call to put { tag, payload } in { regT1, regT0 }.
        
        SunSpider and v8 report no change.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):

2009-06-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Handle multiplying by zero a little better by
        inlining the case that both operands are non-negative
        into the slowpath.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::branchOr32):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Optimize x++ to ++x inside for loops.
        
        Sadly, no measurable speedup, but this should help with result chaining.

        * parser/Nodes.cpp:
        (JSC::ForNode::emitBytecode):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emit_op_post_inc):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emitSlow_op_negate):
        * jit/JITCall.cpp:
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emitSlow_op_construct_verify):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Standardized some more opcodes to put { tag, payload } in { regT1, regT0 }.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_true):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):

2009-06-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig (sort of, maybe).
        
        Fixed some ASSERTs in http/tests/security.
        
        These ASSERTs were introduced by http://trac.webkit.org/changeset/45057,
        but the underlying problem was actually older. http://trac.webkit.org/changeset/45057
        just exposed the problem by enabling optimization in more cases.
        
        The ASSERTs fired because we tested PropertySlot::slotBase() for validity,
        but slotBase() ASSERTs if it's invalid, so we would ASSERT before
        the test could happen. Solution: Remove the ASSERT. Maybe it was valid
        once, but it clearly goes against a pattern we've deployed of late.
        
        The underlying problem was that WebCore would re-use a PropertySlot in
        the case of a forwarding access, and the second use would not completely
        overwrite the first use. Solution: Make sure to overwrite m_offset when
        setting a value on a PropertySlot. (Other values already get implicitly
        overwritten during reuse.)

        * runtime/PropertySlot.h:
        (JSC::PropertySlot::PropertySlot):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setValue):
        (JSC::PropertySlot::setRegisterSlot):
        (JSC::PropertySlot::setUndefined):
        (JSC::PropertySlot::slotBase):
        (JSC::PropertySlot::clearOffset):

2009-06-24  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Enable JIT_OPTIMIZE_METHOD_CALLS on the branch, implementation matches current implemenatation in ToT.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::emitSlow_op_method_check):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::compileGetByIdSlowCase):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Bit off a tiny bit more of standardizing opcode behavior to help with result
        caching.
        
        SunSpider reports no change, v8 maybe a tiny speedup.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emitSlow_op_to_jsnumber):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emitSlow_op_convert_this):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Bit off a tiny bit more of standardizing opcode behavior to help with result
        caching -- including removing my old enemy, op_resolve_function, because
        it was non-standard, and removing it felt better than helping it limp along.
        
        SunSpider reports no change, v8 maybe a tiny speedup.
        
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JIT.h:
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emitSlow_op_to_primitive):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        * parser/Nodes.cpp:
        (JSC::FunctionCallResolveNode::emitBytecode):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Bit off a tiny bit of standardizing opcode behavior to help with result
        caching.
        
        0.6% SunSpider speedup. 0.3% v8 speedup.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoad): Accomodate a base register that overlaps with payload
        by loading tag before payload, to avoid stomping base/payload.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_mov): Abide by the standard "tag in regT1, payload in
        regT0" semantics.

        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var): Ditto. Also, removed some irrelevent
        loads while I was at it. The global object's "d" pointer never changes
        after construction.

2009-06-23  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove 'arguments' field from Register union (again).
        This time do so without breaking tests (radical, I know).

        * interpreter/CallFrame.h:
        (JSC::ExecState::optionalCalleeArguments):
        (JSC::ExecState::setArgumentCount):
        (JSC::ExecState::init):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * interpreter/Register.h:
        (JSC::Register::withInt):
        (JSC::Register::):
        (JSC::Register::Register):
        (JSC::Register::i):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_tear_off_arguments):
        * runtime/Arguments.h:
        (JSC::JSActivation::copyRegisters):
        (JSC::Register::arguments):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Removed some result register tracking cruft in preparation for a new
        result tracking mechanism.
        
        SunSpider reports no change.

        * assembler/AbstractMacroAssembler.h:
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::JmpDst::JmpDst): No need to track jump targets in
        machine code; we already do this in bytecode.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        (JSC::JIT::emitTimeoutCheck): Make sure to save and restore the result
        registers, so an opcode with a timeout check can still benefit from result
        register caching.

        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases): Removed calls to killLastResultRegister()
        in preparation for something new.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitGetFromCallFrameHeaderPtr):
        (JSC::JIT::emitGetFromCallFrameHeader32):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_jsr):
        (JSC::JIT::emit_op_sret):
        (JSC::JIT::emit_op_jmp_scopes): ditto

        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::getArgument): added a mechanism for reloading an argument
        you passed to a JIT stub, for use in emitTimeoutCheck.

2009-06-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove now-useless inplace variants of binary ops.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emit_op_mul):

2009-06-23  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Move off memory operands to aid in re-enabling result caching.

        - No regression measured.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitBitAnd32Constant):
        (JSC::JIT::emitBitAnd32InPlace):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitBitOr32Constant):
        (JSC::JIT::emitBitOr32InPlace):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitBitXor32Constant):
        (JSC::JIT::emitBitXor32InPlace):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitAdd32InPlace):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32Constant):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSub32ConstantLeft):
        (JSC::JIT::emitSub32ConstantRight):
        (JSC::JIT::emitSub32InPlaceLeft):
        (JSC::JIT::emitSub32InPlaceRight):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitMul32InPlace):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emit_op_mod):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emit_op_to_jsnumber):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):

2009-06-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed some missing and/or misplaced labels in bytecode generation, so
        we don't have to work around them in JIT code generation.

        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitJumpSubroutine):
        * parser/Nodes.cpp:
        (JSC::TryNode::emitBytecode):

2009-06-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        For member function calls, emit "this" directly into the "this" slot
        for the function call, instead of moving it there later. This reduces
        time spent in op_mov during certain calls, like "a.b.c()".
        
        1%-2% speedup on v8, mostly richards and delta-blue.

        * parser/Nodes.cpp:
        (JSC::FunctionCallDotNode::emitBytecode):

2009-06-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove 'arguments' field from Register union.  Having JSCell derived types in the union is
        dangerous since it opens the possibility for the field to be written as a raw pointer but
        then read as a JSValue.  This will lead to statle data being read for the tag, which may
        be dangerous.  Having removed Arguments* types form Register, all arguments objects must
        always explicitly be stored in the register file as JSValues.

        * interpreter/CallFrame.h:
        (JSC::ExecState::optionalCalleeArguments):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::unwindCallFrame):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * interpreter/Register.h:
        (JSC::Register::):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_tear_off_arguments):
        * runtime/Arguments.h:
        (JSC::JSActivation::copyRegisters):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::argumentsGetter):
        * runtime/JSActivation.h:

2009-06-03  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add back known this value optimization by abstracting
        slow case if not JSCell jumps.

        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCallVarargsSlowCase):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
        (JSC::JIT::linkSlowCaseIfNotJSCell):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emitSlow_op_instanceof):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):

2009-06-01  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed some of the regression in crypto-aes.js. (8.5% speedup in
        crypto-aes.js.)
        
        SunSpider reports no change overall.
        
        Division was producing double results, which took the slow path through
        array access code.
        
        Strangely, all my attempts at versions of this patch that modified array
        access code to accept ints encoded as doubles along the fast or slow paths
        were regressions. So I did this instead.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_div): When dividing an int by an int, go ahead and try
        to turn the result into an int. Don't just do int division, though, because
        testing shows it to be slower than SSE double division, and the corner
        cases are pretty complicated / lengthy on top of that. Also, don't try
        to canonicalize division of known tiny numerators into ints, since that's a
        waste of time.

2009-05-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        Fixed a regression caused by my recent fix for NaN.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp): Actually do the comparison in reverse
        order, like the ChangeLog said we would, bokay?

2009-05-26  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig and Oliver Hunt.
        
        Fixed two edge cases in %:
        
        - Don't do -2147483648 % x as a fast case, since you might do -2147483648 % -1,
        which will signal a hardware exception due to overflow.

        - In the case of a zero remainder, be sure to store negative zero if the
        dividend was zero.
        
        SunSpider reports no change.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):

2009-05-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Fixed a regression when comparing to NaN.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp): For op_jnless and op_jnless_eq, do the
        comparison in reverse order, and jump if the result is below or 
        below-or-equal. This ensures that we do jump in the case of NaN.

2009-05-25  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        SunSpider says no change.
        
        Fixed regressions in fast/js/var-declarations-shadowing.html and
        fast/js/equality.html, caused by recent == and != optimizations.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_eq): Don't treat "compare to string" as always
        numeric or string comparison. If the second operand is an object, you
        need to ToPrimitive it, and start all over again. Also, I wrote out each
        of the possible cases explicitly, to cut down on redundant branching.

2009-05-25  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Fix bug in fast/js/constant-folding.html where we were not negating
        -0 properly.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):

2009-05-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.
        
        Refactored new slow case codegen for == and !=.
        
        SunSpider reports no change, maybe a tiny speedup.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emitSlow_op_neq): Made a vptr comparison a *Ptr operation,
        instead of *32, to make it portable to 64bit. Reorganized the string
        and generic cases to make their control flow a little clearer.

2009-05-23  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Optimized == and != for our new value representation -- especially for strings.
        
        14% speedup on date-format-tofte.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_eq_strings):
        (JSC::JITStubs::cti_op_call_eval):
        * jit/JITStubs.h:
        (JSC::):
        * runtime/JSValue.h:

2009-05-22  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Fix non-SSE enabled builds.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_add): Don't early return here, we still need to call the JIT stub.
        (JSC::JIT::emitSlow_op_sub): Ditto.

2009-05-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Here's a thought: let's not take a jit stub call just to multiply by 1,
        bokay?
        
        imul doesn't set the zero flag, so to test for a zero result, we need
        an explicit instruction. (Luckily, it does set the overflow flag, so
        we can still use that.)

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitMul32InPlace):

2009-05-22  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey "Premature Commit" Garen.

        Add back constant integer cases for op_add.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32Constant):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperandImmediateDouble):
        (JSC::JIT::isOperandConstantImmediateDouble):

2009-05-22  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added fast double cases for op_jnless and op_jnlesseq.

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::JumpList::jumps): New accesor, used by
        addSlowCase.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::ucomisd_rm): New method for comparing register to
        memory.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emit_op_div): Modified emitBinaryDoubleOp to accept comparison/jump
        operations in addition to operations with explicit result registers.

        * jit/JITInlineMethods.h:
        (JSC::JIT::addSlowCase): Added an "addSlowCase" for JumpLists, so clients
        can track multiple jumps to the same slow case condition together.

2009-05-21  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Implement op_negate inline fast cases.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::neg32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::negl_m):
        (JSC::X86Assembler::xorpd_rr):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_negate):
        (JSC::JIT::emitSlow_op_negate):

2009-05-20  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Update the patchOffsetGetByIdSlowCaseCall constant for the
        case that OPCODE_SAMPLING is enabled.

        * jit/JIT.h:

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added support for inline subtraction of doubles.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSlowSub32InPlaceLeft):
        (JSC::JIT::emitBinaryDoubleOp):

2009-05-20  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Added support for inline division.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::divsd_rr):
        (JSC::X86Assembler::divsd_mr):
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitBinaryOp):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        (JSC::JIT::privateCompileSlowCases):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_div):
        (JSC::JIT::emitSlow_op_div):

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added support for inline addition of doubles.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32InPlace):
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Factored inline double operations into a helper function, so that we
        can reuse this code for other math operations.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitBinaryDoubleOp):
        (JSC::JIT::emit_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):

2009-05-20  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added support for inline multiplication of doubles.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::cvtsi2sd_mr): New function, useful for loading an
        int32 into a double register.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul): Filled out these cases for double arithmetic.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::addressFor): New function, useful for addressing a JSValue's
        full 64bits as a double.

2009-05-19  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement and enable optimized calls.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines): Add ENABLE(JIT_OPTIMIZE_CALL) guards
        around the the optimize call only trampolines (virtualCallPreLink and virtualCallLink).
        Update the trampolines to account for the new JSValue representation.
        (JSC::JIT::unlinkCall): Use NULL instead of JSValue noValue. 

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCall): Update to account for the new JSValue representation
        (JSC::JIT::compileOpCallSlowCase): Ditto.

        * jit/JITStubs.h: Remove incorrect !ENABLE(JIT_OPTIMIZE_CALL) guard.

        * wtf/Platform.h: Enable ENABLE_JIT_OPTIMIZE_CALL.

2009-05-19  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement and enable optimized property access.

        * assembler/AbstractMacroAssembler.h: Fix comment.
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines): Remove array length trampoline
        and implement the string length trampoline.
        * jit/JIT.h: Add new constants for patch offsets.
        * jit/JITInlineMethods.h: Remove FIELD_OFFSET which is now in StdLibExtras.h.
        * jit/JITPropertyAccess.cpp: 
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument): Add version of addArgument that takes
        two registers for the tag and payload.
        * jit/JITStubs.cpp:
        (JSC::JITStubs::JITStubs): Remove array length trampoline pointer.
        (JSC::JITStubs::cti_op_get_by_id_self_fail): 
        * jit/JITStubs.h:
        * runtime/JSObject.h:
        (JSC::JSObject::JSObject): Move m_inheritorID below the property storage
        to align it to a 16 byte boundary.
        * wtf/Platform.h: Enable ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
        * wtf/StdLibExtras.h: Move FIELD_OFFSET here.

2009-05-17  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove unneeded ExecState parameter from the number JSValue constructors.

        * runtime/JSValue.h:
        (JSC::jsNumber):
        (JSC::jsNaN):
        (JSC::JSValue::JSValue):

2009-05-15  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented fast path for op_put_by_val when putting to arrays.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):

2009-05-15  Geoffrey Garen  <ggaren@apple.com> (Mostly by Sam)

        Reviewed by Sam Weinig.
        
        Implemented fast path for op_get_by_val when accessing array.

        * jit/JIT.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a failure in fast/js/math-transforms.html caused by failing to
        preserve -0 in multiplication.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::jz):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitMul32Constant):
        (JSC::JIT::emitMul32InPlace): Check both for overflow and for zero when
        doing multiplication. Use a slow case to get these right.

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a bug in the varargs calling convention.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargs): Move the argument count into regT1,
        since that's where ctiVirtualCall expects it to be.

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Fixed a small bug in instanceof's looping code.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof): NULL means the object has no prototype,
        so only loop when *not* equal to NULL.

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed a small bug in instanceof's result writing code.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof): Make sure to fill out the payload bits
        in all cases.

