Emit the WillExecuteStatement debugger hook before the for loop body when the stateme...
[WebKit-https.git] / JavaScriptCore / kjs / nodes.cpp
index 0db8087..b68b453 100644 (file)
 #include "Parser.h"
 #include "PropertyNameArray.h"
 #include "RegExpObject.h"
-#include "debugger.h"
+#include "SamplingTool.h"
+#include "Debugger.h"
 #include "lexer.h"
 #include "operations.h"
-#include "SamplingTool.h"
 #include <math.h>
 #include <wtf/Assertions.h>
 #include <wtf/HashCountedSet.h>
 
 using namespace WTF;
 
-namespace KJS {
+namespace JSC {
 
 // ------------------------------ Node -----------------------------------------
 
 #ifndef NDEBUG
-static RefCountedLeakCounter parserRefCountedCounter("KJS::Node");
+static RefCountedLeakCounter parserRefCountedCounter("JSC::Node");
 #endif
 
 ParserRefCounted::ParserRefCounted(JSGlobalData* globalData)
@@ -141,19 +141,11 @@ void ParserRefCounted::deleteNewObjects(JSGlobalData* globalData)
 
 Node::Node(JSGlobalData* globalData)
     : ParserRefCounted(globalData)
-    , m_expectedReturnType(ObjectType)
-{
-    m_line = globalData->lexer->lineNo();
-}
-
-Node::Node(JSGlobalData* globalData, JSType expectedReturn)
-    : ParserRefCounted(globalData)
-    , m_expectedReturnType(expectedReturn)
 {
     m_line = globalData->lexer->lineNo();
 }
 
-static void substitute(UString& string, const UString& substring) KJS_FAST_CALL;
+static void substitute(UString& string, const UString& substring) JSC_FAST_CALL;
 static void substitute(UString& string, const UString& substring)
 {
     int position = string.find("%s");
@@ -167,7 +159,7 @@ static void substitute(UString& string, const UString& substring)
 RegisterID* ThrowableExpressionData::emitThrowError(CodeGenerator& generator, ErrorType e, const char* msg)
 {
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
-    RegisterID* exception = generator.emitNewError(generator.newTemporary(), e, jsString(generator.globalExec(), msg));
+    RegisterID* exception = generator.emitNewError(generator.newTemporary(), e, jsString(generator.globalData(), msg));
     generator.emitThrow(exception);
     return exception;
 }
@@ -177,7 +169,7 @@ RegisterID* ThrowableExpressionData::emitThrowError(CodeGenerator& generator, Er
     UString message = msg;
     substitute(message, label.ustring());
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
-    RegisterID* exception = generator.emitNewError(generator.newTemporary(), e, jsString(generator.globalExec(), message));
+    RegisterID* exception = generator.emitNewError(generator.newTemporary(), e, jsString(generator.globalData(), message));
     generator.emitThrow(exception);
     return exception;
 }
@@ -206,27 +198,13 @@ void SourceElements::append(PassRefPtr<StatementNode> statement)
     m_statements.append(statement);
 }
 
-// ------------------------------ BreakpointCheckStatement --------------------------------
-
-BreakpointCheckStatement::BreakpointCheckStatement(JSGlobalData* globalData, PassRefPtr<StatementNode> statement)
-    : StatementNode(globalData)
-    , m_statement(statement)
-{
-    ASSERT(m_statement);
-}
-
-void BreakpointCheckStatement::streamTo(SourceStream& stream) const
-{
-    m_statement->streamTo(stream);
-}
-
 // ------------------------------ NullNode -------------------------------------
 
 RegisterID* NullNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     if (dst == ignoredResult())
         return 0;
-    return generator.emitLoad(generator.finalDestination(dst), jsNull());
+    return generator.emitLoad(dst, jsNull());
 }
 
 // ------------------------------ BooleanNode ----------------------------------
@@ -235,7 +213,7 @@ RegisterID* BooleanNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     if (dst == ignoredResult())
         return 0;
-    return generator.emitLoad(generator.finalDestination(dst), m_value);
+    return generator.emitLoad(dst, m_value);
 }
 
 // ------------------------------ NumberNode -----------------------------------
@@ -244,7 +222,7 @@ RegisterID* NumberNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     if (dst == ignoredResult())
         return 0;
-    return generator.emitLoad(generator.finalDestination(dst), m_double);
+    return generator.emitLoad(dst, m_double);
 }
 
 // ------------------------------ StringNode -----------------------------------
@@ -253,20 +231,19 @@ RegisterID* StringNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     if (dst == ignoredResult())
         return 0;
-
-    // We atomize constant strings, in case they're later used in property lookup.
-    return generator.emitLoad(generator.finalDestination(dst), jsOwnedString(generator.globalExec(), Identifier(generator.globalExec(), m_value).ustring()));
+    return generator.emitLoad(dst, m_value);
 }
 
 // ------------------------------ RegExpNode -----------------------------------
 
 RegisterID* RegExpNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (!m_regExp->isValid())
-        return emitThrowError(generator, SyntaxError, ("Invalid regular expression: " + UString(m_regExp->errorMessage())).UTF8String().c_str());
+    RefPtr<RegExp> regExp = RegExp::create(generator.globalData(), m_pattern, m_flags);
+    if (!regExp->isValid())
+        return emitThrowError(generator, SyntaxError, ("Invalid regular expression: " + UString(regExp->errorMessage())).UTF8String().c_str());
     if (dst == ignoredResult())
         return 0;
-    return generator.emitNewRegExp(generator.finalDestination(dst), m_regExp.get());
+    return generator.emitNewRegExp(generator.finalDestination(dst), regExp.get());
 }
 
 // ------------------------------ ThisNode -------------------------------------
@@ -287,7 +264,7 @@ bool ResolveNode::isPure(CodeGenerator& generator) const
 
 RegisterID* ResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident)) {
+    if (RegisterID* local = generator.registerFor(m_ident)) {
         if (dst == ignoredResult())
             return 0;
         return generator.moveToDestinationIfNeeded(dst, local);
@@ -323,7 +300,7 @@ RegisterID* ArrayNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     }
 
     if (m_elision) {
-        RegisterID* value = generator.emitLoad(generator.newTemporary(), jsNumber(generator.globalExec(), m_elision + length));
+        RegisterID* value = generator.emitLoad(0, jsNumber(generator.globalData(), m_elision + length));
         generator.emitPutById(array.get(), generator.propertyNames().length, value);
     }
 
@@ -405,43 +382,43 @@ RegisterID* ArgumentListNode::emitCode(CodeGenerator& generator, RegisterID* dst
 
