2011-06-03 Oliver Hunt <oliver@apple.com>
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-06-03  Oliver Hunt  <oliver@apple.com>
2
3         Reviewed by Geoffrey Garen.
4
5         Improve keyword lookup
6         https://bugs.webkit.org/show_bug.cgi?id=61913
7
8         Rather than doing multiple hash lookups as we currently
9         do when trying to identify keywords we now use an 
10         automatically generated decision tree (essentially it's
11         a hard coded patricia trie).  We still use the regular
12         lookup table for the last few characters of an input as
13         this allows us to completely skip all bounds checks.
14
15         * CMakeLists.txt:
16         * DerivedSources.make:
17         * DerivedSources.pro:
18         * GNUmakefile.am:
19         * JavaScriptCore.gyp/JavaScriptCore.gyp:
20         * JavaScriptCore.xcodeproj/project.pbxproj:
21         * KeywordLookupGenerator.py: Added.
22         * make-generated-sources.sh:
23         * parser/Lexer.cpp:
24         (JSC::Lexer::internalShift):
25         (JSC::Lexer::shift):
26         (JSC::Lexer::parseIdentifier):
27         * parser/Lexer.h:
28
29 2011-06-03  Siddharth Mathur  <siddharth.mathur@nokia.com>
30
31         Reviewed by Benjamin Poulain.
32
33         [Qt] Build flag for experimental ICU library support
34         https://bugs.webkit.org/show_bug.cgi?id=60786
35
36         Adds a build-time flag (CONFIG+=use_system_icu) that enables experimental 
37         ICU powered Unicode support. 
38
39         * JavaScriptCore.pri: Support for use_system_icu CONFIG flag.
40         * wtf/unicode/qt4/UnicodeQt4.h: Guard an include file with USE(ICU_UNICODE). 
41
42 2011-06-03  Alexis Menard  <alexis.menard@openbossa.org>
43
44         Reviewed by Benjamin Poulain.
45
46         [Qt] Build fix of QtWebKit 2.2 when inside Qt tree with GCC 4.6.
47         https://bugs.webkit.org/show_bug.cgi?id=61957
48
49         When building inside the Qt source tree, qmake always append the mkspecs
50         defines after ours. We have to workaround and make sure that we append 
51         our flags after the qmake variable used inside Qt. This workaround was provided 
52         by our qmake folks. We need to append in both case because qmake behave differently
53         when called with -spec or via SUBDIR+=. This patch unbreak r87950 on Mac for Qt port.
54
55         * JavaScriptCore.pro:
56
57 2011-06-02  Jay Civelli  <jcivelli@chromium.org>
58
59         Reviewed by Adam Barth.
60
61         Added a method to generate RFC 2822 compliant date strings.
62         https://bugs.webkit.org/show_bug.cgi?id=7169
63
64         * wtf/DateMath.cpp:
65         (WTF::twoDigitStringFromNumber):
66         (WTF::makeRFC2822DateString):
67         * wtf/DateMath.h:
68
69 2011-06-02  Alexis Menard  <alexis.menard@openbossa.org>
70
71         Reviewed by Andreas Kling.
72
73         [Qt] Build fix of QtWebKit 2.2 when inside Qt tree with GCC 4.6.
74         https://bugs.webkit.org/show_bug.cgi?id=61957
75
76         When building inside the Qt source tree, qmake always append the mkspecs
77         defines after ours. We have to workaround and make sure that we append  
78         our flags after the qmake variable used inside Qt. This workaround was provided
79         by our qmake folks.
80
81         * JavaScriptCore.pro:
82
83 2011-06-01  Oliver Hunt  <oliver@apple.com>
84
85         Reviewed by Geoffrey Garen.
86
87         Add single character lookup cache to IdentifierArena
88         https://bugs.webkit.org/show_bug.cgi?id=61879
89
90         Add a simple lookup cache for single ascii character
91         identifiers.  Produces around a 2% improvement in parse
92         time for my adhoc parser test.
93
94         * parser/ParserArena.h:
95         (JSC::IdentifierArena::IdentifierArena):
96         (JSC::IdentifierArena::clear):
97         (JSC::IdentifierArena::makeIdentifier):
98
99 2011-05-31  Oliver Hunt  <oliver@apple.com>
100
101         Reviewed by Geoffrey Garen.
102
103         Freezing a function and its prototype causes browser to crash.
104         https://bugs.webkit.org/show_bug.cgi?id=61758
105
106         Make JSObject::preventExtensions virtual so that we can override it
107         and instantiate all lazy
108
109         * JavaScriptCore.exp:
110         * runtime/JSFunction.cpp:
111         (JSC::createPrototypeProperty):
112         (JSC::JSFunction::preventExtensions):
113         (JSC::JSFunction::getOwnPropertySlot):
114         * runtime/JSFunction.h:
115         * runtime/JSObject.h:
116         * runtime/JSObject.cpp:
117         (JSC::JSObject::seal):
118         (JSC::JSObject::seal):
119
120 2011-06-01  Sheriff Bot  <webkit.review.bot@gmail.com>
121
122         Unreviewed, rolling out r87788.
123         http://trac.webkit.org/changeset/87788
124         https://bugs.webkit.org/show_bug.cgi?id=61856
125
126         breaks windows chromium canary (Requested by jknotten on
127         #webkit).
128
129         * wtf/DateMath.cpp:
130         (WTF::timeClip):
131         * wtf/DateMath.h:
132
133 2011-06-01  Jay Civelli  <jcivelli@chromium.org>
134
135         Reviewed by Adam Barth.
136
137         Added a method to generate RFC 2822 compliant date strings.
138         https://bugs.webkit.org/show_bug.cgi?id=7169
139
140         * wtf/DateMath.cpp:
141         (WTF::twoDigitStringFromNumber):
142         (WTF::makeRFC2822DateString):
143         * wtf/DateMath.h:
144
145 2011-05-31  Yong Li  <yoli@rim.com>
146
147         Reviewed by Eric Seidel.
148
149         https://bugs.webkit.org/show_bug.cgi?id=54807
150         We have been assuming plain bitfields (like "int a : 31") are always signed integers.
151         However some compilers can treat them as unsigned. For example, RVCT 4.0 states plain
152         bitfields (declared without either signed or unsigned qualifiers) are treats as unsigned.
153         http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0348c/Babjddhe.html
154         Although we can use "--signed-bitfields" flag to make RVCT 4.0 behave as most other compilers,
155         always using "signed"/"unsigned" qualifier to declare integral type bitfields is still a good
156         rule we should have in order to make our code independent from compilers and compiler flags.
157
158         No new test added because this change is not known to fix any issue.
159
160         * bytecode/StructureStubInfo.h:
161
162 2011-05-30  Hojong Han  <hojong.han@samsung.com>
163
164         Reviewed by Geoffrey Garen.
165
166         [JSC] malfunction during arithmetic condition check with negative number (-2147483648)
167         https://bugs.webkit.org/show_bug.cgi?id=61416
168
169         * assembler/MacroAssemblerARM.h:
170         (JSC::MacroAssemblerARM::branch32):
171         * tests/mozilla/ecma/Expressions/11.12-1.js:
172         (getTestCases):
173
174 2011-05-29  Geoffrey Garen  <ggaren@apple.com>
175
176         Reviewed by Sam Weinig.
177
178         Some heap refactoring
179         https://bugs.webkit.org/show_bug.cgi?id=61704
180         
181         SunSpider says no change.
182
183         * JavaScriptCore.exp: Export!
184
185         * heap/Heap.cpp: COLLECT_ON_EVERY_ALLOCATION can actually do so now.
186
187         (JSC::Heap::Heap): Changed Heap sub-objects to point to the heap.
188
189         (JSC::Heap::allocate): Changed inline allocation code to only select the
190         size class, since this can be optimized out at compile time -- everything
191         else is now inlined into this out-of-line function.
192         
193         No need to duplicate ASSERTs made in our caller.
194
195         * heap/Heap.h:
196         (JSC::Heap::heap):
197         (JSC::Heap::isMarked):
198         (JSC::Heap::testAndSetMarked):
199         (JSC::Heap::testAndClearMarked):
200         (JSC::Heap::setMarked): Call directly into MarkedBlock instead of adding
201         a layer of indirection through MarkedSpace.
202
203         (JSC::Heap::allocate): See above.
204
205         * heap/MarkedBlock.cpp:
206         (JSC::MarkedBlock::create):
207         (JSC::MarkedBlock::MarkedBlock):
208         * heap/MarkedBlock.h: Changed Heap sub-objects to point to the heap.
209
210         * heap/MarkedSpace.cpp:
211         (JSC::MarkedSpace::MarkedSpace):
212         (JSC::MarkedSpace::allocateBlock):
213         * heap/MarkedSpace.h:
214         (JSC::MarkedSpace::allocate): Updated to match changes above.
215
216 2011-05-28  David Kilzer  <ddkilzer@apple.com>
217
218         BUILD FIX when building only the interpreter
219
220         Fixes the following compiler warning:
221
222             JavaScriptCore/runtime/JSGlobalData.cpp:462:6: error: no previous prototype for function 'releaseExecutableMemory' [-Werror,-Wmissing-prototypes,3]
223              void releaseExecutableMemory(JSGlobalData& globalData)
224                   ^
225
226         * jit/ExecutableAllocator.h: Moved declaration of
227         JSC::releaseExecutableMemory().
228
229 2011-05-28  David Kilzer  <ddkilzer@apple.com>
230
231         BUILD FIX after r87527 with ENABLE(BRANCH_COMPACTION)
232
233         * assembler/LinkBuffer.h:
234         (JSC::LinkBuffer::linkCode): Added missing argument.
235
236 2011-05-27  Geoffrey Garen  <ggaren@apple.com>
237
238         Reviewed by Oliver Hunt.
239
240         JS API is too aggressive about throwing exceptions for NULL get or set operations
241         https://bugs.webkit.org/show_bug.cgi?id=61678
242
243         * API/JSCallbackObject.h: Changed our staticValueGetter to a regular
244         function that returns a JSValue, so it can fail and still forward to
245         normal property lookup.
246
247         * API/JSCallbackObjectFunctions.h:
248         (JSC::::getOwnPropertySlot): Don't throw an exception when failing to
249         access a static property -- just forward the access. This allows objects
250         to observe get/set operations but still let the JS object manage lifetime.
251
252         (JSC::::put): Ditto.
253
254         (JSC::::getStaticValue): Same as JSCallbackObject.h.
255
256         * API/tests/testapi.c:
257         (MyObject_set_nullGetForwardSet):
258         * API/tests/testapi.js: Updated tests to reflect slightly less strict
259         behavior, which matches headerdoc claims.
260
261 2011-05-27  Geoffrey Garen  <ggaren@apple.com>
262
263         Reviewed by Oliver Hunt.
264
265         Property caching is too aggressive for API objects
266         https://bugs.webkit.org/show_bug.cgi?id=61677
267
268         * API/JSCallbackObject.h: Opt in to ProhibitsPropertyCaching, since our
269         callback APIs allow the client to change its mind about our propertis at
270         any time.
271
272         * API/tests/testapi.c:
273         (PropertyCatchalls_getProperty):
274         (PropertyCatchalls_setProperty):
275         (PropertyCatchalls_getPropertyNames):
276         (PropertyCatchalls_class):
277         (main):
278         * API/tests/testapi.js: Some tests for dynamic API objects.
279
280         * interpreter/Interpreter.cpp:
281         (JSC::Interpreter::tryCachePutByID):
282         (JSC::Interpreter::tryCacheGetByID):
283         * jit/JITStubs.cpp:
284         (JSC::JITThunks::tryCachePutByID):
285         (JSC::JITThunks::tryCacheGetByID):
286         (JSC::DEFINE_STUB_FUNCTION): Opt out of property caching if the client
287         requires it.
288
289         * runtime/JSTypeInfo.h:
290         (JSC::TypeInfo::TypeInfo):
291         (JSC::TypeInfo::isFinal):
292         (JSC::TypeInfo::prohibitsPropertyCaching):
293         (JSC::TypeInfo::flags): Added a flag to track opting out of property
294         caching. Fixed an "&&" vs "&" typo that was previously harmless, but
295         is now harmful since m_flags2 can have more than one bit set.
296
297 2011-05-27  Stephanie Lewis  <slewis@apple.com>
298
299         Unreviewed.
300
301         Fix a typo in the order_file flag.
302
303         * Configurations/Base.xcconfig:
304
305 2011-05-27  Patrick Gansterer  <paroga@webkit.org>
306
307         Unreviewed. Build fix for !ENABLE(ASSEMBLER) after r87527.
308
309         * runtime/JSGlobalData.cpp:
310         (JSGlobalData::JSGlobalData):
311
312 2011-05-27  Oliver Hunt  <oliver@apple.com>
313
314         Reviewed by Geoffrey Garen.
315
316         Add a few validity assertions to JSCallbackObject
317         https://bugs.webkit.org/show_bug.cgi?id=61659
318
319         * API/JSCallbackObject.h:
320         (JSC::JSCallbackObject::visitChildren):
321
322 2011-05-27  Oliver Hunt  <oliver@apple.com>
323
324         Build fix
325
326         * runtime/RegExpCache.cpp:
327         (JSC::RegExpCache::invalidateCode):
328
329 2011-05-27  Oliver Hunt  <oliver@apple.com>
330
331         Reviewed by Geoffrey Garen.
332
333         Try to release unused executable memory when the FixedVMPool allocator is under pressure
334         https://bugs.webkit.org/show_bug.cgi?id=61651
335
336         Rather than crashing when full the FixedVMPool allocator now returns a null
337         allocation.  We replace the code that used to CRASH() on null allocations
338         with logic that asks the provided globalData to release any executable memory
339         that it can.  Currently this just means throwing away all regexp code, but
340         in future we'll try to be more aggressive.
341
342         * assembler/ARMAssembler.cpp:
343         (JSC::ARMAssembler::executableCopy):
344         * assembler/ARMAssembler.h:
345         * assembler/AssemblerBuffer.h:
346         (JSC::AssemblerBuffer::executableCopy):
347         * assembler/AssemblerBufferWithConstantPool.h:
348         * assembler/LinkBuffer.h:
349         (JSC::LinkBuffer::LinkBuffer):
350         (JSC::LinkBuffer::linkCode):
351         * assembler/MIPSAssembler.h:
352         (JSC::MIPSAssembler::executableCopy):
353         * assembler/SH4Assembler.h:
354         (JSC::SH4Assembler::executableCopy):
355         * assembler/X86Assembler.h:
356         (JSC::X86Assembler::executableCopy):
357         (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
358         * dfg/DFGJITCompiler.cpp:
359         (JSC::DFG::JITCompiler::compileFunction):
360         * jit/ExecutableAllocator.h:
361         (JSC::ExecutablePool::create):
362         (JSC::ExecutablePool::alloc):
363         (JSC::ExecutableAllocator::ExecutableAllocator):
364         (JSC::ExecutableAllocator::poolForSize):
365         (JSC::ExecutablePool::ExecutablePool):
366         (JSC::ExecutablePool::poolAllocate):
367         * jit/ExecutableAllocatorFixedVMPool.cpp:
368         (JSC::FixedVMPoolAllocator::alloc):
369         * jit/JIT.cpp:
370         (JSC::JIT::privateCompile):
371         * jit/JITOpcodes.cpp:
372         (JSC::JIT::privateCompileCTIMachineTrampolines):
373         * jit/JITOpcodes32_64.cpp:
374         (JSC::JIT::privateCompileCTIMachineTrampolines):
375         (JSC::JIT::privateCompileCTINativeCall):
376         * jit/JITPropertyAccess.cpp:
377         (JSC::JIT::stringGetByValStubGenerator):
378         (JSC::JIT::privateCompilePutByIdTransition):
379         (JSC::JIT::privateCompilePatchGetArrayLength):
380         (JSC::JIT::privateCompileGetByIdProto):
381         (JSC::JIT::privateCompileGetByIdSelfList):
382         (JSC::JIT::privateCompileGetByIdProtoList):
383         (JSC::JIT::privateCompileGetByIdChainList):
384         (JSC::JIT::privateCompileGetByIdChain):
385         * jit/JITPropertyAccess32_64.cpp:
386         (JSC::JIT::stringGetByValStubGenerator):
387         (JSC::JIT::privateCompilePutByIdTransition):
388         (JSC::JIT::privateCompilePatchGetArrayLength):
389         (JSC::JIT::privateCompileGetByIdProto):
390         (JSC::JIT::privateCompileGetByIdSelfList):
391         (JSC::JIT::privateCompileGetByIdProtoList):
392         (JSC::JIT::privateCompileGetByIdChainList):
393         (JSC::JIT::privateCompileGetByIdChain):
394         * jit/SpecializedThunkJIT.h:
395         (JSC::SpecializedThunkJIT::finalize):
396         * jit/ThunkGenerators.cpp:
397         (JSC::charCodeAtThunkGenerator):
398         (JSC::charAtThunkGenerator):
399         (JSC::fromCharCodeThunkGenerator):
400         (JSC::sqrtThunkGenerator):
401         (JSC::powThunkGenerator):
402         * runtime/JSGlobalData.cpp:
403         (JSC::JSGlobalData::JSGlobalData):
404         (JSC::JSGlobalData::releaseExecutableMemory):
405         (JSC::releaseExecutableMemory):
406         * runtime/JSGlobalData.h:
407         * runtime/RegExpCache.cpp:
408         (JSC::RegExpCache::invalidateCode):
409         * runtime/RegExpCache.h:
410         * yarr/YarrJIT.cpp:
411         (JSC::Yarr::YarrGenerator::compile):
412
413 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
414
415         Reviewed by Oliver Hunt.
416
417         Optimized ConservativeSet to avoid double-visiting objects
418         https://bugs.webkit.org/show_bug.cgi?id=61592
419         
420         SunSpider thinks this might be a 1% speedup
421
422         * heap/ConservativeRoots.h:
423         (JSC::ConservativeRoots::add): Use testAndClearMarked to avoid double-visiting
424         an object.
425
426         * heap/Heap.h:
427         (JSC::Heap::isMarked):
428         (JSC::Heap::testAndSetMarked):
429         (JSC::Heap::testAndClearMarked):
430         (JSC::Heap::setMarked): Added testAndClearMarked. Changed argument type
431         to void*, since clients want to ask questions about arbitrary pointers
432         into the heap, even when they aren't known to be JSCells.
433
434         * heap/MarkedBlock.h:
435         (JSC::MarkedBlock::testAndClearMarked):
436         * heap/MarkedSpace.h:
437         (JSC::MarkedSpace::isMarked):
438         (JSC::MarkedSpace::testAndSetMarked):
439         (JSC::MarkedSpace::testAndClearMarked):
440         (JSC::MarkedSpace::setMarked):
441         (JSC::MarkedSpace::contains): Ditto.
442
443         * wtf/Bitmap.h:
444         (WTF::::testAndClear): New function for ConservativeRoots's inverted
445         marking pass.