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Removed an invalid assertion in cti_op_urshift which
        depended on a fast path for op_urshift which has
        never existed.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_urshift):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed loop_if_true, which had the same reversed test that jtrue had.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_true):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        In op_neq, we apparently want to check that one value
        does *not* equal another.  Go figure.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_neq):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        The slow case of op_mod should call op_mod's jit stub,
        not op_mul.  That would be dumb.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_mod):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed problems when using 'arguments' due to a half-initialized register.

        * interpreter/CallFrame.h:
        (JSC::ExecState::setCalleeArguments):
        (JSC::ExecState::init): Require a full JSValue when setting up the 
        'arguments' virtual register, since this register is accessible from JIT
        code and bytecode, and needs to be a true JSValue.

        * interpreter/CallFrameClosure.h:
        (JSC::CallFrameClosure::resetCallFrame): ditto

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute): ditto

        * interpreter/Register.h: Removed the constructor that allowed assignment
        of a JSArguments* to a register. That is not safe. See above.

        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_create_arguments):
        (JSC::JITStubs::cti_op_create_arguments_no_params): ditto

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        We really want to go to the slow case in op_jfalse and
        op_jtrue if the value is *not* boolean. 

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jtrue):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Flipped the condition when emitting a an op_loop_if_less or op_loop_if_lesseq
        if the first operand is a constant.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Added missing return in op_jnless and op_jnlesseq. 

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):

2009-05-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Load constants into the the register file as a temporary measure to
        aid bring up.  This allows us to use to treat constants like any
        other virtual register.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):

2009-05-14  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_strict_eq. Original patch by Snowy, by way of Sam and Gavin.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::set8): Added set8, since it's slightly
        faster than set32, and the new value representation usually doesn't
        need set32.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadTag):
        (JSC::JIT::emitLoadPayload): Added helper functions for dealing with
        constants. Eventually, we should write special cases for all constants,
        but these are helpful in the short term.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::compileOpStrictEq):
        (JSC::JIT::emitSlow_op_stricteq):
        (JSC::JIT::emitSlow_op_nstricteq): teh opcodez.

        * runtime/JSValue.h:
        (JSC::JSValue::):
        (JSC::JSValue::isDouble): Added a LowestTag for clarity.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Fixed some bugs in host function calls.
        
        testapi now passes!

        * jit/JIT.cpp: Changed some registers around to avoid overwriting edx:eax,
        which is how JSValues are now returned. Also changed the code that
        passes thisValue to pass the full 64bits of the value. Also added
        an #error compiler directive to other platform builds, since the JSValue
        return signature probably won't return in edx:eax on those platforms,
        and we'll have to investigate a solution.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Removed parameters from functions that are intended never to use their
        parameters.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Ported op_instance_of from TOT. It's basically the same, but some register
        stuff changed to memory stuff.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        (JSC::JIT::emitStore): Changed to use helper functions.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emitSlow_op_instanceof): Ported from TOT.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Gavin Barraclough.
        
        Added a comment to explain an exception-handling subtelty that we found
        hard to remember when reviewing my last patch.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_catch):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented try/catch.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw): Updated to use JITStackFrame abstraction.
        (JSC::JIT::emit_op_catch): Filled out.

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented op_loop_if_true, op_jfalse, op_jtrue, op_jeq_null and op_jneq_null

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_instanceof): Moved from below to be next to its
        fast brother.

        (JSC::JIT::emit_op_loop_if_true): Similar to the old version
        in that it tries to do the integer case first and reduce the
        number of jumps you might need to take.
        (JSC::JIT::emitSlow_op_loop_if_true):

        (JSC::JIT::emit_op_jfalse): Very similar to op_loop_if_true, only
        the inverse and without a timeout check.
        (JSC::JIT::emitSlow_op_jfalse):

        (JSC::JIT::emit_op_jtrue): Very similar to op_loop_if_true except
        without the timeout check.
        (JSC::JIT::emitSlow_op_jtrue):

        (JSC::JIT::emit_op_jeq_null): Very similar to the implementation
        of op_eq, except it takes jumps instead of copying the condition
        to a dst.
        (JSC::JIT::emit_op_jneq_null): Ditto but for op_neq.

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_call_varargs.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::emit_op_call):
        (JSC::JIT::emit_op_call_eval):
        (JSC::JIT::emit_op_load_varargs):
        (JSC::JIT::emit_op_call_varargs):
        (JSC::JIT::emit_op_construct):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jneq_ptr):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_call_eval.

        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpCall):
        * jit/JITStubCall.h:
        (JSC::CallEvalJITStub::CallEvalJITStub):

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Implemented op_not. (Gavin did most of the work!)

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emitSlow_op_not):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Implemented op_global_resolve.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq): Added back accidentally removed
        early returns. 

        (JSC::JIT::emit_op_resolve_global):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::cti_op_resolve_global): Pretty similar to the old code,
        but we need two reads and a TimesEight step in order to account for the
        64bit value size.

        * jit/JITStubs.h:
        (JSC::): Slightly tweaked this code to specialize for a JSGlobalObject*,
        to avoid having to pass an irrelevant tag pointer to the stub.

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented op_to_jsnumber.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emitSlow_op_to_jsnumber):

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implemented op_convert_this.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emitSlow_op_convert_this):

2009-05-13  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Got basic JS function and constructor calls working.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallSetupArgs):
        (JSC::JIT::compileOpCallVarargsSetupArgs):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::emit_op_ret):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emitSlow_op_construct_verify):
        (JSC::JIT::emitSlow_op_call):
        (JSC::JIT::emitSlow_op_call_eval):
        (JSC::JIT::emitSlow_op_call_varargs):
        (JSC::JIT::emitSlow_op_construct):
        (JSC::JIT::compileOpCall): Filled out these cases, with call_eval #if'd out.

        * jit/JITInlineMethods.h:
        (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
        (JSC::JIT::emitLoad): Restored some legacy "*CTIArg*" functions,
        since I wanted to avoid the complexity of revamping the API here while
        trying to bring it up. Eventually, we should re-remove all of these functions.

        (JSC::JIT::recordJumpTarget): Removed unnecessary macro cruft. You will
        not silence me, Sam Weinig! The world will know that you are a crufty,
        crufty, crufty programmer!!!

        * jit/JITOpcodes.cpp:
        * jit/JITStubs.cpp:
        (JSC::):
        * jit/JITStubs.h: Changed up some offsets in the JITStackFrame class, since
        and off-by-one error was causing stack misalignment.

2009-05-13  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_eq_null and op_neq_null.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::set8):
        (JSC::MacroAssemblerX86Common::setTest8):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_stricteq):
        (JSC::JIT::emitSlow_op_stricteq):
        (JSC::JIT::emit_op_nstricteq):
        (JSC::JIT::emitSlow_op_nstricteq):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        * jsc.cpp:

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_new_error.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_error):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument): Add a version of addArgument
        that takes a constant JSValue.

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove now unused emitGetVariableObjectRegister and emitPutVariableObjectRegister.

        * jit/JIT.cpp:
        * jit/JIT.h:

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_to_primitive and op_next_pname.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emitSlow_op_construct_verify):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emitSlow_op_to_primitive):
        (JSC::JIT::emitSlow_op_loop_if_true):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_next_pname):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add op_get_global_var, op_put_global_var, emit_op_get_scoped_var, emit_op_put_scoped_var and
        op_unexpected_load.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::tagFor):
        (JSC::JIT::payloadFor):
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitStore):
        (JSC::JIT::emitLoadReturnValue):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_unexpected_load):

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Added overflow handling to op_sub.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSlowSub32InPlaceLeft):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove a function call by folding op_get_by_id and op_put_by_id into
        their respective compile functions.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::emitSlow_op_put_by_id):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Make JITStubCall work in 64bit by making the stack index
        step dependent on the size of void*.

        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::addArgument):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement simple version of property access opcodes
        which just call a stub functions.

        * jit/JITOpcodes.cpp:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emitSlow_op_put_by_id):
        (JSC::JIT::emitSlow_op_get_by_id):
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emit_op_put_by_index):
        (JSC::JIT::emit_op_put_getter):
        (JSC::JIT::emit_op_put_setter):
        (JSC::JIT::emit_op_del_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::addArgument):
        * jsc.cpp:

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added work-around for XCode debugging echo problem.

        * jsc.cpp:
        (runInteractive):

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added overflow handling to op_add.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlowAdd32InPlace):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add slow cases for op_jnless or emit_op_jnlesseq.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add implementations for op_jnless, emit_op_jnlesseq, op_loop_if_less and op_loop_if_lesseq.
        No slow cases for op_jnless or emit_op_jnlesseq yet.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emitSlow_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emitSlow_op_loop_if_lesseq):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Turn the RECORD_JUMP_TARGET macro into an inline function.

        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::recordJumpTarget):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_jsr):
        (JSC::JIT::emit_op_jmp_scopes):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Add MacroAssemblerX86Common::set8 to fix the build.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::set8):

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Added overflow recovery for pre_inc and pre_dec.
        
        Turned some short-circuit code into early returns, as is the WebKit style.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_dec):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_jmp, op_loop, op_eq and op_neq.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_loop):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emitSlow_op_eq):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emitSlow_op_neq):
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement the slow cases for arithmetic opcodes.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emitSlow_op_bitand):
        (JSC::JIT::emitSlow_op_bitor):
        (JSC::JIT::emitSlow_op_bitxor):
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitSlow_op_mod):
        (JSC::JIT::emit_op_mod):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Implement op_bitnot.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::not32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::notl_m):
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_bitnot):

2009-05-12  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add arithmetic opcode implementations from the old nitro-extreme branch.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitBitAnd32Constant):
        (JSC::JIT::emitBitAnd32InPlace):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emitSlow_op_bitor):
        (JSC::JIT::emitBitOr32Constant):
        (JSC::JIT::emitBitOr32InPlace):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emitSlow_op_bitxor):
        (JSC::JIT::emitBitXor32Constant):
        (JSC::JIT::emitBitXor32InPlace):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emitSlow_op_bitnot):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emitAdd32Constant):
        (JSC::JIT::emitAdd32InPlace):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::emitSlow_op_sub):
        (JSC::JIT::emitSub32ConstantLeft):
        (JSC::JIT::emitSub32ConstantRight):
        (JSC::JIT::emitSub32InPlaceLeft):
        (JSC::JIT::emitSub32InPlaceRight):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emitSlow_op_mul):
        (JSC::JIT::emitMul32Constant):
        (JSC::JIT::emitMul32InPlace):
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):
        * jit/JITOpcodes.cpp:

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Removed JIT_OPTIMIZE_ARITHMETIC setting, since it was all about 32bit
        value representations.
        
        Added JSAPIValueWrapper to the repository.

        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        * runtime/JSAPIValueWrapper.cpp: Added.
        (JSC::JSAPIValueWrapper::toPrimitive):
        (JSC::JSAPIValueWrapper::getPrimitiveNumber):
        (JSC::JSAPIValueWrapper::toBoolean):
        (JSC::JSAPIValueWrapper::toNumber):
        (JSC::JSAPIValueWrapper::toString):
        (JSC::JSAPIValueWrapper::toObject):
        * runtime/JSAPIValueWrapper.h: Added.
        (JSC::JSAPIValueWrapper::value):
        (JSC::JSAPIValueWrapper::isAPIValueWrapper):
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        (JSC::jsAPIValueWrapper):
        * wtf/Platform.h:

2009-05-12  Geoffrey Garen  <ggaren@apple.com>

        Turned on the JIT and got it building and running the most trivial of
        programs.
        
        All configurable optimizations are turned off, and a few opcodes are ad
        hoc #if'd out.
        
        So far, I've only merged op_mov and op_end, but some stub-reliant
        opcodes work as-is from TOT.
        
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * bytecode/CodeBlock.h:
        * jit/JIT.cpp:
        (JSC::JIT::compileOpStrictEq):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_lshift):
        (JSC::JIT::emitSlow_op_lshift):
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_rshift):
        (JSC::JIT::emit_op_jnless):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emit_op_jnlesseq):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::emit_op_bitand):
        (JSC::JIT::emitSlow_op_bitand):
        (JSC::JIT::emit_op_post_inc):
        (JSC::JIT::emitSlow_op_post_inc):
        (JSC::JIT::emit_op_post_dec):
        (JSC::JIT::emitSlow_op_post_dec):
        (JSC::JIT::emit_op_pre_inc):
        (JSC::JIT::emitSlow_op_pre_inc):
        (JSC::JIT::emit_op_pre_dec):
        (JSC::JIT::emitSlow_op_pre_dec):
        (JSC::JIT::emit_op_mod):
        (JSC::JIT::emitSlow_op_mod):
        (JSC::JIT::emit_op_add):
        (JSC::JIT::emit_op_mul):
        (JSC::JIT::emit_op_sub):
        (JSC::JIT::compileBinaryArithOpSlowCase):
        (JSC::JIT::emitSlow_op_add):
        (JSC::JIT::emitSlow_op_mul):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpConstructSetupArgs):
        (JSC::JIT::compileOpCallVarargs):
        (JSC::JIT::compileOpCall):
        (JSC::JIT::compileOpCallSlowCase):
        * jit/JITInlineMethods.h:
        (JSC::JIT::getConstantOperandImmediateInt):
        (JSC::JIT::isOperandConstantImmediateInt):
        (JSC::JIT::emitInitRegister):
        (JSC::JIT::addSlowCase):
        (JSC::JIT::addJump):
        (JSC::JIT::emitJumpSlowToHot):
        (JSC::JIT::tagFor):
        (JSC::JIT::payloadFor):
        (JSC::JIT::emitLoad):
        (JSC::JIT::emitLoadReturnValue):
        (JSC::JIT::emitStore):
        (JSC::JIT::emitStoreReturnValue):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_mov):
        (JSC::JIT::emit_op_end):
        (JSC::JIT::emit_op_jmp):
        (JSC::JIT::emit_op_loop):
        (JSC::JIT::emit_op_loop_if_less):
        (JSC::JIT::emit_op_loop_if_lesseq):
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_global_var):
        (JSC::JIT::emit_op_put_global_var):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_tear_off_activation):
        (JSC::JIT::emit_op_ret):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emit_op_to_primitive):
        (JSC::JIT::emit_op_loop_if_true):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_not):
        (JSC::JIT::emit_op_jfalse):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_jneq_ptr):
        (JSC::JIT::emit_op_unexpected_load):
        (JSC::JIT::emit_op_eq):
        (JSC::JIT::emit_op_bitnot):
        (JSC::JIT::emit_op_jtrue):
        (JSC::JIT::emit_op_neq):
        (JSC::JIT::emit_op_bitxor):
        (JSC::JIT::emit_op_bitor):
        (JSC::JIT::emit_op_throw):
        (JSC::JIT::emit_op_next_pname):
        (JSC::JIT::emit_op_push_scope):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_push_new_scope):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_switch_imm):
        (JSC::JIT::emit_op_switch_char):
        (JSC::JIT::emit_op_switch_string):
        (JSC::JIT::emit_op_new_error):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call):
        (JSC::JIT::emitSlow_op_construct_verify):
        (JSC::JIT::emitSlow_op_get_by_val):
        (JSC::JIT::emitSlow_op_loop_if_less):
        (JSC::JIT::emitSlow_op_loop_if_lesseq):
        (JSC::JIT::emitSlow_op_put_by_val):
        (JSC::JIT::emitSlow_op_not):
        (JSC::JIT::emitSlow_op_instanceof):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emit_op_put_by_index):
        (JSC::JIT::emit_op_put_getter):
        (JSC::JIT::emit_op_put_setter):
        (JSC::JIT::emit_op_del_by_id):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::compilePutByIdHotPath):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::JITStubCall):
        (JSC::JITStubCall::addArgument):
        (JSC::JITStubCall::call):
        (JSC::JITStubCall::):
        (JSC::CallEvalJITStub::CallEvalJITStub):
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::JITStubs::cti_op_add):
        (JSC::JITStubs::cti_op_pre_inc):
        (JSC::JITStubs::cti_op_mul):
        (JSC::JITStubs::cti_op_get_by_val):
        (JSC::JITStubs::cti_op_get_by_val_string):
        (JSC::JITStubs::cti_op_get_by_val_byte_array):
        (JSC::JITStubs::cti_op_sub):
        (JSC::JITStubs::cti_op_put_by_val):
        (JSC::JITStubs::cti_op_put_by_val_array):
        (JSC::JITStubs::cti_op_put_by_val_byte_array):
        (JSC::JITStubs::cti_op_negate):
        (JSC::JITStubs::cti_op_div):
        (JSC::JITStubs::cti_op_pre_dec):
        (JSC::JITStubs::cti_op_post_inc):
        (JSC::JITStubs::cti_op_eq):
        (JSC::JITStubs::cti_op_lshift):
        (JSC::JITStubs::cti_op_bitand):
        (JSC::JITStubs::cti_op_rshift):
        (JSC::JITStubs::cti_op_bitnot):
        (JSC::JITStubs::cti_op_mod):
        (JSC::JITStubs::cti_op_neq):
        (JSC::JITStubs::cti_op_post_dec):
        (JSC::JITStubs::cti_op_urshift):
        (JSC::JITStubs::cti_op_bitxor):
        (JSC::JITStubs::cti_op_bitor):
        (JSC::JITStubs::cti_op_switch_imm):
        * jit/JITStubs.h:
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * runtime/JSValue.h:
        (JSC::JSValue::payload):
        * wtf/Platform.h:

