2008-09-15 Gavin Barraclough <barraclough@apple.com>

[WebKit-https.git] / JavaScriptCore / ChangeLog

2008-09-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Inline code generation of eq_null/neq_null for CTI.  Uses vptr checking for
        StringObjectsThatAreMasqueradingAsBeingUndefined.  In the long run, the
        masquerading may be handled differently (through the StructureIDs - see bug
        #20823).

        >1% on v8-tests.

        * VM/CTI.cpp:
        (JSC::CTI::emitJumpSlowCaseIfIsJSCell):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (JSC::Machine::Machine):
        (JSC::Machine::cti_op_eq_null):
        (JSC::Machine::cti_op_neq_null):
        * VM/Machine.h:
        (JSC::Machine::doesMasqueradesAsUndefined):
        * kjs/JSWrapperObject.h:
        (JSC::JSWrapperObject::):
        (JSC::JSWrapperObject::JSWrapperObject):
        * kjs/StringObject.h:
        (JSC::StringObject::StringObject):
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):

2008-09-15  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Rubber-stamped by Oliver Hunt.

        r36427 broke CodeBlock::dump() by changing the number of arguments to
        op_construct without changing the code that prints it. This patch fixes
        it by printing the additional argument.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):

2008-09-15  Adam Roben  <aroben@apple.com>

        Build fix

        * kjs/StructureID.cpp: Removed a stray semicolon.

2008-09-15  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Fix a crash in fast/js/exception-expression-offset.html caused by not
        updating all mentions of the length of op_construct in r36427.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_construct_NotJSConstruct):

2008-09-15  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix layout test failure introduced by fix for 20849
        
        (The failing test was fast/js/delete-then-put.html)

        * kjs/JSObject.cpp:
        (JSC::JSObject::removeDirect): Clear enumeration cache
        in the dictionary case.
        * kjs/JSObject.h:
        (JSC::JSObject::putDirect): Ditto.
        * kjs/StructureID.h:
        (JSC::StructureID::clearEnumerationCache): Inline to handle the
        clear.

2008-09-15  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Cameron Zwarich.
        
        - fix JSC test failures introduced by fix for 20849

        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames): Use the correct count.

2008-09-15  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20851: REGRESSION (r36410): fast/js/kde/GlobalObject.html fails
        <https://bugs.webkit.org/show_bug.cgi?id=20851>

        r36410 introduced an optimization for parseInt() that is incorrect when
        its argument is larger than the range of a 32-bit integer. If the
        argument is a number that is not an immediate integer, then the correct
        behaviour is to return the floor of its value, unless it is an infinite
        value, in which case the correct behaviour is to return 0.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt):

2008-09-15  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=20849
        Cache property names for getEnumerablePropertyNames in the StructureID.

        ~0.5% speedup on Sunspider overall (9.7% speedup on string-fasta).  ~1% speedup
        on the v8 test suite.

        * kjs/JSObject.cpp:
        (JSC::JSObject::getPropertyNames):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h:
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::getEnumerablePropertyNames):
        * kjs/StructureID.h:

2008-09-14  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Cameron Zwarich.
        
        - speed up JS construction by extracting "prototype" lookup so PIC applies.
        
        ~0.5% speedup on SunSpider
        Speeds up some of the V8 tests as well, most notably earley-boyer.

        * VM/CTI.cpp:
        (JSC::CTI::compileOpCall): Account for extra arg for prototype.
        (JSC::CTI::privateCompileMainPass): Account for increased size of op_construct.
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitConstruct): Emit separate lookup to get prototype property.
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Expect prototype arg in op_construct.
        (JSC::Machine::cti_op_construct_JSConstruct): ditto
        (JSC::Machine::cti_op_construct_NotJSConstruct): ditto

2008-09-10  Alexey Proskuryakov  <ap@webkit.org>

        Reviewed by Eric Seidel.

        Add a protected destructor for RefCounted.

        It is wrong to call its destructor directly, because (1) this should be taken care of by
        deref(), and (2) many classes that use RefCounted have non-virtual destructors.

        No change in behavior.

        * wtf/RefCounted.h: (WTF::RefCounted::~RefCounted):

2008-09-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Accelerated property accesses.

        Inline more of the array access code into the JIT code for get/put_by_val.
        Accelerate get/put_by_id by speculatively inlining a disable direct access
        into the hot path of the code, and repatch this with the correct StructureID
        and property map offset once these are known.  In the case of accesses to the
        prototype and reading the array-length a trampoline is genertaed, and the
        branch to the slow-case is relinked to jump to this.

        By repatching, we mean rewriting the x86 instruction stream.  Instructions are
        only modified in a simple fasion - altering immediate operands, memory access
        deisplacements, and branch offsets.
        
        For regular get_by_id/put_by_id accesses to an object, a StructureID in an
        instruction's immediate operant is updateded, and a memory access operation's
        displacement is updated to access the correct field on the object.  In the case
        of more complex accesses (array length and get_by_id_prototype) the offset on
        the branch to slow-case is updated, to now jump to a trampoline.

        +2.8% sunspider, +13% v8-tests

        * VM/CTI.cpp:
        (JSC::CTI::emitCall):
        (JSC::CTI::emitJumpSlowCaseIfNotJSCell):
        (JSC::CTI::CTI):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateCompilePutByIdTransition):
        (JSC::CTI::privateCompileArrayLengthTrampoline):
        (JSC::CTI::privateCompileStringLengthTrampoline):
        (JSC::CTI::patchGetByIdSelf):
        (JSC::CTI::patchPutByIdReplace):
        (JSC::CTI::privateCompilePatchGetArrayLength):
        (JSC::CTI::privateCompilePatchGetStringLength):
        * VM/CTI.h:
        (JSC::CTI::compileGetByIdSelf):
        (JSC::CTI::compileGetByIdProto):
        (JSC::CTI::compileGetByIdChain):
        (JSC::CTI::compilePutByIdReplace):
        (JSC::CTI::compilePutByIdTransition):
        (JSC::CTI::compileArrayLengthTrampoline):
        (JSC::CTI::compileStringLengthTrampoline):
        (JSC::CTI::compilePatchGetArrayLength):
        (JSC::CTI::compilePatchGetStringLength):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::~CodeBlock):
        * VM/CodeBlock.h:
        (JSC::StructureStubInfo::StructureStubInfo):
        (JSC::CodeBlock::getStubInfo):
        * VM/Machine.cpp:
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        (JSC::Machine::cti_op_put_by_val_array):
        * VM/Machine.h:
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::cmpl_i8m):
        (JSC::X86Assembler::emitUnlinkedJa):
        (JSC::X86Assembler::getRelocatedAddress):
        (JSC::X86Assembler::getDifferenceBetweenLabels):
        (JSC::X86Assembler::emitModRm_opmsib):

2008-09-14  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Cameron Zwarich.
        
        - split the "prototype" lookup for hasInstance into opcode stream so it can be cached
        
        ~5% speedup on v8 earley-boyer test

        * API/JSCallbackObject.h: Add a parameter for the pre-looked-up prototype.
        * API/JSCallbackObjectFunctions.h:
        (JSC::::hasInstance): Ditto.
        * API/JSValueRef.cpp:
        (JSValueIsInstanceOfConstructor): Look up and pass in prototype.
        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass): Pass along prototype.
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump): Print third arg.
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitInstanceOf): Implement this, now that there
        is a third argument.
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute): Pass along the prototype.
        (JSC::Machine::cti_op_instanceof): ditto
        * kjs/JSObject.cpp:
        (JSC::JSObject::hasInstance): Expect to get a pre-looked-up prototype.
        * kjs/JSObject.h:
        * kjs/nodes.cpp:
        (JSC::InstanceOfNode::emitCode): Emit a get_by_id of the prototype
        property and pass that register to instanceof.
        * kjs/nodes.h:

2008-09-14  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Remove unnecessary virtual function call from cti_op_call_JSFunction -
        ~5% on richards, ~2.5% on v8-tests, ~0.5% on sunspider.

        * VM/Machine.cpp:
        (JSC::Machine::cti_op_call_JSFunction):

2008-09-14  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20827: the 'typeof' operator is slow
        <https://bugs.webkit.org/show_bug.cgi?id=20827>

        Optimize the 'typeof' operator when its result is compared to a constant
        string.

        This is a 5.5% speedup on the V8 Earley-Boyer test.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitEqualityOp):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::jsIsObjectType):
        (JSC::jsIsFunctionType):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_is_undefined):
        (JSC::Machine::cti_op_is_boolean):
        (JSC::Machine::cti_op_is_number):
        (JSC::Machine::cti_op_is_string):
        (JSC::Machine::cti_op_is_object):
        (JSC::Machine::cti_op_is_function):
        * VM/Machine.h:
        * VM/Opcode.h:
        * kjs/nodes.cpp:
        (JSC::BinaryOpNode::emitCode):
        (JSC::EqualNode::emitCode):
        (JSC::StrictEqualNode::emitCode):
        * kjs/nodes.h:

2008-09-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Cameron Zwarich.

        Patch for https://bugs.webkit.org/show_bug.cgi?id=20844
        Speed up parseInt for numbers

        Sunspider reports this as 1.029x as fast overall and 1.37x as fast on string-unpack-code.
        No change on the v8 suite.

        * kjs/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncParseInt): Don't convert numbers to strings just to
        convert them back to numbers.

2008-09-14  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20816: op_lesseq should be optimized
        <https://bugs.webkit.org/show_bug.cgi?id=20816>

        Add a loop_if_lesseq opcode that is similar to the loop_if_less opcode.

        This is a 9.4% speedup on the V8 Crypto benchmark.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitJumpIfTrue):
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_loop_if_lesseq):
        * VM/Machine.h:
        * VM/Opcode.h:

2008-09-14  Sam Weinig  <sam@webkit.org>

        Reviewed by Cameron Zwarich.

        Cleanup Sampling code.

        * VM/CTI.cpp:
        (JSC::CTI::emitCall):
        (JSC::CTI::privateCompileMainPass):
        * VM/CTI.h:
        (JSC::CTI::execute):
        * VM/SamplingTool.cpp:
        (JSC::):
        (JSC::SamplingTool::run):
        (JSC::SamplingTool::dump):
        * VM/SamplingTool.h:
        (JSC::SamplingTool::callingHostFunction):

2008-09-13  Oliver Hunt  <oliver@apple.com>

        Reviewed by Cameron Zwarich.

        Bug 20821: Cache property transitions to speed up object initialization
        https://bugs.webkit.org/show_bug.cgi?id=20821

        Implement a transition cache to improve the performance of new properties
        being added to objects.  This is extremely beneficial in constructors and
        shows up as a 34% improvement on access-binary-trees in SunSpider (0.8%
        overall)

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::):
        (JSC::transitionWillNeedStorageRealloc):
        (JSC::CTI::privateCompilePutByIdTransition):
        * VM/CTI.h:
        (JSC::CTI::compilePutByIdTransition):
        * VM/CodeBlock.cpp:
        (JSC::printPutByIdOp):
        (JSC::CodeBlock::printStructureIDs):
        (JSC::CodeBlock::dump):
        (JSC::CodeBlock::derefStructureIDs):
        (JSC::CodeBlock::refStructureIDs):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::emitPutById):
        * VM/Machine.cpp:
        (JSC::cachePrototypeChain):
        (JSC::Machine::tryCachePutByID):
        (JSC::Machine::tryCacheGetByID):
        (JSC::Machine::privateExecute):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        * VM/Machine.h:
        * VM/Opcode.h:
        * kjs/JSObject.h:
        (JSC::JSObject::putDirect):
        (JSC::JSObject::transitionTo):
        * kjs/PutPropertySlot.h:
        (JSC::PutPropertySlot::PutPropertySlot):
        (JSC::PutPropertySlot::wasTransition):
        (JSC::PutPropertySlot::setWasTransition):
        * kjs/StructureID.cpp:
        (JSC::StructureID::transitionTo):
        (JSC::StructureIDChain::StructureIDChain):
        * kjs/StructureID.h:
        (JSC::StructureID::previousID):
        (JSC::StructureID::setCachedPrototypeChain):
        (JSC::StructureID::cachedPrototypeChain):
        (JSC::StructureID::propertyMap):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::addl_i8m):
        (JSC::X86Assembler::subl_i8m):

2008-09-12  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20819: JSValue::isObject() is slow
        <https://bugs.webkit.org/show_bug.cgi?id=20819>

        Optimize JSCell::isObject() and JSCell::isString() by making them
        non-virtual calls that rely on the StructureID type information.

        This is a 0.7% speedup on SunSpider and a 1.0% speedup on the V8
        benchmark suite.

        * JavaScriptCore.exp:
        * kjs/JSCell.cpp:
        * kjs/JSCell.h:
        (JSC::JSCell::isObject):
        (JSC::JSCell::isString):
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        (JSC::JSString::JSString):
        * kjs/StructureID.h:
        (JSC::StructureID::type):

2008-09-11  Stephanie Lewis  <slewis@apple.com>

        Reviewed by Oliver Hunt.

        Turn off PGO Optimization on CTI.cpp -> <rdar://problem/6207709>.  Fixes
        crash on CNN and on Dromaeo.
        Fix Missing close tag in vcproj. 

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:

2008-09-11  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Not reviewed.

        Correct an SVN problem with the last commit and actually add the new
        files.

