[WebKit.git] / JavaScriptCore / ChangeLog

2009-07-03  Yong Li  <yong.li@torchmobile.com>

        Reviewed by Maciej Stachowiak (and revised slightly)

        RegExp::match to be optimized
        https://bugs.webkit.org/show_bug.cgi?id=26957

        Allow regexp matching to use Vectors with inline capacity instead of
        allocating a new ovector buffer every time.
        
        ~5% speedup on SunSpider string-unpack-code test, 0.3% on SunSpider overall.

        * runtime/RegExp.cpp:
        (JSC::RegExp::match):
        * runtime/RegExp.h:
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructorPrivate::RegExpConstructorPrivate):
        (JSC::RegExpConstructorPrivate::lastOvector):
        (JSC::RegExpConstructorPrivate::tempOvector):
        (JSC::RegExpConstructorPrivate::changeLastOvector):
        (JSC::RegExpConstructor::performMatch):
        (JSC::RegExpMatchesArray::RegExpMatchesArray):
        (JSC::RegExpMatchesArray::fillArrayInstance):
        (JSC::RegExpConstructor::getBackref):
        (JSC::RegExpConstructor::getLastParen):
        (JSC::RegExpConstructor::getLeftContext):
        (JSC::RegExpConstructor::getRightContext):
        * runtime/StringPrototype.cpp:
        (JSC::stringProtoFuncSplit):

2009-06-30  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Eric Seidel.

        Override operator new/delete with const std::nothrow_t& as the second
        argument.
        https://bugs.webkit.org/show_bug.cgi?id=26792

        On Windows CE, operator new/delete, new[]/delete[] with const
        std::nothrow_t& must be overrided because some standard template
        libraries use these operators.

        The problem occurs when memory allocated by new(size_t s, const
        std::nothrow_t&) is freed by delete(void* p). This causes the umatched
        malloc/free problem.

        The patch overrides all new, delete, new[] and delete[] to use
        fastMaloc and fastFree consistently.

        * wtf/FastMalloc.h:
        (throw):

2009-06-30  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Sam Weinig.

        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Remove unnecessary references to AssemblerBuffer.

        * interpreter/Interpreter.cpp:
        * interpreter/Interpreter.h:

2009-06-29  David Levin  <levin@chromium.org>

        Reviewed by Oliver Hunt.

        Still seeing occasional leaks from UString::sharedBuffer code
        https://bugs.webkit.org/show_bug.cgi?id=26420

        The problem is that the pointer to the memory allocation isn't visible
        by "leaks" due to the lower bits being used as flags.  The fix is to
        make the pointer visible in memory (in debug only). The downside of
        this fix that the memory allocated by sharedBuffer will still look like
        a leak in non-debug builds when any flags are set.

        * wtf/PtrAndFlags.h:
        (WTF::PtrAndFlags::set):

2009-06-29  Sam Weinig  <sam@webkit.org>

        Reviewed by Mark Rowe.

        Remove more unused scons support.

        * SConstruct: Removed.

2009-06-29  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/7016214> JSON.parse fails to parse valid JSON with most Unicode characters
        <https://bugs.webkit.org/show_bug.cgi?id=26802>

        In the original JSON.parse patch unicode was handled correctly, however in some last
        minute "clean up" I oversimplified isSafeStringCharacter.  This patch corrects this bug.

        * runtime/LiteralParser.cpp:
        (JSC::isSafeStringCharacter):
        (JSC::LiteralParser::Lexer::lexString):

2009-06-26  Oliver Hunt  <oliver@apple.com>

        Reviewed by Dan Bernstein.

        <rdar://problem/7009684> REGRESSION(r45039): Crashes inside JSEvent::put on PowerPC (26746)
        <https://bugs.webkit.org/show_bug.cgi?id=26746>

        Fix for r45039 incorrectly uncached a get_by_id by converting it to put_by_id.  Clearly this
        is less than correct.  This patch corrects that error.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCacheGetByID):

2009-06-26  Eric Seidel  <eric@webkit.org>

        No review, only rolling out r45259.