446
447 2011-05-27  Stephanie Lewis  <slewis@apple.com>
448
449         Rubber Stamped by Adam Roben.
450
451         Update Order Files.  Use -order_file flag since it can order more of the binary.
452
453         * Configurations/Base.xcconfig:
454         * JavaScriptCore.order:
455
456 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
457
458         Reviewed by Oliver Hunt.
459
460         Renamed heapRootMarker to heapRootVisitor to match its class name
461         https://bugs.webkit.org/show_bug.cgi?id=61584
462
463         * heap/Heap.cpp:
464         (JSC::Heap::markProtectedObjects):
465         (JSC::Heap::markTempSortVectors):
466         (JSC::Heap::markRoots):
467
468 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
469
470         Reviewed by Oliver Hunt.
471
472         Removed some interdependency between Heap and SmallStrings by simplifying
473         the SmallStrings lifetime model
474         https://bugs.webkit.org/show_bug.cgi?id=61579
475         
476         SunSpider reports no change.
477         
478         Using Weak<T> could accomplish this too, but we're not sure it will give
479         us the performance we need. This is a first step, and it accomplishes
480         most of the value of using Weak<T>.
481
482         * heap/Heap.cpp:
483         (JSC::Heap::destroy):
484         (JSC::Heap::markRoots):
485         (JSC::Heap::reset): Finalize small strings just like other weak handles.
486
487         * runtime/SmallStrings.cpp:
488         (JSC::finalize):
489         (JSC::SmallStrings::finalizeSmallStrings):
490         * runtime/SmallStrings.h: Make all small strings trivially weak, instead
491         of having an "all for one, one for all" memory model.
492
493 2011-05-26  Oliver Hunt  <oliver@apple.com>
494
495         Reviewed by Geoffrey Garen.
496
497         Make RegExpCache a weak map
498         https://bugs.webkit.org/show_bug.cgi?id=61554
499
500         Switch to a weak map for the regexp cache, and hide that
501         behaviour behind RegExp::create.
502
503         When a RegExp is compiled it attempts to add itself to
504         the "strong" cache.  This cache is a simple round-robin
505         buffer as was the old strong cache.  Happily this can
506         be smaller than the old strong cache as RegExps are only
507         added when they're compiled so it is under less pressure
508         to evict.
509
510         * bytecompiler/NodesCodegen.cpp:
511         (JSC::RegExpNode::emitBytecode):
512         * runtime/RegExp.cpp:
513         (JSC::RegExp::RegExp):
514         (JSC::RegExp::create):
515         (JSC::RegExp::match):
516         * runtime/RegExp.h:
517         (JSC::RegExp::gcShouldInvalidateCode):
518         (JSC::RegExp::hasCode):
519         (JSC::RegExp::key):
520         * runtime/RegExpCache.cpp:
521         (JSC::RegExpCache::lookupOrCreate):
522         (JSC::RegExpCache::RegExpCache):
523         (JSC::RegExpCache::isReachableFromOpaqueRoots):
524         (JSC::RegExpCache::finalize):
525         * runtime/RegExpCache.h:
526         * runtime/RegExpConstructor.cpp:
527         (JSC::constructRegExp):
528         * runtime/RegExpPrototype.cpp:
529         (JSC::regExpProtoFuncCompile):
530         * runtime/StringPrototype.cpp:
531         (JSC::stringProtoFuncMatch):
532         (JSC::stringProtoFuncSearch):
533
534 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
535
536         Reviewed by Oliver Hunt.
537
538         Moved Heap-related functions out of JSCell.h and into respective header files
539         https://bugs.webkit.org/show_bug.cgi?id=61567
540
541         * heap/Heap.h:
542         (JSC::Heap::allocate):
543         (JSC::Heap::heap):
544         * heap/MarkedBlock.h:
545         (JSC::MarkedBlock::allocate):
546         * heap/MarkedSpace.h:
547         (JSC::MarkedSpace::sizeClassFor):
548         (JSC::MarkedSpace::allocate):
549         * runtime/JSCell.h:
550         (JSC::JSCell::destructor):
551
552 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
553
554         Try to fix Windows build.
555
556         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
557
558 2011-05-26  Ryosuke Niwa  <rniwa@webkit.org>
559
560         Reviewed by Eric Seidel.
561
562         [debug feature] WTFString should have show() method
563         https://bugs.webkit.org/show_bug.cgi?id=61149
564
565         Added String::show and AtomicString::show in NDEBUG.
566
567         * wtf/text/AtomicString.cpp:
568         (WTF::AtomicString::show):
569         * wtf/text/AtomicString.h:
570         * wtf/text/WTFString.cpp:
571         (String::show):
572         * wtf/text/WTFString.h:
573
574 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
575
576         Reviewed by Geoffrey Garen.
577
578         Factored out some Heap ASSERTs
579         https://bugs.webkit.org/show_bug.cgi?id=61565
580
581         * JavaScriptCore.exp:
582         * heap/Heap.cpp:
583         (JSC::isValidSharedInstanceThreadState):
584         (JSC::isValidThreadState):
585         (JSC::Heap::markRoots):
586         (JSC::Heap::isValidAllocation):
587         * heap/Heap.h:
588         * runtime/JSCell.h:
589         (JSC::JSCell::Heap::allocate):
590
591 2011-05-26  Gavin Barraclough  <barraclough@apple.com>
592
593         Reviewed by Geoff Garen.
594
595         https://bugs.webkit.org/show_bug.cgi?id=61508
596         DFG JIT - Add support for get by id self caching.
597
598         Change the call out to be an unexpected call (using silent spill/fill functions),
599         add a structure check & compact load to the JIT code, and add repatching mechanisms.
600         Since DFGOperations may want to be be implemented in asm, make these symbols be extern
601         "C". Add an asm wrapper to pass the return address to the optimizing get-by-id operation,
602         so that it can look up its StructureStubInfo.
603
604         * JavaScriptCore.xcodeproj/project.pbxproj:
605             - Added new files.
606         * bytecode/StructureStubInfo.h:
607             - Added 'unset' entries to union.
608         * dfg/DFGJITCodeGenerator.h:
609         (JSC::DFG::JITCodeGenerator::appendCallWithExceptionCheck):
610             - Return the call, we need this to populate the StructureStubInfo.
611         * dfg/DFGJITCompiler.cpp:
612         (JSC::DFG::JITCompiler::compileFunction):
613             - Populate the CodebBlock's StructureStubInfo Vector.
614         * dfg/DFGJITCompiler.h:
615         (JSC::DFG::JITCompiler::appendCallWithExceptionCheck):
616             - Return the call, we need this to populate the StructureStubInfo.
617         (JSC::DFG::JITCompiler::addPropertyAccess):
618         (JSC::DFG::JITCompiler::PropertyAccessRecord::PropertyAccessRecord):
619             - Add structures to record property access info during compilation.
620         * dfg/DFGOperations.cpp:
621             - Made all external methods extern "C".
622         (JSC::DFG::operationPutByValInternal):
623             - Moved outside of the extern "C" block.
624         * dfg/DFGOperations.h:
625             - Made all external methods extern "C".
626         * dfg/DFGRepatch.cpp: Added.
627         (JSC::DFG::dfgRepatchCall):
628             - repatch a call to link to a new callee function.
629         (JSC::DFG::dfgRepatchGetByIdSelf):
630             - Modify the JIT code to optimize self accesses.
631         (JSC::DFG::tryCacheGetByID):
632             - Internal implementation of dfgRepatchGetByID (factor out failing cases).
633         (JSC::DFG::dfgRepatchGetByID):
634             - Used to optimize 'operationGetByIdOptimize' - repatches to 'operationGetById', and tries to optimize self accesses!
635         * dfg/DFGRepatch.h: Added.
636             - Expose dfgRepatchGetByID.
637         * dfg/DFGSpeculativeJIT.cpp:
638         (JSC::DFG::SpeculativeJIT::compile):
639             - Changed implementation of GetById ops.
640
641 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
642
643         Rolled back in http://trac.webkit.org/changeset/87408 with Windows build fixed.
644
645         * heap/MarkedBlock.cpp:
646         (JSC::MarkedBlock::MarkedBlock):
647         * heap/MarkedBlock.h:
648         * wtf/DoublyLinkedList.h:
649         (WTF::::DoublyLinkedListNode):
650         (WTF::::setPrev):
651         (WTF::::setNext):
652         (WTF::::prev):
653         (WTF::::next):
654         (WTF::::DoublyLinkedList):
655         (WTF::::isEmpty):
656         (WTF::::size):
657         (WTF::::clear):
658         (WTF::::head):
659         (WTF::::append):
660         (WTF::::remove):
661         (WTF::::removeHead):
662
663 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
664
665         Rolled out http://trac.webkit.org/changeset/87408 because it broke the
666         Windows build.
667
668         * heap/MarkedBlock.cpp:
669         (JSC::MarkedBlock::MarkedBlock):
670         * heap/MarkedBlock.h:
671         (JSC::MarkedBlock::setPrev):
672         (JSC::MarkedBlock::setNext):
673         (JSC::MarkedBlock::prev):
674         (JSC::MarkedBlock::next):
675         * wtf/DoublyLinkedList.h:
676         (WTF::::DoublyLinkedList):
677         (WTF::::isEmpty):
678         (WTF::::head):
679         (WTF::::append):
680         (WTF::::remove):
681
682 2011-05-26  Geoffrey Garen  <ggaren@apple.com>
683
684         Reviewed by Oliver Hunt.
685
686         Provide a real owner when copying a property table, for the sake of
687         write barriers.
688         https://bugs.webkit.org/show_bug.cgi?id=61547
689         
690         No test because we can't enable the writeBarrier() ASSERT just yet.
691
692         * runtime/Structure.cpp:
693         (JSC::Structure::addPropertyTransition):
694
695 2011-05-26  Adam Roben  <aroben@apple.com>
696
697         Windows build fix after r87346
698
699         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Fixed up exports to match
700         reality.
701
702 2011-05-26  Patrick Gansterer  <paroga@webkit.org>
703
704         Reviewed by Adam Barth.
705
706         ASSERT(isMainThread()) when using single threaded jsc executable
707         https://bugs.webkit.org/show_bug.cgi?id=60846
708
709         Remove the ASSERT since we do not have the concept of MainThread in JSC.
710
711         * wtf/CryptographicallyRandomNumber.cpp:
712         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
713         (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
714
715 2011-05-25  Gavin Barraclough  <barraclough@apple.com>
716
717         Reviewed by Sam Weinig.
718
719         https://bugs.webkit.org/show_bug.cgi?id=61506
720
721         Move the silent spill/fill methods in the DFG JIT to the JITCodeGenerator
722         so that they are available to the SpeculativeJIT.
723
724         * dfg/DFGJITCodeGenerator.h:
725         (JSC::DFG::JITCodeGenerator::silentSpillGPR):
726         (JSC::DFG::JITCodeGenerator::silentSpillFPR):
727         (JSC::DFG::JITCodeGenerator::silentFillGPR):
728         (JSC::DFG::JITCodeGenerator::silentFillFPR):
729         (JSC::DFG::JITCodeGenerator::silentSpillAllRegisters):
730         (JSC::DFG::JITCodeGenerator::silentFillAllRegisters):
731         * dfg/DFGNonSpeculativeJIT.h:
732
733 2011-05-25  Ryosuke Niwa  <rniwa@webkit.org>
734
735         An attempt to revive Windows bots.
736
737         * runtime/RegExp.cpp:
738         * runtime/RegExp.h:
739
740 2011-05-25  Gavin Barraclough  <barraclough@apple.com>
741
742         Reviewed by Sam Weinig.
743
744         Bug 61503 - Move population of CodeBlock::m_structureStubInfos into JIT
745
746         This data structure, used at runtime by the JIT, is currently unnecessarily populated
747         with default entries during byte compilation.
748
749         Aside from meaning that there is JIT specific code in the bytecompiler, this also ties
750         us to one entry per corresponding bytecode op, which may be undesirable. Instead,
751         populate this array from the JIT.
752
753         The type StructureStubInfo has two unused states, one for gets & one for puts. Unify
754         these, so that the class can have a default constructor (and to simply switch statements
755         in code walking over the table).
756
757         This change has ramification for the DFG JIT, in that the DFG JIT used this datastructure
758         to check for functions containing property access. Instead do so in the DFGByteCodeParser.
759
760         * bytecode/CodeBlock.cpp:
761         (JSC::printStructureStubInfo):
762         * bytecode/CodeBlock.h:
763         (JSC::CodeBlock::setNumberOfStructureStubInfos):
764         (JSC::CodeBlock::numberOfStructureStubInfos):
765         * bytecode/StructureStubInfo.cpp:
766         (JSC::StructureStubInfo::deref):
767         (JSC::StructureStubInfo::visitAggregate):
768         * bytecode/StructureStubInfo.h:
769         (JSC::StructureStubInfo::StructureStubInfo):
770         * bytecompiler/BytecodeGenerator.cpp:
771         (JSC::BytecodeGenerator::emitGetById):
772         (JSC::BytecodeGenerator::emitPutById):
773         (JSC::BytecodeGenerator::emitDirectPutById):
774         * dfg/DFGByteCodeParser.cpp:
775         (JSC::DFG::ByteCodeParser::parseBlock):
776         * jit/JIT.cpp:
777         (JSC::JIT::JIT):
778         (JSC::JIT::privateCompileMainPass):
779         (JSC::JIT::privateCompileSlowCases):
780         (JSC::JIT::privateCompile):
781         * jit/JIT.h:
782         * jit/JITPropertyAccess.cpp:
783         (JSC::JIT::emit_op_get_by_id):
784         (JSC::JIT::emit_op_put_by_id):
785         (JSC::JIT::emit_op_method_check):
786         (JSC::JIT::compileGetByIdHotPath):
787         (JSC::JIT::compileGetByIdSlowCase):
788         (JSC::JIT::emitSlow_op_put_by_id):
789         * jit/JITPropertyAccess32_64.cpp:
790         (JSC::JIT::emit_op_get_by_id):
791         (JSC::JIT::emitSlow_op_get_by_id):
792         (JSC::JIT::emit_op_put_by_id):
793         (JSC::JIT::emitSlow_op_put_by_id):
794         (JSC::JIT::emit_op_method_check):
795         (JSC::JIT::compileGetByIdHotPath):
796         (JSC::JIT::compileGetByIdSlowCase):
797         * runtime/Executable.cpp:
798         (JSC::tryDFGCompile):
799
800 2011-05-25  Gavin Barraclough  <barraclough@apple.com>
801
802         Reviewed by Sam Weinig.
803
804         Bug 61501 - Unify AbstractMacroAssembler::differenceBetween methods.
805
806         * assembler/AbstractMacroAssembler.h:
807         (JSC::AbstractMacroAssembler::Call::Call):
808         (JSC::AbstractMacroAssembler::Call::fromTailJump):
809         (JSC::AbstractMacroAssembler::Jump::Jump):
810         (JSC::AbstractMacroAssembler::Jump::link):
811         (JSC::AbstractMacroAssembler::Jump::linkTo):
812         (JSC::AbstractMacroAssembler::Jump::isSet):
813         (JSC::AbstractMacroAssembler::differenceBetween):
814         (JSC::AbstractMacroAssembler::linkJump):
815         (JSC::AbstractMacroAssembler::getLinkerCallReturnOffset):
816         * assembler/LinkBuffer.h:
817         (JSC::LinkBuffer::link):
818         (JSC::LinkBuffer::locationOf):
819         (JSC::LinkBuffer::locationOfNearCall):
820         (JSC::LinkBuffer::returnAddressOffset):
821         * assembler/MacroAssemblerARM.h:
822         (JSC::MacroAssemblerARM::linkCall):
823         * assembler/MacroAssemblerARMv7.h:
824         (JSC::MacroAssemblerARMv7::linkCall):
825         * assembler/MacroAssemblerMIPS.h:
826         (JSC::MacroAssemblerMIPS::linkCall):
827         * assembler/MacroAssemblerSH4.cpp:
828         (JSC::MacroAssemblerSH4::linkCall):
829         * assembler/MacroAssemblerX86.h:
830         (JSC::MacroAssemblerX86::linkCall):
831         * assembler/MacroAssemblerX86_64.h:
832         (JSC::MacroAssemblerX86_64::linkCall):
833
834 2011-05-25  Gavin Barraclough  <barraclough@apple.com>
835
836         Reviewed by Sam Weinig.
837
838         https://bugs.webkit.org/show_bug.cgi?id=61500
839         Add JSObject::offsetOfPropertyStorage
840
841         * jit/JITPropertyAccess.cpp:
842         (JSC::JIT::compileGetDirectOffset):
843         (JSC::JIT::compileGetByIdHotPath):
844         (JSC::JIT::emit_op_put_by_id):
845         (JSC::JIT::compilePutDirectOffset):
846         * jit/JITPropertyAccess32_64.cpp:
847         (JSC::JIT::compileGetByIdHotPath):
848         (JSC::JIT::emit_op_put_by_id):
849         (JSC::JIT::compilePutDirectOffset):
850         (JSC::JIT::compileGetDirectOffset):
851         * runtime/JSObject.h:
852         (JSC::JSObject::offsetOfPropertyStorage):
853
854 2011-05-25  Oliver Hunt  <oliver@apple.com>
855
856         Reviewed by Geoffrey Garen.
857
858         Make RegExp GC allocated
859         https://bugs.webkit.org/show_bug.cgi?id=61490
860
861         Make RegExp GC allocated.  Basically mechanical change to replace
862         most use of [Pass]RefPtr<RegExp> with RegExp* or WriteBarrier<RegExp>
863         where actual ownership happens.
864
865         Made the RegExpCache use Strong<> references currently to avoid any
866         changes in behaviour.
867
868         * JavaScriptCore.exp:
869         * bytecode/CodeBlock.cpp:
870         (JSC::CodeBlock::visitAggregate):
871         * bytecode/CodeBlock.h:
872         (JSC::CodeBlock::addRegExp):
873         * bytecompiler/BytecodeGenerator.cpp:
874         (JSC::BytecodeGenerator::addRegExp):
875         (JSC::BytecodeGenerator::emitNewRegExp):
876         * bytecompiler/BytecodeGenerator.h:
877         * runtime/JSCell.h:
878         * runtime/JSGlobalData.cpp:
879         (JSC::JSGlobalData::JSGlobalData):
880         (JSC::JSGlobalData::clearBuiltinStructures):
881         (JSC::JSGlobalData::addRegExpToTrace):
882         * runtime/JSGlobalData.h:
883         * runtime/JSGlobalObject.cpp:
884         (JSC::JSGlobalObject::reset):
885         * runtime/RegExp.cpp:
886         (JSC::RegExp::RegExp):
887         (JSC::RegExp::create):
888         (JSC::RegExp::invalidateCode):
889         * runtime/RegExp.h:
890         (JSC::RegExp::createStructure):
891         * runtime/RegExpCache.cpp:
892         (JSC::RegExpCache::lookupOrCreate):
893         (JSC::RegExpCache::create):
894         * runtime/RegExpCache.h:
895         * runtime/RegExpConstructor.cpp:
896         (JSC::constructRegExp):
897         * runtime/RegExpObject.cpp:
898         (JSC::RegExpObject::RegExpObject):
899         (JSC::RegExpObject::visitChildren):
900         * runtime/RegExpObject.h:
901         (JSC::RegExpObject::setRegExp):
902         (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
903         * runtime/RegExpPrototype.cpp:
904         (JSC::RegExpPrototype::RegExpPrototype):
905         (JSC::regExpProtoFuncCompile):
906         * runtime/RegExpPrototype.h:
907         * runtime/StringPrototype.cpp:
908         (JSC::stringProtoFuncMatch):
909         (JSC::stringProtoFuncSearch):
910
911 2011-05-25  Oliver Hunt  <oliver@apple.com>
912
913         Reviewed by Geoffrey Garen.
914
915         Generate regexp code lazily
916         https://bugs.webkit.org/show_bug.cgi?id=61476
917
918         RegExp construction now simply validates the RegExp, it does
919         not perform actual codegen.
