26692d959144e4576a6134f98a2671df3a3b12cc
[WebKit.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-04  Peter Varga  <pvarga@webkit.org>
2
3         Reviewed by Gavin Barraclough.
4
5         Replace PCRE with Yarr in WebCore
6         https://bugs.webkit.org/show_bug.cgi?id=53496
7
8         * JavaScriptCore.exp:
9         * JavaScriptCore.gyp/JavaScriptCore.gyp:
10         * JavaScriptCore.gypi:
11         * JavaScriptCore.pro:
12         * JavaScriptCore.xcodeproj/project.pbxproj:
13         * create_regex_tables:
14         * runtime/RegExp.cpp:
15         * wtf/Platform.h:
16         * yarr/Yarr.h:
17         * yarr/YarrJIT.cpp:
18         * yarr/YarrJIT.h:
19         * yarr/YarrParser.h:
20         * yarr/YarrPattern.h:
21         * yarr/YarrSyntaxChecker.h:
22         * yarr/yarr.pri: Added.
23
24 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
25
26         Unreviewed rollout two patches r77614 and r77612.
27
28         REGRESSION: Snow Leopard Intell Release anumber of failing tests.
29
30         * runtime/Heap.cpp:
31         (JSC::Heap::Heap):
32         (JSC::Heap::reset):
33         * runtime/Heap.h:
34         * runtime/MarkedSpace.cpp:
35         (JSC::MarkedSpace::allocate):
36         (JSC::MarkedSpace::sweep):
37         (JSC::MarkedSpace::reset):
38         * runtime/MarkedSpace.h:
39
40 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
41
42         Try to fix 32bit build.
43
44         * runtime/Heap.cpp:
45         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
46         since 1.5 is double (64bit), and the result is size_t (32bit).
47
48 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
49
50         Reviewed by Cameron Zwarich.
51
52         Changed MarkedSpace to delegate grow/shrink decisions to Heap
53         https://bugs.webkit.org/show_bug.cgi?id=53759
54         
55         SunSpider reports no change.
56         
57         * runtime/Heap.cpp:
58         (JSC::Heap::Heap):
59         (JSC::Heap::reset):
60         * runtime/Heap.h: Reorganized a few data members for better cache locality.
61         Added a grow policy.
62         
63         * runtime/MarkedSpace.cpp:
64         (JSC::MarkedSpace::allocate):
65         (JSC::MarkedSpace::sweep):
66         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
67         the heap to make an explicit sweep call.
68
69         * runtime/MarkedSpace.h:
70         (JSC::MarkedSpace::highWaterMark):
71         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
72         many bytes to allocate before failing and giving the heap an opportunity
73         to collect garbage. This also means that we allocate blocks on demand,
74         instead of ahead of time.
75
76 2011-02-03  James Kozianski  <koz@chromium.org>
77
78         Reviewed by Dimitri Glazkov.
79
80         Add navigator.registerProtocolHandler behind a flag.
81         https://bugs.webkit.org/show_bug.cgi?id=52609
82
83         * Configurations/FeatureDefines.xcconfig:
84
85 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
86
87         Reviewed by Oliver Hunt.
88
89         Not all blocks are freed when the heap is freed (counting is hard!)
90         https://bugs.webkit.org/show_bug.cgi?id=53732
91
92         * runtime/MarkedSpace.cpp:
93         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
94         keep freeing block 0 until there are no blocks left.
95
96 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
97
98         Try to fix the Mac build.
99
100         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
101         needs to be private, not project, so other projects can include headers
102         that depend on it.
103
104 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
105
106         Reviewed by Sam Weinig.
107
108         Start using MarkedBlock instead of CollectorBlock
109         https://bugs.webkit.org/show_bug.cgi?id=53693
110         
111         SunSpider reports no change.
112         
113         * runtime/MarkedBlock.h:
114         (JSC::MarkedBlock::blockFor):
115         (JSC::MarkedBlock::setMarked):
116         (JSC::MarkedBlock::isCellAligned):
117         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
118
119         * runtime/MarkedSpace.cpp:
120         (JSC::MarkedSpace::allocateBlock):
121         (JSC::MarkedSpace::containsSlowCase):
122         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
123
124         * runtime/MarkedSpace.h:
125         (JSC::CollectorHeap::collectorBlock):
126         (JSC::MarkedSpace::heap):
127         (JSC::MarkedSpace::isMarked):
128         (JSC::MarkedSpace::testAndSetMarked):
129         (JSC::MarkedSpace::setMarked):
130         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
131         and deleted dead CollectorBlock-related code.
132
133 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
134
135         Reviewed by Darin Adler.
136
137         Avoid strlen() in AtomicString::fromUTF8
138         https://bugs.webkit.org/show_bug.cgi?id=50516
139
140         Add an overload to calculateStringHashFromUTF8 to get
141         strlen() of the input data with only one call.
142
143         This change shows about 3% performance win on the xml-parser benchmark.
144
145         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
146         * wtf/text/AtomicString.cpp:
147         (WTF::AtomicString::fromUTF8):
148         * wtf/unicode/UTF8.cpp:
149         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
150         (WTF::Unicode::calculateStringHashFromUTF8):
151         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
152         * wtf/unicode/UTF8.h:
153
154 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
155
156         Windows build fix.
157
158         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
159
160 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
161
162         oops, build fix!
163
164         * wtf/Assertions.cpp:
165
166 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
167
168         Reviewed by Sam Weinig.
169
170         Bug 53650 - Add a BACKTRACE macro to Assertions.h
171
172         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
173         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
174
175         * JavaScriptCore.exp:
176         * wtf/Assertions.cpp:
177         * wtf/Assertions.h:
178
179 2011-02-02  Michael Saboff  <msaboff@apple.com>
180
181         Reviewed by Gavin Barraclough.
182
183         Improper backtrack of nested non-capturing greedy paren to prior paren
184         https://bugs.webkit.org/show_bug.cgi?id=53261
185
186         A paren that follows a non-capturing greedy paren nested within a 
187         non-capturing fixed paren was back tracking to the last paren 
188         processed instead of the immediately prior paren.
189         Refactored default backtracking of parens to prior paren to work for
190         both nested (within) and immediately prior (after) parens.
191
192         * yarr/YarrJIT.cpp:
193         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
194         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
195         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
196         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
197         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
198         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
199         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
200         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
201         (JSC::Yarr::YarrGenerator::generateDisjunction):
202
203 2011-02-02  Jeff Miller  <jeffm@apple.com>
204
205         Reviewed by Darin Adler and Steve Falkenburg.
206
207         Add DerivedSources.make to some Visual Studio projects
208         https://bugs.webkit.org/show_bug.cgi?id=53607
209
210         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
211
212 2011-02-02  Steve Lacey  <sjl@chromium.org>
213
214         Reviewed by Eric Carlson.
215
216         Implement basic media statistics on media elements.
217         https://bugs.webkit.org/show_bug.cgi?id=53322
218
219         * Configurations/FeatureDefines.xcconfig:
220
221 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
222
223         [wx] Build fixes for wxWebKit.
224
225         * wtf/wx/StringWx.cpp:
226         (WTF::String::String):
227
228 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
229
230         Reviewed by Sam Weinig.
231
232         A little more Heap refactoring
233         https://bugs.webkit.org/show_bug.cgi?id=53577
234         
235         SunSpider reports no change.
236         
237         Split out MarkedBlock into its own file / class.
238         
239         Did the following renames:
240             isCellMarked => isMarked
241             checkMarkCell => testAndSetMarked
242             markCell => setMarked
243             cellOffset => cellNumber
244             collectorBlock => blockFor
245
246         * Android.mk:
247         * CMakeLists.txt:
248         * GNUmakefile.am:
249         * JavaScriptCore.gypi:
250         * JavaScriptCore.pro:
251         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
252         * JavaScriptCore.xcodeproj/project.pbxproj:
253         * runtime/Heap.cpp:
254         (JSC::WeakGCHandlePool::update):
255         * runtime/Heap.h:
256         (JSC::Heap::isMarked):
257         (JSC::Heap::testAndSetMarked):
258         (JSC::Heap::setMarked):
259         * runtime/JSArray.h:
260         (JSC::MarkStack::markChildren):
261         (JSC::MarkStack::drain):
262         * runtime/JSCell.h:
263         (JSC::JSCell::MarkStack::internalAppend):
264         * runtime/MarkedBlock.cpp: Added.
265         * runtime/MarkedBlock.h: Added.
266         (JSC::MarkedBlock::blockFor):
267         (JSC::MarkedBlock::cellNumber):
268         (JSC::MarkedBlock::isMarked):
269         (JSC::MarkedBlock::testAndSetMarked):
270         (JSC::MarkedBlock::setMarked):
271         (JSC::MarkedBlock::isCellAligned):
272         (JSC::MarkedBlock::isPossibleCell):
273         * runtime/MarkedSpace.h:
274         (JSC::MarkedSpace::isMarked):
275         (JSC::MarkedSpace::testAndSetMarked):
276         (JSC::MarkedSpace::setMarked):
277         * runtime/SmallStrings.cpp:
278         (JSC::isMarked):
279         * runtime/WeakGCMap.h:
280         (JSC::WeakGCMap::isValid):
281         (JSC::::get):
282         (JSC::::take):
283         (JSC::::set):
284
285 2011-02-02  Sam Weinig  <sam@webkit.org>
286
287         Fix windows clean build.
288
289         * DerivedSources.make:
290
291 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
292
293         Reviewed by Martin Robinson.
294
295         [GTK] Fix dist compilation
296         https://bugs.webkit.org/show_bug.cgi?id=53579
297
298         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
299         added in r77151
300
301 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
302
303         Unreviewed, rolling out r77297.
304         http://trac.webkit.org/changeset/77297
305         https://bugs.webkit.org/show_bug.cgi?id=53538
306
307         caused leopard crashes (Requested by paroga on #webkit).
308
309         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
310         * wtf/text/AtomicString.cpp:
311         (WTF::AtomicString::fromUTF8):
312         * wtf/unicode/UTF8.cpp:
313         (WTF::Unicode::calculateStringHashFromUTF8):
314         * wtf/unicode/UTF8.h:
315
316 2011-02-01  Sam Weinig  <sam@webkit.org>
317
318         Fix Mac production builds.
319
320         * JavaScriptCore.xcodeproj/project.pbxproj:
321
322 2011-02-01  Sam Weinig  <sam@webkit.org>
323
324         Try to fix the windows build.
325
326         * DerivedSources.make:
327
328 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
329
330         Reviewed by Darin Adler.
331
332         Avoid strlen() in AtomicString::fromUTF8
333         https://bugs.webkit.org/show_bug.cgi?id=50516
334
335         Add an overload to calculateStringHashFromUTF8 to get
336         strlen() of the input data with only one call.
337
338         This change shows about 3% performance win on the xml-parser benchmark.
339
340         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
341         * wtf/text/AtomicString.cpp:
342         (WTF::AtomicString::fromUTF8):
343         * wtf/unicode/UTF8.cpp:
344         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
345         (WTF::Unicode::calculateStringHashFromUTF8):
346         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
347         * wtf/unicode/UTF8.h:
348
349 2011-02-01  Sam Weinig  <sam@webkit.org>
350
351         Reviewed by Beth Dakin.
352
353         Part 2 for <rdar://problem/8492788>
354         Adopt WKScrollbarPainterController
355
356         Use header detection to define scrollbar painting controller #define.
357
358         * DerivedSources.make:
359         * JavaScriptCore.xcodeproj/project.pbxproj:
360
361 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
362
363         Reviewed by Oliver Hunt.
364
365         Refactor JSGlobalObject-related tear-down
366         https://bugs.webkit.org/show_bug.cgi?id=53478
367         
368         While investigating crashes caused by r77082, I noticed some strange
369         destructor-time behaviors. This patch makes them less strange.
370
371         * bytecode/CodeBlock.cpp:
372         (JSC::CodeBlock::CodeBlock):
373         (JSC::CodeBlock::markAggregate):
374         * bytecode/CodeBlock.h:
375         (JSC::CodeBlock::globalObject):
376         (JSC::GlobalCodeBlock::GlobalCodeBlock):
377         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
378         blocks on the Heap, instead of on independent global objects. The heap
379         is guaranteed to outlast any GC-owned data structure. The heap is also
380         a natural place to store objects that needs out-of-band marking, since
381         the heap is responsible for marking all roots.
382
383         * runtime/Heap.cpp:
384         (JSC::Heap::markRoots):
385         (JSC::Heap::globalObjectCount):
386         (JSC::Heap::protectedGlobalObjectCount):
387         * runtime/Heap.h:
388         (JSC::Heap::codeBlocks):
389         * runtime/JSGlobalData.cpp:
390         (JSC::JSGlobalData::JSGlobalData):
391         * runtime/JSGlobalData.h:
392         * runtime/JSGlobalObject.cpp:
393         (JSC::JSGlobalObject::~JSGlobalObject):
394         (JSC::JSGlobalObject::init):
395         (JSC::JSGlobalObject::markChildren):
396         * runtime/JSGlobalObject.h:
397         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
398         owned by JSGlobalData, instead of an instrusive circular linked list.
399         This is simpler, and it avoids destructor-time access between garbage
400         collected objects, which is hard to get right.
401
402         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
403         everything down. Otherwise, weak data structures will incorrectly report
404         that objects pending destruction are still alive.
405
406 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
407
408         Reviewed by Oliver Hunt.
409
410         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
411         bot; loading trac pages; typing in search field
412         https://bugs.webkit.org/show_bug.cgi?id=53519
413         
414         The crashes were all caused by failure to run an object's destructor.
415
416         * runtime/CollectorHeapIterator.h:
417         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
418         construction. The iterator class used to do that when it was designed
419         for prior-to-beginning initialization. I forgot to remove this line
420         of code when I changed the iterator to normal initialization.
421         
422         Skipping forward upon construction was causing the heap to skip running
423         the destructor for the very first object in a block when destroying the
424         block. This usually did not crash, since block destruction is rare and
425         most objects have pretty trivial destructors. However, in the rare case
426         when the heap would destroy a block whose first object was a global
427         object or a DOM node, BOOM.
428
429 2011-01-31  Oliver Hunt  <oliver@apple.com>
430
431         Reviewed by Geoffrey Garen.
432
433         Update JSObject storage for new marking API
434         https://bugs.webkit.org/show_bug.cgi?id=53467
435
436         JSObject no longer uses EncodedJSValue for its property storage.
437         This produces a stream of mechanical changes to PropertySlot and
438         anonymous storage APIs.
439
440         * JavaScriptCore.exp:
441         * runtime/ArrayPrototype.cpp:
442         (JSC::ArrayPrototype::ArrayPrototype):
443         * runtime/BooleanConstructor.cpp:
444         (JSC::constructBoolean):
445         (JSC::constructBooleanFromImmediateBoolean):
446         * runtime/BooleanObject.cpp:
447         (JSC::BooleanObject::BooleanObject):
448         * runtime/BooleanObject.h:
449         * runtime/BooleanPrototype.cpp:
450         (JSC::BooleanPrototype::BooleanPrototype):
451         * runtime/DateInstance.cpp:
452         (JSC::DateInstance::DateInstance):
453         * runtime/DatePrototype.cpp:
454         (JSC::DatePrototype::DatePrototype):
455         * runtime/JSActivation.cpp:
456         (JSC::JSActivation::getOwnPropertySlot):
457         * runtime/JSArray.cpp:
458         (JSC::JSArray::getOwnPropertySlot):
459         * runtime/JSFunction.cpp:
460         (JSC::JSFunction::getOwnPropertySlot):
461         * runtime/JSGlobalObject.h:
462         (JSC::JSGlobalObject::JSGlobalObject):
463         * runtime/JSObject.cpp:
464         (JSC::JSObject::fillGetterPropertySlot):
465         * runtime/JSObject.h:
466         (JSC::JSObject::getDirectLocation):
467         (JSC::JSObject::offsetForLocation):
468         (JSC::JSObject::putAnonymousValue):
469         (JSC::JSObject::clearAnonymousValue):
470         (JSC::JSObject::getAnonymousValue):
471         (JSC::JSObject::putThisToAnonymousValue):
472         (JSC::JSObject::locationForOffset):
473         (JSC::JSObject::inlineGetOwnPropertySlot):
474         * runtime/JSObjectWithGlobalObject.cpp:
475         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
476         * runtime/JSWrapperObject.h:
477         (JSC::JSWrapperObject::JSWrapperObject):
478         (JSC::JSWrapperObject::setInternalValue):
479         * runtime/Lookup.cpp:
480         (JSC::setUpStaticFunctionSlot):
481         * runtime/NumberConstructor.cpp:
482         (JSC::constructWithNumberConstructor):
483         * runtime/NumberObject.cpp:
484         (JSC::NumberObject::NumberObject):
485         (JSC::constructNumber):
486         * runtime/NumberObject.h:
487         * runtime/NumberPrototype.cpp:
488         (JSC::NumberPrototype::NumberPrototype):
489         * runtime/PropertySlot.h:
490         (JSC::PropertySlot::getValue):
491         (JSC::PropertySlot::setValue):
492         (JSC::PropertySlot::setRegisterSlot):
493         * runtime/StringObject.cpp:
494         (JSC::StringObject::StringObject):
495         * runtime/StringPrototype.cpp:
496         (JSC::StringPrototype::StringPrototype):
497         * runtime/WriteBarrier.h:
498         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
499
500 2011-02-01  Daniel Bates  <dbates@rim.com>
501
502         Reviewed by Antonio Gomes.
503
504         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
505         https://bugs.webkit.org/show_bug.cgi?id=53506
506
507         Currently, use of the Mersenne Twister pseudorandom number generator
508         is hardcoded to the Windows CE port. With the passing of bug #53253,
509         we can generalize support for this PRNG to all ports that use srand(3)
510         and rand(3), including Windows CE.
511
512         * wtf/RandomNumberSeed.h:
513         (WTF::initializeRandomNumberGenerator):
514
515 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
516
517         Reviewed by Gavin Barraclough.
518
519         MacroAssemblerARM would generate code that did 32bit loads
520         on addresses that were not aligned. More specifically it would
521         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
522         The intended instruction really is ldrb r8,[r1, #7]; ensure we
523         call load8 instead of load32.
524
525         https://bugs.webkit.org/show_bug.cgi?id=46095
526
527         * assembler/MacroAssemblerARM.h:
528         (JSC::MacroAssemblerARM::set32Test32):
529         (JSC::MacroAssemblerARM::set32Test8):
530
531 2011-02-01  Darin Fisher  <darin@chromium.org>
532
533         Reviewed by Eric Seidel.
534
535         Fix some Visual Studio compiler warnings.
536         https://bugs.webkit.org/show_bug.cgi?id=53476
537
538         * wtf/MathExtras.h:
539         (clampToInteger):
540         (clampToPositiveInteger):
541         * wtf/ThreadingWin.cpp:
542         (WTF::absoluteTimeToWaitTimeoutInterval):
543
544 2011-01-31  Oliver Hunt  <oliver@apple.com>
545
546         Reviewed by Sam Weinig.
547
548         Bogus callframe during stack unwinding
549         https://bugs.webkit.org/show_bug.cgi?id=53454
550
551         Trying to access a callframe's globalData after destroying its
552         ScopeChain is not a good thing.  While we could access the
553         globalData directly through the (known valid) scopechain we're
554         holding on to, it feels fragile.  Instead we push the valid
555         ScopeChain onto the callframe again to ensure that the callframe
556         itself remains valid.
557
558         * interpreter/Interpreter.cpp:
559         (JSC::Interpreter::unwindCallFrame):
560
561 2011-01-31  Michael Saboff  <msaboff@apple.com>
562
563         Reviewed by Geoffrey Garen.
564
565         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
566         https://bugs.webkit.org/show_bug.cgi?id=53271
567
568         Reapplying this change again.
569         Changed isValid() to use .get() as a result of change r77151.
570
571         Added new isValid() methods to check if a contained object in
572         a WeakGCMap is valid when using an unchecked iterator.
573
574         * runtime/WeakGCMap.h:
575         (JSC::WeakGCMap::isValid):
576
577 2011-01-31  Oliver Hunt  <oliver@apple.com>
578
579         Convert markstack to a slot visitor API
580         https://bugs.webkit.org/show_bug.cgi?id=53219
581
582         rolling r77098, r77099, r77100, r77109, and
583         r77111 back in, along with a few more Qt fix attempts.
