2011-02-10 Jarred Nicholls <jarred@sencha.com>
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-10  Jarred Nicholls  <jarred@sencha.com>
2
3         Reviewed by Adam Barth.
4
5         REGRESSION(r78149): Return value of read() shouldn't be ignored.
6         https://bugs.webkit.org/show_bug.cgi?id=54167
7         
8         stdio read should have its return value handled. Build error in gcc 4.4.5.
9
10         * wtf/OSRandomSource.cpp:
11         (WTF::randomValuesFromOS):
12
13 2011-02-10  Patrick Gansterer  <paroga@webkit.org>
14
15         Reviewed by Adam Barth.
16
17         Rename randomValuesFromOS to cryptographicallyRandomValuesFromOS
18         https://bugs.webkit.org/show_bug.cgi?id=54156
19
20         randomValuesFromOS generates random numbers of cryptographic quality.
21         Make this clear by adding "cryptographically" to the function name.
22
23         * wtf/CryptographicallyRandomNumber.cpp:
24         (WTF::ARC4Stream::ARC4RandomNumberGenerator::stir):
25         * wtf/OSRandomSource.cpp:
26         (WTF::cryptographicallyRandomValuesFromOS):
27         * wtf/OSRandomSource.h:
28
29 2011-02-09  Mark Rowe  <mrowe@apple.com>
30
31         Reviewed by Sam Weinig.
32
33         <rdar://problem/8805364> Malloc zone enumeration code should be safe in the face of errors from the memory reader.
34
35         * wtf/FastMalloc.cpp:
36         (WTF::PageHeapAllocator::recordAdministrativeRegions): Use the new helper function to walk the linked list safely.
37         (WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Ditto.
38         (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto.
39         (WTF::TCMallocStats::PageMapFreeObjectFinder::visit): Bail out if the span could not be read.
40         (WTF::TCMallocStats::PageMapMemoryUsageRecorder::visit): Ditto.
41         * wtf/MallocZoneSupport.h:
42         (WTF::RemoteMemoryReader::operator()): Remove an assert that is not valid.
43         (WTF::RemoteMemoryReader::nextEntryInLinkedList): Add a helper function for retrieving the next entry in
44         a linked list. It maps a failed read of the remote memory in to a null pointer, which all callers can
45         handle gracefully.
46
47 2011-02-09  Gavin Barraclough  <barraclough@apple.com>
48
49         Reviewed by Sam Weinig.
50
51         Bug 54164 - Optimize global_var accesses on JSVALUE64
52
53         Directly embed the pointer to d->registers, optimize out the load
54         from the variable object, as we do already in JSVALUE32_64.
55
56         This is a ~1.5% win on sunspidey.
57
58         * jit/JIT.cpp:
59         * jit/JIT.h:
60         * jit/JITOpcodes.cpp:
61         (JSC::JIT::emit_op_get_global_var):
62         (JSC::JIT::emit_op_put_global_var):
63         (JSC::JIT::emit_op_get_scoped_var):
64         (JSC::JIT::emit_op_put_scoped_var):
65
66 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
67
68         Reviewed by Oliver Hunt.
69
70         A little more encapsulation for MarkedBlock: Made MarkedBlock responsible
71         for its own initialization and destruction
72         https://bugs.webkit.org/show_bug.cgi?id=54137
73
74         * runtime/CollectorHeapIterator.h: Removed ObjectIterator since it is
75         now unused.
76
77         * runtime/JSCell.h: Maded MarkedBlock a friend so it can construct and
78         destruct JSCells.
79
80         * runtime/MarkedBlock.cpp:
81         (JSC::MarkedBlock::create):
82         (JSC::MarkedBlock::destroy):
83         (JSC::MarkedBlock::MarkedBlock): Migrated initialization and destruction
84         code from MarkedSpace, updating it not to use ObjectIterator. We don't
85         want to use an abstract iterator since iteration will be unique to each
86         block in the future.
87
88         * runtime/MarkedBlock.h: Made the consructor private and moved it into
89         the .cpp file because it's big now.
90
91         * runtime/MarkedSpace.cpp:
92         (JSC::MarkedSpace::allocateBlock):
93         (JSC::MarkedSpace::freeBlock): Migrated code.
94
95         * runtime/MarkedSpace.h:
96         (JSC::CollectorHeap::collectorBlock): Keep a vector of MarkedBlock
97         pointers instead of aligned allocations -- how MarkedBlocks are allocated
98         is now an implementation detail of MarkedBlock.
99
100 2011-02-09  Adam Barth  <abarth@webkit.org>
101
102         Another attempt to fix the Qt Windows build.
103
104         * config.h:
105         * wtf/OSRandomSource.cpp:
106         (WTF::randomValuesFromOS):
107
108 2011-02-09  Adam Barth  <abarth@webkit.org>
109
110         Attempt to fix the Qt Windows build.
111
112         * wtf/OSRandomSource.cpp:
113         (WTF::randomValuesFromOS):
114
115 2011-02-09  Adam Barth  <abarth@webkit.org>
116
117         Reviewed by Eric Seidel.
118
119         Add WTF::cryptographicallyRandomNumber
120         https://bugs.webkit.org/show_bug.cgi?id=54083
121
122         Introduce a cryptographically strong random number generator to WTF.
123         The random number generator is based on arc4random as found in:
124
125         http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c?rev=1.22
126
127         I've changed to source to WebKit style and abstracted the operating
128         system interaction to OSRandomSource.  We'll use this functionality to
129         expose a cryptographically strong random number generator to
130         JavaScript.
131
132         * Android.mk:
133         * Android.v8.wtf.mk:
134         * GNUmakefile.am:
135         * JavaScriptCore.gypi:
136         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
137         * JavaScriptCore.xcodeproj/project.pbxproj:
138         * config.h:
139         * wtf/CMakeLists.txt:
140         * wtf/CryptographicallyRandomNumber.cpp: Added.
141         (WTF::initMutexIfNeeded):
142         (WTF::init):
143         (WTF::addRandomData):
144         (WTF::stir):
145         (WTF::stirIfNeeded):
146         (WTF::getByte):
147         (WTF::getWord):
148         (WTF::cryptographicallyRandomNumber):
149         (WTF::cryptographicallyRandomValues):
150         * wtf/CryptographicallyRandomNumber.h: Added.
151         * wtf/OSRandomSource.cpp: Added.
152         (WTF::randomValuesFromOS):
153         * wtf/OSRandomSource.h: Added.
154         * wtf/wtf.pri:
155
156 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
157
158         Try to fix the build.
159
160         * wtf/Bitmap.h: Include string.h for memset. Not sure why this started
161         failing now.
162
163 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
164
165         Reviewed by Sam Weinig.
166
167         A tiny bit of encapsulation for MarkedBlock: made its heap data member private
168         https://bugs.webkit.org/show_bug.cgi?id=54129
169
170         * runtime/MarkedBlock.h:
171         (JSC::MarkedBlock::isCellAligned):
172         (JSC::MarkedBlock::MarkedBlock):
173         (JSC::MarkedBlock::heap): Made the heap data member private, and provided
174         a constructor and an accessor.
175
176         * runtime/MarkedSpace.cpp:
177         (JSC::MarkedSpace::allocateBlock):
178         * runtime/MarkedSpace.h:
179         (JSC::MarkedSpace::heap): Use the constructor and accessor.
180
181 2011-02-09  Peter Varga  <pvarga@webkit.org>
182
183         Reviewed by Gavin Barraclough.
184
185         Replace PCRE with Yarr in WebCore
186         https://bugs.webkit.org/show_bug.cgi?id=53496
187
188         * JavaScriptCore.exp:
189         * JavaScriptCore.gyp/JavaScriptCore.gyp:
190         * JavaScriptCore.gypi:
191         * JavaScriptCore.pro:
192         * JavaScriptCore.xcodeproj/project.pbxproj:
193         * create_regex_tables:
194         * runtime/RegExp.cpp:
195         * wtf/Platform.h:
196         * yarr/Yarr.h:
197         * yarr/YarrJIT.cpp:
198         * yarr/YarrJIT.h:
199         * yarr/YarrParser.h:
200         * yarr/YarrPattern.h:
201         * yarr/YarrSyntaxChecker.h:
202         * yarr/yarr.pri: Added.
203
204 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
205
206         Reviewed by Sam Weinig.
207
208         Removed some dead code from Heap
209         https://bugs.webkit.org/show_bug.cgi?id=54064
210
211         * runtime/MarkedSpace.cpp: Removed some now-unused constants and
212         declarations.
213
214         (JSC::MarkedSpace::allocate): Removed some ASSERTs that are also ASSERTed
215         by our caller. Removed redundant typedefs.
216
217 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
218
219         Reviewed by Sam Weinig.
220
221         Use a vector to track blocks in the Heap, instead of hand-rolled vector-like code
222         https://bugs.webkit.org/show_bug.cgi?id=54062
223         
224         SunSpider reports no change.
225
226         * runtime/CollectorHeapIterator.h:
227         (JSC::CollectorHeapIterator::isValid):
228         (JSC::CollectorHeapIterator::isLive): Updated for new mark invariant: To
229         know if an object is live, you just need to test its mark bit.
230
231         * runtime/MarkedSpace.cpp:
232         (JSC::MarkedSpace::MarkedSpace): Moved waterMark and highWaterMark from
233         CollectorHeap into MarkedSpace, since they're global state. Removed call
234         to memset since CollectorHeap is a true class with its own constructor now.
235
236         (JSC::MarkedSpace::destroy): Change uses of m_heap.usedBlocks to
237         m_heap.blocks.size(), and m_heap.numBlocks to m_heap.blocks.capacity().
238
239         (JSC::MarkedSpace::allocateBlock):
240         (JSC::MarkedSpace::freeBlock): No need to manage our vector manually anymore.
241
242         (JSC::MarkedSpace::allocate):
243         (JSC::MarkedSpace::shrink):
244         (JSC::MarkedSpace::clearMarkBits):
245         (JSC::MarkedSpace::markedCells):
246         (JSC::MarkedSpace::sweep):
247         (JSC::MarkedSpace::objectCount):
248         (JSC::MarkedSpace::capacity):
249         (JSC::MarkedSpace::reset):
250         (JSC::MarkedSpace::primaryHeapEnd):
251         * runtime/MarkedSpace.h:
252         (JSC::CollectorHeap::CollectorHeap):
253         (JSC::MarkedSpace::highWaterMark):
254         (JSC::MarkedSpace::setHighWaterMark):
255         (JSC::MarkedSpace::contains): Same as above.
256
257 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
258
259         Reviewed by Darin Adler.
260
261         Give each MarkedBlock enough mark bits to cover the whole block
262         https://bugs.webkit.org/show_bug.cgi?id=54029
263         
264         SunSpider reports no change.
265
266         This simplifies access to mark bits, since any cell-aligned pointer
267         into a block now has a valid mark bit to test.
268         
269         * runtime/MarkedBlock.h: Changed CELLS_PER_BLOCK to account for the extra
270         mark bits. This happens not to change its actual value.
271         (JSC::MarkedBlock::cellNumber):
272         (JSC::MarkedBlock::isMarked):
273         (JSC::MarkedBlock::testAndSetMarked):
274         (JSC::MarkedBlock::setMarked): Changed const JSCell* to const void* to
275         remove a cast from our caller, and to more accurately reflect the fact
276         that MarkedBlock is agnostic about the types pointed to by the pointers
277         you pass to it.
278
279         (JSC::MarkedBlock::isPossibleCell): Removed a null check. We now consider
280         the null pointer to be a possible cell with a 0 (impossible) block. This
281         removes a null check from marking.
282
283         * runtime/MarkedSpace.cpp:
284         * runtime/MarkedSpace.h:
285         (JSC::MarkedSpace::contains): Simplified the contains check, and inlined
286         the whole thing, now that it's so simple.
287
288 2011-02-08  Daniel Bates  <dbates@rim.com>
289
290         Rubber-stamped by Martin Robinson.
291
292         Rename enum ProtectionSeting [sic] to ProtectionSetting.
293
294         * jit/ExecutableAllocator.cpp:
295         (JSC::ExecutableAllocator::reprotectRegion):
296         * jit/ExecutableAllocator.h:
297
298 2011-02-08  Balazs Kelemen  <kbalazs@webkit.org>
299
300         Reviewed by Andreas Kling.
301
302         [Qt] Should not always define USE_SYSTEM_MALLOC
303         https://bugs.webkit.org/show_bug.cgi?id=54007
304
305         * wtf/Platform.h:
306
307 2011-02-08  Dan Bernstein  <mitz@apple.com>
308
309         Reviewed by Maciej Stachowiak.
310
311         LLVM Compiler build fix.
312
313         * runtime/WriteBarrier.h:
314         (JSC::WriteBarrier::WriteBarrier):
315
316 2011-02-07  Ryosuke Niwa  <rniwa@webkit.org>
317
318         Reviewed by Darin Adler.
319
320         JSVariableObject::setRegisters should take PassOwnArrayPtr for registersArray.
321         https://bugs.webkit.org/show_bug.cgi?id=53902
322
323         * runtime/Arguments.h:
324         (JSC::JSActivation::copyRegisters): Uses OwnArrayPtr<Register> instead of Register*.
325         * runtime/JSGlobalObject.cpp:
326         (JSC::JSGlobalObject::copyGlobalsFrom): Ditto.
327         * runtime/JSGlobalObject.h:
328         (JSC::JSGlobalObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
329         for registerArray.
330         * runtime/JSVariableObject.h:
331         (JSC::JSVariableObject::copyRegisterArray): Returns PassOwnArrayPtr<Register> instead of Register*.
332         (JSC::JSVariableObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
333         for registerArray.
334
335 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
336
337         Reviewed by Sam Weinig.
338
339         Removed some dead code from Heap
340         https://bugs.webkit.org/show_bug.cgi?id=53969
341         
342         SunSpider reports no change.
343
344         * runtime/MarkedSpace.cpp:
345         (JSC::MarkedSpace::shrink):
346         (JSC::MarkedSpace::sweep):
347         * runtime/MarkedSpace.h: Removed resizeBlocks and growBlocks, and
348         renamed shrinkBlocks to shrink, making it unconditionally shrink as
349         much as possible.
350
351 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
352
353         Reviewed by Oliver Hunt.
354
355         Simplified the marked space's mark invariant
356         https://bugs.webkit.org/show_bug.cgi?id=53968
357         
358         SunSpider reports no change.
359         
360         * runtime/MarkedSpace.cpp:
361         (JSC::MarkedSpace::allocate): Mark objects when allocating them. This
362         means that, at all times other than the mark phase, an object is live
363         if and only if it is marked.
364
365         (JSC::MarkedSpace::containsSlowCase): Use the new mark invariant to
366         simplify testing whether an object is live.
367
368 2011-02-07  Beth Dakin  <bdakin@apple.com>
369
370         Reviewed by Eric Seidel.
371
372         Fix for https://bugs.webkit.org/show_bug.cgi?id=53950
373         USE_WK_SCROLLBAR_PAINTER in ScrollbarThemeMac should be in
374         Platform.h instead
375
376         * wtf/Platform.h:
377
378 2011-02-07  Darin Adler  <darin@apple.com>
379
380         Reviewed by Antti Koivisto.
381
382         Add built-in decoder for UTF-8 for improved performance
383         https://bugs.webkit.org/show_bug.cgi?id=53898
384
385         * wtf/unicode/UnicodeMacrosFromICU.h: Added U8_MAX_LENGTH and
386         U8_APPEND_UNSAFE. Also fixed header.
387
388 2011-02-07  Adam Roben  <aroben@apple.com>
389
390         Delete precompiled headers whenever any .vsprops file changes
391
392         Precompiled headers need to be rebuilt if, e.g., an ENABLE_* macro is changed in one of our
393         .vsprops files. Unfortunately, Visual Studio isn't smart enough to figure this out, so we
394         give it some assistance by deleting the precompiled headers whenever any .vsprops file
395         changes.
396
397         I also made some drive-by fixes while I was in the area.
398
399         Fixes <http://webkit.org/b/53826> react-to-vsprops-changes.py doesn't force precompiled
400         headers to be rebuilt, but should
401
402         Reviewed by David Kilzer.
403
404         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Stop ignoring the
405         return code from react-to-vsprops-changes.py so we will notice when errors are introduced.
406         But skip the script entirely in production builds, where it is both unnecessary and can't
407         function correctly (due to not having the entire source tree available to it).
408
409         * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py:
410         (main): Removed an extra '*' in the glob for finding manifest files. The extra '*' was
411         leftover from before we rearranged WebKitBuild in r75138. Moved code to delete an old file
412         to the new delete_if_older_than function. Added code to delete any precompiled headers older
413         than the newest .vsprops file.
414         (delete_if_older_than): Added. Code came from main.
415
416 2011-02-07  Antti Koivisto  <antti@apple.com>
417
418         Not reviewed.
419         
420         ASSERTS_DISABLED -> ASSERT_DISABLED
421
422         * wtf/BloomFilter.h:
423
424 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
425
426         Unreviewed; speculative Qt build fix.
427
428         * JavaScriptCore.pro:
429
430 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
431
432         Reviewed by Darin Adler.
433
434         OwnArraryPtr.h uses deleteOwnedPtr but doesn’t include OwnPtrCommon.h
435         https://bugs.webkit.org/show_bug.cgi?id=52867
436
437         Removed LOOSE_OWN_ARRAY_PTR and OwnArrayPtr<T>::set. Replaced all calls to OwnArrayPtr::set
438         and loose instantiation of OwnArrayPtr by calls to operator= and adoptArrayPtr. Also removed
439         OwnArrayPtrCommon.h since PassOwnArrayPtr.h needs to include OwnArrayPtr.h and there is
440         no point in putting deleteOwnedArrayPtr into a separate header.
441         
442         Note: if this patch breaks build, the code is either instiantiating OwnArrayPtr
443         without calling adoptArrayPtr or calling set on ArrayOwnPtr instead of operator=.
444
445         No tests are added since this is a refactoring.
446
447         * API/JSStringRefCF.cpp:
448         (JSStringCreateWithCFString): Calls adoptArrayPtr.
449         * GNUmakefile.am: Removed OwnArrayPtrCommon.h
450         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
451         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
452         * runtime/Arguments.cpp:
453         (JSC::Arguments::deleteProperty): Calls adoptArrayPtr.
454         * runtime/Arguments.h:
455         (JSC::Arguments::copyRegisters): Ditto.
456         * runtime/JSPropertyNameIterator.cpp:
457         (JSC::JSPropertyNameIterator::JSPropertyNameIterator): Ditto.
458         * runtime/JSVariableObject.h:
459         (JSC::JSVariableObject::setRegisters): Calls operator= instead of set.
460         * runtime/StructureChain.cpp:
461         (JSC::StructureChain::StructureChain): Ditto.
462         * wtf/CMakeLists.txt:
463         * wtf/DateMath.h:
464         (JSC::GregorianDateTime::GregorianDateTime): No longer instnatiates OwnArrayPtr
465         with a null pointer.
466         * wtf/OwnArrayPtr.h:
467         * wtf/OwnArrayPtrCommon.h: Removed.
468         * wtf/PassOwnArrayPtr.h: No longer includes OwnArrayCommon.h
469         (WTF::deleteOwnedArrayPtr): Moved from OwnArrayPtrCommon.h
470
471 2011-02-06  Antti Koivisto  <antti@apple.com>
472
473         Reviewed by Maciej Stachowiak.
474
475         Use bloom filter for descendant selector filtering
476         https://bugs.webkit.org/show_bug.cgi?id=53880
477         
478         Implement a bloom filter with k=2 and 8 bit counting.
479
480         * GNUmakefile.am:
481         * JavaScriptCore.gypi:
482         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
483         * JavaScriptCore.xcodeproj/project.pbxproj:
484         * wtf/BloomFilter.h: Added.
485         (WTF::BloomFilter::maximumCount):
486         (WTF::BloomFilter::BloomFilter):
487         (WTF::BloomFilter::mayContain):
488         (WTF::BloomFilter::add):
489         (WTF::BloomFilter::remove):
490         (WTF::BloomFilter::firstSlot):
491         (WTF::BloomFilter::secondSlot):
492         (WTF::::add):
493         (WTF::::remove):
494         (WTF::::clear):
495         (WTF::::likelyEmpty):
496         (WTF::::isClear):
497
498 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
499
500         Reviewed by Oliver Hunt.
501
502         Rolled back in r77612 with ASSERT/crash fixed.
503         https://bugs.webkit.org/show_bug.cgi?id=53759
504         
505         Don't shrink the heap to 0 unconditionally. Instead, shrink to 1 if
506         necessary. For now, the heap assumes that it always has at least one
507         block live.
508
509         * runtime/Heap.cpp:
510         (JSC::Heap::Heap):
511         (JSC::Heap::reset):
512         * runtime/Heap.h:
513         * runtime/MarkedSpace.cpp:
514         (JSC::MarkedSpace::allocate):
515         (JSC::MarkedSpace::shrinkBlocks):
516         (JSC::MarkedSpace::sweep):
517         (JSC::MarkedSpace::reset):
518         * runtime/MarkedSpace.h:
519         (JSC::MarkedSpace::highWaterMark):
520         (JSC::MarkedSpace::setHighWaterMark):
521
522 2011-02-04  David Kilzer  <ddkilzer@apple.com>
523
524         BUILD FIX: REALLY remove the last vestiges of JSVALUE32!
525
526         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
527         <http://webkit.org/b/53779>
528
529         * DerivedSources.make: Removed dependency on
530         JavaScriptCore.JSVALUE32.exp.
531
532 2011-02-04  David Kilzer  <ddkilzer@apple.com>
533
534         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
535         <http://webkit.org/b/53779>
536
537         Reviewed by Darin Adler.
538
539         Support for JSVALUE32 was originaly removed in r70111.
540
541         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
542         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
543         JavaScriptCore.JSVALUE64.exp to match Platform.h.
544         * DerivedSources.make: Removed rule for
545         JavaScriptCore.JSVALUE32.exp.
546         * JavaScriptCore.JSVALUE32only.exp: Removed.
547         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
548         to JavaScriptCore.JSVALUE32only.exp.
549
550 2011-02-04  David Kilzer  <ddkilzer@apple.com>
551
552         Use static_cast and other style cleanup in YarrInterpreter.cpp
553         <http://webkit.org/b/53772>
554
555         Reviewed by John Sullivan.
556
557         * yarr/YarrInterpreter.cpp:
558         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
559         static_cast.
560         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
561         unnecessary else block.
562         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
563         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
564         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
565
566 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
567
568         Unreviewed, rolling out r77625 and r77626.
569         http://trac.webkit.org/changeset/77625
570         http://trac.webkit.org/changeset/77626
571         https://bugs.webkit.org/show_bug.cgi?id=53765
572
573         It broke Windows builds (Requested by Ossy_ on #webkit).
574
575         * JavaScriptCore.exp:
576         * JavaScriptCore.gyp/JavaScriptCore.gyp:
577         * JavaScriptCore.gypi:
578         * JavaScriptCore.pro:
579         * JavaScriptCore.xcodeproj/project.pbxproj:
580         * create_regex_tables:
581         * runtime/RegExp.cpp:
582         * wtf/Platform.h:
583         * yarr/Yarr.h:
584         * yarr/YarrJIT.cpp:
585         * yarr/YarrJIT.h:
586         * yarr/YarrParser.h:
587         * yarr/YarrPattern.h:
588         * yarr/YarrSyntaxChecker.h:
589         * yarr/yarr.pri: Removed.
590
591 2011-02-04  Jessie Berlin  <jberlin@apple.com>
592
593         Windows build fix. Unreviewed.
594
595         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
596
597 2011-02-04  Peter Varga  <pvarga@webkit.org>
598
599         Reviewed by Gavin Barraclough.
600
601         Replace PCRE with Yarr in WebCore
602         https://bugs.webkit.org/show_bug.cgi?id=53496
603
604         * JavaScriptCore.exp:
605         * JavaScriptCore.gyp/JavaScriptCore.gyp:
606         * JavaScriptCore.gypi:
607         * JavaScriptCore.pro:
608         * JavaScriptCore.xcodeproj/project.pbxproj:
609         * create_regex_tables:
610         * runtime/RegExp.cpp:
611         * wtf/Platform.h:
612         * yarr/Yarr.h:
613         * yarr/YarrJIT.cpp:
614         * yarr/YarrJIT.h:
615         * yarr/YarrParser.h:
616         * yarr/YarrPattern.h:
617         * yarr/YarrSyntaxChecker.h:
618         * yarr/yarr.pri: Added.
619
620 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
621
622         Unreviewed rollout two patches r77614 and r77612.
623
624         REGRESSION: Snow Leopard Intell Release anumber of failing tests.
625
626         * runtime/Heap.cpp:
627         (JSC::Heap::Heap):
628         (JSC::Heap::reset):
629         * runtime/Heap.h:
630         * runtime/MarkedSpace.cpp:
631         (JSC::MarkedSpace::allocate):
632         (JSC::MarkedSpace::sweep):
633         (JSC::MarkedSpace::reset):
634         * runtime/MarkedSpace.h:
635
636 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
637
638         Try to fix 32bit build.
639
640         * runtime/Heap.cpp:
641         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
642         since 1.5 is double (64bit), and the result is size_t (32bit).
643
644 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
645
646         Reviewed by Cameron Zwarich.
647
648         Changed MarkedSpace to delegate grow/shrink decisions to Heap
649         https://bugs.webkit.org/show_bug.cgi?id=53759
650         
651         SunSpider reports no change.
652         
653         * runtime/Heap.cpp:
654         (JSC::Heap::Heap):
655         (JSC::Heap::reset):
656         * runtime/Heap.h: Reorganized a few data members for better cache locality.
657         Added a grow policy.
658         
659         * runtime/MarkedSpace.cpp:
660         (JSC::MarkedSpace::allocate):
661         (JSC::MarkedSpace::sweep):
662         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
663         the heap to make an explicit sweep call.
664
665         * runtime/MarkedSpace.h:
666         (JSC::MarkedSpace::highWaterMark):
667         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
668         many bytes to allocate before failing and giving the heap an opportunity
669         to collect garbage. This also means that we allocate blocks on demand,
670         instead of ahead of time.
671
672 2011-02-03  James Kozianski  <koz@chromium.org>
673
674         Reviewed by Dimitri Glazkov.
675
676         Add navigator.registerProtocolHandler behind a flag.
677         https://bugs.webkit.org/show_bug.cgi?id=52609
678
679         * Configurations/FeatureDefines.xcconfig:
680
681 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
682
683         Reviewed by Oliver Hunt.
684
685         Not all blocks are freed when the heap is freed (counting is hard!)
686         https://bugs.webkit.org/show_bug.cgi?id=53732
687
688         * runtime/MarkedSpace.cpp:
689         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
690         keep freeing block 0 until there are no blocks left.
691
692 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
693
694         Try to fix the Mac build.
695
696         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
697         needs to be private, not project, so other projects can include headers
698         that depend on it.
699
700 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
701
702         Reviewed by Sam Weinig.
703
704         Start using MarkedBlock instead of CollectorBlock
705         https://bugs.webkit.org/show_bug.cgi?id=53693
706         
707         SunSpider reports no change.
708         
709         * runtime/MarkedBlock.h:
710         (JSC::MarkedBlock::blockFor):
711         (JSC::MarkedBlock::setMarked):
712         (JSC::MarkedBlock::isCellAligned):
713         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
714
715         * runtime/MarkedSpace.cpp:
716         (JSC::MarkedSpace::allocateBlock):
717         (JSC::MarkedSpace::containsSlowCase):
718         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
719
720         * runtime/MarkedSpace.h:
721         (JSC::CollectorHeap::collectorBlock):
722         (JSC::MarkedSpace::heap):
723         (JSC::MarkedSpace::isMarked):
724         (JSC::MarkedSpace::testAndSetMarked):
725         (JSC::MarkedSpace::setMarked):
726         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
727         and deleted dead CollectorBlock-related code.
728
729 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
730
731         Reviewed by Darin Adler.
732
733         Avoid strlen() in AtomicString::fromUTF8
734         https://bugs.webkit.org/show_bug.cgi?id=50516
735
736         Add an overload to calculateStringHashFromUTF8 to get
737         strlen() of the input data with only one call.
738
739         This change shows about 3% performance win on the xml-parser benchmark.
740
741         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
742         * wtf/text/AtomicString.cpp:
743         (WTF::AtomicString::fromUTF8):
744         * wtf/unicode/UTF8.cpp:
745         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
746         (WTF::Unicode::calculateStringHashFromUTF8):
747         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
748         * wtf/unicode/UTF8.h:
749
750 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
751
752         Windows build fix.
753
754         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
755
756 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
757
758         oops, build fix!
759
760         * wtf/Assertions.cpp:
761
762 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
763
764         Reviewed by Sam Weinig.
765
766         Bug 53650 - Add a BACKTRACE macro to Assertions.h
767
768         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
769         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
770
771         * JavaScriptCore.exp:
772         * wtf/Assertions.cpp:
773         * wtf/Assertions.h:
774
775 2011-02-02  Michael Saboff  <msaboff@apple.com>
776
777         Reviewed by Gavin Barraclough.
778
779         Improper backtrack of nested non-capturing greedy paren to prior paren
780         https://bugs.webkit.org/show_bug.cgi?id=53261
781
782         A paren that follows a non-capturing greedy paren nested within a 
783         non-capturing fixed paren was back tracking to the last paren 
784         processed instead of the immediately prior paren.
785         Refactored default backtracking of parens to prior paren to work for
786         both nested (within) and immediately prior (after) parens.
787
788         * yarr/YarrJIT.cpp:
789         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
790         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
791         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
792         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
793         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
794         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
795         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
796         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
797         (JSC::Yarr::YarrGenerator::generateDisjunction):
798
799 2011-02-02  Jeff Miller  <jeffm@apple.com>
800
801         Reviewed by Darin Adler and Steve Falkenburg.
802
803         Add DerivedSources.make to some Visual Studio projects
804         https://bugs.webkit.org/show_bug.cgi?id=53607
805
806         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
807
808 2011-02-02  Steve Lacey  <sjl@chromium.org>
809
810         Reviewed by Eric Carlson.
811
812         Implement basic media statistics on media elements.
813         https://bugs.webkit.org/show_bug.cgi?id=53322
814
815         * Configurations/FeatureDefines.xcconfig:
816
817 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
818
819         [wx] Build fixes for wxWebKit.
820
821         * wtf/wx/StringWx.cpp:
822         (WTF::String::String):
823
824 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
825
826         Reviewed by Sam Weinig.
827
828         A little more Heap refactoring
829         https://bugs.webkit.org/show_bug.cgi?id=53577
830         
831         SunSpider reports no change.
832         
833         Split out MarkedBlock into its own file / class.
834         
835         Did the following renames:
836             isCellMarked => isMarked
837             checkMarkCell => testAndSetMarked
838             markCell => setMarked
839             cellOffset => cellNumber
840             collectorBlock => blockFor
841
842         * Android.mk:
843         * CMakeLists.txt:
844         * GNUmakefile.am:
845         * JavaScriptCore.gypi:
846         * JavaScriptCore.pro:
847         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
848         * JavaScriptCore.xcodeproj/project.pbxproj:
849         * runtime/Heap.cpp:
850         (JSC::WeakGCHandlePool::update):
851         * runtime/Heap.h:
852         (JSC::Heap::isMarked):
853         (JSC::Heap::testAndSetMarked):
854         (JSC::Heap::setMarked):
855         * runtime/JSArray.h:
856         (JSC::MarkStack::markChildren):
857         (JSC::MarkStack::drain):
858         * runtime/JSCell.h:
859         (JSC::JSCell::MarkStack::internalAppend):
860         * runtime/MarkedBlock.cpp: Added.
861         * runtime/MarkedBlock.h: Added.
862         (JSC::MarkedBlock::blockFor):
863         (JSC::MarkedBlock::cellNumber):
864         (JSC::MarkedBlock::isMarked):
865         (JSC::MarkedBlock::testAndSetMarked):
866         (JSC::MarkedBlock::setMarked):
867         (JSC::MarkedBlock::isCellAligned):
868         (JSC::MarkedBlock::isPossibleCell):
869         * runtime/MarkedSpace.h:
870         (JSC::MarkedSpace::isMarked):
871         (JSC::MarkedSpace::testAndSetMarked):
872         (JSC::MarkedSpace::setMarked):
873         * runtime/SmallStrings.cpp:
874         (JSC::isMarked):
875         * runtime/WeakGCMap.h:
876         (JSC::WeakGCMap::isValid):
877         (JSC::::get):
878         (JSC::::take):
879         (JSC::::set):
880
881 2011-02-02  Sam Weinig  <sam@webkit.org>
882
883         Fix windows clean build.
884
885         * DerivedSources.make:
886
887 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
888
889         Reviewed by Martin Robinson.
890
891         [GTK] Fix dist compilation
892         https://bugs.webkit.org/show_bug.cgi?id=53579
893
894         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
895         added in r77151
896
897 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
898
899         Unreviewed, rolling out r77297.
900         http://trac.webkit.org/changeset/77297
901         https://bugs.webkit.org/show_bug.cgi?id=53538
902
903         caused leopard crashes (Requested by paroga on #webkit).
904
905         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
906         * wtf/text/AtomicString.cpp:
907         (WTF::AtomicString::fromUTF8):
908         * wtf/unicode/UTF8.cpp:
909         (WTF::Unicode::calculateStringHashFromUTF8):
910         * wtf/unicode/UTF8.h:
911
912 2011-02-01  Sam Weinig  <sam@webkit.org>
913
914         Fix Mac production builds.
915
916         * JavaScriptCore.xcodeproj/project.pbxproj:
917
918 2011-02-01  Sam Weinig  <sam@webkit.org>
919
920         Try to fix the windows build.
921
922         * DerivedSources.make:
923
924 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
925
926         Reviewed by Darin Adler.
927
928         Avoid strlen() in AtomicString::fromUTF8
929         https://bugs.webkit.org/show_bug.cgi?id=50516
930
931         Add an overload to calculateStringHashFromUTF8 to get
932         strlen() of the input data with only one call.
933
934         This change shows about 3% performance win on the xml-parser benchmark.
935
936         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
937         * wtf/text/AtomicString.cpp:
938         (WTF::AtomicString::fromUTF8):
939         * wtf/unicode/UTF8.cpp:
940         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
941         (WTF::Unicode::calculateStringHashFromUTF8):
942         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
943         * wtf/unicode/UTF8.h:
944
945 2011-02-01  Sam Weinig  <sam@webkit.org>
946
947         Reviewed by Beth Dakin.
948
949         Part 2 for <rdar://problem/8492788>
950         Adopt WKScrollbarPainterController
951
952         Use header detection to define scrollbar painting controller #define.
953
954         * DerivedSources.make:
955         * JavaScriptCore.xcodeproj/project.pbxproj:
956
957 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
958
959         Reviewed by Oliver Hunt.
960
961         Refactor JSGlobalObject-related tear-down
962         https://bugs.webkit.org/show_bug.cgi?id=53478
963         
964         While investigating crashes caused by r77082, I noticed some strange
965         destructor-time behaviors. This patch makes them less strange.
966
967         * bytecode/CodeBlock.cpp:
968         (JSC::CodeBlock::CodeBlock):
969         (JSC::CodeBlock::markAggregate):
970         * bytecode/CodeBlock.h:
971         (JSC::CodeBlock::globalObject):
972         (JSC::GlobalCodeBlock::GlobalCodeBlock):
973         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
974         blocks on the Heap, instead of on independent global objects. The heap
975         is guaranteed to outlast any GC-owned data structure. The heap is also
976         a natural place to store objects that needs out-of-band marking, since
977         the heap is responsible for marking all roots.
978
979         * runtime/Heap.cpp:
980         (JSC::Heap::markRoots):
981         (JSC::Heap::globalObjectCount):
982         (JSC::Heap::protectedGlobalObjectCount):
983         * runtime/Heap.h:
984         (JSC::Heap::codeBlocks):
985         * runtime/JSGlobalData.cpp:
986         (JSC::JSGlobalData::JSGlobalData):
987         * runtime/JSGlobalData.h:
988         * runtime/JSGlobalObject.cpp:
989         (JSC::JSGlobalObject::~JSGlobalObject):
990         (JSC::JSGlobalObject::init):
991         (JSC::JSGlobalObject::markChildren):
992         * runtime/JSGlobalObject.h:
993         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
994         owned by JSGlobalData, instead of an instrusive circular linked list.
995         This is simpler, and it avoids destructor-time access between garbage
996         collected objects, which is hard to get right.
997
998         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
999         everything down. Otherwise, weak data structures will incorrectly report
1000         that objects pending destruction are still alive.
1001
1002 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
1003
1004         Reviewed by Oliver Hunt.
1005
1006         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
1007         bot; loading trac pages; typing in search field
1008         https://bugs.webkit.org/show_bug.cgi?id=53519
1009         
1010         The crashes were all caused by failure to run an object's destructor.
1011
1012         * runtime/CollectorHeapIterator.h:
1013         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
1014         construction. The iterator class used to do that when it was designed
1015         for prior-to-beginning initialization. I forgot to remove this line
1016         of code when I changed the iterator to normal initialization.
1017         
1018         Skipping forward upon construction was causing the heap to skip running
1019         the destructor for the very first object in a block when destroying the
1020         block. This usually did not crash, since block destruction is rare and
1021         most objects have pretty trivial destructors. However, in the rare case
1022         when the heap would destroy a block whose first object was a global
1023         object or a DOM node, BOOM.
1024
1025 2011-01-31  Oliver Hunt  <oliver@apple.com>
1026
1027         Reviewed by Geoffrey Garen.
1028
1029         Update JSObject storage for new marking API
1030         https://bugs.webkit.org/show_bug.cgi?id=53467
1031
1032         JSObject no longer uses EncodedJSValue for its property storage.
1033         This produces a stream of mechanical changes to PropertySlot and
1034         anonymous storage APIs.
1035
1036         * JavaScriptCore.exp:
1037         * runtime/ArrayPrototype.cpp:
1038         (JSC::ArrayPrototype::ArrayPrototype):
1039         * runtime/BooleanConstructor.cpp:
1040         (JSC::constructBoolean):
1041         (JSC::constructBooleanFromImmediateBoolean):
1042         * runtime/BooleanObject.cpp:
1043         (JSC::BooleanObject::BooleanObject):
1044         * runtime/BooleanObject.h:
1045         * runtime/BooleanPrototype.cpp:
1046         (JSC::BooleanPrototype::BooleanPrototype):
1047         * runtime/DateInstance.cpp:
1048         (JSC::DateInstance::DateInstance):
1049         * runtime/DatePrototype.cpp:
1050         (JSC::DatePrototype::DatePrototype):
1051         * runtime/JSActivation.cpp:
1052         (JSC::JSActivation::getOwnPropertySlot):
1053         * runtime/JSArray.cpp:
1054         (JSC::JSArray::getOwnPropertySlot):
1055         * runtime/JSFunction.cpp:
1056         (JSC::JSFunction::getOwnPropertySlot):
1057         * runtime/JSGlobalObject.h:
1058         (JSC::JSGlobalObject::JSGlobalObject):
1059         * runtime/JSObject.cpp:
1060         (JSC::JSObject::fillGetterPropertySlot):
1061         * runtime/JSObject.h:
1062         (JSC::JSObject::getDirectLocation):
1063         (JSC::JSObject::offsetForLocation):
1064         (JSC::JSObject::putAnonymousValue):
1065         (JSC::JSObject::clearAnonymousValue):
1066         (JSC::JSObject::getAnonymousValue):
1067         (JSC::JSObject::putThisToAnonymousValue):
1068         (JSC::JSObject::locationForOffset):
1069         (JSC::JSObject::inlineGetOwnPropertySlot):
1070         * runtime/JSObjectWithGlobalObject.cpp:
1071         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
1072         * runtime/JSWrapperObject.h:
1073         (JSC::JSWrapperObject::JSWrapperObject):
1074         (JSC::JSWrapperObject::setInternalValue):
1075         * runtime/Lookup.cpp:
1076         (JSC::setUpStaticFunctionSlot):
1077         * runtime/NumberConstructor.cpp:
1078         (JSC::constructWithNumberConstructor):
1079         * runtime/NumberObject.cpp:
1080         (JSC::NumberObject::NumberObject):
1081         (JSC::constructNumber):
1082         * runtime/NumberObject.h:
1083         * runtime/NumberPrototype.cpp:
1084         (JSC::NumberPrototype::NumberPrototype):
1085         * runtime/PropertySlot.h:
1086         (JSC::PropertySlot::getValue):
1087         (JSC::PropertySlot::setValue):
1088         (JSC::PropertySlot::setRegisterSlot):
1089         * runtime/StringObject.cpp:
1090         (JSC::StringObject::StringObject):
1091         * runtime/StringPrototype.cpp:
1092         (JSC::StringPrototype::StringPrototype):
1093         * runtime/WriteBarrier.h:
1094         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
1095
1096 2011-02-01  Daniel Bates  <dbates@rim.com>
1097
1098         Reviewed by Antonio Gomes.
1099
1100         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
1101         https://bugs.webkit.org/show_bug.cgi?id=53506
1102
1103         Currently, use of the Mersenne Twister pseudorandom number generator
1104         is hardcoded to the Windows CE port. With the passing of bug #53253,
1105         we can generalize support for this PRNG to all ports that use srand(3)
1106         and rand(3), including Windows CE.
1107
1108         * wtf/RandomNumberSeed.h:
1109         (WTF::initializeRandomNumberGenerator):
1110
1111 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
1112
1113         Reviewed by Gavin Barraclough.
1114
1115         MacroAssemblerARM would generate code that did 32bit loads
1116         on addresses that were not aligned. More specifically it would
1117         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
1118         The intended instruction really is ldrb r8,[r1, #7]; ensure we
1119         call load8 instead of load32.
1120
1121         https://bugs.webkit.org/show_bug.cgi?id=46095
1122
1123         * assembler/MacroAssemblerARM.h:
1124         (JSC::MacroAssemblerARM::set32Test32):
1125         (JSC::MacroAssemblerARM::set32Test8):
1126
1127 2011-02-01  Darin Fisher  <darin@chromium.org>
1128
1129         Reviewed by Eric Seidel.
1130
1131         Fix some Visual Studio compiler warnings.
1132         https://bugs.webkit.org/show_bug.cgi?id=53476
1133
1134         * wtf/MathExtras.h:
1135         (clampToInteger):
1136         (clampToPositiveInteger):
1137         * wtf/ThreadingWin.cpp:
1138         (WTF::absoluteTimeToWaitTimeoutInterval):
1139
1140 2011-01-31  Oliver Hunt  <oliver@apple.com>
1141
1142         Reviewed by Sam Weinig.
1143
1144         Bogus callframe during stack unwinding
1145         https://bugs.webkit.org/show_bug.cgi?id=53454
1146
1147         Trying to access a callframe's globalData after destroying its
1148         ScopeChain is not a good thing.  While we could access the
1149         globalData directly through the (known valid) scopechain we're
1150         holding on to, it feels fragile.  Instead we push the valid
1151         ScopeChain onto the callframe again to ensure that the callframe
1152         itself remains valid.
1153
1154         * interpreter/Interpreter.cpp:
1155         (JSC::Interpreter::unwindCallFrame):
1156
1157 2011-01-31  Michael Saboff  <msaboff@apple.com>
1158
1159         Reviewed by Geoffrey Garen.
1160
1161         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1162         https://bugs.webkit.org/show_bug.cgi?id=53271
1163
1164         Reapplying this change again.
1165         Changed isValid() to use .get() as a result of change r77151.
1166
1167         Added new isValid() methods to check if a contained object in
1168         a WeakGCMap is valid when using an unchecked iterator.
1169
1170         * runtime/WeakGCMap.h:
1171         (JSC::WeakGCMap::isValid):
1172
1173 2011-01-31  Oliver Hunt  <oliver@apple.com>
1174
1175         Convert markstack to a slot visitor API
1176         https://bugs.webkit.org/show_bug.cgi?id=53219
1177
1178         rolling r77098, r77099, r77100, r77109, and
1179         r77111 back in, along with a few more Qt fix attempts.
1180
1181         * API/JSCallbackObject.h:
1182         (JSC::JSCallbackObjectData::setPrivateProperty):
1183         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1184         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1185         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1186         (JSC::JSCallbackObject::setPrivateProperty):
1187         * API/JSCallbackObjectFunctions.h:
1188         (JSC::::put):
1189         (JSC::::staticFunctionGetter):
1190         * API/JSObjectRef.cpp:
1191         (JSObjectMakeConstructor):
1192         (JSObjectSetPrivateProperty):
1193         * API/JSWeakObjectMapRefInternal.h:
1194         * JavaScriptCore.exp:
1195         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1196         * JavaScriptCore.xcodeproj/project.pbxproj:
1197         * bytecode/CodeBlock.cpp:
1198         (JSC::CodeBlock::markAggregate):
1199         * bytecode/CodeBlock.h:
1200         (JSC::CodeBlock::globalObject):
1201         * bytecompiler/BytecodeGenerator.cpp:
1202         (JSC::BytecodeGenerator::BytecodeGenerator):
1203         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1204         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1205         (JSC::BytecodeGenerator::findScopedProperty):
1206         * debugger/Debugger.cpp:
1207         (JSC::evaluateInGlobalCallFrame):
1208         * debugger/DebuggerActivation.cpp:
1209         (JSC::DebuggerActivation::DebuggerActivation):
1210         (JSC::DebuggerActivation::markChildren):
1211         * debugger/DebuggerActivation.h:
1212         * debugger/DebuggerCallFrame.cpp:
1213         (JSC::DebuggerCallFrame::evaluate):
1214         * interpreter/CallFrame.h:
1215         (JSC::ExecState::exception):
1216         * interpreter/Interpreter.cpp:
1217         (JSC::Interpreter::resolve):
1218         (JSC::Interpreter::resolveSkip):
1219         (JSC::Interpreter::resolveGlobal):
1220         (JSC::Interpreter::resolveGlobalDynamic):
1221         (JSC::Interpreter::resolveBaseAndProperty):
1222         (JSC::Interpreter::unwindCallFrame):
1223         (JSC::appendSourceToError):
1224         (JSC::Interpreter::execute):
1225         (JSC::Interpreter::tryCacheGetByID):
1226         (JSC::Interpreter::privateExecute):
1227         * jit/JITStubs.cpp:
1228         (JSC::JITThunks::tryCacheGetByID):
1229         (JSC::DEFINE_STUB_FUNCTION):
1230         * jsc.cpp:
1231         (GlobalObject::GlobalObject):
1232         * runtime/ArgList.cpp:
1233         (JSC::MarkedArgumentBuffer::markLists):
1234         * runtime/Arguments.cpp:
1235         (JSC::Arguments::markChildren):
1236         (JSC::Arguments::getOwnPropertySlot):
1237         (JSC::Arguments::getOwnPropertyDescriptor):
1238         (JSC::Arguments::put):
1239         * runtime/Arguments.h:
1240         (JSC::Arguments::setActivation):
1241         (JSC::Arguments::Arguments):
1242         * runtime/ArrayConstructor.cpp:
1243         (JSC::ArrayConstructor::ArrayConstructor):
1244         (JSC::constructArrayWithSizeQuirk):
1245         * runtime/ArrayPrototype.cpp:
1246         (JSC::arrayProtoFuncSplice):
1247         * runtime/BatchedTransitionOptimizer.h:
1248         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1249         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1250         * runtime/BooleanConstructor.cpp:
1251         (JSC::BooleanConstructor::BooleanConstructor):
1252         (JSC::constructBoolean):
1253         (JSC::constructBooleanFromImmediateBoolean):
1254         * runtime/BooleanPrototype.cpp:
1255         (JSC::BooleanPrototype::BooleanPrototype):
1256         * runtime/ConservativeSet.cpp:
1257         (JSC::ConservativeSet::grow):
1258         * runtime/ConservativeSet.h:
1259         (JSC::ConservativeSet::~ConservativeSet):
1260         (JSC::ConservativeSet::mark):
1261         * runtime/DateConstructor.cpp:
1262         (JSC::DateConstructor::DateConstructor):
1263         * runtime/DateInstance.cpp:
1264         (JSC::DateInstance::DateInstance):
1265         * runtime/DatePrototype.cpp:
1266         (JSC::dateProtoFuncSetTime):
1267         (JSC::setNewValueFromTimeArgs):
1268         (JSC::setNewValueFromDateArgs):
1269         (JSC::dateProtoFuncSetYear):
1270         * runtime/ErrorConstructor.cpp:
1271         (JSC::ErrorConstructor::ErrorConstructor):
1272         * runtime/ErrorInstance.cpp:
1273         (JSC::ErrorInstance::ErrorInstance):
1274         * runtime/ErrorPrototype.cpp:
1275         (JSC::ErrorPrototype::ErrorPrototype):
1276         * runtime/FunctionConstructor.cpp:
1277         (JSC::FunctionConstructor::FunctionConstructor):
1278         * runtime/FunctionPrototype.cpp:
1279         (JSC::FunctionPrototype::FunctionPrototype):
1280         * runtime/GetterSetter.cpp:
1281         (JSC::GetterSetter::markChildren):
1282         * runtime/GetterSetter.h:
1283         (JSC::GetterSetter::GetterSetter):
1284         (JSC::GetterSetter::getter):
1285         (JSC::GetterSetter::setGetter):
1286         (JSC::GetterSetter::setter):
1287         (JSC::GetterSetter::setSetter):
1288         * runtime/GlobalEvalFunction.cpp:
1289         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1290         (JSC::GlobalEvalFunction::markChildren):
1291         * runtime/GlobalEvalFunction.h:
1292         (JSC::GlobalEvalFunction::cachedGlobalObject):
1293         * runtime/Heap.cpp:
1294         (JSC::Heap::markProtectedObjects):
1295         (JSC::Heap::markTempSortVectors):
1296         (JSC::Heap::markRoots):
1297         * runtime/InternalFunction.cpp:
1298         (JSC::InternalFunction::InternalFunction):
1299         * runtime/JSAPIValueWrapper.h:
1300         (JSC::JSAPIValueWrapper::value):
1301         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1302         * runtime/JSActivation.cpp:
1303         (JSC::JSActivation::markChildren):
1304         (JSC::JSActivation::put):
1305         * runtime/JSArray.cpp:
1306         (JSC::JSArray::JSArray):
1307         (JSC::JSArray::getOwnPropertySlot):
1308         (JSC::JSArray::getOwnPropertyDescriptor):
1309         (JSC::JSArray::put):
1310         (JSC::JSArray::putSlowCase):
1311         (JSC::JSArray::deleteProperty):
1312         (JSC::JSArray::increaseVectorLength):
1313         (JSC::JSArray::setLength):
1314         (JSC::JSArray::pop):
1315         (JSC::JSArray::push):
1316         (JSC::JSArray::unshiftCount):
1317         (JSC::JSArray::sort):
1318         (JSC::JSArray::fillArgList):
1319         (JSC::JSArray::copyToRegisters):
1320         (JSC::JSArray::compactForSorting):
1321         * runtime/JSArray.h:
1322         (JSC::JSArray::getIndex):
1323         (JSC::JSArray::setIndex):
1324         (JSC::JSArray::uncheckedSetIndex):
1325         (JSC::JSArray::markChildrenDirect):
1326         * runtime/JSByteArray.cpp:
1327         (JSC::JSByteArray::JSByteArray):
1328         * runtime/JSCell.h:
1329         (JSC::JSCell::MarkStack::append):
1330         (JSC::JSCell::MarkStack::internalAppend):
1331         (JSC::JSCell::MarkStack::deprecatedAppend):
1332         * runtime/JSFunction.cpp:
1333         (JSC::JSFunction::JSFunction):
1334         (JSC::JSFunction::getOwnPropertySlot):
1335         * runtime/JSGlobalData.h:
1336         * runtime/JSGlobalObject.cpp:
1337         (JSC::markIfNeeded):
1338         (JSC::JSGlobalObject::reset):
1339         (JSC::JSGlobalObject::resetPrototype):
1340         (JSC::JSGlobalObject::markChildren):
1341         * runtime/JSGlobalObject.h:
1342         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1343         (JSC::JSGlobalObject::regExpConstructor):
1344         (JSC::JSGlobalObject::errorConstructor):
1345         (JSC::JSGlobalObject::evalErrorConstructor):
1346         (JSC::JSGlobalObject::rangeErrorConstructor):
1347         (JSC::JSGlobalObject::referenceErrorConstructor):
1348         (JSC::JSGlobalObject::syntaxErrorConstructor):
1349         (JSC::JSGlobalObject::typeErrorConstructor):
1350         (JSC::JSGlobalObject::URIErrorConstructor):
1351         (JSC::JSGlobalObject::evalFunction):
1352         (JSC::JSGlobalObject::objectPrototype):
1353         (JSC::JSGlobalObject::functionPrototype):
1354         (JSC::JSGlobalObject::arrayPrototype):
1355         (JSC::JSGlobalObject::booleanPrototype):
1356         (JSC::JSGlobalObject::stringPrototype):
1357         (JSC::JSGlobalObject::numberPrototype):
1358         (JSC::JSGlobalObject::datePrototype):
1359         (JSC::JSGlobalObject::regExpPrototype):
1360         (JSC::JSGlobalObject::methodCallDummy):
1361         (JSC::Structure::prototypeForLookup):
1362         (JSC::constructArray):
1363         * runtime/JSONObject.cpp:
1364         (JSC::Stringifier::Holder::object):
1365         (JSC::Stringifier::Holder::objectSlot):
1366         (JSC::Stringifier::markAggregate):
1367         (JSC::Stringifier::stringify):
1368         (JSC::Stringifier::Holder::appendNextProperty):
1369         (JSC::Walker::callReviver):
1370         (JSC::Walker::walk):
1371         * runtime/JSObject.cpp:
1372         (JSC::JSObject::defineGetter):
1373         (JSC::JSObject::defineSetter):
1374         (JSC::JSObject::removeDirect):
1375         (JSC::JSObject::putDirectFunction):
1376         (JSC::JSObject::putDirectFunctionWithoutTransition):
1377         (JSC::putDescriptor):
1378         (JSC::JSObject::defineOwnProperty):
1379         * runtime/JSObject.h:
1380         (JSC::JSObject::getDirectOffset):
1381         (JSC::JSObject::putDirectOffset):
1382         (JSC::JSObject::putUndefinedAtDirectOffset):
1383         (JSC::JSObject::flattenDictionaryObject):
1384         (JSC::JSObject::putDirectInternal):
1385         (JSC::JSObject::putDirect):
1386         (JSC::JSObject::putDirectFunction):
1387         (JSC::JSObject::putDirectWithoutTransition):
1388         (JSC::JSObject::putDirectFunctionWithoutTransition):
1389         (JSC::JSValue::putDirect):
1390         (JSC::JSObject::allocatePropertyStorageInline):
1391         (JSC::JSObject::markChildrenDirect):
1392         * runtime/JSPropertyNameIterator.cpp:
1393         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1394         (JSC::JSPropertyNameIterator::get):
1395         * runtime/JSPropertyNameIterator.h:
1396         * runtime/JSStaticScopeObject.cpp:
1397         (JSC::JSStaticScopeObject::markChildren):
1398         * runtime/JSString.cpp:
1399         (JSC::StringObject::create):
1400         * runtime/JSValue.h:
1401         * runtime/JSWrapperObject.cpp:
1402         (JSC::JSWrapperObject::markChildren):
1403         * runtime/JSWrapperObject.h:
1404         (JSC::JSWrapperObject::internalValue):
1405         (JSC::JSWrapperObject::setInternalValue):
1406         * runtime/LiteralParser.cpp:
1407         (JSC::LiteralParser::parse):
1408         * runtime/Lookup.cpp:
1409         (JSC::setUpStaticFunctionSlot):
1410         * runtime/Lookup.h:
1411         (JSC::lookupPut):
1412         * runtime/MarkStack.h:
1413         (JSC::MarkStack::MarkStack):
1414         (JSC::MarkStack::deprecatedAppendValues):
1415         (JSC::MarkStack::appendValues):
1416         * runtime/MathObject.cpp:
1417         (JSC::MathObject::MathObject):
1418         * runtime/NativeErrorConstructor.cpp:
1419         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1420         * runtime/NativeErrorPrototype.cpp:
1421         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1422         * runtime/NumberConstructor.cpp:
1423         (JSC::NumberConstructor::NumberConstructor):
1424         (JSC::constructWithNumberConstructor):
1425         * runtime/NumberObject.cpp:
1426         (JSC::constructNumber):
1427         * runtime/NumberPrototype.cpp:
1428         (JSC::NumberPrototype::NumberPrototype):
1429         * runtime/ObjectConstructor.cpp:
1430         (JSC::ObjectConstructor::ObjectConstructor):
1431         (JSC::objectConstructorGetOwnPropertyDescriptor):
1432         * runtime/Operations.h:
1433         (JSC::normalizePrototypeChain):
1434         (JSC::resolveBase):
1435         * runtime/PrototypeFunction.cpp:
1436         (JSC::PrototypeFunction::PrototypeFunction):
1437         * runtime/PutPropertySlot.h:
1438         (JSC::PutPropertySlot::setExistingProperty):
1439         (JSC::PutPropertySlot::setNewProperty):
1440         (JSC::PutPropertySlot::base):
1441         * runtime/RegExpConstructor.cpp:
1442         (JSC::RegExpConstructor::RegExpConstructor):
1443         * runtime/ScopeChain.cpp:
1444         (JSC::ScopeChainNode::print):
1445         * runtime/ScopeChain.h:
1446         (JSC::ScopeChainNode::~ScopeChainNode):
1447         (JSC::ScopeChainIterator::operator*):
1448         (JSC::ScopeChainIterator::operator->):
1449         (JSC::ScopeChain::top):
1450         * runtime/ScopeChainMark.h:
1451         (JSC::ScopeChain::markAggregate):
1452         * runtime/SmallStrings.cpp:
1453         (JSC::isMarked):
1454         (JSC::SmallStrings::markChildren):
1455         * runtime/SmallStrings.h:
1456         (JSC::SmallStrings::emptyString):
1457         (JSC::SmallStrings::singleCharacterString):
1458         (JSC::SmallStrings::singleCharacterStrings):
1459         * runtime/StringConstructor.cpp:
1460         (JSC::StringConstructor::StringConstructor):
1461         * runtime/StringObject.cpp:
1462         (JSC::StringObject::StringObject):
1463         * runtime/StringObject.h:
1464         * runtime/StringPrototype.cpp:
1465         (JSC::StringPrototype::StringPrototype):
1466         * runtime/Structure.cpp:
1467         (JSC::Structure::Structure):
1468         (JSC::Structure::addPropertyTransition):
1469         (JSC::Structure::toDictionaryTransition):
1470         (JSC::Structure::flattenDictionaryStructure):
1471         * runtime/Structure.h:
1472         (JSC::Structure::storedPrototype):
1473         (JSC::Structure::storedPrototypeSlot):
1474         * runtime/WeakGCMap.h:
1475         (JSC::WeakGCMap::uncheckedGet):
1476         (JSC::WeakGCMap::uncheckedGetSlot):
1477         (JSC::::get):
1478         (JSC::::take):
1479         (JSC::::set):
1480         (JSC::::uncheckedRemove):
1481         * runtime/WriteBarrier.h: Added.
1482         (JSC::DeprecatedPtr::DeprecatedPtr):
1483         (JSC::DeprecatedPtr::get):
1484         (JSC::DeprecatedPtr::operator*):
1485         (JSC::DeprecatedPtr::operator->):
1486         (JSC::DeprecatedPtr::slot):
1487         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1488         (JSC::DeprecatedPtr::operator!):
1489         (JSC::WriteBarrierBase::set):
1490         (JSC::WriteBarrierBase::get):
1491         (JSC::WriteBarrierBase::operator*):
1492         (JSC::WriteBarrierBase::operator->):
1493         (JSC::WriteBarrierBase::clear):
1494         (JSC::WriteBarrierBase::slot):
1495         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1496         (JSC::WriteBarrierBase::operator!):
1497         (JSC::WriteBarrier::WriteBarrier):
1498         (JSC::operator==):
1499
1500 2011-01-31  Dan Winship  <danw@gnome.org>
1501
1502         Reviewed by Gustavo Noronha Silva.
1503
1504         wss (websockets ssl) support for gtk via new gio TLS support
1505         https://bugs.webkit.org/show_bug.cgi?id=50344
1506
1507         Add a GPollableOutputStream typedef for TLS WebSockets support
1508
1509         * wtf/gobject/GTypedefs.h:
1510
1511 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
1512
1513         Reviewed by Geoff Garen.
1514
1515         https://bugs.webkit.org/show_bug.cgi?id=53352
1516         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
1517
1518         The FixedVMPoolAllocator currently uses a best fix policy -
1519         switch to first fit, this is less prone to external fragmentation.
1520
1521         * jit/ExecutableAllocatorFixedVMPool.cpp:
1522         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
1523         (JSC::AllocationTableSizeClass::blockSize):
1524         (JSC::AllocationTableSizeClass::blockCount):
1525         (JSC::AllocationTableSizeClass::blockAlignment):
1526         (JSC::AllocationTableSizeClass::size):
1527         (JSC::AllocationTableLeaf::AllocationTableLeaf):
1528         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
1529         (JSC::AllocationTableLeaf::allocate):
1530         (JSC::AllocationTableLeaf::free):
1531         (JSC::AllocationTableLeaf::isEmpty):
1532         (JSC::AllocationTableLeaf::isFull):
1533         (JSC::AllocationTableLeaf::size):
1534         (JSC::AllocationTableLeaf::classForSize):
1535         (JSC::AllocationTableLeaf::dump):
1536         (JSC::LazyAllocationTable::LazyAllocationTable):
1537         (JSC::LazyAllocationTable::~LazyAllocationTable):
1538         (JSC::LazyAllocationTable::allocate):
1539         (JSC::LazyAllocationTable::free):
1540         (JSC::LazyAllocationTable::isEmpty):
1541         (JSC::LazyAllocationTable::isFull):
1542         (JSC::LazyAllocationTable::size):
1543         (JSC::LazyAllocationTable::dump):
1544         (JSC::LazyAllocationTable::classForSize):
1545         (JSC::AllocationTableDirectory::AllocationTableDirectory):
1546         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
1547         (JSC::AllocationTableDirectory::allocate):
1548         (JSC::AllocationTableDirectory::free):
1549         (JSC::AllocationTableDirectory::isEmpty):
1550         (JSC::AllocationTableDirectory::isFull):
1551         (JSC::AllocationTableDirectory::size):
1552         (JSC::AllocationTableDirectory::classForSize):
1553         (JSC::AllocationTableDirectory::dump):
1554         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1555         (JSC::FixedVMPoolAllocator::alloc):
1556         (JSC::FixedVMPoolAllocator::free):
1557         (JSC::FixedVMPoolAllocator::allocated):
1558         (JSC::FixedVMPoolAllocator::isValid):
1559         (JSC::FixedVMPoolAllocator::classForSize):
1560         (JSC::FixedVMPoolAllocator::offsetToPointer):
1561         (JSC::FixedVMPoolAllocator::pointerToOffset):
1562         (JSC::ExecutableAllocator::committedByteCount):
1563         (JSC::ExecutableAllocator::isValid):
1564         (JSC::ExecutableAllocator::underMemoryPressure):
1565         (JSC::ExecutablePool::systemAlloc):
1566         (JSC::ExecutablePool::systemRelease):
1567         * wtf/PageReservation.h:
1568         (WTF::PageReservation::PageReservation):
1569         (WTF::PageReservation::commit):
1570         (WTF::PageReservation::decommit):
1571         (WTF::PageReservation::committed):
1572
1573 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1574
1575         Unreviewed, rolling out r76969.
1576         http://trac.webkit.org/changeset/76969
1577         https://bugs.webkit.org/show_bug.cgi?id=53418
1578
1579         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1580         alexg__ on #webkit).
1581
1582         * runtime/WeakGCMap.h:
1583
1584 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1585
1586         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1587         r77111.
1588         http://trac.webkit.org/changeset/77098
1589         http://trac.webkit.org/changeset/77099
1590         http://trac.webkit.org/changeset/77100
1591         http://trac.webkit.org/changeset/77109
1592         http://trac.webkit.org/changeset/77111
1593         https://bugs.webkit.org/show_bug.cgi?id=53219
1594
1595         Qt build is broken
1596
1597         * API/JSCallbackObject.h:
1598         (JSC::JSCallbackObjectData::setPrivateProperty):
1599         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1600         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1601         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1602         (JSC::JSCallbackObject::setPrivateProperty):
1603         * API/JSCallbackObjectFunctions.h:
1604         (JSC::::put):
1605         (JSC::::staticFunctionGetter):
1606         * API/JSObjectRef.cpp:
1607         (JSObjectMakeConstructor):
1608         (JSObjectSetPrivateProperty):
1609         * API/JSWeakObjectMapRefInternal.h:
1610         * JavaScriptCore.exp:
1611         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1612         * JavaScriptCore.xcodeproj/project.pbxproj:
1613         * bytecode/CodeBlock.cpp:
1614         (JSC::CodeBlock::markAggregate):
1615         * bytecode/CodeBlock.h:
1616         (JSC::CodeBlock::globalObject):
1617         * bytecompiler/BytecodeGenerator.cpp:
1618         (JSC::BytecodeGenerator::BytecodeGenerator):
1619         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1620         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1621         (JSC::BytecodeGenerator::findScopedProperty):
1622         * debugger/Debugger.cpp:
1623         (JSC::evaluateInGlobalCallFrame):
1624         * debugger/DebuggerActivation.cpp:
1625         (JSC::DebuggerActivation::DebuggerActivation):
1626         (JSC::DebuggerActivation::markChildren):
1627         * debugger/DebuggerActivation.h:
1628         * debugger/DebuggerCallFrame.cpp:
1629         (JSC::DebuggerCallFrame::evaluate):
1630         * interpreter/CallFrame.h:
1631         (JSC::ExecState::exception):
1632         * interpreter/Interpreter.cpp:
1633         (JSC::Interpreter::resolve):
1634         (JSC::Interpreter::resolveSkip):
1635         (JSC::Interpreter::resolveGlobal):
1636         (JSC::Interpreter::resolveGlobalDynamic):
1637         (JSC::Interpreter::resolveBaseAndProperty):
1638         (JSC::Interpreter::unwindCallFrame):
1639         (JSC::appendSourceToError):
1640         (JSC::Interpreter::execute):
1641         (JSC::Interpreter::tryCacheGetByID):
1642         (JSC::Interpreter::privateExecute):
1643         * jit/JITStubs.cpp:
1644         (JSC::JITThunks::tryCacheGetByID):
1645         (JSC::DEFINE_STUB_FUNCTION):
1646         * jsc.cpp:
1647         (GlobalObject::GlobalObject):
1648         * runtime/ArgList.cpp:
1649         (JSC::MarkedArgumentBuffer::markLists):
1650         * runtime/Arguments.cpp:
1651         (JSC::Arguments::markChildren):
1652         (JSC::Arguments::getOwnPropertySlot):
1653         (JSC::Arguments::getOwnPropertyDescriptor):
1654         (JSC::Arguments::put):
1655         * runtime/Arguments.h:
1656         (JSC::Arguments::setActivation):
1657         (JSC::Arguments::Arguments):
1658         * runtime/ArrayConstructor.cpp:
1659         (JSC::ArrayConstructor::ArrayConstructor):
1660         (JSC::constructArrayWithSizeQuirk):
1661         * runtime/ArrayPrototype.cpp:
1662         (JSC::arrayProtoFuncSplice):
1663         * runtime/BatchedTransitionOptimizer.h:
1664         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1665         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1666         * runtime/BooleanConstructor.cpp:
1667         (JSC::BooleanConstructor::BooleanConstructor):
1668         (JSC::constructBoolean):
1669         (JSC::constructBooleanFromImmediateBoolean):
1670         * runtime/BooleanPrototype.cpp:
1671         (JSC::BooleanPrototype::BooleanPrototype):
1672         * runtime/ConservativeSet.cpp:
1673         (JSC::ConservativeSet::grow):
1674         * runtime/ConservativeSet.h:
1675         (JSC::ConservativeSet::~ConservativeSet):
1676         (JSC::ConservativeSet::mark):
1677         * runtime/DateConstructor.cpp:
1678         (JSC::DateConstructor::DateConstructor):
1679         * runtime/DateInstance.cpp:
1680         (JSC::DateInstance::DateInstance):
1681         * runtime/DatePrototype.cpp:
1682         (JSC::dateProtoFuncSetTime):
1683         (JSC::setNewValueFromTimeArgs):
1684         (JSC::setNewValueFromDateArgs):
1685         (JSC::dateProtoFuncSetYear):
1686         * runtime/ErrorConstructor.cpp:
1687         (JSC::ErrorConstructor::ErrorConstructor):
1688         * runtime/ErrorInstance.cpp:
1689         (JSC::ErrorInstance::ErrorInstance):
1690         * runtime/ErrorPrototype.cpp:
1691         (JSC::ErrorPrototype::ErrorPrototype):
1692         * runtime/FunctionConstructor.cpp:
1693         (JSC::FunctionConstructor::FunctionConstructor):
1694         * runtime/FunctionPrototype.cpp:
1695         (JSC::FunctionPrototype::FunctionPrototype):
1696         * runtime/GetterSetter.cpp:
1697         (JSC::GetterSetter::markChildren):
1698         * runtime/GetterSetter.h:
1699         (JSC::GetterSetter::GetterSetter):
1700         (JSC::GetterSetter::getter):
1701         (JSC::GetterSetter::setGetter):
1702         (JSC::GetterSetter::setter):
1703         (JSC::GetterSetter::setSetter):
1704         * runtime/GlobalEvalFunction.cpp:
1705         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1706         (JSC::GlobalEvalFunction::markChildren):
1707         * runtime/GlobalEvalFunction.h:
1708         (JSC::GlobalEvalFunction::cachedGlobalObject):
1709         * runtime/Heap.cpp:
1710         (JSC::Heap::markProtectedObjects):
1711         (JSC::Heap::markTempSortVectors):
1712         (JSC::Heap::markRoots):
1713         * runtime/InternalFunction.cpp:
1714         (JSC::InternalFunction::InternalFunction):
1715         * runtime/JSAPIValueWrapper.h:
1716         (JSC::JSAPIValueWrapper::value):
1717         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1718         * runtime/JSActivation.cpp:
1719         (JSC::JSActivation::markChildren):
1720         (JSC::JSActivation::put):
1721         * runtime/JSArray.cpp:
1722         (JSC::JSArray::JSArray):
1723         (JSC::JSArray::getOwnPropertySlot):
1724         (JSC::JSArray::getOwnPropertyDescriptor):
1725         (JSC::JSArray::put):
1726         (JSC::JSArray::putSlowCase):
1727         (JSC::JSArray::deleteProperty):
1728         (JSC::JSArray::increaseVectorLength):
1729         (JSC::JSArray::setLength):
1730         (JSC::JSArray::pop):
1731         (JSC::JSArray::push):
1732         (JSC::JSArray::unshiftCount):
1733         (JSC::JSArray::sort):
1734         (JSC::JSArray::fillArgList):
1735         (JSC::JSArray::copyToRegisters):
1736         (JSC::JSArray::compactForSorting):
1737         * runtime/JSArray.h:
1738         (JSC::JSArray::getIndex):
1739         (JSC::JSArray::setIndex):
1740         (JSC::JSArray::uncheckedSetIndex):
1741         (JSC::JSArray::markChildrenDirect):
1742         * runtime/JSByteArray.cpp:
1743         (JSC::JSByteArray::JSByteArray):
1744         * runtime/JSCell.h:
1745         (JSC::JSCell::JSValue::toThisObject):
1746         (JSC::JSCell::MarkStack::append):
1747         * runtime/JSFunction.cpp:
1748         (JSC::JSFunction::JSFunction):
1749         (JSC::JSFunction::getOwnPropertySlot):
1750         * runtime/JSGlobalData.h:
1751         * runtime/JSGlobalObject.cpp:
1752         (JSC::markIfNeeded):
1753         (JSC::JSGlobalObject::reset):
1754         (JSC::JSGlobalObject::resetPrototype):
1755         (JSC::JSGlobalObject::markChildren):
1756         * runtime/JSGlobalObject.h:
1757         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1758         (JSC::JSGlobalObject::regExpConstructor):
1759         (JSC::JSGlobalObject::errorConstructor):
1760         (JSC::JSGlobalObject::evalErrorConstructor):
1761         (JSC::JSGlobalObject::rangeErrorConstructor):
1762         (JSC::JSGlobalObject::referenceErrorConstructor):
1763         (JSC::JSGlobalObject::syntaxErrorConstructor):
1764         (JSC::JSGlobalObject::typeErrorConstructor):
1765         (JSC::JSGlobalObject::URIErrorConstructor):
1766         (JSC::JSGlobalObject::evalFunction):
1767         (JSC::JSGlobalObject::objectPrototype):
1768         (JSC::JSGlobalObject::functionPrototype):
1769         (JSC::JSGlobalObject::arrayPrototype):
1770         (JSC::JSGlobalObject::booleanPrototype):
1771         (JSC::JSGlobalObject::stringPrototype):
1772         (JSC::JSGlobalObject::numberPrototype):
1773         (JSC::JSGlobalObject::datePrototype):
1774         (JSC::JSGlobalObject::regExpPrototype):
1775         (JSC::JSGlobalObject::methodCallDummy):
1776         (JSC::Structure::prototypeForLookup):
1777         (JSC::constructArray):
1778         * runtime/JSONObject.cpp:
1779         (JSC::Stringifier::Holder::object):
1780         (JSC::Stringifier::markAggregate):
1781         (JSC::Stringifier::stringify):
1782         (JSC::Stringifier::Holder::appendNextProperty):
1783         (JSC::Walker::callReviver):
1784         (JSC::Walker::walk):
1785         * runtime/JSObject.cpp:
1786         (JSC::JSObject::defineGetter):
1787         (JSC::JSObject::defineSetter):
1788         (JSC::JSObject::removeDirect):
1789         (JSC::JSObject::putDirectFunction):
1790         (JSC::JSObject::putDirectFunctionWithoutTransition):
1791         (JSC::putDescriptor):
1792         (JSC::JSObject::defineOwnProperty):
1793         * runtime/JSObject.h:
1794         (JSC::JSObject::getDirectOffset):
1795         (JSC::JSObject::putDirectOffset):
1796         (JSC::JSObject::flattenDictionaryObject):
1797         (JSC::JSObject::putDirectInternal):
1798         (JSC::JSObject::putDirect):
1799         (JSC::JSObject::putDirectFunction):
1800         (JSC::JSObject::putDirectWithoutTransition):
1801         (JSC::JSObject::putDirectFunctionWithoutTransition):
1802         (JSC::JSValue::putDirect):
1803         (JSC::JSObject::allocatePropertyStorageInline):
1804         (JSC::JSObject::markChildrenDirect):
1805         * runtime/JSPropertyNameIterator.cpp:
1806         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1807         (JSC::JSPropertyNameIterator::get):
1808         * runtime/JSPropertyNameIterator.h:
1809         * runtime/JSStaticScopeObject.cpp:
1810         (JSC::JSStaticScopeObject::markChildren):
1811         * runtime/JSString.cpp:
1812         (JSC::StringObject::create):
1813         * runtime/JSValue.h:
1814         * runtime/JSWrapperObject.cpp:
1815         (JSC::JSWrapperObject::markChildren):
1816         * runtime/JSWrapperObject.h:
1817         (JSC::JSWrapperObject::internalValue):
1818         (JSC::JSWrapperObject::setInternalValue):
1819         * runtime/LiteralParser.cpp:
1820         (JSC::LiteralParser::parse):
1821         * runtime/Lookup.cpp:
1822         (JSC::setUpStaticFunctionSlot):
1823         * runtime/Lookup.h:
1824         (JSC::lookupPut):
1825         * runtime/MarkStack.h:
1826         (JSC::MarkStack::appendValues):
1827         * runtime/MathObject.cpp:
1828         (JSC::MathObject::MathObject):
1829         * runtime/NativeErrorConstructor.cpp:
1830         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1831         * runtime/NativeErrorPrototype.cpp:
1832         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1833         * runtime/NumberConstructor.cpp:
1834         (JSC::NumberConstructor::NumberConstructor):
1835         (JSC::constructWithNumberConstructor):
1836         * runtime/NumberObject.cpp:
1837         (JSC::constructNumber):
1838         * runtime/NumberPrototype.cpp:
1839         (JSC::NumberPrototype::NumberPrototype):
1840         * runtime/ObjectConstructor.cpp:
1841         (JSC::ObjectConstructor::ObjectConstructor):
1842         (JSC::objectConstructorGetOwnPropertyDescriptor):
1843         * runtime/Operations.h:
1844         (JSC::normalizePrototypeChain):
1845         (JSC::resolveBase):
1846         * runtime/PrototypeFunction.cpp:
1847         (JSC::PrototypeFunction::PrototypeFunction):
1848         * runtime/PutPropertySlot.h:
1849         (JSC::PutPropertySlot::setExistingProperty):
1850         (JSC::PutPropertySlot::setNewProperty):
1851         (JSC::PutPropertySlot::base):
1852         * runtime/RegExpConstructor.cpp:
1853         (JSC::RegExpConstructor::RegExpConstructor):
1854         * runtime/ScopeChain.cpp:
1855         (JSC::ScopeChainNode::print):
1856         * runtime/ScopeChain.h:
1857         (JSC::ScopeChainNode::~ScopeChainNode):
1858         (JSC::ScopeChainIterator::operator*):
1859         (JSC::ScopeChainIterator::operator->):
1860         (JSC::ScopeChain::top):
1861         * runtime/ScopeChainMark.h:
1862         (JSC::ScopeChain::markAggregate):
1863         * runtime/SmallStrings.cpp:
1864         (JSC::isMarked):
1865         (JSC::SmallStrings::markChildren):
1866         * runtime/SmallStrings.h:
1867         (JSC::SmallStrings::emptyString):
1868         (JSC::SmallStrings::singleCharacterString):
1869         (JSC::SmallStrings::singleCharacterStrings):
1870         * runtime/StringConstructor.cpp:
1871         (JSC::StringConstructor::StringConstructor):
1872         * runtime/StringObject.cpp:
1873         (JSC::StringObject::StringObject):
1874         * runtime/StringObject.h:
1875         * runtime/StringPrototype.cpp:
1876         (JSC::StringPrototype::StringPrototype):
1877         * runtime/Structure.cpp:
1878         (JSC::Structure::Structure):
1879         (JSC::Structure::addPropertyTransition):
1880         (JSC::Structure::toDictionaryTransition):
1881         (JSC::Structure::flattenDictionaryStructure):
1882         * runtime/Structure.h:
1883         (JSC::Structure::storedPrototype):
1884         * runtime/WeakGCMap.h:
1885         (JSC::WeakGCMap::uncheckedGet):
1886         (JSC::WeakGCMap::isValid):
1887         (JSC::::get):
1888         (JSC::::take):
1889         (JSC::::set):
1890         (JSC::::uncheckedRemove):
1891         * runtime/WriteBarrier.h: Removed.
1892
1893 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1894
1895         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1896
1897         * runtime/WriteBarrier.h:
1898         (JSC::WriteBarrierBase::clear):
1899
1900 2011-01-30  Oliver Hunt  <oliver@apple.com>
1901
1902         More Qt build fixes
1903
1904         * runtime/WriteBarrier.h:
1905         (JSC::WriteBarrierBase::clear):
1906
1907 2011-01-30  Oliver Hunt  <oliver@apple.com>
1908
1909         Convert markstack to a slot visitor API
1910         https://bugs.webkit.org/show_bug.cgi?id=53219
1911
1912         rolling r77006 and r77020 back in.
1913
1914         * API/JSCallbackObject.h:
1915         (JSC::JSCallbackObjectData::setPrivateProperty):
1916         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1917         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1918         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1919         (JSC::JSCallbackObject::setPrivateProperty):
1920         * API/JSCallbackObjectFunctions.h:
1921         (JSC::::put):
1922         (JSC::::staticFunctionGetter):
1923         * API/JSObjectRef.cpp:
1924         (JSObjectMakeConstructor):
1925         (JSObjectSetPrivateProperty):
1926         * API/JSWeakObjectMapRefInternal.h:
1927         * JavaScriptCore.exp:
1928         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1929         * JavaScriptCore.xcodeproj/project.pbxproj:
1930         * bytecode/CodeBlock.cpp:
1931         (JSC::CodeBlock::markAggregate):
1932         * bytecode/CodeBlock.h:
1933         (JSC::CodeBlock::globalObject):
1934         * bytecompiler/BytecodeGenerator.cpp:
1935         (JSC::BytecodeGenerator::BytecodeGenerator):
1936         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1937         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1938         (JSC::BytecodeGenerator::findScopedProperty):
1939         * debugger/Debugger.cpp:
1940         (JSC::evaluateInGlobalCallFrame):
1941         * debugger/DebuggerActivation.cpp:
1942         (JSC::DebuggerActivation::DebuggerActivation):
1943         (JSC::DebuggerActivation::markChildren):
1944         * debugger/DebuggerActivation.h:
1945         * debugger/DebuggerCallFrame.cpp:
1946         (JSC::DebuggerCallFrame::evaluate):
1947         * interpreter/CallFrame.h:
1948         (JSC::ExecState::exception):
1949         * interpreter/Interpreter.cpp:
1950         (JSC::Interpreter::resolve):
1951         (JSC::Interpreter::resolveSkip):
1952         (JSC::Interpreter::resolveGlobal):
1953         (JSC::Interpreter::resolveGlobalDynamic):
1954         (JSC::Interpreter::resolveBaseAndProperty):
1955         (JSC::Interpreter::unwindCallFrame):
1956         (JSC::appendSourceToError):
1957         (JSC::Interpreter::execute):
1958         (JSC::Interpreter::tryCacheGetByID):
1959         (JSC::Interpreter::privateExecute):
1960         * jit/JITStubs.cpp:
1961         (JSC::JITThunks::tryCacheGetByID):
1962         (JSC::DEFINE_STUB_FUNCTION):
1963         * jsc.cpp:
1964         (GlobalObject::GlobalObject):
1965         * runtime/ArgList.cpp:
1966         (JSC::MarkedArgumentBuffer::markLists):
1967         * runtime/Arguments.cpp:
1968         (JSC::Arguments::markChildren):
1969         (JSC::Arguments::getOwnPropertySlot):
1970         (JSC::Arguments::getOwnPropertyDescriptor):
1971         (JSC::Arguments::put):
1972         * runtime/Arguments.h:
1973         (JSC::Arguments::setActivation):
1974         (JSC::Arguments::Arguments):
1975         * runtime/ArrayConstructor.cpp:
1976         (JSC::ArrayConstructor::ArrayConstructor):
1977         (JSC::constructArrayWithSizeQuirk):
1978         * runtime/ArrayPrototype.cpp:
1979         (JSC::arrayProtoFuncSplice):
1980         * runtime/BatchedTransitionOptimizer.h:
1981         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1982         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1983         * runtime/BooleanConstructor.cpp:
1984         (JSC::BooleanConstructor::BooleanConstructor):
1985         (JSC::constructBoolean):
1986         (JSC::constructBooleanFromImmediateBoolean):
1987         * runtime/BooleanPrototype.cpp:
1988         (JSC::BooleanPrototype::BooleanPrototype):
1989         * runtime/ConservativeSet.cpp:
1990         (JSC::ConservativeSet::grow):
1991         * runtime/ConservativeSet.h:
1992         (JSC::ConservativeSet::~ConservativeSet):
1993         (JSC::ConservativeSet::mark):
1994         * runtime/DateConstructor.cpp:
1995         (JSC::DateConstructor::DateConstructor):
1996         * runtime/DateInstance.cpp:
1997         (JSC::DateInstance::DateInstance):
1998         * runtime/DatePrototype.cpp:
1999         (JSC::dateProtoFuncSetTime):
2000         (JSC::setNewValueFromTimeArgs):
2001         (JSC::setNewValueFromDateArgs):
2002         (JSC::dateProtoFuncSetYear):
2003         * runtime/ErrorConstructor.cpp:
2004         (JSC::ErrorConstructor::ErrorConstructor):
2005         * runtime/ErrorInstance.cpp:
2006         (JSC::ErrorInstance::ErrorInstance):
2007         * runtime/ErrorPrototype.cpp:
2008         (JSC::ErrorPrototype::ErrorPrototype):
2009         * runtime/FunctionConstructor.cpp:
2010         (JSC::FunctionConstructor::FunctionConstructor):
2011         * runtime/FunctionPrototype.cpp:
2012         (JSC::FunctionPrototype::FunctionPrototype):
2013         * runtime/GetterSetter.cpp:
2014         (JSC::GetterSetter::markChildren):
2015         * runtime/GetterSetter.h:
2016         (JSC::GetterSetter::GetterSetter):
2017         (JSC::GetterSetter::getter):
2018         (JSC::GetterSetter::setGetter):
2019         (JSC::GetterSetter::setter):
2020         (JSC::GetterSetter::setSetter):
2021         * runtime/GlobalEvalFunction.cpp:
2022         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2023         (JSC::GlobalEvalFunction::markChildren):
2024         * runtime/GlobalEvalFunction.h:
2025         (JSC::GlobalEvalFunction::cachedGlobalObject):
2026         * runtime/Heap.cpp:
2027         (JSC::Heap::markProtectedObjects):
2028         (JSC::Heap::markTempSortVectors):
2029         (JSC::Heap::markRoots):
2030         * runtime/InternalFunction.cpp:
2031         (JSC::InternalFunction::InternalFunction):
2032         * runtime/JSAPIValueWrapper.h:
2033         (JSC::JSAPIValueWrapper::value):
2034         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2035         * runtime/JSActivation.cpp:
2036         (JSC::JSActivation::markChildren):
2037         (JSC::JSActivation::put):
2038         * runtime/JSArray.cpp:
2039         (JSC::JSArray::JSArray):
2040         (JSC::JSArray::getOwnPropertySlot):
2041         (JSC::JSArray::getOwnPropertyDescriptor):
2042         (JSC::JSArray::put):
2043         (JSC::JSArray::putSlowCase):
2044         (JSC::JSArray::deleteProperty):
2045         (JSC::JSArray::increaseVectorLength):
2046         (JSC::JSArray::setLength):
2047         (JSC::JSArray::pop):
2048         (JSC::JSArray::push):
2049         (JSC::JSArray::unshiftCount):
2050         (JSC::JSArray::sort):
2051         (JSC::JSArray::fillArgList):
2052         (JSC::JSArray::copyToRegisters):
2053         (JSC::JSArray::compactForSorting):
2054         * runtime/JSArray.h:
2055         (JSC::JSArray::getIndex):
2056         (JSC::JSArray::setIndex):
2057         (JSC::JSArray::uncheckedSetIndex):
2058         (JSC::JSArray::markChildrenDirect):
2059         * runtime/JSByteArray.cpp:
2060         (JSC::JSByteArray::JSByteArray):
2061         * runtime/JSCell.h:
2062         (JSC::JSCell::MarkStack::append):
2063         (JSC::JSCell::MarkStack::internalAppend):
2064         (JSC::JSCell::MarkStack::deprecatedAppend):
2065         * runtime/JSFunction.cpp:
2066         (JSC::JSFunction::JSFunction):
2067         (JSC::JSFunction::getOwnPropertySlot):
2068         * runtime/JSGlobalData.h:
2069         * runtime/JSGlobalObject.cpp:
2070         (JSC::markIfNeeded):
2071         (JSC::JSGlobalObject::reset):
2072         (JSC::JSGlobalObject::resetPrototype):
2073         (JSC::JSGlobalObject::markChildren):
2074         * runtime/JSGlobalObject.h:
2075         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2076         (JSC::JSGlobalObject::regExpConstructor):
2077         (JSC::JSGlobalObject::errorConstructor):
2078         (JSC::JSGlobalObject::evalErrorConstructor):
2079         (JSC::JSGlobalObject::rangeErrorConstructor):
2080         (JSC::JSGlobalObject::referenceErrorConstructor):
2081         (JSC::JSGlobalObject::syntaxErrorConstructor):
2082         (JSC::JSGlobalObject::typeErrorConstructor):
2083         (JSC::JSGlobalObject::URIErrorConstructor):
2084         (JSC::JSGlobalObject::evalFunction):
2085         (JSC::JSGlobalObject::objectPrototype):
2086         (JSC::JSGlobalObject::functionPrototype):
2087         (JSC::JSGlobalObject::arrayPrototype):
2088         (JSC::JSGlobalObject::booleanPrototype):
2089         (JSC::JSGlobalObject::stringPrototype):
2090         (JSC::JSGlobalObject::numberPrototype):
2091         (JSC::JSGlobalObject::datePrototype):
2092         (JSC::JSGlobalObject::regExpPrototype):
2093         (JSC::JSGlobalObject::methodCallDummy):
2094         (JSC::Structure::prototypeForLookup):
2095         (JSC::constructArray):
2096         * runtime/JSONObject.cpp:
2097         (JSC::Stringifier::Holder::object):
2098         (JSC::Stringifier::Holder::objectSlot):
2099         (JSC::Stringifier::markAggregate):
2100         (JSC::Stringifier::stringify):
2101         (JSC::Stringifier::Holder::appendNextProperty):
2102         (JSC::Walker::callReviver):
2103         (JSC::Walker::walk):
2104         * runtime/JSObject.cpp:
2105         (JSC::JSObject::defineGetter):
2106         (JSC::JSObject::defineSetter):
2107         (JSC::JSObject::removeDirect):
2108         (JSC::JSObject::putDirectFunction):
2109         (JSC::JSObject::putDirectFunctionWithoutTransition):
2110         (JSC::putDescriptor):
2111         (JSC::JSObject::defineOwnProperty):
2112         * runtime/JSObject.h:
2113         (JSC::JSObject::getDirectOffset):
2114         (JSC::JSObject::putDirectOffset):
2115         (JSC::JSObject::putUndefinedAtDirectOffset):
2116         (JSC::JSObject::flattenDictionaryObject):
2117         (JSC::JSObject::putDirectInternal):
2118         (JSC::JSObject::putDirect):
2119         (JSC::JSObject::putDirectFunction):
2120         (JSC::JSObject::putDirectWithoutTransition):
2121         (JSC::JSObject::putDirectFunctionWithoutTransition):
2122         (JSC::JSValue::putDirect):
2123         (JSC::JSObject::allocatePropertyStorageInline):
2124         (JSC::JSObject::markChildrenDirect):
2125         * runtime/JSPropertyNameIterator.cpp:
2126         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2127         (JSC::JSPropertyNameIterator::get):
2128         * runtime/JSPropertyNameIterator.h:
2129         * runtime/JSStaticScopeObject.cpp:
2130         (JSC::JSStaticScopeObject::markChildren):
2131         * runtime/JSString.cpp:
2132         (JSC::StringObject::create):
2133         * runtime/JSValue.h:
2134         * runtime/JSWrapperObject.cpp:
2135         (JSC::JSWrapperObject::markChildren):
2136         * runtime/JSWrapperObject.h:
2137         (JSC::JSWrapperObject::internalValue):
2138         (JSC::JSWrapperObject::setInternalValue):
2139         * runtime/LiteralParser.cpp:
2140         (JSC::LiteralParser::parse):
2141         * runtime/Lookup.cpp:
2142         (JSC::setUpStaticFunctionSlot):
2143         * runtime/Lookup.h:
2144         (JSC::lookupPut):
2145         * runtime/MarkStack.h:
2146         (JSC::MarkStack::MarkStack):
2147         (JSC::MarkStack::deprecatedAppendValues):
2148         (JSC::MarkStack::appendValues):
2149         * runtime/MathObject.cpp:
2150         (JSC::MathObject::MathObject):
2151         * runtime/NativeErrorConstructor.cpp:
2152         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2153         * runtime/NativeErrorPrototype.cpp:
2154         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2155         * runtime/NumberConstructor.cpp:
2156         (JSC::NumberConstructor::NumberConstructor):
2157         (JSC::constructWithNumberConstructor):
2158         * runtime/NumberObject.cpp:
2159         (JSC::constructNumber):
2160         * runtime/NumberPrototype.cpp:
2161         (JSC::NumberPrototype::NumberPrototype):
2162         * runtime/ObjectConstructor.cpp:
2163         (JSC::ObjectConstructor::ObjectConstructor):
2164         (JSC::objectConstructorGetOwnPropertyDescriptor):
2165         * runtime/Operations.h:
2166         (JSC::normalizePrototypeChain):
2167         (JSC::resolveBase):
2168         * runtime/PrototypeFunction.cpp:
2169         (JSC::PrototypeFunction::PrototypeFunction):
2170         * runtime/PutPropertySlot.h:
2171         (JSC::PutPropertySlot::setExistingProperty):
2172         (JSC::PutPropertySlot::setNewProperty):
2173         (JSC::PutPropertySlot::base):
2174         * runtime/RegExpConstructor.cpp:
2175         (JSC::RegExpConstructor::RegExpConstructor):
2176         * runtime/ScopeChain.cpp:
2177         (JSC::ScopeChainNode::print):
2178         * runtime/ScopeChain.h:
2179         (JSC::ScopeChainNode::~ScopeChainNode):
2180         (JSC::ScopeChainIterator::operator*):
2181         (JSC::ScopeChainIterator::operator->):
2182         (JSC::ScopeChain::top):
2183         * runtime/ScopeChainMark.h:
2184         (JSC::ScopeChain::markAggregate):
2185         * runtime/SmallStrings.cpp:
2186         (JSC::isMarked):
2187         (JSC::SmallStrings::markChildren):
2188         * runtime/SmallStrings.h:
2189         (JSC::SmallStrings::emptyString):
2190         (JSC::SmallStrings::singleCharacterString):
2191         (JSC::SmallStrings::singleCharacterStrings):
2192         * runtime/StringConstructor.cpp:
2193         (JSC::StringConstructor::StringConstructor):
2194         * runtime/StringObject.cpp:
2195         (JSC::StringObject::StringObject):
2196         * runtime/StringObject.h:
2197         * runtime/StringPrototype.cpp:
2198         (JSC::StringPrototype::StringPrototype):
2199         * runtime/Structure.cpp:
2200         (JSC::Structure::Structure):
2201         (JSC::Structure::addPropertyTransition):
2202         (JSC::Structure::toDictionaryTransition):
2203         (JSC::Structure::flattenDictionaryStructure):
2204         * runtime/Structure.h:
2205         (JSC::Structure::storedPrototype):
2206         (JSC::Structure::storedPrototypeSlot):
2207         * runtime/WeakGCMap.h:
2208         (JSC::WeakGCMap::uncheckedGet):
2209         (JSC::WeakGCMap::uncheckedGetSlot):
2210         (JSC::WeakGCMap::isValid):
2211         (JSC::::get):
2212         (JSC::::take):
2213         (JSC::::set):
2214         (JSC::::uncheckedRemove):
2215         * runtime/WriteBarrier.h: Added.
2216         (JSC::DeprecatedPtr::DeprecatedPtr):
2217         (JSC::DeprecatedPtr::get):
2218         (JSC::DeprecatedPtr::operator*):
2219         (JSC::DeprecatedPtr::operator->):
2220         (JSC::DeprecatedPtr::slot):
2221         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2222         (JSC::DeprecatedPtr::operator!):
2223         (JSC::WriteBarrierBase::set):
2224         (JSC::WriteBarrierBase::get):
2225         (JSC::WriteBarrierBase::operator*):
2226         (JSC::WriteBarrierBase::operator->):
2227         (JSC::WriteBarrierBase::slot):
2228         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2229         (JSC::WriteBarrierBase::operator!):
2230         (JSC::WriteBarrier::WriteBarrier):
2231         (JSC::operator==):
2232
2233 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
2234
2235         Reviewed by Oliver Hunt.
2236
2237         Filter all Heap collection through a common reset function, in
2238         preparation for adding features triggered by collection.
2239         https://bugs.webkit.org/show_bug.cgi?id=53396
2240         
2241         SunSpider reports no change.
2242
2243         * runtime/Heap.cpp:
2244         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
2245         limit, just call collectAllGarbage() instead of rolling our own special
2246         way of resetting the heap. In theory, this may be slower in some cases,
2247         but it also fixes cases of pathological heap growth that we've seen,
2248         where the only objects being allocated are temporary and huge
2249         (<rdar://problem/8885843>).
2250
2251         (JSC::Heap::allocate):
2252         (JSC::Heap::collectAllGarbage): Use the shared reset function.
2253
2254         (JSC::Heap::reset):
2255         * runtime/Heap.h: Carved a new shared reset function out of the old
2256         collectAllGarbage.
2257
2258 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
2259
2260         Unreviewed, rolling out r77025.
2261         http://trac.webkit.org/changeset/77025
2262         https://bugs.webkit.org/show_bug.cgi?id=53401
2263
2264         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
2265         (Requested by Ossy on #webkit).
2266
2267         * jit/ExecutableAllocatorFixedVMPool.cpp:
2268         (JSC::FreeListEntry::FreeListEntry):
2269         (JSC::AVLTreeAbstractorForFreeList::get_less):
2270         (JSC::AVLTreeAbstractorForFreeList::set_less):
2271         (JSC::AVLTreeAbstractorForFreeList::get_greater):
2272         (JSC::AVLTreeAbstractorForFreeList::set_greater):
2273         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
2274         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
2275         (JSC::AVLTreeAbstractorForFreeList::null):
2276         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
2277         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
2278         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
2279         (JSC::reverseSortFreeListEntriesByPointer):
2280         (JSC::reverseSortCommonSizedAllocations):
2281         (JSC::FixedVMPoolAllocator::release):
2282         (JSC::FixedVMPoolAllocator::reuse):
2283         (JSC::FixedVMPoolAllocator::addToFreeList):
2284         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
2285         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2286         (JSC::FixedVMPoolAllocator::alloc):
2287         (JSC::FixedVMPoolAllocator::free):
2288         (JSC::FixedVMPoolAllocator::isValid):
2289         (JSC::FixedVMPoolAllocator::allocInternal):
2290         (JSC::FixedVMPoolAllocator::isWithinVMPool):
2291         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
2292         (JSC::ExecutableAllocator::committedByteCount):
2293         (JSC::maybeModifyVMPoolSize):
2294         (JSC::ExecutableAllocator::isValid):
2295         (JSC::ExecutableAllocator::underMemoryPressure):
2296         (JSC::ExecutablePool::systemAlloc):
2297         (JSC::ExecutablePool::systemRelease):
2298         * wtf/PageReservation.h:
2299         (WTF::PageReservation::PageReservation):
2300         (WTF::PageReservation::commit):
2301         (WTF::PageReservation::decommit):
2302
2303 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
2304
2305         Reviewed by Daniel Bates.
2306
2307         Code style issue in JavaScriptCore/wtf/CurrentTime.h
2308         https://bugs.webkit.org/show_bug.cgi?id=53394
2309
2310         According to rule #3 at http://webkit.org/coding/coding-style.html,
2311         This patch fix style issue in CurrentTime.h.
2312
2313         No functionality change, no new tests.
2314
2315         * wtf/CurrentTime.h:
2316         (WTF::currentTimeMS):
2317         (WTF::getLocalTime):
2318
2319 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
2320
2321         Reviewed by Kenneth Rohde Christiansen.
2322
2323         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
2324         https://bugs.webkit.org/show_bug.cgi?id=53377
2325
2326         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
2327         instead, we can use "-all_load" on Mac.
2328
2329         * JavaScriptCore.pri:
2330
2331 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2332
2333         Sorry Leopard bot -- I committed a change by accident.
2334
2335         * JavaScriptCore.exp: You may have your symbols back now.
2336
2337 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2338
2339         Reviewed by Cameron Zwarich.
2340
2341         Simplified Heap iteration
2342         https://bugs.webkit.org/show_bug.cgi?id=53393
2343
2344         * runtime/CollectorHeapIterator.h:
2345         (JSC::CollectorHeapIterator::isValid):
2346         (JSC::CollectorHeapIterator::isLive):
2347         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
2348         advance because it's a constant.
2349         (JSC::LiveObjectIterator::LiveObjectIterator):
2350         (JSC::LiveObjectIterator::operator++):
2351         (JSC::DeadObjectIterator::DeadObjectIterator):
2352         (JSC::DeadObjectIterator::operator++):
2353         (JSC::ObjectIterator::ObjectIterator):
2354         (JSC::ObjectIterator::operator++): Factored out common checks into
2355         two helper functions -- isValid() for "Am I past the end?" and isLive()
2356         for "Is the cell I'm pointing to live?".
2357
2358         * runtime/MarkedSpace.cpp:
2359         (JSC::MarkedSpace::freeBlock):
2360         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
2361         to the end, to avoid making sweep subtly reliant on internal Heap state.
2362         (JSC::MarkedSpace::primaryHeapBegin):
2363         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
2364         iteration begins.
2365
2366 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2367
2368         Reviewed by Cameron Zwarich.
2369
2370         Simplified heap destruction
2371         https://bugs.webkit.org/show_bug.cgi?id=53392
2372
2373         * JavaScriptCore.exp:
2374         * runtime/Heap.cpp:
2375         (JSC::Heap::destroy):
2376         * runtime/Heap.h:
2377         * runtime/MarkedSpace.cpp:
2378         (JSC::MarkedSpace::destroy):
2379         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
2380         cells last -- the difficult contortions required to do so just don't seem
2381         justified. We make no guarantees about GC protection after the client
2382         throws away JSGlobalData, and it doesn't seem like any meaningful
2383         guarantee is even possible.
2384
2385 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2386
2387         Reviewed by Maciej Stachowiak.
2388
2389         Switched heap to use the Bitmap class and removed CollectorBitmap
2390         https://bugs.webkit.org/show_bug.cgi?id=53391
2391         
2392         SunSpider says 1.005x as fast. Seems like a fluke.
2393
2394         * runtime/MarkedSpace.cpp:
2395         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
2396         rather than taking a value by reference.
2397
2398         * runtime/MarkedSpace.h: Code reuse is good.
2399
2400         * wtf/Bitmap.h:
2401         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
2402         which CollectorBitmap had. (Renamed from the less conventional "getset".)
2403
2404         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
2405         clarity. It's all the same with inlining.
2406
2407 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2408
2409         Reviewed by Maciej Stachowiak.
2410
2411         Some more Heap cleanup.
2412         https://bugs.webkit.org/show_bug.cgi?id=53357
2413         
2414         * JavaScriptCore.exp:
2415         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
2416
2417         * runtime/Heap.cpp:
2418         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
2419         reportExtraMemoryCostSlowCase to match our naming conventions.
2420
2421         (JSC::Heap::capacity): Renamed size to capacity because this function
2422         returns the capacity of the heap, including unused portions.
2423
2424         * runtime/Heap.h:
2425         (JSC::Heap::globalData):
2426         (JSC::Heap::markedSpace):
2427         (JSC::Heap::machineStackMarker):
2428         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
2429         Moved ctor and dtor to the beginning of the class definition. Grouped
2430         functions by purpose.
2431
2432         * runtime/MarkedSpace.cpp:
2433         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
2434         function returns the capacity of the heap, including unused portions.
2435
2436         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
2437         the same information can be gotten just by calling size() and capacity().
2438
2439         * runtime/MemoryStatistics.cpp:
2440         * runtime/MemoryStatistics.h: Ditto.
2441
2442 2011-01-29  Daniel Bates  <dbates@rim.com>
2443
2444         Reviewed by Eric Seidel.
2445
2446         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
2447         https://bugs.webkit.org/show_bug.cgi?id=53253
2448
2449         Make inclusion of MT19937 a policy decision.
2450
2451         Currently, we hardcoded to  use MT19937 when building for
2452         Windows CE. Instead, we should make this a policy decision
2453         with the Windows CE port using this by default.
2454
2455         * JavaScriptCore.pri: Append Source/ThirdParty to the end
2456         of the list include directories.
2457         * wtf/CMakeLists.txt: Ditto.
2458         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
2459         building for Windows CE.
2460         * wtf/RandomNumber.cpp:
2461         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
2462
2463 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
2464
2465         Reviewed by David Kilzer.
2466
2467         Bug 53374 - Remove uses of unsafe string functions in debugging code
2468         https://bugs.webkit.org/show_bug.cgi?id=53374
2469
2470         * runtime/RegExp.cpp:
2471         (JSC::RegExp::printTraceData):
2472
2473 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
2474
2475         Reviewed by Oliver Hunt.
2476
2477         JavaScriptCoreUseJIT environment variable broken
2478         https://bugs.webkit.org/show_bug.cgi?id=53372
2479
2480         * runtime/JSGlobalData.cpp:
2481         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
2482         by getenv() rather than just doing a NULL check on the return value.
2483
2484 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
2485
2486         Reviewed by David Kilzer.
2487
2488         Move CharacterNames.h into WTF directory
2489         https://bugs.webkit.org/show_bug.cgi?id=49618
2490
2491         * GNUmakefile.am:
2492         * JavaScriptCore.gypi:
2493         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
2494         * JavaScriptCore.xcodeproj/project.pbxproj:
2495         * wtf/CMakeLists.txt:
2496         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
2497         * wtf/unicode/UTF8.cpp:
2498
2499 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
2500
2501         Reviewed by Gavin Barraclough.
2502
2503         Add various clampToInt() methods to MathExtras.h
2504         https://bugs.webkit.org/show_bug.cgi?id=52910
2505         
2506         Add functions for clamping doubles and floats to valid int
2507         ranges, for signed and positive integers.
2508
2509         * wtf/MathExtras.h:
2510         (clampToInteger):
2511         (clampToPositiveInteger):
2512
2513 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2514
2515         Unreviewed, rolling out r77006 and r77020.
2516         http://trac.webkit.org/changeset/77006
2517         http://trac.webkit.org/changeset/77020
2518         https://bugs.webkit.org/show_bug.cgi?id=53360
2519
2520         "Broke Windows tests" (Requested by rniwa on #webkit).
2521
2522         * API/JSCallbackObject.h:
2523         (JSC::JSCallbackObjectData::setPrivateProperty):
2524         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2525         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2526         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2527         (JSC::JSCallbackObject::setPrivateProperty):
2528         * API/JSCallbackObjectFunctions.h:
2529         (JSC::::put):
2530         (JSC::::staticFunctionGetter):
2531         * API/JSObjectRef.cpp:
2532         (JSObjectMakeConstructor):
2533         (JSObjectSetPrivateProperty):
2534         * API/JSWeakObjectMapRefInternal.h:
2535         * JavaScriptCore.exp:
2536         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2537         * JavaScriptCore.xcodeproj/project.pbxproj:
2538         * bytecode/CodeBlock.cpp:
2539         (JSC::CodeBlock::markAggregate):
2540         * bytecode/CodeBlock.h:
2541         (JSC::CodeBlock::globalObject):
2542         * bytecompiler/BytecodeGenerator.cpp:
2543         (JSC::BytecodeGenerator::BytecodeGenerator):
2544         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2545         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2546         (JSC::BytecodeGenerator::findScopedProperty):
2547         * debugger/Debugger.cpp:
2548         (JSC::evaluateInGlobalCallFrame):
2549         * debugger/DebuggerActivation.cpp:
2550         (JSC::DebuggerActivation::DebuggerActivation):
2551         (JSC::DebuggerActivation::markChildren):
2552         * debugger/DebuggerActivation.h:
2553         * debugger/DebuggerCallFrame.cpp:
2554         (JSC::DebuggerCallFrame::evaluate):
2555         * interpreter/CallFrame.h:
2556         (JSC::ExecState::exception):
2557         * interpreter/Interpreter.cpp:
2558         (JSC::Interpreter::resolve):
2559         (JSC::Interpreter::resolveSkip):
2560         (JSC::Interpreter::resolveGlobal):
2561         (JSC::Interpreter::resolveGlobalDynamic):
2562         (JSC::Interpreter::resolveBaseAndProperty):
2563         (JSC::Interpreter::unwindCallFrame):
2564         (JSC::appendSourceToError):
2565         (JSC::Interpreter::execute):
2566         (JSC::Interpreter::tryCacheGetByID):
2567         (JSC::Interpreter::privateExecute):
2568         * jit/JITStubs.cpp:
2569         (JSC::JITThunks::tryCacheGetByID):
2570         (JSC::DEFINE_STUB_FUNCTION):
2571         * jsc.cpp:
2572         (GlobalObject::GlobalObject):
2573         * runtime/ArgList.cpp:
2574         (JSC::MarkedArgumentBuffer::markLists):
2575         * runtime/Arguments.cpp:
2576         (JSC::Arguments::markChildren):
2577         (JSC::Arguments::getOwnPropertySlot):
2578         (JSC::Arguments::getOwnPropertyDescriptor):
2579         (JSC::Arguments::put):
2580         * runtime/Arguments.h:
2581         (JSC::Arguments::setActivation):
2582         (JSC::Arguments::Arguments):
2583         * runtime/ArrayConstructor.cpp:
2584         (JSC::ArrayConstructor::ArrayConstructor):
2585         (JSC::constructArrayWithSizeQuirk):
2586         * runtime/ArrayPrototype.cpp:
2587         (JSC::arrayProtoFuncSplice):
2588         * runtime/BatchedTransitionOptimizer.h:
2589         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2590         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2591         * runtime/BooleanConstructor.cpp:
2592         (JSC::BooleanConstructor::BooleanConstructor):
2593         (JSC::constructBoolean):
2594         (JSC::constructBooleanFromImmediateBoolean):
2595         * runtime/BooleanPrototype.cpp:
2596         (JSC::BooleanPrototype::BooleanPrototype):
2597         * runtime/ConservativeSet.cpp:
2598         (JSC::ConservativeSet::grow):
2599         * runtime/ConservativeSet.h:
2600         (JSC::ConservativeSet::~ConservativeSet):
2601         (JSC::ConservativeSet::mark):
2602         * runtime/DateConstructor.cpp:
2603         (JSC::DateConstructor::DateConstructor):
2604         * runtime/DateInstance.cpp:
2605         (JSC::DateInstance::DateInstance):
2606         * runtime/DatePrototype.cpp:
2607         (JSC::dateProtoFuncSetTime):
2608         (JSC::setNewValueFromTimeArgs):
2609         (JSC::setNewValueFromDateArgs):
2610         (JSC::dateProtoFuncSetYear):
2611         * runtime/ErrorConstructor.cpp:
2612         (JSC::ErrorConstructor::ErrorConstructor):
2613         * runtime/ErrorInstance.cpp:
2614         (JSC::ErrorInstance::ErrorInstance):
2615         * runtime/ErrorPrototype.cpp:
2616         (JSC::ErrorPrototype::ErrorPrototype):
2617         * runtime/FunctionConstructor.cpp:
2618         (JSC::FunctionConstructor::FunctionConstructor):
2619         * runtime/FunctionPrototype.cpp:
2620         (JSC::FunctionPrototype::FunctionPrototype):
2621         * runtime/GetterSetter.cpp:
2622         (JSC::GetterSetter::markChildren):
2623         * runtime/GetterSetter.h:
2624         (JSC::GetterSetter::GetterSetter):
2625         (JSC::GetterSetter::getter):
2626         (JSC::GetterSetter::setGetter):
2627         (JSC::GetterSetter::setter):
2628         (JSC::GetterSetter::setSetter):
2629         * runtime/GlobalEvalFunction.cpp:
2630         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2631         (JSC::GlobalEvalFunction::markChildren):
2632         * runtime/GlobalEvalFunction.h:
2633         (JSC::GlobalEvalFunction::cachedGlobalObject):
2634         * runtime/Heap.cpp:
2635         (JSC::Heap::markProtectedObjects):
2636         (JSC::Heap::markTempSortVectors):
2637         (JSC::Heap::markRoots):
2638         * runtime/InternalFunction.cpp:
2639         (JSC::InternalFunction::InternalFunction):
2640         * runtime/JSAPIValueWrapper.h:
2641         (JSC::JSAPIValueWrapper::value):
2642         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2643         * runtime/JSActivation.cpp:
2644         (JSC::JSActivation::markChildren):
2645         (JSC::JSActivation::put):
2646         * runtime/JSArray.cpp:
2647         (JSC::JSArray::JSArray):
2648         (JSC::JSArray::getOwnPropertySlot):
2649         (JSC::JSArray::getOwnPropertyDescriptor):
2650         (JSC::JSArray::put):
2651         (JSC::JSArray::putSlowCase):
2652         (JSC::JSArray::deleteProperty):
2653         (JSC::JSArray::increaseVectorLength):
2654         (JSC::JSArray::setLength):
2655         (JSC::JSArray::pop):
2656         (JSC::JSArray::push):
2657         (JSC::JSArray::unshiftCount):
2658         (JSC::JSArray::sort):
2659         (JSC::JSArray::fillArgList):
2660         (JSC::JSArray::copyToRegisters):
2661         (JSC::JSArray::compactForSorting):
2662         * runtime/JSArray.h:
2663         (JSC::JSArray::getIndex):
2664         (JSC::JSArray::setIndex):
2665         (JSC::JSArray::uncheckedSetIndex):
2666         (JSC::JSArray::markChildrenDirect):
2667         * runtime/JSByteArray.cpp:
2668         (JSC::JSByteArray::JSByteArray):
2669         * runtime/JSCell.h:
2670         (JSC::JSCell::JSValue::toThisObject):
2671         (JSC::JSCell::MarkStack::append):
2672         * runtime/JSFunction.cpp:
2673         (JSC::JSFunction::JSFunction):
2674         (JSC::JSFunction::getOwnPropertySlot):
2675         * runtime/JSGlobalData.h:
2676         * runtime/JSGlobalObject.cpp:
2677         (JSC::markIfNeeded):
2678         (JSC::JSGlobalObject::reset):
2679         (JSC::JSGlobalObject::resetPrototype):
2680         (JSC::JSGlobalObject::markChildren):
2681         * runtime/JSGlobalObject.h:
2682         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2683         (JSC::JSGlobalObject::regExpConstructor):
2684         (JSC::JSGlobalObject::errorConstructor):
2685         (JSC::JSGlobalObject::evalErrorConstructor):
2686         (JSC::JSGlobalObject::rangeErrorConstructor):
2687         (JSC::JSGlobalObject::referenceErrorConstructor):
2688         (JSC::JSGlobalObject::syntaxErrorConstructor):
2689         (JSC::JSGlobalObject::typeErrorConstructor):
2690         (JSC::JSGlobalObject::URIErrorConstructor):
2691         (JSC::JSGlobalObject::evalFunction):
2692         (JSC::JSGlobalObject::objectPrototype):
2693         (JSC::JSGlobalObject::functionPrototype):
2694         (JSC::JSGlobalObject::arrayPrototype):
2695         (JSC::JSGlobalObject::booleanPrototype):
2696         (JSC::JSGlobalObject::stringPrototype):
2697         (JSC::JSGlobalObject::numberPrototype):
2698         (JSC::JSGlobalObject::datePrototype):
2699         (JSC::JSGlobalObject::regExpPrototype):
2700         (JSC::JSGlobalObject::methodCallDummy):
2701         (JSC::Structure::prototypeForLookup):
2702         (JSC::constructArray):
2703         * runtime/JSONObject.cpp:
2704         (JSC::Stringifier::Holder::object):
2705         (JSC::Stringifier::markAggregate):
2706         (JSC::Stringifier::stringify):
2707         (JSC::Stringifier::Holder::appendNextProperty):
2708         (JSC::Walker::callReviver):
2709         (JSC::Walker::walk):
2710         * runtime/JSObject.cpp:
2711         (JSC::JSObject::defineGetter):
2712         (JSC::JSObject::defineSetter):
2713         (JSC::JSObject::removeDirect):
2714         (JSC::JSObject::putDirectFunction):
2715         (JSC::JSObject::putDirectFunctionWithoutTransition):
2716         (JSC::putDescriptor):
2717         (JSC::JSObject::defineOwnProperty):
2718         * runtime/JSObject.h:
2719         (JSC::JSObject::getDirectOffset):
2720         (JSC::JSObject::putDirectOffset):
2721         (JSC::JSObject::flattenDictionaryObject):
2722         (JSC::JSObject::putDirectInternal):
2723         (JSC::JSObject::putDirect):
2724         (JSC::JSObject::putDirectFunction):
2725         (JSC::JSObject::putDirectWithoutTransition):
2726         (JSC::JSObject::putDirectFunctionWithoutTransition):
2727         (JSC::JSValue::putDirect):
2728         (JSC::JSObject::allocatePropertyStorageInline):
2729         (JSC::JSObject::markChildrenDirect):
2730         * runtime/JSPropertyNameIterator.cpp:
2731         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2732         (JSC::JSPropertyNameIterator::get):
2733         * runtime/JSPropertyNameIterator.h:
2734         * runtime/JSStaticScopeObject.cpp:
2735         (JSC::JSStaticScopeObject::markChildren):
2736         * runtime/JSString.cpp:
2737         (JSC::StringObject::create):
2738         * runtime/JSValue.h:
2739         * runtime/JSWrapperObject.cpp:
2740         (JSC::JSWrapperObject::markChildren):
2741         * runtime/JSWrapperObject.h:
2742         (JSC::JSWrapperObject::internalValue):
2743         (JSC::JSWrapperObject::setInternalValue):
2744         * runtime/LiteralParser.cpp:
2745         (JSC::LiteralParser::parse):
2746         * runtime/Lookup.cpp:
2747         (JSC::setUpStaticFunctionSlot):
2748         * runtime/Lookup.h:
2749         (JSC::lookupPut):
2750         * runtime/MarkStack.h:
2751         (JSC::MarkStack::appendValues):
2752         * runtime/MathObject.cpp:
2753         (JSC::MathObject::MathObject):
2754         * runtime/NativeErrorConstructor.cpp:
2755         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2756         * runtime/NativeErrorPrototype.cpp:
2757         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2758         * runtime/NumberConstructor.cpp:
2759         (JSC::NumberConstructor::NumberConstructor):
2760         (JSC::constructWithNumberConstructor):
2761         * runtime/NumberObject.cpp:
2762         (JSC::constructNumber):
2763         * runtime/NumberPrototype.cpp:
2764         (JSC::NumberPrototype::NumberPrototype):
2765         * runtime/ObjectConstructor.cpp:
2766         (JSC::ObjectConstructor::ObjectConstructor):
2767         (JSC::objectConstructorGetOwnPropertyDescriptor):
2768         * runtime/Operations.h:
2769         (JSC::normalizePrototypeChain):
2770         (JSC::resolveBase):
2771         * runtime/PrototypeFunction.cpp:
2772         (JSC::PrototypeFunction::PrototypeFunction):
2773         * runtime/PutPropertySlot.h:
2774         (JSC::PutPropertySlot::setExistingProperty):
2775         (JSC::PutPropertySlot::setNewProperty):
2776         (JSC::PutPropertySlot::base):
2777         * runtime/RegExpConstructor.cpp:
2778         (JSC::RegExpConstructor::RegExpConstructor):
2779         * runtime/ScopeChain.cpp:
2780         (JSC::ScopeChainNode::print):
2781         * runtime/ScopeChain.h:
2782         (JSC::ScopeChainNode::~ScopeChainNode):
2783         (JSC::ScopeChainIterator::operator*):
2784         (JSC::ScopeChainIterator::operator->):
2785         (JSC::ScopeChain::top):
2786         * runtime/ScopeChainMark.h:
2787         (JSC::ScopeChain::markAggregate):
2788         * runtime/SmallStrings.cpp:
2789         (JSC::isMarked):
2790         (JSC::SmallStrings::markChildren):
2791         * runtime/SmallStrings.h:
2792         (JSC::SmallStrings::emptyString):
2793         (JSC::SmallStrings::singleCharacterString):
2794         (JSC::SmallStrings::singleCharacterStrings):
2795         * runtime/StringConstructor.cpp:
2796         (JSC::StringConstructor::StringConstructor):
2797         * runtime/StringObject.cpp:
2798         (JSC::StringObject::StringObject):
2799         * runtime/StringObject.h:
2800         * runtime/StringPrototype.cpp:
2801         (JSC::StringPrototype::StringPrototype):
2802         * runtime/Structure.cpp:
2803         (JSC::Structure::Structure):
2804         (JSC::Structure::addPropertyTransition):
2805         (JSC::Structure::toDictionaryTransition):
2806         (JSC::Structure::flattenDictionaryStructure):
2807         * runtime/Structure.h:
2808         (JSC::Structure::storedPrototype):
2809         * runtime/WeakGCMap.h:
2810         (JSC::WeakGCMap::uncheckedGet):
2811         (JSC::WeakGCMap::isValid):
2812         (JSC::::get):
2813         (JSC::::take):
2814         (JSC::::set):
2815         (JSC::::uncheckedRemove):
2816         * runtime/WriteBarrier.h: Removed.
2817
2818 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2819
2820         Reviewed by Geoff Garen.
2821
2822         https://bugs.webkit.org/show_bug.cgi?id=53352
2823         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2824
2825         The FixedVMPoolAllocator currently uses a best fix policy -
2826         switch to first fit, this is less prone to external fragmentation.
2827
2828         * jit/ExecutableAllocatorFixedVMPool.cpp:
2829         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2830         (JSC::AllocationTableSizeClass::blockSize):
2831         (JSC::AllocationTableSizeClass::blockCount):
2832         (JSC::AllocationTableSizeClass::blockAlignment):
2833         (JSC::AllocationTableSizeClass::size):
2834         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2835         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2836         (JSC::AllocationTableLeaf::allocate):
2837         (JSC::AllocationTableLeaf::free):
2838         (JSC::AllocationTableLeaf::isEmpty):
2839         (JSC::AllocationTableLeaf::isFull):
2840         (JSC::AllocationTableLeaf::size):
2841         (JSC::AllocationTableLeaf::classForSize):
2842         (JSC::AllocationTableLeaf::dump):
2843         (JSC::LazyAllocationTable::LazyAllocationTable):
2844         (JSC::LazyAllocationTable::~LazyAllocationTable):
2845         (JSC::LazyAllocationTable::allocate):
2846         (JSC::LazyAllocationTable::free):
2847         (JSC::LazyAllocationTable::isEmpty):
2848         (JSC::LazyAllocationTable::isFull):
2849         (JSC::LazyAllocationTable::size):
2850         (JSC::LazyAllocationTable::dump):
2851         (JSC::LazyAllocationTable::classForSize):
2852         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2853         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2854         (JSC::AllocationTableDirectory::allocate):
2855         (JSC::AllocationTableDirectory::free):
2856         (JSC::AllocationTableDirectory::isEmpty):
2857         (JSC::AllocationTableDirectory::isFull):
2858         (JSC::AllocationTableDirectory::size):
2859         (JSC::AllocationTableDirectory::classForSize):
2860         (JSC::AllocationTableDirectory::dump):
2861         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2862         (JSC::FixedVMPoolAllocator::alloc):
2863         (JSC::FixedVMPoolAllocator::free):
2864         (JSC::FixedVMPoolAllocator::allocated):
2865         (JSC::FixedVMPoolAllocator::isValid):
2866         (JSC::FixedVMPoolAllocator::classForSize):
2867         (JSC::FixedVMPoolAllocator::offsetToPointer):
2868         (JSC::FixedVMPoolAllocator::pointerToOffset):
2869         (JSC::ExecutableAllocator::committedByteCount):
2870         (JSC::ExecutableAllocator::isValid):
2871         (JSC::ExecutableAllocator::underMemoryPressure):
2872         (JSC::ExecutablePool::systemAlloc):
2873         (JSC::ExecutablePool::systemRelease):
2874         * wtf/PageReservation.h:
2875         (WTF::PageReservation::PageReservation):
2876         (WTF::PageReservation::commit):
2877         (WTF::PageReservation::decommit):
2878         (WTF::PageReservation::committed):
2879
2880 2011-01-27  Oliver Hunt  <oliver@apple.com>
2881
2882         Reviewed by Geoffrey Garen.
2883
2884         Convert markstack to a slot visitor API
2885         https://bugs.webkit.org/show_bug.cgi?id=53219
2886
2887         Move the MarkStack over to a slot based marking API.
2888
2889         In order to avoiding aliasing concerns there are two new types
2890         that need to be used when holding on to JSValues and JSCell that
2891         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2892         is expected to be used for any JSValue or Cell that's lifetime and
2893         marking is controlled by another GC object.  DeprecatedPtr is used
2894         for any value that we need to rework ownership for.
2895
2896         The change over to this model has produced a large amount of
2897         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2898         etc).
2899
2900         * API/JSCallbackObject.h:
2901         (JSC::JSCallbackObjectData::setPrivateProperty):
2902         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2903         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2904         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2905         (JSC::JSCallbackObject::setPrivateProperty):
2906         * API/JSCallbackObjectFunctions.h:
2907         (JSC::::put):
2908         (JSC::::staticFunctionGetter):
2909         * API/JSObjectRef.cpp:
2910         (JSObjectMakeConstructor):
2911         (JSObjectSetPrivateProperty):
2912         * API/JSWeakObjectMapRefInternal.h:
2913         * JavaScriptCore.exp:
2914         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2915         * JavaScriptCore.xcodeproj/project.pbxproj:
2916         * bytecode/CodeBlock.cpp:
2917         (JSC::CodeBlock::markAggregate):
2918         * bytecode/CodeBlock.h:
2919         (JSC::CodeBlock::globalObject):
2920         * bytecompiler/BytecodeGenerator.cpp:
2921         (JSC::BytecodeGenerator::BytecodeGenerator):
2922         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2923         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2924         (JSC::BytecodeGenerator::findScopedProperty):
2925         * debugger/DebuggerActivation.cpp:
2926         (JSC::DebuggerActivation::DebuggerActivation):
2927         (JSC::DebuggerActivation::markChildren):
2928         * debugger/DebuggerActivation.h:
2929         * interpreter/Interpreter.cpp:
2930         (JSC::Interpreter::resolve):
2931         (JSC::Interpreter::resolveSkip):
2932         (JSC::Interpreter::resolveGlobalDynamic):
2933         (JSC::Interpreter::resolveBaseAndProperty):
2934         (JSC::Interpreter::unwindCallFrame):
2935         (JSC::appendSourceToError):
2936         (JSC::Interpreter::execute):
2937         (JSC::Interpreter::privateExecute):
2938         * interpreter/Register.h:
2939         (JSC::Register::jsValueSlot):
2940         * jit/JITStubs.cpp:
2941         (JSC::JITThunks::tryCacheGetByID):
2942         (JSC::DEFINE_STUB_FUNCTION):
2943         * jsc.cpp:
2944         (GlobalObject::GlobalObject):
2945         * runtime/Arguments.cpp:
2946         (JSC::Arguments::markChildren):
2947         (JSC::Arguments::getOwnPropertySlot):
2948         (JSC::Arguments::getOwnPropertyDescriptor):
2949         (JSC::Arguments::put):
2950         * runtime/Arguments.h:
2951         (JSC::Arguments::setActivation):
2952         (JSC::Arguments::Arguments):
2953         * runtime/ArrayConstructor.cpp:
2954         (JSC::ArrayConstructor::ArrayConstructor):
2955         (JSC::constructArrayWithSizeQuirk):
2956         * runtime/ArrayPrototype.cpp:
2957         (JSC::arrayProtoFuncSplice):
2958         * runtime/BatchedTransitionOptimizer.h:
2959         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2960         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2961         * runtime/BooleanConstructor.cpp:
2962         (JSC::BooleanConstructor::BooleanConstructor):
2963         (JSC::constructBoolean):
2964         (JSC::constructBooleanFromImmediateBoolean):
2965         * runtime/BooleanPrototype.cpp:
2966         (JSC::BooleanPrototype::BooleanPrototype):
2967         * runtime/ConservativeSet.h:
2968         (JSC::ConservativeSet::mark):
2969         * runtime/DateConstructor.cpp:
2970         (JSC::DateConstructor::DateConstructor):
2971         * runtime/DateInstance.cpp:
2972         (JSC::DateInstance::DateInstance):
2973         * runtime/DatePrototype.cpp:
2974         (JSC::dateProtoFuncSetTime):
2975         (JSC::setNewValueFromTimeArgs):
2976         (JSC::setNewValueFromDateArgs):
2977         (JSC::dateProtoFuncSetYear):
2978         * runtime/ErrorConstructor.cpp:
2979         (JSC::ErrorConstructor::ErrorConstructor):
2980         * runtime/ErrorInstance.cpp:
2981         (JSC::ErrorInstance::ErrorInstance):
2982         * runtime/ErrorPrototype.cpp:
2983         (JSC::ErrorPrototype::ErrorPrototype):
2984         * runtime/FunctionConstructor.cpp:
2985         (JSC::FunctionConstructor::FunctionConstructor):
2986         * runtime/FunctionPrototype.cpp:
2987         (JSC::FunctionPrototype::FunctionPrototype):
2988         * runtime/GetterSetter.cpp:
2989         (JSC::GetterSetter::markChildren):
2990         * runtime/GetterSetter.h:
2991         (JSC::GetterSetter::GetterSetter):
2992         (JSC::GetterSetter::getter):
2993         (JSC::GetterSetter::setGetter):
2994         (JSC::GetterSetter::setter):
2995         (JSC::GetterSetter::setSetter):
2996         * runtime/GlobalEvalFunction.cpp:
2997         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2998         (JSC::GlobalEvalFunction::markChildren):
2999         * runtime/GlobalEvalFunction.h:
3000         (JSC::GlobalEvalFunction::cachedGlobalObject):
3001         * runtime/Heap.cpp:
3002         (JSC::Heap::markProtectedObjects):
3003         (JSC::Heap::markTempSortVectors):
3004         (JSC::Heap::markRoots):
3005         * runtime/InternalFunction.cpp:
3006         (JSC::InternalFunction::InternalFunction):
3007         * runtime/JSAPIValueWrapper.h:
3008         (JSC::JSAPIValueWrapper::value):
3009         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
3010         * runtime/JSActivation.cpp:
3011         (JSC::JSActivation::put):
3012         * runtime/JSArray.cpp:
3013         (JSC::JSArray::JSArray):
3014         (JSC::JSArray::getOwnPropertySlot):
3015         (JSC::JSArray::getOwnPropertyDescriptor):
3016         (JSC::JSArray::put):
3017         (JSC::JSArray::putSlowCase):
3018         (JSC::JSArray::deleteProperty):
3019         (JSC::JSArray::increaseVectorLength):
3020         (JSC::JSArray::setLength):
3021         (JSC::JSArray::pop):
3022         (JSC::JSArray::push):
3023         (JSC::JSArray::unshiftCount):
3024         (JSC::JSArray::sort):
3025         (JSC::JSArray::fillArgList):
3026         (JSC::JSArray::copyToRegisters):
3027         (JSC::JSArray::compactForSorting):
3028         * runtime/JSArray.h:
3029         (JSC::JSArray::getIndex):
3030         (JSC::JSArray::setIndex):
3031         (JSC::JSArray::uncheckedSetIndex):
3032         (JSC::JSArray::markChildrenDirect):
3033         * runtime/JSByteArray.cpp:
3034         (JSC::JSByteArray::JSByteArray):
3035         * runtime/JSCell.h:
3036         (JSC::JSCell::MarkStack::append):
3037         (JSC::JSCell::MarkStack::appendCell):
3038         * runtime/JSFunction.cpp:
3039         (JSC::JSFunction::JSFunction):
3040         (JSC::JSFunction::getOwnPropertySlot):
3041         * runtime/JSGlobalObject.cpp:
3042         (JSC::markIfNeeded):
3043         (JSC::JSGlobalObject::reset):
3044         (JSC::JSGlobalObject::resetPrototype):
3045         (JSC::JSGlobalObject::markChildren):
3046         * runtime/JSGlobalObject.h:
3047         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
3048         (JSC::JSGlobalObject::regExpConstructor):
3049         (JSC::JSGlobalObject::errorConstructor):
3050         (JSC::JSGlobalObject::evalErrorConstructor):
3051         (JSC::JSGlobalObject::rangeErrorConstructor):
3052         (JSC::JSGlobalObject::referenceErrorConstructor):
3053         (JSC::JSGlobalObject::syntaxErrorConstructor):
3054         (JSC::JSGlobalObject::typeErrorConstructor):
3055         (JSC::JSGlobalObject::URIErrorConstructor):
3056         (JSC::JSGlobalObject::evalFunction):
3057         (JSC::JSGlobalObject::objectPrototype):
3058         (JSC::JSGlobalObject::functionPrototype):
3059         (JSC::JSGlobalObject::arrayPrototype):
3060         (JSC::JSGlobalObject::booleanPrototype):
3061         (JSC::JSGlobalObject::stringPrototype):
3062         (JSC::JSGlobalObject::numberPrototype):
3063         (JSC::JSGlobalObject::datePrototype):
3064         (JSC::JSGlobalObject::regExpPrototype):
3065         (JSC::JSGlobalObject::methodCallDummy):
3066         (JSC::constructArray):
3067         * runtime/JSONObject.cpp:
3068         (JSC::Stringifier::Holder::object):
3069         (JSC::Stringifier::Holder::objectSlot):
3070         (JSC::Stringifier::markAggregate):
3071         (JSC::Stringifier::stringify):
3072         (JSC::Stringifier::Holder::appendNextProperty):
3073         (JSC::Walker::callReviver):
3074         (JSC::Walker::walk):
3075         * runtime/JSObject.cpp:
3076         (JSC::JSObject::defineGetter):
3077         (JSC::JSObject::defineSetter):
3078         (JSC::JSObject::removeDirect):
3079         (JSC::JSObject::putDirectFunction):
3080         (JSC::JSObject::putDirectFunctionWithoutTransition):
3081         (JSC::putDescriptor):
3082         (JSC::JSObject::defineOwnProperty):
3083         * runtime/JSObject.h:
3084         (JSC::JSObject::putDirectOffset):
3085         (JSC::JSObject::putUndefinedAtDirectOffset):
3086         (JSC::JSObject::flattenDictionaryObject):
3087         (JSC::JSObject::putDirectInternal):
3088         (JSC::JSObject::putDirect):
3089         (JSC::JSObject::putDirectFunction):
3090         (JSC::JSObject::putDirectWithoutTransition):
3091         (JSC::JSObject::putDirectFunctionWithoutTransition):
3092         (JSC::JSValue::putDirect):
3093         (JSC::JSObject::allocatePropertyStorageInline):
3094         (JSC::JSObject::markChildrenDirect):
3095         * runtime/JSStaticScopeObject.cpp:
3096         (JSC::JSStaticScopeObject::markChildren):
3097         * runtime/JSString.cpp:
3098         (JSC::StringObject::create):
3099         * runtime/JSValue.h:
3100         * runtime/JSWrapperObject.cpp:
3101         (JSC::JSWrapperObject::markChildren):
3102         * runtime/JSWrapperObject.h:
3103         (JSC::JSWrapperObject::internalValue):
3104         (JSC::JSWrapperObject::setInternalValue):
3105         * runtime/LiteralParser.cpp:
3106         (JSC::LiteralParser::parse):
3107         * runtime/Lookup.cpp:
3108         (JSC::setUpStaticFunctionSlot):
3109         * runtime/Lookup.h:
3110         (JSC::lookupPut):
3111         * runtime/MarkStack.h:
3112         * runtime/MathObject.cpp:
3113         (JSC::MathObject::MathObject):
3114         * runtime/NativeErrorConstructor.cpp:
3115         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3116         * runtime/NativeErrorPrototype.cpp:
3117         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3118         * runtime/NumberConstructor.cpp:
3119         (JSC::NumberConstructor::NumberConstructor):
3120         (JSC::constructWithNumberConstructor):
3121         * runtime/NumberObject.cpp:
3122         (JSC::constructNumber):
3123         * runtime/NumberPrototype.cpp:
3124         (JSC::NumberPrototype::NumberPrototype):
3125         * runtime/ObjectConstructor.cpp:
3126         (JSC::ObjectConstructor::ObjectConstructor):
3127         (JSC::objectConstructorGetOwnPropertyDescriptor):
3128         * runtime/Operations.h:
3129         (JSC::normalizePrototypeChain):
3130         (JSC::resolveBase):
3131         * runtime/PrototypeFunction.cpp:
3132         (JSC::PrototypeFunction::PrototypeFunction):
3133         * runtime/PutPropertySlot.h:
3134         (JSC::PutPropertySlot::setExistingProperty):
3135         (JSC::PutPropertySlot::setNewProperty):
3136         (JSC::PutPropertySlot::base):
3137         * runtime/RegExpConstructor.cpp:
3138         (JSC::RegExpConstructor::RegExpConstructor):
3139         * runtime/ScopeChain.cpp:
3140         (JSC::ScopeChainNode::print):
3141         * runtime/ScopeChain.h:
3142         (JSC::ScopeChainNode::~ScopeChainNode):
3143         (JSC::ScopeChainIterator::operator*):
3144         (JSC::ScopeChainIterator::operator->):
3145         (JSC::ScopeChain::top):
3146         * runtime/ScopeChainMark.h:
3147         (JSC::ScopeChain::markAggregate):
3148         * runtime/SmallStrings.cpp:
3149         (JSC::isMarked):
3150         (JSC::SmallStrings::markChildren):
3151         * runtime/SmallStrings.h:
3152         (JSC::SmallStrings::emptyString):
3153         (JSC::SmallStrings::singleCharacterString):
3154         (JSC::SmallStrings::singleCharacterStrings):
3155         * runtime/StringConstructor.cpp:
3156         (JSC::StringConstructor::StringConstructor):
3157         * runtime/StringObject.cpp:
3158         (JSC::StringObject::StringObject):
3159         * runtime/StringObject.h:
3160         * runtime/StringPrototype.cpp:
3161         (JSC::StringPrototype::StringPrototype):
3162         * runtime/Structure.cpp:
3163         (JSC::Structure::flattenDictionaryStructure):
3164         * runtime/Structure.h:
3165         (JSC::Structure::storedPrototypeSlot):
3166         * runtime/WeakGCMap.h:
3167         (JSC::WeakGCMap::uncheckedGet):
3168         (JSC::WeakGCMap::uncheckedGetSlot):
3169         (JSC::::get):
3170         (JSC::::take):
3171         (JSC::::set):
3172         (JSC::::uncheckedRemove):
3173         * runtime/WriteBarrier.h: Added.
3174         (JSC::DeprecatedPtr::DeprecatedPtr):
3175         (JSC::DeprecatedPtr::get):
3176         (JSC::DeprecatedPtr::operator*):
3177         (JSC::DeprecatedPtr::operator->):
3178         (JSC::DeprecatedPtr::slot):
3179         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
3180         (JSC::DeprecatedPtr::operator!):
3181         (JSC::WriteBarrierBase::set):
3182         (JSC::WriteBarrierBase::get):
3183         (JSC::WriteBarrierBase::operator*):
3184         (JSC::WriteBarrierBase::operator->):
3185         (JSC::WriteBarrierBase::slot):
3186         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
3187         (JSC::WriteBarrierBase::operator!):
3188         (JSC::WriteBarrier::WriteBarrier):
3189         (JSC::operator==):
3190
3191 2011-01-28  Adam Roben  <aroben@apple.com>
3192
3193         Chromium build fix after r76967
3194
3195         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
3196         similar macros in this file.
3197
3198 2011-01-28  Michael Saboff  <msaboff@apple.com>
3199
3200         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3201         https://bugs.webkit.org/show_bug.cgi?id=53271
3202
3203         Reapplying this this change.  No change from prior patch in
3204         JavaScriptCore.
3205
3206         Added new isValid() methods to check if a contained object in
3207         a WeakGCMap is valid when using an unchecked iterator.
3208
3209         * runtime/WeakGCMap.h:
3210         (JSC::WeakGCMap::isValid):
3211
3212 2011-01-27  Adam Roben  <aroben@apple.com>
3213
3214         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
3215         function
3216
3217         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
3218         Win32 event
3219
3220         Reviewed by Dave Hyatt.
3221
3222         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
3223
3224         * wtf/ThreadingPrimitives.h: Declare the new function.
3225
3226         * wtf/ThreadingWin.cpp:
3227         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
3228         interval from here...
3229         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
3230
3231 2011-01-28  Sam Weinig  <sam@webkit.org>
3232
3233         Reviewed by Maciej Stachowiak.
3234
3235         Add basic rubber banding support
3236         <rdar://problem/8219429>
3237         https://bugs.webkit.org/show_bug.cgi?id=53277
3238
3239         * wtf/Platform.h: Add ENABLE for rubber banding.
3240
3241 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3242
3243         Unreviewed, rolling out r76893.
3244         http://trac.webkit.org/changeset/76893
3245         https://bugs.webkit.org/show_bug.cgi?id=53287
3246
3247         It made some tests crash on GTK and Qt debug bots (Requested
3248         by Ossy on #webkit).
3249
3250         * runtime/WeakGCMap.h:
3251
3252 2011-01-27  Adam Barth  <abarth@webkit.org>
3253
3254         Reviewed by Eric Seidel.
3255
3256         Add WTFString method to compare equality with Vector<UChar>
3257         https://bugs.webkit.org/show_bug.cgi?id=53266
3258
3259         I'm planning to use this method in the new XSS filter implementation,
3260         but it seems generally useful.
3261
3262         * wtf/text/StringImpl.h:
3263         (WTF::equalIgnoringNullity):
3264         * wtf/text/WTFString.h:
3265         (WTF::equalIgnoringNullity):
3266
3267 2011-01-27  Michael Saboff  <msaboff@apple.com>
3268
3269         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3270         https://bugs.webkit.org/show_bug.cgi?id=53271
3271
3272         Added new isValid() methods to check if a contained object in
3273         a WeakGCMap is valid when using an unchecked iterator.
3274
3275         * runtime/WeakGCMap.h:
3276         (JSC::WeakGCMap::isValid):
3277
3278 2011-01-26  Sam Weinig  <sam@webkit.org>
3279
3280         Reviewed by Maciej Stachowiak.
3281
3282         Add events to represent the start/end of a gesture scroll
3283         https://bugs.webkit.org/show_bug.cgi?id=53215
3284
3285         * wtf/Platform.h: Add ENABLE for gesture events. 
3286
3287 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
3288
3289         Reviewed by Laszlo Gombos.
3290
3291         [Qt][Symbian] Fix --minimal build
3292         https://bugs.webkit.org/show_bug.cgi?id=52839
3293
3294         Move definition of USE_SYSTEM_MALLOC out of pri file.
3295         Put it in platform.h instead.
3296
3297         * wtf/Platform.h:
3298         * wtf/TCSystemAlloc.cpp:
3299         * wtf/wtf.pri:
3300
3301 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
3302
3303         Reviewed by Andreas Kling.
3304
3305         [WINCE] Add JIT support to build system
3306         https://bugs.webkit.org/show_bug.cgi?id=53079
3307
3308         * CMakeListsWinCE.txt:
3309
3310 2011-01-25  Adam Roben  <aroben@apple.com>
3311
3312         Windows Production build fix
3313
3314         Reviewed by Steve Falkenburg.
3315
3316         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
3317         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
3318         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
3319
3320 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
3321
3322         Rubber-stamped by Adam Roben.
3323
3324         Windows production build fix.
3325         Use correct environment variable escaping
3326
3327         * JavaScriptCore.vcproj/JavaScriptCore.make:
3328         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
3329
3330 2011-01-25  Oliver Hunt  <oliver@apple.com>
3331
3332         Reviewed by Gavin Barraclough.
3333
3334         JSON.stringify processing time exponentially grows with size of object
3335         https://bugs.webkit.org/show_bug.cgi?id=51922
3336
3337         Remove last use of reserveCapacity from JSON stringification, as it results
3338         in appalling append behaviour when there are a large number of property names
3339         and nothing else.
3340
3341         * runtime/JSONObject.cpp:
3342         (JSC::Stringifier::appendQuotedString):
3343
3344 2011-01-25  Antti Koivisto  <antti@apple.com>
3345
3346         Not reviewed.
3347         
3348         Try to fix windows build.
3349
3350         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3351
3352 2011-01-25  Antti Koivisto  <antti@apple.com>
3353
3354         Reviewed by Oliver Hunt.
3355
3356         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
3357         https://bugs.webkit.org/show_bug.cgi?id=53061
3358          
3359         Cache did not know about the subclass so failed to fully delete the items. 
3360         Got rid of the subclass and moved the classes to separate files.
3361
3362         * CMakeLists.txt:
3363         * GNUmakefile.am:
3364         * JavaScriptCore.exp:
3365         * JavaScriptCore.gypi:
3366         * JavaScriptCore.pro:
3367         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3368         * JavaScriptCore.xcodeproj/project.pbxproj:
3369         * parser/JSParser.cpp:
3370         (JSC::JSParser::Scope::saveFunctionInfo):
3371         (JSC::JSParser::Scope::restoreFunctionInfo):
3372         (JSC::JSParser::findCachedFunctionInfo):
3373         (JSC::JSParser::parseFunctionInfo):
3374         * parser/SourceProvider.h:
3375         * parser/SourceProviderCache.cpp: Added.
3376         (JSC::SourceProviderCache::~SourceProviderCache):
3377         (JSC::SourceProviderCache::byteSize):
3378         * parser/SourceProviderCache.h: Added.
3379         (JSC::SourceProviderCache::SourceProviderCache):
3380         (JSC::SourceProviderCache::add):
3381         (JSC::SourceProviderCache::get):
3382         * parser/SourceProviderCacheItem.h: Added.
3383         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
3384         (JSC::SourceProviderCacheItem::approximateByteSize):
3385         (JSC::SourceProviderCacheItem::closeBraceToken):
3386
3387 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
3388
3389         Reviewed by Darin Adler.
3390
3391         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
3392         statement
3393         https://bugs.webkit.org/show_bug.cgi?id=53087.
3394
3395         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
3396         with a "return" so that the code is more readable and less error pro
3397         (e.g., "else" doesn't use braces so adding extra lines to the else
3398         block won't have any effect; even worse, code still compiles
3399         successfully.
3400
3401         * wtf/Assertions.cpp:
3402
3403 2011-01-24  Chris Marrin  <cmarrin@apple.com>
3404
3405         Reviewed by Eric Seidel.
3406
3407         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
3408         https://bugs.webkit.org/show_bug.cgi?id=53041
3409
3410         * Configurations/FeatureDefines.xcconfig:
3411
3412 2011-01-25  Adam Roben  <aroben@apple.com>
3413
3414         Windows Production build fix
3415
3416         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
3417
3418 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
3419
3420         Reviewed by Eric Seidel.
3421
3422         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
3423         https://bugs.webkit.org/show_bug.cgi?id=52949
3424
3425         * jit/JITStubs.cpp:
3426
3427 2011-01-24  Adam Roben  <aroben@apple.com>
3428
3429         Windows Production build fix
3430
3431         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
3432
3433 2011-01-24  Peter Varga  <pvarga@webkit.org>
3434
3435         Reviewed by Oliver Hunt.
3436
3437         Optimize regex patterns which contain empty alternatives
3438         https://bugs.webkit.org/show_bug.cgi?id=51395
3439
3440         Eliminate the empty alternatives from the regex pattern and convert it to do
3441         the matching in an easier way.
3442
3443         * yarr/YarrPattern.cpp:
3444         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
3445
3446 2011-01-24  Andras Becsi  <abecsi@webkit.org>
3447
3448         Reviewed by Csaba Osztrogonác.
3449
3450         [Qt] Move project files into Source
3451         https://bugs.webkit.org/show_bug.cgi?id=52891
3452
3453         * JavaScriptCore.pri:
3454         * JavaScriptCore.pro:
3455         * jsc.pro:
3456
3457 2011-01-23  Mark Rowe  <mrowe@apple.com>
3458
3459         Follow-up to r76477.
3460
3461         Fix the scripts that detect problematic code such as static initializers
3462         and destructors, weak vtables, inappropriate files in the framework wrappers,
3463         and public headers including private headers. These had all been broken
3464         since the projects were moved in to the Source directory as the paths to the
3465         scripts were not updated at that time.
3466
3467         * JavaScriptCore.xcodeproj/project.pbxproj:
3468
3469 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3470
3471         Reviewed by Darin Adler.
3472
3473         Use WTF::StringHasher in WebCore
3474         https://bugs.webkit.org/show_bug.cgi?id=52934
3475
3476         Add an additional function to calculate the hash
3477         of data with a runtimedependent size.
3478
3479         * wtf/StringHasher.h:
3480         (WTF::StringHasher::createBlobHash):
3481
3482 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3483
3484         Reviewed by David Kilzer.
3485
3486         Fix comment in String::ascii()
3487         https://bugs.webkit.org/show_bug.cgi?id=52980
3488
3489         * wtf/text/WTFString.cpp:
3490         (WTF::String::ascii):
3491
3492 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3493
3494         Reviewed by David Kilzer.
3495
3496         Add String::containsOnlyLatin1()
3497         https://bugs.webkit.org/show_bug.cgi?id=52979
3498
3499         * wtf/text/WTFString.h:
3500         (WTF::String::containsOnlyLatin1):
3501         (WTF::charactersAreAllLatin1):
3502
3503 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3504
3505         Reviewed by Oliver Hunt.
3506
3507         Remove obsolete JSVALUE32 code
3508         https://bugs.webkit.org/show_bug.cgi?id=52948
3509
3510         r70111 removed support for JSVALUE32.
3511         ARM, MIPS and X86 support JSVALUE32_64 only.
3512
3513         * jit/JITStubs.cpp:
3514
3515 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3516
3517         Reviewed by Dan Bernstein.
3518
3519         ASSERT running run-webkit-tests --threaded.
3520         https://bugs.webkit.org/show_bug.cgi?id=52971
3521         
3522         SunSpider and v8 report no change.
3523
3524         * runtime/ConservativeSet.cpp:
3525         (JSC::ConservativeSet::grow):
3526         (JSC::ConservativeSet::add):
3527         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
3528         the growth policy to 2X, to make SunSpider and v8 happy.
3529         (JSC::ConservativeSet::ConservativeSet):
3530         (JSC::ConservativeSet::~ConservativeSet):
3531         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
3532         Malloc is forbidden during a multi-threaded mark phase because it can
3533         cause deadlock.
3534
3535 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3536
3537         Reviewed by Geoffrey Garen.
3538
3539         Rubber-stamped by Maciej Stachowiak.
3540
3541         A few of Maciej's review suggestions for my last patch.
3542         https://bugs.webkit.org/show_bug.cgi?id=52946        
3543
3544         SunSpider reports no change.
3545
3546         * Android.mk:
3547         * CMakeLists.txt:
3548         * GNUmakefile.am:
3549         * JavaScriptCore.gypi:
3550         * JavaScriptCore.pro:
3551         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3552         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
3553
3554         * runtime/ConservativeSet.cpp: Added.
3555         (JSC::isPointerAligned):
3556         (JSC::ConservativeSet::add):
3557         * runtime/ConservativeSet.h: Added.
3558         (JSC::ConservativeSet::ConservativeSet):
3559         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
3560         file, and moved the conservative check into ConservativeSet::add, making
3561         ConservativeSet's responsibility clearer.
3562
3563         * runtime/Heap.cpp:
3564         (JSC::Heap::markRoots):
3565         * runtime/MachineStackMarker.cpp:
3566         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3567         (JSC::MachineStackMarker::markOtherThreadConservatively):
3568         * runtime/MachineStackMarker.h:
3569         * runtime/MarkStack.h: Updated for changes above.
3570
3571 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
3572
3573         Unreviewed WinCE build fix for r76430.
3574
3575         * runtime/MachineStackMarker.cpp:
3576         (JSC::swapIfBackwards):
3577
3578 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3579
3580         Reviewed by Beth Dakin.
3581
3582         Reorganized MarkedSpace, making many of its functions private.
3583
3584         * runtime/JSCell.h:
3585         (JSC::JSCell::Heap::heap):
3586         * runtime/MarkedSpace.h:
3587         (JSC::MarkedSpace::globalData):
3588         (JSC::MarkedSpace::heap):
3589
3590 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3591
3592         Try to fix build: moved helper function out of #ifdef.
3593
3594         * runtime/MachineStackMarker.cpp:
3595         (JSC::swapIfBackwards):
3596
3597 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3598
3599         Rubber-stamped by Maciej Stachowiak.
3600
3601         A few of Maciej's review suggestions for my last patch.
3602         https://bugs.webkit.org/show_bug.cgi?id=52946        
3603
3604         SunSpider reports no change.
3605
3606         * runtime/MachineStackMarker.cpp:
3607         (JSC::swapIfBackwards): Added a helper function for handling platforms
3608         where the stack can grow in any direction.
3609
3610         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3611         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
3612         function.
3613
3614         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
3615
3616         (JSC::MachineStackMarker::markConservatively): Changed to use a more
3617         standard looping idiom, and to use the helper function above.
3618
3619         * runtime/MarkedSpace.h:
3620         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
3621
3622 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3623
3624         Reviewed by Maciej Stachowiak.
3625
3626         Cleaned up some conservative marking code.
3627         https://bugs.webkit.org/show_bug.cgi?id=52946
3628         
3629         SunSpider reports no change.
3630
3631         * interpreter/RegisterFile.h: No need for a special marking function,
3632         since we already expose a start() and end().
3633
3634         * runtime/Heap.cpp:
3635         (JSC::Heap::registerFile):
3636         (JSC::Heap::markRoots):
3637         * runtime/Heap.h:
3638         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3639         marker class. Now, Heap just provides a contains() function, which the
3640         machine stack marker uses for checking whether a pointer points into the heap.
3641
3642         * runtime/MachineStackMarker.cpp:
3643         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3644         (JSC::MachineStackMarker::markOtherThreadConservatively):
3645         (JSC::isPointerAligned):
3646         (JSC::MachineStackMarker::markConservatively):
3647         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3648
3649         * runtime/MarkStack.h:
3650         (JSC::ConservativeSet::add):
3651         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3652         set. Vector seems to be a bit faster, and it generates smaller code.
3653
3654         * runtime/MarkedSpace.cpp:
3655         (JSC::MarkedSpace::containsSlowCase):
3656         * runtime/MarkedSpace.h:
3657         (JSC::MarkedSpace::isCellAligned):
3658         (JSC::MarkedSpace::isPossibleCell):
3659         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3660         pointer pointed into marked space, and moved the code for marking
3661         a set of conservative pointers into the machine stack marker.
3662
3663         * wtf/HashSet.h:
3664         (WTF::::add): Added two missing inlines that I noticed while testing
3665         vector vs hash set.
3666
3667 2011-01-21  Mark Rowe  <mrowe@apple.com>
3668
3669         Reviewed by Sam Weinig.
3670
3671         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3672         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3673
3674         * wtf/PageAllocation.h:
3675         (WTF::PageAllocation::operator bool):
3676         * wtf/PageReservation.h:
3677         (WTF::PageReservation::operator bool):
3678
3679 2011-01-21  Michael Saboff  <msaboff@apple.com>
3680
3681         Reviewed by Oliver Hunt.
3682
3683         [RegexFuzz] Hang with forward assertion
3684         https://bugs.webkit.org/show_bug.cgi?id=52825
3685         <rdar://problem/8894332>
3686
3687         The backtrackTo label from the first term in a list of terms is
3688         being overwritten by processing of subsequent terms.  Changed
3689         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3690         before copying and renamed it to propagateBacktrackToLabel() since
3691         it no longer copies.
3692
3693         * yarr/YarrJIT.cpp:
3694         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3695         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3696
3697 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3698
3699         Reviewed by Sam Weinig.
3700
3701         Moved the mark stack from global data to the heap, since it pertains
3702         to the heap, and not the virtual machine as a whole.
3703         https://bugs.webkit.org/show_bug.cgi?id=52930
3704         
3705         SunSpider reports no change.
3706
3707         * runtime/Heap.cpp:
3708         (JSC::Heap::Heap):
3709         (JSC::Heap::markRoots):
3710         * runtime/Heap.h:
3711         * runtime/JSGlobalData.cpp:
3712         (JSC::JSGlobalData::JSGlobalData):
3713         * runtime/JSGlobalData.h:
3714
3715 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3716
3717         Reviewed by Darin Adler.
3718
3719         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3720         https://bugs.webkit.org/show_bug.cgi?id=52814
3721
3722         Get the approximateByteSize value before releasing the OwnPtr.
3723
3724         * parser/JSParser.cpp:
3725         (JSC::JSParser::parseFunctionInfo):
3726
3727 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3728
3729         Reviewed by Martin Robinson.
3730
3731         Remove unnecessary <stdio.h> include
3732         https://bugs.webkit.org/show_bug.cgi?id=52884
3733
3734         * jit/JIT.cpp: remove unnecessary include.
3735
3736 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3737
3738         Reviewed by Maciej Stachowiak.
3739
3740         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3741
3742         * wtf/OwnArrayPtr.h:
3743
3744 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3745
3746         Reviewed by Oliver Hunt.
3747
3748         [WINCE] Remove obsolete JSVALUE32 code
3749         https://bugs.webkit.org/show_bug.cgi?id=52450
3750
3751         Remove the "offset hack" in create_jit_stubs, since we
3752         only support JSVALUE32_64 in the meantime.
3753
3754         * create_jit_stubs: Removed offset argument
3755         * jit/JITStubs.cpp:
3756
3757 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3758
3759         Reviewed by Oliver Hunt.
3760
3761         When marking conservatively, guard against reviving dead objects.
3762         https://bugs.webkit.org/show_bug.cgi?id=52840
3763         
3764         SunSpider and v8 say no change.
3765
3766         * interpreter/RegisterFile.h:
3767         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3768
3769         * runtime/Heap.cpp:
3770         (JSC::Heap::recordExtraCost): No need to guard against conservative
3771         marking reviving dead objects anymore, since the conservative marking
3772         mechanism guards against this now.
3773
3774         (JSC::Heap::markConservatively):
3775         (JSC::Heap::markProtectedObjects):
3776         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3777         marking function. We want to establish a separation of concerns between
3778         visiting roots and draining the mark stack.
3779
3780         (JSC::Heap::markRoots): Gather the set of conservative references before
3781         clearning mark bits, because conservative marking now uses the mark bits
3782         to determine if a reference is valid, and avoid reviving dead objects.
3783
3784         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3785         marking reviving dead objects anymore, since the conservative marking
3786         mechanism guards against this now.
3787
3788         * runtime/Heap.h: Updated to use the ConservativeSet API.
3789
3790         * runtime/MachineStackMarker.cpp:
3791         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3792         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3793         (JSC::MachineStackMarker::markOtherThreadConservatively):
3794         (JSC::MachineStackMarker::markMachineStackConservatively):
3795         * runtime/MachineStackMarker.h: Ditto.
3796
3797         * runtime/MarkStack.h:
3798         (JSC::ConservativeSet::add):
3799         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3800         set of conservative references. This is different from MarkStack, since
3801         we don't mark the set until it is completely gathered.
3802
3803         * runtime/MarkedSpace.cpp:
3804         (JSC::MarkedSpace::freeBlock):
3805         (JSC::MarkedSpace::resizeBlocks):
3806         (JSC::MarkedSpace::markConservatively):
3807         * runtime/MarkedSpace.h: When marking conservatively, guard against
3808         reviving dead objects.
3809
3810 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3811
3812         Reviewed by Geoffrey Garen.
3813
3814         [Symbian] Fix StackBounds::initialize()
3815         https://bugs.webkit.org/show_bug.cgi?id=52842
3816
3817         * wtf/StackBounds.cpp:
3818         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3819
3820 2011-01-20  Michael Saboff  <msaboff@apple.com>
3821
3822         Reviewed by Oliver Hunt.
3823
3824         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3825         https://bugs.webkit.org/show_bug.cgi?id=52773
3826
3827         Fixed case where an existing DataLabelPtr is overwritten.  The
3828         replacing DataLabelPtr is now resolved immediately in
3829         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3830         return value for the routine as it was never used.
3831
3832         * yarr/YarrJIT.cpp:
3833         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3834
3835 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3836
3837         Reviewed by Csaba Osztrogonác.
3838
3839         [Qt][WK2] WebKit2 enabled build fails to link
3840
3841         Work around undefined reference linking issues until the buildsystem gets redesigned.
3842         These issues first occured in minimal builds (see BUG 50519).
3843
3844         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3845
3846 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3847
3848         Reviewed by Csaba Osztrogonác.
3849
3850         Refactoring of the custom allocation framework
3851         https://bugs.webkit.org/show_bug.cgi?id=49897
3852
3853         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3854         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3855         equivalent macro implementation at the necessary places.
3856
3857         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3858
3859 2011-01-20  Mark Rowe  <mrowe@apple.com>
3860
3861         Reviewed by Maciej Stachowiak.
3862
3863         Follow-up to r75766 / <rdar://problem/5469576>.
3864
3865         We were failing to initialize the key, causing all sorts of unexpected behavior.
3866
3867         * wtf/FastMalloc.cpp:
3868         (WTF::setThreadHeap):
3869         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3870         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3871
3872 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3873
3874         Reviewed by Darin Adler.
3875
3876         Rolled back in r76078, with crash fixed.
3877         https://bugs.webkit.org/show_bug.cgi?id=52668
3878         
3879         * runtime/JSGlobalObject.cpp:
3880         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3881         object moves its variables into and out of the register file. While out
3882         of the register file, the symbol table's size is not an accurate count
3883         for the size of the register array, since the BytecodeGenerator might
3884         be compiling, adding items to the symbol table.
3885         
3886 2011-01-18  Darin Adler  <darin@apple.com>
3887
3888         Reviewed by Geoffrey Garen.
3889
3890         Stack overflow when converting an Error object to string
3891         https://bugs.webkit.org/show_bug.cgi?id=46410
3892
3893         * Android.mk: Added StringRecursionChecker.cpp and
3894         StringRecursionChecker.h.
3895         * CMakeLists.txt: Ditto.
3896         * GNUmakefile.am: Ditto.
3897         * JavaScriptCore.gypi: Ditto.
3898         * JavaScriptCore.pro: Ditto.
3899         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3900         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3901
3902         * runtime/ArrayPrototype.cpp:
3903         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3904         of the older hand-written code to do the same thing.
3905         (JSC::arrayProtoFuncToLocaleString): Ditto.
3906         (JSC::arrayProtoFuncJoin): Ditto.
3907
3908         * runtime/ErrorPrototype.cpp:
3909         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3910
3911         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3912         stringRecursionCheckVisitedObjects.
3913
3914         * runtime/RegExpPrototype.cpp:
3915         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3916
3917         * runtime/StringRecursionChecker.cpp: Added.
3918         * runtime/StringRecursionChecker.h: Added.
3919
3920 2011-01-19  Oliver Hunt  <oliver@apple.com>
3921
3922         Reviewed by Gavin Barraclough.
3923
3924         Remove non-spec support for callable RegExp
3925         https://bugs.webkit.org/show_bug.cgi?id=28285
3926
3927         Remove support for callable regexps.  If it breaks sites we can
3928         just roll this out.
3929
3930         * runtime/RegExpObject.cpp:
3931         * runtime/RegExpObject.h:
3932         * tests/mozilla/expected.html: update results.
3933
3934 2011-01-19  Antti Koivisto  <antti@apple.com>
3935
3936         Reviewed by Oliver Hunt.
3937
3938         Cache function offsets to speed up javascript parsing
3939         https://bugs.webkit.org/show_bug.cgi?id=52622
3940         
3941         Use cache to save function offsets and some other info.
3942         This avoids quite a bit of work when reparsing the source.
3943
3944         * parser/ASTBuilder.h:
3945         * parser/JSParser.cpp:
3946         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3947         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3948         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3949         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3950         (JSC::JSParser::Scope::saveFunctionInfo):
3951         (JSC::JSParser::Scope::restoreFunctionInfo):
3952         (JSC::JSParser::findCachedFunctionInfo):
3953         (JSC::JSParser::JSParser):
3954         (JSC::JSParser::parseProgram):
3955         (JSC::JSParser::parseFunctionInfo):
3956         * parser/Lexer.h:
3957         (JSC::Lexer::setOffset):
3958         (JSC::Lexer::setLineNumber):
3959         (JSC::Lexer::sourceProvider):
3960         * parser/SourceProvider.h:
3961         (JSC::SourceProviderCache::SourceProviderCache):
3962         (JSC::SourceProviderCache::~SourceProviderCache):
3963         (JSC::SourceProviderCache::byteSize):
3964         (JSC::SourceProviderCache::add):
3965         (JSC::SourceProviderCache::get):
3966         (JSC::SourceProvider::SourceProvider):
3967         (JSC::SourceProvider::~SourceProvider):
3968         (JSC::SourceProvider::cache):
3969         (JSC::SourceProvider::notifyCacheSizeChanged):
3970         (JSC::SourceProvider::cacheSizeChanged):
3971         * parser/SyntaxChecker.h:
3972
3973 2011-01-19  Mark Rowe  <mrowe@apple.com>
3974
3975         Reviewed by Darin Adler.
3976
3977         Follow-up to r75766 / <rdar://problem/5469576>.
3978
3979         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3980
3981 2011-01-19  Oliver Hunt  <oliver@apple.com>
3982
3983         Reviewed by Gavin Barraclough.
3984
3985         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3986         https://bugs.webkit.org/show_bug.cgi?id=52672
3987
3988         Rather than coming up with a somewhat convoluted mechanism to ensure that
3989         developers can override the global objects prototype with a function named
3990         __proto__ and expect it to work, we just disallow it at the syntax level.
3991
3992         * parser/JSParser.cpp:
3993         (JSC::JSParser::parseFunctionInfo):
3994
3995 2011-01-19  Michael Saboff  <msaboff@apple.com>
3996
3997         Reviewed by Darin Adler.
3998
3999         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
4000         https://bugs.webkit.org/show_bug.cgi?id=52675
4001
4002         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
4003         broke simple backtracking in some cases.  Reworked that change to 
4004         link both jumps and labels.
4005
4006         * yarr/YarrJIT.cpp:
4007         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
4008         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
4009         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
4010
4011 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
4012
4013         Reviewed by Yury Semikhatsky.
4014
4015         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
4016         https://bugs.webkit.org/show_bug.cgi?id=52721
4017
4018         * debugger/Debugger.cpp:
4019         (JSC::Debugger::recompileAllJSFunctions):
4020         * debugger/Debugger.h:
4021         * parser/Parser.h:
4022         (JSC::Parser::parse):
4023         * parser/SourceCode.h:
4024         (JSC::SourceCode::SourceCode):
4025         * parser/SourceProvider.h:
4026         (JSC::SourceProvider::startPosition):
4027
4028 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
4029
4030         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
4031
4032         [Qt] Remove unnecessary "../Source" from paths
4033         after moving source files into Source is finished.
4034
4035         * JavaScriptCore.pri:
4036
4037 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
4038
4039         Reviewed by Darin Adler.
4040
4041         Don't return void from void function String::split
4042         https://bugs.webkit.org/show_bug.cgi?id=52684
4043
4044         * wtf/text/WTFString.cpp:
4045         (WTF::String::split):
4046
4047 2011-01-18  Kenneth Russell  <kbr@google.com>
4048
4049         Unreviewed, rolling out&n