714535b3fd2d2ca68753afb6ceaf2d19656e984c
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
2
3         Reviewed by Oliver Hunt.
4
5         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
6         bot; loading trac pages; typing in search field
7         https://bugs.webkit.org/show_bug.cgi?id=53519
8         
9         The crashes were all caused by failure to run an object's destructor.
10
11         * runtime/CollectorHeapIterator.h:
12         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
13         construction. The iterator class used to do that when it was designed
14         for prior-to-beginning initialization. I forgot to remove this line
15         of code when I changed the iterator to normal initialization.
16         
17         Skipping forward upon construction was causing the heap to skip running
18         the destructor for the very first object in a block when destroying the
19         block. This usually did not crash, since block destruction is rare and
20         most objects have pretty trivial destructors. However, in the rare case
21         when the heap would destroy a block whose first object was a global
22         object or a DOM node, BOOM.
23
24 2011-01-31  Oliver Hunt  <oliver@apple.com>
25
26         Reviewed by Geoffrey Garen.
27
28         Update JSObject storage for new marking API
29         https://bugs.webkit.org/show_bug.cgi?id=53467
30
31         JSObject no longer uses EncodedJSValue for its property storage.
32         This produces a stream of mechanical changes to PropertySlot and
33         anonymous storage APIs.
34
35         * JavaScriptCore.exp:
36         * runtime/ArrayPrototype.cpp:
37         (JSC::ArrayPrototype::ArrayPrototype):
38         * runtime/BooleanConstructor.cpp:
39         (JSC::constructBoolean):
40         (JSC::constructBooleanFromImmediateBoolean):
41         * runtime/BooleanObject.cpp:
42         (JSC::BooleanObject::BooleanObject):
43         * runtime/BooleanObject.h:
44         * runtime/BooleanPrototype.cpp:
45         (JSC::BooleanPrototype::BooleanPrototype):
46         * runtime/DateInstance.cpp:
47         (JSC::DateInstance::DateInstance):
48         * runtime/DatePrototype.cpp:
49         (JSC::DatePrototype::DatePrototype):
50         * runtime/JSActivation.cpp:
51         (JSC::JSActivation::getOwnPropertySlot):
52         * runtime/JSArray.cpp:
53         (JSC::JSArray::getOwnPropertySlot):
54         * runtime/JSFunction.cpp:
55         (JSC::JSFunction::getOwnPropertySlot):
56         * runtime/JSGlobalObject.h:
57         (JSC::JSGlobalObject::JSGlobalObject):
58         * runtime/JSObject.cpp:
59         (JSC::JSObject::fillGetterPropertySlot):
60         * runtime/JSObject.h:
61         (JSC::JSObject::getDirectLocation):
62         (JSC::JSObject::offsetForLocation):
63         (JSC::JSObject::putAnonymousValue):
64         (JSC::JSObject::clearAnonymousValue):
65         (JSC::JSObject::getAnonymousValue):
66         (JSC::JSObject::putThisToAnonymousValue):
67         (JSC::JSObject::locationForOffset):
68         (JSC::JSObject::inlineGetOwnPropertySlot):
69         * runtime/JSObjectWithGlobalObject.cpp:
70         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
71         * runtime/JSWrapperObject.h:
72         (JSC::JSWrapperObject::JSWrapperObject):
73         (JSC::JSWrapperObject::setInternalValue):
74         * runtime/Lookup.cpp:
75         (JSC::setUpStaticFunctionSlot):
76         * runtime/NumberConstructor.cpp:
77         (JSC::constructWithNumberConstructor):
78         * runtime/NumberObject.cpp:
79         (JSC::NumberObject::NumberObject):
80         (JSC::constructNumber):
81         * runtime/NumberObject.h:
82         * runtime/NumberPrototype.cpp:
83         (JSC::NumberPrototype::NumberPrototype):
84         * runtime/PropertySlot.h:
85         (JSC::PropertySlot::getValue):
86         (JSC::PropertySlot::setValue):
87         (JSC::PropertySlot::setRegisterSlot):
88         * runtime/StringObject.cpp:
89         (JSC::StringObject::StringObject):
90         * runtime/StringPrototype.cpp:
91         (JSC::StringPrototype::StringPrototype):
92         * runtime/WriteBarrier.h:
93         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
94
95 2011-02-01  Daniel Bates  <dbates@rim.com>
96
97         Reviewed by Antonio Gomes.
98
99         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
100         https://bugs.webkit.org/show_bug.cgi?id=53506
101
102         Currently, use of the Mersenne Twister pseudorandom number generator
103         is hardcoded to the Windows CE port. With the passing of bug #53253,
104         we can generalize support for this PRNG to all ports that use srand(3)
105         and rand(3), including Windows CE.
106
107         * wtf/RandomNumberSeed.h:
108         (WTF::initializeRandomNumberGenerator):
109
110 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
111
112         Reviewed by Gavin Barraclough.
113
114         MacroAssemblerARM would generate code that did 32bit loads
115         on addresses that were not aligned. More specifically it would
116         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
117         The intended instruction really is ldrb r8,[r1, #7]; ensure we
118         call load8 instead of load32.
119
120         https://bugs.webkit.org/show_bug.cgi?id=46095
121
122         * assembler/MacroAssemblerARM.h:
123         (JSC::MacroAssemblerARM::set32Test32):
124         (JSC::MacroAssemblerARM::set32Test8):
125
126 2011-02-01  Darin Fisher  <darin@chromium.org>
127
128         Reviewed by Eric Seidel.
129
130         Fix some Visual Studio compiler warnings.
131         https://bugs.webkit.org/show_bug.cgi?id=53476
132
133         * wtf/MathExtras.h:
134         (clampToInteger):
135         (clampToPositiveInteger):
136         * wtf/ThreadingWin.cpp:
137         (WTF::absoluteTimeToWaitTimeoutInterval):
138
139 2011-01-31  Oliver Hunt  <oliver@apple.com>
140
141         Reviewed by Sam Weinig.
142
143         Bogus callframe during stack unwinding
144         https://bugs.webkit.org/show_bug.cgi?id=53454
145
146         Trying to access a callframe's globalData after destroying its
147         ScopeChain is not a good thing.  While we could access the
148         globalData directly through the (known valid) scopechain we're
149         holding on to, it feels fragile.  Instead we push the valid
150         ScopeChain onto the callframe again to ensure that the callframe
151         itself remains valid.
152
153         * interpreter/Interpreter.cpp:
154         (JSC::Interpreter::unwindCallFrame):
155
156 2011-01-31  Michael Saboff  <msaboff@apple.com>
157
158         Reviewed by Geoffrey Garen.
159
160         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
161         https://bugs.webkit.org/show_bug.cgi?id=53271
162
163         Reapplying this change again.
164         Changed isValid() to use .get() as a result of change r77151.
165
166         Added new isValid() methods to check if a contained object in
167         a WeakGCMap is valid when using an unchecked iterator.
168
169         * runtime/WeakGCMap.h:
170         (JSC::WeakGCMap::isValid):
171
172 2011-01-31  Oliver Hunt  <oliver@apple.com>
173
174         Convert markstack to a slot visitor API
175         https://bugs.webkit.org/show_bug.cgi?id=53219
176
177         rolling r77098, r77099, r77100, r77109, and
178         r77111 back in, along with a few more Qt fix attempts.
179
180         * API/JSCallbackObject.h:
181         (JSC::JSCallbackObjectData::setPrivateProperty):
182         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
183         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
184         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
185         (JSC::JSCallbackObject::setPrivateProperty):
186         * API/JSCallbackObjectFunctions.h:
187         (JSC::::put):
188         (JSC::::staticFunctionGetter):
189         * API/JSObjectRef.cpp:
190         (JSObjectMakeConstructor):
191         (JSObjectSetPrivateProperty):
192         * API/JSWeakObjectMapRefInternal.h:
193         * JavaScriptCore.exp:
194         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
195         * JavaScriptCore.xcodeproj/project.pbxproj:
196         * bytecode/CodeBlock.cpp:
197         (JSC::CodeBlock::markAggregate):
198         * bytecode/CodeBlock.h:
199         (JSC::CodeBlock::globalObject):
200         * bytecompiler/BytecodeGenerator.cpp:
201         (JSC::BytecodeGenerator::BytecodeGenerator):
202         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
203         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
204         (JSC::BytecodeGenerator::findScopedProperty):
205         * debugger/Debugger.cpp:
206         (JSC::evaluateInGlobalCallFrame):
207         * debugger/DebuggerActivation.cpp:
208         (JSC::DebuggerActivation::DebuggerActivation):
209         (JSC::DebuggerActivation::markChildren):
210         * debugger/DebuggerActivation.h:
211         * debugger/DebuggerCallFrame.cpp:
212         (JSC::DebuggerCallFrame::evaluate):
213         * interpreter/CallFrame.h:
214         (JSC::ExecState::exception):
215         * interpreter/Interpreter.cpp:
216         (JSC::Interpreter::resolve):
217         (JSC::Interpreter::resolveSkip):
218         (JSC::Interpreter::resolveGlobal):
219         (JSC::Interpreter::resolveGlobalDynamic):
220         (JSC::Interpreter::resolveBaseAndProperty):
221         (JSC::Interpreter::unwindCallFrame):
222         (JSC::appendSourceToError):
223         (JSC::Interpreter::execute):
224         (JSC::Interpreter::tryCacheGetByID):
225         (JSC::Interpreter::privateExecute):
226         * jit/JITStubs.cpp:
227         (JSC::JITThunks::tryCacheGetByID):
228         (JSC::DEFINE_STUB_FUNCTION):
229         * jsc.cpp:
230         (GlobalObject::GlobalObject):
231         * runtime/ArgList.cpp:
232         (JSC::MarkedArgumentBuffer::markLists):
233         * runtime/Arguments.cpp:
234         (JSC::Arguments::markChildren):
235         (JSC::Arguments::getOwnPropertySlot):
236         (JSC::Arguments::getOwnPropertyDescriptor):
237         (JSC::Arguments::put):
238         * runtime/Arguments.h:
239         (JSC::Arguments::setActivation):
240         (JSC::Arguments::Arguments):
241         * runtime/ArrayConstructor.cpp:
242         (JSC::ArrayConstructor::ArrayConstructor):
243         (JSC::constructArrayWithSizeQuirk):
244         * runtime/ArrayPrototype.cpp:
245         (JSC::arrayProtoFuncSplice):
246         * runtime/BatchedTransitionOptimizer.h:
247         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
248         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
249         * runtime/BooleanConstructor.cpp:
250         (JSC::BooleanConstructor::BooleanConstructor):
251         (JSC::constructBoolean):
252         (JSC::constructBooleanFromImmediateBoolean):
253         * runtime/BooleanPrototype.cpp:
254         (JSC::BooleanPrototype::BooleanPrototype):
255         * runtime/ConservativeSet.cpp:
256         (JSC::ConservativeSet::grow):
257         * runtime/ConservativeSet.h:
258         (JSC::ConservativeSet::~ConservativeSet):
259         (JSC::ConservativeSet::mark):
260         * runtime/DateConstructor.cpp:
261         (JSC::DateConstructor::DateConstructor):
262         * runtime/DateInstance.cpp:
263         (JSC::DateInstance::DateInstance):
264         * runtime/DatePrototype.cpp:
265         (JSC::dateProtoFuncSetTime):
266         (JSC::setNewValueFromTimeArgs):
267         (JSC::setNewValueFromDateArgs):
268         (JSC::dateProtoFuncSetYear):
269         * runtime/ErrorConstructor.cpp:
270         (JSC::ErrorConstructor::ErrorConstructor):
271         * runtime/ErrorInstance.cpp:
272         (JSC::ErrorInstance::ErrorInstance):
273         * runtime/ErrorPrototype.cpp:
274         (JSC::ErrorPrototype::ErrorPrototype):
275         * runtime/FunctionConstructor.cpp:
276         (JSC::FunctionConstructor::FunctionConstructor):
277         * runtime/FunctionPrototype.cpp:
278         (JSC::FunctionPrototype::FunctionPrototype):
279         * runtime/GetterSetter.cpp:
280         (JSC::GetterSetter::markChildren):
281         * runtime/GetterSetter.h:
282         (JSC::GetterSetter::GetterSetter):
283         (JSC::GetterSetter::getter):
284         (JSC::GetterSetter::setGetter):
285         (JSC::GetterSetter::setter):
286         (JSC::GetterSetter::setSetter):
287         * runtime/GlobalEvalFunction.cpp:
288         (JSC::GlobalEvalFunction::GlobalEvalFunction):
289         (JSC::GlobalEvalFunction::markChildren):
290         * runtime/GlobalEvalFunction.h:
291         (JSC::GlobalEvalFunction::cachedGlobalObject):
292         * runtime/Heap.cpp:
293         (JSC::Heap::markProtectedObjects):
294         (JSC::Heap::markTempSortVectors):
295         (JSC::Heap::markRoots):
296         * runtime/InternalFunction.cpp:
297         (JSC::InternalFunction::InternalFunction):
298         * runtime/JSAPIValueWrapper.h:
299         (JSC::JSAPIValueWrapper::value):
300         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
301         * runtime/JSActivation.cpp:
302         (JSC::JSActivation::markChildren):
303         (JSC::JSActivation::put):
304         * runtime/JSArray.cpp:
305         (JSC::JSArray::JSArray):
306         (JSC::JSArray::getOwnPropertySlot):
307         (JSC::JSArray::getOwnPropertyDescriptor):
308         (JSC::JSArray::put):
309         (JSC::JSArray::putSlowCase):
310         (JSC::JSArray::deleteProperty):
311         (JSC::JSArray::increaseVectorLength):
312         (JSC::JSArray::setLength):
313         (JSC::JSArray::pop):
314         (JSC::JSArray::push):
315         (JSC::JSArray::unshiftCount):
316         (JSC::JSArray::sort):
317         (JSC::JSArray::fillArgList):
318         (JSC::JSArray::copyToRegisters):
319         (JSC::JSArray::compactForSorting):
320         * runtime/JSArray.h:
321         (JSC::JSArray::getIndex):
322         (JSC::JSArray::setIndex):
323         (JSC::JSArray::uncheckedSetIndex):
324         (JSC::JSArray::markChildrenDirect):
325         * runtime/JSByteArray.cpp:
326         (JSC::JSByteArray::JSByteArray):
327         * runtime/JSCell.h:
328         (JSC::JSCell::MarkStack::append):
329         (JSC::JSCell::MarkStack::internalAppend):
330         (JSC::JSCell::MarkStack::deprecatedAppend):
331         * runtime/JSFunction.cpp:
332         (JSC::JSFunction::JSFunction):
333         (JSC::JSFunction::getOwnPropertySlot):
334         * runtime/JSGlobalData.h:
335         * runtime/JSGlobalObject.cpp:
336         (JSC::markIfNeeded):
337         (JSC::JSGlobalObject::reset):
338         (JSC::JSGlobalObject::resetPrototype):
339         (JSC::JSGlobalObject::markChildren):
340         * runtime/JSGlobalObject.h:
341         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
342         (JSC::JSGlobalObject::regExpConstructor):
343         (JSC::JSGlobalObject::errorConstructor):
344         (JSC::JSGlobalObject::evalErrorConstructor):
345         (JSC::JSGlobalObject::rangeErrorConstructor):
346         (JSC::JSGlobalObject::referenceErrorConstructor):
347         (JSC::JSGlobalObject::syntaxErrorConstructor):
348         (JSC::JSGlobalObject::typeErrorConstructor):
349         (JSC::JSGlobalObject::URIErrorConstructor):
350         (JSC::JSGlobalObject::evalFunction):
351         (JSC::JSGlobalObject::objectPrototype):
352         (JSC::JSGlobalObject::functionPrototype):
353         (JSC::JSGlobalObject::arrayPrototype):
354         (JSC::JSGlobalObject::booleanPrototype):
355         (JSC::JSGlobalObject::stringPrototype):
356         (JSC::JSGlobalObject::numberPrototype):
357         (JSC::JSGlobalObject::datePrototype):
358         (JSC::JSGlobalObject::regExpPrototype):
359         (JSC::JSGlobalObject::methodCallDummy):
360         (JSC::Structure::prototypeForLookup):
361         (JSC::constructArray):
362         * runtime/JSONObject.cpp:
363         (JSC::Stringifier::Holder::object):
364         (JSC::Stringifier::Holder::objectSlot):
365         (JSC::Stringifier::markAggregate):
366         (JSC::Stringifier::stringify):
367         (JSC::Stringifier::Holder::appendNextProperty):
368         (JSC::Walker::callReviver):
369         (JSC::Walker::walk):
370         * runtime/JSObject.cpp:
371         (JSC::JSObject::defineGetter):
372         (JSC::JSObject::defineSetter):
373         (JSC::JSObject::removeDirect):
374         (JSC::JSObject::putDirectFunction):
375         (JSC::JSObject::putDirectFunctionWithoutTransition):
376         (JSC::putDescriptor):
377         (JSC::JSObject::defineOwnProperty):
378         * runtime/JSObject.h:
379         (JSC::JSObject::getDirectOffset):
380         (JSC::JSObject::putDirectOffset):
381         (JSC::JSObject::putUndefinedAtDirectOffset):
382         (JSC::JSObject::flattenDictionaryObject):
383         (JSC::JSObject::putDirectInternal):
384         (JSC::JSObject::putDirect):
385         (JSC::JSObject::putDirectFunction):
386         (JSC::JSObject::putDirectWithoutTransition):
387         (JSC::JSObject::putDirectFunctionWithoutTransition):
388         (JSC::JSValue::putDirect):
389         (JSC::JSObject::allocatePropertyStorageInline):
390         (JSC::JSObject::markChildrenDirect):
391         * runtime/JSPropertyNameIterator.cpp:
392         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
393         (JSC::JSPropertyNameIterator::get):
394         * runtime/JSPropertyNameIterator.h:
395         * runtime/JSStaticScopeObject.cpp:
396         (JSC::JSStaticScopeObject::markChildren):
397         * runtime/JSString.cpp:
398         (JSC::StringObject::create):
399         * runtime/JSValue.h:
400         * runtime/JSWrapperObject.cpp:
401         (JSC::JSWrapperObject::markChildren):
402         * runtime/JSWrapperObject.h:
403         (JSC::JSWrapperObject::internalValue):
404         (JSC::JSWrapperObject::setInternalValue):
405         * runtime/LiteralParser.cpp:
406         (JSC::LiteralParser::parse):
407         * runtime/Lookup.cpp:
408         (JSC::setUpStaticFunctionSlot):
409         * runtime/Lookup.h:
410         (JSC::lookupPut):
411         * runtime/MarkStack.h:
412         (JSC::MarkStack::MarkStack):
413         (JSC::MarkStack::deprecatedAppendValues):
414         (JSC::MarkStack::appendValues):
415         * runtime/MathObject.cpp:
416         (JSC::MathObject::MathObject):
417         * runtime/NativeErrorConstructor.cpp:
418         (JSC::NativeErrorConstructor::NativeErrorConstructor):
419         * runtime/NativeErrorPrototype.cpp:
420         (JSC::NativeErrorPrototype::NativeErrorPrototype):
421         * runtime/NumberConstructor.cpp:
422         (JSC::NumberConstructor::NumberConstructor):
423         (JSC::constructWithNumberConstructor):
424         * runtime/NumberObject.cpp:
425         (JSC::constructNumber):
426         * runtime/NumberPrototype.cpp:
427         (JSC::NumberPrototype::NumberPrototype):
428         * runtime/ObjectConstructor.cpp:
429         (JSC::ObjectConstructor::ObjectConstructor):
430         (JSC::objectConstructorGetOwnPropertyDescriptor):
431         * runtime/Operations.h:
432         (JSC::normalizePrototypeChain):
433         (JSC::resolveBase):
434         * runtime/PrototypeFunction.cpp:
435         (JSC::PrototypeFunction::PrototypeFunction):
436         * runtime/PutPropertySlot.h:
437         (JSC::PutPropertySlot::setExistingProperty):
438         (JSC::PutPropertySlot::setNewProperty):
439         (JSC::PutPropertySlot::base):
440         * runtime/RegExpConstructor.cpp:
441         (JSC::RegExpConstructor::RegExpConstructor):
442         * runtime/ScopeChain.cpp:
443         (JSC::ScopeChainNode::print):
444         * runtime/ScopeChain.h:
445         (JSC::ScopeChainNode::~ScopeChainNode):
446         (JSC::ScopeChainIterator::operator*):
447         (JSC::ScopeChainIterator::operator->):
448         (JSC::ScopeChain::top):
449         * runtime/ScopeChainMark.h:
450         (JSC::ScopeChain::markAggregate):
451         * runtime/SmallStrings.cpp:
452         (JSC::isMarked):
453         (JSC::SmallStrings::markChildren):
454         * runtime/SmallStrings.h:
455         (JSC::SmallStrings::emptyString):
456         (JSC::SmallStrings::singleCharacterString):
457         (JSC::SmallStrings::singleCharacterStrings):
458         * runtime/StringConstructor.cpp:
459         (JSC::StringConstructor::StringConstructor):
460         * runtime/StringObject.cpp:
461         (JSC::StringObject::StringObject):
462         * runtime/StringObject.h:
463         * runtime/StringPrototype.cpp:
464         (JSC::StringPrototype::StringPrototype):
465         * runtime/Structure.cpp:
466         (JSC::Structure::Structure):
467         (JSC::Structure::addPropertyTransition):
468         (JSC::Structure::toDictionaryTransition):
469         (JSC::Structure::flattenDictionaryStructure):
470         * runtime/Structure.h:
471         (JSC::Structure::storedPrototype):
472         (JSC::Structure::storedPrototypeSlot):
473         * runtime/WeakGCMap.h:
474         (JSC::WeakGCMap::uncheckedGet):
475         (JSC::WeakGCMap::uncheckedGetSlot):
476         (JSC::::get):
477         (JSC::::take):
478         (JSC::::set):
479         (JSC::::uncheckedRemove):
480         * runtime/WriteBarrier.h: Added.
