2011-02-15 Pratik Solanki <psolanki@apple.com>
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-15  Pratik Solanki  <psolanki@apple.com>
2
3         Move WTF_USE_CFNETWORK to Platform.h
4         https://bugs.webkit.org/show_bug.cgi?id=54168
5
6         Reviewed by Darin Adler.
7
8         * wtf/Platform.h: Define WTF_USE_CFNETWORK for Windows builds.
9
10 2011-02-15  Geoffrey Garen  <ggaren@apple.com>
11
12         Reviewed by Darin Adler.
13
14         Moved MarkedBlock data members to the head of the block
15         https://bugs.webkit.org/show_bug.cgi?id=54482
16         
17         This allows for a variable-sized tail, to accommodate oversized blocks.
18
19         SunSpider reports no change.
20         
21         * runtime/JSCell.h:
22         (JSC::JSCell::MarkedBlock::allocate):
23         * runtime/MarkedBlock.cpp:
24         (JSC::MarkedBlock::destroy):
25         (JSC::MarkedBlock::MarkedBlock):
26         (JSC::MarkedBlock::sweep):
27         * runtime/MarkedBlock.h: Added missing element to the CELLS_PER_BLOCK
28         calculation. This kind of error is why we want to migrate to the system
29         described below.
30
31         (JSC::roundUpToMultipleOf):
32         (JSC::MarkedBlock::firstCell):
33         (JSC::MarkedBlock::cells):
34         (JSC::MarkedBlock::cellNumber): Use subtraction instead of masking to
35         calculate cell number. The mask is no longer correct because the first
36         cell is not at the head of the block.
37
38         (JSC::MarkedBlock::forEach): Replaced m_cells data member with a cells()
39         accessor. We want to use sizeof(MarkedBlock) to calculate the size of the
40         block header, so we can't have an explicit data member to represent the block tail.
41         
42         Also replaced iteration from zero with iteration from startCell(), since
43         the first N cells are now occupied by the header.
44
45         * runtime/MarkedSpace.cpp:
46         (JSC::MarkedSpace::MarkedSpace):
47         (JSC::MarkedSpace::reset): Replaced iteration from zero as above.
48
49 2011-02-15  Chris Rogers  <crogers@google.com>
50
51         Reviewed by Alexey Proskuryakov.
52
53         Fix Mutex::tryLock() on Windows to work properly with PlatformCondition::timedWait()
54         https://bugs.webkit.org/show_bug.cgi?id=54408
55
56         * wtf/ThreadingWin.cpp:
57         (WTF::PlatformCondition::timedWait):
58
59 2011-02-15  Xan Lopez  <xlopez@igalia.com>
60
61         Reviewed by Martin Robinson.
62
63         Remove some dead code in ARMv7
64         https://bugs.webkit.org/show_bug.cgi?id=54461
65
66         * assembler/ARMv7Assembler.h: remove dead code.
67
68 2011-02-14  Geoffrey Garen  <ggaren@apple.com>
69
70         Rubber-stamped by Gavin Barraclough.
71
72         Some MarkedBlock refactoring.
73         
74         Made cells private.
75         
76         Renamed cells => m_cells
77                 marked => m_marks.
78
79         * runtime/JSCell.h:
80         (JSC::JSCell::MarkedBlock::allocate):
81         * runtime/MarkedBlock.cpp:
82         (JSC::MarkedBlock::destroy):
83         (JSC::MarkedBlock::MarkedBlock):
84         (JSC::MarkedBlock::sweep):
85         * runtime/MarkedBlock.h:
86         (JSC::MarkedBlock::isEmpty):
87         (JSC::MarkedBlock::clearMarks):
88         (JSC::MarkedBlock::markCount):
89         (JSC::MarkedBlock::isMarked):
90         (JSC::MarkedBlock::testAndSetMarked):
91         (JSC::MarkedBlock::setMarked):
92         (JSC::MarkedBlock::forEach):
93
94 2011-02-14  Adam Barth  <abarth@webkit.org>
95
96         Reviewed by Eric Seidel.
97
98         Add basic parser for Content Security Policy
99         https://bugs.webkit.org/show_bug.cgi?id=54379
100
101         Add a constructor for copying a Vector into a String.  I suspect there
102         are a number of call sites that are doing this manually that would
103         benefit from being moved to this API.
104
105         * wtf/text/WTFString.h:
106         (WTF::String::String):
107
108 2011-02-14  Pavel Podivilov  <podivilov@chromium.org>
109
110         Reviewed by Yury Semikhatsky.
111
112         Web Inspector: use call frame column to determine execution line in source frame.
113         https://bugs.webkit.org/show_bug.cgi?id=54001
114
115         * wtf/text/TextPosition.h:
116         (WTF::ZeroBasedNumber::convertAsOneBasedInt):
117
118 2011-02-13  Jeremy Moskovich  <jeremy@chromium.org>
119
120         Reviewed by Adam Barth.
121
122         Add a compile-time option to completely disable WebArchive support.
123         https://bugs.webkit.org/show_bug.cgi?id=52712
124
125         Add an ENABLE(WEB_ARCHIVE) compile-time setting and use it for all WebArchive code.
126         Ports Affected:
127             WebArchive support is currently enabled for all ports that define PLATFORM(CF) apart from Qt.
128             This patch preserves this behavior except that it also disables support in the Chromium port.
129
130         * wtf/Platform.h: Add ENABLE_WEB_ARCHIVE definition and turn it off explicitly for Qt & Chromium ports.
131
132 2011-02-13  Cameron Zwarich  <zwarich@apple.com>
133
134         Reviewed by Dan Bernstein.
135
136         Bug 53760 - JSC fails to build with TOT Clang
137         https://bugs.webkit.org/show_bug.cgi?id=53760
138
139         Fix -Woverloaded-virtual warnings. This is also a 6% speedup on the v8 raytrace
140         benchmark; it is nothing-to-noise on everything else.
141
142         * API/JSCallbackObject.h: Remove pointlessly overloaded method.
143         * API/JSCallbackObjectFunctions.h: Ditto.
144         * runtime/Arguments.cpp: 
145         (JSC::Arguments::put): Change signature to match the base class. This implementation
146         was no longer being called by anyone. This wasn't noticed because it is merely an
147         optimization of the base class' implementation.
148         * runtime/Arguments.h: Ditto.
149
150 2011-02-12  Adam Barth  <abarth@webkit.org>
151
152         Reviewed by Mark Rowe.
153
154         Use /dev/urandom as the OSRandomSource on OS(DARWIN)
155         https://bugs.webkit.org/show_bug.cgi?id=54279
156
157         I'm not sure it makes much of a difference whether we use arc4random or
158         /dev/urandom on Mac.  However, there's some aesthetic benefit to using
159         the same underlying API on as many platforms as reasonable.
160
161         * config.h:
162         * wtf/OSRandomSource.cpp:
163         (WTF::cryptographicallyRandomValuesFromOS):
164
165 2011-02-12  Adam Barth  <abarth@webkit.org>
166
167         Reviewed by Kenneth Russell.
168
169         Enable ArrayBuffers by default
170         https://bugs.webkit.org/show_bug.cgi?id=54310
171
172         Export the required functions.
173
174         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
175
176 2011-02-11  Daniel Bates  <dbates@rim.com>
177
178         Reviewed by Geoffrey Garen.
179
180         Remove explicit disable ENABLE_ASSEMBLER_WX_EXCLUSIVE on non-iOS ports
181         https://bugs.webkit.org/show_bug.cgi?id=54107
182         
183         It is unnecessary to explicitly disable ENABLE_ASSEMBLER_WX_EXCLUSIVE
184         by the definition of ENABLE().
185
186         * wtf/Platform.h:
187
188 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
189
190         Not reviewed.
191
192         Randomly touch some build files in the hopes of fixing the Qt build.
193
194         * JavaScriptCore.gypi:
195         * JavaScriptCore.pri:
196         * JavaScriptCore.pro:
197
198 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
199
200         Reviewed by Sam Weinig.
201
202         Garbage collection timer cycles forever, even when nothing is happening
203         https://bugs.webkit.org/show_bug.cgi?id=54320
204         
205         (Rolling back in r78386 with the build fixed.)
206
207         * runtime/GCActivityCallbackCF.cpp:
208         (JSC::DefaultGCActivityCallbackPlatformData::trigger): Be sure to make
209         our timer inert after forcing a GC, to avoid GC'ing repeatedly.
210
211 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
212
213         Not reviewed.
214         
215         Used svn merge -r78386:78385 to roll out r78386 because it broke the build.
216
217         * runtime/GCActivityCallbackCF.cpp:
218         (JSC::DefaultGCActivityCallbackPlatformData::trigger):
219
220 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
221
222         Reviewed by Sam Weinig.
223
224         Garbage collection timer cycles forever, even when nothing is happening
225         https://bugs.webkit.org/show_bug.cgi?id=54320
226
227         * runtime/GCActivityCallbackCF.cpp:
228         (JSC::DefaultGCActivityCallbackPlatformData::trigger): Be sure to make
229         our timer inert after forcing a GC, to avoid GC'ing repeatedly.
230
231 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
232
233         Try to fix the Windows build: added an exported symbol.
234
235         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
236
237 2011-02-11  Geoffrey Garen  <ggaren@apple.com>
238
239         Reviewed by Oliver Hunt.
240
241         A little more encapsulation for the heap: Removed CollectorHeapIterator
242         https://bugs.webkit.org/show_bug.cgi?id=54298
243         
244         CollectorHeapIterator is a God object that knows the internals of each
245         of the pieces of the heap. This undermines the encapsulation I'm trying
246         to achieve by splitting concepts into different classes.
247         
248         As an alternative, I've given each class a forEach iteration function,
249         which takes a functor as an argument. Now, each class just needs to
250         know how to iterate the things it knows about.
251
252         * GNUmakefile.am:
253         * JavaScriptCore.exp:
254         * JavaScriptCore.gypi:
255         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Removed CollectorHeapIterator.
256
257         * debugger/Debugger.cpp:
258         (JSC::Recompiler::Recompiler):
259         (JSC::Recompiler::~Recompiler):
260         (JSC::Recompiler::operator()):
261         (JSC::Debugger::recompileAllJSFunctions): Updated to use forEach interface
262         instead of an iterator.
263
264         * runtime/CollectorHeapIterator.h: Removed.
265
266         * runtime/Heap.cpp:
267         (JSC::TypeCounter::TypeCounter):
268         (JSC::TypeCounter::typeName):
269         (JSC::TypeCounter::operator()):
270         (JSC::TypeCounter::take):
271         (JSC::Heap::protectedObjectTypeCounts):
272         (JSC::Heap::objectTypeCounts): Added forEach and removed iterator.
273
274         * runtime/Heap.h:
275         (JSC::Heap::forEach):
276         * runtime/JSGlobalData.cpp:
277         (JSC::Recompiler::operator()):
278         (JSC::JSGlobalData::recompileAllJSFunctions):
279
280         * runtime/MarkedBlock.h:
281         (JSC::MarkedBlock::forEach): Added forEach. Removed friend declaration
282         for CollectorHeapIterator. Now, we can make all our data private and
283         change it without breaking any other classes.
284
285         * runtime/MarkedSpace.cpp:
286         * runtime/MarkedSpace.h:
287         (JSC::MarkedSpace::forEach): Added forEach and removed iterator.
288
289 2011-02-11  Adam Barth  <abarth@webkit.org>
290
291         Reviewed by Andreas Kling.
292
293         CryptographicRandomNumber has its threading ifdefs backwards
294         https://bugs.webkit.org/show_bug.cgi?id=54280
295
296         Turns out we want the mutex when thread is enabled.  :)
297
298         * wtf/CryptographicallyRandomNumber.cpp:
299         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
300         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
301
302 2011-02-10  Adam Barth  <abarth@webkit.org>
303
304         Reviewed by Eric Seidel.
305
306         WebKit should have a cryptographic RNG
307         https://bugs.webkit.org/show_bug.cgi?id=22049
308
309         Teach JavaScriptCore how to export this function.
310
311         * JavaScriptCore.exp:
312         * JavaScriptCore.xcodeproj/project.pbxproj:
313
314 2011-02-10  Geoffrey Garen  <ggaren@apple.com>
315
316         Reviewed by Sam Weinig.
317
318         A little more encapsulation for MarkedBlock: Made all constants private
319         so clients don't know whether allocations are fixed-sized or not
320         https://bugs.webkit.org/show_bug.cgi?id=54270
321         
322         SunSpider reports no change.
323
324         * runtime/CollectorHeapIterator.h:
325         (JSC::CollectorHeapIterator::advance): Updated for removal of HeapConstants.
326
327         * runtime/Error.cpp: Switched to using ASSERT_CLASS_FITS_IN_CELL, like
328         all other classes.
329
330         * runtime/Heap.cpp:
331         (JSC::Heap::allocate): Updated for removal of HeapConstants.
332         (JSC::Heap::reset): Updated to use size(), instead of calculating size
333         on our own.
334
335         * runtime/Heap.h: Moved the ASSERT here to MarkedBlock, since it enforces
336         on special knowledge of fixed-sizery, which only MarkedBlock is supposed
337         to know about.
338
339         * runtime/JSCell.h:
340         (JSC::JSCell::MarkedBlock::allocate): Updated for removal of HeapConstants.
341         Also changed to reset nextCell to 0 at the end of a block, since that
342         seems more consistent.
343
344         * runtime/JSGlobalData.cpp:
345         (JSC::JSGlobalData::storeVPtrs): Changed to use a fixed array of char.
346         This hard-coded size is a little wonky, but the compiler will tell us
347         if it's ever wrong, so I think it's OK.
348
349         * runtime/MarkedBlock.cpp:
350         (JSC::MarkedBlock::destroy):
351         (JSC::MarkedBlock::MarkedBlock):
352         (JSC::MarkedBlock::sweep): Updated for removal of HeapConstants.
353
354         * runtime/MarkedBlock.h:
355         (JSC::MarkedBlock::isEmpty):
356         (JSC::MarkedBlock::clearMarks):
357         (JSC::MarkedBlock::size):
358         (JSC::MarkedBlock::capacity): Made constants private to this class.
359         Removed HeapConstants. Added size() and capacity() functions.
360
361         * runtime/MarkedSpace.cpp:
362         (JSC::MarkedSpace::allocate):
363         (JSC::MarkedSpace::objectCount):
364         (JSC::MarkedSpace::size):
365         (JSC::MarkedSpace::capacity):
366         * runtime/MarkedSpace.h: Use MarkedBlock helper functions instead of
367         direct knowledge of MarkedBlock internals.
368
369 2011-02-10  Geoffrey Garen  <ggaren@apple.com>
370
371         Reviewed by Sam Weinig.
372
373         A little more encapsulation for MarkedBlock: Made mark bits private
374         https://bugs.webkit.org/show_bug.cgi?id=54264
375         
376         SunSpider reports no change.
377
378         * runtime/Heap.cpp:
379         (JSC::Heap::markRoots):
380         (JSC::Heap::reset): Renamed clearMarkBits => clearMarks, since clients
381         don't need to know that marks are represented as bits. Renamed
382         markedCells => markCount, since clients don't need to know that blocks
383         are split into cells.
384
385         * runtime/MarkedBlock.h:
386         (JSC::MarkedBlock::isEmpty):
387         (JSC::MarkedBlock::clearMarks):
388         (JSC::MarkedBlock::markCount): New helper functions for encapsulating
389         the information clients actually need.
390
391         * runtime/MarkedSpace.cpp:
392         (JSC::MarkedSpace::destroy):
393         (JSC::MarkedSpace::shrink):
394         (JSC::MarkedSpace::clearMarks):
395         (JSC::MarkedSpace::markCount):
396         (JSC::MarkedSpace::objectCount):
397         * runtime/MarkedSpace.h: Use new helper functions instead of accessing
398         MarkedBlock data directly.
399
400 2011-02-10  Michael Saboff  <msaboff@apple.com>
401
402         Reviewed by Geoffrey Garen.
403
404         Cached JavaScript Parser Data Being Left in Memory Cache
405         https://bugs.webkit.org/show_bug.cgi?id=54245
406
407         Added clear method which removes SourceProviderCache items.
408         Cleaned up extraneous whitespace.
409
410         * JavaScriptCore.exp:
411         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
412         * parser/SourceProviderCache.cpp:
413         (JSC::SourceProviderCache::~SourceProviderCache):
414         (JSC::SourceProviderCache::clear):
415         (JSC::SourceProviderCache::byteSize):
416         (JSC::SourceProviderCache::add):
417         * parser/SourceProviderCache.h:
418
419 2011-02-10  Joseph Pecoraro  <joepeck@webkit.org>
420
421         Follow-up fix to r78291. I should pass (int) 0, not '0' to memset. 
422
423         * runtime/GCActivityCallbackCF.cpp:
424         (JSC::DefaultGCActivityCallback::commonConstructor): fix mistaken post-review change.
425
426 2011-02-10  Joseph Pecoraro  <joepeck@webkit.org>
427
428         Reviewed by Geoffrey Garen.
429
430         Make DefaultGCActivityCallback for PLATFORM(CF) Easier to Subclass
431         https://bugs.webkit.org/show_bug.cgi?id=54257
432
433         A subclass may want to specify the CFRunLoop that the Garbage Collection
434         will happen on. It was difficult to manipulate this in a subclass because
435         the current DefaultGCActivityCallback class does this in its constructor.
436         This patch generalizes things a bit more so that a specific run loop can
437         be passed in to the constructor. This makes it so all run loop management
438         can stay in DefaultGCActivityCallback and a subclass can specify any runloop.
439
440         * runtime/GCActivityCallback.h: expose a PLATFORM(CF) constructor that can
441         specify the runloop GC can be scheduled on.
442         * runtime/GCActivityCallbackCF.cpp:
443         (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback): two constructors,
444         one that specifies the run loop and passes that on to commonConstructor and
445         the old constructor defaults to the current run loop.
446         (JSC::DefaultGCActivityCallback::commonConstructor): do normal construction,
447         adding the timer to the given runloop.
448
449 2011-02-10  Geoffrey Garen  <ggaren@apple.com>
450
451         Reviewed by Oliver Hunt.
452
453         A little more encapsulation for MarkedBlock: Moved allocate() and sweep() into MarkedBlock
454         https://bugs.webkit.org/show_bug.cgi?id=54253
455         
456         SunSpider reports no change.
457
458         * runtime/CollectorHeapIterator.h: Removed DeadObjectIterator, since it
459         is now unused.
460
461         * runtime/Heap.cpp:
462         (JSC::Heap::reset): Moved the call to shrink() here, since it seems a
463         little more clear for MarkedSpace's client to tell it explicitly when to
464         shrink.
465
466         * runtime/JSCell.h:
467         (JSC::JSCell::MarkedBlock::allocate): Split out from MarkedSpace::allocate.
468
469         * runtime/MarkedBlock.cpp:
470         (JSC::MarkedBlock::sweep): Split out from MarkedSpace::sweep, and
471         converted to more directly iterate a MarkedBlock based on knowing its
472         internal structure.
473
474         * runtime/MarkedBlock.h:
475         * runtime/MarkedSpace.cpp:
476         (JSC::MarkedSpace::allocate):
477         (JSC::MarkedSpace::sweep):
478         * runtime/MarkedSpace.h: Split out the code mentioned above.
479
480 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
481
482         Reviewed by Andreas Kling.
483
484         Fix compilation error on OpenBSD
485         https://bugs.webkit.org/show_bug.cgi?id=53766
486
487         Add a HAVE_STRNSTR in Platform.h and define it only on Darwin and FreeBSD.
488
489         * wtf/Platform.h:
490         * wtf/StringExtras.h: Use HAVE(STRNSTR) now.
491
492 2011-02-10  Adam Roben  <aroben@apple.com>
493
494         Print locations of assertions and logs in a way that Visual Studio understands
495
496         With this change, double-clicking one of these locations in Visual Studio's Output Window
497         will focus that line of code in the editor.
498
499         Fixes <http://webkit.org/b/54208> Double-clicking locations of assertions/logs in Visual
500         Studio's Output Window does nothing
501
502         Reviewed by Alexey Proskuryakov.
503
504         * wtf/Assertions.cpp:
505         (printCallSite): Use OS(WINDOWS) instead of the meaningless OS(WIN). When we aren't using
506         the debug CRT (and thus can't call _CrtDbgReport), print the file and line number using the
507         same format that cl.exe uses when it prints compiler errors.
508
509 2011-02-10  Dan Bernstein  <mitz@apple.com>
510
511         LLVM Compiler build fix.
512
513         * runtime/MarkedBlock.cpp:
514         (JSC::MarkedBlock::create):
515
516 2011-02-10  Peter Varga  <pvarga@webkit.org>
517
518         Reviewed by Csaba Osztrogonác.
519
520         Remove PCRE source from trunk
521         https://bugs.webkit.org/show_bug.cgi?id=54188
522
523         * Android.mk:
524         * Android.v8.wtf.mk:
525         * CMakeLists.txt:
526         * DerivedSources.make:
527         * DerivedSources.pro:
528         * GNUmakefile.am:
529         * JavaScriptCore.gypi:
530         * JavaScriptCore.order:
531         * JavaScriptCore.pri:
532         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
533         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
534         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
535         * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops:
536         * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
537         * JavaScriptCore.xcodeproj/project.pbxproj:
538         * pcre/AUTHORS: Removed.
539         * pcre/COPYING: Removed.
540         * pcre/dftables: Removed.
541         * pcre/pcre.h: Removed.
542         * pcre/pcre.pri: Removed.
543         * pcre/pcre_compile.cpp: Removed.
544         * pcre/pcre_exec.cpp: Removed.
545         * pcre/pcre_internal.h: Removed.