2009-05-07  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Add some new MacroAssembler and assembler functions that will be needed shortly.

        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::add32):
        (JSC::MacroAssemblerX86Common::and32):
        (JSC::MacroAssemblerX86Common::mul32):
        (JSC::MacroAssemblerX86Common::neg32):
        (JSC::MacroAssemblerX86Common::or32):
        (JSC::MacroAssemblerX86Common::sub32):
        (JSC::MacroAssemblerX86Common::xor32):
        (JSC::MacroAssemblerX86Common::branchAdd32):
        (JSC::MacroAssemblerX86Common::branchMul32):
        (JSC::MacroAssemblerX86Common::branchSub32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::addl_rm):
        (JSC::X86Assembler::andl_mr):
        (JSC::X86Assembler::andl_rm):
        (JSC::X86Assembler::andl_im):
        (JSC::X86Assembler::negl_r):
        (JSC::X86Assembler::notl_r):
        (JSC::X86Assembler::orl_rm):
        (JSC::X86Assembler::orl_im):
        (JSC::X86Assembler::subl_rm):
        (JSC::X86Assembler::xorl_mr):
        (JSC::X86Assembler::xorl_rm):
        (JSC::X86Assembler::xorl_im):
        (JSC::X86Assembler::imull_mr):

2009-05-11  Sam Weinig  <sam@webkit.org>

        Reviewed by Cameron Zwarich.

        Remove the NumberHeap.

        * JavaScriptCore.exp:
        * runtime/Collector.cpp:
        (JSC::Heap::Heap):
        (JSC::Heap::destroy):
        (JSC::Heap::recordExtraCost):
        (JSC::Heap::heapAllocate):
        (JSC::Heap::markConservatively):
        (JSC::Heap::sweep):
        (JSC::Heap::collect):
        (JSC::Heap::objectCount):
        (JSC::Heap::statistics):
        (JSC::typeName):
        (JSC::Heap::isBusy):
        * runtime/Collector.h:
        (JSC::Heap::globalData):
        * runtime/JSCell.h:

2009-05-11  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Land initial commit of new number representation for 32 bit platforms,
        with JIT disabled.

        * API/APICast.h:
        (toJS):
        (toRef):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::hasInstance):
        (JSC::::toNumber):
        (JSC::::toString):
        * API/tests/testapi.c:
        (EvilExceptionObject_convertToType):
        * AllInOneFile.cpp:
        * JavaScriptCore.exp:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::valueToSourceString):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitUnexpectedLoad):
        (JSC::keyForImmediateSwitch):
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::privateExecute):
        * parser/Nodes.cpp:
        (JSC::ArrayNode::emitBytecode):
        (JSC::processClauseList):
        * runtime/ArgList.h:
        * runtime/Collector.h:
        (JSC::sizeof):
        * runtime/DateMath.cpp:
        * runtime/ExceptionHelpers.h:
        * runtime/InitializeThreading.cpp:
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        * runtime/JSCell.cpp:
        * runtime/JSCell.h:
        (JSC::JSCell::isAPIValueWrapper):
        (JSC::JSValue::isString):
        (JSC::JSValue::isGetterSetter):
        (JSC::JSValue::isObject):
        (JSC::JSValue::getString):
        (JSC::JSValue::getObject):
        (JSC::JSValue::getCallData):
        (JSC::JSValue::getConstructData):
        (JSC::JSValue::getUInt32):
        (JSC::JSValue::marked):
        (JSC::JSValue::toPrimitive):
        (JSC::JSValue::getPrimitiveNumber):
        (JSC::JSValue::toBoolean):
        (JSC::JSValue::toNumber):
        (JSC::JSValue::toString):
        (JSC::JSValue::needsThisConversion):
        (JSC::JSValue::toThisString):
        (JSC::JSValue::getJSNumber):
        (JSC::JSValue::toObject):
        (JSC::JSValue::toThisObject):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * runtime/JSGlobalData.h:
        * runtime/JSGlobalObject.h:
        (JSC::Structure::prototypeForLookup):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):
        * runtime/JSImmediate.h:
        * runtime/JSNumberCell.cpp: Removed.
        * runtime/JSNumberCell.h: Removed.
        * runtime/JSObject.h:
        (JSC::JSValue::get):
        (JSC::JSValue::put):
        * runtime/JSString.h:
        (JSC::JSValue::toThisJSString):
        * runtime/JSValue.cpp:
        (JSC::JSValue::toInteger):
        (JSC::JSValue::toIntegerPreserveNaN):
        (JSC::JSValue::toObjectSlowCase):
        (JSC::JSValue::toThisObjectSlowCase):
        (JSC::JSValue::synthesizeObject):
        (JSC::JSValue::synthesizePrototype):
        (JSC::JSValue::description):
        (JSC::nonInlineNaN):
        * runtime/JSValue.h:
        (JSC::JSValue::):
        (JSC::EncodedJSValueHashTraits::emptyValue):
        (JSC::jsNaN):
        (JSC::operator==):
        (JSC::operator!=):
        (JSC::toInt32):
        (JSC::toUInt32):
        (JSC::JSValue::encode):
        (JSC::JSValue::decode):
        (JSC::JSValue::JSValue):
        (JSC::JSValue::operator bool):
        (JSC::JSValue::operator==):
        (JSC::JSValue::operator!=):
        (JSC::JSValue::isUndefined):
        (JSC::JSValue::isNull):
        (JSC::JSValue::isUndefinedOrNull):
        (JSC::JSValue::isCell):
        (JSC::JSValue::isInt32):
        (JSC::JSValue::isUInt32):
        (JSC::JSValue::isDouble):
        (JSC::JSValue::isTrue):
        (JSC::JSValue::isFalse):
        (JSC::JSValue::tag):
        (JSC::JSValue::asInt32):
        (JSC::JSValue::asUInt32):
        (JSC::JSValue::asDouble):
        (JSC::JSValue::asCell):
        (JSC::JSValue::isNumber):
        (JSC::JSValue::isBoolean):
        (JSC::JSValue::getBoolean):
        (JSC::JSValue::uncheckedGetNumber):
        (JSC::JSValue::toJSNumber):
        (JSC::JSValue::getNumber):
        (JSC::JSValue::toInt32):
        (JSC::JSValue::toUInt32):
        * runtime/Operations.h:
        (JSC::JSValue::equal):
        (JSC::JSValue::equalSlowCaseInline):
        (JSC::JSValue::strictEqual):
        (JSC::JSValue::strictEqualSlowCaseInline):
        (JSC::jsLess):
        (JSC::jsLessEq):
        (JSC::jsAdd):
        * runtime/PropertySlot.h:
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncCharAt):
        (JSC::stringProtoFuncCharCodeAt):
        (JSC::stringProtoFuncIndexOf):
        * wtf/Platform.h:

=== Start merge of nitro-extreme branch 2009-07-30 ===

2009-07-29  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by George Staikos.

        Resolve class/struct mixup in forward declarations
        https://bugs.webkit.org/show_bug.cgi?id=27708

        * API/JSClassRef.h:
        * bytecode/SamplingTool.h:
        * interpreter/Interpreter.h:
        * jit/JIT.h:
        * profiler/ProfileGenerator.h:
        * profiler/Profiler.h:
        * runtime/ClassInfo.h:
        * runtime/ExceptionHelpers.h:
        * runtime/JSByteArray.h:
        * runtime/JSCell.h:
        * runtime/JSFunction.h:
        * runtime/JSGlobalData.h:
        * runtime/JSObject.h:
        * runtime/JSString.h:

2009-07-28  Ada Chan  <adachan@apple.com>        

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=27236
        - Implement TCMalloc_SystemRelease and TCMalloc_SystemCommit for Windows.
        - Use a background thread to periodically scavenge memory to release back to the system.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::init):
        (WTF::TCMalloc_PageHeap::runScavengerThread):
        (WTF::TCMalloc_PageHeap::scavenge):
        (WTF::TCMalloc_PageHeap::shouldContinueScavenging):
        (WTF::TCMalloc_PageHeap::New):
        (WTF::TCMalloc_PageHeap::AllocLarge):
        (WTF::TCMalloc_PageHeap::Delete):
        (WTF::TCMalloc_PageHeap::GrowHeap):
        (WTF::sleep):
        (WTF::TCMalloc_PageHeap::scavengerThread):
        * wtf/TCSystemAlloc.cpp:
        (TCMalloc_SystemRelease):
        (TCMalloc_SystemCommit):
        * wtf/TCSystemAlloc.h:

2009-07-28  Xan Lopez  <xlopez@igalia.com>

        Add new files, fixes distcheck.

        * GNUmakefile.am:

2009-07-28  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        [Qt] Determining whether to use JIT or interpreter
        moved from JavaScriptCore.pri to Platform.h

        * JavaScriptCore.pri:
        * wtf/Platform.h:

2009-07-27  Brian Weinstein  <bweinstein@apple.com>

        Fix of misuse of sort command.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-27  Brian Weinstein  <bweinstein@apple.com>

        Build fix for Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-27  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Oliver Hunt.

        Fix tyop in JIT, renamed preverveReturnAddressAfterCall -> preserveReturnAddressAfterCall.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::preserveReturnAddressAfterCall):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):

2009-07-27  Alexey Proskuryakov  <ap@webkit.org>

        Gtk build fix.

        * runtime/JSLock.cpp: (JSC::JSLock::JSLock): Fix "no threading" case.

2009-07-27  Alexey Proskuryakov  <ap@webkit.org>

        Release build fix.

        * runtime/JSLock.h: (JSC::JSLock::~JSLock):

2009-07-27  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=27735
        Give a helpful name to JSLock constructor argument

        * API/JSBase.cpp:
        (JSGarbageCollect):
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        (JSPropertyNameArrayRelease):
        (JSPropertyNameAccumulatorAddName):
        * JavaScriptCore.exp:
        * jsc.cpp:
        (functionGC):
        (cleanupGlobalData):
        (jscmain):
        * runtime/Collector.cpp:
        (JSC::Heap::destroy):
        * runtime/JSLock.cpp:
        (JSC::JSLock::JSLock):
        (JSC::JSLock::lock):
        (JSC::JSLock::unlock):
        (JSC::JSLock::DropAllLocks::DropAllLocks):
        (JSC::JSLock::DropAllLocks::~DropAllLocks):
        * runtime/JSLock.h:
        (JSC::):
        (JSC::JSLock::JSLock):
        (JSC::JSLock::~JSLock):

2009-07-25  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Eric Seidel.

        Allow custom memory allocation control for OpaqueJSPropertyNameArray struct
        https://bugs.webkit.org/show_bug.cgi?id=27342

        Inherits OpaqueJSPropertyNameArray struct from FastAllocBase because it has been
        instantiated by 'new' JavaScriptCore/API/JSObjectRef.cpp:473.

        * API/JSObjectRef.cpp:

2009-07-24  Ada Chan  <adachan@apple.com>

        In preparation for https://bugs.webkit.org/show_bug.cgi?id=27236:
        Remove TCMALLOC_TRACK_DECOMMITED_SPANS.  We'll always track decommitted spans.
        We have tested this and show it has little impact on performance.

        Reviewed by Mark Rowe.

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::New):
        (WTF::TCMalloc_PageHeap::AllocLarge):
        (WTF::propagateDecommittedState):
        (WTF::mergeDecommittedStates):
        (WTF::TCMalloc_PageHeap::Delete):
        (WTF::TCMalloc_PageHeap::IncrementalScavenge):

2009-07-24  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Darin Adler and Adam Barth.

        Build fix for x86 platforms.
        https://bugs.webkit.org/show_bug.cgi?id=27602

        * jit/JIT.cpp:

2009-07-23  Kevin Ollivier  <kevino@theolliviers.com>

        wx build fix, adding missing header.