584
585         * API/JSCallbackObject.h:
586         (JSC::JSCallbackObjectData::setPrivateProperty):
587         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
588         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
589         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
590         (JSC::JSCallbackObject::setPrivateProperty):
591         * API/JSCallbackObjectFunctions.h:
592         (JSC::::put):
593         (JSC::::staticFunctionGetter):
594         * API/JSObjectRef.cpp:
595         (JSObjectMakeConstructor):
596         (JSObjectSetPrivateProperty):
597         * API/JSWeakObjectMapRefInternal.h:
598         * JavaScriptCore.exp:
599         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
600         * JavaScriptCore.xcodeproj/project.pbxproj:
601         * bytecode/CodeBlock.cpp:
602         (JSC::CodeBlock::markAggregate):
603         * bytecode/CodeBlock.h:
604         (JSC::CodeBlock::globalObject):
605         * bytecompiler/BytecodeGenerator.cpp:
606         (JSC::BytecodeGenerator::BytecodeGenerator):
607         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
608         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
609         (JSC::BytecodeGenerator::findScopedProperty):
610         * debugger/Debugger.cpp:
611         (JSC::evaluateInGlobalCallFrame):
612         * debugger/DebuggerActivation.cpp:
613         (JSC::DebuggerActivation::DebuggerActivation):
614         (JSC::DebuggerActivation::markChildren):
615         * debugger/DebuggerActivation.h:
616         * debugger/DebuggerCallFrame.cpp:
617         (JSC::DebuggerCallFrame::evaluate):
618         * interpreter/CallFrame.h:
619         (JSC::ExecState::exception):
620         * interpreter/Interpreter.cpp:
621         (JSC::Interpreter::resolve):
622         (JSC::Interpreter::resolveSkip):
623         (JSC::Interpreter::resolveGlobal):
624         (JSC::Interpreter::resolveGlobalDynamic):
625         (JSC::Interpreter::resolveBaseAndProperty):
626         (JSC::Interpreter::unwindCallFrame):
627         (JSC::appendSourceToError):
628         (JSC::Interpreter::execute):
629         (JSC::Interpreter::tryCacheGetByID):
630         (JSC::Interpreter::privateExecute):
631         * jit/JITStubs.cpp:
632         (JSC::JITThunks::tryCacheGetByID):
633         (JSC::DEFINE_STUB_FUNCTION):
634         * jsc.cpp:
635         (GlobalObject::GlobalObject):
636         * runtime/ArgList.cpp:
637         (JSC::MarkedArgumentBuffer::markLists):
638         * runtime/Arguments.cpp:
639         (JSC::Arguments::markChildren):
640         (JSC::Arguments::getOwnPropertySlot):
641         (JSC::Arguments::getOwnPropertyDescriptor):
642         (JSC::Arguments::put):
643         * runtime/Arguments.h:
644         (JSC::Arguments::setActivation):
645         (JSC::Arguments::Arguments):
646         * runtime/ArrayConstructor.cpp:
647         (JSC::ArrayConstructor::ArrayConstructor):
648         (JSC::constructArrayWithSizeQuirk):
649         * runtime/ArrayPrototype.cpp:
650         (JSC::arrayProtoFuncSplice):
651         * runtime/BatchedTransitionOptimizer.h:
652         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
653         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
654         * runtime/BooleanConstructor.cpp:
655         (JSC::BooleanConstructor::BooleanConstructor):
656         (JSC::constructBoolean):
657         (JSC::constructBooleanFromImmediateBoolean):
658         * runtime/BooleanPrototype.cpp:
659         (JSC::BooleanPrototype::BooleanPrototype):
660         * runtime/ConservativeSet.cpp:
661         (JSC::ConservativeSet::grow):
662         * runtime/ConservativeSet.h:
663         (JSC::ConservativeSet::~ConservativeSet):
664         (JSC::ConservativeSet::mark):
665         * runtime/DateConstructor.cpp:
666         (JSC::DateConstructor::DateConstructor):
667         * runtime/DateInstance.cpp:
668         (JSC::DateInstance::DateInstance):
669         * runtime/DatePrototype.cpp:
670         (JSC::dateProtoFuncSetTime):
671         (JSC::setNewValueFromTimeArgs):
672         (JSC::setNewValueFromDateArgs):
673         (JSC::dateProtoFuncSetYear):
674         * runtime/ErrorConstructor.cpp:
675         (JSC::ErrorConstructor::ErrorConstructor):
676         * runtime/ErrorInstance.cpp:
677         (JSC::ErrorInstance::ErrorInstance):
678         * runtime/ErrorPrototype.cpp:
679         (JSC::ErrorPrototype::ErrorPrototype):
680         * runtime/FunctionConstructor.cpp:
681         (JSC::FunctionConstructor::FunctionConstructor):
682         * runtime/FunctionPrototype.cpp:
683         (JSC::FunctionPrototype::FunctionPrototype):
684         * runtime/GetterSetter.cpp:
685         (JSC::GetterSetter::markChildren):
686         * runtime/GetterSetter.h:
687         (JSC::GetterSetter::GetterSetter):
688         (JSC::GetterSetter::getter):
689         (JSC::GetterSetter::setGetter):
690         (JSC::GetterSetter::setter):
691         (JSC::GetterSetter::setSetter):
692         * runtime/GlobalEvalFunction.cpp:
693         (JSC::GlobalEvalFunction::GlobalEvalFunction):
694         (JSC::GlobalEvalFunction::markChildren):
695         * runtime/GlobalEvalFunction.h:
696         (JSC::GlobalEvalFunction::cachedGlobalObject):
697         * runtime/Heap.cpp:
698         (JSC::Heap::markProtectedObjects):
699         (JSC::Heap::markTempSortVectors):
700         (JSC::Heap::markRoots):
701         * runtime/InternalFunction.cpp:
702         (JSC::InternalFunction::InternalFunction):
703         * runtime/JSAPIValueWrapper.h:
704         (JSC::JSAPIValueWrapper::value):
705         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
706         * runtime/JSActivation.cpp:
707         (JSC::JSActivation::markChildren):
708         (JSC::JSActivation::put):
709         * runtime/JSArray.cpp:
710         (JSC::JSArray::JSArray):
711         (JSC::JSArray::getOwnPropertySlot):
712         (JSC::JSArray::getOwnPropertyDescriptor):
713         (JSC::JSArray::put):
714         (JSC::JSArray::putSlowCase):
715         (JSC::JSArray::deleteProperty):
716         (JSC::JSArray::increaseVectorLength):
717         (JSC::JSArray::setLength):
718         (JSC::JSArray::pop):
719         (JSC::JSArray::push):
720         (JSC::JSArray::unshiftCount):
721         (JSC::JSArray::sort):
722         (JSC::JSArray::fillArgList):
723         (JSC::JSArray::copyToRegisters):
724         (JSC::JSArray::compactForSorting):
725         * runtime/JSArray.h:
726         (JSC::JSArray::getIndex):
727         (JSC::JSArray::setIndex):
728         (JSC::JSArray::uncheckedSetIndex):
729         (JSC::JSArray::markChildrenDirect):
730         * runtime/JSByteArray.cpp:
731         (JSC::JSByteArray::JSByteArray):
732         * runtime/JSCell.h:
733         (JSC::JSCell::MarkStack::append):
734         (JSC::JSCell::MarkStack::internalAppend):
735         (JSC::JSCell::MarkStack::deprecatedAppend):
736         * runtime/JSFunction.cpp:
737         (JSC::JSFunction::JSFunction):
738         (JSC::JSFunction::getOwnPropertySlot):
739         * runtime/JSGlobalData.h:
740         * runtime/JSGlobalObject.cpp:
741         (JSC::markIfNeeded):
742         (JSC::JSGlobalObject::reset):
743         (JSC::JSGlobalObject::resetPrototype):
744         (JSC::JSGlobalObject::markChildren):
745         * runtime/JSGlobalObject.h:
746         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
747         (JSC::JSGlobalObject::regExpConstructor):
748         (JSC::JSGlobalObject::errorConstructor):
749         (JSC::JSGlobalObject::evalErrorConstructor):
750         (JSC::JSGlobalObject::rangeErrorConstructor):
751         (JSC::JSGlobalObject::referenceErrorConstructor):
752         (JSC::JSGlobalObject::syntaxErrorConstructor):
753         (JSC::JSGlobalObject::typeErrorConstructor):
754         (JSC::JSGlobalObject::URIErrorConstructor):
755         (JSC::JSGlobalObject::evalFunction):
756         (JSC::JSGlobalObject::objectPrototype):
757         (JSC::JSGlobalObject::functionPrototype):
758         (JSC::JSGlobalObject::arrayPrototype):
759         (JSC::JSGlobalObject::booleanPrototype):
760         (JSC::JSGlobalObject::stringPrototype):
761         (JSC::JSGlobalObject::numberPrototype):
762         (JSC::JSGlobalObject::datePrototype):
763         (JSC::JSGlobalObject::regExpPrototype):
764         (JSC::JSGlobalObject::methodCallDummy):
765         (JSC::Structure::prototypeForLookup):
766         (JSC::constructArray):
767         * runtime/JSONObject.cpp:
768         (JSC::Stringifier::Holder::object):
769         (JSC::Stringifier::Holder::objectSlot):
770         (JSC::Stringifier::markAggregate):
771         (JSC::Stringifier::stringify):
772         (JSC::Stringifier::Holder::appendNextProperty):
773         (JSC::Walker::callReviver):
774         (JSC::Walker::walk):
775         * runtime/JSObject.cpp:
776         (JSC::JSObject::defineGetter):
777         (JSC::JSObject::defineSetter):
778         (JSC::JSObject::removeDirect):
779         (JSC::JSObject::putDirectFunction):
780         (JSC::JSObject::putDirectFunctionWithoutTransition):
781         (JSC::putDescriptor):
782         (JSC::JSObject::defineOwnProperty):
783         * runtime/JSObject.h:
784         (JSC::JSObject::getDirectOffset):
785         (JSC::JSObject::putDirectOffset):
786         (JSC::JSObject::putUndefinedAtDirectOffset):
787         (JSC::JSObject::flattenDictionaryObject):
788         (JSC::JSObject::putDirectInternal):
789         (JSC::JSObject::putDirect):
790         (JSC::JSObject::putDirectFunction):
791         (JSC::JSObject::putDirectWithoutTransition):
792         (JSC::JSObject::putDirectFunctionWithoutTransition):
793         (JSC::JSValue::putDirect):
794         (JSC::JSObject::allocatePropertyStorageInline):
795         (JSC::JSObject::markChildrenDirect):
796         * runtime/JSPropertyNameIterator.cpp:
797         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
798         (JSC::JSPropertyNameIterator::get):
799         * runtime/JSPropertyNameIterator.h:
800         * runtime/JSStaticScopeObject.cpp:
801         (JSC::JSStaticScopeObject::markChildren):
802         * runtime/JSString.cpp:
803         (JSC::StringObject::create):
804         * runtime/JSValue.h:
805         * runtime/JSWrapperObject.cpp:
806         (JSC::JSWrapperObject::markChildren):
807         * runtime/JSWrapperObject.h:
808         (JSC::JSWrapperObject::internalValue):
809         (JSC::JSWrapperObject::setInternalValue):
810         * runtime/LiteralParser.cpp:
811         (JSC::LiteralParser::parse):
812         * runtime/Lookup.cpp:
813         (JSC::setUpStaticFunctionSlot):
814         * runtime/Lookup.h:
815         (JSC::lookupPut):
816         * runtime/MarkStack.h:
817         (JSC::MarkStack::MarkStack):
818         (JSC::MarkStack::deprecatedAppendValues):
819         (JSC::MarkStack::appendValues):
820         * runtime/MathObject.cpp:
821         (JSC::MathObject::MathObject):
822         * runtime/NativeErrorConstructor.cpp:
823         (JSC::NativeErrorConstructor::NativeErrorConstructor):
824         * runtime/NativeErrorPrototype.cpp:
825         (JSC::NativeErrorPrototype::NativeErrorPrototype):
826         * runtime/NumberConstructor.cpp:
827         (JSC::NumberConstructor::NumberConstructor):
828         (JSC::constructWithNumberConstructor):
829         * runtime/NumberObject.cpp:
830         (JSC::constructNumber):
831         * runtime/NumberPrototype.cpp:
832         (JSC::NumberPrototype::NumberPrototype):
833         * runtime/ObjectConstructor.cpp:
834         (JSC::ObjectConstructor::ObjectConstructor):
835         (JSC::objectConstructorGetOwnPropertyDescriptor):
836         * runtime/Operations.h:
837         (JSC::normalizePrototypeChain):
838         (JSC::resolveBase):
839         * runtime/PrototypeFunction.cpp:
840         (JSC::PrototypeFunction::PrototypeFunction):
841         * runtime/PutPropertySlot.h:
842         (JSC::PutPropertySlot::setExistingProperty):
843         (JSC::PutPropertySlot::setNewProperty):
844         (JSC::PutPropertySlot::base):
845         * runtime/RegExpConstructor.cpp:
846         (JSC::RegExpConstructor::RegExpConstructor):
847         * runtime/ScopeChain.cpp:
848         (JSC::ScopeChainNode::print):
849         * runtime/ScopeChain.h:
850         (JSC::ScopeChainNode::~ScopeChainNode):
851         (JSC::ScopeChainIterator::operator*):
852         (JSC::ScopeChainIterator::operator->):
853         (JSC::ScopeChain::top):
854         * runtime/ScopeChainMark.h:
855         (JSC::ScopeChain::markAggregate):
856         * runtime/SmallStrings.cpp:
857         (JSC::isMarked):
858         (JSC::SmallStrings::markChildren):
859         * runtime/SmallStrings.h:
860         (JSC::SmallStrings::emptyString):
861         (JSC::SmallStrings::singleCharacterString):
862         (JSC::SmallStrings::singleCharacterStrings):
863         * runtime/StringConstructor.cpp:
864         (JSC::StringConstructor::StringConstructor):
865         * runtime/StringObject.cpp:
866         (JSC::StringObject::StringObject):
867         * runtime/StringObject.h:
868         * runtime/StringPrototype.cpp:
869         (JSC::StringPrototype::StringPrototype):
870         * runtime/Structure.cpp:
871         (JSC::Structure::Structure):
872         (JSC::Structure::addPropertyTransition):
873         (JSC::Structure::toDictionaryTransition):
874         (JSC::Structure::flattenDictionaryStructure):
875         * runtime/Structure.h:
876         (JSC::Structure::storedPrototype):
877         (JSC::Structure::storedPrototypeSlot):
878         * runtime/WeakGCMap.h:
879         (JSC::WeakGCMap::uncheckedGet):
880         (JSC::WeakGCMap::uncheckedGetSlot):
881         (JSC::::get):
882         (JSC::::take):
883         (JSC::::set):
884         (JSC::::uncheckedRemove):
885         * runtime/WriteBarrier.h: Added.
886         (JSC::DeprecatedPtr::DeprecatedPtr):
887         (JSC::DeprecatedPtr::get):
888         (JSC::DeprecatedPtr::operator*):
889         (JSC::DeprecatedPtr::operator->):
890         (JSC::DeprecatedPtr::slot):
891         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
892         (JSC::DeprecatedPtr::operator!):
893         (JSC::WriteBarrierBase::set):
894         (JSC::WriteBarrierBase::get):
895         (JSC::WriteBarrierBase::operator*):
896         (JSC::WriteBarrierBase::operator->):
897         (JSC::WriteBarrierBase::clear):
898         (JSC::WriteBarrierBase::slot):
899         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
900         (JSC::WriteBarrierBase::operator!):
901         (JSC::WriteBarrier::WriteBarrier):
902         (JSC::operator==):
903
904 2011-01-31  Dan Winship  <danw@gnome.org>
905
906         Reviewed by Gustavo Noronha Silva.
907
908         wss (websockets ssl) support for gtk via new gio TLS support
909         https://bugs.webkit.org/show_bug.cgi?id=50344
910
911         Add a GPollableOutputStream typedef for TLS WebSockets support
912
913         * wtf/gobject/GTypedefs.h:
914
915 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
916
917         Reviewed by Geoff Garen.
918
919         https://bugs.webkit.org/show_bug.cgi?id=53352
920         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
921
922         The FixedVMPoolAllocator currently uses a best fix policy -
923         switch to first fit, this is less prone to external fragmentation.
924
925         * jit/ExecutableAllocatorFixedVMPool.cpp:
926         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
927         (JSC::AllocationTableSizeClass::blockSize):
928         (JSC::AllocationTableSizeClass::blockCount):
929         (JSC::AllocationTableSizeClass::blockAlignment):
930         (JSC::AllocationTableSizeClass::size):
931         (JSC::AllocationTableLeaf::AllocationTableLeaf):
932         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
933         (JSC::AllocationTableLeaf::allocate):
934         (JSC::AllocationTableLeaf::free):
935         (JSC::AllocationTableLeaf::isEmpty):
936         (JSC::AllocationTableLeaf::isFull):
937         (JSC::AllocationTableLeaf::size):
938         (JSC::AllocationTableLeaf::classForSize):
939         (JSC::AllocationTableLeaf::dump):
940         (JSC::LazyAllocationTable::LazyAllocationTable):
941         (JSC::LazyAllocationTable::~LazyAllocationTable):
942         (JSC::LazyAllocationTable::allocate):
943         (JSC::LazyAllocationTable::free):
944         (JSC::LazyAllocationTable::isEmpty):
945         (JSC::LazyAllocationTable::isFull):
946         (JSC::LazyAllocationTable::size):
947         (JSC::LazyAllocationTable::dump):
948         (JSC::LazyAllocationTable::classForSize):
949         (JSC::AllocationTableDirectory::AllocationTableDirectory):
950         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
951         (JSC::AllocationTableDirectory::allocate):
952         (JSC::AllocationTableDirectory::free):
953         (JSC::AllocationTableDirectory::isEmpty):
954         (JSC::AllocationTableDirectory::isFull):
955         (JSC::AllocationTableDirectory::size):
956         (JSC::AllocationTableDirectory::classForSize):
957         (JSC::AllocationTableDirectory::dump):
958         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
959         (JSC::FixedVMPoolAllocator::alloc):
960         (JSC::FixedVMPoolAllocator::free):
961         (JSC::FixedVMPoolAllocator::allocated):
962         (JSC::FixedVMPoolAllocator::isValid):
963         (JSC::FixedVMPoolAllocator::classForSize):
964         (JSC::FixedVMPoolAllocator::offsetToPointer):
965         (JSC::FixedVMPoolAllocator::pointerToOffset):
966         (JSC::ExecutableAllocator::committedByteCount):
967         (JSC::ExecutableAllocator::isValid):
968         (JSC::ExecutableAllocator::underMemoryPressure):
969         (JSC::ExecutablePool::systemAlloc):
970         (JSC::ExecutablePool::systemRelease):
971         * wtf/PageReservation.h:
972         (WTF::PageReservation::PageReservation):
973         (WTF::PageReservation::commit):
974         (WTF::PageReservation::decommit):
975         (WTF::PageReservation::committed):
976
977 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
978
979         Unreviewed, rolling out r76969.
980         http://trac.webkit.org/changeset/76969
981         https://bugs.webkit.org/show_bug.cgi?id=53418
982
983         "It is causing crashes in GTK+ and Leopard bots" (Requested by
984         alexg__ on #webkit).
985
986         * runtime/WeakGCMap.h:
987
988 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
989
990         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
991         r77111.