        Roll out r45259 after crash appeared on the bots:
        plugins/undefined-property-crash.html
        ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize
        (leopard-intel-debug-tests/build/JavaScriptCore/runtime/Collector.cpp:278
        void* JSC::Heap::heapAllocate(size_t) [with JSC::HeapType heapType = PrimaryHeap])

        * runtime/DateInstance.cpp:
        * runtime/Identifier.cpp:
        * runtime/Lookup.h:
        * runtime/RegExpConstructor.cpp:
        * runtime/RegExpObject.h:
        * runtime/ScopeChain.h:
        * runtime/UString.h:

2009-06-26  Jedrzej Nowacki  <jedrzej.nowacki@nokia.com>

        Reviewed by Simon Hausmann.

        Add support for QDataStream operators to Vector.

        * wtf/Vector.h:
        (WTF::operator<<):
        (WTF::operator>>):

2009-06-24  Sam Weinig  <sam@webkit.org>

        Reviewed by Gavin Barraclough.

        Make the opcode sampler work once again.

        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        Extend FastAllocBase.h with 'using WTF::FastAllocBase' to avoid
        unnecessary WTF:: usings.
        Remove existing unnecessary WTF:: usings.

        * interpreter/Interpreter.h:
        * profiler/CallIdentifier.h:
        * runtime/ScopeChain.h:
        * wtf/FastAllocBase.h:

2009-06-24  David Levin  <levin@chromium.org>

        Fix all builds.

        * bytecode/CodeBlock.h:
        * bytecompiler/BytecodeGenerator.h:
        * interpreter/Register.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26677

        Inherits CodeBlock class from FastAllocBase because it
        has been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.h:217.

        * bytecode/CodeBlock.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26676

        Inherits BytecodeGenerator class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/parser/Nodes.cpp:1892.

        * bytecompiler/BytecodeGenerator.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.
        
        https://bugs.webkit.org/show_bug.cgi?id=26675

        Inherits Register class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/JSVariableObject.h:149.

        * interpreter/Register.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        https://bugs.webkit.org/show_bug.cgi?id=26674

        Inherits HashMap class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:458.

        * wtf/HashMap.h:

2009-06-24  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6940519> REGRESSION (Safari 4 Public Beta - TOT): google.com/adplanner shows blank page instead of site details in "basic research'

        The problem was caused by the page returned with a function using a
        var declaration list containing around ~3000 variables.  The solution
        to this is to flatten the comma expression representation and make
        codegen comma expressions and initializer lists iterative rather than
        recursive.

        * parser/Grammar.y:
        * parser/NodeConstructors.h:
        (JSC::CommaNode::CommaNode):
        * parser/Nodes.cpp:
        (JSC::CommaNode::emitBytecode):
        * parser/Nodes.h:
        (JSC::ExpressionNode::isCommaNode):
        (JSC::CommaNode::isCommaNode):
        (JSC::CommaNode::append):

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Maciej Stachowiak.

        https://bugs.webkit.org/show_bug.cgi?id=26645

        Inherits ScopeChainNode class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/ScopeChain.h:95.

        * wtf/RefPtr.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=26648

        Inherits Deque class from FastAllocBase because it has been
        instantiated by 'new' with DEFINE_STATIC_LOCAL macro in 
        JavaScriptCore/wtf/MainThread.cpp:62.

        * wtf/Deque.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=26644

        Inherits RefPtr class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/StructureChain.cpp:41.

        * wtf/RefPtr.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits HashSet class from FastAllocBase, because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Collector.h:116.

        * wtf/HashSet.h:

2009-06-24  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.

        Inherits Vector class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:633.

        * wtf/Vector.h:

2009-06-24  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Maciej Stachoviak.

        The BytecodeGenerator objects were instantiated on stack, which takes up ~38kB per instance
        (each instance includes copy of JSC::CodeBlock with large SymbolTable, etc.).
        Specifically, since there is nested invocation (e.g., GlobalCode --> FunctionCode),
        the stack overflows immediately on Symbian hardware (max. 80 kB).
        Proposed change allocates generator objects on heap.
        Performance impact (if any) should be negligible and change is proposed as general fix,
        rather than ifdef'd for SYMBIAN.