        * jit/JIT.cpp:

2009-07-22  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        Add wince specific memory files into wtf/wince
        https://bugs.webkit.org/show_bug.cgi?id=27550

        * wtf/wince/FastMallocWince.h: Added.
        * wtf/wince/MemoryManager.cpp: Added.
        * wtf/wince/MemoryManager.h: Added.

2009-07-23  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Simon Hausmann.

        Fix for missing mmap features in Symbian
        https://bugs.webkit.org/show_bug.cgi?id=24540

        Fix, conditionally for PLATFORM(SYMBIAN), as an alternative 
        to missing support for the MAP_ANON property flag in mmap. 
        It utilizes Symbian specific memory allocation features.

        * runtime/Collector.cpp

2009-07-22  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        With ENABLE(ASSEMBLER_WX_EXCLUSIVE), only change permissions once per repatch event.
        ( https://bugs.webkit.org/show_bug.cgi?id=27564 )

        Currently we change permissions forwards and backwards for each instruction modified,
        instead we should only change permissions once per complete repatching event.

        2.5% progression running with ENABLE(ASSEMBLER_WX_EXCLUSIVE) enabled,
        which recoups 1/3 of the penalty of running with this mode enabled.

        * assembler/ARMAssembler.cpp:
        (JSC::ARMAssembler::linkBranch):
            - Replace usage of MakeWritable with cacheFlush.
        
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::patchPointerInternal):
        (JSC::ARMAssembler::repatchLoadPtrToLEA):
            - Replace usage of MakeWritable with cacheFlush.

        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::relinkJump):
        (JSC::ARMv7Assembler::relinkCall):
        (JSC::ARMv7Assembler::repatchInt32):
        (JSC::ARMv7Assembler::repatchPointer):
        (JSC::ARMv7Assembler::repatchLoadPtrToLEA):
        (JSC::ARMv7Assembler::setInt32):
            - Replace usage of MakeWritable with cacheFlush.

        * assembler/LinkBuffer.h:
        (JSC::LinkBuffer::performFinalization):
            - Make explicit call to cacheFlush.

        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
            - Make size always available.

        * assembler/RepatchBuffer.h:
        (JSC::RepatchBuffer::RepatchBuffer):
        (JSC::RepatchBuffer::~RepatchBuffer):
            - Add calls to MakeWritable & makeExecutable.

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::relinkJump):
        (JSC::X86Assembler::relinkCall):
        (JSC::X86Assembler::repatchInt32):
        (JSC::X86Assembler::repatchPointer):
        (JSC::X86Assembler::repatchLoadPtrToLEA):
            - Remove usage of MakeWritable.

        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::getJITCode):
            - Provide access to CodeBlock's JITCode.

        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::makeExecutable):
        (JSC::ExecutableAllocator::cacheFlush):
            - Remove MakeWritable, make cacheFlush public.

        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
        (JSC::JIT::privateCompile):
        (JSC::JIT::unlinkCall):
        (JSC::JIT::linkCall):
            - Add CodeBlock argument to RepatchBuffer.

        * jit/JIT.h:
            - Pass CodeBlock argument for use by RepatchBuffer.

        * jit/JITCode.h:
        (JSC::JITCode::start):
        (JSC::JITCode::size):
            - Provide access to code start & size.

        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::patchGetByIdSelf):
        (JSC::JIT::patchMethodCallProto):
        (JSC::JIT::patchPutByIdReplace):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdSelfList):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):
            - Add CodeBlock argument to RepatchBuffer.

        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
            - Pass CodeBlock argument for use by RepatchBuffer.

2009-07-21  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Cache not only the structure of the method, but the
        structure of its prototype as well.
        https://bugs.webkit.org/show_bug.cgi?id=27077

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        * bytecode/CodeBlock.h:
        (JSC::MethodCallLinkInfo::MethodCallLinkInfo):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::patchMethodCallProto):

2009-07-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Move call linking / repatching down from AbstractMacroAssembler into MacroAssemblerARCH classes.
        ( https://bugs.webkit.org/show_bug.cgi?id=27527 )

        This allows the implementation to be defined per architecture.  Specifically this addresses the
        fact that x86-64 MacroAssembler implements far calls as a load to register, followed by a call
        to register.  Patching the call actually requires the pointer load to be patched, rather than
        the call to be patched.  This is implementation detail specific to MacroAssemblerX86_64, and as
        such is best handled there.

        * assembler/AbstractMacroAssembler.h:
        * assembler/MacroAssemblerARM.h:
        (JSC::MacroAssemblerARM::linkCall):
        (JSC::MacroAssemblerARM::repatchCall):
        * assembler/MacroAssemblerARMv7.h:
        (JSC::MacroAssemblerARMv7::linkCall):
        (JSC::MacroAssemblerARMv7::repatchCall):
        * assembler/MacroAssemblerX86.h:
        (JSC::MacroAssemblerX86::linkCall):
        (JSC::MacroAssemblerX86::repatchCall):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::linkCall):
        (JSC::MacroAssemblerX86_64::repatchCall):

2009-07-21  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by George Staikos.

        Every wtf file includes other wtf files with <> style includes
        except this one.  Fix the exception.

        * wtf/ByteArray.h:

2009-07-21  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Move LinkBuffer/RepatchBuffer out of AbstractMacroAssembler.
        ( https://bugs.webkit.org/show_bug.cgi?id=27485 )

        This change is the first step in a process to move code that should be in
        the architecture-specific MacroAssembler classes up out of Assmbler and
        AbstractMacroAssembler.

        * JavaScriptCore.xcodeproj/project.pbxproj:
            - added new files
        
        * assembler/ARMAssembler.h:
        (JSC::ARMAssembler::linkPointer):
            - rename patchPointer to bring it in line with the current link/repatch naming scheme
        
        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::linkCall):
        (JSC::ARMv7Assembler::linkPointer):
        (JSC::ARMv7Assembler::relinkCall):
        (JSC::ARMv7Assembler::repatchInt32):
        (JSC::ARMv7Assembler::repatchPointer):
        (JSC::ARMv7Assembler::setInt32):
        (JSC::ARMv7Assembler::setPointer):
            - rename patchPointer to bring it in line with the current link/repatch naming scheme

        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::linkJump):
        (JSC::AbstractMacroAssembler::linkCall):
        (JSC::AbstractMacroAssembler::linkPointer):
        (JSC::AbstractMacroAssembler::getLinkerAddress):
        (JSC::AbstractMacroAssembler::getLinkerCallReturnOffset):
        (JSC::AbstractMacroAssembler::repatchJump):
        (JSC::AbstractMacroAssembler::repatchCall):
        (JSC::AbstractMacroAssembler::repatchNearCall):
        (JSC::AbstractMacroAssembler::repatchInt32):
        (JSC::AbstractMacroAssembler::repatchPointer):
        (JSC::AbstractMacroAssembler::repatchLoadPtrToLEA):
            - remove the LinkBuffer/RepatchBuffer classes, but leave a set of (private, friended) methods to interface to the Assembler

        * assembler/LinkBuffer.h: Added.
        (JSC::LinkBuffer::LinkBuffer):
        (JSC::LinkBuffer::~LinkBuffer):
        (JSC::LinkBuffer::link):
        (JSC::LinkBuffer::patch):
        (JSC::LinkBuffer::locationOf):
        (JSC::LinkBuffer::locationOfNearCall):
        (JSC::LinkBuffer::returnAddressOffset):
        (JSC::LinkBuffer::finalizeCode):
        (JSC::LinkBuffer::finalizeCodeAddendum):
        (JSC::LinkBuffer::code):
        (JSC::LinkBuffer::performFinalization):
            - new file containing the LinkBuffer class, previously a member of AbstractMacroAssembler

        * assembler/RepatchBuffer.h: Added.
        (JSC::RepatchBuffer::RepatchBuffer):
        (JSC::RepatchBuffer::relink):
        (JSC::RepatchBuffer::repatch):
        (JSC::RepatchBuffer::repatchLoadPtrToLEA):
        (JSC::RepatchBuffer::relinkCallerToTrampoline):
        (JSC::RepatchBuffer::relinkCallerToFunction):
        (JSC::RepatchBuffer::relinkNearCallerToTrampoline):
            - new file containing the RepatchBuffer class, previously a member of AbstractMacroAssembler

        * assembler/X86Assembler.h:
        (JSC::X86Assembler::linkJump):
        (JSC::X86Assembler::linkCall):
        (JSC::X86Assembler::linkPointerForCall):
        (JSC::X86Assembler::linkPointer):
        (JSC::X86Assembler::relinkJump):
        (JSC::X86Assembler::relinkCall):
        (JSC::X86Assembler::repatchInt32):
        (JSC::X86Assembler::repatchPointer):
        (JSC::X86Assembler::setPointer):
        (JSC::X86Assembler::setInt32):
        (JSC::X86Assembler::setRel32):
            - rename patchPointer to bring it in line with the current link/repatch naming scheme

        * jit/JIT.cpp:
        (JSC::ctiPatchNearCallByReturnAddress):
        (JSC::ctiPatchCallByReturnAddress):
            - include new headers
            - remove MacroAssembler:: specification from RepatchBuffer usage

        * jit/JITPropertyAccess.cpp:
        * yarr/RegexJIT.cpp:
            - include new headers

2009-07-21  Robert Agoston  <Agoston.Robert@stud.u-szeged.hu>

        Reviewed by David Levin.

        Fixed #undef typo.
        https://bugs.webkit.org/show_bug.cgi?id=27506

        * bytecode/Opcode.h:

2009-07-21  Adam Roben  <aroben@apple.com>

        Roll out r46153, r46154, and r46155

        These changes were causing build failures and assertion failures on
        Windows.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSArray.cpp:
        * runtime/StringPrototype.cpp:
        * runtime/UString.cpp:
        * runtime/UString.h:
        * wtf/FastMalloc.cpp:
        * wtf/FastMalloc.h:
        * wtf/Platform.h:
        * wtf/PossiblyNull.h: Removed.

2009-07-21  Roland Steiner  <rolandsteiner@google.com>

        Reviewed by David Levin.

        Add ENABLE_RUBY to list of build options
        https://bugs.webkit.org/show_bug.cgi?id=27324

        * Configurations/FeatureDefines.xcconfig: Added flag ENABLE_RUBY.

2009-07-20  Oliver Hunt  <oliver@apple.com>

        Build fix attempt #2

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-20  Oliver Hunt  <oliver@apple.com>

        Build fix attempt #1

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-20  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        Make it harder to misuse try* allocation routines
        https://bugs.webkit.org/show_bug.cgi?id=27469

        Jump through a few hoops to make it much harder to accidentally
        miss null-checking of values returned by the try-* allocation
        routines.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * runtime/JSArray.cpp:
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::increaseVectorLength):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncFontsize):
        (JSC::stringProtoFuncLink):
        * runtime/UString.cpp:
        (JSC::allocChars):
        (JSC::reallocChars):
        (JSC::expandCapacity):
        (JSC::UString::Rep::reserveCapacity):
        (JSC::UString::expandPreCapacity):
        (JSC::createRep):
        (JSC::concatenate):
        (JSC::UString::spliceSubstringsWithSeparators):
        (JSC::UString::replaceRange):
        (JSC::UString::append):
        (JSC::UString::operator=):
        * runtime/UString.h:
        (JSC::UString::Rep::createEmptyBuffer):
        * wtf/FastMalloc.cpp:
        (WTF::tryFastZeroedMalloc):
        (WTF::tryFastMalloc):
        (WTF::tryFastCalloc):
        (WTF::tryFastRealloc):
        (WTF::TCMallocStats::tryFastMalloc):
        (WTF::TCMallocStats::tryFastCalloc):
        (WTF::TCMallocStats::tryFastRealloc):
        * wtf/FastMalloc.h:
        (WTF::TryMallocReturnValue::TryMallocReturnValue):
        (WTF::TryMallocReturnValue::~TryMallocReturnValue):
        (WTF::TryMallocReturnValue::operator Maybe<T>):
        (WTF::TryMallocReturnValue::getValue):
        * wtf/PossiblyNull.h:
        (WTF::PossiblyNull::PossiblyNull):
        (WTF::PossiblyNull::~PossiblyNull):
        (WTF::PossiblyNull::getValue):
        * wtf/Platform.h:

2009-07-20  Gavin Barraclough  <barraclough@apple.com>

        RS Oliver Hunt.

        Add ARM assembler files to xcodeproj, for convenience editing.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-07-20  Jessie Berlin  <jberlin@apple.com>

        Reviewed by David Levin.

        Fix an incorrect assertion in Vector::remove.
        
        https://bugs.webkit.org/show_bug.cgi?id=27477

        * wtf/Vector.h:
        (WTF::::remove):
        Assert that the position at which to start removing elements + the
        length (the number of elements to remove) is less than or equal to the
        size of the entire Vector.

2009-07-20  Peter Kasting  <pkasting@google.com>

        Reviewed by Mark Rowe.

        https://bugs.webkit.org/show_bug.cgi?id=27468
        Back out r46060, which caused problems for some Apple developers.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Allow custom memory allocation control in NewThreadContext
        https://bugs.webkit.org/show_bug.cgi?id=27338

        Inherits NewThreadContext struct from FastAllocBase because it
        has been instantiated by 'new' JavaScriptCore/wtf/Threading.cpp:76.

        * wtf/Threading.cpp:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Allow custom memory allocation control in JavaScriptCore's JSClassRef.h
        https://bugs.webkit.org/show_bug.cgi?id=27340

        Inherit StaticValueEntry and StaticFunctionEntry struct from FastAllocBase because these
        have been instantiated by 'new' in JavaScriptCore/API/JSClassRef.cpp:153
        and in JavaScriptCore/API/JSClassRef.cpp:166.

        * API/JSClassRef.h:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control in JavaScriptCore's RegexPattern.h
        https://bugs.webkit.org/show_bug.cgi?id=27343

        Inherits RegexPattern.h's structs (which have been instantiated by operator new) from FastAllocBase:

        CharacterClass (new call: JavaScriptCore/yarr/RegexCompiler.cpp:144)
        PatternAlternative (new call: JavaScriptCore/yarr/RegexPattern.h:221) 
        PatternDisjunction (new call: JavaScriptCore/yarr/RegexCompiler.cpp:446)

        * yarr/RegexPattern.h:

2009-07-20  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's MatchFrame struct
        https://bugs.webkit.org/show_bug.cgi?id=27344

        Inherits MatchFrame struct from FastAllocBase because it has
        been instantiated by 'new' JavaScriptCore/pcre/pcre_exec.cpp:359.

