Google Git
Sign in
webkit / WebKit / 46c7967d685752f0c4c763be8678e9cf25de94a6 / . / JavaScriptCore / ChangeLog
blob: 4ae15798a371f68b975456a679c19c862a56c98c [file] [log] [blame]
2009-07-10 Adam Roben <aroben@apple.com>
Sort all our Xcode projects
Accomplished using sort-Xcode-project-file.
Requested by Dave Kilzer.
* JavaScriptCore.xcodeproj/project.pbxproj:
2009-07-09 Maciej Stachowiak <mjs@apple.com>
Not reviewed, build fix.
Windows build fix for the last change.
* wtf/dtoa.cpp: Forgot to include Vector.h
2009-07-09 Maciej Stachowiak <mjs@apple.com>
Reviewed by Darin Adler.
REGRESSION: crash in edge cases of floating point parsing.
https://bugs.webkit.org/show_bug.cgi?id=27110
<rdar://problem/7044458>
Tests: fast/css/number-parsing-crash.html
fast/css/number-parsing-crash.html
fast/js/number-parsing-crash.html
* wtf/dtoa.cpp:
(WTF::BigInt::BigInt): Converted this to more a proper class, using a Vector
with inline capacity
(WTF::lshift): Rearranged logic somewhat nontrivially to deal with the new way of sizing BigInts.
Added an assertion to verify that invariants are maintained.
All other functions are adapted fairly mechanically to the above changes.
(WTF::BigInt::clear):
(WTF::BigInt::size):
(WTF::BigInt::resize):
(WTF::BigInt::words):
(WTF::BigInt::append):
(WTF::multadd):
(WTF::s2b):
(WTF::i2b):
(WTF::mult):
(WTF::cmp):
(WTF::diff):
(WTF::b2d):
(WTF::d2b):
(WTF::ratio):
(WTF::strtod):
(WTF::quorem):
(WTF::dtoa):
2009-07-09 Drew Wilson <atwilson@google.com>
Reviewed by Alexey Proskuryakov.
Turned on CHANNEL_MESSAGING by default because the MessageChannel API
can now be implemented for Web Workers and is reasonably stable.
* Configurations/FeatureDefines.xcconfig:
2009-07-09 Oliver Hunt <oliver@apple.com>
Reviewed by NOBODY (Build fix).
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
2009-07-09 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
Bug 27016 - Interpreter crashes due to invalid array indexes
<https://bugs.webkit.org/show_bug.cgi?id=27016>
Unsigned vs signed conversions results in incorrect behaviour in
64bit interpreter builds.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::privateExecute):
2009-07-09 Dimitri Glazkov <dglazkov@chromium.org>
Reviewed by Darin Fisher.
[Chromium] Upstream JavaScriptCore.gypi, the project file for Chromium build.
https://bugs.webkit.org/show_bug.cgi?id=27135
* JavaScriptCore.gypi: Added.
2009-07-09 Joe Mason <joe.mason@torchmobile.com>
Reviewed by George Staikos.
Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>
https://bugs.webkit.org/show_bug.cgi?id=27031
Add an override for deleteOwnedPtr(HDC) on Windows
* wtf/OwnPtrCommon.h:
* wtf/OwnPtrWin.cpp:
(WTF::deleteOwnedPtr):
2009-07-09 Laszlo Gombos <laszlo.1.gombos@nokia.com>
Reviewed by Darin Adler.
Guard singal.h dependency with HAVE(SIGNAL_H) to enable building jsc
on SYMBIAN.
https://bugs.webkit.org/show_bug.cgi?id=27026
Based on Norbert Leser's work.
* jsc.cpp:
(printUsageStatement):
(parseArguments):
* wtf/Platform.h:
2009-07-07 Gavin Barraclough <barraclough@apple.com>
Reviewed by Sam Weinig.
Stop loading constants into the register file.
Instead, use high register values (highest bit bar the sign bit set) to indicate
constants in the instruction stream, and when we encounter such a value load it
directly from the CodeBlock.
Since constants are no longer copied into the register file, this patch renders
the 'unexpected constant' mechanism redundant, and removes it.
2% improvement, thanks to Sam Weinig.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dump):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::mark):
(JSC::CodeBlock::shrinkToFit):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::isTemporaryRegisterIndex):
(JSC::CodeBlock::constantRegister):
(JSC::CodeBlock::isConstantRegisterIndex):
(JSC::CodeBlock::getConstant):
(JSC::ExecState::r):
* bytecode/Opcode.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::preserveLastVar):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::addConstantValue):
(JSC::BytecodeGenerator::emitEqualityOp):
(JSC::BytecodeGenerator::emitLoad):
(JSC::BytecodeGenerator::emitResolveBase):
(JSC::BytecodeGenerator::emitResolveWithBase):
(JSC::BytecodeGenerator::emitNewError):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitNode):
* interpreter/CallFrame.h:
(JSC::ExecState::noCaller):
(JSC::ExecState::hasHostCallFrameFlag):
(JSC::ExecState::addHostCallFrameFlag):
(JSC::ExecState::removeHostCallFrameFlag):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::resolve):
(JSC::Interpreter::resolveSkip):
(JSC::Interpreter::resolveGlobal):
(JSC::Interpreter::resolveBase):
(JSC::Interpreter::resolveBaseAndProperty):
(JSC::Interpreter::resolveBaseAndFunc):
(JSC::Interpreter::dumpRegisters):
(JSC::Interpreter::throwException):
(JSC::Interpreter::createExceptionScope):
(JSC::Interpreter::privateExecute):
(JSC::Interpreter::retrieveArguments):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JITInlineMethods.h:
(JSC::JIT::emitLoadDouble):
(JSC::JIT::emitLoadInt32ToDouble):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_new_error):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_enter_with_activation):
* parser/Nodes.cpp:
(JSC::DeleteResolveNode::emitBytecode):
(JSC::DeleteValueNode::emitBytecode):
(JSC::PrefixResolveNode::emitBytecode):
* runtime/JSActivation.cpp:
(JSC::JSActivation::JSActivation):
* wtf/Platform.h:
2009-07-07 Mark Rowe <mrowe@apple.com>
Reviewed by Darin Adler.