546         * pcre/pcre_tables.cpp: Removed.
547         * pcre/pcre_ucp_searchfuncs.cpp: Removed.
548         * pcre/pcre_xclass.cpp: Removed.
549         * pcre/ucpinternal.h: Removed.
550         * pcre/ucptable.cpp: Removed.
551         * wscript:
552
553 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
554
555         Reviewed by Adam Barth.
556
557         Add randomValuesFromOS for OS(WINDOWS)
558         https://bugs.webkit.org/show_bug.cgi?id=54155
559
560         Use CryptGenRandom for generating cryptographically secure random numbers.
561         This will work on WinCE and MinGW too.
562
563         * config.h:
564         * wtf/OSRandomSource.cpp:
565         (WTF::randomValuesFromOS):
566
567 2011-02-10  Jarred Nicholls  <jarred@sencha.com>
568
569         Reviewed by Adam Barth.
570
571         REGRESSION(r78149): Return value of read() shouldn't be ignored.
572         https://bugs.webkit.org/show_bug.cgi?id=54167
573         
574         stdio read should have its return value handled. Build error in gcc 4.4.5.
575
576         * wtf/OSRandomSource.cpp:
577         (WTF::randomValuesFromOS):
578
579 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
580
581         Reviewed by Adam Barth.
582
583         Rename randomValuesFromOS to cryptographicallyRandomValuesFromOS
584         https://bugs.webkit.org/show_bug.cgi?id=54156
585
586         randomValuesFromOS generates random numbers of cryptographic quality.
587         Make this clear by adding "cryptographically" to the function name.
588
589         * wtf/CryptographicallyRandomNumber.cpp:
590         (WTF::ARC4Stream::ARC4RandomNumberGenerator::stir):
591         * wtf/OSRandomSource.cpp:
592         (WTF::cryptographicallyRandomValuesFromOS):
593         * wtf/OSRandomSource.h:
594
595 2011-02-09  Mark Rowe  <mrowe@apple.com>
596
597         Reviewed by Sam Weinig.
598
599         <rdar://problem/8805364> Malloc zone enumeration code should be safe in the face of errors from the memory reader.
600
601         * wtf/FastMalloc.cpp:
602         (WTF::PageHeapAllocator::recordAdministrativeRegions): Use the new helper function to walk the linked list safely.
603         (WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Ditto.
604         (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto.
605         (WTF::TCMallocStats::PageMapFreeObjectFinder::visit): Bail out if the span could not be read.
606         (WTF::TCMallocStats::PageMapMemoryUsageRecorder::visit): Ditto.
607         * wtf/MallocZoneSupport.h:
608         (WTF::RemoteMemoryReader::operator()): Remove an assert that is not valid.
609         (WTF::RemoteMemoryReader::nextEntryInLinkedList): Add a helper function for retrieving the next entry in
610         a linked list. It maps a failed read of the remote memory in to a null pointer, which all callers can
611         handle gracefully.
612
613 2011-02-09  Gavin Barraclough  <barraclough@apple.com>
614
615         Reviewed by Sam Weinig.
616
617         Bug 54164 - Optimize global_var accesses on JSVALUE64
618
619         Directly embed the pointer to d->registers, optimize out the load
620         from the variable object, as we do already in JSVALUE32_64.
621
622         This is a ~1.5% win on sunspidey.
623
624         * jit/JIT.cpp:
625         * jit/JIT.h:
626         * jit/JITOpcodes.cpp:
627         (JSC::JIT::emit_op_get_global_var):
628         (JSC::JIT::emit_op_put_global_var):
629         (JSC::JIT::emit_op_get_scoped_var):
630         (JSC::JIT::emit_op_put_scoped_var):
631
632 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
633
634         Reviewed by Oliver Hunt.
635
636         A little more encapsulation for MarkedBlock: Made MarkedBlock responsible
637         for its own initialization and destruction
638         https://bugs.webkit.org/show_bug.cgi?id=54137
639
640         * runtime/CollectorHeapIterator.h: Removed ObjectIterator since it is
641         now unused.
642
643         * runtime/JSCell.h: Maded MarkedBlock a friend so it can construct and
644         destruct JSCells.
645
646         * runtime/MarkedBlock.cpp:
647         (JSC::MarkedBlock::create):
648         (JSC::MarkedBlock::destroy):
649         (JSC::MarkedBlock::MarkedBlock): Migrated initialization and destruction
650         code from MarkedSpace, updating it not to use ObjectIterator. We don't
651         want to use an abstract iterator since iteration will be unique to each
652         block in the future.
653
654         * runtime/MarkedBlock.h: Made the consructor private and moved it into
655         the .cpp file because it's big now.
656
657         * runtime/MarkedSpace.cpp:
658         (JSC::MarkedSpace::allocateBlock):
659         (JSC::MarkedSpace::freeBlock): Migrated code.
660
661         * runtime/MarkedSpace.h:
662         (JSC::CollectorHeap::collectorBlock): Keep a vector of MarkedBlock
663         pointers instead of aligned allocations -- how MarkedBlocks are allocated
664         is now an implementation detail of MarkedBlock.
665
666 2011-02-09  Adam Barth  <abarth@webkit.org>
667
668         Another attempt to fix the Qt Windows build.
669
670         * config.h:
671         * wtf/OSRandomSource.cpp:
672         (WTF::randomValuesFromOS):
673
674 2011-02-09  Adam Barth  <abarth@webkit.org>
675
676         Attempt to fix the Qt Windows build.
677
678         * wtf/OSRandomSource.cpp:
679         (WTF::randomValuesFromOS):
680
681 2011-02-09  Adam Barth  <abarth@webkit.org>
682
683         Reviewed by Eric Seidel.
684
685         Add WTF::cryptographicallyRandomNumber
686         https://bugs.webkit.org/show_bug.cgi?id=54083
687
688         Introduce a cryptographically strong random number generator to WTF.
689         The random number generator is based on arc4random as found in:
690
691         http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c?rev=1.22
692
693         I've changed to source to WebKit style and abstracted the operating
694         system interaction to OSRandomSource.  We'll use this functionality to
695         expose a cryptographically strong random number generator to
696         JavaScript.
697
698         * Android.mk:
699         * Android.v8.wtf.mk:
700         * GNUmakefile.am:
701         * JavaScriptCore.gypi:
702         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
703         * JavaScriptCore.xcodeproj/project.pbxproj:
704         * config.h:
705         * wtf/CMakeLists.txt:
706         * wtf/CryptographicallyRandomNumber.cpp: Added.
707         (WTF::initMutexIfNeeded):
708         (WTF::init):
709         (WTF::addRandomData):
710         (WTF::stir):
711         (WTF::stirIfNeeded):
712         (WTF::getByte):
713         (WTF::getWord):
714         (WTF::cryptographicallyRandomNumber):
715         (WTF::cryptographicallyRandomValues):
716         * wtf/CryptographicallyRandomNumber.h: Added.
717         * wtf/OSRandomSource.cpp: Added.
718         (WTF::randomValuesFromOS):
719         * wtf/OSRandomSource.h: Added.
720         * wtf/wtf.pri:
721
722 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
723
724         Try to fix the build.
725
726         * wtf/Bitmap.h: Include string.h for memset. Not sure why this started
727         failing now.
728
729 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
730
731         Reviewed by Sam Weinig.
732
733         A tiny bit of encapsulation for MarkedBlock: made its heap data member private
734         https://bugs.webkit.org/show_bug.cgi?id=54129
735
736         * runtime/MarkedBlock.h:
737         (JSC::MarkedBlock::isCellAligned):
738         (JSC::MarkedBlock::MarkedBlock):
739         (JSC::MarkedBlock::heap): Made the heap data member private, and provided
740         a constructor and an accessor.
741
742         * runtime/MarkedSpace.cpp:
743         (JSC::MarkedSpace::allocateBlock):
744         * runtime/MarkedSpace.h:
745         (JSC::MarkedSpace::heap): Use the constructor and accessor.
746
747 2011-02-09  Peter Varga  <pvarga@webkit.org>
748
749         Reviewed by Gavin Barraclough.
750
751         Replace PCRE with Yarr in WebCore
752         https://bugs.webkit.org/show_bug.cgi?id=53496
753
754         * JavaScriptCore.exp:
755         * JavaScriptCore.gyp/JavaScriptCore.gyp:
756         * JavaScriptCore.gypi:
757         * JavaScriptCore.pro:
758         * JavaScriptCore.xcodeproj/project.pbxproj:
759         * create_regex_tables:
760         * runtime/RegExp.cpp:
761         * wtf/Platform.h:
762         * yarr/Yarr.h:
763         * yarr/YarrJIT.cpp:
764         * yarr/YarrJIT.h:
765         * yarr/YarrParser.h:
766         * yarr/YarrPattern.h:
767         * yarr/YarrSyntaxChecker.h:
768         * yarr/yarr.pri: Added.
769
770 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
771
772         Reviewed by Sam Weinig.
773
774         Removed some dead code from Heap
775         https://bugs.webkit.org/show_bug.cgi?id=54064
776
777         * runtime/MarkedSpace.cpp: Removed some now-unused constants and
778         declarations.
779
780         (JSC::MarkedSpace::allocate): Removed some ASSERTs that are also ASSERTed
781         by our caller. Removed redundant typedefs.
782
783 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
784
785         Reviewed by Sam Weinig.
786
787         Use a vector to track blocks in the Heap, instead of hand-rolled vector-like code
788         https://bugs.webkit.org/show_bug.cgi?id=54062
789         
790         SunSpider reports no change.
791
792         * runtime/CollectorHeapIterator.h:
793         (JSC::CollectorHeapIterator::isValid):
794         (JSC::CollectorHeapIterator::isLive): Updated for new mark invariant: To
795         know if an object is live, you just need to test its mark bit.
796
797         * runtime/MarkedSpace.cpp:
798         (JSC::MarkedSpace::MarkedSpace): Moved waterMark and highWaterMark from
799         CollectorHeap into MarkedSpace, since they're global state. Removed call
800         to memset since CollectorHeap is a true class with its own constructor now.
801
802         (JSC::MarkedSpace::destroy): Change uses of m_heap.usedBlocks to
803         m_heap.blocks.size(), and m_heap.numBlocks to m_heap.blocks.capacity().
804
805         (JSC::MarkedSpace::allocateBlock):
806         (JSC::MarkedSpace::freeBlock): No need to manage our vector manually anymore.
807
808         (JSC::MarkedSpace::allocate):
809         (JSC::MarkedSpace::shrink):
810         (JSC::MarkedSpace::clearMarkBits):
811         (JSC::MarkedSpace::markedCells):
812         (JSC::MarkedSpace::sweep):
813         (JSC::MarkedSpace::objectCount):
814         (JSC::MarkedSpace::capacity):
815         (JSC::MarkedSpace::reset):
816         (JSC::MarkedSpace::primaryHeapEnd):
817         * runtime/MarkedSpace.h:
818         (JSC::CollectorHeap::CollectorHeap):
819         (JSC::MarkedSpace::highWaterMark):
820         (JSC::MarkedSpace::setHighWaterMark):
821         (JSC::MarkedSpace::contains): Same as above.
822
823 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
824
825         Reviewed by Darin Adler.
826
827         Give each MarkedBlock enough mark bits to cover the whole block
828         https://bugs.webkit.org/show_bug.cgi?id=54029
829         
830         SunSpider reports no change.
831
832         This simplifies access to mark bits, since any cell-aligned pointer
833         into a block now has a valid mark bit to test.
834         
835         * runtime/MarkedBlock.h: Changed CELLS_PER_BLOCK to account for the extra
836         mark bits. This happens not to change its actual value.
837         (JSC::MarkedBlock::cellNumber):
838         (JSC::MarkedBlock::isMarked):
839         (JSC::MarkedBlock::testAndSetMarked):
840         (JSC::MarkedBlock::setMarked): Changed const JSCell* to const void* to
841         remove a cast from our caller, and to more accurately reflect the fact
842         that MarkedBlock is agnostic about the types pointed to by the pointers
843         you pass to it.
844
845         (JSC::MarkedBlock::isPossibleCell): Removed a null check. We now consider
846         the null pointer to be a possible cell with a 0 (impossible) block. This
847         removes a null check from marking.
848
849         * runtime/MarkedSpace.cpp:
850         * runtime/MarkedSpace.h:
851         (JSC::MarkedSpace::contains): Simplified the contains check, and inlined
852         the whole thing, now that it's so simple.
853
854 2011-02-08  Daniel Bates  <dbates@rim.com>
855
856         Rubber-stamped by Martin Robinson.
857
858         Rename enum ProtectionSeting [sic] to ProtectionSetting.
859
860         * jit/ExecutableAllocator.cpp:
861         (JSC::ExecutableAllocator::reprotectRegion):
862         * jit/ExecutableAllocator.h:
863
864 2011-02-08  Balazs Kelemen  <kbalazs@webkit.org>
865
866         Reviewed by Andreas Kling.
867
868         [Qt] Should not always define USE_SYSTEM_MALLOC
869         https://bugs.webkit.org/show_bug.cgi?id=54007
870
871         * wtf/Platform.h:
872
873 2011-02-08  Dan Bernstein  <mitz@apple.com>
874
875         Reviewed by Maciej Stachowiak.
876
877         LLVM Compiler build fix.
878
879         * runtime/WriteBarrier.h:
880         (JSC::WriteBarrier::WriteBarrier):
881
882 2011-02-07  Ryosuke Niwa  <rniwa@webkit.org>
883
884         Reviewed by Darin Adler.
885
886         JSVariableObject::setRegisters should take PassOwnArrayPtr for registersArray.
887         https://bugs.webkit.org/show_bug.cgi?id=53902
888
889         * runtime/Arguments.h:
890         (JSC::JSActivation::copyRegisters): Uses OwnArrayPtr<Register> instead of Register*.
891         * runtime/JSGlobalObject.cpp:
892         (JSC::JSGlobalObject::copyGlobalsFrom): Ditto.
893         * runtime/JSGlobalObject.h:
894         (JSC::JSGlobalObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
895         for registerArray.
896         * runtime/JSVariableObject.h:
897         (JSC::JSVariableObject::copyRegisterArray): Returns PassOwnArrayPtr<Register> instead of Register*.
898         (JSC::JSVariableObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
899         for registerArray.
900
901 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
902
903         Reviewed by Sam Weinig.
904
905         Removed some dead code from Heap
906         https://bugs.webkit.org/show_bug.cgi?id=53969
907         
908         SunSpider reports no change.
909
910         * runtime/MarkedSpace.cpp:
911         (JSC::MarkedSpace::shrink):
912         (JSC::MarkedSpace::sweep):
913         * runtime/MarkedSpace.h: Removed resizeBlocks and growBlocks, and
914         renamed shrinkBlocks to shrink, making it unconditionally shrink as
915         much as possible.
916
917 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
918
919         Reviewed by Oliver Hunt.
920
921         Simplified the marked space's mark invariant
922         https://bugs.webkit.org/show_bug.cgi?id=53968
923         
924         SunSpider reports no change.
925         
926         * runtime/MarkedSpace.cpp:
927         (JSC::MarkedSpace::allocate): Mark objects when allocating them. This
928         means that, at all times other than the mark phase, an object is live
929         if and only if it is marked.
930
931         (JSC::MarkedSpace::containsSlowCase): Use the new mark invariant to
932         simplify testing whether an object is live.
933
934 2011-02-07  Beth Dakin  <bdakin@apple.com>
935
936         Reviewed by Eric Seidel.
937
938         Fix for https://bugs.webkit.org/show_bug.cgi?id=53950
939         USE_WK_SCROLLBAR_PAINTER in ScrollbarThemeMac should be in
940         Platform.h instead
941
942         * wtf/Platform.h:
943
944 2011-02-07  Darin Adler  <darin@apple.com>
945
946         Reviewed by Antti Koivisto.
947
948         Add built-in decoder for UTF-8 for improved performance
949         https://bugs.webkit.org/show_bug.cgi?id=53898
950
951         * wtf/unicode/UnicodeMacrosFromICU.h: Added U8_MAX_LENGTH and
952         U8_APPEND_UNSAFE. Also fixed header.
953
954 2011-02-07  Adam Roben  <aroben@apple.com>
955
956         Delete precompiled headers whenever any .vsprops file changes
957
958         Precompiled headers need to be rebuilt if, e.g., an ENABLE_* macro is changed in one of our
959         .vsprops files. Unfortunately, Visual Studio isn't smart enough to figure this out, so we
960         give it some assistance by deleting the precompiled headers whenever any .vsprops file
961         changes.
962
963         I also made some drive-by fixes while I was in the area.
964
965         Fixes <http://webkit.org/b/53826> react-to-vsprops-changes.py doesn't force precompiled
966         headers to be rebuilt, but should
967
968         Reviewed by David Kilzer.
969
970         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Stop ignoring the
971         return code from react-to-vsprops-changes.py so we will notice when errors are introduced.
972         But skip the script entirely in production builds, where it is both unnecessary and can't
973         function correctly (due to not having the entire source tree available to it).
974
975         * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py:
976         (main): Removed an extra '*' in the glob for finding manifest files. The extra '*' was
977         leftover from before we rearranged WebKitBuild in r75138. Moved code to delete an old file
978         to the new delete_if_older_than function. Added code to delete any precompiled headers older
979         than the newest .vsprops file.
980         (delete_if_older_than): Added. Code came from main.
981
982 2011-02-07  Antti Koivisto  <antti@apple.com>
983
984         Not reviewed.
985         
986         ASSERTS_DISABLED -> ASSERT_DISABLED
987
988         * wtf/BloomFilter.h:
989
990 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
991
992         Unreviewed; speculative Qt build fix.
993
994         * JavaScriptCore.pro:
995
996 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
997
998         Reviewed by Darin Adler.
999
1000         OwnArraryPtr.h uses deleteOwnedPtr but doesn’t include OwnPtrCommon.h
1001         https://bugs.webkit.org/show_bug.cgi?id=52867
1002
1003         Removed LOOSE_OWN_ARRAY_PTR and OwnArrayPtr<T>::set. Replaced all calls to OwnArrayPtr::set
1004         and loose instantiation of OwnArrayPtr by calls to operator= and adoptArrayPtr. Also removed
1005         OwnArrayPtrCommon.h since PassOwnArrayPtr.h needs to include OwnArrayPtr.h and there is
1006         no point in putting deleteOwnedArrayPtr into a separate header.
1007         
1008         Note: if this patch breaks build, the code is either instiantiating OwnArrayPtr
1009         without calling adoptArrayPtr or calling set on ArrayOwnPtr instead of operator=.
1010
1011         No tests are added since this is a refactoring.
1012
1013         * API/JSStringRefCF.cpp:
1014         (JSStringCreateWithCFString): Calls adoptArrayPtr.
1015         * GNUmakefile.am: Removed OwnArrayPtrCommon.h
1016         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1017         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1018         * runtime/Arguments.cpp:
1019         (JSC::Arguments::deleteProperty): Calls adoptArrayPtr.
1020         * runtime/Arguments.h:
1021         (JSC::Arguments::copyRegisters): Ditto.
1022         * runtime/JSPropertyNameIterator.cpp:
1023         (JSC::JSPropertyNameIterator::JSPropertyNameIterator): Ditto.
1024         * runtime/JSVariableObject.h:
1025         (JSC::JSVariableObject::setRegisters): Calls operator= instead of set.
1026         * runtime/StructureChain.cpp:
1027         (JSC::StructureChain::StructureChain): Ditto.
1028         * wtf/CMakeLists.txt:
1029         * wtf/DateMath.h:
1030         (JSC::GregorianDateTime::GregorianDateTime): No longer instnatiates OwnArrayPtr
1031         with a null pointer.
1032         * wtf/OwnArrayPtr.h:
1033         * wtf/OwnArrayPtrCommon.h: Removed.
1034         * wtf/PassOwnArrayPtr.h: No longer includes OwnArrayCommon.h
1035         (WTF::deleteOwnedArrayPtr): Moved from OwnArrayPtrCommon.h
1036
1037 2011-02-06  Antti Koivisto  <antti@apple.com>
1038
1039         Reviewed by Maciej Stachowiak.
1040
1041         Use bloom filter for descendant selector filtering
1042         https://bugs.webkit.org/show_bug.cgi?id=53880
1043         
1044         Implement a bloom filter with k=2 and 8 bit counting.
1045
1046         * GNUmakefile.am:
1047         * JavaScriptCore.gypi:
1048         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1049         * JavaScriptCore.xcodeproj/project.pbxproj:
1050         * wtf/BloomFilter.h: Added.
1051         (WTF::BloomFilter::maximumCount):
1052         (WTF::BloomFilter::BloomFilter):
1053         (WTF::BloomFilter::mayContain):
1054         (WTF::BloomFilter::add):
1055         (WTF::BloomFilter::remove):
1056         (WTF::BloomFilter::firstSlot):
1057         (WTF::BloomFilter::secondSlot):
1058         (WTF::::add):
1059         (WTF::::remove):
1060         (WTF::::clear):
1061         (WTF::::likelyEmpty):
1062         (WTF::::isClear):
1063
1064 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
1065
1066         Reviewed by Oliver Hunt.
1067
1068         Rolled back in r77612 with ASSERT/crash fixed.
1069         https://bugs.webkit.org/show_bug.cgi?id=53759
1070         
1071         Don't shrink the heap to 0 unconditionally. Instead, shrink to 1 if
1072         necessary. For now, the heap assumes that it always has at least one
1073         block live.