481         (JSC::DeprecatedPtr::DeprecatedPtr):
482         (JSC::DeprecatedPtr::get):
483         (JSC::DeprecatedPtr::operator*):
484         (JSC::DeprecatedPtr::operator->):
485         (JSC::DeprecatedPtr::slot):
486         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
487         (JSC::DeprecatedPtr::operator!):
488         (JSC::WriteBarrierBase::set):
489         (JSC::WriteBarrierBase::get):
490         (JSC::WriteBarrierBase::operator*):
491         (JSC::WriteBarrierBase::operator->):
492         (JSC::WriteBarrierBase::clear):
493         (JSC::WriteBarrierBase::slot):
494         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
495         (JSC::WriteBarrierBase::operator!):
496         (JSC::WriteBarrier::WriteBarrier):
497         (JSC::operator==):
498
499 2011-01-31  Dan Winship  <danw@gnome.org>
500
501         Reviewed by Gustavo Noronha Silva.
502
503         wss (websockets ssl) support for gtk via new gio TLS support
504         https://bugs.webkit.org/show_bug.cgi?id=50344
505
506         Add a GPollableOutputStream typedef for TLS WebSockets support
507
508         * wtf/gobject/GTypedefs.h:
509
510 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
511
512         Reviewed by Geoff Garen.
513
514         https://bugs.webkit.org/show_bug.cgi?id=53352
515         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
516
517         The FixedVMPoolAllocator currently uses a best fix policy -
518         switch to first fit, this is less prone to external fragmentation.
519
520         * jit/ExecutableAllocatorFixedVMPool.cpp:
521         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
522         (JSC::AllocationTableSizeClass::blockSize):
523         (JSC::AllocationTableSizeClass::blockCount):
524         (JSC::AllocationTableSizeClass::blockAlignment):
525         (JSC::AllocationTableSizeClass::size):
526         (JSC::AllocationTableLeaf::AllocationTableLeaf):
527         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
528         (JSC::AllocationTableLeaf::allocate):
529         (JSC::AllocationTableLeaf::free):
530         (JSC::AllocationTableLeaf::isEmpty):
531         (JSC::AllocationTableLeaf::isFull):
532         (JSC::AllocationTableLeaf::size):
533         (JSC::AllocationTableLeaf::classForSize):
534         (JSC::AllocationTableLeaf::dump):
535         (JSC::LazyAllocationTable::LazyAllocationTable):
536         (JSC::LazyAllocationTable::~LazyAllocationTable):
537         (JSC::LazyAllocationTable::allocate):
538         (JSC::LazyAllocationTable::free):
539         (JSC::LazyAllocationTable::isEmpty):
540         (JSC::LazyAllocationTable::isFull):
541         (JSC::LazyAllocationTable::size):
542         (JSC::LazyAllocationTable::dump):
543         (JSC::LazyAllocationTable::classForSize):
544         (JSC::AllocationTableDirectory::AllocationTableDirectory):
545         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
546         (JSC::AllocationTableDirectory::allocate):
547         (JSC::AllocationTableDirectory::free):
548         (JSC::AllocationTableDirectory::isEmpty):
549         (JSC::AllocationTableDirectory::isFull):
550         (JSC::AllocationTableDirectory::size):
551         (JSC::AllocationTableDirectory::classForSize):
552         (JSC::AllocationTableDirectory::dump):
553         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
554         (JSC::FixedVMPoolAllocator::alloc):
555         (JSC::FixedVMPoolAllocator::free):
556         (JSC::FixedVMPoolAllocator::allocated):
557         (JSC::FixedVMPoolAllocator::isValid):
558         (JSC::FixedVMPoolAllocator::classForSize):
559         (JSC::FixedVMPoolAllocator::offsetToPointer):
560         (JSC::FixedVMPoolAllocator::pointerToOffset):
561         (JSC::ExecutableAllocator::committedByteCount):
562         (JSC::ExecutableAllocator::isValid):
563         (JSC::ExecutableAllocator::underMemoryPressure):
564         (JSC::ExecutablePool::systemAlloc):
565         (JSC::ExecutablePool::systemRelease):
566         * wtf/PageReservation.h:
567         (WTF::PageReservation::PageReservation):
568         (WTF::PageReservation::commit):
569         (WTF::PageReservation::decommit):
570         (WTF::PageReservation::committed):
571
572 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
573
574         Unreviewed, rolling out r76969.
575         http://trac.webkit.org/changeset/76969
576         https://bugs.webkit.org/show_bug.cgi?id=53418
577
578         "It is causing crashes in GTK+ and Leopard bots" (Requested by
579         alexg__ on #webkit).
580
581         * runtime/WeakGCMap.h:
582
583 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
584
585         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
586         r77111.
587         http://trac.webkit.org/changeset/77098
588         http://trac.webkit.org/changeset/77099
589         http://trac.webkit.org/changeset/77100
590         http://trac.webkit.org/changeset/77109
591         http://trac.webkit.org/changeset/77111
592         https://bugs.webkit.org/show_bug.cgi?id=53219
593
594         Qt build is broken
595
596         * API/JSCallbackObject.h:
597         (JSC::JSCallbackObjectData::setPrivateProperty):
598         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
599         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
600         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
601         (JSC::JSCallbackObject::setPrivateProperty):
602         * API/JSCallbackObjectFunctions.h:
603         (JSC::::put):
604         (JSC::::staticFunctionGetter):
605         * API/JSObjectRef.cpp:
606         (JSObjectMakeConstructor):
607         (JSObjectSetPrivateProperty):
608         * API/JSWeakObjectMapRefInternal.h:
609         * JavaScriptCore.exp:
610         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
611         * JavaScriptCore.xcodeproj/project.pbxproj:
612         * bytecode/CodeBlock.cpp:
613         (JSC::CodeBlock::markAggregate):
614         * bytecode/CodeBlock.h:
615         (JSC::CodeBlock::globalObject):
616         * bytecompiler/BytecodeGenerator.cpp:
617         (JSC::BytecodeGenerator::BytecodeGenerator):
618         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
619         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
620         (JSC::BytecodeGenerator::findScopedProperty):
621         * debugger/Debugger.cpp:
622         (JSC::evaluateInGlobalCallFrame):
623         * debugger/DebuggerActivation.cpp:
624         (JSC::DebuggerActivation::DebuggerActivation):
625         (JSC::DebuggerActivation::markChildren):
626         * debugger/DebuggerActivation.h:
627         * debugger/DebuggerCallFrame.cpp:
628         (JSC::DebuggerCallFrame::evaluate):
629         * interpreter/CallFrame.h:
630         (JSC::ExecState::exception):
631         * interpreter/Interpreter.cpp:
632         (JSC::Interpreter::resolve):
633         (JSC::Interpreter::resolveSkip):
634         (JSC::Interpreter::resolveGlobal):
635         (JSC::Interpreter::resolveGlobalDynamic):
636         (JSC::Interpreter::resolveBaseAndProperty):
637         (JSC::Interpreter::unwindCallFrame):
638         (JSC::appendSourceToError):
639         (JSC::Interpreter::execute):
640         (JSC::Interpreter::tryCacheGetByID):
641         (JSC::Interpreter::privateExecute):
642         * jit/JITStubs.cpp:
643         (JSC::JITThunks::tryCacheGetByID):
644         (JSC::DEFINE_STUB_FUNCTION):
645         * jsc.cpp:
646         (GlobalObject::GlobalObject):
647         * runtime/ArgList.cpp:
648         (JSC::MarkedArgumentBuffer::markLists):
649         * runtime/Arguments.cpp:
650         (JSC::Arguments::markChildren):
651         (JSC::Arguments::getOwnPropertySlot):
652         (JSC::Arguments::getOwnPropertyDescriptor):
653         (JSC::Arguments::put):
654         * runtime/Arguments.h:
655         (JSC::Arguments::setActivation):
656         (JSC::Arguments::Arguments):
657         * runtime/ArrayConstructor.cpp:
658         (JSC::ArrayConstructor::ArrayConstructor):
659         (JSC::constructArrayWithSizeQuirk):
660         * runtime/ArrayPrototype.cpp:
661         (JSC::arrayProtoFuncSplice):
662         * runtime/BatchedTransitionOptimizer.h:
663         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
664         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
665         * runtime/BooleanConstructor.cpp:
666         (JSC::BooleanConstructor::BooleanConstructor):
667         (JSC::constructBoolean):
668         (JSC::constructBooleanFromImmediateBoolean):
669         * runtime/BooleanPrototype.cpp:
670         (JSC::BooleanPrototype::BooleanPrototype):
671         * runtime/ConservativeSet.cpp:
672         (JSC::ConservativeSet::grow):
673         * runtime/ConservativeSet.h:
674         (JSC::ConservativeSet::~ConservativeSet):
675         (JSC::ConservativeSet::mark):
676         * runtime/DateConstructor.cpp:
677         (JSC::DateConstructor::DateConstructor):
678         * runtime/DateInstance.cpp:
679         (JSC::DateInstance::DateInstance):
680         * runtime/DatePrototype.cpp:
681         (JSC::dateProtoFuncSetTime):
682         (JSC::setNewValueFromTimeArgs):
683         (JSC::setNewValueFromDateArgs):
684         (JSC::dateProtoFuncSetYear):
685         * runtime/ErrorConstructor.cpp:
686         (JSC::ErrorConstructor::ErrorConstructor):
687         * runtime/ErrorInstance.cpp:
688         (JSC::ErrorInstance::ErrorInstance):
689         * runtime/ErrorPrototype.cpp:
690         (JSC::ErrorPrototype::ErrorPrototype):
691         * runtime/FunctionConstructor.cpp:
692         (JSC::FunctionConstructor::FunctionConstructor):
693         * runtime/FunctionPrototype.cpp:
694         (JSC::FunctionPrototype::FunctionPrototype):
695         * runtime/GetterSetter.cpp:
696         (JSC::GetterSetter::markChildren):
697         * runtime/GetterSetter.h:
698         (JSC::GetterSetter::GetterSetter):
699         (JSC::GetterSetter::getter):
700         (JSC::GetterSetter::setGetter):
701         (JSC::GetterSetter::setter):
702         (JSC::GetterSetter::setSetter):
703         * runtime/GlobalEvalFunction.cpp:
704         (JSC::GlobalEvalFunction::GlobalEvalFunction):
705         (JSC::GlobalEvalFunction::markChildren):
706         * runtime/GlobalEvalFunction.h:
707         (JSC::GlobalEvalFunction::cachedGlobalObject):
708         * runtime/Heap.cpp:
709         (JSC::Heap::markProtectedObjects):
710         (JSC::Heap::markTempSortVectors):
711         (JSC::Heap::markRoots):
712         * runtime/InternalFunction.cpp:
713         (JSC::InternalFunction::InternalFunction):
714         * runtime/JSAPIValueWrapper.h:
715         (JSC::JSAPIValueWrapper::value):
716         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
717         * runtime/JSActivation.cpp:
718         (JSC::JSActivation::markChildren):
719         (JSC::JSActivation::put):
720         * runtime/JSArray.cpp:
721         (JSC::JSArray::JSArray):
722         (JSC::JSArray::getOwnPropertySlot):
723         (JSC::JSArray::getOwnPropertyDescriptor):
724         (JSC::JSArray::put):
725         (JSC::JSArray::putSlowCase):
726         (JSC::JSArray::deleteProperty):
727         (JSC::JSArray::increaseVectorLength):
728         (JSC::JSArray::setLength):
729         (JSC::JSArray::pop):
730         (JSC::JSArray::push):
731         (JSC::JSArray::unshiftCount):
732         (JSC::JSArray::sort):
733         (JSC::JSArray::fillArgList):
734         (JSC::JSArray::copyToRegisters):
735         (JSC::JSArray::compactForSorting):
736         * runtime/JSArray.h:
737         (JSC::JSArray::getIndex):
738         (JSC::JSArray::setIndex):
739         (JSC::JSArray::uncheckedSetIndex):
740         (JSC::JSArray::markChildrenDirect):
741         * runtime/JSByteArray.cpp:
742         (JSC::JSByteArray::JSByteArray):
743         * runtime/JSCell.h:
744         (JSC::JSCell::JSValue::toThisObject):
745         (JSC::JSCell::MarkStack::append):
746         * runtime/JSFunction.cpp:
747         (JSC::JSFunction::JSFunction):
748         (JSC::JSFunction::getOwnPropertySlot):
749         * runtime/JSGlobalData.h:
750         * runtime/JSGlobalObject.cpp:
751         (JSC::markIfNeeded):
752         (JSC::JSGlobalObject::reset):
753         (JSC::JSGlobalObject::resetPrototype):
754         (JSC::JSGlobalObject::markChildren):
755         * runtime/JSGlobalObject.h:
756         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
757         (JSC::JSGlobalObject::regExpConstructor):
758         (JSC::JSGlobalObject::errorConstructor):
759         (JSC::JSGlobalObject::evalErrorConstructor):
760         (JSC::JSGlobalObject::rangeErrorConstructor):
761         (JSC::JSGlobalObject::referenceErrorConstructor):
762         (JSC::JSGlobalObject::syntaxErrorConstructor):
763         (JSC::JSGlobalObject::typeErrorConstructor):
764         (JSC::JSGlobalObject::URIErrorConstructor):
765         (JSC::JSGlobalObject::evalFunction):
766         (JSC::JSGlobalObject::objectPrototype):
767         (JSC::JSGlobalObject::functionPrototype):
768         (JSC::JSGlobalObject::arrayPrototype):
769         (JSC::JSGlobalObject::booleanPrototype):
770         (JSC::JSGlobalObject::stringPrototype):
771         (JSC::JSGlobalObject::numberPrototype):
772         (JSC::JSGlobalObject::datePrototype):
773         (JSC::JSGlobalObject::regExpPrototype):
774         (JSC::JSGlobalObject::methodCallDummy):
775         (JSC::Structure::prototypeForLookup):
776         (JSC::constructArray):
777         * runtime/JSONObject.cpp:
778         (JSC::Stringifier::Holder::object):
779         (JSC::Stringifier::markAggregate):
780         (JSC::Stringifier::stringify):
781         (JSC::Stringifier::Holder::appendNextProperty):
782         (JSC::Walker::callReviver):
783         (JSC::Walker::walk):
784         * runtime/JSObject.cpp:
785         (JSC::JSObject::defineGetter):
786         (JSC::JSObject::defineSetter):
787         (JSC::JSObject::removeDirect):
788         (JSC::JSObject::putDirectFunction):
789         (JSC::JSObject::putDirectFunctionWithoutTransition):
790         (JSC::putDescriptor):
791         (JSC::JSObject::defineOwnProperty):
792         * runtime/JSObject.h:
793         (JSC::JSObject::getDirectOffset):
794         (JSC::JSObject::putDirectOffset):
795         (JSC::JSObject::flattenDictionaryObject):
796         (JSC::JSObject::putDirectInternal):
797         (JSC::JSObject::putDirect):
798         (JSC::JSObject::putDirectFunction):
799         (JSC::JSObject::putDirectWithoutTransition):
800         (JSC::JSObject::putDirectFunctionWithoutTransition):
801         (JSC::JSValue::putDirect):
802         (JSC::JSObject::allocatePropertyStorageInline):
803         (JSC::JSObject::markChildrenDirect):
804         * runtime/JSPropertyNameIterator.cpp:
805         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
806         (JSC::JSPropertyNameIterator::get):
807         * runtime/JSPropertyNameIterator.h:
808         * runtime/JSStaticScopeObject.cpp:
809         (JSC::JSStaticScopeObject::markChildren):
810         * runtime/JSString.cpp:
811         (JSC::StringObject::create):
812         * runtime/JSValue.h:
813         * runtime/JSWrapperObject.cpp:
814         (JSC::JSWrapperObject::markChildren):
815         * runtime/JSWrapperObject.h:
816         (JSC::JSWrapperObject::internalValue):
817         (JSC::JSWrapperObject::setInternalValue):
818         * runtime/LiteralParser.cpp:
819         (JSC::LiteralParser::parse):
820         * runtime/Lookup.cpp:
821         (JSC::setUpStaticFunctionSlot):
822         * runtime/Lookup.h:
823         (JSC::lookupPut):
824         * runtime/MarkStack.h:
825         (JSC::MarkStack::appendValues):
826         * runtime/MathObject.cpp:
827         (JSC::MathObject::MathObject):
828         * runtime/NativeErrorConstructor.cpp:
829         (JSC::NativeErrorConstructor::NativeErrorConstructor):
830         * runtime/NativeErrorPrototype.cpp:
831         (JSC::NativeErrorPrototype::NativeErrorPrototype):
832         * runtime/NumberConstructor.cpp:
833         (JSC::NumberConstructor::NumberConstructor):
834         (JSC::constructWithNumberConstructor):
835         * runtime/NumberObject.cpp:
836         (JSC::constructNumber):
837         * runtime/NumberPrototype.cpp:
838         (JSC::NumberPrototype::NumberPrototype):
839         * runtime/ObjectConstructor.cpp:
840         (JSC::ObjectConstructor::ObjectConstructor):
841         (JSC::objectConstructorGetOwnPropertyDescriptor):
842         * runtime/Operations.h:
843         (JSC::normalizePrototypeChain):
844         (JSC::resolveBase):
845         * runtime/PrototypeFunction.cpp:
846         (JSC::PrototypeFunction::PrototypeFunction):
847         * runtime/PutPropertySlot.h:
848         (JSC::PutPropertySlot::setExistingProperty):
849         (JSC::PutPropertySlot::setNewProperty):
850         (JSC::PutPropertySlot::base):
851         * runtime/RegExpConstructor.cpp:
852         (JSC::RegExpConstructor::RegExpConstructor):
853         * runtime/ScopeChain.cpp:
854         (JSC::ScopeChainNode::print):
855         * runtime/ScopeChain.h:
856         (JSC::ScopeChainNode::~ScopeChainNode):
857         (JSC::ScopeChainIterator::operator*):
858         (JSC::ScopeChainIterator::operator->):
859         (JSC::ScopeChain::top):
860         * runtime/ScopeChainMark.h:
861         (JSC::ScopeChain::markAggregate):
862         * runtime/SmallStrings.cpp:
863         (JSC::isMarked):
864         (JSC::SmallStrings::markChildren):
865         * runtime/SmallStrings.h:
866         (JSC::SmallStrings::emptyString):
867         (JSC::SmallStrings::singleCharacterString):
868         (JSC::SmallStrings::singleCharacterStrings):
869         * runtime/StringConstructor.cpp:
870         (JSC::StringConstructor::StringConstructor):
871         * runtime/StringObject.cpp:
872         (JSC::StringObject::StringObject):
873         * runtime/StringObject.h:
874         * runtime/StringPrototype.cpp:
875         (JSC::StringPrototype::StringPrototype):
876         * runtime/Structure.cpp:
877         (JSC::Structure::Structure):
878         (JSC::Structure::addPropertyTransition):
879         (JSC::Structure::toDictionaryTransition):
880         (JSC::Structure::flattenDictionaryStructure):
881         * runtime/Structure.h:
882         (JSC::Structure::storedPrototype):
883         * runtime/WeakGCMap.h:
884         (JSC::WeakGCMap::uncheckedGet):
885         (JSC::WeakGCMap::isValid):
886         (JSC::::get):
887         (JSC::::take):
888         (JSC::::set):
889         (JSC::::uncheckedRemove):
890         * runtime/WriteBarrier.h: Removed.
891
892 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
893
894         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
895
896         * runtime/WriteBarrier.h:
897         (JSC::WriteBarrierBase::clear):
898
899 2011-01-30  Oliver Hunt  <oliver@apple.com>
900
901         More Qt build fixes
902
903         * runtime/WriteBarrier.h:
904         (JSC::WriteBarrierBase::clear):
905
906 2011-01-30  Oliver Hunt  <oliver@apple.com>
907
908         Convert markstack to a slot visitor API
909         https://bugs.webkit.org/show_bug.cgi?id=53219
910
911         rolling r77006 and r77020 back in.