        * pcre/pcre_exec.cpp:

2009-07-20  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Holger Freyther.

        Remove some outdated S60 platform specific code
        https://bugs.webkit.org/show_bug.cgi?id=27423

        * wtf/Platform.h:

2009-07-20  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by Simon Hausmann.

        Qt build fix with MSVC and MinGW.

        * jsc.pro: Make sure jsc is a console application, and turn off
        exceptions and stl support to fix the build.

2009-07-20  Xan Lopez  <xlopez@igalia.com>

        Reviewed by Gustavo Noronha.

        Do not use C++-style comments in preprocessor directives.

        GCC does not like this in some configurations, using C-style
        comments is safer.

        * wtf/Platform.h:

2009-07-17  Peter Kasting  <pkasting@google.com>

        Reviewed by Steve Falkenburg.

        https://bugs.webkit.org/show_bug.cgi?id=27323
        Only add Cygwin to the path when it isn't already there.  This avoids
        causing problems for people who purposefully have non-Cygwin versions of
        executables like svn in front of the Cygwin ones in their paths.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
        * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
        * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-07-17  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Add YARR support for generic ARM platforms (disabled by default).
        https://bugs.webkit.org/show_bug.cgi?id=24986

        Add generic ARM port for MacroAssembler. It supports the whole
        MacroAssembler functionality except floating point.

        The class JmpSrc is extended with a flag which enables to patch
        the jump destination offset during execution. This feature is
        required for generic ARM port.

        Signed off by Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
        Signed off by Gabor Loki <loki@inf.u-szeged.hu>

        * JavaScriptCore.pri:
        * assembler/ARMAssembler.cpp: Added.
        (JSC::ARMAssembler::getLdrImmAddress):
        (JSC::ARMAssembler::linkBranch):
        (JSC::ARMAssembler::patchConstantPoolLoad):
        (JSC::ARMAssembler::getOp2):
        (JSC::ARMAssembler::genInt):
        (JSC::ARMAssembler::getImm):
        (JSC::ARMAssembler::moveImm):
        (JSC::ARMAssembler::dataTransfer32):
        (JSC::ARMAssembler::baseIndexTransfer32):
        (JSC::ARMAssembler::executableCopy):
        * assembler/ARMAssembler.h: Added.
        (JSC::ARM::):
        (JSC::ARMAssembler::ARMAssembler):
        (JSC::ARMAssembler::):
        (JSC::ARMAssembler::JmpSrc::JmpSrc):
        (JSC::ARMAssembler::JmpSrc::enableLatePatch):
        (JSC::ARMAssembler::JmpDst::JmpDst):
        (JSC::ARMAssembler::JmpDst::isUsed):
        (JSC::ARMAssembler::JmpDst::used):
        (JSC::ARMAssembler::emitInst):
        (JSC::ARMAssembler::and_r):
        (JSC::ARMAssembler::ands_r):
        (JSC::ARMAssembler::eor_r):
        (JSC::ARMAssembler::eors_r):
        (JSC::ARMAssembler::sub_r):
        (JSC::ARMAssembler::subs_r):
        (JSC::ARMAssembler::rsb_r):
        (JSC::ARMAssembler::rsbs_r):
        (JSC::ARMAssembler::add_r):
        (JSC::ARMAssembler::adds_r):
        (JSC::ARMAssembler::adc_r):
        (JSC::ARMAssembler::adcs_r):
        (JSC::ARMAssembler::sbc_r):
        (JSC::ARMAssembler::sbcs_r):
        (JSC::ARMAssembler::rsc_r):
        (JSC::ARMAssembler::rscs_r):
        (JSC::ARMAssembler::tst_r):
        (JSC::ARMAssembler::teq_r):
        (JSC::ARMAssembler::cmp_r):
        (JSC::ARMAssembler::orr_r):
        (JSC::ARMAssembler::orrs_r):
        (JSC::ARMAssembler::mov_r):
        (JSC::ARMAssembler::movs_r):
        (JSC::ARMAssembler::bic_r):
        (JSC::ARMAssembler::bics_r):
        (JSC::ARMAssembler::mvn_r):
        (JSC::ARMAssembler::mvns_r):
        (JSC::ARMAssembler::mul_r):
        (JSC::ARMAssembler::muls_r):
        (JSC::ARMAssembler::mull_r):
        (JSC::ARMAssembler::ldr_imm):
        (JSC::ARMAssembler::ldr_un_imm):
        (JSC::ARMAssembler::dtr_u):
        (JSC::ARMAssembler::dtr_ur):
        (JSC::ARMAssembler::dtr_d):
        (JSC::ARMAssembler::dtr_dr):
        (JSC::ARMAssembler::ldrh_r):
        (JSC::ARMAssembler::ldrh_d):
        (JSC::ARMAssembler::ldrh_u):
        (JSC::ARMAssembler::strh_r):
        (JSC::ARMAssembler::push_r):
        (JSC::ARMAssembler::pop_r):
        (JSC::ARMAssembler::poke_r):
        (JSC::ARMAssembler::peek_r):
        (JSC::ARMAssembler::clz_r):
        (JSC::ARMAssembler::bkpt):
        (JSC::ARMAssembler::lsl):
        (JSC::ARMAssembler::lsr):
        (JSC::ARMAssembler::asr):
        (JSC::ARMAssembler::lsl_r):
        (JSC::ARMAssembler::lsr_r):
        (JSC::ARMAssembler::asr_r):
        (JSC::ARMAssembler::size):
        (JSC::ARMAssembler::ensureSpace):
        (JSC::ARMAssembler::label):
        (JSC::ARMAssembler::align):
        (JSC::ARMAssembler::jmp):
        (JSC::ARMAssembler::patchPointerInternal):
        (JSC::ARMAssembler::patchConstantPoolLoad):
        (JSC::ARMAssembler::patchPointer):
        (JSC::ARMAssembler::repatchInt32):
        (JSC::ARMAssembler::repatchPointer):
        (JSC::ARMAssembler::repatchLoadPtrToLEA):
        (JSC::ARMAssembler::linkJump):
        (JSC::ARMAssembler::relinkJump):
        (JSC::ARMAssembler::linkCall):
        (JSC::ARMAssembler::relinkCall):
        (JSC::ARMAssembler::getRelocatedAddress):
        (JSC::ARMAssembler::getDifferenceBetweenLabels):
        (JSC::ARMAssembler::getCallReturnOffset):
        (JSC::ARMAssembler::getOp2Byte):
        (JSC::ARMAssembler::placeConstantPoolBarrier):
        (JSC::ARMAssembler::RM):
        (JSC::ARMAssembler::RS):
        (JSC::ARMAssembler::RD):
        (JSC::ARMAssembler::RN):
        (JSC::ARMAssembler::getConditionalField):
        * assembler/ARMv7Assembler.h:
        (JSC::ARMv7Assembler::JmpSrc::enableLatePatch):
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Call::enableLatePatch):
        (JSC::AbstractMacroAssembler::Jump::enableLatePatch):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerARM.h: Added.
        (JSC::MacroAssemblerARM::):
        (JSC::MacroAssemblerARM::add32):
        (JSC::MacroAssemblerARM::and32):
        (JSC::MacroAssemblerARM::lshift32):
        (JSC::MacroAssemblerARM::mul32):
        (JSC::MacroAssemblerARM::not32):
        (JSC::MacroAssemblerARM::or32):
        (JSC::MacroAssemblerARM::rshift32):
        (JSC::MacroAssemblerARM::sub32):
        (JSC::MacroAssemblerARM::xor32):
        (JSC::MacroAssemblerARM::load32):
        (JSC::MacroAssemblerARM::load32WithAddressOffsetPatch):
        (JSC::MacroAssemblerARM::loadPtrWithPatchToLEA):
        (JSC::MacroAssemblerARM::load16):
        (JSC::MacroAssemblerARM::store32WithAddressOffsetPatch):
        (JSC::MacroAssemblerARM::store32):
        (JSC::MacroAssemblerARM::pop):
        (JSC::MacroAssemblerARM::push):
        (JSC::MacroAssemblerARM::move):
        (JSC::MacroAssemblerARM::swap):
        (JSC::MacroAssemblerARM::signExtend32ToPtr):
        (JSC::MacroAssemblerARM::zeroExtend32ToPtr):
        (JSC::MacroAssemblerARM::branch32):
        (JSC::MacroAssemblerARM::branch16):
        (JSC::MacroAssemblerARM::branchTest32):
        (JSC::MacroAssemblerARM::jump):
        (JSC::MacroAssemblerARM::branchAdd32):
        (JSC::MacroAssemblerARM::mull32):
        (JSC::MacroAssemblerARM::branchMul32):
        (JSC::MacroAssemblerARM::branchSub32):
        (JSC::MacroAssemblerARM::breakpoint):
        (JSC::MacroAssemblerARM::nearCall):
        (JSC::MacroAssemblerARM::call):
        (JSC::MacroAssemblerARM::ret):
        (JSC::MacroAssemblerARM::set32):
        (JSC::MacroAssemblerARM::setTest32):
        (JSC::MacroAssemblerARM::tailRecursiveCall):
        (JSC::MacroAssemblerARM::makeTailRecursiveCall):
        (JSC::MacroAssemblerARM::moveWithPatch):
        (JSC::MacroAssemblerARM::branchPtrWithPatch):
        (JSC::MacroAssemblerARM::storePtrWithPatch):
        (JSC::MacroAssemblerARM::supportsFloatingPoint):
        (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
        (JSC::MacroAssemblerARM::loadDouble):
        (JSC::MacroAssemblerARM::storeDouble):
        (JSC::MacroAssemblerARM::addDouble):
        (JSC::MacroAssemblerARM::subDouble):
        (JSC::MacroAssemblerARM::mulDouble):
        (JSC::MacroAssemblerARM::convertInt32ToDouble):
        (JSC::MacroAssemblerARM::branchDouble):
        (JSC::MacroAssemblerARM::branchTruncateDoubleToInt32):
        (JSC::MacroAssemblerARM::ARMCondition):
        (JSC::MacroAssemblerARM::prepareCall):
        (JSC::MacroAssemblerARM::call32):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::JmpSrc::enableLatePatch):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):

2009-07-17  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Extend AssemblerBuffer with constant pool handling mechanism.
        https://bugs.webkit.org/show_bug.cgi?id=24986

        Add a platform independed constant pool framework.
        This pool can store 32 or 64 bits values which is enough to hold
        any integer, pointer or double constant.

        * assembler/AssemblerBuffer.h:
        (JSC::AssemblerBuffer::putIntUnchecked):
        (JSC::AssemblerBuffer::putInt64Unchecked):
        (JSC::AssemblerBuffer::append):
        (JSC::AssemblerBuffer::grow):
        * assembler/AssemblerBufferWithConstantPool.h: Added.
        (JSC::):

2009-07-17  Eric Roman  <eroman@chromium.org>

        Reviewed by Darin Adler.

        Build fix for non-Darwin.
        Add a guard for inclusion of RetainPtr.h which includes CoreFoundation.h

        https://bugs.webkit.org/show_bug.cgi?id=27382

        * wtf/unicode/icu/CollatorICU.cpp:

2009-07-17  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by John Sullivan.

        Get user default collation order via a CFLocale API when available.

        * wtf/unicode/icu/CollatorICU.cpp: (WTF::Collator::userDefault):

2009-07-17  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Fix the include path for the Symbian port
        https://bugs.webkit.org/show_bug.cgi?id=27358

        * JavaScriptCore.pri:

2009-07-17  Csaba Osztrogonac  <oszi@inf.u-szeged.hu>

        Reviewed by David Levin.

        Build fix on platforms don't have MMAP.
        https://bugs.webkit.org/show_bug.cgi?id=27365

        * interpreter/RegisterFile.h: Including stdio.h irrespectively of HAVE(MMAP)

2009-07-16  Fumitoshi Ukai  <ukai@chromium.org>

        Reviewed by David Levin.

        Add --web-sockets flag and ENABLE_WEB_SOCKETS define.
        https://bugs.webkit.org/show_bug.cgi?id=27206
        
        Add ENABLE_WEB_SOCKETS

        * Configurations/FeatureDefines.xcconfig: add ENABLE_WEB_SOCKETS

2009-07-16  Maxime Simon  <simon.maxime@gmail.com>

        Reviewed by Eric Seidel.

        Added Haiku-specific files for JavaScriptCore.
        https://bugs.webkit.org/show_bug.cgi?id=26620

        * wtf/haiku/MainThreadHaiku.cpp: Added.
        (WTF::initializeMainThreadPlatform):
        (WTF::scheduleDispatchFunctionsOnMainThread):

2009-07-16  Gavin Barraclough  <barraclough@apple.com>

        RS by Oliver Hunt.

        Revert r45969, this fix does not appear to be valid.
        https://bugs.webkit.org/show_bug.cgi?id=27077

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        * jit/JIT.cpp:
        * jit/JIT.h:

2009-07-16  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Allow custom memory allocation control in ExceptionInfo and RareData struct
        https://bugs.webkit.org/show_bug.cgi?id=27336

        Inherits ExceptionInfo and RareData struct from FastAllocBase because these
        have been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.cpp:1289 and
        in JavaScriptCore/bytecode/CodeBlock.h:453.

        Remove unnecessary WTF:: namespace from CodeBlock inheritance.
 
        * bytecode/CodeBlock.h:

2009-07-16  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Geoff Garen.

        Fix FeatureDefines.xcconfig to not be out of sync with the rest of the world.

        * Configurations/FeatureDefines.xcconfig:

2009-07-16  Yong Li  <yong.li@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27320
         _countof is only included in CE6; for CE5 we need to define it ourself

         * wtf/Platform.h:

2009-07-16  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Workers + garbage collector: weird crashes
        https://bugs.webkit.org/show_bug.cgi?id=27077

        We need to unlink cached method call sites when a function is destroyed.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::~CodeBlock):
        (JSC::CodeBlock::unlinkCallers):
        * jit/JIT.cpp:
        (JSC::JIT::unlinkMethodCall):
        * jit/JIT.h:

2009-07-15  Steve Falkenburg  <sfalken@apple.com>

        Windows Build fix.

        Visual Studio reset our intermediate directory on us.
        This sets it back.
        
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:

2009-07-15  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=26794
        Make Yacc-generated parsers to use fastMalloc/fastFree.
        
        Define YYMALLOC and YYFREE to fastMalloc and fastFree
        respectively.

        * parser/Grammar.y:

2009-07-15  Darin Adler  <darin@apple.com>

        Fix a build for a particular Apple configuration.