        * parser/Nodes.cpp:
        (JSC::ProgramNode::generateBytecode):
        (JSC::EvalNode::generateBytecode):
        (JSC::EvalNode::bytecodeForExceptionInfoReparse):
        (JSC::FunctionBodyNode::generateBytecode):
        (JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):

2009-06-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6992806> REGRESSION: Enumeration can skip new properties in cases of prototypes that have more than 64 (26593)
        <https://bugs.webkit.org/show_bug.cgi?id=26593>

        Do not attempt to cache structure chains if they contain a dictionary at any level.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::tryCachePutByID):
        (JSC::Interpreter::tryCacheGetByID):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCachePutByID):
        * runtime/Structure.cpp:
        (JSC::Structure::getEnumerablePropertyNames):
        (JSC::Structure::addPropertyTransition):
        * runtime/StructureChain.cpp:
        (JSC::StructureChain::isCacheable):
        * runtime/StructureChain.h:

2009-06-23  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26654
        Add the proper export define for the JavaScriptCore API when building for WINCE.

        * API/JSBase.h:

2009-06-23  Joe Mason  <joe.mason@torchmobile.com>

        Reviewed by Adam Treat.

        Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>

        https://bugs.webkit.org/show_bug.cgi?id=26611
        Implement currentThreadStackBase on WINCE by adding a global,
        g_stackBase, which must be set to the address of a local variable
        by the caller before calling any WebKit function that invokes JSC.

        * runtime/Collector.cpp:
        (JSC::isPageWritable):
        (JSC::getStackBase):
          Starts at the top of the stack and returns the entire range of
          consecutive writable pages as an estimate of the actual stack.
          This will be much bigger than the actual stack range, so some
          dead objects can't be collected, but it guarantees live objects
          aren't collected prematurely.

        (JSC::currentThreadStackBase):
          On WinCE, returns g_stackBase if set or call getStackBase as a
          fallback if not.

2009-06-23  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Fix stupid performance problem in the LiteralParser

        The LiteralParser was making a new UString in order to use
        toDouble, however UString's toDouble allows a much wider range
        of numberic strings than the LiteralParser accepts, and requires
        an additional heap allocation or two for the construciton of the
        UString.  To rectify this we just call WTF::dtoa directly using
        a stack allocated buffer to hold the validated numeric literal.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lexNumber):
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:

2009-06-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Alexey Proskuryakov.

        Bug 26640: JSON.stringify needs to special case Boolean objects
        <https://bugs.webkit.org/show_bug.cgi?id=26640>

        Add special case handling of the Boolean object so we match current
        ES5 errata.

        * runtime/JSONObject.cpp:
        (JSC::unwrapBoxedPrimitive): renamed from unwrapNumberOrString
        (JSC::gap):
        (JSC::Stringifier::appendStringifiedValue):

2009-06-22  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 26591: Support revivers in JSON.parse
        <https://bugs.webkit.org/show_bug.cgi?id=26591>

        Add reviver support to JSON.parse.  This completes the JSON object.

        * runtime/JSONObject.cpp:
        (JSC::Walker::Walker):
        (JSC::Walker::callReviver):
        (JSC::Walker::walk):
        (JSC::JSONProtoFuncParse):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler.

        Bug 26592: Support standard toJSON functions
        <https://bugs.webkit.org/show_bug.cgi?id=26592>

        Add support for the standard Date.toJSON function.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToJSON):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Bug 26594: JSC needs to support Date.toISOString
        <https://bugs.webkit.org/show_bug.cgi?id=26594>

        Add support for Date.toISOString.

        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncToISOString):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by NOBODY (Build fix).

        Remove dead code.

        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):

2009-06-21  Oliver Hunt  <oliver@apple.com>

        Reviewed by Darin Adler and Cameron Zwarich.

        Bug 26587: Support JSON.parse
        <https://bugs.webkit.org/show_bug.cgi?id=26587>

        Extend the LiteralParser to support the full strict JSON
        grammar, fix a few places where the grammar was incorrectly
        lenient.   Doesn't yet support the JSON.parse reviver function
        but that does not block the JSON.parse functionality itself.

        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::callEval):
        * runtime/JSGlobalObjectFunctions.cpp:
        (JSC::globalFuncEval):
        * runtime/JSONObject.cpp:
        (JSC::JSONProtoFuncParse):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::Lexer::lex):
        (JSC::isSafeStringCharacter):
        (JSC::LiteralParser::Lexer::lexString):
        (JSC::LiteralParser::parse):
        * runtime/LiteralParser.h:
        (JSC::LiteralParser::LiteralParser):
        (JSC::LiteralParser::tryJSONParse):
        (JSC::LiteralParser::):
        (JSC::LiteralParser::Lexer::Lexer):

2009-06-21  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (speculative build fix for windows).

        Simply removed some whitespace form this file to make windows build wtf and
        hopefully copy the new MessageQueque.h so that WebCore picks it up.

        * wtf/Assertions.cpp:

2009-06-21  Drew Wilson  <atwilson@google.com>

        Reviewed by David Levin.

        <https://bugs.webkit.org/show_bug.cgi?id=25043>
        Added support for multi-threaded MessagePorts.

        * wtf/MessageQueue.h:
        (WTF::::appendAndCheckEmpty):
            Added API to test whether the queue was empty before adding an element.
  
2009-06-20  David D. Kilzer  <ddkilzer@webkit.org>

        Fix namespace comment in SegmentedVector.h

        * wtf/SegmentedVector.h: Updated namespace comment to reflect
        new namespace after r44897.

2009-06-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Reviewed by Oliver Hunt.

        An Iterator added for SegmentedVector. Currently
        only the pre ++ operator is supported.

        * wtf/SegmentedVector.h:
        (WTF::SegmentedVectorIterator::~SegmentedVectorIterator):
        (WTF::SegmentedVectorIterator::operator*):
        (WTF::SegmentedVectorIterator::operator->):
        (WTF::SegmentedVectorIterator::operator++):
        (WTF::SegmentedVectorIterator::operator==):
        (WTF::SegmentedVectorIterator::operator!=):
        (WTF::SegmentedVectorIterator::operator=):
        (WTF::SegmentedVectorIterator::SegmentedVectorIterator):
        (WTF::SegmentedVector::alloc):
        (WTF::SegmentedVector::begin):
        (WTF::SegmentedVector::end):

2009-06-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        Reviewed by Oliver Hunt.

        Move SegmentedVector to /wtf subdirectory
        and change "namespace JSC" to "namespace WTF"

        Additional build file updates by David Kilzer.

        * GNUmakefile.am: Updated path to SegmentedVector.h.
        * JavaScriptCore.order: Updated SegmentedVector namespace from
        JSC to WTF in mangled C++ method name.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
        Removed reference to bytecompiler\SegmentedVector.h.
        * JavaScriptCore.vcproj/WTF/WTF.vcproj: Added reference to
        wtf\SegmentedVector.h.
        * JavaScriptCore.xcodeproj/project.pbxproj: Moved
        SegmentedVector.h definition from bytecompiler subdirectory to
        wtf subdirectory.
        * bytecompiler/BytecodeGenerator.h: Updated #include path to
        SegmentedVector.h and prepended WTF:: namespace to its use.
        * parser/Lexer.h: Ditto.
        * wtf/SegmentedVector.h: Renamed from JavaScriptCore/bytecompiler/SegmentedVector.h.
        (WTF::SegmentedVector::SegmentedVector):
        (WTF::SegmentedVector::~SegmentedVector):
        (WTF::SegmentedVector::size):
        (WTF::SegmentedVector::at):
        (WTF::SegmentedVector::operator[]):
        (WTF::SegmentedVector::last):
        (WTF::SegmentedVector::append):
        (WTF::SegmentedVector::removeLast):
        (WTF::SegmentedVector::grow):
        (WTF::SegmentedVector::clear):
        (WTF::SegmentedVector::deleteAllSegments):
        (WTF::SegmentedVector::segmentExistsFor):
        (WTF::SegmentedVector::segmentFor):
        (WTF::SegmentedVector::subscriptFor):
        (WTF::SegmentedVector::ensureSegmentsFor):
        (WTF::SegmentedVector::ensureSegment):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix take 2 - rename FIELD_OFFSET to something that doesn't conflict with winnt.h).

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile):
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::emitGetVariableObjectRegister):
        (JSC::JIT::emitPutVariableObjectRegister):
        * jit/JIT.h:
        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):
        (JSC::JIT::emitSlow_op_jnless):
        (JSC::JIT::emitSlow_op_jnlesseq):
        (JSC::JIT::compileBinaryArithOp):
        * jit/JITCall.cpp:
        (JSC::JIT::compileOpCallInitializeCallFrame):
        (JSC::JIT::compileOpCall):
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        (JSC::JIT::checkStructure):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_instanceof):
        (JSC::JIT::emit_op_get_scoped_var):
        (JSC::JIT::emit_op_put_scoped_var):
        (JSC::JIT::emit_op_construct_verify):
        (JSC::JIT::emit_op_resolve_global):
        (JSC::JIT::emit_op_jeq_null):
        (JSC::JIT::emit_op_jneq_null):
        (JSC::JIT::emit_op_to_jsnumber):
        (JSC::JIT::emit_op_catch):
        (JSC::JIT::emit_op_eq_null):
        (JSC::JIT::emit_op_neq_null):
        (JSC::JIT::emit_op_convert_this):
        (JSC::JIT::emit_op_profile_will_call):
        (JSC::JIT::emit_op_profile_did_call):
        (JSC::JIT::emitSlow_op_get_by_val):
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::emit_op_get_by_val):
        (JSC::JIT::emit_op_put_by_val):
        (JSC::JIT::emit_op_method_check):
        (JSC::JIT::compileGetByIdHotPath):
        (JSC::JIT::emit_op_put_by_id):
        (JSC::JIT::compilePutDirectOffset):
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompilePutByIdTransition):
        (JSC::JIT::privateCompilePatchGetArrayLength):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        * jit/JIT.h:
        * jit/JITInlineMethods.h:

2009-06-19  Gabor Loki  <loki@inf.u-szeged.hu>

        Reviewed by Gavin Barraclough.

        Reorganize ARM architecture specific macros.
        Use PLATFORM_ARM_ARCH(7) instead of PLATFORM(ARM_V7).

        Bug 24986: ARM JIT port
        <https://bugs.webkit.org/show_bug.cgi?id=24986>

        * assembler/ARMv7Assembler.h:
        * assembler/AbstractMacroAssembler.h:
        (JSC::AbstractMacroAssembler::Imm32::Imm32):
        * assembler/MacroAssembler.h:
        * assembler/MacroAssemblerCodeRef.h:
        (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
        * jit/ExecutableAllocator.h:
        (JSC::ExecutableAllocator::cacheFlush):
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReferenceForTrampoline):
        * jit/JITStubs.cpp:
        * jit/JITStubs.h:
        * wtf/Platform.h:
        * yarr/RegexJIT.cpp:
        (JSC::Yarr::RegexGenerator::generateEnter):
        (JSC::Yarr::RegexGenerator::generateReturn):

2009-06-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        Fix armv7 JIT build issues.

        Unfortunate the arm compiler does not like the use of offsetof on JITStackFrame (since it now contains non POD types),
        and the FIELD_OFFSET macro does not appear constantish enough for it to be happy with its use in COMPILE_ASSERT macros.

        * Replace offsetofs with FIELD_OFFSETs (safe on C++ objects).
        * Move COMPILE_ASSERTs defending layout of JITStackFrame structure on armv7 into JITThunks constructor.

        * jit/JIT.cpp:
        * jit/JIT.h:
        * jit/JITInlineMethods.h:
        (JSC::JIT::restoreArgumentReference):
        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_catch):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::JITThunks):

2009-06-19  Adam Treat  <adam.treat@torchmobile.com>

        Blind attempt at build fix.

        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-19  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Oliver Hunt.

        Inherits CallIdentifier struct from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/profiler/CallIdentifier.h:86.

        * wtf/HashCountedSet.h:

2009-06-19  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=26540
        Modify the test shell to add a new function 'checkSyntax' that will
        only parse the source instead of executing it. In this way we can test
        pure parsing performance against some of the larger scripts in the wild.

        * jsc.cpp:
        (GlobalObject::GlobalObject):
        (functionCheckSyntax):

2009-06-19  Zoltan Horvath  <hzoltan@inf.u-szeged.hu>

        Reviewed by Darin Adler.
        
        Inherits HashCountedSet class from FastAllocBase because it has been
        instantiated by 'new' in JavaScriptCore/runtime/Collector.cpp:1095.

        * wtf/HashCountedSet.h:

2009-06-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26558
        Declare these symbols extern for WINCE as they are provided by libce.

        * runtime/DateConstructor.cpp:
        * runtime/DatePrototype.cpp:
        (JSC::formatLocaleDate):

2009-06-19  Oliver Hunt  <oliver@apple.com>

        Reviewed by Maciej Stachowiak.

        <rdar://problem/6988973> ScopeChain leak in interpreter builds

        Move the Scopechain destruction code in JSFunction outside of the ENABLE(JIT)
        path.

        * runtime/JSFunction.cpp:
        (JSC::JSFunction::~JSFunction):
        * wtf/Platform.h:

2009-06-19  Yong Li  <yong.li@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=26543
        Windows CE uses 'GetLastError' instead of 'errno.'

        * interpreter/RegisterFile.h:
        (JSC::RegisterFile::RegisterFile):
        (JSC::RegisterFile::grow):

2009-06-19  David Levin  <levin@chromium.org>

        Reviewed by NOBODY (Windows build fix).

        Add export for Windows corresponding to OSX export done in r44844.
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:

2009-06-18  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin "Viceroy of Venezuela" Barraclough.

        Bug 26532: Native functions do not correctly unlink from optimised callsites when they're collected
        <https://bugs.webkit.org/show_bug.cgi?id=26532> <rdar://problem/6625385>

        We need to make sure that each native function instance correctly unlinks any references to it
        when it is collected.  Allowing this to happen required a few changes:
            * Every native function needs a codeblock to track the link information
            * To have this codeblock, every function now also needs its own functionbodynode
              so we no longer get to have a single shared instance.
            * Identifying a host function is now done by looking for CodeBlock::codeType() == NativeCode

        * JavaScriptCore.exp:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::CodeBlock):
           Constructor for NativeCode CodeBlock
        (JSC::CodeBlock::derefStructures):
        (JSC::CodeBlock::refStructures):
        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
        (JSC::CodeBlock::handlerForBytecodeOffset):
        (JSC::CodeBlock::lineNumberForBytecodeOffset):
        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
        (JSC::CodeBlock::functionRegisterForBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
        (JSC::CodeBlock::setJITCode):
           Add assertions to ensure we don't try and use NativeCode CodeBlocks as
           a normal codeblock.

        * bytecode/CodeBlock.h:
        (JSC::):
        (JSC::CodeBlock::source):
        (JSC::CodeBlock::sourceOffset):
        (JSC::CodeBlock::evalCodeCache):
        (JSC::CodeBlock::createRareDataIfNecessary):
          More assertions.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompileCTIMachineTrampolines):
        (JSC::JIT::linkCall):
          Update logic to allow native function caching

        * jit/JITStubs.cpp:
        * parser/Nodes.cpp:
        (JSC::FunctionBodyNode::createNativeThunk):
        (JSC::FunctionBodyNode::isHostFunction):
        * parser/Nodes.h:
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::~JSFunction):
        (JSC::JSFunction::mark):
        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::~JSGlobalData):
        * runtime/JSGlobalData.h:

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (Windows build fix).

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Geoff Garen.

        Timezone calculation incorrect in Venezuela.

        https://bugs.webkit.org/show_bug.cgi?id=26531
        <rdar://problem/6646169> Time is incorrectly reported to JavaScript in both Safari 3 and Firefox 3

        The problem is that we're calculating the timezone relative to 01/01/2000,
        but the VET timezone changed from -4 hours to -4:30 hours on 12/09/2007.
        According to the spec, section 15.9.1.9 states "the time since the beginning
        of the year", presumably meaning the *current* year.  Change the calculation
        to be based on whatever the current year is, rather than a canned date.

        No performance impact.

        * wtf/DateMath.cpp:
        (WTF::calculateUTCOffset):

2009-06-18  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe (originally reviewed by Sam Weinig).

        (Reintroducing patch added in r44492, and reverted in r44796.)

        Change the implementation of op_throw so the stub function always modifies its
        return address - if it doesn't find a 'catch' it will switch to a trampoline
        to force a return from JIT execution.  This saves memory, by avoiding the need
        for a unique return for every op_throw.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
            JITStubs::cti_op_throw now always changes its return address,
            remove return code generated after the stub call (this is now
            handled by ctiOpThrowNotCaught).
        * jit/JITStubs.cpp:
        (JSC::):
            Add ctiOpThrowNotCaught definitions.
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
            Change cti_op_throw to always change its return address.
        * jit/JITStubs.h:
            Add ctiOpThrowNotCaught declaration.

2009-06-18  Kevin McCullough  <kmccullough@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6940880> REGRESSION: Breakpoints don't break in 64-bit

        - Exposed functions now needed by WebCore.

        * JavaScriptCore.exp:

2009-06-17  Darin Adler  <darin@apple.com>

        Reviewed by Oliver Hunt.

        Bug 26429: Make JSON.stringify non-recursive so it can handle objects
        of arbitrary complexity
        https://bugs.webkit.org/show_bug.cgi?id=26429

        For marking I decided not to use gcProtect, because this is inside the engine
        so it's easy enough to just do marking. And that darned gcProtect does locking!
        Oliver tried to convince me to used MarkedArgumentBuffer, but the constructor
        for that class says "FIXME: Remove all clients of this API, then remove this API."

        * runtime/Collector.cpp:
        (JSC::Heap::collect): Add a call to JSONObject::markStringifiers.

        * runtime/CommonIdentifiers.cpp:
        (JSC::CommonIdentifiers::CommonIdentifiers): Added emptyIdentifier.
        * runtime/CommonIdentifiers.h: Ditto.

        * runtime/JSGlobalData.cpp:
        (JSC::JSGlobalData::JSGlobalData): Initialize firstStringifierToMark to 0.
        * runtime/JSGlobalData.h: Added firstStringifierToMark.

        * runtime/JSONObject.cpp: Cut down the includes to the needed ones only.
        (JSC::unwrapNumberOrString): Added. Helper for unwrapping number and string
        objects to get their number and string values.
        (JSC::ReplacerPropertyName::ReplacerPropertyName): Added. The class is used
        to wrap an identifier or integer so we don't have to do any work unless we
        actually call a replacer.
        (JSC::ReplacerPropertyName::value): Added.
        (JSC::gap): Added. Helper function for the Stringifier constructor.
        (JSC::PropertyNameForFunctionCall::PropertyNameForFunctionCall): Added.
        The class is used to wrap an identifier or integer so we don't have to
        allocate a number or string until we actually call toJSON or a replacer.
        (JSC::PropertyNameForFunctionCall::asJSValue): Added.
        (JSC::Stringifier::Stringifier): Updated and moved out of the class
        definition. Added code to hook this into a singly linked list for marking.
        (JSC::Stringifier::~Stringifier): Remove from the singly linked list.
        (JSC::Stringifier::mark): Mark all the objects in the holder stacks.
        (JSC::Stringifier::stringify): Updated.
        (JSC::Stringifier::appendQuotedString): Tweaked and streamlined a bit.
        (JSC::Stringifier::toJSON): Renamed from toJSONValue.
        (JSC::Stringifier::appendStringifiedValue): Renamed from stringify.
        Added code to use the m_holderStack to do non-recursive stringify of
        objects and arrays. This code also uses the timeout checker since in
        pathological cases it could be slow even without calling into the
        JavaScript virtual machine.
        (JSC::Stringifier::willIndent): Added.
        (JSC::Stringifier::indent): Added.
        (JSC::Stringifier::unindent): Added.
        (JSC::Stringifier::startNewLine): Added.
        (JSC::Stringifier::Holder::Holder): Added.
        (JSC::Stringifier::Holder::appendNextProperty): Added. This is the
        function that handles the format of arrays and objects.
        (JSC::JSONObject::getOwnPropertySlot): Moved this down to the bottom
        of the file so the JSONObject class is not interleaved with the
        Stringifier class.
        (JSC::JSONObject::markStringifiers): Added. Calls mark.
        (JSC::JSONProtoFuncStringify): Streamlined the code here. The code
        to compute the gap string is now a separate function.

        * runtime/JSONObject.h: Made everything private. Added markStringifiers.

2009-06-17  Oliver Hunt  <oliver@apple.com>

        Reviewed by Gavin Barraclough.

        <rdar://problem/6974140> REGRESSION(r43849): Crash in cti_op_call_NotJSFunction when getting directions on maps.google.com

        Roll out r43849 as it appears that we cannot rely on the address of
        an objects property storage being constant even if the structure is
        unchanged.

        * jit/JIT.h:
        * jit/JITPropertyAccess.cpp:
        (JSC::JIT::compileGetDirectOffset):
        (JSC::JIT::privateCompileGetByIdProto):
        (JSC::JIT::privateCompileGetByIdProtoList):
        (JSC::JIT::privateCompileGetByIdChainList):
        (JSC::JIT::privateCompileGetByIdChain):

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Rubber Stamped by Mark Rowe.

        Fully revert r44492 & r44748 while we fix a bug they cause on internal builds <rdar://problem/6955963>.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
        * jit/JITStubs.cpp:
        (JSC::):
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):
        * jit/JITStubs.h:

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Mark Rowe.

        <rdar://problem/6947426> sunspider math-cordic.js exhibits different intermediate results running 32-bit vs. 64-bit

        On 64-bit, NaN-encoded values must be detagged before they can be used in rshift.

        No performance impact.

        * jit/JITArithmetic.cpp:
        (JSC::JIT::emit_op_rshift):

2009-06-17  Adam Treat  <adam.treat@torchmobile.com>

        Reviewed by George Staikos.

        https://bugs.webkit.org/show_bug.cgi?id=23155
        Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.

        * jsc.cpp:
        (main):

2009-06-17  George Staikos  <george.staikos@torchmobile.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=23155
        Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.

        * config.h:
        * jsc.cpp:
        * wtf/Assertions.cpp:
        * wtf/Assertions.h:
        * wtf/CurrentTime.cpp:
        (WTF::lowResUTCTime):
        * wtf/DateMath.cpp:
        (WTF::getLocalTime):
        * wtf/MathExtras.h:
        * wtf/Platform.h:
        * wtf/StringExtras.h:
        * wtf/Threading.h:
        * wtf/win/MainThreadWin.cpp:

2009-06-17  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com

        Remove PropertySlot::putValue - PropertySlots should only be used for getting,
        not putting.  Rename JSGlobalObject::getOwnPropertySlot to hasOwnPropertyForWrite,
        which is what it really was being used to ask, and remove some other getOwnPropertySlot
        & getOwnPropertySlotForWrite methods, which were unused and likely to lead to confusion.

        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::hasOwnPropertyForWrite):
        * runtime/JSObject.h:
        * runtime/JSStaticScopeObject.cpp:
        * runtime/JSStaticScopeObject.h:
        * runtime/PropertySlot.h:

2009-06-16  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Oliver hunt.

        Temporarily partially disable r44492, since this is causing some problems on internal builds.

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_throw):
        * jit/JITStubs.cpp:
        (JSC::JITStubs::DEFINE_STUB_FUNCTION):

2009-06-16  Sam Weinig  <sam@webkit.org>

        Fix windows build.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):

2009-06-16  Sam Weinig  <sam@webkit.org>

        Reviewed by Oliver Hunt.

        Initialize m_bytecodeIndex to -1 in JIT, and correctly initialize
        it for each type of stub using the return address to find the correct
        offset.

        * jit/JIT.cpp:
        (JSC::JIT::JIT):
        * jit/JIT.h:
        (JSC::JIT::compileGetByIdProto):
        (JSC::JIT::compileGetByIdSelfList):
        (JSC::JIT::compileGetByIdProtoList):
        (JSC::JIT::compileGetByIdChainList):
        (JSC::JIT::compileGetByIdChain):
        (JSC::JIT::compilePutByIdTransition):
        (JSC::JIT::compileCTIMachineTrampolines):
        (JSC::JIT::compilePatchGetArrayLength):
        * jit/JITStubCall.h:
        (JSC::JITStubCall::call):

== Rolled over to ChangeLog-2009-06-16 ==