        * wrec/CharacterClassConstructor.cpp: Added.
        (JSC::):
        (JSC::getCharacterClassNewline):
        (JSC::getCharacterClassDigits):
        (JSC::getCharacterClassSpaces):
        (JSC::getCharacterClassWordchar):
        (JSC::getCharacterClassNondigits):
        (JSC::getCharacterClassNonspaces):
        (JSC::getCharacterClassNonwordchar):
        (JSC::CharacterClassConstructor::addSorted):
        (JSC::CharacterClassConstructor::addSortedRange):
        (JSC::CharacterClassConstructor::put):
        (JSC::CharacterClassConstructor::flush):
        (JSC::CharacterClassConstructor::append):
        * wrec/CharacterClassConstructor.h: Added.
        (JSC::CharacterClassConstructor::CharacterClassConstructor):
        (JSC::CharacterClassConstructor::isUpsideDown):
        (JSC::CharacterClassConstructor::charClass):

2008-09-11  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20788: Split CharacterClassConstructor into its own file
        <https://bugs.webkit.org/show_bug.cgi?id=20788>

        Split CharacterClassConstructor into its own file and clean up some
        style issues.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * wrec/CharacterClassConstructor.cpp: Added.
        (JSC::):
        (JSC::getCharacterClassNewline):
        (JSC::getCharacterClassDigits):
        (JSC::getCharacterClassSpaces):
        (JSC::getCharacterClassWordchar):
        (JSC::getCharacterClassNondigits):
        (JSC::getCharacterClassNonspaces):
        (JSC::getCharacterClassNonwordchar):
        (JSC::CharacterClassConstructor::addSorted):
        (JSC::CharacterClassConstructor::addSortedRange):
        (JSC::CharacterClassConstructor::put):
        (JSC::CharacterClassConstructor::flush):
        (JSC::CharacterClassConstructor::append):
        * wrec/CharacterClassConstructor.h: Added.
        (JSC::CharacterClassConstructor::CharacterClassConstructor):
        (JSC::CharacterClassConstructor::isUpsideDown):
        (JSC::CharacterClassConstructor::charClass):
        * wrec/WREC.cpp:
        (JSC::WRECParser::parseCharacterClass):

2008-09-10  Simon Hausmann  <hausmann@webkit.org>

        Not reviewed but trivial one-liner for yet unused macro.

        Changed PLATFORM(WINCE) to PLATFORM(WIN_CE) as requested by Mark.

        (part of https://bugs.webkit.org/show_bug.cgi?id=20746)

        * wtf/Platform.h:

2008-09-10  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Rubber-stamped by Oliver Hunt.

        Fix a typo by renaming the overloaded orl_rr that takes an immediate to
        orl_i32r.

        * VM/CTI.cpp:
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::orl_i32r):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInverted):

2008-09-10  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoff Garen.

        Add inline property storage for JSObject.

        1.2% progression on Sunspider. .5% progression on the v8 test suite.

        * JavaScriptCore.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        * kjs/JSObject.cpp:
        (JSC::JSObject::mark): There is no reason to check storageSize now that
        we start from 0.
        (JSC::JSObject::allocatePropertyStorage): Allocates/reallocates heap storage.
        * kjs/JSObject.h:
        (JSC::JSObject::offsetForLocation): m_propertyStorage is not an OwnArrayPtr
        now so there is no reason to .get()
        (JSC::JSObject::usingInlineStorage):
        (JSC::JSObject::JSObject): Start with m_propertyStorage pointing to the
        inline storage.
        (JSC::JSObject::~JSObject): Free the heap storage if not using the inline
        storage.
        (JSC::JSObject::putDirect): Switch to the heap storage only when we know
        we know that we are about to add a property that will overflow the inline
        storage.
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::createTable): Don't allocate the propertyStorage, that is
        now handled by JSObject.
        (JSC::PropertyMap::rehash): PropertyStorage is not a OwnArrayPtr anymore.
        * kjs/PropertyMap.h:
        (JSC::PropertyMap::storageSize): Rename from markingCount.
        * kjs/StructureID.cpp:
        (JSC::StructureID::addPropertyTransition): Don't resize the property storage
        if we are using inline storage.
        * kjs/StructureID.h:

2008-09-10  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoff Garen.

        Inline immediate number version of op_mul.

        Renamed mull_rr to imull_rr as that's what it's 
        actually doing, and added imull_i32r for the constant
        case immediate multiply.

        1.1% improvement to SunSpider.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::):
        (JSC::X86Assembler::imull_rr):
        (JSC::X86Assembler::imull_i32r):

2008-09-10  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Not reviewed.

        Mac build fix.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-09-09  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Add optimised access to known properties on the global object.

        Improve cross scope access to the global object by emitting
        code to access it directly rather than by walking the scope chain.

        This is a 0.8% win in SunSpider and a 1.7% win in the v8 benchmarks.

        * VM/CTI.cpp:
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::emitGetVariableObjectRegister):
        (JSC::CTI::emitPutVariableObjectRegister):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (JSC::CodeBlock::dump):
        * VM/CodeGenerator.cpp:
        (JSC::CodeGenerator::findScopedProperty):
        (JSC::CodeGenerator::emitResolve):
        (JSC::CodeGenerator::emitGetScopedVar):
        (JSC::CodeGenerator::emitPutScopedVar):
        * VM/CodeGenerator.h:
        * VM/Machine.cpp:
        (JSC::Machine::privateExecute):
        * VM/Opcode.h:
        * kjs/nodes.cpp:
        (JSC::FunctionCallResolveNode::emitCode):
        (JSC::PostfixResolveNode::emitCode):
        (JSC::PrefixResolveNode::emitCode):
        (JSC::ReadModifyResolveNode::emitCode):
        (JSC::AssignResolveNode::emitCode):

2008-09-10  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver.
        
        - enable polymorphic inline caching of properties of primitives
        
        1.012x speedup on SunSpider.

        We create special structure IDs for JSString and
        JSNumberCell. Unlike normal structure IDs, these cannot hold the
        true prototype. Due to JS autoboxing semantics, the prototype used
        when looking up string or number properties depends on the lexical
        global object of the call site, not the creation site. Thus we
        enable StructureIDs to handle this quirk for primitives.
        
        Everything else should be straightforward.
        
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        * VM/CTI.h:
        (JSC::CTI::compileGetByIdProto):
        (JSC::CTI::compileGetByIdChain):
        * VM/JSPropertyNameIterator.h:
        (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
        * VM/Machine.cpp:
        (JSC::Machine::Machine):
        (JSC::cachePrototypeChain):
        (JSC::Machine::tryCachePutByID):
        (JSC::Machine::tryCacheGetByID):
        (JSC::Machine::privateExecute):
        (JSC::Machine::tryCTICachePutByID):
        (JSC::Machine::tryCTICacheGetByID):
        * kjs/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        * kjs/JSCell.h:
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.h:
        (JSC::StructureID::prototypeForLookup):
        * kjs/JSNumberCell.h:
        (JSC::JSNumberCell::JSNumberCell):
        (JSC::jsNumberCell):
        * kjs/JSObject.h:
        (JSC::JSObject::prototype):
        * kjs/JSString.cpp:
        (JSC::jsString):
        (JSC::jsSubstring):
        (JSC::jsOwnedString):
        * kjs/JSString.h:
        (JSC::JSString::JSString):
        (JSC::JSString::):
        (JSC::jsSingleCharacterString):
        (JSC::jsSingleCharacterSubstring):
        (JSC::jsNontrivialString):
        * kjs/SmallStrings.cpp:
        (JSC::SmallStrings::createEmptyString):
        (JSC::SmallStrings::createSingleCharacterString):
        * kjs/StructureID.cpp:
        (JSC::StructureID::StructureID):
        (JSC::StructureID::addPropertyTransition):
        (JSC::StructureID::getterSetterTransition):
        (JSC::StructureIDChain::StructureIDChain):
        * kjs/StructureID.h:
        (JSC::StructureID::create):
        (JSC::StructureID::storedPrototype):

2008-09-09  Joerg Bornemann  <joerg.bornemann@trolltech.com>

        Reviewed by Sam Weinig.

        https://bugs.webkit.org/show_bug.cgi?id=20746

        Added WINCE platform macro.

        * wtf/Platform.h:

2008-09-09  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Remove unnecessary override of getOffset.

        Sunspider reports this as a .6% progression.

        * JavaScriptCore.exp:
        * kjs/JSObject.h:
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::getOwnPropertySlotForWrite):
        (JSC::JSObject::putDirect):
        * kjs/PropertyMap.cpp:
        * kjs/PropertyMap.h:

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20759: Remove MacroAssembler
        <https://bugs.webkit.org/show_bug.cgi?id=20759>

        Remove MacroAssembler and move its functionality to X86Assembler.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitPutArg):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitDebugExceptionCheck):
        (JSC::CTI::emitJumpSlowCaseIfNotImm):
        (JSC::CTI::emitJumpSlowCaseIfNotImms):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateArrayLengthTrampoline):
        (JSC::CTI::privateStringLengthTrampoline):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        (JSC::CallRecord::CallRecord):
        (JSC::JmpTable::JmpTable):
        (JSC::SlowCaseEntry::SlowCaseEntry):
        (JSC::CTI::JSRInfo::JSRInfo):
        * masm/MacroAssembler.h: Removed.
        * masm/MacroAssemblerWin.cpp: Removed.
        * masm/X86Assembler.h:
        (JSC::X86Assembler::emitConvertToFastCall):
        (JSC::X86Assembler::emitRestoreArgumentReference):
        * wrec/WREC.h:
        (JSC::WRECGenerator::WRECGenerator):
        (JSC::WRECParser::WRECParser):

2008-09-09  Sam Weinig  <sam@webkit.org>

        Reviewed by Cameron Zwarich.

        Don't waste the first item in the PropertyStorage.

        - Fix typo (makingCount -> markingCount)
        - Remove undefined method declaration.

        No change on Sunspider.

        * kjs/JSObject.cpp:
        (JSC::JSObject::mark):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::put):
        (JSC::PropertyMap::remove):
        (JSC::PropertyMap::getOffset):
        (JSC::PropertyMap::insert):
        (JSC::PropertyMap::rehash):
        (JSC::PropertyMap::resizePropertyStorage):
        (JSC::PropertyMap::checkConsistency):
        * kjs/PropertyMap.h:
        (JSC::PropertyMap::markingCount): Fix typo.

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Not reviewed.

        Speculative Windows build fix.

        * masm/MacroAssemblerWin.cpp:
        (JSC::MacroAssembler::emitConvertToFastCall):
        (JSC::MacroAssembler::emitRestoreArgumentReference):

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20755: Create an X86 namespace for register names and other things
        <https://bugs.webkit.org/show_bug.cgi?id=20755>

        Create an X86 namespace to put X86 register names. Perhaps I will move
        opcode names here later as well.

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitPutArg):
        (JSC::CTI::emitPutArgConstant):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitDebugExceptionCheck):
        (JSC::CTI::emitJumpSlowCaseIfNotImms):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateArrayLengthTrampoline):
        (JSC::CTI::privateStringLengthTrampoline):
        (JSC::CTI::compileRegExp):
        * VM/CTI.h:
        * masm/X86Assembler.h:
        (JSC::X86::):
        (JSC::X86Assembler::emitModRm_rm):
        (JSC::X86Assembler::emitModRm_rm_Unchecked):
        (JSC::X86Assembler::emitModRm_rmsib):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::gernerateDisjunction):
        * wrec/WREC.h:

2008-09-09  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Remove unnecessary friend declaration.

        * kjs/PropertyMap.h:

2008-09-09  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoffrey Garen.

        Replace uses of PropertyMap::get and PropertyMap::getLocation with
        PropertyMap::getOffset.

        Sunspider reports this as a .6% improvement.

        * JavaScriptCore.exp:
        * kjs/JSObject.cpp:
        (JSC::JSObject::put):
        (JSC::JSObject::deleteProperty):
        (JSC::JSObject::getPropertyAttributes):
        * kjs/JSObject.h:
        (JSC::JSObject::getDirect):
        (JSC::JSObject::getDirectLocation):
        (JSC::JSObject::locationForOffset):
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMap::remove):
        (JSC::PropertyMap::getOffset):
        * kjs/PropertyMap.h:

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Sam Weinig.

        Bug 20754: Remove emit prefix from assembler opcode methods
        <https://bugs.webkit.org/show_bug.cgi?id=20754>

        * VM/CTI.cpp:
        (JSC::CTI::emitGetArg):
        (JSC::CTI::emitGetPutArg):
        (JSC::CTI::emitPutArg):
        (JSC::CTI::emitPutArgConstant):
        (JSC::CTI::emitPutCTIParam):
        (JSC::CTI::emitGetCTIParam):
        (JSC::CTI::emitPutToCallFrameHeader):
        (JSC::CTI::emitGetFromCallFrameHeader):
        (JSC::CTI::emitPutResult):
        (JSC::CTI::emitDebugExceptionCheck):
        (JSC::CTI::emitCall):
        (JSC::CTI::emitJumpSlowCaseIfNotImm):
        (JSC::CTI::emitJumpSlowCaseIfNotImms):
        (JSC::CTI::emitFastArithDeTagImmediate):
        (JSC::CTI::emitFastArithReTagImmediate):
        (JSC::CTI::emitFastArithPotentiallyReTagImmediate):
        (JSC::CTI::emitFastArithImmToInt):
        (JSC::CTI::emitFastArithIntToImmOrSlowCase):
        (JSC::CTI::emitFastArithIntToImmNoCheck):
        (JSC::CTI::compileOpCall):
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        (JSC::CTI::privateCompile):
        (JSC::CTI::privateCompileGetByIdSelf):
        (JSC::CTI::privateCompileGetByIdProto):
        (JSC::CTI::privateCompileGetByIdChain):
        (JSC::CTI::privateCompilePutByIdReplace):
        (JSC::CTI::privateArrayLengthTrampoline):
        (JSC::CTI::privateStringLengthTrampoline):
        (JSC::CTI::compileRegExp):
        * masm/MacroAssemblerWin.cpp:
        (JSC::MacroAssembler::emitConvertToFastCall):
        (JSC::MacroAssembler::emitRestoreArgumentReference):
        * masm/X86Assembler.h:
        (JSC::X86Assembler::pushl_r):
        (JSC::X86Assembler::pushl_m):
        (JSC::X86Assembler::popl_r):
        (JSC::X86Assembler::popl_m):
        (JSC::X86Assembler::movl_rr):
        (JSC::X86Assembler::addl_rr):
        (JSC::X86Assembler::addl_i8r):
        (JSC::X86Assembler::addl_i32r):
        (JSC::X86Assembler::addl_mr):
        (JSC::X86Assembler::andl_rr):
        (JSC::X86Assembler::andl_i32r):
        (JSC::X86Assembler::cmpl_i8r):
        (JSC::X86Assembler::cmpl_rr):
        (JSC::X86Assembler::cmpl_rm):
        (JSC::X86Assembler::cmpl_i32r):
        (JSC::X86Assembler::cmpl_i32m):
        (JSC::X86Assembler::cmpw_rm):
        (JSC::X86Assembler::orl_rr):
        (JSC::X86Assembler::subl_rr):
        (JSC::X86Assembler::subl_i8r):
        (JSC::X86Assembler::subl_i32r):
        (JSC::X86Assembler::subl_mr):
        (JSC::X86Assembler::testl_i32r):
        (JSC::X86Assembler::testl_rr):
        (JSC::X86Assembler::xorl_i8r):
        (JSC::X86Assembler::xorl_rr):
        (JSC::X86Assembler::sarl_i8r):
        (JSC::X86Assembler::sarl_CLr):
        (JSC::X86Assembler::shl_i8r):
        (JSC::X86Assembler::shll_CLr):
        (JSC::X86Assembler::mull_rr):
        (JSC::X86Assembler::idivl_r):
        (JSC::X86Assembler::cdq):
        (JSC::X86Assembler::movl_mr):
        (JSC::X86Assembler::movzwl_mr):
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::movl_i32r):
        (JSC::X86Assembler::movl_i32m):
        (JSC::X86Assembler::leal_mr):
        (JSC::X86Assembler::ret):
        (JSC::X86Assembler::jmp_r):
        (JSC::X86Assembler::jmp_m):
        (JSC::X86Assembler::call_r):
        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generateBacktrack1):
        (JSC::WRECGenerator::generateBacktrackBackreference):
        (JSC::WRECGenerator::generateBackreferenceQuantifier):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInvertedRange):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECGenerator::generateCharacterClass):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::gererateParenthesesResetTrampoline):
        (JSC::WRECGenerator::generateAssertionBOL):
        (JSC::WRECGenerator::generateAssertionEOL):
        (JSC::WRECGenerator::generateAssertionWordBoundary):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::gernerateDisjunction):