912
913         * API/JSCallbackObject.h:
914         (JSC::JSCallbackObjectData::setPrivateProperty):
915         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
916         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
917         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
918         (JSC::JSCallbackObject::setPrivateProperty):
919         * API/JSCallbackObjectFunctions.h:
920         (JSC::::put):
921         (JSC::::staticFunctionGetter):
922         * API/JSObjectRef.cpp:
923         (JSObjectMakeConstructor):
924         (JSObjectSetPrivateProperty):
925         * API/JSWeakObjectMapRefInternal.h:
926         * JavaScriptCore.exp:
927         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
928         * JavaScriptCore.xcodeproj/project.pbxproj:
929         * bytecode/CodeBlock.cpp:
930         (JSC::CodeBlock::markAggregate):
931         * bytecode/CodeBlock.h:
932         (JSC::CodeBlock::globalObject):
933         * bytecompiler/BytecodeGenerator.cpp:
934         (JSC::BytecodeGenerator::BytecodeGenerator):
935         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
936         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
937         (JSC::BytecodeGenerator::findScopedProperty):
938         * debugger/Debugger.cpp:
939         (JSC::evaluateInGlobalCallFrame):
940         * debugger/DebuggerActivation.cpp:
941         (JSC::DebuggerActivation::DebuggerActivation):
942         (JSC::DebuggerActivation::markChildren):
943         * debugger/DebuggerActivation.h:
944         * debugger/DebuggerCallFrame.cpp:
945         (JSC::DebuggerCallFrame::evaluate):
946         * interpreter/CallFrame.h:
947         (JSC::ExecState::exception):
948         * interpreter/Interpreter.cpp:
949         (JSC::Interpreter::resolve):
950         (JSC::Interpreter::resolveSkip):
951         (JSC::Interpreter::resolveGlobal):
952         (JSC::Interpreter::resolveGlobalDynamic):
953         (JSC::Interpreter::resolveBaseAndProperty):
954         (JSC::Interpreter::unwindCallFrame):
955         (JSC::appendSourceToError):
956         (JSC::Interpreter::execute):
957         (JSC::Interpreter::tryCacheGetByID):
958         (JSC::Interpreter::privateExecute):
959         * jit/JITStubs.cpp:
960         (JSC::JITThunks::tryCacheGetByID):
961         (JSC::DEFINE_STUB_FUNCTION):
962         * jsc.cpp:
963         (GlobalObject::GlobalObject):
964         * runtime/ArgList.cpp:
965         (JSC::MarkedArgumentBuffer::markLists):
966         * runtime/Arguments.cpp:
967         (JSC::Arguments::markChildren):
968         (JSC::Arguments::getOwnPropertySlot):
969         (JSC::Arguments::getOwnPropertyDescriptor):
970         (JSC::Arguments::put):
971         * runtime/Arguments.h:
972         (JSC::Arguments::setActivation):
973         (JSC::Arguments::Arguments):
974         * runtime/ArrayConstructor.cpp:
975         (JSC::ArrayConstructor::ArrayConstructor):
976         (JSC::constructArrayWithSizeQuirk):
977         * runtime/ArrayPrototype.cpp:
978         (JSC::arrayProtoFuncSplice):
979         * runtime/BatchedTransitionOptimizer.h:
980         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
981         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
982         * runtime/BooleanConstructor.cpp:
983         (JSC::BooleanConstructor::BooleanConstructor):
984         (JSC::constructBoolean):
985         (JSC::constructBooleanFromImmediateBoolean):
986         * runtime/BooleanPrototype.cpp:
987         (JSC::BooleanPrototype::BooleanPrototype):
988         * runtime/ConservativeSet.cpp:
989         (JSC::ConservativeSet::grow):
990         * runtime/ConservativeSet.h:
991         (JSC::ConservativeSet::~ConservativeSet):
992         (JSC::ConservativeSet::mark):
993         * runtime/DateConstructor.cpp:
994         (JSC::DateConstructor::DateConstructor):
995         * runtime/DateInstance.cpp:
996         (JSC::DateInstance::DateInstance):
997         * runtime/DatePrototype.cpp:
998         (JSC::dateProtoFuncSetTime):
999         (JSC::setNewValueFromTimeArgs):
1000         (JSC::setNewValueFromDateArgs):
1001         (JSC::dateProtoFuncSetYear):
1002         * runtime/ErrorConstructor.cpp:
1003         (JSC::ErrorConstructor::ErrorConstructor):
1004         * runtime/ErrorInstance.cpp:
1005         (JSC::ErrorInstance::ErrorInstance):
1006         * runtime/ErrorPrototype.cpp:
1007         (JSC::ErrorPrototype::ErrorPrototype):
1008         * runtime/FunctionConstructor.cpp:
1009         (JSC::FunctionConstructor::FunctionConstructor):
1010         * runtime/FunctionPrototype.cpp:
1011         (JSC::FunctionPrototype::FunctionPrototype):
1012         * runtime/GetterSetter.cpp:
1013         (JSC::GetterSetter::markChildren):
1014         * runtime/GetterSetter.h:
1015         (JSC::GetterSetter::GetterSetter):
1016         (JSC::GetterSetter::getter):
1017         (JSC::GetterSetter::setGetter):
1018         (JSC::GetterSetter::setter):
1019         (JSC::GetterSetter::setSetter):
1020         * runtime/GlobalEvalFunction.cpp:
1021         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1022         (JSC::GlobalEvalFunction::markChildren):
1023         * runtime/GlobalEvalFunction.h:
1024         (JSC::GlobalEvalFunction::cachedGlobalObject):
1025         * runtime/Heap.cpp:
1026         (JSC::Heap::markProtectedObjects):
1027         (JSC::Heap::markTempSortVectors):
1028         (JSC::Heap::markRoots):
1029         * runtime/InternalFunction.cpp:
1030         (JSC::InternalFunction::InternalFunction):
1031         * runtime/JSAPIValueWrapper.h:
1032         (JSC::JSAPIValueWrapper::value):
1033         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1034         * runtime/JSActivation.cpp:
1035         (JSC::JSActivation::markChildren):
1036         (JSC::JSActivation::put):
1037         * runtime/JSArray.cpp:
1038         (JSC::JSArray::JSArray):
1039         (JSC::JSArray::getOwnPropertySlot):
1040         (JSC::JSArray::getOwnPropertyDescriptor):
1041         (JSC::JSArray::put):
1042         (JSC::JSArray::putSlowCase):
1043         (JSC::JSArray::deleteProperty):
1044         (JSC::JSArray::increaseVectorLength):
1045         (JSC::JSArray::setLength):
1046         (JSC::JSArray::pop):
1047         (JSC::JSArray::push):
1048         (JSC::JSArray::unshiftCount):
1049         (JSC::JSArray::sort):
1050         (JSC::JSArray::fillArgList):
1051         (JSC::JSArray::copyToRegisters):
1052         (JSC::JSArray::compactForSorting):
1053         * runtime/JSArray.h:
1054         (JSC::JSArray::getIndex):
1055         (JSC::JSArray::setIndex):
1056         (JSC::JSArray::uncheckedSetIndex):
1057         (JSC::JSArray::markChildrenDirect):
1058         * runtime/JSByteArray.cpp:
1059         (JSC::JSByteArray::JSByteArray):
1060         * runtime/JSCell.h:
1061         (JSC::JSCell::MarkStack::append):
1062         (JSC::JSCell::MarkStack::internalAppend):
1063         (JSC::JSCell::MarkStack::deprecatedAppend):
1064         * runtime/JSFunction.cpp:
1065         (JSC::JSFunction::JSFunction):
1066         (JSC::JSFunction::getOwnPropertySlot):
1067         * runtime/JSGlobalData.h:
1068         * runtime/JSGlobalObject.cpp:
1069         (JSC::markIfNeeded):
1070         (JSC::JSGlobalObject::reset):
1071         (JSC::JSGlobalObject::resetPrototype):
1072         (JSC::JSGlobalObject::markChildren):
1073         * runtime/JSGlobalObject.h:
1074         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1075         (JSC::JSGlobalObject::regExpConstructor):
1076         (JSC::JSGlobalObject::errorConstructor):
1077         (JSC::JSGlobalObject::evalErrorConstructor):
1078         (JSC::JSGlobalObject::rangeErrorConstructor):
1079         (JSC::JSGlobalObject::referenceErrorConstructor):
1080         (JSC::JSGlobalObject::syntaxErrorConstructor):
1081         (JSC::JSGlobalObject::typeErrorConstructor):
1082         (JSC::JSGlobalObject::URIErrorConstructor):
1083         (JSC::JSGlobalObject::evalFunction):
1084         (JSC::JSGlobalObject::objectPrototype):
1085         (JSC::JSGlobalObject::functionPrototype):
1086         (JSC::JSGlobalObject::arrayPrototype):
1087         (JSC::JSGlobalObject::booleanPrototype):
1088         (JSC::JSGlobalObject::stringPrototype):
1089         (JSC::JSGlobalObject::numberPrototype):
1090         (JSC::JSGlobalObject::datePrototype):
1091         (JSC::JSGlobalObject::regExpPrototype):
1092         (JSC::JSGlobalObject::methodCallDummy):
1093         (JSC::Structure::prototypeForLookup):
1094         (JSC::constructArray):
1095         * runtime/JSONObject.cpp:
1096         (JSC::Stringifier::Holder::object):
1097         (JSC::Stringifier::Holder::objectSlot):
1098         (JSC::Stringifier::markAggregate):
1099         (JSC::Stringifier::stringify):
1100         (JSC::Stringifier::Holder::appendNextProperty):
1101         (JSC::Walker::callReviver):
1102         (JSC::Walker::walk):
1103         * runtime/JSObject.cpp:
1104         (JSC::JSObject::defineGetter):
1105         (JSC::JSObject::defineSetter):
1106         (JSC::JSObject::removeDirect):
1107         (JSC::JSObject::putDirectFunction):
1108         (JSC::JSObject::putDirectFunctionWithoutTransition):
1109         (JSC::putDescriptor):
1110         (JSC::JSObject::defineOwnProperty):
1111         * runtime/JSObject.h:
1112         (JSC::JSObject::getDirectOffset):
1113         (JSC::JSObject::putDirectOffset):
1114         (JSC::JSObject::putUndefinedAtDirectOffset):
1115         (JSC::JSObject::flattenDictionaryObject):
1116         (JSC::JSObject::putDirectInternal):
1117         (JSC::JSObject::putDirect):
1118         (JSC::JSObject::putDirectFunction):
1119         (JSC::JSObject::putDirectWithoutTransition):
1120         (JSC::JSObject::putDirectFunctionWithoutTransition):
1121         (JSC::JSValue::putDirect):
1122         (JSC::JSObject::allocatePropertyStorageInline):
1123         (JSC::JSObject::markChildrenDirect):
1124         * runtime/JSPropertyNameIterator.cpp:
1125         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1126         (JSC::JSPropertyNameIterator::get):
1127         * runtime/JSPropertyNameIterator.h:
1128         * runtime/JSStaticScopeObject.cpp:
1129         (JSC::JSStaticScopeObject::markChildren):
1130         * runtime/JSString.cpp:
1131         (JSC::StringObject::create):
1132         * runtime/JSValue.h:
1133         * runtime/JSWrapperObject.cpp:
1134         (JSC::JSWrapperObject::markChildren):
1135         * runtime/JSWrapperObject.h:
1136         (JSC::JSWrapperObject::internalValue):
1137         (JSC::JSWrapperObject::setInternalValue):
1138         * runtime/LiteralParser.cpp:
1139         (JSC::LiteralParser::parse):
1140         * runtime/Lookup.cpp:
1141         (JSC::setUpStaticFunctionSlot):
1142         * runtime/Lookup.h:
1143         (JSC::lookupPut):
1144         * runtime/MarkStack.h:
1145         (JSC::MarkStack::MarkStack):
1146         (JSC::MarkStack::deprecatedAppendValues):
1147         (JSC::MarkStack::appendValues):
1148         * runtime/MathObject.cpp:
1149         (JSC::MathObject::MathObject):
1150         * runtime/NativeErrorConstructor.cpp:
1151         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1152         * runtime/NativeErrorPrototype.cpp:
1153         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1154         * runtime/NumberConstructor.cpp:
1155         (JSC::NumberConstructor::NumberConstructor):
1156         (JSC::constructWithNumberConstructor):
1157         * runtime/NumberObject.cpp:
1158         (JSC::constructNumber):
1159         * runtime/NumberPrototype.cpp:
1160         (JSC::NumberPrototype::NumberPrototype):
1161         * runtime/ObjectConstructor.cpp:
1162         (JSC::ObjectConstructor::ObjectConstructor):
1163         (JSC::objectConstructorGetOwnPropertyDescriptor):
1164         * runtime/Operations.h:
1165         (JSC::normalizePrototypeChain):
1166         (JSC::resolveBase):
1167         * runtime/PrototypeFunction.cpp:
1168         (JSC::PrototypeFunction::PrototypeFunction):
1169         * runtime/PutPropertySlot.h:
1170         (JSC::PutPropertySlot::setExistingProperty):
1171         (JSC::PutPropertySlot::setNewProperty):
1172         (JSC::PutPropertySlot::base):
1173         * runtime/RegExpConstructor.cpp:
1174         (JSC::RegExpConstructor::RegExpConstructor):
1175         * runtime/ScopeChain.cpp:
1176         (JSC::ScopeChainNode::print):
1177         * runtime/ScopeChain.h:
1178         (JSC::ScopeChainNode::~ScopeChainNode):
1179         (JSC::ScopeChainIterator::operator*):
1180         (JSC::ScopeChainIterator::operator->):
1181         (JSC::ScopeChain::top):
1182         * runtime/ScopeChainMark.h:
1183         (JSC::ScopeChain::markAggregate):
1184         * runtime/SmallStrings.cpp:
1185         (JSC::isMarked):
1186         (JSC::SmallStrings::markChildren):
1187         * runtime/SmallStrings.h:
1188         (JSC::SmallStrings::emptyString):
1189         (JSC::SmallStrings::singleCharacterString):
1190         (JSC::SmallStrings::singleCharacterStrings):
1191         * runtime/StringConstructor.cpp:
1192         (JSC::StringConstructor::StringConstructor):
1193         * runtime/StringObject.cpp:
1194         (JSC::StringObject::StringObject):
1195         * runtime/StringObject.h:
1196         * runtime/StringPrototype.cpp:
1197         (JSC::StringPrototype::StringPrototype):
1198         * runtime/Structure.cpp:
1199         (JSC::Structure::Structure):
1200         (JSC::Structure::addPropertyTransition):
1201         (JSC::Structure::toDictionaryTransition):
1202         (JSC::Structure::flattenDictionaryStructure):
1203         * runtime/Structure.h:
1204         (JSC::Structure::storedPrototype):
1205         (JSC::Structure::storedPrototypeSlot):
1206         * runtime/WeakGCMap.h:
1207         (JSC::WeakGCMap::uncheckedGet):
1208         (JSC::WeakGCMap::uncheckedGetSlot):
1209         (JSC::WeakGCMap::isValid):
1210         (JSC::::get):
1211         (JSC::::take):
1212         (JSC::::set):
1213         (JSC::::uncheckedRemove):
1214         * runtime/WriteBarrier.h: Added.
1215         (JSC::DeprecatedPtr::DeprecatedPtr):
1216         (JSC::DeprecatedPtr::get):
1217         (JSC::DeprecatedPtr::operator*):
1218         (JSC::DeprecatedPtr::operator->):
1219         (JSC::DeprecatedPtr::slot):
1220         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1221         (JSC::DeprecatedPtr::operator!):
1222         (JSC::WriteBarrierBase::set):
1223         (JSC::WriteBarrierBase::get):
1224         (JSC::WriteBarrierBase::operator*):
1225         (JSC::WriteBarrierBase::operator->):
1226         (JSC::WriteBarrierBase::slot):
1227         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1228         (JSC::WriteBarrierBase::operator!):
1229         (JSC::WriteBarrier::WriteBarrier):
1230         (JSC::operator==):
1231
1232 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
1233
1234         Reviewed by Oliver Hunt.
1235
1236         Filter all Heap collection through a common reset function, in
1237         preparation for adding features triggered by collection.
1238         https://bugs.webkit.org/show_bug.cgi?id=53396
1239         
1240         SunSpider reports no change.
1241
1242         * runtime/Heap.cpp:
1243         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
1244         limit, just call collectAllGarbage() instead of rolling our own special
1245         way of resetting the heap. In theory, this may be slower in some cases,
1246         but it also fixes cases of pathological heap growth that we've seen,
1247         where the only objects being allocated are temporary and huge
1248         (<rdar://problem/8885843>).
1249
1250         (JSC::Heap::allocate):
1251         (JSC::Heap::collectAllGarbage): Use the shared reset function.
1252
1253         (JSC::Heap::reset):
1254         * runtime/Heap.h: Carved a new shared reset function out of the old
1255         collectAllGarbage.
1256
1257 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1258
1259         Unreviewed, rolling out r77025.
1260         http://trac.webkit.org/changeset/77025
1261         https://bugs.webkit.org/show_bug.cgi?id=53401
1262
1263         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
1264         (Requested by Ossy on #webkit).
1265
1266         * jit/ExecutableAllocatorFixedVMPool.cpp:
1267         (JSC::FreeListEntry::FreeListEntry):
1268         (JSC::AVLTreeAbstractorForFreeList::get_less):
1269         (JSC::AVLTreeAbstractorForFreeList::set_less):
1270         (JSC::AVLTreeAbstractorForFreeList::get_greater):
1271         (JSC::AVLTreeAbstractorForFreeList::set_greater):
1272         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
1273         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
1274         (JSC::AVLTreeAbstractorForFreeList::null):
1275         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
1276         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
1277         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
1278         (JSC::reverseSortFreeListEntriesByPointer):
1279         (JSC::reverseSortCommonSizedAllocations):
1280         (JSC::FixedVMPoolAllocator::release):
1281         (JSC::FixedVMPoolAllocator::reuse):
1282         (JSC::FixedVMPoolAllocator::addToFreeList):
1283         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
1284         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1285         (JSC::FixedVMPoolAllocator::alloc):
1286         (JSC::FixedVMPoolAllocator::free):
1287         (JSC::FixedVMPoolAllocator::isValid):
1288         (JSC::FixedVMPoolAllocator::allocInternal):
1289         (JSC::FixedVMPoolAllocator::isWithinVMPool):
1290         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
1291         (JSC::ExecutableAllocator::committedByteCount):
1292         (JSC::maybeModifyVMPoolSize):
1293         (JSC::ExecutableAllocator::isValid):
1294         (JSC::ExecutableAllocator::underMemoryPressure):
1295         (JSC::ExecutablePool::systemAlloc):
1296         (JSC::ExecutablePool::systemRelease):
1297         * wtf/PageReservation.h:
1298         (WTF::PageReservation::PageReservation):
1299         (WTF::PageReservation::commit):
1300         (WTF::PageReservation::decommit):
1301
1302 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
1303
1304         Reviewed by Daniel Bates.
1305
1306         Code style issue in JavaScriptCore/wtf/CurrentTime.h
1307         https://bugs.webkit.org/show_bug.cgi?id=53394
1308
1309         According to rule #3 at http://webkit.org/coding/coding-style.html,
1310         This patch fix style issue in CurrentTime.h.
1311
1312         No functionality change, no new tests.
1313
1314         * wtf/CurrentTime.h:
1315         (WTF::currentTimeMS):
1316         (WTF::getLocalTime):
1317
1318 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
1319
1320         Reviewed by Kenneth Rohde Christiansen.
1321
1322         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
1323         https://bugs.webkit.org/show_bug.cgi?id=53377
1324
1325         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
1326         instead, we can use "-all_load" on Mac.
1327
1328         * JavaScriptCore.pri:
1329
1330 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1331
1332         Sorry Leopard bot -- I committed a change by accident.
1333
1334         * JavaScriptCore.exp: You may have your symbols back now.
1335
1336 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1337
1338         Reviewed by Cameron Zwarich.
1339
1340         Simplified Heap iteration
1341         https://bugs.webkit.org/show_bug.cgi?id=53393
1342
1343         * runtime/CollectorHeapIterator.h:
1344         (JSC::CollectorHeapIterator::isValid):
1345         (JSC::CollectorHeapIterator::isLive):
1346         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
1347         advance because it's a constant.
1348         (JSC::LiveObjectIterator::LiveObjectIterator):
1349         (JSC::LiveObjectIterator::operator++):
1350         (JSC::DeadObjectIterator::DeadObjectIterator):
1351         (JSC::DeadObjectIterator::operator++):
1352         (JSC::ObjectIterator::ObjectIterator):
1353         (JSC::ObjectIterator::operator++): Factored out common checks into
1354         two helper functions -- isValid() for "Am I past the end?" and isLive()
1355         for "Is the cell I'm pointing to live?".
1356
1357         * runtime/MarkedSpace.cpp:
1358         (JSC::MarkedSpace::freeBlock):
1359         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
1360         to the end, to avoid making sweep subtly reliant on internal Heap state.
1361         (JSC::MarkedSpace::primaryHeapBegin):
1362         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
1363         iteration begins.
1364
1365 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1366
1367         Reviewed by Cameron Zwarich.
1368
1369         Simplified heap destruction
1370         https://bugs.webkit.org/show_bug.cgi?id=53392
1371
1372         * JavaScriptCore.exp:
1373         * runtime/Heap.cpp:
1374         (JSC::Heap::destroy):
1375         * runtime/Heap.h:
1376         * runtime/MarkedSpace.cpp:
1377         (JSC::MarkedSpace::destroy):
1378         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
1379         cells last -- the difficult contortions required to do so just don't seem
1380         justified. We make no guarantees about GC protection after the client
1381         throws away JSGlobalData, and it doesn't seem like any meaningful
1382         guarantee is even possible.
1383
1384 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1385
1386         Reviewed by Maciej Stachowiak.
1387
1388         Switched heap to use the Bitmap class and removed CollectorBitmap
1389         https://bugs.webkit.org/show_bug.cgi?id=53391
1390         
1391         SunSpider says 1.005x as fast. Seems like a fluke.
1392
1393         * runtime/MarkedSpace.cpp:
1394         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
1395         rather than taking a value by reference.
1396
1397         * runtime/MarkedSpace.h: Code reuse is good.
1398
1399         * wtf/Bitmap.h:
1400         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
1401         which CollectorBitmap had. (Renamed from the less conventional "getset".)
1402
1403         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
1404         clarity. It's all the same with inlining.
1405
1406 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
1407
1408         Reviewed by Maciej Stachowiak.
1409
1410         Some more Heap cleanup.
1411         https://bugs.webkit.org/show_bug.cgi?id=53357
1412         
1413         * JavaScriptCore.exp:
1414         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
1415
1416         * runtime/Heap.cpp:
1417         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
1418         reportExtraMemoryCostSlowCase to match our naming conventions.
1419
1420         (JSC::Heap::capacity): Renamed size to capacity because this function
1421         returns the capacity of the heap, including unused portions.
1422
1423         * runtime/Heap.h:
1424         (JSC::Heap::globalData):
1425         (JSC::Heap::markedSpace):
1426         (JSC::Heap::machineStackMarker):
1427         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
1428         Moved ctor and dtor to the beginning of the class definition. Grouped
1429         functions by purpose.
1430
1431         * runtime/MarkedSpace.cpp:
1432         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
1433         function returns the capacity of the heap, including unused portions.
1434
1435         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
1436         the same information can be gotten just by calling size() and capacity().
1437
1438         * runtime/MemoryStatistics.cpp:
1439         * runtime/MemoryStatistics.h: Ditto.
1440
1441 2011-01-29  Daniel Bates  <dbates@rim.com>
1442
1443         Reviewed by Eric Seidel.
1444
1445         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
1446         https://bugs.webkit.org/show_bug.cgi?id=53253
1447
1448         Make inclusion of MT19937 a policy decision.
1449
1450         Currently, we hardcoded to  use MT19937 when building for
1451         Windows CE. Instead, we should make this a policy decision
1452         with the Windows CE port using this by default.
1453
1454         * JavaScriptCore.pri: Append Source/ThirdParty to the end
1455         of the list include directories.
1456         * wtf/CMakeLists.txt: Ditto.
1457         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
1458         building for Windows CE.
1459         * wtf/RandomNumber.cpp:
1460         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
1461
1462 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1463
1464         Reviewed by David Kilzer.
1465
1466         Bug 53374 - Remove uses of unsafe string functions in debugging code
1467         https://bugs.webkit.org/show_bug.cgi?id=53374
1468
1469         * runtime/RegExp.cpp:
1470         (JSC::RegExp::printTraceData):
1471
1472 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1473
1474         Reviewed by Oliver Hunt.
1475
1476         JavaScriptCoreUseJIT environment variable broken
1477         https://bugs.webkit.org/show_bug.cgi?id=53372
1478
1479         * runtime/JSGlobalData.cpp:
1480         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
1481         by getenv() rather than just doing a NULL check on the return value.