920
921         * runtime/RegExp.cpp:
922         (JSC::RegExp::RegExp):
923         (JSC::RegExp::recompile):
924         (JSC::RegExp::compile):
925         (JSC::RegExp::match):
926         * runtime/RegExp.h:
927         (JSC::RegExp::recompileIfNecessary):
928         * runtime/RegExpConstructor.h:
929         (JSC::RegExpConstructor::performMatch):
930         * runtime/RegExpObject.cpp:
931         (JSC::RegExpObject::match):
932         * runtime/StringPrototype.cpp:
933         (JSC::stringProtoFuncReplace):
934         (JSC::stringProtoFuncMatch):
935         (JSC::stringProtoFuncSearch):
936         (JSC::stringProtoFuncSplit):
937
938 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
939
940         Reviewed by Geoffrey Garen.
941
942         Removed MarkSetProperties because it was unused
943         https://bugs.webkit.org/show_bug.cgi?id=61418
944
945         * heap/MarkStack.h:
946         (JSC::MarkSet::MarkSet):
947         (JSC::MarkStack::append):
948         * runtime/JSActivation.cpp:
949         (JSC::JSActivation::visitChildren):
950         * runtime/JSArray.h:
951         (JSC::JSArray::visitChildrenDirect):
952         * runtime/JSPropertyNameIterator.cpp:
953         (JSC::JSPropertyNameIterator::visitChildren):
954         * runtime/WriteBarrier.h:
955         (JSC::MarkStack::appendValues):
956
957 2011-05-25  Oliver Hunt  <oliver@apple.com>
958
959         Reviewed by Geoffrey Garen.
960
961         Make allocations with guard pages ensure that the allocation succeeded
962         https://bugs.webkit.org/show_bug.cgi?id=61453
963
964         Add null checks, and make PageBlock's operator bool() use
965         the realbase, rather than the start of usable memory.
966
967         * wtf/OSAllocatorPosix.cpp:
968         (WTF::OSAllocator::reserveAndCommit):
969         * wtf/PageBlock.h:
970         (WTF::PageBlock::operator bool):
971         (WTF::PageBlock::PageBlock):
972
973 2011-04-10  Kevin Ollivier  <kevino@theolliviers.com>
974
975         Reviewed by Eric Seidel.
976
977         Add JS_EXPORT_PRIVATE macro for exported methods in bytecompiler headers.
978         
979         https://bugs.webkit.org/show_bug.cgi?id=27551
980
981         * bytecompiler/BytecodeGenerator.h:
982
983 2011-05-24  Keishi Hattori  <keishi@webkit.org>
984
985         Reviewed by Kent Tamura.
986
987         Disable textfield implementation of <input type=color>. Add INPUT_COLOR feature flag. Add input color sanitizer.
988         https://bugs.webkit.org/show_bug.cgi?id=61273
989
990         * Configurations/FeatureDefines.xcconfig: Added COLOR_INPUT feature flag.
991
992 2011-05-24  Kevin Ollivier  <kevino@theolliviers.com>
993
994         Reviewed by Eric Seidel.
995
996         Add export macros to WTFString.h.
997         
998         https://bugs.webkit.org/show_bug.cgi?id=27551
999
1000         * wtf/text/WTFString.h:
1001         (WTF::String::String):
1002         (WTF::String::findIgnoringCase):
1003         (WTF::String::isHashTableDeletedValue):
1004
1005 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1006
1007         Maybe fix the Mac build now?
1008
1009         * JavaScriptCore.xcodeproj/project.pbxproj:
1010
1011 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1012
1013         Maybe fix the Mac build?
1014         
1015         * JavaScriptCore.xcodeproj/project.pbxproj:
1016
1017 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1018
1019         Reviewed by Oliver Hunt.
1020
1021         Split HeapRootVisitor into its own class
1022         https://bugs.webkit.org/show_bug.cgi?id=61399
1023
1024         * GNUmakefile.list.am:
1025         * JavaScriptCore.gypi:
1026         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1027         * JavaScriptCore.xcodeproj/project.pbxproj:
1028         * heap/HandleHeap.cpp:
1029         * heap/HandleStack.cpp:
1030         * heap/Heap.cpp:
1031         * heap/HeapRootVisitor.h: Copied from Source/JavaScriptCore/heap/MarkStack.h.
1032         * heap/MarkStack.h:
1033         * runtime/ArgList.cpp:
1034         * runtime/SmallStrings.cpp:
1035
1036 2011-05-24  Jay Civelli  <jcivelli@chromium.org>
1037
1038         Rubberstamped by David Kilzer.
1039
1040         Updated some files that I forgot in my previous MHTML CL.
1041
1042         * Configurations/FeatureDefines.xcconfig:
1043
1044 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1045
1046         Fix the Mac build: Yes, please do remove these files, svn.
1047
1048         * JavaScriptCore.xcodeproj/project.pbxproj:
1049
1050 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1051
1052         Reviewed by Oliver Hunt.
1053
1054         Let's just have one way to get the system page size, bokay?
1055         https://bugs.webkit.org/show_bug.cgi?id=61384
1056
1057         * CMakeListsEfl.txt:
1058         * CMakeListsWinCE.txt:
1059         * GNUmakefile.list.am:
1060         * JavaScriptCore.exp:
1061         * JavaScriptCore.gypi:
1062         * JavaScriptCore.pro:
1063         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: MarkStack[Platform].cpp
1064         is gone completely now, since it only existed to provide a duplicate way
1065         to access the system page size.
1066
1067         * heap/MarkStack.cpp:
1068         (JSC::MarkStack::reset):
1069         * heap/MarkStack.h:
1070         (JSC::::MarkStackArray):
1071         (JSC::::shrinkAllocation): Use WTF::pageSize.
1072
1073         * heap/MarkStackPosix.cpp:
1074         * heap/MarkStackSymbian.cpp:
1075         * heap/MarkStackWin.cpp: Removed now-empty files.
1076
1077         * jit/ExecutableAllocator.cpp:
1078         (JSC::ExecutableAllocator::reprotectRegion):
1079         * jit/ExecutableAllocator.h:
1080         (JSC::ExecutableAllocator::ExecutableAllocator):
1081         (JSC::ExecutablePool::ExecutablePool):
1082         (JSC::ExecutablePool::poolAllocate):
1083         * jit/ExecutableAllocatorFixedVMPool.cpp: Use WTF::pageSize.
1084
1085         * wscript: Removed now-empty files.
1086
1087         * wtf/PageBlock.cpp:
1088         (WTF::systemPageSize): Integrated questionable Symbian page size rule
1089         from ExecutableAllocator, because that seems like what the original
1090         author should have done.
1091
1092 2011-05-24  Oliver Hunt  <oliver@apple.com>
1093
1094         Reviewed by Gavin Barraclough.
1095
1096         Interpreter crashes with gc validation enabled due to failure to mark initial cache structure
1097         https://bugs.webkit.org/show_bug.cgi?id=61385
1098
1099         The interpreter uses the structure slot of get_by_id and put_by_id to hold
1100         the initial structure it encountered so that it can identify whether a
1101         given access is stable.
1102
1103         When marking though we only visit the slot when we've decided to cache, and
1104         so this value could die.  This was "safe" as the value was only used for a
1105         pointer compare, but it was incorrect.  We now just mark the slot like we
1106         should have been doing already.
1107
1108         * bytecode/CodeBlock.cpp:
1109         (JSC::CodeBlock::visitStructures):
1110
1111 2011-05-24  Adam Roben  <aroben@apple.com>
1112
1113         Windows build fix
1114
1115         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed now-inline functions.
1116
1117 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1118
1119         Windows build fix: update the #if OS(WINDOWS) section to match my last patch.
1120
1121         * heap/MarkStack.h:
1122         (JSC::::shrinkAllocation):
1123
1124 2011-05-24  Geoffrey Garen  <ggaren@apple.com>
1125
1126         Rubber-stamped by Oliver Hunt.
1127
1128         Split out function definitions and class definitions from class
1129         declarations in MarkStack.h, for readability.
1130
1131         * heap/MarkStack.h:
1132         (JSC::MarkStack::MarkStack):
1133         (JSC::MarkStack::~MarkStack):
1134         (JSC::MarkStack::addOpaqueRoot):
1135         (JSC::MarkStack::containsOpaqueRoot):
1136         (JSC::MarkStack::opaqueRootCount):
1137         (JSC::MarkSet::MarkSet):
1138         (JSC::MarkStack::allocateStack):
1139         (JSC::MarkStack::releaseStack):
1140         (JSC::MarkStack::pageSize):
1141         (JSC::::MarkStackArray):
1142         (JSC::::~MarkStackArray):
1143         (JSC::::expand):
1144         (JSC::::append):
1145         (JSC::::removeLast):
1146         (JSC::::last):
1147         (JSC::::isEmpty):
1148         (JSC::::size):
1149         (JSC::::shrinkAllocation):
1150
1151 2011-05-24  Oliver Hunt  <oliver@apple.com>
1152
1153         Reviewed by Geoffrey Garen.
1154
1155         Avoid creating unnecessary identifiers and strings in the syntax checker
1156         https://bugs.webkit.org/show_bug.cgi?id=61378
1157
1158         Selectively tell the lexer that there are some places it does not need to
1159         do the real work of creating Identifiers for IDENT and STRING tokens.
1160
1161         Make parseString and parseIdentifier templatized on whether they should
1162         do real work, or merely validate the tokens.
1163
1164         SunSpider --parse-only reports ~5-8% win depending on hardware.
1165
1166         * parser/ASTBuilder.h:
1167         (JSC::ASTBuilder::createDotAccess):
1168         * parser/JSParser.cpp:
1169         (JSC::JSParser::next):
1170         (JSC::JSParser::consume):
1171         (JSC::JSParser::parseVarDeclarationList):
1172         (JSC::JSParser::parseConstDeclarationList):
1173         (JSC::JSParser::parseExpression):
1174         (JSC::JSParser::parseAssignmentExpression):
1175         (JSC::JSParser::parseConditionalExpression):
1176         (JSC::JSParser::parseBinaryExpression):
1177         (JSC::JSParser::parseProperty):
1178         (JSC::JSParser::parseObjectLiteral):
1179         (JSC::JSParser::parseArrayLiteral):
1180         (JSC::JSParser::parseArguments):
1181         (JSC::JSParser::parseMemberExpression):
1182         * parser/Lexer.cpp:
1183         (JSC::Lexer::parseIdentifier):
1184         (JSC::Lexer::parseString):
1185         (JSC::Lexer::lex):
1186         * parser/Lexer.h:
1187         * parser/SyntaxChecker.h:
1188         (JSC::SyntaxChecker::createDotAccess):
1189         (JSC::SyntaxChecker::createProperty):
1190
1191 2011-05-23  Michael Saboff  <msaboff@apple.com>
1192
1193         Reviewed by Mark Rowe.
1194
1195         Safari often freezes when clicking "Return free memory" in Caches dialog
1196         https://bugs.webkit.org/show_bug.cgi?id=61325
1197
1198         There are two fixes and improvement in instrumentation code used to find 
1199         one of the problems.
1200         Changed ReleaseFreeList() to set the "decommitted" bit when releasing
1201         pages to the system and moving Spans from the normal list to the returned 
1202         list.
1203         Added a "not making forward progress" check to TCMalloc_PageHeap::scavenge
1204         to eliminate an infinite loop if we can't meet the pagesToRelease target.
1205         Added a check for the decommitted bit being set properly in 
1206         TCMalloc_PageHeap::CheckList.
1207
1208         * wtf/FastMalloc.cpp:
1209         (WTF::TCMalloc_PageHeap::scavenge):
1210         (WTF::TCMalloc_PageHeap::Check):
1211         (WTF::TCMalloc_PageHeap::CheckList):
1212         (WTF::ReleaseFreeList):
1213
1214 2011-05-23  Gavin Barraclough  <barraclough@apple.com>
1215
1216         Reviewed by Geoff Garen.
1217
1218         https://bugs.webkit.org/show_bug.cgi?id=61306
1219
1220         The begin characters optimization currently has issues (#61129),
1221         and does not appear to still be a performance win. The prudent
1222         next step seems to be to disable while we ascertain whether this
1223         is still a useful performance optimization.
1224
1225         * yarr/YarrInterpreter.cpp:
1226         (JSC::Yarr::Interpreter::matchDisjunction):
1227         (JSC::Yarr::Interpreter::interpret):
1228         * yarr/YarrInterpreter.h:
1229         (JSC::Yarr::BytecodePattern::BytecodePattern):
1230         * yarr/YarrPattern.cpp:
1231         (JSC::Yarr::YarrPatternConstructor::YarrPatternConstructor):
1232         (JSC::Yarr::YarrPattern::compile):
1233         (JSC::Yarr::YarrPattern::YarrPattern):
1234         * yarr/YarrPattern.h:
1235         (JSC::Yarr::YarrPattern::reset):
1236
1237 2011-05-23  Matthew Delaney  <mdelaney@apple.com>
1238
1239         Reviewed by Simon Fraser.
1240
1241         Remove safeFloatToInt() in FloatRect.cpp and replace with working version of clampToInteger()
1242         https://bugs.webkit.org/show_bug.cgi?id=58216
1243
1244         * wtf/MathExtras.h:
1245         (clampToInteger):
1246         (clampToPositiveInteger):
1247
1248 2011-05-23  Ruben  <chromium@hybridsource.org>
1249
1250         Reviewed by Tony Chang.
1251
1252         Chromium gyp patch to use new POSIX defines toolkit_uses_gtk and os_posix
1253         https://bugs.webkit.org/show_bug.cgi?id=61219
1254
1255         * JavaScriptCore.gyp/JavaScriptCore.gyp:
1256
1257 2011-05-23  Thouraya ANDOLSI  <thouraya.andolsi@st.com>
1258
1259         Reviewed by Gavin Barraclough.
1260
1261         [SH4] AssemblerLabel does not name a type
1262         https://bugs.webkit.org/show_bug.cgi?id=59927
1263
1264         SH4Assembler.h file shoold be included before AbstractMacroAssembler.h.
1265
1266         * assembler/MacroAssemblerSH4.h:
1267
1268 2011-05-23  Ryuan Choi  <ryuan.choi@samsung.com>
1269
1270         Rubber stamped by Eric Seidel.
1271
1272         [CMAKE] Refactoring wtf related code.
1273         https://bugs.webkit.org/show_bug.cgi?id=60146
1274
1275         Move wtf-files to Source/JavaScriptCore/wtf/CMakeLists.txt.
1276
1277         * CMakeLists.txt:
1278         * CMakeListsEfl.txt:
1279         * wtf/CMakeLists.txt:
1280         * wtf/CMakeListsEfl.txt:
1281
1282 2011-05-22  Adam Barth  <abarth@webkit.org>
1283
1284         Enable strict PassOwnPtr for everyone.  I expect this patch will need
1285         some followups to make the GTK and EFL bots green again.
1286
1287         * wtf/PassOwnPtr.h:
1288
1289 2011-05-20  Oliver Hunt  <oliver@apple.com>
1290
1291         Reviewed by Gavin Barraclough.
1292
1293         Reduce size of inline cache path of get_by_id on ARMv7
1294         https://bugs.webkit.org/show_bug.cgi?id=61221
1295
1296         This reduces the code size of get_by_id by 20 bytes
1297
1298         * assembler/ARMv7Assembler.h:
1299         (JSC::ARMv7Assembler::ldrCompact):
1300         (JSC::ARMv7Assembler::repatchCompact):
1301         (JSC::ARMv7Assembler::setUInt7ForLoad):
1302         * assembler/MacroAssemblerARMv7.h:
1303         (JSC::MacroAssemblerARMv7::load32WithCompactAddressOffsetPatch):
1304         * jit/JIT.h:
1305
1306 2011-05-20  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>
1307
1308         Reviewed by Oliver Hunt.
1309
1310         Zombies should "live" forever
1311         https://bugs.webkit.org/show_bug.cgi?id=61170
1312
1313         Reusing zombie cells could still hide garbage
1314         collected cell related bugs.
1315
1316         * JavaScriptCore.pro:
1317         * heap/MarkedBlock.cpp:
1318         (JSC::MarkedBlock::clearMarks):
1319         * heap/MarkedBlock.h:
1320         * heap/MarkedSpace.cpp:
1321         (JSC::MarkedSpace::destroy):
1322         * runtime/JSCell.h:
1323         (JSC::JSCell::JSValue::isZombie):
1324         * runtime/JSZombie.h:
1325         (JSC::JSZombie::~JSZombie):
1326         * runtime/WriteBarrier.h:
1327         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
1328
1329 2011-05-20  Brady Eidson  <beidson@apple.com>
1330
1331         Reviewed by Sam Weinig.
1332
1333         <rdar://problem/9472883> and https://bugs.webkit.org/show_bug.cgi?id=61203
1334         Horrendous bug in callOnMainThreadAndWait
1335
1336         * wtf/MainThread.cpp:
1337         (WTF::dispatchFunctionsFromMainThread): Before signaling the background thread with the
1338           syncFlag condition, reacquire the mutex first.
1339
1340 2011-05-20  Oliver Hunt  <oliver@apple.com>
1341
1342         Reviewed by Sam Weinig.
1343
1344         Remove unnecessary double->int conversion at the end of op_div
1345         https://bugs.webkit.org/show_bug.cgi?id=61198
1346
1347         We don't attempt this conversion on 64bit, removing it actually speeds
1348         up sunspider and v8 slightly, and it reduces code size.
1349
1350         * jit/JITArithmetic32_64.cpp:
1351         (JSC::JIT::emit_op_div):
1352
1353 2011-05-19  Evan Martin  <evan@chromium.org>
1354
1355         Reviewed by Tony Chang.
1356
1357         [chromium] remove <(library) variable
1358         https://bugs.webkit.org/show_bug.cgi?id=61158
1359
1360         This was for a build experiment; we can just use the correct value now.
1361
1362         * JavaScriptCore.gyp/JavaScriptCore.gyp:
1363
1364 2011-05-20  Oliver Hunt  <oliver@apple.com>
1365
1366         Reviewed by Sam Weinig.
1367
1368         Interpreter uses wrong bytecode offset for determining exception handler
1369         https://bugs.webkit.org/show_bug.cgi?id=61191
1370
1371         The bytecode offset given for the returnPC from the JIT is
1372         actually the offset for the start of the instruction triggering
1373         the call, whereas in the interpreter it is the actual return
1374         VPC.  This means if the next instruction following a call was
1375         in an exception region we would incorrectly redirect to its
1376         handler.  Long term we want to completely redo how exceptions
1377         are handled anyway so the simplest and lowest risk fix here is
1378         to simply subtract one from the return vPC so that we have an
1379         offset in the triggering instruction.