992         http://trac.webkit.org/changeset/77098
993         http://trac.webkit.org/changeset/77099
994         http://trac.webkit.org/changeset/77100
995         http://trac.webkit.org/changeset/77109
996         http://trac.webkit.org/changeset/77111
997         https://bugs.webkit.org/show_bug.cgi?id=53219
998
999         Qt build is broken
1000
1001         * API/JSCallbackObject.h:
1002         (JSC::JSCallbackObjectData::setPrivateProperty):
1003         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1004         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1005         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1006         (JSC::JSCallbackObject::setPrivateProperty):
1007         * API/JSCallbackObjectFunctions.h:
1008         (JSC::::put):
1009         (JSC::::staticFunctionGetter):
1010         * API/JSObjectRef.cpp:
1011         (JSObjectMakeConstructor):
1012         (JSObjectSetPrivateProperty):
1013         * API/JSWeakObjectMapRefInternal.h:
1014         * JavaScriptCore.exp:
1015         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1016         * JavaScriptCore.xcodeproj/project.pbxproj:
1017         * bytecode/CodeBlock.cpp:
1018         (JSC::CodeBlock::markAggregate):
1019         * bytecode/CodeBlock.h:
1020         (JSC::CodeBlock::globalObject):
1021         * bytecompiler/BytecodeGenerator.cpp:
1022         (JSC::BytecodeGenerator::BytecodeGenerator):
1023         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1024         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1025         (JSC::BytecodeGenerator::findScopedProperty):
1026         * debugger/Debugger.cpp:
1027         (JSC::evaluateInGlobalCallFrame):
1028         * debugger/DebuggerActivation.cpp:
1029         (JSC::DebuggerActivation::DebuggerActivation):
1030         (JSC::DebuggerActivation::markChildren):
1031         * debugger/DebuggerActivation.h:
1032         * debugger/DebuggerCallFrame.cpp:
1033         (JSC::DebuggerCallFrame::evaluate):
1034         * interpreter/CallFrame.h:
1035         (JSC::ExecState::exception):
1036         * interpreter/Interpreter.cpp:
1037         (JSC::Interpreter::resolve):
1038         (JSC::Interpreter::resolveSkip):
1039         (JSC::Interpreter::resolveGlobal):
1040         (JSC::Interpreter::resolveGlobalDynamic):
1041         (JSC::Interpreter::resolveBaseAndProperty):
1042         (JSC::Interpreter::unwindCallFrame):
1043         (JSC::appendSourceToError):
1044         (JSC::Interpreter::execute):
1045         (JSC::Interpreter::tryCacheGetByID):
1046         (JSC::Interpreter::privateExecute):
1047         * jit/JITStubs.cpp:
1048         (JSC::JITThunks::tryCacheGetByID):
1049         (JSC::DEFINE_STUB_FUNCTION):
1050         * jsc.cpp:
1051         (GlobalObject::GlobalObject):
1052         * runtime/ArgList.cpp:
1053         (JSC::MarkedArgumentBuffer::markLists):
1054         * runtime/Arguments.cpp:
1055         (JSC::Arguments::markChildren):
1056         (JSC::Arguments::getOwnPropertySlot):
1057         (JSC::Arguments::getOwnPropertyDescriptor):
1058         (JSC::Arguments::put):
1059         * runtime/Arguments.h:
1060         (JSC::Arguments::setActivation):
1061         (JSC::Arguments::Arguments):
1062         * runtime/ArrayConstructor.cpp:
1063         (JSC::ArrayConstructor::ArrayConstructor):
1064         (JSC::constructArrayWithSizeQuirk):
1065         * runtime/ArrayPrototype.cpp:
1066         (JSC::arrayProtoFuncSplice):
1067         * runtime/BatchedTransitionOptimizer.h:
1068         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1069         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1070         * runtime/BooleanConstructor.cpp:
1071         (JSC::BooleanConstructor::BooleanConstructor):
1072         (JSC::constructBoolean):
1073         (JSC::constructBooleanFromImmediateBoolean):
1074         * runtime/BooleanPrototype.cpp:
1075         (JSC::BooleanPrototype::BooleanPrototype):
1076         * runtime/ConservativeSet.cpp:
1077         (JSC::ConservativeSet::grow):
1078         * runtime/ConservativeSet.h:
1079         (JSC::ConservativeSet::~ConservativeSet):
1080         (JSC::ConservativeSet::mark):
1081         * runtime/DateConstructor.cpp:
1082         (JSC::DateConstructor::DateConstructor):
1083         * runtime/DateInstance.cpp:
1084         (JSC::DateInstance::DateInstance):
1085         * runtime/DatePrototype.cpp:
1086         (JSC::dateProtoFuncSetTime):
1087         (JSC::setNewValueFromTimeArgs):
1088         (JSC::setNewValueFromDateArgs):
1089         (JSC::dateProtoFuncSetYear):
1090         * runtime/ErrorConstructor.cpp:
1091         (JSC::ErrorConstructor::ErrorConstructor):
1092         * runtime/ErrorInstance.cpp:
1093         (JSC::ErrorInstance::ErrorInstance):
1094         * runtime/ErrorPrototype.cpp:
1095         (JSC::ErrorPrototype::ErrorPrototype):
1096         * runtime/FunctionConstructor.cpp:
1097         (JSC::FunctionConstructor::FunctionConstructor):
1098         * runtime/FunctionPrototype.cpp:
1099         (JSC::FunctionPrototype::FunctionPrototype):
1100         * runtime/GetterSetter.cpp:
1101         (JSC::GetterSetter::markChildren):
1102         * runtime/GetterSetter.h:
1103         (JSC::GetterSetter::GetterSetter):
1104         (JSC::GetterSetter::getter):
1105         (JSC::GetterSetter::setGetter):
1106         (JSC::GetterSetter::setter):
1107         (JSC::GetterSetter::setSetter):
1108         * runtime/GlobalEvalFunction.cpp:
1109         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1110         (JSC::GlobalEvalFunction::markChildren):
1111         * runtime/GlobalEvalFunction.h:
1112         (JSC::GlobalEvalFunction::cachedGlobalObject):
1113         * runtime/Heap.cpp:
1114         (JSC::Heap::markProtectedObjects):
1115         (JSC::Heap::markTempSortVectors):
1116         (JSC::Heap::markRoots):
1117         * runtime/InternalFunction.cpp:
1118         (JSC::InternalFunction::InternalFunction):
1119         * runtime/JSAPIValueWrapper.h:
1120         (JSC::JSAPIValueWrapper::value):
1121         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1122         * runtime/JSActivation.cpp:
1123         (JSC::JSActivation::markChildren):
1124         (JSC::JSActivation::put):
1125         * runtime/JSArray.cpp:
1126         (JSC::JSArray::JSArray):
1127         (JSC::JSArray::getOwnPropertySlot):
1128         (JSC::JSArray::getOwnPropertyDescriptor):
1129         (JSC::JSArray::put):
1130         (JSC::JSArray::putSlowCase):
1131         (JSC::JSArray::deleteProperty):
1132         (JSC::JSArray::increaseVectorLength):
1133         (JSC::JSArray::setLength):
1134         (JSC::JSArray::pop):
1135         (JSC::JSArray::push):
1136         (JSC::JSArray::unshiftCount):
1137         (JSC::JSArray::sort):
1138         (JSC::JSArray::fillArgList):
1139         (JSC::JSArray::copyToRegisters):
1140         (JSC::JSArray::compactForSorting):
1141         * runtime/JSArray.h:
1142         (JSC::JSArray::getIndex):
1143         (JSC::JSArray::setIndex):
1144         (JSC::JSArray::uncheckedSetIndex):
1145         (JSC::JSArray::markChildrenDirect):
1146         * runtime/JSByteArray.cpp:
1147         (JSC::JSByteArray::JSByteArray):
1148         * runtime/JSCell.h:
1149         (JSC::JSCell::JSValue::toThisObject):
1150         (JSC::JSCell::MarkStack::append):
1151         * runtime/JSFunction.cpp:
1152         (JSC::JSFunction::JSFunction):
1153         (JSC::JSFunction::getOwnPropertySlot):
1154         * runtime/JSGlobalData.h:
1155         * runtime/JSGlobalObject.cpp:
1156         (JSC::markIfNeeded):
1157         (JSC::JSGlobalObject::reset):
1158         (JSC::JSGlobalObject::resetPrototype):
1159         (JSC::JSGlobalObject::markChildren):
1160         * runtime/JSGlobalObject.h:
1161         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1162         (JSC::JSGlobalObject::regExpConstructor):
1163         (JSC::JSGlobalObject::errorConstructor):
1164         (JSC::JSGlobalObject::evalErrorConstructor):
1165         (JSC::JSGlobalObject::rangeErrorConstructor):
1166         (JSC::JSGlobalObject::referenceErrorConstructor):
1167         (JSC::JSGlobalObject::syntaxErrorConstructor):
1168         (JSC::JSGlobalObject::typeErrorConstructor):
1169         (JSC::JSGlobalObject::URIErrorConstructor):
1170         (JSC::JSGlobalObject::evalFunction):
1171         (JSC::JSGlobalObject::objectPrototype):
1172         (JSC::JSGlobalObject::functionPrototype):
1173         (JSC::JSGlobalObject::arrayPrototype):
1174         (JSC::JSGlobalObject::booleanPrototype):
1175         (JSC::JSGlobalObject::stringPrototype):
1176         (JSC::JSGlobalObject::numberPrototype):
1177         (JSC::JSGlobalObject::datePrototype):
1178         (JSC::JSGlobalObject::regExpPrototype):
1179         (JSC::JSGlobalObject::methodCallDummy):
1180         (JSC::Structure::prototypeForLookup):
1181         (JSC::constructArray):
1182         * runtime/JSONObject.cpp:
1183         (JSC::Stringifier::Holder::object):
1184         (JSC::Stringifier::markAggregate):
1185         (JSC::Stringifier::stringify):
1186         (JSC::Stringifier::Holder::appendNextProperty):
1187         (JSC::Walker::callReviver):
1188         (JSC::Walker::walk):
1189         * runtime/JSObject.cpp:
1190         (JSC::JSObject::defineGetter):
1191         (JSC::JSObject::defineSetter):
1192         (JSC::JSObject::removeDirect):
1193         (JSC::JSObject::putDirectFunction):
1194         (JSC::JSObject::putDirectFunctionWithoutTransition):
1195         (JSC::putDescriptor):
1196         (JSC::JSObject::defineOwnProperty):
1197         * runtime/JSObject.h:
1198         (JSC::JSObject::getDirectOffset):
1199         (JSC::JSObject::putDirectOffset):
1200         (JSC::JSObject::flattenDictionaryObject):
1201         (JSC::JSObject::putDirectInternal):
1202         (JSC::JSObject::putDirect):
1203         (JSC::JSObject::putDirectFunction):
1204         (JSC::JSObject::putDirectWithoutTransition):
1205         (JSC::JSObject::putDirectFunctionWithoutTransition):
1206         (JSC::JSValue::putDirect):
1207         (JSC::JSObject::allocatePropertyStorageInline):
1208         (JSC::JSObject::markChildrenDirect):
1209         * runtime/JSPropertyNameIterator.cpp:
1210         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1211         (JSC::JSPropertyNameIterator::get):
1212         * runtime/JSPropertyNameIterator.h:
1213         * runtime/JSStaticScopeObject.cpp:
1214         (JSC::JSStaticScopeObject::markChildren):
1215         * runtime/JSString.cpp:
1216         (JSC::StringObject::create):
1217         * runtime/JSValue.h:
1218         * runtime/JSWrapperObject.cpp:
1219         (JSC::JSWrapperObject::markChildren):
1220         * runtime/JSWrapperObject.h:
1221         (JSC::JSWrapperObject::internalValue):
1222         (JSC::JSWrapperObject::setInternalValue):
1223         * runtime/LiteralParser.cpp:
1224         (JSC::LiteralParser::parse):
1225         * runtime/Lookup.cpp:
1226         (JSC::setUpStaticFunctionSlot):
1227         * runtime/Lookup.h:
1228         (JSC::lookupPut):
1229         * runtime/MarkStack.h:
1230         (JSC::MarkStack::appendValues):
1231         * runtime/MathObject.cpp:
1232         (JSC::MathObject::MathObject):
1233         * runtime/NativeErrorConstructor.cpp:
1234         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1235         * runtime/NativeErrorPrototype.cpp:
1236         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1237         * runtime/NumberConstructor.cpp:
1238         (JSC::NumberConstructor::NumberConstructor):
1239         (JSC::constructWithNumberConstructor):
1240         * runtime/NumberObject.cpp:
1241         (JSC::constructNumber):
1242         * runtime/NumberPrototype.cpp:
1243         (JSC::NumberPrototype::NumberPrototype):
1244         * runtime/ObjectConstructor.cpp:
1245         (JSC::ObjectConstructor::ObjectConstructor):
1246         (JSC::objectConstructorGetOwnPropertyDescriptor):
1247         * runtime/Operations.h:
1248         (JSC::normalizePrototypeChain):
1249         (JSC::resolveBase):
1250         * runtime/PrototypeFunction.cpp:
1251         (JSC::PrototypeFunction::PrototypeFunction):
1252         * runtime/PutPropertySlot.h:
1253         (JSC::PutPropertySlot::setExistingProperty):
1254         (JSC::PutPropertySlot::setNewProperty):
1255         (JSC::PutPropertySlot::base):
1256         * runtime/RegExpConstructor.cpp:
1257         (JSC::RegExpConstructor::RegExpConstructor):
1258         * runtime/ScopeChain.cpp:
1259         (JSC::ScopeChainNode::print):
1260         * runtime/ScopeChain.h:
1261         (JSC::ScopeChainNode::~ScopeChainNode):
1262         (JSC::ScopeChainIterator::operator*):
1263         (JSC::ScopeChainIterator::operator->):
1264         (JSC::ScopeChain::top):
1265         * runtime/ScopeChainMark.h:
1266         (JSC::ScopeChain::markAggregate):
1267         * runtime/SmallStrings.cpp:
1268         (JSC::isMarked):
1269         (JSC::SmallStrings::markChildren):
1270         * runtime/SmallStrings.h:
1271         (JSC::SmallStrings::emptyString):
1272         (JSC::SmallStrings::singleCharacterString):
1273         (JSC::SmallStrings::singleCharacterStrings):
1274         * runtime/StringConstructor.cpp:
1275         (JSC::StringConstructor::StringConstructor):
1276         * runtime/StringObject.cpp:
1277         (JSC::StringObject::StringObject):
1278         * runtime/StringObject.h:
1279         * runtime/StringPrototype.cpp:
1280         (JSC::StringPrototype::StringPrototype):
1281         * runtime/Structure.cpp:
1282         (JSC::Structure::Structure):
1283         (JSC::Structure::addPropertyTransition):
1284         (JSC::Structure::toDictionaryTransition):
1285         (JSC::Structure::flattenDictionaryStructure):
1286         * runtime/Structure.h:
1287         (JSC::Structure::storedPrototype):
1288         * runtime/WeakGCMap.h:
1289         (JSC::WeakGCMap::uncheckedGet):
1290         (JSC::WeakGCMap::isValid):
1291         (JSC::::get):
1292         (JSC::::take):
1293         (JSC::::set):
1294         (JSC::::uncheckedRemove):
1295         * runtime/WriteBarrier.h: Removed.
1296
1297 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1298
1299         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1300
1301         * runtime/WriteBarrier.h:
1302         (JSC::WriteBarrierBase::clear):
1303
1304 2011-01-30  Oliver Hunt  <oliver@apple.com>
1305
1306         More Qt build fixes
1307
1308         * runtime/WriteBarrier.h:
1309         (JSC::WriteBarrierBase::clear):
1310
1311 2011-01-30  Oliver Hunt  <oliver@apple.com>
1312
1313         Convert markstack to a slot visitor API
1314         https://bugs.webkit.org/show_bug.cgi?id=53219
1315
1316         rolling r77006 and r77020 back in.
1317
1318         * API/JSCallbackObject.h:
1319         (JSC::JSCallbackObjectData::setPrivateProperty):
1320         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1321         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1322         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1323         (JSC::JSCallbackObject::setPrivateProperty):
1324         * API/JSCallbackObjectFunctions.h:
1325         (JSC::::put):
1326         (JSC::::staticFunctionGetter):
1327         * API/JSObjectRef.cpp:
1328         (JSObjectMakeConstructor):
1329         (JSObjectSetPrivateProperty):
1330         * API/JSWeakObjectMapRefInternal.h:
1331         * JavaScriptCore.exp:
1332         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1333         * JavaScriptCore.xcodeproj/project.pbxproj:
1334         * bytecode/CodeBlock.cpp:
1335         (JSC::CodeBlock::markAggregate):
1336         * bytecode/CodeBlock.h:
1337         (JSC::CodeBlock::globalObject):
1338         * bytecompiler/BytecodeGenerator.cpp:
1339         (JSC::BytecodeGenerator::BytecodeGenerator):
1340         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1341         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1342         (JSC::BytecodeGenerator::findScopedProperty):
1343         * debugger/Debugger.cpp:
1344         (JSC::evaluateInGlobalCallFrame):
1345         * debugger/DebuggerActivation.cpp:
1346         (JSC::DebuggerActivation::DebuggerActivation):
1347         (JSC::DebuggerActivation::markChildren):
1348         * debugger/DebuggerActivation.h:
1349         * debugger/DebuggerCallFrame.cpp:
1350         (JSC::DebuggerCallFrame::evaluate):
1351         * interpreter/CallFrame.h:
1352         (JSC::ExecState::exception):
1353         * interpreter/Interpreter.cpp:
1354         (JSC::Interpreter::resolve):
1355         (JSC::Interpreter::resolveSkip):
1356         (JSC::Interpreter::resolveGlobal):
1357         (JSC::Interpreter::resolveGlobalDynamic):
1358         (JSC::Interpreter::resolveBaseAndProperty):
1359         (JSC::Interpreter::unwindCallFrame):
1360         (JSC::appendSourceToError):
1361         (JSC::Interpreter::execute):
1362         (JSC::Interpreter::tryCacheGetByID):
1363         (JSC::Interpreter::privateExecute):
1364         * jit/JITStubs.cpp:
1365         (JSC::JITThunks::tryCacheGetByID):
1366         (JSC::DEFINE_STUB_FUNCTION):
1367         * jsc.cpp:
1368         (GlobalObject::GlobalObject):
1369         * runtime/ArgList.cpp:
1370         (JSC::MarkedArgumentBuffer::markLists):
1371         * runtime/Arguments.cpp:
1372         (JSC::Arguments::markChildren):
1373         (JSC::Arguments::getOwnPropertySlot):
1374         (JSC::Arguments::getOwnPropertyDescriptor):
1375         (JSC::Arguments::put):
1376         * runtime/Arguments.h:
1377         (JSC::Arguments::setActivation):
1378         (JSC::Arguments::Arguments):
1379         * runtime/ArrayConstructor.cpp:
1380         (JSC::ArrayConstructor::ArrayConstructor):
1381         (JSC::constructArrayWithSizeQuirk):
1382         * runtime/ArrayPrototype.cpp:
1383         (JSC::arrayProtoFuncSplice):
1384         * runtime/BatchedTransitionOptimizer.h:
1385         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1386         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1387         * runtime/BooleanConstructor.cpp:
1388         (JSC::BooleanConstructor::BooleanConstructor):
1389         (JSC::constructBoolean):
1390         (JSC::constructBooleanFromImmediateBoolean):
1391         * runtime/BooleanPrototype.cpp:
1392         (JSC::BooleanPrototype::BooleanPrototype):
1393         * runtime/ConservativeSet.cpp:
1394         (JSC::ConservativeSet::grow):
1395         * runtime/ConservativeSet.h:
1396         (JSC::ConservativeSet::~ConservativeSet):
1397         (JSC::ConservativeSet::mark):
1398         * runtime/DateConstructor.cpp:
1399         (JSC::DateConstructor::DateConstructor):
1400         * runtime/DateInstance.cpp:
1401         (JSC::DateInstance::DateInstance):
1402         * runtime/DatePrototype.cpp:
1403         (JSC::dateProtoFuncSetTime):
1404         (JSC::setNewValueFromTimeArgs):
1405         (JSC::setNewValueFromDateArgs):
1406         (JSC::dateProtoFuncSetYear):
1407         * runtime/ErrorConstructor.cpp:
1408         (JSC::ErrorConstructor::ErrorConstructor):
1409         * runtime/ErrorInstance.cpp:
1410         (JSC::ErrorInstance::ErrorInstance):
1411         * runtime/ErrorPrototype.cpp:
1412         (JSC::ErrorPrototype::ErrorPrototype):
1413         * runtime/FunctionConstructor.cpp:
1414         (JSC::FunctionConstructor::FunctionConstructor):
1415         * runtime/FunctionPrototype.cpp:
1416         (JSC::FunctionPrototype::FunctionPrototype):
1417         * runtime/GetterSetter.cpp:
1418         (JSC::GetterSetter::markChildren):
1419         * runtime/GetterSetter.h:
1420         (JSC::GetterSetter::GetterSetter):
1421         (JSC::GetterSetter::getter):
1422         (JSC::GetterSetter::setGetter):
1423         (JSC::GetterSetter::setter):
1424         (JSC::GetterSetter::setSetter):
1425         * runtime/GlobalEvalFunction.cpp:
1426         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1427         (JSC::GlobalEvalFunction::markChildren):
1428         * runtime/GlobalEvalFunction.h:
1429         (JSC::GlobalEvalFunction::cachedGlobalObject):
1430         * runtime/Heap.cpp:
1431         (JSC::Heap::markProtectedObjects):
1432         (JSC::Heap::markTempSortVectors):
1433         (JSC::Heap::markRoots):
1434         * runtime/InternalFunction.cpp:
1435         (JSC::InternalFunction::InternalFunction):
1436         * runtime/JSAPIValueWrapper.h:
1437         (JSC::JSAPIValueWrapper::value):
1438         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1439         * runtime/JSActivation.cpp:
1440         (JSC::JSActivation::markChildren):
1441         (JSC::JSActivation::put):
1442         * runtime/JSArray.cpp:
1443         (JSC::JSArray::JSArray):
1444         (JSC::JSArray::getOwnPropertySlot):
1445         (JSC::JSArray::getOwnPropertyDescriptor):
1446         (JSC::JSArray::put):