        * wtf/FastAllocBase.h: Change include to use "" style for
        including another wtf header. This is the style we use for
        including other public headers in the same directory.

2009-07-15  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=27303
        Implement createThreadInternal for WinCE.
        Contains changes by George Staikos <george.staikos@torchmobile.com> and Joe Mason <joe.mason@torchmobile.com>

        * wtf/ThreadingWin.cpp:
        (WTF::createThreadInternal):

2009-07-15  Joe Mason  <joe.mason@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27298
         Platform defines for WINCE.
         Contains changes by Yong Li <yong.li@torchmobile.com>,
         George Staikos <george.staikos@torchmobile.com> and Joe Mason <joe.mason@torchmobile.com>

         * wtf/Platform.h:

2009-07-15  Yong Li  <yong.li@torchmobile.com>

         Reviewed by Adam Treat.

         https://bugs.webkit.org/show_bug.cgi?id=27306
         Use RegisterClass instead of RegisterClassEx on WinCE.

         * wtf/win/MainThreadWin.cpp:
         (WTF::initializeMainThreadPlatform):

2009-07-15  Yong Li  <yong.li@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27301
         Use OutputDebugStringW on WinCE since OutputDebugStringA is not supported
         Originally written by Yong Li <yong.li@torchmobile.com> and refactored by
         Joe Mason <joe.mason@torchmobile.com>

         * wtf/Assertions.cpp: vprintf_stderr_common

2009-07-15  Yong Li  <yong.li@torchmobile.com>

         Reviewed by George Staikos.

         https://bugs.webkit.org/show_bug.cgi?id=27020
         msToGregorianDateTime should set utcOffset to 0 when outputIsUTC is false

         * wtf/DateMath.cpp:
         (WTF::gregorianDateTimeToMS):

2009-07-15  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Cleanup - Remove obsolete code from the make system
        https://bugs.webkit.org/show_bug.cgi?id=27299

        * JavaScriptCore.pro:
        * jsc.pro:

2009-07-07  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Simon Hausmann.

        https://bugs.webkit.org/show_bug.cgi?id=27056

        Alternate bool operator for codewarrior compiler (WINSCW).
        Compiler (latest b482) reports error for UnspecifiedBoolType construct:
        "illegal explicit conversion from 'WTF::OwnArrayPtr<JSC::Register>' to 'bool'"

        Same fix as in r38391.

        * JavaScriptCore/wtf/OwnArrayPtr.h:

2009-07-15  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Darin Adler.

        Qualify include path with wtf to fix compilation
        on Symbian.
        https://bugs.webkit.org/show_bug.cgi?id=27055

        * interpreter/Interpreter.h:

2009-07-15  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Dave Kilzer.

        Turn off non-portable date manipulations for SYMBIAN
        https://bugs.webkit.org/show_bug.cgi?id=27064

        Introduce HAVE(TM_GMTOFF), HAVE(TM_ZONE) and HAVE(TIMEGM) guards 
        and place the rules for controlling the guards in Platform.h.
        Turn off these newly introduced guards for SYMBIAN.

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):
        * wtf/DateMath.h:
        (WTF::GregorianDateTime::GregorianDateTime):
        (WTF::GregorianDateTime::operator tm):
        * wtf/Platform.h:

2009-07-15  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Simon Hausmann.

        Undef ASSERT on Symbian, to avoid excessive warnings
        https://bugs.webkit.org/show_bug.cgi?id=27052

        * wtf/Assertions.h:

2009-07-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Simon Hausmann.

        REGRESSION: fast/js/postfix-syntax.html fails with interpreter
        https://bugs.webkit.org/show_bug.cgi?id=27294

        When postfix operators operating on locals assign to the same local
        the order of operations has to be to store the incremented value, then
        store the unmodified number.  Rather than implementing this subtle
        semantic in the interpreter I've just made the logic explicit in the
        bytecode generator, so x=x++ effectively becomes x=ToNumber(x) (for a
        local var x).

        * parser/Nodes.cpp:
        (JSC::emitPostIncOrDec):

2009-07-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Simon Hausmann.

        REGRESSION(43559): fast/js/kde/arguments-scope.html fails with interpreter
        https://bugs.webkit.org/show_bug.cgi?id=27259

        The interpreter was incorrectly basing its need to create the arguments object
        based on the presence of the callframe's argument reference rather than the local
        arguments reference.  Based on this it then overrode the local variable reference.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-07-14  Steve Falkenburg  <sfalken@apple.com>

        Reorganize JavaScriptCore headers into:
        API: include/JavaScriptCore/
        Private: include/private/JavaScriptCore/

        Reviewed by Darin Adler.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
        * JavaScriptCore.vcproj/testapi/testapi.vcproj:
        * JavaScriptCore.vcproj/testapi/testapiCommon.vsprops:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Change JSCell's superclass to NoncopyableCustomAllocated
        https://bugs.webkit.org/show_bug.cgi?id=27248

        JSCell class customizes operator new, since Noncopyable will be 
        inherited from FastAllocBase, NoncopyableCustomAllocated has 
        to be used.

        * runtime/JSCell.h:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Change all Noncopyable inheriting visibility to public.
        https://bugs.webkit.org/show_bug.cgi?id=27225

        Change all Noncopyable inheriting visibility to public because
        it is needed to the custom allocation framework (bug #20422).

        * bytecode/SamplingTool.h:
        * bytecompiler/RegisterID.h:
        * interpreter/CachedCall.h:
        * interpreter/RegisterFile.h:
        * parser/Lexer.h:
        * parser/Parser.h:
        * runtime/ArgList.h:
        * runtime/BatchedTransitionOptimizer.h:
        * runtime/Collector.h:
        * runtime/CommonIdentifiers.h:
        * runtime/JSCell.h:
        * runtime/JSGlobalObject.h:
        * runtime/JSLock.h:
        * runtime/JSONObject.cpp:
        * runtime/SmallStrings.cpp:
        * runtime/SmallStrings.h:
        * wtf/CrossThreadRefCounted.h:
        * wtf/GOwnPtr.h:
        * wtf/Locker.h:
        * wtf/MessageQueue.h:
        * wtf/OwnArrayPtr.h:
        * wtf/OwnFastMallocPtr.h:
        * wtf/OwnPtr.h:
        * wtf/RefCounted.h:
        * wtf/ThreadSpecific.h:
        * wtf/Threading.h:
        * wtf/Vector.h:
        * wtf/unicode/Collator.h:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Change ParserArenaRefCounted's superclass to RefCountedCustomAllocated
        https://bugs.webkit.org/show_bug.cgi?id=27249

        ParserArenaDeletable customizes operator new, to avoid double inheritance
        ParserArenaDeletable's superclass has been changed to RefCountedCustomAllocated.

        * parser/Nodes.h:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Add RefCountedCustomAllocated to RefCounted.h
        https://bugs.webkit.org/show_bug.cgi?id=27232

        Some class which are inherited from RefCounted customize
        operator new, but RefCounted is inherited from Noncopyable
        which will be inherited from FastAllocBase. To avoid
        conflicts Noncopyable inheriting was moved down to RefCounted
        and to avoid double inheritance this class has been added.

        * wtf/RefCounted.h:
        (WTF::RefCountedCustomAllocated::deref):
        (WTF::RefCountedCustomAllocated::~RefCountedCustomAllocated):

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Add NoncopyableCustomAllocated to Noncopyable.h.
        https://bugs.webkit.org/show_bug.cgi?id=27228
        
        Some classes which inherited from Noncopyable overrides operator new
        since Noncopyable'll be inherited from FastAllocBase, Noncopyable.h 
        needs to be extended with this new class to support the overriding. 

        * wtf/Noncopyable.h:
        (WTFNoncopyable::NoncopyableCustomAllocated::NoncopyableCustomAllocated):
        (WTFNoncopyable::NoncopyableCustomAllocated::~NoncopyableCustomAllocated):

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's IdentifierTable class
        https://bugs.webkit.org/show_bug.cgi?id=27260

        Inherits IdentifierTable class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Identifier.cpp:70.

        * runtime/Identifier.cpp:

2009-07-14  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for JavaScriptCore's Profiler class
        https://bugs.webkit.org/show_bug.cgi?id=27253

        Inherits Profiler class from FastAllocBase because it has been instantiated by
        'new' in JavaScriptCore/profiler/Profiler.cpp:56.

        * profiler/Profiler.h:

2009-07-06  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        Authors: George Staikos <george.staikos@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>, Makoto Matsumoto <matumoto@math.keio.ac.jp>, Takuji Nishimura

        https://bugs.webkit.org/show_bug.cgi?id=27030
        Implement custom RNG for WinCE using Mersenne Twister

        * wtf/RandomNumber.cpp:
        (WTF::randomNumber):
        * wtf/RandomNumberSeed.h:
        (WTF::initializeRandomNumberGenerator):
        * wtf/wince/mt19937ar.c: Added.
        (init_genrand):
        (init_by_array):
        (genrand_int32):
        (genrand_int31):
        (genrand_real1):
        (genrand_real2):
        (genrand_real3):
        (genrand_res53):

2009-07-13  Gustavo Noronha Silva  <gustavo.noronha@collabora.co.uk>

        Unreviewed make dist build fix.

        * GNUmakefile.am:

2009-07-13  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        Add ENABLE(SHARED_WORKERS) flag and define SharedWorker APIs
        https://bugs.webkit.org/show_bug.cgi?id=26932

        Added ENABLE(SHARED_WORKERS) flag (off by default).

        * Configurations/FeatureDefines.xcconfig:

2009-07-07  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        https://bugs.webkit.org/show_bug.cgi?id=27058

        Removed superfluous parenthesis around single expression.
        Compilers on Symbian platform fail to properly parse and compile.

        * JavaScriptCore/wtf/Platform.h:

2009-07-13  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        https://bugs.webkit.org/show_bug.cgi?id=27054

        Renamed Translator to HashTranslator

        Codewarrior compiler (WINSCW) latest b482 cannot resolve typename
        mismatch between template declaration and definition
        (HashTranslator / Translator)

        * wtf/HashSet.h:

2009-07-13  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=27053

        Ambiguity in LabelScope initialization

        Codewarrior compiler (WINSCW) latest b482 on Symbian cannot resolve
        type of "0" unambiguously. Set expression explicitly to
        PassRefPtr<Label>::PassRefPtr()

        * bytecompiler/BytecodeGenerator.cpp

2009-07-11  Simon Fraser  <simon.fraser@apple.com>

        Enable support for accelerated compositing and 3d transforms on Leopard.
        <https://bugs.webkit.org/show_bug.cgi?id=20166>
        <rdar://problem/6120614>

        Reviewed by Oliver Hunt.

        * Configurations/FeatureDefines.xcconfig:
        * wtf/Platform.h:

2009-07-10  Mark Rowe  <mrowe@apple.com>

        Second part of the "make Windows happier" dance.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-10  Mark Rowe  <mrowe@apple.com>

        Try and make the Windows build happy.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-07-10  Kevin McCullough  <kmccullough@apple.com>

        Reviewed by Geoffrey Garen.

        * debugger/Debugger.h: Made this function virtual for use in WebCore's
        WebInspector.

2009-07-10  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Darin Adler.

        ParserArenaDeletable should override delete
        https://bugs.webkit.org/show_bug.cgi?id=26790

        ParserArenaDeletable overrides new, but it does not override delete.
        ParserArenaDeletable must be freed by fastFree
        because it is allocated by fastMalloc.

        * parser/NodeConstructors.h:
        (JSC::ParserArenaDeletable::operator delete):
        * parser/Nodes.h:

2009-07-10  Adam Roben  <aroben@apple.com>

        Sort all our Xcode projects

        Accomplished using sort-Xcode-project-file.

        Requested by Dave Kilzer.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2009-07-09  Maciej Stachowiak  <mjs@apple.com>

        Not reviewed, build fix.

        Windows build fix for the last change.

        * wtf/dtoa.cpp: Forgot to include Vector.h

2009-07-09  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Darin Adler.

        REGRESSION: crash in edge cases of floating point parsing.
        https://bugs.webkit.org/show_bug.cgi?id=27110
        <rdar://problem/7044458>
        
        Tests: fast/css/number-parsing-crash.html
               fast/css/number-parsing-crash.html
               fast/js/number-parsing-crash.html
        
        * wtf/dtoa.cpp:
        (WTF::BigInt::BigInt): Converted this to more a proper class, using a Vector
        with inline capacity

        (WTF::lshift): Rearranged logic somewhat nontrivially to deal with the new way of sizing BigInts.
        Added an assertion to verify that invariants are maintained.

        All other functions are adapted fairly mechanically to the above changes.
        (WTF::BigInt::clear):
        (WTF::BigInt::size):
        (WTF::BigInt::resize):
        (WTF::BigInt::words):
        (WTF::BigInt::append):
        (WTF::multadd):
        (WTF::s2b):
        (WTF::i2b):
        (WTF::mult):
        (WTF::cmp):
        (WTF::diff):
        (WTF::b2d):
        (WTF::d2b):
        (WTF::ratio):
        (WTF::strtod):
        (WTF::quorem):
        (WTF::dtoa):

2009-07-09  Drew Wilson  <atwilson@google.com>

        Reviewed by Alexey Proskuryakov.

        Turned on CHANNEL_MESSAGING by default because the MessageChannel API
        can now be implemented for Web Workers and is reasonably stable.

        * Configurations/FeatureDefines.xcconfig:

2009-07-09  Oliver Hunt  <oliver@apple.com>

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-07-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 27016 - Interpreter crashes due to invalid array indexes
        <https://bugs.webkit.org/show_bug.cgi?id=27016>

        Unsigned vs signed conversions results in incorrect behaviour in
        64bit interpreter builds.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::privateExecute):

2009-07-09  Dimitri Glazkov  <dglazkov@chromium.org>

        Reviewed by Darin Fisher.

        [Chromium] Upstream JavaScriptCore.gypi, the project file for Chromium build.
        https://bugs.webkit.org/show_bug.cgi?id=27135

        * JavaScriptCore.gypi: Added.

2009-07-09  Joe Mason  <joe.mason@torchmobile.com>

        Reviewed by George Staikos.
        
        Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>

        https://bugs.webkit.org/show_bug.cgi?id=27031
        Add an override for deleteOwnedPtr(HDC) on Windows
        
        * wtf/OwnPtrCommon.h:
        * wtf/OwnPtrWin.cpp:
        (WTF::deleteOwnedPtr):

2009-07-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>

        Reviewed by Darin Adler.

        Guard singal.h dependency with HAVE(SIGNAL_H) to enable building jsc
        on SYMBIAN.

        https://bugs.webkit.org/show_bug.cgi?id=27026

        Based on Norbert Leser's work.

        * jsc.cpp:
        (printUsageStatement):
        (parseArguments):
        * wtf/Platform.h:

2009-07-07  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Stop loading constants into the register file.

        Instead, use high register values (highest bit bar the sign bit set) to indicate
        constants in the instruction stream, and when we encounter such a value load it
        directly from the CodeBlock.

        Since constants are no longer copied into the register file, this patch renders
        the 'unexpected constant' mechanism redundant, and removes it.

        2% improvement, thanks to Sam Weinig.

        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::CodeBlock):
        (JSC::CodeBlock::mark):
        (JSC::CodeBlock::shrinkToFit):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::isTemporaryRegisterIndex):
        (JSC::CodeBlock::constantRegister):
        (JSC::CodeBlock::isConstantRegisterIndex):
        (JSC::CodeBlock::getConstant):
        (JSC::ExecState::r):
        * bytecode/Opcode.h:
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::preserveLastVar):
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::addConstantValue):
        (JSC::BytecodeGenerator::emitEqualityOp):
        (JSC::BytecodeGenerator::emitLoad):
        (JSC::BytecodeGenerator::emitResolveBase):
        (JSC::BytecodeGenerator::emitResolveWithBase):
        (JSC::BytecodeGenerator::emitNewError):
        * bytecompiler/BytecodeGenerator.h:
        (JSC::BytecodeGenerator::emitNode):
        * interpreter/CallFrame.h:
        (JSC::ExecState::noCaller):
        (JSC::ExecState::hasHostCallFrameFlag):
        (JSC::ExecState::addHostCallFrameFlag):
        (JSC::ExecState::removeHostCallFrameFlag):
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobal):
        (JSC::Interpreter::resolveBase):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::resolveBaseAndFunc):
        (JSC::Interpreter::dumpRegisters):
        (JSC::Interpreter::throwException):
        (JSC::Interpreter::createExceptionScope):
        (JSC::Interpreter::privateExecute):
        (JSC::Interpreter::retrieveArguments):
        * jit/JIT.cpp:
        (JSC::JIT::privateCompileMainPass):
        * jit/JITInlineMethods.h:
        (JSC::JIT::emitLoadDouble):
        (JSC::JIT::emitLoadInt32ToDouble):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_new_error):
        (JSC::JIT::emit_op_enter):
        (JSC::JIT::emit_op_enter_with_activation):
        * parser/Nodes.cpp:
        (JSC::DeleteResolveNode::emitBytecode):
        (JSC::DeleteValueNode::emitBytecode):
        (JSC::PrefixResolveNode::emitBytecode):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::JSActivation):
        * wtf/Platform.h:

2009-07-07  Mark Rowe  <mrowe@apple.com>

        Reviewed by Darin Adler.

        Fix <https://bugs.webkit.org/show_bug.cgi?id=27025> / <rdar://problem/7033448>.
        Bug 27025: Crashes and regression test failures related to regexps in 64-bit

        For x86_64 RegexGenerator uses rbx, a callee-save register, as a scratch register but
        neglects to save and restore it.  The change in handling of the output vector in r45545
        altered code generation so that the RegExp::match was now storing important data in rbx,
        which caused crashes and bogus results when it was clobbered.

        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter): Save rbx.
        (JSC::Yarr::RegexGenerator::generateReturn): Restore rbx.

2009-07-06  Ada Chan  <adachan@apple.com>

        Reviewed by Darin Adler and Mark Rowe.

        Decommitted spans are added to the list of normal spans rather than 
        the returned spans in TCMalloc_PageHeap::Delete().
        https://bugs.webkit.org/show_bug.cgi?id=26998
        
        In TCMalloc_PageHeap::Delete(), the deleted span can be decommitted in 
        the process of merging with neighboring spans that are also decommitted.  
        The merged span needs to be placed in the list of returned spans (spans 
        whose memory has been returned to the system).  Right now it's always added 
        to the list of the normal spans which can theoretically cause thrashing.  

        * wtf/FastMalloc.cpp:
        (WTF::TCMalloc_PageHeap::Delete):

2009-07-05  Lars Knoll  <lars.knoll@nokia.com>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=26843

        Fix run-time crashes in JavaScriptCore with the Metrowerks compiler on Symbian.

        The Metrowerks compiler on the Symbian platform moves the globally
        defined Hashtables into read-only memory, despite one of the members
        being mutable. This causes crashes at run-time due to write access to
        read-only memory.

        Avoid the use of const with this compiler by introducing the
        JSC_CONST_HASHTABLE macro.

        Based on idea by Norbert Leser.

        * runtime/Lookup.h: Define JSC_CONST_HASHTABLE as const for !WINSCW.
        * create_hash_table: Use JSC_CONST_HASHTABLE for hashtables.
        * runtime/JSGlobalData.cpp: Import various global hashtables via the macro.

2009-07-04  Dan Bernstein  <mitz@apple.com>

        - debug build fix

        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::getLastParen):

2009-07-03  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Maciej Stachowiak (and revised slightly)

        RegExp::match to be optimized
        https://bugs.webkit.org/show_bug.cgi?id=26957

        Allow regexp matching to use Vectors with inline capacity instead of
        allocating a new ovector buffer every time.
        
        ~5% speedup on SunSpider string-unpack-code test, 0.3% on SunSpider overall.

        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructorPrivate::RegExpConstructorPrivate):
        (JSC::RegExpConstructorPrivate::lastOvector):
        (JSC::RegExpConstructorPrivate::tempOvector):
        (JSC::RegExpConstructorPrivate::changeLastOvector):
        (JSC::RegExpConstructor::performMatch):
        (JSC::RegExpMatchesArray::RegExpMatchesArray):
        (JSC::RegExpMatchesArray::fillArrayInstance):
        (JSC::RegExpConstructor::getBackref):
        (JSC::RegExpConstructor::getLastParen):
        (JSC::RegExpConstructor::getLeftContext):
        (JSC::RegExpConstructor::getRightContext):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncSplit):

2009-06-30  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        Override operator new/delete with const std::nothrow_t& as the second
        argument.
        https://bugs.webkit.org/show_bug.cgi?id=26792

        On Windows CE, operator new/delete, new[]/delete[] with const
        std::nothrow_t& must be overrided because some standard template
        libraries use these operators.

        The problem occurs when memory allocated by new(size_t s, const
        std::nothrow_t&) is freed by delete(void* p). This causes the umatched
        malloc/free problem.

        The patch overrides all new, delete, new[] and delete[] to use
        fastMaloc and fastFree consistently.

        * wtf/FastMalloc.h:
        (throw):

2009-06-30  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Sam Weinig.

        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Remove unnecessary references to AssemblerBuffer.

        * interpreter/Interpreter.cpp:
        * interpreter/Interpreter.h:

2009-06-29  David Levin  <levin@chromium.org>

        Reviewed by Oliver Hunt.

        Still seeing occasional leaks from UString::sharedBuffer code
        https://bugs.webkit.org/show_bug.cgi?id=26420

        The problem is that the pointer to the memory allocation isn't visible
        by "leaks" due to the lower bits being used as flags.  The fix is to
        make the pointer visible in memory (in debug only). The downside of
        this fix that the memory allocated by sharedBuffer will still look like
        a leak in non-debug builds when any flags are set.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::set):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Remove more unused scons support.

        * SConstruct: Removed.

2009-06-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/7016214> JSON.parse fails to parse valid JSON with most Unicode characters
        <https://bugs.webkit.org/show_bug.cgi?id=26802>

        In the original JSON.parse patch unicode was handled correctly, however in some last
        minute "clean up" I oversimplified isSafeStringCharacter.  This patch corrects this bug.

        * runtime/LiteralParser.cpp:
        (JSC::isSafeStringCharacter):
        (JSC::LiteralParser::Lexer::lexString):

2009-06-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Dan Bernstein.

        <rdar://problem/7009684> REGRESSION(r45039): Crashes inside JSEvent::put on PowerPC (26746)
        <https://bugs.webkit.org/show_bug.cgi?id=26746>

        Fix for r45039 incorrectly uncached a get_by_id by converting it to put_by_id.  Clearly this
        is less than correct.  This patch corrects that error.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID):

2009-06-26  Eric Seidel  <eric@webkit.org>

        No review, only rolling out r45259.

        Roll out r45259 after crash appeared on the bots:
        plugins/undefined-property-crash.html
        ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize
        (leopard-intel-debug-tests/build/JavaScriptCore/runtime/Collector.cpp:278
        void* JSC::Heap::heapAllocate(size_t) [with JSC::HeapType heapType = PrimaryHeap])

        * runtime/DateInstance.cpp:
        * runtime/Identifier.cpp:
        * runtime/Lookup.h:
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpObject.h:
        * runtime/ScopeChain.h:
        * runtime/UString.h:

2009-06-26  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Add support for QDataStream operators to Vector.

        * wtf/Vector.h:
        (WTF::operator<<):
        (WTF::operator>>):

2009-06-24  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Make the opcode sampler work once again.

        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        Extend FastAllocBase.h with 'using WTF::FastAllocBase' to avoid
        unnecessary WTF:: usings.
        Remove existing unnecessary WTF:: usings.

        * interpreter/Interpreter.h:
        * profiler/CallIdentifier.h:
        * runtime/ScopeChain.h:
        * wtf/FastAllocBase.h:

2009-06-24  David Levin  <levin@chromium.org>

        Fix all builds.

        * bytecode/CodeBlock.h:
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Register.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26677

        Inherits CodeBlock class from FastAllocBase because it
        has been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.h:217.

        * bytecode/CodeBlock.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26676

        Inherits BytecodeGenerator class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/parser/Nodes.cpp:1892.

        * bytecompiler/BytecodeGenerator.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26675

        Inherits Register class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/JSVariableObject.h:149.

        * interpreter/Register.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        https://bugs.webkit.org/show_bug.cgi?id=26674

        Inherits HashMap class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:458.

        * wtf/HashMap.h:

2009-06-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6940519> REGRESSION (Safari 4 Public Beta - TOT): google.com/adplanner shows blank page instead of site details in "basic research'

        The problem was caused by the page returned with a function using a
        var declaration list containing around ~3000 variables.  The solution
        to this is to flatten the comma expression representation and make
        codegen comma expressions and initializer lists iterative rather than
        recursive.

        * parser/Grammar.y:
        * parser/NodeConstructors.h:
        (JSC::CommaNode::CommaNode):
        * parser/Nodes.cpp:
        (JSC::CommaNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::ExpressionNode::isCommaNode):
        (JSC::CommaNode::isCommaNode):
        (JSC::CommaNode::append):

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=26645

        Inherits ScopeChainNode class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/ScopeChain.h:95.

        * wtf/RefPtr.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=26648

        Inherits Deque class from FastAllocBase because it has been
        instantiated by 'new' with DEFINE_STATIC_LOCAL macro in 
        JavaScriptCore/wtf/MainThread.cpp:62.

        * wtf/Deque.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=26644

        Inherits RefPtr class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/StructureChain.cpp:41.

        * wtf/RefPtr.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits HashSet class from FastAllocBase, because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Collector.h:116.

        * wtf/HashSet.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits Vector class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:633.

        * wtf/Vector.h:

2009-06-24  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        The BytecodeGenerator objects were instantiated on stack, which takes up ~38kB per instance
        (each instance includes copy of JSC::CodeBlock with large SymbolTable, etc.).
        Specifically, since there is nested invocation (e.g., GlobalCode --> FunctionCode),
        the stack overflows immediately on Symbian hardware (max. 80 kB).
        Proposed change allocates generator objects on heap.
        Performance impact (if any) should be negligible and change is proposed as general fix,
        rather than ifdef'd for SYMBIAN.

        * parser/Nodes.cpp:
        (JSC::ProgramNode::generateBytecode):
        (JSC::EvalNode::generateBytecode):
        (JSC::EvalNode::bytecodeForExceptionInfoReparse):
        (JSC::FunctionBodyNode::generateBytecode):
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):

2009-06-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6992806> REGRESSION: Enumeration can skip new properties in cases of prototypes that have more than 64 (26593)
        <https://bugs.webkit.org/show_bug.cgi?id=26593>

        Do not attempt to cache structure chains if they contain a dictionary at any level.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        * runtime/Structure.cpp:
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::addPropertyTransition):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):
        * runtime/StructureChain.h:

2009-06-23  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26654
        Add the proper export define for the JavaScriptCore API when building for WINCE.

        * API/JSBase.h:

2009-06-23  Joe Mason  <joe.mason@torchmobile.com>

        Reviewed by Adam Treat.

        Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>

        https://bugs.webkit.org/show_bug.cgi?id=26611
        Implement currentThreadStackBase on WINCE by adding a global,
        g_stackBase, which must be set to the address of a local variable
        by the caller before calling any WebKit function that invokes JSC.

        * runtime/Collector.cpp:
        (JSC::isPageWritable):
        (JSC::getStackBase):
          Starts at the top of the stack and returns the entire range of
          consecutive writable pages as an estimate of the actual stack.
          This will be much bigger than the actual stack range, so some
          dead objects can't be collected, but it guarantees live objects
          aren't collected prematurely.

        (JSC::currentThreadStackBase):
          On WinCE, returns g_stackBase if set or call getStackBase as a
          fallback if not.

2009-06-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Fix stupid performance problem in the LiteralParser

        The LiteralParser was making a new UString in order to use
        toDouble, however UString's toDouble allows a much wider range
        of numberic strings than the LiteralParser accepts, and requires
        an additional heap allocation or two for the construciton of the
        UString.  To rectify this we just call WTF::dtoa directly using
        a stack allocated buffer to hold the validated numeric literal.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexNumber):
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:

2009-06-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Bug 26640: JSON.stringify needs to special case Boolean objects
        <https://bugs.webkit.org/show_bug.cgi?id=26640>

        Add special case handling of the Boolean object so we match current
        ES5 errata.

        * runtime/JSONObject.cpp:
        (JSC::unwrapBoxedPrimitive): renamed from unwrapNumberOrString
        (JSC::gap):
        (JSC::Stringifier::appendStringifiedValue):

2009-06-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 26591: Support revivers in JSON.parse
        <https://bugs.webkit.org/show_bug.cgi?id=26591>

        Add reviver support to JSON.parse.  This completes the JSON object.

