2011-02-15 Geoffrey Garen <ggaren@apple.com>
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-15  Geoffrey Garen  <ggaren@apple.com>
2
3         Reviewed by Darin Adler.
4
5         Moved MarkedBlock data members to the head of the block
6         https://bugs.webkit.org/show_bug.cgi?id=54482
7         
8         This allows for a variable-sized tail, to accommodate oversized blocks.
9
10         SunSpider reports no change.
11         
12         * runtime/JSCell.h:
13         (JSC::JSCell::MarkedBlock::allocate):
14         * runtime/MarkedBlock.cpp:
15         (JSC::MarkedBlock::destroy):
16         (JSC::MarkedBlock::MarkedBlock):
17         (JSC::MarkedBlock::sweep):
18         * runtime/MarkedBlock.h: Added missing element to the CELLS_PER_BLOCK
19         calculation. This kind of error is why we want to migrate to the system
20         described below.
21
22         (JSC::roundUpToMultipleOf):
23         (JSC::MarkedBlock::firstCell):
24         (JSC::MarkedBlock::cells):
25         (JSC::MarkedBlock::cellNumber): Use subtraction instead of masking to
26         calculate cell number. The mask is no longer correct because the first
27         cell is not at the head of the block.
28
29         (JSC::MarkedBlock::forEach): Replaced m_cells data member with a cells()
30         accessor. We want to use sizeof(MarkedBlock) to calculate the size of the
31         block header, so we can't have an explicit data member to represent the block tail.
32         
33         Also replaced iteration from zero with iteration from startCell(), since
34         the first N cells are now occupied by the header.
35
36         * runtime/MarkedSpace.cpp:
37         (JSC::MarkedSpace::MarkedSpace):
38         (JSC::MarkedSpace::reset): Replaced iteration from zero as above.
39
40 2011-02-15  Chris Rogers  <crogers@google.com>
41
42         Reviewed by Alexey Proskuryakov.
43
44         Fix Mutex::tryLock() on Windows to work properly with PlatformCondition::timedWait()
45         https://bugs.webkit.org/show_bug.cgi?id=54408
46
47         * wtf/ThreadingWin.cpp:
48         (WTF::PlatformCondition::timedWait):
49
50 2011-02-15  Xan Lopez  <xlopez@igalia.com>
51
52         Reviewed by Martin Robinson.
53
54         Remove some dead code in ARMv7
55         https://bugs.webkit.org/show_bug.cgi?id=54461
56
57         * assembler/ARMv7Assembler.h: remove dead code.
58
59 2011-02-14  Geoffrey Garen  <ggaren@apple.com>
60
61         Rubber-stamped by Gavin Barraclough.
62
63         Some MarkedBlock refactoring.
64         
65         Made cells private.
66         
67         Renamed cells => m_cells
68                 marked => m_marks.
69
70         * runtime/JSCell.h:
71         (JSC::JSCell::MarkedBlock::allocate):
72         * runtime/MarkedBlock.cpp:
73         (JSC::MarkedBlock::destroy):
74         (JSC::MarkedBlock::MarkedBlock):
75         (JSC::MarkedBlock::sweep):
76         * runtime/MarkedBlock.h:
77         (JSC::MarkedBlock::isEmpty):
78         (JSC::MarkedBlock::clearMarks):
79         (JSC::MarkedBlock::markCount):
80         (JSC::MarkedBlock::isMarked):
81         (JSC::MarkedBlock::testAndSetMarked):
82         (JSC::MarkedBlock::setMarked):
83         (JSC::MarkedBlock::forEach):
84
85 2011-02-14  Adam Barth  <abarth@webkit.org>
86
87         Reviewed by Eric Seidel.
88
89         Add basic parser for Content Security Policy
90         https://bugs.webkit.org/show_bug.cgi?id=54379
91
92         Add a constructor for copying a Vector into a String.  I suspect there
93         are a number of call sites that are doing this manually that would
94         benefit from being moved to this API.
95
96         * wtf/text/WTFString.h:
97         (WTF::String::String):
98
99 2011-02-14  Pavel Podivilov  <podivilov@chromium.org>
100
101         Reviewed by Yury Semikhatsky.
102
103         Web Inspector: use call frame column to determine execution line in source frame.
104         https://bugs.webkit.org/show_bug.cgi?id=54001
105
106         * wtf/text/TextPosition.h:
107         (WTF::ZeroBasedNumber::convertAsOneBasedInt):
108
109 2011-02-13  Jeremy Moskovich  <jeremy@chromium.org>
110
111         Reviewed by Adam Barth.
112
113         Add a compile-time option to completely disable WebArchive support.
114         https://bugs.webkit.org/show_bug.cgi?id=52712
115
116         Add an ENABLE(WEB_ARCHIVE) compile-time setting and use it for all WebArchive code.
117         Ports Affected:
118             WebArchive support is currently enabled for all ports that define PLATFORM(CF) apart from Qt.
119             This patch preserves this behavior except that it also disables support in the Chromium port.
120
121         * wtf/Platform.h: Add ENABLE_WEB_ARCHIVE definition and turn it off explicitly for Qt & Chromium ports.
122
123 2011-02-13  Cameron Zwarich  <zwarich@apple.com>
124
125         Reviewed by Dan Bernstein.
126
127         Bug 53760 - JSC fails to build with TOT Clang
128         https://bugs.webkit.org/show_bug.cgi?id=53760
129
130         Fix -Woverloaded-virtual warnings. This is also a 6% speedup on the v8 raytrace
131         benchmark; it is nothing-to-noise on everything else.
132
133         * API/JSCallbackObject.h: Remove pointlessly overloaded method.
134         * API/JSCallbackObjectFunctions.h: Ditto.
135         * runtime/Arguments.cpp: 
136         (JSC::Arguments::put): Change signature to match the base class. This implementation
137         was no longer being called by anyone. This wasn't noticed because it is merely an
138         optimization of the base class' implementation.
139         * runtime/Arguments.h: Ditto.
140
141 2011-02-12  Adam Barth  <abarth@webkit.org>
142
143         Reviewed by Mark Rowe.
144
145         Use /dev/urandom as the OSRandomSource on OS(DARWIN)
146         https://bugs.webkit.org/show_bug.cgi?id=54279
147
148         I'm not sure it makes much of a difference whether we use arc4random or
149         /dev/urandom on Mac.  However, there's some aesthetic benefit to using
150         the same underlying API on as many platforms as reasonable.
151
152         * config.h:
153         * wtf/OSRandomSource.cpp:
154         (WTF::cryptographicallyRandomValuesFromOS):
155
156 2011-02-12  Adam Barth  <abarth@webkit.org>
157
158         Reviewed by Kenneth Russell.
159
160         Enable ArrayBuffers by default
161         https://bugs.webkit.org/show_bug.cgi?id=54310
162
163         Export the required functions.
164
165         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
166
167 2011-02-11  Daniel Bates  <dbates@rim.com>
168
169         Reviewed by Geoffrey Garen.
170
171         Remove explicit disable ENABLE_ASSEMBLER_WX_EXCLUSIVE on non-iOS ports
172         https://bugs.webkit.org/show_bug.cgi?id=54107
173         
174         It is unnecessary to explicitly disable ENABLE_ASSEMBLER_WX_EXCLUSIVE
175         by the definition of ENABLE().
176
177         * wtf/Platform.h:
178
179 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
180
181         Not reviewed.
182
183         Randomly touch some build files in the hopes of fixing the Qt build.
184
185         * JavaScriptCore.gypi:
186         * JavaScriptCore.pri:
187         * JavaScriptCore.pro:
188
189 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
190
191         Reviewed by Sam Weinig.
192
193         Garbage collection timer cycles forever, even when nothing is happening
194         https://bugs.webkit.org/show_bug.cgi?id=54320
195         
196         (Rolling back in r78386 with the build fixed.)
197
198         * runtime/GCActivityCallbackCF.cpp:
199         (JSC::DefaultGCActivityCallbackPlatformData::trigger): Be sure to make
200         our timer inert after forcing a GC, to avoid GC'ing repeatedly.
201
202 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
203
204         Not reviewed.
205         
206         Used svn merge -r78386:78385 to roll out r78386 because it broke the build.
207
208         * runtime/GCActivityCallbackCF.cpp:
209         (JSC::DefaultGCActivityCallbackPlatformData::trigger):
210
211 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
212
213         Reviewed by Sam Weinig.
214
215         Garbage collection timer cycles forever, even when nothing is happening
216         https://bugs.webkit.org/show_bug.cgi?id=54320
217
218         * runtime/GCActivityCallbackCF.cpp:
219         (JSC::DefaultGCActivityCallbackPlatformData::trigger): Be sure to make
220         our timer inert after forcing a GC, to avoid GC'ing repeatedly.
221
222 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
223
224         Try to fix the Windows build: added an exported symbol.
225
226         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
227
228 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
229
230         Reviewed by Oliver Hunt.
231
232         A little more encapsulation for the heap: Removed CollectorHeapIterator
233         https://bugs.webkit.org/show_bug.cgi?id=54298
234         
235         CollectorHeapIterator is a God object that knows the internals of each
236         of the pieces of the heap. This undermines the encapsulation I'm trying
237         to achieve by splitting concepts into different classes.
238         
239         As an alternative, I've given each class a forEach iteration function,
240         which takes a functor as an argument. Now, each class just needs to
241         know how to iterate the things it knows about.
242
243         * GNUmakefile.am:
244         * JavaScriptCore.exp:
245         * JavaScriptCore.gypi:
246         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Removed CollectorHeapIterator.
247
248         * debugger/Debugger.cpp:
249         (JSC::Recompiler::Recompiler):
250         (JSC::Recompiler::~Recompiler):
251         (JSC::Recompiler::operator()):
252         (JSC::Debugger::recompileAllJSFunctions): Updated to use forEach interface
253         instead of an iterator.
254
255         * runtime/CollectorHeapIterator.h: Removed.
256
257         * runtime/Heap.cpp:
258         (JSC::TypeCounter::TypeCounter):
259         (JSC::TypeCounter::typeName):
260         (JSC::TypeCounter::operator()):
261         (JSC::TypeCounter::take):
262         (JSC::Heap::protectedObjectTypeCounts):
263         (JSC::Heap::objectTypeCounts): Added forEach and removed iterator.
264
265         * runtime/Heap.h:
266         (JSC::Heap::forEach):
267         * runtime/JSGlobalData.cpp:
268         (JSC::Recompiler::operator()):
269         (JSC::JSGlobalData::recompileAllJSFunctions):
270
271         * runtime/MarkedBlock.h:
272         (JSC::MarkedBlock::forEach): Added forEach. Removed friend declaration
273         for CollectorHeapIterator. Now, we can make all our data private and
274         change it without breaking any other classes.
275
276         * runtime/MarkedSpace.cpp:
277         * runtime/MarkedSpace.h:
278         (JSC::MarkedSpace::forEach): Added forEach and removed iterator.
279
280 2011-02-11  Adam Barth  <abarth@webkit.org>
281
282         Reviewed by Andreas Kling.
283
284         CryptographicRandomNumber has its threading ifdefs backwards
285         https://bugs.webkit.org/show_bug.cgi?id=54280
286
287         Turns out we want the mutex when thread is enabled.  :)
288
289         * wtf/CryptographicallyRandomNumber.cpp:
290         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
291         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
292
293 2011-02-10  Adam Barth  <abarth@webkit.org>
294
295         Reviewed by Eric Seidel.
296
297         WebKit should have a cryptographic RNG
298         https://bugs.webkit.org/show_bug.cgi?id=22049
299
300         Teach JavaScriptCore how to export this function.
301
302         * JavaScriptCore.exp:
303         * JavaScriptCore.xcodeproj/project.pbxproj:
304
305 2011-02-10  Geoffrey Garen  <ggaren@apple.com>
306
307         Reviewed by Sam Weinig.
308
309         A little more encapsulation for MarkedBlock: Made all constants private
310         so clients don't know whether allocations are fixed-sized or not
311         https://bugs.webkit.org/show_bug.cgi?id=54270
312         
313         SunSpider reports no change.
314
315         * runtime/CollectorHeapIterator.h:
316         (JSC::CollectorHeapIterator::advance): Updated for removal of HeapConstants.
317
318         * runtime/Error.cpp: Switched to using ASSERT_CLASS_FITS_IN_CELL, like
319         all other classes.
320
321         * runtime/Heap.cpp:
322         (JSC::Heap::allocate): Updated for removal of HeapConstants.
323         (JSC::Heap::reset): Updated to use size(), instead of calculating size
324         on our own.
325
326         * runtime/Heap.h: Moved the ASSERT here to MarkedBlock, since it enforces
327         on special knowledge of fixed-sizery, which only MarkedBlock is supposed
328         to know about.
329
330         * runtime/JSCell.h:
331         (JSC::JSCell::MarkedBlock::allocate): Updated for removal of HeapConstants.
332         Also changed to reset nextCell to 0 at the end of a block, since that
333         seems more consistent.
334
335         * runtime/JSGlobalData.cpp:
336         (JSC::JSGlobalData::storeVPtrs): Changed to use a fixed array of char.
337         This hard-coded size is a little wonky, but the compiler will tell us
338         if it's ever wrong, so I think it's OK.
339
340         * runtime/MarkedBlock.cpp:
341         (JSC::MarkedBlock::destroy):
342         (JSC::MarkedBlock::MarkedBlock):
343         (JSC::MarkedBlock::sweep): Updated for removal of HeapConstants.
344
345         * runtime/MarkedBlock.h:
346         (JSC::MarkedBlock::isEmpty):
347         (JSC::MarkedBlock::clearMarks):
348         (JSC::MarkedBlock::size):
349         (JSC::MarkedBlock::capacity): Made constants private to this class.
350         Removed HeapConstants. Added size() and capacity() functions.
351
352         * runtime/MarkedSpace.cpp:
353         (JSC::MarkedSpace::allocate):
354         (JSC::MarkedSpace::objectCount):
355         (JSC::MarkedSpace::size):
356         (JSC::MarkedSpace::capacity):
357         * runtime/MarkedSpace.h: Use MarkedBlock helper functions instead of
358         direct knowledge of MarkedBlock internals.
359
360 2011-02-10  Geoffrey Garen  <ggaren@apple.com>
361
362         Reviewed by Sam Weinig.
363
364         A little more encapsulation for MarkedBlock: Made mark bits private
365         https://bugs.webkit.org/show_bug.cgi?id=54264
366         
367         SunSpider reports no change.
368
369         * runtime/Heap.cpp:
370         (JSC::Heap::markRoots):
371         (JSC::Heap::reset): Renamed clearMarkBits => clearMarks, since clients
372         don't need to know that marks are represented as bits. Renamed
373         markedCells => markCount, since clients don't need to know that blocks
374         are split into cells.
375
376         * runtime/MarkedBlock.h:
377         (JSC::MarkedBlock::isEmpty):
378         (JSC::MarkedBlock::clearMarks):
379         (JSC::MarkedBlock::markCount): New helper functions for encapsulating
380         the information clients actually need.
381
382         * runtime/MarkedSpace.cpp:
383         (JSC::MarkedSpace::destroy):
384         (JSC::MarkedSpace::shrink):
385         (JSC::MarkedSpace::clearMarks):
386         (JSC::MarkedSpace::markCount):
387         (JSC::MarkedSpace::objectCount):
388         * runtime/MarkedSpace.h: Use new helper functions instead of accessing
389         MarkedBlock data directly.
390
391 2011-02-10  Michael Saboff  <msaboff@apple.com>
392
393         Reviewed by Geoffrey Garen.
394
395         Cached JavaScript Parser Data Being Left in Memory Cache
396         https://bugs.webkit.org/show_bug.cgi?id=54245
397
398         Added clear method which removes SourceProviderCache items.
399         Cleaned up extraneous whitespace.
400
401         * JavaScriptCore.exp:
402         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
403         * parser/SourceProviderCache.cpp:
404         (JSC::SourceProviderCache::~SourceProviderCache):
405         (JSC::SourceProviderCache::clear):
406         (JSC::SourceProviderCache::byteSize):
407         (JSC::SourceProviderCache::add):
408         * parser/SourceProviderCache.h:
409
410 2011-02-10  Joseph Pecoraro  <joepeck@webkit.org>
411
412         Follow-up fix to r78291. I should pass (int) 0, not '0' to memset. 
413
414         * runtime/GCActivityCallbackCF.cpp:
415         (JSC::DefaultGCActivityCallback::commonConstructor): fix mistaken post-review change.
416
417 2011-02-10  Joseph Pecoraro  <joepeck@webkit.org>
418
419         Reviewed by Geoffrey Garen.
420
421         Make DefaultGCActivityCallback for PLATFORM(CF) Easier to Subclass
422         https://bugs.webkit.org/show_bug.cgi?id=54257
423
424         A subclass may want to specify the CFRunLoop that the Garbage Collection
425         will happen on. It was difficult to manipulate this in a subclass because
426         the current DefaultGCActivityCallback class does this in its constructor.
427         This patch generalizes things a bit more so that a specific run loop can
428         be passed in to the constructor. This makes it so all run loop management
429         can stay in DefaultGCActivityCallback and a subclass can specify any runloop.
430
431         * runtime/GCActivityCallback.h: expose a PLATFORM(CF) constructor that can
432         specify the runloop GC can be scheduled on.
433         * runtime/GCActivityCallbackCF.cpp:
434         (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback): two constructors,
435         one that specifies the run loop and passes that on to commonConstructor and
436         the old constructor defaults to the current run loop.
437         (JSC::DefaultGCActivityCallback::commonConstructor): do normal construction,
438         adding the timer to the given runloop.
439
440 2011-02-10  Geoffrey Garen  <ggaren@apple.com>
441
442         Reviewed by Oliver Hunt.
443
444         A little more encapsulation for MarkedBlock: Moved allocate() and sweep() into MarkedBlock
445         https://bugs.webkit.org/show_bug.cgi?id=54253
446         
447         SunSpider reports no change.
448
449         * runtime/CollectorHeapIterator.h: Removed DeadObjectIterator, since it
450         is now unused.
451
452         * runtime/Heap.cpp:
453         (JSC::Heap::reset): Moved the call to shrink() here, since it seems a
454         little more clear for MarkedSpace's client to tell it explicitly when to
455         shrink.
456
457         * runtime/JSCell.h:
458         (JSC::JSCell::MarkedBlock::allocate): Split out from MarkedSpace::allocate.
459
460         * runtime/MarkedBlock.cpp:
461         (JSC::MarkedBlock::sweep): Split out from MarkedSpace::sweep, and
462         converted to more directly iterate a MarkedBlock based on knowing its
463         internal structure.
464
465         * runtime/MarkedBlock.h:
466         * runtime/MarkedSpace.cpp:
467         (JSC::MarkedSpace::allocate):
468         (JSC::MarkedSpace::sweep):
469         * runtime/MarkedSpace.h: Split out the code mentioned above.
470
471 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
472
473         Reviewed by Andreas Kling.
474
475         Fix compilation error on OpenBSD
476         https://bugs.webkit.org/show_bug.cgi?id=53766
477
478         Add a HAVE_STRNSTR in Platform.h and define it only on Darwin and FreeBSD.
479
480         * wtf/Platform.h:
481         * wtf/StringExtras.h: Use HAVE(STRNSTR) now.
482
483 2011-02-10  Adam Roben  <aroben@apple.com>
484
485         Print locations of assertions and logs in a way that Visual Studio understands
486
487         With this change, double-clicking one of these locations in Visual Studio's Output Window
488         will focus that line of code in the editor.
489
490         Fixes <http://webkit.org/b/54208> Double-clicking locations of assertions/logs in Visual
491         Studio's Output Window does nothing
492
493         Reviewed by Alexey Proskuryakov.
494
495         * wtf/Assertions.cpp:
496         (printCallSite): Use OS(WINDOWS) instead of the meaningless OS(WIN). When we aren't using
497         the debug CRT (and thus can't call _CrtDbgReport), print the file and line number using the
498         same format that cl.exe uses when it prints compiler errors.
499
500 2011-02-10  Dan Bernstein  <mitz@apple.com>
501
502         LLVM Compiler build fix.
503
504         * runtime/MarkedBlock.cpp:
505         (JSC::MarkedBlock::create):
506
507 2011-02-10  Peter Varga  <pvarga@webkit.org>
508
509         Reviewed by Csaba Osztrogonác.
510
511         Remove PCRE source from trunk
512         https://bugs.webkit.org/show_bug.cgi?id=54188
513
514         * Android.mk:
515         * Android.v8.wtf.mk:
516         * CMakeLists.txt:
517         * DerivedSources.make:
518         * DerivedSources.pro:
519         * GNUmakefile.am:
520         * JavaScriptCore.gypi:
521         * JavaScriptCore.order:
522         * JavaScriptCore.pri:
523         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
524         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
525         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
526         * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
527         * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
528         * JavaScriptCore.xcodeproj/project.pbxproj:
529         * pcre/AUTHORS: Removed.
530         * pcre/COPYING: Removed.
531         * pcre/dftables: Removed.
532         * pcre/pcre.h: Removed.
533         * pcre/pcre.pri: Removed.
534         * pcre/pcre_compile.cpp: Removed.
535         * pcre/pcre_exec.cpp: Removed.
536         * pcre/pcre_internal.h: Removed.
537         * pcre/pcre_tables.cpp: Removed.
538         * pcre/pcre_ucp_searchfuncs.cpp: Removed.
539         * pcre/pcre_xclass.cpp: Removed.
540         * pcre/ucpinternal.h: Removed.
541         * pcre/ucptable.cpp: Removed.