1447         (JSC::JSArray::putSlowCase):
1448         (JSC::JSArray::deleteProperty):
1449         (JSC::JSArray::increaseVectorLength):
1450         (JSC::JSArray::setLength):
1451         (JSC::JSArray::pop):
1452         (JSC::JSArray::push):
1453         (JSC::JSArray::unshiftCount):
1454         (JSC::JSArray::sort):
1455         (JSC::JSArray::fillArgList):
1456         (JSC::JSArray::copyToRegisters):
1457         (JSC::JSArray::compactForSorting):
1458         * runtime/JSArray.h:
1459         (JSC::JSArray::getIndex):
1460         (JSC::JSArray::setIndex):
1461         (JSC::JSArray::uncheckedSetIndex):
1462         (JSC::JSArray::markChildrenDirect):
1463         * runtime/JSByteArray.cpp:
1464         (JSC::JSByteArray::JSByteArray):
1465         * runtime/JSCell.h:
1466         (JSC::JSCell::MarkStack::append):
1467         (JSC::JSCell::MarkStack::internalAppend):
1468         (JSC::JSCell::MarkStack::deprecatedAppend):
1469         * runtime/JSFunction.cpp:
1470         (JSC::JSFunction::JSFunction):
1471         (JSC::JSFunction::getOwnPropertySlot):
1472         * runtime/JSGlobalData.h:
1473         * runtime/JSGlobalObject.cpp:
1474         (JSC::markIfNeeded):
1475         (JSC::JSGlobalObject::reset):
1476         (JSC::JSGlobalObject::resetPrototype):
1477         (JSC::JSGlobalObject::markChildren):
1478         * runtime/JSGlobalObject.h:
1479         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1480         (JSC::JSGlobalObject::regExpConstructor):
1481         (JSC::JSGlobalObject::errorConstructor):
1482         (JSC::JSGlobalObject::evalErrorConstructor):
1483         (JSC::JSGlobalObject::rangeErrorConstructor):
1484         (JSC::JSGlobalObject::referenceErrorConstructor):
1485         (JSC::JSGlobalObject::syntaxErrorConstructor):
1486         (JSC::JSGlobalObject::typeErrorConstructor):
1487         (JSC::JSGlobalObject::URIErrorConstructor):
1488         (JSC::JSGlobalObject::evalFunction):
1489         (JSC::JSGlobalObject::objectPrototype):
1490         (JSC::JSGlobalObject::functionPrototype):
1491         (JSC::JSGlobalObject::arrayPrototype):
1492         (JSC::JSGlobalObject::booleanPrototype):
1493         (JSC::JSGlobalObject::stringPrototype):
1494         (JSC::JSGlobalObject::numberPrototype):
1495         (JSC::JSGlobalObject::datePrototype):
1496         (JSC::JSGlobalObject::regExpPrototype):
1497         (JSC::JSGlobalObject::methodCallDummy):
1498         (JSC::Structure::prototypeForLookup):
1499         (JSC::constructArray):
1500         * runtime/JSONObject.cpp:
1501         (JSC::Stringifier::Holder::object):
1502         (JSC::Stringifier::Holder::objectSlot):
1503         (JSC::Stringifier::markAggregate):
1504         (JSC::Stringifier::stringify):
1505         (JSC::Stringifier::Holder::appendNextProperty):
1506         (JSC::Walker::callReviver):
1507         (JSC::Walker::walk):
1508         * runtime/JSObject.cpp:
1509         (JSC::JSObject::defineGetter):
1510         (JSC::JSObject::defineSetter):
1511         (JSC::JSObject::removeDirect):
1512         (JSC::JSObject::putDirectFunction):
1513         (JSC::JSObject::putDirectFunctionWithoutTransition):
1514         (JSC::putDescriptor):
1515         (JSC::JSObject::defineOwnProperty):
1516         * runtime/JSObject.h:
1517         (JSC::JSObject::getDirectOffset):
1518         (JSC::JSObject::putDirectOffset):
1519         (JSC::JSObject::putUndefinedAtDirectOffset):
1520         (JSC::JSObject::flattenDictionaryObject):
1521         (JSC::JSObject::putDirectInternal):
1522         (JSC::JSObject::putDirect):
1523         (JSC::JSObject::putDirectFunction):
1524         (JSC::JSObject::putDirectWithoutTransition):
1525         (JSC::JSObject::putDirectFunctionWithoutTransition):
1526         (JSC::JSValue::putDirect):
1527         (JSC::JSObject::allocatePropertyStorageInline):
1528         (JSC::JSObject::markChildrenDirect):
1529         * runtime/JSPropertyNameIterator.cpp:
1530         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1531         (JSC::JSPropertyNameIterator::get):
1532         * runtime/JSPropertyNameIterator.h:
1533         * runtime/JSStaticScopeObject.cpp:
1534         (JSC::JSStaticScopeObject::markChildren):
1535         * runtime/JSString.cpp:
1536         (JSC::StringObject::create):
1537         * runtime/JSValue.h:
1538         * runtime/JSWrapperObject.cpp:
1539         (JSC::JSWrapperObject::markChildren):
1540         * runtime/JSWrapperObject.h:
1541         (JSC::JSWrapperObject::internalValue):
1542         (JSC::JSWrapperObject::setInternalValue):
1543         * runtime/LiteralParser.cpp:
1544         (JSC::LiteralParser::parse):
1545         * runtime/Lookup.cpp:
1546         (JSC::setUpStaticFunctionSlot):
1547         * runtime/Lookup.h:
1548         (JSC::lookupPut):
1549         * runtime/MarkStack.h:
1550         (JSC::MarkStack::MarkStack):
1551         (JSC::MarkStack::deprecatedAppendValues):
1552         (JSC::MarkStack::appendValues):
1553         * runtime/MathObject.cpp:
1554         (JSC::MathObject::MathObject):
1555         * runtime/NativeErrorConstructor.cpp:
1556         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1557         * runtime/NativeErrorPrototype.cpp:
1558         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1559         * runtime/NumberConstructor.cpp:
1560         (JSC::NumberConstructor::NumberConstructor):
1561         (JSC::constructWithNumberConstructor):
1562         * runtime/NumberObject.cpp:
1563         (JSC::constructNumber):
1564         * runtime/NumberPrototype.cpp:
1565         (JSC::NumberPrototype::NumberPrototype):
1566         * runtime/ObjectConstructor.cpp:
1567         (JSC::ObjectConstructor::ObjectConstructor):
1568         (JSC::objectConstructorGetOwnPropertyDescriptor):
1569         * runtime/Operations.h:
1570         (JSC::normalizePrototypeChain):
1571         (JSC::resolveBase):
1572         * runtime/PrototypeFunction.cpp:
1573         (JSC::PrototypeFunction::PrototypeFunction):
1574         * runtime/PutPropertySlot.h:
1575         (JSC::PutPropertySlot::setExistingProperty):
1576         (JSC::PutPropertySlot::setNewProperty):
1577         (JSC::PutPropertySlot::base):
1578         * runtime/RegExpConstructor.cpp:
1579         (JSC::RegExpConstructor::RegExpConstructor):
1580         * runtime/ScopeChain.cpp:
1581         (JSC::ScopeChainNode::print):
1582         * runtime/ScopeChain.h:
1583         (JSC::ScopeChainNode::~ScopeChainNode):
1584         (JSC::ScopeChainIterator::operator*):
1585         (JSC::ScopeChainIterator::operator->):
1586         (JSC::ScopeChain::top):
1587         * runtime/ScopeChainMark.h:
1588         (JSC::ScopeChain::markAggregate):
1589         * runtime/SmallStrings.cpp:
1590         (JSC::isMarked):
1591         (JSC::SmallStrings::markChildren):
1592         * runtime/SmallStrings.h:
1593         (JSC::SmallStrings::emptyString):
1594         (JSC::SmallStrings::singleCharacterString):
1595         (JSC::SmallStrings::singleCharacterStrings):
1596         * runtime/StringConstructor.cpp:
1597         (JSC::StringConstructor::StringConstructor):
1598         * runtime/StringObject.cpp:
1599         (JSC::StringObject::StringObject):
1600         * runtime/StringObject.h:
1601         * runtime/StringPrototype.cpp:
1602         (JSC::StringPrototype::StringPrototype):
1603         * runtime/Structure.cpp:
1604         (JSC::Structure::Structure):
1605         (JSC::Structure::addPropertyTransition):
1606         (JSC::Structure::toDictionaryTransition):
1607         (JSC::Structure::flattenDictionaryStructure):
1608         * runtime/Structure.h:
1609         (JSC::Structure::storedPrototype):
1610         (JSC::Structure::storedPrototypeSlot):
1611         * runtime/WeakGCMap.h:
1612         (JSC::WeakGCMap::uncheckedGet):
1613         (JSC::WeakGCMap::uncheckedGetSlot):
1614         (JSC::WeakGCMap::isValid):
1615         (JSC::::get):
1616         (JSC::::take):
1617         (JSC::::set):
1618         (JSC::::uncheckedRemove):
1619         * runtime/WriteBarrier.h: Added.
1620         (JSC::DeprecatedPtr::DeprecatedPtr):
1621         (JSC::DeprecatedPtr::get):
1622         (JSC::DeprecatedPtr::operator*):
1623         (JSC::DeprecatedPtr::operator->):
1624         (JSC::DeprecatedPtr::slot):
1625         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1626         (JSC::DeprecatedPtr::operator!):
1627         (JSC::WriteBarrierBase::set):
1628         (JSC::WriteBarrierBase::get):
1629         (JSC::WriteBarrierBase::operator*):
1630         (JSC::WriteBarrierBase::operator->):
1631         (JSC::WriteBarrierBase::slot):
1632         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1633         (JSC::WriteBarrierBase::operator!):
1634         (JSC::WriteBarrier::WriteBarrier):
1635         (JSC::operator==):
1636
1637 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
1638
1639         Reviewed by Oliver Hunt.
1640
1641         Filter all Heap collection through a common reset function, in
1642         preparation for adding features triggered by collection.
1643         https://bugs.webkit.org/show_bug.cgi?id=53396
1644         
1645         SunSpider reports no change.
1646
1647         * runtime/Heap.cpp:
1648         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
1649         limit, just call collectAllGarbage() instead of rolling our own special
1650         way of resetting the heap. In theory, this may be slower in some cases,
1651         but it also fixes cases of pathological heap growth that we've seen,
1652         where the only objects being allocated are temporary and huge
1653         (<rdar://problem/8885843>).
1654
1655         (JSC::Heap::allocate):
1656         (JSC::Heap::collectAllGarbage): Use the shared reset function.
1657
1658         (JSC::Heap::reset):
1659         * runtime/Heap.h: Carved a new shared reset function out of the old
1660         collectAllGarbage.
1661
1662 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1663
1664         Unreviewed, rolling out r77025.
1665         http://trac.webkit.org/changeset/77025
1666         https://bugs.webkit.org/show_bug.cgi?id=53401
1667
1668         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
1669         (Requested by Ossy on #webkit).
1670
1671         * jit/ExecutableAllocatorFixedVMPool.cpp:
1672         (JSC::FreeListEntry::FreeListEntry):
1673         (JSC::AVLTreeAbstractorForFreeList::get_less):
1674         (JSC::AVLTreeAbstractorForFreeList::set_less):
1675         (JSC::AVLTreeAbstractorForFreeList::get_greater):
1676         (JSC::AVLTreeAbstractorForFreeList::set_greater):
1677         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
1678         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
1679         (JSC::AVLTreeAbstractorForFreeList::null):
1680         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
1681         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
1682         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
1683         (JSC::reverseSortFreeListEntriesByPointer):
1684         (JSC::reverseSortCommonSizedAllocations):
1685         (JSC::FixedVMPoolAllocator::release):
1686         (JSC::FixedVMPoolAllocator::reuse):
1687         (JSC::FixedVMPoolAllocator::addToFreeList):
1688         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
1689         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1690         (JSC::FixedVMPoolAllocator::alloc):
1691         (JSC::FixedVMPoolAllocator::free):
1692         (JSC::FixedVMPoolAllocator::isValid):
1693         (JSC::FixedVMPoolAllocator::allocInternal):
1694         (JSC::FixedVMPoolAllocator::isWithinVMPool):
1695         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
1696         (JSC::ExecutableAllocator::committedByteCount):
1697         (JSC::maybeModifyVMPoolSize):
1698         (JSC::ExecutableAllocator::isValid):
1699         (JSC::ExecutableAllocator::underMemoryPressure):
1700         (JSC::ExecutablePool::systemAlloc):
1701         (JSC::ExecutablePool::systemRelease):
1702         * wtf/PageReservation.h:
1703         (WTF::PageReservation::PageReservation):
1704         (WTF::PageReservation::commit):
1705         (WTF::PageReservation::decommit):
1706
1707 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
1708
1709         Reviewed by Daniel Bates.
1710
1711         Code style issue in JavaScriptCore/wtf/CurrentTime.h
1712         https://bugs.webkit.org/show_bug.cgi?id=53394
1713
1714         According to rule #3 at http://webkit.org/coding/coding-style.html,
1715         This patch fix style issue in CurrentTime.h.
1716
1717         No functionality change, no new tests.
1718
1719         * wtf/CurrentTime.h:
1720         (WTF::currentTimeMS):
1721         (WTF::getLocalTime):
1722
1723 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
1724
1725         Reviewed by Kenneth Rohde Christiansen.
1726
1727         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
1728         https://bugs.webkit.org/show_bug.cgi?id=53377
1729
1730         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
1731         instead, we can use "-all_load" on Mac.
1732
1733         * JavaScriptCore.pri:
1734
1735 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1736
1737         Sorry Leopard bot -- I committed a change by accident.
1738
1739         * JavaScriptCore.exp: You may have your symbols back now.
1740
1741 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1742
1743         Reviewed by Cameron Zwarich.
1744
1745         Simplified Heap iteration
1746         https://bugs.webkit.org/show_bug.cgi?id=53393
1747
1748         * runtime/CollectorHeapIterator.h:
1749         (JSC::CollectorHeapIterator::isValid):
1750         (JSC::CollectorHeapIterator::isLive):
1751         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
1752         advance because it's a constant.
1753         (JSC::LiveObjectIterator::LiveObjectIterator):
1754         (JSC::LiveObjectIterator::operator++):
1755         (JSC::DeadObjectIterator::DeadObjectIterator):
1756         (JSC::DeadObjectIterator::operator++):
1757         (JSC::ObjectIterator::ObjectIterator):
1758         (JSC::ObjectIterator::operator++): Factored out common checks into
1759         two helper functions -- isValid() for "Am I past the end?" and isLive()
1760         for "Is the cell I'm pointing to live?".
1761
1762         * runtime/MarkedSpace.cpp:
1763         (JSC::MarkedSpace::freeBlock):
1764         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
1765         to the end, to avoid making sweep subtly reliant on internal Heap state.
1766         (JSC::MarkedSpace::primaryHeapBegin):
1767         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
1768         iteration begins.
1769
1770 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1771
1772         Reviewed by Cameron Zwarich.
1773
1774         Simplified heap destruction
1775         https://bugs.webkit.org/show_bug.cgi?id=53392
1776
1777         * JavaScriptCore.exp:
1778         * runtime/Heap.cpp:
1779         (JSC::Heap::destroy):
1780         * runtime/Heap.h:
1781         * runtime/MarkedSpace.cpp:
1782         (JSC::MarkedSpace::destroy):
1783         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
1784         cells last -- the difficult contortions required to do so just don't seem
1785         justified. We make no guarantees about GC protection after the client
1786         throws away JSGlobalData, and it doesn't seem like any meaningful
1787         guarantee is even possible.
1788
1789 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1790
1791         Reviewed by Maciej Stachowiak.
1792
1793         Switched heap to use the Bitmap class and removed CollectorBitmap
1794         https://bugs.webkit.org/show_bug.cgi?id=53391
1795         
1796         SunSpider says 1.005x as fast. Seems like a fluke.
1797
1798         * runtime/MarkedSpace.cpp:
1799         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
1800         rather than taking a value by reference.
1801
1802         * runtime/MarkedSpace.h: Code reuse is good.
1803
1804         * wtf/Bitmap.h:
1805         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
1806         which CollectorBitmap had. (Renamed from the less conventional "getset".)
1807
1808         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
1809         clarity. It's all the same with inlining.
1810
1811 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
1812
1813         Reviewed by Maciej Stachowiak.
1814
1815         Some more Heap cleanup.
1816         https://bugs.webkit.org/show_bug.cgi?id=53357
1817         
1818         * JavaScriptCore.exp:
1819         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
1820
1821         * runtime/Heap.cpp:
1822         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
1823         reportExtraMemoryCostSlowCase to match our naming conventions.
1824
1825         (JSC::Heap::capacity): Renamed size to capacity because this function
1826         returns the capacity of the heap, including unused portions.
1827
1828         * runtime/Heap.h:
1829         (JSC::Heap::globalData):
1830         (JSC::Heap::markedSpace):
1831         (JSC::Heap::machineStackMarker):
1832         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
1833         Moved ctor and dtor to the beginning of the class definition. Grouped
1834         functions by purpose.
1835
1836         * runtime/MarkedSpace.cpp:
1837         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
1838         function returns the capacity of the heap, including unused portions.
1839
1840         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
1841         the same information can be gotten just by calling size() and capacity().
1842
1843         * runtime/MemoryStatistics.cpp:
1844         * runtime/MemoryStatistics.h: Ditto.
1845
1846 2011-01-29  Daniel Bates  <dbates@rim.com>
1847
1848         Reviewed by Eric Seidel.
1849
1850         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
1851         https://bugs.webkit.org/show_bug.cgi?id=53253
1852
1853         Make inclusion of MT19937 a policy decision.
1854
1855         Currently, we hardcoded to  use MT19937 when building for
1856         Windows CE. Instead, we should make this a policy decision
1857         with the Windows CE port using this by default.
1858
1859         * JavaScriptCore.pri: Append Source/ThirdParty to the end
1860         of the list include directories.
1861         * wtf/CMakeLists.txt: Ditto.
1862         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
1863         building for Windows CE.
1864         * wtf/RandomNumber.cpp:
1865         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
1866
1867 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1868
1869         Reviewed by David Kilzer.
1870
1871         Bug 53374 - Remove uses of unsafe string functions in debugging code
1872         https://bugs.webkit.org/show_bug.cgi?id=53374
1873
1874         * runtime/RegExp.cpp:
1875         (JSC::RegExp::printTraceData):
1876
1877 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1878
1879         Reviewed by Oliver Hunt.
1880
1881         JavaScriptCoreUseJIT environment variable broken
1882         https://bugs.webkit.org/show_bug.cgi?id=53372
1883
1884         * runtime/JSGlobalData.cpp:
1885         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
1886         by getenv() rather than just doing a NULL check on the return value.
1887
1888 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
1889
1890         Reviewed by David Kilzer.
1891
1892         Move CharacterNames.h into WTF directory
1893         https://bugs.webkit.org/show_bug.cgi?id=49618
1894
1895         * GNUmakefile.am:
1896         * JavaScriptCore.gypi:
1897         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1898         * JavaScriptCore.xcodeproj/project.pbxproj:
1899         * wtf/CMakeLists.txt:
1900         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
1901         * wtf/unicode/UTF8.cpp:
1902
1903 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
1904
1905         Reviewed by Gavin Barraclough.
1906
1907         Add various clampToInt() methods to MathExtras.h
1908         https://bugs.webkit.org/show_bug.cgi?id=52910
1909         
1910         Add functions for clamping doubles and floats to valid int
1911         ranges, for signed and positive integers.
1912
1913         * wtf/MathExtras.h:
1914         (clampToInteger):
1915         (clampToPositiveInteger):
1916
1917 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1918
1919         Unreviewed, rolling out r77006 and r77020.
1920         http://trac.webkit.org/changeset/77006
1921         http://trac.webkit.org/changeset/77020
1922         https://bugs.webkit.org/show_bug.cgi?id=53360
1923
1924         "Broke Windows tests" (Requested by rniwa on #webkit).