 RegisterID* NewExprNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    RegisterID* r0 = generator.emitNode(m_expr.get());
-    generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
-    return generator.emitConstruct(generator.finalDestination(dst), r0, m_args.get());
+    RefPtr<RegisterID> func = generator.emitNode(m_expr.get());
+    return generator.emitConstruct(generator.finalDestination(dst), func.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
 }
 
 RegisterID* EvalFunctionCallNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     RefPtr<RegisterID> base = generator.tempDestination(dst);
-    RegisterID* func = generator.newTemporary();
-    generator.emitResolveWithBase(base.get(), func, generator.propertyNames().eval);
-    return generator.emitCallEval(generator.finalDestination(dst, base.get()), func, base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
+    RefPtr<RegisterID> func = generator.newTemporary();
+    generator.emitResolveWithBase(base.get(), func.get(), generator.propertyNames().eval);
+    return generator.emitCallEval(generator.finalDestination(dst, base.get()), func.get(), base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
 }
 
 RegisterID* FunctionCallValueNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    RegisterID* func = generator.emitNode(m_expr.get());
-    return generator.emitCall(generator.finalDestination(dst), func, 0, m_args.get(), m_divot, m_startOffset, m_endOffset);
+    RefPtr<RegisterID> func = generator.emitNode(m_expr.get());
+    return generator.emitCall(generator.finalDestination(dst), func.get(), 0, m_args.get(), m_divot, m_startOffset, m_endOffset);
 }
 
 RegisterID* FunctionCallResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident))
-        return generator.emitCall(generator.finalDestination(dst), local, 0, m_args.get(), m_divot, m_startOffset, m_endOffset);
+    if (RefPtr<RegisterID> local = generator.registerFor(m_ident))
+        return generator.emitCall(generator.finalDestination(dst), local.get(), 0, m_args.get(), m_divot, m_startOffset, m_endOffset);
 
     int index = 0;
     size_t depth = 0;
-    if (generator.findScopedProperty(m_ident, index, depth, false) && index != missingSymbolMarker()) {
-        RegisterID* func = generator.emitGetScopedVar(generator.newTemporary(), depth, index);
-        return generator.emitCall(generator.finalDestination(dst), func, 0, m_args.get(), m_divot, m_startOffset, m_endOffset);
+    JSObject* globalObject = 0;
+    if (generator.findScopedProperty(m_ident, index, depth, false, globalObject) && index != missingSymbolMarker()) {
+        RefPtr<RegisterID> func = generator.emitGetScopedVar(generator.newTemporary(), depth, index, globalObject);
+        return generator.emitCall(generator.finalDestination(dst), func.get(), 0, m_args.get(), m_divot, m_startOffset, m_endOffset);
     }
 
     RefPtr<RegisterID> base = generator.tempDestination(dst);
-    RegisterID* func = generator.newTemporary();
+    RefPtr<RegisterID> func = generator.newTemporary();
     int identifierStart = m_divot - m_startOffset;
     generator.emitExpressionInfo(identifierStart + m_ident.size(), m_ident.size(), 0);
-    generator.emitResolveFunction(base.get(), func, m_ident);
-    return generator.emitCall(generator.finalDestination(dst, base.get()), func, base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
+    generator.emitResolveFunction(base.get(), func.get(), m_ident);
+    return generator.emitCall(generator.finalDestination(dst, base.get()), func.get(), base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
 }
 
 RegisterID* FunctionCallBracketNode::emitCode(CodeGenerator& generator, RegisterID* dst)
@@ -449,16 +426,16 @@ RegisterID* FunctionCallBracketNode::emitCode(CodeGenerator& generator, Register
     RefPtr<RegisterID> base = generator.emitNode(m_base.get());
     RegisterID* property = generator.emitNode(m_subscript.get());
     generator.emitExpressionInfo(m_divot - m_subexpressionDivotOffset, m_startOffset - m_subexpressionDivotOffset, m_subexpressionEndOffset);
-    RegisterID* function = generator.emitGetByVal(generator.newTemporary(), base.get(), property);
-    return generator.emitCall(generator.finalDestination(dst, base.get()), function, base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
+    RefPtr<RegisterID> function = generator.emitGetByVal(generator.newTemporary(), base.get(), property);
+    return generator.emitCall(generator.finalDestination(dst, base.get()), function.get(), base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
 }
 
 RegisterID* FunctionCallDotNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     RefPtr<RegisterID> base = generator.emitNode(m_base.get());
     generator.emitExpressionInfo(m_divot - m_subexpressionDivotOffset, m_startOffset - m_subexpressionDivotOffset, m_subexpressionEndOffset);
-    RegisterID* function = generator.emitGetById(generator.newTemporary(), base.get(), m_ident);
-    return generator.emitCall(generator.finalDestination(dst, base.get()), function, base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
+    RefPtr<RegisterID> function = generator.emitGetById(generator.newTemporary(), base.get(), m_ident);
+    return generator.emitCall(generator.finalDestination(dst, base.get()), function.get(), base.get(), m_args.get(), m_divot, m_startOffset, m_endOffset);
 }
 
 // ------------------------------ PostfixResolveNode ----------------------------------
@@ -475,7 +452,7 @@ static RegisterID* emitPostIncOrDec(CodeGenerator& generator, RegisterID* dst, R
 
 RegisterID* PostfixResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident)) {
+    if (RegisterID* local = generator.registerFor(m_ident)) {
         if (generator.isLocalConstant(m_ident)) {
             if (dst == ignoredResult())
                 return 0;
@@ -489,8 +466,9 @@ RegisterID* PostfixResolveNode::emitCode(CodeGenerator& generator, RegisterID* d
 
     int index = 0;
     size_t depth = 0;
-    if (generator.findScopedProperty(m_ident, index, depth, true) && index != missingSymbolMarker()) {
-        RefPtr<RegisterID> value = generator.emitGetScopedVar(generator.newTemporary(), depth, index);
+    JSObject* globalObject = 0;
+    if (generator.findScopedProperty(m_ident, index, depth, true, globalObject) && index != missingSymbolMarker()) {
+        RefPtr<RegisterID> value = generator.emitGetScopedVar(generator.newTemporary(), depth, index, globalObject);
         RegisterID* oldValue;
         if (dst == ignoredResult()) {
             oldValue = 0;
@@ -498,7 +476,7 @@ RegisterID* PostfixResolveNode::emitCode(CodeGenerator& generator, RegisterID* d
         } else {
             oldValue = emitPostIncOrDec(generator, generator.finalDestination(dst), value.get(), m_operator);
         }
-        generator.emitPutScopedVar(depth, index, value.get());
+        generator.emitPutScopedVar(depth, index, value.get(), globalObject);
         return oldValue;
     }
 