1380
1381         It turns out this is caught by a couple of tests already.
1382
1383         * interpreter/Interpreter.cpp:
1384         (JSC::Interpreter::unwindCallFrame):
1385
1386 2011-05-20  Xan Lopez  <xlopez@igalia.com>
1387
1388         Reviewed by Oliver Hunt.
1389
1390         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
1391         https://bugs.webkit.org/show_bug.cgi?id=42756
1392
1393         Use the MAP_NORESERVE flag for mmap on Linux to skip the kernel
1394         check of the available memory. This should give us an
1395         overcommit-like behavior in most systems, which is what we want.
1396
1397         * wtf/OSAllocatorPosix.cpp:
1398         (WTF::OSAllocator::reserveAndCommit): pass MAP_NORSERVE to mmap.
1399
1400 2011-05-19  Gabor Loki  <loki@webkit.org>
1401
1402         Fix ARM build after r86919
1403
1404         * assembler/ARMAssembler.h:
1405         (JSC::ARMAssembler::nop):
1406
1407 2011-05-19  Oliver Hunt  <oliver@apple.com>
1408
1409         Reviewed by Gavin Barraclough.
1410
1411         Randomise code starting location a little
1412         https://bugs.webkit.org/show_bug.cgi?id=61161
1413
1414         Add a nop() function to the Assemblers so that we
1415         can randomise code offsets slightly at no real cost.
1416
1417         * assembler/ARMAssembler.h:
1418         (JSC::ARMAssembler::nop):
1419         * assembler/ARMv7Assembler.h:
1420         (JSC::ARMv7Assembler::nop):
1421         * assembler/MacroAssemblerARM.h:
1422         (JSC::MacroAssemblerARM::nop):
1423         * assembler/MacroAssemblerARMv7.h:
1424         (JSC::MacroAssemblerARMv7::nop):
1425         * assembler/MacroAssemblerMIPS.h:
1426         (JSC::MacroAssemblerMIPS::nop):
1427         * assembler/MacroAssemblerSH4.h:
1428         (JSC::MacroAssemblerSH4::nop):
1429         * assembler/MacroAssemblerX86Common.h:
1430         (JSC::MacroAssemblerX86Common::nop):
1431         * assembler/X86Assembler.h:
1432         (JSC::X86Assembler::nop):
1433         * jit/JIT.cpp:
1434         (JSC::JIT::JIT):
1435         (JSC::JIT::privateCompile):
1436         * jit/JIT.h:
1437         * runtime/WeakRandom.h:
1438         (JSC::WeakRandom::getUint32):
1439
1440 2011-05-19  Oliver Hunt  <oliver@apple.com>
1441
1442         Fix windows build.
1443
1444         * wtf/OSAllocatorWin.cpp:
1445         (WTF::OSAllocator::reserveUncommitted):
1446         (WTF::OSAllocator::reserveAndCommit):
1447
1448 2011-05-19  Oliver Hunt  <oliver@apple.com>
1449
1450         Reviewed by Gavin Barraclough.
1451
1452         Add guard pages to each end of the memory region used by the fixedvm allocator
1453         https://bugs.webkit.org/show_bug.cgi?id=61150
1454
1455         Add mechanism to notify the OSAllocator that pages at either end of an
1456         allocation should be considered guard pages.  Update PageReservation,
1457         PageAllocation, etc to handle this.
1458
1459         * JavaScriptCore.exp:
1460         * jit/ExecutableAllocatorFixedVMPool.cpp:
1461         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1462         * wtf/OSAllocator.h:
1463         * wtf/OSAllocatorPosix.cpp:
1464         (WTF::OSAllocator::reserveUncommitted):
1465         (WTF::OSAllocator::reserveAndCommit):
1466         * wtf/PageAllocation.h:
1467         (WTF::PageAllocation::PageAllocation):
1468         * wtf/PageAllocationAligned.h:
1469         (WTF::PageAllocationAligned::PageAllocationAligned):
1470         * wtf/PageBlock.h:
1471         (WTF::PageBlock::PageBlock):
1472         * wtf/PageReservation.h:
1473         (WTF::PageReservation::reserve):
1474         (WTF::PageReservation::reserveWithGuardPages):
1475             Add a new function to make a reservation that will add guard
1476             pages to the ends of an allocation.
1477         (WTF::PageReservation::PageReservation):
1478
1479 2011-05-19  Oliver Hunt  <oliver@apple.com>
1480
1481         Reviewed by Geoffrey Garen.
1482
1483         Make Executables release their JIT code as soon as they become dead
1484         https://bugs.webkit.org/show_bug.cgi?id=61134
1485
1486         Add an ability to clear an Executable's jit code without requiring
1487         it to be destroyed, and then call that from a finalizer.
1488
1489         * heap/Weak.h:
1490         (JSC::Weak::Weak):
1491         (JSC::Weak::leak):
1492         * jit/JITCode.h:
1493         (JSC::JITCode::clear):
1494         * runtime/Executable.cpp:
1495         (JSC::ExecutableFinalizer::finalize):
1496         (JSC::ExecutableBase::executableFinalizer):
1497         * runtime/Executable.h:
1498         (JSC::ExecutableBase::ExecutableBase):
1499         (JSC::ExecutableBase::clearExecutableCode):
1500
1501 2011-05-19  Adam Roben  <aroben@apple.com>
1502
1503         Remove a redundant and broken data export
1504
1505         Data can't be exported from JavaScriptCore.dll by listing it in the .def file. The
1506         JS_EXPORTDATA macro must be used instead. (In this case it was already being used, leading
1507         to a linker warning about multiple definitions.)
1508
1509         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed JSGlobalData::s_info.
1510
1511 2011-05-18  Oliver Hunt  <oliver@apple.com>
1512
1513         Reviewed by Gavin Barraclough.
1514
1515         Some tests crashing in JSC::MarkStack::validateValue beneath ScriptController::clearWindowShell on SnowLeopard Intel Release (WebKit2 Tests)
1516         https://bugs.webkit.org/show_bug.cgi?id=61064
1517
1518         Switch NonFinalObject to using WriteBarrier<> rather than WriteBarrierBase<>
1519         for its inline storage.  This resolves the problem of GC occurring before
1520         a subclass has initialised its anonymous storage.
1521
1522         * runtime/JSObject.h:
1523
1524 2011-05-18  Adam Barth  <abarth@webkit.org>
1525
1526         Reviewed by Sam Weinig.
1527
1528         Delete WTFURL
1529         https://bugs.webkit.org/show_bug.cgi?id=61084
1530
1531         It's been a year and we've failed to complete this project.  It's time
1532         to throw in the towel.
1533
1534         * JavaScriptCore.xcodeproj/project.pbxproj:
1535         * wtf/url: Removed.
1536         * wtf/url/api: Removed.
1537         * wtf/url/api/ParsedURL.cpp: Removed.
1538         * wtf/url/api/ParsedURL.h: Removed.
1539         * wtf/url/api/URLString.h: Removed.
1540         * wtf/url/src: Removed.
1541         * wtf/url/src/RawURLBuffer.h: Removed.
1542         * wtf/url/src/URLBuffer.h: Removed.
1543         * wtf/url/src/URLCharacterTypes.cpp: Removed.
1544         * wtf/url/src/URLCharacterTypes.h: Removed.
1545         * wtf/url/src/URLComponent.h: Removed.
1546         * wtf/url/src/URLEscape.cpp: Removed.
1547         * wtf/url/src/URLEscape.h: Removed.
1548         * wtf/url/src/URLParser.h: Removed.
1549         * wtf/url/src/URLQueryCanonicalizer.h: Removed.
1550         * wtf/url/src/URLSegments.cpp: Removed.
1551         * wtf/url/src/URLSegments.h: Removed.
1552         * wtf/url/wtfurl.gyp: Removed.
1553
1554 2011-05-18  Oliver Hunt  <oliver@apple.com>
1555
1556         Reviewed by Sam Weinig.
1557
1558         JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
1559         https://bugs.webkit.org/show_bug.cgi?id=61090
1560
1561         Remove the Structure-free JSGlobalObject constructor and instead always
1562         pass the structure into the JSGlobalObject constructor.
1563         Stop DebuggerActivation creating a new structure every time, and simply
1564         use a single shared structure held by the GlobalData.
1565
1566         * API/JSContextRef.cpp:
1567         * debugger/DebuggerActivation.cpp:
1568         (JSC::DebuggerActivation::DebuggerActivation):
1569         * jsc.cpp:
1570         (GlobalObject::GlobalObject):
1571         (functionRun):
1572         (jscmain):
1573         * runtime/JSGlobalData.cpp:
1574         (JSC::JSGlobalData::JSGlobalData):
1575         (JSC::JSGlobalData::clearBuiltinStructures):
1576         * runtime/JSGlobalData.h:
1577         * runtime/JSGlobalObject.h:
1578
1579 2011-05-18  Oliver Hunt  <oliver@apple.com>
1580
1581         Reviewed by Adam Roben.
1582
1583         Disable gc validation in release builds
1584         https://bugs.webkit.org/show_bug.cgi?id=60680
1585
1586         Add back the NDEBUG check
1587
1588         * wtf/Platform.h:
1589
1590 2011-05-17  Geoffrey Garen  <ggaren@apple.com>
1591
1592         Rolled out attempts to fix EFL build because they're not enough -- the
1593         build script needs to be fixed.
1594
1595         * runtime/BooleanPrototype.cpp:
1596         * runtime/DateConstructor.cpp:
1597         * runtime/ErrorPrototype.cpp:
1598
1599 2011-05-17  Geoffrey Garen  <ggaren@apple.com>
1600
1601         More attempts to work around the EFL build system being borken.
1602
1603         * runtime/DateConstructor.cpp:
1604         * runtime/ErrorPrototype.cpp:
1605
1606 2011-05-17  Geoffrey Garen  <ggaren@apple.com>
1607
1608         Try to fix the EFL build.
1609
1610         * runtime/BooleanPrototype.cpp:
1611
1612 2011-05-16  Geoffrey Garen  <ggaren@apple.com>
1613
1614         Rolling back in r86653 with build fixed.
1615
1616         Reviewed by Gavin Barraclough and Oliver Hunt.
1617
1618         Global object initialization is expensive
1619         https://bugs.webkit.org/show_bug.cgi?id=60933
1620         
1621         Changed a bunch of globals to allocate their properties lazily, and changed
1622         the global object to allocate a bunch of its globals lazily.
1623         
1624         This reduces the footprint of a global object from 287 objects with 58
1625         functions for 24K to 173 objects with 20 functions for 15K.
1626
1627         Large patch, but it's all mechanical.
1628
1629         * DerivedSources.make:
1630         * JavaScriptCore.exp: Build!
1631
1632         * create_hash_table: Added a special case for fromCharCode, since it uses
1633         a custom "thunk generator".
1634
1635         * heap/Heap.cpp:
1636         (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
1637         overcount objects that were owned through more than one mechanism because
1638         it was getting in the way of counting the results for this patch.
1639
1640         * interpreter/CallFrame.h:
1641         (JSC::ExecState::arrayConstructorTable):
1642         (JSC::ExecState::arrayPrototypeTable):
1643         (JSC::ExecState::booleanPrototypeTable):
1644         (JSC::ExecState::dateConstructorTable):
1645         (JSC::ExecState::errorPrototypeTable):
1646         (JSC::ExecState::globalObjectTable):
1647         (JSC::ExecState::numberConstructorTable):
1648         (JSC::ExecState::numberPrototypeTable):
1649         (JSC::ExecState::objectPrototypeTable):
1650         (JSC::ExecState::regExpPrototypeTable):
1651         (JSC::ExecState::stringConstructorTable): Added new tables.
1652
1653         * runtime/ArrayConstructor.cpp:
1654         (JSC::ArrayConstructor::ArrayConstructor):
1655         (JSC::ArrayConstructor::getOwnPropertySlot):
1656         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
1657         * runtime/ArrayConstructor.h:
1658         (JSC::ArrayConstructor::createStructure):
1659         * runtime/ArrayPrototype.cpp:
1660         (JSC::ArrayPrototype::getOwnPropertySlot):
1661         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1662         * runtime/ArrayPrototype.h:
1663         * runtime/BooleanPrototype.cpp:
1664         (JSC::BooleanPrototype::BooleanPrototype):
1665         (JSC::BooleanPrototype::getOwnPropertySlot):
1666         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
1667         * runtime/BooleanPrototype.h:
1668         (JSC::BooleanPrototype::createStructure):
1669         * runtime/DateConstructor.cpp:
1670         (JSC::DateConstructor::DateConstructor):
1671         (JSC::DateConstructor::getOwnPropertySlot):
1672         (JSC::DateConstructor::getOwnPropertyDescriptor):
1673         * runtime/DateConstructor.h:
1674         (JSC::DateConstructor::createStructure):
1675         * runtime/ErrorPrototype.cpp:
1676         (JSC::ErrorPrototype::ErrorPrototype):
1677         (JSC::ErrorPrototype::getOwnPropertySlot):
1678         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
1679         * runtime/ErrorPrototype.h:
1680         (JSC::ErrorPrototype::createStructure): Standardized these objects
1681         to use static tables for function properties.
1682
1683         * runtime/JSGlobalData.cpp:
1684         (JSC::JSGlobalData::JSGlobalData):
1685         (JSC::JSGlobalData::~JSGlobalData):
1686         * runtime/JSGlobalData.h: Added new tables.
1687
1688         * runtime/JSGlobalObject.cpp:
1689         (JSC::JSGlobalObject::reset):
1690         (JSC::JSGlobalObject::addStaticGlobals):
1691         (JSC::JSGlobalObject::getOwnPropertySlot):
1692         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1693         * runtime/JSGlobalObject.h:
1694         * runtime/JSGlobalObjectFunctions.cpp:
1695         * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
1696         static table for its global functions. This required uninlining some
1697         things to avoid a circular header dependency. However, those things
1698         probably shouldn't have been inlined in the first place.
1699         
1700         Even more global object properties can be made lazy, but that requires
1701         more in-depth changes.
1702
1703         * runtime/MathObject.cpp:
1704         * runtime/NumberConstructor.cpp:
1705         (JSC::NumberConstructor::getOwnPropertySlot):
1706         (JSC::NumberConstructor::getOwnPropertyDescriptor):
1707         * runtime/NumberPrototype.cpp:
1708         (JSC::NumberPrototype::NumberPrototype):
1709         (JSC::NumberPrototype::getOwnPropertySlot):
1710         (JSC::NumberPrototype::getOwnPropertyDescriptor):
1711         * runtime/NumberPrototype.h:
1712         (JSC::NumberPrototype::createStructure):
1713         * runtime/ObjectPrototype.cpp:
1714         (JSC::ObjectPrototype::ObjectPrototype):
1715         (JSC::ObjectPrototype::put):
1716         (JSC::ObjectPrototype::getOwnPropertySlot):
1717         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
1718         * runtime/ObjectPrototype.h:
1719         (JSC::ObjectPrototype::createStructure):
1720         * runtime/RegExpPrototype.cpp:
1721         (JSC::RegExpPrototype::RegExpPrototype):
1722         (JSC::RegExpPrototype::getOwnPropertySlot):
1723         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
1724         * runtime/RegExpPrototype.h:
1725         (JSC::RegExpPrototype::createStructure):
1726         * runtime/StringConstructor.cpp:
1727         (JSC::StringConstructor::StringConstructor):
1728         (JSC::StringConstructor::getOwnPropertySlot):
1729         (JSC::StringConstructor::getOwnPropertyDescriptor):
1730         * runtime/StringConstructor.h:
1731         (JSC::StringConstructor::createStructure): Standardized these objects
1732         to use static tables for function properties.
1733
1734 2011-05-17  Sam Weinig  <sam@webkit.org>
1735
1736         Reviewed by Oliver Hunt.
1737
1738         JSGlobalContextRelease should not trigger a synchronous garbage collection
1739         https://bugs.webkit.org/show_bug.cgi?id=60990
1740
1741         * API/JSContextRef.cpp:
1742         Change synchronous call to collectAllGarbage to a call to trigger the
1743         activityCallback.
1744
1745 2011-05-16  Oliver Hunt  <oliver@apple.com>
1746
1747         Reviewed by Gavin Barraclough.
1748
1749         Reduce code size for inline cache
1750         https://bugs.webkit.org/show_bug.cgi?id=60942
1751
1752         This patch introduces the concept of a "compact" address that
1753         allows individual architectures to control the maximum offset
1754         used for the inline path of get_by_id.  This reduces the code
1755         size of get_by_id by 3 bytes on x86 and x86_64 and slightly
1756         improves performance on v8 tests.
1757
1758         * assembler/ARMAssembler.h:
1759         (JSC::ARMAssembler::repatchCompact):
1760         * assembler/ARMv7Assembler.h:
1761         (JSC::ARMv7Assembler::repatchCompact):
1762         * assembler/AbstractMacroAssembler.h:
1763         (JSC::AbstractMacroAssembler::DataLabelCompact::DataLabelCompact):
1764         (JSC::AbstractMacroAssembler::differenceBetween):
1765         (JSC::AbstractMacroAssembler::repatchCompact):
1766         * assembler/CodeLocation.h:
1767         (JSC::CodeLocationDataLabelCompact::CodeLocationDataLabelCompact):
1768         (JSC::CodeLocationCommon::dataLabelCompactAtOffset):
1769         * assembler/LinkBuffer.h:
1770         (JSC::LinkBuffer::locationOf):
1771         * assembler/MIPSAssembler.h:
1772         (JSC::MIPSAssembler::repatchCompact):
1773         * assembler/MacroAssembler.h:
1774         (JSC::MacroAssembler::loadPtrWithCompactAddressOffsetPatch):
1775         * assembler/MacroAssemblerARM.h:
1776         (JSC::MacroAssemblerARM::load32WithCompactAddressOffsetPatch):
1777         * assembler/MacroAssemblerARMv7.h:
1778         (JSC::MacroAssemblerARMv7::load32WithCompactAddressOffsetPatch):
1779         * assembler/MacroAssemblerMIPS.h:
1780         (JSC::MacroAssemblerMIPS::load32WithCompactAddressOffsetPatch):
1781         * assembler/MacroAssemblerSH4.h:
1782         (JSC::MacroAssemblerSH4::load32WithAddressOffsetPatch):
1783         * assembler/MacroAssemblerX86.h:
1784         (JSC::MacroAssemblerX86::repatchCompact):
1785         * assembler/MacroAssemblerX86Common.h:
1786         (JSC::MacroAssemblerX86Common::loadCompactWithAddressOffsetPatch):
1787         * assembler/MacroAssemblerX86_64.h:
1788         (JSC::MacroAssemblerX86_64::loadPtrWithCompactAddressOffsetPatch):
1789         * assembler/RepatchBuffer.h:
1790         (JSC::RepatchBuffer::repatch):
1791         * assembler/SH4Assembler.h:
1792         (JSC::SH4Assembler::repatchCompact):
1793         * assembler/X86Assembler.h:
1794         (JSC::X86Assembler::movl_mr_disp8):
1795         (JSC::X86Assembler::movq_mr_disp8):
1796         (JSC::X86Assembler::repatchCompact):
1797         (JSC::X86Assembler::setInt8):
1798         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp8):
1799         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp8):
1800         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
1801         * jit/JIT.h:
1802         * jit/JITPropertyAccess.cpp:
1803         (JSC::JIT::compileGetByIdHotPath):
1804         (JSC::JIT::emit_op_put_by_id):
1805         (JSC::JIT::patchGetByIdSelf):
1806         * jit/JITPropertyAccess32_64.cpp:
1807         (JSC::JIT::compileGetByIdHotPath):
1808         (JSC::JIT::emit_op_put_by_id):
1809         (JSC::JIT::patchGetByIdSelf):
1810         * jit/JITStubs.cpp:
1811         (JSC::JITThunks::tryCacheGetByID):
1812
1813 2011-05-16  Sheriff Bot  <webkit.review.bot@gmail.com>
1814
1815         Unreviewed, rolling out r86653.
1816         http://trac.webkit.org/changeset/86653
1817         https://bugs.webkit.org/show_bug.cgi?id=60944
1818
1819         "Caused regressions on Windows, OSX and EFL" (Requested by
1820         yutak on #webkit).