1074
1075         * runtime/Heap.cpp:
1076         (JSC::Heap::Heap):
1077         (JSC::Heap::reset):
1078         * runtime/Heap.h:
1079         * runtime/MarkedSpace.cpp:
1080         (JSC::MarkedSpace::allocate):
1081         (JSC::MarkedSpace::shrinkBlocks):
1082         (JSC::MarkedSpace::sweep):
1083         (JSC::MarkedSpace::reset):
1084         * runtime/MarkedSpace.h:
1085         (JSC::MarkedSpace::highWaterMark):
1086         (JSC::MarkedSpace::setHighWaterMark):
1087
1088 2011-02-04  David Kilzer  <ddkilzer@apple.com>
1089
1090         BUILD FIX: REALLY remove the last vestiges of JSVALUE32!
1091
1092         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
1093         <http://webkit.org/b/53779>
1094
1095         * DerivedSources.make: Removed dependency on
1096         JavaScriptCore.JSVALUE32.exp.
1097
1098 2011-02-04  David Kilzer  <ddkilzer@apple.com>
1099
1100         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
1101         <http://webkit.org/b/53779>
1102
1103         Reviewed by Darin Adler.
1104
1105         Support for JSVALUE32 was originaly removed in r70111.
1106
1107         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
1108         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
1109         JavaScriptCore.JSVALUE64.exp to match Platform.h.
1110         * DerivedSources.make: Removed rule for
1111         JavaScriptCore.JSVALUE32.exp.
1112         * JavaScriptCore.JSVALUE32only.exp: Removed.
1113         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
1114         to JavaScriptCore.JSVALUE32only.exp.
1115
1116 2011-02-04  David Kilzer  <ddkilzer@apple.com>
1117
1118         Use static_cast and other style cleanup in YarrInterpreter.cpp
1119         <http://webkit.org/b/53772>
1120
1121         Reviewed by John Sullivan.
1122
1123         * yarr/YarrInterpreter.cpp:
1124         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
1125         static_cast.
1126         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
1127         unnecessary else block.
1128         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
1129         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
1130         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
1131
1132 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
1133
1134         Unreviewed, rolling out r77625 and r77626.
1135         http://trac.webkit.org/changeset/77625
1136         http://trac.webkit.org/changeset/77626
1137         https://bugs.webkit.org/show_bug.cgi?id=53765
1138
1139         It broke Windows builds (Requested by Ossy_ on #webkit).
1140
1141         * JavaScriptCore.exp:
1142         * JavaScriptCore.gyp/JavaScriptCore.gyp:
1143         * JavaScriptCore.gypi:
1144         * JavaScriptCore.pro:
1145         * JavaScriptCore.xcodeproj/project.pbxproj:
1146         * create_regex_tables:
1147         * runtime/RegExp.cpp:
1148         * wtf/Platform.h:
1149         * yarr/Yarr.h:
1150         * yarr/YarrJIT.cpp:
1151         * yarr/YarrJIT.h:
1152         * yarr/YarrParser.h:
1153         * yarr/YarrPattern.h:
1154         * yarr/YarrSyntaxChecker.h:
1155         * yarr/yarr.pri: Removed.
1156
1157 2011-02-04  Jessie Berlin  <jberlin@apple.com>
1158
1159         Windows build fix. Unreviewed.
1160
1161         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
1162
1163 2011-02-04  Peter Varga  <pvarga@webkit.org>
1164
1165         Reviewed by Gavin Barraclough.
1166
1167         Replace PCRE with Yarr in WebCore
1168         https://bugs.webkit.org/show_bug.cgi?id=53496
1169
1170         * JavaScriptCore.exp:
1171         * JavaScriptCore.gyp/JavaScriptCore.gyp:
1172         * JavaScriptCore.gypi:
1173         * JavaScriptCore.pro:
1174         * JavaScriptCore.xcodeproj/project.pbxproj:
1175         * create_regex_tables:
1176         * runtime/RegExp.cpp:
1177         * wtf/Platform.h:
1178         * yarr/Yarr.h:
1179         * yarr/YarrJIT.cpp:
1180         * yarr/YarrJIT.h:
1181         * yarr/YarrParser.h:
1182         * yarr/YarrPattern.h:
1183         * yarr/YarrSyntaxChecker.h:
1184         * yarr/yarr.pri: Added.
1185
1186 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
1187
1188         Unreviewed rollout two patches r77614 and r77612.
1189
1190         REGRESSION: Snow Leopard Intel Release anumber of failing tests.
1191
1192         * runtime/Heap.cpp:
1193         (JSC::Heap::Heap):
1194         (JSC::Heap::reset):
1195         * runtime/Heap.h:
1196         * runtime/MarkedSpace.cpp:
1197         (JSC::MarkedSpace::allocate):
1198         (JSC::MarkedSpace::sweep):
1199         (JSC::MarkedSpace::reset):
1200         * runtime/MarkedSpace.h:
1201
1202 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
1203
1204         Try to fix 32bit build.
1205
1206         * runtime/Heap.cpp:
1207         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
1208         since 1.5 is double (64bit), and the result is size_t (32bit).
1209
1210 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1211
1212         Reviewed by Cameron Zwarich.
1213
1214         Changed MarkedSpace to delegate grow/shrink decisions to Heap
1215         https://bugs.webkit.org/show_bug.cgi?id=53759
1216         
1217         SunSpider reports no change.
1218         
1219         * runtime/Heap.cpp:
1220         (JSC::Heap::Heap):
1221         (JSC::Heap::reset):
1222         * runtime/Heap.h: Reorganized a few data members for better cache locality.
1223         Added a grow policy.
1224         
1225         * runtime/MarkedSpace.cpp:
1226         (JSC::MarkedSpace::allocate):
1227         (JSC::MarkedSpace::sweep):
1228         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
1229         the heap to make an explicit sweep call.
1230
1231         * runtime/MarkedSpace.h:
1232         (JSC::MarkedSpace::highWaterMark):
1233         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
1234         many bytes to allocate before failing and giving the heap an opportunity
1235         to collect garbage. This also means that we allocate blocks on demand,
1236         instead of ahead of time.
1237
1238 2011-02-03  James Kozianski  <koz@chromium.org>
1239
1240         Reviewed by Dimitri Glazkov.
1241
1242         Add navigator.registerProtocolHandler behind a flag.
1243         https://bugs.webkit.org/show_bug.cgi?id=52609
1244
1245         * Configurations/FeatureDefines.xcconfig:
1246
1247 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1248
1249         Reviewed by Oliver Hunt.
1250
1251         Not all blocks are freed when the heap is freed (counting is hard!)
1252         https://bugs.webkit.org/show_bug.cgi?id=53732
1253
1254         * runtime/MarkedSpace.cpp:
1255         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
1256         keep freeing block 0 until there are no blocks left.
1257
1258 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1259
1260         Try to fix the Mac build.
1261
1262         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
1263         needs to be private, not project, so other projects can include headers
1264         that depend on it.
1265
1266 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
1267
1268         Reviewed by Sam Weinig.
1269
1270         Start using MarkedBlock instead of CollectorBlock
1271         https://bugs.webkit.org/show_bug.cgi?id=53693
1272         
1273         SunSpider reports no change.
1274         
1275         * runtime/MarkedBlock.h:
1276         (JSC::MarkedBlock::blockFor):
1277         (JSC::MarkedBlock::setMarked):
1278         (JSC::MarkedBlock::isCellAligned):
1279         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
1280
1281         * runtime/MarkedSpace.cpp:
1282         (JSC::MarkedSpace::allocateBlock):
1283         (JSC::MarkedSpace::containsSlowCase):
1284         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
1285
1286         * runtime/MarkedSpace.h:
1287         (JSC::CollectorHeap::collectorBlock):
1288         (JSC::MarkedSpace::heap):
1289         (JSC::MarkedSpace::isMarked):
1290         (JSC::MarkedSpace::testAndSetMarked):
1291         (JSC::MarkedSpace::setMarked):
1292         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
1293         and deleted dead CollectorBlock-related code.
1294
1295 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
1296
1297         Reviewed by Darin Adler.
1298
1299         Avoid strlen() in AtomicString::fromUTF8
1300         https://bugs.webkit.org/show_bug.cgi?id=50516
1301
1302         Add an overload to calculateStringHashFromUTF8 to get
1303         strlen() of the input data with only one call.
1304
1305         This change shows about 3% performance win on the xml-parser benchmark.
1306
1307         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1308         * wtf/text/AtomicString.cpp:
1309         (WTF::AtomicString::fromUTF8):
1310         * wtf/unicode/UTF8.cpp:
1311         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
1312         (WTF::Unicode::calculateStringHashFromUTF8):
1313         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
1314         * wtf/unicode/UTF8.h:
1315
1316 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
1317
1318         Windows build fix.
1319
1320         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1321
1322 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
1323
1324         oops, build fix!
1325
1326         * wtf/Assertions.cpp:
1327
1328 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
1329
1330         Reviewed by Sam Weinig.
1331
1332         Bug 53650 - Add a BACKTRACE macro to Assertions.h
1333
1334         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
1335         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
1336
1337         * JavaScriptCore.exp:
1338         * wtf/Assertions.cpp:
1339         * wtf/Assertions.h:
1340
1341 2011-02-02  Michael Saboff  <msaboff@apple.com>
1342
1343         Reviewed by Gavin Barraclough.
1344
1345         Improper backtrack of nested non-capturing greedy paren to prior paren
1346         https://bugs.webkit.org/show_bug.cgi?id=53261
1347
1348         A paren that follows a non-capturing greedy paren nested within a 
1349         non-capturing fixed paren was back tracking to the last paren 
1350         processed instead of the immediately prior paren.
1351         Refactored default backtracking of parens to prior paren to work for
1352         both nested (within) and immediately prior (after) parens.
1353
1354         * yarr/YarrJIT.cpp:
1355         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
1356         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
1357         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
1358         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
1359         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
1360         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
1361         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
1362         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
1363         (JSC::Yarr::YarrGenerator::generateDisjunction):
1364
1365 2011-02-02  Jeff Miller  <jeffm@apple.com>
1366
1367         Reviewed by Darin Adler and Steve Falkenburg.
1368
1369         Add DerivedSources.make to some Visual Studio projects
1370         https://bugs.webkit.org/show_bug.cgi?id=53607
1371
1372         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
1373
1374 2011-02-02  Steve Lacey  <sjl@chromium.org>
1375
1376         Reviewed by Eric Carlson.
1377
1378         Implement basic media statistics on media elements.
1379         https://bugs.webkit.org/show_bug.cgi?id=53322
1380
1381         * Configurations/FeatureDefines.xcconfig:
1382
1383 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
1384
1385         [wx] Build fixes for wxWebKit.
1386
1387         * wtf/wx/StringWx.cpp:
1388         (WTF::String::String):
1389
1390 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1391
1392         Reviewed by Sam Weinig.
1393
1394         A little more Heap refactoring
1395         https://bugs.webkit.org/show_bug.cgi?id=53577
1396         
1397         SunSpider reports no change.
1398         
1399         Split out MarkedBlock into its own file / class.
1400         
1401         Did the following renames:
1402             isCellMarked => isMarked
1403             checkMarkCell => testAndSetMarked
1404             markCell => setMarked
1405             cellOffset => cellNumber
1406             collectorBlock => blockFor
1407
1408         * Android.mk:
1409         * CMakeLists.txt:
1410         * GNUmakefile.am:
1411         * JavaScriptCore.gypi:
1412         * JavaScriptCore.pro:
1413         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1414         * JavaScriptCore.xcodeproj/project.pbxproj:
1415         * runtime/Heap.cpp:
1416         (JSC::WeakGCHandlePool::update):
1417         * runtime/Heap.h:
1418         (JSC::Heap::isMarked):
1419         (JSC::Heap::testAndSetMarked):
1420         (JSC::Heap::setMarked):
1421         * runtime/JSArray.h:
1422         (JSC::MarkStack::markChildren):
1423         (JSC::MarkStack::drain):
1424         * runtime/JSCell.h:
1425         (JSC::JSCell::MarkStack::internalAppend):
1426         * runtime/MarkedBlock.cpp: Added.
1427         * runtime/MarkedBlock.h: Added.
1428         (JSC::MarkedBlock::blockFor):
1429         (JSC::MarkedBlock::cellNumber):
1430         (JSC::MarkedBlock::isMarked):
1431         (JSC::MarkedBlock::testAndSetMarked):
1432         (JSC::MarkedBlock::setMarked):
1433         (JSC::MarkedBlock::isCellAligned):
1434         (JSC::MarkedBlock::isPossibleCell):
1435         * runtime/MarkedSpace.h:
1436         (JSC::MarkedSpace::isMarked):
1437         (JSC::MarkedSpace::testAndSetMarked):
1438         (JSC::MarkedSpace::setMarked):
1439         * runtime/SmallStrings.cpp:
1440         (JSC::isMarked):
1441         * runtime/WeakGCMap.h:
1442         (JSC::WeakGCMap::isValid):
1443         (JSC::::get):
1444         (JSC::::take):
1445         (JSC::::set):
1446
1447 2011-02-02  Sam Weinig  <sam@webkit.org>
1448
1449         Fix windows clean build.
1450
1451         * DerivedSources.make:
1452
1453 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
1454
1455         Reviewed by Martin Robinson.
1456
1457         [GTK] Fix dist compilation
1458         https://bugs.webkit.org/show_bug.cgi?id=53579
1459
1460         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
1461         added in r77151
1462
1463 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
1464
1465         Unreviewed, rolling out r77297.
1466         http://trac.webkit.org/changeset/77297
1467         https://bugs.webkit.org/show_bug.cgi?id=53538
1468
1469         caused leopard crashes (Requested by paroga on #webkit).
1470
1471         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1472         * wtf/text/AtomicString.cpp:
1473         (WTF::AtomicString::fromUTF8):
1474         * wtf/unicode/UTF8.cpp:
1475         (WTF::Unicode::calculateStringHashFromUTF8):
1476         * wtf/unicode/UTF8.h:
1477
1478 2011-02-01  Sam Weinig  <sam@webkit.org>
1479
1480         Fix Mac production builds.
1481
1482         * JavaScriptCore.xcodeproj/project.pbxproj:
1483
1484 2011-02-01  Sam Weinig  <sam@webkit.org>
1485
1486         Try to fix the windows build.
1487
1488         * DerivedSources.make:
1489
1490 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
1491
1492         Reviewed by Darin Adler.
1493
1494         Avoid strlen() in AtomicString::fromUTF8
1495         https://bugs.webkit.org/show_bug.cgi?id=50516
1496
1497         Add an overload to calculateStringHashFromUTF8 to get
1498         strlen() of the input data with only one call.
1499
1500         This change shows about 3% performance win on the xml-parser benchmark.
1501
1502         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1503         * wtf/text/AtomicString.cpp:
1504         (WTF::AtomicString::fromUTF8):
1505         * wtf/unicode/UTF8.cpp:
1506         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
1507         (WTF::Unicode::calculateStringHashFromUTF8):
1508         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
1509         * wtf/unicode/UTF8.h:
1510
1511 2011-02-01  Sam Weinig  <sam@webkit.org>
1512
1513         Reviewed by Beth Dakin.
1514
1515         Part 2 for <rdar://problem/8492788>
1516         Adopt WKScrollbarPainterController
1517
1518         Use header detection to define scrollbar painting controller #define.
1519
1520         * DerivedSources.make:
1521         * JavaScriptCore.xcodeproj/project.pbxproj:
1522
1523 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1524
1525         Reviewed by Oliver Hunt.
1526
1527         Refactor JSGlobalObject-related tear-down
1528         https://bugs.webkit.org/show_bug.cgi?id=53478
1529         
1530         While investigating crashes caused by r77082, I noticed some strange
1531         destructor-time behaviors. This patch makes them less strange.
1532
1533         * bytecode/CodeBlock.cpp:
1534         (JSC::CodeBlock::CodeBlock):
1535         (JSC::CodeBlock::markAggregate):
1536         * bytecode/CodeBlock.h:
1537         (JSC::CodeBlock::globalObject):
1538         (JSC::GlobalCodeBlock::GlobalCodeBlock):
1539         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
1540         blocks on the Heap, instead of on independent global objects. The heap
1541         is guaranteed to outlast any GC-owned data structure. The heap is also
1542         a natural place to store objects that needs out-of-band marking, since
1543         the heap is responsible for marking all roots.
1544
1545         * runtime/Heap.cpp:
1546         (JSC::Heap::markRoots):
1547         (JSC::Heap::globalObjectCount):
1548         (JSC::Heap::protectedGlobalObjectCount):
1549         * runtime/Heap.h:
1550         (JSC::Heap::codeBlocks):
1551         * runtime/JSGlobalData.cpp:
1552         (JSC::JSGlobalData::JSGlobalData):
1553         * runtime/JSGlobalData.h:
1554         * runtime/JSGlobalObject.cpp:
1555         (JSC::JSGlobalObject::~JSGlobalObject):
1556         (JSC::JSGlobalObject::init):
1557         (JSC::JSGlobalObject::markChildren):
1558         * runtime/JSGlobalObject.h:
1559         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
1560         owned by JSGlobalData, instead of an instrusive circular linked list.
1561         This is simpler, and it avoids destructor-time access between garbage
1562         collected objects, which is hard to get right.
1563
1564         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
1565         everything down. Otherwise, weak data structures will incorrectly report
1566         that objects pending destruction are still alive.
1567
1568 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1569
1570         Reviewed by Oliver Hunt.
1571
1572         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
1573         bot; loading trac pages; typing in search field
1574         https://bugs.webkit.org/show_bug.cgi?id=53519
1575         
1576         The crashes were all caused by failure to run an object's destructor.
1577
1578         * runtime/CollectorHeapIterator.h:
1579         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
1580         construction. The iterator class used to do that when it was designed
1581         for prior-to-beginning initialization. I forgot to remove this line
1582         of code when I changed the iterator to normal initialization.
1583         
1584         Skipping forward upon construction was causing the heap to skip running
1585         the destructor for the very first object in a block when destroying the
1586         block. This usually did not crash, since block destruction is rare and
1587         most objects have pretty trivial destructors. However, in the rare case
1588         when the heap would destroy a block whose first object was a global
1589         object or a DOM node, BOOM.
1590
1591 2011-01-31  Oliver Hunt  <oliver@apple.com>
1592
1593         Reviewed by Geoffrey Garen.
1594
1595         Update JSObject storage for new marking API
1596         https://bugs.webkit.org/show_bug.cgi?id=53467
1597
1598         JSObject no longer uses EncodedJSValue for its property storage.
1599         This produces a stream of mechanical changes to PropertySlot and
1600         anonymous storage APIs.
1601
1602         * JavaScriptCore.exp:
1603         * runtime/ArrayPrototype.cpp:
1604         (JSC::ArrayPrototype::ArrayPrototype):
1605         * runtime/BooleanConstructor.cpp:
1606         (JSC::constructBoolean):
1607         (JSC::constructBooleanFromImmediateBoolean):
1608         * runtime/BooleanObject.cpp:
1609         (JSC::BooleanObject::BooleanObject):
1610         * runtime/BooleanObject.h:
1611         * runtime/BooleanPrototype.cpp:
1612         (JSC::BooleanPrototype::BooleanPrototype):
1613         * runtime/DateInstance.cpp:
1614         (JSC::DateInstance::DateInstance):
1615         * runtime/DatePrototype.cpp:
1616         (JSC::DatePrototype::DatePrototype):
1617         * runtime/JSActivation.cpp:
1618         (JSC::JSActivation::getOwnPropertySlot):
1619         * runtime/JSArray.cpp:
1620         (JSC::JSArray::getOwnPropertySlot):
1621         * runtime/JSFunction.cpp:
1622         (JSC::JSFunction::getOwnPropertySlot):
1623         * runtime/JSGlobalObject.h:
1624         (JSC::JSGlobalObject::JSGlobalObject):
1625         * runtime/JSObject.cpp:
1626         (JSC::JSObject::fillGetterPropertySlot):
1627         * runtime/JSObject.h:
1628         (JSC::JSObject::getDirectLocation):
1629         (JSC::JSObject::offsetForLocation):
1630         (JSC::JSObject::putAnonymousValue):
1631         (JSC::JSObject::clearAnonymousValue):
1632         (JSC::JSObject::getAnonymousValue):
1633         (JSC::JSObject::putThisToAnonymousValue):
1634         (JSC::JSObject::locationForOffset):
1635         (JSC::JSObject::inlineGetOwnPropertySlot):
1636         * runtime/JSObjectWithGlobalObject.cpp:
1637         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
1638         * runtime/JSWrapperObject.h:
1639         (JSC::JSWrapperObject::JSWrapperObject):
1640         (JSC::JSWrapperObject::setInternalValue):
1641         * runtime/Lookup.cpp:
1642         (JSC::setUpStaticFunctionSlot):
1643         * runtime/NumberConstructor.cpp:
1644         (JSC::constructWithNumberConstructor):
1645         * runtime/NumberObject.cpp:
1646         (JSC::NumberObject::NumberObject):
1647         (JSC::constructNumber):
1648         * runtime/NumberObject.h:
1649         * runtime/NumberPrototype.cpp:
1650         (JSC::NumberPrototype::NumberPrototype):
1651         * runtime/PropertySlot.h:
1652         (JSC::PropertySlot::getValue):
1653         (JSC::PropertySlot::setValue):
1654         (JSC::PropertySlot::setRegisterSlot):
1655         * runtime/StringObject.cpp:
1656         (JSC::StringObject::StringObject):
1657         * runtime/StringPrototype.cpp:
1658         (JSC::StringPrototype::StringPrototype):
1659         * runtime/WriteBarrier.h:
1660         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
1661
1662 2011-02-01  Daniel Bates  <dbates@rim.com>
1663
1664         Reviewed by Antonio Gomes.
1665
1666         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
1667         https://bugs.webkit.org/show_bug.cgi?id=53506
1668
1669         Currently, use of the Mersenne Twister pseudorandom number generator
1670         is hardcoded to the Windows CE port. With the passing of bug #53253,
1671         we can generalize support for this PRNG to all ports that use srand(3)
1672         and rand(3), including Windows CE.