1925
1926         * API/JSCallbackObject.h:
1927         (JSC::JSCallbackObjectData::setPrivateProperty):
1928         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1929         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1930         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1931         (JSC::JSCallbackObject::setPrivateProperty):
1932         * API/JSCallbackObjectFunctions.h:
1933         (JSC::::put):
1934         (JSC::::staticFunctionGetter):
1935         * API/JSObjectRef.cpp:
1936         (JSObjectMakeConstructor):
1937         (JSObjectSetPrivateProperty):
1938         * API/JSWeakObjectMapRefInternal.h:
1939         * JavaScriptCore.exp:
1940         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1941         * JavaScriptCore.xcodeproj/project.pbxproj:
1942         * bytecode/CodeBlock.cpp:
1943         (JSC::CodeBlock::markAggregate):
1944         * bytecode/CodeBlock.h:
1945         (JSC::CodeBlock::globalObject):
1946         * bytecompiler/BytecodeGenerator.cpp:
1947         (JSC::BytecodeGenerator::BytecodeGenerator):
1948         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1949         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1950         (JSC::BytecodeGenerator::findScopedProperty):
1951         * debugger/Debugger.cpp:
1952         (JSC::evaluateInGlobalCallFrame):
1953         * debugger/DebuggerActivation.cpp:
1954         (JSC::DebuggerActivation::DebuggerActivation):
1955         (JSC::DebuggerActivation::markChildren):
1956         * debugger/DebuggerActivation.h:
1957         * debugger/DebuggerCallFrame.cpp:
1958         (JSC::DebuggerCallFrame::evaluate):
1959         * interpreter/CallFrame.h:
1960         (JSC::ExecState::exception):
1961         * interpreter/Interpreter.cpp:
1962         (JSC::Interpreter::resolve):
1963         (JSC::Interpreter::resolveSkip):
1964         (JSC::Interpreter::resolveGlobal):
1965         (JSC::Interpreter::resolveGlobalDynamic):
1966         (JSC::Interpreter::resolveBaseAndProperty):
1967         (JSC::Interpreter::unwindCallFrame):
1968         (JSC::appendSourceToError):
1969         (JSC::Interpreter::execute):
1970         (JSC::Interpreter::tryCacheGetByID):
1971         (JSC::Interpreter::privateExecute):
1972         * jit/JITStubs.cpp:
1973         (JSC::JITThunks::tryCacheGetByID):
1974         (JSC::DEFINE_STUB_FUNCTION):
1975         * jsc.cpp:
1976         (GlobalObject::GlobalObject):
1977         * runtime/ArgList.cpp:
1978         (JSC::MarkedArgumentBuffer::markLists):
1979         * runtime/Arguments.cpp:
1980         (JSC::Arguments::markChildren):
1981         (JSC::Arguments::getOwnPropertySlot):
1982         (JSC::Arguments::getOwnPropertyDescriptor):
1983         (JSC::Arguments::put):
1984         * runtime/Arguments.h:
1985         (JSC::Arguments::setActivation):
1986         (JSC::Arguments::Arguments):
1987         * runtime/ArrayConstructor.cpp:
1988         (JSC::ArrayConstructor::ArrayConstructor):
1989         (JSC::constructArrayWithSizeQuirk):
1990         * runtime/ArrayPrototype.cpp:
1991         (JSC::arrayProtoFuncSplice):
1992         * runtime/BatchedTransitionOptimizer.h:
1993         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1994         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1995         * runtime/BooleanConstructor.cpp:
1996         (JSC::BooleanConstructor::BooleanConstructor):
1997         (JSC::constructBoolean):
1998         (JSC::constructBooleanFromImmediateBoolean):
1999         * runtime/BooleanPrototype.cpp:
2000         (JSC::BooleanPrototype::BooleanPrototype):
2001         * runtime/ConservativeSet.cpp:
2002         (JSC::ConservativeSet::grow):
2003         * runtime/ConservativeSet.h:
2004         (JSC::ConservativeSet::~ConservativeSet):
2005         (JSC::ConservativeSet::mark):
2006         * runtime/DateConstructor.cpp:
2007         (JSC::DateConstructor::DateConstructor):
2008         * runtime/DateInstance.cpp:
2009         (JSC::DateInstance::DateInstance):
2010         * runtime/DatePrototype.cpp:
2011         (JSC::dateProtoFuncSetTime):
2012         (JSC::setNewValueFromTimeArgs):
2013         (JSC::setNewValueFromDateArgs):
2014         (JSC::dateProtoFuncSetYear):
2015         * runtime/ErrorConstructor.cpp:
2016         (JSC::ErrorConstructor::ErrorConstructor):
2017         * runtime/ErrorInstance.cpp:
2018         (JSC::ErrorInstance::ErrorInstance):
2019         * runtime/ErrorPrototype.cpp:
2020         (JSC::ErrorPrototype::ErrorPrototype):
2021         * runtime/FunctionConstructor.cpp:
2022         (JSC::FunctionConstructor::FunctionConstructor):
2023         * runtime/FunctionPrototype.cpp:
2024         (JSC::FunctionPrototype::FunctionPrototype):
2025         * runtime/GetterSetter.cpp:
2026         (JSC::GetterSetter::markChildren):
2027         * runtime/GetterSetter.h:
2028         (JSC::GetterSetter::GetterSetter):
2029         (JSC::GetterSetter::getter):
2030         (JSC::GetterSetter::setGetter):
2031         (JSC::GetterSetter::setter):
2032         (JSC::GetterSetter::setSetter):
2033         * runtime/GlobalEvalFunction.cpp:
2034         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2035         (JSC::GlobalEvalFunction::markChildren):
2036         * runtime/GlobalEvalFunction.h:
2037         (JSC::GlobalEvalFunction::cachedGlobalObject):
2038         * runtime/Heap.cpp:
2039         (JSC::Heap::markProtectedObjects):
2040         (JSC::Heap::markTempSortVectors):
2041         (JSC::Heap::markRoots):
2042         * runtime/InternalFunction.cpp:
2043         (JSC::InternalFunction::InternalFunction):
2044         * runtime/JSAPIValueWrapper.h:
2045         (JSC::JSAPIValueWrapper::value):
2046         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2047         * runtime/JSActivation.cpp:
2048         (JSC::JSActivation::markChildren):
2049         (JSC::JSActivation::put):
2050         * runtime/JSArray.cpp:
2051         (JSC::JSArray::JSArray):
2052         (JSC::JSArray::getOwnPropertySlot):
2053         (JSC::JSArray::getOwnPropertyDescriptor):
2054         (JSC::JSArray::put):
2055         (JSC::JSArray::putSlowCase):
2056         (JSC::JSArray::deleteProperty):
2057         (JSC::JSArray::increaseVectorLength):
2058         (JSC::JSArray::setLength):
2059         (JSC::JSArray::pop):
2060         (JSC::JSArray::push):
2061         (JSC::JSArray::unshiftCount):
2062         (JSC::JSArray::sort):
2063         (JSC::JSArray::fillArgList):
2064         (JSC::JSArray::copyToRegisters):
2065         (JSC::JSArray::compactForSorting):
2066         * runtime/JSArray.h:
2067         (JSC::JSArray::getIndex):
2068         (JSC::JSArray::setIndex):
2069         (JSC::JSArray::uncheckedSetIndex):
2070         (JSC::JSArray::markChildrenDirect):
2071         * runtime/JSByteArray.cpp:
2072         (JSC::JSByteArray::JSByteArray):
2073         * runtime/JSCell.h:
2074         (JSC::JSCell::JSValue::toThisObject):
2075         (JSC::JSCell::MarkStack::append):
2076         * runtime/JSFunction.cpp:
2077         (JSC::JSFunction::JSFunction):
2078         (JSC::JSFunction::getOwnPropertySlot):
2079         * runtime/JSGlobalData.h:
2080         * runtime/JSGlobalObject.cpp:
2081         (JSC::markIfNeeded):
2082         (JSC::JSGlobalObject::reset):
2083         (JSC::JSGlobalObject::resetPrototype):
2084         (JSC::JSGlobalObject::markChildren):
2085         * runtime/JSGlobalObject.h:
2086         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2087         (JSC::JSGlobalObject::regExpConstructor):
2088         (JSC::JSGlobalObject::errorConstructor):
2089         (JSC::JSGlobalObject::evalErrorConstructor):
2090         (JSC::JSGlobalObject::rangeErrorConstructor):
2091         (JSC::JSGlobalObject::referenceErrorConstructor):
2092         (JSC::JSGlobalObject::syntaxErrorConstructor):
2093         (JSC::JSGlobalObject::typeErrorConstructor):
2094         (JSC::JSGlobalObject::URIErrorConstructor):
2095         (JSC::JSGlobalObject::evalFunction):
2096         (JSC::JSGlobalObject::objectPrototype):
2097         (JSC::JSGlobalObject::functionPrototype):
2098         (JSC::JSGlobalObject::arrayPrototype):
2099         (JSC::JSGlobalObject::booleanPrototype):
2100         (JSC::JSGlobalObject::stringPrototype):
2101         (JSC::JSGlobalObject::numberPrototype):
2102         (JSC::JSGlobalObject::datePrototype):
2103         (JSC::JSGlobalObject::regExpPrototype):
2104         (JSC::JSGlobalObject::methodCallDummy):
2105         (JSC::Structure::prototypeForLookup):
2106         (JSC::constructArray):
2107         * runtime/JSONObject.cpp:
2108         (JSC::Stringifier::Holder::object):
2109         (JSC::Stringifier::markAggregate):
2110         (JSC::Stringifier::stringify):
2111         (JSC::Stringifier::Holder::appendNextProperty):
2112         (JSC::Walker::callReviver):
2113         (JSC::Walker::walk):
2114         * runtime/JSObject.cpp:
2115         (JSC::JSObject::defineGetter):
2116         (JSC::JSObject::defineSetter):
2117         (JSC::JSObject::removeDirect):
2118         (JSC::JSObject::putDirectFunction):
2119         (JSC::JSObject::putDirectFunctionWithoutTransition):
2120         (JSC::putDescriptor):
2121         (JSC::JSObject::defineOwnProperty):
2122         * runtime/JSObject.h:
2123         (JSC::JSObject::getDirectOffset):
2124         (JSC::JSObject::putDirectOffset):
2125         (JSC::JSObject::flattenDictionaryObject):
2126         (JSC::JSObject::putDirectInternal):
2127         (JSC::JSObject::putDirect):
2128         (JSC::JSObject::putDirectFunction):
2129         (JSC::JSObject::putDirectWithoutTransition):
2130         (JSC::JSObject::putDirectFunctionWithoutTransition):
2131         (JSC::JSValue::putDirect):
2132         (JSC::JSObject::allocatePropertyStorageInline):
2133         (JSC::JSObject::markChildrenDirect):
2134         * runtime/JSPropertyNameIterator.cpp:
2135         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2136         (JSC::JSPropertyNameIterator::get):
2137         * runtime/JSPropertyNameIterator.h:
2138         * runtime/JSStaticScopeObject.cpp:
2139         (JSC::JSStaticScopeObject::markChildren):
2140         * runtime/JSString.cpp:
2141         (JSC::StringObject::create):
2142         * runtime/JSValue.h:
2143         * runtime/JSWrapperObject.cpp:
2144         (JSC::JSWrapperObject::markChildren):
2145         * runtime/JSWrapperObject.h:
2146         (JSC::JSWrapperObject::internalValue):
2147         (JSC::JSWrapperObject::setInternalValue):
2148         * runtime/LiteralParser.cpp:
2149         (JSC::LiteralParser::parse):
2150         * runtime/Lookup.cpp:
2151         (JSC::setUpStaticFunctionSlot):
2152         * runtime/Lookup.h:
2153         (JSC::lookupPut):
2154         * runtime/MarkStack.h:
2155         (JSC::MarkStack::appendValues):
2156         * runtime/MathObject.cpp:
2157         (JSC::MathObject::MathObject):
2158         * runtime/NativeErrorConstructor.cpp:
2159         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2160         * runtime/NativeErrorPrototype.cpp:
2161         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2162         * runtime/NumberConstructor.cpp:
2163         (JSC::NumberConstructor::NumberConstructor):
2164         (JSC::constructWithNumberConstructor):
2165         * runtime/NumberObject.cpp:
2166         (JSC::constructNumber):
2167         * runtime/NumberPrototype.cpp:
2168         (JSC::NumberPrototype::NumberPrototype):
2169         * runtime/ObjectConstructor.cpp:
2170         (JSC::ObjectConstructor::ObjectConstructor):
2171         (JSC::objectConstructorGetOwnPropertyDescriptor):
2172         * runtime/Operations.h:
2173         (JSC::normalizePrototypeChain):
2174         (JSC::resolveBase):
2175         * runtime/PrototypeFunction.cpp:
2176         (JSC::PrototypeFunction::PrototypeFunction):
2177         * runtime/PutPropertySlot.h:
2178         (JSC::PutPropertySlot::setExistingProperty):
2179         (JSC::PutPropertySlot::setNewProperty):
2180         (JSC::PutPropertySlot::base):
2181         * runtime/RegExpConstructor.cpp:
2182         (JSC::RegExpConstructor::RegExpConstructor):
2183         * runtime/ScopeChain.cpp:
2184         (JSC::ScopeChainNode::print):
2185         * runtime/ScopeChain.h:
2186         (JSC::ScopeChainNode::~ScopeChainNode):
2187         (JSC::ScopeChainIterator::operator*):
2188         (JSC::ScopeChainIterator::operator->):
2189         (JSC::ScopeChain::top):
2190         * runtime/ScopeChainMark.h:
2191         (JSC::ScopeChain::markAggregate):
2192         * runtime/SmallStrings.cpp:
2193         (JSC::isMarked):
2194         (JSC::SmallStrings::markChildren):
2195         * runtime/SmallStrings.h:
2196         (JSC::SmallStrings::emptyString):
2197         (JSC::SmallStrings::singleCharacterString):
2198         (JSC::SmallStrings::singleCharacterStrings):
2199         * runtime/StringConstructor.cpp:
2200         (JSC::StringConstructor::StringConstructor):
2201         * runtime/StringObject.cpp:
2202         (JSC::StringObject::StringObject):
2203         * runtime/StringObject.h:
2204         * runtime/StringPrototype.cpp:
2205         (JSC::StringPrototype::StringPrototype):
2206         * runtime/Structure.cpp:
2207         (JSC::Structure::Structure):
2208         (JSC::Structure::addPropertyTransition):
2209         (JSC::Structure::toDictionaryTransition):
2210         (JSC::Structure::flattenDictionaryStructure):
2211         * runtime/Structure.h:
2212         (JSC::Structure::storedPrototype):
2213         * runtime/WeakGCMap.h:
2214         (JSC::WeakGCMap::uncheckedGet):
2215         (JSC::WeakGCMap::isValid):
2216         (JSC::::get):
2217         (JSC::::take):
2218         (JSC::::set):
2219         (JSC::::uncheckedRemove):
2220         * runtime/WriteBarrier.h: Removed.
2221
2222 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2223
2224         Reviewed by Geoff Garen.
2225
2226         https://bugs.webkit.org/show_bug.cgi?id=53352
2227         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2228
2229         The FixedVMPoolAllocator currently uses a best fix policy -
2230         switch to first fit, this is less prone to external fragmentation.
2231
2232         * jit/ExecutableAllocatorFixedVMPool.cpp:
2233         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2234         (JSC::AllocationTableSizeClass::blockSize):
2235         (JSC::AllocationTableSizeClass::blockCount):
2236         (JSC::AllocationTableSizeClass::blockAlignment):
2237         (JSC::AllocationTableSizeClass::size):
2238         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2239         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2240         (JSC::AllocationTableLeaf::allocate):
2241         (JSC::AllocationTableLeaf::free):
2242         (JSC::AllocationTableLeaf::isEmpty):
2243         (JSC::AllocationTableLeaf::isFull):
2244         (JSC::AllocationTableLeaf::size):
2245         (JSC::AllocationTableLeaf::classForSize):
2246         (JSC::AllocationTableLeaf::dump):
2247         (JSC::LazyAllocationTable::LazyAllocationTable):
2248         (JSC::LazyAllocationTable::~LazyAllocationTable):
2249         (JSC::LazyAllocationTable::allocate):
2250         (JSC::LazyAllocationTable::free):
2251         (JSC::LazyAllocationTable::isEmpty):
2252         (JSC::LazyAllocationTable::isFull):
2253         (JSC::LazyAllocationTable::size):
2254         (JSC::LazyAllocationTable::dump):
2255         (JSC::LazyAllocationTable::classForSize):
2256         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2257         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2258         (JSC::AllocationTableDirectory::allocate):
2259         (JSC::AllocationTableDirectory::free):
2260         (JSC::AllocationTableDirectory::isEmpty):
2261         (JSC::AllocationTableDirectory::isFull):
2262         (JSC::AllocationTableDirectory::size):
2263         (JSC::AllocationTableDirectory::classForSize):
2264         (JSC::AllocationTableDirectory::dump):
2265         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2266         (JSC::FixedVMPoolAllocator::alloc):
2267         (JSC::FixedVMPoolAllocator::free):
2268         (JSC::FixedVMPoolAllocator::allocated):
2269         (JSC::FixedVMPoolAllocator::isValid):
2270         (JSC::FixedVMPoolAllocator::classForSize):
2271         (JSC::FixedVMPoolAllocator::offsetToPointer):
2272         (JSC::FixedVMPoolAllocator::pointerToOffset):
2273         (JSC::ExecutableAllocator::committedByteCount):
2274         (JSC::ExecutableAllocator::isValid):
2275         (JSC::ExecutableAllocator::underMemoryPressure):
2276         (JSC::ExecutablePool::systemAlloc):
2277         (JSC::ExecutablePool::systemRelease):
2278         * wtf/PageReservation.h:
2279         (WTF::PageReservation::PageReservation):
2280         (WTF::PageReservation::commit):
2281         (WTF::PageReservation::decommit):
2282         (WTF::PageReservation::committed):
2283
2284 2011-01-27  Oliver Hunt  <oliver@apple.com>
2285
2286         Reviewed by Geoffrey Garen.
2287
2288         Convert markstack to a slot visitor API
2289         https://bugs.webkit.org/show_bug.cgi?id=53219
2290
2291         Move the MarkStack over to a slot based marking API.
2292
2293         In order to avoiding aliasing concerns there are two new types
2294         that need to be used when holding on to JSValues and JSCell that
2295         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2296         is expected to be used for any JSValue or Cell that's lifetime and
2297         marking is controlled by another GC object.  DeprecatedPtr is used
2298         for any value that we need to rework ownership for.
2299
2300         The change over to this model has produced a large amount of
2301         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2302         etc).
2303
2304         * API/JSCallbackObject.h:
2305         (JSC::JSCallbackObjectData::setPrivateProperty):
2306         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2307         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2308         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2309         (JSC::JSCallbackObject::setPrivateProperty):
2310         * API/JSCallbackObjectFunctions.h:
2311         (JSC::::put):
2312         (JSC::::staticFunctionGetter):
2313         * API/JSObjectRef.cpp:
2314         (JSObjectMakeConstructor):
2315         (JSObjectSetPrivateProperty):
2316         * API/JSWeakObjectMapRefInternal.h:
2317         * JavaScriptCore.exp:
2318         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2319         * JavaScriptCore.xcodeproj/project.pbxproj:
2320         * bytecode/CodeBlock.cpp:
2321         (JSC::CodeBlock::markAggregate):
2322         * bytecode/CodeBlock.h:
2323         (JSC::CodeBlock::globalObject):
2324         * bytecompiler/BytecodeGenerator.cpp:
2325         (JSC::BytecodeGenerator::BytecodeGenerator):
2326         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2327         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2328         (JSC::BytecodeGenerator::findScopedProperty):
2329         * debugger/DebuggerActivation.cpp:
2330         (JSC::DebuggerActivation::DebuggerActivation):
2331         (JSC::DebuggerActivation::markChildren):
2332         * debugger/DebuggerActivation.h:
2333         * interpreter/Interpreter.cpp:
2334         (JSC::Interpreter::resolve):
2335         (JSC::Interpreter::resolveSkip):
2336         (JSC::Interpreter::resolveGlobalDynamic):
2337         (JSC::Interpreter::resolveBaseAndProperty):
2338         (JSC::Interpreter::unwindCallFrame):
2339         (JSC::appendSourceToError):
2340         (JSC::Interpreter::execute):
2341         (JSC::Interpreter::privateExecute):
2342         * interpreter/Register.h:
2343         (JSC::Register::jsValueSlot):
2344         * jit/JITStubs.cpp:
2345         (JSC::JITThunks::tryCacheGetByID):
2346         (JSC::DEFINE_STUB_FUNCTION):
2347         * jsc.cpp:
2348         (GlobalObject::GlobalObject):
2349         * runtime/Arguments.cpp:
2350         (JSC::Arguments::markChildren):
2351         (JSC::Arguments::getOwnPropertySlot):
2352         (JSC::Arguments::getOwnPropertyDescriptor):
2353         (JSC::Arguments::put):
2354         * runtime/Arguments.h:
2355         (JSC::Arguments::setActivation):
2356         (JSC::Arguments::Arguments):
2357         * runtime/ArrayConstructor.cpp:
2358         (JSC::ArrayConstructor::ArrayConstructor):
2359         (JSC::constructArrayWithSizeQuirk):
2360         * runtime/ArrayPrototype.cpp:
2361         (JSC::arrayProtoFuncSplice):
2362         * runtime/BatchedTransitionOptimizer.h:
2363         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2364         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2365         * runtime/BooleanConstructor.cpp:
2366         (JSC::BooleanConstructor::BooleanConstructor):
2367         (JSC::constructBoolean):
2368         (JSC::constructBooleanFromImmediateBoolean):
2369         * runtime/BooleanPrototype.cpp:
2370         (JSC::BooleanPrototype::BooleanPrototype):
2371         * runtime/ConservativeSet.h:
2372         (JSC::ConservativeSet::mark):
2373         * runtime/DateConstructor.cpp:
2374         (JSC::DateConstructor::DateConstructor):
2375         * runtime/DateInstance.cpp:
2376         (JSC::DateInstance::DateInstance):
2377         * runtime/DatePrototype.cpp:
2378         (JSC::dateProtoFuncSetTime):
2379         (JSC::setNewValueFromTimeArgs):
2380         (JSC::setNewValueFromDateArgs):
2381         (JSC::dateProtoFuncSetYear):
2382         * runtime/ErrorConstructor.cpp:
2383         (JSC::ErrorConstructor::ErrorConstructor):
2384         * runtime/ErrorInstance.cpp:
2385         (JSC::ErrorInstance::ErrorInstance):
2386         * runtime/ErrorPrototype.cpp:
2387         (JSC::ErrorPrototype::ErrorPrototype):
2388         * runtime/FunctionConstructor.cpp:
2389         (JSC::FunctionConstructor::FunctionConstructor):
2390         * runtime/FunctionPrototype.cpp:
2391         (JSC::FunctionPrototype::FunctionPrototype):
2392         * runtime/GetterSetter.cpp:
2393         (JSC::GetterSetter::markChildren):
2394         * runtime/GetterSetter.h:
2395         (JSC::GetterSetter::GetterSetter):
2396         (JSC::GetterSetter::getter):
2397         (JSC::GetterSetter::setGetter):
2398         (JSC::GetterSetter::setter):
2399         (JSC::GetterSetter::setSetter):
2400         * runtime/GlobalEvalFunction.cpp:
2401         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2402         (JSC::GlobalEvalFunction::markChildren):
2403         * runtime/GlobalEvalFunction.h:
2404         (JSC::GlobalEvalFunction::cachedGlobalObject):
2405         * runtime/Heap.cpp:
2406         (JSC::Heap::markProtectedObjects):
2407         (JSC::Heap::markTempSortVectors):
2408         (JSC::Heap::markRoots):
2409         * runtime/InternalFunction.cpp:
2410         (JSC::InternalFunction::InternalFunction):
2411         * runtime/JSAPIValueWrapper.h:
2412         (JSC::JSAPIValueWrapper::value):
2413         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2414         * runtime/JSActivation.cpp:
2415         (JSC::JSActivation::put):
2416         * runtime/JSArray.cpp:
2417         (JSC::JSArray::JSArray):
2418         (JSC::JSArray::getOwnPropertySlot):
2419         (JSC::JSArray::getOwnPropertyDescriptor):
2420         (JSC::JSArray::put):
2421         (JSC::JSArray::putSlowCase):
2422         (JSC::JSArray::deleteProperty):
2423         (JSC::JSArray::increaseVectorLength):
2424         (JSC::JSArray::setLength):
2425         (JSC::JSArray::pop):
2426         (JSC::JSArray::push):
2427         (JSC::JSArray::unshiftCount):
2428         (JSC::JSArray::sort):
2429         (JSC::JSArray::fillArgList):
2430         (JSC::JSArray::copyToRegisters):
2431         (JSC::JSArray::compactForSorting):
2432         * runtime/JSArray.h:
2433         (JSC::JSArray::getIndex):
2434         (JSC::JSArray::setIndex):
2435         (JSC::JSArray::uncheckedSetIndex):
2436         (JSC::JSArray::markChildrenDirect):
2437         * runtime/JSByteArray.cpp:
2438         (JSC::JSByteArray::JSByteArray):
2439         * runtime/JSCell.h:
2440         (JSC::JSCell::MarkStack::append):
2441         (JSC::JSCell::MarkStack::appendCell):
2442         * runtime/JSFunction.cpp:
2443         (JSC::JSFunction::JSFunction):
2444         (JSC::JSFunction::getOwnPropertySlot):
2445         * runtime/JSGlobalObject.cpp:
2446         (JSC::markIfNeeded):
2447         (JSC::JSGlobalObject::reset):
2448         (JSC::JSGlobalObject::resetPrototype):
2449         (JSC::JSGlobalObject::markChildren):
2450         * runtime/JSGlobalObject.h:
2451         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2452         (JSC::JSGlobalObject::regExpConstructor):
2453         (JSC::JSGlobalObject::errorConstructor):
2454         (JSC::JSGlobalObject::evalErrorConstructor):
2455         (JSC::JSGlobalObject::rangeErrorConstructor):
2456         (JSC::JSGlobalObject::referenceErrorConstructor):
2457         (JSC::JSGlobalObject::syntaxErrorConstructor):
2458         (JSC::JSGlobalObject::typeErrorConstructor):
2459         (JSC::JSGlobalObject::URIErrorConstructor):
2460         (JSC::JSGlobalObject::evalFunction):
2461         (JSC::JSGlobalObject::objectPrototype):
2462         (JSC::JSGlobalObject::functionPrototype):
2463         (JSC::JSGlobalObject::arrayPrototype):
2464         (JSC::JSGlobalObject::booleanPrototype):
2465         (JSC::JSGlobalObject::stringPrototype):
2466         (JSC::JSGlobalObject::numberPrototype):
2467         (JSC::JSGlobalObject::datePrototype):
2468         (JSC::JSGlobalObject::regExpPrototype):
2469         (JSC::JSGlobalObject::methodCallDummy):
2470         (JSC::constructArray):
2471         * runtime/JSONObject.cpp:
2472         (JSC::Stringifier::Holder::object):
2473         (JSC::Stringifier::Holder::objectSlot):
2474         (JSC::Stringifier::markAggregate):
2475         (JSC::Stringifier::stringify):
2476         (JSC::Stringifier::Holder::appendNextProperty):
2477         (JSC::Walker::callReviver):
2478         (JSC::Walker::walk):
2479         * runtime/JSObject.cpp:
2480         (JSC::JSObject::defineGetter):
2481         (JSC::JSObject::defineSetter):
2482         (JSC::JSObject::removeDirect):
2483         (JSC::JSObject::putDirectFunction):
2484         (JSC::JSObject::putDirectFunctionWithoutTransition):
2485         (JSC::putDescriptor):
2486         (JSC::JSObject::defineOwnProperty):
2487         * runtime/JSObject.h:
2488         (JSC::JSObject::putDirectOffset):
2489         (JSC::JSObject::putUndefinedAtDirectOffset):
2490         (JSC::JSObject::flattenDictionaryObject):
2491         (JSC::JSObject::putDirectInternal):
2492         (JSC::JSObject::putDirect):
2493         (JSC::JSObject::putDirectFunction):
2494         (JSC::JSObject::putDirectWithoutTransition):
2495         (JSC::JSObject::putDirectFunctionWithoutTransition):
2496         (JSC::JSValue::putDirect):
2497         (JSC::JSObject::allocatePropertyStorageInline):
2498         (JSC::JSObject::markChildrenDirect):
2499         * runtime/JSStaticScopeObject.cpp:
2500         (JSC::JSStaticScopeObject::markChildren):
2501         * runtime/JSString.cpp:
2502         (JSC::StringObject::create):
2503         * runtime/JSValue.h:
2504         * runtime/JSWrapperObject.cpp:
2505         (JSC::JSWrapperObject::markChildren):
2506         * runtime/JSWrapperObject.h:
2507         (JSC::JSWrapperObject::internalValue):
2508         (JSC::JSWrapperObject::setInternalValue):
2509         * runtime/LiteralParser.cpp:
2510         (JSC::LiteralParser::parse):
2511         * runtime/Lookup.cpp:
2512         (JSC::setUpStaticFunctionSlot):
2513         * runtime/Lookup.h:
2514         (JSC::lookupPut):
2515         * runtime/MarkStack.h:
2516         * runtime/MathObject.cpp:
2517         (JSC::MathObject::MathObject):
2518         * runtime/NativeErrorConstructor.cpp:
2519         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2520         * runtime/NativeErrorPrototype.cpp:
2521         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2522         * runtime/NumberConstructor.cpp:
2523         (JSC::NumberConstructor::NumberConstructor):
2524         (JSC::constructWithNumberConstructor):
2525         * runtime/NumberObject.cpp:
2526         (JSC::constructNumber):
2527         * runtime/NumberPrototype.cpp:
2528         (JSC::NumberPrototype::NumberPrototype):
2529         * runtime/ObjectConstructor.cpp:
2530         (JSC::ObjectConstructor::ObjectConstructor):
2531         (JSC::objectConstructorGetOwnPropertyDescriptor):
2532         * runtime/Operations.h:
2533         (JSC::normalizePrototypeChain):
2534         (JSC::resolveBase):
2535         * runtime/PrototypeFunction.cpp:
2536         (JSC::PrototypeFunction::PrototypeFunction):
2537         * runtime/PutPropertySlot.h:
2538         (JSC::PutPropertySlot::setExistingProperty):
2539         (JSC::PutPropertySlot::setNewProperty):
2540         (JSC::PutPropertySlot::base):
2541         * runtime/RegExpConstructor.cpp:
2542         (JSC::RegExpConstructor::RegExpConstructor):
2543         * runtime/ScopeChain.cpp:
2544         (JSC::ScopeChainNode::print):
2545         * runtime/ScopeChain.h:
2546         (JSC::ScopeChainNode::~ScopeChainNode):
2547         (JSC::ScopeChainIterator::operator*):
2548         (JSC::ScopeChainIterator::operator->):
2549         (JSC::ScopeChain::top):
2550         * runtime/ScopeChainMark.h:
2551         (JSC::ScopeChain::markAggregate):
2552         * runtime/SmallStrings.cpp:
2553         (JSC::isMarked):
2554         (JSC::SmallStrings::markChildren):
2555         * runtime/SmallStrings.h:
2556         (JSC::SmallStrings::emptyString):
2557         (JSC::SmallStrings::singleCharacterString):
2558         (JSC::SmallStrings::singleCharacterStrings):
2559         * runtime/StringConstructor.cpp:
2560         (JSC::StringConstructor::StringConstructor):
2561         * runtime/StringObject.cpp:
2562         (JSC::StringObject::StringObject):
2563         * runtime/StringObject.h:
2564         * runtime/StringPrototype.cpp:
2565         (JSC::StringPrototype::StringPrototype):
2566         * runtime/Structure.cpp:
2567         (JSC::Structure::flattenDictionaryStructure):
2568         * runtime/Structure.h:
2569         (JSC::Structure::storedPrototypeSlot):
2570         * runtime/WeakGCMap.h:
2571         (JSC::WeakGCMap::uncheckedGet):
2572         (JSC::WeakGCMap::uncheckedGetSlot):
2573         (JSC::::get):
2574         (JSC::::take):
2575         (JSC::::set):
2576         (JSC::::uncheckedRemove):
2577         * runtime/WriteBarrier.h: Added.
2578         (JSC::DeprecatedPtr::DeprecatedPtr):
2579         (JSC::DeprecatedPtr::get):
2580         (JSC::DeprecatedPtr::operator*):
2581         (JSC::DeprecatedPtr::operator->):
2582         (JSC::DeprecatedPtr::slot):
2583         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2584         (JSC::DeprecatedPtr::operator!):
2585         (JSC::WriteBarrierBase::set):
2586         (JSC::WriteBarrierBase::get):
2587         (JSC::WriteBarrierBase::operator*):
2588         (JSC::WriteBarrierBase::operator->):
2589         (JSC::WriteBarrierBase::slot):
2590         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2591         (JSC::WriteBarrierBase::operator!):
2592         (JSC::WriteBarrier::WriteBarrier):
2593         (JSC::operator==):
2594
2595 2011-01-28  Adam Roben  <aroben@apple.com>
2596
2597         Chromium build fix after r76967
2598
2599         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
2600         similar macros in this file.
2601
2602 2011-01-28  Michael Saboff  <msaboff@apple.com>
2603
2604         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2605         https://bugs.webkit.org/show_bug.cgi?id=53271
2606
2607         Reapplying this this change.  No change from prior patch in
2608         JavaScriptCore.
2609
2610         Added new isValid() methods to check if a contained object in
2611         a WeakGCMap is valid when using an unchecked iterator.
2612
2613         * runtime/WeakGCMap.h:
2614         (JSC::WeakGCMap::isValid):
2615
2616 2011-01-27  Adam Roben  <aroben@apple.com>
2617
2618         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
2619         function
2620
2621         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
2622         Win32 event
2623
2624         Reviewed by Dave Hyatt.
2625
2626         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
2627
2628         * wtf/ThreadingPrimitives.h: Declare the new function.
2629
2630         * wtf/ThreadingWin.cpp:
2631         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
2632         interval from here...
2633         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
2634
2635 2011-01-28  Sam Weinig  <sam@webkit.org>
2636
2637         Reviewed by Maciej Stachowiak.
2638
2639         Add basic rubber banding support
2640         <rdar://problem/8219429>
2641         https://bugs.webkit.org/show_bug.cgi?id=53277
2642
2643         * wtf/Platform.h: Add ENABLE for rubber banding.
2644
2645 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2646
2647         Unreviewed, rolling out r76893.
2648         http://trac.webkit.org/changeset/76893
2649         https://bugs.webkit.org/show_bug.cgi?id=53287
2650
2651         It made some tests crash on GTK and Qt debug bots (Requested
2652         by Ossy on #webkit).
2653
2654         * runtime/WeakGCMap.h:
2655
2656 2011-01-27  Adam Barth  <abarth@webkit.org>
2657
2658         Reviewed by Eric Seidel.
2659
2660         Add WTFString method to compare equality with Vector<UChar>
2661         https://bugs.webkit.org/show_bug.cgi?id=53266
2662
2663         I'm planning to use this method in the new XSS filter implementation,
2664         but it seems generally useful.
2665
2666         * wtf/text/StringImpl.h:
2667         (WTF::equalIgnoringNullity):
2668         * wtf/text/WTFString.h:
2669         (WTF::equalIgnoringNullity):
2670
2671 2011-01-27  Michael Saboff  <msaboff@apple.com>
2672
2673         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2674         https://bugs.webkit.org/show_bug.cgi?id=53271
2675
2676         Added new isValid() methods to check if a contained object in
2677         a WeakGCMap is valid when using an unchecked iterator.
2678
2679         * runtime/WeakGCMap.h:
2680         (JSC::WeakGCMap::isValid):
2681
2682 2011-01-26  Sam Weinig  <sam@webkit.org>
2683
2684         Reviewed by Maciej Stachowiak.
2685
2686         Add events to represent the start/end of a gesture scroll
2687         https://bugs.webkit.org/show_bug.cgi?id=53215
2688
2689         * wtf/Platform.h: Add ENABLE for gesture events. 
2690
2691 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
2692
2693         Reviewed by Laszlo Gombos.
2694
2695         [Qt][Symbian] Fix --minimal build
2696         https://bugs.webkit.org/show_bug.cgi?id=52839
2697
2698         Move definition of USE_SYSTEM_MALLOC out of pri file.
2699         Put it in platform.h instead.
2700
2701         * wtf/Platform.h:
2702         * wtf/TCSystemAlloc.cpp:
2703         * wtf/wtf.pri:
2704
2705 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
2706
2707         Reviewed by Andreas Kling.
2708
2709         [WINCE] Add JIT support to build system
2710         https://bugs.webkit.org/show_bug.cgi?id=53079
2711
2712         * CMakeListsWinCE.txt:
2713
2714 2011-01-25  Adam Roben  <aroben@apple.com>
2715
2716         Windows Production build fix
2717
2718         Reviewed by Steve Falkenburg.
2719
2720         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
2721         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
2722         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
2723
2724 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
2725
2726         Rubber-stamped by Adam Roben.
2727
2728         Windows production build fix.
2729         Use correct environment variable escaping
2730
2731         * JavaScriptCore.vcproj/JavaScriptCore.make:
2732         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2733
2734 2011-01-25  Oliver Hunt  <oliver@apple.com>
2735
2736         Reviewed by Gavin Barraclough.
2737
2738         JSON.stringify processing time exponentially grows with size of object
2739         https://bugs.webkit.org/show_bug.cgi?id=51922
2740
2741         Remove last use of reserveCapacity from JSON stringification, as it results
2742         in appalling append behaviour when there are a large number of property names
2743         and nothing else.
2744
2745         * runtime/JSONObject.cpp:
2746         (JSC::Stringifier::appendQuotedString):
2747
2748 2011-01-25  Antti Koivisto  <antti@apple.com>
2749
2750         Not reviewed.
2751         
2752         Try to fix windows build.
2753
2754         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2755
2756 2011-01-25  Antti Koivisto  <antti@apple.com>
2757
2758         Reviewed by Oliver Hunt.
2759
2760         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
2761         https://bugs.webkit.org/show_bug.cgi?id=53061
2762          
2763         Cache did not know about the subclass so failed to fully delete the items. 
2764         Got rid of the subclass and moved the classes to separate files.
2765
2766         * CMakeLists.txt:
2767         * GNUmakefile.am:
2768         * JavaScriptCore.exp:
2769         * JavaScriptCore.gypi:
2770         * JavaScriptCore.pro:
2771         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2772         * JavaScriptCore.xcodeproj/project.pbxproj:
2773         * parser/JSParser.cpp:
2774         (JSC::JSParser::Scope::saveFunctionInfo):
2775         (JSC::JSParser::Scope::restoreFunctionInfo):
2776         (JSC::JSParser::findCachedFunctionInfo):
2777         (JSC::JSParser::parseFunctionInfo):
2778         * parser/SourceProvider.h:
2779         * parser/SourceProviderCache.cpp: Added.
2780         (JSC::SourceProviderCache::~SourceProviderCache):
2781         (JSC::SourceProviderCache::byteSize):
2782         * parser/SourceProviderCache.h: Added.
2783         (JSC::SourceProviderCache::SourceProviderCache):
2784         (JSC::SourceProviderCache::add):
2785         (JSC::SourceProviderCache::get):
2786         * parser/SourceProviderCacheItem.h: Added.
2787         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
2788         (JSC::SourceProviderCacheItem::approximateByteSize):
2789         (JSC::SourceProviderCacheItem::closeBraceToken):
2790
2791 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
2792
2793         Reviewed by Darin Adler.
2794
2795         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
2796         statement
2797         https://bugs.webkit.org/show_bug.cgi?id=53087.
2798
2799         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
2800         with a "return" so that the code is more readable and less error pro
2801         (e.g., "else" doesn't use braces so adding extra lines to the else
2802         block won't have any effect; even worse, code still compiles
2803         successfully.
2804
2805         * wtf/Assertions.cpp:
2806
2807 2011-01-24  Chris Marrin  <cmarrin@apple.com>
2808
2809         Reviewed by Eric Seidel.
2810
2811         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
2812         https://bugs.webkit.org/show_bug.cgi?id=53041
2813
2814         * Configurations/FeatureDefines.xcconfig:
2815
2816 2011-01-25  Adam Roben  <aroben@apple.com>
2817
2818         Windows Production build fix
2819
2820         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
2821
2822 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
2823
2824         Reviewed by Eric Seidel.
2825
2826         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
2827         https://bugs.webkit.org/show_bug.cgi?id=52949
2828
2829         * jit/JITStubs.cpp:
2830
2831 2011-01-24  Adam Roben  <aroben@apple.com>
2832
2833         Windows Production build fix
2834
2835         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
2836
2837 2011-01-24  Peter Varga  <pvarga@webkit.org>
2838
2839         Reviewed by Oliver Hunt.
2840
2841         Optimize regex patterns which contain empty alternatives
2842         https://bugs.webkit.org/show_bug.cgi?id=51395
2843
2844         Eliminate the empty alternatives from the regex pattern and convert it to do
2845         the matching in an easier way.
2846
2847         * yarr/YarrPattern.cpp:
2848         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2849
2850 2011-01-24  Andras Becsi  <abecsi@webkit.org>
2851
2852         Reviewed by Csaba Osztrogonác.
2853
2854         [Qt] Move project files into Source
2855         https://bugs.webkit.org/show_bug.cgi?id=52891
2856
2857         * JavaScriptCore.pri:
2858         * JavaScriptCore.pro:
2859         * jsc.pro:
2860
2861 2011-01-23  Mark Rowe  <mrowe@apple.com>
2862
2863         Follow-up to r76477.
2864
2865         Fix the scripts that detect problematic code such as static initializers
2866         and destructors, weak vtables, inappropriate files in the framework wrappers,
2867         and public headers including private headers. These had all been broken
2868         since the projects were moved in to the Source directory as the paths to the
2869         scripts were not updated at that time.
2870
2871         * JavaScriptCore.xcodeproj/project.pbxproj:
2872
2873 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2874
2875         Reviewed by Darin Adler.
2876
2877         Use WTF::StringHasher in WebCore
2878         https://bugs.webkit.org/show_bug.cgi?id=52934
2879
2880         Add an additional function to calculate the hash
2881         of data with a runtimedependent size.
2882
2883         * wtf/StringHasher.h:
2884         (WTF::StringHasher::createBlobHash):
2885
2886 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2887
2888         Reviewed by David Kilzer.
2889
2890         Fix comment in String::ascii()
2891         https://bugs.webkit.org/show_bug.cgi?id=52980
2892
2893         * wtf/text/WTFString.cpp:
2894         (WTF::String::ascii):
2895
2896 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2897
2898         Reviewed by David Kilzer.
2899
2900         Add String::containsOnlyLatin1()
2901         https://bugs.webkit.org/show_bug.cgi?id=52979
2902
2903         * wtf/text/WTFString.h:
2904         (WTF::String::containsOnlyLatin1):
2905         (WTF::charactersAreAllLatin1):
2906
2907 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2908
2909         Reviewed by Oliver Hunt.
2910
2911         Remove obsolete JSVALUE32 code
2912         https://bugs.webkit.org/show_bug.cgi?id=52948
2913
2914         r70111 removed support for JSVALUE32.
2915         ARM, MIPS and X86 support JSVALUE32_64 only.
2916
2917         * jit/JITStubs.cpp:
2918
2919 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2920
2921         Reviewed by Dan Bernstein.
2922
2923         ASSERT running run-webkit-tests --threaded.
2924         https://bugs.webkit.org/show_bug.cgi?id=52971
2925         
2926         SunSpider and v8 report no change.
2927
2928         * runtime/ConservativeSet.cpp:
2929         (JSC::ConservativeSet::grow):
2930         (JSC::ConservativeSet::add):
2931         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
2932         the growth policy to 2X, to make SunSpider and v8 happy.
2933         (JSC::ConservativeSet::ConservativeSet):
2934         (JSC::ConservativeSet::~ConservativeSet):
2935         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
2936         Malloc is forbidden during a multi-threaded mark phase because it can
2937         cause deadlock.
2938
2939 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2940
2941         Reviewed by Geoffrey Garen.
2942
2943         Rubber-stamped by Maciej Stachowiak.
2944
2945         A few of Maciej's review suggestions for my last patch.
2946         https://bugs.webkit.org/show_bug.cgi?id=52946        
2947
2948         SunSpider reports no change.
2949
2950         * Android.mk:
2951         * CMakeLists.txt:
2952         * GNUmakefile.am:
2953         * JavaScriptCore.gypi:
2954         * JavaScriptCore.pro:
2955         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2956         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
2957
2958         * runtime/ConservativeSet.cpp: Added.
2959         (JSC::isPointerAligned):
2960         (JSC::ConservativeSet::add):
2961         * runtime/ConservativeSet.h: Added.
2962         (JSC::ConservativeSet::ConservativeSet):
2963         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
2964         file, and moved the conservative check into ConservativeSet::add, making
2965         ConservativeSet's responsibility clearer.
2966
2967         * runtime/Heap.cpp:
2968         (JSC::Heap::markRoots):
2969         * runtime/MachineStackMarker.cpp:
2970         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2971         (JSC::MachineStackMarker::markOtherThreadConservatively):
2972         * runtime/MachineStackMarker.h:
2973         * runtime/MarkStack.h: Updated for changes above.
2974
2975 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
2976
2977         Unreviewed WinCE build fix for r76430.
2978
2979         * runtime/MachineStackMarker.cpp:
2980         (JSC::swapIfBackwards):
2981
2982 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2983
2984         Reviewed by Beth Dakin.
2985
2986         Reorganized MarkedSpace, making many of its functions private.
2987
2988         * runtime/JSCell.h:
2989         (JSC::JSCell::Heap::heap):
2990         * runtime/MarkedSpace.h:
2991         (JSC::MarkedSpace::globalData):
2992         (JSC::MarkedSpace::heap):
2993
2994 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2995
2996         Try to fix build: moved helper function out of #ifdef.
2997
2998         * runtime/MachineStackMarker.cpp:
2999         (JSC::swapIfBackwards):
3000
3001 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3002
3003         Rubber-stamped by Maciej Stachowiak.
3004
3005         A few of Maciej's review suggestions for my last patch.
3006         https://bugs.webkit.org/show_bug.cgi?id=52946        
3007
3008         SunSpider reports no change.
3009
3010         * runtime/MachineStackMarker.cpp:
3011         (JSC::swapIfBackwards): Added a helper function for handling platforms
3012         where the stack can grow in any direction.