1821
1822         * DerivedSources.make:
1823         * DerivedSources.pro:
1824         * GNUmakefile.am:
1825         * GNUmakefile.list.am:
1826         * JavaScriptCore.exp:
1827         * JavaScriptCore.gypi:
1828         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1829         * create_hash_table:
1830         * heap/Heap.cpp:
1831         (JSC::TypeCounter::operator()):
1832         * interpreter/CallFrame.h:
1833         (JSC::ExecState::arrayTable):
1834         (JSC::ExecState::numberTable):
1835         * runtime/ArrayConstructor.cpp:
1836         (JSC::ArrayConstructor::ArrayConstructor):
1837         * runtime/ArrayConstructor.h:
1838         * runtime/ArrayPrototype.cpp:
1839         (JSC::ArrayPrototype::getOwnPropertySlot):
1840         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1841         * runtime/ArrayPrototype.h:
1842         * runtime/BooleanPrototype.cpp:
1843         (JSC::BooleanPrototype::BooleanPrototype):
1844         * runtime/BooleanPrototype.h:
1845         * runtime/DateConstructor.cpp:
1846         (JSC::DateConstructor::DateConstructor):
1847         * runtime/DateConstructor.h:
1848         * runtime/ErrorPrototype.cpp:
1849         (JSC::ErrorPrototype::ErrorPrototype):
1850         * runtime/ErrorPrototype.h:
1851         * runtime/JSGlobalData.cpp:
1852         (JSC::JSGlobalData::JSGlobalData):
1853         (JSC::JSGlobalData::~JSGlobalData):
1854         * runtime/JSGlobalData.h:
1855         * runtime/JSGlobalObject.cpp:
1856         (JSC::JSGlobalObject::reset):
1857         * runtime/JSGlobalObject.h:
1858         (JSC::JSGlobalObject::addStaticGlobals):
1859         (JSC::JSGlobalObject::getOwnPropertySlot):
1860         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1861         * runtime/JSGlobalObjectFunctions.cpp:
1862         (JSC::globalFuncJSCPrint):
1863         * runtime/JSGlobalObjectFunctions.h:
1864         * runtime/MathObject.cpp:
1865         * runtime/NumberConstructor.cpp:
1866         (JSC::NumberConstructor::getOwnPropertySlot):
1867         (JSC::NumberConstructor::getOwnPropertyDescriptor):
1868         * runtime/NumberPrototype.cpp:
1869         (JSC::NumberPrototype::NumberPrototype):
1870         * runtime/NumberPrototype.h:
1871         * runtime/ObjectPrototype.cpp:
1872         (JSC::ObjectPrototype::ObjectPrototype):
1873         (JSC::ObjectPrototype::put):
1874         (JSC::ObjectPrototype::getOwnPropertySlot):
1875         * runtime/ObjectPrototype.h:
1876         * runtime/RegExpPrototype.cpp:
1877         (JSC::RegExpPrototype::RegExpPrototype):
1878         * runtime/RegExpPrototype.h:
1879         * runtime/StringConstructor.cpp:
1880         (JSC::StringConstructor::StringConstructor):
1881         * runtime/StringConstructor.h:
1882
1883 2011-05-16  Geoffrey Garen  <ggaren@apple.com>
1884
1885         Reviewed by Geoffrey Garen.
1886
1887         Global object initialization is expensive
1888         https://bugs.webkit.org/show_bug.cgi?id=60933
1889         
1890         Changed a bunch of globals to allocate their properties lazily, and changed
1891         the global object to allocate a bunch of its globals lazily.
1892         
1893         This reduces the footprint of a global object from 287 objects with 58
1894         functions for 24K to 173 objects with 20 functions for 15K.
1895
1896         Large patch, but it's all mechanical.
1897
1898         * DerivedSources.make:
1899         * JavaScriptCore.exp: Build!
1900
1901         * create_hash_table: Added a special case for fromCharCode, since it uses
1902         a custom "thunk generator".
1903
1904         * heap/Heap.cpp:
1905         (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
1906         overcount objects that were owned through more than one mechanism because
1907         it was getting in the way of counting the results for this patch.
1908
1909         * interpreter/CallFrame.h:
1910         (JSC::ExecState::arrayConstructorTable):
1911         (JSC::ExecState::arrayPrototypeTable):
1912         (JSC::ExecState::booleanPrototypeTable):
1913         (JSC::ExecState::dateConstructorTable):
1914         (JSC::ExecState::errorPrototypeTable):
1915         (JSC::ExecState::globalObjectTable):
1916         (JSC::ExecState::numberConstructorTable):
1917         (JSC::ExecState::numberPrototypeTable):
1918         (JSC::ExecState::objectPrototypeTable):
1919         (JSC::ExecState::regExpPrototypeTable):
1920         (JSC::ExecState::stringConstructorTable): Added new tables.
1921
1922         * runtime/ArrayConstructor.cpp:
1923         (JSC::ArrayConstructor::ArrayConstructor):
1924         (JSC::ArrayConstructor::getOwnPropertySlot):
1925         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
1926         * runtime/ArrayConstructor.h:
1927         (JSC::ArrayConstructor::createStructure):
1928         * runtime/ArrayPrototype.cpp:
1929         (JSC::ArrayPrototype::getOwnPropertySlot):
1930         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1931         * runtime/ArrayPrototype.h:
1932         * runtime/BooleanPrototype.cpp:
1933         (JSC::BooleanPrototype::BooleanPrototype):
1934         (JSC::BooleanPrototype::getOwnPropertySlot):
1935         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
1936         * runtime/BooleanPrototype.h:
1937         (JSC::BooleanPrototype::createStructure):
1938         * runtime/DateConstructor.cpp:
1939         (JSC::DateConstructor::DateConstructor):
1940         (JSC::DateConstructor::getOwnPropertySlot):
1941         (JSC::DateConstructor::getOwnPropertyDescriptor):
1942         * runtime/DateConstructor.h:
1943         (JSC::DateConstructor::createStructure):
1944         * runtime/ErrorPrototype.cpp:
1945         (JSC::ErrorPrototype::ErrorPrototype):
1946         (JSC::ErrorPrototype::getOwnPropertySlot):
1947         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
1948         * runtime/ErrorPrototype.h:
1949         (JSC::ErrorPrototype::createStructure): Standardized these objects
1950         to use static tables for function properties.
1951
1952         * runtime/JSGlobalData.cpp:
1953         (JSC::JSGlobalData::JSGlobalData):
1954         (JSC::JSGlobalData::~JSGlobalData):
1955         * runtime/JSGlobalData.h: Added new tables.
1956
1957         * runtime/JSGlobalObject.cpp:
1958         (JSC::JSGlobalObject::reset):
1959         (JSC::JSGlobalObject::addStaticGlobals):
1960         (JSC::JSGlobalObject::getOwnPropertySlot):
1961         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1962         * runtime/JSGlobalObject.h:
1963         * runtime/JSGlobalObjectFunctions.cpp:
1964         * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
1965         static table for its global functions. This required uninlining some
1966         things to avoid a circular header dependency. However, those things
1967         probably shouldn't have been inlined in the first place.
1968         
1969         Even more global object properties can be made lazy, but that requires
1970         more in-depth changes.
1971
1972         * runtime/MathObject.cpp:
1973         * runtime/NumberConstructor.cpp:
1974         (JSC::NumberConstructor::getOwnPropertySlot):
1975         (JSC::NumberConstructor::getOwnPropertyDescriptor):
1976         * runtime/NumberPrototype.cpp:
1977         (JSC::NumberPrototype::NumberPrototype):
1978         (JSC::NumberPrototype::getOwnPropertySlot):
1979         (JSC::NumberPrototype::getOwnPropertyDescriptor):
1980         * runtime/NumberPrototype.h:
1981         (JSC::NumberPrototype::createStructure):
1982         * runtime/ObjectPrototype.cpp:
1983         (JSC::ObjectPrototype::ObjectPrototype):
1984         (JSC::ObjectPrototype::put):
1985         (JSC::ObjectPrototype::getOwnPropertySlot):
1986         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
1987         * runtime/ObjectPrototype.h:
1988         (JSC::ObjectPrototype::createStructure):
1989         * runtime/RegExpPrototype.cpp:
1990         (JSC::RegExpPrototype::RegExpPrototype):
1991         (JSC::RegExpPrototype::getOwnPropertySlot):
1992         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
1993         * runtime/RegExpPrototype.h:
1994         (JSC::RegExpPrototype::createStructure):
1995         * runtime/StringConstructor.cpp:
1996         (JSC::StringConstructor::StringConstructor):
1997         (JSC::StringConstructor::getOwnPropertySlot):
1998         (JSC::StringConstructor::getOwnPropertyDescriptor):
1999         * runtime/StringConstructor.h:
2000         (JSC::StringConstructor::createStructure): Standardized these objects
2001         to use static tables for function properties.
2002
2003 2011-05-16  David Kilzer  <ddkilzer@apple.com>
2004
2005         <http://webkit.org/b/60913> C++ exceptions should not be enabled when building with llvm-gcc-4.2
2006         <rdar://problem/9446430>
2007
2008         Reviewed by Mark Rowe.
2009
2010         * Configurations/Base.xcconfig: Fixed typo.
2011
2012 2011-05-16  Oliver Hunt  <oliver@apple.com>
2013
2014         Reviewed by Geoffrey Garen.
2015
2016         JSWeakObjectMap finalisation may occur while gc is in inconsistent state
2017         https://bugs.webkit.org/show_bug.cgi?id=60908
2018         <rdar://problem/9409491>
2019
2020         We need to ensure that we have called all the weak map finalizers while
2021         the global object (and hence global context) is still in a consistent
2022         state.  The best way to achieve this is to simply use a weak handle and
2023         finalizer on the global object.
2024
2025         * JavaScriptCore.exp:
2026         * runtime/JSGlobalObject.cpp:
2027         (JSC::JSGlobalObject::WeakMapFinalizer::finalize):
2028         * runtime/JSGlobalObject.h:
2029         (JSC::JSGlobalObject::registerWeakMap):
2030
2031 2011-05-16  Siddharth Mathur  <siddharth.mathur@nokia.com>
2032
2033         Reviewed by Laszlo Gombos.
2034
2035         [Qt][WK2][Symbian] Shared memory implementation for Symbian
2036         https://bugs.webkit.org/show_bug.cgi?id=55875
2037
2038         * wtf/Platform.h: Exclude Symbian OS from USE(UNIX_DOMAIN_SOCKETS) users
2039
2040 2011-05-16  Gavin Barraclough  <barraclough@apple.com>
2041
2042         Rubber stamped by Geoff Garen.
2043
2044         https://bugs.webkit.org/show_bug.cgi?id=60866
2045         Evaluation order broken for empty alternatives in subpatterns
2046
2047         Reverting https://bugs.webkit.org/show_bug.cgi?id=51395
2048
2049         * yarr/YarrPattern.cpp:
2050         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2051
2052 2011-05-15  Gavin Barraclough  <barraclough@apple.com>
2053
2054         Reviewed by Geoff Garen & Michael Saboff.
2055
2056         https://bugs.webkit.org/show_bug.cgi?id=60860
2057         Simplify backtracking in YARR JIT
2058
2059         YARR JIT currently performs a single pass of code generation over the pattern,
2060         with special handling to allow the code generation for some backtracking code
2061         out of line. We can simplify things by moving to a common mechanism whereby all
2062         forwards matching code is generated in one pass, and all backtracking code is
2063         generated in another. Backtracking code can be generated in reverse order, to
2064         optimized the common fall-through case.
2065
2066         To make it easier to walk over the pattern, we can first convert to a more
2067         byte-code like format before JIT generating. In time we should unify this with
2068         the YARR interpreter to more closely unify the two.
2069
2070         * yarr/YarrJIT.cpp:
2071         (JSC::Yarr::YarrGenerator::jumpIfNoAvailableInput):
2072         (JSC::Yarr::YarrGenerator::YarrOp::YarrOp):
2073         (JSC::Yarr::YarrGenerator::BacktrackingState::BacktrackingState):
2074         (JSC::Yarr::YarrGenerator::BacktrackingState::append):
2075         (JSC::Yarr::YarrGenerator::BacktrackingState::fallthrough):
2076         (JSC::Yarr::YarrGenerator::BacktrackingState::link):
2077         (JSC::Yarr::YarrGenerator::BacktrackingState::linkTo):
2078         (JSC::Yarr::YarrGenerator::BacktrackingState::takeBacktracksToJumpList):
2079         (JSC::Yarr::YarrGenerator::BacktrackingState::isEmpty):
2080         (JSC::Yarr::YarrGenerator::BacktrackingState::linkDataLabels):
2081         (JSC::Yarr::YarrGenerator::BacktrackingState::ReturnAddressRecord::ReturnAddressRecord):
2082         (JSC::Yarr::YarrGenerator::generateAssertionBOL):
2083         (JSC::Yarr::YarrGenerator::backtrackAssertionBOL):
2084         (JSC::Yarr::YarrGenerator::generateAssertionEOL):
2085         (JSC::Yarr::YarrGenerator::backtrackAssertionEOL):
2086         (JSC::Yarr::YarrGenerator::matchAssertionWordchar):
2087         (JSC::Yarr::YarrGenerator::generateAssertionWordBoundary):
2088         (JSC::Yarr::YarrGenerator::backtrackAssertionWordBoundary):
2089         (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
2090         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterOnce):
2091         (JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
2092         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterFixed):
2093         (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
2094         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
2095         (JSC::Yarr::YarrGenerator::generatePatternCharacterNonGreedy):
2096         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
2097         (JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
2098         (JSC::Yarr::YarrGenerator::backtrackCharacterClassOnce):
2099         (JSC::Yarr::YarrGenerator::generateCharacterClassFixed):
2100         (JSC::Yarr::YarrGenerator::backtrackCharacterClassFixed):
2101         (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy):
2102         (JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy):
2103         (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy):
2104         (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):
2105         (JSC::Yarr::YarrGenerator::generateTerm):
2106         (JSC::Yarr::YarrGenerator::backtrackTerm):
2107         (JSC::Yarr::YarrGenerator::generate):
2108         (JSC::Yarr::YarrGenerator::backtrack):
2109         (JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
2110         (JSC::Yarr::YarrGenerator::opCompileParentheticalAssertion):
2111         (JSC::Yarr::YarrGenerator::opCompileAlternative):
2112         (JSC::Yarr::YarrGenerator::opCompileBody):
2113         (JSC::Yarr::YarrGenerator::YarrGenerator):
2114         (JSC::Yarr::YarrGenerator::compile):
2115
2116 2011-05-15  Adam Barth  <abarth@webkit.org>
2117
2118         Enable strict PassOwnPtr on Qt.  (Build fixes to follow.)
2119
2120         * wtf/PassOwnPtr.h:
2121
2122 2011-05-15  Geoffrey Garen  <ggaren@apple.com>
2123
2124         Reviewed by Maciej Stachowiak.
2125
2126         Partial fix for <rdar://problem/9417875> REGRESSION: SunSpider ~17% slower
2127         in browser than on command line
2128         
2129         This patch fixes a few issues in generated code that could unreasonably
2130         prolong object lifetimes.
2131
2132         * heap/Heap.cpp:
2133         (JSC::Heap::collectAllGarbage): Throw away all function code before doing
2134         a major collection. We want to clear polymorphic caches, since they can
2135         keep alive large object graphs that have gone "stale". For the same reason,
2136         but to a lesser extent, we also want to clear linked functions and other
2137         one-off caches.
2138
2139         This has the side-benefit of reducing memory footprint from run-once
2140         functions, and of allowing predictions and caches that have failed to
2141         re-specialize.
2142
2143         Eventually, if compilation costs rise far enough, we may want a more
2144         limited strategy for de-specializing code without throwing it away
2145         completely, but this works for now, and it's the simplest solution.
2146
2147         * jit/JITStubs.cpp:
2148         (JSC::JITThunks::hostFunctionStub):
2149         * jit/JITStubs.h:
2150         * runtime/JSFunction.cpp: Made the host function stub cache weak --
2151         otherwise it's effectively a memory leak that can seriously fragment the
2152         GC and JIT heaps.
2153
2154         (JSC::JSFunction::JSFunction):
2155         (JSC::JSFunction::visitChildren): Cleared up some comments that confused
2156         me when working with this code.
2157
2158 2011-05-13  Oliver Hunt  <oliver@apple.com>
2159
2160         Reviewed by Geoffrey Garen.
2161
2162         Make GC validation more aggressive
2163         https://bugs.webkit.org/show_bug.cgi?id=60802
2164
2165         This patch makes the checks performed under GC_VALIDATION
2166         much more aggressive, and adds the checks to more places
2167         in order to allow us to catch GC bugs much closer to the
2168         point of failure.