@@ -574,8 +552,8 @@ RegisterID* PostfixErrorNode::emitCode(CodeGenerator& generator, RegisterID*)
 
 RegisterID* DeleteResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (generator.registerForLocal(m_ident))
-        return generator.emitLoad(generator.finalDestination(dst), false);
+    if (generator.registerFor(m_ident))
+        return generator.emitUnexpectedLoad(generator.finalDestination(dst), false);
 
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
     RegisterID* base = generator.emitResolveBase(generator.tempDestination(dst), m_ident);
@@ -587,10 +565,10 @@ RegisterID* DeleteResolveNode::emitCode(CodeGenerator& generator, RegisterID* ds
 RegisterID* DeleteBracketNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     RefPtr<RegisterID> r0 = generator.emitNode(m_base.get());
-    RefPtr<RegisterID> r1 = generator.emitNode(m_subscript.get());
+    RegisterID* r1 = generator.emitNode(m_subscript.get());
 
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
-    return generator.emitDeleteByVal(generator.finalDestination(dst), r0.get(), r1.get());
+    return generator.emitDeleteByVal(generator.finalDestination(dst), r0.get(), r1);
 }
 
 // ------------------------------ DeleteDotNode -----------------------------------
@@ -610,7 +588,7 @@ RegisterID* DeleteValueNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     generator.emitNode(ignoredResult(), m_expr.get());
 
     // delete on a non-location expression ignores the value and returns true
-    return generator.emitLoad(generator.finalDestination(dst), true);
+    return generator.emitUnexpectedLoad(generator.finalDestination(dst), true);
 }
 
 // ------------------------------ VoidNode -------------------------------------
@@ -622,14 +600,14 @@ RegisterID* VoidNode::emitCode(CodeGenerator& generator, RegisterID* dst)
         return 0;
     }
     RefPtr<RegisterID> r0 = generator.emitNode(m_expr.get());
-    return generator.emitLoad(generator.finalDestination(dst, r0.get()), jsUndefined());
+    return generator.emitLoad(dst, jsUndefined());
 }
 
 // ------------------------------ TypeOfValueNode -----------------------------------
 
 RegisterID* TypeOfResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident)) {
+    if (RegisterID* local = generator.registerFor(m_ident)) {
         if (dst == ignoredResult())
             return 0;
         return generator.emitTypeOf(generator.finalDestination(dst), local);
@@ -658,12 +636,12 @@ RegisterID* TypeOfValueNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 
 RegisterID* PrefixResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident)) {
+    if (RegisterID* local = generator.registerFor(m_ident)) {
         if (generator.isLocalConstant(m_ident)) {
             if (dst == ignoredResult())
                 return 0;
-            RefPtr<RegisterID> r0 = generator.emitLoad(generator.finalDestination(dst), (m_operator == OpPlusPlus) ? 1.0 : -1.0);
-            return generator.emitBinaryOp(op_add, r0.get(), local, r0.get());
+            RefPtr<RegisterID> r0 = generator.emitUnexpectedLoad(generator.finalDestination(dst), (m_operator == OpPlusPlus) ? 1.0 : -1.0);
+            return generator.emitBinaryOp(op_add, r0.get(), local, r0.get(), OperandTypes());
         }
 
         emitPreIncOrDec(generator, local, m_operator);
@@ -672,11 +650,12 @@ RegisterID* PrefixResolveNode::emitCode(CodeGenerator& generator, RegisterID* ds
 
     int index = 0;
     size_t depth = 0;
-    if (generator.findScopedProperty(m_ident, index, depth, false) && index != missingSymbolMarker()) {
-        RefPtr<RegisterID> propDst = generator.emitGetScopedVar(generator.tempDestination(dst), depth, index);
+    JSObject* globalObject = 0;
+    if (generator.findScopedProperty(m_ident, index, depth, false, globalObject) && index != missingSymbolMarker()) {
+        RefPtr<RegisterID> propDst = generator.emitGetScopedVar(generator.tempDestination(dst), depth, index, globalObject);
         emitPreIncOrDec(generator, propDst.get(), m_operator);
-        generator.emitPutScopedVar(depth, index, propDst.get());
-        return generator.moveToDestinationIfNeeded(dst, propDst.get());;
+        generator.emitPutScopedVar(depth, index, propDst.get(), globalObject);
+        return generator.moveToDestinationIfNeeded(dst, propDst.get());
     }
 
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
@@ -736,31 +715,70 @@ RegisterID* PrefixErrorNode::emitCode(CodeGenerator& generator, RegisterID*)
 RegisterID* UnaryOpNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     RegisterID* src = generator.emitNode(m_expr.get());
-    return generator.emitUnaryOp(opcode(), generator.finalDestination(dst), src);
+    return generator.emitUnaryOp(opcode(), generator.finalDestination(dst), src, m_expr->resultDescriptor());
 }
 
 // ------------------------------ Binary Operation Nodes -----------------------------------
 
 RegisterID* BinaryOpNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_term1.get(), m_rightHasAssignments, m_term2->isPure(generator));
-    RegisterID* src2 = generator.emitNode(m_term2.get());
-    return generator.emitBinaryOp(opcode(), generator.finalDestination(dst, src1.get()), src1.get(), src2);
+    OpcodeID opcode = this->opcode();
+    if (opcode == op_neq) {
+        if (m_expr1->isNull() || m_expr2->isNull()) {
+            RefPtr<RegisterID> src = generator.emitNode(dst, m_expr1->isNull() ? m_expr2.get() : m_expr1.get());
+            return generator.emitUnaryOp(op_neq_null, generator.finalDestination(dst, src.get()), src.get(), ResultType::unknown());
+        }
+    }
+
+    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
+    RegisterID* src2 = generator.emitNode(m_expr2.get());
+    return generator.emitBinaryOp(opcode, generator.finalDestination(dst, src1.get()), src1.get(), src2, OperandTypes(m_expr1->resultDescriptor(), m_expr2->resultDescriptor()));
+}
+
+RegisterID* EqualNode::emitCode(CodeGenerator& generator, RegisterID* dst)
+{
+    if (m_expr1->isNull() || m_expr2->isNull()) {
+        RefPtr<RegisterID> src = generator.emitNode(dst, m_expr1->isNull() ? m_expr2.get() : m_expr1.get());
+        return generator.emitUnaryOp(op_eq_null, generator.finalDestination(dst, src.get()), src.get(), ResultType::unknown());
+    }
+
+    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
+    RegisterID* src2 = generator.emitNode(m_expr2.get());
+    return generator.emitEqualityOp(op_eq, generator.finalDestination(dst, src1.get()), src1.get(), src2);
+}
+
+RegisterID* StrictEqualNode::emitCode(CodeGenerator& generator, RegisterID* dst)
+{
+    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
+    RegisterID* src2 = generator.emitNode(m_expr2.get());
+    return generator.emitEqualityOp(op_stricteq, generator.finalDestination(dst, src1.get()), src1.get(), src2);
 }
 