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Clean up the WREC code some more.

        * VM/CTI.cpp:
        (JSC::CTI::compileRegExp):
        * wrec/WREC.cpp:
        (JSC::getCharacterClassNewline):
        (JSC::getCharacterClassDigits):
        (JSC::getCharacterClassSpaces):
        (JSC::getCharacterClassWordchar):
        (JSC::getCharacterClassNondigits):
        (JSC::getCharacterClassNonspaces):
        (JSC::getCharacterClassNonwordchar):
        (JSC::WRECGenerator::generateBacktrack1):
        (JSC::WRECGenerator::generateBacktrackBackreference):
        (JSC::WRECGenerator::generateBackreferenceQuantifier):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generatePatternCharacter):
        (JSC::WRECGenerator::generateCharacterClassInvertedRange):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECGenerator::generateCharacterClass):
        (JSC::WRECGenerator::generateParentheses):
        (JSC::WRECGenerator::gererateParenthesesResetTrampoline):
        (JSC::WRECGenerator::generateAssertionBOL):
        (JSC::WRECGenerator::generateAssertionEOL):
        (JSC::WRECGenerator::generateAssertionWordBoundary):
        (JSC::WRECGenerator::generateBackreference):
        (JSC::WRECGenerator::gernerateDisjunction):
        (JSC::WRECParser::parseCharacterClass):
        (JSC::WRECParser::parseEscape):
        (JSC::WRECParser::parseTerm):
        * wrec/WREC.h:

2008-09-09  Mark Rowe  <mrowe@apple.com>

        Build fix, rubber-stamped by Anders Carlsson.

        Silence spurious build warnings about missing format attributes on functions in Assertions.cpp.

        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-09-09  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Fix builds using the "debug" variant.

        This reverts r36130 and tweaks Identifier to export the same symbols for Debug
        and Release configurations.

        * Configurations/JavaScriptCore.xcconfig:
        * DerivedSources.make:
        * JavaScriptCore.Debug.exp: Removed.
        * JavaScriptCore.base.exp: Removed.
        * JavaScriptCore.exp: Added.
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/identifier.cpp:
        (JSC::Identifier::addSlowCase): #ifdef the call to checkSameIdentifierTable so that
        there is no overhead in Release builds.
        (JSC::Identifier::checkSameIdentifierTable): Add empty functions for Release builds.
        * kjs/identifier.h:
        (JSC::Identifier::add): #ifdef the calls to checkSameIdentifierTable so that there is
        no overhead in Release builds, and remove the inline definitions of checkSameIdentifierTable.

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Clean up WREC a bit to bring it closer to our coding style guidelines.

        * wrec/WREC.cpp:
        (JSC::):
        (JSC::getCharacterClass_newline):
        (JSC::getCharacterClass_d):
        (JSC::getCharacterClass_s):
        (JSC::getCharacterClass_w):
        (JSC::getCharacterClass_D):
        (JSC::getCharacterClass_S):
        (JSC::getCharacterClass_W):
        (JSC::CharacterClassConstructor::append):
        (JSC::WRECGenerator::generateNonGreedyQuantifier):
        (JSC::WRECGenerator::generateGreedyQuantifier):
        (JSC::WRECGenerator::generateCharacterClassInverted):
        (JSC::WRECParser::parseQuantifier):
        (JSC::WRECParser::parsePatternCharacterQualifier):
        (JSC::WRECParser::parseCharacterClassQuantifier):
        (JSC::WRECParser::parseBackreferenceQuantifier):
        * wrec/WREC.h:
        (JSC::Quantifier::):
        (JSC::Quantifier::Quantifier):

2008-09-09  Jungshik Shin  <jungshik.shin@gmail.com>

        Reviewed by Alexey Proskuryakov.

        Try MIME charset names before trying IANA names 
        ( https://bugs.webkit.org/show_bug.cgi?id=17537 )

        * wtf/StringExtras.h: (strcasecmp): Added.

2008-09-09  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Mark Rowe.

        Bug 20719: REGRESSION (r36135-36244): Hangs, then crashes after several seconds
        <https://bugs.webkit.org/show_bug.cgi?id=20719>
        <rdar://problem/6205787>

        Fix a typo in the case-insensitive matching of character patterns.

        * wrec/WREC.cpp:
        (JSC::WRECGenerator::generatePatternCharacter):

2008-09-09  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Sam Weinig.
        
        - allow polymorphic inline cache to handle Math object functions and possibly other similar things
        
        1.012x speedup on SunSpider.

        * kjs/MathObject.cpp:
        (JSC::MathObject::getOwnPropertySlot):
        * kjs/lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * kjs/lookup.h:
        (JSC::getStaticPropertySlot):

2008-09-08  Sam Weinig  <sam@webkit.org>

        Reviewed by Maciej Stachowiak and Oliver Hunt.

        Split storage of properties out of the PropertyMap and into the JSObject
        to allow sharing PropertyMap on the StructureID.  In order to get this
        function correctly, the StructureID's transition mappings were changed to
        transition based on property name and attribute pairs, instead of just
        property name.

        - Removes the single property optimization now that the PropertyMap is shared.
          This will be replaced by in-lining some values on the JSObject.

        This is a wash on Sunspider and a 6.7% win on the v8 test suite.

        * JavaScriptCore.base.exp:
        * VM/CTI.cpp:
        (JSC::CTI::privateCompileGetByIdSelf): Get the storage directly off the JSObject.
        (JSC::CTI::privateCompileGetByIdProto): Ditto.
        (JSC::CTI::privateCompileGetByIdChain): Ditto.
        (JSC::CTI::privateCompilePutByIdReplace): Ditto.
        * kjs/JSObject.cpp:
        (JSC::JSObject::mark): Mark the PropertyStorage.
        (JSC::JSObject::put): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::deleteProperty): Ditto.
        (JSC::JSObject::defineGetter): Return early if the property is already a getter/setter.
        (JSC::JSObject::defineSetter): Ditto.
        (JSC::JSObject::getPropertyAttributes): Update to get the propertyMap of the StructureID
        (JSC::JSObject::getPropertyNames): Ditto.
        (JSC::JSObject::removeDirect): Ditto.
        * kjs/JSObject.h: Remove PropertyMap and add PropertyStorage.
        (JSC::JSObject::propertyStorage): return the PropertyStorage.
        (JSC::JSObject::getDirect): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::getDirectLocation): Ditto.
        (JSC::JSObject::offsetForLocation): Compute location directly.
        (JSC::JSObject::hasCustomProperties): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::hasGetterSetterProperties): Ditto.
        (JSC::JSObject::getDirectOffset): Get by indexing into PropertyStorage.
        (JSC::JSObject::putDirectOffset): Put by indexing into PropertyStorage.
        (JSC::JSObject::getOwnPropertySlotForWrite): Update to get the propertyMap of the StructureID.
        (JSC::JSObject::getOwnPropertySlot): Ditto.
        (JSC::JSObject::putDirect): Move putting into the StructureID unless the property already exists.
        * kjs/PropertyMap.cpp: Use the propertyStorage as the storage for the JSValues.
        (JSC::PropertyMap::checkConsistency): 
        (JSC::PropertyMap::operator=):
        (JSC::PropertyMap::~PropertyMap):
        (JSC::PropertyMap::get):
        (JSC::PropertyMap::getLocation):
        (JSC::PropertyMap::put):
        (JSC::PropertyMap::getOffset):
        (JSC::PropertyMap::insert):
        (JSC::PropertyMap::expand):
        (JSC::PropertyMap::rehash):
        (JSC::PropertyMap::createTable):
        (JSC::PropertyMap::resizePropertyStorage): Resize the storage to match the size of the map
        (JSC::PropertyMap::remove):
        (JSC::PropertyMap::getEnumerablePropertyNames):
        * kjs/PropertyMap.h: 
        (JSC::PropertyMapEntry::PropertyMapEntry):
        (JSC::PropertyMap::isEmpty):
        (JSC::PropertyMap::size):
        (JSC::PropertyMap::makingCount):
        (JSC::PropertyMap::PropertyMap):

        * kjs/StructureID.cpp: 
        (JSC::StructureID::addPropertyTransition): Transitions now are based off the property name
        and attributes. 
        (JSC::StructureID::toDictionaryTransition): Copy the map.
        (JSC::StructureID::changePrototypeTransition): Copy the map.
        (JSC::StructureID::getterSetterTransition): Copy the map.
        (JSC::StructureID::~StructureID): 
        * kjs/StructureID.h:
        (JSC::TransitionTableHash::hash): Custom hash for transition map.
        (JSC::TransitionTableHash::equal): Ditto.
        (JSC::TransitionTableHashTraits::emptyValue): Custom traits for transition map
        (JSC::TransitionTableHashTraits::constructDeletedValue): Ditto.
        (JSC::TransitionTableHashTraits::isDeletedValue): Ditto.
        (JSC::StructureID::propertyMap): Added.

2008-09-08  Oliver Hunt  <oliver@apple.com>

        Reviewed by Mark Rowe.

        Bug 20694: Slow Script error pops up when running Dromaeo tests

        Correct error in timeout logic where execution tick count would
        be reset to incorrect value due to incorrect offset and indirection.
        Codegen for the slow script dialog was factored out into a separate
        method (emitSlowScriptCheck) rather than having multiple copies of
        the same code.  Also added calls to generate slow script checks
        for loop_if_less and loop_if_true opcodes.

        * VM/CTI.cpp:
        (JSC::CTI::emitSlowScriptCheck):
        (JSC::CTI::privateCompileMainPass):
        (JSC::CTI::privateCompileSlowCases):
        * VM/CTI.h:

2008-09-08  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Remove references to the removed WRECompiler class.

        * VM/Machine.h:
        * wrec/WREC.h:

2008-09-08  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Rubber-stamped by Mark Rowe.

        Fix the build with CTI enabled but WREC disabled.

        * VM/CTI.cpp:
        * VM/CTI.h:

2008-09-08  Dan Bernstein  <mitz@apple.com>

        - build fix

        * kjs/nodes.h:
        (JSC::StatementNode::):
        (JSC::BlockNode::):

2008-09-08  Kevin McCullough  <kmccullough@apple.com>

        Reviewed by Geoff.

       <rdar://problem/6134407> Breakpoints in for loops, while loops or
       conditions without curly braces don't break. (19306)
       -Statement Lists already emit debug hooks but conditionals without
       brackets are not lists.

        * kjs/nodes.cpp:
        (KJS::IfNode::emitCode):
        (KJS::IfElseNode::emitCode):
        (KJS::DoWhileNode::emitCode):
        (KJS::WhileNode::emitCode):
        (KJS::ForNode::emitCode):
        (KJS::ForInNode::emitCode):
        * kjs/nodes.h:
        (KJS::StatementNode::):
        (KJS::BlockNode::):

2008-09-08  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Anders Carlsson.
        
        - Cache the code generated for eval to speed up SunSpider and web sites
        https://bugs.webkit.org/show_bug.cgi?id=20718
        
        1.052x on SunSpider
        2.29x on date-format-tofte
        
        Lots of real sites seem to get many hits on this cache as well,
        including GMail, Google Spreadsheets, Slate and Digg (the last of
        these gets over 100 hits on initial page load).

        * VM/CodeBlock.h:
        (JSC::EvalCodeCache::get):
        * VM/Machine.cpp:
        (JSC::Machine::callEval):
        (JSC::Machine::privateExecute):
        (JSC::Machine::cti_op_call_eval):
        * VM/Machine.h:

2008-09-07  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Oliver Hunt.