2169
2170         * JavaScriptCore.exp:
2171         * JavaScriptCore.xcodeproj/project.pbxproj:
2172         * debugger/DebuggerActivation.cpp:
2173         (JSC::DebuggerActivation::visitChildren):
2174         * heap/MarkedBlock.cpp:
2175         (JSC::MarkedBlock::MarkedBlock):
2176         * heap/MarkedSpace.cpp:
2177         * runtime/Arguments.cpp:
2178         (JSC::Arguments::visitChildren):
2179         * runtime/Executable.cpp:
2180         (JSC::EvalExecutable::visitChildren):
2181         (JSC::ProgramExecutable::visitChildren):
2182         (JSC::FunctionExecutable::visitChildren):
2183         * runtime/Executable.h:
2184         * runtime/GetterSetter.cpp:
2185         (JSC::GetterSetter::visitChildren):
2186         * runtime/GetterSetter.h:
2187         * runtime/JSAPIValueWrapper.h:
2188         (JSC::JSAPIValueWrapper::createStructure):
2189         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2190         * runtime/JSActivation.cpp:
2191         (JSC::JSActivation::visitChildren):
2192         * runtime/JSArray.cpp:
2193         (JSC::JSArray::visitChildren):
2194         * runtime/JSCell.cpp:
2195         (JSC::slowValidateCell):
2196         * runtime/JSCell.h:
2197         (JSC::JSCell::JSCell::unvalidatedStructure):
2198         (JSC::JSCell::JSCell::JSCell):
2199         * runtime/JSFunction.cpp:
2200         (JSC::JSFunction::visitChildren):
2201         * runtime/JSGlobalObject.cpp:
2202         (JSC::JSGlobalObject::visitChildren):
2203         (JSC::slowValidateCell):
2204         * runtime/JSONObject.h:
2205         * runtime/JSObject.cpp:
2206         (JSC::JSObject::visitChildren):
2207         * runtime/JSPropertyNameIterator.cpp:
2208         (JSC::JSPropertyNameIterator::visitChildren):
2209         * runtime/JSPropertyNameIterator.h:
2210         * runtime/JSStaticScopeObject.cpp:
2211         (JSC::JSStaticScopeObject::visitChildren):
2212         * runtime/JSString.h:
2213         (JSC::RopeBuilder::JSString):
2214         * runtime/JSWrapperObject.cpp:
2215         (JSC::JSWrapperObject::visitChildren):
2216         * runtime/NativeErrorConstructor.cpp:
2217         (JSC::NativeErrorConstructor::visitChildren):
2218         * runtime/PropertyMapHashTable.h:
2219         (JSC::PropertyMapEntry::PropertyMapEntry):
2220         * runtime/RegExpObject.cpp:
2221         (JSC::RegExpObject::visitChildren):
2222         * runtime/ScopeChain.cpp:
2223         (JSC::ScopeChainNode::visitChildren):
2224         * runtime/ScopeChain.h:
2225         (JSC::ScopeChainNode::ScopeChainNode):
2226         * runtime/Structure.cpp:
2227         (JSC::Structure::Structure):
2228         (JSC::Structure::addPropertyTransition):
2229         (JSC::Structure::visitChildren):
2230         * runtime/Structure.h:
2231         (JSC::JSCell::classInfo):
2232         * runtime/StructureChain.cpp:
2233         (JSC::StructureChain::visitChildren):
2234         * runtime/StructureChain.h:
2235         * runtime/WriteBarrier.h:
2236         (JSC::validateCell):
2237         (JSC::JSCell):
2238         (JSC::JSGlobalObject):
2239         (JSC::WriteBarrierBase::set):
2240         (JSC::WriteBarrierBase::setMayBeNull):
2241         (JSC::WriteBarrierBase::setEarlyValue):
2242         (JSC::WriteBarrierBase::get):
2243         (JSC::WriteBarrierBase::operator*):
2244         (JSC::WriteBarrierBase::operator->):
2245         (JSC::WriteBarrierBase::unvalidatedGet):
2246         (JSC::WriteBarrier::WriteBarrier):
2247         * wtf/Assertions.h:
2248
2249 2011-05-13  Oliver Hunt  <oliver@apple.com>
2250
2251         Reviewed by Geoffrey Garen.
2252
2253         Make GC validation more aggressive
2254         https://bugs.webkit.org/show_bug.cgi?id=60802
2255
2256         This patch makes the checks performed under GC_VALIDATION
2257         much more aggressive, and adds the checks to more places
2258         in order to allow us to catch GC bugs much closer to the
2259         point of failure.
2260
2261         * JavaScriptCore.exp:
2262         * JavaScriptCore.xcodeproj/project.pbxproj:
2263         * debugger/DebuggerActivation.cpp:
2264         (JSC::DebuggerActivation::visitChildren):
2265         * heap/MarkedBlock.cpp:
2266         (JSC::MarkedBlock::MarkedBlock):
2267         * heap/MarkedSpace.cpp:
2268         * runtime/Arguments.cpp:
2269         (JSC::Arguments::visitChildren):
2270         * runtime/Executable.cpp:
2271         (JSC::EvalExecutable::visitChildren):
2272         (JSC::ProgramExecutable::visitChildren):
2273         (JSC::FunctionExecutable::visitChildren):
2274         * runtime/Executable.h:
2275         * runtime/GetterSetter.cpp:
2276         (JSC::GetterSetter::visitChildren):
2277         * runtime/GetterSetter.h:
2278         * runtime/JSAPIValueWrapper.h:
2279         (JSC::JSAPIValueWrapper::createStructure):
2280         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2281         * runtime/JSActivation.cpp:
2282         (JSC::JSActivation::visitChildren):
2283         * runtime/JSArray.cpp:
2284         (JSC::JSArray::visitChildren):
2285         * runtime/JSCell.cpp:
2286         (JSC::slowValidateCell):
2287         * runtime/JSCell.h:
2288         (JSC::JSCell::JSCell::unvalidatedStructure):
2289         (JSC::JSCell::JSCell::JSCell):
2290         * runtime/JSFunction.cpp:
2291         (JSC::JSFunction::visitChildren):
2292         * runtime/JSGlobalObject.cpp:
2293         (JSC::JSGlobalObject::visitChildren):
2294         (JSC::slowValidateCell):
2295         * runtime/JSONObject.h:
2296         * runtime/JSObject.cpp:
2297         (JSC::JSObject::visitChildren):
2298         * runtime/JSPropertyNameIterator.cpp:
2299         (JSC::JSPropertyNameIterator::visitChildren):
2300         * runtime/JSPropertyNameIterator.h:
2301         * runtime/JSStaticScopeObject.cpp:
2302         (JSC::JSStaticScopeObject::visitChildren):
2303         * runtime/JSString.h:
2304         (JSC::RopeBuilder::JSString):
2305         * runtime/JSWrapperObject.cpp:
2306         (JSC::JSWrapperObject::visitChildren):
2307         * runtime/NativeErrorConstructor.cpp:
2308         (JSC::NativeErrorConstructor::visitChildren):
2309         * runtime/PropertyMapHashTable.h:
2310         (JSC::PropertyMapEntry::PropertyMapEntry):
2311         * runtime/RegExpObject.cpp:
2312         (JSC::RegExpObject::visitChildren):
2313         * runtime/ScopeChain.cpp:
2314         (JSC::ScopeChainNode::visitChildren):
2315         * runtime/ScopeChain.h:
2316         (JSC::ScopeChainNode::ScopeChainNode):
2317         * runtime/Structure.cpp:
2318         (JSC::Structure::Structure):
2319         (JSC::Structure::addPropertyTransition):
2320         (JSC::Structure::visitChildren):
2321         * runtime/Structure.h:
2322         (JSC::JSCell::classInfo):
2323         * runtime/StructureChain.cpp:
2324         (JSC::StructureChain::visitChildren):
2325         * runtime/StructureChain.h:
2326         * runtime/WriteBarrier.h:
2327         (JSC::validateCell):
2328         (JSC::JSCell):
2329         (JSC::JSGlobalObject):
2330         (JSC::WriteBarrierBase::set):
2331         (JSC::WriteBarrierBase::setMayBeNull):
2332         (JSC::WriteBarrierBase::setEarlyValue):
2333         (JSC::WriteBarrierBase::get):
2334         (JSC::WriteBarrierBase::operator*):
2335         (JSC::WriteBarrierBase::operator->):
2336         (JSC::WriteBarrierBase::unvalidatedGet):
2337         (JSC::WriteBarrier::WriteBarrier):
2338         * wtf/Assertions.h:
2339
2340 2011-05-14  Csaba Osztrogon√°c  <ossy@webkit.org>
2341
2342         Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt.
2343
2344         Make GC validation more aggressive
2345         https://bugs.webkit.org/show_bug.cgi?id=60802
2346
2347         * JavaScriptCore.exp:
2348         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2349         * JavaScriptCore.xcodeproj/project.pbxproj:
2350         * debugger/DebuggerActivation.cpp:
2351         (JSC::DebuggerActivation::visitChildren):
2352         * heap/MarkedBlock.cpp:
2353         (JSC::MarkedBlock::MarkedBlock):
2354         * heap/MarkedSpace.cpp:
2355         * runtime/Arguments.cpp:
2356         (JSC::Arguments::visitChildren):
2357         * runtime/Executable.cpp:
2358         (JSC::EvalExecutable::visitChildren):
2359         (JSC::ProgramExecutable::visitChildren):
2360         (JSC::FunctionExecutable::visitChildren):
2361         * runtime/Executable.h:
2362         (JSC::ProgramExecutable::createStructure):
2363         (JSC::FunctionExecutable::createStructure):
2364         * runtime/GetterSetter.cpp:
2365         (JSC::GetterSetter::visitChildren):
2366         * runtime/GetterSetter.h:
2367         (JSC::GetterSetter::createStructure):
2368         * runtime/JSAPIValueWrapper.h:
2369         (JSC::JSAPIValueWrapper::createStructure):
2370         * runtime/JSActivation.cpp:
2371         (JSC::JSActivation::visitChildren):
2372         * runtime/JSArray.cpp:
2373         (JSC::JSArray::visitChildren):
2374         * runtime/JSCell.cpp:
2375         * runtime/JSCell.h:
2376         (JSC::JSCell::JSCell::JSCell):
2377         * runtime/JSFunction.cpp:
2378         (JSC::JSFunction::visitChildren):
2379         * runtime/JSGlobalObject.cpp:
2380         (JSC::JSGlobalObject::visitChildren):
2381         * runtime/JSONObject.h:
2382         (JSC::JSONObject::createStructure):
2383         * runtime/JSObject.cpp:
2384         (JSC::JSObject::visitChildren):
2385         * runtime/JSPropertyNameIterator.cpp:
2386         (JSC::JSPropertyNameIterator::visitChildren):
2387         * runtime/JSPropertyNameIterator.h:
2388         * runtime/JSStaticScopeObject.cpp:
2389         (JSC::JSStaticScopeObject::visitChildren):
2390         * runtime/JSString.h:
2391         (JSC::RopeBuilder::createStructure):
2392         * runtime/JSWrapperObject.cpp:
2393         (JSC::JSWrapperObject::visitChildren):
2394         * runtime/NativeErrorConstructor.cpp:
2395         (JSC::NativeErrorConstructor::visitChildren):
2396         * runtime/PropertyMapHashTable.h:
2397         (JSC::PropertyMapEntry::PropertyMapEntry):
2398         * runtime/RegExpObject.cpp:
2399         (JSC::RegExpObject::visitChildren):
2400         * runtime/ScopeChain.cpp:
2401         (JSC::ScopeChainNode::visitChildren):
2402         * runtime/ScopeChain.h:
2403         (JSC::ScopeChainNode::ScopeChainNode):
2404         * runtime/Structure.cpp:
2405         (JSC::Structure::Structure):
2406         (JSC::Structure::addPropertyTransition):
2407         (JSC::Structure::visitChildren):
2408         * runtime/Structure.h:
2409         (JSC::Structure::createStructure):
2410         (JSC::JSCell::classInfo):
2411         * runtime/StructureChain.cpp:
2412         (JSC::StructureChain::visitChildren):
2413         * runtime/StructureChain.h:
2414         * runtime/WriteBarrier.h:
2415         (JSC::WriteBarrierBase::set):
2416         (JSC::WriteBarrierBase::get):
2417         (JSC::WriteBarrierBase::operator*):
2418         (JSC::WriteBarrierBase::operator->):
2419         (JSC::WriteBarrier::WriteBarrier):
2420         * wtf/Assertions.h:
2421
2422 2011-05-13  Oliver Hunt  <oliver@apple.com>
2423
2424         Reviewed by Geoffrey Garen.
2425
2426         Make GC validation more aggressive
2427         https://bugs.webkit.org/show_bug.cgi?id=60802
2428
2429         This patch makes the checks performed under GC_VALIDATION
2430         much more aggressive, and adds the checks to more places
2431         in order to allow us to catch GC bugs much closer to the
2432         point of failure.
2433
2434         * JavaScriptCore.exp:
2435         * JavaScriptCore.xcodeproj/project.pbxproj:
2436         * debugger/DebuggerActivation.cpp:
2437         (JSC::DebuggerActivation::visitChildren):
2438         * heap/MarkedBlock.cpp:
2439         (JSC::MarkedBlock::MarkedBlock):
2440         * heap/MarkedSpace.cpp:
2441         * runtime/Arguments.cpp:
2442         (JSC::Arguments::visitChildren):
2443         * runtime/Executable.cpp:
2444         (JSC::EvalExecutable::visitChildren):
2445         (JSC::ProgramExecutable::visitChildren):
2446         (JSC::FunctionExecutable::visitChildren):
2447         * runtime/Executable.h:
2448         * runtime/GetterSetter.cpp:
2449         (JSC::GetterSetter::visitChildren):
2450         * runtime/GetterSetter.h:
2451         * runtime/JSAPIValueWrapper.h:
2452         (JSC::JSAPIValueWrapper::createStructure):
2453         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2454         * runtime/JSActivation.cpp:
2455         (JSC::JSActivation::visitChildren):
2456         * runtime/JSArray.cpp:
2457         (JSC::JSArray::visitChildren):
2458         * runtime/JSCell.cpp:
2459         (JSC::slowValidateCell):
2460         * runtime/JSCell.h:
2461         (JSC::JSCell::JSCell::unvalidatedStructure):
2462         (JSC::JSCell::JSCell::JSCell):
2463         * runtime/JSFunction.cpp:
2464         (JSC::JSFunction::visitChildren):
2465         * runtime/JSGlobalObject.cpp:
2466         (JSC::JSGlobalObject::visitChildren):
2467         (JSC::slowValidateCell):
2468         * runtime/JSONObject.h:
2469         * runtime/JSObject.cpp:
2470         (JSC::JSObject::visitChildren):
2471         * runtime/JSPropertyNameIterator.cpp:
2472         (JSC::JSPropertyNameIterator::visitChildren):
2473         * runtime/JSPropertyNameIterator.h:
2474         * runtime/JSStaticScopeObject.cpp:
2475         (JSC::JSStaticScopeObject::visitChildren):
2476         * runtime/JSString.h:
2477         (JSC::RopeBuilder::JSString):
2478         * runtime/JSWrapperObject.cpp:
2479         (JSC::JSWrapperObject::visitChildren):
2480         * runtime/NativeErrorConstructor.cpp:
2481         (JSC::NativeErrorConstructor::visitChildren):
2482         * runtime/PropertyMapHashTable.h:
2483         (JSC::PropertyMapEntry::PropertyMapEntry):
2484         * runtime/RegExpObject.cpp:
2485         (JSC::RegExpObject::visitChildren):
2486         * runtime/ScopeChain.cpp:
2487         (JSC::ScopeChainNode::visitChildren):
2488         * runtime/ScopeChain.h:
2489         (JSC::ScopeChainNode::ScopeChainNode):
2490         * runtime/Structure.cpp:
2491         (JSC::Structure::Structure):
2492         (JSC::Structure::addPropertyTransition):
2493         (JSC::Structure::visitChildren):
2494         * runtime/Structure.h:
2495         (JSC::JSCell::classInfo):
2496         * runtime/StructureChain.cpp:
2497         (JSC::StructureChain::visitChildren):
2498         * runtime/StructureChain.h:
2499         * runtime/WriteBarrier.h:
2500         (JSC::validateCell):
2501         (JSC::JSCell):
2502         (JSC::JSGlobalObject):
2503         (JSC::WriteBarrierBase::set):
2504         (JSC::WriteBarrierBase::setMayBeNull):
2505         (JSC::WriteBarrierBase::setEarlyValue):
2506         (JSC::WriteBarrierBase::get):
2507         (JSC::WriteBarrierBase::operator*):
2508         (JSC::WriteBarrierBase::operator->):
2509         (JSC::WriteBarrierBase::unvalidatedGet):
2510         (JSC::WriteBarrier::WriteBarrier):
2511         * wtf/Assertions.h:
2512
2513 2011-05-01  Holger Hans Peter Freyther  <holger@moiji-mobile.com>
2514
2515         Reviewed by Steve Block.
2516
2517         [android] OS(ANDROID) does not imply PLATFORM(ANDROID)
2518         https://bugs.webkit.org/show_bug.cgi?id=59888
2519
2520         It is possible to build QtWebKit and others for OS(ANDROID). Let
2521         the buildsystem decide which platform is to be build.
2522
2523         * wtf/Platform.h:
2524
2525 2011-05-12  Maciej Stachowiak  <mjs@apple.com>
2526
2527         Reviewed by Darin Adler.
2528
2529         XMLDocumentParserLibxml2 should play nice with strict OwnPtrs
2530         https://bugs.webkit.org/show_bug.cgi?id=59394
2531
2532         This portion of the change introduces a PassTraits template, which
2533         is used to enable takeFirst() to work for a Deque holding OwnPtrs,
2534         and optimize it for a Deque holding RefPtrs. In the future it can
2535         be deployed elsewhere to make our data structures work better with
2536         our smart pointers.
2537
2538         * GNUmakefile.list.am:
2539         * JavaScriptCore.gypi:
2540         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
2541         * JavaScriptCore.xcodeproj/project.pbxproj:
2542         * wtf/CMakeLists.txt:
2543         * wtf/Deque.h:
2544         (WTF::::takeFirst):
2545         * wtf/PassTraits.h: Added.
2546         (WTF::PassTraits::transfer):
2547
2548 2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
2549
2550         Not reviewed.
2551
2552         Revert r86334, it broke the win build. WinCE build is fixed even without this patch. WinCairo remains broken atm, everything else works.
2553
2554         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2555
2556 2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
2557
2558         Not reviewed.
2559
2560         String operator+ reallocates unnecessarily when concatting > 2 strings
2561         https://bugs.webkit.org/show_bug.cgi?id=58420
2562
2563         Try to fix WinCE/WinCairo linking by exporting three symbols, not sure whether it's correct though. Win worked just fine before.
2564
2565         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2566
2567 2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
2568
2569         Reviewed by Darin Adler.
2570
2571         String operator+ reallocates unnecessarily when concatting > 2 strings
2572         https://bugs.webkit.org/show_bug.cgi?id=58420
2573
2574         Provide a faster String append operator.
2575         Up until now, "String operator+(const String& a, const String& b)" copied String a into a temporary
2576         object, and used a.append(b), which reallocates a new buffer of aLength+bLength. When concatting
2577         N strings using operator+, this leads to N-1 reallocations.
2578
2579         Replace this with a flexible operator+ implementation, that avoids these reallocations.
2580         When concatting a 'String' with any string type (char*, UChar, Vector<char>, String, AtomicString, etc..)
2581         a StringAppend<String, T> object is created, which holds the intermediate string objects, and delays
2582         creation of the final string, until operator String() is invoked.