1673
1674         * wtf/RandomNumberSeed.h:
1675         (WTF::initializeRandomNumberGenerator):
1676
1677 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
1678
1679         Reviewed by Gavin Barraclough.
1680
1681         MacroAssemblerARM would generate code that did 32bit loads
1682         on addresses that were not aligned. More specifically it would
1683         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
1684         The intended instruction really is ldrb r8,[r1, #7]; ensure we
1685         call load8 instead of load32.
1686
1687         https://bugs.webkit.org/show_bug.cgi?id=46095
1688
1689         * assembler/MacroAssemblerARM.h:
1690         (JSC::MacroAssemblerARM::set32Test32):
1691         (JSC::MacroAssemblerARM::set32Test8):
1692
1693 2011-02-01  Darin Fisher  <darin@chromium.org>
1694
1695         Reviewed by Eric Seidel.
1696
1697         Fix some Visual Studio compiler warnings.
1698         https://bugs.webkit.org/show_bug.cgi?id=53476
1699
1700         * wtf/MathExtras.h:
1701         (clampToInteger):
1702         (clampToPositiveInteger):
1703         * wtf/ThreadingWin.cpp:
1704         (WTF::absoluteTimeToWaitTimeoutInterval):
1705
1706 2011-01-31  Oliver Hunt  <oliver@apple.com>
1707
1708         Reviewed by Sam Weinig.
1709
1710         Bogus callframe during stack unwinding
1711         https://bugs.webkit.org/show_bug.cgi?id=53454
1712
1713         Trying to access a callframe's globalData after destroying its
1714         ScopeChain is not a good thing.  While we could access the
1715         globalData directly through the (known valid) scopechain we're
1716         holding on to, it feels fragile.  Instead we push the valid
1717         ScopeChain onto the callframe again to ensure that the callframe
1718         itself remains valid.
1719
1720         * interpreter/Interpreter.cpp:
1721         (JSC::Interpreter::unwindCallFrame):
1722
1723 2011-01-31  Michael Saboff  <msaboff@apple.com>
1724
1725         Reviewed by Geoffrey Garen.
1726
1727         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1728         https://bugs.webkit.org/show_bug.cgi?id=53271
1729
1730         Reapplying this change again.
1731         Changed isValid() to use .get() as a result of change r77151.
1732
1733         Added new isValid() methods to check if a contained object in
1734         a WeakGCMap is valid when using an unchecked iterator.
1735
1736         * runtime/WeakGCMap.h:
1737         (JSC::WeakGCMap::isValid):
1738
1739 2011-01-31  Oliver Hunt  <oliver@apple.com>
1740
1741         Convert markstack to a slot visitor API
1742         https://bugs.webkit.org/show_bug.cgi?id=53219
1743
1744         rolling r77098, r77099, r77100, r77109, and
1745         r77111 back in, along with a few more Qt fix attempts.
1746
1747         * API/JSCallbackObject.h:
1748         (JSC::JSCallbackObjectData::setPrivateProperty):
1749         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1750         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1751         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1752         (JSC::JSCallbackObject::setPrivateProperty):
1753         * API/JSCallbackObjectFunctions.h:
1754         (JSC::::put):
1755         (JSC::::staticFunctionGetter):
1756         * API/JSObjectRef.cpp:
1757         (JSObjectMakeConstructor):
1758         (JSObjectSetPrivateProperty):
1759         * API/JSWeakObjectMapRefInternal.h:
1760         * JavaScriptCore.exp:
1761         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1762         * JavaScriptCore.xcodeproj/project.pbxproj:
1763         * bytecode/CodeBlock.cpp:
1764         (JSC::CodeBlock::markAggregate):
1765         * bytecode/CodeBlock.h:
1766         (JSC::CodeBlock::globalObject):
1767         * bytecompiler/BytecodeGenerator.cpp:
1768         (JSC::BytecodeGenerator::BytecodeGenerator):
1769         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1770         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1771         (JSC::BytecodeGenerator::findScopedProperty):
1772         * debugger/Debugger.cpp:
1773         (JSC::evaluateInGlobalCallFrame):
1774         * debugger/DebuggerActivation.cpp:
1775         (JSC::DebuggerActivation::DebuggerActivation):
1776         (JSC::DebuggerActivation::markChildren):
1777         * debugger/DebuggerActivation.h:
1778         * debugger/DebuggerCallFrame.cpp:
1779         (JSC::DebuggerCallFrame::evaluate):
1780         * interpreter/CallFrame.h:
1781         (JSC::ExecState::exception):
1782         * interpreter/Interpreter.cpp:
1783         (JSC::Interpreter::resolve):
1784         (JSC::Interpreter::resolveSkip):
1785         (JSC::Interpreter::resolveGlobal):
1786         (JSC::Interpreter::resolveGlobalDynamic):
1787         (JSC::Interpreter::resolveBaseAndProperty):
1788         (JSC::Interpreter::unwindCallFrame):
1789         (JSC::appendSourceToError):
1790         (JSC::Interpreter::execute):
1791         (JSC::Interpreter::tryCacheGetByID):
1792         (JSC::Interpreter::privateExecute):
1793         * jit/JITStubs.cpp:
1794         (JSC::JITThunks::tryCacheGetByID):
1795         (JSC::DEFINE_STUB_FUNCTION):
1796         * jsc.cpp:
1797         (GlobalObject::GlobalObject):
1798         * runtime/ArgList.cpp:
1799         (JSC::MarkedArgumentBuffer::markLists):
1800         * runtime/Arguments.cpp:
1801         (JSC::Arguments::markChildren):
1802         (JSC::Arguments::getOwnPropertySlot):
1803         (JSC::Arguments::getOwnPropertyDescriptor):
1804         (JSC::Arguments::put):
1805         * runtime/Arguments.h:
1806         (JSC::Arguments::setActivation):
1807         (JSC::Arguments::Arguments):
1808         * runtime/ArrayConstructor.cpp:
1809         (JSC::ArrayConstructor::ArrayConstructor):
1810         (JSC::constructArrayWithSizeQuirk):
1811         * runtime/ArrayPrototype.cpp:
1812         (JSC::arrayProtoFuncSplice):
1813         * runtime/BatchedTransitionOptimizer.h:
1814         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1815         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1816         * runtime/BooleanConstructor.cpp:
1817         (JSC::BooleanConstructor::BooleanConstructor):
1818         (JSC::constructBoolean):
1819         (JSC::constructBooleanFromImmediateBoolean):
1820         * runtime/BooleanPrototype.cpp:
1821         (JSC::BooleanPrototype::BooleanPrototype):
1822         * runtime/ConservativeSet.cpp:
1823         (JSC::ConservativeSet::grow):
1824         * runtime/ConservativeSet.h:
1825         (JSC::ConservativeSet::~ConservativeSet):
1826         (JSC::ConservativeSet::mark):
1827         * runtime/DateConstructor.cpp:
1828         (JSC::DateConstructor::DateConstructor):
1829         * runtime/DateInstance.cpp:
1830         (JSC::DateInstance::DateInstance):
1831         * runtime/DatePrototype.cpp:
1832         (JSC::dateProtoFuncSetTime):
1833         (JSC::setNewValueFromTimeArgs):
1834         (JSC::setNewValueFromDateArgs):
1835         (JSC::dateProtoFuncSetYear):
1836         * runtime/ErrorConstructor.cpp:
1837         (JSC::ErrorConstructor::ErrorConstructor):
1838         * runtime/ErrorInstance.cpp:
1839         (JSC::ErrorInstance::ErrorInstance):
1840         * runtime/ErrorPrototype.cpp:
1841         (JSC::ErrorPrototype::ErrorPrototype):
1842         * runtime/FunctionConstructor.cpp:
1843         (JSC::FunctionConstructor::FunctionConstructor):
1844         * runtime/FunctionPrototype.cpp:
1845         (JSC::FunctionPrototype::FunctionPrototype):
1846         * runtime/GetterSetter.cpp:
1847         (JSC::GetterSetter::markChildren):
1848         * runtime/GetterSetter.h:
1849         (JSC::GetterSetter::GetterSetter):
1850         (JSC::GetterSetter::getter):
1851         (JSC::GetterSetter::setGetter):
1852         (JSC::GetterSetter::setter):
1853         (JSC::GetterSetter::setSetter):
1854         * runtime/GlobalEvalFunction.cpp:
1855         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1856         (JSC::GlobalEvalFunction::markChildren):
1857         * runtime/GlobalEvalFunction.h:
1858         (JSC::GlobalEvalFunction::cachedGlobalObject):
1859         * runtime/Heap.cpp:
1860         (JSC::Heap::markProtectedObjects):
1861         (JSC::Heap::markTempSortVectors):
1862         (JSC::Heap::markRoots):
1863         * runtime/InternalFunction.cpp:
1864         (JSC::InternalFunction::InternalFunction):
1865         * runtime/JSAPIValueWrapper.h:
1866         (JSC::JSAPIValueWrapper::value):
1867         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1868         * runtime/JSActivation.cpp:
1869         (JSC::JSActivation::markChildren):
1870         (JSC::JSActivation::put):
1871         * runtime/JSArray.cpp:
1872         (JSC::JSArray::JSArray):
1873         (JSC::JSArray::getOwnPropertySlot):
1874         (JSC::JSArray::getOwnPropertyDescriptor):
1875         (JSC::JSArray::put):
1876         (JSC::JSArray::putSlowCase):
1877         (JSC::JSArray::deleteProperty):
1878         (JSC::JSArray::increaseVectorLength):
1879         (JSC::JSArray::setLength):
1880         (JSC::JSArray::pop):
1881         (JSC::JSArray::push):
1882         (JSC::JSArray::unshiftCount):
1883         (JSC::JSArray::sort):
1884         (JSC::JSArray::fillArgList):
1885         (JSC::JSArray::copyToRegisters):
1886         (JSC::JSArray::compactForSorting):
1887         * runtime/JSArray.h:
1888         (JSC::JSArray::getIndex):
1889         (JSC::JSArray::setIndex):
1890         (JSC::JSArray::uncheckedSetIndex):
1891         (JSC::JSArray::markChildrenDirect):
1892         * runtime/JSByteArray.cpp:
1893         (JSC::JSByteArray::JSByteArray):
1894         * runtime/JSCell.h:
1895         (JSC::JSCell::MarkStack::append):
1896         (JSC::JSCell::MarkStack::internalAppend):
1897         (JSC::JSCell::MarkStack::deprecatedAppend):
1898         * runtime/JSFunction.cpp:
1899         (JSC::JSFunction::JSFunction):
1900         (JSC::JSFunction::getOwnPropertySlot):
1901         * runtime/JSGlobalData.h:
1902         * runtime/JSGlobalObject.cpp:
1903         (JSC::markIfNeeded):
1904         (JSC::JSGlobalObject::reset):
1905         (JSC::JSGlobalObject::resetPrototype):
1906         (JSC::JSGlobalObject::markChildren):
1907         * runtime/JSGlobalObject.h:
1908         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1909         (JSC::JSGlobalObject::regExpConstructor):
1910         (JSC::JSGlobalObject::errorConstructor):
1911         (JSC::JSGlobalObject::evalErrorConstructor):
1912         (JSC::JSGlobalObject::rangeErrorConstructor):
1913         (JSC::JSGlobalObject::referenceErrorConstructor):
1914         (JSC::JSGlobalObject::syntaxErrorConstructor):
1915         (JSC::JSGlobalObject::typeErrorConstructor):
1916         (JSC::JSGlobalObject::URIErrorConstructor):
1917         (JSC::JSGlobalObject::evalFunction):
1918         (JSC::JSGlobalObject::objectPrototype):
1919         (JSC::JSGlobalObject::functionPrototype):
1920         (JSC::JSGlobalObject::arrayPrototype):
1921         (JSC::JSGlobalObject::booleanPrototype):
1922         (JSC::JSGlobalObject::stringPrototype):
1923         (JSC::JSGlobalObject::numberPrototype):
1924         (JSC::JSGlobalObject::datePrototype):
1925         (JSC::JSGlobalObject::regExpPrototype):
1926         (JSC::JSGlobalObject::methodCallDummy):
1927         (JSC::Structure::prototypeForLookup):
1928         (JSC::constructArray):
1929         * runtime/JSONObject.cpp:
1930         (JSC::Stringifier::Holder::object):
1931         (JSC::Stringifier::Holder::objectSlot):
1932         (JSC::Stringifier::markAggregate):
1933         (JSC::Stringifier::stringify):
1934         (JSC::Stringifier::Holder::appendNextProperty):
1935         (JSC::Walker::callReviver):
1936         (JSC::Walker::walk):
1937         * runtime/JSObject.cpp:
1938         (JSC::JSObject::defineGetter):
1939         (JSC::JSObject::defineSetter):
1940         (JSC::JSObject::removeDirect):
1941         (JSC::JSObject::putDirectFunction):
1942         (JSC::JSObject::putDirectFunctionWithoutTransition):
1943         (JSC::putDescriptor):
1944         (JSC::JSObject::defineOwnProperty):
1945         * runtime/JSObject.h:
1946         (JSC::JSObject::getDirectOffset):
1947         (JSC::JSObject::putDirectOffset):
1948         (JSC::JSObject::putUndefinedAtDirectOffset):
1949         (JSC::JSObject::flattenDictionaryObject):
1950         (JSC::JSObject::putDirectInternal):
1951         (JSC::JSObject::putDirect):
1952         (JSC::JSObject::putDirectFunction):
1953         (JSC::JSObject::putDirectWithoutTransition):
1954         (JSC::JSObject::putDirectFunctionWithoutTransition):
1955         (JSC::JSValue::putDirect):
1956         (JSC::JSObject::allocatePropertyStorageInline):
1957         (JSC::JSObject::markChildrenDirect):
1958         * runtime/JSPropertyNameIterator.cpp:
1959         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1960         (JSC::JSPropertyNameIterator::get):
1961         * runtime/JSPropertyNameIterator.h:
1962         * runtime/JSStaticScopeObject.cpp:
1963         (JSC::JSStaticScopeObject::markChildren):
1964         * runtime/JSString.cpp:
1965         (JSC::StringObject::create):
1966         * runtime/JSValue.h:
1967         * runtime/JSWrapperObject.cpp:
1968         (JSC::JSWrapperObject::markChildren):
1969         * runtime/JSWrapperObject.h:
1970         (JSC::JSWrapperObject::internalValue):
1971         (JSC::JSWrapperObject::setInternalValue):
1972         * runtime/LiteralParser.cpp:
1973         (JSC::LiteralParser::parse):
1974         * runtime/Lookup.cpp:
1975         (JSC::setUpStaticFunctionSlot):
1976         * runtime/Lookup.h:
1977         (JSC::lookupPut):
1978         * runtime/MarkStack.h:
1979         (JSC::MarkStack::MarkStack):
1980         (JSC::MarkStack::deprecatedAppendValues):
1981         (JSC::MarkStack::appendValues):
1982         * runtime/MathObject.cpp:
1983         (JSC::MathObject::MathObject):
1984         * runtime/NativeErrorConstructor.cpp:
1985         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1986         * runtime/NativeErrorPrototype.cpp:
1987         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1988         * runtime/NumberConstructor.cpp:
1989         (JSC::NumberConstructor::NumberConstructor):
1990         (JSC::constructWithNumberConstructor):
1991         * runtime/NumberObject.cpp:
1992         (JSC::constructNumber):
1993         * runtime/NumberPrototype.cpp:
1994         (JSC::NumberPrototype::NumberPrototype):
1995         * runtime/ObjectConstructor.cpp:
1996         (JSC::ObjectConstructor::ObjectConstructor):
1997         (JSC::objectConstructorGetOwnPropertyDescriptor):
1998         * runtime/Operations.h:
1999         (JSC::normalizePrototypeChain):
2000         (JSC::resolveBase):
2001         * runtime/PrototypeFunction.cpp:
2002         (JSC::PrototypeFunction::PrototypeFunction):
2003         * runtime/PutPropertySlot.h:
2004         (JSC::PutPropertySlot::setExistingProperty):
2005         (JSC::PutPropertySlot::setNewProperty):
2006         (JSC::PutPropertySlot::base):
2007         * runtime/RegExpConstructor.cpp:
2008         (JSC::RegExpConstructor::RegExpConstructor):
2009         * runtime/ScopeChain.cpp:
2010         (JSC::ScopeChainNode::print):
2011         * runtime/ScopeChain.h:
2012         (JSC::ScopeChainNode::~ScopeChainNode):
2013         (JSC::ScopeChainIterator::operator*):
2014         (JSC::ScopeChainIterator::operator->):
2015         (JSC::ScopeChain::top):
2016         * runtime/ScopeChainMark.h:
2017         (JSC::ScopeChain::markAggregate):
2018         * runtime/SmallStrings.cpp:
2019         (JSC::isMarked):
2020         (JSC::SmallStrings::markChildren):
2021         * runtime/SmallStrings.h:
2022         (JSC::SmallStrings::emptyString):
2023         (JSC::SmallStrings::singleCharacterString):
2024         (JSC::SmallStrings::singleCharacterStrings):
2025         * runtime/StringConstructor.cpp:
2026         (JSC::StringConstructor::StringConstructor):
2027         * runtime/StringObject.cpp:
2028         (JSC::StringObject::StringObject):
2029         * runtime/StringObject.h:
2030         * runtime/StringPrototype.cpp:
2031         (JSC::StringPrototype::StringPrototype):
2032         * runtime/Structure.cpp:
2033         (JSC::Structure::Structure):
2034         (JSC::Structure::addPropertyTransition):
2035         (JSC::Structure::toDictionaryTransition):
2036         (JSC::Structure::flattenDictionaryStructure):
2037         * runtime/Structure.h:
2038         (JSC::Structure::storedPrototype):
2039         (JSC::Structure::storedPrototypeSlot):
2040         * runtime/WeakGCMap.h:
2041         (JSC::WeakGCMap::uncheckedGet):
2042         (JSC::WeakGCMap::uncheckedGetSlot):
2043         (JSC::::get):
2044         (JSC::::take):
2045         (JSC::::set):
2046         (JSC::::uncheckedRemove):
2047         * runtime/WriteBarrier.h: Added.
2048         (JSC::DeprecatedPtr::DeprecatedPtr):
2049         (JSC::DeprecatedPtr::get):
2050         (JSC::DeprecatedPtr::operator*):
2051         (JSC::DeprecatedPtr::operator->):
2052         (JSC::DeprecatedPtr::slot):
2053         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2054         (JSC::DeprecatedPtr::operator!):
2055         (JSC::WriteBarrierBase::set):
2056         (JSC::WriteBarrierBase::get):
2057         (JSC::WriteBarrierBase::operator*):
2058         (JSC::WriteBarrierBase::operator->):
2059         (JSC::WriteBarrierBase::clear):
2060         (JSC::WriteBarrierBase::slot):
2061         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2062         (JSC::WriteBarrierBase::operator!):
2063         (JSC::WriteBarrier::WriteBarrier):
2064         (JSC::operator==):
2065
2066 2011-01-31  Dan Winship  <danw@gnome.org>
2067
2068         Reviewed by Gustavo Noronha Silva.
2069
2070         wss (websockets ssl) support for gtk via new gio TLS support
2071         https://bugs.webkit.org/show_bug.cgi?id=50344
2072
2073         Add a GPollableOutputStream typedef for TLS WebSockets support
2074
2075         * wtf/gobject/GTypedefs.h:
2076
2077 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
2078
2079         Reviewed by Geoff Garen.
2080
2081         https://bugs.webkit.org/show_bug.cgi?id=53352
2082         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2083
2084         The FixedVMPoolAllocator currently uses a best fix policy -
2085         switch to first fit, this is less prone to external fragmentation.
2086
2087         * jit/ExecutableAllocatorFixedVMPool.cpp:
2088         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2089         (JSC::AllocationTableSizeClass::blockSize):
2090         (JSC::AllocationTableSizeClass::blockCount):
2091         (JSC::AllocationTableSizeClass::blockAlignment):
2092         (JSC::AllocationTableSizeClass::size):
2093         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2094         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2095         (JSC::AllocationTableLeaf::allocate):
2096         (JSC::AllocationTableLeaf::free):
2097         (JSC::AllocationTableLeaf::isEmpty):
2098         (JSC::AllocationTableLeaf::isFull):
2099         (JSC::AllocationTableLeaf::size):
2100         (JSC::AllocationTableLeaf::classForSize):
2101         (JSC::AllocationTableLeaf::dump):
2102         (JSC::LazyAllocationTable::LazyAllocationTable):
2103         (JSC::LazyAllocationTable::~LazyAllocationTable):
2104         (JSC::LazyAllocationTable::allocate):
2105         (JSC::LazyAllocationTable::free):
2106         (JSC::LazyAllocationTable::isEmpty):
2107         (JSC::LazyAllocationTable::isFull):
2108         (JSC::LazyAllocationTable::size):
2109         (JSC::LazyAllocationTable::dump):
2110         (JSC::LazyAllocationTable::classForSize):
2111         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2112         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2113         (JSC::AllocationTableDirectory::allocate):
2114         (JSC::AllocationTableDirectory::free):
2115         (JSC::AllocationTableDirectory::isEmpty):
2116         (JSC::AllocationTableDirectory::isFull):
2117         (JSC::AllocationTableDirectory::size):
2118         (JSC::AllocationTableDirectory::classForSize):
2119         (JSC::AllocationTableDirectory::dump):
2120         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2121         (JSC::FixedVMPoolAllocator::alloc):
2122         (JSC::FixedVMPoolAllocator::free):
2123         (JSC::FixedVMPoolAllocator::allocated):
2124         (JSC::FixedVMPoolAllocator::isValid):
2125         (JSC::FixedVMPoolAllocator::classForSize):
2126         (JSC::FixedVMPoolAllocator::offsetToPointer):
2127         (JSC::FixedVMPoolAllocator::pointerToOffset):
2128         (JSC::ExecutableAllocator::committedByteCount):
2129         (JSC::ExecutableAllocator::isValid):
2130         (JSC::ExecutableAllocator::underMemoryPressure):
2131         (JSC::ExecutablePool::systemAlloc):
2132         (JSC::ExecutablePool::systemRelease):
2133         * wtf/PageReservation.h:
2134         (WTF::PageReservation::PageReservation):
2135         (WTF::PageReservation::commit):
2136         (WTF::PageReservation::decommit):
2137         (WTF::PageReservation::committed):
2138
2139 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
2140
2141         Unreviewed, rolling out r76969.
2142         http://trac.webkit.org/changeset/76969
2143         https://bugs.webkit.org/show_bug.cgi?id=53418
2144
2145         "It is causing crashes in GTK+ and Leopard bots" (Requested by
2146         alexg__ on #webkit).