3013
3014         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3015         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
3016         function.
3017
3018         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
3019
3020         (JSC::MachineStackMarker::markConservatively): Changed to use a more
3021         standard looping idiom, and to use the helper function above.
3022
3023         * runtime/MarkedSpace.h:
3024         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
3025
3026 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3027
3028         Reviewed by Maciej Stachowiak.
3029
3030         Cleaned up some conservative marking code.
3031         https://bugs.webkit.org/show_bug.cgi?id=52946
3032         
3033         SunSpider reports no change.
3034
3035         * interpreter/RegisterFile.h: No need for a special marking function,
3036         since we already expose a start() and end().
3037
3038         * runtime/Heap.cpp:
3039         (JSC::Heap::registerFile):
3040         (JSC::Heap::markRoots):
3041         * runtime/Heap.h:
3042         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3043         marker class. Now, Heap just provides a contains() function, which the
3044         machine stack marker uses for checking whether a pointer points into the heap.
3045
3046         * runtime/MachineStackMarker.cpp:
3047         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3048         (JSC::MachineStackMarker::markOtherThreadConservatively):
3049         (JSC::isPointerAligned):
3050         (JSC::MachineStackMarker::markConservatively):
3051         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3052
3053         * runtime/MarkStack.h:
3054         (JSC::ConservativeSet::add):
3055         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3056         set. Vector seems to be a bit faster, and it generates smaller code.
3057
3058         * runtime/MarkedSpace.cpp:
3059         (JSC::MarkedSpace::containsSlowCase):
3060         * runtime/MarkedSpace.h:
3061         (JSC::MarkedSpace::isCellAligned):
3062         (JSC::MarkedSpace::isPossibleCell):
3063         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3064         pointer pointed into marked space, and moved the code for marking
3065         a set of conservative pointers into the machine stack marker.
3066
3067         * wtf/HashSet.h:
3068         (WTF::::add): Added two missing inlines that I noticed while testing
3069         vector vs hash set.
3070
3071 2011-01-21  Mark Rowe  <mrowe@apple.com>
3072
3073         Reviewed by Sam Weinig.
3074
3075         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3076         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3077
3078         * wtf/PageAllocation.h:
3079         (WTF::PageAllocation::operator bool):
3080         * wtf/PageReservation.h:
3081         (WTF::PageReservation::operator bool):
3082
3083 2011-01-21  Michael Saboff  <msaboff@apple.com>
3084
3085         Reviewed by Oliver Hunt.
3086
3087         [RegexFuzz] Hang with forward assertion
3088         https://bugs.webkit.org/show_bug.cgi?id=52825
3089         <rdar://problem/8894332>
3090
3091         The backtrackTo label from the first term in a list of terms is
3092         being overwritten by processing of subsequent terms.  Changed
3093         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3094         before copying and renamed it to propagateBacktrackToLabel() since
3095         it no longer copies.
3096
3097         * yarr/YarrJIT.cpp:
3098         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3099         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3100
3101 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3102
3103         Reviewed by Sam Weinig.
3104
3105         Moved the mark stack from global data to the heap, since it pertains
3106         to the heap, and not the virtual machine as a whole.
3107         https://bugs.webkit.org/show_bug.cgi?id=52930
3108         
3109         SunSpider reports no change.
3110
3111         * runtime/Heap.cpp:
3112         (JSC::Heap::Heap):
3113         (JSC::Heap::markRoots):
3114         * runtime/Heap.h:
3115         * runtime/JSGlobalData.cpp:
3116         (JSC::JSGlobalData::JSGlobalData):
3117         * runtime/JSGlobalData.h:
3118
3119 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3120
3121         Reviewed by Darin Adler.
3122
3123         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3124         https://bugs.webkit.org/show_bug.cgi?id=52814
3125
3126         Get the approximateByteSize value before releasing the OwnPtr.
3127
3128         * parser/JSParser.cpp:
3129         (JSC::JSParser::parseFunctionInfo):
3130
3131 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3132
3133         Reviewed by Martin Robinson.
3134
3135         Remove unnecessary <stdio.h> include
3136         https://bugs.webkit.org/show_bug.cgi?id=52884
3137
3138         * jit/JIT.cpp: remove unnecessary include.
3139
3140 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3141
3142         Reviewed by Maciej Stachowiak.
3143
3144         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3145
3146         * wtf/OwnArrayPtr.h:
3147
3148 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3149
3150         Reviewed by Oliver Hunt.
3151
3152         [WINCE] Remove obsolete JSVALUE32 code
3153         https://bugs.webkit.org/show_bug.cgi?id=52450
3154
3155         Remove the "offset hack" in create_jit_stubs, since we
3156         only support JSVALUE32_64 in the meantime.
3157
3158         * create_jit_stubs: Removed offset argument
3159         * jit/JITStubs.cpp:
3160
3161 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3162
3163         Reviewed by Oliver Hunt.
3164
3165         When marking conservatively, guard against reviving dead objects.
3166         https://bugs.webkit.org/show_bug.cgi?id=52840
3167         
3168         SunSpider and v8 say no change.
3169
3170         * interpreter/RegisterFile.h:
3171         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3172
3173         * runtime/Heap.cpp:
3174         (JSC::Heap::recordExtraCost): No need to guard against conservative
3175         marking reviving dead objects anymore, since the conservative marking
3176         mechanism guards against this now.
3177
3178         (JSC::Heap::markConservatively):
3179         (JSC::Heap::markProtectedObjects):
3180         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3181         marking function. We want to establish a separation of concerns between
3182         visiting roots and draining the mark stack.
3183
3184         (JSC::Heap::markRoots): Gather the set of conservative references before
3185         clearning mark bits, because conservative marking now uses the mark bits
3186         to determine if a reference is valid, and avoid reviving dead objects.
3187
3188         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3189         marking reviving dead objects anymore, since the conservative marking
3190         mechanism guards against this now.
3191
3192         * runtime/Heap.h: Updated to use the ConservativeSet API.
3193
3194         * runtime/MachineStackMarker.cpp:
3195         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3196         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3197         (JSC::MachineStackMarker::markOtherThreadConservatively):
3198         (JSC::MachineStackMarker::markMachineStackConservatively):
3199         * runtime/MachineStackMarker.h: Ditto.
3200
3201         * runtime/MarkStack.h:
3202         (JSC::ConservativeSet::add):
3203         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3204         set of conservative references. This is different from MarkStack, since
3205         we don't mark the set until it is completely gathered.
3206
3207         * runtime/MarkedSpace.cpp:
3208         (JSC::MarkedSpace::freeBlock):
3209         (JSC::MarkedSpace::resizeBlocks):
3210         (JSC::MarkedSpace::markConservatively):
3211         * runtime/MarkedSpace.h: When marking conservatively, guard against
3212         reviving dead objects.
3213
3214 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3215
3216         Reviewed by Geoffrey Garen.
3217
3218         [Symbian] Fix StackBounds::initialize()
3219         https://bugs.webkit.org/show_bug.cgi?id=52842
3220
3221         * wtf/StackBounds.cpp:
3222         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3223
3224 2011-01-20  Michael Saboff  <msaboff@apple.com>
3225
3226         Reviewed by Oliver Hunt.
3227
3228         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3229         https://bugs.webkit.org/show_bug.cgi?id=52773
3230
3231         Fixed case where an existing DataLabelPtr is overwritten.  The
3232         replacing DataLabelPtr is now resolved immediately in
3233         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3234         return value for the routine as it was never used.
3235
3236         * yarr/YarrJIT.cpp:
3237         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3238
3239 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3240
3241         Reviewed by Csaba Osztrogonác.
3242
3243         [Qt][WK2] WebKit2 enabled build fails to link
3244
3245         Work around undefined reference linking issues until the buildsystem gets redesigned.
3246         These issues first occured in minimal builds (see BUG 50519).
3247
3248         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3249
3250 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3251
3252         Reviewed by Csaba Osztrogonác.
3253
3254         Refactoring of the custom allocation framework
3255         https://bugs.webkit.org/show_bug.cgi?id=49897
3256
3257         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3258         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3259         equivalent macro implementation at the necessary places.
3260
3261         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3262
3263 2011-01-20  Mark Rowe  <mrowe@apple.com>
3264
3265         Reviewed by Maciej Stachowiak.
3266
3267         Follow-up to r75766 / <rdar://problem/5469576>.
3268
3269         We were failing to initialize the key, causing all sorts of unexpected behavior.
3270
3271         * wtf/FastMalloc.cpp:
3272         (WTF::setThreadHeap):
3273         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3274         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3275
3276 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3277
3278         Reviewed by Darin Adler.
3279
3280         Rolled back in r76078, with crash fixed.
3281         https://bugs.webkit.org/show_bug.cgi?id=52668
3282         
3283         * runtime/JSGlobalObject.cpp:
3284         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3285         object moves its variables into and out of the register file. While out
3286         of the register file, the symbol table's size is not an accurate count
3287         for the size of the register array, since the BytecodeGenerator might
3288         be compiling, adding items to the symbol table.
3289         
3290 2011-01-18  Darin Adler  <darin@apple.com>
3291
3292         Reviewed by Geoffrey Garen.
3293
3294         Stack overflow when converting an Error object to string
3295         https://bugs.webkit.org/show_bug.cgi?id=46410
3296
3297         * Android.mk: Added StringRecursionChecker.cpp and
3298         StringRecursionChecker.h.
3299         * CMakeLists.txt: Ditto.
3300         * GNUmakefile.am: Ditto.
3301         * JavaScriptCore.gypi: Ditto.
3302         * JavaScriptCore.pro: Ditto.
3303         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3304         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3305
3306         * runtime/ArrayPrototype.cpp:
3307         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3308         of the older hand-written code to do the same thing.
3309         (JSC::arrayProtoFuncToLocaleString): Ditto.
3310         (JSC::arrayProtoFuncJoin): Ditto.
3311
3312         * runtime/ErrorPrototype.cpp:
3313         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3314
3315         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3316         stringRecursionCheckVisitedObjects.
3317
3318         * runtime/RegExpPrototype.cpp:
3319         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3320
3321         * runtime/StringRecursionChecker.cpp: Added.
3322         * runtime/StringRecursionChecker.h: Added.
3323
3324 2011-01-19  Oliver Hunt  <oliver@apple.com>
3325
3326         Reviewed by Gavin Barraclough.
3327
3328         Remove non-spec support for callable RegExp
3329         https://bugs.webkit.org/show_bug.cgi?id=28285
3330
3331         Remove support for callable regexps.  If it breaks sites we can
3332         just roll this out.
3333
3334         * runtime/RegExpObject.cpp:
3335         * runtime/RegExpObject.h:
3336         * tests/mozilla/expected.html: update results.
3337
3338 2011-01-19  Antti Koivisto  <antti@apple.com>
3339
3340         Reviewed by Oliver Hunt.
3341
3342         Cache function offsets to speed up javascript parsing
3343         https://bugs.webkit.org/show_bug.cgi?id=52622
3344         
3345         Use cache to save function offsets and some other info.
3346         This avoids quite a bit of work when reparsing the source.
3347
3348         * parser/ASTBuilder.h:
3349         * parser/JSParser.cpp:
3350         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3351         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3352         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3353         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3354         (JSC::JSParser::Scope::saveFunctionInfo):
3355         (JSC::JSParser::Scope::restoreFunctionInfo):
3356         (JSC::JSParser::findCachedFunctionInfo):
3357         (JSC::JSParser::JSParser):
3358         (JSC::JSParser::parseProgram):
3359         (JSC::JSParser::parseFunctionInfo):
3360         * parser/Lexer.h:
3361         (JSC::Lexer::setOffset):
3362         (JSC::Lexer::setLineNumber):
3363         (JSC::Lexer::sourceProvider):
3364         * parser/SourceProvider.h:
3365         (JSC::SourceProviderCache::SourceProviderCache):
3366         (JSC::SourceProviderCache::~SourceProviderCache):
3367         (JSC::SourceProviderCache::byteSize):
3368         (JSC::SourceProviderCache::add):
3369         (JSC::SourceProviderCache::get):
3370         (JSC::SourceProvider::SourceProvider):
3371         (JSC::SourceProvider::~SourceProvider):
3372         (JSC::SourceProvider::cache):
3373         (JSC::SourceProvider::notifyCacheSizeChanged):
3374         (JSC::SourceProvider::cacheSizeChanged):
3375         * parser/SyntaxChecker.h:
3376
3377 2011-01-19  Mark Rowe  <mrowe@apple.com>
3378
3379         Reviewed by Darin Adler.
3380
3381         Follow-up to r75766 / <rdar://problem/5469576>.
3382
3383         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3384
3385 2011-01-19  Oliver Hunt  <oliver@apple.com>
3386
3387         Reviewed by Gavin Barraclough.
3388
3389         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3390         https://bugs.webkit.org/show_bug.cgi?id=52672
3391
3392         Rather than coming up with a somewhat convoluted mechanism to ensure that
3393         developers can override the global objects prototype with a function named
3394         __proto__ and expect it to work, we just disallow it at the syntax level.
3395
3396         * parser/JSParser.cpp:
3397         (JSC::JSParser::parseFunctionInfo):
3398
3399 2011-01-19  Michael Saboff  <msaboff@apple.com>
3400
3401         Reviewed by Darin Adler.
3402
3403         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
3404         https://bugs.webkit.org/show_bug.cgi?id=52675
3405
3406         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3407         broke simple backtracking in some cases.  Reworked that change to 
3408         link both jumps and labels.
3409
3410         * yarr/YarrJIT.cpp:
3411         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3412         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3413         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3414
3415 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3416
3417         Reviewed by Yury Semikhatsky.
3418
3419         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3420         https://bugs.webkit.org/show_bug.cgi?id=52721
3421
3422         * debugger/Debugger.cpp:
3423         (JSC::Debugger::recompileAllJSFunctions):
3424         * debugger/Debugger.h:
3425         * parser/Parser.h:
3426         (JSC::Parser::parse):
3427         * parser/SourceCode.h:
3428         (JSC::SourceCode::SourceCode):
3429         * parser/SourceProvider.h:
3430         (JSC::SourceProvider::startPosition):
3431
3432 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3433
3434         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3435
3436         [Qt] Remove unnecessary "../Source" from paths
3437         after moving source files into Source is finished.
3438
3439         * JavaScriptCore.pri:
3440
3441 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3442
3443         Reviewed by Darin Adler.
3444
3445         Don't return void from void function String::split
3446         https://bugs.webkit.org/show_bug.cgi?id=52684
3447
3448         * wtf/text/WTFString.cpp:
3449         (WTF::String::split):
3450
3451 2011-01-18  Kenneth Russell  <kbr@google.com>
3452
3453         Unreviewed, rolling out r76078.
3454         http://trac.webkit.org/changeset/76078
3455         https://bugs.webkit.org/show_bug.cgi?id=52668
3456
3457         Caused crashes of fast/canvas/webgl/constants.html,
3458         fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
3459         test crashes in Release mode. WebGL crashes were observed with
3460         "run-webkit-tests fast/canvas/webgl". It was necessary to run
3461         multiple tests to provoke the crash.
3462
3463         * interpreter/RegisterFile.h:
3464         (JSC::RegisterFile::markGlobals):
3465         * runtime/JSActivation.cpp:
3466         (JSC::JSActivation::markChildren):
3467         * runtime/JSGlobalObject.cpp:
3468         (JSC::JSGlobalObject::markChildren):
3469
3470 2011-01-18  Oliver Hunt  <oliver@apple.com>
3471
3472         Reviewed by Gavin Barraclough.
3473
3474         [jsfunfuzz] Assertion asking activation for arguments when arguments is overridden
3475         https://bugs.webkit.org/show_bug.cgi?id=52690
3476
3477         Clean up code to retrieve arguments from activation and function objects.
3478         Remove the incorrect assertion from JSActivation's argumentsGetter.
3479
3480         * interpreter/Interpreter.cpp:
3481         (JSC::Interpreter::retrieveArguments):
3482         * runtime/JSActivation.cpp:
3483         (JSC::JSActivation::argumentsGetter):
3484
3485 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3486
3487         Reviewed by Darin Adler.
3488
3489         Removed RegisterFile::markGlobals because it was obtuse, and it
3490         unnecessarily relied on conservative marking.
3491         https://bugs.webkit.org/show_bug.cgi?id=52668
3492
3493         * interpreter/RegisterFile.h: Removed markGlobals.
3494
3495         * runtime/JSActivation.cpp:
3496         (JSC::JSActivation::markChildren): Added a comment explaning why some
3497         JSActivations don't always mark their registers arrays.
3498
3499         * runtime/JSGlobalObject.cpp:
3500         (JSC::JSGlobalObject::markChildren): Instead of calling markGlobals, mark
3501         the registers array directly.
3502
3503 2011-01-18  Michael Saboff  <msaboff@apple.com>
3504
3505         Reviewed by Oliver Hunt.
3506
3507         <rdar://problem/8875432> Regression: Some text-only e-mails cause hang beneath RegExp::match (52540)
3508         https://bugs.webkit.org/show_bug.cgi?id=52540
3509         https://bugs.webkit.org/show_bug.cgi?id=52662
3510
3511         Directly use backtrack label with parentheses nested under a
3512         non-capturing parentheses.  Also linked current parentheses
3513         tail code object for possible parens nested within a non-capturing
3514         parentheses.
3515
3516         * yarr/YarrJIT.cpp:
3517         (JSC::Yarr::YarrGenerator::BacktrackDestination::linkBacktrackToLabel):
3518         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3519
3520 2011-01-18  Daniel Bates  <dbates@rim.com>
3521
3522         Reviewed by Gavin Barraclough.
3523
3524         Only use moving memory model assumption in ExecutableAllocator::intializePageSize() for Symbian OS
3525         https://bugs.webkit.org/show_bug.cgi?id=52517
3526
3527         Patch by David Tapuska
3528
3529         Currently, we compile code with respect to the Symbian-specific moving memory model
3530         assumption for all ARMv5 or lower architectures. Instead, we should only compile
3531         such code when building for Symbian OS on those architectures because this model
3532         is Symbian-specific.
3533
3534         * jit/ExecutableAllocator.cpp:
3535         (JSC::ExecutableAllocator::intializePageSize):
3536
3537 2011-01-18  Dimitry Andric  <dim@freebsd.org>
3538
3539         Reviewed by Andreas Kling.
3540
3541         Fix linking JavaScriptCore on FreeBSD/amd64
3542         https://bugs.webkit.org/show_bug.cgi?id=52591
3543
3544         Linking of JavaScriptCore on FreeBSD/amd64 fails, for the same reason as
3545         in bug 28422: cti_vm_throw needs a "@plt" suffix, otherwise the linker
3546         complains about the relocation type.
3547
3548         * jit/JITStubs.cpp: use @plt suffix on x86_64 platforms, for both Linux
3549         and FreeBSD.
3550
3551 2011-01-18  Oliver Hunt  <oliver@apple.com>
3552
3553         Reviewed by Antti Koivisto.
3554
3555         [jsfunfuzz] Assertion in codegen for array of NaN constants
3556         https://bugs.webkit.org/show_bug.cgi?id=52643
3557
3558         Don't cache NaN literals in the code generator, as NaN doesn't compare
3559         as equal to itself it causes problems when rehashing the number cache.
3560
3561         * bytecompiler/BytecodeGenerator.cpp:
3562         (JSC::BytecodeGenerator::emitLoad):
3563
3564 2011-01-17  Jarred Nicholls  <jarred@sencha.com>
3565
3566         Reviewed by Csaba Osztrogonác.
3567
3568         REGRESSION(r75709): Return value of fscanf() shouldn't be ignored.
3569         https://bugs.webkit.org/show_bug.cgi?id=52585
3570         
3571         gcc 4.4.4+ has warn_unused_value attribute on fscanf, so we should check
3572         the return value to get around the gcc warning
3573
3574         * jit/ExecutableAllocatorFixedVMPool.cpp:
3575         (JSC::maybeModifyVMPoolSize):
3576
3577 2011-01-17  Michael Saboff  <msaboff@apple.com>
3578
3579         Reviewed by Oliver Hunt.
3580
3581         [regexfuzz] Crash running regex with lookahead
3582         https://bugs.webkit.org/show_bug.cgi?id=52548
3583
3584         Eliminated agressive chaining of backtracks.  This code was overwriting
3585         already valid backtrack information.
3586
3587         * yarr/YarrJIT.cpp:
3588         (JSC::Yarr::YarrGenerator::ParenthesesTail::processBacktracks):
3589
3590 2011-01-17  Tony Gentilcore  <tonyg@chromium.org>
3591
3592         Reviewed by Alexey Proskuryakov.
3593
3594         Fix some headers with missing or misspelled #ifndef guards
3595         https://bugs.webkit.org/show_bug.cgi?id=52545
3596
3597         * wtf/RefPtrHashMap.h:
3598
3599 2011-01-17  Dan Bernstein  <mitz@apple.com>
3600
3601         Rubber-stamped by Mark Rowe.
3602
3603         Update xcodeproj svn:ignore to include xcuserdata.
3604
3605         * JavaScriptCore.xcodeproj: Modified property svn:ignore.