2583
2584         template<typename T>
2585         StringAppend<String, T> operator+(const String& string1, T string2)
2586         {
2587             return StringAppend<String, T>(string1, string2);
2588         }
2589
2590         template<typename U, typename V, typename W>
2591         StringAppend<U, StringAppend<V, W> > operator+(U string1, const StringAppend<V, W>& string2)
2592         {
2593             return StringAppend<U, StringAppend<V, W> >(string1, string2);
2594         }
2595
2596         When concatting three strings - "String a, b, c; String result = a + b + c;" following happens:
2597         first a StringAppend<String, String> object is created by operator+(const String& string1, String string2).
2598         Then operator+(String string1, const StringAppend<String, String>& string2) is invoked, which returns
2599         a StringAppend<String, StringAppend<String, String> > object.
2600         Then operator String() is invoked, which allocates a StringImpl object, once, large enough to hold the
2601         final string - it uses tryMakeString provided by StringConcatenate.h under the hoods, which guards us
2602         against too big string allocations, etc.
2603
2604         Note that the second template, defines a recursive way to concat an arbitary number of strings
2605         into a single String with just one allocation.
2606
2607         * GNUmakefile.list.am: Add StringOperators.h to build.
2608         * JavaScriptCore.exp: Export WTF::emptyString(). Remove no longer needed symbols.
2609         * JavaScriptCore.gypi: Add StringOperators.h to build.
2610         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
2611         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
2612         * wtf/text/AtomicString.h: Pull in StringConcatenate.h at the end of the file.
2613         * wtf/text/StringConcatenate.h: Conditionally include AtomicString.h to avoid a cyclic dependency. Pull in StringOperators.h at the end of the file.
2614         * wtf/text/StringOperators.h: Added. This is never meant to be included directly, including either WTFString.h or AtomicString.h automatically pulls in this file.
2615         (WTF::StringAppend::StringAppend):
2616         (WTF::StringAppend::operator String):
2617         (WTF::StringAppend::operator AtomicString):
2618         (WTF::StringAppend::writeTo):
2619         (WTF::StringAppend::length):
2620         (WTF::operator+):
2621         * wtf/text/WTFString.cpp: Remove operator+ implementations that use String::append(). 
2622         (WTF::emptyString): Add new shared empty string free function.
2623         * wtf/text/WTFString.h: Replace operator+ implementations by StringAppend template solution. Pull in AtomicString.h at the end of the file.
2624
2625 2011-05-12  Philippe Normand  <pnormand@igalia.com>
2626
2627         Unreviewed, GTK build fix.
2628
2629         * wtf/Platform.h:
2630
2631 2011-05-12  Keith Kyzivat  <keith.kyzivat@nokia.com>
2632
2633         Reviewed by Csaba Osztrogon√°c.
2634
2635         [Qt] Arm debug build failing on ARMAssembler::debugOffset()
2636         https://bugs.webkit.org/show_bug.cgi?id=60688
2637
2638         Related to svn rev 85523
2639
2640         * assembler/ARMAssembler.h:
2641         (JSC::ARMAssembler::debugOffset):
2642
2643 2011-05-11  Igor Oliveira  <igor.oliveira@openbossa.org>
2644
2645         Reviewed by Eric Seidel.
2646
2647         WebKit does not build with GCCE
2648         https://bugs.webkit.org/show_bug.cgi?id=60667
2649
2650         Allow compile WebKit with GCCE
2651
2652         * wtf/Alignment.h:
2653         * wtf/Platform.h:
2654
2655 2011-05-11  Adam Barth  <abarth@webkit.org>
2656
2657         Reviewed by Eric Seidel.
2658
2659         Enable strict PassOwnPtr on Mac
2660         https://bugs.webkit.org/show_bug.cgi?id=60684
2661
2662         This should build cleanly now.
2663
2664         * wtf/PassOwnPtr.h:
2665
2666 2011-05-11  Oliver Hunt  <oliver@apple.com>
2667
2668         Reviewed by Darin Adler.
2669
2670         Protect JSC from WebCore executing JS during JS wrapper finalization
2671         https://bugs.webkit.org/show_bug.cgi?id=60672
2672         <rdar://problem/9350997>
2673
2674         Detect when we're trying to execute JS during GC and prevent the
2675         execution from happening.  We also assert that this isn't happening
2676         as it implies incorrect behaviour of an object's destructor.
2677
2678         * JavaScriptCore.exp:
2679         * heap/Heap.cpp:
2680         * heap/Heap.h:
2681         (JSC::Heap::isBusy):
2682         * interpreter/Interpreter.cpp:
2683         (JSC::Interpreter::execute):
2684         (JSC::Interpreter::executeCall):
2685         (JSC::Interpreter::executeConstruct):
2686         * runtime/JSGlobalData.h:
2687         (JSC::JSGlobalData::isCollectorBusy):
2688
2689 2011-05-11  Oliver Hunt  <oliver@apple.com>
2690
2691         Reviewed by Gavin Barraclough.
2692
2693         Enable gc mark validation in temporarily in release builds
2694         https://bugs.webkit.org/show_bug.cgi?id=60678
2695
2696         Make it easier to turn the gc mark validation on and off, and
2697         temporarily turn it on for all builds.
2698
2699         * heap/MarkStack.cpp:
2700         * heap/MarkStack.h:
2701         (JSC::MarkStack::append):
2702         (JSC::MarkStack::internalAppend):
2703         * runtime/WriteBarrier.h:
2704         (JSC::MarkStack::appendValues):
2705         * wtf/Platform.h:
2706
2707 2011-05-11  Geoffrey Garen  <ggaren@apple.com>
2708
2709         Reviewed by Oliver Hunt.
2710
2711         <rdar://problem/9331651> REGRESSION: RPRVT grows by 1MB / sec @ dvd2blu.com
2712         
2713         SunSpider reports no change.
2714
2715         This bug was caused by changing Structure and Executable to being GC
2716         objects, and by a long-standing bug that would thrash the global object
2717         between dictionary and non-dictionary states.
2718
2719         * runtime/BatchedTransitionOptimizer.h:
2720         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): Don't
2721         eagerly transition to dictionary -- this can cause pathological dictionary
2722         churn, and it's not necessary, since objects know how to automatically
2723         transition to dictionary when necessary.
2724
2725         * runtime/Executable.cpp:
2726         (JSC::EvalExecutable::compileInternal):
2727         (JSC::ProgramExecutable::compileInternal):
2728         (JSC::FunctionExecutable::compileForCallInternal):
2729         (JSC::FunctionExecutable::compileForConstructInternal): Be sure to report
2730         extra cost from compilation, because it can be quite high. This is especially
2731         important for program code, since DOM timers can repeatedly allocate
2732         program code without allocating any other objects.
2733
2734         * runtime/JSObject.cpp:
2735         (JSC::JSObject::removeDirect): Don't transition to the uncacheable state
2736         if the thing we're trying to remove doesn't exist. This can happen during
2737         compilation, since the compiler needs to ensure that no pre-existing
2738         conflicting definitions exist for certain declarations.
2739
2740 2011-05-11  Oliver Hunt  <oliver@apple.com>
2741
2742         Reviewed by Gavin Barraclough.
2743
2744         Make mark stack validation functions do something useful in a release build
2745         https://bugs.webkit.org/show_bug.cgi?id=60645
2746
2747         Turn ASSERTs into actual if(...) CRASH(); statements.
2748
2749         * heap/MarkStack.cpp:
2750         (JSC::MarkStack::validateValue):
2751
2752 2011-05-11  Xan Lopez  <xlopez@igalia.com>
2753
2754         Reviewed by Martin Robinson.
2755
2756         Fix copy&paste error in comment.
2757
2758         * jit/JITPropertyAccess.cpp:
2759         (JSC::JIT::stringGetByValStubGenerator): the value is stored in
2760         regT2, not regT1.
2761
2762 2011-05-11  Adam Roben  <aroben@apple.com>
2763
2764         WinCE build fixes for strict PassOwnPtr
2765
2766         * wtf/unicode/CollatorDefault.cpp:
2767         (WTF::Collator::userDefault): Use adoptPtr.
2768
2769 2011-05-11  Holger Hans Peter Freyther  <holger@moiji-mobile.com>
2770
2771         Unreviewed build fix.
2772
2773         [MIPS] Fix compilation of the MIPS JIT
2774
2775         Include the MIPSAssembler.h first to indirectly include
2776         AssemblerBuffer.h before the AbstractMacroAssembler.h. This
2777         order is used for the ARM and X86 MacroAssembler*.h
2778
2779         * assembler/MacroAssemblerMIPS.h:
2780
2781 2011-05-11  Adam Roben  <aroben@apple.com>
2782
2783         Turn on strict PassOwnPtr on Windows
2784
2785         Fixes <http://webkit.org/b/60632> Windows should build with strict PassOwnPtr enabled
2786
2787         Reviewed by Adam Barth.
2788
2789         * wtf/PassOwnPtr.h:
2790
2791 2011-05-10  Stephanie Lewis  <slewis@apple.com>
2792
2793         Unreviewed.
2794
2795         Revert accidental JavaScriptCore change in http://trac.webkit.org/changeset/86130
2796
2797         * Configurations/JavaScriptCore.xcconfig:
2798
2799 2011-05-10  Adam Barth  <abarth@webkit.org>
2800
2801         Reviewed by David Levin.
2802
2803         Enable strict PassOwnPtr on Chromium
2804         https://bugs.webkit.org/show_bug.cgi?id=60502
2805
2806         Other platforms to follow.
2807
2808         * wtf/PassOwnPtr.h:
2809
2810 2011-05-10  Geoffrey Garen  <ggaren@apple.com>
2811
2812         Reviewed by Darin Adler.
2813
2814         Fixed up some #include dependencies so the WriteBarrier class can actually call Heap::writeBarrier
2815         https://bugs.webkit.org/show_bug.cgi?id=60532
2816
2817         * GNUmakefile.list.am:
2818         * JavaScriptCore.gypi:
2819         * JavaScriptCore.xcodeproj/project.pbxproj: Build!
2820
2821         * heap/Handle.h: Moved HandleTypes to its own header because that's the
2822         WebKit style, and it was necessary to resolve a circular dependency
2823         between Handle.h and WriteBarrier.h.
2824
2825         * heap/Heap.h:
2826         (JSC::Heap::writeBarrier): Added an inline no-op writeBarrier(), to
2827         verify that all the code is in the right place.
2828
2829         * heap/MarkStack.h: Moved WriteBarrier operations to WriteBarrier.h to
2830         resolve a circular dependency.
2831
2832         * runtime/ArgList.h:
2833         * runtime/JSCell.h: #include WriteBarrier.h since we don't get it for
2834         free anymore.
2835
2836         * runtime/PropertyMapHashTable.h:
2837         (JSC::PropertyTable::PropertyTable): Call the real writeBarrier()
2838         function, now that it exists.
2839
2840         * runtime/SmallStrings.h: Removed a stray #include to resolve a circular
2841         dependency.
2842
2843         * runtime/WriteBarrier.h:
2844         (JSC::WriteBarrierBase::set):
2845         (JSC::MarkStack::append):
2846         (JSC::MarkStack::appendValues): Updated to match the changes above.
2847
2848 2011-05-10  Oliver Hunt  <oliver@apple.com>
2849
2850         Build fix.
2851
2852         * heap/MarkStack.cpp:
2853         (JSC::MarkStack::validateValue):
2854
2855 2011-05-10  Oliver Hunt  <oliver@apple.com>
2856
2857         Reviewed by Gavin Barraclough.
2858
2859         Add some aggressive GC validation to debug builds.
2860         https://bugs.webkit.org/show_bug.cgi?id=60601
2861
2862         When assertions are enabled we now do some validity checking
2863         of objects being added to the mark stack.
2864
2865         * bytecode/Instruction.h:
2866         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::PolymorphicStubInfo):
2867         (JSC::PolymorphicAccessStructureList::visitAggregate):
2868         * heap/MarkStack.cpp:
2869         (JSC::MarkStack::validateSet):
2870         (JSC::MarkStack::validateValue):
2871         * heap/MarkStack.h:
2872         (JSC::MarkStack::appendValues):
2873         (JSC::MarkStack::append):
2874         (JSC::MarkStack::internalAppend):
2875
2876 2011-05-09  Darin Adler  <darin@apple.com>
2877
2878         Reviewed by Oliver Hunt.
2879
2880         http://bugs.webkit.org/show_bug.cgi?id=60509
2881         Wrong type used for return value from strlen
2882
2883         * wtf/FastMalloc.cpp:
2884         (WTF::fastStrDup): Use size_t. Also don't bother checking for failure since
2885         fastMalloc won't return if it fails.
2886
2887 2011-05-09  Adam Barth  <abarth@webkit.org>
2888
2889         Reviewed by Eric Seidel.
2890
2891         CSP should block Function constructor
2892         https://bugs.webkit.org/show_bug.cgi?id=60240
2893
2894         When eval is disabled, we need to block the use of the function
2895         constructor.  However, the WebCore JSC bindings call the function
2896         constructor directly to create inline event listeners.  To support that
2897         use, this patch adds an entrypoint that bypasses the check for whether
2898         eval is enabled.
2899
2900         * JavaScriptCore.exp:
2901         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2902         * runtime/FunctionConstructor.cpp:
2903         (JSC::constructFunction):
2904         (JSC::constructFunctionSkippingEvalEnabledCheck):
2905         * runtime/FunctionConstructor.h:
2906
2907 2011-05-09  Adam Roben  <aroben@apple.com>
2908
2909         Automatically touch WebKit.idl whenever any other WebKit1 IDL file changes
2910
2911         Fixes <http://webkit.org/b/60468> WebKit.idl needs to be manually touched whenever any other
2912         WebKit1 IDL file changes to avoid build errors
2913
2914         Reviewed by Tim Hatcher.
2915
2916         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2917         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
2918         Updated for script rename.
2919
2920         * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py: Removed.
2921         * JavaScriptCore.vcproj/JavaScriptCore/work-around-vs-dependency-tracking-bugs.py: Renamed
2922         from react-to-vsprops-changes.py.
2923         (top level): Moved a constant here from main.
2924         (main): Moved most code from here to react_to_vsprops_changes. Added a call to the new
2925         react_to_webkit1_interface_changes function.
2926         (react_to_vsprops_changes): Moved code here from main. Updated to use the
2927         TOP_LEVEL_DIRECTORY global. Moved some code from here to mtime_of_newest_file_matching_globa
2928         and touch_if_older_than.
2929         (react_to_webkit1_interface_changes): Added. Touches WebKit.idl if any other WebKit1 IDL
2930         file has changed.
2931         (mtime_of_newest_file_matching_glob): Added. Code came from main.
2932         (touch_if_older_than): Added. Code came from main.
2933
2934 2011-05-08  Jessie Berlin  <jberlin@apple.com>
2935
2936         Reviewed by Dan Bernstein.
2937
2938         Make JSRetainPtr work with JSGlobalContextRefs.
2939         https://bugs.webkit.org/show_bug.cgi?id=60452
2940
2941         Add specialized functions for JSRetain and JSRelease when dealing with JSGlobalContextRefs.
2942
2943         * API/JSRetainPtr.h:
2944         (JSRetain):
2945         (JSRelease):
2946
2947 2011-05-07  Dawit Alemayehu  <adawit@kde.org>
2948
2949         Reviewed by Daniel Bates.
2950
2951         Fix compile with GCC 4.6.0
2952         https://bugs.webkit.org/show_bug.cgi?id=60380
2953
2954         Remove unused local variable from code.
2955
2956         * runtime/StringPrototype.cpp:
2957         (JSC::stringProtoFuncMatch):
2958
2959 2011-05-06  Alexis Menard  <alexis.menard@openbossa.org>
2960
2961         Unreviewed build fix with gcc 4.6.0 on linux and c++0x support.
2962
2963         std::tr1::has_trivial_constructor is in <tr1/memory>.
2964
2965         * wtf/TypeTraits.h:
2966
2967 2011-05-05  Jay Civelli  <jcivelli@chromium.org>
2968
2969         Reviewed by Adam Barth.
2970
2971         Added convenience methods to convert from a byte to hex ASCII digit
2972         characters and vice-versa.
2973         https://bugs.webkit.org/show_bug.cgi?id=59834
2974
2975         * wtf/ASCIICType.h:
2976         (WTF::toASCIIHexValue):
2977         (WTF::lowerNibbleToASCIIHexDigit):
2978         (WTF::upperNibbleToASCIIHexDigit):
2979
2980 2011-05-05  Alexis Menard  <alexis.menard@openbossa.org>
2981
2982         Reviewed by Benjamin Poulain.
2983
2984         [Qt] Make QtWebKit build when using gcc 4.6.0
2985         https://bugs.webkit.org/show_bug.cgi?id=60265
2986
2987         If QtWebKit is compiled with gcc 4.6.0 or later we don't want to deactivate
2988         the c++0x support because it works.
2989
2990         * JavaScriptCore.pro:
2991
2992 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
2993
2994         Reviewed by Geoffrey Garen.
2995
2996         Port MachineStackMarker.cpp to Windows x64
2997         https://bugs.webkit.org/show_bug.cgi?id=60216
2998
2999         * heap/MachineStackMarker.cpp:
3000         (JSC::getPlatformThreadRegisters): the CONTEXT struct is usable also
3001         on 64-bit Windows.
3002         (JSC::otherThreadStackPointer): return the Rsp register on Windows x64.
3003
3004 2011-05-04  Fridrich Strba  <fridrich.strba@bluewin.ch>
3005
3006         Reviewed by Martin Robinson.
3007
3008         Link libjavascriptcoregtk on Windows with winmm.dll
3009         https://bugs.webkit.org/show_bug.cgi?id=60215
3010
3011         * GNUmakefile.am:
3012
3013 2011-05-04  Tao Bai  <michaelbai@chromium.org>
3014
3015         Reviewed by David Kilzer.
3016
3017         Populate touch-icon url to FrameLoaderClient
3018         https://bugs.webkit.org/show_bug.cgi?id=59143
3019
3020         * Configurations/FeatureDefines.xcconfig:
3021
3022 2011-05-03  Geoffrey Garen  <ggaren@apple.com>
3023
3024         Reviewed by Darin Adler.
3025
3026         <rdar://problem/9366557> Various crashes due to bad DFG codegen at canalplus.fr
3027
3028         * dfg/DFGSpeculativeJIT.cpp:
3029         (JSC::DFG::SpeculativeJIT::checkArgumentTypes): Removed a stray line of
3030         code that accidentally survived the conversion to a switch statement,
3031         causing a lot of important code not to run most of the time.
3032
3033         Since this is not a trivial finger-picking mistake, I will not call it a
3034         typo.