2147
2148         * runtime/WeakGCMap.h:
2149
2150 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
2151
2152         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
2153         r77111.
2154         http://trac.webkit.org/changeset/77098
2155         http://trac.webkit.org/changeset/77099
2156         http://trac.webkit.org/changeset/77100
2157         http://trac.webkit.org/changeset/77109
2158         http://trac.webkit.org/changeset/77111
2159         https://bugs.webkit.org/show_bug.cgi?id=53219
2160
2161         Qt build is broken
2162
2163         * API/JSCallbackObject.h:
2164         (JSC::JSCallbackObjectData::setPrivateProperty):
2165         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2166         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2167         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2168         (JSC::JSCallbackObject::setPrivateProperty):
2169         * API/JSCallbackObjectFunctions.h:
2170         (JSC::::put):
2171         (JSC::::staticFunctionGetter):
2172         * API/JSObjectRef.cpp:
2173         (JSObjectMakeConstructor):
2174         (JSObjectSetPrivateProperty):
2175         * API/JSWeakObjectMapRefInternal.h:
2176         * JavaScriptCore.exp:
2177         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2178         * JavaScriptCore.xcodeproj/project.pbxproj:
2179         * bytecode/CodeBlock.cpp:
2180         (JSC::CodeBlock::markAggregate):
2181         * bytecode/CodeBlock.h:
2182         (JSC::CodeBlock::globalObject):
2183         * bytecompiler/BytecodeGenerator.cpp:
2184         (JSC::BytecodeGenerator::BytecodeGenerator):
2185         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2186         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2187         (JSC::BytecodeGenerator::findScopedProperty):
2188         * debugger/Debugger.cpp:
2189         (JSC::evaluateInGlobalCallFrame):
2190         * debugger/DebuggerActivation.cpp:
2191         (JSC::DebuggerActivation::DebuggerActivation):
2192         (JSC::DebuggerActivation::markChildren):
2193         * debugger/DebuggerActivation.h:
2194         * debugger/DebuggerCallFrame.cpp:
2195         (JSC::DebuggerCallFrame::evaluate):
2196         * interpreter/CallFrame.h:
2197         (JSC::ExecState::exception):
2198         * interpreter/Interpreter.cpp:
2199         (JSC::Interpreter::resolve):
2200         (JSC::Interpreter::resolveSkip):
2201         (JSC::Interpreter::resolveGlobal):
2202         (JSC::Interpreter::resolveGlobalDynamic):
2203         (JSC::Interpreter::resolveBaseAndProperty):
2204         (JSC::Interpreter::unwindCallFrame):
2205         (JSC::appendSourceToError):
2206         (JSC::Interpreter::execute):
2207         (JSC::Interpreter::tryCacheGetByID):
2208         (JSC::Interpreter::privateExecute):
2209         * jit/JITStubs.cpp:
2210         (JSC::JITThunks::tryCacheGetByID):
2211         (JSC::DEFINE_STUB_FUNCTION):
2212         * jsc.cpp:
2213         (GlobalObject::GlobalObject):
2214         * runtime/ArgList.cpp:
2215         (JSC::MarkedArgumentBuffer::markLists):
2216         * runtime/Arguments.cpp:
2217         (JSC::Arguments::markChildren):
2218         (JSC::Arguments::getOwnPropertySlot):
2219         (JSC::Arguments::getOwnPropertyDescriptor):
2220         (JSC::Arguments::put):
2221         * runtime/Arguments.h:
2222         (JSC::Arguments::setActivation):
2223         (JSC::Arguments::Arguments):
2224         * runtime/ArrayConstructor.cpp:
2225         (JSC::ArrayConstructor::ArrayConstructor):
2226         (JSC::constructArrayWithSizeQuirk):
2227         * runtime/ArrayPrototype.cpp:
2228         (JSC::arrayProtoFuncSplice):
2229         * runtime/BatchedTransitionOptimizer.h:
2230         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2231         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2232         * runtime/BooleanConstructor.cpp:
2233         (JSC::BooleanConstructor::BooleanConstructor):
2234         (JSC::constructBoolean):
2235         (JSC::constructBooleanFromImmediateBoolean):
2236         * runtime/BooleanPrototype.cpp:
2237         (JSC::BooleanPrototype::BooleanPrototype):
2238         * runtime/ConservativeSet.cpp:
2239         (JSC::ConservativeSet::grow):
2240         * runtime/ConservativeSet.h:
2241         (JSC::ConservativeSet::~ConservativeSet):
2242         (JSC::ConservativeSet::mark):
2243         * runtime/DateConstructor.cpp:
2244         (JSC::DateConstructor::DateConstructor):
2245         * runtime/DateInstance.cpp:
2246         (JSC::DateInstance::DateInstance):
2247         * runtime/DatePrototype.cpp:
2248         (JSC::dateProtoFuncSetTime):
2249         (JSC::setNewValueFromTimeArgs):
2250         (JSC::setNewValueFromDateArgs):
2251         (JSC::dateProtoFuncSetYear):
2252         * runtime/ErrorConstructor.cpp:
2253         (JSC::ErrorConstructor::ErrorConstructor):
2254         * runtime/ErrorInstance.cpp:
2255         (JSC::ErrorInstance::ErrorInstance):
2256         * runtime/ErrorPrototype.cpp:
2257         (JSC::ErrorPrototype::ErrorPrototype):
2258         * runtime/FunctionConstructor.cpp:
2259         (JSC::FunctionConstructor::FunctionConstructor):
2260         * runtime/FunctionPrototype.cpp:
2261         (JSC::FunctionPrototype::FunctionPrototype):
2262         * runtime/GetterSetter.cpp:
2263         (JSC::GetterSetter::markChildren):
2264         * runtime/GetterSetter.h:
2265         (JSC::GetterSetter::GetterSetter):
2266         (JSC::GetterSetter::getter):
2267         (JSC::GetterSetter::setGetter):
2268         (JSC::GetterSetter::setter):
2269         (JSC::GetterSetter::setSetter):
2270         * runtime/GlobalEvalFunction.cpp:
2271         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2272         (JSC::GlobalEvalFunction::markChildren):
2273         * runtime/GlobalEvalFunction.h:
2274         (JSC::GlobalEvalFunction::cachedGlobalObject):
2275         * runtime/Heap.cpp:
2276         (JSC::Heap::markProtectedObjects):
2277         (JSC::Heap::markTempSortVectors):
2278         (JSC::Heap::markRoots):
2279         * runtime/InternalFunction.cpp:
2280         (JSC::InternalFunction::InternalFunction):
2281         * runtime/JSAPIValueWrapper.h:
2282         (JSC::JSAPIValueWrapper::value):
2283         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2284         * runtime/JSActivation.cpp:
2285         (JSC::JSActivation::markChildren):
2286         (JSC::JSActivation::put):
2287         * runtime/JSArray.cpp:
2288         (JSC::JSArray::JSArray):
2289         (JSC::JSArray::getOwnPropertySlot):
2290         (JSC::JSArray::getOwnPropertyDescriptor):
2291         (JSC::JSArray::put):
2292         (JSC::JSArray::putSlowCase):
2293         (JSC::JSArray::deleteProperty):
2294         (JSC::JSArray::increaseVectorLength):
2295         (JSC::JSArray::setLength):
2296         (JSC::JSArray::pop):
2297         (JSC::JSArray::push):
2298         (JSC::JSArray::unshiftCount):
2299         (JSC::JSArray::sort):
2300         (JSC::JSArray::fillArgList):
2301         (JSC::JSArray::copyToRegisters):
2302         (JSC::JSArray::compactForSorting):
2303         * runtime/JSArray.h:
2304         (JSC::JSArray::getIndex):
2305         (JSC::JSArray::setIndex):
2306         (JSC::JSArray::uncheckedSetIndex):
2307         (JSC::JSArray::markChildrenDirect):
2308         * runtime/JSByteArray.cpp:
2309         (JSC::JSByteArray::JSByteArray):
2310         * runtime/JSCell.h:
2311         (JSC::JSCell::JSValue::toThisObject):
2312         (JSC::JSCell::MarkStack::append):
2313         * runtime/JSFunction.cpp:
2314         (JSC::JSFunction::JSFunction):
2315         (JSC::JSFunction::getOwnPropertySlot):
2316         * runtime/JSGlobalData.h:
2317         * runtime/JSGlobalObject.cpp:
2318         (JSC::markIfNeeded):
2319         (JSC::JSGlobalObject::reset):
2320         (JSC::JSGlobalObject::resetPrototype):
2321         (JSC::JSGlobalObject::markChildren):
2322         * runtime/JSGlobalObject.h:
2323         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2324         (JSC::JSGlobalObject::regExpConstructor):
2325         (JSC::JSGlobalObject::errorConstructor):
2326         (JSC::JSGlobalObject::evalErrorConstructor):
2327         (JSC::JSGlobalObject::rangeErrorConstructor):
2328         (JSC::JSGlobalObject::referenceErrorConstructor):
2329         (JSC::JSGlobalObject::syntaxErrorConstructor):
2330         (JSC::JSGlobalObject::typeErrorConstructor):
2331         (JSC::JSGlobalObject::URIErrorConstructor):
2332         (JSC::JSGlobalObject::evalFunction):
2333         (JSC::JSGlobalObject::objectPrototype):
2334         (JSC::JSGlobalObject::functionPrototype):
2335         (JSC::JSGlobalObject::arrayPrototype):
2336         (JSC::JSGlobalObject::booleanPrototype):
2337         (JSC::JSGlobalObject::stringPrototype):
2338         (JSC::JSGlobalObject::numberPrototype):
2339         (JSC::JSGlobalObject::datePrototype):
2340         (JSC::JSGlobalObject::regExpPrototype):
2341         (JSC::JSGlobalObject::methodCallDummy):
2342         (JSC::Structure::prototypeForLookup):
2343         (JSC::constructArray):
2344         * runtime/JSONObject.cpp:
2345         (JSC::Stringifier::Holder::object):
2346         (JSC::Stringifier::markAggregate):
2347         (JSC::Stringifier::stringify):
2348         (JSC::Stringifier::Holder::appendNextProperty):
2349         (JSC::Walker::callReviver):
2350         (JSC::Walker::walk):
2351         * runtime/JSObject.cpp:
2352         (JSC::JSObject::defineGetter):
2353         (JSC::JSObject::defineSetter):
2354         (JSC::JSObject::removeDirect):
2355         (JSC::JSObject::putDirectFunction):
2356         (JSC::JSObject::putDirectFunctionWithoutTransition):
2357         (JSC::putDescriptor):
2358         (JSC::JSObject::defineOwnProperty):
2359         * runtime/JSObject.h:
2360         (JSC::JSObject::getDirectOffset):
2361         (JSC::JSObject::putDirectOffset):
2362         (JSC::JSObject::flattenDictionaryObject):
2363         (JSC::JSObject::putDirectInternal):
2364         (JSC::JSObject::putDirect):
2365         (JSC::JSObject::putDirectFunction):
2366         (JSC::JSObject::putDirectWithoutTransition):
2367         (JSC::JSObject::putDirectFunctionWithoutTransition):
2368         (JSC::JSValue::putDirect):
2369         (JSC::JSObject::allocatePropertyStorageInline):
2370         (JSC::JSObject::markChildrenDirect):
2371         * runtime/JSPropertyNameIterator.cpp:
2372         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2373         (JSC::JSPropertyNameIterator::get):
2374         * runtime/JSPropertyNameIterator.h:
2375         * runtime/JSStaticScopeObject.cpp:
2376         (JSC::JSStaticScopeObject::markChildren):
2377         * runtime/JSString.cpp:
2378         (JSC::StringObject::create):
2379         * runtime/JSValue.h:
2380         * runtime/JSWrapperObject.cpp:
2381         (JSC::JSWrapperObject::markChildren):
2382         * runtime/JSWrapperObject.h:
2383         (JSC::JSWrapperObject::internalValue):
2384         (JSC::JSWrapperObject::setInternalValue):
2385         * runtime/LiteralParser.cpp:
2386         (JSC::LiteralParser::parse):
2387         * runtime/Lookup.cpp:
2388         (JSC::setUpStaticFunctionSlot):
2389         * runtime/Lookup.h:
2390         (JSC::lookupPut):
2391         * runtime/MarkStack.h:
2392         (JSC::MarkStack::appendValues):
2393         * runtime/MathObject.cpp:
2394         (JSC::MathObject::MathObject):
2395         * runtime/NativeErrorConstructor.cpp:
2396         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2397         * runtime/NativeErrorPrototype.cpp:
2398         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2399         * runtime/NumberConstructor.cpp:
2400         (JSC::NumberConstructor::NumberConstructor):
2401         (JSC::constructWithNumberConstructor):
2402         * runtime/NumberObject.cpp:
2403         (JSC::constructNumber):
2404         * runtime/NumberPrototype.cpp:
2405         (JSC::NumberPrototype::NumberPrototype):
2406         * runtime/ObjectConstructor.cpp:
2407         (JSC::ObjectConstructor::ObjectConstructor):
2408         (JSC::objectConstructorGetOwnPropertyDescriptor):
2409         * runtime/Operations.h:
2410         (JSC::normalizePrototypeChain):
2411         (JSC::resolveBase):
2412         * runtime/PrototypeFunction.cpp:
2413         (JSC::PrototypeFunction::PrototypeFunction):
2414         * runtime/PutPropertySlot.h:
2415         (JSC::PutPropertySlot::setExistingProperty):
2416         (JSC::PutPropertySlot::setNewProperty):
2417         (JSC::PutPropertySlot::base):
2418         * runtime/RegExpConstructor.cpp:
2419         (JSC::RegExpConstructor::RegExpConstructor):
2420         * runtime/ScopeChain.cpp:
2421         (JSC::ScopeChainNode::print):
2422         * runtime/ScopeChain.h:
2423         (JSC::ScopeChainNode::~ScopeChainNode):
2424         (JSC::ScopeChainIterator::operator*):
2425         (JSC::ScopeChainIterator::operator->):
2426         (JSC::ScopeChain::top):
2427         * runtime/ScopeChainMark.h:
2428         (JSC::ScopeChain::markAggregate):
2429         * runtime/SmallStrings.cpp:
2430         (JSC::isMarked):
2431         (JSC::SmallStrings::markChildren):
2432         * runtime/SmallStrings.h:
2433         (JSC::SmallStrings::emptyString):
2434         (JSC::SmallStrings::singleCharacterString):
2435         (JSC::SmallStrings::singleCharacterStrings):
2436         * runtime/StringConstructor.cpp:
2437         (JSC::StringConstructor::StringConstructor):
2438         * runtime/StringObject.cpp:
2439         (JSC::StringObject::StringObject):
2440         * runtime/StringObject.h:
2441         * runtime/StringPrototype.cpp:
2442         (JSC::StringPrototype::StringPrototype):
2443         * runtime/Structure.cpp:
2444         (JSC::Structure::Structure):
2445         (JSC::Structure::addPropertyTransition):
2446         (JSC::Structure::toDictionaryTransition):
2447         (JSC::Structure::flattenDictionaryStructure):
2448         * runtime/Structure.h:
2449         (JSC::Structure::storedPrototype):
2450         * runtime/WeakGCMap.h:
2451         (JSC::WeakGCMap::uncheckedGet):
2452         (JSC::WeakGCMap::isValid):
2453         (JSC::::get):
2454         (JSC::::take):
2455         (JSC::::set):
2456         (JSC::::uncheckedRemove):
2457         * runtime/WriteBarrier.h: Removed.
2458
2459 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2460
2461         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
2462
2463         * runtime/WriteBarrier.h:
2464         (JSC::WriteBarrierBase::clear):
2465
2466 2011-01-30  Oliver Hunt  <oliver@apple.com>
2467
2468         More Qt build fixes
2469
2470         * runtime/WriteBarrier.h:
2471         (JSC::WriteBarrierBase::clear):
2472
2473 2011-01-30  Oliver Hunt  <oliver@apple.com>
2474
2475         Convert markstack to a slot visitor API
2476         https://bugs.webkit.org/show_bug.cgi?id=53219
2477
2478         rolling r77006 and r77020 back in.
2479
2480         * API/JSCallbackObject.h:
2481         (JSC::JSCallbackObjectData::setPrivateProperty):
2482         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2483         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2484         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2485         (JSC::JSCallbackObject::setPrivateProperty):
2486         * API/JSCallbackObjectFunctions.h:
2487         (JSC::::put):
2488         (JSC::::staticFunctionGetter):
2489         * API/JSObjectRef.cpp:
2490         (JSObjectMakeConstructor):
2491         (JSObjectSetPrivateProperty):
2492         * API/JSWeakObjectMapRefInternal.h:
2493         * JavaScriptCore.exp:
2494         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2495         * JavaScriptCore.xcodeproj/project.pbxproj:
2496         * bytecode/CodeBlock.cpp:
2497         (JSC::CodeBlock::markAggregate):
2498         * bytecode/CodeBlock.h:
2499         (JSC::CodeBlock::globalObject):
2500         * bytecompiler/BytecodeGenerator.cpp:
2501         (JSC::BytecodeGenerator::BytecodeGenerator):
2502         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2503         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2504         (JSC::BytecodeGenerator::findScopedProperty):
2505         * debugger/Debugger.cpp:
2506         (JSC::evaluateInGlobalCallFrame):
2507         * debugger/DebuggerActivation.cpp:
2508         (JSC::DebuggerActivation::DebuggerActivation):
2509         (JSC::DebuggerActivation::markChildren):
2510         * debugger/DebuggerActivation.h:
2511         * debugger/DebuggerCallFrame.cpp:
2512         (JSC::DebuggerCallFrame::evaluate):
2513         * interpreter/CallFrame.h:
2514         (JSC::ExecState::exception):
2515         * interpreter/Interpreter.cpp:
2516         (JSC::Interpreter::resolve):
2517         (JSC::Interpreter::resolveSkip):
2518         (JSC::Interpreter::resolveGlobal):
2519         (JSC::Interpreter::resolveGlobalDynamic):
2520         (JSC::Interpreter::resolveBaseAndProperty):
2521         (JSC::Interpreter::unwindCallFrame):
2522         (JSC::appendSourceToError):
2523         (JSC::Interpreter::execute):
2524         (JSC::Interpreter::tryCacheGetByID):
2525         (JSC::Interpreter::privateExecute):
2526         * jit/JITStubs.cpp:
2527         (JSC::JITThunks::tryCacheGetByID):
2528         (JSC::DEFINE_STUB_FUNCTION):
2529         * jsc.cpp:
2530         (GlobalObject::GlobalObject):
2531         * runtime/ArgList.cpp:
2532         (JSC::MarkedArgumentBuffer::markLists):
2533         * runtime/Arguments.cpp:
2534         (JSC::Arguments::markChildren):
2535         (JSC::Arguments::getOwnPropertySlot):
2536         (JSC::Arguments::getOwnPropertyDescriptor):
2537         (JSC::Arguments::put):
2538         * runtime/Arguments.h:
2539         (JSC::Arguments::setActivation):
2540         (JSC::Arguments::Arguments):
2541         * runtime/ArrayConstructor.cpp:
2542         (JSC::ArrayConstructor::ArrayConstructor):
2543         (JSC::constructArrayWithSizeQuirk):
2544         * runtime/ArrayPrototype.cpp:
2545         (JSC::arrayProtoFuncSplice):
2546         * runtime/BatchedTransitionOptimizer.h:
2547         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2548         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2549         * runtime/BooleanConstructor.cpp:
2550         (JSC::BooleanConstructor::BooleanConstructor):
2551         (JSC::constructBoolean):
2552         (JSC::constructBooleanFromImmediateBoolean):
2553         * runtime/BooleanPrototype.cpp:
2554         (JSC::BooleanPrototype::BooleanPrototype):
2555         * runtime/ConservativeSet.cpp:
2556         (JSC::ConservativeSet::grow):
2557         * runtime/ConservativeSet.h:
2558         (JSC::ConservativeSet::~ConservativeSet):
2559         (JSC::ConservativeSet::mark):
2560         * runtime/DateConstructor.cpp:
2561         (JSC::DateConstructor::DateConstructor):
2562         * runtime/DateInstance.cpp:
2563         (JSC::DateInstance::DateInstance):
2564         * runtime/DatePrototype.cpp:
2565         (JSC::dateProtoFuncSetTime):
2566         (JSC::setNewValueFromTimeArgs):
2567         (JSC::setNewValueFromDateArgs):
2568         (JSC::dateProtoFuncSetYear):
2569         * runtime/ErrorConstructor.cpp:
2570         (JSC::ErrorConstructor::ErrorConstructor):
2571         * runtime/ErrorInstance.cpp:
2572         (JSC::ErrorInstance::ErrorInstance):
2573         * runtime/ErrorPrototype.cpp:
2574         (JSC::ErrorPrototype::ErrorPrototype):
2575         * runtime/FunctionConstructor.cpp:
2576         (JSC::FunctionConstructor::FunctionConstructor):
2577         * runtime/FunctionPrototype.cpp:
2578         (JSC::FunctionPrototype::FunctionPrototype):
2579         * runtime/GetterSetter.cpp:
2580         (JSC::GetterSetter::markChildren):
2581         * runtime/GetterSetter.h:
2582         (JSC::GetterSetter::GetterSetter):
2583         (JSC::GetterSetter::getter):
2584         (JSC::GetterSetter::setGetter):
2585         (JSC::GetterSetter::setter):
2586         (JSC::GetterSetter::setSetter):
2587         * runtime/GlobalEvalFunction.cpp:
2588         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2589         (JSC::GlobalEvalFunction::markChildren):
2590         * runtime/GlobalEvalFunction.h:
2591         (JSC::GlobalEvalFunction::cachedGlobalObject):
2592         * runtime/Heap.cpp:
2593         (JSC::Heap::markProtectedObjects):
2594         (JSC::Heap::markTempSortVectors):
2595         (JSC::Heap::markRoots):
2596         * runtime/InternalFunction.cpp:
2597         (JSC::InternalFunction::InternalFunction):
2598         * runtime/JSAPIValueWrapper.h:
2599         (JSC::JSAPIValueWrapper::value):
2600         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2601         * runtime/JSActivation.cpp:
2602         (JSC::JSActivation::markChildren):
2603         (JSC::JSActivation::put):
2604         * runtime/JSArray.cpp:
2605         (JSC::JSArray::JSArray):
2606         (JSC::JSArray::getOwnPropertySlot):
2607         (JSC::JSArray::getOwnPropertyDescriptor):
2608         (JSC::JSArray::put):
2609         (JSC::JSArray::putSlowCase):
2610         (JSC::JSArray::deleteProperty):
2611         (JSC::JSArray::increaseVectorLength):
2612         (JSC::JSArray::setLength):
2613         (JSC::JSArray::pop):
2614         (JSC::JSArray::push):
2615         (JSC::JSArray::unshiftCount):
2616         (JSC::JSArray::sort):
2617         (JSC::JSArray::fillArgList):
2618         (JSC::JSArray::copyToRegisters):
2619         (JSC::JSArray::compactForSorting):
2620         * runtime/JSArray.h:
2621         (JSC::JSArray::getIndex):
2622         (JSC::JSArray::setIndex):
2623         (JSC::JSArray::uncheckedSetIndex):
2624         (JSC::JSArray::markChildrenDirect):
2625         * runtime/JSByteArray.cpp:
2626         (JSC::JSByteArray::JSByteArray):
2627         * runtime/JSCell.h:
2628         (JSC::JSCell::MarkStack::append):
2629         (JSC::JSCell::MarkStack::internalAppend):
2630         (JSC::JSCell::MarkStack::deprecatedAppend):
2631         * runtime/JSFunction.cpp:
2632         (JSC::JSFunction::JSFunction):
2633         (JSC::JSFunction::getOwnPropertySlot):
2634         * runtime/JSGlobalData.h:
2635         * runtime/JSGlobalObject.cpp:
2636         (JSC::markIfNeeded):
2637         (JSC::JSGlobalObject::reset):
2638         (JSC::JSGlobalObject::resetPrototype):
2639         (JSC::JSGlobalObject::markChildren):
2640         * runtime/JSGlobalObject.h:
2641         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2642         (JSC::JSGlobalObject::regExpConstructor):
2643         (JSC::JSGlobalObject::errorConstructor):
2644         (JSC::JSGlobalObject::evalErrorConstructor):
2645         (JSC::JSGlobalObject::rangeErrorConstructor):
2646         (JSC::JSGlobalObject::referenceErrorConstructor):
2647         (JSC::JSGlobalObject::syntaxErrorConstructor):
2648         (JSC::JSGlobalObject::typeErrorConstructor):
2649         (JSC::JSGlobalObject::URIErrorConstructor):
2650         (JSC::JSGlobalObject::evalFunction):
2651         (JSC::JSGlobalObject::objectPrototype):
2652         (JSC::JSGlobalObject::functionPrototype):
2653         (JSC::JSGlobalObject::arrayPrototype):
2654         (JSC::JSGlobalObject::booleanPrototype):
2655         (JSC::JSGlobalObject::stringPrototype):
2656         (JSC::JSGlobalObject::numberPrototype):
2657         (JSC::JSGlobalObject::datePrototype):
2658         (JSC::JSGlobalObject::regExpPrototype):
2659         (JSC::JSGlobalObject::methodCallDummy):
2660         (JSC::Structure::prototypeForLookup):
2661         (JSC::constructArray):
2662         * runtime/JSONObject.cpp:
2663         (JSC::Stringifier::Holder::object):
2664         (JSC::Stringifier::Holder::objectSlot):
2665         (JSC::Stringifier::markAggregate):
2666         (JSC::Stringifier::stringify):
2667         (JSC::Stringifier::Holder::appendNextProperty):
2668         (JSC::Walker::callReviver):
2669         (JSC::Walker::walk):
2670         * runtime/JSObject.cpp:
2671         (JSC::JSObject::defineGetter):
2672         (JSC::JSObject::defineSetter):
2673         (JSC::JSObject::removeDirect):
2674         (JSC::JSObject::putDirectFunction):
2675         (JSC::JSObject::putDirectFunctionWithoutTransition):
2676         (JSC::putDescriptor):
2677         (JSC::JSObject::defineOwnProperty):
2678         * runtime/JSObject.h:
2679         (JSC::JSObject::getDirectOffset):
2680         (JSC::JSObject::putDirectOffset):
2681         (JSC::JSObject::putUndefinedAtDirectOffset):
2682         (JSC::JSObject::flattenDictionaryObject):
2683         (JSC::JSObject::putDirectInternal):
2684         (JSC::JSObject::putDirect):
2685         (JSC::JSObject::putDirectFunction):
2686         (JSC::JSObject::putDirectWithoutTransition):
2687         (JSC::JSObject::putDirectFunctionWithoutTransition):
2688         (JSC::JSValue::putDirect):
2689         (JSC::JSObject::allocatePropertyStorageInline):
2690         (JSC::JSObject::markChildrenDirect):
2691         * runtime/JSPropertyNameIterator.cpp:
2692         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2693         (JSC::JSPropertyNameIterator::get):
2694         * runtime/JSPropertyNameIterator.h:
2695         * runtime/JSStaticScopeObject.cpp:
2696         (JSC::JSStaticScopeObject::markChildren):
2697         * runtime/JSString.cpp:
2698         (JSC::StringObject::create):
2699         * runtime/JSValue.h:
2700         * runtime/JSWrapperObject.cpp:
2701         (JSC::JSWrapperObject::markChildren):
2702         * runtime/JSWrapperObject.h:
2703         (JSC::JSWrapperObject::internalValue):
2704         (JSC::JSWrapperObject::setInternalValue):
2705         * runtime/LiteralParser.cpp:
2706         (JSC::LiteralParser::parse):
2707         * runtime/Lookup.cpp:
2708         (JSC::setUpStaticFunctionSlot):
2709         * runtime/Lookup.h:
2710         (JSC::lookupPut):
2711         * runtime/MarkStack.h:
2712         (JSC::MarkStack::MarkStack):
2713         (JSC::MarkStack::deprecatedAppendValues):
2714         (JSC::MarkStack::appendValues):
2715         * runtime/MathObject.cpp:
2716         (JSC::MathObject::MathObject):
2717         * runtime/NativeErrorConstructor.cpp:
2718         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2719         * runtime/NativeErrorPrototype.cpp:
2720         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2721         * runtime/NumberConstructor.cpp:
2722         (JSC::NumberConstructor::NumberConstructor):
2723         (JSC::constructWithNumberConstructor):
2724         * runtime/NumberObject.cpp:
2725         (JSC::constructNumber):
2726         * runtime/NumberPrototype.cpp:
2727         (JSC::NumberPrototype::NumberPrototype):
2728         * runtime/ObjectConstructor.cpp:
2729         (JSC::ObjectConstructor::ObjectConstructor):
2730         (JSC::objectConstructorGetOwnPropertyDescriptor):
2731         * runtime/Operations.h:
2732         (JSC::normalizePrototypeChain):
2733         (JSC::resolveBase):
2734         * runtime/PrototypeFunction.cpp:
2735         (JSC::PrototypeFunction::PrototypeFunction):
2736         * runtime/PutPropertySlot.h:
2737         (JSC::PutPropertySlot::setExistingProperty):
2738         (JSC::PutPropertySlot::setNewProperty):
2739         (JSC::PutPropertySlot::base):
2740         * runtime/RegExpConstructor.cpp:
2741         (JSC::RegExpConstructor::RegExpConstructor):
2742         * runtime/ScopeChain.cpp:
2743         (JSC::ScopeChainNode::print):
2744         * runtime/ScopeChain.h:
2745         (JSC::ScopeChainNode::~ScopeChainNode):
2746         (JSC::ScopeChainIterator::operator*):
2747         (JSC::ScopeChainIterator::operator->):
2748         (JSC::ScopeChain::top):
2749         * runtime/ScopeChainMark.h:
2750         (JSC::ScopeChain::markAggregate):
2751         * runtime/SmallStrings.cpp:
2752         (JSC::isMarked):
2753         (JSC::SmallStrings::markChildren):
2754         * runtime/SmallStrings.h:
2755         (JSC::SmallStrings::emptyString):
2756         (JSC::SmallStrings::singleCharacterString):
2757         (JSC::SmallStrings::singleCharacterStrings):
2758         * runtime/StringConstructor.cpp:
2759         (JSC::StringConstructor::StringConstructor):
2760         * runtime/StringObject.cpp:
2761         (JSC::StringObject::StringObject):
2762         * runtime/StringObject.h:
2763         * runtime/StringPrototype.cpp:
2764         (JSC::StringPrototype::StringPrototype):
2765         * runtime/Structure.cpp:
2766         (JSC::Structure::Structure):
2767         (JSC::Structure::addPropertyTransition):
2768         (JSC::Structure::toDictionaryTransition):
2769         (JSC::Structure::flattenDictionaryStructure):
2770         * runtime/Structure.h:
2771         (JSC::Structure::storedPrototype):
2772         (JSC::Structure::storedPrototypeSlot):
2773         * runtime/WeakGCMap.h:
2774         (JSC::WeakGCMap::uncheckedGet):
2775         (JSC::WeakGCMap::uncheckedGetSlot):
2776         (JSC::WeakGCMap::isValid):
2777         (JSC::::get):
2778         (JSC::::take):
2779         (JSC::::set):
2780         (JSC::::uncheckedRemove):
2781         * runtime/WriteBarrier.h: Added.
2782         (JSC::DeprecatedPtr::DeprecatedPtr):
2783         (JSC::DeprecatedPtr::get):
2784         (JSC::DeprecatedPtr::operator*):
2785         (JSC::DeprecatedPtr::operator->):
2786         (JSC::DeprecatedPtr::slot):
2787         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2788         (JSC::DeprecatedPtr::operator!):
2789         (JSC::WriteBarrierBase::set):
2790         (JSC::WriteBarrierBase::get):
2791         (JSC::WriteBarrierBase::operator*):
2792         (JSC::WriteBarrierBase::operator->):
2793         (JSC::WriteBarrierBase::slot):
2794         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2795         (JSC::WriteBarrierBase::operator!):
2796         (JSC::WriteBarrier::WriteBarrier):
2797         (JSC::operator==):
2798
2799 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
2800
2801         Reviewed by Oliver Hunt.
2802
2803         Filter all Heap collection through a common reset function, in
2804         preparation for adding features triggered by collection.
2805         https://bugs.webkit.org/show_bug.cgi?id=53396
2806         
2807         SunSpider reports no change.
2808
2809         * runtime/Heap.cpp:
2810         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
2811         limit, just call collectAllGarbage() instead of rolling our own special
2812         way of resetting the heap. In theory, this may be slower in some cases,
2813         but it also fixes cases of pathological heap growth that we've seen,
2814         where the only objects being allocated are temporary and huge
2815         (<rdar://problem/8885843>).
2816
2817         (JSC::Heap::allocate):
2818         (JSC::Heap::collectAllGarbage): Use the shared reset function.
2819
2820         (JSC::Heap::reset):
2821         * runtime/Heap.h: Carved a new shared reset function out of the old
2822         collectAllGarbage.
2823
2824 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
2825
2826         Unreviewed, rolling out r77025.
2827         http://trac.webkit.org/changeset/77025
2828         https://bugs.webkit.org/show_bug.cgi?id=53401
2829
2830         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
2831         (Requested by Ossy on #webkit).
2832
2833         * jit/ExecutableAllocatorFixedVMPool.cpp:
2834         (JSC::FreeListEntry::FreeListEntry):
2835         (JSC::AVLTreeAbstractorForFreeList::get_less):
2836         (JSC::AVLTreeAbstractorForFreeList::set_less):
2837         (JSC::AVLTreeAbstractorForFreeList::get_greater):
2838         (JSC::AVLTreeAbstractorForFreeList::set_greater):
2839         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
2840         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
2841         (JSC::AVLTreeAbstractorForFreeList::null):
2842         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
2843         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
2844         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
2845         (JSC::reverseSortFreeListEntriesByPointer):
2846         (JSC::reverseSortCommonSizedAllocations):
2847         (JSC::FixedVMPoolAllocator::release):
2848         (JSC::FixedVMPoolAllocator::reuse):
2849         (JSC::FixedVMPoolAllocator::addToFreeList):
2850         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
2851         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2852         (JSC::FixedVMPoolAllocator::alloc):
2853         (JSC::FixedVMPoolAllocator::free):
2854         (JSC::FixedVMPoolAllocator::isValid):
2855         (JSC::FixedVMPoolAllocator::allocInternal):
2856         (JSC::FixedVMPoolAllocator::isWithinVMPool):
2857         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
2858         (JSC::ExecutableAllocator::committedByteCount):
2859         (JSC::maybeModifyVMPoolSize):
2860         (JSC::ExecutableAllocator::isValid):
2861         (JSC::ExecutableAllocator::underMemoryPressure):
2862         (JSC::ExecutablePool::systemAlloc):
2863         (JSC::ExecutablePool::systemRelease):
2864         * wtf/PageReservation.h:
2865         (WTF::PageReservation::PageReservation):
2866         (WTF::PageReservation::commit):
2867         (WTF::PageReservation::decommit):
2868
2869 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
2870
2871         Reviewed by Daniel Bates.
2872
2873         Code style issue in JavaScriptCore/wtf/CurrentTime.h
2874         https://bugs.webkit.org/show_bug.cgi?id=53394
2875
2876         According to rule #3 at http://webkit.org/coding/coding-style.html,
2877         This patch fix style issue in CurrentTime.h.
2878
2879         No functionality change, no new tests.
2880
2881         * wtf/CurrentTime.h:
2882         (WTF::currentTimeMS):
2883         (WTF::getLocalTime):
2884
2885 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
2886
2887         Reviewed by Kenneth Rohde Christiansen.
2888
2889         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
2890         https://bugs.webkit.org/show_bug.cgi?id=53377
2891
2892         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
2893         instead, we can use "-all_load" on Mac.
2894
2895         * JavaScriptCore.pri:
2896
2897 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2898
2899         Sorry Leopard bot -- I committed a change by accident.
2900
2901         * JavaScriptCore.exp: You may have your symbols back now.
2902
2903 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2904
2905         Reviewed by Cameron Zwarich.
2906
2907         Simplified Heap iteration
2908         https://bugs.webkit.org/show_bug.cgi?id=53393
2909
2910         * runtime/CollectorHeapIterator.h:
2911         (JSC::CollectorHeapIterator::isValid):
2912         (JSC::CollectorHeapIterator::isLive):
2913         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
2914         advance because it's a constant.
2915         (JSC::LiveObjectIterator::LiveObjectIterator):
2916         (JSC::LiveObjectIterator::operator++):
2917         (JSC::DeadObjectIterator::DeadObjectIterator):
2918         (JSC::DeadObjectIterator::operator++):
2919         (JSC::ObjectIterator::ObjectIterator):
2920         (JSC::ObjectIterator::operator++): Factored out common checks into
2921         two helper functions -- isValid() for "Am I past the end?" and isLive()
2922         for "Is the cell I'm pointing to live?".
2923
2924         * runtime/MarkedSpace.cpp:
2925         (JSC::MarkedSpace::freeBlock):
2926         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
2927         to the end, to avoid making sweep subtly reliant on internal Heap state.
2928         (JSC::MarkedSpace::primaryHeapBegin):
2929         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
2930         iteration begins.
2931
2932 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2933
2934         Reviewed by Cameron Zwarich.
2935
2936         Simplified heap destruction
2937         https://bugs.webkit.org/show_bug.cgi?id=53392
2938
2939         * JavaScriptCore.exp:
2940         * runtime/Heap.cpp:
2941         (JSC::Heap::destroy):
2942         * runtime/Heap.h:
2943         * runtime/MarkedSpace.cpp:
2944         (JSC::MarkedSpace::destroy):
2945         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
2946         cells last -- the difficult contortions required to do so just don't seem
2947         justified. We make no guarantees about GC protection after the client
2948         throws away JSGlobalData, and it doesn't seem like any meaningful
2949         guarantee is even possible.
2950
2951 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2952
2953         Reviewed by Maciej Stachowiak.
2954
2955         Switched heap to use the Bitmap class and removed CollectorBitmap
2956         https://bugs.webkit.org/show_bug.cgi?id=53391
2957         
2958         SunSpider says 1.005x as fast. Seems like a fluke.
2959
2960         * runtime/MarkedSpace.cpp:
2961         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
2962         rather than taking a value by reference.
2963
2964         * runtime/MarkedSpace.h: Code reuse is good.
2965
2966         * wtf/Bitmap.h:
2967         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
2968         which CollectorBitmap had. (Renamed from the less conventional "getset".)
2969
2970         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
2971         clarity. It's all the same with inlining.
2972
2973 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2974
2975         Reviewed by Maciej Stachowiak.
2976
2977         Some more Heap cleanup.
2978         https://bugs.webkit.org/show_bug.cgi?id=53357
2979         
2980         * JavaScriptCore.exp:
2981         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
2982
2983         * runtime/Heap.cpp:
2984         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
2985         reportExtraMemoryCostSlowCase to match our naming conventions.
2986
2987         (JSC::Heap::capacity): Renamed size to capacity because this function
2988         returns the capacity of the heap, including unused portions.
2989
2990         * runtime/Heap.h:
2991         (JSC::Heap::globalData):
2992         (JSC::Heap::markedSpace):
2993         (JSC::Heap::machineStackMarker):
2994         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
2995         Moved ctor and dtor to the beginning of the class definition. Grouped
2996         functions by purpose.
2997
2998         * runtime/MarkedSpace.cpp:
2999         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
3000         function returns the capacity of the heap, including unused portions.
3001
3002         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
3003         the same information can be gotten just by calling size() and capacity().
3004
3005         * runtime/MemoryStatistics.cpp:
3006         * runtime/MemoryStatistics.h: Ditto.
3007
3008 2011-01-29  Daniel Bates  <dbates@rim.com>
3009
3010         Reviewed by Eric Seidel.
3011
3012         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
3013         https://bugs.webkit.org/show_bug.cgi?id=53253
3014
3015         Make inclusion of MT19937 a policy decision.
3016
3017         Currently, we hardcoded to  use MT19937 when building for
3018         Windows CE. Instead, we should make this a policy decision
3019         with the Windows CE port using this by default.
3020
3021         * JavaScriptCore.pri: Append Source/ThirdParty to the end
3022         of the list include directories.
3023         * wtf/CMakeLists.txt: Ditto.
3024         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
3025         building for Windows CE.
3026         * wtf/RandomNumber.cpp:
3027         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
3028
3029 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
3030
3031         Reviewed by David Kilzer.
3032
3033         Bug 53374 - Remove uses of unsafe string functions in debugging code
3034         https://bugs.webkit.org/show_bug.cgi?id=53374
3035
3036         * runtime/RegExp.cpp:
3037         (JSC::RegExp::printTraceData):
3038
3039 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
3040
3041         Reviewed by Oliver Hunt.
3042
3043         JavaScriptCoreUseJIT environment variable broken
3044         https://bugs.webkit.org/show_bug.cgi?id=53372
3045
3046         * runtime/JSGlobalData.cpp:
3047         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
3048         by getenv() rather than just doing a NULL check on the return value.
3049
3050 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
3051
3052         Reviewed by David Kilzer.
3053
3054         Move CharacterNames.h into WTF directory
3055         https://bugs.webkit.org/show_bug.cgi?id=49618
3056
3057         * GNUmakefile.am:
3058         * JavaScriptCore.gypi:
3059         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
3060         * JavaScriptCore.xcodeproj/project.pbxproj:
3061         * wtf/CMakeLists.txt:
3062         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
3063         * wtf/unicode/UTF8.cpp:
3064
3065 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
3066
3067         Reviewed by Gavin Barraclough.
3068
3069         Add various clampToInt() methods to MathExtras.h
3070         https://bugs.webkit.org/show_bug.cgi?id=52910
3071         
3072         Add functions for clamping doubles and floats to valid int
3073         ranges, for signed and positive integers.
3074
3075         * wtf/MathExtras.h:
3076         (clampToInteger):
3077         (clampToPositiveInteger):
3078
3079 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3080
3081         Unreviewed, rolling out r77006 and r77020.
3082         http://trac.webkit.org/changeset/77006
3083         http://trac.webkit.org/changeset/77020
3084         https://bugs.webkit.org/show_bug.cgi?id=53360
3085
3086         "Broke Windows tests" (Requested by rniwa on #webkit).
3087
3088         * API/JSCallbackObject.h:
3089         (JSC::JSCallbackObjectData::setPrivateProperty):
3090         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
3091         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
3092         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
3093         (JSC::JSCallbackObject::setPrivateProperty):
3094         * API/JSCallbackObjectFunctions.h:
3095         (JSC::::put):
3096         (JSC::::staticFunctionGetter):
3097         * API/JSObjectRef.cpp:
3098         (JSObjectMakeConstructor):
3099         (JSObjectSetPrivateProperty):
3100         * API/JSWeakObjectMapRefInternal.h:
3101         * JavaScriptCore.exp:
3102         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3103         * JavaScriptCore.xcodeproj/project.pbxproj:
3104         * bytecode/CodeBlock.cpp:
3105         (JSC::CodeBlock::markAggregate):
3106         * bytecode/CodeBlock.h:
3107         (JSC::CodeBlock::globalObject):
3108         * bytecompiler/BytecodeGenerator.cpp:
3109         (JSC::BytecodeGenerator::BytecodeGenerator):
3110         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
3111         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
3112         (JSC::BytecodeGenerator::findScopedProperty):
3113         * debugger/Debugger.cpp:
3114         (JSC::evaluateInGlobalCallFrame):
3115         * debugger/DebuggerActivation.cpp:
3116         (JSC::DebuggerActivation::DebuggerActivation):
3117         (JSC::DebuggerActivation::markChildren):
3118         * debugger/DebuggerActivation.h:
3119         * debugger/DebuggerCallFrame.cpp:
3120         (JSC::DebuggerCallFrame::evaluate):
3121         * interpreter/CallFrame.h:
3122         (JSC::ExecState::exception):
3123         * interpreter/Interpreter.cpp:
3124         (JSC::Interpreter::resolve):
3125         (JSC::Interpreter::resolveSkip):
3126         (JSC::Interpreter::resolveGlobal):
3127         (JSC::Interpreter::resolveGlobalDynamic):
3128         (JSC::Interpreter::resolveBaseAndProperty):
3129         (JSC::Interpreter::unwindCallFrame):
3130         (JSC::appendSourceToError):
3131         (JSC::Interpreter::execute):
3132         (JSC::Interpreter::tryCacheGetByID):
3133         (JSC::Interpreter::privateExecute):
3134         * jit/JITStubs.cpp:
3135         (JSC::JITThunks::tryCacheGetByID):
3136         (JSC::DEFINE_STUB_FUNCTION):
3137         * jsc.cpp:
3138         (GlobalObject::GlobalObject):
3139         * runtime/ArgList.cpp:
3140         (JSC::MarkedArgumentBuffer::markLists):
3141         * runtime/Arguments.cpp:
3142         (JSC::Arguments::markChildren):
3143         (JSC::Arguments::getOwnPropertySlot):
3144         (JSC::Arguments::getOwnPropertyDescriptor):
3145         (JSC::Arguments::put):
3146         * runtime/Arguments.h:
3147         (JSC::Arguments::setActivation):
3148         (JSC::Arguments::Arguments):
3149         * runtime/ArrayConstructor.cpp:
3150         (JSC::ArrayConstructor::ArrayConstructor):
3151         (JSC::constructArrayWithSizeQuirk):
3152         * runtime/ArrayPrototype.cpp:
3153         (JSC::arrayProtoFuncSplice):
3154         * runtime/BatchedTransitionOptimizer.h:
3155         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
3156         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
3157         * runtime/BooleanConstructor.cpp:
3158         (JSC::BooleanConstructor::BooleanConstructor):
3159         (JSC::constructBoolean):
3160         (JSC::constructBooleanFromImmediateBoolean):
3161         * runtime/BooleanPrototype.cpp:
3162         (JSC::BooleanPrototype::BooleanPrototype):
3163         * runtime/ConservativeSet.cpp:
3164         (JSC::ConservativeSet::grow):
3165         * runtime/ConservativeSet.h:
3166         (JSC::ConservativeSet::~ConservativeSet):
3167         (JSC::ConservativeSet::mark):
3168         * runtime/DateConstructor.cpp:
3169         (JSC::DateConstructor::DateConstructor):
3170         * runtime/DateInstance.cpp:
3171         (JSC::DateInstance::DateInstance):
3172         * runtime/DatePrototype.cpp:
3173         (JSC::dateProtoFuncSetTime):
3174         (JSC::setNewValueFromTimeArgs):
3175         (JSC::setNewValueFromDateArgs):
3176         (JSC::dateProtoFuncSetYear):
3177         * runtime/ErrorConstructor.cpp:
3178         (JSC::ErrorConstructor::ErrorConstructor):
3179         * runtime/ErrorInstance.cpp:
3180         (JSC::ErrorInstance::ErrorInstance):
3181         * runtime/ErrorPrototype.cpp:
3182         (JSC::ErrorPrototype::ErrorPrototype):
3183         * runtime/FunctionConstructor.cpp:
3184         (JSC::FunctionConstructor::FunctionConstructor):
3185         * runtime/FunctionPrototype.cpp:
3186         (JSC::FunctionPrototype::FunctionPrototype):
3187         * runtime/GetterSetter.cpp:
3188         (JSC::GetterSetter::markChildren):
3189         * runtime/GetterSetter.h:
3190         (JSC::GetterSetter::GetterSetter):
3191         (JSC::GetterSetter::getter):
3192         (JSC::GetterSetter::setGetter):
3193         (JSC::GetterSetter::setter):
3194         (JSC::GetterSetter::setSetter):
3195         * runtime/GlobalEvalFunction.cpp:
3196         (JSC::GlobalEvalFunction::GlobalEvalFunction):
3197         (JSC::GlobalEvalFunction::markChildren):
3198         * runtime/GlobalEvalFunction.h:
3199         (JSC::GlobalEvalFunction::cachedGlobalObject):
3200         * runtime/Heap.cpp:
3201         (JSC::Heap::markProtectedObjects):
3202         (JSC::Heap::markTempSortVectors):
3203         (JSC::Heap::markRoots):
3204         * runtime/InternalFunction.cpp:
3205         (JSC::InternalFunction::InternalFunction):
3206         * runtime/JSAPIValueWrapper.h:
3207         (JSC::JSAPIValueWrapper::value):
3208         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
3209         * runtime/JSActivation.cpp:
3210         (JSC::JSActivation::markChildren):
3211         (JSC::JSActivation::put):
3212         * runtime/JSArray.cpp:
3213         (JSC::JSArray::JSArray):
3214         (JSC::JSArray::getOwnPropertySlot):
3215         (JSC::JSArray::getOwnPropertyDescriptor):
3216         (JSC::JSArray::put):
3217         (JSC::JSArray::putSlowCase):
3218         (JSC::JSArray::deleteProperty):
3219         (JSC::JSArray::increaseVectorLength):
3220         (JSC::JSArray::setLength):
3221         (JSC::JSArray::pop):
3222         (JSC::JSArray::push):
3223         (JSC::JSArray::unshiftCount):
3224         (JSC::JSArray::sort):
3225         (JSC::JSArray::fillArgList):
3226         (JSC::JSArray::copyToRegisters):
3227         (JSC::JSArray::compactForSorting):
3228         * runtime/JSArray.h:
3229         (JSC::JSArray::getIndex):
3230         (JSC::JSArray::setIndex):
3231         (JSC::JSArray::uncheckedSetIndex):
3232         (JSC::JSArray::markChildrenDirect):
3233         * runtime/JSByteArray.cpp:
3234         (JSC::JSByteArray::JSByteArray):
3235         * runtime/JSCell.h:
3236         (JSC::JSCell::JSValue::toThisObject):
3237         (JSC::JSCell::MarkStack::append):
3238         * runtime/JSFunction.cpp:
3239         (JSC::JSFunction::JSFunction):
3240         (JSC::JSFunction::getOwnPropertySlot):
3241         * runtime/JSGlobalData.h:
3242         * runtime/JSGlobalObject.cpp:
3243         (JSC::markIfNeeded):
3244         (JSC::JSGlobalObject::reset):
3245         (JSC::JSGlobalObject::resetPrototype):
3246         (JSC::JSGlobalObject::markChildren):
3247         * runtime/JSGlobalObject.h:
3248         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
3249         (JSC::JSGlobalObject::regExpConstructor):
3250         (JSC::JSGlobalObject::errorConstructor):
3251         (JSC::JSGlobalObject::evalErrorConstructor):
3252         (JSC::JSGlobalObject::rangeErrorConstructor):
3253         (JSC::JSGlobalObject::referenceErrorConstructor):
3254         (JSC::JSGlobalObject::syntaxErrorConstructor):
3255         (JSC::JSGlobalObject::typeErrorConstructor):
3256         (JSC::JSGlobalObject::URIErrorConstructor):
3257         (JSC::JSGlobalObject::evalFunction):
3258         (JSC::JSGlobalObject::objectPrototype):
3259         (JSC::JSGlobalObject::functionPrototype):
3260         (JSC::JSGlobalObject::arrayPrototype):
3261         (JSC::JSGlobalObject::booleanPrototype):
3262         (JSC::JSGlobalObject::stringPrototype):
3263         (JSC::JSGlobalObject::numberPrototype):
3264         (JSC::JSGlobalObject::datePrototype):
3265         (JSC::JSGlobalObject::regExpPrototype):
3266         (JSC::JSGlobalObject::methodCallDummy):
3267         (JSC::Structure::prototypeForLookup):
3268         (JSC::constructArray):
3269         * runtime/JSONObject.cpp:
3270         (JSC::Stringifier::Holder::object):
3271         (JSC::Stringifier::markAggregate):
3272         (JSC::Stringifier::stringify):
3273         (JSC::Stringifier::Holder::appendNextProperty):
3274         (JSC::Walker::callReviver):
3275         (JSC::Walker::walk):
3276         * runtime/JSObject.cpp:
3277         (JSC::JSObject::defineGetter):
3278         (JSC::JSObject::defineSetter):
3279         (JSC::JSObject::removeDirect):
3280         (JSC::JSObject::putDirectFunction):
3281         (JSC::JSObject::putDirectFunctionWithoutTransition):
3282         (JSC::putDescriptor):
3283         (JSC::JSObject::defineOwnProperty):
3284         * runtime/JSObject.h:
3285         (JSC::JSObject::getDirectOffset):
3286         (JSC::JSObject::putDirectOffset):
3287         (JSC::JSObject::flattenDictionaryObject):
3288         (JSC::JSObject::putDirectInternal):
3289         (JSC::JSObject::putDirect):
3290         (JSC::JSObject::putDirectFunction):
3291         (JSC::JSObject::putDirectWithoutTransition):
3292         (JSC::JSObject::putDirectFunctionWithoutTransition):
3293         (JSC::JSValue::putDirect):
3294         (JSC::JSObject::allocatePropertyStorageInline):
3295         (JSC::JSObject::markChildrenDirect):
3296         * runtime/JSPropertyNameIterator.cpp:
3297         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
3298         (JSC::JSPropertyNameIterator::get):
3299         * runtime/JSPropertyNameIterator.h:
3300         * runtime/JSStaticScopeObject.cpp:
3301         (JSC::JSStaticScopeObject::markChildren):
3302         * runtime/JSString.cpp:
3303         (JSC::StringObject::create):
3304         * runtime/JSValue.h:
3305         * runtime/JSWrapperObject.cpp:
3306         (JSC::JSWrapperObject::markChildren):
3307         * runtime/JSWrapperObject.h:
3308         (JSC::JSWrapperObject::internalValue):
3309         (JSC::JSWrapperObject::setInternalValue):
3310         * runtime/LiteralParser.cpp:
3311         (JSC::LiteralParser::parse):
3312         * runtime/Lookup.cpp:
3313         (JSC::setUpStaticFunctionSlot):
3314         * runtime/Lookup.h:
3315         (JSC::lookupPut):
3316         * runtime/MarkStack.h:
3317         (JSC::MarkStack::appendValues):
3318         * runtime/MathObject.cpp:
3319         (JSC::MathObject::MathObject):
3320         * runtime/NativeErrorConstructor.cpp:
3321         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3322         * runtime/NativeErrorPrototype.cpp:
3323         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3324         * runtime/NumberConstructor.cpp:
3325         (JSC::NumberConstructor::NumberConstructor):
3326         (JSC::constructWithNumberConstructor):
3327         * runtime/NumberObject.cpp:
3328         (JSC::constructNumber):
3329         * runtime/NumberPrototype.cpp:
3330         (JSC::NumberPrototype::NumberPrototype):
3331         * runtime/ObjectConstructor.cpp:
3332         (JSC::ObjectConstructor::ObjectConstructor):
3333         (JSC::objectConstructorGetOwnPropertyDescriptor):
3334         * runtime/Operations.h:
3335         (JSC::normalizePrototypeChain):
3336         (JSC::resolveBase):
3337         * runtime/PrototypeFunction.cpp:
3338         (JSC::PrototypeFunction::PrototypeFunction):
3339         * runtime/PutPropertySlot.h:
3340         (JSC::PutPropertySlot::setExistingProperty):
3341         (JSC::PutPropertySlot::setNewProperty):
3342         (JSC::PutPropertySlot::base):
3343         * runtime/RegExpConstructor.cpp:
3344         (JSC::RegExpConstructor::RegExpConstructor):
3345         * runtime/ScopeChain.cpp:
3346         (JSC::ScopeChainNode::print):
3347         * runtime/ScopeChain.h:
3348         (JSC::ScopeChainNode::~ScopeChainNode):
3349         (JSC::ScopeChainIterator::operator*):
3350         (JSC::ScopeChainIterator::operator->):
3351         (JSC::ScopeChain::top):
3352         * runtime/ScopeChainMark.h:
3353         (JSC::ScopeChain::markAggregate):
3354         * runtime/SmallStrings.cpp:
3355         (JSC::isMarked):
3356         (JSC::SmallStrings::markChildren):
3357         * runtime/SmallStrings.h:
3358         (JSC::SmallStrings::emptyString):
3359         (JSC::SmallStrings::singleCharacterString):
3360         (JSC::SmallStrings::singleCharacterStrings):
3361         * runtime/StringConstructor.cpp:
3362         (JSC::StringConstructor::StringConstructor):
3363         * runtime/StringObject.cpp:
3364         (JSC::StringObject::StringObject):
3365         * runtime/StringObject.h:
3366         * runtime/StringPrototype.cpp:
3367         (JSC::StringPrototype::StringPrototype):
3368         * runtime/Structure.cpp:
3369         (JSC::Structure::Structure):
3370         (JSC::Structure::addPropertyTransition):
3371         (JSC::Structure::toDictionaryTransition):
3372         (JSC::Structure::flattenDictionaryStructure):
3373         * runtime/Structure.h:
3374         (JSC::Structure::storedPrototype):
3375         * runtime/WeakGCMap.h:
3376         (JSC::WeakGCMap::uncheckedGet):
3377         (JSC::WeakGCMap::isValid):
3378         (JSC::::get):
3379         (JSC::::take):
3380         (JSC::::set):
3381         (JSC::::uncheckedRemove):
3382         * runtime/WriteBarrier.h: Removed.
3383
3384 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
3385
3386         Reviewed by Geoff Garen.
3387
3388         https://bugs.webkit.org/show_bug.cgi?id=53352
3389         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
3390
3391         The FixedVMPoolAllocator currently uses a best fix policy -
3392         switch to first fit, this is less prone to external fragmentation.
3393
3394         * jit/ExecutableAllocatorFixedVMPool.cpp:
3395         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
3396         (JSC::AllocationTableSizeClass::blockSize):
3397         (JSC::AllocationTableSizeClass::blockCount):
3398         (JSC::AllocationTableSizeClass::blockAlignment):
3399         (JSC::AllocationTableSizeClass::size):
3400         (JSC::AllocationTableLeaf::AllocationTableLeaf):
3401         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
3402         (JSC::AllocationTableLeaf::allocate):
3403         (JSC::AllocationTableLeaf::free):
3404         (JSC::AllocationTableLeaf::isEmpty):
3405         (JSC::AllocationTableLeaf::isFull):
3406         (JSC::AllocationTableLeaf::size):
3407         (JSC::AllocationTableLeaf::classForSize):
3408         (JSC::AllocationTableLeaf::dump):
3409         (JSC::LazyAllocationTable::LazyAllocationTable):
3410         (JSC::LazyAllocationTable::~LazyAllocationTable):
3411         (JSC::LazyAllocationTable::allocate):
3412         (JSC::LazyAllocationTable::free):
3413         (JSC::LazyAllocationTable::isEmpty):
3414         (JSC::LazyAllocationTable::isFull):
3415         (JSC::LazyAllocationTable::size):
3416         (JSC::LazyAllocationTable::dump):
3417         (JSC::LazyAllocationTable::classForSize):
3418         (JSC::AllocationTableDirectory::AllocationTableDirectory):
3419         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
3420         (JSC::AllocationTableDirectory::allocate):
3421         (JSC::AllocationTableDirectory::free):
3422         (JSC::AllocationTableDirectory::isEmpty):
3423         (JSC::AllocationTableDirectory::isFull):
3424         (JSC::AllocationTableDirectory::size):
3425         (JSC::AllocationTableDirectory::classForSize):
3426         (JSC::AllocationTableDirectory::dump):
3427         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
3428         (JSC::FixedVMPoolAllocator::alloc):
3429         (JSC::FixedVMPoolAllocator::free):
3430         (JSC::FixedVMPoolAllocator::allocated):
3431         (JSC::FixedVMPoolAllocator::isValid):
3432         (JSC::FixedVMPoolAllocator::classForSize):
3433         (JSC::FixedVMPoolAllocator::offsetToPointer):
3434         (JSC::FixedVMPoolAllocator::pointerToOffset):
3435         (JSC::ExecutableAllocator::committedByteCount):
3436         (JSC::ExecutableAllocator::isValid):
3437         (JSC::ExecutableAllocator::underMemoryPressure):
3438         (JSC::ExecutablePool::systemAlloc):
3439         (JSC::ExecutablePool::systemRelease):
3440         * wtf/PageReservation.h:
3441         (WTF::PageReservation::PageReservation):
3442         (WTF::PageReservation::commit):
3443         (WTF::PageReservation::decommit):
3444         (WTF::PageReservation::committed):
3445
3446 2011-01-27  Oliver Hunt  <oliver@apple.com>
3447
3448         Reviewed by Geoffrey Garen.
3449
3450         Convert markstack to a slot visitor API
3451         https://bugs.webkit.org/show_bug.cgi?id=53219
3452
3453         Move the MarkStack over to a slot based marking API.
3454
3455         In order to avoiding aliasing concerns there are two new types
3456         that need to be used when holding on to JSValues and JSCell that
3457         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
3458         is expected to be used for any JSValue or Cell that's lifetime and
3459         marking is controlled by another GC object.  DeprecatedPtr is used
3460         for any value that we need to rework ownership for.
3461
3462         The change over to this model has produced a large amount of
3463         code changes, but they are mostly mechanical (forwarding JSGlobalData,
3464         etc).