Fix <https://bugs.webkit.org/show_bug.cgi?id=27025> / <rdar://problem/7033448>.
Bug 27025: Crashes and regression test failures related to regexps in 64-bit
For x86_64 RegexGenerator uses rbx, a callee-save register, as a scratch register but
neglects to save and restore it. The change in handling of the output vector in r45545
altered code generation so that the RegExp::match was now storing important data in rbx,
which caused crashes and bogus results when it was clobbered.
* yarr/RegexJIT.cpp:
(JSC::Yarr::RegexGenerator::generateEnter): Save rbx.
(JSC::Yarr::RegexGenerator::generateReturn): Restore rbx.
2009-07-06 Ada Chan <adachan@apple.com>
Reviewed by Darin Adler and Mark Rowe.
Decommitted spans are added to the list of normal spans rather than
the returned spans in TCMalloc_PageHeap::Delete().
https://bugs.webkit.org/show_bug.cgi?id=26998
In TCMalloc_PageHeap::Delete(), the deleted span can be decommitted in
the process of merging with neighboring spans that are also decommitted.
The merged span needs to be placed in the list of returned spans (spans
whose memory has been returned to the system). Right now it's always added
to the list of the normal spans which can theoretically cause thrashing.
* wtf/FastMalloc.cpp:
(WTF::TCMalloc_PageHeap::Delete):
2009-07-05 Lars Knoll <lars.knoll@nokia.com>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26843
Fix run-time crashes in JavaScriptCore with the Metrowerks compiler on Symbian.
The Metrowerks compiler on the Symbian platform moves the globally
defined Hashtables into read-only memory, despite one of the members
being mutable. This causes crashes at run-time due to write access to
read-only memory.
Avoid the use of const with this compiler by introducing the
JSC_CONST_HASHTABLE macro.
Based on idea by Norbert Leser.
* runtime/Lookup.h: Define JSC_CONST_HASHTABLE as const for !WINSCW.
* create_hash_table: Use JSC_CONST_HASHTABLE for hashtables.
* runtime/JSGlobalData.cpp: Import various global hashtables via the macro.
2009-07-04 Dan Bernstein <mitz@apple.com>
- debug build fix
* runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructor::getLastParen):
2009-07-03 Yong Li <yong.li@torchmobile.com>
Reviewed by Maciej Stachowiak (and revised slightly)
RegExp::match to be optimized
https://bugs.webkit.org/show_bug.cgi?id=26957
Allow regexp matching to use Vectors with inline capacity instead of
allocating a new ovector buffer every time.
~5% speedup on SunSpider string-unpack-code test, 0.3% on SunSpider overall.
* runtime/RegExp.cpp:
(JSC::RegExp::match):
* runtime/RegExp.h:
* runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructorPrivate::RegExpConstructorPrivate):
(JSC::RegExpConstructorPrivate::lastOvector):
(JSC::RegExpConstructorPrivate::tempOvector):
(JSC::RegExpConstructorPrivate::changeLastOvector):
(JSC::RegExpConstructor::performMatch):
(JSC::RegExpMatchesArray::RegExpMatchesArray):
(JSC::RegExpMatchesArray::fillArrayInstance):
(JSC::RegExpConstructor::getBackref):
(JSC::RegExpConstructor::getLastParen):
(JSC::RegExpConstructor::getLeftContext):
(JSC::RegExpConstructor::getRightContext):
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncSplit):
2009-06-30 Kwang Yul Seo <skyul@company100.net>
Reviewed by Eric Seidel.
Override operator new/delete with const std::nothrow_t& as the second
argument.
https://bugs.webkit.org/show_bug.cgi?id=26792
On Windows CE, operator new/delete, new[]/delete[] with const
std::nothrow_t& must be overrided because some standard template
libraries use these operators.
The problem occurs when memory allocated by new(size_t s, const
std::nothrow_t&) is freed by delete(void* p). This causes the umatched
malloc/free problem.
The patch overrides all new, delete, new[] and delete[] to use
fastMaloc and fastFree consistently.
* wtf/FastMalloc.h:
(throw):
2009-06-30 Gabor Loki <loki@inf.u-szeged.hu>
Reviewed by Sam Weinig.
<https://bugs.webkit.org/show_bug.cgi?id=24986>
Remove unnecessary references to AssemblerBuffer.
* interpreter/Interpreter.cpp:
* interpreter/Interpreter.h:
2009-06-29 David Levin <levin@chromium.org>
Reviewed by Oliver Hunt.