1482
1483 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
1484
1485         Reviewed by David Kilzer.
1486
1487         Move CharacterNames.h into WTF directory
1488         https://bugs.webkit.org/show_bug.cgi?id=49618
1489
1490         * GNUmakefile.am:
1491         * JavaScriptCore.gypi:
1492         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1493         * JavaScriptCore.xcodeproj/project.pbxproj:
1494         * wtf/CMakeLists.txt:
1495         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
1496         * wtf/unicode/UTF8.cpp:
1497
1498 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
1499
1500         Reviewed by Gavin Barraclough.
1501
1502         Add various clampToInt() methods to MathExtras.h
1503         https://bugs.webkit.org/show_bug.cgi?id=52910
1504         
1505         Add functions for clamping doubles and floats to valid int
1506         ranges, for signed and positive integers.
1507
1508         * wtf/MathExtras.h:
1509         (clampToInteger):
1510         (clampToPositiveInteger):
1511
1512 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1513
1514         Unreviewed, rolling out r77006 and r77020.
1515         http://trac.webkit.org/changeset/77006
1516         http://trac.webkit.org/changeset/77020
1517         https://bugs.webkit.org/show_bug.cgi?id=53360
1518
1519         "Broke Windows tests" (Requested by rniwa on #webkit).
1520
1521         * API/JSCallbackObject.h:
1522         (JSC::JSCallbackObjectData::setPrivateProperty):
1523         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1524         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1525         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1526         (JSC::JSCallbackObject::setPrivateProperty):
1527         * API/JSCallbackObjectFunctions.h:
1528         (JSC::::put):
1529         (JSC::::staticFunctionGetter):
1530         * API/JSObjectRef.cpp:
1531         (JSObjectMakeConstructor):
1532         (JSObjectSetPrivateProperty):
1533         * API/JSWeakObjectMapRefInternal.h:
1534         * JavaScriptCore.exp:
1535         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1536         * JavaScriptCore.xcodeproj/project.pbxproj:
1537         * bytecode/CodeBlock.cpp:
1538         (JSC::CodeBlock::markAggregate):
1539         * bytecode/CodeBlock.h:
1540         (JSC::CodeBlock::globalObject):
1541         * bytecompiler/BytecodeGenerator.cpp:
1542         (JSC::BytecodeGenerator::BytecodeGenerator):
1543         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1544         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1545         (JSC::BytecodeGenerator::findScopedProperty):
1546         * debugger/Debugger.cpp:
1547         (JSC::evaluateInGlobalCallFrame):
1548         * debugger/DebuggerActivation.cpp:
1549         (JSC::DebuggerActivation::DebuggerActivation):
1550         (JSC::DebuggerActivation::markChildren):
1551         * debugger/DebuggerActivation.h:
1552         * debugger/DebuggerCallFrame.cpp:
1553         (JSC::DebuggerCallFrame::evaluate):
1554         * interpreter/CallFrame.h:
1555         (JSC::ExecState::exception):
1556         * interpreter/Interpreter.cpp:
1557         (JSC::Interpreter::resolve):
1558         (JSC::Interpreter::resolveSkip):
1559         (JSC::Interpreter::resolveGlobal):
1560         (JSC::Interpreter::resolveGlobalDynamic):
1561         (JSC::Interpreter::resolveBaseAndProperty):
1562         (JSC::Interpreter::unwindCallFrame):
1563         (JSC::appendSourceToError):
1564         (JSC::Interpreter::execute):
1565         (JSC::Interpreter::tryCacheGetByID):
1566         (JSC::Interpreter::privateExecute):
1567         * jit/JITStubs.cpp:
1568         (JSC::JITThunks::tryCacheGetByID):
1569         (JSC::DEFINE_STUB_FUNCTION):
1570         * jsc.cpp:
1571         (GlobalObject::GlobalObject):
1572         * runtime/ArgList.cpp:
1573         (JSC::MarkedArgumentBuffer::markLists):
1574         * runtime/Arguments.cpp:
1575         (JSC::Arguments::markChildren):
1576         (JSC::Arguments::getOwnPropertySlot):
1577         (JSC::Arguments::getOwnPropertyDescriptor):
1578         (JSC::Arguments::put):
1579         * runtime/Arguments.h:
1580         (JSC::Arguments::setActivation):
1581         (JSC::Arguments::Arguments):
1582         * runtime/ArrayConstructor.cpp:
1583         (JSC::ArrayConstructor::ArrayConstructor):
1584         (JSC::constructArrayWithSizeQuirk):
1585         * runtime/ArrayPrototype.cpp:
1586         (JSC::arrayProtoFuncSplice):
1587         * runtime/BatchedTransitionOptimizer.h:
1588         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1589         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1590         * runtime/BooleanConstructor.cpp:
1591         (JSC::BooleanConstructor::BooleanConstructor):
1592         (JSC::constructBoolean):
1593         (JSC::constructBooleanFromImmediateBoolean):
1594         * runtime/BooleanPrototype.cpp:
1595         (JSC::BooleanPrototype::BooleanPrototype):
1596         * runtime/ConservativeSet.cpp:
1597         (JSC::ConservativeSet::grow):
1598         * runtime/ConservativeSet.h:
1599         (JSC::ConservativeSet::~ConservativeSet):
1600         (JSC::ConservativeSet::mark):
1601         * runtime/DateConstructor.cpp:
1602         (JSC::DateConstructor::DateConstructor):
1603         * runtime/DateInstance.cpp:
1604         (JSC::DateInstance::DateInstance):
1605         * runtime/DatePrototype.cpp:
1606         (JSC::dateProtoFuncSetTime):
1607         (JSC::setNewValueFromTimeArgs):
1608         (JSC::setNewValueFromDateArgs):
1609         (JSC::dateProtoFuncSetYear):
1610         * runtime/ErrorConstructor.cpp:
1611         (JSC::ErrorConstructor::ErrorConstructor):
1612         * runtime/ErrorInstance.cpp:
1613         (JSC::ErrorInstance::ErrorInstance):
1614         * runtime/ErrorPrototype.cpp:
1615         (JSC::ErrorPrototype::ErrorPrototype):
1616         * runtime/FunctionConstructor.cpp:
1617         (JSC::FunctionConstructor::FunctionConstructor):
1618         * runtime/FunctionPrototype.cpp:
1619         (JSC::FunctionPrototype::FunctionPrototype):
1620         * runtime/GetterSetter.cpp:
1621         (JSC::GetterSetter::markChildren):
1622         * runtime/GetterSetter.h:
1623         (JSC::GetterSetter::GetterSetter):
1624         (JSC::GetterSetter::getter):
1625         (JSC::GetterSetter::setGetter):
1626         (JSC::GetterSetter::setter):
1627         (JSC::GetterSetter::setSetter):
1628         * runtime/GlobalEvalFunction.cpp:
1629         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1630         (JSC::GlobalEvalFunction::markChildren):
1631         * runtime/GlobalEvalFunction.h:
1632         (JSC::GlobalEvalFunction::cachedGlobalObject):
1633         * runtime/Heap.cpp:
1634         (JSC::Heap::markProtectedObjects):
1635         (JSC::Heap::markTempSortVectors):
1636         (JSC::Heap::markRoots):
1637         * runtime/InternalFunction.cpp:
1638         (JSC::InternalFunction::InternalFunction):
1639         * runtime/JSAPIValueWrapper.h:
1640         (JSC::JSAPIValueWrapper::value):
1641         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1642         * runtime/JSActivation.cpp:
1643         (JSC::JSActivation::markChildren):
1644         (JSC::JSActivation::put):
1645         * runtime/JSArray.cpp:
1646         (JSC::JSArray::JSArray):
1647         (JSC::JSArray::getOwnPropertySlot):
1648         (JSC::JSArray::getOwnPropertyDescriptor):
1649         (JSC::JSArray::put):
1650         (JSC::JSArray::putSlowCase):
1651         (JSC::JSArray::deleteProperty):
1652         (JSC::JSArray::increaseVectorLength):
1653         (JSC::JSArray::setLength):
1654         (JSC::JSArray::pop):
1655         (JSC::JSArray::push):
1656         (JSC::JSArray::unshiftCount):
1657         (JSC::JSArray::sort):
1658         (JSC::JSArray::fillArgList):
1659         (JSC::JSArray::copyToRegisters):
1660         (JSC::JSArray::compactForSorting):
1661         * runtime/JSArray.h:
1662         (JSC::JSArray::getIndex):
1663         (JSC::JSArray::setIndex):
1664         (JSC::JSArray::uncheckedSetIndex):
1665         (JSC::JSArray::markChildrenDirect):
1666         * runtime/JSByteArray.cpp:
1667         (JSC::JSByteArray::JSByteArray):
1668         * runtime/JSCell.h:
1669         (JSC::JSCell::JSValue::toThisObject):
1670         (JSC::JSCell::MarkStack::append):
1671         * runtime/JSFunction.cpp:
1672         (JSC::JSFunction::JSFunction):
1673         (JSC::JSFunction::getOwnPropertySlot):
1674         * runtime/JSGlobalData.h:
1675         * runtime/JSGlobalObject.cpp:
1676         (JSC::markIfNeeded):
1677         (JSC::JSGlobalObject::reset):
1678         (JSC::JSGlobalObject::resetPrototype):
1679         (JSC::JSGlobalObject::markChildren):
1680         * runtime/JSGlobalObject.h:
1681         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1682         (JSC::JSGlobalObject::regExpConstructor):
1683         (JSC::JSGlobalObject::errorConstructor):
1684         (JSC::JSGlobalObject::evalErrorConstructor):
1685         (JSC::JSGlobalObject::rangeErrorConstructor):
1686         (JSC::JSGlobalObject::referenceErrorConstructor):
1687         (JSC::JSGlobalObject::syntaxErrorConstructor):
1688         (JSC::JSGlobalObject::typeErrorConstructor):
1689         (JSC::JSGlobalObject::URIErrorConstructor):
1690         (JSC::JSGlobalObject::evalFunction):
1691         (JSC::JSGlobalObject::objectPrototype):
1692         (JSC::JSGlobalObject::functionPrototype):
1693         (JSC::JSGlobalObject::arrayPrototype):
1694         (JSC::JSGlobalObject::booleanPrototype):
1695         (JSC::JSGlobalObject::stringPrototype):
1696         (JSC::JSGlobalObject::numberPrototype):
1697         (JSC::JSGlobalObject::datePrototype):
1698         (JSC::JSGlobalObject::regExpPrototype):
1699         (JSC::JSGlobalObject::methodCallDummy):
1700         (JSC::Structure::prototypeForLookup):
1701         (JSC::constructArray):
1702         * runtime/JSONObject.cpp:
1703         (JSC::Stringifier::Holder::object):
1704         (JSC::Stringifier::markAggregate):
1705         (JSC::Stringifier::stringify):
1706         (JSC::Stringifier::Holder::appendNextProperty):
1707         (JSC::Walker::callReviver):
1708         (JSC::Walker::walk):
1709         * runtime/JSObject.cpp:
1710         (JSC::JSObject::defineGetter):
1711         (JSC::JSObject::defineSetter):
1712         (JSC::JSObject::removeDirect):
1713         (JSC::JSObject::putDirectFunction):
1714         (JSC::JSObject::putDirectFunctionWithoutTransition):
1715         (JSC::putDescriptor):
1716         (JSC::JSObject::defineOwnProperty):
1717         * runtime/JSObject.h:
1718         (JSC::JSObject::getDirectOffset):
1719         (JSC::JSObject::putDirectOffset):
1720         (JSC::JSObject::flattenDictionaryObject):
1721         (JSC::JSObject::putDirectInternal):
1722         (JSC::JSObject::putDirect):
1723         (JSC::JSObject::putDirectFunction):
1724         (JSC::JSObject::putDirectWithoutTransition):
1725         (JSC::JSObject::putDirectFunctionWithoutTransition):
1726         (JSC::JSValue::putDirect):
1727         (JSC::JSObject::allocatePropertyStorageInline):
1728         (JSC::JSObject::markChildrenDirect):
1729         * runtime/JSPropertyNameIterator.cpp:
1730         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1731         (JSC::JSPropertyNameIterator::get):
1732         * runtime/JSPropertyNameIterator.h:
1733         * runtime/JSStaticScopeObject.cpp:
1734         (JSC::JSStaticScopeObject::markChildren):
1735         * runtime/JSString.cpp:
1736         (JSC::StringObject::create):
1737         * runtime/JSValue.h:
1738         * runtime/JSWrapperObject.cpp:
1739         (JSC::JSWrapperObject::markChildren):
1740         * runtime/JSWrapperObject.h:
1741         (JSC::JSWrapperObject::internalValue):
1742         (JSC::JSWrapperObject::setInternalValue):
1743         * runtime/LiteralParser.cpp:
1744         (JSC::LiteralParser::parse):
1745         * runtime/Lookup.cpp:
1746         (JSC::setUpStaticFunctionSlot):
1747         * runtime/Lookup.h:
1748         (JSC::lookupPut):
1749         * runtime/MarkStack.h:
1750         (JSC::MarkStack::appendValues):
1751         * runtime/MathObject.cpp:
1752         (JSC::MathObject::MathObject):
1753         * runtime/NativeErrorConstructor.cpp:
1754         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1755         * runtime/NativeErrorPrototype.cpp:
1756         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1757         * runtime/NumberConstructor.cpp:
1758         (JSC::NumberConstructor::NumberConstructor):
1759         (JSC::constructWithNumberConstructor):
1760         * runtime/NumberObject.cpp:
1761         (JSC::constructNumber):
1762         * runtime/NumberPrototype.cpp:
1763         (JSC::NumberPrototype::NumberPrototype):
1764         * runtime/ObjectConstructor.cpp:
1765         (JSC::ObjectConstructor::ObjectConstructor):
1766         (JSC::objectConstructorGetOwnPropertyDescriptor):
1767         * runtime/Operations.h:
1768         (JSC::normalizePrototypeChain):
1769         (JSC::resolveBase):
1770         * runtime/PrototypeFunction.cpp:
1771         (JSC::PrototypeFunction::PrototypeFunction):
1772         * runtime/PutPropertySlot.h:
1773         (JSC::PutPropertySlot::setExistingProperty):
1774         (JSC::PutPropertySlot::setNewProperty):
1775         (JSC::PutPropertySlot::base):
1776         * runtime/RegExpConstructor.cpp:
1777         (JSC::RegExpConstructor::RegExpConstructor):
1778         * runtime/ScopeChain.cpp:
1779         (JSC::ScopeChainNode::print):
1780         * runtime/ScopeChain.h:
1781         (JSC::ScopeChainNode::~ScopeChainNode):
1782         (JSC::ScopeChainIterator::operator*):
1783         (JSC::ScopeChainIterator::operator->):
1784         (JSC::ScopeChain::top):
1785         * runtime/ScopeChainMark.h:
1786         (JSC::ScopeChain::markAggregate):
1787         * runtime/SmallStrings.cpp:
1788         (JSC::isMarked):
1789         (JSC::SmallStrings::markChildren):
1790         * runtime/SmallStrings.h:
1791         (JSC::SmallStrings::emptyString):
1792         (JSC::SmallStrings::singleCharacterString):
1793         (JSC::SmallStrings::singleCharacterStrings):
1794         * runtime/StringConstructor.cpp:
1795         (JSC::StringConstructor::StringConstructor):
1796         * runtime/StringObject.cpp:
1797         (JSC::StringObject::StringObject):
1798         * runtime/StringObject.h:
1799         * runtime/StringPrototype.cpp:
1800         (JSC::StringPrototype::StringPrototype):
1801         * runtime/Structure.cpp:
1802         (JSC::Structure::Structure):
1803         (JSC::Structure::addPropertyTransition):
1804         (JSC::Structure::toDictionaryTransition):
1805         (JSC::Structure::flattenDictionaryStructure):
1806         * runtime/Structure.h:
1807         (JSC::Structure::storedPrototype):
1808         * runtime/WeakGCMap.h:
1809         (JSC::WeakGCMap::uncheckedGet):
1810         (JSC::WeakGCMap::isValid):
1811         (JSC::::get):
1812         (JSC::::take):
1813         (JSC::::set):
1814         (JSC::::uncheckedRemove):
1815         * runtime/WriteBarrier.h: Removed.
1816
1817 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
1818
1819         Reviewed by Geoff Garen.
1820
1821         https://bugs.webkit.org/show_bug.cgi?id=53352
1822         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
1823
1824         The FixedVMPoolAllocator currently uses a best fix policy -
1825         switch to first fit, this is less prone to external fragmentation.
1826
1827         * jit/ExecutableAllocatorFixedVMPool.cpp:
1828         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
1829         (JSC::AllocationTableSizeClass::blockSize):
1830         (JSC::AllocationTableSizeClass::blockCount):
1831         (JSC::AllocationTableSizeClass::blockAlignment):
1832         (JSC::AllocationTableSizeClass::size):
1833         (JSC::AllocationTableLeaf::AllocationTableLeaf):
1834         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
1835         (JSC::AllocationTableLeaf::allocate):
1836         (JSC::AllocationTableLeaf::free):
1837         (JSC::AllocationTableLeaf::isEmpty):
1838         (JSC::AllocationTableLeaf::isFull):
1839         (JSC::AllocationTableLeaf::size):
1840         (JSC::AllocationTableLeaf::classForSize):
1841         (JSC::AllocationTableLeaf::dump):
1842         (JSC::LazyAllocationTable::LazyAllocationTable):
1843         (JSC::LazyAllocationTable::~LazyAllocationTable):
1844         (JSC::LazyAllocationTable::allocate):
1845         (JSC::LazyAllocationTable::free):
1846         (JSC::LazyAllocationTable::isEmpty):
1847         (JSC::LazyAllocationTable::isFull):
1848         (JSC::LazyAllocationTable::size):
1849         (JSC::LazyAllocationTable::dump):
1850         (JSC::LazyAllocationTable::classForSize):
1851         (JSC::AllocationTableDirectory::AllocationTableDirectory):
1852         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
1853         (JSC::AllocationTableDirectory::allocate):
1854         (JSC::AllocationTableDirectory::free):
1855         (JSC::AllocationTableDirectory::isEmpty):
1856         (JSC::AllocationTableDirectory::isFull):
1857         (JSC::AllocationTableDirectory::size):
1858         (JSC::AllocationTableDirectory::classForSize):
1859         (JSC::AllocationTableDirectory::dump):
1860         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1861         (JSC::FixedVMPoolAllocator::alloc):
1862         (JSC::FixedVMPoolAllocator::free):
1863         (JSC::FixedVMPoolAllocator::allocated):
1864         (JSC::FixedVMPoolAllocator::isValid):
1865         (JSC::FixedVMPoolAllocator::classForSize):
1866         (JSC::FixedVMPoolAllocator::offsetToPointer):
1867         (JSC::FixedVMPoolAllocator::pointerToOffset):
1868         (JSC::ExecutableAllocator::committedByteCount):
1869         (JSC::ExecutableAllocator::isValid):
1870         (JSC::ExecutableAllocator::underMemoryPressure):
1871         (JSC::ExecutablePool::systemAlloc):
1872         (JSC::ExecutablePool::systemRelease):
1873         * wtf/PageReservation.h:
1874         (WTF::PageReservation::PageReservation):
1875         (WTF::PageReservation::commit):
1876         (WTF::PageReservation::decommit):
1877         (WTF::PageReservation::committed):
1878
1879 2011-01-27  Oliver Hunt  <oliver@apple.com>
1880
1881         Reviewed by Geoffrey Garen.
1882
1883         Convert markstack to a slot visitor API
1884         https://bugs.webkit.org/show_bug.cgi?id=53219
1885
1886         Move the MarkStack over to a slot based marking API.
1887
1888         In order to avoiding aliasing concerns there are two new types
1889         that need to be used when holding on to JSValues and JSCell that
1890         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
1891         is expected to be used for any JSValue or Cell that's lifetime and
1892         marking is controlled by another GC object.  DeprecatedPtr is used
1893         for any value that we need to rework ownership for.
1894
1895         The change over to this model has produced a large amount of
1896         code changes, but they are mostly mechanical (forwarding JSGlobalData,
1897         etc).