3465
3466         * API/JSCallbackObject.h:
3467         (JSC::JSCallbackObjectData::setPrivateProperty):
3468         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
3469         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
3470         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
3471         (JSC::JSCallbackObject::setPrivateProperty):
3472         * API/JSCallbackObjectFunctions.h:
3473         (JSC::::put):
3474         (JSC::::staticFunctionGetter):
3475         * API/JSObjectRef.cpp:
3476         (JSObjectMakeConstructor):
3477         (JSObjectSetPrivateProperty):
3478         * API/JSWeakObjectMapRefInternal.h:
3479         * JavaScriptCore.exp:
3480         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3481         * JavaScriptCore.xcodeproj/project.pbxproj:
3482         * bytecode/CodeBlock.cpp:
3483         (JSC::CodeBlock::markAggregate):
3484         * bytecode/CodeBlock.h:
3485         (JSC::CodeBlock::globalObject):
3486         * bytecompiler/BytecodeGenerator.cpp:
3487         (JSC::BytecodeGenerator::BytecodeGenerator):
3488         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
3489         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
3490         (JSC::BytecodeGenerator::findScopedProperty):
3491         * debugger/DebuggerActivation.cpp:
3492         (JSC::DebuggerActivation::DebuggerActivation):
3493         (JSC::DebuggerActivation::markChildren):
3494         * debugger/DebuggerActivation.h:
3495         * interpreter/Interpreter.cpp:
3496         (JSC::Interpreter::resolve):
3497         (JSC::Interpreter::resolveSkip):
3498         (JSC::Interpreter::resolveGlobalDynamic):
3499         (JSC::Interpreter::resolveBaseAndProperty):
3500         (JSC::Interpreter::unwindCallFrame):
3501         (JSC::appendSourceToError):
3502         (JSC::Interpreter::execute):
3503         (JSC::Interpreter::privateExecute):
3504         * interpreter/Register.h:
3505         (JSC::Register::jsValueSlot):
3506         * jit/JITStubs.cpp:
3507         (JSC::JITThunks::tryCacheGetByID):
3508         (JSC::DEFINE_STUB_FUNCTION):
3509         * jsc.cpp:
3510         (GlobalObject::GlobalObject):
3511         * runtime/Arguments.cpp:
3512         (JSC::Arguments::markChildren):
3513         (JSC::Arguments::getOwnPropertySlot):
3514         (JSC::Arguments::getOwnPropertyDescriptor):
3515         (JSC::Arguments::put):
3516         * runtime/Arguments.h:
3517         (JSC::Arguments::setActivation):
3518         (JSC::Arguments::Arguments):
3519         * runtime/ArrayConstructor.cpp:
3520         (JSC::ArrayConstructor::ArrayConstructor):
3521         (JSC::constructArrayWithSizeQuirk):
3522         * runtime/ArrayPrototype.cpp:
3523         (JSC::arrayProtoFuncSplice):
3524         * runtime/BatchedTransitionOptimizer.h:
3525         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
3526         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
3527         * runtime/BooleanConstructor.cpp:
3528         (JSC::BooleanConstructor::BooleanConstructor):
3529         (JSC::constructBoolean):
3530         (JSC::constructBooleanFromImmediateBoolean):
3531         * runtime/BooleanPrototype.cpp:
3532         (JSC::BooleanPrototype::BooleanPrototype):
3533         * runtime/ConservativeSet.h:
3534         (JSC::ConservativeSet::mark):
3535         * runtime/DateConstructor.cpp:
3536         (JSC::DateConstructor::DateConstructor):
3537         * runtime/DateInstance.cpp:
3538         (JSC::DateInstance::DateInstance):
3539         * runtime/DatePrototype.cpp:
3540         (JSC::dateProtoFuncSetTime):
3541         (JSC::setNewValueFromTimeArgs):
3542         (JSC::setNewValueFromDateArgs):
3543         (JSC::dateProtoFuncSetYear):
3544         * runtime/ErrorConstructor.cpp:
3545         (JSC::ErrorConstructor::ErrorConstructor):
3546         * runtime/ErrorInstance.cpp:
3547         (JSC::ErrorInstance::ErrorInstance):
3548         * runtime/ErrorPrototype.cpp:
3549         (JSC::ErrorPrototype::ErrorPrototype):
3550         * runtime/FunctionConstructor.cpp:
3551         (JSC::FunctionConstructor::FunctionConstructor):
3552         * runtime/FunctionPrototype.cpp:
3553         (JSC::FunctionPrototype::FunctionPrototype):
3554         * runtime/GetterSetter.cpp:
3555         (JSC::GetterSetter::markChildren):
3556         * runtime/GetterSetter.h:
3557         (JSC::GetterSetter::GetterSetter):
3558         (JSC::GetterSetter::getter):
3559         (JSC::GetterSetter::setGetter):
3560         (JSC::GetterSetter::setter):
3561         (JSC::GetterSetter::setSetter):
3562         * runtime/GlobalEvalFunction.cpp:
3563         (JSC::GlobalEvalFunction::GlobalEvalFunction):
3564         (JSC::GlobalEvalFunction::markChildren):
3565         * runtime/GlobalEvalFunction.h:
3566         (JSC::GlobalEvalFunction::cachedGlobalObject):
3567         * runtime/Heap.cpp:
3568         (JSC::Heap::markProtectedObjects):
3569         (JSC::Heap::markTempSortVectors):
3570         (JSC::Heap::markRoots):
3571         * runtime/InternalFunction.cpp:
3572         (JSC::InternalFunction::InternalFunction):
3573         * runtime/JSAPIValueWrapper.h:
3574         (JSC::JSAPIValueWrapper::value):
3575         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
3576         * runtime/JSActivation.cpp:
3577         (JSC::JSActivation::put):
3578         * runtime/JSArray.cpp:
3579         (JSC::JSArray::JSArray):
3580         (JSC::JSArray::getOwnPropertySlot):
3581         (JSC::JSArray::getOwnPropertyDescriptor):
3582         (JSC::JSArray::put):
3583         (JSC::JSArray::putSlowCase):
3584         (JSC::JSArray::deleteProperty):
3585         (JSC::JSArray::increaseVectorLength):
3586         (JSC::JSArray::setLength):
3587         (JSC::JSArray::pop):
3588         (JSC::JSArray::push):
3589         (JSC::JSArray::unshiftCount):
3590         (JSC::JSArray::sort):
3591         (JSC::JSArray::fillArgList):
3592         (JSC::JSArray::copyToRegisters):
3593         (JSC::JSArray::compactForSorting):
3594         * runtime/JSArray.h:
3595         (JSC::JSArray::getIndex):
3596         (JSC::JSArray::setIndex):
3597         (JSC::JSArray::uncheckedSetIndex):
3598         (JSC::JSArray::markChildrenDirect):
3599         * runtime/JSByteArray.cpp:
3600         (JSC::JSByteArray::JSByteArray):
3601         * runtime/JSCell.h:
3602         (JSC::JSCell::MarkStack::append):
3603         (JSC::JSCell::MarkStack::appendCell):
3604         * runtime/JSFunction.cpp:
3605         (JSC::JSFunction::JSFunction):
3606         (JSC::JSFunction::getOwnPropertySlot):
3607         * runtime/JSGlobalObject.cpp:
3608         (JSC::markIfNeeded):
3609         (JSC::JSGlobalObject::reset):
3610         (JSC::JSGlobalObject::resetPrototype):
3611         (JSC::JSGlobalObject::markChildren):
3612         * runtime/JSGlobalObject.h:
3613         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
3614         (JSC::JSGlobalObject::regExpConstructor):
3615         (JSC::JSGlobalObject::errorConstructor):
3616         (JSC::JSGlobalObject::evalErrorConstructor):
3617         (JSC::JSGlobalObject::rangeErrorConstructor):
3618         (JSC::JSGlobalObject::referenceErrorConstructor):
3619         (JSC::JSGlobalObject::syntaxErrorConstructor):
3620         (JSC::JSGlobalObject::typeErrorConstructor):
3621         (JSC::JSGlobalObject::URIErrorConstructor):
3622         (JSC::JSGlobalObject::evalFunction):
3623         (JSC::JSGlobalObject::objectPrototype):
3624         (JSC::JSGlobalObject::functionPrototype):
3625         (JSC::JSGlobalObject::arrayPrototype):
3626         (JSC::JSGlobalObject::booleanPrototype):
3627         (JSC::JSGlobalObject::stringPrototype):
3628         (JSC::JSGlobalObject::numberPrototype):
3629         (JSC::JSGlobalObject::datePrototype):
3630         (JSC::JSGlobalObject::regExpPrototype):
3631         (JSC::JSGlobalObject::methodCallDummy):
3632         (JSC::constructArray):
3633         * runtime/JSONObject.cpp:
3634         (JSC::Stringifier::Holder::object):
3635         (JSC::Stringifier::Holder::objectSlot):
3636         (JSC::Stringifier::markAggregate):
3637         (JSC::Stringifier::stringify):
3638         (JSC::Stringifier::Holder::appendNextProperty):
3639         (JSC::Walker::callReviver):
3640         (JSC::Walker::walk):
3641         * runtime/JSObject.cpp:
3642         (JSC::JSObject::defineGetter):
3643         (JSC::JSObject::defineSetter):
3644         (JSC::JSObject::removeDirect):
3645         (JSC::JSObject::putDirectFunction):
3646         (JSC::JSObject::putDirectFunctionWithoutTransition):
3647         (JSC::putDescriptor):
3648         (JSC::JSObject::defineOwnProperty):
3649         * runtime/JSObject.h:
3650         (JSC::JSObject::putDirectOffset):
3651         (JSC::JSObject::putUndefinedAtDirectOffset):
3652         (JSC::JSObject::flattenDictionaryObject):
3653         (JSC::JSObject::putDirectInternal):
3654         (JSC::JSObject::putDirect):
3655         (JSC::JSObject::putDirectFunction):
3656         (JSC::JSObject::putDirectWithoutTransition):
3657         (JSC::JSObject::putDirectFunctionWithoutTransition):
3658         (JSC::JSValue::putDirect):
3659         (JSC::JSObject::allocatePropertyStorageInline):
3660         (JSC::JSObject::markChildrenDirect):
3661         * runtime/JSStaticScopeObject.cpp:
3662         (JSC::JSStaticScopeObject::markChildren):
3663         * runtime/JSString.cpp:
3664         (JSC::StringObject::create):
3665         * runtime/JSValue.h:
3666         * runtime/JSWrapperObject.cpp:
3667         (JSC::JSWrapperObject::markChildren):
3668         * runtime/JSWrapperObject.h:
3669         (JSC::JSWrapperObject::internalValue):
3670         (JSC::JSWrapperObject::setInternalValue):
3671         * runtime/LiteralParser.cpp:
3672         (JSC::LiteralParser::parse):
3673         * runtime/Lookup.cpp:
3674         (JSC::setUpStaticFunctionSlot):
3675         * runtime/Lookup.h:
3676         (JSC::lookupPut):
3677         * runtime/MarkStack.h:
3678         * runtime/MathObject.cpp:
3679         (JSC::MathObject::MathObject):
3680         * runtime/NativeErrorConstructor.cpp:
3681         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3682         * runtime/NativeErrorPrototype.cpp:
3683         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3684         * runtime/NumberConstructor.cpp:
3685         (JSC::NumberConstructor::NumberConstructor):
3686         (JSC::constructWithNumberConstructor):
3687         * runtime/NumberObject.cpp:
3688         (JSC::constructNumber):
3689         * runtime/NumberPrototype.cpp:
3690         (JSC::NumberPrototype::NumberPrototype):
3691         * runtime/ObjectConstructor.cpp:
3692         (JSC::ObjectConstructor::ObjectConstructor):
3693         (JSC::objectConstructorGetOwnPropertyDescriptor):
3694         * runtime/Operations.h:
3695         (JSC::normalizePrototypeChain):
3696         (JSC::resolveBase):
3697         * runtime/PrototypeFunction.cpp:
3698         (JSC::PrototypeFunction::PrototypeFunction):
3699         * runtime/PutPropertySlot.h:
3700         (JSC::PutPropertySlot::setExistingProperty):
3701         (JSC::PutPropertySlot::setNewProperty):
3702         (JSC::PutPropertySlot::base):
3703         * runtime/RegExpConstructor.cpp:
3704         (JSC::RegExpConstructor::RegExpConstructor):
3705         * runtime/ScopeChain.cpp:
3706         (JSC::ScopeChainNode::print):
3707         * runtime/ScopeChain.h:
3708         (JSC::ScopeChainNode::~ScopeChainNode):
3709         (JSC::ScopeChainIterator::operator*):
3710         (JSC::ScopeChainIterator::operator->):
3711         (JSC::ScopeChain::top):
3712         * runtime/ScopeChainMark.h:
3713         (JSC::ScopeChain::markAggregate):
3714         * runtime/SmallStrings.cpp:
3715         (JSC::isMarked):
3716         (JSC::SmallStrings::markChildren):
3717         * runtime/SmallStrings.h:
3718         (JSC::SmallStrings::emptyString):
3719         (JSC::SmallStrings::singleCharacterString):
3720         (JSC::SmallStrings::singleCharacterStrings):
3721         * runtime/StringConstructor.cpp:
3722         (JSC::StringConstructor::StringConstructor):
3723         * runtime/StringObject.cpp:
3724         (JSC::StringObject::StringObject):
3725         * runtime/StringObject.h:
3726         * runtime/StringPrototype.cpp:
3727         (JSC::StringPrototype::StringPrototype):
3728         * runtime/Structure.cpp:
3729         (JSC::Structure::flattenDictionaryStructure):
3730         * runtime/Structure.h:
3731         (JSC::Structure::storedPrototypeSlot):
3732         * runtime/WeakGCMap.h:
3733         (JSC::WeakGCMap::uncheckedGet):
3734         (JSC::WeakGCMap::uncheckedGetSlot):
3735         (JSC::::get):
3736         (JSC::::take):
3737         (JSC::::set):
3738         (JSC::::uncheckedRemove):
3739         * runtime/WriteBarrier.h: Added.
3740         (JSC::DeprecatedPtr::DeprecatedPtr):
3741         (JSC::DeprecatedPtr::get):
3742         (JSC::DeprecatedPtr::operator*):
3743         (JSC::DeprecatedPtr::operator->):
3744         (JSC::DeprecatedPtr::slot):
3745         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
3746         (JSC::DeprecatedPtr::operator!):
3747         (JSC::WriteBarrierBase::set):
3748         (JSC::WriteBarrierBase::get):
3749         (JSC::WriteBarrierBase::operator*):
3750         (JSC::WriteBarrierBase::operator->):
3751         (JSC::WriteBarrierBase::slot):
3752         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
3753         (JSC::WriteBarrierBase::operator!):
3754         (JSC::WriteBarrier::WriteBarrier):
3755         (JSC::operator==):
3756
3757 2011-01-28  Adam Roben  <aroben@apple.com>
3758
3759         Chromium build fix after r76967
3760
3761         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
3762         similar macros in this file.
3763
3764 2011-01-28  Michael Saboff  <msaboff@apple.com>
3765
3766         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3767         https://bugs.webkit.org/show_bug.cgi?id=53271
3768
3769         Reapplying this this change.  No change from prior patch in
3770         JavaScriptCore.
3771
3772         Added new isValid() methods to check if a contained object in
3773         a WeakGCMap is valid when using an unchecked iterator.
3774
3775         * runtime/WeakGCMap.h:
3776         (JSC::WeakGCMap::isValid):
3777
3778 2011-01-27  Adam Roben  <aroben@apple.com>
3779
3780         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
3781         function
3782
3783         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
3784         Win32 event
3785
3786         Reviewed by Dave Hyatt.
3787
3788         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
3789
3790         * wtf/ThreadingPrimitives.h: Declare the new function.
3791
3792         * wtf/ThreadingWin.cpp:
3793         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
3794         interval from here...
3795         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
3796
3797 2011-01-28  Sam Weinig  <sam@webkit.org>
3798
3799         Reviewed by Maciej Stachowiak.
3800
3801         Add basic rubber banding support
3802         <rdar://problem/8219429>
3803         https://bugs.webkit.org/show_bug.cgi?id=53277
3804
3805         * wtf/Platform.h: Add ENABLE for rubber banding.
3806
3807 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3808
3809         Unreviewed, rolling out r76893.
3810         http://trac.webkit.org/changeset/76893
3811         https://bugs.webkit.org/show_bug.cgi?id=53287
3812
3813         It made some tests crash on GTK and Qt debug bots (Requested
3814         by Ossy on #webkit).
3815
3816         * runtime/WeakGCMap.h:
3817
3818 2011-01-27  Adam Barth  <abarth@webkit.org>
3819
3820         Reviewed by Eric Seidel.
3821
3822         Add WTFString method to compare equality with Vector<UChar>
3823         https://bugs.webkit.org/show_bug.cgi?id=53266
3824
3825         I'm planning to use this method in the new XSS filter implementation,
3826         but it seems generally useful.
3827
3828         * wtf/text/StringImpl.h:
3829         (WTF::equalIgnoringNullity):
3830         * wtf/text/WTFString.h:
3831         (WTF::equalIgnoringNullity):
3832
3833 2011-01-27  Michael Saboff  <msaboff@apple.com>
3834
3835         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3836         https://bugs.webkit.org/show_bug.cgi?id=53271
3837
3838         Added new isValid() methods to check if a contained object in
3839         a WeakGCMap is valid when using an unchecked iterator.
3840
3841         * runtime/WeakGCMap.h:
3842         (JSC::WeakGCMap::isValid):
3843
3844 2011-01-26  Sam Weinig  <sam@webkit.org>
3845
3846         Reviewed by Maciej Stachowiak.
3847
3848         Add events to represent the start/end of a gesture scroll
3849         https://bugs.webkit.org/show_bug.cgi?id=53215
3850
3851         * wtf/Platform.h: Add ENABLE for gesture events. 
3852
3853 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
3854
3855         Reviewed by Laszlo Gombos.
3856
3857         [Qt][Symbian] Fix --minimal build
3858         https://bugs.webkit.org/show_bug.cgi?id=52839
3859
3860         Move definition of USE_SYSTEM_MALLOC out of pri file.
3861         Put it in platform.h instead.
3862
3863         * wtf/Platform.h:
3864         * wtf/TCSystemAlloc.cpp:
3865         * wtf/wtf.pri:
3866
3867 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
3868
3869         Reviewed by Andreas Kling.
3870
3871         [WINCE] Add JIT support to build system
3872         https://bugs.webkit.org/show_bug.cgi?id=53079
3873
3874         * CMakeListsWinCE.txt:
3875
3876 2011-01-25  Adam Roben  <aroben@apple.com>
3877
3878         Windows Production build fix
3879
3880         Reviewed by Steve Falkenburg.
3881
3882         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
3883         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
3884         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
3885
3886 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
3887
3888         Rubber-stamped by Adam Roben.
3889
3890         Windows production build fix.
3891         Use correct environment variable escaping
3892
3893         * JavaScriptCore.vcproj/JavaScriptCore.make:
3894         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
3895
3896 2011-01-25  Oliver Hunt  <oliver@apple.com>
3897
3898         Reviewed by Gavin Barraclough.
3899
3900         JSON.stringify processing time exponentially grows with size of object
3901         https://bugs.webkit.org/show_bug.cgi?id=51922
3902
3903         Remove last use of reserveCapacity from JSON stringification, as it results
3904         in appalling append behaviour when there are a large number of property names
3905         and nothing else.
3906
3907         * runtime/JSONObject.cpp:
3908         (JSC::Stringifier::appendQuotedString):
3909
3910 2011-01-25  Antti Koivisto  <antti@apple.com>
3911
3912         Not reviewed.
3913         
3914         Try to fix windows build.
3915
3916         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3917
3918 2011-01-25  Antti Koivisto  <antti@apple.com>
3919
3920         Reviewed by Oliver Hunt.
3921
3922         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
3923         https://bugs.webkit.org/show_bug.cgi?id=53061
3924          
3925         Cache did not know about the subclass so failed to fully delete the items. 
3926         Got rid of the subclass and moved the classes to separate files.
3927
3928         * CMakeLists.txt:
3929         * GNUmakefile.am:
3930         * JavaScriptCore.exp:
3931         * JavaScriptCore.gypi:
3932         * JavaScriptCore.pro:
3933         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3934         * JavaScriptCore.xcodeproj/project.pbxproj:
3935         * parser/JSParser.cpp:
3936         (JSC::JSParser::Scope::saveFunctionInfo):
3937         (JSC::JSParser::Scope::restoreFunctionInfo):
3938         (JSC::JSParser::findCachedFunctionInfo):
3939         (JSC::JSParser::parseFunctionInfo):
3940         * parser/SourceProvider.h:
3941         * parser/SourceProviderCache.cpp: Added.
3942         (JSC::SourceProviderCache::~SourceProviderCache):
3943         (JSC::SourceProviderCache::byteSize):
3944         * parser/SourceProviderCache.h: Added.
3945         (JSC::SourceProviderCache::SourceProviderCache):
3946         (JSC::SourceProviderCache::add):
3947         (JSC::SourceProviderCache::get):
3948         * parser/SourceProviderCacheItem.h: Added.
3949         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
3950         (JSC::SourceProviderCacheItem::approximateByteSize):
3951         (JSC::SourceProviderCacheItem::closeBraceToken):
3952
3953 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
3954
3955         Reviewed by Darin Adler.
3956
3957         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
3958         statement
3959         https://bugs.webkit.org/show_bug.cgi?id=53087.
3960
3961         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
3962         with a "return" so that the code is more readable and less error pro
3963         (e.g., "else" doesn't use braces so adding extra lines to the else
3964         block won't have any effect; even worse, code still compiles
3965         successfully.
3966
3967         * wtf/Assertions.cpp:
3968
3969 2011-01-24  Chris Marrin  <cmarrin@apple.com>
3970
3971         Reviewed by Eric Seidel.
3972
3973         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
3974         https://bugs.webkit.org/show_bug.cgi?id=53041
3975
3976         * Configurations/FeatureDefines.xcconfig:
3977
3978 2011-01-25  Adam Roben  <aroben@apple.com>
3979
3980         Windows Production build fix
3981
3982         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
3983
3984 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
3985
3986         Reviewed by Eric Seidel.
3987
3988         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
3989         https://bugs.webkit.org/show_bug.cgi?id=52949
3990
3991         * jit/JITStubs.cpp:
3992
3993 2011-01-24  Adam Roben  <aroben@apple.com>
3994
3995         Windows Production build fix
3996
3997         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
3998
3999 2011-01-24  Peter Varga  <pvarga@webkit.org>
4000
4001         Reviewed by Oliver Hunt.
4002
4003         Optimize regex patterns which contain empty alternatives
4004         https://bugs.webkit.org/show_bug.cgi?id=51395
4005
4006         Eliminate the empty alternatives from the regex pattern and convert it to do
4007         the matching in an easier way.
4008
4009         * yarr/YarrPattern.cpp:
4010         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
4011
4012 2011-01-24  Andras Becsi  <abecsi@webkit.org>
4013
4014         Reviewed by Csaba Osztrogonác.
4015
4016         [Qt] Move project files into Source
4017         https://bugs.webkit.org/show_bug.cgi?id=52891
4018
4019         * JavaScriptCore.pri:
4020         * JavaScriptCore.pro:
4021         * jsc.pro:
4022
4023 2011-01-23  Mark Rowe  <mrowe@apple.com>
4024
4025         Follow-up to r76477.
4026
4027         Fix the scripts that detect problematic code such as static initializers
4028         and destructors, weak vtables, inappropriate files in the framework wrappers,
4029         and public headers including private headers. These had all been broken
4030         since the projects were moved in to the Source directory as the paths to the
4031         scripts were not updated at that time.
4032
4033         * JavaScriptCore.xcodeproj/project.pbxproj:
4034
4035 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
4036
4037         Reviewed by Darin Adler.
4038
4039         Use WTF::StringHasher in WebCore
4040         https://bugs.webkit.org/show_bug.cgi?id=52934
4041
4042         Add an additional function to calculate the hash