        * runtime/JSONObject.cpp:
        (JSC::Walker::Walker):
        (JSC::Walker::callReviver):
        (JSC::Walker::walk):
        (JSC::JSONProtoFuncParse):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 26592: Support standard toJSON functions
        <https://bugs.webkit.org/show_bug.cgi?id=26592>

        Add support for the standard Date.toJSON function.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToJSON):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Bug 26594: JSC needs to support Date.toISOString
        <https://bugs.webkit.org/show_bug.cgi?id=26594>

        Add support for Date.toISOString.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToISOString):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Remove dead code.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler and Cameron Zwarich.

        Bug 26587: Support JSON.parse
        <https://bugs.webkit.org/show_bug.cgi?id=26587>

        Extend the LiteralParser to support the full strict JSON
        grammar, fix a few places where the grammar was incorrectly
        lenient.   Doesn't yet support the JSON.parse reviver function
        but that does not block the JSON.parse functionality itself.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * runtime/JSONObject.cpp:
        (JSC::JSONProtoFuncParse):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lex):
        (JSC::isSafeStringCharacter):
        (JSC::LiteralParser::Lexer::lexString):
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:
        (JSC::LiteralParser::LiteralParser):
        (JSC::LiteralParser::tryJSONParse):
        (JSC::LiteralParser::):
        (JSC::LiteralParser::Lexer::Lexer):

2009-06-21  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (speculative build fix for windows).

        Simply removed some whitespace form this file to make windows build wtf and
        hopefully copy the new MessageQueque.h so that WebCore picks it up.

        * wtf/Assertions.cpp:

2009-06-21  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        <https://bugs.webkit.org/show_bug.cgi?id=25043>
        Added support for multi-threaded MessagePorts.

        * wtf/MessageQueue.h:
        (WTF::::appendAndCheckEmpty):
            Added API to test whether the queue was empty before adding an element.
  
2009-06-20  David D. Kilzer  <ddkilzer@webkit.org>

        Fix namespace comment in SegmentedVector.h

        * wtf/SegmentedVector.h: Updated namespace comment to reflect
        new namespace after r44897.

2009-06-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Reviewed by Oliver Hunt.

        An Iterator added for SegmentedVector. Currently
        only the pre ++ operator is supported.

        * wtf/SegmentedVector.h:
        (WTF::SegmentedVectorIterator::~SegmentedVectorIterator):
        (WTF::SegmentedVectorIterator::operator*):
        (WTF::SegmentedVectorIterator::operator->):
        (WTF::SegmentedVectorIterator::operator++):
        (WTF::SegmentedVectorIterator::operator==):
        (WTF::SegmentedVectorIterator::operator!=):
        (WTF::SegmentedVectorIterator::operator=):
        (WTF::SegmentedVectorIterator::SegmentedVectorIterator):
        (WTF::SegmentedVector::alloc):
        (WTF::SegmentedVector::begin):
        (WTF::SegmentedVector::end):

2009-06-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Reviewed by Oliver Hunt.

        Move SegmentedVector to /wtf subdirectory
        and change "namespace JSC" to "namespace WTF"

        Additional build file updates by David Kilzer.

        * GNUmakefile.am: Updated path to SegmentedVector.h.
        * JavaScriptCore.order: Updated SegmentedVector namespace from
        JSC to WTF in mangled C++ method name.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        Removed reference to bytecompiler\SegmentedVector.h.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Added reference to
        wtf\SegmentedVector.h.
        * JavaScriptCore.xcodeproj/project.pbxproj: Moved
        SegmentedVector.h definition from bytecompiler subdirectory to
        wtf subdirectory.
        * bytecompiler/BytecodeGenerator.h: Updated #include path to
        SegmentedVector.h and prepended WTF:: namespace to its use.
        * parser/Lexer.h: Ditto.
        * wtf/SegmentedVector.h: Renamed from JavaScriptCore/bytecompiler/SegmentedVector.h.
        (WTF::SegmentedVector::SegmentedVector):
        (WTF::SegmentedVector::~SegmentedVector):
        (WTF::SegmentedVector::size):
        (WTF::SegmentedVector::at):
        (WTF::SegmentedVector::operator[]):
        (WTF::SegmentedVector::last):
        (WTF::SegmentedVector::append):
        (WTF::SegmentedVector::removeLast):
        (WTF::SegmentedVector::grow):
        (WTF::SegmentedVector::clear):
        (WTF::SegmentedVector::deleteAllSegments):
        (WTF::SegmentedVector::segmentExistsFor):
        (WTF::SegmentedVector::segmentFor):
        (WTF::SegmentedVector::subscriptFor):
        (WTF::SegmentedVector::ensureSegmentsFor):
        (WTF::SegmentedVector::ensureSegment):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix take 2 - rename FIELD_OFFSET to something that doesn't conflict with winnt.h).

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::emitGetVariableObjectRegister):
        (JSC::JIT::emitPutVariableObjectRegister):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::checkStructure):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call):
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        * jit/JIT.h:
        * jit/JITInlineMethods.h:

2009-06-19  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Reorganize ARM architecture specific macros.
        Use PLATFORM_ARM_ARCH(7) instead of PLATFORM(ARM_V7).

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Fix armv7 JIT build issues.

        Unfortunate the arm compiler does not like the use of offsetof on JITStackFrame (since it now contains non POD types),
        and the FIELD_OFFSET macro does not appear constantish enough for it to be happy with its use in COMPILE_ASSERT macros.

        * Replace offsetofs with FIELD_OFFSETs (safe on C++ objects).
        * Move COMPILE_ASSERTs defending layout of JITStackFrame structure on armv7 into JITThunks constructor.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_catch):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2009-06-19  Adam Treat  <adam.treat@torchmobile.com>

        Blind attempt at build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-19  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Inherits CallIdentifier struct from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/profiler/CallIdentifier.h:86.

        * wtf/HashCountedSet.h:

2009-06-19  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=26540
        Modify the test shell to add a new function 'checkSyntax' that will
        only parse the source instead of executing it. In this way we can test
        pure parsing performance against some of the larger scripts in the wild.

        * jsc.cpp:
        (GlobalObject::GlobalObject):
        (functionCheckSyntax):

2009-06-19  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        Inherits HashCountedSet class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Collector.cpp:1095.

        * wtf/HashCountedSet.h:

2009-06-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26558
        Declare these symbols extern for WINCE as they are provided by libce.

        * runtime/DateConstructor.cpp:
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2009-06-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        <rdar://problem/6988973> ScopeChain leak in interpreter builds

        Move the Scopechain destruction code in JSFunction outside of the ENABLE(JIT)
        path.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * wtf/Platform.h:

2009-06-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26543
        Windows CE uses 'GetLastError' instead of 'errno.'

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::grow):

2009-06-19  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (Windows build fix).

        Add export for Windows corresponding to OSX export done in r44844.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin "Viceroy of Venezuela" Barraclough.

        Bug 26532: Native functions do not correctly unlink from optimised callsites when they're collected
        <https://bugs.webkit.org/show_bug.cgi?id=26532> <rdar://problem/6625385>

        We need to make sure that each native function instance correctly unlinks any references to it
        when it is collected.  Allowing this to happen required a few changes:
            * Every native function needs a codeblock to track the link information
            * To have this codeblock, every function now also needs its own functionbodynode
              so we no longer get to have a single shared instance.
            * Identifying a host function is now done by looking for CodeBlock::codeType() == NativeCode

        * JavaScriptCore.exp:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
           Constructor for NativeCode CodeBlock
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::handlerForBytecodeOffset):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        (JSC::CodeBlock::functionRegisterForBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
        (JSC::CodeBlock::setJITCode):
           Add assertions to ensure we don't try and use NativeCode CodeBlocks as
           a normal codeblock.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CodeBlock::source):
        (JSC::CodeBlock::sourceOffset):
        (JSC::CodeBlock::evalCodeCache):
        (JSC::CodeBlock::createRareDataIfNecessary):
          More assertions.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::linkCall):
          Update logic to allow native function caching

        * jit/JITStubs.cpp:
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::isHostFunction):
        * parser/Nodes.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::mark):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Timezone calculation incorrect in Venezuela.

        https://bugs.webkit.org/show_bug.cgi?id=26531
        <rdar://problem/6646169> Time is incorrectly reported to JavaScript in both Safari 3 and Firefox 3

        The problem is that we're calculating the timezone relative to 01/01/2000,
        but the VET timezone changed from -4 hours to -4:30 hours on 12/09/2007.
        According to the spec, section 15.9.1.9 states "the time since the beginning
        of the year", presumably meaning the *current* year.  Change the calculation
        to be based on whatever the current year is, rather than a canned date.

        No performance impact.

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe (originally reviewed by Sam Weinig).

        (Reintroducing patch added in r44492, and reverted in r44796.)

        Change the implementation of op_throw so the stub function always modifies its
        return address - if it doesn't find a 'catch' it will switch to a trampoline
        to force a return from JIT execution.  This saves memory, by avoiding the need
        for a unique return for every op_throw.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
            JITStubs::cti_op_throw now always changes its return address,
            remove return code generated after the stub call (this is now
            handled by ctiOpThrowNotCaught).
        * jit/JITStubs.cpp:
        (JSC::):
            Add ctiOpThrowNotCaught definitions.
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
            Change cti_op_throw to always change its return address.
        * jit/JITStubs.h:
            Add ctiOpThrowNotCaught declaration.

2009-06-18  Kevin McCullough  <kmccullough@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6940880> REGRESSION: Breakpoints don't break in 64-bit

        - Exposed functions now needed by WebCore.

        * JavaScriptCore.exp:

2009-06-17  Darin Adler  <darin@apple.com>

        Reviewed by Oliver Hunt.

        Bug 26429: Make JSON.stringify non-recursive so it can handle objects
        of arbitrary complexity
        https://bugs.webkit.org/show_bug.cgi?id=26429

        For marking I decided not to use gcProtect, because this is inside the engine
        so it's easy enough to just do marking. And that darned gcProtect does locking!
        Oliver tried to convince me to used MarkedArgumentBuffer, but the constructor
        for that class says "FIXME: Remove all clients of this API, then remove this API."

        * runtime/Collector.cpp:
        (JSC::Heap::collect): Add a call to JSONObject::markStringifiers.

        * runtime/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers): Added emptyIdentifier.
        * runtime/CommonIdentifiers.h: Ditto.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Initialize firstStringifierToMark to 0.
        * runtime/JSGlobalData.h: Added firstStringifierToMark.

        * runtime/JSONObject.cpp: Cut down the includes to the needed ones only.
        (JSC::unwrapNumberOrString): Added. Helper for unwrapping number and string
        objects to get their number and string values.
        (JSC::ReplacerPropertyName::ReplacerPropertyName): Added. The class is used
        to wrap an identifier or integer so we don't have to do any work unless we
        actually call a replacer.
        (JSC::ReplacerPropertyName::value): Added.
        (JSC::gap): Added. Helper function for the Stringifier constructor.
        (JSC::PropertyNameForFunctionCall::PropertyNameForFunctionCall): Added.
        The class is used to wrap an identifier or integer so we don't have to
        allocate a number or string until we actually call toJSON or a replacer.
        (JSC::PropertyNameForFunctionCall::asJSValue): Added.
        (JSC::Stringifier::Stringifier): Updated and moved out of the class
        definition. Added code to hook this into a singly linked list for marking.
        (JSC::Stringifier::~Stringifier): Remove from the singly linked list.
        (JSC::Stringifier::mark): Mark all the objects in the holder stacks.
        (JSC::Stringifier::stringify): Updated.
        (JSC::Stringifier::appendQuotedString): Tweaked and streamlined a bit.
        (JSC::Stringifier::toJSON): Renamed from toJSONValue.
        (JSC::Stringifier::appendStringifiedValue): Renamed from stringify.
        Added code to use the m_holderStack to do non-recursive stringify of
        objects and arrays. This code also uses the timeout checker since in
        pathological cases it could be slow even without calling into the
        JavaScript virtual machine.
        (JSC::Stringifier::willIndent): Added.
        (JSC::Stringifier::indent): Added.
        (JSC::Stringifier::unindent): Added.
        (JSC::Stringifier::startNewLine): Added.
        (JSC::Stringifier::Holder::Holder): Added.
        (JSC::Stringifier::Holder::appendNextProperty): Added. This is the
        function that handles the format of arrays and objects.
        (JSC::JSONObject::getOwnPropertySlot): Moved this down to the bottom
        of the file so the JSONObject class is not interleaved with the
        Stringifier class.
        (JSC::JSONObject::markStringifiers): Added. Calls mark.
        (JSC::JSONProtoFuncStringify): Streamlined the code here. The code
        to compute the gap string is now a separate function.

        * runtime/JSONObject.h: Made everything private. Added markStringifiers.

2009-06-17  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6974140> REGRESSION(r43849): Crash in cti_op_call_NotJSFunction when getting directions on maps.google.com

        Roll out r43849 as it appears that we cannot rely on the address of
        an objects property storage being constant even if the structure is
        unchanged.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe.

        Fully revert r44492 & r44748 while we fix a bug they cause on internal builds <rdar://problem/6955963>.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6947426> sunspider math-cordic.js exhibits different intermediate results running 32-bit vs. 64-bit

        On 64-bit, NaN-encoded values must be detagged before they can be used in rshift.

        No performance impact.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):

2009-06-17  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=23155
        Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.

        * jsc.cpp:
        (main):

2009-06-17  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=23155
        Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.

        * config.h:
        * jsc.cpp:
        * wtf/Assertions.cpp:
        * wtf/Assertions.h:
        * wtf/CurrentTime.cpp:
        (WTF::lowResUTCTime):
        * wtf/DateMath.cpp:
        (WTF::getLocalTime):
        * wtf/MathExtras.h:
        * wtf/Platform.h:
        * wtf/StringExtras.h:
        * wtf/Threading.h:
        * wtf/win/MainThreadWin.cpp:

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com

        Remove PropertySlot::putValue - PropertySlots should only be used for getting,
        not putting.  Rename JSGlobalObject::getOwnPropertySlot to hasOwnPropertyForWrite,
        which is what it really was being used to ask, and remove some other getOwnPropertySlot
        & getOwnPropertySlotForWrite methods, which were unused and likely to lead to confusion.

        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::hasOwnPropertyForWrite):
        * runtime/JSObject.h:
        * runtime/JSStaticScopeObject.cpp:
        * runtime/JSStaticScopeObject.h:
        * runtime/PropertySlot.h:

2009-06-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver hunt.

        Temporarily partially disable r44492, since this is causing some problems on internal builds.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):

2009-06-16  Sam Weinig  <sam@webkit.org>

        Fix windows build.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):

2009-06-16  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Initialize m_bytecodeIndex to -1 in JIT, and correctly initialize
        it for each type of stub using the return address to find the correct
        offset.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

== Rolled over to ChangeLog-2009-06-16 ==