1898
1899         * API/JSCallbackObject.h:
1900         (JSC::JSCallbackObjectData::setPrivateProperty):
1901         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1902         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1903         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1904         (JSC::JSCallbackObject::setPrivateProperty):
1905         * API/JSCallbackObjectFunctions.h:
1906         (JSC::::put):
1907         (JSC::::staticFunctionGetter):
1908         * API/JSObjectRef.cpp:
1909         (JSObjectMakeConstructor):
1910         (JSObjectSetPrivateProperty):
1911         * API/JSWeakObjectMapRefInternal.h:
1912         * JavaScriptCore.exp:
1913         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1914         * JavaScriptCore.xcodeproj/project.pbxproj:
1915         * bytecode/CodeBlock.cpp:
1916         (JSC::CodeBlock::markAggregate):
1917         * bytecode/CodeBlock.h:
1918         (JSC::CodeBlock::globalObject):
1919         * bytecompiler/BytecodeGenerator.cpp:
1920         (JSC::BytecodeGenerator::BytecodeGenerator):
1921         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1922         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1923         (JSC::BytecodeGenerator::findScopedProperty):
1924         * debugger/DebuggerActivation.cpp:
1925         (JSC::DebuggerActivation::DebuggerActivation):
1926         (JSC::DebuggerActivation::markChildren):
1927         * debugger/DebuggerActivation.h:
1928         * interpreter/Interpreter.cpp:
1929         (JSC::Interpreter::resolve):
1930         (JSC::Interpreter::resolveSkip):
1931         (JSC::Interpreter::resolveGlobalDynamic):
1932         (JSC::Interpreter::resolveBaseAndProperty):
1933         (JSC::Interpreter::unwindCallFrame):
1934         (JSC::appendSourceToError):
1935         (JSC::Interpreter::execute):
1936         (JSC::Interpreter::privateExecute):
1937         * interpreter/Register.h:
1938         (JSC::Register::jsValueSlot):
1939         * jit/JITStubs.cpp:
1940         (JSC::JITThunks::tryCacheGetByID):
1941         (JSC::DEFINE_STUB_FUNCTION):
1942         * jsc.cpp:
1943         (GlobalObject::GlobalObject):
1944         * runtime/Arguments.cpp:
1945         (JSC::Arguments::markChildren):
1946         (JSC::Arguments::getOwnPropertySlot):
1947         (JSC::Arguments::getOwnPropertyDescriptor):
1948         (JSC::Arguments::put):
1949         * runtime/Arguments.h:
1950         (JSC::Arguments::setActivation):
1951         (JSC::Arguments::Arguments):
1952         * runtime/ArrayConstructor.cpp:
1953         (JSC::ArrayConstructor::ArrayConstructor):
1954         (JSC::constructArrayWithSizeQuirk):
1955         * runtime/ArrayPrototype.cpp:
1956         (JSC::arrayProtoFuncSplice):
1957         * runtime/BatchedTransitionOptimizer.h:
1958         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1959         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1960         * runtime/BooleanConstructor.cpp:
1961         (JSC::BooleanConstructor::BooleanConstructor):
1962         (JSC::constructBoolean):
1963         (JSC::constructBooleanFromImmediateBoolean):
1964         * runtime/BooleanPrototype.cpp:
1965         (JSC::BooleanPrototype::BooleanPrototype):
1966         * runtime/ConservativeSet.h:
1967         (JSC::ConservativeSet::mark):
1968         * runtime/DateConstructor.cpp:
1969         (JSC::DateConstructor::DateConstructor):
1970         * runtime/DateInstance.cpp:
1971         (JSC::DateInstance::DateInstance):
1972         * runtime/DatePrototype.cpp:
1973         (JSC::dateProtoFuncSetTime):
1974         (JSC::setNewValueFromTimeArgs):
1975         (JSC::setNewValueFromDateArgs):
1976         (JSC::dateProtoFuncSetYear):
1977         * runtime/ErrorConstructor.cpp:
1978         (JSC::ErrorConstructor::ErrorConstructor):
1979         * runtime/ErrorInstance.cpp:
1980         (JSC::ErrorInstance::ErrorInstance):
1981         * runtime/ErrorPrototype.cpp:
1982         (JSC::ErrorPrototype::ErrorPrototype):
1983         * runtime/FunctionConstructor.cpp:
1984         (JSC::FunctionConstructor::FunctionConstructor):
1985         * runtime/FunctionPrototype.cpp:
1986         (JSC::FunctionPrototype::FunctionPrototype):
1987         * runtime/GetterSetter.cpp:
1988         (JSC::GetterSetter::markChildren):
1989         * runtime/GetterSetter.h:
1990         (JSC::GetterSetter::GetterSetter):
1991         (JSC::GetterSetter::getter):
1992         (JSC::GetterSetter::setGetter):
1993         (JSC::GetterSetter::setter):
1994         (JSC::GetterSetter::setSetter):
1995         * runtime/GlobalEvalFunction.cpp:
1996         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1997         (JSC::GlobalEvalFunction::markChildren):
1998         * runtime/GlobalEvalFunction.h:
1999         (JSC::GlobalEvalFunction::cachedGlobalObject):
2000         * runtime/Heap.cpp:
2001         (JSC::Heap::markProtectedObjects):
2002         (JSC::Heap::markTempSortVectors):
2003         (JSC::Heap::markRoots):
2004         * runtime/InternalFunction.cpp:
2005         (JSC::InternalFunction::InternalFunction):
2006         * runtime/JSAPIValueWrapper.h:
2007         (JSC::JSAPIValueWrapper::value):
2008         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2009         * runtime/JSActivation.cpp:
2010         (JSC::JSActivation::put):
2011         * runtime/JSArray.cpp:
2012         (JSC::JSArray::JSArray):
2013         (JSC::JSArray::getOwnPropertySlot):
2014         (JSC::JSArray::getOwnPropertyDescriptor):
2015         (JSC::JSArray::put):
2016         (JSC::JSArray::putSlowCase):
2017         (JSC::JSArray::deleteProperty):
2018         (JSC::JSArray::increaseVectorLength):
2019         (JSC::JSArray::setLength):
2020         (JSC::JSArray::pop):
2021         (JSC::JSArray::push):
2022         (JSC::JSArray::unshiftCount):
2023         (JSC::JSArray::sort):
2024         (JSC::JSArray::fillArgList):
2025         (JSC::JSArray::copyToRegisters):
2026         (JSC::JSArray::compactForSorting):
2027         * runtime/JSArray.h:
2028         (JSC::JSArray::getIndex):
2029         (JSC::JSArray::setIndex):
2030         (JSC::JSArray::uncheckedSetIndex):
2031         (JSC::JSArray::markChildrenDirect):
2032         * runtime/JSByteArray.cpp:
2033         (JSC::JSByteArray::JSByteArray):
2034         * runtime/JSCell.h:
2035         (JSC::JSCell::MarkStack::append):
2036         (JSC::JSCell::MarkStack::appendCell):
2037         * runtime/JSFunction.cpp:
2038         (JSC::JSFunction::JSFunction):
2039         (JSC::JSFunction::getOwnPropertySlot):
2040         * runtime/JSGlobalObject.cpp:
2041         (JSC::markIfNeeded):
2042         (JSC::JSGlobalObject::reset):
2043         (JSC::JSGlobalObject::resetPrototype):
2044         (JSC::JSGlobalObject::markChildren):
2045         * runtime/JSGlobalObject.h:
2046         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2047         (JSC::JSGlobalObject::regExpConstructor):
2048         (JSC::JSGlobalObject::errorConstructor):
2049         (JSC::JSGlobalObject::evalErrorConstructor):
2050         (JSC::JSGlobalObject::rangeErrorConstructor):
2051         (JSC::JSGlobalObject::referenceErrorConstructor):
2052         (JSC::JSGlobalObject::syntaxErrorConstructor):
2053         (JSC::JSGlobalObject::typeErrorConstructor):
2054         (JSC::JSGlobalObject::URIErrorConstructor):
2055         (JSC::JSGlobalObject::evalFunction):
2056         (JSC::JSGlobalObject::objectPrototype):
2057         (JSC::JSGlobalObject::functionPrototype):
2058         (JSC::JSGlobalObject::arrayPrototype):
2059         (JSC::JSGlobalObject::booleanPrototype):
2060         (JSC::JSGlobalObject::stringPrototype):
2061         (JSC::JSGlobalObject::numberPrototype):
2062         (JSC::JSGlobalObject::datePrototype):
2063         (JSC::JSGlobalObject::regExpPrototype):
2064         (JSC::JSGlobalObject::methodCallDummy):
2065         (JSC::constructArray):
2066         * runtime/JSONObject.cpp:
2067         (JSC::Stringifier::Holder::object):
2068         (JSC::Stringifier::Holder::objectSlot):
2069         (JSC::Stringifier::markAggregate):
2070         (JSC::Stringifier::stringify):
2071         (JSC::Stringifier::Holder::appendNextProperty):
2072         (JSC::Walker::callReviver):
2073         (JSC::Walker::walk):
2074         * runtime/JSObject.cpp:
2075         (JSC::JSObject::defineGetter):
2076         (JSC::JSObject::defineSetter):
2077         (JSC::JSObject::removeDirect):
2078         (JSC::JSObject::putDirectFunction):
2079         (JSC::JSObject::putDirectFunctionWithoutTransition):
2080         (JSC::putDescriptor):
2081         (JSC::JSObject::defineOwnProperty):
2082         * runtime/JSObject.h:
2083         (JSC::JSObject::putDirectOffset):
2084         (JSC::JSObject::putUndefinedAtDirectOffset):
2085         (JSC::JSObject::flattenDictionaryObject):
2086         (JSC::JSObject::putDirectInternal):
2087         (JSC::JSObject::putDirect):
2088         (JSC::JSObject::putDirectFunction):
2089         (JSC::JSObject::putDirectWithoutTransition):
2090         (JSC::JSObject::putDirectFunctionWithoutTransition):
2091         (JSC::JSValue::putDirect):
2092         (JSC::JSObject::allocatePropertyStorageInline):
2093         (JSC::JSObject::markChildrenDirect):
2094         * runtime/JSStaticScopeObject.cpp:
2095         (JSC::JSStaticScopeObject::markChildren):
2096         * runtime/JSString.cpp:
2097         (JSC::StringObject::create):
2098         * runtime/JSValue.h:
2099         * runtime/JSWrapperObject.cpp:
2100         (JSC::JSWrapperObject::markChildren):
2101         * runtime/JSWrapperObject.h:
2102         (JSC::JSWrapperObject::internalValue):
2103         (JSC::JSWrapperObject::setInternalValue):
2104         * runtime/LiteralParser.cpp:
2105         (JSC::LiteralParser::parse):
2106         * runtime/Lookup.cpp:
2107         (JSC::setUpStaticFunctionSlot):
2108         * runtime/Lookup.h:
2109         (JSC::lookupPut):
2110         * runtime/MarkStack.h:
2111         * runtime/MathObject.cpp:
2112         (JSC::MathObject::MathObject):
2113         * runtime/NativeErrorConstructor.cpp:
2114         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2115         * runtime/NativeErrorPrototype.cpp:
2116         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2117         * runtime/NumberConstructor.cpp:
2118         (JSC::NumberConstructor::NumberConstructor):
2119         (JSC::constructWithNumberConstructor):
2120         * runtime/NumberObject.cpp:
2121         (JSC::constructNumber):
2122         * runtime/NumberPrototype.cpp:
2123         (JSC::NumberPrototype::NumberPrototype):
2124         * runtime/ObjectConstructor.cpp:
2125         (JSC::ObjectConstructor::ObjectConstructor):
2126         (JSC::objectConstructorGetOwnPropertyDescriptor):
2127         * runtime/Operations.h:
2128         (JSC::normalizePrototypeChain):
2129         (JSC::resolveBase):
2130         * runtime/PrototypeFunction.cpp:
2131         (JSC::PrototypeFunction::PrototypeFunction):
2132         * runtime/PutPropertySlot.h:
2133         (JSC::PutPropertySlot::setExistingProperty):
2134         (JSC::PutPropertySlot::setNewProperty):
2135         (JSC::PutPropertySlot::base):
2136         * runtime/RegExpConstructor.cpp:
2137         (JSC::RegExpConstructor::RegExpConstructor):
2138         * runtime/ScopeChain.cpp:
2139         (JSC::ScopeChainNode::print):
2140         * runtime/ScopeChain.h:
2141         (JSC::ScopeChainNode::~ScopeChainNode):
2142         (JSC::ScopeChainIterator::operator*):
2143         (JSC::ScopeChainIterator::operator->):
2144         (JSC::ScopeChain::top):
2145         * runtime/ScopeChainMark.h:
2146         (JSC::ScopeChain::markAggregate):
2147         * runtime/SmallStrings.cpp:
2148         (JSC::isMarked):
2149         (JSC::SmallStrings::markChildren):
2150         * runtime/SmallStrings.h:
2151         (JSC::SmallStrings::emptyString):
2152         (JSC::SmallStrings::singleCharacterString):
2153         (JSC::SmallStrings::singleCharacterStrings):
2154         * runtime/StringConstructor.cpp:
2155         (JSC::StringConstructor::StringConstructor):
2156         * runtime/StringObject.cpp:
2157         (JSC::StringObject::StringObject):
2158         * runtime/StringObject.h:
2159         * runtime/StringPrototype.cpp:
2160         (JSC::StringPrototype::StringPrototype):
2161         * runtime/Structure.cpp:
2162         (JSC::Structure::flattenDictionaryStructure):
2163         * runtime/Structure.h:
2164         (JSC::Structure::storedPrototypeSlot):
2165         * runtime/WeakGCMap.h:
2166         (JSC::WeakGCMap::uncheckedGet):
2167         (JSC::WeakGCMap::uncheckedGetSlot):
2168         (JSC::::get):
2169         (JSC::::take):
2170         (JSC::::set):
2171         (JSC::::uncheckedRemove):
2172         * runtime/WriteBarrier.h: Added.
2173         (JSC::DeprecatedPtr::DeprecatedPtr):
2174         (JSC::DeprecatedPtr::get):
2175         (JSC::DeprecatedPtr::operator*):
2176         (JSC::DeprecatedPtr::operator->):
2177         (JSC::DeprecatedPtr::slot):
2178         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2179         (JSC::DeprecatedPtr::operator!):
2180         (JSC::WriteBarrierBase::set):
2181         (JSC::WriteBarrierBase::get):
2182         (JSC::WriteBarrierBase::operator*):
2183         (JSC::WriteBarrierBase::operator->):
2184         (JSC::WriteBarrierBase::slot):
2185         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2186         (JSC::WriteBarrierBase::operator!):
2187         (JSC::WriteBarrier::WriteBarrier):
2188         (JSC::operator==):
2189
2190 2011-01-28  Adam Roben  <aroben@apple.com>
2191
2192         Chromium build fix after r76967
2193
2194         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
2195         similar macros in this file.
2196
2197 2011-01-28  Michael Saboff  <msaboff@apple.com>
2198
2199         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2200         https://bugs.webkit.org/show_bug.cgi?id=53271
2201
2202         Reapplying this this change.  No change from prior patch in
2203         JavaScriptCore.
2204
2205         Added new isValid() methods to check if a contained object in
2206         a WeakGCMap is valid when using an unchecked iterator.
2207
2208         * runtime/WeakGCMap.h:
2209         (JSC::WeakGCMap::isValid):
2210
2211 2011-01-27  Adam Roben  <aroben@apple.com>
2212
2213         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
2214         function
2215
2216         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
2217         Win32 event
2218
2219         Reviewed by Dave Hyatt.
2220
2221         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
2222
2223         * wtf/ThreadingPrimitives.h: Declare the new function.
2224
2225         * wtf/ThreadingWin.cpp:
2226         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
2227         interval from here...
2228         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
2229
2230 2011-01-28  Sam Weinig  <sam@webkit.org>
2231
2232         Reviewed by Maciej Stachowiak.
2233
2234         Add basic rubber banding support
2235         <rdar://problem/8219429>
2236         https://bugs.webkit.org/show_bug.cgi?id=53277
2237
2238         * wtf/Platform.h: Add ENABLE for rubber banding.
2239
2240 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2241
2242         Unreviewed, rolling out r76893.
2243         http://trac.webkit.org/changeset/76893
2244         https://bugs.webkit.org/show_bug.cgi?id=53287
2245
2246         It made some tests crash on GTK and Qt debug bots (Requested
2247         by Ossy on #webkit).
2248
2249         * runtime/WeakGCMap.h:
2250
2251 2011-01-27  Adam Barth  <abarth@webkit.org>
2252
2253         Reviewed by Eric Seidel.
2254
2255         Add WTFString method to compare equality with Vector<UChar>
2256         https://bugs.webkit.org/show_bug.cgi?id=53266
2257
2258         I'm planning to use this method in the new XSS filter implementation,
2259         but it seems generally useful.
2260
2261         * wtf/text/StringImpl.h:
2262         (WTF::equalIgnoringNullity):
2263         * wtf/text/WTFString.h:
2264         (WTF::equalIgnoringNullity):
2265
2266 2011-01-27  Michael Saboff  <msaboff@apple.com>
2267
2268         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2269         https://bugs.webkit.org/show_bug.cgi?id=53271
2270
2271         Added new isValid() methods to check if a contained object in
2272         a WeakGCMap is valid when using an unchecked iterator.
2273
2274         * runtime/WeakGCMap.h:
2275         (JSC::WeakGCMap::isValid):
2276
2277 2011-01-26  Sam Weinig  <sam@webkit.org>
2278
2279         Reviewed by Maciej Stachowiak.
2280
2281         Add events to represent the start/end of a gesture scroll
2282         https://bugs.webkit.org/show_bug.cgi?id=53215
2283
2284         * wtf/Platform.h: Add ENABLE for gesture events. 
2285
2286 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
2287
2288         Reviewed by Laszlo Gombos.
2289
2290         [Qt][Symbian] Fix --minimal build
2291         https://bugs.webkit.org/show_bug.cgi?id=52839
2292
2293         Move definition of USE_SYSTEM_MALLOC out of pri file.
2294         Put it in platform.h instead.
2295
2296         * wtf/Platform.h:
2297         * wtf/TCSystemAlloc.cpp:
2298         * wtf/wtf.pri:
2299
2300 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
2301
2302         Reviewed by Andreas Kling.
2303
2304         [WINCE] Add JIT support to build system
2305         https://bugs.webkit.org/show_bug.cgi?id=53079
2306
2307         * CMakeListsWinCE.txt:
2308
2309 2011-01-25  Adam Roben  <aroben@apple.com>
2310
2311         Windows Production build fix
2312
2313         Reviewed by Steve Falkenburg.
2314
2315         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
2316         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
2317         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
2318
2319 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
2320
2321         Rubber-stamped by Adam Roben.
2322
2323         Windows production build fix.
2324         Use correct environment variable escaping
2325
2326         * JavaScriptCore.vcproj/JavaScriptCore.make:
2327         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2328
2329 2011-01-25  Oliver Hunt  <oliver@apple.com>
2330
2331         Reviewed by Gavin Barraclough.
2332
2333         JSON.stringify processing time exponentially grows with size of object
2334         https://bugs.webkit.org/show_bug.cgi?id=51922
2335
2336         Remove last use of reserveCapacity from JSON stringification, as it results
2337         in appalling append behaviour when there are a large number of property names
2338         and nothing else.
2339
2340         * runtime/JSONObject.cpp:
2341         (JSC::Stringifier::appendQuotedString):
2342
2343 2011-01-25  Antti Koivisto  <antti@apple.com>
2344
2345         Not reviewed.
2346         
2347         Try to fix windows build.
2348
2349         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2350
2351 2011-01-25  Antti Koivisto  <antti@apple.com>
2352
2353         Reviewed by Oliver Hunt.
2354
2355         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
2356         https://bugs.webkit.org/show_bug.cgi?id=53061
2357          
2358         Cache did not know about the subclass so failed to fully delete the items. 
2359         Got rid of the subclass and moved the classes to separate files.
2360
2361         * CMakeLists.txt:
2362         * GNUmakefile.am:
2363         * JavaScriptCore.exp:
2364         * JavaScriptCore.gypi:
2365         * JavaScriptCore.pro:
2366         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2367         * JavaScriptCore.xcodeproj/project.pbxproj:
2368         * parser/JSParser.cpp:
2369         (JSC::JSParser::Scope::saveFunctionInfo):
2370         (JSC::JSParser::Scope::restoreFunctionInfo):
2371         (JSC::JSParser::findCachedFunctionInfo):
2372         (JSC::JSParser::parseFunctionInfo):
2373         * parser/SourceProvider.h:
2374         * parser/SourceProviderCache.cpp: Added.
2375         (JSC::SourceProviderCache::~SourceProviderCache):
2376         (JSC::SourceProviderCache::byteSize):
2377         * parser/SourceProviderCache.h: Added.
2378         (JSC::SourceProviderCache::SourceProviderCache):
2379         (JSC::SourceProviderCache::add):
2380         (JSC::SourceProviderCache::get):
2381         * parser/SourceProviderCacheItem.h: Added.
2382         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
2383         (JSC::SourceProviderCacheItem::approximateByteSize):
2384         (JSC::SourceProviderCacheItem::closeBraceToken):
2385
2386 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
2387
2388         Reviewed by Darin Adler.
2389
2390         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
2391         statement
2392         https://bugs.webkit.org/show_bug.cgi?id=53087.
2393
2394         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
2395         with a "return" so that the code is more readable and less error pro
2396         (e.g., "else" doesn't use braces so adding extra lines to the else
2397         block won't have any effect; even worse, code still compiles
2398         successfully.
2399
2400         * wtf/Assertions.cpp:
2401
2402 2011-01-24  Chris Marrin  <cmarrin@apple.com>
2403
2404         Reviewed by Eric Seidel.
2405
2406         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
2407         https://bugs.webkit.org/show_bug.cgi?id=53041
2408
2409         * Configurations/FeatureDefines.xcconfig:
2410
2411 2011-01-25  Adam Roben  <aroben@apple.com>
2412
2413         Windows Production build fix
2414
2415         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
2416
2417 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
2418
2419         Reviewed by Eric Seidel.
2420
2421         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
2422         https://bugs.webkit.org/show_bug.cgi?id=52949
2423
2424         * jit/JITStubs.cpp:
2425
2426 2011-01-24  Adam Roben  <aroben@apple.com>
2427
2428         Windows Production build fix
2429
2430         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
2431
2432 2011-01-24  Peter Varga  <pvarga@webkit.org>
2433
2434         Reviewed by Oliver Hunt.
2435
2436         Optimize regex patterns which contain empty alternatives
2437         https://bugs.webkit.org/show_bug.cgi?id=51395
2438
2439         Eliminate the empty alternatives from the regex pattern and convert it to do
2440         the matching in an easier way.
2441
2442         * yarr/YarrPattern.cpp:
2443         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2444
2445 2011-01-24  Andras Becsi  <abecsi@webkit.org>
2446
2447         Reviewed by Csaba Osztrogonác.
2448
2449         [Qt] Move project files into Source
2450         https://bugs.webkit.org/show_bug.cgi?id=52891
2451
2452         * JavaScriptCore.pri:
2453         * JavaScriptCore.pro:
2454         * jsc.pro:
2455
2456 2011-01-23  Mark Rowe  <mrowe@apple.com>
2457
2458         Follow-up to r76477.
2459
2460         Fix the scripts that detect problematic code such as static initializers
2461         and destructors, weak vtables, inappropriate files in the framework wrappers,
2462         and public headers including private headers. These had all been broken
2463         since the projects were moved in to the Source directory as the paths to the
2464         scripts were not updated at that time.
2465
2466         * JavaScriptCore.xcodeproj/project.pbxproj:
2467
2468 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2469
2470         Reviewed by Darin Adler.
2471
2472         Use WTF::StringHasher in WebCore
2473         https://bugs.webkit.org/show_bug.cgi?id=52934
2474
2475         Add an additional function to calculate the hash
2476         of data with a runtimedependent size.