        Bug 20711: Change KJS prefix on preprocessor macros to JSC
        <https://bugs.webkit.org/show_bug.cgi?id=20711>

        * kjs/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers):
        * kjs/CommonIdentifiers.h:
        * kjs/PropertySlot.h:
        (JSC::PropertySlot::getValue):
        (JSC::PropertySlot::putValue):
        (JSC::PropertySlot::setValueSlot):
        (JSC::PropertySlot::setValue):
        (JSC::PropertySlot::setRegisterSlot):
        * kjs/lookup.h:
        * kjs/nodes.cpp:
        * kjs/nodes.h:
        (JSC::Node::):
        (JSC::ExpressionNode::):
        (JSC::StatementNode::):
        (JSC::NullNode::):
        (JSC::BooleanNode::):
        (JSC::NumberNode::):
        (JSC::ImmediateNumberNode::):
        (JSC::StringNode::):
        (JSC::RegExpNode::):
        (JSC::ThisNode::):
        (JSC::ResolveNode::):
        (JSC::ElementNode::):
        (JSC::ArrayNode::):
        (JSC::PropertyNode::):
        (JSC::PropertyListNode::):
        (JSC::ObjectLiteralNode::):
        (JSC::BracketAccessorNode::):
        (JSC::DotAccessorNode::):
        (JSC::ArgumentListNode::):
        (JSC::ArgumentsNode::):
        (JSC::NewExprNode::):
        (JSC::EvalFunctionCallNode::):
        (JSC::FunctionCallValueNode::):
        (JSC::FunctionCallResolveNode::):
        (JSC::FunctionCallBracketNode::):
        (JSC::FunctionCallDotNode::):
        (JSC::PrePostResolveNode::):
        (JSC::PostfixResolveNode::):
        (JSC::PostfixBracketNode::):
        (JSC::PostfixDotNode::):
        (JSC::PostfixErrorNode::):
        (JSC::DeleteResolveNode::):
        (JSC::DeleteBracketNode::):
        (JSC::DeleteDotNode::):
        (JSC::DeleteValueNode::):
        (JSC::VoidNode::):
        (JSC::TypeOfResolveNode::):
        (JSC::TypeOfValueNode::):
        (JSC::PrefixResolveNode::):
        (JSC::PrefixBracketNode::):
        (JSC::PrefixDotNode::):
        (JSC::PrefixErrorNode::):
        (JSC::UnaryPlusNode::):
        (JSC::NegateNode::):
        (JSC::BitwiseNotNode::):
        (JSC::LogicalNotNode::):
        (JSC::MultNode::):
        (JSC::DivNode::):
        (JSC::ModNode::):
        (JSC::AddNode::):
        (JSC::SubNode::):
        (JSC::LeftShiftNode::):
        (JSC::RightShiftNode::):
        (JSC::UnsignedRightShiftNode::):
        (JSC::LessNode::):
        (JSC::GreaterNode::):
        (JSC::LessEqNode::):
        (JSC::GreaterEqNode::):
        (JSC::ThrowableBinaryOpNode::):
        (JSC::InstanceOfNode::):
        (JSC::InNode::):
        (JSC::EqualNode::):
        (JSC::NotEqualNode::):
        (JSC::StrictEqualNode::):
        (JSC::NotStrictEqualNode::):
        (JSC::BitAndNode::):
        (JSC::BitOrNode::):
        (JSC::BitXOrNode::):
        (JSC::LogicalOpNode::):
        (JSC::ConditionalNode::):
        (JSC::ReadModifyResolveNode::):
        (JSC::AssignResolveNode::):
        (JSC::ReadModifyBracketNode::):
        (JSC::AssignBracketNode::):
        (JSC::AssignDotNode::):
        (JSC::ReadModifyDotNode::):
        (JSC::AssignErrorNode::):
        (JSC::CommaNode::):
        (JSC::VarDeclCommaNode::):
        (JSC::ConstDeclNode::):
        (JSC::ConstStatementNode::):
        (JSC::EmptyStatementNode::):
        (JSC::DebuggerStatementNode::):
        (JSC::ExprStatementNode::):
        (JSC::VarStatementNode::):
        (JSC::IfNode::):
        (JSC::IfElseNode::):
        (JSC::DoWhileNode::):
        (JSC::WhileNode::):
        (JSC::ForNode::):
        (JSC::ContinueNode::):
        (JSC::BreakNode::):
        (JSC::ReturnNode::):
        (JSC::WithNode::):
        (JSC::LabelNode::):
        (JSC::ThrowNode::):
        (JSC::TryNode::):
        (JSC::ParameterNode::):
        (JSC::ScopeNode::):
        (JSC::ProgramNode::):
        (JSC::EvalNode::):
        (JSC::FunctionBodyNode::):
        (JSC::FuncExprNode::):
        (JSC::FuncDeclNode::):
        (JSC::CaseClauseNode::):
        (JSC::ClauseListNode::):
        (JSC::CaseBlockNode::):
        (JSC::SwitchNode::):

2008-09-07  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Maciej Stachowiak.

        Bug 20704: Replace the KJS namespace
        <https://bugs.webkit.org/show_bug.cgi?id=20704>

        Rename the KJS namespace to JSC. There are still some uses of KJS in
        preprocessor macros and comments, but these will also be changed some
        time in the near future.

        * API/APICast.h:
        (toJS):
        (toRef):
        (toGlobalRef):
        * API/JSBase.cpp:
        * API/JSCallbackConstructor.cpp:
        * API/JSCallbackConstructor.h:
        * API/JSCallbackFunction.cpp:
        * API/JSCallbackFunction.h:
        * API/JSCallbackObject.cpp:
        * API/JSCallbackObject.h:
        * API/JSCallbackObjectFunctions.h:
        * API/JSClassRef.cpp:
        (OpaqueJSClass::staticValues):
        (OpaqueJSClass::staticFunctions):
        * API/JSClassRef.h:
        * API/JSContextRef.cpp:
        * API/JSObjectRef.cpp:
        * API/JSProfilerPrivate.cpp:
        * API/JSStringRef.cpp:
        * API/JSValueRef.cpp:
        (JSValueGetType):
        * API/OpaqueJSString.cpp:
        * API/OpaqueJSString.h:
        * JavaScriptCore.Debug.exp:
        * JavaScriptCore.base.exp:
        * VM/CTI.cpp:
        (JSC::):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        * VM/CodeGenerator.h:
        * VM/ExceptionHelpers.cpp:
        * VM/ExceptionHelpers.h:
        * VM/Instruction.h:
        * VM/JSPropertyNameIterator.cpp:
        * VM/JSPropertyNameIterator.h:
        * VM/LabelID.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * VM/Opcode.cpp:
        * VM/Opcode.h:
        * VM/Register.h:
        (WTF::):
        * VM/RegisterFile.cpp:
        * VM/RegisterFile.h:
        * VM/RegisterID.h:
        (WTF::):
        * VM/SamplingTool.cpp:
        * VM/SamplingTool.h:
        * VM/SegmentedVector.h:
        * kjs/ArgList.cpp:
        * kjs/ArgList.h:
        * kjs/Arguments.cpp:
        * kjs/Arguments.h:
        * kjs/ArrayConstructor.cpp:
        * kjs/ArrayConstructor.h:
        * kjs/ArrayPrototype.cpp:
        * kjs/ArrayPrototype.h:
        * kjs/BatchedTransitionOptimizer.h:
        * kjs/BooleanConstructor.cpp:
        * kjs/BooleanConstructor.h:
        * kjs/BooleanObject.cpp:
        * kjs/BooleanObject.h:
        * kjs/BooleanPrototype.cpp:
        * kjs/BooleanPrototype.h:
        * kjs/CallData.cpp:
        * kjs/CallData.h:
        * kjs/ClassInfo.h:
        * kjs/CommonIdentifiers.cpp:
        * kjs/CommonIdentifiers.h:
        * kjs/ConstructData.cpp:
        * kjs/ConstructData.h:
        * kjs/DateConstructor.cpp:
        * kjs/DateConstructor.h:
        * kjs/DateInstance.cpp:
        (JSC::DateInstance::msToGregorianDateTime):
        * kjs/DateInstance.h:
        * kjs/DateMath.cpp:
        * kjs/DateMath.h:
        * kjs/DatePrototype.cpp:
        * kjs/DatePrototype.h:
        * kjs/DebuggerCallFrame.cpp:
        * kjs/DebuggerCallFrame.h:
        * kjs/Error.cpp:
        * kjs/Error.h:
        * kjs/ErrorConstructor.cpp:
        * kjs/ErrorConstructor.h:
        * kjs/ErrorInstance.cpp:
        * kjs/ErrorInstance.h:
        * kjs/ErrorPrototype.cpp:
        * kjs/ErrorPrototype.h:
        * kjs/ExecState.cpp:
        * kjs/ExecState.h:
        * kjs/FunctionConstructor.cpp:
        * kjs/FunctionConstructor.h:
        * kjs/FunctionPrototype.cpp:
        * kjs/FunctionPrototype.h:
        * kjs/GetterSetter.cpp:
        * kjs/GetterSetter.h:
        * kjs/GlobalEvalFunction.cpp:
        * kjs/GlobalEvalFunction.h:
        * kjs/IndexToNameMap.cpp:
        * kjs/IndexToNameMap.h:
        * kjs/InitializeThreading.cpp:
        * kjs/InitializeThreading.h:
        * kjs/InternalFunction.cpp:
        * kjs/InternalFunction.h:
        (JSC::InternalFunction::InternalFunction):
        * kjs/JSActivation.cpp:
        * kjs/JSActivation.h:
        * kjs/JSArray.cpp:
        * kjs/JSArray.h:
        * kjs/JSCell.cpp:
        * kjs/JSCell.h:
        * kjs/JSFunction.cpp:
        * kjs/JSFunction.h:
        (JSC::JSFunction::JSFunction):
        * kjs/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData):
        * kjs/JSGlobalData.h:
        * kjs/JSGlobalObject.cpp:
        * kjs/JSGlobalObject.h:
        * kjs/JSGlobalObjectFunctions.cpp:
        * kjs/JSGlobalObjectFunctions.h:
        * kjs/JSImmediate.cpp:
        * kjs/JSImmediate.h:
        * kjs/JSLock.cpp:
        * kjs/JSLock.h:
        * kjs/JSNotAnObject.cpp:
        * kjs/JSNotAnObject.h:
        * kjs/JSNumberCell.cpp:
        * kjs/JSNumberCell.h:
        * kjs/JSObject.cpp:
        * kjs/JSObject.h:
        * kjs/JSStaticScopeObject.cpp:
        * kjs/JSStaticScopeObject.h:
        * kjs/JSString.cpp:
        * kjs/JSString.h:
        * kjs/JSType.h:
        * kjs/JSValue.cpp:
        * kjs/JSValue.h:
        * kjs/JSVariableObject.cpp:
        * kjs/JSVariableObject.h:
        * kjs/JSWrapperObject.cpp:
        * kjs/JSWrapperObject.h:
        * kjs/LabelStack.cpp:
        * kjs/LabelStack.h:
        * kjs/MathObject.cpp:
        * kjs/MathObject.h:
        * kjs/NativeErrorConstructor.cpp:
        * kjs/NativeErrorConstructor.h:
        * kjs/NativeErrorPrototype.cpp:
        * kjs/NativeErrorPrototype.h:
        * kjs/NodeInfo.h:
        * kjs/NumberConstructor.cpp:
        * kjs/NumberConstructor.h:
        * kjs/NumberObject.cpp:
        * kjs/NumberObject.h:
        * kjs/NumberPrototype.cpp:
        * kjs/NumberPrototype.h:
        * kjs/ObjectConstructor.cpp:
        * kjs/ObjectConstructor.h:
        * kjs/ObjectPrototype.cpp:
        * kjs/ObjectPrototype.h:
        * kjs/Parser.cpp:
        * kjs/Parser.h:
        * kjs/PropertyMap.cpp:
        (JSC::PropertyMapStatisticsExitLogger::~PropertyMapStatisticsExitLogger):
        * kjs/PropertyMap.h:
        * kjs/PropertyNameArray.cpp:
        * kjs/PropertyNameArray.h:
        * kjs/PropertySlot.cpp:
        * kjs/PropertySlot.h:
        * kjs/PrototypeFunction.cpp:
        * kjs/PrototypeFunction.h:
        * kjs/PutPropertySlot.h:
        * kjs/RegExpConstructor.cpp:
        * kjs/RegExpConstructor.h:
        * kjs/RegExpObject.cpp:
        * kjs/RegExpObject.h:
        * kjs/RegExpPrototype.cpp:
        * kjs/RegExpPrototype.h:
        * kjs/ScopeChain.cpp:
        * kjs/ScopeChain.h:
        * kjs/ScopeChainMark.h:
        * kjs/Shell.cpp:
        (jscmain):
        * kjs/SmallStrings.cpp:
        * kjs/SmallStrings.h:
        * kjs/SourceProvider.h:
        * kjs/SourceRange.h:
        * kjs/StringConstructor.cpp:
        * kjs/StringConstructor.h:
        * kjs/StringObject.cpp:
        * kjs/StringObject.h:
        * kjs/StringObjectThatMasqueradesAsUndefined.h:
        * kjs/StringPrototype.cpp:
        * kjs/StringPrototype.h:
        * kjs/StructureID.cpp:
        * kjs/StructureID.h:
        * kjs/SymbolTable.h:
        * kjs/collector.cpp:
        * kjs/collector.h:
        * kjs/completion.h:
        * kjs/create_hash_table:
        * kjs/debugger.cpp:
        * kjs/debugger.h:
        * kjs/dtoa.cpp:
        * kjs/dtoa.h:
        * kjs/grammar.y:
        * kjs/identifier.cpp:
        * kjs/identifier.h:
        (JSC::Identifier::equal):
        * kjs/interpreter.cpp:
        * kjs/interpreter.h:
        * kjs/lexer.cpp:
        (JSC::Lexer::Lexer):
        (JSC::Lexer::clear):
        (JSC::Lexer::makeIdentifier):
        * kjs/lexer.h:
        * kjs/lookup.cpp:
        * kjs/lookup.h:
        * kjs/nodes.cpp:
        * kjs/nodes.h:
        * kjs/nodes2string.cpp:
        * kjs/operations.cpp:
        * kjs/operations.h:
        * kjs/protect.h:
        * kjs/regexp.cpp:
        * kjs/regexp.h:
        * kjs/ustring.cpp:
        * kjs/ustring.h:
        (JSC::operator!=):
        (JSC::IdentifierRepHash::hash):
        (WTF::):
        * masm/MacroAssembler.h:
        * masm/MacroAssemblerWin.cpp:
        * masm/X86Assembler.h:
        * pcre/pcre_exec.cpp:
        * profiler/CallIdentifier.h:
        (WTF::):
        * profiler/HeavyProfile.cpp:
        * profiler/HeavyProfile.h:
        * profiler/Profile.cpp:
        * profiler/Profile.h:
        * profiler/ProfileGenerator.cpp:
        * profiler/ProfileGenerator.h:
        * profiler/ProfileNode.cpp:
        * profiler/ProfileNode.h:
        * profiler/Profiler.cpp:
        * profiler/Profiler.h:
        * profiler/TreeProfile.cpp:
        * profiler/TreeProfile.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:
        * wtf/AVLTree.h:

2008-09-07  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Dan Bernstein.
        
        - rename IA32MacroAssembler class to X86Assembler
        
        We otherwise call the platform X86, and also, I don't see any macros.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * masm/IA32MacroAsm.h: Removed.
        * masm/MacroAssembler.h:
        (KJS::MacroAssembler::MacroAssembler):
        * masm/MacroAssemblerWin.cpp:
        (KJS::MacroAssembler::emitRestoreArgumentReference):
        * masm/X86Assembler.h: Copied from masm/IA32MacroAsm.h.
        (KJS::X86Assembler::X86Assembler):
        * wrec/WREC.cpp:
        (KJS::WRECGenerator::generateNonGreedyQuantifier):
        (KJS::WRECGenerator::generateGreedyQuantifier):
        (KJS::WRECGenerator::generateParentheses):
        (KJS::WRECGenerator::generateBackreference):
        (KJS::WRECGenerator::gernerateDisjunction):
        * wrec/WREC.h:

2008-09-07  Cameron Zwarich  <cwzwarich@webkit.org>

        Not reviewed.

        Visual C++ seems to have some odd casting rules, so just convert the
        offending cast back to a C-style cast for now.

        * kjs/collector.cpp:
        (KJS::otherThreadStackPointer):

2008-09-07  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Mark Rowe.

        Attempt to fix the Windows build by using a const_cast to cast regs.Esp
        to a uintptr_t instead of a reinterpret_cast.

        * kjs/collector.cpp:
        (KJS::otherThreadStackPointer):

2008-09-07  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Sam Weinig.

        Remove C-style casts from kjs/collector.cpp.

        * kjs/collector.cpp:
        (KJS::Heap::heapAllocate):
        (KJS::currentThreadStackBase):
        (KJS::Heap::markConservatively):
        (KJS::otherThreadStackPointer):
        (KJS::Heap::markOtherThreadConservatively):
        (KJS::Heap::sweep):

2008-09-07  Mark Rowe  <mrowe@apple.com>

        Build fix for the debug variant.

        * DerivedSources.make: Also use the .Debug.exp exports file when building the debug variant.

2008-09-07  Cameron Zwarich  <cwzwarich@uwaterloo.ca>

        Reviewed by Timothy Hatcher.

        Remove C-style casts from the CTI code.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetArg):
        (KJS::CTI::emitGetPutArg):
        (KJS::ctiRepatchCallByReturnAddress):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileGetByIdSelf):
        (KJS::CTI::privateCompileGetByIdProto):
        (KJS::CTI::privateCompileGetByIdChain):
        (KJS::CTI::privateCompilePutByIdReplace):
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):

=== End merge of squirrelfish-extreme ===

2008-09-06  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig. Adapted somewhat by Maciej Stachowiak.
        
        - refactor WREC to share more of the JIT infrastructure with CTI

        * VM/CTI.cpp:
        (KJS::CTI::emitGetArg):
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::emitPutArg):
        (KJS::CTI::emitPutArgConstant):
        (KJS::CTI::emitPutCTIParam):
        (KJS::CTI::emitGetCTIParam):
        (KJS::CTI::emitPutToCallFrameHeader):
        (KJS::CTI::emitGetFromCallFrameHeader):
        (KJS::CTI::emitPutResult):
        (KJS::CTI::emitDebugExceptionCheck):
        (KJS::CTI::emitJumpSlowCaseIfNotImm):
        (KJS::CTI::emitJumpSlowCaseIfNotImms):
        (KJS::CTI::emitFastArithDeTagImmediate):
        (KJS::CTI::emitFastArithReTagImmediate):
        (KJS::CTI::emitFastArithPotentiallyReTagImmediate):
        (KJS::CTI::emitFastArithImmToInt):
        (KJS::CTI::emitFastArithIntToImmOrSlowCase):
        (KJS::CTI::emitFastArithIntToImmNoCheck):
        (KJS::CTI::CTI):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileSlowCases):
        (KJS::CTI::privateCompile):
        (KJS::CTI::privateCompileGetByIdSelf):
        (KJS::CTI::privateCompileGetByIdProto):
        (KJS::CTI::privateCompileGetByIdChain):
        (KJS::CTI::privateCompilePutByIdReplace):
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):
        (KJS::CTI::compileRegExp):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::JmpTable::JmpTable):
        (KJS::SlowCaseEntry::SlowCaseEntry):
        (KJS::CTI::JSRInfo::JSRInfo):
        * kjs/regexp.cpp:
        (KJS::RegExp::RegExp):
        * wrec/WREC.cpp:
        (KJS::GenerateParenthesesNonGreedyFunctor::GenerateParenthesesNonGreedyFunctor):
        (KJS::GeneratePatternCharacterFunctor::generateAtom):
        (KJS::GeneratePatternCharacterFunctor::backtrack):
        (KJS::GenerateCharacterClassFunctor::generateAtom):
        (KJS::GenerateCharacterClassFunctor::backtrack):
        (KJS::GenerateBackreferenceFunctor::generateAtom):
        (KJS::GenerateBackreferenceFunctor::backtrack):
        (KJS::GenerateParenthesesNonGreedyFunctor::generateAtom):
        (KJS::GenerateParenthesesNonGreedyFunctor::backtrack):
        (KJS::WRECGenerate::generateBacktrack1):
        (KJS::WRECGenerate::generateBacktrackBackreference):
        (KJS::WRECGenerate::generateBackreferenceQuantifier):
        (KJS::WRECGenerate::generateNonGreedyQuantifier):
        (KJS::WRECGenerate::generateGreedyQuantifier):
        (KJS::WRECGenerate::generatePatternCharacter):
        (KJS::WRECGenerate::generateCharacterClassInvertedRange):
        (KJS::WRECGenerate::generateCharacterClassInverted):
        (KJS::WRECGenerate::generateCharacterClass):
        (KJS::WRECGenerate::generateParentheses):
        (KJS::WRECGenerate::generateParenthesesNonGreedy):
        (KJS::WRECGenerate::gererateParenthesesResetTrampoline):
        (KJS::WRECGenerate::generateAssertionBOL):
        (KJS::WRECGenerate::generateAssertionEOL):
        (KJS::WRECGenerate::generateAssertionWordBoundary):
        (KJS::WRECGenerate::generateBackreference):
        (KJS::WRECGenerate::gernerateDisjunction):
        (KJS::WRECGenerate::terminateDisjunction):
        (KJS::WRECParser::parseGreedyQuantifier):
        (KJS::WRECParser::parseQuantifier):
        (KJS::WRECParser::parsePatternCharacterQualifier):
        (KJS::WRECParser::parseCharacterClassQuantifier):
        (KJS::WRECParser::parseBackreferenceQuantifier):
        (KJS::WRECParser::parseParentheses):
        (KJS::WRECParser::parseCharacterClass):
        (KJS::WRECParser::parseOctalEscape):
        (KJS::WRECParser::parseEscape):
        (KJS::WRECParser::parseTerm):
        (KJS::WRECParser::parseDisjunction):
        * wrec/WREC.h:
        (KJS::WRECGenerate::WRECGenerate):
        (KJS::WRECParser::):
        (KJS::WRECParser::WRECParser):
        (KJS::WRECParser::parseAlternative):
        (KJS::WRECParser::isEndOfPattern):

2008-09-06  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Fix the sampler build.

        * VM/SamplingTool.h:

2008-09-06  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Jump through the necessary hoops required to make MSVC cooperate with SFX

        We now explicitly declare the calling convention on all cti_op_* cfunctions,
        and return int instead of bool where appropriate (despite the cdecl calling
        convention seems to state MSVC generates code that returns the result value
        through ecx).  SFX behaves slightly differently under MSVC, specifically it
        stores the base argument address for the cti_op_* functions in the first
        argument, and then does the required stack manipulation through that pointer.
        This is necessary as MSVC's optimisations assume they have complete control
        of the stack, and periodically elide our stack manipulations, or move
        values in unexpected ways.  MSVC also frequently produces tail calls which may
        clobber the first argument, so the MSVC path is slightly less efficient due
        to the need to restore it.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (KJS::):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * masm/MacroAssembler.h:
        (KJS::MacroAssembler::emitConvertToFastCall):
        * masm/MacroAssemblerIA32GCC.cpp: Removed.
           For performance reasons we need these no-op functions to be inlined.

        * masm/MacroAssemblerWin.cpp:
        (KJS::MacroAssembler::emitRestoreArgumentReference):
        * wtf/Platform.h:

2008-09-05  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Maciej Stachowiak, or maybe the other way around.
        
        Added the ability to coalesce JITCode buffer grow operations by first
        growing the buffer and then executing unchecked puts to it.
        
        About a 2% speedup on date-format-tofte.

        * VM/CTI.cpp:
        (KJS::CTI::compileOpCall):
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::ensureSpace):
        (KJS::JITCodeBuffer::putByteUnchecked):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShortUnchecked):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putIntUnchecked):
        (KJS::JITCodeBuffer::putInt):
        (KJS::IA32MacroAssembler::emitTestl_i32r):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):
        (KJS::IA32MacroAssembler::emitMovl_i32m):
        (KJS::IA32MacroAssembler::emitUnlinkedJe):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        (KJS::IA32MacroAssembler::emitModRm_rr_Unchecked):
        (KJS::IA32MacroAssembler::emitModRm_rm_Unchecked):
        (KJS::IA32MacroAssembler::emitModRm_rm):
        (KJS::IA32MacroAssembler::emitModRm_opr):
        (KJS::IA32MacroAssembler::emitModRm_opr_Unchecked):
        (KJS::IA32MacroAssembler::emitModRm_opm_Unchecked):

2008-09-05  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Disable WREC and CTI on platforms that we have not yet had a chance to test with.

        * wtf/Platform.h:

2008-09-05  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.
        
        Use jo instead of a mask compare when fetching array.length and
        string.length. 4% speedup on array.length / string.length torture
        test.

        * VM/CTI.cpp:
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):

2008-09-05  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Sam Weinig.

        Removed a CTI compilation pass by recording labels during bytecode
        generation. This is more to reduce complexity than it is to improve
        performance.

        SunSpider reports no change.

        CodeBlock now keeps a "labels" set, which holds the offsets of all the
        instructions that can be jumped to.

        * VM/CTI.cpp: Nixed a pass.

        * VM/CodeBlock.h: Added a "labels" set.

        * VM/LabelID.h: No need for a special LableID for holding jump
        destinations, since the CodeBlock now knows all jump destinations.

        * wtf/HashTraits.h: New hash traits to accomodate putting offset 0 in
        the set.

        * kjs/nodes.cpp:
        (KJS::TryNode::emitCode): Emit a dummy label to record sret targets.

2008-09-05  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt and Gavin Barraclough.

        Move the JITCodeBuffer onto Machine and remove the static variables.

        * VM/CTI.cpp: Initialize m_jit with the Machine's code buffer.
        * VM/Machine.cpp:
        (KJS::Machine::Machine): Allocate a JITCodeBuffer.
        * VM/Machine.h:
        * kjs/RegExpConstructor.cpp:
        (KJS::constructRegExp): Pass the ExecState through.
        * kjs/RegExpPrototype.cpp:
        (KJS::regExpProtoFuncCompile): Ditto.
        * kjs/StringPrototype.cpp:
        (KJS::stringProtoFuncMatch): Ditto.
        (KJS::stringProtoFuncSearch): Ditto.
        * kjs/nodes.cpp:
        (KJS::RegExpNode::emitCode): Compile the pattern at code generation time
        so that we have access to an ExecState.
        * kjs/nodes.h:
        (KJS::RegExpNode::):
        * kjs/nodes2string.cpp:
        * kjs/regexp.cpp:
        (KJS::RegExp::RegExp): Pass the ExecState through.
        (KJS::RegExp::create): Ditto.
        * kjs/regexp.h:
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::IA32MacroAssembler): Reset the JITCodeBuffer when we are
        constructed.
        * wrec/WREC.cpp:
        (KJS::WRECompiler::compile): Retrieve the JITCodeBuffer from the Machine.
        * wrec/WREC.h:

2008-09-05  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt and Gavin Barraclough.

        Fix the build when CTI is disabled.

        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::~CodeBlock):
        * VM/CodeGenerator.cpp:
        (KJS::prepareJumpTableForStringSwitch):
        * VM/Machine.cpp:
        (KJS::Machine::Machine):
        (KJS::Machine::~Machine):

2008-09-05  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Mark Rowe.

        Fix some windows abi issues.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompileSlowCases):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_post_inc):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_post_dec):
        * VM/Machine.h:

2008-09-05  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Fix ecma/FunctionObjects/15.3.5.3.js after I broke it in r93.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call_NotJSFunction): Restore m_callFrame to the correct value after making the native call.
        (KJS::Machine::cti_op_construct_NotJSConstruct): Ditto.

2008-09-04  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Fix fast/dom/Window/console-functions.html.

        The call frame on the ExecState was not being updated on calls into native functions.  This meant that functions
        such as console.log would use the line number of the last JS function on the call stack.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call_NotJSFunction): Update the ExecState's call frame before making a native function call,
        and restore it when the function is done.
        (KJS::Machine::cti_op_construct_NotJSConstruct): Ditto.