542         * wscript:
543
544 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
545
546         Reviewed by Adam Barth.
547
548         Add randomValuesFromOS for OS(WINDOWS)
549         https://bugs.webkit.org/show_bug.cgi?id=54155
550
551         Use CryptGenRandom for generating cryptographically secure random numbers.
552         This will work on WinCE and MinGW too.
553
554         * config.h:
555         * wtf/OSRandomSource.cpp:
556         (WTF::randomValuesFromOS):
557
558 2011-02-10  Jarred Nicholls  <jarred@sencha.com>
559
560         Reviewed by Adam Barth.
561
562         REGRESSION(r78149): Return value of read() shouldn't be ignored.
563         https://bugs.webkit.org/show_bug.cgi?id=54167
564         
565         stdio read should have its return value handled. Build error in gcc 4.4.5.
566
567         * wtf/OSRandomSource.cpp:
568         (WTF::randomValuesFromOS):
569
570 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
571
572         Reviewed by Adam Barth.
573
574         Rename randomValuesFromOS to cryptographicallyRandomValuesFromOS
575         https://bugs.webkit.org/show_bug.cgi?id=54156
576
577         randomValuesFromOS generates random numbers of cryptographic quality.
578         Make this clear by adding "cryptographically" to the function name.
579
580         * wtf/CryptographicallyRandomNumber.cpp:
581         (WTF::ARC4Stream::ARC4RandomNumberGenerator::stir):
582         * wtf/OSRandomSource.cpp:
583         (WTF::cryptographicallyRandomValuesFromOS):
584         * wtf/OSRandomSource.h:
585
586 2011-02-09  Mark Rowe  <mrowe@apple.com>
587
588         Reviewed by Sam Weinig.
589
590         <rdar://problem/8805364> Malloc zone enumeration code should be safe in the face of errors from the memory reader.
591
592         * wtf/FastMalloc.cpp:
593         (WTF::PageHeapAllocator::recordAdministrativeRegions): Use the new helper function to walk the linked list safely.
594         (WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Ditto.
595         (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto.
596         (WTF::TCMallocStats::PageMapFreeObjectFinder::visit): Bail out if the span could not be read.
597         (WTF::TCMallocStats::PageMapMemoryUsageRecorder::visit): Ditto.
598         * wtf/MallocZoneSupport.h:
599         (WTF::RemoteMemoryReader::operator()): Remove an assert that is not valid.
600         (WTF::RemoteMemoryReader::nextEntryInLinkedList): Add a helper function for retrieving the next entry in
601         a linked list. It maps a failed read of the remote memory in to a null pointer, which all callers can
602         handle gracefully.
603
604 2011-02-09  Gavin Barraclough  <barraclough@apple.com>
605
606         Reviewed by Sam Weinig.
607
608         Bug 54164 - Optimize global_var accesses on JSVALUE64
609
610         Directly embed the pointer to d->registers, optimize out the load
611         from the variable object, as we do already in JSVALUE32_64.
612
613         This is a ~1.5% win on sunspidey.
614
615         * jit/JIT.cpp:
616         * jit/JIT.h:
617         * jit/JITOpcodes.cpp:
618         (JSC::JIT::emit_op_get_global_var):
619         (JSC::JIT::emit_op_put_global_var):
620         (JSC::JIT::emit_op_get_scoped_var):
621         (JSC::JIT::emit_op_put_scoped_var):
622
623 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
624
625         Reviewed by Oliver Hunt.
626
627         A little more encapsulation for MarkedBlock: Made MarkedBlock responsible
628         for its own initialization and destruction
629         https://bugs.webkit.org/show_bug.cgi?id=54137
630
631         * runtime/CollectorHeapIterator.h: Removed ObjectIterator since it is
632         now unused.
633
634         * runtime/JSCell.h: Maded MarkedBlock a friend so it can construct and
635         destruct JSCells.
636
637         * runtime/MarkedBlock.cpp:
638         (JSC::MarkedBlock::create):
639         (JSC::MarkedBlock::destroy):
640         (JSC::MarkedBlock::MarkedBlock): Migrated initialization and destruction
641         code from MarkedSpace, updating it not to use ObjectIterator. We don't
642         want to use an abstract iterator since iteration will be unique to each
643         block in the future.
644
645         * runtime/MarkedBlock.h: Made the consructor private and moved it into
646         the .cpp file because it's big now.
647
648         * runtime/MarkedSpace.cpp:
649         (JSC::MarkedSpace::allocateBlock):
650         (JSC::MarkedSpace::freeBlock): Migrated code.
651
652         * runtime/MarkedSpace.h:
653         (JSC::CollectorHeap::collectorBlock): Keep a vector of MarkedBlock
654         pointers instead of aligned allocations -- how MarkedBlocks are allocated
655         is now an implementation detail of MarkedBlock.
656
657 2011-02-09  Adam Barth  <abarth@webkit.org>
658
659         Another attempt to fix the Qt Windows build.
660
661         * config.h:
662         * wtf/OSRandomSource.cpp:
663         (WTF::randomValuesFromOS):
664
665 2011-02-09  Adam Barth  <abarth@webkit.org>
666
667         Attempt to fix the Qt Windows build.
668
669         * wtf/OSRandomSource.cpp:
670         (WTF::randomValuesFromOS):
671
672 2011-02-09  Adam Barth  <abarth@webkit.org>
673
674         Reviewed by Eric Seidel.
675
676         Add WTF::cryptographicallyRandomNumber
677         https://bugs.webkit.org/show_bug.cgi?id=54083
678
679         Introduce a cryptographically strong random number generator to WTF.
680         The random number generator is based on arc4random as found in:
681
682         http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c?rev=1.22
683
684         I've changed to source to WebKit style and abstracted the operating
685         system interaction to OSRandomSource.  We'll use this functionality to
686         expose a cryptographically strong random number generator to
687         JavaScript.
688
689         * Android.mk:
690         * Android.v8.wtf.mk:
691         * GNUmakefile.am:
692         * JavaScriptCore.gypi:
693         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
694         * JavaScriptCore.xcodeproj/project.pbxproj:
695         * config.h:
696         * wtf/CMakeLists.txt:
697         * wtf/CryptographicallyRandomNumber.cpp: Added.
698         (WTF::initMutexIfNeeded):
699         (WTF::init):
700         (WTF::addRandomData):
701         (WTF::stir):
702         (WTF::stirIfNeeded):
703         (WTF::getByte):
704         (WTF::getWord):
705         (WTF::cryptographicallyRandomNumber):
706         (WTF::cryptographicallyRandomValues):
707         * wtf/CryptographicallyRandomNumber.h: Added.
708         * wtf/OSRandomSource.cpp: Added.
709         (WTF::randomValuesFromOS):
710         * wtf/OSRandomSource.h: Added.
711         * wtf/wtf.pri:
712
713 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
714
715         Try to fix the build.
716
717         * wtf/Bitmap.h: Include string.h for memset. Not sure why this started
718         failing now.
719
720 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
721
722         Reviewed by Sam Weinig.
723
724         A tiny bit of encapsulation for MarkedBlock: made its heap data member private
725         https://bugs.webkit.org/show_bug.cgi?id=54129
726
727         * runtime/MarkedBlock.h:
728         (JSC::MarkedBlock::isCellAligned):
729         (JSC::MarkedBlock::MarkedBlock):
730         (JSC::MarkedBlock::heap): Made the heap data member private, and provided
731         a constructor and an accessor.
732
733         * runtime/MarkedSpace.cpp:
734         (JSC::MarkedSpace::allocateBlock):
735         * runtime/MarkedSpace.h:
736         (JSC::MarkedSpace::heap): Use the constructor and accessor.
737
738 2011-02-09  Peter Varga  <pvarga@webkit.org>
739
740         Reviewed by Gavin Barraclough.
741
742         Replace PCRE with Yarr in WebCore
743         https://bugs.webkit.org/show_bug.cgi?id=53496
744
745         * JavaScriptCore.exp:
746         * JavaScriptCore.gyp/JavaScriptCore.gyp:
747         * JavaScriptCore.gypi:
748         * JavaScriptCore.pro:
749         * JavaScriptCore.xcodeproj/project.pbxproj:
750         * create_regex_tables:
751         * runtime/RegExp.cpp:
752         * wtf/Platform.h:
753         * yarr/Yarr.h:
754         * yarr/YarrJIT.cpp:
755         * yarr/YarrJIT.h:
756         * yarr/YarrParser.h:
757         * yarr/YarrPattern.h:
758         * yarr/YarrSyntaxChecker.h:
759         * yarr/yarr.pri: Added.
760
761 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
762
763         Reviewed by Sam Weinig.
764
765         Removed some dead code from Heap
766         https://bugs.webkit.org/show_bug.cgi?id=54064
767
768         * runtime/MarkedSpace.cpp: Removed some now-unused constants and
769         declarations.
770
771         (JSC::MarkedSpace::allocate): Removed some ASSERTs that are also ASSERTed
772         by our caller. Removed redundant typedefs.
773
774 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
775
776         Reviewed by Sam Weinig.
777
778         Use a vector to track blocks in the Heap, instead of hand-rolled vector-like code
779         https://bugs.webkit.org/show_bug.cgi?id=54062
780         
781         SunSpider reports no change.
782
783         * runtime/CollectorHeapIterator.h:
784         (JSC::CollectorHeapIterator::isValid):
785         (JSC::CollectorHeapIterator::isLive): Updated for new mark invariant: To
786         know if an object is live, you just need to test its mark bit.
787
788         * runtime/MarkedSpace.cpp:
789         (JSC::MarkedSpace::MarkedSpace): Moved waterMark and highWaterMark from
790         CollectorHeap into MarkedSpace, since they're global state. Removed call
791         to memset since CollectorHeap is a true class with its own constructor now.
792
793         (JSC::MarkedSpace::destroy): Change uses of m_heap.usedBlocks to
794         m_heap.blocks.size(), and m_heap.numBlocks to m_heap.blocks.capacity().
795
796         (JSC::MarkedSpace::allocateBlock):
797         (JSC::MarkedSpace::freeBlock): No need to manage our vector manually anymore.
798
799         (JSC::MarkedSpace::allocate):
800         (JSC::MarkedSpace::shrink):
801         (JSC::MarkedSpace::clearMarkBits):
802         (JSC::MarkedSpace::markedCells):
803         (JSC::MarkedSpace::sweep):
804         (JSC::MarkedSpace::objectCount):
805         (JSC::MarkedSpace::capacity):
806         (JSC::MarkedSpace::reset):
807         (JSC::MarkedSpace::primaryHeapEnd):
808         * runtime/MarkedSpace.h:
809         (JSC::CollectorHeap::CollectorHeap):
810         (JSC::MarkedSpace::highWaterMark):
811         (JSC::MarkedSpace::setHighWaterMark):
812         (JSC::MarkedSpace::contains): Same as above.
813
814 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
815
816         Reviewed by Darin Adler.
817
818         Give each MarkedBlock enough mark bits to cover the whole block
819         https://bugs.webkit.org/show_bug.cgi?id=54029
820         
821         SunSpider reports no change.
822
823         This simplifies access to mark bits, since any cell-aligned pointer
824         into a block now has a valid mark bit to test.
825         
826         * runtime/MarkedBlock.h: Changed CELLS_PER_BLOCK to account for the extra
827         mark bits. This happens not to change its actual value.
828         (JSC::MarkedBlock::cellNumber):
829         (JSC::MarkedBlock::isMarked):
830         (JSC::MarkedBlock::testAndSetMarked):
831         (JSC::MarkedBlock::setMarked): Changed const JSCell* to const void* to
832         remove a cast from our caller, and to more accurately reflect the fact
833         that MarkedBlock is agnostic about the types pointed to by the pointers
834         you pass to it.
835
836         (JSC::MarkedBlock::isPossibleCell): Removed a null check. We now consider
837         the null pointer to be a possible cell with a 0 (impossible) block. This
838         removes a null check from marking.
839
840         * runtime/MarkedSpace.cpp:
841         * runtime/MarkedSpace.h:
842         (JSC::MarkedSpace::contains): Simplified the contains check, and inlined
843         the whole thing, now that it's so simple.
844
845 2011-02-08  Daniel Bates  <dbates@rim.com>
846
847         Rubber-stamped by Martin Robinson.
848
849         Rename enum ProtectionSeting [sic] to ProtectionSetting.
850
851         * jit/ExecutableAllocator.cpp:
852         (JSC::ExecutableAllocator::reprotectRegion):
853         * jit/ExecutableAllocator.h:
854
855 2011-02-08  Balazs Kelemen  <kbalazs@webkit.org>
856
857         Reviewed by Andreas Kling.
858
859         [Qt] Should not always define USE_SYSTEM_MALLOC
860         https://bugs.webkit.org/show_bug.cgi?id=54007
861
862         * wtf/Platform.h:
863
864 2011-02-08  Dan Bernstein  <mitz@apple.com>
865
866         Reviewed by Maciej Stachowiak.
867
868         LLVM Compiler build fix.
869
870         * runtime/WriteBarrier.h:
871         (JSC::WriteBarrier::WriteBarrier):
872
873 2011-02-07  Ryosuke Niwa  <rniwa@webkit.org>
874
875         Reviewed by Darin Adler.
876
877         JSVariableObject::setRegisters should take PassOwnArrayPtr for registersArray.
878         https://bugs.webkit.org/show_bug.cgi?id=53902
879
880         * runtime/Arguments.h:
881         (JSC::JSActivation::copyRegisters): Uses OwnArrayPtr<Register> instead of Register*.
882         * runtime/JSGlobalObject.cpp:
883         (JSC::JSGlobalObject::copyGlobalsFrom): Ditto.
884         * runtime/JSGlobalObject.h:
885         (JSC::JSGlobalObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
886         for registerArray.
887         * runtime/JSVariableObject.h:
888         (JSC::JSVariableObject::copyRegisterArray): Returns PassOwnArrayPtr<Register> instead of Register*.
889         (JSC::JSVariableObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
890         for registerArray.
891
892 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
893
894         Reviewed by Sam Weinig.
895
896         Removed some dead code from Heap
897         https://bugs.webkit.org/show_bug.cgi?id=53969
898         
899         SunSpider reports no change.
900
901         * runtime/MarkedSpace.cpp:
902         (JSC::MarkedSpace::shrink):
903         (JSC::MarkedSpace::sweep):
904         * runtime/MarkedSpace.h: Removed resizeBlocks and growBlocks, and
905         renamed shrinkBlocks to shrink, making it unconditionally shrink as
906         much as possible.
907
908 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
909
910         Reviewed by Oliver Hunt.
911
912         Simplified the marked space's mark invariant
913         https://bugs.webkit.org/show_bug.cgi?id=53968
914         
915         SunSpider reports no change.
916         
917         * runtime/MarkedSpace.cpp:
918         (JSC::MarkedSpace::allocate): Mark objects when allocating them. This
919         means that, at all times other than the mark phase, an object is live
920         if and only if it is marked.
921
922         (JSC::MarkedSpace::containsSlowCase): Use the new mark invariant to
923         simplify testing whether an object is live.
924
925 2011-02-07  Beth Dakin  <bdakin@apple.com>
926
927         Reviewed by Eric Seidel.
928
929         Fix for https://bugs.webkit.org/show_bug.cgi?id=53950
930         USE_WK_SCROLLBAR_PAINTER in ScrollbarThemeMac should be in
931         Platform.h instead
932
933         * wtf/Platform.h:
934
935 2011-02-07  Darin Adler  <darin@apple.com>
936
937         Reviewed by Antti Koivisto.
938
939         Add built-in decoder for UTF-8 for improved performance
940         https://bugs.webkit.org/show_bug.cgi?id=53898
941
942         * wtf/unicode/UnicodeMacrosFromICU.h: Added U8_MAX_LENGTH and
943         U8_APPEND_UNSAFE. Also fixed header.
944
945 2011-02-07  Adam Roben  <aroben@apple.com>
946
947         Delete precompiled headers whenever any .vsprops file changes
948
949         Precompiled headers need to be rebuilt if, e.g., an ENABLE_* macro is changed in one of our
950         .vsprops files. Unfortunately, Visual Studio isn't smart enough to figure this out, so we
951         give it some assistance by deleting the precompiled headers whenever any .vsprops file
952         changes.
953
954         I also made some drive-by fixes while I was in the area.
955
956         Fixes <http://webkit.org/b/53826> react-to-vsprops-changes.py doesn't force precompiled
957         headers to be rebuilt, but should
958
959         Reviewed by David Kilzer.
960
961         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Stop ignoring the
962         return code from react-to-vsprops-changes.py so we will notice when errors are introduced.
963         But skip the script entirely in production builds, where it is both unnecessary and can't
964         function correctly (due to not having the entire source tree available to it).
965
966         * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py:
967         (main): Removed an extra '*' in the glob for finding manifest files. The extra '*' was
968         leftover from before we rearranged WebKitBuild in r75138. Moved code to delete an old file
969         to the new delete_if_older_than function. Added code to delete any precompiled headers older
970         than the newest .vsprops file.
971         (delete_if_older_than): Added. Code came from main.
972
973 2011-02-07  Antti Koivisto  <antti@apple.com>
974
975         Not reviewed.
976         
977         ASSERTS_DISABLED -> ASSERT_DISABLED
978
979         * wtf/BloomFilter.h:
980
981 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
982
983         Unreviewed; speculative Qt build fix.
984
985         * JavaScriptCore.pro:
986
987 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
988
989         Reviewed by Darin Adler.
990
991         OwnArraryPtr.h uses deleteOwnedPtr but doesn’t include OwnPtrCommon.h
992         https://bugs.webkit.org/show_bug.cgi?id=52867
993
994         Removed LOOSE_OWN_ARRAY_PTR and OwnArrayPtr<T>::set. Replaced all calls to OwnArrayPtr::set
995         and loose instantiation of OwnArrayPtr by calls to operator= and adoptArrayPtr. Also removed
996         OwnArrayPtrCommon.h since PassOwnArrayPtr.h needs to include OwnArrayPtr.h and there is
997         no point in putting deleteOwnedArrayPtr into a separate header.
998         
999         Note: if this patch breaks build, the code is either instiantiating OwnArrayPtr
1000         without calling adoptArrayPtr or calling set on ArrayOwnPtr instead of operator=.
1001
1002         No tests are added since this is a refactoring.
1003
1004         * API/JSStringRefCF.cpp:
1005         (JSStringCreateWithCFString): Calls adoptArrayPtr.
1006         * GNUmakefile.am: Removed OwnArrayPtrCommon.h
1007         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1008         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1009         * runtime/Arguments.cpp:
1010         (JSC::Arguments::deleteProperty): Calls adoptArrayPtr.
1011         * runtime/Arguments.h:
1012         (JSC::Arguments::copyRegisters): Ditto.
1013         * runtime/JSPropertyNameIterator.cpp:
1014         (JSC::JSPropertyNameIterator::JSPropertyNameIterator): Ditto.
1015         * runtime/JSVariableObject.h:
1016         (JSC::JSVariableObject::setRegisters): Calls operator= instead of set.
1017         * runtime/StructureChain.cpp:
1018         (JSC::StructureChain::StructureChain): Ditto.
1019         * wtf/CMakeLists.txt:
1020         * wtf/DateMath.h:
1021         (JSC::GregorianDateTime::GregorianDateTime): No longer instnatiates OwnArrayPtr
1022         with a null pointer.
1023         * wtf/OwnArrayPtr.h:
1024         * wtf/OwnArrayPtrCommon.h: Removed.
1025         * wtf/PassOwnArrayPtr.h: No longer includes OwnArrayCommon.h
1026         (WTF::deleteOwnedArrayPtr): Moved from OwnArrayPtrCommon.h
1027
1028 2011-02-06  Antti Koivisto  <antti@apple.com>
1029
1030         Reviewed by Maciej Stachowiak.
1031
1032         Use bloom filter for descendant selector filtering
1033         https://bugs.webkit.org/show_bug.cgi?id=53880
1034         
1035         Implement a bloom filter with k=2 and 8 bit counting.
1036
1037         * GNUmakefile.am:
1038         * JavaScriptCore.gypi:
1039         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1040         * JavaScriptCore.xcodeproj/project.pbxproj:
1041         * wtf/BloomFilter.h: Added.
1042         (WTF::BloomFilter::maximumCount):
1043         (WTF::BloomFilter::BloomFilter):
1044         (WTF::BloomFilter::mayContain):
1045         (WTF::BloomFilter::add):
1046         (WTF::BloomFilter::remove):
1047         (WTF::BloomFilter::firstSlot):
1048         (WTF::BloomFilter::secondSlot):
1049         (WTF::::add):
1050         (WTF::::remove):
1051         (WTF::::clear):
1052         (WTF::::likelyEmpty):
1053         (WTF::::isClear):
1054
1055 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
1056
1057         Reviewed by Oliver Hunt.
1058
1059         Rolled back in r77612 with ASSERT/crash fixed.
1060         https://bugs.webkit.org/show_bug.cgi?id=53759
1061         
1062         Don't shrink the heap to 0 unconditionally. Instead, shrink to 1 if
1063         necessary. For now, the heap assumes that it always has at least one
1064         block live.
1065
1066         * runtime/Heap.cpp:
1067         (JSC::Heap::Heap):
1068         (JSC::Heap::reset):
1069         * runtime/Heap.h:
1070         * runtime/MarkedSpace.cpp:
1071         (JSC::MarkedSpace::allocate):
1072         (JSC::MarkedSpace::shrinkBlocks):
1073         (JSC::MarkedSpace::sweep):
1074         (JSC::MarkedSpace::reset):
1075         * runtime/MarkedSpace.h:
1076         (JSC::MarkedSpace::highWaterMark):
1077         (JSC::MarkedSpace::setHighWaterMark):
1078
1079 2011-02-04  David Kilzer  <ddkilzer@apple.com>
1080
1081         BUILD FIX: REALLY remove the last vestiges of JSVALUE32!
1082
1083         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
1084         <http://webkit.org/b/53779>
1085
1086         * DerivedSources.make: Removed dependency on
1087         JavaScriptCore.JSVALUE32.exp.
1088
1089 2011-02-04  David Kilzer  <ddkilzer@apple.com>
1090
1091         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
1092         <http://webkit.org/b/53779>
1093
1094         Reviewed by Darin Adler.
1095
1096         Support for JSVALUE32 was originaly removed in r70111.
1097
1098         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
1099         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
1100         JavaScriptCore.JSVALUE64.exp to match Platform.h.
1101         * DerivedSources.make: Removed rule for
1102         JavaScriptCore.JSVALUE32.exp.
1103         * JavaScriptCore.JSVALUE32only.exp: Removed.
1104         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
1105         to JavaScriptCore.JSVALUE32only.exp.
1106
1107 2011-02-04  David Kilzer  <ddkilzer@apple.com>
1108
1109         Use static_cast and other style cleanup in YarrInterpreter.cpp
1110         <http://webkit.org/b/53772>
1111
1112         Reviewed by John Sullivan.
1113
1114         * yarr/YarrInterpreter.cpp:
1115         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
1116         static_cast.
1117         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
1118         unnecessary else block.
1119         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
1120         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
1121         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
1122
1123 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
1124
1125         Unreviewed, rolling out r77625 and r77626.
1126         http://trac.webkit.org/changeset/77625
1127         http://trac.webkit.org/changeset/77626
1128         https://bugs.webkit.org/show_bug.cgi?id=53765
1129
1130         It broke Windows builds (Requested by Ossy_ on #webkit).
1131
1132         * JavaScriptCore.exp:
1133         * JavaScriptCore.gyp/JavaScriptCore.gyp:
1134         * JavaScriptCore.gypi:
1135         * JavaScriptCore.pro:
1136         * JavaScriptCore.xcodeproj/project.pbxproj:
1137         * create_regex_tables:
1138         * runtime/RegExp.cpp:
1139         * wtf/Platform.h:
1140         * yarr/Yarr.h:
1141         * yarr/YarrJIT.cpp:
1142         * yarr/YarrJIT.h:
1143         * yarr/YarrParser.h:
1144         * yarr/YarrPattern.h:
1145         * yarr/YarrSyntaxChecker.h:
1146         * yarr/yarr.pri: Removed.
1147
1148 2011-02-04  Jessie Berlin  <jberlin@apple.com>
1149
1150         Windows build fix. Unreviewed.
1151
1152         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
1153
1154 2011-02-04  Peter Varga  <pvarga@webkit.org>
1155
1156         Reviewed by Gavin Barraclough.
1157
1158         Replace PCRE with Yarr in WebCore
1159         https://bugs.webkit.org/show_bug.cgi?id=53496
1160
1161         * JavaScriptCore.exp:
1162         * JavaScriptCore.gyp/JavaScriptCore.gyp:
1163         * JavaScriptCore.gypi:
1164         * JavaScriptCore.pro:
1165         * JavaScriptCore.xcodeproj/project.pbxproj:
1166         * create_regex_tables:
1167         * runtime/RegExp.cpp:
1168         * wtf/Platform.h:
1169         * yarr/Yarr.h:
1170         * yarr/YarrJIT.cpp:
1171         * yarr/YarrJIT.h:
1172         * yarr/YarrParser.h:
1173         * yarr/YarrPattern.h:
1174         * yarr/YarrSyntaxChecker.h:
1175         * yarr/yarr.pri: Added.
1176
1177 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
1178
1179         Unreviewed rollout two patches r77614 and r77612.
1180
1181         REGRESSION: Snow Leopard Intel Release anumber of failing tests.
1182
1183         * runtime/Heap.cpp:
1184         (JSC::Heap::Heap):
1185         (JSC::Heap::reset):
1186         * runtime/Heap.h:
1187         * runtime/MarkedSpace.cpp:
1188         (JSC::MarkedSpace::allocate):
1189         (JSC::MarkedSpace::sweep):
1190         (JSC::MarkedSpace::reset):
1191         * runtime/MarkedSpace.h:
1192
1193 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
1194
1195         Try to fix 32bit build.
1196
1197         * runtime/Heap.cpp:
1198         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
1199         since 1.5 is double (64bit), and the result is size_t (32bit).
1200
1201 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1202
1203         Reviewed by Cameron Zwarich.
1204
1205         Changed MarkedSpace to delegate grow/shrink decisions to Heap
1206         https://bugs.webkit.org/show_bug.cgi?id=53759
1207         
1208         SunSpider reports no change.
1209         
1210         * runtime/Heap.cpp:
1211         (JSC::Heap::Heap):
1212         (JSC::Heap::reset):
1213         * runtime/Heap.h: Reorganized a few data members for better cache locality.
1214         Added a grow policy.
1215         
1216         * runtime/MarkedSpace.cpp:
1217         (JSC::MarkedSpace::allocate):
1218         (JSC::MarkedSpace::sweep):
1219         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
1220         the heap to make an explicit sweep call.
1221
1222         * runtime/MarkedSpace.h:
1223         (JSC::MarkedSpace::highWaterMark):
1224         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
1225         many bytes to allocate before failing and giving the heap an opportunity
1226         to collect garbage. This also means that we allocate blocks on demand,
1227         instead of ahead of time.
1228
1229 2011-02-03  James Kozianski  <koz@chromium.org>
1230
1231         Reviewed by Dimitri Glazkov.
1232
1233         Add navigator.registerProtocolHandler behind a flag.
1234         https://bugs.webkit.org/show_bug.cgi?id=52609
1235
1236         * Configurations/FeatureDefines.xcconfig:
1237
1238 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1239
1240         Reviewed by Oliver Hunt.
1241
1242         Not all blocks are freed when the heap is freed (counting is hard!)
1243         https://bugs.webkit.org/show_bug.cgi?id=53732
1244
1245         * runtime/MarkedSpace.cpp:
1246         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
1247         keep freeing block 0 until there are no blocks left.
1248
1249 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1250
1251         Try to fix the Mac build.
1252
1253         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
1254         needs to be private, not project, so other projects can include headers
1255         that depend on it.
1256
1257 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1258
1259         Reviewed by Sam Weinig.
1260
1261         Start using MarkedBlock instead of CollectorBlock
1262         https://bugs.webkit.org/show_bug.cgi?id=53693
1263         
1264         SunSpider reports no change.
1265         
1266         * runtime/MarkedBlock.h:
1267         (JSC::MarkedBlock::blockFor):
1268         (JSC::MarkedBlock::setMarked):
1269         (JSC::MarkedBlock::isCellAligned):
1270         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
1271
1272         * runtime/MarkedSpace.cpp:
1273         (JSC::MarkedSpace::allocateBlock):
1274         (JSC::MarkedSpace::containsSlowCase):
1275         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
1276
1277         * runtime/MarkedSpace.h:
1278         (JSC::CollectorHeap::collectorBlock):
1279         (JSC::MarkedSpace::heap):
1280         (JSC::MarkedSpace::isMarked):
1281         (JSC::MarkedSpace::testAndSetMarked):
1282         (JSC::MarkedSpace::setMarked):
1283         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
1284         and deleted dead CollectorBlock-related code.
1285
1286 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
1287
1288         Reviewed by Darin Adler.
1289
1290         Avoid strlen() in AtomicString::fromUTF8
1291         https://bugs.webkit.org/show_bug.cgi?id=50516
1292
1293         Add an overload to calculateStringHashFromUTF8 to get
1294         strlen() of the input data with only one call.
1295
1296         This change shows about 3% performance win on the xml-parser benchmark.
1297
1298         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1299         * wtf/text/AtomicString.cpp:
1300         (WTF::AtomicString::fromUTF8):
1301         * wtf/unicode/UTF8.cpp:
1302         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
1303         (WTF::Unicode::calculateStringHashFromUTF8):
1304         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
1305         * wtf/unicode/UTF8.h:
1306
1307 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
1308
1309         Windows build fix.
1310
1311         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1312
1313 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
1314
1315         oops, build fix!
1316
1317         * wtf/Assertions.cpp:
1318
1319 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
1320
1321         Reviewed by Sam Weinig.
1322
1323         Bug 53650 - Add a BACKTRACE macro to Assertions.h
1324
1325         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
1326         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
1327
1328         * JavaScriptCore.exp:
1329         * wtf/Assertions.cpp:
1330         * wtf/Assertions.h:
1331
1332 2011-02-02  Michael Saboff  <msaboff@apple.com>
1333
1334         Reviewed by Gavin Barraclough.
1335
1336         Improper backtrack of nested non-capturing greedy paren to prior paren
1337         https://bugs.webkit.org/show_bug.cgi?id=53261
1338
1339         A paren that follows a non-capturing greedy paren nested within a 
1340         non-capturing fixed paren was back tracking to the last paren 
1341         processed instead of the immediately prior paren.
1342         Refactored default backtracking of parens to prior paren to work for
1343         both nested (within) and immediately prior (after) parens.
1344
1345         * yarr/YarrJIT.cpp:
1346         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
1347         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
1348         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
1349         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
1350         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
1351         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
1352         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
1353         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
1354         (JSC::Yarr::YarrGenerator::generateDisjunction):
1355
1356 2011-02-02  Jeff Miller  <jeffm@apple.com>
1357
1358         Reviewed by Darin Adler and Steve Falkenburg.
1359
1360         Add DerivedSources.make to some Visual Studio projects
1361         https://bugs.webkit.org/show_bug.cgi?id=53607
1362
1363         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
1364
1365 2011-02-02  Steve Lacey  <sjl@chromium.org>
1366
1367         Reviewed by Eric Carlson.
1368
1369         Implement basic media statistics on media elements.
1370         https://bugs.webkit.org/show_bug.cgi?id=53322
1371
1372         * Configurations/FeatureDefines.xcconfig:
1373
1374 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
1375
1376         [wx] Build fixes for wxWebKit.
1377
1378         * wtf/wx/StringWx.cpp:
1379         (WTF::String::String):
1380
1381 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1382
1383         Reviewed by Sam Weinig.
1384
1385         A little more Heap refactoring
1386         https://bugs.webkit.org/show_bug.cgi?id=53577
1387         
1388         SunSpider reports no change.
1389         
1390         Split out MarkedBlock into its own file / class.
1391         
1392         Did the following renames:
1393             isCellMarked => isMarked
1394             checkMarkCell => testAndSetMarked
1395             markCell => setMarked
1396             cellOffset => cellNumber
1397             collectorBlock => blockFor
1398
1399         * Android.mk:
1400         * CMakeLists.txt:
1401         * GNUmakefile.am:
1402         * JavaScriptCore.gypi:
1403         * JavaScriptCore.pro:
1404         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1405         * JavaScriptCore.xcodeproj/project.pbxproj:
1406         * runtime/Heap.cpp:
1407         (JSC::WeakGCHandlePool::update):
1408         * runtime/Heap.h:
1409         (JSC::Heap::isMarked):
1410         (JSC::Heap::testAndSetMarked):
1411         (JSC::Heap::setMarked):
1412         * runtime/JSArray.h:
1413         (JSC::MarkStack::markChildren):
1414         (JSC::MarkStack::drain):
1415         * runtime/JSCell.h:
1416         (JSC::JSCell::MarkStack::internalAppend):
1417         * runtime/MarkedBlock.cpp: Added.
1418         * runtime/MarkedBlock.h: Added.
1419         (JSC::MarkedBlock::blockFor):
1420         (JSC::MarkedBlock::cellNumber):
1421         (JSC::MarkedBlock::isMarked):
1422         (JSC::MarkedBlock::testAndSetMarked):
1423         (JSC::MarkedBlock::setMarked):
1424         (JSC::MarkedBlock::isCellAligned):
1425         (JSC::MarkedBlock::isPossibleCell):
1426         * runtime/MarkedSpace.h:
1427         (JSC::MarkedSpace::isMarked):
1428         (JSC::MarkedSpace::testAndSetMarked):
1429         (JSC::MarkedSpace::setMarked):
1430         * runtime/SmallStrings.cpp:
1431         (JSC::isMarked):
1432         * runtime/WeakGCMap.h:
1433         (JSC::WeakGCMap::isValid):
1434         (JSC::::get):
1435         (JSC::::take):
1436         (JSC::::set):
1437
1438 2011-02-02  Sam Weinig  <sam@webkit.org>
1439
1440         Fix windows clean build.
1441
1442         * DerivedSources.make:
1443
1444 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
1445
1446         Reviewed by Martin Robinson.
1447
1448         [GTK] Fix dist compilation
1449         https://bugs.webkit.org/show_bug.cgi?id=53579
1450
1451         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
1452         added in r77151
1453
1454 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
1455
1456         Unreviewed, rolling out r77297.
1457         http://trac.webkit.org/changeset/77297
1458         https://bugs.webkit.org/show_bug.cgi?id=53538
1459
1460         caused leopard crashes (Requested by paroga on #webkit).
1461
1462         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1463         * wtf/text/AtomicString.cpp:
1464         (WTF::AtomicString::fromUTF8):
1465         * wtf/unicode/UTF8.cpp:
1466         (WTF::Unicode::calculateStringHashFromUTF8):
1467         * wtf/unicode/UTF8.h:
1468
1469 2011-02-01  Sam Weinig  <sam@webkit.org>
1470
1471         Fix Mac production builds.
1472
1473         * JavaScriptCore.xcodeproj/project.pbxproj:
1474
1475 2011-02-01  Sam Weinig  <sam@webkit.org>
1476
1477         Try to fix the windows build.
1478
1479         * DerivedSources.make:
1480
1481 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
1482
1483         Reviewed by Darin Adler.
1484
1485         Avoid strlen() in AtomicString::fromUTF8
1486         https://bugs.webkit.org/show_bug.cgi?id=50516
1487
1488         Add an overload to calculateStringHashFromUTF8 to get
1489         strlen() of the input data with only one call.
1490
1491         This change shows about 3% performance win on the xml-parser benchmark.
1492
1493         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1494         * wtf/text/AtomicString.cpp:
1495         (WTF::AtomicString::fromUTF8):
1496         * wtf/unicode/UTF8.cpp:
1497         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
1498         (WTF::Unicode::calculateStringHashFromUTF8):
1499         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
1500         * wtf/unicode/UTF8.h:
1501
1502 2011-02-01  Sam Weinig  <sam@webkit.org>
1503
1504         Reviewed by Beth Dakin.
1505
1506         Part 2 for <rdar://problem/8492788>
1507         Adopt WKScrollbarPainterController
1508
1509         Use header detection to define scrollbar painting controller #define.
1510
1511         * DerivedSources.make:
1512         * JavaScriptCore.xcodeproj/project.pbxproj:
1513
1514 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1515
1516         Reviewed by Oliver Hunt.
1517
1518         Refactor JSGlobalObject-related tear-down
1519         https://bugs.webkit.org/show_bug.cgi?id=53478
1520         
1521         While investigating crashes caused by r77082, I noticed some strange
1522         destructor-time behaviors. This patch makes them less strange.
1523
1524         * bytecode/CodeBlock.cpp:
1525         (JSC::CodeBlock::CodeBlock):
1526         (JSC::CodeBlock::markAggregate):
1527         * bytecode/CodeBlock.h:
1528         (JSC::CodeBlock::globalObject):
1529         (JSC::GlobalCodeBlock::GlobalCodeBlock):
1530         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
1531         blocks on the Heap, instead of on independent global objects. The heap
1532         is guaranteed to outlast any GC-owned data structure. The heap is also
1533         a natural place to store objects that needs out-of-band marking, since
1534         the heap is responsible for marking all roots.
1535
1536         * runtime/Heap.cpp:
1537         (JSC::Heap::markRoots):
1538         (JSC::Heap::globalObjectCount):
1539         (JSC::Heap::protectedGlobalObjectCount):
1540         * runtime/Heap.h:
1541         (JSC::Heap::codeBlocks):
1542         * runtime/JSGlobalData.cpp:
1543         (JSC::JSGlobalData::JSGlobalData):
1544         * runtime/JSGlobalData.h:
1545         * runtime/JSGlobalObject.cpp:
1546         (JSC::JSGlobalObject::~JSGlobalObject):
1547         (JSC::JSGlobalObject::init):
1548         (JSC::JSGlobalObject::markChildren):
1549         * runtime/JSGlobalObject.h:
1550         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
1551         owned by JSGlobalData, instead of an instrusive circular linked list.
1552         This is simpler, and it avoids destructor-time access between garbage
1553         collected objects, which is hard to get right.
1554
1555         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
1556         everything down. Otherwise, weak data structures will incorrectly report
1557         that objects pending destruction are still alive.
1558
1559 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1560
1561         Reviewed by Oliver Hunt.
1562
1563         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
1564         bot; loading trac pages; typing in search field
1565         https://bugs.webkit.org/show_bug.cgi?id=53519
1566         
1567         The crashes were all caused by failure to run an object's destructor.
1568
1569         * runtime/CollectorHeapIterator.h:
1570         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
1571         construction. The iterator class used to do that when it was designed
1572         for prior-to-beginning initialization. I forgot to remove this line
1573         of code when I changed the iterator to normal initialization.
1574         
1575         Skipping forward upon construction was causing the heap to skip running
1576         the destructor for the very first object in a block when destroying the
1577         block. This usually did not crash, since block destruction is rare and
1578         most objects have pretty trivial destructors. However, in the rare case
1579         when the heap would destroy a block whose first object was a global
1580         object or a DOM node, BOOM.
1581
1582 2011-01-31  Oliver Hunt  <oliver@apple.com>
1583
1584         Reviewed by Geoffrey Garen.
1585
1586         Update JSObject storage for new marking API
1587         https://bugs.webkit.org/show_bug.cgi?id=53467
1588
1589         JSObject no longer uses EncodedJSValue for its property storage.
1590         This produces a stream of mechanical changes to PropertySlot and
1591         anonymous storage APIs.
1592
1593         * JavaScriptCore.exp:
1594         * runtime/ArrayPrototype.cpp:
1595         (JSC::ArrayPrototype::ArrayPrototype):
1596         * runtime/BooleanConstructor.cpp:
1597         (JSC::constructBoolean):
1598         (JSC::constructBooleanFromImmediateBoolean):
1599         * runtime/BooleanObject.cpp:
1600         (JSC::BooleanObject::BooleanObject):
1601         * runtime/BooleanObject.h:
1602         * runtime/BooleanPrototype.cpp:
1603         (JSC::BooleanPrototype::BooleanPrototype):
1604         * runtime/DateInstance.cpp:
1605         (JSC::DateInstance::DateInstance):
1606         * runtime/DatePrototype.cpp:
1607         (JSC::DatePrototype::DatePrototype):
1608         * runtime/JSActivation.cpp:
1609         (JSC::JSActivation::getOwnPropertySlot):
1610         * runtime/JSArray.cpp:
1611         (JSC::JSArray::getOwnPropertySlot):
1612         * runtime/JSFunction.cpp:
1613         (JSC::JSFunction::getOwnPropertySlot):
1614         * runtime/JSGlobalObject.h:
1615         (JSC::JSGlobalObject::JSGlobalObject):
1616         * runtime/JSObject.cpp:
1617         (JSC::JSObject::fillGetterPropertySlot):
1618         * runtime/JSObject.h:
1619         (JSC::JSObject::getDirectLocation):
1620         (JSC::JSObject::offsetForLocation):
1621         (JSC::JSObject::putAnonymousValue):
1622         (JSC::JSObject::clearAnonymousValue):
1623         (JSC::JSObject::getAnonymousValue):
1624         (JSC::JSObject::putThisToAnonymousValue):
1625         (JSC::JSObject::locationForOffset):
1626         (JSC::JSObject::inlineGetOwnPropertySlot):
1627         * runtime/JSObjectWithGlobalObject.cpp:
1628         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
1629         * runtime/JSWrapperObject.h:
1630         (JSC::JSWrapperObject::JSWrapperObject):
1631         (JSC::JSWrapperObject::setInternalValue):
1632         * runtime/Lookup.cpp:
1633         (JSC::setUpStaticFunctionSlot):
1634         * runtime/NumberConstructor.cpp:
1635         (JSC::constructWithNumberConstructor):
1636         * runtime/NumberObject.cpp:
1637         (JSC::NumberObject::NumberObject):
1638         (JSC::constructNumber):
1639         * runtime/NumberObject.h:
1640         * runtime/NumberPrototype.cpp:
1641         (JSC::NumberPrototype::NumberPrototype):
1642         * runtime/PropertySlot.h:
1643         (JSC::PropertySlot::getValue):
1644         (JSC::PropertySlot::setValue):
1645         (JSC::PropertySlot::setRegisterSlot):
1646         * runtime/StringObject.cpp:
1647         (JSC::StringObject::StringObject):
1648         * runtime/StringPrototype.cpp:
1649         (JSC::StringPrototype::StringPrototype):
1650         * runtime/WriteBarrier.h:
1651         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
1652
1653 2011-02-01  Daniel Bates  <dbates@rim.com>
1654
1655         Reviewed by Antonio Gomes.
1656
1657         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
1658         https://bugs.webkit.org/show_bug.cgi?id=53506
1659
1660         Currently, use of the Mersenne Twister pseudorandom number generator
1661         is hardcoded to the Windows CE port. With the passing of bug #53253,
1662         we can generalize support for this PRNG to all ports that use srand(3)
1663         and rand(3), including Windows CE.
1664
1665         * wtf/RandomNumberSeed.h:
1666         (WTF::initializeRandomNumberGenerator):
1667
1668 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
1669
1670         Reviewed by Gavin Barraclough.
1671
1672         MacroAssemblerARM would generate code that did 32bit loads
1673         on addresses that were not aligned. More specifically it would
1674         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
1675         The intended instruction really is ldrb r8,[r1, #7]; ensure we
1676         call load8 instead of load32.
1677
1678         https://bugs.webkit.org/show_bug.cgi?id=46095
1679
1680         * assembler/MacroAssemblerARM.h:
1681         (JSC::MacroAssemblerARM::set32Test32):
1682         (JSC::MacroAssemblerARM::set32Test8):
1683
1684 2011-02-01  Darin Fisher  <darin@chromium.org>
1685
1686         Reviewed by Eric Seidel.
1687
1688         Fix some Visual Studio compiler warnings.
1689         https://bugs.webkit.org/show_bug.cgi?id=53476
1690
1691         * wtf/MathExtras.h:
1692         (clampToInteger):
1693         (clampToPositiveInteger):
1694         * wtf/ThreadingWin.cpp:
1695         (WTF::absoluteTimeToWaitTimeoutInterval):
1696
1697 2011-01-31  Oliver Hunt  <oliver@apple.com>
1698
1699         Reviewed by Sam Weinig.
1700
1701         Bogus callframe during stack unwinding
1702         https://bugs.webkit.org/show_bug.cgi?id=53454
1703
1704         Trying to access a callframe's globalData after destroying its
1705         ScopeChain is not a good thing.  While we could access the
1706         globalData directly through the (known valid) scopechain we're
1707         holding on to, it feels fragile.  Instead we push the valid
1708         ScopeChain onto the callframe again to ensure that the callframe
1709         itself remains valid.
1710
1711         * interpreter/Interpreter.cpp:
1712         (JSC::Interpreter::unwindCallFrame):
1713
1714 2011-01-31  Michael Saboff  <msaboff@apple.com>
1715
1716         Reviewed by Geoffrey Garen.
1717
1718         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1719         https://bugs.webkit.org/show_bug.cgi?id=53271
1720
1721         Reapplying this change again.
1722         Changed isValid() to use .get() as a result of change r77151.
1723
1724         Added new isValid() methods to check if a contained object in
1725         a WeakGCMap is valid when using an unchecked iterator.
1726
1727         * runtime/WeakGCMap.h:
1728         (JSC::WeakGCMap::isValid):
1729
1730 2011-01-31  Oliver Hunt  <oliver@apple.com>
1731
1732         Convert markstack to a slot visitor API
1733         https://bugs.webkit.org/show_bug.cgi?id=53219
1734
1735         rolling r77098, r77099, r77100, r77109, and
1736         r77111 back in, along with a few more Qt fix attempts.
1737
1738         * API/JSCallbackObject.h:
1739         (JSC::JSCallbackObjectData::setPrivateProperty):
1740         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1741         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1742         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1743         (JSC::JSCallbackObject::setPrivateProperty):
1744         * API/JSCallbackObjectFunctions.h:
1745         (JSC::::put):
1746         (JSC::::staticFunctionGetter):
1747         * API/JSObjectRef.cpp:
1748         (JSObjectMakeConstructor):
1749         (JSObjectSetPrivateProperty):
1750         * API/JSWeakObjectMapRefInternal.h:
1751         * JavaScriptCore.exp:
1752         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1753         * JavaScriptCore.xcodeproj/project.pbxproj:
1754         * bytecode/CodeBlock.cpp:
1755         (JSC::CodeBlock::markAggregate):
1756         * bytecode/CodeBlock.h:
1757         (JSC::CodeBlock::globalObject):
1758         * bytecompiler/BytecodeGenerator.cpp:
1759         (JSC::BytecodeGenerator::BytecodeGenerator):
1760         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1761         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1762         (JSC::BytecodeGenerator::findScopedProperty):
1763         * debugger/Debugger.cpp:
1764         (JSC::evaluateInGlobalCallFrame):
1765         * debugger/DebuggerActivation.cpp:
1766         (JSC::DebuggerActivation::DebuggerActivation):
1767         (JSC::DebuggerActivation::markChildren):
1768         * debugger/DebuggerActivation.h:
1769         * debugger/DebuggerCallFrame.cpp:
1770         (JSC::DebuggerCallFrame::evaluate):
1771         * interpreter/CallFrame.h:
1772         (JSC::ExecState::exception):
1773         * interpreter/Interpreter.cpp:
1774         (JSC::Interpreter::resolve):
1775         (JSC::Interpreter::resolveSkip):
1776         (JSC::Interpreter::resolveGlobal):
1777         (JSC::Interpreter::resolveGlobalDynamic):
1778         (JSC::Interpreter::resolveBaseAndProperty):
1779         (JSC::Interpreter::unwindCallFrame):
1780         (JSC::appendSourceToError):
1781         (JSC::Interpreter::execute):
1782         (JSC::Interpreter::tryCacheGetByID):
1783         (JSC::Interpreter::privateExecute):
1784         * jit/JITStubs.cpp:
1785         (JSC::JITThunks::tryCacheGetByID):
1786         (JSC::DEFINE_STUB_FUNCTION):
1787         * jsc.cpp:
1788         (GlobalObject::GlobalObject):
1789         * runtime/ArgList.cpp:
1790         (JSC::MarkedArgumentBuffer::markLists):
1791         * runtime/Arguments.cpp:
1792         (JSC::Arguments::markChildren):
1793         (JSC::Arguments::getOwnPropertySlot):
1794         (JSC::Arguments::getOwnPropertyDescriptor):
1795         (JSC::Arguments::put):
1796         * runtime/Arguments.h:
1797         (JSC::Arguments::setActivation):
1798         (JSC::Arguments::Arguments):
1799         * runtime/ArrayConstructor.cpp:
1800         (JSC::ArrayConstructor::ArrayConstructor):
1801         (JSC::constructArrayWithSizeQuirk):
1802         * runtime/ArrayPrototype.cpp:
1803         (JSC::arrayProtoFuncSplice):
1804         * runtime/BatchedTransitionOptimizer.h:
1805         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1806         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1807         * runtime/BooleanConstructor.cpp:
1808         (JSC::BooleanConstructor::BooleanConstructor):
1809         (JSC::constructBoolean):
1810         (JSC::constructBooleanFromImmediateBoolean):
1811         * runtime/BooleanPrototype.cpp:
1812         (JSC::BooleanPrototype::BooleanPrototype):
1813         * runtime/ConservativeSet.cpp:
1814         (JSC::ConservativeSet::grow):
1815         * runtime/ConservativeSet.h:
1816         (JSC::ConservativeSet::~ConservativeSet):
1817         (JSC::ConservativeSet::mark):
1818         * runtime/DateConstructor.cpp:
1819         (JSC::DateConstructor::DateConstructor):
1820         * runtime/DateInstance.cpp:
1821         (JSC::DateInstance::DateInstance):
1822         * runtime/DatePrototype.cpp:
1823         (JSC::dateProtoFuncSetTime):
1824         (JSC::setNewValueFromTimeArgs):
1825         (JSC::setNewValueFromDateArgs):
1826         (JSC::dateProtoFuncSetYear):
1827         * runtime/ErrorConstructor.cpp:
1828         (JSC::ErrorConstructor::ErrorConstructor):
1829         * runtime/ErrorInstance.cpp:
1830         (JSC::ErrorInstance::ErrorInstance):
1831         * runtime/ErrorPrototype.cpp:
1832         (JSC::ErrorPrototype::ErrorPrototype):
1833         * runtime/FunctionConstructor.cpp:
1834         (JSC::FunctionConstructor::FunctionConstructor):
1835         * runtime/FunctionPrototype.cpp:
1836         (JSC::FunctionPrototype::FunctionPrototype):
1837         * runtime/GetterSetter.cpp:
1838         (JSC::GetterSetter::markChildren):
1839         * runtime/GetterSetter.h:
1840         (JSC::GetterSetter::GetterSetter):
1841         (JSC::GetterSetter::getter):
1842         (JSC::GetterSetter::setGetter):
1843         (JSC::GetterSetter::setter):
1844         (JSC::GetterSetter::setSetter):
1845         * runtime/GlobalEvalFunction.cpp:
1846         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1847         (JSC::GlobalEvalFunction::markChildren):
1848         * runtime/GlobalEvalFunction.h:
1849         (JSC::GlobalEvalFunction::cachedGlobalObject):
1850         * runtime/Heap.cpp:
1851         (JSC::Heap::markProtectedObjects):
1852         (JSC::Heap::markTempSortVectors):
1853         (JSC::Heap::markRoots):
1854         * runtime/InternalFunction.cpp:
1855         (JSC::InternalFunction::InternalFunction):
1856         * runtime/JSAPIValueWrapper.h:
1857         (JSC::JSAPIValueWrapper::value):
1858         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1859         * runtime/JSActivation.cpp:
1860         (JSC::JSActivation::markChildren):
1861         (JSC::JSActivation::put):
1862         * runtime/JSArray.cpp:
1863         (JSC::JSArray::JSArray):
1864         (JSC::JSArray::getOwnPropertySlot):
1865         (JSC::JSArray::getOwnPropertyDescriptor):
1866         (JSC::JSArray::put):
1867         (JSC::JSArray::putSlowCase):
1868         (JSC::JSArray::deleteProperty):
1869         (JSC::JSArray::increaseVectorLength):
1870         (JSC::JSArray::setLength):
1871         (JSC::JSArray::pop):
1872         (JSC::JSArray::push):
1873         (JSC::JSArray::unshiftCount):
1874         (JSC::JSArray::sort):
1875         (JSC::JSArray::fillArgList):
1876         (JSC::JSArray::copyToRegisters):
1877         (JSC::JSArray::compactForSorting):
1878         * runtime/JSArray.h:
1879         (JSC::JSArray::getIndex):
1880         (JSC::JSArray::setIndex):
1881         (JSC::JSArray::uncheckedSetIndex):
1882         (JSC::JSArray::markChildrenDirect):
1883         * runtime/JSByteArray.cpp:
1884         (JSC::JSByteArray::JSByteArray):
1885         * runtime/JSCell.h:
1886         (JSC::JSCell::MarkStack::append):
1887         (JSC::JSCell::MarkStack::internalAppend):
1888         (JSC::JSCell::MarkStack::deprecatedAppend):
1889         * runtime/JSFunction.cpp:
1890         (JSC::JSFunction::JSFunction):
1891         (JSC::JSFunction::getOwnPropertySlot):
1892         * runtime/JSGlobalData.h:
1893         * runtime/JSGlobalObject.cpp:
1894         (JSC::markIfNeeded):
1895         (JSC::JSGlobalObject::reset):
1896         (JSC::JSGlobalObject::resetPrototype):
1897         (JSC::JSGlobalObject::markChildren):
1898         * runtime/JSGlobalObject.h:
1899         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1900         (JSC::JSGlobalObject::regExpConstructor):
1901         (JSC::JSGlobalObject::errorConstructor):
1902         (JSC::JSGlobalObject::evalErrorConstructor):
1903         (JSC::JSGlobalObject::rangeErrorConstructor):
1904         (JSC::JSGlobalObject::referenceErrorConstructor):
1905         (JSC::JSGlobalObject::syntaxErrorConstructor):
1906         (JSC::JSGlobalObject::typeErrorConstructor):
1907         (JSC::JSGlobalObject::URIErrorConstructor):
1908         (JSC::JSGlobalObject::evalFunction):
1909         (JSC::JSGlobalObject::objectPrototype):
1910         (JSC::JSGlobalObject::functionPrototype):
1911         (JSC::JSGlobalObject::arrayPrototype):
1912         (JSC::JSGlobalObject::booleanPrototype):
1913         (JSC::JSGlobalObject::stringPrototype):
1914         (JSC::JSGlobalObject::numberPrototype):
1915         (JSC::JSGlobalObject::datePrototype):
1916         (JSC::JSGlobalObject::regExpPrototype):
1917         (JSC::JSGlobalObject::methodCallDummy):
1918         (JSC::Structure::prototypeForLookup):
1919         (JSC::constructArray):
1920         * runtime/JSONObject.cpp:
1921         (JSC::Stringifier::Holder::object):
1922         (JSC::Stringifier::Holder::objectSlot):
1923         (JSC::Stringifier::markAggregate):
1924         (JSC::Stringifier::stringify):
1925         (JSC::Stringifier::Holder::appendNextProperty):
1926         (JSC::Walker::callReviver):
1927         (JSC::Walker::walk):
1928         * runtime/JSObject.cpp:
1929         (JSC::JSObject::defineGetter):
1930         (JSC::JSObject::defineSetter):
1931         (JSC::JSObject::removeDirect):
1932         (JSC::JSObject::putDirectFunction):
1933         (JSC::JSObject::putDirectFunctionWithoutTransition):
1934         (JSC::putDescriptor):
1935         (JSC::JSObject::defineOwnProperty):
1936         * runtime/JSObject.h:
1937         (JSC::JSObject::getDirectOffset):
1938         (JSC::JSObject::putDirectOffset):
1939         (JSC::JSObject::putUndefinedAtDirectOffset):
1940         (JSC::JSObject::flattenDictionaryObject):
1941         (JSC::JSObject::putDirectInternal):
1942         (JSC::JSObject::putDirect):
1943         (JSC::JSObject::putDirectFunction):
1944         (JSC::JSObject::putDirectWithoutTransition):
1945         (JSC::JSObject::putDirectFunctionWithoutTransition):
1946         (JSC::JSValue::putDirect):
1947         (JSC::JSObject::allocatePropertyStorageInline):
1948         (JSC::JSObject::markChildrenDirect):
1949         * runtime/JSPropertyNameIterator.cpp:
1950         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1951         (JSC::JSPropertyNameIterator::get):
1952         * runtime/JSPropertyNameIterator.h:
1953         * runtime/JSStaticScopeObject.cpp:
1954         (JSC::JSStaticScopeObject::markChildren):
1955         * runtime/JSString.cpp:
1956         (JSC::StringObject::create):
1957         * runtime/JSValue.h:
1958         * runtime/JSWrapperObject.cpp:
1959         (JSC::JSWrapperObject::markChildren):
1960         * runtime/JSWrapperObject.h:
1961         (JSC::JSWrapperObject::internalValue):
1962         (JSC::JSWrapperObject::setInternalValue):
1963         * runtime/LiteralParser.cpp:
1964         (JSC::LiteralParser::parse):
1965         * runtime/Lookup.cpp:
1966         (JSC::setUpStaticFunctionSlot):
1967         * runtime/Lookup.h:
1968         (JSC::lookupPut):
1969         * runtime/MarkStack.h:
1970         (JSC::MarkStack::MarkStack):
1971         (JSC::MarkStack::deprecatedAppendValues):
1972         (JSC::MarkStack::appendValues):
1973         * runtime/MathObject.cpp:
1974         (JSC::MathObject::MathObject):
1975         * runtime/NativeErrorConstructor.cpp:
1976         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1977         * runtime/NativeErrorPrototype.cpp:
1978         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1979         * runtime/NumberConstructor.cpp:
1980         (JSC::NumberConstructor::NumberConstructor):
1981         (JSC::constructWithNumberConstructor):
1982         * runtime/NumberObject.cpp:
1983         (JSC::constructNumber):
1984         * runtime/NumberPrototype.cpp:
1985         (JSC::NumberPrototype::NumberPrototype):
1986         * runtime/ObjectConstructor.cpp:
1987         (JSC::ObjectConstructor::ObjectConstructor):
1988         (JSC::objectConstructorGetOwnPropertyDescriptor):
1989         * runtime/Operations.h:
1990         (JSC::normalizePrototypeChain):
1991         (JSC::resolveBase):
1992         * runtime/PrototypeFunction.cpp:
1993         (JSC::PrototypeFunction::PrototypeFunction):
1994         * runtime/PutPropertySlot.h:
1995         (JSC::PutPropertySlot::setExistingProperty):
1996         (JSC::PutPropertySlot::setNewProperty):
1997         (JSC::PutPropertySlot::base):
1998         * runtime/RegExpConstructor.cpp:
1999         (JSC::RegExpConstructor::RegExpConstructor):
2000         * runtime/ScopeChain.cpp:
2001         (JSC::ScopeChainNode::print):
2002         * runtime/ScopeChain.h:
2003         (JSC::ScopeChainNode::~ScopeChainNode):
2004         (JSC::ScopeChainIterator::operator*):
2005         (JSC::ScopeChainIterator::operator->):
2006         (JSC::ScopeChain::top):
2007         * runtime/ScopeChainMark.h:
2008         (JSC::ScopeChain::markAggregate):
2009         * runtime/SmallStrings.cpp:
2010         (JSC::isMarked):
2011         (JSC::SmallStrings::markChildren):
2012         * runtime/SmallStrings.h:
2013         (JSC::SmallStrings::emptyString):
2014         (JSC::SmallStrings::singleCharacterString):
2015         (JSC::SmallStrings::singleCharacterStrings):
2016         * runtime/StringConstructor.cpp:
2017         (JSC::StringConstructor::StringConstructor):
2018         * runtime/StringObject.cpp:
2019         (JSC::StringObject::StringObject):
2020         * runtime/StringObject.h:
2021         * runtime/StringPrototype.cpp:
2022         (JSC::StringPrototype::StringPrototype):
2023         * runtime/Structure.cpp:
2024         (JSC::Structure::Structure):
2025         (JSC::Structure::addPropertyTransition):
2026         (JSC::Structure::toDictionaryTransition):
2027         (JSC::Structure::flattenDictionaryStructure):
2028         * runtime/Structure.h:
2029         (JSC::Structure::storedPrototype):
2030         (JSC::Structure::storedPrototypeSlot):
2031         * runtime/WeakGCMap.h:
2032         (JSC::WeakGCMap::uncheckedGet):
2033         (JSC::WeakGCMap::uncheckedGetSlot):
2034         (JSC::::get):
2035         (JSC::::take):
2036         (JSC::::set):
2037         (JSC::::uncheckedRemove):
2038         * runtime/WriteBarrier.h: Added.
2039         (JSC::DeprecatedPtr::DeprecatedPtr):
2040         (JSC::DeprecatedPtr::get):
2041         (JSC::DeprecatedPtr::operator*):
2042         (JSC::DeprecatedPtr::operator->):
2043         (JSC::DeprecatedPtr::slot):
2044         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2045         (JSC::DeprecatedPtr::operator!):
2046         (JSC::WriteBarrierBase::set):
2047         (JSC::WriteBarrierBase::get):
2048         (JSC::WriteBarrierBase::operator*):
2049         (JSC::WriteBarrierBase::operator->):
2050         (JSC::WriteBarrierBase::clear):
2051         (JSC::WriteBarrierBase::slot):
2052         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2053         (JSC::WriteBarrierBase::operator!):
2054         (JSC::WriteBarrier::WriteBarrier):
2055         (JSC::operator==):
2056
2057 2011-01-31  Dan Winship  <danw@gnome.org>
2058
2059         Reviewed by Gustavo Noronha Silva.
2060
2061         wss (websockets ssl) support for gtk via new gio TLS support
2062         https://bugs.webkit.org/show_bug.cgi?id=50344
2063
2064         Add a GPollableOutputStream typedef for TLS WebSockets support
2065
2066         * wtf/gobject/GTypedefs.h:
2067
2068 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
2069
2070         Reviewed by Geoff Garen.
2071
2072         https://bugs.webkit.org/show_bug.cgi?id=53352
2073         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2074
2075         The FixedVMPoolAllocator currently uses a best fix policy -
2076         switch to first fit, this is less prone to external fragmentation.
2077
2078         * jit/ExecutableAllocatorFixedVMPool.cpp:
2079         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2080         (JSC::AllocationTableSizeClass::blockSize):
2081         (JSC::AllocationTableSizeClass::blockCount):
2082         (JSC::AllocationTableSizeClass::blockAlignment):
2083         (JSC::AllocationTableSizeClass::size):
2084         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2085         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2086         (JSC::AllocationTableLeaf::allocate):
2087         (JSC::AllocationTableLeaf::free):
2088         (JSC::AllocationTableLeaf::isEmpty):
2089         (JSC::AllocationTableLeaf::isFull):
2090         (JSC::AllocationTableLeaf::size):
2091         (JSC::AllocationTableLeaf::classForSize):
2092         (JSC::AllocationTableLeaf::dump):
2093         (JSC::LazyAllocationTable::LazyAllocationTable):
2094         (JSC::LazyAllocationTable::~LazyAllocationTable):
2095         (JSC::LazyAllocationTable::allocate):
2096         (JSC::LazyAllocationTable::free):
2097         (JSC::LazyAllocationTable::isEmpty):
2098         (JSC::LazyAllocationTable::isFull):
2099         (JSC::LazyAllocationTable::size):
2100         (JSC::LazyAllocationTable::dump):
2101         (JSC::LazyAllocationTable::classForSize):
2102         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2103         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2104         (JSC::AllocationTableDirectory::allocate):
2105         (JSC::AllocationTableDirectory::free):
2106         (JSC::AllocationTableDirectory::isEmpty):
2107         (JSC::AllocationTableDirectory::isFull):
2108         (JSC::AllocationTableDirectory::size):
2109         (JSC::AllocationTableDirectory::classForSize):
2110         (JSC::AllocationTableDirectory::dump):
2111         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2112         (JSC::FixedVMPoolAllocator::alloc):
2113         (JSC::FixedVMPoolAllocator::free):
2114         (JSC::FixedVMPoolAllocator::allocated):
2115         (JSC::FixedVMPoolAllocator::isValid):
2116         (JSC::FixedVMPoolAllocator::classForSize):
2117         (JSC::FixedVMPoolAllocator::offsetToPointer):
2118         (JSC::FixedVMPoolAllocator::pointerToOffset):
2119         (JSC::ExecutableAllocator::committedByteCount):
2120         (JSC::ExecutableAllocator::isValid):
2121         (JSC::ExecutableAllocator::underMemoryPressure):
2122         (JSC::ExecutablePool::systemAlloc):
2123         (JSC::ExecutablePool::systemRelease):
2124         * wtf/PageReservation.h:
2125         (WTF::PageReservation::PageReservation):
2126         (WTF::PageReservation::commit):
2127         (WTF::PageReservation::decommit):
2128         (WTF::PageReservation::committed):
2129
2130 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
2131
2132         Unreviewed, rolling out r76969.
2133         http://trac.webkit.org/changeset/76969
2134         https://bugs.webkit.org/show_bug.cgi?id=53418
2135
2136         "It is causing crashes in GTK+ and Leopard bots" (Requested by
2137         alexg__ on #webkit).
2138
2139         * runtime/WeakGCMap.h:
2140
2141 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
2142
2143         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
2144         r77111.
2145         http://trac.webkit.org/changeset/77098
2146         http://trac.webkit.org/changeset/77099
2147         http://trac.webkit.org/changeset/77100
2148         http://trac.webkit.org/changeset/77109
2149         http://trac.webkit.org/changeset/77111
2150         https://bugs.webkit.org/show_bug.cgi?id=53219
2151
2152         Qt build is broken
2153
2154         * API/JSCallbackObject.h:
2155         (JSC::JSCallbackObjectData::setPrivateProperty):
2156         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2157         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2158         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2159         (JSC::JSCallbackObject::setPrivateProperty):
2160         * API/JSCallbackObjectFunctions.h:
2161         (JSC::::put):
2162         (JSC::::staticFunctionGetter):
2163         * API/JSObjectRef.cpp:
2164         (JSObjectMakeConstructor):
2165         (JSObjectSetPrivateProperty):
2166         * API/JSWeakObjectMapRefInternal.h:
2167         * JavaScriptCore.exp:
2168         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2169         * JavaScriptCore.xcodeproj/project.pbxproj:
2170         * bytecode/CodeBlock.cpp:
2171         (JSC::CodeBlock::markAggregate):
2172         * bytecode/CodeBlock.h:
2173         (JSC::CodeBlock::globalObject):
2174         * bytecompiler/BytecodeGenerator.cpp:
2175         (JSC::BytecodeGenerator::BytecodeGenerator):
2176         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2177         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2178         (JSC::BytecodeGenerator::findScopedProperty):
2179         * debugger/Debugger.cpp:
2180         (JSC::evaluateInGlobalCallFrame):
2181         * debugger/DebuggerActivation.cpp:
2182         (JSC::DebuggerActivation::DebuggerActivation):
2183         (JSC::DebuggerActivation::markChildren):
2184         * debugger/DebuggerActivation.h:
2185         * debugger/DebuggerCallFrame.cpp:
2186         (JSC::DebuggerCallFrame::evaluate):
2187         * interpreter/CallFrame.h:
2188         (JSC::ExecState::exception):
2189         * interpreter/Interpreter.cpp:
2190         (JSC::Interpreter::resolve):
2191         (JSC::Interpreter::resolveSkip):
2192         (JSC::Interpreter::resolveGlobal):
2193         (JSC::Interpreter::resolveGlobalDynamic):
2194         (JSC::Interpreter::resolveBaseAndProperty):
2195         (JSC::Interpreter::unwindCallFrame):
2196         (JSC::appendSourceToError):
2197         (JSC::Interpreter::execute):
2198         (JSC::Interpreter::tryCacheGetByID):
2199         (JSC::Interpreter::privateExecute):
2200         * jit/JITStubs.cpp:
2201         (JSC::JITThunks::tryCacheGetByID):
2202         (JSC::DEFINE_STUB_FUNCTION):
2203         * jsc.cpp:
2204         (GlobalObject::GlobalObject):
2205         * runtime/ArgList.cpp:
2206         (JSC::MarkedArgumentBuffer::markLists):
2207         * runtime/Arguments.cpp:
2208         (JSC::Arguments::markChildren):
2209         (JSC::Arguments::getOwnPropertySlot):
2210         (JSC::Arguments::getOwnPropertyDescriptor):
2211         (JSC::Arguments::put):
2212         * runtime/Arguments.h:
2213         (JSC::Arguments::setActivation):
2214         (JSC::Arguments::Arguments):
2215         * runtime/ArrayConstructor.cpp:
2216         (JSC::ArrayConstructor::ArrayConstructor):
2217         (JSC::constructArrayWithSizeQuirk):
2218         * runtime/ArrayPrototype.cpp:
2219         (JSC::arrayProtoFuncSplice):
2220         * runtime/BatchedTransitionOptimizer.h:
2221         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2222         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2223         * runtime/BooleanConstructor.cpp:
2224         (JSC::BooleanConstructor::BooleanConstructor):
2225         (JSC::constructBoolean):
2226         (JSC::constructBooleanFromImmediateBoolean):
2227         * runtime/BooleanPrototype.cpp:
2228         (JSC::BooleanPrototype::BooleanPrototype):
2229         * runtime/ConservativeSet.cpp:
2230         (JSC::ConservativeSet::grow):
2231         * runtime/ConservativeSet.h:
2232         (JSC::ConservativeSet::~ConservativeSet):
2233         (JSC::ConservativeSet::mark):
2234         * runtime/DateConstructor.cpp:
2235         (JSC::DateConstructor::DateConstructor):
2236         * runtime/DateInstance.cpp:
2237         (JSC::DateInstance::DateInstance):
2238         * runtime/DatePrototype.cpp:
2239         (JSC::dateProtoFuncSetTime):
2240         (JSC::setNewValueFromTimeArgs):
2241         (JSC::setNewValueFromDateArgs):
2242         (JSC::dateProtoFuncSetYear):
2243         * runtime/ErrorConstructor.cpp:
2244         (JSC::ErrorConstructor::ErrorConstructor):
2245         * runtime/ErrorInstance.cpp:
2246         (JSC::ErrorInstance::ErrorInstance):
2247         * runtime/ErrorPrototype.cpp:
2248         (JSC::ErrorPrototype::ErrorPrototype):
2249         * runtime/FunctionConstructor.cpp:
2250         (JSC::FunctionConstructor::FunctionConstructor):
2251         * runtime/FunctionPrototype.cpp:
2252         (JSC::FunctionPrototype::FunctionPrototype):
2253         * runtime/GetterSetter.cpp:
2254         (JSC::GetterSetter::markChildren):
2255         * runtime/GetterSetter.h:
2256         (JSC::GetterSetter::GetterSetter):
2257         (JSC::GetterSetter::getter):
2258         (JSC::GetterSetter::setGetter):
2259         (JSC::GetterSetter::setter):
2260         (JSC::GetterSetter::setSetter):
2261         * runtime/GlobalEvalFunction.cpp:
2262         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2263         (JSC::GlobalEvalFunction::markChildren):
2264         * runtime/GlobalEvalFunction.h:
2265         (JSC::GlobalEvalFunction::cachedGlobalObject):
2266         * runtime/Heap.cpp:
2267         (JSC::Heap::markProtectedObjects):
2268         (JSC::Heap::markTempSortVectors):
2269         (JSC::Heap::markRoots):
2270         * runtime/InternalFunction.cpp:
2271         (JSC::InternalFunction::InternalFunction):
2272         * runtime/JSAPIValueWrapper.h:
2273         (JSC::JSAPIValueWrapper::value):
2274         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2275         * runtime/JSActivation.cpp:
2276         (JSC::JSActivation::markChildren):
2277         (JSC::JSActivation::put):
2278         * runtime/JSArray.cpp:
2279         (JSC::JSArray::JSArray):
2280         (JSC::JSArray::getOwnPropertySlot):
2281         (JSC::JSArray::getOwnPropertyDescriptor):
2282         (JSC::JSArray::put):
2283         (JSC::JSArray::putSlowCase):
2284         (JSC::JSArray::deleteProperty):
2285         (JSC::JSArray::increaseVectorLength):
2286         (JSC::JSArray::setLength):
2287         (JSC::JSArray::pop):
2288         (JSC::JSArray::push):
2289         (JSC::JSArray::unshiftCount):
2290         (JSC::JSArray::sort):
2291         (JSC::JSArray::fillArgList):
2292         (JSC::JSArray::copyToRegisters):
2293         (JSC::JSArray::compactForSorting):
2294         * runtime/JSArray.h:
2295         (JSC::JSArray::getIndex):
2296         (JSC::JSArray::setIndex):
2297         (JSC::JSArray::uncheckedSetIndex):
2298         (JSC::JSArray::markChildrenDirect):
2299         * runtime/JSByteArray.cpp:
2300         (JSC::JSByteArray::JSByteArray):
2301         * runtime/JSCell.h:
2302         (JSC::JSCell::JSValue::toThisObject):
2303         (JSC::JSCell::MarkStack::append):
2304         * runtime/JSFunction.cpp:
2305         (JSC::JSFunction::JSFunction):
2306         (JSC::JSFunction::getOwnPropertySlot):
2307         * runtime/JSGlobalData.h:
2308         * runtime/JSGlobalObject.cpp:
2309         (JSC::markIfNeeded):
2310         (JSC::JSGlobalObject::reset):
2311         (JSC::JSGlobalObject::resetPrototype):
2312         (JSC::JSGlobalObject::markChildren):
2313         * runtime/JSGlobalObject.h:
2314         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2315         (JSC::JSGlobalObject::regExpConstructor):
2316         (JSC::JSGlobalObject::errorConstructor):
2317         (JSC::JSGlobalObject::evalErrorConstructor):
2318         (JSC::JSGlobalObject::rangeErrorConstructor):
2319         (JSC::JSGlobalObject::referenceErrorConstructor):
2320         (JSC::JSGlobalObject::syntaxErrorConstructor):
2321         (JSC::JSGlobalObject::typeErrorConstructor):
2322         (JSC::JSGlobalObject::URIErrorConstructor):
2323         (JSC::JSGlobalObject::evalFunction):
2324         (JSC::JSGlobalObject::objectPrototype):
2325         (JSC::JSGlobalObject::functionPrototype):
2326         (JSC::JSGlobalObject::arrayPrototype):
2327         (JSC::JSGlobalObject::booleanPrototype):
2328         (JSC::JSGlobalObject::stringPrototype):
2329         (JSC::JSGlobalObject::numberPrototype):
2330         (JSC::JSGlobalObject::datePrototype):
2331         (JSC::JSGlobalObject::regExpPrototype):
2332         (JSC::JSGlobalObject::methodCallDummy):
2333         (JSC::Structure::prototypeForLookup):
2334         (JSC::constructArray):
2335         * runtime/JSONObject.cpp:
2336         (JSC::Stringifier::Holder::object):
2337         (JSC::Stringifier::markAggregate):
2338         (JSC::Stringifier::stringify):
2339         (JSC::Stringifier::Holder::appendNextProperty):
2340         (JSC::Walker::callReviver):
2341         (JSC::Walker::walk):
2342         * runtime/JSObject.cpp:
2343         (JSC::JSObject::defineGetter):
2344         (JSC::JSObject::defineSetter):
2345         (JSC::JSObject::removeDirect):
2346         (JSC::JSObject::putDirectFunction):
2347         (JSC::JSObject::putDirectFunctionWithoutTransition):
2348         (JSC::putDescriptor):
2349         (JSC::JSObject::defineOwnProperty):
2350         * runtime/JSObject.h:
2351         (JSC::JSObject::getDirectOffset):
2352         (JSC::JSObject::putDirectOffset):
2353         (JSC::JSObject::flattenDictionaryObject):
2354         (JSC::JSObject::putDirectInternal):
2355         (JSC::JSObject::putDirect):
2356         (JSC::JSObject::putDirectFunction):
2357         (JSC::JSObject::putDirectWithoutTransition):
2358         (JSC::JSObject::putDirectFunctionWithoutTransition):
2359         (JSC::JSValue::putDirect):
2360         (JSC::JSObject::allocatePropertyStorageInline):
2361         (JSC::JSObject::markChildrenDirect):
2362         * runtime/JSPropertyNameIterator.cpp:
2363         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2364         (JSC::JSPropertyNameIterator::get):
2365         * runtime/JSPropertyNameIterator.h:
2366         * runtime/JSStaticScopeObject.cpp:
2367         (JSC::JSStaticScopeObject::markChildren):
2368         * runtime/JSString.cpp:
2369         (JSC::StringObject::create):
2370         * runtime/JSValue.h:
2371         * runtime/JSWrapperObject.cpp:
2372         (JSC::JSWrapperObject::markChildren):
2373         * runtime/JSWrapperObject.h:
2374         (JSC::JSWrapperObject::internalValue):
2375         (JSC::JSWrapperObject::setInternalValue):
2376         * runtime/LiteralParser.cpp:
2377         (JSC::LiteralParser::parse):
2378         * runtime/Lookup.cpp:
2379         (JSC::setUpStaticFunctionSlot):
2380         * runtime/Lookup.h:
2381         (JSC::lookupPut):
2382         * runtime/MarkStack.h:
2383         (JSC::MarkStack::appendValues):
2384         * runtime/MathObject.cpp:
2385         (JSC::MathObject::MathObject):
2386         * runtime/NativeErrorConstructor.cpp:
2387         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2388         * runtime/NativeErrorPrototype.cpp:
2389         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2390         * runtime/NumberConstructor.cpp:
2391         (JSC::NumberConstructor::NumberConstructor):
2392         (JSC::constructWithNumberConstructor):
2393         * runtime/NumberObject.cpp:
2394         (JSC::constructNumber):
2395         * runtime/NumberPrototype.cpp:
2396         (JSC::NumberPrototype::NumberPrototype):
2397         * runtime/ObjectConstructor.cpp:
2398         (JSC::ObjectConstructor::ObjectConstructor):
2399         (JSC::objectConstructorGetOwnPropertyDescriptor):
2400         * runtime/Operations.h:
2401         (JSC::normalizePrototypeChain):
2402         (JSC::resolveBase):
2403         * runtime/PrototypeFunction.cpp:
2404         (JSC::PrototypeFunction::PrototypeFunction):
2405         * runtime/PutPropertySlot.h:
2406         (JSC::PutPropertySlot::setExistingProperty):
2407         (JSC::PutPropertySlot::setNewProperty):
2408         (JSC::PutPropertySlot::base):
2409         * runtime/RegExpConstructor.cpp:
2410         (JSC::RegExpConstructor::RegExpConstructor):
2411         * runtime/ScopeChain.cpp:
2412         (JSC::ScopeChainNode::print):
2413         * runtime/ScopeChain.h:
2414         (JSC::ScopeChainNode::~ScopeChainNode):
2415         (JSC::ScopeChainIterator::operator*):
2416         (JSC::ScopeChainIterator::operator->):
2417         (JSC::ScopeChain::top):
2418         * runtime/ScopeChainMark.h:
2419         (JSC::ScopeChain::markAggregate):
2420         * runtime/SmallStrings.cpp:
2421         (JSC::isMarked):
2422         (JSC::SmallStrings::markChildren):
2423         * runtime/SmallStrings.h:
2424         (JSC::SmallStrings::emptyString):
2425         (JSC::SmallStrings::singleCharacterString):
2426         (JSC::SmallStrings::singleCharacterStrings):
2427         * runtime/StringConstructor.cpp:
2428         (JSC::StringConstructor::StringConstructor):
2429         * runtime/StringObject.cpp:
2430         (JSC::StringObject::StringObject):
2431         * runtime/StringObject.h:
2432         * runtime/StringPrototype.cpp:
2433         (JSC::StringPrototype::StringPrototype):
2434         * runtime/Structure.cpp:
2435         (JSC::Structure::Structure):
2436         (JSC::Structure::addPropertyTransition):
2437         (JSC::Structure::toDictionaryTransition):
2438         (JSC::Structure::flattenDictionaryStructure):
2439         * runtime/Structure.h:
2440         (JSC::Structure::storedPrototype):
2441         * runtime/WeakGCMap.h:
2442         (JSC::WeakGCMap::uncheckedGet):
2443         (JSC::WeakGCMap::isValid):
2444         (JSC::::get):
2445         (JSC::::take):
2446         (JSC::::set):
2447         (JSC::::uncheckedRemove):
2448         * runtime/WriteBarrier.h: Removed.
2449
2450 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2451
2452         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
2453
2454         * runtime/WriteBarrier.h:
2455         (JSC::WriteBarrierBase::clear):
2456
2457 2011-01-30  Oliver Hunt  <oliver@apple.com>
2458
2459         More Qt build fixes
2460
2461         * runtime/WriteBarrier.h:
2462         (JSC::WriteBarrierBase::clear):
2463
2464 2011-01-30  Oliver Hunt  <oliver@apple.com>
2465
2466         Convert markstack to a slot visitor API
2467         https://bugs.webkit.org/show_bug.cgi?id=53219
2468
2469         rolling r77006 and r77020 back in.
2470
2471         * API/JSCallbackObject.h:
2472         (JSC::JSCallbackObjectData::setPrivateProperty):
2473         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2474         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2475         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2476         (JSC::JSCallbackObject::setPrivateProperty):
2477         * API/JSCallbackObjectFunctions.h:
2478         (JSC::::put):
2479         (JSC::::staticFunctionGetter):
2480         * API/JSObjectRef.cpp:
2481         (JSObjectMakeConstructor):
2482         (JSObjectSetPrivateProperty):
2483         * API/JSWeakObjectMapRefInternal.h:
2484         * JavaScriptCore.exp:
2485         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2486         * JavaScriptCore.xcodeproj/project.pbxproj:
2487         * bytecode/CodeBlock.cpp:
2488         (JSC::CodeBlock::markAggregate):
2489         * bytecode/CodeBlock.h:
2490         (JSC::CodeBlock::globalObject):
2491         * bytecompiler/BytecodeGenerator.cpp:
2492         (JSC::BytecodeGenerator::BytecodeGenerator):
2493         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2494         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2495         (JSC::BytecodeGenerator::findScopedProperty):
2496         * debugger/Debugger.cpp:
2497         (JSC::evaluateInGlobalCallFrame):
2498         * debugger/DebuggerActivation.cpp:
2499         (JSC::DebuggerActivation::DebuggerActivation):
2500         (JSC::DebuggerActivation::markChildren):
2501         * debugger/DebuggerActivation.h:
2502         * debugger/DebuggerCallFrame.cpp:
2503         (JSC::DebuggerCallFrame::evaluate):
2504         * interpreter/CallFrame.h:
2505         (JSC::ExecState::exception):
2506         * interpreter/Interpreter.cpp:
2507         (JSC::Interpreter::resolve):
2508         (JSC::Interpreter::resolveSkip):
2509         (JSC::Interpreter::resolveGlobal):
2510         (JSC::Interpreter::resolveGlobalDynamic):
2511         (JSC::Interpreter::resolveBaseAndProperty):
2512         (JSC::Interpreter::unwindCallFrame):
2513         (JSC::appendSourceToError):
2514         (JSC::Interpreter::execute):
2515         (JSC::Interpreter::tryCacheGetByID):
2516         (JSC::Interpreter::privateExecute):
2517         * jit/JITStubs.cpp:
2518         (JSC::JITThunks::tryCacheGetByID):
2519         (JSC::DEFINE_STUB_FUNCTION):
2520         * jsc.cpp:
2521         (GlobalObject::GlobalObject):
2522         * runtime/ArgList.cpp:
2523         (JSC::MarkedArgumentBuffer::markLists):
2524         * runtime/Arguments.cpp:
2525         (JSC::Arguments::markChildren):
2526         (JSC::Arguments::getOwnPropertySlot):
2527         (JSC::Arguments::getOwnPropertyDescriptor):
2528         (JSC::Arguments::put):
2529         * runtime/Arguments.h:
2530         (JSC::Arguments::setActivation):
2531         (JSC::Arguments::Arguments):
2532         * runtime/ArrayConstructor.cpp:
2533         (JSC::ArrayConstructor::ArrayConstructor):
2534         (JSC::constructArrayWithSizeQuirk):
2535         * runtime/ArrayPrototype.cpp:
2536         (JSC::arrayProtoFuncSplice):
2537         * runtime/BatchedTransitionOptimizer.h:
2538         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2539         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2540         * runtime/BooleanConstructor.cpp:
2541         (JSC::BooleanConstructor::BooleanConstructor):
2542         (JSC::constructBoolean):
2543         (JSC::constructBooleanFromImmediateBoolean):
2544         * runtime/BooleanPrototype.cpp:
2545         (JSC::BooleanPrototype::BooleanPrototype):
2546         * runtime/ConservativeSet.cpp:
2547         (JSC::ConservativeSet::grow):
2548         * runtime/ConservativeSet.h:
2549         (JSC::ConservativeSet::~ConservativeSet):
2550         (JSC::ConservativeSet::mark):
2551         * runtime/DateConstructor.cpp:
2552         (JSC::DateConstructor::DateConstructor):
2553         * runtime/DateInstance.cpp:
2554         (JSC::DateInstance::DateInstance):
2555         * runtime/DatePrototype.cpp:
2556         (JSC::dateProtoFuncSetTime):
2557         (JSC::setNewValueFromTimeArgs):
2558         (JSC::setNewValueFromDateArgs):
2559         (JSC::dateProtoFuncSetYear):
2560         * runtime/ErrorConstructor.cpp:
2561         (JSC::ErrorConstructor::ErrorConstructor):
2562         * runtime/ErrorInstance.cpp:
2563         (JSC::ErrorInstance::ErrorInstance):
2564         * runtime/ErrorPrototype.cpp:
2565         (JSC::ErrorPrototype::ErrorPrototype):
2566         * runtime/FunctionConstructor.cpp:
2567         (JSC::FunctionConstructor::FunctionConstructor):
2568         * runtime/FunctionPrototype.cpp:
2569         (JSC::FunctionPrototype::FunctionPrototype):
2570         * runtime/GetterSetter.cpp:
2571         (JSC::GetterSetter::markChildren):
2572         * runtime/GetterSetter.h:
2573         (JSC::GetterSetter::GetterSetter):
2574         (JSC::GetterSetter::getter):
2575         (JSC::GetterSetter::setGetter):
2576         (JSC::GetterSetter::setter):
2577         (JSC::GetterSetter::setSetter):
2578         * runtime/GlobalEvalFunction.cpp:
2579         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2580         (JSC::GlobalEvalFunction::markChildren):
2581         * runtime/GlobalEvalFunction.h:
2582         (JSC::GlobalEvalFunction::cachedGlobalObject):
2583         * runtime/Heap.cpp:
2584         (JSC::Heap::markProtectedObjects):
2585         (JSC::Heap::markTempSortVectors):
2586         (JSC::Heap::markRoots):
2587         * runtime/InternalFunction.cpp:
2588         (JSC::InternalFunction::InternalFunction):
2589         * runtime/JSAPIValueWrapper.h:
2590         (JSC::JSAPIValueWrapper::value):
2591         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2592         * runtime/JSActivation.cpp:
2593         (JSC::JSActivation::markChildren):
2594         (JSC::JSActivation::put):
2595         * runtime/JSArray.cpp:
2596         (JSC::JSArray::JSArray):
2597         (JSC::JSArray::getOwnPropertySlot):
2598         (JSC::JSArray::getOwnPropertyDescriptor):
2599         (JSC::JSArray::put):
2600         (JSC::JSArray::putSlowCase):
2601         (JSC::JSArray::deleteProperty):
2602         (JSC::JSArray::increaseVectorLength):
2603         (JSC::JSArray::setLength):
2604         (JSC::JSArray::pop):
2605         (JSC::JSArray::push):
2606         (JSC::JSArray::unshiftCount):
2607         (JSC::JSArray::sort):
2608         (JSC::JSArray::fillArgList):
2609         (JSC::JSArray::copyToRegisters):
2610         (JSC::JSArray::compactForSorting):
2611         * runtime/JSArray.h:
2612         (JSC::JSArray::getIndex):
2613         (JSC::JSArray::setIndex):
2614         (JSC::JSArray::uncheckedSetIndex):
2615         (JSC::JSArray::markChildrenDirect):
2616         * runtime/JSByteArray.cpp:
2617         (JSC::JSByteArray::JSByteArray):
2618         * runtime/JSCell.h:
2619         (JSC::JSCell::MarkStack::append):
2620         (JSC::JSCell::MarkStack::internalAppend):
2621         (JSC::JSCell::MarkStack::deprecatedAppend):
2622         * runtime/JSFunction.cpp:
2623         (JSC::JSFunction::JSFunction):
2624         (JSC::JSFunction::getOwnPropertySlot):
2625         * runtime/JSGlobalData.h:
2626         * runtime/JSGlobalObject.cpp:
2627         (JSC::markIfNeeded):
2628         (JSC::JSGlobalObject::reset):
2629         (JSC::JSGlobalObject::resetPrototype):
2630         (JSC::JSGlobalObject::markChildren):
2631         * runtime/JSGlobalObject.h:
2632         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2633         (JSC::JSGlobalObject::regExpConstructor):
2634         (JSC::JSGlobalObject::errorConstructor):
2635         (JSC::JSGlobalObject::evalErrorConstructor):
2636         (JSC::JSGlobalObject::rangeErrorConstructor):
2637         (JSC::JSGlobalObject::referenceErrorConstructor):
2638         (JSC::JSGlobalObject::syntaxErrorConstructor):
2639         (JSC::JSGlobalObject::typeErrorConstructor):
2640         (JSC::JSGlobalObject::URIErrorConstructor):
2641         (JSC::JSGlobalObject::evalFunction):
2642         (JSC::JSGlobalObject::objectPrototype):
2643         (JSC::JSGlobalObject::functionPrototype):
2644         (JSC::JSGlobalObject::arrayPrototype):
2645         (JSC::JSGlobalObject::booleanPrototype):
2646         (JSC::JSGlobalObject::stringPrototype):
2647         (JSC::JSGlobalObject::numberPrototype):
2648         (JSC::JSGlobalObject::datePrototype):
2649         (JSC::JSGlobalObject::regExpPrototype):
2650         (JSC::JSGlobalObject::methodCallDummy):
2651         (JSC::Structure::prototypeForLookup):
2652         (JSC::constructArray):
2653         * runtime/JSONObject.cpp:
2654         (JSC::Stringifier::Holder::object):
2655         (JSC::Stringifier::Holder::objectSlot):
2656         (JSC::Stringifier::markAggregate):
2657         (JSC::Stringifier::stringify):
2658         (JSC::Stringifier::Holder::appendNextProperty):
2659         (JSC::Walker::callReviver):
2660         (JSC::Walker::walk):
2661         * runtime/JSObject.cpp:
2662         (JSC::JSObject::defineGetter):
2663         (JSC::JSObject::defineSetter):
2664         (JSC::JSObject::removeDirect):
2665         (JSC::JSObject::putDirectFunction):
2666         (JSC::JSObject::putDirectFunctionWithoutTransition):
2667         (JSC::putDescriptor):
2668         (JSC::JSObject::defineOwnProperty):
2669         * runtime/JSObject.h:
2670         (JSC::JSObject::getDirectOffset):
2671         (JSC::JSObject::putDirectOffset):
2672         (JSC::JSObject::putUndefinedAtDirectOffset):
2673         (JSC::JSObject::flattenDictionaryObject):
2674         (JSC::JSObject::putDirectInternal):
2675         (JSC::JSObject::putDirect):
2676         (JSC::JSObject::putDirectFunction):
2677         (JSC::JSObject::putDirectWithoutTransition):
2678         (JSC::JSObject::putDirectFunctionWithoutTransition):
2679         (JSC::JSValue::putDirect):
2680         (JSC::JSObject::allocatePropertyStorageInline):
2681         (JSC::JSObject::markChildrenDirect):
2682         * runtime/JSPropertyNameIterator.cpp:
2683         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2684         (JSC::JSPropertyNameIterator::get):
2685         * runtime/JSPropertyNameIterator.h:
2686         * runtime/JSStaticScopeObject.cpp:
2687         (JSC::JSStaticScopeObject::markChildren):
2688         * runtime/JSString.cpp:
2689         (JSC::StringObject::create):
2690         * runtime/JSValue.h:
2691         * runtime/JSWrapperObject.cpp:
2692         (JSC::JSWrapperObject::markChildren):
2693         * runtime/JSWrapperObject.h:
2694         (JSC::JSWrapperObject::internalValue):
2695         (JSC::JSWrapperObject::setInternalValue):
2696         * runtime/LiteralParser.cpp:
2697         (JSC::LiteralParser::parse):
2698         * runtime/Lookup.cpp:
2699         (JSC::setUpStaticFunctionSlot):
2700         * runtime/Lookup.h:
2701         (JSC::lookupPut):
2702         * runtime/MarkStack.h:
2703         (JSC::MarkStack::MarkStack):
2704         (JSC::MarkStack::deprecatedAppendValues):
2705         (JSC::MarkStack::appendValues):
2706         * runtime/MathObject.cpp:
2707         (JSC::MathObject::MathObject):
2708         * runtime/NativeErrorConstructor.cpp:
2709         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2710         * runtime/NativeErrorPrototype.cpp:
2711         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2712         * runtime/NumberConstructor.cpp:
2713         (JSC::NumberConstructor::NumberConstructor):
2714         (JSC::constructWithNumberConstructor):
2715         * runtime/NumberObject.cpp:
2716         (JSC::constructNumber):
2717         * runtime/NumberPrototype.cpp:
2718         (JSC::NumberPrototype::NumberPrototype):
2719         * runtime/ObjectConstructor.cpp:
2720         (JSC::ObjectConstructor::ObjectConstructor):
2721         (JSC::objectConstructorGetOwnPropertyDescriptor):
2722         * runtime/Operations.h:
2723         (JSC::normalizePrototypeChain):
2724         (JSC::resolveBase):
2725         * runtime/PrototypeFunction.cpp:
2726         (JSC::PrototypeFunction::PrototypeFunction):
2727         * runtime/PutPropertySlot.h:
2728         (JSC::PutPropertySlot::setExistingProperty):
2729         (JSC::PutPropertySlot::setNewProperty):
2730         (JSC::PutPropertySlot::base):
2731         * runtime/RegExpConstructor.cpp:
2732         (JSC::RegExpConstructor::RegExpConstructor):
2733         * runtime/ScopeChain.cpp:
2734         (JSC::ScopeChainNode::print):
2735         * runtime/ScopeChain.h:
2736         (JSC::ScopeChainNode::~ScopeChainNode):
2737         (JSC::ScopeChainIterator::operator*):
2738         (JSC::ScopeChainIterator::operator->):
2739         (JSC::ScopeChain::top):
2740         * runtime/ScopeChainMark.h:
2741         (JSC::ScopeChain::markAggregate):
2742         * runtime/SmallStrings.cpp:
2743         (JSC::isMarked):
2744         (JSC::SmallStrings::markChildren):
2745         * runtime/SmallStrings.h:
2746         (JSC::SmallStrings::emptyString):
2747         (JSC::SmallStrings::singleCharacterString):
2748         (JSC::SmallStrings::singleCharacterStrings):
2749         * runtime/StringConstructor.cpp:
2750         (JSC::StringConstructor::StringConstructor):
2751         * runtime/StringObject.cpp:
2752         (JSC::StringObject::StringObject):
2753         * runtime/StringObject.h:
2754         * runtime/StringPrototype.cpp:
2755         (JSC::StringPrototype::StringPrototype):
2756         * runtime/Structure.cpp:
2757         (JSC::Structure::Structure):
2758         (JSC::Structure::addPropertyTransition):
2759         (JSC::Structure::toDictionaryTransition):
2760         (JSC::Structure::flattenDictionaryStructure):
2761         * runtime/Structure.h:
2762         (JSC::Structure::storedPrototype):
2763         (JSC::Structure::storedPrototypeSlot):
2764         * runtime/WeakGCMap.h:
2765         (JSC::WeakGCMap::uncheckedGet):
2766         (JSC::WeakGCMap::uncheckedGetSlot):
2767         (JSC::WeakGCMap::isValid):
2768         (JSC::::get):
2769         (JSC::::take):
2770         (JSC::::set):
2771         (JSC::::uncheckedRemove):
2772         * runtime/WriteBarrier.h: Added.
2773         (JSC::DeprecatedPtr::DeprecatedPtr):
2774         (JSC::DeprecatedPtr::get):
2775         (JSC::DeprecatedPtr::operator*):
2776         (JSC::DeprecatedPtr::operator->):
2777         (JSC::DeprecatedPtr::slot):
2778         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2779         (JSC::DeprecatedPtr::operator!):
2780         (JSC::WriteBarrierBase::set):
2781         (JSC::WriteBarrierBase::get):
2782         (JSC::WriteBarrierBase::operator*):
2783         (JSC::WriteBarrierBase::operator->):
2784         (JSC::WriteBarrierBase::slot):
2785         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2786         (JSC::WriteBarrierBase::operator!):
2787         (JSC::WriteBarrier::WriteBarrier):
2788         (JSC::operator==):
2789
2790 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
2791
2792         Reviewed by Oliver Hunt.
2793
2794         Filter all Heap collection through a common reset function, in
2795         preparation for adding features triggered by collection.
2796         https://bugs.webkit.org/show_bug.cgi?id=53396
2797         
2798         SunSpider reports no change.
2799
2800         * runtime/Heap.cpp:
2801         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
2802         limit, just call collectAllGarbage() instead of rolling our own special
2803         way of resetting the heap. In theory, this may be slower in some cases,
2804         but it also fixes cases of pathological heap growth that we've seen,
2805         where the only objects being allocated are temporary and huge
2806         (<rdar://problem/8885843>).
2807
2808         (JSC::Heap::allocate):
2809         (JSC::Heap::collectAllGarbage): Use the shared reset function.
2810
2811         (JSC::Heap::reset):
2812         * runtime/Heap.h: Carved a new shared reset function out of the old
2813         collectAllGarbage.
2814
2815 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
2816
2817         Unreviewed, rolling out r77025.
2818         http://trac.webkit.org/changeset/77025
2819         https://bugs.webkit.org/show_bug.cgi?id=53401
2820
2821         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
2822         (Requested by Ossy on #webkit).
2823
2824         * jit/ExecutableAllocatorFixedVMPool.cpp:
2825         (JSC::FreeListEntry::FreeListEntry):
2826         (JSC::AVLTreeAbstractorForFreeList::get_less):
2827         (JSC::AVLTreeAbstractorForFreeList::set_less):
2828         (JSC::AVLTreeAbstractorForFreeList::get_greater):
2829         (JSC::AVLTreeAbstractorForFreeList::set_greater):
2830         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
2831         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
2832         (JSC::AVLTreeAbstractorForFreeList::null):
2833         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
2834         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
2835         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
2836         (JSC::reverseSortFreeListEntriesByPointer):
2837         (JSC::reverseSortCommonSizedAllocations):
2838         (JSC::FixedVMPoolAllocator::release):
2839         (JSC::FixedVMPoolAllocator::reuse):
2840         (JSC::FixedVMPoolAllocator::addToFreeList):
2841         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
2842         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2843         (JSC::FixedVMPoolAllocator::alloc):
2844         (JSC::FixedVMPoolAllocator::free):
2845         (JSC::FixedVMPoolAllocator::isValid):
2846         (JSC::FixedVMPoolAllocator::allocInternal):
2847         (JSC::FixedVMPoolAllocator::isWithinVMPool):
2848         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
2849         (JSC::ExecutableAllocator::committedByteCount):
2850         (JSC::maybeModifyVMPoolSize):
2851         (JSC::ExecutableAllocator::isValid):
2852         (JSC::ExecutableAllocator::underMemoryPressure):
2853         (JSC::ExecutablePool::systemAlloc):
2854         (JSC::ExecutablePool::systemRelease):
2855         * wtf/PageReservation.h:
2856         (WTF::PageReservation::PageReservation):
2857         (WTF::PageReservation::commit):
2858         (WTF::PageReservation::decommit):
2859
2860 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
2861
2862         Reviewed by Daniel Bates.
2863
2864         Code style issue in JavaScriptCore/wtf/CurrentTime.h
2865         https://bugs.webkit.org/show_bug.cgi?id=53394
2866
2867         According to rule #3 at http://webkit.org/coding/coding-style.html,
2868         This patch fix style issue in CurrentTime.h.
2869
2870         No functionality change, no new tests.
2871
2872         * wtf/CurrentTime.h:
2873         (WTF::currentTimeMS):
2874         (WTF::getLocalTime):
2875
2876 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
2877
2878         Reviewed by Kenneth Rohde Christiansen.
2879
2880         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
2881         https://bugs.webkit.org/show_bug.cgi?id=53377
2882
2883         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
2884         instead, we can use "-all_load" on Mac.
2885
2886         * JavaScriptCore.pri:
2887
2888 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2889
2890         Sorry Leopard bot -- I committed a change by accident.
2891
2892         * JavaScriptCore.exp: You may have your symbols back now.
2893
2894 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2895
2896         Reviewed by Cameron Zwarich.
2897
2898         Simplified Heap iteration
2899         https://bugs.webkit.org/show_bug.cgi?id=53393
2900
2901         * runtime/CollectorHeapIterator.h:
2902         (JSC::CollectorHeapIterator::isValid):
2903         (JSC::CollectorHeapIterator::isLive):
2904         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
2905         advance because it's a constant.
2906         (JSC::LiveObjectIterator::LiveObjectIterator):
2907         (JSC::LiveObjectIterator::operator++):
2908         (JSC::DeadObjectIterator::DeadObjectIterator):
2909         (JSC::DeadObjectIterator::operator++):
2910         (JSC::ObjectIterator::ObjectIterator):
2911         (JSC::ObjectIterator::operator++): Factored out common checks into
2912         two helper functions -- isValid() for "Am I past the end?" and isLive()
2913         for "Is the cell I'm pointing to live?".
2914
2915         * runtime/MarkedSpace.cpp:
2916         (JSC::MarkedSpace::freeBlock):
2917         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
2918         to the end, to avoid making sweep subtly reliant on internal Heap state.
2919         (JSC::MarkedSpace::primaryHeapBegin):
2920         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
2921         iteration begins.
2922
2923 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2924
2925         Reviewed by Cameron Zwarich.
2926
2927         Simplified heap destruction
2928         https://bugs.webkit.org/show_bug.cgi?id=53392
2929
2930         * JavaScriptCore.exp:
2931         * runtime/Heap.cpp:
2932         (JSC::Heap::destroy):
2933         * runtime/Heap.h:
2934         * runtime/MarkedSpace.cpp:
2935         (JSC::MarkedSpace::destroy):
2936         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
2937         cells last -- the difficult contortions required to do so just don't seem
2938         justified. We make no guarantees about GC protection after the client
2939         throws away JSGlobalData, and it doesn't seem like any meaningful
2940         guarantee is even possible.
2941
2942 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2943
2944         Reviewed by Maciej Stachowiak.
2945
2946         Switched heap to use the Bitmap class and removed CollectorBitmap
2947         https://bugs.webkit.org/show_bug.cgi?id=53391
2948         
2949         SunSpider says 1.005x as fast. Seems like a fluke.
2950
2951         * runtime/MarkedSpace.cpp:
2952         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
2953         rather than taking a value by reference.
2954
2955         * runtime/MarkedSpace.h: Code reuse is good.
2956
2957         * wtf/Bitmap.h:
2958         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
2959         which CollectorBitmap had. (Renamed from the less conventional "getset".)
2960
2961         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
2962         clarity. It's all the same with inlining.
2963
2964 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2965
2966         Reviewed by Maciej Stachowiak.
2967
2968         Some more Heap cleanup.
2969         https://bugs.webkit.org/show_bug.cgi?id=53357
2970         
2971         * JavaScriptCore.exp:
2972         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
2973
2974         * runtime/Heap.cpp:
2975         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
2976         reportExtraMemoryCostSlowCase to match our naming conventions.
2977
2978         (JSC::Heap::capacity): Renamed size to capacity because this function
2979         returns the capacity of the heap, including unused portions.
2980
2981         * runtime/Heap.h:
2982         (JSC::Heap::globalData):
2983         (JSC::Heap::markedSpace):
2984         (JSC::Heap::machineStackMarker):
2985         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
2986         Moved ctor and dtor to the beginning of the class definition. Grouped
2987         functions by purpose.
2988
2989         * runtime/MarkedSpace.cpp:
2990         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
2991         function returns the capacity of the heap, including unused portions.
2992
2993         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
2994         the same information can be gotten just by calling size() and capacity().
2995
2996         * runtime/MemoryStatistics.cpp:
2997         * runtime/MemoryStatistics.h: Ditto.
2998
2999 2011-01-29  Daniel Bates  <dbates@rim.com>
3000
3001         Reviewed by Eric Seidel.
3002
3003         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
3004         https://bugs.webkit.org/show_bug.cgi?id=53253
3005
3006         Make inclusion of MT19937 a policy decision.
3007
3008         Currently, we hardcoded to  use MT19937 when building for
3009         Windows CE. Instead, we should make this a policy decision
3010         with the Windows CE port using this by default.
3011
3012         * JavaScriptCore.pri: Append Source/ThirdParty to the end
3013         of the list include directories.
3014         * wtf/CMakeLists.txt: Ditto.
3015         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
3016         building for Windows CE.
3017         * wtf/RandomNumber.cpp:
3018         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
3019
3020 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
3021
3022         Reviewed by David Kilzer.
3023
3024         Bug 53374 - Remove uses of unsafe string functions in debugging code
3025         https://bugs.webkit.org/show_bug.cgi?id=53374
3026
3027         * runtime/RegExp.cpp:
3028         (JSC::RegExp::printTraceData):
3029
3030 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
3031
3032         Reviewed by Oliver Hunt.
3033
3034         JavaScriptCoreUseJIT environment variable broken
3035         https://bugs.webkit.org/show_bug.cgi?id=53372
3036
3037         * runtime/JSGlobalData.cpp:
3038         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
3039         by getenv() rather than just doing a NULL check on the return value.
3040
3041 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
3042
3043         Reviewed by David Kilzer.
3044
3045         Move CharacterNames.h into WTF directory
3046         https://bugs.webkit.org/show_bug.cgi?id=49618
3047
3048         * GNUmakefile.am:
3049         * JavaScriptCore.gypi:
3050         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
3051         * JavaScriptCore.xcodeproj/project.pbxproj:
3052         * wtf/CMakeLists.txt:
3053         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
3054         * wtf/unicode/UTF8.cpp:
3055
3056 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
3057
3058         Reviewed by Gavin Barraclough.
3059
3060         Add various clampToInt() methods to MathExtras.h
3061         https://bugs.webkit.org/show_bug.cgi?id=52910
3062         
3063         Add functions for clamping doubles and floats to valid int
3064         ranges, for signed and positive integers.
3065
3066         * wtf/MathExtras.h:
3067         (clampToInteger):
3068         (clampToPositiveInteger):
3069
3070 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3071
3072         Unreviewed, rolling out r77006 and r77020.
3073         http://trac.webkit.org/changeset/77006
3074         http://trac.webkit.org/changeset/77020
3075         https://bugs.webkit.org/show_bug.cgi?id=53360
3076
3077         "Broke Windows tests" (Requested by rniwa on #webkit).
3078
3079         * API/JSCallbackObject.h:
3080         (JSC::JSCallbackObjectData::setPrivateProperty):
3081         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
3082         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
3083         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
3084         (JSC::JSCallbackObject::setPrivateProperty):
3085         * API/JSCallbackObjectFunctions.h:
3086         (JSC::::put):
3087         (JSC::::staticFunctionGetter):
3088         * API/JSObjectRef.cpp:
3089         (JSObjectMakeConstructor):
3090         (JSObjectSetPrivateProperty):
3091         * API/JSWeakObjectMapRefInternal.h:
3092         * JavaScriptCore.exp:
3093         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3094         * JavaScriptCore.xcodeproj/project.pbxproj:
3095         * bytecode/CodeBlock.cpp:
3096         (JSC::CodeBlock::markAggregate):
3097         * bytecode/CodeBlock.h:
3098         (JSC::CodeBlock::globalObject):
3099         * bytecompiler/BytecodeGenerator.cpp:
3100         (JSC::BytecodeGenerator::BytecodeGenerator):
3101         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
3102         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
3103         (JSC::BytecodeGenerator::findScopedProperty):
3104         * debugger/Debugger.cpp:
3105         (JSC::evaluateInGlobalCallFrame):
3106         * debugger/DebuggerActivation.cpp:
3107         (JSC::DebuggerActivation::DebuggerActivation):
3108         (JSC::DebuggerActivation::markChildren):
3109         * debugger/DebuggerActivation.h:
3110         * debugger/DebuggerCallFrame.cpp:
3111         (JSC::DebuggerCallFrame::evaluate):
3112         * interpreter/CallFrame.h:
3113         (JSC::ExecState::exception):
3114         * interpreter/Interpreter.cpp:
3115         (JSC::Interpreter::resolve):
3116         (JSC::Interpreter::resolveSkip):
3117         (JSC::Interpreter::resolveGlobal):
3118         (JSC::Interpreter::resolveGlobalDynamic):
3119         (JSC::Interpreter::resolveBaseAndProperty):
3120         (JSC::Interpreter::unwindCallFrame):
3121         (JSC::appendSourceToError):
3122         (JSC::Interpreter::execute):
3123         (JSC::Interpreter::tryCacheGetByID):
3124         (JSC::Interpreter::privateExecute):
3125         * jit/JITStubs.cpp:
3126         (JSC::JITThunks::tryCacheGetByID):
3127         (JSC::DEFINE_STUB_FUNCTION):
3128         * jsc.cpp:
3129         (GlobalObject::GlobalObject):
3130         * runtime/ArgList.cpp:
3131         (JSC::MarkedArgumentBuffer::markLists):
3132         * runtime/Arguments.cpp:
3133         (JSC::Arguments::markChildren):
3134         (JSC::Arguments::getOwnPropertySlot):
3135         (JSC::Arguments::getOwnPropertyDescriptor):
3136         (JSC::Arguments::put):
3137         * runtime/Arguments.h:
3138         (JSC::Arguments::setActivation):
3139         (JSC::Arguments::Arguments):
3140         * runtime/ArrayConstructor.cpp:
3141         (JSC::ArrayConstructor::ArrayConstructor):
3142         (JSC::constructArrayWithSizeQuirk):
3143         * runtime/ArrayPrototype.cpp:
3144         (JSC::arrayProtoFuncSplice):
3145         * runtime/BatchedTransitionOptimizer.h:
3146         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
3147         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
3148         * runtime/BooleanConstructor.cpp:
3149         (JSC::BooleanConstructor::BooleanConstructor):
3150         (JSC::constructBoolean):
3151         (JSC::constructBooleanFromImmediateBoolean):
3152         * runtime/BooleanPrototype.cpp:
3153         (JSC::BooleanPrototype::BooleanPrototype):
3154         * runtime/ConservativeSet.cpp:
3155         (JSC::ConservativeSet::grow):
3156         * runtime/ConservativeSet.h:
3157         (JSC::ConservativeSet::~ConservativeSet):
3158         (JSC::ConservativeSet::mark):
3159         * runtime/DateConstructor.cpp:
3160         (JSC::DateConstructor::DateConstructor):
3161         * runtime/DateInstance.cpp:
3162         (JSC::DateInstance::DateInstance):
3163         * runtime/DatePrototype.cpp:
3164         (JSC::dateProtoFuncSetTime):
3165         (JSC::setNewValueFromTimeArgs):
3166         (JSC::setNewValueFromDateArgs):
3167         (JSC::dateProtoFuncSetYear):
3168         * runtime/ErrorConstructor.cpp:
3169         (JSC::ErrorConstructor::ErrorConstructor):
3170         * runtime/ErrorInstance.cpp:
3171         (JSC::ErrorInstance::ErrorInstance):
3172         * runtime/ErrorPrototype.cpp:
3173         (JSC::ErrorPrototype::ErrorPrototype):
3174         * runtime/FunctionConstructor.cpp:
3175         (JSC::FunctionConstructor::FunctionConstructor):
3176         * runtime/FunctionPrototype.cpp:
3177         (JSC::FunctionPrototype::FunctionPrototype):
3178         * runtime/GetterSetter.cpp:
3179         (JSC::GetterSetter::markChildren):
3180         * runtime/GetterSetter.h:
3181         (JSC::GetterSetter::GetterSetter):
3182         (JSC::GetterSetter::getter):
3183         (JSC::GetterSetter::setGetter):
3184         (JSC::GetterSetter::setter):
3185         (JSC::GetterSetter::setSetter):
3186         * runtime/GlobalEvalFunction.cpp:
3187         (JSC::GlobalEvalFunction::GlobalEvalFunction):
3188         (JSC::GlobalEvalFunction::markChildren):
3189         * runtime/GlobalEvalFunction.h:
3190         (JSC::GlobalEvalFunction::cachedGlobalObject):
3191         * runtime/Heap.cpp:
3192         (JSC::Heap::markProtectedObjects):
3193         (JSC::Heap::markTempSortVectors):
3194         (JSC::Heap::markRoots):
3195         * runtime/InternalFunction.cpp:
3196         (JSC::InternalFunction::InternalFunction):
3197         * runtime/JSAPIValueWrapper.h:
3198         (JSC::JSAPIValueWrapper::value):
3199         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
3200         * runtime/JSActivation.cpp:
3201         (JSC::JSActivation::markChildren):
3202         (JSC::JSActivation::put):
3203         * runtime/JSArray.cpp:
3204         (JSC::JSArray::JSArray):
3205         (JSC::JSArray::getOwnPropertySlot):
3206         (JSC::JSArray::getOwnPropertyDescriptor):
3207         (JSC::JSArray::put):
3208         (JSC::JSArray::putSlowCase):
3209         (JSC::JSArray::deleteProperty):
3210         (JSC::JSArray::increaseVectorLength):
3211         (JSC::JSArray::setLength):
3212         (JSC::JSArray::pop):
3213         (JSC::JSArray::push):
3214         (JSC::JSArray::unshiftCount):
3215         (JSC::JSArray::sort):
3216         (JSC::JSArray::fillArgList):
3217         (JSC::JSArray::copyToRegisters):
3218         (JSC::JSArray::compactForSorting):
3219         * runtime/JSArray.h:
3220         (JSC::JSArray::getIndex):
3221         (JSC::JSArray::setIndex):
3222         (JSC::JSArray::uncheckedSetIndex):
3223         (JSC::JSArray::markChildrenDirect):
3224         * runtime/JSByteArray.cpp:
3225         (JSC::JSByteArray::JSByteArray):
3226         * runtime/JSCell.h:
3227         (JSC::JSCell::JSValue::toThisObject):
3228         (JSC::JSCell::MarkStack::append):
3229         * runtime/JSFunction.cpp:
3230         (JSC::JSFunction::JSFunction):
3231         (JSC::JSFunction::getOwnPropertySlot):
3232         * runtime/JSGlobalData.h:
3233         * runtime/JSGlobalObject.cpp:
3234         (JSC::markIfNeeded):
3235         (JSC::JSGlobalObject::reset):
3236         (JSC::JSGlobalObject::resetPrototype):
3237         (JSC::JSGlobalObject::markChildren):
3238         * runtime/JSGlobalObject.h:
3239         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
3240         (JSC::JSGlobalObject::regExpConstructor):
3241         (JSC::JSGlobalObject::errorConstructor):
3242         (JSC::JSGlobalObject::evalErrorConstructor):
3243         (JSC::JSGlobalObject::rangeErrorConstructor):
3244         (JSC::JSGlobalObject::referenceErrorConstructor):
3245         (JSC::JSGlobalObject::syntaxErrorConstructor):
3246         (JSC::JSGlobalObject::typeErrorConstructor):
3247         (JSC::JSGlobalObject::URIErrorConstructor):
3248         (JSC::JSGlobalObject::evalFunction):
3249         (JSC::JSGlobalObject::objectPrototype):
3250         (JSC::JSGlobalObject::functionPrototype):
3251         (JSC::JSGlobalObject::arrayPrototype):
3252         (JSC::JSGlobalObject::booleanPrototype):
3253         (JSC::JSGlobalObject::stringPrototype):
3254         (JSC::JSGlobalObject::numberPrototype):
3255         (JSC::JSGlobalObject::datePrototype):
3256         (JSC::JSGlobalObject::regExpPrototype):
3257         (JSC::JSGlobalObject::methodCallDummy):
3258         (JSC::Structure::prototypeForLookup):
3259         (JSC::constructArray):
3260         * runtime/JSONObject.cpp:
3261         (JSC::Stringifier::Holder::object):
3262         (JSC::Stringifier::markAggregate):
3263         (JSC::Stringifier::stringify):
3264         (JSC::Stringifier::Holder::appendNextProperty):
3265         (JSC::Walker::callReviver):
3266         (JSC::Walker::walk):
3267         * runtime/JSObject.cpp:
3268         (JSC::JSObject::defineGetter):
3269         (JSC::JSObject::defineSetter):
3270         (JSC::JSObject::removeDirect):
3271         (JSC::JSObject::putDirectFunction):
3272         (JSC::JSObject::putDirectFunctionWithoutTransition):
3273         (JSC::putDescriptor):
3274         (JSC::JSObject::defineOwnProperty):
3275         * runtime/JSObject.h:
3276         (JSC::JSObject::getDirectOffset):
3277         (JSC::JSObject::putDirectOffset):
3278         (JSC::JSObject::flattenDictionaryObject):
3279         (JSC::JSObject::putDirectInternal):
3280         (JSC::JSObject::putDirect):
3281         (JSC::JSObject::putDirectFunction):
3282         (JSC::JSObject::putDirectWithoutTransition):
3283         (JSC::JSObject::putDirectFunctionWithoutTransition):
3284         (JSC::JSValue::putDirect):
3285         (JSC::JSObject::allocatePropertyStorageInline):
3286         (JSC::JSObject::markChildrenDirect):
3287         * runtime/JSPropertyNameIterator.cpp:
3288         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
3289         (JSC::JSPropertyNameIterator::get):
3290         * runtime/JSPropertyNameIterator.h:
3291         * runtime/JSStaticScopeObject.cpp:
3292         (JSC::JSStaticScopeObject::markChildren):
3293         * runtime/JSString.cpp:
3294         (JSC::StringObject::create):
3295         * runtime/JSValue.h:
3296         * runtime/JSWrapperObject.cpp:
3297         (JSC::JSWrapperObject::markChildren):
3298         * runtime/JSWrapperObject.h:
3299         (JSC::JSWrapperObject::internalValue):
3300         (JSC::JSWrapperObject::setInternalValue):
3301         * runtime/LiteralParser.cpp:
3302         (JSC::LiteralParser::parse):
3303         * runtime/Lookup.cpp:
3304         (JSC::setUpStaticFunctionSlot):
3305         * runtime/Lookup.h:
3306         (JSC::lookupPut):
3307         * runtime/MarkStack.h:
3308         (JSC::MarkStack::appendValues):
3309         * runtime/MathObject.cpp:
3310         (JSC::MathObject::MathObject):
3311         * runtime/NativeErrorConstructor.cpp:
3312         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3313         * runtime/NativeErrorPrototype.cpp:
3314         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3315         * runtime/NumberConstructor.cpp:
3316         (JSC::NumberConstructor::NumberConstructor):
3317         (JSC::constructWithNumberConstructor):
3318         * runtime/NumberObject.cpp:
3319         (JSC::constructNumber):
3320         * runtime/NumberPrototype.cpp:
3321         (JSC::NumberPrototype::NumberPrototype):
3322         * runtime/ObjectConstructor.cpp:
3323         (JSC::ObjectConstructor::ObjectConstructor):
3324         (JSC::objectConstructorGetOwnPropertyDescriptor):
3325         * runtime/Operations.h:
3326         (JSC::normalizePrototypeChain):
3327         (JSC::resolveBase):
3328         * runtime/PrototypeFunction.cpp:
3329         (JSC::PrototypeFunction::PrototypeFunction):
3330         * runtime/PutPropertySlot.h:
3331         (JSC::PutPropertySlot::setExistingProperty):
3332         (JSC::PutPropertySlot::setNewProperty):
3333         (JSC::PutPropertySlot::base):
3334         * runtime/RegExpConstructor.cpp:
3335         (JSC::RegExpConstructor::RegExpConstructor):
3336         * runtime/ScopeChain.cpp:
3337         (JSC::ScopeChainNode::print):
3338         * runtime/ScopeChain.h:
3339         (JSC::ScopeChainNode::~ScopeChainNode):
3340         (JSC::ScopeChainIterator::operator*):
3341         (JSC::ScopeChainIterator::operator->):
3342         (JSC::ScopeChain::top):
3343         * runtime/ScopeChainMark.h:
3344         (JSC::ScopeChain::markAggregate):
3345         * runtime/SmallStrings.cpp:
3346         (JSC::isMarked):
3347         (JSC::SmallStrings::markChildren):
3348         * runtime/SmallStrings.h:
3349         (JSC::SmallStrings::emptyString):
3350         (JSC::SmallStrings::singleCharacterString):
3351         (JSC::SmallStrings::singleCharacterStrings):
3352         * runtime/StringConstructor.cpp:
3353         (JSC::StringConstructor::StringConstructor):
3354         * runtime/StringObject.cpp:
3355         (JSC::StringObject::StringObject):
3356         * runtime/StringObject.h:
3357         * runtime/StringPrototype.cpp:
3358         (JSC::StringPrototype::StringPrototype):
3359         * runtime/Structure.cpp:
3360         (JSC::Structure::Structure):
3361         (JSC::Structure::addPropertyTransition):
3362         (JSC::Structure::toDictionaryTransition):
3363         (JSC::Structure::flattenDictionaryStructure):
3364         * runtime/Structure.h:
3365         (JSC::Structure::storedPrototype):
3366         * runtime/WeakGCMap.h:
3367         (JSC::WeakGCMap::uncheckedGet):
3368         (JSC::WeakGCMap::isValid):
3369         (JSC::::get):
3370         (JSC::::take):
3371         (JSC::::set):
3372         (JSC::::uncheckedRemove):
3373         * runtime/WriteBarrier.h: Removed.
3374
3375 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
3376
3377         Reviewed by Geoff Garen.
3378
3379         https://bugs.webkit.org/show_bug.cgi?id=53352
3380         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
3381
3382         The FixedVMPoolAllocator currently uses a best fix policy -
3383         switch to first fit, this is less prone to external fragmentation.
3384
3385         * jit/ExecutableAllocatorFixedVMPool.cpp:
3386         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
3387         (JSC::AllocationTableSizeClass::blockSize):
3388         (JSC::AllocationTableSizeClass::blockCount):
3389         (JSC::AllocationTableSizeClass::blockAlignment):
3390         (JSC::AllocationTableSizeClass::size):
3391         (JSC::AllocationTableLeaf::AllocationTableLeaf):
3392         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
3393         (JSC::AllocationTableLeaf::allocate):
3394         (JSC::AllocationTableLeaf::free):
3395         (JSC::AllocationTableLeaf::isEmpty):
3396         (JSC::AllocationTableLeaf::isFull):
3397         (JSC::AllocationTableLeaf::size):
3398         (JSC::AllocationTableLeaf::classForSize):
3399         (JSC::AllocationTableLeaf::dump):
3400         (JSC::LazyAllocationTable::LazyAllocationTable):
3401         (JSC::LazyAllocationTable::~LazyAllocationTable):
3402         (JSC::LazyAllocationTable::allocate):
3403         (JSC::LazyAllocationTable::free):
3404         (JSC::LazyAllocationTable::isEmpty):
3405         (JSC::LazyAllocationTable::isFull):
3406         (JSC::LazyAllocationTable::size):
3407         (JSC::LazyAllocationTable::dump):
3408         (JSC::LazyAllocationTable::classForSize):
3409         (JSC::AllocationTableDirectory::AllocationTableDirectory):
3410         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
3411         (JSC::AllocationTableDirectory::allocate):
3412         (JSC::AllocationTableDirectory::free):
3413         (JSC::AllocationTableDirectory::isEmpty):
3414         (JSC::AllocationTableDirectory::isFull):
3415         (JSC::AllocationTableDirectory::size):
3416         (JSC::AllocationTableDirectory::classForSize):
3417         (JSC::AllocationTableDirectory::dump):
3418         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
3419         (JSC::FixedVMPoolAllocator::alloc):
3420         (JSC::FixedVMPoolAllocator::free):
3421         (JSC::FixedVMPoolAllocator::allocated):
3422         (JSC::FixedVMPoolAllocator::isValid):
3423         (JSC::FixedVMPoolAllocator::classForSize):
3424         (JSC::FixedVMPoolAllocator::offsetToPointer):
3425         (JSC::FixedVMPoolAllocator::pointerToOffset):
3426         (JSC::ExecutableAllocator::committedByteCount):
3427         (JSC::ExecutableAllocator::isValid):
3428         (JSC::ExecutableAllocator::underMemoryPressure):
3429         (JSC::ExecutablePool::systemAlloc):
3430         (JSC::ExecutablePool::systemRelease):
3431         * wtf/PageReservation.h:
3432         (WTF::PageReservation::PageReservation):
3433         (WTF::PageReservation::commit):
3434         (WTF::PageReservation::decommit):
3435         (WTF::PageReservation::committed):
3436
3437 2011-01-27  Oliver Hunt  <oliver@apple.com>
3438
3439         Reviewed by Geoffrey Garen.
3440
3441         Convert markstack to a slot visitor API
3442         https://bugs.webkit.org/show_bug.cgi?id=53219
3443
3444         Move the MarkStack over to a slot based marking API.
3445
3446         In order to avoiding aliasing concerns there are two new types
3447         that need to be used when holding on to JSValues and JSCell that
3448         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
3449         is expected to be used for any JSValue or Cell that's lifetime and
3450         marking is controlled by another GC object.  DeprecatedPtr is used
3451         for any value that we need to rework ownership for.
3452
3453         The change over to this model has produced a large amount of
3454         code changes, but they are mostly mechanical (forwarding JSGlobalData,
3455         etc).
3456
3457         * API/JSCallbackObject.h:
3458         (JSC::JSCallbackObjectData::setPrivateProperty):
3459         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
3460         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
3461         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
3462         (JSC::JSCallbackObject::setPrivateProperty):
3463         * API/JSCallbackObjectFunctions.h:
3464         (JSC::::put):
3465         (JSC::::staticFunctionGetter):
3466         * API/JSObjectRef.cpp:
3467         (JSObjectMakeConstructor):
3468         (JSObjectSetPrivateProperty):
3469         * API/JSWeakObjectMapRefInternal.h:
3470         * JavaScriptCore.exp:
3471         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3472         * JavaScriptCore.xcodeproj/project.pbxproj:
3473         * bytecode/CodeBlock.cpp:
3474         (JSC::CodeBlock::markAggregate):
3475         * bytecode/CodeBlock.h:
3476         (JSC::CodeBlock::globalObject):
3477         * bytecompiler/BytecodeGenerator.cpp:
3478         (JSC::BytecodeGenerator::BytecodeGenerator):
3479         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
3480         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
3481         (JSC::BytecodeGenerator::findScopedProperty):
3482         * debugger/DebuggerActivation.cpp:
3483         (JSC::DebuggerActivation::DebuggerActivation):
3484         (JSC::DebuggerActivation::markChildren):
3485         * debugger/DebuggerActivation.h:
3486         * interpreter/Interpreter.cpp:
3487         (JSC::Interpreter::resolve):
3488         (JSC::Interpreter::resolveSkip):
3489         (JSC::Interpreter::resolveGlobalDynamic):
3490         (JSC::Interpreter::resolveBaseAndProperty):
3491         (JSC::Interpreter::unwindCallFrame):
3492         (JSC::appendSourceToError):
3493         (JSC::Interpreter::execute):
3494         (JSC::Interpreter::privateExecute):
3495         * interpreter/Register.h:
3496         (JSC::Register::jsValueSlot):
3497         * jit/JITStubs.cpp:
3498         (JSC::JITThunks::tryCacheGetByID):
3499         (JSC::DEFINE_STUB_FUNCTION):
3500         * jsc.cpp:
3501         (GlobalObject::GlobalObject):
3502         * runtime/Arguments.cpp:
3503         (JSC::Arguments::markChildren):
3504         (JSC::Arguments::getOwnPropertySlot):
3505         (JSC::Arguments::getOwnPropertyDescriptor):
3506         (JSC::Arguments::put):
3507         * runtime/Arguments.h:
3508         (JSC::Arguments::setActivation):
3509         (JSC::Arguments::Arguments):
3510         * runtime/ArrayConstructor.cpp:
3511         (JSC::ArrayConstructor::ArrayConstructor):
3512         (JSC::constructArrayWithSizeQuirk):
3513         * runtime/ArrayPrototype.cpp:
3514         (JSC::arrayProtoFuncSplice):
3515         * runtime/BatchedTransitionOptimizer.h:
3516         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
3517         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
3518         * runtime/BooleanConstructor.cpp:
3519         (JSC::BooleanConstructor::BooleanConstructor):
3520         (JSC::constructBoolean):
3521         (JSC::constructBooleanFromImmediateBoolean):
3522         * runtime/BooleanPrototype.cpp:
3523         (JSC::BooleanPrototype::BooleanPrototype):
3524         * runtime/ConservativeSet.h:
3525         (JSC::ConservativeSet::mark):
3526         * runtime/DateConstructor.cpp:
3527         (JSC::DateConstructor::DateConstructor):
3528         * runtime/DateInstance.cpp:
3529         (JSC::DateInstance::DateInstance):
3530         * runtime/DatePrototype.cpp:
3531         (JSC::dateProtoFuncSetTime):
3532         (JSC::setNewValueFromTimeArgs):
3533         (JSC::setNewValueFromDateArgs):
3534         (JSC::dateProtoFuncSetYear):
3535         * runtime/ErrorConstructor.cpp:
3536         (JSC::ErrorConstructor::ErrorConstructor):
3537         * runtime/ErrorInstance.cpp:
3538         (JSC::ErrorInstance::ErrorInstance):
3539         * runtime/ErrorPrototype.cpp:
3540         (JSC::ErrorPrototype::ErrorPrototype):
3541         * runtime/FunctionConstructor.cpp:
3542         (JSC::FunctionConstructor::FunctionConstructor):
3543         * runtime/FunctionPrototype.cpp:
3544         (JSC::FunctionPrototype::FunctionPrototype):
3545         * runtime/GetterSetter.cpp:
3546         (JSC::GetterSetter::markChildren):
3547         * runtime/GetterSetter.h:
3548         (JSC::GetterSetter::GetterSetter):
3549         (JSC::GetterSetter::getter):
3550         (JSC::GetterSetter::setGetter):
3551         (JSC::GetterSetter::setter):
3552         (JSC::GetterSetter::setSetter):
3553         * runtime/GlobalEvalFunction.cpp:
3554         (JSC::GlobalEvalFunction::GlobalEvalFunction):
3555         (JSC::GlobalEvalFunction::markChildren):
3556         * runtime/GlobalEvalFunction.h:
3557         (JSC::GlobalEvalFunction::cachedGlobalObject):
3558         * runtime/Heap.cpp:
3559         (JSC::Heap::markProtectedObjects):
3560         (JSC::Heap::markTempSortVectors):
3561         (JSC::Heap::markRoots):
3562         * runtime/InternalFunction.cpp:
3563         (JSC::InternalFunction::InternalFunction):
3564         * runtime/JSAPIValueWrapper.h:
3565         (JSC::JSAPIValueWrapper::value):
3566         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
3567         * runtime/JSActivation.cpp:
3568         (JSC::JSActivation::put):
3569         * runtime/JSArray.cpp:
3570         (JSC::JSArray::JSArray):
3571         (JSC::JSArray::getOwnPropertySlot):
3572         (JSC::JSArray::getOwnPropertyDescriptor):
3573         (JSC::JSArray::put):
3574         (JSC::JSArray::putSlowCase):
3575         (JSC::JSArray::deleteProperty):
3576         (JSC::JSArray::increaseVectorLength):
3577         (JSC::JSArray::setLength):
3578         (JSC::JSArray::pop):
3579         (JSC::JSArray::push):
3580         (JSC::JSArray::unshiftCount):
3581         (JSC::JSArray::sort):
3582         (JSC::JSArray::fillArgList):
3583         (JSC::JSArray::copyToRegisters):
3584         (JSC::JSArray::compactForSorting):
3585         * runtime/JSArray.h:
3586         (JSC::JSArray::getIndex):
3587         (JSC::JSArray::setIndex):
3588         (JSC::JSArray::uncheckedSetIndex):
3589         (JSC::JSArray::markChildrenDirect):
3590         * runtime/JSByteArray.cpp:
3591         (JSC::JSByteArray::JSByteArray):
3592         * runtime/JSCell.h:
3593         (JSC::JSCell::MarkStack::append):
3594         (JSC::JSCell::MarkStack::appendCell):
3595         * runtime/JSFunction.cpp:
3596         (JSC::JSFunction::JSFunction):
3597         (JSC::JSFunction::getOwnPropertySlot):
3598         * runtime/JSGlobalObject.cpp:
3599         (JSC::markIfNeeded):
3600         (JSC::JSGlobalObject::reset):
3601         (JSC::JSGlobalObject::resetPrototype):
3602         (JSC::JSGlobalObject::markChildren):
3603         * runtime/JSGlobalObject.h:
3604         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
3605         (JSC::JSGlobalObject::regExpConstructor):
3606         (JSC::JSGlobalObject::errorConstructor):
3607         (JSC::JSGlobalObject::evalErrorConstructor):
3608         (JSC::JSGlobalObject::rangeErrorConstructor):
3609         (JSC::JSGlobalObject::referenceErrorConstructor):
3610         (JSC::JSGlobalObject::syntaxErrorConstructor):
3611         (JSC::JSGlobalObject::typeErrorConstructor):
3612         (JSC::JSGlobalObject::URIErrorConstructor):
3613         (JSC::JSGlobalObject::evalFunction):
3614         (JSC::JSGlobalObject::objectPrototype):
3615         (JSC::JSGlobalObject::functionPrototype):
3616         (JSC::JSGlobalObject::arrayPrototype):
3617         (JSC::JSGlobalObject::booleanPrototype):
3618         (JSC::JSGlobalObject::stringPrototype):
3619         (JSC::JSGlobalObject::numberPrototype):
3620         (JSC::JSGlobalObject::datePrototype):
3621         (JSC::JSGlobalObject::regExpPrototype):
3622         (JSC::JSGlobalObject::methodCallDummy):
3623         (JSC::constructArray):
3624         * runtime/JSONObject.cpp:
3625         (JSC::Stringifier::Holder::object):
3626         (JSC::Stringifier::Holder::objectSlot):
3627         (JSC::Stringifier::markAggregate):
3628         (JSC::Stringifier::stringify):
3629         (JSC::Stringifier::Holder::appendNextProperty):
3630         (JSC::Walker::callReviver):
3631         (JSC::Walker::walk):
3632         * runtime/JSObject.cpp:
3633         (JSC::JSObject::defineGetter):
3634         (JSC::JSObject::defineSetter):
3635         (JSC::JSObject::removeDirect):
3636         (JSC::JSObject::putDirectFunction):
3637         (JSC::JSObject::putDirectFunctionWithoutTransition):
3638         (JSC::putDescriptor):
3639         (JSC::JSObject::defineOwnProperty):
3640         * runtime/JSObject.h:
3641         (JSC::JSObject::putDirectOffset):
3642         (JSC::JSObject::putUndefinedAtDirectOffset):
3643         (JSC::JSObject::flattenDictionaryObject):
3644         (JSC::JSObject::putDirectInternal):
3645         (JSC::JSObject::putDirect):
3646         (JSC::JSObject::putDirectFunction):
3647         (JSC::JSObject::putDirectWithoutTransition):
3648         (JSC::JSObject::putDirectFunctionWithoutTransition):
3649         (JSC::JSValue::putDirect):
3650         (JSC::JSObject::allocatePropertyStorageInline):
3651         (JSC::JSObject::markChildrenDirect):
3652         * runtime/JSStaticScopeObject.cpp:
3653         (JSC::JSStaticScopeObject::markChildren):
3654         * runtime/JSString.cpp:
3655         (JSC::StringObject::create):
3656         * runtime/JSValue.h:
3657         * runtime/JSWrapperObject.cpp:
3658         (JSC::JSWrapperObject::markChildren):
3659         * runtime/JSWrapperObject.h:
3660         (JSC::JSWrapperObject::internalValue):
3661         (JSC::JSWrapperObject::setInternalValue):
3662         * runtime/LiteralParser.cpp:
3663         (JSC::LiteralParser::parse):
3664         * runtime/Lookup.cpp:
3665         (JSC::setUpStaticFunctionSlot):
3666         * runtime/Lookup.h:
3667         (JSC::lookupPut):
3668         * runtime/MarkStack.h:
3669         * runtime/MathObject.cpp:
3670         (JSC::MathObject::MathObject):
3671         * runtime/NativeErrorConstructor.cpp:
3672         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3673         * runtime/NativeErrorPrototype.cpp:
3674         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3675         * runtime/NumberConstructor.cpp:
3676         (JSC::NumberConstructor::NumberConstructor):
3677         (JSC::constructWithNumberConstructor):
3678         * runtime/NumberObject.cpp:
3679         (JSC::constructNumber):
3680         * runtime/NumberPrototype.cpp:
3681         (JSC::NumberPrototype::NumberPrototype):
3682         * runtime/ObjectConstructor.cpp:
3683         (JSC::ObjectConstructor::ObjectConstructor):
3684         (JSC::objectConstructorGetOwnPropertyDescriptor):
3685         * runtime/Operations.h:
3686         (JSC::normalizePrototypeChain):
3687         (JSC::resolveBase):
3688         * runtime/PrototypeFunction.cpp:
3689         (JSC::PrototypeFunction::PrototypeFunction):
3690         * runtime/PutPropertySlot.h:
3691         (JSC::PutPropertySlot::setExistingProperty):
3692         (JSC::PutPropertySlot::setNewProperty):
3693         (JSC::PutPropertySlot::base):
3694         * runtime/RegExpConstructor.cpp:
3695         (JSC::RegExpConstructor::RegExpConstructor):
3696         * runtime/ScopeChain.cpp:
3697         (JSC::ScopeChainNode::print):
3698         * runtime/ScopeChain.h:
3699         (JSC::ScopeChainNode::~ScopeChainNode):
3700         (JSC::ScopeChainIterator::operator*):
3701         (JSC::ScopeChainIterator::operator->):
3702         (JSC::ScopeChain::top):
3703         * runtime/ScopeChainMark.h:
3704         (JSC::ScopeChain::markAggregate):
3705         * runtime/SmallStrings.cpp:
3706         (JSC::isMarked):
3707         (JSC::SmallStrings::markChildren):
3708         * runtime/SmallStrings.h:
3709         (JSC::SmallStrings::emptyString):
3710         (JSC::SmallStrings::singleCharacterString):
3711         (JSC::SmallStrings::singleCharacterStrings):
3712         * runtime/StringConstructor.cpp:
3713         (JSC::StringConstructor::StringConstructor):
3714         * runtime/StringObject.cpp:
3715         (JSC::StringObject::StringObject):
3716         * runtime/StringObject.h:
3717         * runtime/StringPrototype.cpp:
3718         (JSC::StringPrototype::StringPrototype):
3719         * runtime/Structure.cpp:
3720         (JSC::Structure::flattenDictionaryStructure):
3721         * runtime/Structure.h:
3722         (JSC::Structure::storedPrototypeSlot):
3723         * runtime/WeakGCMap.h:
3724         (JSC::WeakGCMap::uncheckedGet):
3725         (JSC::WeakGCMap::uncheckedGetSlot):
3726         (JSC::::get):
3727         (JSC::::take):
3728         (JSC::::set):
3729         (JSC::::uncheckedRemove):
3730         * runtime/WriteBarrier.h: Added.
3731         (JSC::DeprecatedPtr::DeprecatedPtr):
3732         (JSC::DeprecatedPtr::get):
3733         (JSC::DeprecatedPtr::operator*):
3734         (JSC::DeprecatedPtr::operator->):
3735         (JSC::DeprecatedPtr::slot):
3736         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
3737         (JSC::DeprecatedPtr::operator!):
3738         (JSC::WriteBarrierBase::set):
3739         (JSC::WriteBarrierBase::get):
3740         (JSC::WriteBarrierBase::operator*):
3741         (JSC::WriteBarrierBase::operator->):
3742         (JSC::WriteBarrierBase::slot):
3743         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
3744         (JSC::WriteBarrierBase::operator!):
3745         (JSC::WriteBarrier::WriteBarrier):
3746         (JSC::operator==):
3747
3748 2011-01-28  Adam Roben  <aroben@apple.com>
3749
3750         Chromium build fix after r76967
3751
3752         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
3753         similar macros in this file.
3754
3755 2011-01-28  Michael Saboff  <msaboff@apple.com>
3756
3757         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3758         https://bugs.webkit.org/show_bug.cgi?id=53271
3759
3760         Reapplying this this change.  No change from prior patch in
3761         JavaScriptCore.
3762
3763         Added new isValid() methods to check if a contained object in
3764         a WeakGCMap is valid when using an unchecked iterator.
3765
3766         * runtime/WeakGCMap.h:
3767         (JSC::WeakGCMap::isValid):
3768
3769 2011-01-27  Adam Roben  <aroben@apple.com>
3770
3771         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
3772         function
3773
3774         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
3775         Win32 event
3776
3777         Reviewed by Dave Hyatt.
3778
3779         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
3780
3781         * wtf/ThreadingPrimitives.h: Declare the new function.
3782
3783         * wtf/ThreadingWin.cpp:
3784         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
3785         interval from here...
3786         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
3787
3788 2011-01-28  Sam Weinig  <sam@webkit.org>
3789
3790         Reviewed by Maciej Stachowiak.
3791
3792         Add basic rubber banding support
3793         <rdar://problem/8219429>
3794         https://bugs.webkit.org/show_bug.cgi?id=53277
3795
3796         * wtf/Platform.h: Add ENABLE for rubber banding.
3797
3798 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3799
3800         Unreviewed, rolling out r76893.
3801         http://trac.webkit.org/changeset/76893
3802         https://bugs.webkit.org/show_bug.cgi?id=53287
3803
3804         It made some tests crash on GTK and Qt debug bots (Requested
3805         by Ossy on #webkit).
3806
3807         * runtime/WeakGCMap.h:
3808
3809 2011-01-27  Adam Barth  <abarth@webkit.org>
3810
3811         Reviewed by Eric Seidel.
3812
3813         Add WTFString method to compare equality with Vector<UChar>
3814         https://bugs.webkit.org/show_bug.cgi?id=53266
3815
3816         I'm planning to use this method in the new XSS filter implementation,
3817         but it seems generally useful.
3818
3819         * wtf/text/StringImpl.h:
3820         (WTF::equalIgnoringNullity):
3821         * wtf/text/WTFString.h:
3822         (WTF::equalIgnoringNullity):
3823
3824 2011-01-27  Michael Saboff  <msaboff@apple.com>
3825
3826         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3827         https://bugs.webkit.org/show_bug.cgi?id=53271
3828
3829         Added new isValid() methods to check if a contained object in
3830         a WeakGCMap is valid when using an unchecked iterator.
3831
3832         * runtime/WeakGCMap.h:
3833         (JSC::WeakGCMap::isValid):
3834
3835 2011-01-26  Sam Weinig  <sam@webkit.org>
3836
3837         Reviewed by Maciej Stachowiak.
3838
3839         Add events to represent the start/end of a gesture scroll
3840         https://bugs.webkit.org/show_bug.cgi?id=53215
3841
3842         * wtf/Platform.h: Add ENABLE for gesture events. 
3843
3844 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
3845
3846         Reviewed by Laszlo Gombos.
3847
3848         [Qt][Symbian] Fix --minimal build
3849         https://bugs.webkit.org/show_bug.cgi?id=52839
3850
3851         Move definition of USE_SYSTEM_MALLOC out of pri file.
3852         Put it in platform.h instead.
3853
3854         * wtf/Platform.h:
3855         * wtf/TCSystemAlloc.cpp:
3856         * wtf/wtf.pri:
3857
3858 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
3859
3860         Reviewed by Andreas Kling.
3861
3862         [WINCE] Add JIT support to build system
3863         https://bugs.webkit.org/show_bug.cgi?id=53079
3864
3865         * CMakeListsWinCE.txt:
3866
3867 2011-01-25  Adam Roben  <aroben@apple.com>
3868
3869         Windows Production build fix
3870
3871         Reviewed by Steve Falkenburg.
3872
3873         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
3874         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
3875         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
3876
3877 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
3878
3879         Rubber-stamped by Adam Roben.
3880
3881         Windows production build fix.
3882         Use correct environment variable escaping
3883
3884         * JavaScriptCore.vcproj/JavaScriptCore.make:
3885         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
3886
3887 2011-01-25  Oliver Hunt  <oliver@apple.com>
3888
3889         Reviewed by Gavin Barraclough.
3890
3891         JSON.stringify processing time exponentially grows with size of object
3892         https://bugs.webkit.org/show_bug.cgi?id=51922
3893
3894         Remove last use of reserveCapacity from JSON stringification, as it results
3895         in appalling append behaviour when there are a large number of property names
3896         and nothing else.
3897
3898         * runtime/JSONObject.cpp:
3899         (JSC::Stringifier::appendQuotedString):
3900
3901 2011-01-25  Antti Koivisto  <antti@apple.com>
3902
3903         Not reviewed.
3904         
3905         Try to fix windows build.
3906
3907         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3908
3909 2011-01-25  Antti Koivisto  <antti@apple.com>
3910
3911         Reviewed by Oliver Hunt.
3912
3913         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
3914         https://bugs.webkit.org/show_bug.cgi?id=53061
3915          
3916         Cache did not know about the subclass so failed to fully delete the items. 
3917         Got rid of the subclass and moved the classes to separate files.
3918
3919         * CMakeLists.txt:
3920         * GNUmakefile.am:
3921         * JavaScriptCore.exp:
3922         * JavaScriptCore.gypi:
3923         * JavaScriptCore.pro:
3924         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3925         * JavaScriptCore.xcodeproj/project.pbxproj:
3926         * parser/JSParser.cpp:
3927         (JSC::JSParser::Scope::saveFunctionInfo):
3928         (JSC::JSParser::Scope::restoreFunctionInfo):
3929         (JSC::JSParser::findCachedFunctionInfo):
3930         (JSC::JSParser::parseFunctionInfo):
3931         * parser/SourceProvider.h:
3932         * parser/SourceProviderCache.cpp: Added.
3933         (JSC::SourceProviderCache::~SourceProviderCache):
3934         (JSC::SourceProviderCache::byteSize):
3935         * parser/SourceProviderCache.h: Added.
3936         (JSC::SourceProviderCache::SourceProviderCache):
3937         (JSC::SourceProviderCache::add):
3938         (JSC::SourceProviderCache::get):
3939         * parser/SourceProviderCacheItem.h: Added.
3940         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
3941         (JSC::SourceProviderCacheItem::approximateByteSize):
3942         (JSC::SourceProviderCacheItem::closeBraceToken):
3943
3944 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
3945
3946         Reviewed by Darin Adler.
3947
3948         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
3949         statement
3950         https://bugs.webkit.org/show_bug.cgi?id=53087.
3951
3952         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
3953         with a "return" so that the code is more readable and less error pro
3954         (e.g., "else" doesn't use braces so adding extra lines to the else
3955         block won't have any effect; even worse, code still compiles
3956         successfully.
3957
3958         * wtf/Assertions.cpp:
3959
3960 2011-01-24  Chris Marrin  <cmarrin@apple.com>
3961
3962         Reviewed by Eric Seidel.
3963
3964         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
3965         https://bugs.webkit.org/show_bug.cgi?id=53041
3966
3967         * Configurations/FeatureDefines.xcconfig:
3968
3969 2011-01-25  Adam Roben  <aroben@apple.com>
3970
3971         Windows Production build fix
3972
3973         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
3974
3975 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
3976
3977         Reviewed by Eric Seidel.
3978
3979         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
3980         https://bugs.webkit.org/show_bug.cgi?id=52949
3981
3982         * jit/JITStubs.cpp:
3983
3984 2011-01-24  Adam Roben  <aroben@apple.com>
3985
3986         Windows Production build fix
3987
3988         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
3989
3990 2011-01-24  Peter Varga  <pvarga@webkit.org>
3991
3992         Reviewed by Oliver Hunt.
3993
3994         Optimize regex patterns which contain empty alternatives
3995         https://bugs.webkit.org/show_bug.cgi?id=51395
3996
3997         Eliminate the empty alternatives from the regex pattern and convert it to do
3998         the matching in an easier way.
3999
4000         * yarr/YarrPattern.cpp:
4001         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
4002
4003 2011-01-24  Andras Becsi  <abecsi@webkit.org>
4004
4005         Reviewed by Csaba Osztrogonác.
4006
4007         [Qt] Move project files into Source
4008         https://bugs.webkit.org/show_bug.cgi?id=52891
4009
4010         * JavaScriptCore.pri:
4011         * JavaScriptCore.pro:
4012         * jsc.pro:
4013
4014 2011-01-23  Mark Rowe  <mrowe@apple.com>
4015
4016         Follow-up to r76477.
4017
4018         Fix the scripts that detect problematic code such as static initializers
4019         and destructors, weak vtables, inappropriate files in the framework wrappers,
4020         and public headers including private headers. These had all been broken
4021         since the projects were moved in to the Source directory as the paths to the
4022         scripts were not updated at that time.
4023
4024         * JavaScriptCore.xcodeproj/project.pbxproj:
4025
4026 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
4027
4028         Reviewed by Darin Adler.
4029
4030         Use WTF::StringHasher in WebCore
4031         https://bugs.webkit.org/show_bug.cgi?id=52934
4032
4033         Add an additional function to calculate the hash
4034         of data with a runtimedependent size.
4035
4036         * wtf/StringHasher.h:
4037         (WTF::StringHasher::createBlobHash):
4038
4039 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
4040
4041         Reviewed by David Kilzer.
4042