2477
2478         * wtf/StringHasher.h:
2479         (WTF::StringHasher::createBlobHash):
2480
2481 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2482
2483         Reviewed by David Kilzer.
2484
2485         Fix comment in String::ascii()
2486         https://bugs.webkit.org/show_bug.cgi?id=52980
2487
2488         * wtf/text/WTFString.cpp:
2489         (WTF::String::ascii):
2490
2491 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2492
2493         Reviewed by David Kilzer.
2494
2495         Add String::containsOnlyLatin1()
2496         https://bugs.webkit.org/show_bug.cgi?id=52979
2497
2498         * wtf/text/WTFString.h:
2499         (WTF::String::containsOnlyLatin1):
2500         (WTF::charactersAreAllLatin1):
2501
2502 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2503
2504         Reviewed by Oliver Hunt.
2505
2506         Remove obsolete JSVALUE32 code
2507         https://bugs.webkit.org/show_bug.cgi?id=52948
2508
2509         r70111 removed support for JSVALUE32.
2510         ARM, MIPS and X86 support JSVALUE32_64 only.
2511
2512         * jit/JITStubs.cpp:
2513
2514 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2515
2516         Reviewed by Dan Bernstein.
2517
2518         ASSERT running run-webkit-tests --threaded.
2519         https://bugs.webkit.org/show_bug.cgi?id=52971
2520         
2521         SunSpider and v8 report no change.
2522
2523         * runtime/ConservativeSet.cpp:
2524         (JSC::ConservativeSet::grow):
2525         (JSC::ConservativeSet::add):
2526         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
2527         the growth policy to 2X, to make SunSpider and v8 happy.
2528         (JSC::ConservativeSet::ConservativeSet):
2529         (JSC::ConservativeSet::~ConservativeSet):
2530         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
2531         Malloc is forbidden during a multi-threaded mark phase because it can
2532         cause deadlock.
2533
2534 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2535
2536         Reviewed by Geoffrey Garen.
2537
2538         Rubber-stamped by Maciej Stachowiak.
2539
2540         A few of Maciej's review suggestions for my last patch.
2541         https://bugs.webkit.org/show_bug.cgi?id=52946        
2542
2543         SunSpider reports no change.
2544
2545         * Android.mk:
2546         * CMakeLists.txt:
2547         * GNUmakefile.am:
2548         * JavaScriptCore.gypi:
2549         * JavaScriptCore.pro:
2550         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2551         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
2552
2553         * runtime/ConservativeSet.cpp: Added.
2554         (JSC::isPointerAligned):
2555         (JSC::ConservativeSet::add):
2556         * runtime/ConservativeSet.h: Added.
2557         (JSC::ConservativeSet::ConservativeSet):
2558         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
2559         file, and moved the conservative check into ConservativeSet::add, making
2560         ConservativeSet's responsibility clearer.
2561
2562         * runtime/Heap.cpp:
2563         (JSC::Heap::markRoots):
2564         * runtime/MachineStackMarker.cpp:
2565         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2566         (JSC::MachineStackMarker::markOtherThreadConservatively):
2567         * runtime/MachineStackMarker.h:
2568         * runtime/MarkStack.h: Updated for changes above.
2569
2570 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
2571
2572         Unreviewed WinCE build fix for r76430.
2573
2574         * runtime/MachineStackMarker.cpp:
2575         (JSC::swapIfBackwards):
2576
2577 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2578
2579         Reviewed by Beth Dakin.
2580
2581         Reorganized MarkedSpace, making many of its functions private.
2582
2583         * runtime/JSCell.h:
2584         (JSC::JSCell::Heap::heap):
2585         * runtime/MarkedSpace.h:
2586         (JSC::MarkedSpace::globalData):
2587         (JSC::MarkedSpace::heap):
2588
2589 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2590
2591         Try to fix build: moved helper function out of #ifdef.
2592
2593         * runtime/MachineStackMarker.cpp:
2594         (JSC::swapIfBackwards):
2595
2596 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2597
2598         Rubber-stamped by Maciej Stachowiak.
2599
2600         A few of Maciej's review suggestions for my last patch.
2601         https://bugs.webkit.org/show_bug.cgi?id=52946        
2602
2603         SunSpider reports no change.
2604
2605         * runtime/MachineStackMarker.cpp:
2606         (JSC::swapIfBackwards): Added a helper function for handling platforms
2607         where the stack can grow in any direction.
2608
2609         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2610         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
2611         function.
2612
2613         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
2614
2615         (JSC::MachineStackMarker::markConservatively): Changed to use a more
2616         standard looping idiom, and to use the helper function above.
2617
2618         * runtime/MarkedSpace.h:
2619         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
2620
2621 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2622
2623         Reviewed by Maciej Stachowiak.
2624
2625         Cleaned up some conservative marking code.
2626         https://bugs.webkit.org/show_bug.cgi?id=52946
2627         
2628         SunSpider reports no change.
2629
2630         * interpreter/RegisterFile.h: No need for a special marking function,
2631         since we already expose a start() and end().
2632
2633         * runtime/Heap.cpp:
2634         (JSC::Heap::registerFile):
2635         (JSC::Heap::markRoots):
2636         * runtime/Heap.h:
2637         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
2638         marker class. Now, Heap just provides a contains() function, which the
2639         machine stack marker uses for checking whether a pointer points into the heap.
2640
2641         * runtime/MachineStackMarker.cpp:
2642         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2643         (JSC::MachineStackMarker::markOtherThreadConservatively):
2644         (JSC::isPointerAligned):
2645         (JSC::MachineStackMarker::markConservatively):
2646         * runtime/MachineStackMarker.h: Move the conservative marking code here.
2647
2648         * runtime/MarkStack.h:
2649         (JSC::ConservativeSet::add):
2650         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
2651         set. Vector seems to be a bit faster, and it generates smaller code.
2652
2653         * runtime/MarkedSpace.cpp:
2654         (JSC::MarkedSpace::containsSlowCase):
2655         * runtime/MarkedSpace.h:
2656         (JSC::MarkedSpace::isCellAligned):
2657         (JSC::MarkedSpace::isPossibleCell):
2658         (JSC::MarkedSpace::contains): Kept the code for determining whether a
2659         pointer pointed into marked space, and moved the code for marking
2660         a set of conservative pointers into the machine stack marker.
2661
2662         * wtf/HashSet.h:
2663         (WTF::::add): Added two missing inlines that I noticed while testing
2664         vector vs hash set.
2665
2666 2011-01-21  Mark Rowe  <mrowe@apple.com>
2667
2668         Reviewed by Sam Weinig.
2669
2670         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
2671         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
2672
2673         * wtf/PageAllocation.h:
2674         (WTF::PageAllocation::operator bool):
2675         * wtf/PageReservation.h:
2676         (WTF::PageReservation::operator bool):
2677
2678 2011-01-21  Michael Saboff  <msaboff@apple.com>
2679
2680         Reviewed by Oliver Hunt.
2681
2682         [RegexFuzz] Hang with forward assertion
2683         https://bugs.webkit.org/show_bug.cgi?id=52825
2684         <rdar://problem/8894332>
2685
2686         The backtrackTo label from the first term in a list of terms is
2687         being overwritten by processing of subsequent terms.  Changed
2688         copyBacktrackToLabel() to check for an existing bcaktrackTo label
2689         before copying and renamed it to propagateBacktrackToLabel() since
2690         it no longer copies.
2691
2692         * yarr/YarrJIT.cpp:
2693         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
2694         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
2695
2696 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2697
2698         Reviewed by Sam Weinig.
2699
2700         Moved the mark stack from global data to the heap, since it pertains
2701         to the heap, and not the virtual machine as a whole.
2702         https://bugs.webkit.org/show_bug.cgi?id=52930
2703         
2704         SunSpider reports no change.
2705
2706         * runtime/Heap.cpp:
2707         (JSC::Heap::Heap):
2708         (JSC::Heap::markRoots):
2709         * runtime/Heap.h:
2710         * runtime/JSGlobalData.cpp:
2711         (JSC::JSGlobalData::JSGlobalData):
2712         * runtime/JSGlobalData.h:
2713
2714 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
2715
2716         Reviewed by Darin Adler.
2717
2718         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
2719         https://bugs.webkit.org/show_bug.cgi?id=52814
2720
2721         Get the approximateByteSize value before releasing the OwnPtr.
2722
2723         * parser/JSParser.cpp:
2724         (JSC::JSParser::parseFunctionInfo):
2725
2726 2011-01-21  Xan Lopez  <xlopez@igalia.com>
2727
2728         Reviewed by Martin Robinson.
2729
2730         Remove unnecessary <stdio.h> include
2731         https://bugs.webkit.org/show_bug.cgi?id=52884
2732
2733         * jit/JIT.cpp: remove unnecessary include.
2734
2735 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
2736
2737         Reviewed by Maciej Stachowiak.
2738
2739         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
2740
2741         * wtf/OwnArrayPtr.h:
2742
2743 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
2744
2745         Reviewed by Oliver Hunt.
2746
2747         [WINCE] Remove obsolete JSVALUE32 code
2748         https://bugs.webkit.org/show_bug.cgi?id=52450
2749
2750         Remove the "offset hack" in create_jit_stubs, since we
2751         only support JSVALUE32_64 in the meantime.
2752
2753         * create_jit_stubs: Removed offset argument
2754         * jit/JITStubs.cpp:
2755
2756 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
2757
2758         Reviewed by Oliver Hunt.
2759
2760         When marking conservatively, guard against reviving dead objects.
2761         https://bugs.webkit.org/show_bug.cgi?id=52840
2762         
2763         SunSpider and v8 say no change.
2764
2765         * interpreter/RegisterFile.h:
2766         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
2767
2768         * runtime/Heap.cpp:
2769         (JSC::Heap::recordExtraCost): No need to guard against conservative
2770         marking reviving dead objects anymore, since the conservative marking
2771         mechanism guards against this now.
2772
2773         (JSC::Heap::markConservatively):
2774         (JSC::Heap::markProtectedObjects):
2775         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
2776         marking function. We want to establish a separation of concerns between
2777         visiting roots and draining the mark stack.
2778
2779         (JSC::Heap::markRoots): Gather the set of conservative references before
2780         clearning mark bits, because conservative marking now uses the mark bits
2781         to determine if a reference is valid, and avoid reviving dead objects.
2782
2783         (JSC::Heap::collectAllGarbage): No need to guard against conservative
2784         marking reviving dead objects anymore, since the conservative marking
2785         mechanism guards against this now.
2786
2787         * runtime/Heap.h: Updated to use the ConservativeSet API.
2788
2789         * runtime/MachineStackMarker.cpp:
2790         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2791         (JSC::MachineStackMarker::markCurrentThreadConservatively):
2792         (JSC::MachineStackMarker::markOtherThreadConservatively):
2793         (JSC::MachineStackMarker::markMachineStackConservatively):
2794         * runtime/MachineStackMarker.h: Ditto.
2795
2796         * runtime/MarkStack.h:
2797         (JSC::ConservativeSet::add):
2798         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
2799         set of conservative references. This is different from MarkStack, since
2800         we don't mark the set until it is completely gathered.
2801
2802         * runtime/MarkedSpace.cpp:
2803         (JSC::MarkedSpace::freeBlock):
2804         (JSC::MarkedSpace::resizeBlocks):
2805         (JSC::MarkedSpace::markConservatively):
2806         * runtime/MarkedSpace.h: When marking conservatively, guard against
2807         reviving dead objects.
2808
2809 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
2810
2811         Reviewed by Geoffrey Garen.
2812
2813         [Symbian] Fix StackBounds::initialize()
2814         https://bugs.webkit.org/show_bug.cgi?id=52842
2815
2816         * wtf/StackBounds.cpp:
2817         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
2818
2819 2011-01-20  Michael Saboff  <msaboff@apple.com>
2820
2821         Reviewed by Oliver Hunt.
2822
2823         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
2824         https://bugs.webkit.org/show_bug.cgi?id=52773
2825
2826         Fixed case where an existing DataLabelPtr is overwritten.  The
2827         replacing DataLabelPtr is now resolved immediately in
2828         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
2829         return value for the routine as it was never used.
2830
2831         * yarr/YarrJIT.cpp:
2832         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
2833
2834 2011-01-20  Andras Becsi  <abecsi@webkit.org>
2835
2836         Reviewed by Csaba Osztrogonác.
2837
2838         [Qt][WK2] WebKit2 enabled build fails to link
2839
2840         Work around undefined reference linking issues until the buildsystem gets redesigned.
2841         These issues first occured in minimal builds (see BUG 50519).
2842
2843         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
2844
2845 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
2846
2847         Reviewed by Csaba Osztrogonác.
2848
2849         Refactoring of the custom allocation framework
2850         https://bugs.webkit.org/show_bug.cgi?id=49897
2851
2852         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
2853         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
2854         equivalent macro implementation at the necessary places.
2855
2856         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
2857
2858 2011-01-20  Mark Rowe  <mrowe@apple.com>
2859
2860         Reviewed by Maciej Stachowiak.
2861
2862         Follow-up to r75766 / <rdar://problem/5469576>.
2863
2864         We were failing to initialize the key, causing all sorts of unexpected behavior.
2865
2866         * wtf/FastMalloc.cpp:
2867         (WTF::setThreadHeap):
2868         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
2869         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
2870
2871 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
2872
2873         Reviewed by Darin Adler.
2874
2875         Rolled back in r76078, with crash fixed.
2876         https://bugs.webkit.org/show_bug.cgi?id=52668
2877         
2878         * runtime/JSGlobalObject.cpp:
2879         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
2880         object moves its variables into and out of the register file. While out
2881         of the register file, the symbol table's size is not an accurate count
2882         for the size of the register array, since the BytecodeGenerator might
2883         be compiling, adding items to the symbol table.
2884         
2885 2011-01-18  Darin Adler  <darin@apple.com>
2886
2887         Reviewed by Geoffrey Garen.
2888
2889         Stack overflow when converting an Error object to string
2890         https://bugs.webkit.org/show_bug.cgi?id=46410
2891
2892         * Android.mk: Added StringRecursionChecker.cpp and
2893         StringRecursionChecker.h.
2894         * CMakeLists.txt: Ditto.
2895         * GNUmakefile.am: Ditto.
2896         * JavaScriptCore.gypi: Ditto.
2897         * JavaScriptCore.pro: Ditto.
2898         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
2899         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
2900
2901         * runtime/ArrayPrototype.cpp:
2902         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
2903         of the older hand-written code to do the same thing.
2904         (JSC::arrayProtoFuncToLocaleString): Ditto.
2905         (JSC::arrayProtoFuncJoin): Ditto.
2906
2907         * runtime/ErrorPrototype.cpp:
2908         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
2909
2910         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
2911         stringRecursionCheckVisitedObjects.
2912
2913         * runtime/RegExpPrototype.cpp:
2914         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
2915
2916         * runtime/StringRecursionChecker.cpp: Added.
2917         * runtime/StringRecursionChecker.h: Added.
2918
2919 2011-01-19  Oliver Hunt  <oliver@apple.com>
2920
2921         Reviewed by Gavin Barraclough.
2922
2923         Remove non-spec support for callable RegExp
2924         https://bugs.webkit.org/show_bug.cgi?id=28285
2925
2926         Remove support for callable regexps.  If it breaks sites we can
2927         just roll this out.
2928
2929         * runtime/RegExpObject.cpp:
2930         * runtime/RegExpObject.h:
2931         * tests/mozilla/expected.html: update results.
2932
2933 2011-01-19  Antti Koivisto  <antti@apple.com>
2934
2935         Reviewed by Oliver Hunt.
2936
2937         Cache function offsets to speed up javascript parsing
2938         https://bugs.webkit.org/show_bug.cgi?id=52622
2939         
2940         Use cache to save function offsets and some other info.
2941         This avoids quite a bit of work when reparsing the source.
2942
2943         * parser/ASTBuilder.h:
2944         * parser/JSParser.cpp:
2945         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
2946         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
2947         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
2948         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
2949         (JSC::JSParser::Scope::saveFunctionInfo):
2950         (JSC::JSParser::Scope::restoreFunctionInfo):
2951         (JSC::JSParser::findCachedFunctionInfo):
2952         (JSC::JSParser::JSParser):
2953         (JSC::JSParser::parseProgram):
2954         (JSC::JSParser::parseFunctionInfo):
2955         * parser/Lexer.h:
2956         (JSC::Lexer::setOffset):
2957         (JSC::Lexer::setLineNumber):
2958         (JSC::Lexer::sourceProvider):
2959         * parser/SourceProvider.h:
2960         (JSC::SourceProviderCache::SourceProviderCache):
2961         (JSC::SourceProviderCache::~SourceProviderCache):
2962         (JSC::SourceProviderCache::byteSize):
2963         (JSC::SourceProviderCache::add):
2964         (JSC::SourceProviderCache::get):
2965         (JSC::SourceProvider::SourceProvider):
2966         (JSC::SourceProvider::~SourceProvider):
2967         (JSC::SourceProvider::cache):
2968         (JSC::SourceProvider::notifyCacheSizeChanged):
2969         (JSC::SourceProvider::cacheSizeChanged):
2970         * parser/SyntaxChecker.h:
2971
2972 2011-01-19  Mark Rowe  <mrowe@apple.com>
2973
2974         Reviewed by Darin Adler.
2975
2976         Follow-up to r75766 / <rdar://problem/5469576>.
2977
2978         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
2979
2980 2011-01-19  Oliver Hunt  <oliver@apple.com>
2981
2982         Reviewed by Gavin Barraclough.
2983
2984         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
2985         https://bugs.webkit.org/show_bug.cgi?id=52672
2986
2987         Rather than coming up with a somewhat convoluted mechanism to ensure that
2988         developers can override the global objects prototype with a function named
2989         __proto__ and expect it to work, we just disallow it at the syntax level.
2990
2991         * parser/JSParser.cpp:
2992         (JSC::JSParser::parseFunctionInfo):
2993
2994 2011-01-19  Michael Saboff  <msaboff@apple.com>
2995
2996         Reviewed by Darin Adler.
2997
2998         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
2999         https://bugs.webkit.org/show_bug.cgi?id=52675
3000
3001         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3002         broke simple backtracking in some cases.  Reworked that change to 
3003         link both jumps and labels.
3004
3005         * yarr/YarrJIT.cpp:
3006         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3007         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3008         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3009
3010 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3011
3012         Reviewed by Yury Semikhatsky.
3013
3014         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3015         https://bugs.webkit.org/show_bug.cgi?id=52721
3016
3017         * debugger/Debugger.cpp:
3018         (JSC::Debugger::recompileAllJSFunctions):
3019         * debugger/Debugger.h:
3020         * parser/Parser.h:
3021         (JSC::Parser::parse):
3022         * parser/SourceCode.h:
3023         (JSC::SourceCode::SourceCode):
3024         * parser/SourceProvider.h:
3025         (JSC::SourceProvider::startPosition):
3026
3027 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3028
3029         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3030
3031         [Qt] Remove unnecessary "../Source" from paths
3032         after moving source files into Source is finished.
3033
3034         * JavaScriptCore.pri:
3035
3036 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3037
3038         Reviewed by Darin Adler.
3039
3040         Don't return void from void function String::split
3041         https://bugs.webkit.org/show_bug.cgi?id=52684
3042
3043         * wtf/text/WTFString.cpp:
3044         (WTF::String::split):
3045
3046 2011-01-18  Kenneth Russell  <kbr@google.com>
3047
3048         Unreviewed, rolling out r76078.
3049         http://trac.webkit.org/changeset/76078
3050         https://bugs.webkit.org/show_bug.cgi?id=52668
3051
3052         Caused crashes of fast/canvas/webgl/constants.html,
3053         fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
3054         test crashes in Release mode. WebGL crashes were observed with
3055         "run-webkit-tests fast/canvas/webgl". It was necessary to run
3056         multiple tests to provoke the crash.
3057
3058         * interpreter/RegisterFile.h:
3059         (JSC::RegisterFile::markGlobals):
3060         * runtime/JSActivation.cpp:
3061         (JSC::JSActivation::markChildren):
3062         * runtime/JSGlobalObject.cpp:
3063         (JSC::JSGlobalObject::markChildren):
3064
3065 2011-01-18  Oliver Hunt  <oliver@apple.com>
3066
3067         Reviewed by Gavin Barraclough.
3068
3069         [jsfunfuzz] Assertion asking activation for arguments when arguments is overridden
3070         https://bugs.webkit.org/show_bug.cgi?id=52690
3071
3072         Clean up code to retrieve arguments from activation and function objects.
3073         Remove the incorrect assertion from JSActivation's argumentsGetter.
3074
3075         * interpreter/Interpreter.cpp:
3076         (JSC::Interpreter::retrieveArguments):
3077         * runtime/JSActivation.cpp:
3078         (JSC::JSActivation::argumentsGetter):
3079
3080 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3081
3082         Reviewed by Darin Adler.
3083
3084         Removed RegisterFile::markGlobals because it was obtuse, and it
3085         unnecessarily relied on conservative marking.
3086         https://bugs.webkit.org/show_bug.cgi?id=52668
3087
3088         * interpreter/RegisterFile.h: Removed markGlobals.
3089
3090         * runtime/JSActivation.cpp:
3091         (JSC::JSActivation::markChildren): Added a comment explaning why some
3092         JSActivations don't always mark their registers arrays.
3093
3094         * runtime/JSGlobalObject.cpp:
3095         (JSC::JSGlobalObject::markChildren): Instead of calling markGlobals, mark
3096         the registers array directly.
3097
3098 2011-01-18  Michael Saboff  <msaboff@apple.com>
3099
3100         Reviewed by Oliver Hunt.
3101
3102         <rdar://problem/8875432> Regression: Some text-only e-mails cause hang beneath RegExp::match (52540)
3103         https://bugs.webkit.org/show_bug.cgi?id=52540
3104         https://bugs.webkit.org/show_bug.cgi?id=52662
3105
3106         Directly use backtrack label with parentheses nested under a
3107         non-capturing parentheses.  Also linked current parentheses
3108         tail code object for possible parens nested within a non-capturing
3109         parentheses.
3110
3111         * yarr/YarrJIT.cpp:
3112         (JSC::Yarr::YarrGenerator::BacktrackDestination::linkBacktrackToLabel):
3113         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3114
3115 2011-01-18  Daniel Bates  <dbates@rim.com>
3116
3117         Reviewed by Gavin Barraclough.
3118
3119         Only use moving memory model assumption in ExecutableAllocator::intializePageSize() for Symbian OS
3120         https://bugs.webkit.org/show_bug.cgi?id=52517
3121
3122         Patch by David Tapuska
3123
3124         Currently, we compile code with respect to the Symbian-specific moving memory model
3125         assumption for all ARMv5 or lower architectures. Instead, we should only compile
3126         such code when building for Symbian OS on those architectures because this model
3127         is Symbian-specific.
3128
3129         * jit/ExecutableAllocator.cpp:
3130         (JSC::ExecutableAllocator::intializePageSize):
3131
3132 2011-01-18  Dimitry Andric  <dim@freebsd.org>
3133
3134         Reviewed by Andreas Kling.
3135
3136         Fix linking JavaScriptCore on FreeBSD/amd64
3137         https://bugs.webkit.org/show_bug.cgi?id=52591
3138
3139         Linking of JavaScriptCore on FreeBSD/amd64 fails, for the same reason as
3140         in bug 28422: cti_vm_throw needs a "@plt" suffix, otherwise the linker
3141         complains about the relocation type.
3142
3143         * jit/JITStubs.cpp: use @plt suffix on x86_64 platforms, for both Linux
3144         and FreeBSD.
3145
3146 2011-01-18  Oliver Hunt  <oliver@apple.com>
3147
3148         Reviewed by Antti Koivisto.
3149
3150         [jsfunfuzz] Assertion in codegen for array of NaN constants
3151         https://bugs.webkit.org/show_bug.cgi?id=52643
3152
3153         Don't cache NaN literals in the code generator, as NaN doesn't compare
3154         as equal to itself it causes problems when rehashing the number cache.
3155
3156         * bytecompiler/BytecodeGenerator.cpp:
3157         (JSC::BytecodeGenerator::emitLoad):
3158
3159 2011-01-17  Jarred Nicholls  <jarred@sencha.com>
3160
3161         Reviewed by Csaba Osztrogonác.
3162
3163         REGRESSION(r75709): Return value of fscanf() shouldn't be ignored.
3164         https://bugs.webkit.org/show_bug.cgi?id=52585
3165         
3166         gcc 4.4.4+ has warn_unused_value attribute on fscanf, so we should check
3167         the return value to get around the gcc warning
3168
3169         * jit/ExecutableAllocatorFixedVMPool.cpp:
3170         (JSC::maybeModifyVMPoolSize):
3171
3172 2011-01-17  Michael Saboff  <msaboff@apple.com>
3173
3174         Reviewed by Oliver Hunt.
3175
3176         [regexfuzz] Crash running regex with lookahead
3177         https://bugs.webkit.org/show_bug.cgi?id=52548
3178
3179         Eliminated agressive chaining of backtracks.  This code was overwriting
3180         already valid backtrack information.
3181
3182         * yarr/YarrJIT.cpp:
3183         (JSC::Yarr::YarrGenerator::ParenthesesTail::processBacktracks):
3184
3185 2011-01-17  Tony Gentilcore  <tonyg@chromium.org>
3186
3187         Reviewed by Alexey Proskuryakov.
3188
3189         Fix some headers with missing or misspelled #ifndef guards
3190         https://bugs.webkit.org/show_bug.cgi?id=52545
3191
3192         * wtf/RefPtrHashMap.h:
3193
3194 2011-01-17  Dan Bernstein  <mitz@apple.com>
3195
3196         Rubber-stamped by Mark Rowe.
3197
3198         Update xcodeproj svn:ignore to include xcuserdata.
3199
3200         * JavaScriptCore.xcodeproj: Modified property svn:ignore.
3201
3202 2011-01-16  Adam Barth  <abarth@webkit.org>
3203
3204         Rubber-stamped by Eric Seidel.
3205
3206         Move WebKit into Source
3207         https://bugs.webkit.org/show_bug.cgi?id=52530
3208
3209         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3210
3211 2011-01-16  Oliver Hunt  <oliver@apple.com>
3212
3213         Reviewed by Sam Weinig.
3214
3215         [jsfunfuzz] Parser doesn't correctly validate for-loop syntax
3216         https://bugs.webkit.org/show_bug.cgi?id=52516
3217
3218         Ensure that we always check for a semicolon after encountering
3219         multiple declarations in the initialiser portion of a for-loop.
3220
3221         * parser/JSParser.cpp:
3222         (JSC::JSParser::parseForStatement):
3223
3224 2011-01-16  Oliver Hunt  <oliver@apple.com>
3225
3226         Reviewed by Geoffrey Garen.
3227
3228         Strict mode restrictions on arguments and eval usage aren't complete
3229         https://bugs.webkit.org/show_bug.cgi?id=52528
3230
3231         Fix a few bugs in strict mode where we incorrect allow mutation of
3232         arguments and eval in the parser.
3233
3234         Alas the "optimisation" used by the syntax checker for validating
3235         binary and unary expressions was too aggressive: we do actually need
3236         a stack for operations and operands although it needn't be as complete
3237         as that used for the full AST builder.
3238
3239         Also disallow assignment to arguments in all cases as allowing arguments
3240         to be assignable is always an error in strict mode, regardless of context.
3241
3242         * parser/ASTBuilder.h:
3243         (JSC::ASTBuilder::BinaryExprContext::BinaryExprContext):
3244         (JSC::ASTBuilder::UnaryExprContext::UnaryExprContext):
3245         * parser/JSParser.cpp:
3246         (JSC::JSParser::parseAssignmentExpression):
3247         (JSC::JSParser::parseBinaryExpression):
3248         (JSC::JSParser::parseUnaryExpression):
3249         * parser/SyntaxChecker.h:
3250         (JSC::SyntaxChecker::BinaryExprContext::BinaryExprContext):
3251         (JSC::SyntaxChecker::BinaryExprContext::~BinaryExprContext):
3252         (JSC::SyntaxChecker::UnaryExprContext::UnaryExprContext):
3253         (JSC::SyntaxChecker::UnaryExprContext::~UnaryExprContext):
3254         (JSC::SyntaxChecker::appendBinaryExpressionInfo):
3255         (JSC::SyntaxChecker::operatorStackPop):
3256
3257 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3258
3259         Reviewed by Oliver Hunt.
3260
3261         Rolled back in r75886.
3262         https://bugs.webkit.org/show_bug.cgi?id=52527
3263         
3264         r75886 broke the GTK Linux bot because Linux was -- quite surprisingly --
3265         set up to use the constants for embedded devices.
3266
3267         * jit/ExecutableAllocatorFixedVMPool.cpp:
3268         (JSC::maybeModifyVMPoolSize): Separated Linux constants from embedded
3269         constants.
3270
3271 2011-01-15  Sheriff Bot  <webkit.review.bot@gmail.com>
3272
3273         Unreviewed, rolling out r75886.
3274         http://trac.webkit.org/changeset/75886
3275         https://bugs.webkit.org/show_bug.cgi?id=52526
3276
3277         "Broke GTK+ 64bit" (Requested by xan_ on #webkit).
3278
3279         * jit/ExecutableAllocatorFixedVMPool.cpp:
3280
3281 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3282
3283         Reviewed by Sam Weinig.
3284
3285         <rdar://problem/8870429> Shrink the executable pool on embedded devices
3286
3287         * jit/ExecutableAllocatorFixedVMPool.cpp: Dropped the pool size from 32MB
3288         to 16MB.
3289
3290 2011-01-15  Oliver Hunt  <oliver@apple.com>
3291
3292         Reviewed by Maciej Stachowiak.
3293
3294         Incorrect behavior changing attributes of an accessor
3295         https://bugs.webkit.org/show_bug.cgi?id=52515
3296
3297         defineProperty doesn't correctly handle changing attributes of an accessor
3298         property.  This is because we don't pass the full descriptor to the 
3299         putDescriptor helper function, which means we have insufficient information
3300         to do the right thing. Once that's passed the correct behavior is relatively
3301         simple to implement.
3302
3303         * runtime/JSObject.cpp:
3304         (JSC::putDescriptor):
3305         (JSC::JSObject::defineOwnProperty):
3306
3307 2011-01-14  Oliver Hunt  <oliver@apple.com>
3308
3309         Reviewed by Maciej Stachowiak.
3310
3311         [jsfunfuzz] Incorrect handling of consecutive duplicate labels
3312         https://bugs.webkit.org/show_bug.cgi?id=52505
3313
3314         Compare StringImpl*'s instead of Identifier*'s when looking for duplicate
3315         labels.
3316
3317         * parser/JSParser.cpp:
3318         (JSC::JSParser::parseExpressionOrLabelStatement):
3319
3320 2011-01-14  Simon Fraser  <simon.fraser@apple.com>
3321
3322         No review.
3323         
3324         Initialize m_operationInProgress after r75855.
3325
3326         * runtime/Heap.cpp:
3327         (JSC::Heap::Heap):
3328
3329 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3330
3331         Reverted accidentally committed code from my last checkin.
3332
3333         * runtime/Heap.cpp:
3334         (JSC::Heap::markRoots):
3335
3336 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3337
3338         Reviewed by Sam Weinig.
3339         
3340         Try to fix the GTK bot.
3341
3342         * runtime/Heap.cpp:
3343         (JSC::Heap::Heap):
3344         (JSC::Heap::markRoots): Kids, remember to initialize your data members.
3345         Knowing is half the battle.
3346
3347 2011-01-14  Oliver Hunt  <oliver@apple.com>
3348
3349         Reviewed by Stephanie Lewis.
3350
3351         [jsfunfuzz] We should be clearing the lexers temporary character buffers when switching to strict mode
3352         https://bugs.webkit.org/show_bug.cgi?id=52501
3353
3354         Clear the temporary character buffers used for reading escaped characters and
3355         numbers.
3356
3357         * parser/Lexer.h:
3358         (JSC::Lexer::setOffset):
3359
3360 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3361
3362         Try to fix non-Dtrace builds: #include Tracing.h instead of TracingDtrace.h.
3363
3364         * runtime/Heap.cpp:
3365
3366 2011-01-13  Geoffrey Garen  <ggaren@apple.com>
3367
3368         Reviewed by Oliver Hunt.
3369
3370         Split out a MarkedSpace strategy object from Heap.
3371         https://bugs.webkit.org/show_bug.cgi?id=52421
3372         
3373         SunSpider reports no change.
3374
3375         * Android.mk:
3376         * CMakeLists.txt:
3377         * GNUmakefile.am:
3378         * JavaScriptCore.gypi:
3379         * JavaScriptCore.pro:
3380         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3381         * JavaScriptCore.xcodeproj/project.pbxproj: Updated our 7 build systems. Which is cool.
3382
3383         * runtime/Heap.cpp:
3384         (JSC::Heap::Heap):
3385         (JSC::Heap::destroy):
3386         (JSC::Heap::recordExtraCost):
3387         (JSC::Heap::allocate):
3388         (JSC::Heap::markConservatively):
3389         (JSC::Heap::markRoots):
3390         (JSC::Heap::objectCount):
3391         (JSC::Heap::statistics):
3392         (JSC::Heap::size):
3393         (JSC::Heap::isBusy):
3394         (JSC::Heap::collectAllGarbage):
3395         (JSC::Heap::primaryHeapBegin):
3396         (JSC::Heap::primaryHeapEnd):
3397         * runtime/Heap.h:
3398         (JSC::Heap::globalData):
3399         (JSC::Heap::markedSpace):
3400         (JSC::Heap::isCellMarked):
3401         (JSC::Heap::checkMarkCell):
3402         (JSC::Heap::markCell): Moved all code pertaining to managing chunks of
3403         collector memory out of this class. Heap now just delegates to MarkedSpace.
3404
3405         * runtime/JSCell.h:
3406         (JSC::JSCell::Heap::heap): Updated for MarkedSpace delegation.
3407
3408         * runtime/JSValue.h: Moved the ValueStringPair typedef to help with #includes.
3409
3410         * runtime/MarkedSpace.cpp: Copied from runtime/Heap.cpp.
3411         (JSC::MarkedSpace::MarkedSpace):
3412         (JSC::MarkedSpace::destroy):
3413         (JSC::MarkedSpace::allocateBlock):
3414         (JSC::MarkedSpace::freeBlock):
3415         (JSC::MarkedSpace::allocate):
3416         (JSC::MarkedSpace::resizeBlocks):
3417         (JSC::MarkedSpace::growBlocks):
3418         (JSC::MarkedSpace::shrinkBlocks):
3419         (JSC::MarkedSpace::markConservatively):
3420         (JSC::MarkedSpace::clearMarkBits):
3421         (JSC::MarkedSpace::markedCells):
3422         (JSC::MarkedSpace::sweep):
3423         (JSC::MarkedSpace::objectCount):
3424         (JSC::MarkedSpace::addToStatistics):
3425         (JSC::MarkedSpace::statistics):
3426         (JSC::MarkedSpace::size):
3427         (JSC::MarkedSpace::reset):
3428         (JSC::MarkedSpace::primaryHeapBegin):
3429         (JSC::MarkedSpace::primaryHeapEnd):
3430         * runtime/MarkedSpace.h: Copied from runtime/Heap.h.
3431         (JSC::MarkedSpace::globalData):
3432         (JSC::MarkedSpace::didShrink):
3433         (JSC::MarkedSpace::cellBlock):
3434         (JSC::MarkedSpace::cellOffset):
3435         (JSC::MarkedSpace::isCellMarked):
3436         (JSC::MarkedSpace::checkMarkCell):
3437         (JSC::MarkedSpace::markCell): Moved all code pertaining to managing chunks of
3438         collector memory into this class.
3439
3440         * runtime/MemoryStatistics.cpp:
3441         (JSC::heapStatistics):
3442         * runtime/MemoryStatistics.h: Updated for MarkedSpace delegation.
3443
3444 2011-01-14  Oliver Hunt  <oliver@apple.com>
3445
3446         Reviewed by Gavin Barraclough.
3447
3448         [jsfunfuzz] parser doesn't enforce continue restrictions correctly.
3449         https://bugs.webkit.org/show_bug.cgi?id=52493
3450
3451         This patch reworks handling of break, continue and label statements
3452         to correctly handle all the valid and invalid cases.  Previously certain
3453         errors would be missed by the parser in strict mode, but the bytecode 
3454         generator needed to handle those cases for non-strict code so nothing
3455         failed, it simply became non-standard behaviour.
3456
3457         Now that we treat break and continue errors as early faults in non-strict
3458         mode as well that safety net has been removed so the parser bugs result in
3459         crashes at codegen time.
3460
3461         * parser/JSParser.cpp:
3462         (JSC::JSParser::ScopeLabelInfo::ScopeLabelInfo):
3463         (JSC::JSParser::next):
3464         (JSC::JSParser::nextTokenIsColon):
3465         (JSC::JSParser::continueIsValid):
3466             Continue is only valid in loops so we can't use breakIsValid()
3467         (JSC::JSParser::pushLabel):
3468             We now track whether the label is for a loop (and is therefore a
3469             valid target for continue.
3470         (JSC::JSParser::popLabel):
3471         (JSC::JSParser::getLabel):
3472             Replace hasLabel with getLabel so that we can validate the target
3473             when parsing continue statements.
3474         (JSC::JSParser::Scope::continueIsValid):
3475         (JSC::JSParser::Scope::pushLabel):
3476         (JSC::JSParser::Scope::getLabel):
3477         (JSC::JSParser::JSParser):
3478         (JSC::JSParser::parseBreakStatement):
3479         (JSC::JSParser::parseContinueStatement):
3480         (JSC::LabelInfo::LabelInfo):
3481         (JSC::JSParser::parseExpressionOrLabelStatement):
3482             Consecutive labels now get handled iteratively so that we can determine
3483             whether they're valid targets for continue.
3484         * parser/Lexer.cpp:
3485         (JSC::Lexer::nextTokenIsColon):
3486         * parser/Lexer.h:
3487         (JSC::Lexer::setOffset):
3488
3489 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3490
3491         Reviewed by Adam Roben.
3492
3493         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3494         https://bugs.webkit.org/show_bug.cgi?id=45186
3495
3496         * wtf/FastMalloc.cpp:
3497         (WTF::TCMalloc_PageHeap::scheduleScavenger): Added missing this pointer to CreateTimerQueueTimer().
3498
3499 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3500
3501         Reviewed by Adam Roben.
3502
3503         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3504         https://bugs.webkit.org/show_bug.cgi?id=45186
3505
3506         r75819 accidentally changed the initial state of the scavenge timer.
3507
3508         * wtf/FastMalloc.cpp:
3509         (WTF::TCMalloc_PageHeap::initializeScavenger): Changed initial state of m_scavengingSuspended to true.
3510
3511 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3512
3513         Unreviewed Windows Release build fix.
3514
3515         * wtf/FastMalloc.cpp:
3516         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3517
3518 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3519
3520         Unreviewed Windows Release build fix.
3521
3522         * wtf/FastMalloc.cpp:
3523         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3524
3525 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3526
3527         Reviewed by Adam Roben.
3528
3529         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3530         https://bugs.webkit.org/show_bug.cgi?id=45186
3531
3532         Use CreateTimerQueueTimer() to start periodicScavenge() and stop it with DeleteTimerQueueTimer().
3533
3534         * wtf/FastMalloc.cpp:
3535         (WTF::TCMalloc_PageHeap::initializeScavenger):
3536         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
3537         (WTF::TCMalloc_PageHeap::scheduleScavenger):
3538         (WTF::TCMalloc_PageHeap::rescheduleScavenger):
3539         (WTF::TCMalloc_PageHeap::suspendScavenger):
3540         (WTF::scavengerTimerFired):
3541         (WTF::TCMalloc_PageHeap::periodicScavenge):
3542         (WTF::TCMalloc_PageHeap::signalScavenger):
3543
3544 2011-01-14  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
3545
3546         Reviewed by Kenneth Rohde Christiansen.
3547
3548         Align import/export directives
3549         https://bugs.webkit.org/show_bug.cgi?id=52208
3550
3551         * API/JSBase.h: Align import/export directives with
3552         WebKit2/Shared/API/c/WKBase.h
3553
3554 2011-01-14  Michael Saboff  <msaboff@apple.com>
3555
3556         Reviewed by Oliver Hunt.
3557
3558         Incorrect backtracking for nested alternatives
3559         https://bugs.webkit.org/show_bug.cgi?id=52387
3560
3561         In the process of propigating a datalabel it wasn't getting connected
3562         to a destination when the destination was an indirect jump.  Added
3563         code to recognize a direct backtrack destination that was an indirect
3564         jump and added mechanism to associate DataLabelPtrs with indirect
3565         jump entries.
3566         Removed dead method
3567         BacktrackDestination::linkDataLabelToHereIfExists()
3568
3569         * yarr/YarrJIT.cpp:
3570         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::IndirectJumpEntry):
3571         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::addDataLabel):
3572         (JSC::Yarr::YarrGenerator::GenerationState::addIndirectJumpEntry):
3573         (JSC::Yarr::YarrGenerator::GenerationState::emitIndirectJumpTable):
3574         Changes to link indirect jumps with DataLabelPtr's.
3575         (JSC::Yarr::YarrGenerator::BacktrackDestination::clearSubDataLabelPtr):
3576         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists): 
3577         Updated to handle immediate linking of indirect jumps to
3578         DataLabelPtr.
3579         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction): Changed to
3580         reflect updated linkDataLabelToBacktrackIfExists().
3581
3582 2011-01-14  Pavel Podivilov  <podivilov@chromium.org>
3583
3584         Reviewed by Yury Semikhatsky.
3585
3586         Web Inspector: provide script column offset to frontend.
3587         https://bugs.webkit.org/show_bug.cgi?id=52377
3588
3589         * parser/SourceCode.h:
3590         (JSC::SourceCode::SourceCode):
3591         (JSC::SourceCode::firstColumn):
3592
3593 2011-01-13  Darin Adler  <darin@apple.com>
3594
3595         Reviewed by Geoff Garen.
3596
3597         <rdar://problem/5469576> Use __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 if available.
3598
3599         * DerivedSources.make: Create a header file, HeaderDetection.h, that tells
3600         us whether pthread_machdep.h is available.
3601         * wtf/FastMalloc.cpp: If __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 is available, then
3602         don't do the pthread_getspecific_function_pointer trick.
3603         (WTF::setThreadHeap): Ditto, but set thread-specific data.
3604         (WTF::TCMalloc_ThreadCache::GetThreadHeap): Ditto, but get rather than set.
3605
3606 2011-01-13  Xan Lopez  <xlopez@igalia.com>
3607
3608         Reviewed by Gavin Barraclough.
3609
3610         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
3611         https://bugs.webkit.org/show_bug.cgi?id=42756
3612
3613         The FixedVMPool Allocator does not work well on systems where
3614         allocating very large amounts of memory upfront is not reasonable,
3615         like Linux without overcommit enabled. As a workaround, on Linux,
3616         default to the values used in embedded environments (in the MB
3617         range), and only jump to the GB range if we detect at runtime that
3618         overcommit is enabled. Should fix crashes on Linux/x86_64 with
3619         less than 3 or 4GB of RAM.
3620
3621         * jit/ExecutableAllocatorFixedVMPool.cpp:
3622         (JSC::FixedVMPoolAllocator::free): use new variables for VM pool
3623         size and coalesce limit.
3624         (JSC::ExecutableAllocator::isValid): swap the variables from
3625         embedded to generic values at runtime, on linux, if overcommit is
3626         enabled.
3627         (JSC::ExecutableAllocator::underMemoryPressure): use new variables
3628         for VM pool size and coalesce limit.
3629
3630 2011-01-12  Xan Lopez  <xlopez@igalia.com>
3631
3632         Reviewed by Martin Robinson.
3633
3634         Add new Yarr.h header to the list file.
3635
3636         * GNUmakefile.am: ditto.
3637
3638 2011-01-12  Martin Robinson  <mrobinson@igalia.com>
3639
3640         Missing Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h in WebKitGtk tarball
3641         https://bugs.webkit.org/show_bug.cgi?id=52299
3642
3643         * GNUmakefile.am: Fix the GTK+ build on ARMv7 by including missing source
3644         files in the source list.
3645
3646 2011-01-12  Peter Varga  <pvarga@webkit.org>
3647
3648         Reviewed by Gavin Barraclough.
3649
3650         Add Yarr.h to YARR
3651         https://bugs.webkit.org/show_bug.cgi?id=51021
3652
3653         Move other common constants and functions from YARR's different files
3654         to Yarr.h.
3655         Use Yarr.h header instead of including other YARR headers where it
3656         is possible.
3657
3658         * JavaScriptCore.gypi:
3659         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3660         * JavaScriptCore.xcodeproj/project.pbxproj:
3661         * runtime/RegExp.cpp:
3662         * yarr/Yarr.h: Added.
3663         * yarr/YarrInterpreter.cpp:
3664         * yarr/YarrInterpreter.h:
3665         * yarr/YarrJIT.cpp:
3666         (JSC::Yarr::jitCompile):
3667         (JSC::Yarr::execute):
3668         * yarr/YarrJIT.h:
3669         * yarr/YarrParser.h:
3670         * yarr/YarrPattern.cpp:
3671         (JSC::Yarr::YarrPattern::compile):
3672         (JSC::Yarr::YarrPattern::YarrPattern):
3673         * yarr/YarrPattern.h:
3674
3675 2011-01-12  Sheriff Bot  <webkit.review.bot@gmail.com>
3676
3677         Unreviewed, rolling out r75595.
3678         http://trac.webkit.org/changeset/75595
3679         https://bugs.webkit.org/show_bug.cgi?id=52286
3680
3681         It broke fast/regex/pcre-test-1.html (Requested by Ossy on
3682         #webkit).
3683
3684         * JavaScriptCore.gypi:
3685         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3686         * JavaScriptCore.xcodeproj/project.pbxproj:
3687         * runtime/RegExp.cpp:
3688         * yarr/Yarr.h: Removed.
3689         * yarr/YarrInterpreter.cpp:
3690         * yarr/YarrInterpreter.h:
3691         * yarr/YarrJIT.cpp:
3692         (JSC::Yarr::jitCompile):
3693         * yarr/YarrJIT.h:
3694         (JSC::Yarr::execute):
3695         * yarr/YarrParser.h:
3696         * yarr/YarrPattern.cpp:
3697         (JSC::Yarr::compile):
3698         (JSC::Yarr::YarrPattern::YarrPattern):
3699         * yarr/YarrPattern.h:
3700
3701 2011-01-12  Peter Varga  <pvarga@webkit.org>
3702
3703         Reviewed by Gavin Barraclough.
3704
3705         Add Yarr.h to YARR
3706         https://bugs.webkit.org/show_bug.cgi?id=51021
3707
3708         Move other common constants and functions from YARR's different files
3709         to Yarr.h.
3710         Use Yarr.h header instead of including other YARR headers where it
3711         is possible.
3712
3713         * JavaScriptCore.gypi:
3714         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3715         * JavaScriptCore.xcodeproj/project.pbxproj:
3716         * runtime/RegExp.cpp:
3717         * yarr/Yarr.h: Added.
3718         * yarr/YarrInterpreter.cpp:
3719         * yarr/YarrInterpreter.h:
3720         * yarr/YarrJIT.cpp:
3721         (JSC::Yarr::jitCompile):
3722         (JSC::Yarr::execute):
3723         * yarr/YarrJIT.h:
3724         * yarr/YarrParser.h:
3725         * yarr/YarrPattern.cpp:
3726         (JSC::Yarr::YarrPattern::compile):
3727         (JSC::Yarr::YarrPattern::YarrPattern):
3728         * yarr/YarrPattern.h:
3729
3730 2011-01-11  Michael Saboff  <msaboff@apple.com>
3731
3732         Reviewed by Geoffrey Garen.
3733
3734         Missing call to popTempSortVector() for exception case in JSArray::sort.
3735         https://bugs.webkit.org/show_bug.cgi?id=50718
3736
3737         Fix to patch of 50718 that added pushTempSortVector() and 
3738         popTempSortVector() to JSArray::sort() to mark elements during sort.
3739         Need to add popTempSortVector() for the return case if toString()
3740         had an exception.
3741
3742         * runtime/JSArray.cpp:
3743         (JSC::JSArray::sort): Added popTempSortVector()
3744
3745 2011-01-11  Xan Lopez  <xlopez@igalia.com>
3746
3747         Reviewed by Darin Adler.
3748
3749         Microoptimization in ~JSString
3750         https://bugs.webkit.org/show_bug.cgi?id=52222
3751
3752         The case where m_fibers is 0 seems to be the most common one
3753         (almost 1/2 of the time, followed at some distance by m_fibers = 1
3754         in 1/4 of the cases in a typical SunSpider execution). We can save
3755         one comparison in this common case by doing a bit of refactoring
3756         in the JSString destructor; overall a 0.3% progression, but only
3757         the string tests show improvement.
3758
3759         * runtime/JSString.h:
3760         (JSC::RopeBuilder::~JSString):
3761
3762 2011-01-10  Michael Saboff  <msaboff@apple.com>
3763
3764         Reviewed by Geoffrey Garen.
3765
3766         ASSERTION Failure in JSC::binaryChop
3767         https://bugs.webkit.org/show_bug.cgi?id=25614
3768
3769         Changed JITStubs::cti_register_file_check() to use the current stack's
3770         return PC to find the bytecode for handling the exception in the prior
3771         frame.  Also added the appropriate arrity check routine call to the
3772         JIT to bytecode vector (m_callReturnIndexVector) in the CodeBlock.
3773
3774         * jit/JIT.cpp:
3775         (JSC::JIT::privateCompile): Changed the arrity check call location
3776         so that it gets added to the m_calls list so that it's included in
3777         CodeBlock::m_callReturnIndexVector.
3778         * jit/JITStubs.cpp:
3779         (JSC::DEFINE_STUB_FUNCTION): Use the current call frame's return PC.
3780
3781 2011-01-10  Daniel Bates  <dbates@rim.com>
3782
3783         Reviewed by Martin Robinson.
3784
3785         Remove extraneous COMPILER(GCC) condition when checking GCC_VERSION_AT_LEAST()
3786         https://bugs.webkit.org/show_bug.cgi?id=52178
3787
3788         It is sufficient to test GCC_VERSION_AT_LEAST() instead of both COMPILER(GCC) and
3789         GCC_VERSION_AT_LEAST(). Notice GCC_VERSION_AT_LEAST() is defined to be 0 when we
3790         are not compiling with GCC.
3791
3792         Fixes style issues at the callsites (i.e. replace comma with comma-space in
3793         macro function argument list). Also, makes a spelling correction in a comment.
3794
3795         * jit/ExecutableAllocator.h:
3796         (JSC::ExecutableAllocator::cacheFlush):
3797         * wtf/Platform.h:
3798
3799 2011-01-10  Geoffrey Garen  <ggaren@apple.com>
3800
3801         Build fix: removed some uses of nextNumber that I missed last time.
3802
3803         * runtime/Heap.cpp:
3804         (JSC::Heap::reset):
3805         (JSC::Heap::collectAllGarbage):
3806
3807 2011-01-10  Daniel Bates  <dbates@rim.com>
3808
3809         Reviewed by Darin Adler.
3810
3811         Use __builtin_expect when compiling using RVCT in GNU mode
3812         https://bugs.webkit.org/show_bug.cgi?id=51866
3813
3814         We should only use __builtin_expect if we are compiling with GCC or RVCT 3 or higher in GNU mode
3815         as pointed out by Siddharth Mathur per <http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0202h/Cjabddedbde.html>.
3816
3817         * wtf/AlwaysInline.h:
3818         * wtf/Platform.h: Removed define WTF_COMPILER_RVCT4_OR_GREATER. Instead added macro
3819         function RVCT_VERSION_AT_LEAST so that we can test for an arbitrary minimum RVCT
3820         version.
3821
3822 2011-01-10  Geoffrey Garen  <ggaren@apple.com>
3823
3824         Reviewed by Oliver Hunt.
3825
3826         Moved Collector.* => Heap.*, since the file contains a class named "Heap".
3827
3828         * API/JSCallbackObject.cpp:
3829         * Android.mk:
3830         * CMakeLists.txt:
3831         * GNUmakefile.am:
3832         * JavaScriptCore.gypi:
3833         * JavaScriptCore.pro:
3834         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3835         * JavaScriptCore.xcodeproj/project.pbxproj:
3836         * interpreter/Interpreter.cpp:
3837         * interpreter/RegisterFile.h:
3838         * jit/JITStubs.cpp:
3839         * runtime/Collector.cpp: Removed.
3840         * runtime/Collector.h: Removed.
3841         * runtime/CollectorHeapIterator.h:
3842         * runtime/GCActivityCallbackCF.cpp:
3843         * runtime/Heap.cpp: Copied from JavaScriptCore/runtime/Collector.cpp.
3844         * runtime/Heap.h: Copied from JavaScriptCore/runtime/Collector.h.
3845         * runtime/InitializeThreading.cpp:
3846         * runtime/JSCell.h:
3847         * runtime/JSGlobalData.cpp:
3848         * runtime/JSGlobalData.h:
3849         * runtime/JSLock.cpp:
3850         * runtime/JSNumberCell.h:
3851         * runtime/MachineStackMarker.cpp:
3852         * runtime/MemoryStatistics.h:
3853         * runtime/Protect.h:
3854         * runtime/UString.cpp:
3855         * runtime/WeakGCMap.h:
3856         * runtime/WeakGCPtr.h:
3857
3858 2011-01-10  Xan Lopez  <xlopez@igalia.com>
3859
3860         Reviewed by Gavin Barraclough.
3861
3862         Remove unused isString() case in JSString::toPrimitiveString()
3863         https://bugs.webkit.org/show_bug.cgi?id=52167
3864
3865         We never call toPrimitiveString() with strings, so remove the
3866         check and add an ASSERT ensuring this never happens. 0.7% overall
3867         progression in sunspider, since one of the call sites is very hot.
3868
3869         * runtime/JSString.h:
3870         (JSC::JSValue::toPrimitiveString):
3871
3872 2011-01-10  Peter Varga  <pvarga@inf.u-szeged.hu>
3873
3874         Reviewed by Gavin Barraclough.
3875
3876         Rename the existing YARR files and classes
3877         https://bugs.webkit.org/show_bug.cgi?id=51872
3878
3879         Replace the "Regex" prefix with "Yarr" in the name of YARR files and classes.
3880
3881         * Android.mk:
3882         * CMakeLists.txt:
3883         * GNUmakefile.am:
3884         * JavaScriptCore.gypi:
3885         * JavaScriptCore.pro:
3886         * JavaScriptCore.xcodeproj/project.pbxproj:
3887         * runtime/RegExp.cpp:
3888         (JSC::RegExp::compile):
3889         (JSC::RegExp::match):
3890         (JSC::RegExp::printTraceData):
3891         * yarr/YarrInterpreter.cpp: Renamed from Source/JavaScriptCore/yarr/RegexInterpreter.cpp.
3892         (JSC::Yarr::Interpreter::appendParenthesesDisjunctionContext):
3893         (JSC::Yarr::Interpreter::popParenthesesDisjunctionContext):
3894         (JSC::Yarr::Interpreter::DisjunctionContext::DisjunctionContext):
3895         (JSC::Yarr::Interpreter::DisjunctionContext::operator new):
3896         (JSC::Yarr::Interpreter::allocDisjunctionContext):
3897         (JSC::Yarr::Interpreter::freeDisjunctionContext):
3898         (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::ParenthesesDisjunctionContext):
3899         (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::operator new):
3900         (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::restoreOutput):
3901         (JSC::Yarr::Interpreter::ParenthesesDisjunctionContext::getDisjunctionContext):
3902         (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
3903         (JSC::Yarr::Interpreter::freeParenthesesDisjunctionContext):
3904         (JSC::Yarr::Interpreter::InputStream::InputStream):
3905         (JSC::Yarr::Interpreter::InputStream::next):
3906         (JSC::Yarr::Interpreter::InputStream::rewind):
3907         (JSC::Yarr::Interpreter::InputStream::read):
3908         (JSC::Yarr::Interpreter::InputStream::readPair):
3909         (JSC::Yarr::Interpreter::InputStream::readChecked):
3910         (JSC::Yarr::Interpreter::InputStream::reread):
3911         (JSC::Yarr::Interpreter::InputStream::prev):
3912         (JSC::Yarr::Interpreter::InputStream::getPos):
3913         (JSC::Yarr::Interpreter::InputStream::setPos):
3914         (JSC::Yarr::Interpreter::InputStream::atStart):
3915         (JSC::Yarr::Interpreter::InputStream::atEnd):
3916         (JSC::Yarr::Interpreter::InputStream::checkInput):
3917         (JSC::Yarr::Interpreter::InputStream::uncheckInput):
3918         (JSC::Yarr::Interpreter::InputStream::isNotAvailableInput):
3919         (JSC::Yarr::Interpreter::testCharacterClass):
3920         (JSC::Yarr::Interpreter::checkCharacter):
3921         (JSC::Yarr::Interpreter::checkCasedCharacter):
3922         (JSC::Yarr::Interpreter::checkCharacterClass):
3923         (JSC::Yarr::Interpreter::tryConsumeBackReference):
3924         (JSC::Yarr::Interpreter::matchAssertionBOL):
3925         (JSC::Yarr::Interpreter::matchAssertionEOL):
3926         (JSC::Yarr::Interpreter::matchAssertionWordBoundary):
3927         (JSC::Yarr::Interpreter::backtrackPatternCharacter):
3928         (JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
3929         (JSC::Yarr::Interpreter::matchCharacterClass):
3930         (JSC::Yarr::Interpreter::backtrackCharacterClass):
3931         (JSC::Yarr::Interpreter::matchBackReference):
3932         (JSC::Yarr::Interpreter::backtrackBackReference):
3933         (JSC::Yarr::Interpreter::recordParenthesesMatch):
3934         (JSC::Yarr::Interpreter::resetMatches):
3935         (JSC::Yarr::Interpreter::parenthesesDoBacktrack):
3936         (JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
3937         (JSC::Yarr::Interpreter::matchParenthesesOnceEnd):
3938         (JSC::Yarr::Interpreter::backtrackParenthesesOnceBegin):
3939         (JSC::Yarr::Interpreter::backtrackParenthesesOnceEnd):
3940         (JSC::Yarr::Interpreter::matchParenthesesTerminalBegin):
3941         (JSC::Yarr::Interpreter::matchParenthesesTerminalEnd):
3942         (JSC::Yarr::Interpreter::backtrackParenthesesTerminalBegin):
3943         (JSC::Yarr::Interpreter::backtrackParenthesesTerminalEnd):
3944         (JSC::Yarr::Interpreter::matchParentheticalAssertionBegin):
3945         (JSC::Yarr::Interpreter::matchParentheticalAssertionEnd):
3946         (JSC::Yarr::Interpreter::backtrackParentheticalAssertionBegin):
3947         (JSC::Yarr::Interpreter::backtrackParentheticalAssertionEnd):
3948         (JSC::Yarr::Interpreter::matchParentheses):
3949         (JSC::Yarr::Interpreter::backtrackParentheses):
3950         (JSC::Yarr::Interpreter::lookupForBeginChars):
3951         (JSC::Yarr::Interpreter::matchDisjunction):
3952         (JSC::Yarr::Interpreter::matchNonZeroDisjunction):
3953         (JSC::Yarr::Interpreter::interpret):
3954         (JSC::Yarr::Interpreter::Interpreter):
3955         (JSC::Yarr::ByteCompiler::ParenthesesStackEntry::ParenthesesStackEntry):
3956         (JSC::Yarr::ByteCompiler::ByteCompiler):
3957         (JSC::Yarr::ByteCompiler::compile):
3958         (JSC::Yarr::ByteCompiler::checkInput):
3959         (JSC::Yarr::ByteCompiler::assertionBOL):
3960         (JSC::Yarr::ByteCompiler::assertionEOL):
3961         (JSC::Yarr::ByteCompiler::assertionWordBoundary):
3962         (JSC::Yarr::ByteCompiler::atomPatternCharacter):
3963         (JSC::Yarr::ByteCompiler::atomCharacterClass):
3964         (JSC::Yarr::ByteCompiler::atomBackReference):
3965         (JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
3966         (JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
3967         (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
3968         (JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
3969         (JSC::Yarr::ByteCompiler::atomParentheticalAssertionEnd):
3970         (JSC::Yarr::ByteCompiler::popParenthesesStack):
3971         (JSC::Yarr::ByteCompiler::dumpDisjunction):
3972         (JSC::Yarr::ByteCompiler::closeAlternative):
3973         (JSC::Yarr::ByteCompiler::closeBodyAlternative):
3974         (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternEnd):
3975         (JSC::Yarr::ByteCompiler::atomParenthesesOnceEnd):
3976         (JSC::Yarr::ByteCompiler::atomParenthesesTerminalEnd):
3977         (JSC::Yarr::ByteCompiler::regexBegin):
3978         (JSC::Yarr::ByteCompiler::regexEnd):
3979         (JSC::Yarr::ByteCompiler::alternativeBodyDisjunction):
3980         (JSC::Yarr::ByteCompiler::alternativeDisjunction):
3981         (JSC::Yarr::ByteCompiler::emitDisjunction):
3982         (JSC::Yarr::byteCompile):
3983         (JSC::Yarr::interpret):
3984         * yarr/YarrInterpreter.h: Renamed from Source/JavaScriptCore/yarr/RegexInterpreter.h.
3985         (JSC::Yarr::ByteTerm::ByteTerm):
3986         (JSC::Yarr::ByteTerm::BOL):
3987         (JSC::Yarr::ByteTerm::CheckInput):
3988         (JSC::Yarr::ByteTerm::EOL):
3989         (JSC::Yarr::ByteTerm::WordBoundary):
3990         (JSC::Yarr::ByteTerm::BackReference):
3991         (JSC::Yarr::ByteTerm::BodyAlternativeBegin):
3992         (JSC::Yarr::ByteTerm::BodyAlternativeDisjunction):
3993         (JSC::Yarr::ByteTerm::BodyAlternativeEnd):
3994         (JSC::Yarr::ByteTerm::AlternativeBegin):
3995         (JSC::Yarr::ByteTerm::AlternativeDisjunction):
3996         (JSC::Yarr::ByteTerm::AlternativeEnd):
3997         (JSC::Yarr::ByteTerm::SubpatternBegin):
3998         (JSC::Yarr::ByteTerm::SubpatternEnd):
3999         (JSC::Yarr::ByteTerm::invert):
4000         (JSC::Yarr::ByteTerm::capture):
4001         (JSC::Yarr::ByteDisjunction::ByteDisjunction):
4002         (JSC::Yarr::BytecodePattern::BytecodePattern):
4003         (JSC::Yarr::BytecodePattern::~BytecodePattern):
4004         * yarr/YarrJIT.cpp: Renamed from Source/JavaScriptCore/yarr/RegexJIT.cpp.
4005         (JSC::Yarr::YarrGenerator::optimizeAlternative):
4006         (JSC::Yarr::YarrGenerator::matchCharacterClassRange):
4007         (JSC::Yarr::YarrGenerator::matchCharacterClass):
4008         (JSC::Yarr::YarrGenerator::jumpIfNoAvailableInput):
4009         (JSC::Yarr::YarrGenerator::jumpIfAvailableInput):
4010         (JSC::Yarr::YarrGenerator::checkInput):
4011         (JSC::Yarr::YarrGenerator::atEndOfInput):
4012         (JSC::Yarr::YarrGenerator::notAtEndOfInput):
4013         (JSC::Yarr::YarrGenerator::jumpIfCharEquals):
4014         (JSC::Yarr::YarrGenerator::jumpIfCharNotEquals):
4015         (JSC::Yarr::YarrGenerator::readCharacter):
4016         (JSC::Yarr::YarrGenerator::storeToFrame):
4017         (JSC::Yarr::YarrGenerator::storeToFrameWithPatch):
4018         (JSC::Yarr::YarrGenerator::loadFromFrame):
4019         (JSC::Yarr::YarrGenerator::loadFromFrameAndJump):
4020         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::IndirectJumpEntry):
4021         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::addJump):
4022         (JSC::Yarr::YarrGenerator::AlternativeBacktrackRecord::AlternativeBacktrackRecord):
4023         (JSC::Yarr::YarrGenerator::GenerationState::GenerationState):
4024         (JSC::Yarr::YarrGenerator::GenerationState::addIndirectJumpEntry):
4025         (JSC::Yarr::YarrGenerator::GenerationState::emitIndirectJumpTable):
4026         (JSC::Yarr::YarrGenerator::GenerationState::incrementParenNestingLevel):
4027         (JSC::Yarr::YarrGenerator::GenerationState::decrementParenNestingLevel):
4028         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
4029         (JSC::Yarr::YarrGenerator::GenerationState::emitParenthesesTail):
4030         (JSC::Yarr::YarrGenerator::GenerationState::addJumpToNextInteration):
4031         (JSC::Yarr::YarrGenerator::GenerationState::addJumpsToNextInteration):
4032         (JSC::Yarr::YarrGenerator::GenerationState::addDataLabelToNextIteration):
4033         (JSC::Yarr::YarrGenerator::GenerationState::linkToNextIteration):
4034         (JSC::Yarr::YarrGenerator::BacktrackDestination::BacktrackDestination):
4035         (JSC::Yarr::YarrGenerator::BacktrackDestination::clear):
4036         (JSC::Yarr::YarrGenerator::BacktrackDestination::clearDataLabel):
4037         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasDestination):
4038         (JSC::Yarr::YarrGenerator::BacktrackDestination::isStackOffset):
4039         (JSC::Yarr::YarrGenerator::BacktrackDestination::isLabel):
4040         (JSC::Yarr::YarrGenerator::BacktrackDestination::isJumpList):
4041         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasDataLabel):
4042         (JSC::Yarr::YarrGenerator::BacktrackDestination::copyTarget):
4043         (JSC::Yarr::YarrGenerator::BacktrackDestination::copyTo):
4044         (JSC::Yarr::YarrGenerator::BacktrackDestination::addBacktrackJump):
4045         (JSC::Yarr::YarrGenerator::BacktrackDestination::setStackOffset):
4046         (JSC::Yarr::YarrGenerator::BacktrackDestination::setLabel):
4047         (JSC::Yarr::YarrGenerator::BacktrackDestination::setNextBacktrackLabel):
4048         (JSC::Yarr::YarrGenerator::BacktrackDestination::copyBacktrackToLabel):
4049