2008-09-05  Oliver Hunt  <oliver@apple.com>

        Start bringing up SFX on windows.

        Reviewed by Mark Rowe and Sam Weinig

        Start doing the work to bring up SFX on windows.  Initially
        just working on WREC, as it does not make any calls so reduces
        the amount of code that needs to be corrected.
        
        Start abstracting the CTI JIT codegen engine.

        * ChangeLog:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        * masm/IA32MacroAsm.h:
        * masm/MacroAssembler.h: Added.
        (KJS::MacroAssembler::MacroAssembler):
        * masm/MacroAssemblerIA32GCC.cpp: Added.
        (KJS::MacroAssembler::emitConvertToFastCall):
        * masm/MacroAssemblerWin.cpp: Added.
        (KJS::MacroAssembler::emitConvertToFastCall):
        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseGreedyQuantifier):
        (KJS::WRECompiler::parseCharacterClass):
        (KJS::WRECompiler::parseEscape):
        (KJS::WRECompiler::compilePattern):
        * wrec/WREC.h:

2008-09-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Support for slow scripts (timeout checking).

        * VM/CTI.cpp:
        (KJS::CTI::privateCompileMainPass):
        (KJS::CTI::privateCompile):
        * VM/Machine.cpp:
        (KJS::slideRegisterWindowForCall):
        (KJS::Machine::cti_timeout_check):
        (KJS::Machine::cti_vm_throw):

2008-09-04  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Third round of style cleanup.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        * VM/Machine.h:
        * kjs/ExecState.h:

2008-09-04  Sam Weinig  <sam@webkit.org>

        Reviewed by Jon Honeycutt.

        Second round of style cleanup.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * wrec/WREC.h:

2008-09-04  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        First round of style cleanup.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * masm/IA32MacroAsm.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:

2008-09-04  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Mark Rowe.
        
        Merged http://trac.webkit.org/changeset/36081 to work with CTI.

        * VM/Machine.cpp:
        (KJS::Machine::tryCtiCacheGetByID):

2008-09-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Enable profiling in CTI.

        * VM/CTI.h:
        (KJS::):
        (KJS::CTI::execute):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call_JSFunction):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_ret):
        (KJS::Machine::cti_op_construct_JSConstruct):
        (KJS::Machine::cti_op_construct_NotJSConstruct):

2008-09-04  Victor Hernandez  <vhernandez@apple.com>

        Reviewed by Geoffrey Garen.
        
        Fixed an #if to support using WREC without CTI.

        * kjs/regexp.cpp:
        (KJS::RegExp::match):

2008-09-04  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        The array/string length trampolines are owned by the Machine, not the codeblock that compiled them.

        * VM/CTI.cpp:
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):
        * VM/Machine.cpp:
        (KJS::Machine::~Machine):
        * VM/Machine.h:

2008-09-04  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough and Sam Weinig.

        Fix a crash on launch of jsc when GuardMalloc is enabled.

        * kjs/ScopeChain.h:
        (KJS::ScopeChain::ScopeChain): Initialize m_node to 0 when we have no valid scope chain.
        (KJS::ScopeChain::~ScopeChain): Null-check m_node before calling deref.

2008-09-03  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix inspector and fast array access so that it bounds
        checks correctly.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitUnlinkedJb):
        (KJS::IA32MacroAssembler::emitUnlinkedJbe):

2008-09-03  Mark Rowe  <mrowe@apple.com>

        Move the assertion after the InitializeAndReturn block, as
        that is used even when CTI is enabled.

        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):

2008-09-03  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Replace calls to exit with ASSERT_WITH_MESSAGE or ASSERT_NOT_REACHED.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_vm_throw):

2008-09-03  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Tweak JavaScriptCore to compile on non-x86 platforms.  This is achieved
        by wrapping more code with ENABLE(CTI), ENABLE(WREC), and PLATFORM(X86)
        #if's.

        * VM/CTI.cpp:
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::printStructureIDs): Use %td as the format specifier for
        printing a ptrdiff_t.
        * VM/Machine.cpp:
        * VM/Machine.h:
        * kjs/regexp.cpp:
        (KJS::RegExp::RegExp):
        (KJS::RegExp::~RegExp):
        (KJS::RegExp::match):
        * kjs/regexp.h:
        * masm/IA32MacroAsm.h:
        * wrec/WREC.cpp:
        * wrec/WREC.h:
        * wtf/Platform.h: Only enable CTI and WREC on x86.  Add an extra define to
        track whether any MASM-using features are enabled.

2008-09-03  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Copy Geoff's array/string length optimization for CTI.

        * VM/CTI.cpp:
        (KJS::CTI::privateArrayLengthTrampoline):
        (KJS::CTI::privateStringLengthTrampoline):
        * VM/CTI.h:
        (KJS::CTI::compileArrayLengthTrampoline):
        (KJS::CTI::compileStringLengthTrampoline):
        * VM/Machine.cpp:
        (KJS::Machine::Machine):
        (KJS::Machine::getCtiArrayLengthTrampoline):
        (KJS::Machine::getCtiStringLengthTrampoline):
        (KJS::Machine::tryCtiCacheGetByID):
        (KJS::Machine::cti_op_get_by_id_second):
        * VM/Machine.h:
        * kjs/JSString.h:
        * kjs/ustring.h:

2008-09-03  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Implement fast array accesses in CTI - 2-3% progression on sunspider.

        * VM/CTI.cpp:
        (KJS::CTI::emitFastArithIntToImmNoCheck):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        * VM/CTI.h:
        * kjs/JSArray.h:

2008-09-02  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Enable fast property access support in CTI.

        * VM/CTI.cpp:
        (KJS::ctiSetReturnAddress):
        (KJS::ctiRepatchCallByReturnAddress):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        (KJS::CTI::privateCompileGetByIdSelf):
        (KJS::CTI::privateCompileGetByIdProto):
        (KJS::CTI::privateCompileGetByIdChain):
        (KJS::CTI::privateCompilePutByIdReplace):
        * VM/CTI.h:
        (KJS::CTI::compileGetByIdSelf):
        (KJS::CTI::compileGetByIdProto):
        (KJS::CTI::compileGetByIdChain):
        (KJS::CTI::compilePutByIdReplace):
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::~CodeBlock):
        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        (KJS::doSetReturnAddressVmThrowTrampoline):
        (KJS::Machine::tryCtiCachePutByID):
        (KJS::Machine::tryCtiCacheGetByID):
        (KJS::Machine::cti_op_put_by_id):
        (KJS::Machine::cti_op_put_by_id_second):
        (KJS::Machine::cti_op_put_by_id_generic):
        (KJS::Machine::cti_op_put_by_id_fail):
        (KJS::Machine::cti_op_get_by_id):
        (KJS::Machine::cti_op_get_by_id_second):
        (KJS::Machine::cti_op_get_by_id_generic):
        (KJS::Machine::cti_op_get_by_id_fail):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_vm_throw):
        * VM/Machine.h:
        * kjs/JSCell.h:
        * kjs/JSObject.h:
        * kjs/PropertyMap.h:
        * kjs/StructureID.cpp:
        (KJS::StructureIDChain::StructureIDChain):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::emitCmpl_i32m):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):

2008-09-02  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        A backslash (\) at the of a RegEx should produce an error.
        Fixes fast/regex/test1.html.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseEscape):

2008-09-02  Sam Weinig  <sam@webkit.org>

        Reviewed by Geoff Garen.

        Link jumps for the slow case of op_loop_if_less.  Fixes acid3.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass4_SlowCases):

2008-09-01  Sam Weinig  <sam@webkit.org>

        Rubber-stamped by Maciej Stachowiak.

        Switch WREC on by default.

        * wtf/Platform.h:

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Fix two failures in fast/regex/test1.html
          - \- in a character class should be treated as a literal -
          - A missing max quantifier needs to be treated differently than
            a null max quantifier.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateNonGreedyQuantifier):
        (KJS::WRECompiler::generateGreedyQuantifier):
        (KJS::WRECompiler::parseCharacterClass):
        * wrec/WREC.h:
        (KJS::Quantifier::Quantifier):

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Fix crash in fast/js/kde/evil-n.html

        * kjs/regexp.cpp: Always pass a non-null offset vector to the wrec function.

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Add pattern length limit fixing one test in fast/js.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::compile):
        * wrec/WREC.h:
        (KJS::WRECompiler::):

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Make octal escape parsing/back-reference parsing more closely match 
        prior behavior fixing one test in fast/js.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseCharacterClass): 8 and 9 should be IdentityEscaped
        (KJS::WRECompiler::parseEscape):
        * wrec/WREC.h:
        (KJS::WRECompiler::peekDigit):

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Fix one mozilla test.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateCharacterClassInverted): Fix incorrect not
        ascii upper check.

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Parse octal escapes in character classes fixing one mozilla test.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseCharacterClass):
        (KJS::WRECompiler::parseOctalEscape):
        * wrec/WREC.h:
        (KJS::WRECompiler::consumeOctal):

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Fixes two mozilla tests with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::CharacterClassConstructor::append): Keep the character class sorted
        when appending another character class.

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Mark Rowe.

        Fixes two mozilla tests with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::CharacterClassConstructor::addSortedRange): Insert the range at the correct position
        instead of appending it to the end.

2008-09-01  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Move cross-compilation unit call into NEVER_INLINE function.

        * VM/Machine.cpp:
        (KJS::doSetReturnAddressVmThrowTrampoline):

2008-09-01  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix one test in fast/js.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_construct_NotJSConstruct): Throw a createNotAConstructorError,
        instead of a createNotAFunctionError.

2008-08-31  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Zero-cost exception handling.  This patch takes the exception checking
        back of the hot path.  When an exception occurs in a Machine::cti*
        method, the return address to JIT code is recorded, and is then
        overwritten with a pointer to a trampoline routine.  When the method
        returns the trampoline will cause the cti_vm_throw method to be invoked.

        cti_vm_throw uses the return address preserved above, to discover the
        vPC of the bytecode that raised the exception (using a map build during
        translation).  From the VPC of the faulting bytecode the vPC of a catch
        routine may be discovered (unwinding the stack where necesary), and then
        a bytecode address for the catch routine is looked up.  Final cti_vm_throw
        overwrites its return address to JIT code again, to trampoline directly
        to the catch routine.
        
        cti_op_throw is handled in a similar fashion.

        * VM/CTI.cpp:
        (KJS::CTI::emitPutCTIParam):
        (KJS::CTI::emitPutToCallFrameHeader):
        (KJS::CTI::emitGetFromCallFrameHeader):
        (KJS::ctiSetReturnAddressForArgs):
        (KJS::CTI::emitDebugExceptionCheck):
        (KJS::CTI::printOpcodeOperandTypes):
        (KJS::CTI::emitCall):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::):
        (KJS::CTI::execute):
        * VM/CodeBlock.h:
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_op_instanceof):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_op_in):
        (KJS::Machine::cti_vm_throw):
        * VM/RegisterFile.h:
        (KJS::RegisterFile::):
        * kjs/ExecState.h:
        (KJS::ExecState::setCtiReturnAddress):
        (KJS::ExecState::ctiReturnAddress):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitPushl_m):
        (KJS::IA32MacroAssembler::emitPopl_m):
        (KJS::IA32MacroAssembler::getRelocatedAddress):

2008-08-31  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Fall back to PCRE for any regexp containing parentheses until we correctly backtrack within them.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseParentheses):
        * wrec/WREC.h:
        (KJS::WRECompiler::):

2008-08-31  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Fix several issues within ecma_3/RegExp/perlstress-001.js with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateNonGreedyQuantifier): Compare with the maximum quantifier count rather than the minimum.
        (KJS::WRECompiler::generateAssertionEOL): Do a register-to-register comparison rather than immediate-to-register.
        (KJS::WRECompiler::parseCharacterClass): Pass through the correct inversion flag.

2008-08-30  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Re-fix the six remaining failures in the Mozilla JavaScript tests in a manner that does not kill performance.
        This shows up as a 0.6% progression on SunSpider on my machine.

        Grow the JITCodeBuffer's underlying buffer when we run out of space rather than just bailing out.

        * VM/CodeBlock.h:
        (KJS::CodeBlock::~CodeBlock): Switch to using fastFree now that JITCodeBuffer::copy uses fastMalloc.
        * kjs/regexp.cpp: Ditto.
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::growBuffer):
        (KJS::JITCodeBuffer::JITCodeBuffer):
        (KJS::JITCodeBuffer::~JITCodeBuffer):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::reset):
        (KJS::JITCodeBuffer::copy):

2008-08-29  Oliver Hunt  <oliver@apple.com>

        RS=Maciej

        Roll out previous patch as it causes a 5% performance regression

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp:
        (KJS::getJCB):
        (KJS::CTI::privateCompile):
        * VM/CodeBlock.h:
        (KJS::CodeBlock::~CodeBlock):
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::JITCodeBuffer):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::getEIP):
        (KJS::JITCodeBuffer::start):
        (KJS::JITCodeBuffer::getOffset):
        (KJS::JITCodeBuffer::reset):
        (KJS::JITCodeBuffer::copy):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        (KJS::IA32MacroAssembler::emitModRm_rm):
        (KJS::IA32MacroAssembler::emitModRm_rmsib):
        (KJS::IA32MacroAssembler::IA32MacroAssembler):
        (KJS::IA32MacroAssembler::emitInt3):
        (KJS::IA32MacroAssembler::emitPushl_r):
        (KJS::IA32MacroAssembler::emitPopl_r):
        (KJS::IA32MacroAssembler::emitMovl_rr):
        (KJS::IA32MacroAssembler::emitAddl_rr):
        (KJS::IA32MacroAssembler::emitAddl_i8r):
        (KJS::IA32MacroAssembler::emitAddl_i32r):
        (KJS::IA32MacroAssembler::emitAddl_mr):
        (KJS::IA32MacroAssembler::emitAndl_rr):
        (KJS::IA32MacroAssembler::emitAndl_i32r):
        (KJS::IA32MacroAssembler::emitCmpl_i8r):
        (KJS::IA32MacroAssembler::emitCmpl_rr):
        (KJS::IA32MacroAssembler::emitCmpl_rm):
        (KJS::IA32MacroAssembler::emitCmpl_i32r):
        (KJS::IA32MacroAssembler::emitCmpl_i32m):
        (KJS::IA32MacroAssembler::emitCmpw_rm):
        (KJS::IA32MacroAssembler::emitOrl_rr):
        (KJS::IA32MacroAssembler::emitOrl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_rr):
        (KJS::IA32MacroAssembler::emitSubl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_i32r):
        (KJS::IA32MacroAssembler::emitSubl_mr):
        (KJS::IA32MacroAssembler::emitTestl_i32r):
        (KJS::IA32MacroAssembler::emitTestl_rr):
        (KJS::IA32MacroAssembler::emitXorl_i8r):
        (KJS::IA32MacroAssembler::emitXorl_rr):
        (KJS::IA32MacroAssembler::emitSarl_i8r):
        (KJS::IA32MacroAssembler::emitSarl_CLr):
        (KJS::IA32MacroAssembler::emitShl_i8r):
        (KJS::IA32MacroAssembler::emitShll_CLr):
        (KJS::IA32MacroAssembler::emitMull_rr):
        (KJS::IA32MacroAssembler::emitIdivl_r):
        (KJS::IA32MacroAssembler::emitCdq):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovzwl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):
        (KJS::IA32MacroAssembler::emitMovl_i32r):
        (KJS::IA32MacroAssembler::emitMovl_i32m):
        (KJS::IA32MacroAssembler::emitLeal_mr):
        (KJS::IA32MacroAssembler::emitRet):
        (KJS::IA32MacroAssembler::emitJmpN_r):
        (KJS::IA32MacroAssembler::emitJmpN_m):
        (KJS::IA32MacroAssembler::emitCall):
        (KJS::IA32MacroAssembler::label):
        (KJS::IA32MacroAssembler::emitUnlinkedJmp):
        (KJS::IA32MacroAssembler::emitUnlinkedJne):
        (KJS::IA32MacroAssembler::emitUnlinkedJe):
        (KJS::IA32MacroAssembler::emitUnlinkedJl):
        (KJS::IA32MacroAssembler::emitUnlinkedJle):
        (KJS::IA32MacroAssembler::emitUnlinkedJge):
        (KJS::IA32MacroAssembler::emitUnlinkedJae):
        (KJS::IA32MacroAssembler::emitUnlinkedJo):
        (KJS::IA32MacroAssembler::link):
        * wrec/WREC.cpp:
        (KJS::WRECompiler::compilePattern):
        (KJS::WRECompiler::compile):
        * wrec/WREC.h:

2008-08-29  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Have JITCodeBuffer manage a Vector containing the generated code so that it can grow
        as needed when generating code for a large function.  This fixes all six remaining failures
        in Mozilla tests in both debug and release builds.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile):
        * VM/CodeBlock.h:
        (KJS::CodeBlock::~CodeBlock):
        * masm/IA32MacroAsm.h:
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::getEIP):
        (KJS::JITCodeBuffer::start):
        (KJS::JITCodeBuffer::getOffset):
        (KJS::JITCodeBuffer::getCode):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        * wrec/WREC.cpp:
        (KJS::WRECompiler::compilePattern):
        * wrec/WREC.h:

2008-08-29  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Implement parsing of octal escapes in regular expressions.  This fixes three Mozilla tests.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::parseOctalEscape):
        (KJS::WRECompiler::parseEscape): Parse the escape sequence as an octal escape if it has a leading zero.
        Add a FIXME about treating invalid backreferences as octal escapes in the future.
        * wrec/WREC.h:
        (KJS::WRECompiler::consumeNumber): Multiply by 10 rather than 0 so that we handle numbers with more than
        one digit.
        * wtf/ASCIICType.h:
        (WTF::isASCIIOctalDigit):

2008-08-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Pass vPC to instanceof method.  Fixes 2 mozilla tests in debug.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_instanceof):

2008-08-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Pass vPCs to resolve methods for correct exception creation.  Fixes
        17 mozilla tests in debug.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):

2008-08-29  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Remembering to actually throw the exception passed to op throw helps.
        Regressions 19 -> 6.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_vm_throw):

2008-08-29  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Sam Weinig.

        Support for exception unwinding the stack.
        
        Once upon a time, Sam asked me for a bettr ChangeLog entry.  The return address
        is now preserved on entry to a JIT code function (if we preserve lazily we need
        restore the native return address during exception stack unwind).  This takes
        the number of regressions down from ~150 to 19.

        * VM/CTI.cpp:
        (KJS::getJCB):
        (KJS::CTI::emitExceptionCheck):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::):
        * VM/Machine.cpp:
        (KJS::Machine::throwException):
        (KJS::Machine::cti_op_call_JSFunction):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_construct_JSConstruct):
        (KJS::Machine::cti_op_construct_NotJSConstruct):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_vm_throw):

2008-08-29  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Fix js1_2/regexp/word_boundary.js and four other Mozilla tests with WREC enabled.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateCharacterClassInvertedRange): If none of the exact matches
        succeeded, jump to failure.
        (KJS::WRECompiler::compilePattern): Restore and increment the current position stored
        on the stack to ensure that it will be reset to the correct position after a failed
        match has consumed input.

2008-08-29  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Fix a hang in ecma_3/RegExp/15.10.2-1.js with WREC enabled.
        A backreference with a quantifier would get stuck in an infinite
        loop if the captured range was empty.

        * wrec/WREC.cpp:
        (KJS::WRECompiler::generateBackreferenceQuantifier): If the captured range
        was empty, do not attempt to match the backreference.
        (KJS::WRECompiler::parseBackreferenceQuantifier):
        * wrec/WREC.h:
        (KJS::Quantifier::):

2008-08-28  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Implement op_debug.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::debug):
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_op_debug):
        * VM/Machine.h:

2008-08-28  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_switch_string fixing 1 mozilla test and one test in fast/js.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::SwitchRecord::):
        (KJS::SwitchRecord::SwitchRecord):
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::dump):
        * VM/CodeBlock.h:
        (KJS::ExpressionRangeInfo::):
        (KJS::StringJumpTable::offsetForValue):
        (KJS::StringJumpTable::ctiForValue):
        (KJS::SimpleJumpTable::add):
        (KJS::SimpleJumpTable::ctiForValue):
        * VM/CodeGenerator.cpp:
        (KJS::prepareJumpTableForStringSwitch):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::Machine::cti_op_switch_string):
        * VM/Machine.h:

2008-08-28  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Do not recurse on the machine stack when executing op_call.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::emitPutArg):
        (KJS::CTI::emitPutArgConstant):
        (KJS::CTI::compileOpCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::):
        (KJS::CTI::compile):
        (KJS::CTI::execute):
        (KJS::CTI::):
        * VM/Machine.cpp:
        (KJS::Machine::Machine):
        (KJS::Machine::execute):
        (KJS::Machine::cti_op_call_JSFunction):
        (KJS::Machine::cti_op_call_NotJSFunction):
        (KJS::Machine::cti_op_ret):
        (KJS::Machine::cti_op_construct_JSConstruct):
        (KJS::Machine::cti_op_construct_NotJSConstruct):
        (KJS::Machine::cti_op_call_eval):
        * VM/Machine.h:
        * VM/Register.h:
        (KJS::Register::Register):
        * VM/RegisterFile.h:
        (KJS::RegisterFile::):
        * kjs/InternalFunction.h:
        (KJS::InternalFunction::InternalFunction):
        * kjs/JSFunction.h:
        (KJS::JSFunction::JSFunction):
        * kjs/ScopeChain.h:
        (KJS::ScopeChain::ScopeChain):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitModRm_opm):
        (KJS::IA32MacroAssembler::emitCmpl_i32m):
        (KJS::IA32MacroAssembler::emitCallN_r):

2008-08-28  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Exit instead of crashing in ctiUnsupported and ctiTimedOut.

        * VM/Machine.cpp:
        (KJS::ctiUnsupported):
        (KJS::ctiTimedOut):

2008-08-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Implement codegen for op_jsr and op_sret.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::CTI::JSRInfo::JSRInfo):
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::emitJmpN_m):
        (KJS::IA32MacroAssembler::linkAbsoluteAddress):

2008-08-28  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Initial support for exceptions (throw / catch must occur in same CodeBlock).

        * VM/CTI.cpp:
        (KJS::CTI::emitExceptionCheck):
        (KJS::CTI::emitCall):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        * VM/CodeBlock.cpp:
        (KJS::CodeBlock::nativeExceptionCodeForHandlerVPC):
        * VM/CodeBlock.h:
        * VM/CodeGenerator.cpp:
        (KJS::CodeGenerator::emitCatch):
        * VM/Machine.cpp:
        (KJS::Machine::throwException):
        (KJS::Machine::privateExecute):
        (KJS::ctiUnsupported):
        (KJS::ctiTimedOut):
        (KJS::Machine::cti_op_add):
        (KJS::Machine::cti_op_pre_inc):
        (KJS::Machine::cti_timeout_check):
        (KJS::Machine::cti_op_loop_if_less):
        (KJS::Machine::cti_op_put_by_id):
        (KJS::Machine::cti_op_get_by_id):
        (KJS::Machine::cti_op_instanceof):
        (KJS::Machine::cti_op_del_by_id):
        (KJS::Machine::cti_op_mul):
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_get_by_val):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_sub):
        (KJS::Machine::cti_op_put_by_val):
        (KJS::Machine::cti_op_lesseq):
        (KJS::Machine::cti_op_loop_if_true):
        (KJS::Machine::cti_op_negate):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_div):
        (KJS::Machine::cti_op_pre_dec):
        (KJS::Machine::cti_op_jless):
        (KJS::Machine::cti_op_not):
        (KJS::Machine::cti_op_jtrue):
        (KJS::Machine::cti_op_post_inc):
        (KJS::Machine::cti_op_eq):
        (KJS::Machine::cti_op_lshift):
        (KJS::Machine::cti_op_bitand):
        (KJS::Machine::cti_op_rshift):
        (KJS::Machine::cti_op_bitnot):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_mod):
        (KJS::Machine::cti_op_less):
        (KJS::Machine::cti_op_neq):
        (KJS::Machine::cti_op_post_dec):
        (KJS::Machine::cti_op_urshift):
        (KJS::Machine::cti_op_bitxor):
        (KJS::Machine::cti_op_bitor):
        (KJS::Machine::cti_op_call_eval):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_op_push_scope):
        (KJS::Machine::cti_op_stricteq):
        (KJS::Machine::cti_op_nstricteq):
        (KJS::Machine::cti_op_to_jsnumber):
        (KJS::Machine::cti_op_in):
        (KJS::Machine::cti_op_del_by_val):
        (KJS::Machine::cti_vm_throw):
        * VM/Machine.h:
        * kjs/ExecState.h:
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::emitCmpl_i32m):

2008-08-28  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Print debugging info to stderr so that run-webkit-tests can capture it.
        This makes it easy to check whether test failures are due to unimplemented
        op codes, missing support for exceptions, etc.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::printOpcodeOperandTypes):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/Machine.cpp:
        (KJS::Machine::privateExecute):
        (KJS::ctiException):
        (KJS::ctiUnsupported):
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_get_by_val):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_call_eval):

2008-08-27  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough and Maciej Stachowiak.

        Fix fast/js/bitwise-and-on-undefined.html.

        A temporary value in the slow path of op_bitand was being stored in edx, but was
        being clobbered by emitGetPutArg before we used it.  To fix this, emitGetPutArg
        now takes a third argument that specifies the scratch register to use when loading
        from memory.  This allows us to avoid clobbering the temporary in op_bitand.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        * VM/CTI.h:

2008-08-27  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Switch CTI on by default.

        * wtf/Platform.h:

2008-08-27  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        Fix the build of the full WebKit stack.

        * JavaScriptCore.xcodeproj/project.pbxproj: Mark two new headers as private so they can be pulled in from WebCore.
        * VM/CTI.h: Fix build issues that show up when compiled with GCC 4.2 as part of WebCore.
        * wrec/WREC.h: Ditto.

2008-08-27  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Implement op_new_error.  Does not fix any tests as it is always followed by the unimplemented op_throw.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_new_error):
        * VM/Machine.h:

2008-08-27  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_put_getter and op_put_setter.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_put_getter):
        (KJS::Machine::cti_op_put_setter):
        * VM/Machine.h:

2008-08-27  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_del_by_val fixing 3 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_del_by_val):
        * VM/Machine.h:

2008-08-27  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Quick & dirty fix to get SamplingTool sampling op_call.

        * VM/SamplingTool.h:
        (KJS::SamplingTool::callingHostFunction):

2008-08-27  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix op_put_by_index.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main): Use emitPutArgConstant instead of emitGetPutArg
        for the property value.
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_put_by_index): Get the property value from the correct argument.

2008-08-27  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_switch_imm in the CTI fixing 13 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_switch_imm):
        * VM/Machine.h:

2008-08-27  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Implement op_switch_char in CTI.

        * VM/CTI.cpp:
        (KJS::CTI::emitCall):
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        (KJS::CallRecord::CallRecord):
        (KJS::SwitchRecord::SwitchRecord):
        * VM/CodeBlock.h:
        (KJS::SimpleJumpTable::SimpleJumpTable::ctiForValue):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_switch_char):
        * VM/Machine.h:
        * masm/IA32MacroAsm.h:
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitJmpN_r):
        (KJS::IA32MacroAssembler::getRelocatedAddress):
        * wtf/Platform.h:

2008-08-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Implement op_put_by_index to fix 1 mozilla test.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_put_by_index):
        * VM/Machine.h:

2008-08-26  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        More fixes from Geoff's review.

        * VM/CTI.cpp:
        (KJS::CTI::emitGetArg):
        (KJS::CTI::emitGetPutArg):
        (KJS::CTI::emitPutArg):
        (KJS::CTI::emitPutArgConstant):
        (KJS::CTI::getConstantImmediateNumericArg):
        (KJS::CTI::emitGetCTIParam):
        (KJS::CTI::emitPutResult):
        (KJS::CTI::emitCall):
        (KJS::CTI::emitJumpSlowCaseIfNotImm):
        (KJS::CTI::emitJumpSlowCaseIfNotImms):
        (KJS::CTI::getDeTaggedConstantImmediate):
        (KJS::CTI::emitFastArithDeTagImmediate):
        (KJS::CTI::emitFastArithReTagImmediate):
        (KJS::CTI::emitFastArithPotentiallyReTagImmediate):
        (KJS::CTI::emitFastArithImmToInt):
        (KJS::CTI::emitFastArithIntToImmOrSlowCase):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:

2008-08-26  Mark Rowe  <mrowe@apple.com>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Implement op_jmp_scopes to fix 2 Mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_push_new_scope): Update ExecState::m_scopeChain after calling ARG_setScopeChain.
        (KJS::Machine::cti_op_jmp_scopes):
        * VM/Machine.h:

2008-08-26  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        WebKit Regular Expression Compiler. (set ENABLE_WREC = 1 in Platform.h).

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * kjs/regexp.cpp:
        * kjs/regexp.h:
        * wrec: Added.
        * wrec/WREC.cpp: Added.
        * wrec/WREC.h: Added.
        * wtf/Platform.h:

2008-08-26  Sam Weinig  <sam@webkit.org>

        Rubber-stamped by Oliver Hunt.

        Remove bogus assertion.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_del_by_id):

2008-08-26  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Implement op_push_new_scope and stub out op_catch.  This fixes 11 Mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_push_new_scope):
        (KJS::Machine::cti_op_catch):
        * VM/Machine.h:

2008-08-26  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Clean up op_resolve_base so that it shares its implementation with the bytecode interpreter.

        * VM/Machine.cpp:
        (KJS::inlineResolveBase):
        (KJS::resolveBase):

2008-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Add codegen support for op_instanceof, fixing 15 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_instanceof):
        (KJS::Machine::cti_op_del_by_id):
        * VM/Machine.h:
        * wtf/Platform.h:

2008-08-26  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Fixes for initial review comments.

        * VM/CTI.cpp:
        (KJS::CTI::ctiCompileGetArg):
        (KJS::CTI::ctiCompileGetPutArg):
        (KJS::CTI::ctiCompilePutResult):
        (KJS::CTI::ctiCompileCall):
        (KJS::CTI::CTI):
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::printOpcodeOperandTypes):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h:
        * VM/Register.h:
        * kjs/JSValue.h:

2008-08-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Fix up exception checking code.

        * VM/Machine.cpp:
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_call_eval):

2008-08-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Fix slowcase for op_post_inc and op_post_dec fixing 2 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass4_SlowCases):

2008-08-26  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Implement op_in, fixing 8 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_in):
        * VM/Machine.h:

2008-08-26  Mark Rowe  <mrowe@apple.com>

        Rubber-stamped by Oliver Hunt.

        Don't hardcode the size of a Register for op_new_array.  Fixes a crash
        seen during the Mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):

2008-08-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Add support for op_push_scope and op_pop_scope, fixing 20 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/CTI.h:
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_push_scope):
        (KJS::Machine::cti_op_pop_scope):
        * VM/Machine.h:

2008-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        Add codegen support for op_del_by_id, fixing 49 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):
        * VM/Machine.cpp:
        (KJS::Machine::cti_op_del_by_id):
        * VM/Machine.h:

2008-08-26  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough and Geoff Garen.

        Don't hardcode the size of a Register for op_get_scoped_var and op_put_scoped_var 
        fixing 513 mozilla tests in debug build.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass2_Main):

2008-08-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.
        
        Added code generator support for op_loop, fixing around 60 mozilla tests.

        * VM/CTI.cpp:
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::privateCompile_pass2_Main):

2008-08-26  Mark Rowe  <mrowe@apple.com>

        Reviewed by Sam Weinig.

        Set -fomit-frame-pointer in the correct location.

        * Configurations/JavaScriptCore.xcconfig:
        * JavaScriptCore.xcodeproj/project.pbxproj:

2008-08-26  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.
        
        Inital cut of CTI, Geoff's review fixes to follow.

        * JavaScriptCore.xcodeproj/project.pbxproj:
        * VM/CTI.cpp: Added.
        (KJS::getJCB):
        (KJS::CTI::ctiCompileGetArg):
        (KJS::CTI::ctiCompileGetPutArg):
        (KJS::CTI::ctiCompilePutArg):
        (KJS::CTI::ctiCompilePutArgImm):
        (KJS::CTI::ctiImmediateNumericArg):
        (KJS::CTI::ctiCompileGetCTIParam):
        (KJS::CTI::ctiCompilePutResult):
        (KJS::CTI::ctiCompileCall):
        (KJS::CTI::slowCaseIfNotImm):
        (KJS::CTI::slowCaseIfNotImms):
        (KJS::CTI::ctiFastArithDeTagConstImmediate):
        (KJS::CTI::ctiFastArithDeTagImmediate):
        (KJS::CTI::ctiFastArithReTagImmediate):
        (KJS::CTI::ctiFastArithPotentiallyReTagImmediate):
        (KJS::CTI::ctiFastArithImmToInt):
        (KJS::CTI::ctiFastArithIntToImmOrSlowCase):
        (KJS::CTI::CTI):
        (KJS::CTI::privateCompile_pass1_Scan):
        (KJS::CTI::ctiCompileAdd):
        (KJS::CTI::ctiCompileAddImm):
        (KJS::CTI::ctiCompileAddImmNotInt):
        (KJS::CTI::TEMP_HACK_PRINT_TYPES):
        (KJS::CTI::privateCompile_pass2_Main):
        (KJS::CTI::privateCompile_pass3_Link):
        (KJS::CTI::privateCompile_pass4_SlowCases):
        (KJS::CTI::privateCompile):
        * VM/CTI.h: Added.
        (KJS::CTI2Result::CTI2Result):
        (KJS::CallRecord::CallRecord):
        (KJS::JmpTable::JmpTable):
        (KJS::SlowCaseEntry::SlowCaseEntry):
        (KJS::CTI::compile):
        (KJS::CTI::LabelInfo::LabelInfo):
        * VM/CodeBlock.h:
        (KJS::CodeBlock::CodeBlock):
        (KJS::CodeBlock::~CodeBlock):
        * VM/Machine.cpp:
        (KJS::Machine::execute):
        (KJS::Machine::privateExecute):
        (KJS::ctiException):
        (KJS::ctiUnsupported):
        (KJS::ctiTimedOut):
        (KJS::Machine::cti_op_end):
        (KJS::Machine::cti_op_add):
        (KJS::Machine::cti_op_pre_inc):
        (KJS::Machine::cti_timeout_check):
        (KJS::Machine::cti_op_loop_if_less):
        (KJS::Machine::cti_op_new_object):
        (KJS::Machine::cti_op_put_by_id):
        (KJS::Machine::cti_op_get_by_id):
        (KJS::Machine::cti_op_mul):
        (KJS::Machine::cti_op_new_func):
        (KJS::Machine::cti_op_call):
        (KJS::Machine::cti_op_ret):
        (KJS::Machine::cti_op_new_array):
        (KJS::Machine::cti_op_resolve):
        (KJS::Machine::cti_op_construct):
        (KJS::Machine::cti_op_get_by_val):
        (KJS::Machine::cti_op_resolve_func):
        (KJS::Machine::cti_op_sub):
        (KJS::Machine::cti_op_put_by_val):
        (KJS::Machine::cti_op_lesseq):
        (KJS::Machine::cti_op_loop_if_true):
        (KJS::Machine::cti_op_negate):
        (KJS::Machine::cti_op_resolve_base):
        (KJS::Machine::cti_op_resolve_skip):
        (KJS::Machine::cti_op_div):
        (KJS::Machine::cti_op_pre_dec):
        (KJS::Machine::cti_op_jless):
        (KJS::Machine::cti_op_not):
        (KJS::Machine::cti_op_jtrue):
        (KJS::Machine::cti_op_post_inc):
        (KJS::Machine::cti_op_eq):
        (KJS::Machine::cti_op_lshift):
        (KJS::Machine::cti_op_bitand):
        (KJS::Machine::cti_op_rshift):
        (KJS::Machine::cti_op_bitnot):
        (KJS::Machine::cti_op_resolve_with_base):
        (KJS::Machine::cti_op_new_func_exp):
        (KJS::Machine::cti_op_mod):
        (KJS::Machine::cti_op_less):
        (KJS::Machine::cti_op_neq):
        (KJS::Machine::cti_op_post_dec):
        (KJS::Machine::cti_op_urshift):
        (KJS::Machine::cti_op_bitxor):
        (KJS::Machine::cti_op_new_regexp):
        (KJS::Machine::cti_op_bitor):
        (KJS::Machine::cti_op_call_eval):
        (KJS::Machine::cti_op_throw):
        (KJS::Machine::cti_op_get_pnames):
        (KJS::Machine::cti_op_next_pname):
        (KJS::Machine::cti_op_typeof):
        (KJS::Machine::cti_op_stricteq):
        (KJS::Machine::cti_op_nstricteq):
        (KJS::Machine::cti_op_to_jsnumber):
        * VM/Machine.h:
        * VM/Register.h:
        (KJS::Register::jsValue):
        (KJS::Register::getJSValue):
        (KJS::Register::codeBlock):
        (KJS::Register::scopeChain):
        (KJS::Register::i):
        (KJS::Register::r):
        (KJS::Register::vPC):
        (KJS::Register::jsPropertyNameIterator):
        * VM/SamplingTool.cpp:
        (KJS::):
        (KJS::SamplingTool::run):
        (KJS::SamplingTool::dump):
        * VM/SamplingTool.h:
        * kjs/JSImmediate.h:
        (KJS::JSImmediate::zeroImmediate):
        (KJS::JSImmediate::oneImmediate):
        * kjs/JSValue.h:
        * kjs/JSVariableObject.h:
        (KJS::JSVariableObject::JSVariableObjectData::offsetOf_registers):
        (KJS::JSVariableObject::offsetOf_d):
        (KJS::JSVariableObject::offsetOf_Data_registers):
        * masm: Added.
        * masm/IA32MacroAsm.h: Added.
        (KJS::JITCodeBuffer::JITCodeBuffer):
        (KJS::JITCodeBuffer::putByte):
        (KJS::JITCodeBuffer::putShort):
        (KJS::JITCodeBuffer::putInt):
        (KJS::JITCodeBuffer::getEIP):
        (KJS::JITCodeBuffer::start):
        (KJS::JITCodeBuffer::getOffset):
        (KJS::JITCodeBuffer::reset):
        (KJS::JITCodeBuffer::copy):
        (KJS::IA32MacroAssembler::):
        (KJS::IA32MacroAssembler::emitModRm_rr):
        (KJS::IA32MacroAssembler::emitModRm_rm):
        (KJS::IA32MacroAssembler::emitModRm_rmsib):
        (KJS::IA32MacroAssembler::emitModRm_opr):
        (KJS::IA32MacroAssembler::emitModRm_opm):
        (KJS::IA32MacroAssembler::IA32MacroAssembler):
        (KJS::IA32MacroAssembler::emitInt3):
        (KJS::IA32MacroAssembler::emitPushl_r):
        (KJS::IA32MacroAssembler::emitPopl_r):
        (KJS::IA32MacroAssembler::emitMovl_rr):
        (KJS::IA32MacroAssembler::emitAddl_rr):
        (KJS::IA32MacroAssembler::emitAddl_i8r):
        (KJS::IA32MacroAssembler::emitAddl_i32r):
        (KJS::IA32MacroAssembler::emitAddl_mr):
        (KJS::IA32MacroAssembler::emitAndl_rr):
        (KJS::IA32MacroAssembler::emitAndl_i32r):
        (KJS::IA32MacroAssembler::emitCmpl_i8r):
        (KJS::IA32MacroAssembler::emitCmpl_rr):
        (KJS::IA32MacroAssembler::emitCmpl_rm):
        (KJS::IA32MacroAssembler::emitCmpl_i32r):
        (KJS::IA32MacroAssembler::emitCmpw_rm):
        (KJS::IA32MacroAssembler::emitOrl_rr):
        (KJS::IA32MacroAssembler::emitOrl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_rr):
        (KJS::IA32MacroAssembler::emitSubl_i8r):
        (KJS::IA32MacroAssembler::emitSubl_i32r):
        (KJS::IA32MacroAssembler::emitSubl_mr):
        (KJS::IA32MacroAssembler::emitTestl_i32r):
        (KJS::IA32MacroAssembler::emitTestl_rr):
        (KJS::IA32MacroAssembler::emitXorl_i8r):
        (KJS::IA32MacroAssembler::emitXorl_rr):
        (KJS::IA32MacroAssembler::emitSarl_i8r):
        (KJS::IA32MacroAssembler::emitSarl_CLr):
        (KJS::IA32MacroAssembler::emitShl_i8r):
        (KJS::IA32MacroAssembler::emitShll_CLr):
        (KJS::IA32MacroAssembler::emitMull_rr):
        (KJS::IA32MacroAssembler::emitIdivl_r):
        (KJS::IA32MacroAssembler::emitCdq):
        (KJS::IA32MacroAssembler::emitMovl_mr):
        (KJS::IA32MacroAssembler::emitMovzwl_mr):
        (KJS::IA32MacroAssembler::emitMovl_rm):
        (KJS::IA32MacroAssembler::emitMovl_i32r):
        (KJS::IA32MacroAssembler::emitMovl_i32m):
        (KJS::IA32MacroAssembler::emitLeal_mr):
        (KJS::IA32MacroAssembler::emitRet):
        (KJS::IA32MacroAssembler::JmpSrc::JmpSrc):