3035
3036 2011-05-04  Adam Roben  <aroben@apple.com>
3037
3038         Another attempted build fix
3039
3040         * wtf/OwnPtr.h:
3041         (WTF::OwnPtr::operator==):
3042         (WTF::OwnPtr::operator!=):
3043         * wtf/PassOwnPtr.h:
3044         (WTF::PassOwnPtr::operator==):
3045         (WTF::PassOwnPtr::operator!=):
3046         Added a return statement. And made a tweak based on a suggestion from Anders Carlsson.
3047
3048 2011-05-04  Adam Roben  <aroben@apple.com>
3049
3050         Try to fix Leopard, Qt, and probably others
3051
3052         * wtf/OwnPtr.h:
3053         (WTF::OwnPtr::operator==):
3054         (WTF::OwnPtr::operator!=):
3055         * wtf/PassOwnPtr.h:
3056         (WTF::PassOwnPtr::operator==):
3057         (WTF::PassOwnPtr::operator!=):
3058         Try to get the compiler not to instantiate these function templates unnecessarily.
3059
3060 2011-05-03  Adam Roben  <aroben@apple.com>
3061
3062         Disallow equality comparisons between [Pass]OwnPtrs
3063
3064         If you have two OwnPtrs that are equal, you've already lost. (Unless you're doing something
3065         really sneaky, in which case you should stop!)
3066
3067         Fixes <http://webkit.org/b/60053> Testing OwnPtrs for equality should cause a compiler error
3068
3069         Reviewed by Anders Carlsson and Antti Koivisto.
3070
3071         * wtf/OwnPtr.h:
3072         (WTF::OwnPtr::operator==):
3073         (WTF::OwnPtr::operator!=):
3074         * wtf/PassOwnPtr.h:
3075         (WTF::PassOwnPtr::operator==):
3076         (WTF::PassOwnPtr::operator!=):
3077         Added private equality operators that fail to compile when used. (When not used, the
3078         compiler will skip over them because they are function templates.)
3079
3080 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
3081
3082         Reviewed by Gavin Barraclough.
3083
3084         JITArithmetic.cpp produces a warning on a unused variable.
3085         https://bugs.webkit.org/show_bug.cgi?id=60060
3086
3087         Just properly use what we already have converted.
3088
3089         * jit/JITArithmetic.cpp:
3090         (JSC::JIT::emitSlow_op_add):
3091         (JSC::JIT::emitSlow_op_mul):
3092
3093 2011-05-04  Alexis Menard  <alexis.menard@openbossa.org>
3094
3095         Reviewed by Geoffrey Garen.
3096
3097         JITPropertyAccess produces a unused but set variable warning in gcc 4.6.0.
3098         https://bugs.webkit.org/show_bug.cgi?id=60050
3099
3100         This patch fix a compilation warning. The new warning scenario -Wunused-but-set-variable
3101         in gcc 4.6.0 is included in -Wall and therefore stops the compilation when warnings are treated
3102         as errors. The patch introduces a new macro ASSERT_JIT_OFFSET_UNUSED and ASSERT_WITH_MESSAGE_UNUSED
3103         which copy the idea of ASSERT_UNUSED.
3104
3105         * jit/JIT.h:
3106         * jit/JITPropertyAccess.cpp:
3107         (JSC::JIT::emit_op_method_check):
3108         (JSC::JIT::compileGetByIdHotPath):
3109         (JSC::JIT::emit_op_put_by_id):
3110         * wtf/Assertions.h:
3111         (assertWithMessageUnused):
3112
3113 2011-04-29  Jer Noble  <jer.noble@apple.com>
3114
3115         Reviewed by Eric Seidel.
3116
3117         Implement FULLSCREEN_API on Windows, Part 4: Enable it
3118         https://bugs.webkit.org/show_bug.cgi?id=59798
3119
3120         * wtf/Platform.h: Set ENABLE_FULLSCREEN_API on win.
3121
3122 2011-05-03  Alexis Menard  <alexis.menard@openbossa.org>
3123
3124         Reviewed by Eric Seidel.
3125
3126         Unused but set variable warning in MacroAssemberX86_64
3127         https://bugs.webkit.org/show_bug.cgi?id=59482
3128
3129         * assembler/MacroAssemblerX86_64.h:
3130         (JSC::MacroAssemblerX86_64::call):
3131         (JSC::MacroAssemblerX86_64::tailRecursiveCall):
3132         (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
3133
3134 2011-05-03  Oliver Hunt  <oliver@apple.com>
3135
3136         Reviewed by Geoffrey Garen.
3137
3138         Make malloc validation useful
3139         https://bugs.webkit.org/show_bug.cgi?id=57502
3140
3141         Reland this patch (rolled out in 82905) without
3142         turning it on by default.
3143
3144         * JavaScriptCore.exp:
3145         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3146         * wtf/FastMalloc.cpp:
3147         (WTF::tryFastMalloc):
3148         (WTF::fastMalloc):
3149         (WTF::tryFastCalloc):
3150         (WTF::fastCalloc):
3151         (WTF::fastFree):
3152         (WTF::tryFastRealloc):
3153         (WTF::fastRealloc):
3154         (WTF::fastMallocSize):
3155         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
3156         (WTF::TCMalloc_PageHeap::scheduleScavenger):
3157         (WTF::TCMalloc_PageHeap::suspendScavenger):
3158         (WTF::TCMalloc_PageHeap::signalScavenger):
3159         (WTF::TCMallocStats::malloc):
3160         (WTF::TCMallocStats::free):
3161         (WTF::TCMallocStats::fastCalloc):
3162         (WTF::TCMallocStats::tryFastCalloc):
3163         (WTF::TCMallocStats::calloc):
3164         (WTF::TCMallocStats::fastRealloc):
3165         (WTF::TCMallocStats::tryFastRealloc):
3166         (WTF::TCMallocStats::realloc):
3167         (WTF::TCMallocStats::fastMallocSize):
3168         * wtf/FastMalloc.h:
3169         (WTF::Internal::fastMallocValidationHeader):
3170         (WTF::Internal::fastMallocValidationSuffix):
3171         (WTF::Internal::fastMallocMatchValidationType):
3172         (WTF::Internal::setFastMallocMatchValidationType):
3173         (WTF::fastMallocMatchValidateFree):
3174         (WTF::fastMallocValidate):
3175
3176 2011-05-03  Xan Lopez  <xlopez@igalia.com>
3177
3178         Reviewed by Anders Carlsson.
3179
3180         Compile error with GCC 4.6.0, tries to assign unsigned& to bitfield
3181         https://bugs.webkit.org/show_bug.cgi?id=59261
3182
3183         Use unary '+' to force proper type detection in template arguments
3184         with GCC 4.6.0. See bug report for more details.
3185
3186         * runtime/Structure.cpp:
3187         (JSC::StructureTransitionTable::remove): Use '+' to force precise type detection.
3188         (JSC::StructureTransitionTable::add): ditto.
3189         * runtime/Structure.h:
3190         (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer): ditto.
3191
3192 2011-05-03  Jessie Berlin  <jberlin@apple.com>
3193
3194         Rubber-stamped by Adam Roben.
3195
3196         Revert r85550 and r85575.
3197
3198         Variables cannot be exported via the .def file. Instead, they should be annotated with
3199         JS_EXPORTDATA.
3200
3201         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3202         * runtime/Structure.cpp:
3203         (JSC::Structure::materializePropertyMap):
3204         * runtime/Structure.h:
3205         (JSC::Structure::typeInfo):
3206         (JSC::Structure::previousID):
3207         (JSC::Structure::propertyStorageCapacity):
3208         (JSC::Structure::propertyStorageSize):
3209         (JSC::Structure::get):
3210         (JSC::Structure::materializePropertyMapIfNecessary):
3211
3212 2011-05-02  Adam Roben  <aroben@apple.com>
3213
3214         Allow implicit conversion from nullptr_t to PassOwnPtr
3215
3216         This makes it a lot easier to write code that just wants a null PassOwnPtr, especially in
3217         strict PassOwnPtr mode.
3218
3219         Fixes <http://webkit.org/b/59964> Implicit conversion from std::nullptr_t to PassOwnPtr
3220         doesn't work, but should
3221
3222         Reviewed by Adam Barth.
3223
3224         * wtf/PassOwnPtr.h:
3225         (WTF::PassOwnPtr::PassOwnPtr): Added a non-explicit constructor that takes a nullptr_t.
3226
3227         * wtf/MessageQueue.h:
3228         (WTF::::waitForMessageFilteredWithTimeout):
3229         (WTF::::tryGetMessage):
3230         Use the new implicit conversion.
3231
3232 2011-05-02  Jessie Berlin  <jberlin@apple.com>
3233
3234         Rubber-stamped by Oliver Hunt.
3235
3236         Remove an assertion that Windows was hitting on launch.
3237
3238         * runtime/Structure.cpp:
3239         (JSC::Structure::materializePropertyMap):
3240         * runtime/Structure.h:
3241         (JSC::Structure::typeInfo):
3242         (JSC::Structure::previousID):
3243         (JSC::Structure::propertyStorageCapacity):
3244         (JSC::Structure::propertyStorageSize):
3245         (JSC::Structure::get):
3246         (JSC::Structure::materializePropertyMapIfNecessary):
3247
3248 2011-05-02  Mark Rowe  <mrowe@apple.com>
3249
3250         Reviewed by Geoff Garen.
3251
3252         <rdar://problem/9371948> JavaScriptCore should build with GCC 4.2
3253
3254         * Configurations/CompilerVersion.xcconfig:
3255
3256 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
3257
3258         ARMv7 build fix.
3259
3260         * assembler/AbstractMacroAssembler.h:
3261         (JSC::AbstractMacroAssembler::Jump::link):
3262         (JSC::AbstractMacroAssembler::Jump::linkTo):
3263
3264 2011-05-02  Oliver Hunt  <oliver@apple.com>
3265
3266         Windows build fix.
3267
3268         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3269
3270 2011-05-02  Michael Saboff  <msaboff@apple.com>
3271
3272         Reviewed by Geoffrey Garen.
3273
3274         crash in JSC::RegExp::match
3275         https://bugs.webkit.org/show_bug.cgi?id=58922
3276
3277         Cleared chained backtrack data label when linking label even if that 
3278         label doesn't chain itself.  This is needed so that subsequent 
3279         backtrack data labels point to the next outer paren and not within 
3280         the current paren.
3281
3282         * yarr/YarrJIT.cpp:
3283         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3284
3285 2011-05-02  Geoffrey Garen  <ggaren@apple.com>
3286
3287         Reviewed by Oliver Hunt.
3288
3289         Tiny bit of heap cleanup.
3290
3291         * heap/MarkedBlock.h:
3292         (JSC::MarkedBlock::contains): Tightened up an assertion and a comment.
3293
3294         * heap/MarkedSpace.h:
3295         (JSC::MarkedSpace::globalData):
3296         (JSC::MarkedSpace::highWaterMark):
3297         (JSC::MarkedSpace::setHighWaterMark): Moved inlines out of the class
3298         definition, for better clarity.
3299
3300 2011-05-02  Oliver Hunt  <oliver@apple.com>
3301
3302         Reviewed by Gavin Barraclough.
3303
3304         Correct marking of interpreter data in mixed mode builds
3305         https://bugs.webkit.org/show_bug.cgi?id=59962
3306
3307         We had a few places in mixed mode builds where we would not
3308         track data used by the interpreter for marking.  This patch
3309         corrects the problem and adds a number of assertions to catch
3310         live Structures being collected.
3311
3312         * JavaScriptCore.exp:
3313         * assembler/ARMv7Assembler.h:
3314         (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
3315         * bytecode/CodeBlock.cpp:
3316         (JSC::CodeBlock::dump):
3317         * bytecode/CodeBlock.h:
3318         (JSC::CodeBlock::addPropertyAccessInstruction):
3319         (JSC::CodeBlock::addGlobalResolveInstruction):
3320         (JSC::CodeBlock::addStructureStubInfo):
3321         (JSC::CodeBlock::addGlobalResolveInfo):
3322         * bytecompiler/BytecodeGenerator.cpp:
3323         (JSC::BytecodeGenerator::emitResolve):
3324         (JSC::BytecodeGenerator::emitResolveWithBase):
3325         (JSC::BytecodeGenerator::emitGetById):
3326         (JSC::BytecodeGenerator::emitPutById):
3327         (JSC::BytecodeGenerator::emitDirectPutById):
3328         * runtime/Structure.cpp:
3329         (JSC::Structure::materializePropertyMap):
3330         * runtime/Structure.h:
3331         (JSC::Structure::typeInfo):
3332         (JSC::Structure::previousID):
3333         (JSC::Structure::propertyStorageCapacity):
3334         (JSC::Structure::propertyStorageSize):
3335         (JSC::Structure::get):
3336         (JSC::Structure::materializePropertyMapIfNecessary):
3337
3338 2011-05-02  Xan Lopez  <xlopez@igalia.com>
3339
3340         Reviewed by Alexey Proskuryakov.
3341
3342         Use native NullPtr when using GCC 4.6.0 and C++0x
3343         https://bugs.webkit.org/show_bug.cgi?id=59252
3344
3345         GCC 4.6.0 has nullptr support, use it when possible.
3346
3347         * wtf/NullPtr.cpp: include config.h to pull in Platform.h before
3348         NullPtr.h, since we need the GCC_VERSION_AT_LEAST definition.
3349         * wtf/NullPtr.h: check for GCC >= 4.6.0 and C++0x in order to
3350         use native nullptr.
3351
3352 2011-05-02  Gavin Barraclough  <barraclough@apple.com>
3353
3354         Reviewed by Oliver Hunt.
3355
3356         https://bugs.webkit.org/show_bug.cgi?id=59950
3357         Clean up AssemblerBuffer to use a Vector internally.
3358
3359         AssemblerBuffer handles reallocing a byte array itself - stop that.
3360
3361         * assembler/ARMAssembler.cpp:
3362         (JSC::ARMAssembler::executableCopy):
3363         * assembler/AssemblerBuffer.h:
3364         (JSC::AssemblerLabel::AssemblerLabel):
3365         (JSC::AssemblerLabel::labelAtOffset):
3366         (JSC::AssemblerBuffer::AssemblerBuffer):
3367         (JSC::AssemblerBuffer::~AssemblerBuffer):
3368         (JSC::AssemblerBuffer::isAvailable):
3369         (JSC::AssemblerBuffer::ensureSpace):
3370         (JSC::AssemblerBuffer::isAligned):
3371         (JSC::AssemblerBuffer::putIntegral):
3372         (JSC::AssemblerBuffer::putIntegralUnchecked):
3373         (JSC::AssemblerBuffer::putByteUnchecked):
3374         (JSC::AssemblerBuffer::putByte):
3375         (JSC::AssemblerBuffer::putShortUnchecked):
3376         (JSC::AssemblerBuffer::putShort):
3377         (JSC::AssemblerBuffer::putIntUnchecked):
3378         (JSC::AssemblerBuffer::putInt):
3379         (JSC::AssemblerBuffer::putInt64Unchecked):
3380         (JSC::AssemblerBuffer::putInt64):
3381         (JSC::AssemblerBuffer::codeSize):
3382         (JSC::AssemblerBuffer::label):
3383         (JSC::AssemblerBuffer::executableCopy):
3384         (JSC::AssemblerBuffer::rewindToLabel):
3385         (JSC::AssemblerBuffer::debugOffset):
3386         (JSC::AssemblerBuffer::append):
3387         (JSC::AssemblerBuffer::grow):
3388         * assembler/AssemblerBufferWithConstantPool.h:
3389         * assembler/MacroAssemblerX86_64.h:
3390         (JSC::MacroAssemblerX86_64::linkCall):
3391         * assembler/X86Assembler.h:
3392         (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
3393
3394 2011-05-02  Jeff Miller  <jeffm@apple.com>
3395
3396         Reviewed by Alexy Proskuryakov.
3397
3398         Avoid potential buffer overflow in WTFLog() and WTFLogVerbose()
3399         https://bugs.webkit.org/show_bug.cgi?id=59949
3400
3401         * wtf/Assertions.cpp: Check for 0 or empty format string in WTFLog() and WTFLogVerbose().
3402
3403 2011-05-02  Adam Barth  <abarth@webkit.org>
3404
3405         Reviewed by Alexey Proskuryakov.
3406
3407         StringImpl::endsWith has some insane code
3408         https://bugs.webkit.org/show_bug.cgi?id=59900
3409
3410         * wtf/text/StringImpl.cpp:
3411         (WTF::StringImpl::endsWith):
3412             - m_data shadows a member variable of the same name.
3413
3414 2011-05-02  Gabor Loki  <loki@webkit.org>
3415
3416         Buildfix for ARM after r85448
3417
3418         * assembler/ARMAssembler.h:
3419         (JSC::ARMAssembler::loadBranchTarget):
3420
3421 2011-05-01  Oliver Hunt  <oliver@apple.com>
3422
3423         Reviewed by Gavin Barraclough.
3424
3425         Strict-mode only reserved words not reserved
3426         https://bugs.webkit.org/show_bug.cgi?id=55342
3427
3428         Fix line number tracking when we rollback the lexer.
3429
3430         * parser/JSParser.cpp:
3431         (JSC::JSParser::parseSourceElements):
3432
3433 2011-05-01  Oliver Hunt  <oliver@apple.com>
3434
3435         Reviewed by Gavin Barraclough.
3436
3437         ES5 Strict mode does not allow getter and setter for same propId
3438         https://bugs.webkit.org/show_bug.cgi?id=57295
3439
3440         Simplify and correct the logic for strict mode object literals.
3441
3442         * parser/JSParser.cpp:
3443         (JSC::JSParser::parseStrictObjectLiteral):
3444
3445 2011-05-01  Oliver Hunt  <oliver@apple.com>
3446
3447         Reviewed by Gavin Barraclough.
3448
3449         Assigning to function identifier under strict should throw
3450         https://bugs.webkit.org/show_bug.cgi?id=59289
3451
3452         Add logic to StaticScopeObject to ensure we don't silently consume
3453         writes to constant properties.
3454
3455         * runtime/JSStaticScopeObject.cpp:
3456         (JSC::JSStaticScopeObject::put):
3457
3458 2011-05-01  Gavin Barraclough  <barraclough@apple.com>
3459
3460         Reviewed by Sam Weinig.
3461
3462         https://bugs.webkit.org/show_bug.cgi?id=59903
3463         Use AssemblerLabel throughout Assembler classes, AssemblerBuffer
3464
3465         Creating a lable() into the AssemblerBuffer should return an AssemblerLabel,
3466         not an unsigned int.
3467
3468         * assembler/ARMAssembler.cpp:
3469         (JSC::ARMAssembler::executableCopy):
3470         * assembler/ARMAssembler.h:
3471         (JSC::ARMAssembler::blx):
3472         (JSC::ARMAssembler::label):
3473         (JSC::ARMAssembler::loadBranchTarget):
3474         * assembler/ARMv7Assembler.h:
3475         (JSC::ARMv7Assembler::b):
3476         (JSC::ARMv7Assembler::blx):
3477         (JSC::ARMv7Assembler::bx):
3478         (JSC::ARMv7Assembler::label):
3479         (JSC::ARMv7Assembler::ARMInstructionFormatter::label):
3480         * assembler/AssemblerBuffer.h:
3481         (JSC::AssemblerBuffer::label):
3482         * assembler/AssemblerBufferWithConstantPool.h:
3483         * assembler/MIPSAssembler.h: