2011-02-09 Adam Barth <abarth@webkit.org>
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-09  Adam Barth  <abarth@webkit.org>
2
3         Attempt to fix the Qt Windows build.
4
5         * wtf/OSRandomSource.cpp:
6         (WTF::randomValuesFromOS):
7
8 2011-02-09  Adam Barth  <abarth@webkit.org>
9
10         Reviewed by Eric Seidel.
11
12         Add WTF::cryptographicallyRandomNumber
13         https://bugs.webkit.org/show_bug.cgi?id=54083
14
15         Introduce a cryptographically strong random number generator to WTF.
16         The random number generator is based on arc4random as found in:
17
18         http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c?rev=1.22
19
20         I've changed to source to WebKit style and abstracted the operating
21         system interaction to OSRandomSource.  We'll use this functionality to
22         expose a cryptographically strong random number generator to
23         JavaScript.
24
25         * Android.mk:
26         * Android.v8.wtf.mk:
27         * GNUmakefile.am:
28         * JavaScriptCore.gypi:
29         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
30         * JavaScriptCore.xcodeproj/project.pbxproj:
31         * config.h:
32         * wtf/CMakeLists.txt:
33         * wtf/CryptographicallyRandomNumber.cpp: Added.
34         (WTF::initMutexIfNeeded):
35         (WTF::init):
36         (WTF::addRandomData):
37         (WTF::stir):
38         (WTF::stirIfNeeded):
39         (WTF::getByte):
40         (WTF::getWord):
41         (WTF::cryptographicallyRandomNumber):
42         (WTF::cryptographicallyRandomValues):
43         * wtf/CryptographicallyRandomNumber.h: Added.
44         * wtf/OSRandomSource.cpp: Added.
45         (WTF::randomValuesFromOS):
46         * wtf/OSRandomSource.h: Added.
47         * wtf/wtf.pri:
48
49 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
50
51         Try to fix the build.
52
53         * wtf/Bitmap.h: Include string.h for memset. Not sure why this started
54         failing now.
55
56 2011-02-09  Geoffrey Garen  <ggaren@apple.com>
57
58         Reviewed by Sam Weinig.
59
60         A tiny bit of encapsulation for MarkedBlock: made its heap data member private
61         https://bugs.webkit.org/show_bug.cgi?id=54129
62
63         * runtime/MarkedBlock.h:
64         (JSC::MarkedBlock::isCellAligned):
65         (JSC::MarkedBlock::MarkedBlock):
66         (JSC::MarkedBlock::heap): Made the heap data member private, and provided
67         a constructor and an accessor.
68
69         * runtime/MarkedSpace.cpp:
70         (JSC::MarkedSpace::allocateBlock):
71         * runtime/MarkedSpace.h:
72         (JSC::MarkedSpace::heap): Use the constructor and accessor.
73
74 2011-02-09  Peter Varga  <pvarga@webkit.org>
75
76         Reviewed by Gavin Barraclough.
77
78         Replace PCRE with Yarr in WebCore
79         https://bugs.webkit.org/show_bug.cgi?id=53496
80
81         * JavaScriptCore.exp:
82         * JavaScriptCore.gyp/JavaScriptCore.gyp:
83         * JavaScriptCore.gypi:
84         * JavaScriptCore.pro:
85         * JavaScriptCore.xcodeproj/project.pbxproj:
86         * create_regex_tables:
87         * runtime/RegExp.cpp:
88         * wtf/Platform.h:
89         * yarr/Yarr.h:
90         * yarr/YarrJIT.cpp:
91         * yarr/YarrJIT.h:
92         * yarr/YarrParser.h:
93         * yarr/YarrPattern.h:
94         * yarr/YarrSyntaxChecker.h:
95         * yarr/yarr.pri: Added.
96
97 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
98
99         Reviewed by Sam Weinig.
100
101         Removed some dead code from Heap
102         https://bugs.webkit.org/show_bug.cgi?id=54064
103
104         * runtime/MarkedSpace.cpp: Removed some now-unused constants and
105         declarations.
106
107         (JSC::MarkedSpace::allocate): Removed some ASSERTs that are also ASSERTed
108         by our caller. Removed redundant typedefs.
109
110 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
111
112         Reviewed by Sam Weinig.
113
114         Use a vector to track blocks in the Heap, instead of hand-rolled vector-like code
115         https://bugs.webkit.org/show_bug.cgi?id=54062
116         
117         SunSpider reports no change.
118
119         * runtime/CollectorHeapIterator.h:
120         (JSC::CollectorHeapIterator::isValid):
121         (JSC::CollectorHeapIterator::isLive): Updated for new mark invariant: To
122         know if an object is live, you just need to test its mark bit.
123
124         * runtime/MarkedSpace.cpp:
125         (JSC::MarkedSpace::MarkedSpace): Moved waterMark and highWaterMark from
126         CollectorHeap into MarkedSpace, since they're global state. Removed call
127         to memset since CollectorHeap is a true class with its own constructor now.
128
129         (JSC::MarkedSpace::destroy): Change uses of m_heap.usedBlocks to
130         m_heap.blocks.size(), and m_heap.numBlocks to m_heap.blocks.capacity().
131
132         (JSC::MarkedSpace::allocateBlock):
133         (JSC::MarkedSpace::freeBlock): No need to manage our vector manually anymore.
134
135         (JSC::MarkedSpace::allocate):
136         (JSC::MarkedSpace::shrink):
137         (JSC::MarkedSpace::clearMarkBits):
138         (JSC::MarkedSpace::markedCells):
139         (JSC::MarkedSpace::sweep):
140         (JSC::MarkedSpace::objectCount):
141         (JSC::MarkedSpace::capacity):
142         (JSC::MarkedSpace::reset):
143         (JSC::MarkedSpace::primaryHeapEnd):
144         * runtime/MarkedSpace.h:
145         (JSC::CollectorHeap::CollectorHeap):
146         (JSC::MarkedSpace::highWaterMark):
147         (JSC::MarkedSpace::setHighWaterMark):
148         (JSC::MarkedSpace::contains): Same as above.
149
150 2011-02-08  Geoffrey Garen  <ggaren@apple.com>
151
152         Reviewed by Darin Adler.
153
154         Give each MarkedBlock enough mark bits to cover the whole block
155         https://bugs.webkit.org/show_bug.cgi?id=54029
156         
157         SunSpider reports no change.
158
159         This simplifies access to mark bits, since any cell-aligned pointer
160         into a block now has a valid mark bit to test.
161         
162         * runtime/MarkedBlock.h: Changed CELLS_PER_BLOCK to account for the extra
163         mark bits. This happens not to change its actual value.
164         (JSC::MarkedBlock::cellNumber):
165         (JSC::MarkedBlock::isMarked):
166         (JSC::MarkedBlock::testAndSetMarked):
167         (JSC::MarkedBlock::setMarked): Changed const JSCell* to const void* to
168         remove a cast from our caller, and to more accurately reflect the fact
169         that MarkedBlock is agnostic about the types pointed to by the pointers
170         you pass to it.
171
172         (JSC::MarkedBlock::isPossibleCell): Removed a null check. We now consider
173         the null pointer to be a possible cell with a 0 (impossible) block. This
174         removes a null check from marking.
175
176         * runtime/MarkedSpace.cpp:
177         * runtime/MarkedSpace.h:
178         (JSC::MarkedSpace::contains): Simplified the contains check, and inlined
179         the whole thing, now that it's so simple.
180
181 2011-02-08  Daniel Bates  <dbates@rim.com>
182
183         Rubber-stamped by Martin Robinson.
184
185         Rename enum ProtectionSeting [sic] to ProtectionSetting.
186
187         * jit/ExecutableAllocator.cpp:
188         (JSC::ExecutableAllocator::reprotectRegion):
189         * jit/ExecutableAllocator.h:
190
191 2011-02-08  Balazs Kelemen  <kbalazs@webkit.org>
192
193         Reviewed by Andreas Kling.
194
195         [Qt] Should not always define USE_SYSTEM_MALLOC
196         https://bugs.webkit.org/show_bug.cgi?id=54007
197
198         * wtf/Platform.h:
199
200 2011-02-08  Dan Bernstein  <mitz@apple.com>
201
202         Reviewed by Maciej Stachowiak.
203
204         LLVM Compiler build fix.
205
206         * runtime/WriteBarrier.h:
207         (JSC::WriteBarrier::WriteBarrier):
208
209 2011-02-07  Ryosuke Niwa  <rniwa@webkit.org>
210
211         Reviewed by Darin Adler.
212
213         JSVariableObject::setRegisters should take PassOwnArrayPtr for registersArray.
214         https://bugs.webkit.org/show_bug.cgi?id=53902
215
216         * runtime/Arguments.h:
217         (JSC::JSActivation::copyRegisters): Uses OwnArrayPtr<Register> instead of Register*.
218         * runtime/JSGlobalObject.cpp:
219         (JSC::JSGlobalObject::copyGlobalsFrom): Ditto.
220         * runtime/JSGlobalObject.h:
221         (JSC::JSGlobalObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
222         for registerArray.
223         * runtime/JSVariableObject.h:
224         (JSC::JSVariableObject::copyRegisterArray): Returns PassOwnArrayPtr<Register> instead of Register*.
225         (JSC::JSVariableObject::setRegisters): Takes PassOwnArrayPtr<Register> instead of Register*
226         for registerArray.
227
228 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
229
230         Reviewed by Sam Weinig.
231
232         Removed some dead code from Heap
233         https://bugs.webkit.org/show_bug.cgi?id=53969
234         
235         SunSpider reports no change.
236
237         * runtime/MarkedSpace.cpp:
238         (JSC::MarkedSpace::shrink):
239         (JSC::MarkedSpace::sweep):
240         * runtime/MarkedSpace.h: Removed resizeBlocks and growBlocks, and
241         renamed shrinkBlocks to shrink, making it unconditionally shrink as
242         much as possible.
243
244 2011-02-07  Geoffrey Garen  <ggaren@apple.com>
245
246         Reviewed by Oliver Hunt.
247
248         Simplified the marked space's mark invariant
249         https://bugs.webkit.org/show_bug.cgi?id=53968
250         
251         SunSpider reports no change.
252         
253         * runtime/MarkedSpace.cpp:
254         (JSC::MarkedSpace::allocate): Mark objects when allocating them. This
255         means that, at all times other than the mark phase, an object is live
256         if and only if it is marked.
257
258         (JSC::MarkedSpace::containsSlowCase): Use the new mark invariant to
259         simplify testing whether an object is live.
260
261 2011-02-07  Beth Dakin  <bdakin@apple.com>
262
263         Reviewed by Eric Seidel.
264
265         Fix for https://bugs.webkit.org/show_bug.cgi?id=53950
266         USE_WK_SCROLLBAR_PAINTER in ScrollbarThemeMac should be in
267         Platform.h instead
268
269         * wtf/Platform.h:
270
271 2011-02-07  Darin Adler  <darin@apple.com>
272
273         Reviewed by Antti Koivisto.
274
275         Add built-in decoder for UTF-8 for improved performance
276         https://bugs.webkit.org/show_bug.cgi?id=53898
277
278         * wtf/unicode/UnicodeMacrosFromICU.h: Added U8_MAX_LENGTH and
279         U8_APPEND_UNSAFE. Also fixed header.
280
281 2011-02-07  Adam Roben  <aroben@apple.com>
282
283         Delete precompiled headers whenever any .vsprops file changes
284
285         Precompiled headers need to be rebuilt if, e.g., an ENABLE_* macro is changed in one of our
286         .vsprops files. Unfortunately, Visual Studio isn't smart enough to figure this out, so we
287         give it some assistance by deleting the precompiled headers whenever any .vsprops file
288         changes.
289
290         I also made some drive-by fixes while I was in the area.
291
292         Fixes <http://webkit.org/b/53826> react-to-vsprops-changes.py doesn't force precompiled
293         headers to be rebuilt, but should
294
295         Reviewed by David Kilzer.
296
297         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Stop ignoring the
298         return code from react-to-vsprops-changes.py so we will notice when errors are introduced.
299         But skip the script entirely in production builds, where it is both unnecessary and can't
300         function correctly (due to not having the entire source tree available to it).
301
302         * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py:
303         (main): Removed an extra '*' in the glob for finding manifest files. The extra '*' was
304         leftover from before we rearranged WebKitBuild in r75138. Moved code to delete an old file
305         to the new delete_if_older_than function. Added code to delete any precompiled headers older
306         than the newest .vsprops file.
307         (delete_if_older_than): Added. Code came from main.
308
309 2011-02-07  Antti Koivisto  <antti@apple.com>
310
311         Not reviewed.
312         
313         ASSERTS_DISABLED -> ASSERT_DISABLED
314
315         * wtf/BloomFilter.h:
316
317 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
318
319         Unreviewed; speculative Qt build fix.
320
321         * JavaScriptCore.pro:
322
323 2011-02-06  Ryosuke Niwa  <rniwa@webkit.org>
324
325         Reviewed by Darin Adler.
326
327         OwnArraryPtr.h uses deleteOwnedPtr but doesn’t include OwnPtrCommon.h
328         https://bugs.webkit.org/show_bug.cgi?id=52867
329
330         Removed LOOSE_OWN_ARRAY_PTR and OwnArrayPtr<T>::set. Replaced all calls to OwnArrayPtr::set
331         and loose instantiation of OwnArrayPtr by calls to operator= and adoptArrayPtr. Also removed
332         OwnArrayPtrCommon.h since PassOwnArrayPtr.h needs to include OwnArrayPtr.h and there is
333         no point in putting deleteOwnedArrayPtr into a separate header.
334         
335         Note: if this patch breaks build, the code is either instiantiating OwnArrayPtr
336         without calling adoptArrayPtr or calling set on ArrayOwnPtr instead of operator=.
337
338         No tests are added since this is a refactoring.
339
340         * API/JSStringRefCF.cpp:
341         (JSStringCreateWithCFString): Calls adoptArrayPtr.
342         * GNUmakefile.am: Removed OwnArrayPtrCommon.h
343         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
344         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
345         * runtime/Arguments.cpp:
346         (JSC::Arguments::deleteProperty): Calls adoptArrayPtr.
347         * runtime/Arguments.h:
348         (JSC::Arguments::copyRegisters): Ditto.
349         * runtime/JSPropertyNameIterator.cpp:
350         (JSC::JSPropertyNameIterator::JSPropertyNameIterator): Ditto.
351         * runtime/JSVariableObject.h:
352         (JSC::JSVariableObject::setRegisters): Calls operator= instead of set.
353         * runtime/StructureChain.cpp:
354         (JSC::StructureChain::StructureChain): Ditto.
355         * wtf/CMakeLists.txt:
356         * wtf/DateMath.h:
357         (JSC::GregorianDateTime::GregorianDateTime): No longer instnatiates OwnArrayPtr
358         with a null pointer.
359         * wtf/OwnArrayPtr.h:
360         * wtf/OwnArrayPtrCommon.h: Removed.
361         * wtf/PassOwnArrayPtr.h: No longer includes OwnArrayCommon.h
362         (WTF::deleteOwnedArrayPtr): Moved from OwnArrayPtrCommon.h
363
364 2011-02-06  Antti Koivisto  <antti@apple.com>
365
366         Reviewed by Maciej Stachowiak.
367
368         Use bloom filter for descendant selector filtering
369         https://bugs.webkit.org/show_bug.cgi?id=53880
370         
371         Implement a bloom filter with k=2 and 8 bit counting.
372
373         * GNUmakefile.am:
374         * JavaScriptCore.gypi:
375         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
376         * JavaScriptCore.xcodeproj/project.pbxproj:
377         * wtf/BloomFilter.h: Added.
378         (WTF::BloomFilter::maximumCount):
379         (WTF::BloomFilter::BloomFilter):
380         (WTF::BloomFilter::mayContain):
381         (WTF::BloomFilter::add):
382         (WTF::BloomFilter::remove):
383         (WTF::BloomFilter::firstSlot):
384         (WTF::BloomFilter::secondSlot):
385         (WTF::::add):
386         (WTF::::remove):
387         (WTF::::clear):
388         (WTF::::likelyEmpty):
389         (WTF::::isClear):
390
391 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
392
393         Reviewed by Oliver Hunt.
394
395         Rolled back in r77612 with ASSERT/crash fixed.
396         https://bugs.webkit.org/show_bug.cgi?id=53759
397         
398         Don't shrink the heap to 0 unconditionally. Instead, shrink to 1 if
399         necessary. For now, the heap assumes that it always has at least one
400         block live.
401
402         * runtime/Heap.cpp:
403         (JSC::Heap::Heap):
404         (JSC::Heap::reset):
405         * runtime/Heap.h:
406         * runtime/MarkedSpace.cpp:
407         (JSC::MarkedSpace::allocate):
408         (JSC::MarkedSpace::shrinkBlocks):
409         (JSC::MarkedSpace::sweep):
410         (JSC::MarkedSpace::reset):
411         * runtime/MarkedSpace.h:
412         (JSC::MarkedSpace::highWaterMark):
413         (JSC::MarkedSpace::setHighWaterMark):
414
415 2011-02-04  David Kilzer  <ddkilzer@apple.com>
416
417         BUILD FIX: REALLY remove the last vestiges of JSVALUE32!
418
419         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
420         <http://webkit.org/b/53779>
421
422         * DerivedSources.make: Removed dependency on
423         JavaScriptCore.JSVALUE32.exp.
424
425 2011-02-04  David Kilzer  <ddkilzer@apple.com>
426
427         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
428         <http://webkit.org/b/53779>
429
430         Reviewed by Darin Adler.
431
432         Support for JSVALUE32 was originaly removed in r70111.
433
434         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
435         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
436         JavaScriptCore.JSVALUE64.exp to match Platform.h.
437         * DerivedSources.make: Removed rule for
438         JavaScriptCore.JSVALUE32.exp.
439         * JavaScriptCore.JSVALUE32only.exp: Removed.
440         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
441         to JavaScriptCore.JSVALUE32only.exp.
442
443 2011-02-04  David Kilzer  <ddkilzer@apple.com>
444
445         Use static_cast and other style cleanup in YarrInterpreter.cpp
446         <http://webkit.org/b/53772>
447
448         Reviewed by John Sullivan.
449
450         * yarr/YarrInterpreter.cpp:
451         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
452         static_cast.
453         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
454         unnecessary else block.
455         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
456         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
457         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
458
459 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
460
461         Unreviewed, rolling out r77625 and r77626.
462         http://trac.webkit.org/changeset/77625
463         http://trac.webkit.org/changeset/77626
464         https://bugs.webkit.org/show_bug.cgi?id=53765
465
466         It broke Windows builds (Requested by Ossy_ on #webkit).
467
468         * JavaScriptCore.exp:
469         * JavaScriptCore.gyp/JavaScriptCore.gyp:
470         * JavaScriptCore.gypi:
471         * JavaScriptCore.pro:
472         * JavaScriptCore.xcodeproj/project.pbxproj:
473         * create_regex_tables:
474         * runtime/RegExp.cpp:
475         * wtf/Platform.h:
476         * yarr/Yarr.h:
477         * yarr/YarrJIT.cpp:
478         * yarr/YarrJIT.h:
479         * yarr/YarrParser.h:
480         * yarr/YarrPattern.h:
481         * yarr/YarrSyntaxChecker.h:
482         * yarr/yarr.pri: Removed.
483
484 2011-02-04  Jessie Berlin  <jberlin@apple.com>
485
486         Windows build fix. Unreviewed.
487
488         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
489
490 2011-02-04  Peter Varga  <pvarga@webkit.org>
491
492         Reviewed by Gavin Barraclough.
493
494         Replace PCRE with Yarr in WebCore
495         https://bugs.webkit.org/show_bug.cgi?id=53496
496
497         * JavaScriptCore.exp:
498         * JavaScriptCore.gyp/JavaScriptCore.gyp:
499         * JavaScriptCore.gypi:
500         * JavaScriptCore.pro:
501         * JavaScriptCore.xcodeproj/project.pbxproj:
502         * create_regex_tables:
503         * runtime/RegExp.cpp:
504         * wtf/Platform.h:
505         * yarr/Yarr.h:
506         * yarr/YarrJIT.cpp:
507         * yarr/YarrJIT.h:
508         * yarr/YarrParser.h:
509         * yarr/YarrPattern.h:
510         * yarr/YarrSyntaxChecker.h:
511         * yarr/yarr.pri: Added.
512
513 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
514
515         Unreviewed rollout two patches r77614 and r77612.
516
517         REGRESSION: Snow Leopard Intell Release anumber of failing tests.
518
519         * runtime/Heap.cpp:
520         (JSC::Heap::Heap):
521         (JSC::Heap::reset):
522         * runtime/Heap.h:
523         * runtime/MarkedSpace.cpp:
524         (JSC::MarkedSpace::allocate):
525         (JSC::MarkedSpace::sweep):
526         (JSC::MarkedSpace::reset):
527         * runtime/MarkedSpace.h:
528
529 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
530
531         Try to fix 32bit build.
532
533         * runtime/Heap.cpp:
534         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
535         since 1.5 is double (64bit), and the result is size_t (32bit).
536
537 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
538
539         Reviewed by Cameron Zwarich.
540
541         Changed MarkedSpace to delegate grow/shrink decisions to Heap
542         https://bugs.webkit.org/show_bug.cgi?id=53759
543         
544         SunSpider reports no change.
545         
546         * runtime/Heap.cpp:
547         (JSC::Heap::Heap):
548         (JSC::Heap::reset):
549         * runtime/Heap.h: Reorganized a few data members for better cache locality.
550         Added a grow policy.
551         
552         * runtime/MarkedSpace.cpp:
553         (JSC::MarkedSpace::allocate):
554         (JSC::MarkedSpace::sweep):
555         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
556         the heap to make an explicit sweep call.
557
558         * runtime/MarkedSpace.h:
559         (JSC::MarkedSpace::highWaterMark):
560         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
561         many bytes to allocate before failing and giving the heap an opportunity
562         to collect garbage. This also means that we allocate blocks on demand,
563         instead of ahead of time.
564
565 2011-02-03  James Kozianski  <koz@chromium.org>
566
567         Reviewed by Dimitri Glazkov.
568
569         Add navigator.registerProtocolHandler behind a flag.
570         https://bugs.webkit.org/show_bug.cgi?id=52609
571
572         * Configurations/FeatureDefines.xcconfig:
573
574 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
575
576         Reviewed by Oliver Hunt.
577
578         Not all blocks are freed when the heap is freed (counting is hard!)
579         https://bugs.webkit.org/show_bug.cgi?id=53732
580
581         * runtime/MarkedSpace.cpp:
582         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
583         keep freeing block 0 until there are no blocks left.
584
585 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
586
587         Try to fix the Mac build.
588
589         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
590         needs to be private, not project, so other projects can include headers
591         that depend on it.
592
593 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
594
595         Reviewed by Sam Weinig.
596
597         Start using MarkedBlock instead of CollectorBlock
598         https://bugs.webkit.org/show_bug.cgi?id=53693
599         
600         SunSpider reports no change.
601         
602         * runtime/MarkedBlock.h:
603         (JSC::MarkedBlock::blockFor):
604         (JSC::MarkedBlock::setMarked):
605         (JSC::MarkedBlock::isCellAligned):
606         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
607
608         * runtime/MarkedSpace.cpp:
609         (JSC::MarkedSpace::allocateBlock):
610         (JSC::MarkedSpace::containsSlowCase):
611         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
612
613         * runtime/MarkedSpace.h:
614         (JSC::CollectorHeap::collectorBlock):
615         (JSC::MarkedSpace::heap):
616         (JSC::MarkedSpace::isMarked):
617         (JSC::MarkedSpace::testAndSetMarked):
618         (JSC::MarkedSpace::setMarked):
619         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
620         and deleted dead CollectorBlock-related code.
621
622 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
623
624         Reviewed by Darin Adler.
625
626         Avoid strlen() in AtomicString::fromUTF8
627         https://bugs.webkit.org/show_bug.cgi?id=50516
628
629         Add an overload to calculateStringHashFromUTF8 to get
630         strlen() of the input data with only one call.
631
632         This change shows about 3% performance win on the xml-parser benchmark.
633
634         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
635         * wtf/text/AtomicString.cpp:
636         (WTF::AtomicString::fromUTF8):
637         * wtf/unicode/UTF8.cpp:
638         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
639         (WTF::Unicode::calculateStringHashFromUTF8):
640         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
641         * wtf/unicode/UTF8.h:
642
643 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
644
645         Windows build fix.
646
647         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
648
649 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
650
651         oops, build fix!
652
653         * wtf/Assertions.cpp:
654
655 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
656
657         Reviewed by Sam Weinig.
658
659         Bug 53650 - Add a BACKTRACE macro to Assertions.h
660
661         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
662         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
663
664         * JavaScriptCore.exp:
665         * wtf/Assertions.cpp:
666         * wtf/Assertions.h:
667
668 2011-02-02  Michael Saboff  <msaboff@apple.com>
669
670         Reviewed by Gavin Barraclough.
671
672         Improper backtrack of nested non-capturing greedy paren to prior paren
673         https://bugs.webkit.org/show_bug.cgi?id=53261
674
675         A paren that follows a non-capturing greedy paren nested within a 
676         non-capturing fixed paren was back tracking to the last paren 
677         processed instead of the immediately prior paren.
678         Refactored default backtracking of parens to prior paren to work for
679         both nested (within) and immediately prior (after) parens.
680
681         * yarr/YarrJIT.cpp:
682         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
683         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
684         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
685         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
686         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
687         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
688         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
689         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
690         (JSC::Yarr::YarrGenerator::generateDisjunction):
691
692 2011-02-02  Jeff Miller  <jeffm@apple.com>
693
694         Reviewed by Darin Adler and Steve Falkenburg.
695
696         Add DerivedSources.make to some Visual Studio projects
697         https://bugs.webkit.org/show_bug.cgi?id=53607
698
699         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
700
701 2011-02-02  Steve Lacey  <sjl@chromium.org>
702
703         Reviewed by Eric Carlson.
704
705         Implement basic media statistics on media elements.
706         https://bugs.webkit.org/show_bug.cgi?id=53322
707
708         * Configurations/FeatureDefines.xcconfig:
709
710 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
711
712         [wx] Build fixes for wxWebKit.
713
714         * wtf/wx/StringWx.cpp:
715         (WTF::String::String):
716
717 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
718
719         Reviewed by Sam Weinig.
720
721         A little more Heap refactoring
722         https://bugs.webkit.org/show_bug.cgi?id=53577
723         
724         SunSpider reports no change.
725         
726         Split out MarkedBlock into its own file / class.
727         
728         Did the following renames:
729             isCellMarked => isMarked
730             checkMarkCell => testAndSetMarked
731             markCell => setMarked
732             cellOffset => cellNumber
733             collectorBlock => blockFor
734
735         * Android.mk:
736         * CMakeLists.txt:
737         * GNUmakefile.am:
738         * JavaScriptCore.gypi:
739         * JavaScriptCore.pro:
740         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
741         * JavaScriptCore.xcodeproj/project.pbxproj:
742         * runtime/Heap.cpp:
743         (JSC::WeakGCHandlePool::update):
744         * runtime/Heap.h:
745         (JSC::Heap::isMarked):
746         (JSC::Heap::testAndSetMarked):
747         (JSC::Heap::setMarked):
748         * runtime/JSArray.h:
749         (JSC::MarkStack::markChildren):
750         (JSC::MarkStack::drain):
751         * runtime/JSCell.h:
752         (JSC::JSCell::MarkStack::internalAppend):
753         * runtime/MarkedBlock.cpp: Added.
754         * runtime/MarkedBlock.h: Added.
755         (JSC::MarkedBlock::blockFor):
756         (JSC::MarkedBlock::cellNumber):
757         (JSC::MarkedBlock::isMarked):
758         (JSC::MarkedBlock::testAndSetMarked):
759         (JSC::MarkedBlock::setMarked):
760         (JSC::MarkedBlock::isCellAligned):
761         (JSC::MarkedBlock::isPossibleCell):
762         * runtime/MarkedSpace.h:
763         (JSC::MarkedSpace::isMarked):
764         (JSC::MarkedSpace::testAndSetMarked):
765         (JSC::MarkedSpace::setMarked):
766         * runtime/SmallStrings.cpp:
767         (JSC::isMarked):
768         * runtime/WeakGCMap.h:
769         (JSC::WeakGCMap::isValid):
770         (JSC::::get):
771         (JSC::::take):
772         (JSC::::set):
773
774 2011-02-02  Sam Weinig  <sam@webkit.org>
775
776         Fix windows clean build.
777
778         * DerivedSources.make:
779
780 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
781
782         Reviewed by Martin Robinson.
783
784         [GTK] Fix dist compilation
785         https://bugs.webkit.org/show_bug.cgi?id=53579
786
787         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
788         added in r77151
789
790 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
791
792         Unreviewed, rolling out r77297.
793         http://trac.webkit.org/changeset/77297
794         https://bugs.webkit.org/show_bug.cgi?id=53538
795
796         caused leopard crashes (Requested by paroga on #webkit).
797
798         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
799         * wtf/text/AtomicString.cpp:
800         (WTF::AtomicString::fromUTF8):
801         * wtf/unicode/UTF8.cpp:
802         (WTF::Unicode::calculateStringHashFromUTF8):
803         * wtf/unicode/UTF8.h:
804
805 2011-02-01  Sam Weinig  <sam@webkit.org>
806
807         Fix Mac production builds.
808
809         * JavaScriptCore.xcodeproj/project.pbxproj:
810
811 2011-02-01  Sam Weinig  <sam@webkit.org>
812
813         Try to fix the windows build.
814
815         * DerivedSources.make:
816
817 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
818
819         Reviewed by Darin Adler.
820
821         Avoid strlen() in AtomicString::fromUTF8
822         https://bugs.webkit.org/show_bug.cgi?id=50516
823
824         Add an overload to calculateStringHashFromUTF8 to get
825         strlen() of the input data with only one call.
826
827         This change shows about 3% performance win on the xml-parser benchmark.
828
829         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
830         * wtf/text/AtomicString.cpp:
831         (WTF::AtomicString::fromUTF8):
832         * wtf/unicode/UTF8.cpp:
833         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
834         (WTF::Unicode::calculateStringHashFromUTF8):
835         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
836         * wtf/unicode/UTF8.h:
837
838 2011-02-01  Sam Weinig  <sam@webkit.org>
839
840         Reviewed by Beth Dakin.
841
842         Part 2 for <rdar://problem/8492788>
843         Adopt WKScrollbarPainterController
844
845         Use header detection to define scrollbar painting controller #define.
846
847         * DerivedSources.make:
848         * JavaScriptCore.xcodeproj/project.pbxproj:
849
850 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
851
852         Reviewed by Oliver Hunt.
853
854         Refactor JSGlobalObject-related tear-down
855         https://bugs.webkit.org/show_bug.cgi?id=53478
856         
857         While investigating crashes caused by r77082, I noticed some strange
858         destructor-time behaviors. This patch makes them less strange.
859
860         * bytecode/CodeBlock.cpp:
861         (JSC::CodeBlock::CodeBlock):
862         (JSC::CodeBlock::markAggregate):
863         * bytecode/CodeBlock.h:
864         (JSC::CodeBlock::globalObject):
865         (JSC::GlobalCodeBlock::GlobalCodeBlock):
866         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
867         blocks on the Heap, instead of on independent global objects. The heap
868         is guaranteed to outlast any GC-owned data structure. The heap is also
869         a natural place to store objects that needs out-of-band marking, since
870         the heap is responsible for marking all roots.
871
872         * runtime/Heap.cpp:
873         (JSC::Heap::markRoots):
874         (JSC::Heap::globalObjectCount):
875         (JSC::Heap::protectedGlobalObjectCount):
876         * runtime/Heap.h:
877         (JSC::Heap::codeBlocks):
878         * runtime/JSGlobalData.cpp:
879         (JSC::JSGlobalData::JSGlobalData):
880         * runtime/JSGlobalData.h:
881         * runtime/JSGlobalObject.cpp:
882         (JSC::JSGlobalObject::~JSGlobalObject):
883         (JSC::JSGlobalObject::init):
884         (JSC::JSGlobalObject::markChildren):
885         * runtime/JSGlobalObject.h:
886         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
887         owned by JSGlobalData, instead of an instrusive circular linked list.
888         This is simpler, and it avoids destructor-time access between garbage
889         collected objects, which is hard to get right.
890
891         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
892         everything down. Otherwise, weak data structures will incorrectly report
893         that objects pending destruction are still alive.
894
895 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
896
897         Reviewed by Oliver Hunt.
898
899         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
900         bot; loading trac pages; typing in search field
901         https://bugs.webkit.org/show_bug.cgi?id=53519
902         
903         The crashes were all caused by failure to run an object's destructor.
904
905         * runtime/CollectorHeapIterator.h:
906         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
907         construction. The iterator class used to do that when it was designed
908         for prior-to-beginning initialization. I forgot to remove this line
909         of code when I changed the iterator to normal initialization.
910         
911         Skipping forward upon construction was causing the heap to skip running
912         the destructor for the very first object in a block when destroying the
913         block. This usually did not crash, since block destruction is rare and
914         most objects have pretty trivial destructors. However, in the rare case
915         when the heap would destroy a block whose first object was a global
916         object or a DOM node, BOOM.
917
918 2011-01-31  Oliver Hunt  <oliver@apple.com>
919
920         Reviewed by Geoffrey Garen.
921
922         Update JSObject storage for new marking API
923         https://bugs.webkit.org/show_bug.cgi?id=53467
924
925         JSObject no longer uses EncodedJSValue for its property storage.
926         This produces a stream of mechanical changes to PropertySlot and
927         anonymous storage APIs.
928
929         * JavaScriptCore.exp:
930         * runtime/ArrayPrototype.cpp:
931         (JSC::ArrayPrototype::ArrayPrototype):
932         * runtime/BooleanConstructor.cpp:
933         (JSC::constructBoolean):
934         (JSC::constructBooleanFromImmediateBoolean):
935         * runtime/BooleanObject.cpp:
936         (JSC::BooleanObject::BooleanObject):
937         * runtime/BooleanObject.h:
938         * runtime/BooleanPrototype.cpp:
939         (JSC::BooleanPrototype::BooleanPrototype):
940         * runtime/DateInstance.cpp:
941         (JSC::DateInstance::DateInstance):
942         * runtime/DatePrototype.cpp:
943         (JSC::DatePrototype::DatePrototype):
944         * runtime/JSActivation.cpp:
945         (JSC::JSActivation::getOwnPropertySlot):
946         * runtime/JSArray.cpp:
947         (JSC::JSArray::getOwnPropertySlot):
948         * runtime/JSFunction.cpp:
949         (JSC::JSFunction::getOwnPropertySlot):
950         * runtime/JSGlobalObject.h:
951         (JSC::JSGlobalObject::JSGlobalObject):
952         * runtime/JSObject.cpp:
953         (JSC::JSObject::fillGetterPropertySlot):
954         * runtime/JSObject.h:
955         (JSC::JSObject::getDirectLocation):
956         (JSC::JSObject::offsetForLocation):
957         (JSC::JSObject::putAnonymousValue):
958         (JSC::JSObject::clearAnonymousValue):
959         (JSC::JSObject::getAnonymousValue):
960         (JSC::JSObject::putThisToAnonymousValue):
961         (JSC::JSObject::locationForOffset):
962         (JSC::JSObject::inlineGetOwnPropertySlot):
963         * runtime/JSObjectWithGlobalObject.cpp:
964         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
965         * runtime/JSWrapperObject.h:
966         (JSC::JSWrapperObject::JSWrapperObject):
967         (JSC::JSWrapperObject::setInternalValue):
968         * runtime/Lookup.cpp:
969         (JSC::setUpStaticFunctionSlot):
970         * runtime/NumberConstructor.cpp:
971         (JSC::constructWithNumberConstructor):
972         * runtime/NumberObject.cpp:
973         (JSC::NumberObject::NumberObject):
974         (JSC::constructNumber):
975         * runtime/NumberObject.h:
976         * runtime/NumberPrototype.cpp:
977         (JSC::NumberPrototype::NumberPrototype):
978         * runtime/PropertySlot.h:
979         (JSC::PropertySlot::getValue):
980         (JSC::PropertySlot::setValue):
981         (JSC::PropertySlot::setRegisterSlot):
982         * runtime/StringObject.cpp:
983         (JSC::StringObject::StringObject):
984         * runtime/StringPrototype.cpp:
985         (JSC::StringPrototype::StringPrototype):
986         * runtime/WriteBarrier.h:
987         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
988
989 2011-02-01  Daniel Bates  <dbates@rim.com>
990
991         Reviewed by Antonio Gomes.
992
993         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
994         https://bugs.webkit.org/show_bug.cgi?id=53506
995
996         Currently, use of the Mersenne Twister pseudorandom number generator
997         is hardcoded to the Windows CE port. With the passing of bug #53253,
998         we can generalize support for this PRNG to all ports that use srand(3)
999         and rand(3), including Windows CE.
1000
1001         * wtf/RandomNumberSeed.h:
1002         (WTF::initializeRandomNumberGenerator):
1003
1004 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
1005
1006         Reviewed by Gavin Barraclough.
1007
1008         MacroAssemblerARM would generate code that did 32bit loads
1009         on addresses that were not aligned. More specifically it would
1010         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
1011         The intended instruction really is ldrb r8,[r1, #7]; ensure we
1012         call load8 instead of load32.
1013
1014         https://bugs.webkit.org/show_bug.cgi?id=46095
1015
1016         * assembler/MacroAssemblerARM.h:
1017         (JSC::MacroAssemblerARM::set32Test32):
1018         (JSC::MacroAssemblerARM::set32Test8):
1019
1020 2011-02-01  Darin Fisher  <darin@chromium.org>
1021
1022         Reviewed by Eric Seidel.
1023
1024         Fix some Visual Studio compiler warnings.
1025         https://bugs.webkit.org/show_bug.cgi?id=53476
1026
1027         * wtf/MathExtras.h:
1028         (clampToInteger):
1029         (clampToPositiveInteger):
1030         * wtf/ThreadingWin.cpp:
1031         (WTF::absoluteTimeToWaitTimeoutInterval):
1032
1033 2011-01-31  Oliver Hunt  <oliver@apple.com>
1034
1035         Reviewed by Sam Weinig.
1036
1037         Bogus callframe during stack unwinding
1038         https://bugs.webkit.org/show_bug.cgi?id=53454
1039
1040         Trying to access a callframe's globalData after destroying its
1041         ScopeChain is not a good thing.  While we could access the
1042         globalData directly through the (known valid) scopechain we're
1043         holding on to, it feels fragile.  Instead we push the valid
1044         ScopeChain onto the callframe again to ensure that the callframe
1045         itself remains valid.
1046
1047         * interpreter/Interpreter.cpp:
1048         (JSC::Interpreter::unwindCallFrame):
1049
1050 2011-01-31  Michael Saboff  <msaboff@apple.com>
1051
1052         Reviewed by Geoffrey Garen.
1053
1054         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1055         https://bugs.webkit.org/show_bug.cgi?id=53271
1056
1057         Reapplying this change again.
1058         Changed isValid() to use .get() as a result of change r77151.
1059
1060         Added new isValid() methods to check if a contained object in
1061         a WeakGCMap is valid when using an unchecked iterator.
1062
1063         * runtime/WeakGCMap.h:
1064         (JSC::WeakGCMap::isValid):
1065
1066 2011-01-31  Oliver Hunt  <oliver@apple.com>
1067
1068         Convert markstack to a slot visitor API
1069         https://bugs.webkit.org/show_bug.cgi?id=53219
1070
1071         rolling r77098, r77099, r77100, r77109, and
1072         r77111 back in, along with a few more Qt fix attempts.
1073
1074         * API/JSCallbackObject.h:
1075         (JSC::JSCallbackObjectData::setPrivateProperty):
1076         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1077         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1078         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1079         (JSC::JSCallbackObject::setPrivateProperty):
1080         * API/JSCallbackObjectFunctions.h:
1081         (JSC::::put):
1082         (JSC::::staticFunctionGetter):
1083         * API/JSObjectRef.cpp:
1084         (JSObjectMakeConstructor):
1085         (JSObjectSetPrivateProperty):
1086         * API/JSWeakObjectMapRefInternal.h:
1087         * JavaScriptCore.exp:
1088         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1089         * JavaScriptCore.xcodeproj/project.pbxproj:
1090         * bytecode/CodeBlock.cpp:
1091         (JSC::CodeBlock::markAggregate):
1092         * bytecode/CodeBlock.h:
1093         (JSC::CodeBlock::globalObject):
1094         * bytecompiler/BytecodeGenerator.cpp:
1095         (JSC::BytecodeGenerator::BytecodeGenerator):
1096         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1097         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1098         (JSC::BytecodeGenerator::findScopedProperty):
1099         * debugger/Debugger.cpp:
1100         (JSC::evaluateInGlobalCallFrame):
1101         * debugger/DebuggerActivation.cpp:
1102         (JSC::DebuggerActivation::DebuggerActivation):
1103         (JSC::DebuggerActivation::markChildren):
1104         * debugger/DebuggerActivation.h:
1105         * debugger/DebuggerCallFrame.cpp:
1106         (JSC::DebuggerCallFrame::evaluate):
1107         * interpreter/CallFrame.h:
1108         (JSC::ExecState::exception):
1109         * interpreter/Interpreter.cpp:
1110         (JSC::Interpreter::resolve):
1111         (JSC::Interpreter::resolveSkip):
1112         (JSC::Interpreter::resolveGlobal):
1113         (JSC::Interpreter::resolveGlobalDynamic):
1114         (JSC::Interpreter::resolveBaseAndProperty):
1115         (JSC::Interpreter::unwindCallFrame):
1116         (JSC::appendSourceToError):
1117         (JSC::Interpreter::execute):
1118         (JSC::Interpreter::tryCacheGetByID):
1119         (JSC::Interpreter::privateExecute):
1120         * jit/JITStubs.cpp:
1121         (JSC::JITThunks::tryCacheGetByID):
1122         (JSC::DEFINE_STUB_FUNCTION):
1123         * jsc.cpp:
1124         (GlobalObject::GlobalObject):
1125         * runtime/ArgList.cpp:
1126         (JSC::MarkedArgumentBuffer::markLists):
1127         * runtime/Arguments.cpp:
1128         (JSC::Arguments::markChildren):
1129         (JSC::Arguments::getOwnPropertySlot):
1130         (JSC::Arguments::getOwnPropertyDescriptor):
1131         (JSC::Arguments::put):
1132         * runtime/Arguments.h:
1133         (JSC::Arguments::setActivation):
1134         (JSC::Arguments::Arguments):
1135         * runtime/ArrayConstructor.cpp:
1136         (JSC::ArrayConstructor::ArrayConstructor):
1137         (JSC::constructArrayWithSizeQuirk):
1138         * runtime/ArrayPrototype.cpp:
1139         (JSC::arrayProtoFuncSplice):
1140         * runtime/BatchedTransitionOptimizer.h:
1141         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1142         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1143         * runtime/BooleanConstructor.cpp:
1144         (JSC::BooleanConstructor::BooleanConstructor):
1145         (JSC::constructBoolean):
1146         (JSC::constructBooleanFromImmediateBoolean):
1147         * runtime/BooleanPrototype.cpp:
1148         (JSC::BooleanPrototype::BooleanPrototype):
1149         * runtime/ConservativeSet.cpp:
1150         (JSC::ConservativeSet::grow):
1151         * runtime/ConservativeSet.h:
1152         (JSC::ConservativeSet::~ConservativeSet):
1153         (JSC::ConservativeSet::mark):
1154         * runtime/DateConstructor.cpp:
1155         (JSC::DateConstructor::DateConstructor):
1156         * runtime/DateInstance.cpp:
1157         (JSC::DateInstance::DateInstance):
1158         * runtime/DatePrototype.cpp:
1159         (JSC::dateProtoFuncSetTime):
1160         (JSC::setNewValueFromTimeArgs):
1161         (JSC::setNewValueFromDateArgs):
1162         (JSC::dateProtoFuncSetYear):
1163         * runtime/ErrorConstructor.cpp:
1164         (JSC::ErrorConstructor::ErrorConstructor):
1165         * runtime/ErrorInstance.cpp:
1166         (JSC::ErrorInstance::ErrorInstance):
1167         * runtime/ErrorPrototype.cpp:
1168         (JSC::ErrorPrototype::ErrorPrototype):
1169         * runtime/FunctionConstructor.cpp:
1170         (JSC::FunctionConstructor::FunctionConstructor):
1171         * runtime/FunctionPrototype.cpp:
1172         (JSC::FunctionPrototype::FunctionPrototype):
1173         * runtime/GetterSetter.cpp:
1174         (JSC::GetterSetter::markChildren):
1175         * runtime/GetterSetter.h:
1176         (JSC::GetterSetter::GetterSetter):
1177         (JSC::GetterSetter::getter):
1178         (JSC::GetterSetter::setGetter):
1179         (JSC::GetterSetter::setter):
1180         (JSC::GetterSetter::setSetter):
1181         * runtime/GlobalEvalFunction.cpp:
1182         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1183         (JSC::GlobalEvalFunction::markChildren):
1184         * runtime/GlobalEvalFunction.h:
1185         (JSC::GlobalEvalFunction::cachedGlobalObject):
1186         * runtime/Heap.cpp:
1187         (JSC::Heap::markProtectedObjects):
1188         (JSC::Heap::markTempSortVectors):
1189         (JSC::Heap::markRoots):
1190         * runtime/InternalFunction.cpp:
1191         (JSC::InternalFunction::InternalFunction):
1192         * runtime/JSAPIValueWrapper.h:
1193         (JSC::JSAPIValueWrapper::value):
1194         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1195         * runtime/JSActivation.cpp:
1196         (JSC::JSActivation::markChildren):
1197         (JSC::JSActivation::put):
1198         * runtime/JSArray.cpp:
1199         (JSC::JSArray::JSArray):
1200         (JSC::JSArray::getOwnPropertySlot):
1201         (JSC::JSArray::getOwnPropertyDescriptor):
1202         (JSC::JSArray::put):
1203         (JSC::JSArray::putSlowCase):
1204         (JSC::JSArray::deleteProperty):
1205         (JSC::JSArray::increaseVectorLength):
1206         (JSC::JSArray::setLength):
1207         (JSC::JSArray::pop):
1208         (JSC::JSArray::push):
1209         (JSC::JSArray::unshiftCount):
1210         (JSC::JSArray::sort):
1211         (JSC::JSArray::fillArgList):
1212         (JSC::JSArray::copyToRegisters):
1213         (JSC::JSArray::compactForSorting):
1214         * runtime/JSArray.h:
1215         (JSC::JSArray::getIndex):
1216         (JSC::JSArray::setIndex):
1217         (JSC::JSArray::uncheckedSetIndex):
1218         (JSC::JSArray::markChildrenDirect):
1219         * runtime/JSByteArray.cpp:
1220         (JSC::JSByteArray::JSByteArray):
1221         * runtime/JSCell.h:
1222         (JSC::JSCell::MarkStack::append):
1223         (JSC::JSCell::MarkStack::internalAppend):
1224         (JSC::JSCell::MarkStack::deprecatedAppend):
1225         * runtime/JSFunction.cpp:
1226         (JSC::JSFunction::JSFunction):
1227         (JSC::JSFunction::getOwnPropertySlot):
1228         * runtime/JSGlobalData.h:
1229         * runtime/JSGlobalObject.cpp:
1230         (JSC::markIfNeeded):
1231         (JSC::JSGlobalObject::reset):
1232         (JSC::JSGlobalObject::resetPrototype):
1233         (JSC::JSGlobalObject::markChildren):
1234         * runtime/JSGlobalObject.h:
1235         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1236         (JSC::JSGlobalObject::regExpConstructor):
1237         (JSC::JSGlobalObject::errorConstructor):
1238         (JSC::JSGlobalObject::evalErrorConstructor):
1239         (JSC::JSGlobalObject::rangeErrorConstructor):
1240         (JSC::JSGlobalObject::referenceErrorConstructor):
1241         (JSC::JSGlobalObject::syntaxErrorConstructor):
1242         (JSC::JSGlobalObject::typeErrorConstructor):
1243         (JSC::JSGlobalObject::URIErrorConstructor):
1244         (JSC::JSGlobalObject::evalFunction):
1245         (JSC::JSGlobalObject::objectPrototype):
1246         (JSC::JSGlobalObject::functionPrototype):
1247         (JSC::JSGlobalObject::arrayPrototype):
1248         (JSC::JSGlobalObject::booleanPrototype):
1249         (JSC::JSGlobalObject::stringPrototype):
1250         (JSC::JSGlobalObject::numberPrototype):
1251         (JSC::JSGlobalObject::datePrototype):
1252         (JSC::JSGlobalObject::regExpPrototype):
1253         (JSC::JSGlobalObject::methodCallDummy):
1254         (JSC::Structure::prototypeForLookup):
1255         (JSC::constructArray):
1256         * runtime/JSONObject.cpp:
1257         (JSC::Stringifier::Holder::object):
1258         (JSC::Stringifier::Holder::objectSlot):
1259         (JSC::Stringifier::markAggregate):
1260         (JSC::Stringifier::stringify):
1261         (JSC::Stringifier::Holder::appendNextProperty):
1262         (JSC::Walker::callReviver):
1263         (JSC::Walker::walk):
1264         * runtime/JSObject.cpp:
1265         (JSC::JSObject::defineGetter):
1266         (JSC::JSObject::defineSetter):
1267         (JSC::JSObject::removeDirect):
1268         (JSC::JSObject::putDirectFunction):
1269         (JSC::JSObject::putDirectFunctionWithoutTransition):
1270         (JSC::putDescriptor):
1271         (JSC::JSObject::defineOwnProperty):
1272         * runtime/JSObject.h:
1273         (JSC::JSObject::getDirectOffset):
1274         (JSC::JSObject::putDirectOffset):
1275         (JSC::JSObject::putUndefinedAtDirectOffset):
1276         (JSC::JSObject::flattenDictionaryObject):
1277         (JSC::JSObject::putDirectInternal):
1278         (JSC::JSObject::putDirect):
1279         (JSC::JSObject::putDirectFunction):
1280         (JSC::JSObject::putDirectWithoutTransition):
1281         (JSC::JSObject::putDirectFunctionWithoutTransition):
1282         (JSC::JSValue::putDirect):
1283         (JSC::JSObject::allocatePropertyStorageInline):
1284         (JSC::JSObject::markChildrenDirect):
1285         * runtime/JSPropertyNameIterator.cpp:
1286         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1287         (JSC::JSPropertyNameIterator::get):
1288         * runtime/JSPropertyNameIterator.h:
1289         * runtime/JSStaticScopeObject.cpp:
1290         (JSC::JSStaticScopeObject::markChildren):
1291         * runtime/JSString.cpp:
1292         (JSC::StringObject::create):
1293         * runtime/JSValue.h:
1294         * runtime/JSWrapperObject.cpp:
1295         (JSC::JSWrapperObject::markChildren):
1296         * runtime/JSWrapperObject.h:
1297         (JSC::JSWrapperObject::internalValue):
1298         (JSC::JSWrapperObject::setInternalValue):
1299         * runtime/LiteralParser.cpp:
1300         (JSC::LiteralParser::parse):
1301         * runtime/Lookup.cpp:
1302         (JSC::setUpStaticFunctionSlot):
1303         * runtime/Lookup.h:
1304         (JSC::lookupPut):
1305         * runtime/MarkStack.h:
1306         (JSC::MarkStack::MarkStack):
1307         (JSC::MarkStack::deprecatedAppendValues):
1308         (JSC::MarkStack::appendValues):
1309         * runtime/MathObject.cpp:
1310         (JSC::MathObject::MathObject):
1311         * runtime/NativeErrorConstructor.cpp:
1312         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1313         * runtime/NativeErrorPrototype.cpp:
1314         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1315         * runtime/NumberConstructor.cpp:
1316         (JSC::NumberConstructor::NumberConstructor):
1317         (JSC::constructWithNumberConstructor):
1318         * runtime/NumberObject.cpp:
1319         (JSC::constructNumber):
1320         * runtime/NumberPrototype.cpp:
1321         (JSC::NumberPrototype::NumberPrototype):
1322         * runtime/ObjectConstructor.cpp:
1323         (JSC::ObjectConstructor::ObjectConstructor):
1324         (JSC::objectConstructorGetOwnPropertyDescriptor):
1325         * runtime/Operations.h:
1326         (JSC::normalizePrototypeChain):
1327         (JSC::resolveBase):
1328         * runtime/PrototypeFunction.cpp:
1329         (JSC::PrototypeFunction::PrototypeFunction):
1330         * runtime/PutPropertySlot.h:
1331         (JSC::PutPropertySlot::setExistingProperty):
1332         (JSC::PutPropertySlot::setNewProperty):
1333         (JSC::PutPropertySlot::base):
1334         * runtime/RegExpConstructor.cpp:
1335         (JSC::RegExpConstructor::RegExpConstructor):
1336         * runtime/ScopeChain.cpp:
1337         (JSC::ScopeChainNode::print):
1338         * runtime/ScopeChain.h:
1339         (JSC::ScopeChainNode::~ScopeChainNode):
1340         (JSC::ScopeChainIterator::operator*):
1341         (JSC::ScopeChainIterator::operator->):
1342         (JSC::ScopeChain::top):
1343         * runtime/ScopeChainMark.h:
1344         (JSC::ScopeChain::markAggregate):
1345         * runtime/SmallStrings.cpp:
1346         (JSC::isMarked):
1347         (JSC::SmallStrings::markChildren):
1348         * runtime/SmallStrings.h:
1349         (JSC::SmallStrings::emptyString):
1350         (JSC::SmallStrings::singleCharacterString):
1351         (JSC::SmallStrings::singleCharacterStrings):
1352         * runtime/StringConstructor.cpp:
1353         (JSC::StringConstructor::StringConstructor):
1354         * runtime/StringObject.cpp:
1355         (JSC::StringObject::StringObject):
1356         * runtime/StringObject.h:
1357         * runtime/StringPrototype.cpp:
1358         (JSC::StringPrototype::StringPrototype):
1359         * runtime/Structure.cpp:
1360         (JSC::Structure::Structure):
1361         (JSC::Structure::addPropertyTransition):
1362         (JSC::Structure::toDictionaryTransition):
1363         (JSC::Structure::flattenDictionaryStructure):
1364         * runtime/Structure.h:
1365         (JSC::Structure::storedPrototype):
1366         (JSC::Structure::storedPrototypeSlot):
1367         * runtime/WeakGCMap.h:
1368         (JSC::WeakGCMap::uncheckedGet):
1369         (JSC::WeakGCMap::uncheckedGetSlot):
1370         (JSC::::get):
1371         (JSC::::take):
1372         (JSC::::set):
1373         (JSC::::uncheckedRemove):
1374         * runtime/WriteBarrier.h: Added.
1375         (JSC::DeprecatedPtr::DeprecatedPtr):
1376         (JSC::DeprecatedPtr::get):
1377         (JSC::DeprecatedPtr::operator*):
1378         (JSC::DeprecatedPtr::operator->):
1379         (JSC::DeprecatedPtr::slot):
1380         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1381         (JSC::DeprecatedPtr::operator!):
1382         (JSC::WriteBarrierBase::set):
1383         (JSC::WriteBarrierBase::get):
1384         (JSC::WriteBarrierBase::operator*):
1385         (JSC::WriteBarrierBase::operator->):
1386         (JSC::WriteBarrierBase::clear):
1387         (JSC::WriteBarrierBase::slot):
1388         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1389         (JSC::WriteBarrierBase::operator!):
1390         (JSC::WriteBarrier::WriteBarrier):
1391         (JSC::operator==):
1392
1393 2011-01-31  Dan Winship  <danw@gnome.org>
1394
1395         Reviewed by Gustavo Noronha Silva.
1396
1397         wss (websockets ssl) support for gtk via new gio TLS support
1398         https://bugs.webkit.org/show_bug.cgi?id=50344
1399
1400         Add a GPollableOutputStream typedef for TLS WebSockets support
1401
1402         * wtf/gobject/GTypedefs.h:
1403
1404 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
1405
1406         Reviewed by Geoff Garen.
1407
1408         https://bugs.webkit.org/show_bug.cgi?id=53352
1409         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
1410
1411         The FixedVMPoolAllocator currently uses a best fix policy -
1412         switch to first fit, this is less prone to external fragmentation.
1413
1414         * jit/ExecutableAllocatorFixedVMPool.cpp:
1415         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
1416         (JSC::AllocationTableSizeClass::blockSize):
1417         (JSC::AllocationTableSizeClass::blockCount):
1418         (JSC::AllocationTableSizeClass::blockAlignment):
1419         (JSC::AllocationTableSizeClass::size):
1420         (JSC::AllocationTableLeaf::AllocationTableLeaf):
1421         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
1422         (JSC::AllocationTableLeaf::allocate):
1423         (JSC::AllocationTableLeaf::free):
1424         (JSC::AllocationTableLeaf::isEmpty):
1425         (JSC::AllocationTableLeaf::isFull):
1426         (JSC::AllocationTableLeaf::size):
1427         (JSC::AllocationTableLeaf::classForSize):
1428         (JSC::AllocationTableLeaf::dump):
1429         (JSC::LazyAllocationTable::LazyAllocationTable):
1430         (JSC::LazyAllocationTable::~LazyAllocationTable):
1431         (JSC::LazyAllocationTable::allocate):
1432         (JSC::LazyAllocationTable::free):
1433         (JSC::LazyAllocationTable::isEmpty):
1434         (JSC::LazyAllocationTable::isFull):
1435         (JSC::LazyAllocationTable::size):
1436         (JSC::LazyAllocationTable::dump):
1437         (JSC::LazyAllocationTable::classForSize):
1438         (JSC::AllocationTableDirectory::AllocationTableDirectory):
1439         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
1440         (JSC::AllocationTableDirectory::allocate):
1441         (JSC::AllocationTableDirectory::free):
1442         (JSC::AllocationTableDirectory::isEmpty):
1443         (JSC::AllocationTableDirectory::isFull):
1444         (JSC::AllocationTableDirectory::size):
1445         (JSC::AllocationTableDirectory::classForSize):
1446         (JSC::AllocationTableDirectory::dump):
1447         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1448         (JSC::FixedVMPoolAllocator::alloc):
1449         (JSC::FixedVMPoolAllocator::free):
1450         (JSC::FixedVMPoolAllocator::allocated):
1451         (JSC::FixedVMPoolAllocator::isValid):
1452         (JSC::FixedVMPoolAllocator::classForSize):
1453         (JSC::FixedVMPoolAllocator::offsetToPointer):
1454         (JSC::FixedVMPoolAllocator::pointerToOffset):
1455         (JSC::ExecutableAllocator::committedByteCount):
1456         (JSC::ExecutableAllocator::isValid):
1457         (JSC::ExecutableAllocator::underMemoryPressure):
1458         (JSC::ExecutablePool::systemAlloc):
1459         (JSC::ExecutablePool::systemRelease):
1460         * wtf/PageReservation.h:
1461         (WTF::PageReservation::PageReservation):
1462         (WTF::PageReservation::commit):
1463         (WTF::PageReservation::decommit):
1464         (WTF::PageReservation::committed):
1465
1466 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1467
1468         Unreviewed, rolling out r76969.
1469         http://trac.webkit.org/changeset/76969
1470         https://bugs.webkit.org/show_bug.cgi?id=53418
1471
1472         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1473         alexg__ on #webkit).
1474
1475         * runtime/WeakGCMap.h:
1476
1477 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1478
1479         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1480         r77111.
1481         http://trac.webkit.org/changeset/77098
1482         http://trac.webkit.org/changeset/77099
1483         http://trac.webkit.org/changeset/77100
1484         http://trac.webkit.org/changeset/77109
1485         http://trac.webkit.org/changeset/77111
1486         https://bugs.webkit.org/show_bug.cgi?id=53219
1487
1488         Qt build is broken
1489
1490         * API/JSCallbackObject.h:
1491         (JSC::JSCallbackObjectData::setPrivateProperty):
1492         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1493         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1494         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1495         (JSC::JSCallbackObject::setPrivateProperty):
1496         * API/JSCallbackObjectFunctions.h:
1497         (JSC::::put):
1498         (JSC::::staticFunctionGetter):
1499         * API/JSObjectRef.cpp:
1500         (JSObjectMakeConstructor):
1501         (JSObjectSetPrivateProperty):
1502         * API/JSWeakObjectMapRefInternal.h:
1503         * JavaScriptCore.exp:
1504         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1505         * JavaScriptCore.xcodeproj/project.pbxproj:
1506         * bytecode/CodeBlock.cpp:
1507         (JSC::CodeBlock::markAggregate):
1508         * bytecode/CodeBlock.h:
1509         (JSC::CodeBlock::globalObject):
1510         * bytecompiler/BytecodeGenerator.cpp:
1511         (JSC::BytecodeGenerator::BytecodeGenerator):
1512         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1513         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1514         (JSC::BytecodeGenerator::findScopedProperty):
1515         * debugger/Debugger.cpp:
1516         (JSC::evaluateInGlobalCallFrame):
1517         * debugger/DebuggerActivation.cpp:
1518         (JSC::DebuggerActivation::DebuggerActivation):
1519         (JSC::DebuggerActivation::markChildren):
1520         * debugger/DebuggerActivation.h:
1521         * debugger/DebuggerCallFrame.cpp:
1522         (JSC::DebuggerCallFrame::evaluate):
1523         * interpreter/CallFrame.h:
1524         (JSC::ExecState::exception):
1525         * interpreter/Interpreter.cpp:
1526         (JSC::Interpreter::resolve):
1527         (JSC::Interpreter::resolveSkip):
1528         (JSC::Interpreter::resolveGlobal):
1529         (JSC::Interpreter::resolveGlobalDynamic):
1530         (JSC::Interpreter::resolveBaseAndProperty):
1531         (JSC::Interpreter::unwindCallFrame):
1532         (JSC::appendSourceToError):
1533         (JSC::Interpreter::execute):
1534         (JSC::Interpreter::tryCacheGetByID):
1535         (JSC::Interpreter::privateExecute):
1536         * jit/JITStubs.cpp:
1537         (JSC::JITThunks::tryCacheGetByID):
1538         (JSC::DEFINE_STUB_FUNCTION):
1539         * jsc.cpp:
1540         (GlobalObject::GlobalObject):
1541         * runtime/ArgList.cpp:
1542         (JSC::MarkedArgumentBuffer::markLists):
1543         * runtime/Arguments.cpp:
1544         (JSC::Arguments::markChildren):
1545         (JSC::Arguments::getOwnPropertySlot):
1546         (JSC::Arguments::getOwnPropertyDescriptor):
1547         (JSC::Arguments::put):
1548         * runtime/Arguments.h:
1549         (JSC::Arguments::setActivation):
1550         (JSC::Arguments::Arguments):
1551         * runtime/ArrayConstructor.cpp:
1552         (JSC::ArrayConstructor::ArrayConstructor):
1553         (JSC::constructArrayWithSizeQuirk):
1554         * runtime/ArrayPrototype.cpp:
1555         (JSC::arrayProtoFuncSplice):
1556         * runtime/BatchedTransitionOptimizer.h:
1557         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1558         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1559         * runtime/BooleanConstructor.cpp:
1560         (JSC::BooleanConstructor::BooleanConstructor):
1561         (JSC::constructBoolean):
1562         (JSC::constructBooleanFromImmediateBoolean):
1563         * runtime/BooleanPrototype.cpp:
1564         (JSC::BooleanPrototype::BooleanPrototype):
1565         * runtime/ConservativeSet.cpp:
1566         (JSC::ConservativeSet::grow):
1567         * runtime/ConservativeSet.h:
1568         (JSC::ConservativeSet::~ConservativeSet):
1569         (JSC::ConservativeSet::mark):
1570         * runtime/DateConstructor.cpp:
1571         (JSC::DateConstructor::DateConstructor):
1572         * runtime/DateInstance.cpp:
1573         (JSC::DateInstance::DateInstance):
1574         * runtime/DatePrototype.cpp:
1575         (JSC::dateProtoFuncSetTime):
1576         (JSC::setNewValueFromTimeArgs):
1577         (JSC::setNewValueFromDateArgs):
1578         (JSC::dateProtoFuncSetYear):
1579         * runtime/ErrorConstructor.cpp:
1580         (JSC::ErrorConstructor::ErrorConstructor):
1581         * runtime/ErrorInstance.cpp:
1582         (JSC::ErrorInstance::ErrorInstance):
1583         * runtime/ErrorPrototype.cpp:
1584         (JSC::ErrorPrototype::ErrorPrototype):
1585         * runtime/FunctionConstructor.cpp:
1586         (JSC::FunctionConstructor::FunctionConstructor):
1587         * runtime/FunctionPrototype.cpp:
1588         (JSC::FunctionPrototype::FunctionPrototype):
1589         * runtime/GetterSetter.cpp:
1590         (JSC::GetterSetter::markChildren):
1591         * runtime/GetterSetter.h:
1592         (JSC::GetterSetter::GetterSetter):
1593         (JSC::GetterSetter::getter):
1594         (JSC::GetterSetter::setGetter):
1595         (JSC::GetterSetter::setter):
1596         (JSC::GetterSetter::setSetter):
1597         * runtime/GlobalEvalFunction.cpp:
1598         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1599         (JSC::GlobalEvalFunction::markChildren):
1600         * runtime/GlobalEvalFunction.h:
1601         (JSC::GlobalEvalFunction::cachedGlobalObject):
1602         * runtime/Heap.cpp:
1603         (JSC::Heap::markProtectedObjects):
1604         (JSC::Heap::markTempSortVectors):
1605         (JSC::Heap::markRoots):
1606         * runtime/InternalFunction.cpp:
1607         (JSC::InternalFunction::InternalFunction):
1608         * runtime/JSAPIValueWrapper.h:
1609         (JSC::JSAPIValueWrapper::value):
1610         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1611         * runtime/JSActivation.cpp:
1612         (JSC::JSActivation::markChildren):
1613         (JSC::JSActivation::put):
1614         * runtime/JSArray.cpp:
1615         (JSC::JSArray::JSArray):
1616         (JSC::JSArray::getOwnPropertySlot):
1617         (JSC::JSArray::getOwnPropertyDescriptor):
1618         (JSC::JSArray::put):
1619         (JSC::JSArray::putSlowCase):
1620         (JSC::JSArray::deleteProperty):
1621         (JSC::JSArray::increaseVectorLength):
1622         (JSC::JSArray::setLength):
1623         (JSC::JSArray::pop):
1624         (JSC::JSArray::push):
1625         (JSC::JSArray::unshiftCount):
1626         (JSC::JSArray::sort):
1627         (JSC::JSArray::fillArgList):
1628         (JSC::JSArray::copyToRegisters):
1629         (JSC::JSArray::compactForSorting):
1630         * runtime/JSArray.h:
1631         (JSC::JSArray::getIndex):
1632         (JSC::JSArray::setIndex):
1633         (JSC::JSArray::uncheckedSetIndex):
1634         (JSC::JSArray::markChildrenDirect):
1635         * runtime/JSByteArray.cpp:
1636         (JSC::JSByteArray::JSByteArray):
1637         * runtime/JSCell.h:
1638         (JSC::JSCell::JSValue::toThisObject):
1639         (JSC::JSCell::MarkStack::append):
1640         * runtime/JSFunction.cpp:
1641         (JSC::JSFunction::JSFunction):
1642         (JSC::JSFunction::getOwnPropertySlot):
1643         * runtime/JSGlobalData.h:
1644         * runtime/JSGlobalObject.cpp:
1645         (JSC::markIfNeeded):
1646         (JSC::JSGlobalObject::reset):
1647         (JSC::JSGlobalObject::resetPrototype):
1648         (JSC::JSGlobalObject::markChildren):
1649         * runtime/JSGlobalObject.h:
1650         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1651         (JSC::JSGlobalObject::regExpConstructor):
1652         (JSC::JSGlobalObject::errorConstructor):
1653         (JSC::JSGlobalObject::evalErrorConstructor):
1654         (JSC::JSGlobalObject::rangeErrorConstructor):
1655         (JSC::JSGlobalObject::referenceErrorConstructor):
1656         (JSC::JSGlobalObject::syntaxErrorConstructor):
1657         (JSC::JSGlobalObject::typeErrorConstructor):
1658         (JSC::JSGlobalObject::URIErrorConstructor):
1659         (JSC::JSGlobalObject::evalFunction):
1660         (JSC::JSGlobalObject::objectPrototype):
1661         (JSC::JSGlobalObject::functionPrototype):
1662         (JSC::JSGlobalObject::arrayPrototype):
1663         (JSC::JSGlobalObject::booleanPrototype):
1664         (JSC::JSGlobalObject::stringPrototype):
1665         (JSC::JSGlobalObject::numberPrototype):
1666         (JSC::JSGlobalObject::datePrototype):
1667         (JSC::JSGlobalObject::regExpPrototype):
1668         (JSC::JSGlobalObject::methodCallDummy):
1669         (JSC::Structure::prototypeForLookup):
1670         (JSC::constructArray):
1671         * runtime/JSONObject.cpp:
1672         (JSC::Stringifier::Holder::object):
1673         (JSC::Stringifier::markAggregate):
1674         (JSC::Stringifier::stringify):
1675         (JSC::Stringifier::Holder::appendNextProperty):
1676         (JSC::Walker::callReviver):
1677         (JSC::Walker::walk):
1678         * runtime/JSObject.cpp:
1679         (JSC::JSObject::defineGetter):
1680         (JSC::JSObject::defineSetter):
1681         (JSC::JSObject::removeDirect):
1682         (JSC::JSObject::putDirectFunction):
1683         (JSC::JSObject::putDirectFunctionWithoutTransition):
1684         (JSC::putDescriptor):
1685         (JSC::JSObject::defineOwnProperty):
1686         * runtime/JSObject.h:
1687         (JSC::JSObject::getDirectOffset):
1688         (JSC::JSObject::putDirectOffset):
1689         (JSC::JSObject::flattenDictionaryObject):
1690         (JSC::JSObject::putDirectInternal):
1691         (JSC::JSObject::putDirect):
1692         (JSC::JSObject::putDirectFunction):
1693         (JSC::JSObject::putDirectWithoutTransition):
1694         (JSC::JSObject::putDirectFunctionWithoutTransition):
1695         (JSC::JSValue::putDirect):
1696         (JSC::JSObject::allocatePropertyStorageInline):
1697         (JSC::JSObject::markChildrenDirect):
1698         * runtime/JSPropertyNameIterator.cpp:
1699         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1700         (JSC::JSPropertyNameIterator::get):
1701         * runtime/JSPropertyNameIterator.h:
1702         * runtime/JSStaticScopeObject.cpp:
1703         (JSC::JSStaticScopeObject::markChildren):
1704         * runtime/JSString.cpp:
1705         (JSC::StringObject::create):
1706         * runtime/JSValue.h:
1707         * runtime/JSWrapperObject.cpp:
1708         (JSC::JSWrapperObject::markChildren):
1709         * runtime/JSWrapperObject.h:
1710         (JSC::JSWrapperObject::internalValue):
1711         (JSC::JSWrapperObject::setInternalValue):
1712         * runtime/LiteralParser.cpp:
1713         (JSC::LiteralParser::parse):
1714         * runtime/Lookup.cpp:
1715         (JSC::setUpStaticFunctionSlot):
1716         * runtime/Lookup.h:
1717         (JSC::lookupPut):
1718         * runtime/MarkStack.h:
1719         (JSC::MarkStack::appendValues):
1720         * runtime/MathObject.cpp:
1721         (JSC::MathObject::MathObject):
1722         * runtime/NativeErrorConstructor.cpp:
1723         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1724         * runtime/NativeErrorPrototype.cpp:
1725         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1726         * runtime/NumberConstructor.cpp:
1727         (JSC::NumberConstructor::NumberConstructor):
1728         (JSC::constructWithNumberConstructor):
1729         * runtime/NumberObject.cpp:
1730         (JSC::constructNumber):
1731         * runtime/NumberPrototype.cpp:
1732         (JSC::NumberPrototype::NumberPrototype):
1733         * runtime/ObjectConstructor.cpp:
1734         (JSC::ObjectConstructor::ObjectConstructor):
1735         (JSC::objectConstructorGetOwnPropertyDescriptor):
1736         * runtime/Operations.h:
1737         (JSC::normalizePrototypeChain):
1738         (JSC::resolveBase):
1739         * runtime/PrototypeFunction.cpp:
1740         (JSC::PrototypeFunction::PrototypeFunction):
1741         * runtime/PutPropertySlot.h:
1742         (JSC::PutPropertySlot::setExistingProperty):
1743         (JSC::PutPropertySlot::setNewProperty):
1744         (JSC::PutPropertySlot::base):
1745         * runtime/RegExpConstructor.cpp:
1746         (JSC::RegExpConstructor::RegExpConstructor):
1747         * runtime/ScopeChain.cpp:
1748         (JSC::ScopeChainNode::print):
1749         * runtime/ScopeChain.h:
1750         (JSC::ScopeChainNode::~ScopeChainNode):
1751         (JSC::ScopeChainIterator::operator*):
1752         (JSC::ScopeChainIterator::operator->):
1753         (JSC::ScopeChain::top):
1754         * runtime/ScopeChainMark.h:
1755         (JSC::ScopeChain::markAggregate):
1756         * runtime/SmallStrings.cpp:
1757         (JSC::isMarked):
1758         (JSC::SmallStrings::markChildren):
1759         * runtime/SmallStrings.h:
1760         (JSC::SmallStrings::emptyString):
1761         (JSC::SmallStrings::singleCharacterString):
1762         (JSC::SmallStrings::singleCharacterStrings):
1763         * runtime/StringConstructor.cpp:
1764         (JSC::StringConstructor::StringConstructor):
1765         * runtime/StringObject.cpp:
1766         (JSC::StringObject::StringObject):
1767         * runtime/StringObject.h:
1768         * runtime/StringPrototype.cpp:
1769         (JSC::StringPrototype::StringPrototype):
1770         * runtime/Structure.cpp:
1771         (JSC::Structure::Structure):
1772         (JSC::Structure::addPropertyTransition):
1773         (JSC::Structure::toDictionaryTransition):
1774         (JSC::Structure::flattenDictionaryStructure):
1775         * runtime/Structure.h:
1776         (JSC::Structure::storedPrototype):
1777         * runtime/WeakGCMap.h:
1778         (JSC::WeakGCMap::uncheckedGet):
1779         (JSC::WeakGCMap::isValid):
1780         (JSC::::get):
1781         (JSC::::take):
1782         (JSC::::set):
1783         (JSC::::uncheckedRemove):
1784         * runtime/WriteBarrier.h: Removed.
1785
1786 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1787
1788         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1789
1790         * runtime/WriteBarrier.h:
1791         (JSC::WriteBarrierBase::clear):
1792
1793 2011-01-30  Oliver Hunt  <oliver@apple.com>
1794
1795         More Qt build fixes
1796
1797         * runtime/WriteBarrier.h:
1798         (JSC::WriteBarrierBase::clear):
1799
1800 2011-01-30  Oliver Hunt  <oliver@apple.com>
1801
1802         Convert markstack to a slot visitor API
1803         https://bugs.webkit.org/show_bug.cgi?id=53219
1804
1805         rolling r77006 and r77020 back in.
1806
1807         * API/JSCallbackObject.h:
1808         (JSC::JSCallbackObjectData::setPrivateProperty):
1809         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1810         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1811         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1812         (JSC::JSCallbackObject::setPrivateProperty):
1813         * API/JSCallbackObjectFunctions.h:
1814         (JSC::::put):
1815         (JSC::::staticFunctionGetter):
1816         * API/JSObjectRef.cpp:
1817         (JSObjectMakeConstructor):
1818         (JSObjectSetPrivateProperty):
1819         * API/JSWeakObjectMapRefInternal.h:
1820         * JavaScriptCore.exp:
1821         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1822         * JavaScriptCore.xcodeproj/project.pbxproj:
1823         * bytecode/CodeBlock.cpp:
1824         (JSC::CodeBlock::markAggregate):
1825         * bytecode/CodeBlock.h:
1826         (JSC::CodeBlock::globalObject):
1827         * bytecompiler/BytecodeGenerator.cpp:
1828         (JSC::BytecodeGenerator::BytecodeGenerator):
1829         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1830         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1831         (JSC::BytecodeGenerator::findScopedProperty):
1832         * debugger/Debugger.cpp:
1833         (JSC::evaluateInGlobalCallFrame):
1834         * debugger/DebuggerActivation.cpp:
1835         (JSC::DebuggerActivation::DebuggerActivation):
1836         (JSC::DebuggerActivation::markChildren):
1837         * debugger/DebuggerActivation.h:
1838         * debugger/DebuggerCallFrame.cpp:
1839         (JSC::DebuggerCallFrame::evaluate):
1840         * interpreter/CallFrame.h:
1841         (JSC::ExecState::exception):
1842         * interpreter/Interpreter.cpp:
1843         (JSC::Interpreter::resolve):
1844         (JSC::Interpreter::resolveSkip):
1845         (JSC::Interpreter::resolveGlobal):
1846         (JSC::Interpreter::resolveGlobalDynamic):
1847         (JSC::Interpreter::resolveBaseAndProperty):
1848         (JSC::Interpreter::unwindCallFrame):
1849         (JSC::appendSourceToError):
1850         (JSC::Interpreter::execute):
1851         (JSC::Interpreter::tryCacheGetByID):
1852         (JSC::Interpreter::privateExecute):
1853         * jit/JITStubs.cpp:
1854         (JSC::JITThunks::tryCacheGetByID):
1855         (JSC::DEFINE_STUB_FUNCTION):
1856         * jsc.cpp:
1857         (GlobalObject::GlobalObject):
1858         * runtime/ArgList.cpp:
1859         (JSC::MarkedArgumentBuffer::markLists):
1860         * runtime/Arguments.cpp:
1861         (JSC::Arguments::markChildren):
1862         (JSC::Arguments::getOwnPropertySlot):
1863         (JSC::Arguments::getOwnPropertyDescriptor):
1864         (JSC::Arguments::put):
1865         * runtime/Arguments.h:
1866         (JSC::Arguments::setActivation):
1867         (JSC::Arguments::Arguments):
1868         * runtime/ArrayConstructor.cpp:
1869         (JSC::ArrayConstructor::ArrayConstructor):
1870         (JSC::constructArrayWithSizeQuirk):
1871         * runtime/ArrayPrototype.cpp:
1872         (JSC::arrayProtoFuncSplice):
1873         * runtime/BatchedTransitionOptimizer.h:
1874         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1875         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1876         * runtime/BooleanConstructor.cpp:
1877         (JSC::BooleanConstructor::BooleanConstructor):
1878         (JSC::constructBoolean):
1879         (JSC::constructBooleanFromImmediateBoolean):
1880         * runtime/BooleanPrototype.cpp:
1881         (JSC::BooleanPrototype::BooleanPrototype):
1882         * runtime/ConservativeSet.cpp:
1883         (JSC::ConservativeSet::grow):
1884         * runtime/ConservativeSet.h:
1885         (JSC::ConservativeSet::~ConservativeSet):
1886         (JSC::ConservativeSet::mark):
1887         * runtime/DateConstructor.cpp:
1888         (JSC::DateConstructor::DateConstructor):
1889         * runtime/DateInstance.cpp:
1890         (JSC::DateInstance::DateInstance):
1891         * runtime/DatePrototype.cpp:
1892         (JSC::dateProtoFuncSetTime):
1893         (JSC::setNewValueFromTimeArgs):
1894         (JSC::setNewValueFromDateArgs):
1895         (JSC::dateProtoFuncSetYear):
1896         * runtime/ErrorConstructor.cpp:
1897         (JSC::ErrorConstructor::ErrorConstructor):
1898         * runtime/ErrorInstance.cpp:
1899         (JSC::ErrorInstance::ErrorInstance):
1900         * runtime/ErrorPrototype.cpp:
1901         (JSC::ErrorPrototype::ErrorPrototype):
1902         * runtime/FunctionConstructor.cpp:
1903         (JSC::FunctionConstructor::FunctionConstructor):
1904         * runtime/FunctionPrototype.cpp:
1905         (JSC::FunctionPrototype::FunctionPrototype):
1906         * runtime/GetterSetter.cpp:
1907         (JSC::GetterSetter::markChildren):
1908         * runtime/GetterSetter.h:
1909         (JSC::GetterSetter::GetterSetter):
1910         (JSC::GetterSetter::getter):
1911         (JSC::GetterSetter::setGetter):
1912         (JSC::GetterSetter::setter):
1913         (JSC::GetterSetter::setSetter):
1914         * runtime/GlobalEvalFunction.cpp:
1915         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1916         (JSC::GlobalEvalFunction::markChildren):
1917         * runtime/GlobalEvalFunction.h:
1918         (JSC::GlobalEvalFunction::cachedGlobalObject):
1919         * runtime/Heap.cpp:
1920         (JSC::Heap::markProtectedObjects):
1921         (JSC::Heap::markTempSortVectors):
1922         (JSC::Heap::markRoots):
1923         * runtime/InternalFunction.cpp:
1924         (JSC::InternalFunction::InternalFunction):
1925         * runtime/JSAPIValueWrapper.h:
1926         (JSC::JSAPIValueWrapper::value):
1927         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1928         * runtime/JSActivation.cpp:
1929         (JSC::JSActivation::markChildren):
1930         (JSC::JSActivation::put):
1931         * runtime/JSArray.cpp:
1932         (JSC::JSArray::JSArray):
1933         (JSC::JSArray::getOwnPropertySlot):
1934         (JSC::JSArray::getOwnPropertyDescriptor):
1935         (JSC::JSArray::put):
1936         (JSC::JSArray::putSlowCase):
1937         (JSC::JSArray::deleteProperty):
1938         (JSC::JSArray::increaseVectorLength):
1939         (JSC::JSArray::setLength):
1940         (JSC::JSArray::pop):
1941         (JSC::JSArray::push):
1942         (JSC::JSArray::unshiftCount):
1943         (JSC::JSArray::sort):
1944         (JSC::JSArray::fillArgList):
1945         (JSC::JSArray::copyToRegisters):
1946         (JSC::JSArray::compactForSorting):
1947         * runtime/JSArray.h:
1948         (JSC::JSArray::getIndex):
1949         (JSC::JSArray::setIndex):
1950         (JSC::JSArray::uncheckedSetIndex):
1951         (JSC::JSArray::markChildrenDirect):
1952         * runtime/JSByteArray.cpp:
1953         (JSC::JSByteArray::JSByteArray):
1954         * runtime/JSCell.h:
1955         (JSC::JSCell::MarkStack::append):
1956         (JSC::JSCell::MarkStack::internalAppend):
1957         (JSC::JSCell::MarkStack::deprecatedAppend):
1958         * runtime/JSFunction.cpp:
1959         (JSC::JSFunction::JSFunction):
1960         (JSC::JSFunction::getOwnPropertySlot):
1961         * runtime/JSGlobalData.h:
1962         * runtime/JSGlobalObject.cpp:
1963         (JSC::markIfNeeded):
1964         (JSC::JSGlobalObject::reset):
1965         (JSC::JSGlobalObject::resetPrototype):
1966         (JSC::JSGlobalObject::markChildren):
1967         * runtime/JSGlobalObject.h:
1968         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1969         (JSC::JSGlobalObject::regExpConstructor):
1970         (JSC::JSGlobalObject::errorConstructor):
1971         (JSC::JSGlobalObject::evalErrorConstructor):
1972         (JSC::JSGlobalObject::rangeErrorConstructor):
1973         (JSC::JSGlobalObject::referenceErrorConstructor):
1974         (JSC::JSGlobalObject::syntaxErrorConstructor):
1975         (JSC::JSGlobalObject::typeErrorConstructor):
1976         (JSC::JSGlobalObject::URIErrorConstructor):
1977         (JSC::JSGlobalObject::evalFunction):
1978         (JSC::JSGlobalObject::objectPrototype):
1979         (JSC::JSGlobalObject::functionPrototype):
1980         (JSC::JSGlobalObject::arrayPrototype):
1981         (JSC::JSGlobalObject::booleanPrototype):
1982         (JSC::JSGlobalObject::stringPrototype):
1983         (JSC::JSGlobalObject::numberPrototype):
1984         (JSC::JSGlobalObject::datePrototype):
1985         (JSC::JSGlobalObject::regExpPrototype):
1986         (JSC::JSGlobalObject::methodCallDummy):
1987         (JSC::Structure::prototypeForLookup):
1988         (JSC::constructArray):
1989         * runtime/JSONObject.cpp:
1990         (JSC::Stringifier::Holder::object):
1991         (JSC::Stringifier::Holder::objectSlot):
1992         (JSC::Stringifier::markAggregate):
1993         (JSC::Stringifier::stringify):
1994         (JSC::Stringifier::Holder::appendNextProperty):
1995         (JSC::Walker::callReviver):
1996         (JSC::Walker::walk):
1997         * runtime/JSObject.cpp:
1998         (JSC::JSObject::defineGetter):
1999         (JSC::JSObject::defineSetter):
2000         (JSC::JSObject::removeDirect):
2001         (JSC::JSObject::putDirectFunction):
2002         (JSC::JSObject::putDirectFunctionWithoutTransition):
2003         (JSC::putDescriptor):
2004         (JSC::JSObject::defineOwnProperty):
2005         * runtime/JSObject.h:
2006         (JSC::JSObject::getDirectOffset):
2007         (JSC::JSObject::putDirectOffset):
2008         (JSC::JSObject::putUndefinedAtDirectOffset):
2009         (JSC::JSObject::flattenDictionaryObject):
2010         (JSC::JSObject::putDirectInternal):
2011         (JSC::JSObject::putDirect):
2012         (JSC::JSObject::putDirectFunction):
2013         (JSC::JSObject::putDirectWithoutTransition):
2014         (JSC::JSObject::putDirectFunctionWithoutTransition):
2015         (JSC::JSValue::putDirect):
2016         (JSC::JSObject::allocatePropertyStorageInline):
2017         (JSC::JSObject::markChildrenDirect):
2018         * runtime/JSPropertyNameIterator.cpp:
2019         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2020         (JSC::JSPropertyNameIterator::get):
2021         * runtime/JSPropertyNameIterator.h:
2022         * runtime/JSStaticScopeObject.cpp:
2023         (JSC::JSStaticScopeObject::markChildren):
2024         * runtime/JSString.cpp:
2025         (JSC::StringObject::create):
2026         * runtime/JSValue.h:
2027         * runtime/JSWrapperObject.cpp:
2028         (JSC::JSWrapperObject::markChildren):
2029         * runtime/JSWrapperObject.h:
2030         (JSC::JSWrapperObject::internalValue):
2031         (JSC::JSWrapperObject::setInternalValue):
2032         * runtime/LiteralParser.cpp:
2033         (JSC::LiteralParser::parse):
2034         * runtime/Lookup.cpp:
2035         (JSC::setUpStaticFunctionSlot):
2036         * runtime/Lookup.h:
2037         (JSC::lookupPut):
2038         * runtime/MarkStack.h:
2039         (JSC::MarkStack::MarkStack):
2040         (JSC::MarkStack::deprecatedAppendValues):
2041         (JSC::MarkStack::appendValues):
2042         * runtime/MathObject.cpp:
2043         (JSC::MathObject::MathObject):
2044         * runtime/NativeErrorConstructor.cpp:
2045         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2046         * runtime/NativeErrorPrototype.cpp:
2047         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2048         * runtime/NumberConstructor.cpp:
2049         (JSC::NumberConstructor::NumberConstructor):
2050         (JSC::constructWithNumberConstructor):
2051         * runtime/NumberObject.cpp:
2052         (JSC::constructNumber):
2053         * runtime/NumberPrototype.cpp:
2054         (JSC::NumberPrototype::NumberPrototype):
2055         * runtime/ObjectConstructor.cpp:
2056         (JSC::ObjectConstructor::ObjectConstructor):
2057         (JSC::objectConstructorGetOwnPropertyDescriptor):
2058         * runtime/Operations.h:
2059         (JSC::normalizePrototypeChain):
2060         (JSC::resolveBase):
2061         * runtime/PrototypeFunction.cpp:
2062         (JSC::PrototypeFunction::PrototypeFunction):
2063         * runtime/PutPropertySlot.h:
2064         (JSC::PutPropertySlot::setExistingProperty):
2065         (JSC::PutPropertySlot::setNewProperty):
2066         (JSC::PutPropertySlot::base):
2067         * runtime/RegExpConstructor.cpp:
2068         (JSC::RegExpConstructor::RegExpConstructor):
2069         * runtime/ScopeChain.cpp:
2070         (JSC::ScopeChainNode::print):
2071         * runtime/ScopeChain.h:
2072         (JSC::ScopeChainNode::~ScopeChainNode):
2073         (JSC::ScopeChainIterator::operator*):
2074         (JSC::ScopeChainIterator::operator->):
2075         (JSC::ScopeChain::top):
2076         * runtime/ScopeChainMark.h:
2077         (JSC::ScopeChain::markAggregate):
2078         * runtime/SmallStrings.cpp:
2079         (JSC::isMarked):
2080         (JSC::SmallStrings::markChildren):
2081         * runtime/SmallStrings.h:
2082         (JSC::SmallStrings::emptyString):
2083         (JSC::SmallStrings::singleCharacterString):
2084         (JSC::SmallStrings::singleCharacterStrings):
2085         * runtime/StringConstructor.cpp:
2086         (JSC::StringConstructor::StringConstructor):
2087         * runtime/StringObject.cpp:
2088         (JSC::StringObject::StringObject):
2089         * runtime/StringObject.h:
2090         * runtime/StringPrototype.cpp:
2091         (JSC::StringPrototype::StringPrototype):
2092         * runtime/Structure.cpp:
2093         (JSC::Structure::Structure):
2094         (JSC::Structure::addPropertyTransition):
2095         (JSC::Structure::toDictionaryTransition):
2096         (JSC::Structure::flattenDictionaryStructure):
2097         * runtime/Structure.h:
2098         (JSC::Structure::storedPrototype):
2099         (JSC::Structure::storedPrototypeSlot):
2100         * runtime/WeakGCMap.h:
2101         (JSC::WeakGCMap::uncheckedGet):
2102         (JSC::WeakGCMap::uncheckedGetSlot):
2103         (JSC::WeakGCMap::isValid):
2104         (JSC::::get):
2105         (JSC::::take):
2106         (JSC::::set):
2107         (JSC::::uncheckedRemove):
2108         * runtime/WriteBarrier.h: Added.
2109         (JSC::DeprecatedPtr::DeprecatedPtr):
2110         (JSC::DeprecatedPtr::get):
2111         (JSC::DeprecatedPtr::operator*):
2112         (JSC::DeprecatedPtr::operator->):
2113         (JSC::DeprecatedPtr::slot):
2114         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2115         (JSC::DeprecatedPtr::operator!):
2116         (JSC::WriteBarrierBase::set):
2117         (JSC::WriteBarrierBase::get):
2118         (JSC::WriteBarrierBase::operator*):
2119         (JSC::WriteBarrierBase::operator->):
2120         (JSC::WriteBarrierBase::slot):
2121         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2122         (JSC::WriteBarrierBase::operator!):
2123         (JSC::WriteBarrier::WriteBarrier):
2124         (JSC::operator==):
2125
2126 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
2127
2128         Reviewed by Oliver Hunt.
2129
2130         Filter all Heap collection through a common reset function, in
2131         preparation for adding features triggered by collection.
2132         https://bugs.webkit.org/show_bug.cgi?id=53396
2133         
2134         SunSpider reports no change.
2135
2136         * runtime/Heap.cpp:
2137         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
2138         limit, just call collectAllGarbage() instead of rolling our own special
2139         way of resetting the heap. In theory, this may be slower in some cases,
2140         but it also fixes cases of pathological heap growth that we've seen,
2141         where the only objects being allocated are temporary and huge
2142         (<rdar://problem/8885843>).
2143
2144         (JSC::Heap::allocate):
2145         (JSC::Heap::collectAllGarbage): Use the shared reset function.
2146
2147         (JSC::Heap::reset):
2148         * runtime/Heap.h: Carved a new shared reset function out of the old
2149         collectAllGarbage.
2150
2151 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
2152
2153         Unreviewed, rolling out r77025.
2154         http://trac.webkit.org/changeset/77025
2155         https://bugs.webkit.org/show_bug.cgi?id=53401
2156
2157         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
2158         (Requested by Ossy on #webkit).
2159
2160         * jit/ExecutableAllocatorFixedVMPool.cpp:
2161         (JSC::FreeListEntry::FreeListEntry):
2162         (JSC::AVLTreeAbstractorForFreeList::get_less):
2163         (JSC::AVLTreeAbstractorForFreeList::set_less):
2164         (JSC::AVLTreeAbstractorForFreeList::get_greater):
2165         (JSC::AVLTreeAbstractorForFreeList::set_greater):
2166         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
2167         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
2168         (JSC::AVLTreeAbstractorForFreeList::null):
2169         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
2170         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
2171         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
2172         (JSC::reverseSortFreeListEntriesByPointer):
2173         (JSC::reverseSortCommonSizedAllocations):
2174         (JSC::FixedVMPoolAllocator::release):
2175         (JSC::FixedVMPoolAllocator::reuse):
2176         (JSC::FixedVMPoolAllocator::addToFreeList):
2177         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
2178         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2179         (JSC::FixedVMPoolAllocator::alloc):
2180         (JSC::FixedVMPoolAllocator::free):
2181         (JSC::FixedVMPoolAllocator::isValid):
2182         (JSC::FixedVMPoolAllocator::allocInternal):
2183         (JSC::FixedVMPoolAllocator::isWithinVMPool):
2184         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
2185         (JSC::ExecutableAllocator::committedByteCount):
2186         (JSC::maybeModifyVMPoolSize):
2187         (JSC::ExecutableAllocator::isValid):
2188         (JSC::ExecutableAllocator::underMemoryPressure):
2189         (JSC::ExecutablePool::systemAlloc):
2190         (JSC::ExecutablePool::systemRelease):
2191         * wtf/PageReservation.h:
2192         (WTF::PageReservation::PageReservation):
2193         (WTF::PageReservation::commit):
2194         (WTF::PageReservation::decommit):
2195
2196 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
2197
2198         Reviewed by Daniel Bates.
2199
2200         Code style issue in JavaScriptCore/wtf/CurrentTime.h
2201         https://bugs.webkit.org/show_bug.cgi?id=53394
2202
2203         According to rule #3 at http://webkit.org/coding/coding-style.html,
2204         This patch fix style issue in CurrentTime.h.
2205
2206         No functionality change, no new tests.
2207
2208         * wtf/CurrentTime.h:
2209         (WTF::currentTimeMS):
2210         (WTF::getLocalTime):
2211
2212 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
2213
2214         Reviewed by Kenneth Rohde Christiansen.
2215
2216         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
2217         https://bugs.webkit.org/show_bug.cgi?id=53377
2218
2219         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
2220         instead, we can use "-all_load" on Mac.
2221
2222         * JavaScriptCore.pri:
2223
2224 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2225
2226         Sorry Leopard bot -- I committed a change by accident.
2227
2228         * JavaScriptCore.exp: You may have your symbols back now.
2229
2230 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2231
2232         Reviewed by Cameron Zwarich.
2233
2234         Simplified Heap iteration
2235         https://bugs.webkit.org/show_bug.cgi?id=53393
2236
2237         * runtime/CollectorHeapIterator.h:
2238         (JSC::CollectorHeapIterator::isValid):
2239         (JSC::CollectorHeapIterator::isLive):
2240         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
2241         advance because it's a constant.
2242         (JSC::LiveObjectIterator::LiveObjectIterator):
2243         (JSC::LiveObjectIterator::operator++):
2244         (JSC::DeadObjectIterator::DeadObjectIterator):
2245         (JSC::DeadObjectIterator::operator++):
2246         (JSC::ObjectIterator::ObjectIterator):
2247         (JSC::ObjectIterator::operator++): Factored out common checks into
2248         two helper functions -- isValid() for "Am I past the end?" and isLive()
2249         for "Is the cell I'm pointing to live?".
2250
2251         * runtime/MarkedSpace.cpp:
2252         (JSC::MarkedSpace::freeBlock):
2253         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
2254         to the end, to avoid making sweep subtly reliant on internal Heap state.
2255         (JSC::MarkedSpace::primaryHeapBegin):
2256         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
2257         iteration begins.
2258
2259 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2260
2261         Reviewed by Cameron Zwarich.
2262
2263         Simplified heap destruction
2264         https://bugs.webkit.org/show_bug.cgi?id=53392
2265
2266         * JavaScriptCore.exp:
2267         * runtime/Heap.cpp:
2268         (JSC::Heap::destroy):
2269         * runtime/Heap.h:
2270         * runtime/MarkedSpace.cpp:
2271         (JSC::MarkedSpace::destroy):
2272         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
2273         cells last -- the difficult contortions required to do so just don't seem
2274         justified. We make no guarantees about GC protection after the client
2275         throws away JSGlobalData, and it doesn't seem like any meaningful
2276         guarantee is even possible.
2277
2278 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2279
2280         Reviewed by Maciej Stachowiak.
2281
2282         Switched heap to use the Bitmap class and removed CollectorBitmap
2283         https://bugs.webkit.org/show_bug.cgi?id=53391
2284         
2285         SunSpider says 1.005x as fast. Seems like a fluke.
2286
2287         * runtime/MarkedSpace.cpp:
2288         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
2289         rather than taking a value by reference.
2290
2291         * runtime/MarkedSpace.h: Code reuse is good.
2292
2293         * wtf/Bitmap.h:
2294         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
2295         which CollectorBitmap had. (Renamed from the less conventional "getset".)
2296
2297         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
2298         clarity. It's all the same with inlining.
2299
2300 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2301
2302         Reviewed by Maciej Stachowiak.
2303
2304         Some more Heap cleanup.
2305         https://bugs.webkit.org/show_bug.cgi?id=53357
2306         
2307         * JavaScriptCore.exp:
2308         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
2309
2310         * runtime/Heap.cpp:
2311         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
2312         reportExtraMemoryCostSlowCase to match our naming conventions.
2313
2314         (JSC::Heap::capacity): Renamed size to capacity because this function
2315         returns the capacity of the heap, including unused portions.
2316
2317         * runtime/Heap.h:
2318         (JSC::Heap::globalData):
2319         (JSC::Heap::markedSpace):
2320         (JSC::Heap::machineStackMarker):
2321         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
2322         Moved ctor and dtor to the beginning of the class definition. Grouped
2323         functions by purpose.
2324
2325         * runtime/MarkedSpace.cpp:
2326         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
2327         function returns the capacity of the heap, including unused portions.
2328
2329         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
2330         the same information can be gotten just by calling size() and capacity().
2331
2332         * runtime/MemoryStatistics.cpp:
2333         * runtime/MemoryStatistics.h: Ditto.
2334
2335 2011-01-29  Daniel Bates  <dbates@rim.com>
2336
2337         Reviewed by Eric Seidel.
2338
2339         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
2340         https://bugs.webkit.org/show_bug.cgi?id=53253
2341
2342         Make inclusion of MT19937 a policy decision.
2343
2344         Currently, we hardcoded to  use MT19937 when building for
2345         Windows CE. Instead, we should make this a policy decision
2346         with the Windows CE port using this by default.
2347
2348         * JavaScriptCore.pri: Append Source/ThirdParty to the end
2349         of the list include directories.
2350         * wtf/CMakeLists.txt: Ditto.
2351         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
2352         building for Windows CE.
2353         * wtf/RandomNumber.cpp:
2354         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
2355
2356 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
2357
2358         Reviewed by David Kilzer.
2359
2360         Bug 53374 - Remove uses of unsafe string functions in debugging code
2361         https://bugs.webkit.org/show_bug.cgi?id=53374
2362
2363         * runtime/RegExp.cpp:
2364         (JSC::RegExp::printTraceData):
2365
2366 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
2367
2368         Reviewed by Oliver Hunt.
2369
2370         JavaScriptCoreUseJIT environment variable broken
2371         https://bugs.webkit.org/show_bug.cgi?id=53372
2372
2373         * runtime/JSGlobalData.cpp:
2374         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
2375         by getenv() rather than just doing a NULL check on the return value.
2376
2377 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
2378
2379         Reviewed by David Kilzer.
2380
2381         Move CharacterNames.h into WTF directory
2382         https://bugs.webkit.org/show_bug.cgi?id=49618
2383
2384         * GNUmakefile.am:
2385         * JavaScriptCore.gypi:
2386         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
2387         * JavaScriptCore.xcodeproj/project.pbxproj:
2388         * wtf/CMakeLists.txt:
2389         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
2390         * wtf/unicode/UTF8.cpp:
2391
2392 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
2393
2394         Reviewed by Gavin Barraclough.
2395
2396         Add various clampToInt() methods to MathExtras.h
2397         https://bugs.webkit.org/show_bug.cgi?id=52910
2398         
2399         Add functions for clamping doubles and floats to valid int
2400         ranges, for signed and positive integers.
2401
2402         * wtf/MathExtras.h:
2403         (clampToInteger):
2404         (clampToPositiveInteger):
2405
2406 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2407
2408         Unreviewed, rolling out r77006 and r77020.
2409         http://trac.webkit.org/changeset/77006
2410         http://trac.webkit.org/changeset/77020
2411         https://bugs.webkit.org/show_bug.cgi?id=53360
2412
2413         "Broke Windows tests" (Requested by rniwa on #webkit).
2414
2415         * API/JSCallbackObject.h:
2416         (JSC::JSCallbackObjectData::setPrivateProperty):
2417         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2418         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2419         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2420         (JSC::JSCallbackObject::setPrivateProperty):
2421         * API/JSCallbackObjectFunctions.h:
2422         (JSC::::put):
2423         (JSC::::staticFunctionGetter):
2424         * API/JSObjectRef.cpp:
2425         (JSObjectMakeConstructor):
2426         (JSObjectSetPrivateProperty):
2427         * API/JSWeakObjectMapRefInternal.h:
2428         * JavaScriptCore.exp:
2429         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2430         * JavaScriptCore.xcodeproj/project.pbxproj:
2431         * bytecode/CodeBlock.cpp:
2432         (JSC::CodeBlock::markAggregate):
2433         * bytecode/CodeBlock.h:
2434         (JSC::CodeBlock::globalObject):
2435         * bytecompiler/BytecodeGenerator.cpp:
2436         (JSC::BytecodeGenerator::BytecodeGenerator):
2437         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2438         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2439         (JSC::BytecodeGenerator::findScopedProperty):
2440         * debugger/Debugger.cpp:
2441         (JSC::evaluateInGlobalCallFrame):
2442         * debugger/DebuggerActivation.cpp:
2443         (JSC::DebuggerActivation::DebuggerActivation):
2444         (JSC::DebuggerActivation::markChildren):
2445         * debugger/DebuggerActivation.h:
2446         * debugger/DebuggerCallFrame.cpp:
2447         (JSC::DebuggerCallFrame::evaluate):
2448         * interpreter/CallFrame.h:
2449         (JSC::ExecState::exception):
2450         * interpreter/Interpreter.cpp:
2451         (JSC::Interpreter::resolve):
2452         (JSC::Interpreter::resolveSkip):
2453         (JSC::Interpreter::resolveGlobal):
2454         (JSC::Interpreter::resolveGlobalDynamic):
2455         (JSC::Interpreter::resolveBaseAndProperty):
2456         (JSC::Interpreter::unwindCallFrame):
2457         (JSC::appendSourceToError):
2458         (JSC::Interpreter::execute):
2459         (JSC::Interpreter::tryCacheGetByID):
2460         (JSC::Interpreter::privateExecute):
2461         * jit/JITStubs.cpp:
2462         (JSC::JITThunks::tryCacheGetByID):
2463         (JSC::DEFINE_STUB_FUNCTION):
2464         * jsc.cpp:
2465         (GlobalObject::GlobalObject):
2466         * runtime/ArgList.cpp:
2467         (JSC::MarkedArgumentBuffer::markLists):
2468         * runtime/Arguments.cpp:
2469         (JSC::Arguments::markChildren):
2470         (JSC::Arguments::getOwnPropertySlot):
2471         (JSC::Arguments::getOwnPropertyDescriptor):
2472         (JSC::Arguments::put):
2473         * runtime/Arguments.h:
2474         (JSC::Arguments::setActivation):
2475         (JSC::Arguments::Arguments):
2476         * runtime/ArrayConstructor.cpp:
2477         (JSC::ArrayConstructor::ArrayConstructor):
2478         (JSC::constructArrayWithSizeQuirk):
2479         * runtime/ArrayPrototype.cpp:
2480         (JSC::arrayProtoFuncSplice):
2481         * runtime/BatchedTransitionOptimizer.h:
2482         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2483         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2484         * runtime/BooleanConstructor.cpp:
2485         (JSC::BooleanConstructor::BooleanConstructor):
2486         (JSC::constructBoolean):
2487         (JSC::constructBooleanFromImmediateBoolean):
2488         * runtime/BooleanPrototype.cpp:
2489         (JSC::BooleanPrototype::BooleanPrototype):
2490         * runtime/ConservativeSet.cpp:
2491         (JSC::ConservativeSet::grow):
2492         * runtime/ConservativeSet.h:
2493         (JSC::ConservativeSet::~ConservativeSet):
2494         (JSC::ConservativeSet::mark):
2495         * runtime/DateConstructor.cpp:
2496         (JSC::DateConstructor::DateConstructor):
2497         * runtime/DateInstance.cpp:
2498         (JSC::DateInstance::DateInstance):
2499         * runtime/DatePrototype.cpp:
2500         (JSC::dateProtoFuncSetTime):
2501         (JSC::setNewValueFromTimeArgs):
2502         (JSC::setNewValueFromDateArgs):
2503         (JSC::dateProtoFuncSetYear):
2504         * runtime/ErrorConstructor.cpp:
2505         (JSC::ErrorConstructor::ErrorConstructor):
2506         * runtime/ErrorInstance.cpp:
2507         (JSC::ErrorInstance::ErrorInstance):
2508         * runtime/ErrorPrototype.cpp:
2509         (JSC::ErrorPrototype::ErrorPrototype):
2510         * runtime/FunctionConstructor.cpp:
2511         (JSC::FunctionConstructor::FunctionConstructor):
2512         * runtime/FunctionPrototype.cpp:
2513         (JSC::FunctionPrototype::FunctionPrototype):
2514         * runtime/GetterSetter.cpp:
2515         (JSC::GetterSetter::markChildren):
2516         * runtime/GetterSetter.h:
2517         (JSC::GetterSetter::GetterSetter):
2518         (JSC::GetterSetter::getter):
2519         (JSC::GetterSetter::setGetter):
2520         (JSC::GetterSetter::setter):
2521         (JSC::GetterSetter::setSetter):
2522         * runtime/GlobalEvalFunction.cpp:
2523         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2524         (JSC::GlobalEvalFunction::markChildren):
2525         * runtime/GlobalEvalFunction.h:
2526         (JSC::GlobalEvalFunction::cachedGlobalObject):
2527         * runtime/Heap.cpp:
2528         (JSC::Heap::markProtectedObjects):
2529         (JSC::Heap::markTempSortVectors):
2530         (JSC::Heap::markRoots):
2531         * runtime/InternalFunction.cpp:
2532         (JSC::InternalFunction::InternalFunction):
2533         * runtime/JSAPIValueWrapper.h:
2534         (JSC::JSAPIValueWrapper::value):
2535         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2536         * runtime/JSActivation.cpp:
2537         (JSC::JSActivation::markChildren):
2538         (JSC::JSActivation::put):
2539         * runtime/JSArray.cpp:
2540         (JSC::JSArray::JSArray):
2541         (JSC::JSArray::getOwnPropertySlot):
2542         (JSC::JSArray::getOwnPropertyDescriptor):
2543         (JSC::JSArray::put):
2544         (JSC::JSArray::putSlowCase):
2545         (JSC::JSArray::deleteProperty):
2546         (JSC::JSArray::increaseVectorLength):
2547         (JSC::JSArray::setLength):
2548         (JSC::JSArray::pop):
2549         (JSC::JSArray::push):
2550         (JSC::JSArray::unshiftCount):
2551         (JSC::JSArray::sort):
2552         (JSC::JSArray::fillArgList):
2553         (JSC::JSArray::copyToRegisters):
2554         (JSC::JSArray::compactForSorting):
2555         * runtime/JSArray.h:
2556         (JSC::JSArray::getIndex):
2557         (JSC::JSArray::setIndex):
2558         (JSC::JSArray::uncheckedSetIndex):
2559         (JSC::JSArray::markChildrenDirect):
2560         * runtime/JSByteArray.cpp:
2561         (JSC::JSByteArray::JSByteArray):
2562         * runtime/JSCell.h:
2563         (JSC::JSCell::JSValue::toThisObject):
2564         (JSC::JSCell::MarkStack::append):
2565         * runtime/JSFunction.cpp:
2566         (JSC::JSFunction::JSFunction):
2567         (JSC::JSFunction::getOwnPropertySlot):
2568         * runtime/JSGlobalData.h:
2569         * runtime/JSGlobalObject.cpp:
2570         (JSC::markIfNeeded):
2571         (JSC::JSGlobalObject::reset):
2572         (JSC::JSGlobalObject::resetPrototype):
2573         (JSC::JSGlobalObject::markChildren):
2574         * runtime/JSGlobalObject.h:
2575         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2576         (JSC::JSGlobalObject::regExpConstructor):
2577         (JSC::JSGlobalObject::errorConstructor):
2578         (JSC::JSGlobalObject::evalErrorConstructor):
2579         (JSC::JSGlobalObject::rangeErrorConstructor):
2580         (JSC::JSGlobalObject::referenceErrorConstructor):
2581         (JSC::JSGlobalObject::syntaxErrorConstructor):
2582         (JSC::JSGlobalObject::typeErrorConstructor):
2583         (JSC::JSGlobalObject::URIErrorConstructor):
2584         (JSC::JSGlobalObject::evalFunction):
2585         (JSC::JSGlobalObject::objectPrototype):
2586         (JSC::JSGlobalObject::functionPrototype):
2587         (JSC::JSGlobalObject::arrayPrototype):
2588         (JSC::JSGlobalObject::booleanPrototype):
2589         (JSC::JSGlobalObject::stringPrototype):
2590         (JSC::JSGlobalObject::numberPrototype):
2591         (JSC::JSGlobalObject::datePrototype):
2592         (JSC::JSGlobalObject::regExpPrototype):
2593         (JSC::JSGlobalObject::methodCallDummy):
2594         (JSC::Structure::prototypeForLookup):
2595         (JSC::constructArray):
2596         * runtime/JSONObject.cpp:
2597         (JSC::Stringifier::Holder::object):
2598         (JSC::Stringifier::markAggregate):
2599         (JSC::Stringifier::stringify):
2600         (JSC::Stringifier::Holder::appendNextProperty):
2601         (JSC::Walker::callReviver):
2602         (JSC::Walker::walk):
2603         * runtime/JSObject.cpp:
2604         (JSC::JSObject::defineGetter):
2605         (JSC::JSObject::defineSetter):
2606         (JSC::JSObject::removeDirect):
2607         (JSC::JSObject::putDirectFunction):
2608         (JSC::JSObject::putDirectFunctionWithoutTransition):
2609         (JSC::putDescriptor):
2610         (JSC::JSObject::defineOwnProperty):
2611         * runtime/JSObject.h:
2612         (JSC::JSObject::getDirectOffset):
2613         (JSC::JSObject::putDirectOffset):
2614         (JSC::JSObject::flattenDictionaryObject):
2615         (JSC::JSObject::putDirectInternal):
2616         (JSC::JSObject::putDirect):
2617         (JSC::JSObject::putDirectFunction):
2618         (JSC::JSObject::putDirectWithoutTransition):
2619         (JSC::JSObject::putDirectFunctionWithoutTransition):
2620         (JSC::JSValue::putDirect):
2621         (JSC::JSObject::allocatePropertyStorageInline):
2622         (JSC::JSObject::markChildrenDirect):
2623         * runtime/JSPropertyNameIterator.cpp:
2624         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2625         (JSC::JSPropertyNameIterator::get):
2626         * runtime/JSPropertyNameIterator.h:
2627         * runtime/JSStaticScopeObject.cpp:
2628         (JSC::JSStaticScopeObject::markChildren):
2629         * runtime/JSString.cpp:
2630         (JSC::StringObject::create):
2631         * runtime/JSValue.h:
2632         * runtime/JSWrapperObject.cpp:
2633         (JSC::JSWrapperObject::markChildren):
2634         * runtime/JSWrapperObject.h:
2635         (JSC::JSWrapperObject::internalValue):
2636         (JSC::JSWrapperObject::setInternalValue):
2637         * runtime/LiteralParser.cpp:
2638         (JSC::LiteralParser::parse):
2639         * runtime/Lookup.cpp:
2640         (JSC::setUpStaticFunctionSlot):
2641         * runtime/Lookup.h:
2642         (JSC::lookupPut):
2643         * runtime/MarkStack.h:
2644         (JSC::MarkStack::appendValues):
2645         * runtime/MathObject.cpp:
2646         (JSC::MathObject::MathObject):
2647         * runtime/NativeErrorConstructor.cpp:
2648         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2649         * runtime/NativeErrorPrototype.cpp:
2650         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2651         * runtime/NumberConstructor.cpp:
2652         (JSC::NumberConstructor::NumberConstructor):
2653         (JSC::constructWithNumberConstructor):
2654         * runtime/NumberObject.cpp:
2655         (JSC::constructNumber):
2656         * runtime/NumberPrototype.cpp:
2657         (JSC::NumberPrototype::NumberPrototype):
2658         * runtime/ObjectConstructor.cpp:
2659         (JSC::ObjectConstructor::ObjectConstructor):
2660         (JSC::objectConstructorGetOwnPropertyDescriptor):
2661         * runtime/Operations.h:
2662         (JSC::normalizePrototypeChain):
2663         (JSC::resolveBase):
2664         * runtime/PrototypeFunction.cpp:
2665         (JSC::PrototypeFunction::PrototypeFunction):
2666         * runtime/PutPropertySlot.h:
2667         (JSC::PutPropertySlot::setExistingProperty):
2668         (JSC::PutPropertySlot::setNewProperty):
2669         (JSC::PutPropertySlot::base):
2670         * runtime/RegExpConstructor.cpp:
2671         (JSC::RegExpConstructor::RegExpConstructor):
2672         * runtime/ScopeChain.cpp:
2673         (JSC::ScopeChainNode::print):
2674         * runtime/ScopeChain.h:
2675         (JSC::ScopeChainNode::~ScopeChainNode):
2676         (JSC::ScopeChainIterator::operator*):
2677         (JSC::ScopeChainIterator::operator->):
2678         (JSC::ScopeChain::top):
2679         * runtime/ScopeChainMark.h:
2680         (JSC::ScopeChain::markAggregate):
2681         * runtime/SmallStrings.cpp:
2682         (JSC::isMarked):
2683         (JSC::SmallStrings::markChildren):
2684         * runtime/SmallStrings.h:
2685         (JSC::SmallStrings::emptyString):
2686         (JSC::SmallStrings::singleCharacterString):
2687         (JSC::SmallStrings::singleCharacterStrings):
2688         * runtime/StringConstructor.cpp:
2689         (JSC::StringConstructor::StringConstructor):
2690         * runtime/StringObject.cpp:
2691         (JSC::StringObject::StringObject):
2692         * runtime/StringObject.h:
2693         * runtime/StringPrototype.cpp:
2694         (JSC::StringPrototype::StringPrototype):
2695         * runtime/Structure.cpp:
2696         (JSC::Structure::Structure):
2697         (JSC::Structure::addPropertyTransition):
2698         (JSC::Structure::toDictionaryTransition):
2699         (JSC::Structure::flattenDictionaryStructure):
2700         * runtime/Structure.h:
2701         (JSC::Structure::storedPrototype):
2702         * runtime/WeakGCMap.h:
2703         (JSC::WeakGCMap::uncheckedGet):
2704         (JSC::WeakGCMap::isValid):
2705         (JSC::::get):
2706         (JSC::::take):
2707         (JSC::::set):
2708         (JSC::::uncheckedRemove):
2709         * runtime/WriteBarrier.h: Removed.
2710
2711 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2712
2713         Reviewed by Geoff Garen.
2714
2715         https://bugs.webkit.org/show_bug.cgi?id=53352
2716         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2717
2718         The FixedVMPoolAllocator currently uses a best fix policy -
2719         switch to first fit, this is less prone to external fragmentation.
2720
2721         * jit/ExecutableAllocatorFixedVMPool.cpp:
2722         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2723         (JSC::AllocationTableSizeClass::blockSize):
2724         (JSC::AllocationTableSizeClass::blockCount):
2725         (JSC::AllocationTableSizeClass::blockAlignment):
2726         (JSC::AllocationTableSizeClass::size):
2727         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2728         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2729         (JSC::AllocationTableLeaf::allocate):
2730         (JSC::AllocationTableLeaf::free):
2731         (JSC::AllocationTableLeaf::isEmpty):
2732         (JSC::AllocationTableLeaf::isFull):
2733         (JSC::AllocationTableLeaf::size):
2734         (JSC::AllocationTableLeaf::classForSize):
2735         (JSC::AllocationTableLeaf::dump):
2736         (JSC::LazyAllocationTable::LazyAllocationTable):
2737         (JSC::LazyAllocationTable::~LazyAllocationTable):
2738         (JSC::LazyAllocationTable::allocate):
2739         (JSC::LazyAllocationTable::free):
2740         (JSC::LazyAllocationTable::isEmpty):
2741         (JSC::LazyAllocationTable::isFull):
2742         (JSC::LazyAllocationTable::size):
2743         (JSC::LazyAllocationTable::dump):
2744         (JSC::LazyAllocationTable::classForSize):
2745         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2746         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2747         (JSC::AllocationTableDirectory::allocate):
2748         (JSC::AllocationTableDirectory::free):
2749         (JSC::AllocationTableDirectory::isEmpty):
2750         (JSC::AllocationTableDirectory::isFull):
2751         (JSC::AllocationTableDirectory::size):
2752         (JSC::AllocationTableDirectory::classForSize):
2753         (JSC::AllocationTableDirectory::dump):
2754         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2755         (JSC::FixedVMPoolAllocator::alloc):
2756         (JSC::FixedVMPoolAllocator::free):
2757         (JSC::FixedVMPoolAllocator::allocated):
2758         (JSC::FixedVMPoolAllocator::isValid):
2759         (JSC::FixedVMPoolAllocator::classForSize):
2760         (JSC::FixedVMPoolAllocator::offsetToPointer):
2761         (JSC::FixedVMPoolAllocator::pointerToOffset):
2762         (JSC::ExecutableAllocator::committedByteCount):
2763         (JSC::ExecutableAllocator::isValid):
2764         (JSC::ExecutableAllocator::underMemoryPressure):
2765         (JSC::ExecutablePool::systemAlloc):
2766         (JSC::ExecutablePool::systemRelease):
2767         * wtf/PageReservation.h:
2768         (WTF::PageReservation::PageReservation):
2769         (WTF::PageReservation::commit):
2770         (WTF::PageReservation::decommit):
2771         (WTF::PageReservation::committed):
2772
2773 2011-01-27  Oliver Hunt  <oliver@apple.com>
2774
2775         Reviewed by Geoffrey Garen.
2776
2777         Convert markstack to a slot visitor API
2778         https://bugs.webkit.org/show_bug.cgi?id=53219
2779
2780         Move the MarkStack over to a slot based marking API.
2781
2782         In order to avoiding aliasing concerns there are two new types
2783         that need to be used when holding on to JSValues and JSCell that
2784         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2785         is expected to be used for any JSValue or Cell that's lifetime and
2786         marking is controlled by another GC object.  DeprecatedPtr is used
2787         for any value that we need to rework ownership for.
2788
2789         The change over to this model has produced a large amount of
2790         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2791         etc).
2792
2793         * API/JSCallbackObject.h:
2794         (JSC::JSCallbackObjectData::setPrivateProperty):
2795         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2796         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2797         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2798         (JSC::JSCallbackObject::setPrivateProperty):
2799         * API/JSCallbackObjectFunctions.h:
2800         (JSC::::put):
2801         (JSC::::staticFunctionGetter):
2802         * API/JSObjectRef.cpp:
2803         (JSObjectMakeConstructor):
2804         (JSObjectSetPrivateProperty):
2805         * API/JSWeakObjectMapRefInternal.h:
2806         * JavaScriptCore.exp:
2807         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2808         * JavaScriptCore.xcodeproj/project.pbxproj:
2809         * bytecode/CodeBlock.cpp:
2810         (JSC::CodeBlock::markAggregate):
2811         * bytecode/CodeBlock.h:
2812         (JSC::CodeBlock::globalObject):
2813         * bytecompiler/BytecodeGenerator.cpp:
2814         (JSC::BytecodeGenerator::BytecodeGenerator):
2815         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2816         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2817         (JSC::BytecodeGenerator::findScopedProperty):
2818         * debugger/DebuggerActivation.cpp:
2819         (JSC::DebuggerActivation::DebuggerActivation):
2820         (JSC::DebuggerActivation::markChildren):
2821         * debugger/DebuggerActivation.h:
2822         * interpreter/Interpreter.cpp:
2823         (JSC::Interpreter::resolve):
2824         (JSC::Interpreter::resolveSkip):
2825         (JSC::Interpreter::resolveGlobalDynamic):
2826         (JSC::Interpreter::resolveBaseAndProperty):
2827         (JSC::Interpreter::unwindCallFrame):
2828         (JSC::appendSourceToError):
2829         (JSC::Interpreter::execute):
2830         (JSC::Interpreter::privateExecute):
2831         * interpreter/Register.h:
2832         (JSC::Register::jsValueSlot):
2833         * jit/JITStubs.cpp:
2834         (JSC::JITThunks::tryCacheGetByID):
2835         (JSC::DEFINE_STUB_FUNCTION):
2836         * jsc.cpp:
2837         (GlobalObject::GlobalObject):
2838         * runtime/Arguments.cpp:
2839         (JSC::Arguments::markChildren):
2840         (JSC::Arguments::getOwnPropertySlot):
2841         (JSC::Arguments::getOwnPropertyDescriptor):
2842         (JSC::Arguments::put):
2843         * runtime/Arguments.h:
2844         (JSC::Arguments::setActivation):
2845         (JSC::Arguments::Arguments):
2846         * runtime/ArrayConstructor.cpp:
2847         (JSC::ArrayConstructor::ArrayConstructor):
2848         (JSC::constructArrayWithSizeQuirk):
2849         * runtime/ArrayPrototype.cpp:
2850         (JSC::arrayProtoFuncSplice):
2851         * runtime/BatchedTransitionOptimizer.h:
2852         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2853         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2854         * runtime/BooleanConstructor.cpp:
2855         (JSC::BooleanConstructor::BooleanConstructor):
2856         (JSC::constructBoolean):
2857         (JSC::constructBooleanFromImmediateBoolean):
2858         * runtime/BooleanPrototype.cpp:
2859         (JSC::BooleanPrototype::BooleanPrototype):
2860         * runtime/ConservativeSet.h:
2861         (JSC::ConservativeSet::mark):
2862         * runtime/DateConstructor.cpp:
2863         (JSC::DateConstructor::DateConstructor):
2864         * runtime/DateInstance.cpp:
2865         (JSC::DateInstance::DateInstance):
2866         * runtime/DatePrototype.cpp:
2867         (JSC::dateProtoFuncSetTime):
2868         (JSC::setNewValueFromTimeArgs):
2869         (JSC::setNewValueFromDateArgs):
2870         (JSC::dateProtoFuncSetYear):
2871         * runtime/ErrorConstructor.cpp:
2872         (JSC::ErrorConstructor::ErrorConstructor):
2873         * runtime/ErrorInstance.cpp:
2874         (JSC::ErrorInstance::ErrorInstance):
2875         * runtime/ErrorPrototype.cpp:
2876         (JSC::ErrorPrototype::ErrorPrototype):
2877         * runtime/FunctionConstructor.cpp:
2878         (JSC::FunctionConstructor::FunctionConstructor):
2879         * runtime/FunctionPrototype.cpp:
2880         (JSC::FunctionPrototype::FunctionPrototype):
2881         * runtime/GetterSetter.cpp:
2882         (JSC::GetterSetter::markChildren):
2883         * runtime/GetterSetter.h:
2884         (JSC::GetterSetter::GetterSetter):
2885         (JSC::GetterSetter::getter):
2886         (JSC::GetterSetter::setGetter):
2887         (JSC::GetterSetter::setter):
2888         (JSC::GetterSetter::setSetter):
2889         * runtime/GlobalEvalFunction.cpp:
2890         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2891         (JSC::GlobalEvalFunction::markChildren):
2892         * runtime/GlobalEvalFunction.h:
2893         (JSC::GlobalEvalFunction::cachedGlobalObject):
2894         * runtime/Heap.cpp:
2895         (JSC::Heap::markProtectedObjects):
2896         (JSC::Heap::markTempSortVectors):
2897         (JSC::Heap::markRoots):
2898         * runtime/InternalFunction.cpp:
2899         (JSC::InternalFunction::InternalFunction):
2900         * runtime/JSAPIValueWrapper.h:
2901         (JSC::JSAPIValueWrapper::value):
2902         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2903         * runtime/JSActivation.cpp:
2904         (JSC::JSActivation::put):
2905         * runtime/JSArray.cpp:
2906         (JSC::JSArray::JSArray):
2907         (JSC::JSArray::getOwnPropertySlot):
2908         (JSC::JSArray::getOwnPropertyDescriptor):
2909         (JSC::JSArray::put):
2910         (JSC::JSArray::putSlowCase):
2911         (JSC::JSArray::deleteProperty):
2912         (JSC::JSArray::increaseVectorLength):
2913         (JSC::JSArray::setLength):
2914         (JSC::JSArray::pop):
2915         (JSC::JSArray::push):
2916         (JSC::JSArray::unshiftCount):
2917         (JSC::JSArray::sort):
2918         (JSC::JSArray::fillArgList):
2919         (JSC::JSArray::copyToRegisters):
2920         (JSC::JSArray::compactForSorting):
2921         * runtime/JSArray.h:
2922         (JSC::JSArray::getIndex):
2923         (JSC::JSArray::setIndex):
2924         (JSC::JSArray::uncheckedSetIndex):
2925         (JSC::JSArray::markChildrenDirect):
2926         * runtime/JSByteArray.cpp:
2927         (JSC::JSByteArray::JSByteArray):
2928         * runtime/JSCell.h:
2929         (JSC::JSCell::MarkStack::append):
2930         (JSC::JSCell::MarkStack::appendCell):
2931         * runtime/JSFunction.cpp:
2932         (JSC::JSFunction::JSFunction):
2933         (JSC::JSFunction::getOwnPropertySlot):
2934         * runtime/JSGlobalObject.cpp:
2935         (JSC::markIfNeeded):
2936         (JSC::JSGlobalObject::reset):
2937         (JSC::JSGlobalObject::resetPrototype):
2938         (JSC::JSGlobalObject::markChildren):
2939         * runtime/JSGlobalObject.h:
2940         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2941         (JSC::JSGlobalObject::regExpConstructor):
2942         (JSC::JSGlobalObject::errorConstructor):
2943         (JSC::JSGlobalObject::evalErrorConstructor):
2944         (JSC::JSGlobalObject::rangeErrorConstructor):
2945         (JSC::JSGlobalObject::referenceErrorConstructor):
2946         (JSC::JSGlobalObject::syntaxErrorConstructor):
2947         (JSC::JSGlobalObject::typeErrorConstructor):
2948         (JSC::JSGlobalObject::URIErrorConstructor):
2949         (JSC::JSGlobalObject::evalFunction):
2950         (JSC::JSGlobalObject::objectPrototype):
2951         (JSC::JSGlobalObject::functionPrototype):
2952         (JSC::JSGlobalObject::arrayPrototype):
2953         (JSC::JSGlobalObject::booleanPrototype):
2954         (JSC::JSGlobalObject::stringPrototype):
2955         (JSC::JSGlobalObject::numberPrototype):
2956         (JSC::JSGlobalObject::datePrototype):
2957         (JSC::JSGlobalObject::regExpPrototype):
2958         (JSC::JSGlobalObject::methodCallDummy):
2959         (JSC::constructArray):
2960         * runtime/JSONObject.cpp:
2961         (JSC::Stringifier::Holder::object):
2962         (JSC::Stringifier::Holder::objectSlot):
2963         (JSC::Stringifier::markAggregate):
2964         (JSC::Stringifier::stringify):
2965         (JSC::Stringifier::Holder::appendNextProperty):
2966         (JSC::Walker::callReviver):
2967         (JSC::Walker::walk):
2968         * runtime/JSObject.cpp:
2969         (JSC::JSObject::defineGetter):
2970         (JSC::JSObject::defineSetter):
2971         (JSC::JSObject::removeDirect):
2972         (JSC::JSObject::putDirectFunction):
2973         (JSC::JSObject::putDirectFunctionWithoutTransition):
2974         (JSC::putDescriptor):
2975         (JSC::JSObject::defineOwnProperty):
2976         * runtime/JSObject.h:
2977         (JSC::JSObject::putDirectOffset):
2978         (JSC::JSObject::putUndefinedAtDirectOffset):
2979         (JSC::JSObject::flattenDictionaryObject):
2980         (JSC::JSObject::putDirectInternal):
2981         (JSC::JSObject::putDirect):
2982         (JSC::JSObject::putDirectFunction):
2983         (JSC::JSObject::putDirectWithoutTransition):
2984         (JSC::JSObject::putDirectFunctionWithoutTransition):
2985         (JSC::JSValue::putDirect):
2986         (JSC::JSObject::allocatePropertyStorageInline):
2987         (JSC::JSObject::markChildrenDirect):
2988         * runtime/JSStaticScopeObject.cpp:
2989         (JSC::JSStaticScopeObject::markChildren):
2990         * runtime/JSString.cpp:
2991         (JSC::StringObject::create):
2992         * runtime/JSValue.h:
2993         * runtime/JSWrapperObject.cpp:
2994         (JSC::JSWrapperObject::markChildren):
2995         * runtime/JSWrapperObject.h:
2996         (JSC::JSWrapperObject::internalValue):
2997         (JSC::JSWrapperObject::setInternalValue):
2998         * runtime/LiteralParser.cpp:
2999         (JSC::LiteralParser::parse):
3000         * runtime/Lookup.cpp:
3001         (JSC::setUpStaticFunctionSlot):
3002         * runtime/Lookup.h:
3003         (JSC::lookupPut):
3004         * runtime/MarkStack.h:
3005         * runtime/MathObject.cpp:
3006         (JSC::MathObject::MathObject):
3007         * runtime/NativeErrorConstructor.cpp:
3008         (JSC::NativeErrorConstructor::NativeErrorConstructor):
3009         * runtime/NativeErrorPrototype.cpp:
3010         (JSC::NativeErrorPrototype::NativeErrorPrototype):
3011         * runtime/NumberConstructor.cpp:
3012         (JSC::NumberConstructor::NumberConstructor):
3013         (JSC::constructWithNumberConstructor):
3014         * runtime/NumberObject.cpp:
3015         (JSC::constructNumber):
3016         * runtime/NumberPrototype.cpp:
3017         (JSC::NumberPrototype::NumberPrototype):
3018         * runtime/ObjectConstructor.cpp:
3019         (JSC::ObjectConstructor::ObjectConstructor):
3020         (JSC::objectConstructorGetOwnPropertyDescriptor):
3021         * runtime/Operations.h:
3022         (JSC::normalizePrototypeChain):
3023         (JSC::resolveBase):
3024         * runtime/PrototypeFunction.cpp:
3025         (JSC::PrototypeFunction::PrototypeFunction):
3026         * runtime/PutPropertySlot.h:
3027         (JSC::PutPropertySlot::setExistingProperty):
3028         (JSC::PutPropertySlot::setNewProperty):
3029         (JSC::PutPropertySlot::base):
3030         * runtime/RegExpConstructor.cpp:
3031         (JSC::RegExpConstructor::RegExpConstructor):
3032         * runtime/ScopeChain.cpp:
3033         (JSC::ScopeChainNode::print):
3034         * runtime/ScopeChain.h:
3035         (JSC::ScopeChainNode::~ScopeChainNode):
3036         (JSC::ScopeChainIterator::operator*):
3037         (JSC::ScopeChainIterator::operator->):
3038         (JSC::ScopeChain::top):
3039         * runtime/ScopeChainMark.h:
3040         (JSC::ScopeChain::markAggregate):
3041         * runtime/SmallStrings.cpp:
3042         (JSC::isMarked):
3043         (JSC::SmallStrings::markChildren):
3044         * runtime/SmallStrings.h:
3045         (JSC::SmallStrings::emptyString):
3046         (JSC::SmallStrings::singleCharacterString):
3047         (JSC::SmallStrings::singleCharacterStrings):
3048         * runtime/StringConstructor.cpp:
3049         (JSC::StringConstructor::StringConstructor):
3050         * runtime/StringObject.cpp:
3051         (JSC::StringObject::StringObject):
3052         * runtime/StringObject.h:
3053         * runtime/StringPrototype.cpp:
3054         (JSC::StringPrototype::StringPrototype):
3055         * runtime/Structure.cpp:
3056         (JSC::Structure::flattenDictionaryStructure):
3057         * runtime/Structure.h:
3058         (JSC::Structure::storedPrototypeSlot):
3059         * runtime/WeakGCMap.h:
3060         (JSC::WeakGCMap::uncheckedGet):
3061         (JSC::WeakGCMap::uncheckedGetSlot):
3062         (JSC::::get):
3063         (JSC::::take):
3064         (JSC::::set):
3065         (JSC::::uncheckedRemove):
3066         * runtime/WriteBarrier.h: Added.
3067         (JSC::DeprecatedPtr::DeprecatedPtr):
3068         (JSC::DeprecatedPtr::get):
3069         (JSC::DeprecatedPtr::operator*):
3070         (JSC::DeprecatedPtr::operator->):
3071         (JSC::DeprecatedPtr::slot):
3072         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
3073         (JSC::DeprecatedPtr::operator!):
3074         (JSC::WriteBarrierBase::set):
3075         (JSC::WriteBarrierBase::get):
3076         (JSC::WriteBarrierBase::operator*):
3077         (JSC::WriteBarrierBase::operator->):
3078         (JSC::WriteBarrierBase::slot):
3079         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
3080         (JSC::WriteBarrierBase::operator!):
3081         (JSC::WriteBarrier::WriteBarrier):
3082         (JSC::operator==):
3083
3084 2011-01-28  Adam Roben  <aroben@apple.com>
3085
3086         Chromium build fix after r76967
3087
3088         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
3089         similar macros in this file.
3090
3091 2011-01-28  Michael Saboff  <msaboff@apple.com>
3092
3093         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3094         https://bugs.webkit.org/show_bug.cgi?id=53271
3095
3096         Reapplying this this change.  No change from prior patch in
3097         JavaScriptCore.
3098
3099         Added new isValid() methods to check if a contained object in
3100         a WeakGCMap is valid when using an unchecked iterator.
3101
3102         * runtime/WeakGCMap.h:
3103         (JSC::WeakGCMap::isValid):
3104
3105 2011-01-27  Adam Roben  <aroben@apple.com>
3106
3107         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
3108         function
3109
3110         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
3111         Win32 event
3112
3113         Reviewed by Dave Hyatt.
3114
3115         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
3116
3117         * wtf/ThreadingPrimitives.h: Declare the new function.
3118
3119         * wtf/ThreadingWin.cpp:
3120         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
3121         interval from here...
3122         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
3123
3124 2011-01-28  Sam Weinig  <sam@webkit.org>
3125
3126         Reviewed by Maciej Stachowiak.
3127
3128         Add basic rubber banding support
3129         <rdar://problem/8219429>
3130         https://bugs.webkit.org/show_bug.cgi?id=53277
3131
3132         * wtf/Platform.h: Add ENABLE for rubber banding.
3133
3134 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3135
3136         Unreviewed, rolling out r76893.
3137         http://trac.webkit.org/changeset/76893
3138         https://bugs.webkit.org/show_bug.cgi?id=53287
3139
3140         It made some tests crash on GTK and Qt debug bots (Requested
3141         by Ossy on #webkit).
3142
3143         * runtime/WeakGCMap.h:
3144
3145 2011-01-27  Adam Barth  <abarth@webkit.org>
3146
3147         Reviewed by Eric Seidel.
3148
3149         Add WTFString method to compare equality with Vector<UChar>
3150         https://bugs.webkit.org/show_bug.cgi?id=53266
3151
3152         I'm planning to use this method in the new XSS filter implementation,
3153         but it seems generally useful.
3154
3155         * wtf/text/StringImpl.h:
3156         (WTF::equalIgnoringNullity):
3157         * wtf/text/WTFString.h:
3158         (WTF::equalIgnoringNullity):
3159
3160 2011-01-27  Michael Saboff  <msaboff@apple.com>
3161
3162         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3163         https://bugs.webkit.org/show_bug.cgi?id=53271
3164
3165         Added new isValid() methods to check if a contained object in
3166         a WeakGCMap is valid when using an unchecked iterator.
3167
3168         * runtime/WeakGCMap.h:
3169         (JSC::WeakGCMap::isValid):
3170
3171 2011-01-26  Sam Weinig  <sam@webkit.org>
3172
3173         Reviewed by Maciej Stachowiak.
3174
3175         Add events to represent the start/end of a gesture scroll
3176         https://bugs.webkit.org/show_bug.cgi?id=53215
3177
3178         * wtf/Platform.h: Add ENABLE for gesture events. 
3179
3180 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
3181
3182         Reviewed by Laszlo Gombos.
3183
3184         [Qt][Symbian] Fix --minimal build
3185         https://bugs.webkit.org/show_bug.cgi?id=52839
3186
3187         Move definition of USE_SYSTEM_MALLOC out of pri file.
3188         Put it in platform.h instead.
3189
3190         * wtf/Platform.h:
3191         * wtf/TCSystemAlloc.cpp:
3192         * wtf/wtf.pri:
3193
3194 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
3195
3196         Reviewed by Andreas Kling.
3197
3198         [WINCE] Add JIT support to build system
3199         https://bugs.webkit.org/show_bug.cgi?id=53079
3200
3201         * CMakeListsWinCE.txt:
3202
3203 2011-01-25  Adam Roben  <aroben@apple.com>
3204
3205         Windows Production build fix
3206
3207         Reviewed by Steve Falkenburg.
3208
3209         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
3210         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
3211         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
3212
3213 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
3214
3215         Rubber-stamped by Adam Roben.
3216
3217         Windows production build fix.
3218         Use correct environment variable escaping
3219
3220         * JavaScriptCore.vcproj/JavaScriptCore.make:
3221         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
3222
3223 2011-01-25  Oliver Hunt  <oliver@apple.com>
3224
3225         Reviewed by Gavin Barraclough.
3226
3227         JSON.stringify processing time exponentially grows with size of object
3228         https://bugs.webkit.org/show_bug.cgi?id=51922
3229
3230         Remove last use of reserveCapacity from JSON stringification, as it results
3231         in appalling append behaviour when there are a large number of property names
3232         and nothing else.
3233
3234         * runtime/JSONObject.cpp:
3235         (JSC::Stringifier::appendQuotedString):
3236
3237 2011-01-25  Antti Koivisto  <antti@apple.com>
3238
3239         Not reviewed.
3240         
3241         Try to fix windows build.
3242
3243         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3244
3245 2011-01-25  Antti Koivisto  <antti@apple.com>
3246
3247         Reviewed by Oliver Hunt.
3248
3249         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
3250         https://bugs.webkit.org/show_bug.cgi?id=53061
3251          
3252         Cache did not know about the subclass so failed to fully delete the items. 
3253         Got rid of the subclass and moved the classes to separate files.
3254
3255         * CMakeLists.txt:
3256         * GNUmakefile.am:
3257         * JavaScriptCore.exp:
3258         * JavaScriptCore.gypi:
3259         * JavaScriptCore.pro:
3260         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3261         * JavaScriptCore.xcodeproj/project.pbxproj:
3262         * parser/JSParser.cpp:
3263         (JSC::JSParser::Scope::saveFunctionInfo):
3264         (JSC::JSParser::Scope::restoreFunctionInfo):
3265         (JSC::JSParser::findCachedFunctionInfo):
3266         (JSC::JSParser::parseFunctionInfo):
3267         * parser/SourceProvider.h:
3268         * parser/SourceProviderCache.cpp: Added.
3269         (JSC::SourceProviderCache::~SourceProviderCache):
3270         (JSC::SourceProviderCache::byteSize):
3271         * parser/SourceProviderCache.h: Added.
3272         (JSC::SourceProviderCache::SourceProviderCache):
3273         (JSC::SourceProviderCache::add):
3274         (JSC::SourceProviderCache::get):
3275         * parser/SourceProviderCacheItem.h: Added.
3276         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
3277         (JSC::SourceProviderCacheItem::approximateByteSize):
3278         (JSC::SourceProviderCacheItem::closeBraceToken):
3279
3280 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
3281
3282         Reviewed by Darin Adler.
3283
3284         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
3285         statement
3286         https://bugs.webkit.org/show_bug.cgi?id=53087.
3287
3288         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
3289         with a "return" so that the code is more readable and less error pro
3290         (e.g., "else" doesn't use braces so adding extra lines to the else
3291         block won't have any effect; even worse, code still compiles
3292         successfully.
3293
3294         * wtf/Assertions.cpp:
3295
3296 2011-01-24  Chris Marrin  <cmarrin@apple.com>
3297
3298         Reviewed by Eric Seidel.
3299
3300         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
3301         https://bugs.webkit.org/show_bug.cgi?id=53041
3302
3303         * Configurations/FeatureDefines.xcconfig:
3304
3305 2011-01-25  Adam Roben  <aroben@apple.com>
3306
3307         Windows Production build fix
3308
3309         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
3310
3311 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
3312
3313         Reviewed by Eric Seidel.
3314
3315         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
3316         https://bugs.webkit.org/show_bug.cgi?id=52949
3317
3318         * jit/JITStubs.cpp:
3319
3320 2011-01-24  Adam Roben  <aroben@apple.com>
3321
3322         Windows Production build fix
3323
3324         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
3325
3326 2011-01-24  Peter Varga  <pvarga@webkit.org>
3327
3328         Reviewed by Oliver Hunt.
3329
3330         Optimize regex patterns which contain empty alternatives
3331         https://bugs.webkit.org/show_bug.cgi?id=51395
3332
3333         Eliminate the empty alternatives from the regex pattern and convert it to do
3334         the matching in an easier way.
3335
3336         * yarr/YarrPattern.cpp:
3337         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
3338
3339 2011-01-24  Andras Becsi  <abecsi@webkit.org>
3340
3341         Reviewed by Csaba Osztrogonác.
3342
3343         [Qt] Move project files into Source
3344         https://bugs.webkit.org/show_bug.cgi?id=52891
3345
3346         * JavaScriptCore.pri:
3347         * JavaScriptCore.pro:
3348         * jsc.pro:
3349
3350 2011-01-23  Mark Rowe  <mrowe@apple.com>
3351
3352         Follow-up to r76477.
3353
3354         Fix the scripts that detect problematic code such as static initializers
3355         and destructors, weak vtables, inappropriate files in the framework wrappers,
3356         and public headers including private headers. These had all been broken
3357         since the projects were moved in to the Source directory as the paths to the
3358         scripts were not updated at that time.
3359
3360         * JavaScriptCore.xcodeproj/project.pbxproj:
3361
3362 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3363
3364         Reviewed by Darin Adler.
3365
3366         Use WTF::StringHasher in WebCore
3367         https://bugs.webkit.org/show_bug.cgi?id=52934
3368
3369         Add an additional function to calculate the hash
3370         of data with a runtimedependent size.
3371
3372         * wtf/StringHasher.h:
3373         (WTF::StringHasher::createBlobHash):
3374
3375 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3376
3377         Reviewed by David Kilzer.
3378
3379         Fix comment in String::ascii()
3380         https://bugs.webkit.org/show_bug.cgi?id=52980
3381
3382         * wtf/text/WTFString.cpp:
3383         (WTF::String::ascii):
3384
3385 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3386
3387         Reviewed by David Kilzer.
3388
3389         Add String::containsOnlyLatin1()
3390         https://bugs.webkit.org/show_bug.cgi?id=52979
3391
3392         * wtf/text/WTFString.h:
3393         (WTF::String::containsOnlyLatin1):
3394         (WTF::charactersAreAllLatin1):
3395
3396 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3397
3398         Reviewed by Oliver Hunt.
3399
3400         Remove obsolete JSVALUE32 code
3401         https://bugs.webkit.org/show_bug.cgi?id=52948
3402
3403         r70111 removed support for JSVALUE32.
3404         ARM, MIPS and X86 support JSVALUE32_64 only.
3405
3406         * jit/JITStubs.cpp:
3407
3408 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3409
3410         Reviewed by Dan Bernstein.
3411
3412         ASSERT running run-webkit-tests --threaded.
3413         https://bugs.webkit.org/show_bug.cgi?id=52971
3414         
3415         SunSpider and v8 report no change.
3416
3417         * runtime/ConservativeSet.cpp:
3418         (JSC::ConservativeSet::grow):
3419         (JSC::ConservativeSet::add):
3420         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
3421         the growth policy to 2X, to make SunSpider and v8 happy.
3422         (JSC::ConservativeSet::ConservativeSet):
3423         (JSC::ConservativeSet::~ConservativeSet):
3424         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
3425         Malloc is forbidden during a multi-threaded mark phase because it can
3426         cause deadlock.
3427
3428 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3429
3430         Reviewed by Geoffrey Garen.
3431
3432         Rubber-stamped by Maciej Stachowiak.
3433
3434         A few of Maciej's review suggestions for my last patch.
3435         https://bugs.webkit.org/show_bug.cgi?id=52946        
3436
3437         SunSpider reports no change.
3438
3439         * Android.mk:
3440         * CMakeLists.txt:
3441         * GNUmakefile.am:
3442         * JavaScriptCore.gypi:
3443         * JavaScriptCore.pro:
3444         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3445         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
3446
3447         * runtime/ConservativeSet.cpp: Added.
3448         (JSC::isPointerAligned):
3449         (JSC::ConservativeSet::add):
3450         * runtime/ConservativeSet.h: Added.
3451         (JSC::ConservativeSet::ConservativeSet):
3452         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
3453         file, and moved the conservative check into ConservativeSet::add, making
3454         ConservativeSet's responsibility clearer.
3455
3456         * runtime/Heap.cpp:
3457         (JSC::Heap::markRoots):
3458         * runtime/MachineStackMarker.cpp:
3459         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3460         (JSC::MachineStackMarker::markOtherThreadConservatively):
3461         * runtime/MachineStackMarker.h:
3462         * runtime/MarkStack.h: Updated for changes above.
3463
3464 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
3465
3466         Unreviewed WinCE build fix for r76430.
3467
3468         * runtime/MachineStackMarker.cpp:
3469         (JSC::swapIfBackwards):
3470
3471 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3472
3473         Reviewed by Beth Dakin.
3474
3475         Reorganized MarkedSpace, making many of its functions private.
3476
3477         * runtime/JSCell.h:
3478         (JSC::JSCell::Heap::heap):
3479         * runtime/MarkedSpace.h:
3480         (JSC::MarkedSpace::globalData):
3481         (JSC::MarkedSpace::heap):
3482
3483 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3484
3485         Try to fix build: moved helper function out of #ifdef.
3486
3487         * runtime/MachineStackMarker.cpp:
3488         (JSC::swapIfBackwards):
3489
3490 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3491
3492         Rubber-stamped by Maciej Stachowiak.
3493
3494         A few of Maciej's review suggestions for my last patch.
3495         https://bugs.webkit.org/show_bug.cgi?id=52946        
3496
3497         SunSpider reports no change.
3498
3499         * runtime/MachineStackMarker.cpp:
3500         (JSC::swapIfBackwards): Added a helper function for handling platforms
3501         where the stack can grow in any direction.
3502
3503         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3504         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
3505         function.
3506
3507         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
3508
3509         (JSC::MachineStackMarker::markConservatively): Changed to use a more
3510         standard looping idiom, and to use the helper function above.
3511
3512         * runtime/MarkedSpace.h:
3513         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
3514
3515 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3516
3517         Reviewed by Maciej Stachowiak.
3518
3519         Cleaned up some conservative marking code.
3520         https://bugs.webkit.org/show_bug.cgi?id=52946
3521         
3522         SunSpider reports no change.
3523
3524         * interpreter/RegisterFile.h: No need for a special marking function,
3525         since we already expose a start() and end().
3526
3527         * runtime/Heap.cpp:
3528         (JSC::Heap::registerFile):
3529         (JSC::Heap::markRoots):
3530         * runtime/Heap.h:
3531         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3532         marker class. Now, Heap just provides a contains() function, which the
3533         machine stack marker uses for checking whether a pointer points into the heap.
3534
3535         * runtime/MachineStackMarker.cpp:
3536         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3537         (JSC::MachineStackMarker::markOtherThreadConservatively):
3538         (JSC::isPointerAligned):
3539         (JSC::MachineStackMarker::markConservatively):
3540         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3541
3542         * runtime/MarkStack.h:
3543         (JSC::ConservativeSet::add):
3544         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3545         set. Vector seems to be a bit faster, and it generates smaller code.
3546
3547         * runtime/MarkedSpace.cpp:
3548         (JSC::MarkedSpace::containsSlowCase):
3549         * runtime/MarkedSpace.h:
3550         (JSC::MarkedSpace::isCellAligned):
3551         (JSC::MarkedSpace::isPossibleCell):
3552         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3553         pointer pointed into marked space, and moved the code for marking
3554         a set of conservative pointers into the machine stack marker.
3555
3556         * wtf/HashSet.h:
3557         (WTF::::add): Added two missing inlines that I noticed while testing
3558         vector vs hash set.
3559
3560 2011-01-21  Mark Rowe  <mrowe@apple.com>
3561
3562         Reviewed by Sam Weinig.
3563
3564         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3565         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3566
3567         * wtf/PageAllocation.h:
3568         (WTF::PageAllocation::operator bool):
3569         * wtf/PageReservation.h:
3570         (WTF::PageReservation::operator bool):
3571
3572 2011-01-21  Michael Saboff  <msaboff@apple.com>
3573
3574         Reviewed by Oliver Hunt.
3575
3576         [RegexFuzz] Hang with forward assertion
3577         https://bugs.webkit.org/show_bug.cgi?id=52825
3578         <rdar://problem/8894332>
3579
3580         The backtrackTo label from the first term in a list of terms is
3581         being overwritten by processing of subsequent terms.  Changed
3582         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3583         before copying and renamed it to propagateBacktrackToLabel() since
3584         it no longer copies.
3585
3586         * yarr/YarrJIT.cpp:
3587         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3588         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3589
3590 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3591
3592         Reviewed by Sam Weinig.
3593
3594         Moved the mark stack from global data to the heap, since it pertains
3595         to the heap, and not the virtual machine as a whole.
3596         https://bugs.webkit.org/show_bug.cgi?id=52930
3597         
3598         SunSpider reports no change.
3599
3600         * runtime/Heap.cpp:
3601         (JSC::Heap::Heap):
3602         (JSC::Heap::markRoots):
3603         * runtime/Heap.h:
3604         * runtime/JSGlobalData.cpp:
3605         (JSC::JSGlobalData::JSGlobalData):
3606         * runtime/JSGlobalData.h:
3607
3608 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3609
3610         Reviewed by Darin Adler.
3611
3612         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3613         https://bugs.webkit.org/show_bug.cgi?id=52814
3614
3615         Get the approximateByteSize value before releasing the OwnPtr.
3616
3617         * parser/JSParser.cpp:
3618         (JSC::JSParser::parseFunctionInfo):
3619
3620 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3621
3622         Reviewed by Martin Robinson.
3623
3624         Remove unnecessary <stdio.h> include
3625         https://bugs.webkit.org/show_bug.cgi?id=52884
3626
3627         * jit/JIT.cpp: remove unnecessary include.
3628
3629 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3630
3631         Reviewed by Maciej Stachowiak.
3632
3633         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3634
3635         * wtf/OwnArrayPtr.h:
3636
3637 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3638
3639         Reviewed by Oliver Hunt.
3640
3641         [WINCE] Remove obsolete JSVALUE32 code
3642         https://bugs.webkit.org/show_bug.cgi?id=52450
3643
3644         Remove the "offset hack" in create_jit_stubs, since we
3645         only support JSVALUE32_64 in the meantime.
3646
3647         * create_jit_stubs: Removed offset argument
3648         * jit/JITStubs.cpp:
3649
3650 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3651
3652         Reviewed by Oliver Hunt.
3653
3654         When marking conservatively, guard against reviving dead objects.
3655         https://bugs.webkit.org/show_bug.cgi?id=52840
3656         
3657         SunSpider and v8 say no change.
3658
3659         * interpreter/RegisterFile.h:
3660         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3661
3662         * runtime/Heap.cpp:
3663         (JSC::Heap::recordExtraCost): No need to guard against conservative
3664         marking reviving dead objects anymore, since the conservative marking
3665         mechanism guards against this now.
3666
3667         (JSC::Heap::markConservatively):
3668         (JSC::Heap::markProtectedObjects):
3669         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3670         marking function. We want to establish a separation of concerns between
3671         visiting roots and draining the mark stack.
3672
3673         (JSC::Heap::markRoots): Gather the set of conservative references before
3674         clearning mark bits, because conservative marking now uses the mark bits
3675         to determine if a reference is valid, and avoid reviving dead objects.
3676
3677         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3678         marking reviving dead objects anymore, since the conservative marking
3679         mechanism guards against this now.
3680
3681         * runtime/Heap.h: Updated to use the ConservativeSet API.
3682
3683         * runtime/MachineStackMarker.cpp:
3684         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3685         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3686         (JSC::MachineStackMarker::markOtherThreadConservatively):
3687         (JSC::MachineStackMarker::markMachineStackConservatively):
3688         * runtime/MachineStackMarker.h: Ditto.
3689
3690         * runtime/MarkStack.h:
3691         (JSC::ConservativeSet::add):
3692         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3693         set of conservative references. This is different from MarkStack, since
3694         we don't mark the set until it is completely gathered.
3695
3696         * runtime/MarkedSpace.cpp:
3697         (JSC::MarkedSpace::freeBlock):
3698         (JSC::MarkedSpace::resizeBlocks):
3699         (JSC::MarkedSpace::markConservatively):
3700         * runtime/MarkedSpace.h: When marking conservatively, guard against
3701         reviving dead objects.
3702
3703 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3704
3705         Reviewed by Geoffrey Garen.
3706
3707         [Symbian] Fix StackBounds::initialize()
3708         https://bugs.webkit.org/show_bug.cgi?id=52842
3709
3710         * wtf/StackBounds.cpp:
3711         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3712
3713 2011-01-20  Michael Saboff  <msaboff@apple.com>
3714
3715         Reviewed by Oliver Hunt.
3716
3717         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3718         https://bugs.webkit.org/show_bug.cgi?id=52773
3719
3720         Fixed case where an existing DataLabelPtr is overwritten.  The
3721         replacing DataLabelPtr is now resolved immediately in
3722         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3723         return value for the routine as it was never used.
3724
3725         * yarr/YarrJIT.cpp:
3726         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3727
3728 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3729
3730         Reviewed by Csaba Osztrogonác.
3731
3732         [Qt][WK2] WebKit2 enabled build fails to link
3733
3734         Work around undefined reference linking issues until the buildsystem gets redesigned.
3735         These issues first occured in minimal builds (see BUG 50519).
3736
3737         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3738
3739 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3740
3741         Reviewed by Csaba Osztrogonác.
3742
3743         Refactoring of the custom allocation framework
3744         https://bugs.webkit.org/show_bug.cgi?id=49897
3745
3746         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3747         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3748         equivalent macro implementation at the necessary places.
3749
3750         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3751
3752 2011-01-20  Mark Rowe  <mrowe@apple.com>
3753
3754         Reviewed by Maciej Stachowiak.
3755
3756         Follow-up to r75766 / <rdar://problem/5469576>.
3757
3758         We were failing to initialize the key, causing all sorts of unexpected behavior.
3759
3760         * wtf/FastMalloc.cpp:
3761         (WTF::setThreadHeap):
3762         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3763         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3764
3765 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3766
3767         Reviewed by Darin Adler.
3768
3769         Rolled back in r76078, with crash fixed.
3770         https://bugs.webkit.org/show_bug.cgi?id=52668
3771         
3772         * runtime/JSGlobalObject.cpp:
3773         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3774         object moves its variables into and out of the register file. While out
3775         of the register file, the symbol table's size is not an accurate count
3776         for the size of the register array, since the BytecodeGenerator might
3777         be compiling, adding items to the symbol table.
3778         
3779 2011-01-18  Darin Adler  <darin@apple.com>
3780
3781         Reviewed by Geoffrey Garen.
3782
3783         Stack overflow when converting an Error object to string
3784         https://bugs.webkit.org/show_bug.cgi?id=46410
3785
3786         * Android.mk: Added StringRecursionChecker.cpp and
3787         StringRecursionChecker.h.
3788         * CMakeLists.txt: Ditto.
3789         * GNUmakefile.am: Ditto.
3790         * JavaScriptCore.gypi: Ditto.
3791         * JavaScriptCore.pro: Ditto.
3792         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3793         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3794
3795         * runtime/ArrayPrototype.cpp:
3796         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3797         of the older hand-written code to do the same thing.
3798         (JSC::arrayProtoFuncToLocaleString): Ditto.
3799         (JSC::arrayProtoFuncJoin): Ditto.
3800
3801         * runtime/ErrorPrototype.cpp:
3802         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3803
3804         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3805         stringRecursionCheckVisitedObjects.
3806
3807         * runtime/RegExpPrototype.cpp:
3808         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3809
3810         * runtime/StringRecursionChecker.cpp: Added.
3811         * runtime/StringRecursionChecker.h: Added.
3812
3813 2011-01-19  Oliver Hunt  <oliver@apple.com>
3814
3815         Reviewed by Gavin Barraclough.
3816
3817         Remove non-spec support for callable RegExp
3818         https://bugs.webkit.org/show_bug.cgi?id=28285
3819
3820         Remove support for callable regexps.  If it breaks sites we can
3821         just roll this out.
3822
3823         * runtime/RegExpObject.cpp:
3824         * runtime/RegExpObject.h:
3825         * tests/mozilla/expected.html: update results.
3826
3827 2011-01-19  Antti Koivisto  <antti@apple.com>
3828
3829         Reviewed by Oliver Hunt.
3830
3831         Cache function offsets to speed up javascript parsing
3832         https://bugs.webkit.org/show_bug.cgi?id=52622
3833         
3834         Use cache to save function offsets and some other info.
3835         This avoids quite a bit of work when reparsing the source.
3836
3837         * parser/ASTBuilder.h:
3838         * parser/JSParser.cpp:
3839         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3840         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3841         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3842         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3843         (JSC::JSParser::Scope::saveFunctionInfo):
3844         (JSC::JSParser::Scope::restoreFunctionInfo):
3845         (JSC::JSParser::findCachedFunctionInfo):
3846         (JSC::JSParser::JSParser):
3847         (JSC::JSParser::parseProgram):
3848         (JSC::JSParser::parseFunctionInfo):
3849         * parser/Lexer.h:
3850         (JSC::Lexer::setOffset):
3851         (JSC::Lexer::setLineNumber):
3852         (JSC::Lexer::sourceProvider):
3853         * parser/SourceProvider.h:
3854         (JSC::SourceProviderCache::SourceProviderCache):
3855         (JSC::SourceProviderCache::~SourceProviderCache):
3856         (JSC::SourceProviderCache::byteSize):
3857         (JSC::SourceProviderCache::add):
3858         (JSC::SourceProviderCache::get):
3859         (JSC::SourceProvider::SourceProvider):
3860         (JSC::SourceProvider::~SourceProvider):
3861         (JSC::SourceProvider::cache):
3862         (JSC::SourceProvider::notifyCacheSizeChanged):
3863         (JSC::SourceProvider::cacheSizeChanged):
3864         * parser/SyntaxChecker.h:
3865
3866 2011-01-19  Mark Rowe  <mrowe@apple.com>
3867
3868         Reviewed by Darin Adler.
3869
3870         Follow-up to r75766 / <rdar://problem/5469576>.
3871
3872         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3873
3874 2011-01-19  Oliver Hunt  <oliver@apple.com>
3875
3876         Reviewed by Gavin Barraclough.
3877
3878         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3879         https://bugs.webkit.org/show_bug.cgi?id=52672
3880
3881         Rather than coming up with a somewhat convoluted mechanism to ensure that
3882         developers can override the global objects prototype with a function named
3883         __proto__ and expect it to work, we just disallow it at the syntax level.
3884
3885         * parser/JSParser.cpp:
3886         (JSC::JSParser::parseFunctionInfo):
3887
3888 2011-01-19  Michael Saboff  <msaboff@apple.com>
3889
3890         Reviewed by Darin Adler.
3891
3892         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
3893         https://bugs.webkit.org/show_bug.cgi?id=52675
3894
3895         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3896         broke simple backtracking in some cases.  Reworked that change to 
3897         link both jumps and labels.
3898
3899         * yarr/YarrJIT.cpp:
3900         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3901         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3902         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3903
3904 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3905
3906         Reviewed by Yury Semikhatsky.
3907
3908         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3909         https://bugs.webkit.org/show_bug.cgi?id=52721
3910
3911         * debugger/Debugger.cpp:
3912         (JSC::Debugger::recompileAllJSFunctions):
3913         * debugger/Debugger.h:
3914         * parser/Parser.h:
3915         (JSC::Parser::parse):
3916         * parser/SourceCode.h:
3917         (JSC::SourceCode::SourceCode):
3918         * parser/SourceProvider.h:
3919         (JSC::SourceProvider::startPosition):
3920
3921 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3922
3923         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3924
3925         [Qt] Remove unnecessary "../Source" from paths
3926         after moving source files into Source is finished.
3927
3928         * JavaScriptCore.pri:
3929
3930 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3931
3932         Reviewed by Darin Adler.
3933
3934         Don't return void from void function String::split
3935         https://bugs.webkit.org/show_bug.cgi?id=52684
3936
3937         * wtf/text/WTFString.cpp:
3938         (WTF::String::split):
3939
3940 2011-01-18  Kenneth Russell  <kbr@google.com>
3941
3942         Unreviewed, rolling out r76078.
3943         http://trac.webkit.org/changeset/76078
3944         https://bugs.webkit.org/show_bug.cgi?id=52668
3945
3946         Caused crashes of fast/canvas/webgl/constants.html,
3947         fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
3948         test crashes in Release mode. WebGL crashes were observed with
3949         "run-webkit-tests fast/canvas/webgl". It was necessary to run
3950         multiple tests to provoke the crash.
3951
3952         * interpreter/RegisterFile.h:
3953         (JSC::RegisterFile::markGlobals):
3954         * runtime/JSActivation.cpp:
3955         (JSC::JSActivation::markChildren):
3956         * runtime/JSGlobalObject.cpp:
3957         (JSC::JSGlobalObject::markChildren):
3958
3959 2011-01-18  Oliver Hunt  <oliver@apple.com>
3960
3961         Reviewed by Gavin Barraclough.
3962
3963         [jsfunfuzz] Assertion asking activation for arguments when arguments is overridden
3964         https://bugs.webkit.org/show_bug.cgi?id=52690
3965
3966         Clean up code to retrieve arguments from activation and function objects.
3967         Remove the incorrect assertion from JSActivation's argumentsGetter.
3968
3969         * interpreter/Interpreter.cpp:
3970         (JSC::Interpreter::retrieveArguments):
3971         * runtime/JSActivation.cpp:
3972         (JSC::JSActivation::argumentsGetter):
3973
3974 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3975
3976         Reviewed by Darin Adler.
3977
3978         Removed RegisterFile::markGlobals because it was obtuse, and it
3979         unnecessarily relied on conservative marking.
3980         https://bugs.webkit.org/show_bug.cgi?id=52668
3981
3982         * interpreter/RegisterFile.h: Removed markGlobals.
3983
3984         * runtime/JSActivation.cpp:
3985         (JSC::JSActivation::markChildren): Added a comment explaning why some
3986         JSActivations don't always mark their registers arrays.
3987
3988         * runtime/JSGlobalObject.cpp:
3989         (JSC::JSGlobalObject::markChildren): Instead of calling markGlobals, mark
3990         the registers array directly.
3991
3992 2011-01-18  Michael Saboff  <msaboff@apple.com>
3993
3994         Reviewed by Oliver Hunt.
3995
3996         <rdar://problem/8875432> Regression: Some text-only e-mails cause hang beneath RegExp::match (52540)
3997         https://bugs.webkit.org/show_bug.cgi?id=52540
3998         https://bugs.webkit.org/show_bug.cgi?id=52662
3999
4000         Directly use backtrack label with parentheses nested under a
4001         non-capturing parentheses.  Also linked current parentheses
4002         tail code object for possible parens nested within a non-capturing
4003         parentheses.
4004
4005         * yarr/YarrJIT.cpp:
4006         (JSC::Yarr::YarrGenerator::BacktrackDestination::linkBacktrackToLabel):
4007         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
4008
4009 2011-01-18  Daniel Bates  <dbates@rim.com>
4010
4011         Reviewed by Gavin Barraclough.
4012
4013         Only use moving memory model assumption in ExecutableAllocator::intializePageSize() for Symbian OS
4014         https://bugs.webkit.org/show_bug.cgi?id=52517
4015
4016         Patch by David Tapuska
4017
4018         Currently, we compile code with respect to the Symbian-specific moving memory model
4019         assumption for all ARMv5 or lower architectures. Instead, we should only compile
4020         such code when building for Symbian OS on those architectures because this model
4021         is Symbian-specific.
4022
4023         * jit/ExecutableAllocator.cpp:
4024         (JSC::ExecutableAllocator::intializePageSize):
4025
4026 2011-01-18  Dimitry Andric  <dim@freebsd.org>
4027
4028         Reviewed by Andreas Kling.
4029
4030         Fix linking JavaScriptCore on FreeBSD/amd64
4031         https://bugs.webkit.org/show_bug.cgi?id=52591
4032
4033         Linking of JavaScriptCore on FreeBSD/amd64 fails, for the same reason as
4034         in bug 28422: cti_vm_throw needs a "@plt" suffix, otherwise the linker
4035         complains about the relocation type.
4036
4037         * jit/JITStubs.cpp: use @plt suffix on x86_64 platforms, for both Linux
4038         and FreeBSD.
4039
4040 2011-01-18  Oliver Hunt  <oliver@apple.com>
4041
4042         Reviewed by Antti Koivisto.
4043
4044         [jsfunfuzz] Assertion in codegen for array of NaN constants
4045         https://bugs.webkit.org/show_bug.cgi?id=52643
4046
4047         Don't cache NaN literals in the code generator, as NaN doesn't compare
4048         as equal to itself it causes problems when rehashing the number cache.
4049
4050     &