 RegisterID* ReverseBinaryOpNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_term1.get(), m_rightHasAssignments, m_term2->isPure(generator));
-    RegisterID* src2 = generator.emitNode(m_term2.get());
-    return generator.emitBinaryOp(opcode(), generator.finalDestination(dst, src1.get()), src2, src1.get());
+    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
+    RegisterID* src2 = generator.emitNode(m_expr2.get());
+    return generator.emitBinaryOp(opcode(), generator.finalDestination(dst, src1.get()), src2, src1.get(), OperandTypes(m_expr2->resultDescriptor(), m_expr1->resultDescriptor()));
 }
 
 RegisterID* ThrowableBinaryOpNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_term1.get(), m_rightHasAssignments, m_term2->isPure(generator));
-    RegisterID* src2 = generator.emitNode(m_term2.get());
+    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
+    RegisterID* src2 = generator.emitNode(m_expr2.get());
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
-    return generator.emitBinaryOp(opcode(), generator.finalDestination(dst, src1.get()), src1.get(), src2);
+    return generator.emitBinaryOp(opcode(), generator.finalDestination(dst, src1.get()), src1.get(), src2, OperandTypes(m_expr1->resultDescriptor(), m_expr2->resultDescriptor()));
+}
+
+RegisterID* InstanceOfNode::emitCode(CodeGenerator& generator, RegisterID* dst)
+{
+    RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
+    RefPtr<RegisterID> src2 = generator.emitNode(m_expr2.get());
+
+    generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
+    RegisterID* src2Prototype = generator.emitGetById(generator.newTemporary(), src2.get(), generator.globalData()->propertyNames->prototype);
+
+    generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
+    return generator.emitInstanceOf(generator.finalDestination(dst, src1.get()), src1.get(), src2.get(), src2Prototype);
 }
 
 // ------------------------------ Binary Logical Nodes ----------------------------
@@ -806,7 +824,7 @@ RegisterID* ConditionalNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 // ------------------------------ ReadModifyResolveNode -----------------------------------
 
 // FIXME: should this be moved to be a method on CodeGenerator?
-static ALWAYS_INLINE RegisterID* emitReadModifyAssignment(CodeGenerator& generator, RegisterID* dst, RegisterID* src1, RegisterID* src2, Operator oper)
+static ALWAYS_INLINE RegisterID* emitReadModifyAssignment(CodeGenerator& generator, RegisterID* dst, RegisterID* src1, RegisterID* src2, Operator oper, OperandTypes types)
 {
     OpcodeID opcode;
     switch (oper) {
@@ -848,38 +866,39 @@ static ALWAYS_INLINE RegisterID* emitReadModifyAssignment(CodeGenerator& generat
             return dst;
     }
     
-    return generator.emitBinaryOp(opcode, dst, src1, src2);
+    return generator.emitBinaryOp(opcode, dst, src1, src2, types);
 }
 
 RegisterID* ReadModifyResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident)) {
+    if (RegisterID* local = generator.registerFor(m_ident)) {
         if (generator.isLocalConstant(m_ident)) {
             RegisterID* src2 = generator.emitNode(m_right.get());
-            return emitReadModifyAssignment(generator, generator.finalDestination(dst), local, src2, m_operator);
+            return emitReadModifyAssignment(generator, generator.finalDestination(dst), local, src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
         }
         
         if (generator.leftHandSideNeedsCopy(m_rightHasAssignments, m_right->isPure(generator))) {
             RefPtr<RegisterID> result = generator.newTemporary();
             generator.emitMove(result.get(), local);
             RegisterID* src2 = generator.emitNode(m_right.get());
-            emitReadModifyAssignment(generator, result.get(), result.get(), src2, m_operator);
+            emitReadModifyAssignment(generator, result.get(), result.get(), src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
             generator.emitMove(local, result.get());
             return generator.moveToDestinationIfNeeded(dst, result.get());
         }
         
         RegisterID* src2 = generator.emitNode(m_right.get());
-        RegisterID* result = emitReadModifyAssignment(generator, local, local, src2, m_operator);
+        RegisterID* result = emitReadModifyAssignment(generator, local, local, src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
         return generator.moveToDestinationIfNeeded(dst, result);
     }
 
     int index = 0;
     size_t depth = 0;
-    if (generator.findScopedProperty(m_ident, index, depth, true) && index != missingSymbolMarker()) {
-        RefPtr<RegisterID> src1 = generator.emitGetScopedVar(generator.tempDestination(dst), depth, index);
+    JSObject* globalObject = 0;
+    if (generator.findScopedProperty(m_ident, index, depth, true, globalObject) && index != missingSymbolMarker()) {
+        RefPtr<RegisterID> src1 = generator.emitGetScopedVar(generator.tempDestination(dst), depth, index, globalObject);
         RegisterID* src2 = generator.emitNode(m_right.get());
-        RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), src2, m_operator);
-        generator.emitPutScopedVar(depth, index, result);
+        RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
+        generator.emitPutScopedVar(depth, index, result, globalObject);
         return result;
     }
 
@@ -888,7 +907,7 @@ RegisterID* ReadModifyResolveNode::emitCode(CodeGenerator& generator, RegisterID
     RefPtr<RegisterID> base = generator.emitResolveWithBase(generator.newTemporary(), src1.get(), m_ident);
     RegisterID* src2 = generator.emitNode(m_right.get());
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
-    RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), src2, m_operator);
+    RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
     return generator.emitPutById(base.get(), m_ident, result);
 }
 
@@ -896,7 +915,7 @@ RegisterID* ReadModifyResolveNode::emitCode(CodeGenerator& generator, RegisterID
 
 RegisterID* AssignResolveNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
-    if (RegisterID* local = generator.registerForLocal(m_ident)) {
+    if (RegisterID* local = generator.registerFor(m_ident)) {
         if (generator.isLocalConstant(m_ident))
             return generator.emitNode(dst, m_right.get());
         
@@ -906,11 +925,12 @@ RegisterID* AssignResolveNode::emitCode(CodeGenerator& generator, RegisterID* ds
 
     int index = 0;
     size_t depth = 0;
-    if (generator.findScopedProperty(m_ident, index, depth, true) && index != missingSymbolMarker()) {
+    JSObject* globalObject = 0;
+    if (generator.findScopedProperty(m_ident, index, depth, true, globalObject) && index != missingSymbolMarker()) {
         if (dst == ignoredResult())
             dst = 0;
         RegisterID* value = generator.emitNode(dst, m_right.get());
-        generator.emitPutScopedVar(depth, index, value);
+        generator.emitPutScopedVar(depth, index, value, globalObject);
         return value;
     }
 
@@ -943,7 +963,7 @@ RegisterID* ReadModifyDotNode::emitCode(CodeGenerator& generator, RegisterID* ds
     generator.emitExpressionInfo(m_divot - m_subexpressionDivotOffset, m_startOffset - m_subexpressionDivotOffset, m_subexpressionEndOffset);
     RefPtr<RegisterID> value = generator.emitGetById(generator.tempDestination(dst), base.get(), m_ident);
     RegisterID* change = generator.emitNode(m_right.get());
-    RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), change, m_operator);
+    RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), change, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
 
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
     return generator.emitPutById(base.get(), m_ident, updatedValue);
@@ -978,7 +998,7 @@ RegisterID* ReadModifyBracketNode::emitCode(CodeGenerator& generator, RegisterID
     generator.emitExpressionInfo(m_divot - m_subexpressionDivotOffset, m_startOffset - m_subexpressionDivotOffset, m_subexpressionEndOffset);
     RefPtr<RegisterID> value = generator.emitGetByVal(generator.tempDestination(dst), base.get(), property.get());
     RegisterID* change = generator.emitNode(m_right.get());
-    RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), change, m_operator);
+    RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), change, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
 
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
     generator.emitPutByVal(base.get(), property.get(), updatedValue);
@@ -1005,7 +1025,7 @@ ConstDeclNode::ConstDeclNode(JSGlobalData* globalData, const Identifier& ident,
 
 RegisterID* ConstDeclNode::emitCodeSingle(CodeGenerator& generator)
 {
-    if (RegisterID* local = generator.registerForLocalConstInit(m_ident)) {
+    if (RegisterID* local = generator.constRegisterFor(m_ident)) {
         if (!m_init)
             return local;
 
@@ -1015,7 +1035,7 @@ RegisterID* ConstDeclNode::emitCodeSingle(CodeGenerator& generator)
     // FIXME: While this code should only be hit in eval code, it will potentially
     // assign to the wrong base if m_ident exists in an intervening dynamic scope.
     RefPtr<RegisterID> base = generator.emitResolveBase(generator.newTemporary(), m_ident);
-    RegisterID* value = generator.emitNode(m_init.get());
+    RegisterID* value = m_init ? generator.emitNode(m_init.get()) : generator.emitLoad(0, jsUndefined());
     return generator.emitPutById(base.get(), m_ident, value);
 }
 
@@ -1037,12 +1057,13 @@ RegisterID* ConstStatementNode::emitCode(CodeGenerator& generator, RegisterID*)
 
 // ------------------------------ Helper functions for handling Vectors of StatementNode -------------------------------
 
-static inline RegisterID* statementListEmitCode(StatementVector& statements, CodeGenerator& generator, RegisterID* dst = 0)
+static inline RegisterID* statementListEmitCode(StatementVector& statements, CodeGenerator& generator, RegisterID* dst)
 {
     StatementVector::iterator end = statements.end();
     for (StatementVector::iterator it = statements.begin(); it != end; ++it) {
         StatementNode* n = it->get();
-        generator.emitDebugHook(WillExecuteStatement, n->firstLine(), n->lastLine());
+        if (!n->isLoop())
+            generator.emitDebugHook(WillExecuteStatement, n->firstLine(), n->lastLine());
         generator.emitNode(dst, n);
     }
     return 0;
@@ -1058,23 +1079,6 @@ static inline void statementListPushFIFO(StatementVector& statements, Declaratio
     }
 }
 
-static inline Node* statementListInitializeVariableAccessStack(StatementVector& statements, DeclarationStacks::NodeStack& stack)
-{
-    if (statements.isEmpty())
-        return 0;
-
-    StatementVector::iterator it = statements.end();
-    StatementVector::iterator begin = statements.begin();
-    StatementVector::iterator beginPlusOne = begin + 1;
-
-    while (it != beginPlusOne) {
-        --it;
-        stack.append((*it).get());
-    }
-
-    return (*begin).get();
-}
-
 // ------------------------------ BlockNode ------------------------------------
 
 BlockNode::BlockNode(JSGlobalData* globalData, SourceElements* children)
@@ -1129,6 +1133,9 @@ RegisterID* IfNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     RegisterID* cond = generator.emitNode(m_condition.get());
     generator.emitJumpIfFalse(cond, afterThen.get());
 
+    if (!m_ifBlock->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_ifBlock->firstLine(), m_ifBlock->lastLine());
+
     generator.emitNode(dst, m_ifBlock.get());
     generator.emitLabel(afterThen.get());
 
@@ -1144,10 +1151,17 @@ RegisterID* IfElseNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     RegisterID* cond = generator.emitNode(m_condition.get());
     generator.emitJumpIfFalse(cond, beforeElse.get());
 
+    if (!m_ifBlock->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_ifBlock->firstLine(), m_ifBlock->lastLine());
+
     generator.emitNode(dst, m_ifBlock.get());
     generator.emitJump(afterElse.get());
 
     generator.emitLabel(beforeElse.get());
+
+    if (!m_elseBlock->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_elseBlock->firstLine(), m_elseBlock->lastLine());
+
     generator.emitNode(dst, m_elseBlock.get());
 
     generator.emitLabel(afterElse.get());
@@ -1163,16 +1177,23 @@ RegisterID* DoWhileNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     RefPtr<LabelID> topOfLoop = generator.newLabel();
     generator.emitLabel(topOfLoop.get());
 
+    generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine());
+
+    if (!m_statement->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
+
     RefPtr<LabelID> continueTarget = generator.newLabel();
     RefPtr<LabelID> breakTarget = generator.newLabel();
-    
+
     generator.pushJumpContext(&m_labelStack, continueTarget.get(), breakTarget.get(), true);
     RefPtr<RegisterID> result = generator.emitNode(dst, m_statement.get());
     generator.popJumpContext();
-    
+
     generator.emitLabel(continueTarget.get());
+    generator.emitDebugHook(WillExecuteStatement, m_expr->lineNo(), m_expr->lineNo());
     RegisterID* cond = generator.emitNode(m_expr.get());
     generator.emitJumpIfTrue(cond, topOfLoop.get());
+
     generator.emitLabel(breakTarget.get());
     return result.get();
 }
@@ -1187,12 +1208,16 @@ RegisterID* WhileNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 
     generator.emitJump(continueTarget.get());
     generator.emitLabel(topOfLoop.get());
-    
+
+    if (!m_statement->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
     generator.pushJumpContext(&m_labelStack, continueTarget.get(), breakTarget.get(), true);
     generator.emitNode(dst, m_statement.get());
     generator.popJumpContext();
 
     generator.emitLabel(continueTarget.get());
+    generator.emitDebugHook(WillExecuteStatement, m_expr->lineNo(), m_expr->lineNo());
     RegisterID* cond = generator.emitNode(m_expr.get());
     generator.emitJumpIfTrue(cond, topOfLoop.get());
 
@@ -1206,9 +1231,14 @@ RegisterID* WhileNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 
 RegisterID* ForNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
+    if (dst == ignoredResult())
+        dst = 0;
+
+    generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine());
+
     if (m_expr1)
         generator.emitNode(ignoredResult(), m_expr1.get());
-    
+
     RefPtr<LabelID> topOfLoop = generator.newLabel();
     RefPtr<LabelID> beforeCondition = generator.newLabel();
     RefPtr<LabelID> continueTarget = generator.newLabel(); 
@@ -1217,6 +1247,8 @@ RegisterID* ForNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 
     generator.emitLabel(topOfLoop.get());
     generator.pushJumpContext(&m_labelStack, continueTarget.get(), breakTarget.get(), true);
+    if (!m_statement->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
     RefPtr<RegisterID> result = generator.emitNode(dst, m_statement.get());
     generator.popJumpContext();
     generator.emitLabel(continueTarget.get());
@@ -1230,7 +1262,9 @@ RegisterID* ForNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     } else {
         generator.emitJump(topOfLoop.get());
     }
+
     generator.emitLabel(breakTarget.get());
+    
     return result.get();
 }
 
@@ -1264,10 +1298,14 @@ ForInNode::ForInNode(JSGlobalData* globalData, const Identifier& ident, Expressi
 
 RegisterID* ForInNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
+    if (!m_lexpr->isLocation())
+        return emitThrowError(generator, ReferenceError, "Left side of for-in statement is not a reference.");
     RefPtr<LabelID> loopStart = generator.newLabel();
     RefPtr<LabelID> continueTarget = generator.newLabel(); 
     RefPtr<LabelID> breakTarget = generator.newLabel(); 
 
+    generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine());
+
     if (m_init)
         generator.emitNode(ignoredResult(), m_init.get());
     RegisterID* forInBase = generator.emitNode(m_expr.get());
@@ -1277,7 +1315,7 @@ RegisterID* ForInNode::emitCode(CodeGenerator& generator, RegisterID* dst)
     RegisterID* propertyName;
     if (m_lexpr->isResolveNode()) {
         const Identifier& ident = static_cast<ResolveNode*>(m_lexpr.get())->identifier();
-        propertyName = generator.registerForLocal(ident);
+        propertyName = generator.registerFor(ident);
         if (!propertyName) {
             propertyName = generator.newTemporary();
             RefPtr<RegisterID> protect = propertyName;
@@ -1306,8 +1344,10 @@ RegisterID* ForInNode::emitCode(CodeGenerator& generator, RegisterID* dst)
         generator.emitExpressionInfo(assignNode->divot(), assignNode->startOffset(), assignNode->endOffset());
         generator.emitPutByVal(base.get(), subscript, propertyName);
     }   
-    
+
     generator.pushJumpContext(&m_labelStack, continueTarget.get(), breakTarget.get(), true);
+    if (!m_statement->isBlock())
+        generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
     generator.emitNode(dst, m_statement.get());
     generator.popJumpContext();
 
@@ -1372,8 +1412,10 @@ RegisterID* ReturnNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
     if (generator.codeType() != FunctionCode)
         return emitThrowError(generator, SyntaxError, "Invalid return statement.");
-        
-    RegisterID* r0 = m_value ? generator.emitNode(dst, m_value.get()) : generator.emitLoad(generator.finalDestination(dst), jsUndefined());
+
+    if (dst == ignoredResult())
+        dst = 0;
+    RegisterID* r0 = m_value ? generator.emitNode(dst, m_value.get()) : generator.emitLoad(dst, jsUndefined());
     if (generator.scopeDepth()) {
         RefPtr<LabelID> l0 = generator.newLabel();
         generator.emitJumpScopes(l0.get(), 0);
@@ -1428,7 +1470,7 @@ static void processClauseList(ClauseListNode* list, Vector<ExpressionNode*, 8>&
                 typeForTable = SwitchNeither;
                 break;
             }
-            UString& value = static_cast<StringNode*>(clauseExpression)->value();
+            const UString& value = static_cast<StringNode*>(clauseExpression)->value().ustring();
             if (singleCharacterSwitch &= value.size() == 1) {
                 int32_t intVal = value.rep()->data()[0];
                 if (intVal < min_num)
@@ -1493,7 +1535,7 @@ RegisterID* CaseBlockNode::emitCodeForBlock(CodeGenerator& generator, RegisterID
         for (ClauseListNode* list = m_list1.get(); list; list = list->getNext()) {
             RefPtr<RegisterID> clauseVal = generator.newTemporary();
             generator.emitNode(clauseVal.get(), list->getClause()->expr());
-            generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression);
+            generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression, OperandTypes());
             labelVector.append(generator.newLabel());
             generator.emitJumpIfTrue(clauseVal.get(), labelVector[labelVector.size() - 1].get());
         }
@@ -1501,7 +1543,7 @@ RegisterID* CaseBlockNode::emitCodeForBlock(CodeGenerator& generator, RegisterID
         for (ClauseListNode* list = m_list2.get(); list; list = list->getNext()) {
             RefPtr<RegisterID> clauseVal = generator.newTemporary();
             generator.emitNode(clauseVal.get(), list->getClause()->expr());
-            generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression);
+            generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression, OperandTypes());
             labelVector.append(generator.newLabel());
             generator.emitJumpIfTrue(clauseVal.get(), labelVector[labelVector.size() - 1].get());
         }
@@ -1577,6 +1619,8 @@ RegisterID* LabelNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 
 RegisterID* ThrowNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 {
+    if (dst == ignoredResult())
+        dst = 0;
     RefPtr<RegisterID> expr = generator.emitNode(dst, m_expr.get());
     generator.emitExpressionInfo(m_divot, m_startOffset, m_endOffset);
     generator.emitThrow(expr.get());
@@ -1619,11 +1663,17 @@ RegisterID* TryNode::emitCode(CodeGenerator& generator, RegisterID* dst)
         RefPtr<RegisterID> highestUsedRegister = generator.highestUsedRegister();
         RefPtr<LabelID> finallyEndLabel = generator.newLabel();
         generator.emitJumpSubroutine(finallyReturnAddr.get(), finallyStart.get());
+        // Use a label to record the subtle fact that sret will return to the
+        // next instruction. sret is the only way to jump without an explicit label.
+        generator.emitLabel(generator.newLabel().get());
         generator.emitJump(finallyEndLabel.get());
 
         // Finally block for exception path
         RefPtr<RegisterID> tempExceptionRegister = generator.emitCatch(generator.newTemporary(), tryStartLabel.get(), generator.emitLabel(generator.newLabel().get()).get());
         generator.emitJumpSubroutine(finallyReturnAddr.get(), finallyStart.get());
+        // Use a label to record the subtle fact that sret will return to the
+        // next instruction. sret is the only way to jump without an explicit label.
+        generator.emitLabel(generator.newLabel().get());
         generator.emitThrow(tempExceptionRegister.get());
 
         // emit the finally block itself
@@ -1640,39 +1690,37 @@ RegisterID* TryNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 
 // ------------------------------ ScopeNode -----------------------------
 
-ScopeNode::ScopeNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, bool usesEval, bool needsClosure)
+ScopeNode::ScopeNode(JSGlobalData* globalData, const SourceCode& source, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, CodeFeatures features, int numConstants)
     : BlockNode(globalData, children)
-    , m_sourceURL(globalData->parser->sourceURL())
-    , m_sourceId(globalData->parser->sourceId())
-    , m_usesEval(usesEval)
-    , m_needsClosure(needsClosure)
+    , m_source(source)
+    , m_features(features)
+    , m_numConstants(numConstants)
 {
     if (varStack)
         m_varStack = *varStack;
     if (funcStack)
         m_functionStack = *funcStack;
-
-    SCOPENODE_SAMPLING_notifyOfScope(globalData->machine->m_sampler);
+#if ENABLE(OPCODE_SAMPLING)
+    globalData->machine->sampler()->notifyOfScope(this);
+#endif
 }
 
 // ------------------------------ ProgramNode -----------------------------
 
-ProgramNode::ProgramNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, SourceProvider* sourceProvider, bool usesEval, bool needsClosure)
-    : ScopeNode(globalData, children, varStack, funcStack, usesEval, needsClosure)
-    , m_sourceProvider(sourceProvider)
+ProgramNode::ProgramNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
+    : ScopeNode(globalData, source, children, varStack, funcStack, features, numConstants)
 {
 }
 
-ProgramNode* ProgramNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, SourceProvider* sourceProvider, bool usesEval, bool needsClosure)
+ProgramNode* ProgramNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
 {
-    return new ProgramNode(globalData, children, varStack, funcStack, sourceProvider, usesEval, needsClosure);
+    return new ProgramNode(globalData, children, varStack, funcStack, source, features, numConstants);
 }
 
 // ------------------------------ EvalNode -----------------------------
 
-EvalNode::EvalNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, SourceProvider* sourceProvider, bool usesEval, bool needsClosure)
-    : ScopeNode(globalData, children, varStack, funcStack, usesEval, needsClosure)
-    , m_sourceProvider(sourceProvider)
+EvalNode::EvalNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
+    : ScopeNode(globalData, source, children, varStack, funcStack, features, numConstants)
 {
 }
 
@@ -1689,54 +1737,79 @@ RegisterID* EvalNode::emitCode(CodeGenerator& generator, RegisterID*)
     return 0;
 }
 
-void EvalNode::generateCode(ScopeChainNode* sc)
+void EvalNode::generateCode(ScopeChainNode* scopeChainNode)
 {
-    ScopeChain scopeChain(sc);
+    ScopeChain scopeChain(scopeChainNode);
     JSGlobalObject* globalObject = scopeChain.globalObject();
 
     SymbolTable symbolTable;
-    ASSERT(m_sourceProvider);
-    m_code.set(new EvalCodeBlock(this, globalObject, m_sourceProvider));
+    m_code.set(new EvalCodeBlock(this, globalObject, source().provider()));
 
     CodeGenerator generator(this, globalObject->debugger(), scopeChain, &symbolTable, m_code.get());
     generator.generate();
 }
 
-EvalNode* EvalNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, SourceProvider* sourceProvider, bool usesEval, bool needsClosure)
+EvalNode* EvalNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
 {
-    return new EvalNode(globalData, children, varStack, funcStack, sourceProvider, usesEval, needsClosure);
+    return new EvalNode(globalData, children, varStack, funcStack, source, features, numConstants);
 }
 
 // ------------------------------ FunctionBodyNode -----------------------------
 
-FunctionBodyNode::FunctionBodyNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, bool usesEval, bool needsClosure)
-    : ScopeNode(globalData, children, varStack, funcStack, usesEval, needsClosure)
+FunctionBodyNode::FunctionBodyNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& sourceCode, CodeFeatures features, int numConstants)
+    : ScopeNode(globalData, sourceCode, children, varStack, funcStack, features, numConstants)
+    , m_parameters(0)
+    , m_parameterCount(0)
+    , m_refCount(0)
 {
 }
 
+FunctionBodyNode::~FunctionBodyNode()
+{
+    if (m_parameters)
+        fastFree(m_parameters);
+}
+
+void FunctionBodyNode::finishParsing(const SourceCode& source, ParameterNode* firstParameter)
+{
+    Vector<Identifier> parameters;
+    for (ParameterNode* parameter = firstParameter; parameter; parameter = parameter->nextParam())
+        parameters.append(parameter->ident());
+    size_t count = parameters.size();
+
+    setSource(source);
+    finishParsing(parameters.releaseBuffer(), count);
+}
+
+void FunctionBodyNode::finishParsing(Identifier* parameters, size_t parameterCount)
+{
+    ASSERT(!source().isNull());
+    m_parameters = parameters;
+    m_parameterCount = parameterCount;
+}
+
 void FunctionBodyNode::mark()
 {
     if (m_code)
         m_code->mark();
 }
 
-FunctionBodyNode* FunctionBodyNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, bool usesEval, bool needsClosure)
+FunctionBodyNode* FunctionBodyNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, CodeFeatures features, int numConstants)
 {
-    return new FunctionBodyNode(globalData, children, varStack, funcStack, usesEval, needsClosure);
+    return new FunctionBodyNode(globalData, children, varStack, funcStack, SourceCode(), features, numConstants);
 }
 
-FunctionBodyNode* FunctionBodyNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, SourceProvider*, bool usesEval, bool needsClosure)
+FunctionBodyNode* FunctionBodyNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& sourceCode, CodeFeatures features, int numConstants)
 {
-    return new FunctionBodyNode(globalData, children, varStack, funcStack, usesEval, needsClosure);
+    return new FunctionBodyNode(globalData, children, varStack, funcStack, sourceCode, features, numConstants);
 }
 
-void FunctionBodyNode::generateCode(ScopeChainNode* sc)
+void FunctionBodyNode::generateCode(ScopeChainNode* scopeChainNode)
 {
-    ScopeChain scopeChain(sc);
+    ScopeChain scopeChain(scopeChainNode);
     JSGlobalObject* globalObject = scopeChain.globalObject();
 
-    ASSERT(m_source.sourceProvider());
-    m_code.set(new CodeBlock(this, FunctionCode, m_source.sourceProvider(), m_source.startOffset()));
+    m_code.set(new CodeBlock(this, FunctionCode, source().provider(), source().startOffset()));
 
     CodeGenerator generator(this, globalObject->debugger(), scopeChain, &m_symbolTable, m_code.get());
     generator.generate();
@@ -1745,9 +1818,9 @@ void FunctionBodyNode::generateCode(ScopeChainNode* sc)
 RegisterID* FunctionBodyNode::emitCode(CodeGenerator& generator, RegisterID*)
 {
     generator.emitDebugHook(DidEnterCallFrame, firstLine(), lastLine());
-    statementListEmitCode(m_children, generator);
+    statementListEmitCode(m_children, generator, ignoredResult());
     if (!m_children.size() || !m_children.last()->isReturnNode()) {
-        RegisterID* r0 = generator.emitLoad(generator.newTemporary(), jsUndefined());
+        RegisterID* r0 = generator.emitLoad(0, jsUndefined());
         generator.emitDebugHook(WillLeaveCallFrame, firstLine(), lastLine());
         generator.emitReturn(r0);
     }
@@ -1767,13 +1840,12 @@ RegisterID* ProgramNode::emitCode(CodeGenerator& generator, RegisterID*)
     return 0;
 }
 
-void ProgramNode::generateCode(ScopeChainNode* sc)
+void ProgramNode::generateCode(ScopeChainNode* scopeChainNode)
 {
-    ScopeChain scopeChain(sc);
+    ScopeChain scopeChain(scopeChainNode);
     JSGlobalObject* globalObject = scopeChain.globalObject();
     
-    ASSERT(m_sourceProvider);
-    m_code.set(new ProgramCodeBlock(this, GlobalCode, globalObject, m_sourceProvider));
+    m_code.set(new ProgramCodeBlock(this, GlobalCode, globalObject, source().provider()));
     
     CodeGenerator generator(this, globalObject->debugger(), scopeChain, &globalObject->symbolTable(), m_code.get(), m_varStack, m_functionStack);
     generator.generate();
@@ -1782,33 +1854,27 @@ void ProgramNode::generateCode(ScopeChainNode* sc)
 UString FunctionBodyNode::paramString() const
 {
     UString s("");
-    size_t count = m_parameters.size();
-    for (size_t pos = 0; pos < count; ++pos) {
+    for (size_t pos = 0; pos < m_parameterCount; ++pos) {
         if (!s.isEmpty())
             s += ", ";
-        s += m_parameters[pos].ustring();
+        s += parameters()[pos].ustring();
     }
 
     return s;
 }
 
-// ------------------------------ FuncDeclNode ---------------------------------
-
-void FuncDeclNode::addParams()
+Identifier* FunctionBodyNode::copyParameters()
 {
-    for (ParameterNode* p = m_parameter.get(); p; p = p->nextParam())
-        m_body->parameters().append(p->ident());
+    Identifier* parameters = static_cast<Identifier*>(fastMalloc(m_parameterCount * sizeof(Identifier)));
+    VectorCopier<false, Identifier>::uninitializedCopy(m_parameters, m_parameters + m_parameterCount, parameters);
+    return parameters;
 }
 
+// ------------------------------ FuncDeclNode ---------------------------------
+
 JSFunction* FuncDeclNode::makeFunction(ExecState* exec, ScopeChainNode* scopeChain)
 {
-    JSFunction* func = new (exec) JSFunction(exec, m_ident, m_body.get(), scopeChain);
-
-    JSObject* proto = constructEmptyObject(exec);
-    proto->putDirect(exec->propertyNames().constructor, func, DontEnum);
-    func->putDirect(exec->propertyNames().prototype, proto, DontDelete);
-    func->putDirect(exec->propertyNames().length, jsNumber(exec, m_body->parameters().size()), ReadOnly | DontDelete | DontEnum);
-    return func;
+    return new (exec) JSFunction(exec, m_ident, m_body.get(), scopeChain);
 }
 
 RegisterID* FuncDeclNode::emitCode(CodeGenerator&, RegisterID* dst)
@@ -1826,9 +1892,6 @@ RegisterID* FuncExprNode::emitCode(CodeGenerator& generator, RegisterID* dst)
 JSFunction* FuncExprNode::makeFunction(ExecState* exec, ScopeChainNode* scopeChain)
 {
     JSFunction* func = new (exec) JSFunction(exec, m_ident, m_body.get(), scopeChain);
-    JSObject* proto = constructEmptyObject(exec);
-    proto->putDirect(exec->propertyNames().constructor, func, DontEnum);
-    func->putDirect(exec->propertyNames().prototype, proto, DontDelete);
 
     /* 
         The Identifier in a FunctionExpression can be referenced from inside
@@ -1839,18 +1902,11 @@ JSFunction* FuncExprNode::makeFunction(ExecState* exec, ScopeChainNode* scopeCha
      */
 
     if (!m_ident.isNull()) {
-        JSStaticScopeObject* functionScopeObject = new (exec) JSStaticScopeObject(m_ident, func, ReadOnly | DontDelete);
+        JSStaticScopeObject* functionScopeObject = new (exec) JSStaticScopeObject(exec, m_ident, func, ReadOnly | DontDelete);
         func->scope().push(functionScopeObject);
     }
 
     return func;
 }
 
-// ECMA 13
-void FuncExprNode::addParams()
-{
-    for (ParameterNode* p = m_parameter.get(); p; p = p->nextParam())
-        m_body->parameters().append(p->ident());
-}
-
-} // namespace KJS
+} // namespace JSC