Still seeing occasional leaks from UString::sharedBuffer code
https://bugs.webkit.org/show_bug.cgi?id=26420
The problem is that the pointer to the memory allocation isn't visible
by "leaks" due to the lower bits being used as flags. The fix is to
make the pointer visible in memory (in debug only). The downside of
this fix that the memory allocated by sharedBuffer will still look like
a leak in non-debug builds when any flags are set.
* wtf/PtrAndFlags.h:
(WTF::PtrAndFlags::set):
2009-06-29 Sam Weinig <sam@webkit.org>
Reviewed by Mark Rowe.
Remove more unused scons support.
* SConstruct: Removed.
2009-06-29 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
<rdar://problem/7016214> JSON.parse fails to parse valid JSON with most Unicode characters
<https://bugs.webkit.org/show_bug.cgi?id=26802>
In the original JSON.parse patch unicode was handled correctly, however in some last
minute "clean up" I oversimplified isSafeStringCharacter. This patch corrects this bug.
* runtime/LiteralParser.cpp:
(JSC::isSafeStringCharacter):
(JSC::LiteralParser::Lexer::lexString):
2009-06-26 Oliver Hunt <oliver@apple.com>
Reviewed by Dan Bernstein.
<rdar://problem/7009684> REGRESSION(r45039): Crashes inside JSEvent::put on PowerPC (26746)
<https://bugs.webkit.org/show_bug.cgi?id=26746>
Fix for r45039 incorrectly uncached a get_by_id by converting it to put_by_id. Clearly this
is less than correct. This patch corrects that error.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::tryCacheGetByID):
2009-06-26 Eric Seidel <eric@webkit.org>
No review, only rolling out r45259.
Roll out r45259 after crash appeared on the bots:
plugins/undefined-property-crash.html
ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize
(leopard-intel-debug-tests/build/JavaScriptCore/runtime/Collector.cpp:278
void* JSC::Heap::heapAllocate(size_t) [with JSC::HeapType heapType = PrimaryHeap])
* runtime/DateInstance.cpp:
* runtime/Identifier.cpp:
* runtime/Lookup.h:
* runtime/RegExpConstructor.cpp:
* runtime/RegExpObject.h:
* runtime/ScopeChain.h:
* runtime/UString.h:
2009-06-26 Jedrzej Nowacki <jedrzej.nowacki@nokia.com>
Reviewed by Simon Hausmann.
Add support for QDataStream operators to Vector.
* wtf/Vector.h:
(WTF::operator<<):
(WTF::operator>>):
2009-06-24 Sam Weinig <sam@webkit.org>
Reviewed by Gavin Barraclough.
Make the opcode sampler work once again.
* jit/JIT.h:
(JSC::JIT::compileGetByIdProto):
(JSC::JIT::compileGetByIdSelfList):
(JSC::JIT::compileGetByIdProtoList):
(JSC::JIT::compileGetByIdChainList):
(JSC::JIT::compileGetByIdChain):
(JSC::JIT::compilePutByIdTransition):
(JSC::JIT::compileCTIMachineTrampolines):
(JSC::JIT::compilePatchGetArrayLength):
* jit/JITStubCall.h:
(JSC::JITStubCall::call):
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
Extend FastAllocBase.h with 'using WTF::FastAllocBase' to avoid
unnecessary WTF:: usings.
Remove existing unnecessary WTF:: usings.
* interpreter/Interpreter.h:
* profiler/CallIdentifier.h:
* runtime/ScopeChain.h:
* wtf/FastAllocBase.h:
2009-06-24 David Levin <levin@chromium.org>
Fix all builds.
* bytecode/CodeBlock.h:
* bytecompiler/BytecodeGenerator.h:
* interpreter/Register.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26677
Inherits CodeBlock class from FastAllocBase because it
has been instantiated by 'new' in JavaScriptCore/bytecode/CodeBlock.h:217.
* bytecode/CodeBlock.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26676
Inherits BytecodeGenerator class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/parser/Nodes.cpp:1892.
* bytecompiler/BytecodeGenerator.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26675
Inherits Register class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/JSVariableObject.h:149.
* interpreter/Register.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=26674
Inherits HashMap class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:458.
* wtf/HashMap.h:
2009-06-24 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
<rdar://problem/6940519> REGRESSION (Safari 4 Public Beta - TOT): google.com/adplanner shows blank page instead of site details in "basic research'
The problem was caused by the page returned with a function using a
var declaration list containing around ~3000 variables. The solution
to this is to flatten the comma expression representation and make
codegen comma expressions and initializer lists iterative rather than
recursive.
* parser/Grammar.y:
* parser/NodeConstructors.h:
(JSC::CommaNode::CommaNode):
* parser/Nodes.cpp:
(JSC::CommaNode::emitBytecode):
* parser/Nodes.h:
(JSC::ExpressionNode::isCommaNode):
(JSC::CommaNode::isCommaNode):
(JSC::CommaNode::append):
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Maciej Stachowiak.
https://bugs.webkit.org/show_bug.cgi?id=26645
Inherits ScopeChainNode class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/ScopeChain.h:95.
* wtf/RefPtr.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=26648
Inherits Deque class from FastAllocBase because it has been
instantiated by 'new' with DEFINE_STATIC_LOCAL macro in
JavaScriptCore/wtf/MainThread.cpp:62.
* wtf/Deque.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=26644
Inherits RefPtr class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/StructureChain.cpp:41.
* wtf/RefPtr.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
Inherits HashSet class from FastAllocBase, because it has been
instantiated by 'new' in JavaScriptCore/runtime/Collector.h:116.
* wtf/HashSet.h:
2009-06-24 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
Inherits Vector class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/Structure.cpp:633.
* wtf/Vector.h:
2009-06-24 Norbert Leser <norbert.leser@nokia.com>
Reviewed by Maciej Stachoviak.
The BytecodeGenerator objects were instantiated on stack, which takes up ~38kB per instance
(each instance includes copy of JSC::CodeBlock with large SymbolTable, etc.).
Specifically, since there is nested invocation (e.g., GlobalCode --> FunctionCode),
the stack overflows immediately on Symbian hardware (max. 80 kB).
Proposed change allocates generator objects on heap.
Performance impact (if any) should be negligible and change is proposed as general fix,
rather than ifdef'd for SYMBIAN.
* parser/Nodes.cpp:
(JSC::ProgramNode::generateBytecode):
(JSC::EvalNode::generateBytecode):
(JSC::EvalNode::bytecodeForExceptionInfoReparse):
(JSC::FunctionBodyNode::generateBytecode):
(JSC::FunctionBodyNode::bytecodeForExceptionInfoReparse):
2009-06-23 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
<rdar://problem/6992806> REGRESSION: Enumeration can skip new properties in cases of prototypes that have more than 64 (26593)
<https://bugs.webkit.org/show_bug.cgi?id=26593>
Do not attempt to cache structure chains if they contain a dictionary at any level.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::tryCachePutByID):
(JSC::Interpreter::tryCacheGetByID):
* jit/JITStubs.cpp:
(JSC::JITThunks::tryCachePutByID):
* runtime/Structure.cpp:
(JSC::Structure::getEnumerablePropertyNames):
(JSC::Structure::addPropertyTransition):
* runtime/StructureChain.cpp:
(JSC::StructureChain::isCacheable):
* runtime/StructureChain.h:
2009-06-23 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=26654
Add the proper export define for the JavaScriptCore API when building for WINCE.
* API/JSBase.h:
2009-06-23 Joe Mason <joe.mason@torchmobile.com>
Reviewed by Adam Treat.
Authors: Yong Li <yong.li@torchmobile.com>, Joe Mason <joe.mason@torchmobile.com>
https://bugs.webkit.org/show_bug.cgi?id=26611
Implement currentThreadStackBase on WINCE by adding a global,
g_stackBase, which must be set to the address of a local variable
by the caller before calling any WebKit function that invokes JSC.
* runtime/Collector.cpp:
(JSC::isPageWritable):
(JSC::getStackBase):
Starts at the top of the stack and returns the entire range of
consecutive writable pages as an estimate of the actual stack.
This will be much bigger than the actual stack range, so some
dead objects can't be collected, but it guarantees live objects
aren't collected prematurely.
(JSC::currentThreadStackBase):
On WinCE, returns g_stackBase if set or call getStackBase as a
fallback if not.
2009-06-23 Oliver Hunt <oliver@apple.com>
Reviewed by Alexey Proskuryakov.
Fix stupid performance problem in the LiteralParser
The LiteralParser was making a new UString in order to use
toDouble, however UString's toDouble allows a much wider range
of numberic strings than the LiteralParser accepts, and requires
an additional heap allocation or two for the construciton of the
UString. To rectify this we just call WTF::dtoa directly using
a stack allocated buffer to hold the validated numeric literal.
* runtime/LiteralParser.cpp:
(JSC::LiteralParser::Lexer::lexNumber):
(JSC::LiteralParser::parse):
* runtime/LiteralParser.h:
2009-06-22 Oliver Hunt <oliver@apple.com>
Reviewed by Alexey Proskuryakov.
Bug 26640: JSON.stringify needs to special case Boolean objects
<https://bugs.webkit.org/show_bug.cgi?id=26640>
Add special case handling of the Boolean object so we match current
ES5 errata.
* runtime/JSONObject.cpp:
(JSC::unwrapBoxedPrimitive): renamed from unwrapNumberOrString
(JSC::gap):
(JSC::Stringifier::appendStringifiedValue):
2009-06-22 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
Bug 26591: Support revivers in JSON.parse
<https://bugs.webkit.org/show_bug.cgi?id=26591>
Add reviver support to JSON.parse. This completes the JSON object.
* runtime/JSONObject.cpp:
(JSC::Walker::Walker):
(JSC::Walker::callReviver):
(JSC::Walker::walk):
(JSC::JSONProtoFuncParse):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler.
Bug 26592: Support standard toJSON functions
<https://bugs.webkit.org/show_bug.cgi?id=26592>
Add support for the standard Date.toJSON function.
* runtime/DatePrototype.cpp:
(JSC::dateProtoFuncToJSON):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by Sam Weinig.
Bug 26594: JSC needs to support Date.toISOString
<https://bugs.webkit.org/show_bug.cgi?id=26594>
Add support for Date.toISOString.
* runtime/DatePrototype.cpp:
(JSC::dateProtoFuncToISOString):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by NOBODY (Build fix).
Remove dead code.
* runtime/LiteralParser.cpp:
(JSC::LiteralParser::parse):
2009-06-21 Oliver Hunt <oliver@apple.com>
Reviewed by Darin Adler and Cameron Zwarich.
Bug 26587: Support JSON.parse
<https://bugs.webkit.org/show_bug.cgi?id=26587>
Extend the LiteralParser to support the full strict JSON
grammar, fix a few places where the grammar was incorrectly
lenient. Doesn't yet support the JSON.parse reviver function
but that does not block the JSON.parse functionality itself.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::callEval):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
* runtime/JSONObject.cpp:
(JSC::JSONProtoFuncParse):
* runtime/LiteralParser.cpp:
(JSC::LiteralParser::Lexer::lex):
(JSC::isSafeStringCharacter):
(JSC::LiteralParser::Lexer::lexString):
(JSC::LiteralParser::parse):
* runtime/LiteralParser.h:
(JSC::LiteralParser::LiteralParser):
(JSC::LiteralParser::tryJSONParse):
(JSC::LiteralParser::):
(JSC::LiteralParser::Lexer::Lexer):
2009-06-21 David Levin <levin@chromium.org>
Reviewed by NOBODY (speculative build fix for windows).
Simply removed some whitespace form this file to make windows build wtf and
hopefully copy the new MessageQueque.h so that WebCore picks it up.
* wtf/Assertions.cpp:
2009-06-21 Drew Wilson <atwilson@google.com>
Reviewed by David Levin.
<https://bugs.webkit.org/show_bug.cgi?id=25043>
Added support for multi-threaded MessagePorts.
* wtf/MessageQueue.h:
(WTF::::appendAndCheckEmpty):
Added API to test whether the queue was empty before adding an element.
2009-06-20 David D. Kilzer <ddkilzer@webkit.org>
Fix namespace comment in SegmentedVector.h
* wtf/SegmentedVector.h: Updated namespace comment to reflect
new namespace after r44897.
2009-06-20 Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
Bug 24986: ARM JIT port
<https://bugs.webkit.org/show_bug.cgi?id=24986>
Reviewed by Oliver Hunt.
An Iterator added for SegmentedVector. Currently
only the pre ++ operator is supported.
* wtf/SegmentedVector.h:
(WTF::SegmentedVectorIterator::~SegmentedVectorIterator):
(WTF::SegmentedVectorIterator::operator*):
(WTF::SegmentedVectorIterator::operator->):
(WTF::SegmentedVectorIterator::operator++):
(WTF::SegmentedVectorIterator::operator==):
(WTF::SegmentedVectorIterator::operator!=):
(WTF::SegmentedVectorIterator::operator=):
(WTF::SegmentedVectorIterator::SegmentedVectorIterator):
(WTF::SegmentedVector::alloc):
(WTF::SegmentedVector::begin):
(WTF::SegmentedVector::end):
2009-06-20 Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
Bug 24986: ARM JIT port
<https://bugs.webkit.org/show_bug.cgi?id=24986>
Reviewed by Oliver Hunt.
Move SegmentedVector to /wtf subdirectory
and change "namespace JSC" to "namespace WTF"
Additional build file updates by David Kilzer.
* GNUmakefile.am: Updated path to SegmentedVector.h.
* JavaScriptCore.order: Updated SegmentedVector namespace from
JSC to WTF in mangled C++ method name.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
Removed reference to bytecompiler\SegmentedVector.h.
* JavaScriptCore.vcproj/WTF/WTF.vcproj: Added reference to
wtf\SegmentedVector.h.
* JavaScriptCore.xcodeproj/project.pbxproj: Moved
SegmentedVector.h definition from bytecompiler subdirectory to
wtf subdirectory.
* bytecompiler/BytecodeGenerator.h: Updated #include path to
SegmentedVector.h and prepended WTF:: namespace to its use.
* parser/Lexer.h: Ditto.
* wtf/SegmentedVector.h: Renamed from JavaScriptCore/bytecompiler/SegmentedVector.h.
(WTF::SegmentedVector::SegmentedVector):
(WTF::SegmentedVector::~SegmentedVector):
(WTF::SegmentedVector::size):
(WTF::SegmentedVector::at):
(WTF::SegmentedVector::operator[]):
(WTF::SegmentedVector::last):
(WTF::SegmentedVector::append):
(WTF::SegmentedVector::removeLast):
(WTF::SegmentedVector::grow):
(WTF::SegmentedVector::clear):
(WTF::SegmentedVector::deleteAllSegments):
(WTF::SegmentedVector::segmentExistsFor):
(WTF::SegmentedVector::segmentFor):
(WTF::SegmentedVector::subscriptFor):
(WTF::SegmentedVector::ensureSegmentsFor):
(WTF::SegmentedVector::ensureSegment):
2009-06-19 Gavin Barraclough <barraclough@apple.com>
Reviewed by NOBODY (build fix take 2 - rename FIELD_OFFSET to something that doesn't conflict with winnt.h).
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
(JSC::JIT::privateCompileCTIMachineTrampolines):
(JSC::JIT::emitGetVariableObjectRegister):
(JSC::JIT::emitPutVariableObjectRegister):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::compileBinaryArithOp):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallInitializeCallFrame):
(JSC::JIT::compileOpCall):
* jit/JITInlineMethods.h:
(JSC::JIT::restoreArgumentReference):
(JSC::JIT::checkStructure):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_get_scoped_var):
(JSC::JIT::emit_op_put_scoped_var):
(JSC::JIT::emit_op_construct_verify):
(JSC::JIT::emit_op_resolve_global):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_to_jsnumber):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emit_op_convert_this):
(JSC::JIT::emit_op_profile_will_call):
(JSC::JIT::emit_op_profile_did_call):
(JSC::JIT::emitSlow_op_get_by_val):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emit_op_method_check):
(JSC::JIT::compileGetByIdHotPath):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::compilePutDirectOffset):
(JSC::JIT::compileGetDirectOffset):
(JSC::JIT::privateCompilePutByIdTransition):
(JSC::JIT::privateCompilePatchGetArrayLength):
* jit/JITStubs.cpp:
(JSC::JITThunks::JITThunks):
2009-06-19 Gavin Barraclough <barraclough@apple.com>
Reviewed by NOBODY (Windows build fix).
* jit/JIT.h:
* jit/JITInlineMethods.h:
2009-06-19 Gabor Loki <loki@inf.u-szeged.hu>
Reviewed by Gavin Barraclough.
Reorganize ARM architecture specific macros.
Use PLATFORM_ARM_ARCH(7) instead of PLATFORM(ARM_V7).
Bug 24986: ARM JIT port
<https://bugs.webkit.org/show_bug.cgi?id=24986>
* assembler/ARMv7Assembler.h:
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::Imm32::Imm32):
* assembler/MacroAssembler.h:
* assembler/MacroAssemblerCodeRef.h:
(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
* jit/ExecutableAllocator.h:
(JSC::ExecutableAllocator::cacheFlush):
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::restoreArgumentReferenceForTrampoline):
* jit/JITStubs.cpp:
* jit/JITStubs.h:
* wtf/Platform.h:
* yarr/RegexJIT.cpp:
(JSC::Yarr::RegexGenerator::generateEnter):
(JSC::Yarr::RegexGenerator::generateReturn):
2009-06-19 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver Hunt.
Fix armv7 JIT build issues.
Unfortunate the arm compiler does not like the use of offsetof on JITStackFrame (since it now contains non POD types),
and the FIELD_OFFSET macro does not appear constantish enough for it to be happy with its use in COMPILE_ASSERT macros.
* Replace offsetofs with FIELD_OFFSETs (safe on C++ objects).
* Move COMPILE_ASSERTs defending layout of JITStackFrame structure on armv7 into JITThunks constructor.
* jit/JIT.cpp:
* jit/JIT.h:
* jit/JITInlineMethods.h:
(JSC::JIT::restoreArgumentReference):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_catch):
* jit/JITStubs.cpp:
(JSC::JITThunks::JITThunks):
2009-06-19 Adam Treat <adam.treat@torchmobile.com>
Blind attempt at build fix.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-06-19 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Oliver Hunt.
Inherits CallIdentifier struct from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/profiler/CallIdentifier.h:86.
* wtf/HashCountedSet.h:
2009-06-19 Adam Treat <adam.treat@torchmobile.com>
Reviewed by Oliver Hunt.
https://bugs.webkit.org/show_bug.cgi?id=26540
Modify the test shell to add a new function 'checkSyntax' that will
only parse the source instead of executing it. In this way we can test
pure parsing performance against some of the larger scripts in the wild.
* jsc.cpp:
(GlobalObject::GlobalObject):
(functionCheckSyntax):
2009-06-19 Zoltan Horvath <hzoltan@inf.u-szeged.hu>
Reviewed by Darin Adler.
Inherits HashCountedSet class from FastAllocBase because it has been
instantiated by 'new' in JavaScriptCore/runtime/Collector.cpp:1095.
* wtf/HashCountedSet.h:
2009-06-19 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=26558
Declare these symbols extern for WINCE as they are provided by libce.
* runtime/DateConstructor.cpp:
* runtime/DatePrototype.cpp:
(JSC::formatLocaleDate):
2009-06-19 Oliver Hunt <oliver@apple.com>
Reviewed by Maciej Stachowiak.
<rdar://problem/6988973> ScopeChain leak in interpreter builds
Move the Scopechain destruction code in JSFunction outside of the ENABLE(JIT)
path.
* runtime/JSFunction.cpp:
(JSC::JSFunction::~JSFunction):
* wtf/Platform.h:
2009-06-19 Yong Li <yong.li@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=26543
Windows CE uses 'GetLastError' instead of 'errno.'
* interpreter/RegisterFile.h:
(JSC::RegisterFile::RegisterFile):
(JSC::RegisterFile::grow):
2009-06-19 David Levin <levin@chromium.org>
Reviewed by NOBODY (Windows build fix).
Add export for Windows corresponding to OSX export done in r44844.
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore_debug.def:
2009-06-18 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin "Viceroy of Venezuela" Barraclough.
Bug 26532: Native functions do not correctly unlink from optimised callsites when they're collected
<https://bugs.webkit.org/show_bug.cgi?id=26532> <rdar://problem/6625385>
We need to make sure that each native function instance correctly unlinks any references to it
when it is collected. Allowing this to happen required a few changes:
* Every native function needs a codeblock to track the link information
* To have this codeblock, every function now also needs its own functionbodynode
so we no longer get to have a single shared instance.
* Identifying a host function is now done by looking for CodeBlock::codeType() == NativeCode
* JavaScriptCore.exp:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
Constructor for NativeCode CodeBlock
(JSC::CodeBlock::derefStructures):
(JSC::CodeBlock::refStructures):
(JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
(JSC::CodeBlock::handlerForBytecodeOffset):
(JSC::CodeBlock::lineNumberForBytecodeOffset):
(JSC::CodeBlock::expressionRangeForBytecodeOffset):
(JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
(JSC::CodeBlock::functionRegisterForBytecodeOffset):
(JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
(JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
(JSC::CodeBlock::setJITCode):
Add assertions to ensure we don't try and use NativeCode CodeBlocks as
a normal codeblock.
* bytecode/CodeBlock.h:
(JSC::):
(JSC::CodeBlock::source):
(JSC::CodeBlock::sourceOffset):
(JSC::CodeBlock::evalCodeCache):
(JSC::CodeBlock::createRareDataIfNecessary):
More assertions.
* jit/JIT.cpp:
(JSC::JIT::privateCompileCTIMachineTrampolines):
(JSC::JIT::linkCall):
Update logic to allow native function caching
* jit/JITStubs.cpp:
* parser/Nodes.cpp:
(JSC::FunctionBodyNode::createNativeThunk):
(JSC::FunctionBodyNode::isHostFunction):
* parser/Nodes.h:
* runtime/JSFunction.cpp:
(JSC::JSFunction::JSFunction):
(JSC::JSFunction::~JSFunction):
(JSC::JSFunction::mark):
* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::~JSGlobalData):
* runtime/JSGlobalData.h:
2009-06-18 Gavin Barraclough <barraclough@apple.com>
Reviewed by NOBODY (Windows build fix).
* wtf/DateMath.cpp:
(WTF::calculateUTCOffset):
2009-06-18 Gavin Barraclough <barraclough@apple.com>
Reviewed by Geoff Garen.
Timezone calculation incorrect in Venezuela.
https://bugs.webkit.org/show_bug.cgi?id=26531
<rdar://problem/6646169> Time is incorrectly reported to JavaScript in both Safari 3 and Firefox 3
The problem is that we're calculating the timezone relative to 01/01/2000,
but the VET timezone changed from -4 hours to -4:30 hours on 12/09/2007.
According to the spec, section 15.9.1.9 states "the time since the beginning
of the year", presumably meaning the *current* year. Change the calculation
to be based on whatever the current year is, rather than a canned date.
No performance impact.
* wtf/DateMath.cpp:
(WTF::calculateUTCOffset):
2009-06-18 Gavin Barraclough <barraclough@apple.com>
Rubber Stamped by Mark Rowe (originally reviewed by Sam Weinig).
(Reintroducing patch added in r44492, and reverted in r44796.)
Change the implementation of op_throw so the stub function always modifies its
return address - if it doesn't find a 'catch' it will switch to a trampoline
to force a return from JIT execution. This saves memory, by avoiding the need
for a unique return for every op_throw.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):
JITStubs::cti_op_throw now always changes its return address,
remove return code generated after the stub call (this is now
handled by ctiOpThrowNotCaught).
* jit/JITStubs.cpp:
(JSC::):
Add ctiOpThrowNotCaught definitions.
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
Change cti_op_throw to always change its return address.
* jit/JITStubs.h:
Add ctiOpThrowNotCaught declaration.
2009-06-18 Kevin McCullough <kmccullough@apple.com>
Reviewed by Oliver Hunt.
<rdar://problem/6940880> REGRESSION: Breakpoints don't break in 64-bit
- Exposed functions now needed by WebCore.
* JavaScriptCore.exp:
2009-06-17 Darin Adler <darin@apple.com>
Reviewed by Oliver Hunt.
Bug 26429: Make JSON.stringify non-recursive so it can handle objects
of arbitrary complexity
https://bugs.webkit.org/show_bug.cgi?id=26429
For marking I decided not to use gcProtect, because this is inside the engine
so it's easy enough to just do marking. And that darned gcProtect does locking!
Oliver tried to convince me to used MarkedArgumentBuffer, but the constructor
for that class says "FIXME: Remove all clients of this API, then remove this API."
* runtime/Collector.cpp:
(JSC::Heap::collect): Add a call to JSONObject::markStringifiers.
* runtime/CommonIdentifiers.cpp:
(JSC::CommonIdentifiers::CommonIdentifiers): Added emptyIdentifier.
* runtime/CommonIdentifiers.h: Ditto.
* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::JSGlobalData): Initialize firstStringifierToMark to 0.
* runtime/JSGlobalData.h: Added firstStringifierToMark.
* runtime/JSONObject.cpp: Cut down the includes to the needed ones only.
(JSC::unwrapNumberOrString): Added. Helper for unwrapping number and string
objects to get their number and string values.
(JSC::ReplacerPropertyName::ReplacerPropertyName): Added. The class is used
to wrap an identifier or integer so we don't have to do any work unless we
actually call a replacer.
(JSC::ReplacerPropertyName::value): Added.
(JSC::gap): Added. Helper function for the Stringifier constructor.
(JSC::PropertyNameForFunctionCall::PropertyNameForFunctionCall): Added.
The class is used to wrap an identifier or integer so we don't have to
allocate a number or string until we actually call toJSON or a replacer.
(JSC::PropertyNameForFunctionCall::asJSValue): Added.
(JSC::Stringifier::Stringifier): Updated and moved out of the class
definition. Added code to hook this into a singly linked list for marking.
(JSC::Stringifier::~Stringifier): Remove from the singly linked list.
(JSC::Stringifier::mark): Mark all the objects in the holder stacks.
(JSC::Stringifier::stringify): Updated.
(JSC::Stringifier::appendQuotedString): Tweaked and streamlined a bit.
(JSC::Stringifier::toJSON): Renamed from toJSONValue.
(JSC::Stringifier::appendStringifiedValue): Renamed from stringify.
Added code to use the m_holderStack to do non-recursive stringify of
objects and arrays. This code also uses the timeout checker since in
pathological cases it could be slow even without calling into the
JavaScript virtual machine.
(JSC::Stringifier::willIndent): Added.
(JSC::Stringifier::indent): Added.
(JSC::Stringifier::unindent): Added.
(JSC::Stringifier::startNewLine): Added.
(JSC::Stringifier::Holder::Holder): Added.
(JSC::Stringifier::Holder::appendNextProperty): Added. This is the
function that handles the format of arrays and objects.
(JSC::JSONObject::getOwnPropertySlot): Moved this down to the bottom
of the file so the JSONObject class is not interleaved with the
Stringifier class.
(JSC::JSONObject::markStringifiers): Added. Calls mark.
(JSC::JSONProtoFuncStringify): Streamlined the code here. The code
to compute the gap string is now a separate function.
* runtime/JSONObject.h: Made everything private. Added markStringifiers.
2009-06-17 Oliver Hunt <oliver@apple.com>
Reviewed by Gavin Barraclough.
<rdar://problem/6974140> REGRESSION(r43849): Crash in cti_op_call_NotJSFunction when getting directions on maps.google.com
Roll out r43849 as it appears that we cannot rely on the address of
an objects property storage being constant even if the structure is
unchanged.
* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::compileGetDirectOffset):
(JSC::JIT::privateCompileGetByIdProto):
(JSC::JIT::privateCompileGetByIdProtoList):
(JSC::JIT::privateCompileGetByIdChainList):
(JSC::JIT::privateCompileGetByIdChain):
2009-06-17 Gavin Barraclough <barraclough@apple.com>
Rubber Stamped by Mark Rowe.
Fully revert r44492 & r44748 while we fix a bug they cause on internal builds <rdar://problem/6955963>.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):
* jit/JITStubs.cpp:
(JSC::):
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
* jit/JITStubs.h:
2009-06-17 Gavin Barraclough <barraclough@apple.com>
Reviewed by Mark Rowe.
<rdar://problem/6947426> sunspider math-cordic.js exhibits different intermediate results running 32-bit vs. 64-bit
On 64-bit, NaN-encoded values must be detagged before they can be used in rshift.
No performance impact.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_rshift):
2009-06-17 Adam Treat <adam.treat@torchmobile.com>
Reviewed by George Staikos.
https://bugs.webkit.org/show_bug.cgi?id=23155
Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.
* jsc.cpp:
(main):
2009-06-17 George Staikos <george.staikos@torchmobile.com>
Reviewed by Adam Treat.
https://bugs.webkit.org/show_bug.cgi?id=23155
Move WIN_CE -> WINCE as previously discussed with Qt WINCE folks.
* config.h:
* jsc.cpp:
* wtf/Assertions.cpp:
* wtf/Assertions.h:
* wtf/CurrentTime.cpp:
(WTF::lowResUTCTime):
* wtf/DateMath.cpp:
(WTF::getLocalTime):
* wtf/MathExtras.h:
* wtf/Platform.h:
* wtf/StringExtras.h:
* wtf/Threading.h:
* wtf/win/MainThreadWin.cpp:
2009-06-17 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver Hunt.
<rdar://problem/6974175> ASSERT in JITStubs.cpp at appsaccess.apple.com
Remove PropertySlot::putValue - PropertySlots should only be used for getting,
not putting. Rename JSGlobalObject::getOwnPropertySlot to hasOwnPropertyForWrite,
which is what it really was being used to ask, and remove some other getOwnPropertySlot
& getOwnPropertySlotForWrite methods, which were unused and likely to lead to confusion.
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::hasOwnPropertyForWrite):
* runtime/JSObject.h:
* runtime/JSStaticScopeObject.cpp:
* runtime/JSStaticScopeObject.h:
* runtime/PropertySlot.h:
2009-06-16 Gavin Barraclough <barraclough@apple.com>
Reviewed by Oliver hunt.
Temporarily partially disable r44492, since this is causing some problems on internal builds.
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_throw):
* jit/JITStubs.cpp:
(JSC::JITStubs::DEFINE_STUB_FUNCTION):
2009-06-16 Sam Weinig <sam@webkit.org>
Fix windows build.
* jit/JIT.cpp:
(JSC::JIT::JIT):
2009-06-16 Sam Weinig <sam@webkit.org>
Reviewed by Oliver Hunt.
Initialize m_bytecodeIndex to -1 in JIT, and correctly initialize
it for each type of stub using the return address to find the correct
offset.
* jit/JIT.cpp:
(JSC::JIT::JIT):
* jit/JIT.h:
(JSC::JIT::compileGetByIdProto):
(JSC::JIT::compileGetByIdSelfList):
(JSC::JIT::compileGetByIdProtoList):
(JSC::JIT::compileGetByIdChainList):
(JSC::JIT::compileGetByIdChain):
(JSC::JIT::compilePutByIdTransition):
(JSC::JIT::compileCTIMachineTrampolines):
(JSC::JIT::compilePatchGetArrayLength):
* jit/JITStubCall.h:
(JSC::JITStubCall::call):
== Rolled over to ChangeLog-2009-06-16 ==