3606
3607 2011-01-16  Adam Barth  <abarth@webkit.org>
3608
3609         Rubber-stamped by Eric Seidel.
3610
3611         Move WebKit into Source
3612         https://bugs.webkit.org/show_bug.cgi?id=52530
3613
3614         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3615
3616 2011-01-16  Oliver Hunt  <oliver@apple.com>
3617
3618         Reviewed by Sam Weinig.
3619
3620         [jsfunfuzz] Parser doesn't correctly validate for-loop syntax
3621         https://bugs.webkit.org/show_bug.cgi?id=52516
3622
3623         Ensure that we always check for a semicolon after encountering
3624         multiple declarations in the initialiser portion of a for-loop.
3625
3626         * parser/JSParser.cpp:
3627         (JSC::JSParser::parseForStatement):
3628
3629 2011-01-16  Oliver Hunt  <oliver@apple.com>
3630
3631         Reviewed by Geoffrey Garen.
3632
3633         Strict mode restrictions on arguments and eval usage aren't complete
3634         https://bugs.webkit.org/show_bug.cgi?id=52528
3635
3636         Fix a few bugs in strict mode where we incorrect allow mutation of
3637         arguments and eval in the parser.
3638
3639         Alas the "optimisation" used by the syntax checker for validating
3640         binary and unary expressions was too aggressive: we do actually need
3641         a stack for operations and operands although it needn't be as complete
3642         as that used for the full AST builder.
3643
3644         Also disallow assignment to arguments in all cases as allowing arguments
3645         to be assignable is always an error in strict mode, regardless of context.
3646
3647         * parser/ASTBuilder.h:
3648         (JSC::ASTBuilder::BinaryExprContext::BinaryExprContext):
3649         (JSC::ASTBuilder::UnaryExprContext::UnaryExprContext):
3650         * parser/JSParser.cpp:
3651         (JSC::JSParser::parseAssignmentExpression):
3652         (JSC::JSParser::parseBinaryExpression):
3653         (JSC::JSParser::parseUnaryExpression):
3654         * parser/SyntaxChecker.h:
3655         (JSC::SyntaxChecker::BinaryExprContext::BinaryExprContext):
3656         (JSC::SyntaxChecker::BinaryExprContext::~BinaryExprContext):
3657         (JSC::SyntaxChecker::UnaryExprContext::UnaryExprContext):
3658         (JSC::SyntaxChecker::UnaryExprContext::~UnaryExprContext):
3659         (JSC::SyntaxChecker::appendBinaryExpressionInfo):
3660         (JSC::SyntaxChecker::operatorStackPop):
3661
3662 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3663
3664         Reviewed by Oliver Hunt.
3665
3666         Rolled back in r75886.
3667         https://bugs.webkit.org/show_bug.cgi?id=52527
3668         
3669         r75886 broke the GTK Linux bot because Linux was -- quite surprisingly --
3670         set up to use the constants for embedded devices.
3671
3672         * jit/ExecutableAllocatorFixedVMPool.cpp:
3673         (JSC::maybeModifyVMPoolSize): Separated Linux constants from embedded
3674         constants.
3675
3676 2011-01-15  Sheriff Bot  <webkit.review.bot@gmail.com>
3677
3678         Unreviewed, rolling out r75886.
3679         http://trac.webkit.org/changeset/75886
3680         https://bugs.webkit.org/show_bug.cgi?id=52526
3681
3682         "Broke GTK+ 64bit" (Requested by xan_ on #webkit).
3683
3684         * jit/ExecutableAllocatorFixedVMPool.cpp:
3685
3686 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3687
3688         Reviewed by Sam Weinig.
3689
3690         <rdar://problem/8870429> Shrink the executable pool on embedded devices
3691
3692         * jit/ExecutableAllocatorFixedVMPool.cpp: Dropped the pool size from 32MB
3693         to 16MB.
3694
3695 2011-01-15  Oliver Hunt  <oliver@apple.com>
3696
3697         Reviewed by Maciej Stachowiak.
3698
3699         Incorrect behavior changing attributes of an accessor
3700         https://bugs.webkit.org/show_bug.cgi?id=52515
3701
3702         defineProperty doesn't correctly handle changing attributes of an accessor
3703         property.  This is because we don't pass the full descriptor to the 
3704         putDescriptor helper function, which means we have insufficient information
3705         to do the right thing. Once that's passed the correct behavior is relatively
3706         simple to implement.
3707
3708         * runtime/JSObject.cpp:
3709         (JSC::putDescriptor):
3710         (JSC::JSObject::defineOwnProperty):
3711
3712 2011-01-14  Oliver Hunt  <oliver@apple.com>
3713
3714         Reviewed by Maciej Stachowiak.
3715
3716         [jsfunfuzz] Incorrect handling of consecutive duplicate labels
3717         https://bugs.webkit.org/show_bug.cgi?id=52505
3718
3719         Compare StringImpl*'s instead of Identifier*'s when looking for duplicate
3720         labels.
3721
3722         * parser/JSParser.cpp:
3723         (JSC::JSParser::parseExpressionOrLabelStatement):
3724
3725 2011-01-14  Simon Fraser  <simon.fraser@apple.com>
3726
3727         No review.
3728         
3729         Initialize m_operationInProgress after r75855.
3730
3731         * runtime/Heap.cpp:
3732         (JSC::Heap::Heap):
3733
3734 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3735
3736         Reverted accidentally committed code from my last checkin.
3737
3738         * runtime/Heap.cpp:
3739         (JSC::Heap::markRoots):
3740
3741 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3742
3743         Reviewed by Sam Weinig.
3744         
3745         Try to fix the GTK bot.
3746
3747         * runtime/Heap.cpp:
3748         (JSC::Heap::Heap):
3749         (JSC::Heap::markRoots): Kids, remember to initialize your data members.
3750         Knowing is half the battle.
3751
3752 2011-01-14  Oliver Hunt  <oliver@apple.com>
3753
3754         Reviewed by Stephanie Lewis.
3755
3756         [jsfunfuzz] We should be clearing the lexers temporary character buffers when switching to strict mode
3757         https://bugs.webkit.org/show_bug.cgi?id=52501
3758
3759         Clear the temporary character buffers used for reading escaped characters and
3760         numbers.
3761
3762         * parser/Lexer.h:
3763         (JSC::Lexer::setOffset):
3764
3765 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3766
3767         Try to fix non-Dtrace builds: #include Tracing.h instead of TracingDtrace.h.
3768
3769         * runtime/Heap.cpp:
3770
3771 2011-01-13  Geoffrey Garen  <ggaren@apple.com>
3772
3773         Reviewed by Oliver Hunt.
3774
3775         Split out a MarkedSpace strategy object from Heap.
3776         https://bugs.webkit.org/show_bug.cgi?id=52421
3777         
3778         SunSpider reports no change.
3779
3780         * Android.mk:
3781         * CMakeLists.txt:
3782         * GNUmakefile.am:
3783         * JavaScriptCore.gypi:
3784         * JavaScriptCore.pro:
3785         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3786         * JavaScriptCore.xcodeproj/project.pbxproj: Updated our 7 build systems. Which is cool.
3787
3788         * runtime/Heap.cpp:
3789         (JSC::Heap::Heap):
3790         (JSC::Heap::destroy):
3791         (JSC::Heap::recordExtraCost):
3792         (JSC::Heap::allocate):
3793         (JSC::Heap::markConservatively):
3794         (JSC::Heap::markRoots):
3795         (JSC::Heap::objectCount):
3796         (JSC::Heap::statistics):
3797         (JSC::Heap::size):
3798         (JSC::Heap::isBusy):
3799         (JSC::Heap::collectAllGarbage):
3800         (JSC::Heap::primaryHeapBegin):
3801         (JSC::Heap::primaryHeapEnd):
3802         * runtime/Heap.h:
3803         (JSC::Heap::globalData):
3804         (JSC::Heap::markedSpace):
3805         (JSC::Heap::isCellMarked):
3806         (JSC::Heap::checkMarkCell):
3807         (JSC::Heap::markCell): Moved all code pertaining to managing chunks of
3808         collector memory out of this class. Heap now just delegates to MarkedSpace.
3809
3810         * runtime/JSCell.h:
3811         (JSC::JSCell::Heap::heap): Updated for MarkedSpace delegation.
3812
3813         * runtime/JSValue.h: Moved the ValueStringPair typedef to help with #includes.
3814
3815         * runtime/MarkedSpace.cpp: Copied from runtime/Heap.cpp.
3816         (JSC::MarkedSpace::MarkedSpace):
3817         (JSC::MarkedSpace::destroy):
3818         (JSC::MarkedSpace::allocateBlock):
3819         (JSC::MarkedSpace::freeBlock):
3820         (JSC::MarkedSpace::allocate):
3821         (JSC::MarkedSpace::resizeBlocks):
3822         (JSC::MarkedSpace::growBlocks):
3823         (JSC::MarkedSpace::shrinkBlocks):
3824         (JSC::MarkedSpace::markConservatively):
3825         (JSC::MarkedSpace::clearMarkBits):
3826         (JSC::MarkedSpace::markedCells):
3827         (JSC::MarkedSpace::sweep):
3828         (JSC::MarkedSpace::objectCount):
3829         (JSC::MarkedSpace::addToStatistics):
3830         (JSC::MarkedSpace::statistics):
3831         (JSC::MarkedSpace::size):
3832         (JSC::MarkedSpace::reset):
3833         (JSC::MarkedSpace::primaryHeapBegin):
3834         (JSC::MarkedSpace::primaryHeapEnd):
3835         * runtime/MarkedSpace.h: Copied from runtime/Heap.h.
3836         (JSC::MarkedSpace::globalData):
3837         (JSC::MarkedSpace::didShrink):
3838         (JSC::MarkedSpace::cellBlock):
3839         (JSC::MarkedSpace::cellOffset):
3840         (JSC::MarkedSpace::isCellMarked):
3841         (JSC::MarkedSpace::checkMarkCell):
3842         (JSC::MarkedSpace::markCell): Moved all code pertaining to managing chunks of
3843         collector memory into this class.
3844
3845         * runtime/MemoryStatistics.cpp:
3846         (JSC::heapStatistics):
3847         * runtime/MemoryStatistics.h: Updated for MarkedSpace delegation.
3848
3849 2011-01-14  Oliver Hunt  <oliver@apple.com>
3850
3851         Reviewed by Gavin Barraclough.
3852
3853         [jsfunfuzz] parser doesn't enforce continue restrictions correctly.
3854         https://bugs.webkit.org/show_bug.cgi?id=52493
3855
3856         This patch reworks handling of break, continue and label statements
3857         to correctly handle all the valid and invalid cases.  Previously certain
3858         errors would be missed by the parser in strict mode, but the bytecode 
3859         generator needed to handle those cases for non-strict code so nothing
3860         failed, it simply became non-standard behaviour.
3861
3862         Now that we treat break and continue errors as early faults in non-strict
3863         mode as well that safety net has been removed so the parser bugs result in
3864         crashes at codegen time.
3865
3866         * parser/JSParser.cpp:
3867         (JSC::JSParser::ScopeLabelInfo::ScopeLabelInfo):
3868         (JSC::JSParser::next):
3869         (JSC::JSParser::nextTokenIsColon):
3870         (JSC::JSParser::continueIsValid):
3871             Continue is only valid in loops so we can't use breakIsValid()
3872         (JSC::JSParser::pushLabel):
3873             We now track whether the label is for a loop (and is therefore a
3874             valid target for continue.
3875         (JSC::JSParser::popLabel):
3876         (JSC::JSParser::getLabel):
3877             Replace hasLabel with getLabel so that we can validate the target
3878             when parsing continue statements.
3879         (JSC::JSParser::Scope::continueIsValid):
3880         (JSC::JSParser::Scope::pushLabel):
3881         (JSC::JSParser::Scope::getLabel):
3882         (JSC::JSParser::JSParser):
3883         (JSC::JSParser::parseBreakStatement):
3884         (JSC::JSParser::parseContinueStatement):
3885         (JSC::LabelInfo::LabelInfo):
3886         (JSC::JSParser::parseExpressionOrLabelStatement):
3887             Consecutive labels now get handled iteratively so that we can determine
3888             whether they're valid targets for continue.
3889         * parser/Lexer.cpp:
3890         (JSC::Lexer::nextTokenIsColon):
3891         * parser/Lexer.h:
3892         (JSC::Lexer::setOffset):
3893
3894 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3895
3896         Reviewed by Adam Roben.
3897
3898         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3899         https://bugs.webkit.org/show_bug.cgi?id=45186
3900
3901         * wtf/FastMalloc.cpp:
3902         (WTF::TCMalloc_PageHeap::scheduleScavenger): Added missing this pointer to CreateTimerQueueTimer().
3903
3904 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3905
3906         Reviewed by Adam Roben.
3907
3908         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3909         https://bugs.webkit.org/show_bug.cgi?id=45186
3910
3911         r75819 accidentally changed the initial state of the scavenge timer.
3912
3913         * wtf/FastMalloc.cpp:
3914         (WTF::TCMalloc_PageHeap::initializeScavenger): Changed initial state of m_scavengingSuspended to true.
3915
3916 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3917
3918         Unreviewed Windows Release build fix.
3919
3920         * wtf/FastMalloc.cpp:
3921         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3922
3923 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3924
3925         Unreviewed Windows Release build fix.
3926
3927         * wtf/FastMalloc.cpp:
3928         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3929
3930 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3931
3932         Reviewed by Adam Roben.
3933
3934         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3935         https://bugs.webkit.org/show_bug.cgi?id=45186
3936
3937         Use CreateTimerQueueTimer() to start periodicScavenge() and stop it with DeleteTimerQueueTimer().
3938
3939         * wtf/FastMalloc.cpp:
3940         (WTF::TCMalloc_PageHeap::initializeScavenger):
3941         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
3942         (WTF::TCMalloc_PageHeap::scheduleScavenger):
3943         (WTF::TCMalloc_PageHeap::rescheduleScavenger):
3944         (WTF::TCMalloc_PageHeap::suspendScavenger):
3945         (WTF::scavengerTimerFired):
3946         (WTF::TCMalloc_PageHeap::periodicScavenge):
3947         (WTF::TCMalloc_PageHeap::signalScavenger):
3948
3949 2011-01-14  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
3950
3951         Reviewed by Kenneth Rohde Christiansen.
3952
3953         Align import/export directives
3954         https://bugs.webkit.org/show_bug.cgi?id=52208
3955
3956         * API/JSBase.h: Align import/export directives with
3957         WebKit2/Shared/API/c/WKBase.h
3958
3959 2011-01-14  Michael Saboff  <msaboff@apple.com>
3960
3961         Reviewed by Oliver Hunt.
3962
3963         Incorrect backtracking for nested alternatives
3964         https://bugs.webkit.org/show_bug.cgi?id=52387
3965
3966         In the process of propigating a datalabel it wasn't getting connected
3967         to a destination when the destination was an indirect jump.  Added
3968         code to recognize a direct backtrack destination that was an indirect
3969         jump and added mechanism to associate DataLabelPtrs with indirect
3970         jump entries.
3971         Removed dead method
3972         BacktrackDestination::linkDataLabelToHereIfExists()
3973
3974         * yarr/YarrJIT.cpp:
3975         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::IndirectJumpEntry):
3976         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::addDataLabel):
3977         (JSC::Yarr::YarrGenerator::GenerationState::addIndirectJumpEntry):
3978         (JSC::Yarr::YarrGenerator::GenerationState::emitIndirectJumpTable):
3979         Changes to link indirect jumps with DataLabelPtr's.
3980         (JSC::Yarr::YarrGenerator::BacktrackDestination::clearSubDataLabelPtr):
3981         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists): 
3982         Updated to handle immediate linking of indirect jumps to
3983         DataLabelPtr.
3984         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction): Changed to
3985         reflect updated linkDataLabelToBacktrackIfExists().
3986
3987 2011-01-14  Pavel Podivilov  <podivilov@chromium.org>
3988
3989         Reviewed by Yury Semikhatsky.
3990
3991         Web Inspector: provide script column offset to frontend.
3992         https://bugs.webkit.org/show_bug.cgi?id=52377
3993
3994         * parser/SourceCode.h:
3995         (JSC::SourceCode::SourceCode):
3996         (JSC::SourceCode::firstColumn):
3997
3998 2011-01-13  Darin Adler  <darin@apple.com>
3999
4000         Reviewed by Geoff Garen.
4001
4002         <rdar://problem/5469576> Use __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 if available.
4003
4004         * DerivedSources.make: Create a header file, HeaderDetection.h, that tells
4005         us whether pthread_machdep.h is available.
4006         * wtf/FastMalloc.cpp: If __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 is available, then
4007         don't do the pthread_getspecific_function_pointer trick.
4008         (WTF::setThreadHeap): Ditto, but set thread-specific data.
4009         (WTF::TCMalloc_ThreadCache::GetThreadHeap): Ditto, but get rather than set.
4010
4011 2011-01-13  Xan Lopez  <xlopez@igalia.com>
4012
4013         Reviewed by Gavin Barraclough.
4014
4015         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
4016         https://bugs.webkit.org/show_bug.cgi?id=42756
4017
4018         The FixedVMPool Allocator does not work well on systems where
4019         allocating very large amounts of memory upfront is not reasonable,
4020         like Linux without overcommit enabled. As a workaround, on Linux,
4021         default to the values used in embedded environments (in the MB
4022         range), and only jump to the GB range if we detect at runtime that
4023         overcommit is enabled. Should fix crashes on Linux/x86_64 with
4024         less than 3 or 4GB of RAM.
4025
4026         * jit/ExecutableAllocatorFixedVMPool.cpp:
4027         (JSC::FixedVMPoolAllocator::free): use new variables for VM pool
4028         size and coalesce limit.
4029         (JSC::ExecutableAllocator::isValid): swap the variables from
4030         embedded to generic values at runtime, on linux, if overcommit is
4031         enabled.
4032         (JSC::ExecutableAllocator::underMemoryPressure): use new variables
4033         for VM pool size and coalesce limit.
4034
4035 2011-01-12  Xan Lopez  <xlopez@igalia.com>
4036
4037         Reviewed by Martin Robinson.
4038
4039         Add new Yarr.h header to the list file.
4040
4041         * GNUmakefile.am: ditto.
4042
4043 2011-01-12  Martin Robinson  <mrobinson@igalia.com>
4044
4045         Missing Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h in WebKitGtk tarball
4046         https://bugs.webkit.org/show_bug.cgi?id=52299
4047
4048         * GNUmakefile.am: Fix the GTK+ build on ARMv7 by including missing source
4049         files in the source list.
4050
4051 2011-01-12  Peter Varga  <pvarga@webkit.org>
4052
4053         Reviewed by Gavin Barraclough.
4054
4055         Add Yarr.h to YARR
4056         https://bugs.webkit.org/show_bug.cgi?id=51021
4057
4058         Move other common constants and functions from YARR's different files
4059         to Yarr.h.
4060         Use Yarr.h header instead of including other YARR headers where it
4061         is possible.
4062
4063         * JavaScriptCore.gypi:
4064         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4065         * JavaScriptCore.xcodeproj/project.pbxproj:
4066         * runtime/RegExp.cpp:
4067         * yarr/Yarr.h: Added.
4068         * yarr/YarrInterpreter.cpp:
4069         * yarr/YarrInterpreter.h:
4070         * yarr/YarrJIT.cpp:
4071         (JSC::Yarr::jitCompile):
4072         (JSC::Yarr::execute):
4073         * yarr/YarrJIT.h:
4074         * yarr/YarrParser.h:
4075         * yarr/YarrPattern.cpp:
4076         (JSC::Yarr::YarrPattern::compile):
4077         (JSC::Yarr::YarrPattern::YarrPattern):
4078         * yarr/YarrPattern.h:
4079
4080 2011-01-12  Sheriff Bot  <webkit.review.bot@gmail.com>
4081
4082         Unreviewed, rolling out r75595.
4083         http://trac.webkit.org/changeset/75595
4084         https://bugs.webkit.org/show_bug.cgi?id=52286
4085
4086         It broke fast/regex/pcre-test-1.html (Requested by Ossy on
4087         #webkit).
4088
4089         * JavaScriptCore.gypi:
4090         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4091         * JavaScriptCore.xcodeproj/project.pbxproj:
4092         * runtime/RegExp.cpp:
4093         * yarr/Yarr.h: Removed.
4094         * yarr/YarrInterpreter.cpp:
4095         * yarr/YarrInterpreter.h:
4096         * yarr/YarrJIT.cpp:
4097         (JSC::Yarr::jitCompile):
4098         * yarr/YarrJIT.h:
4099         (JSC::Yarr::execute):
4100         * yarr/YarrParser.h:
4101         * yarr/YarrPattern.cpp:
4102         (JSC::Yarr::compile):
4103         (JSC::Yarr::YarrPattern::YarrPattern):
4104         * yarr/YarrPattern.h:
4105
4106 2011-01-12  Peter Varga  <pvarga@webkit.org>
4107
4108         Reviewed by Gavin Barraclough.
4109
4110         Add Yarr.h to YARR
4111         https://bugs.webkit.org/show_bug.cgi?id=51021
4112
4113         Move other common constants and functions from YARR's different files
4114         to Yarr.h.
4115         Use Yarr.h header instead of including other YARR headers where it
4116         is possible.
4117
4118         * JavaScriptCore.gypi:
4119         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4120         * JavaScriptCore.xcodeproj/project.pbxproj:
4121         * runtime/RegExp.cpp:
4122         * yarr/Yarr.h: Added.
4123         * yarr/YarrInterpreter.cpp:
4124         * yarr/YarrInterpreter.h:
4125         * yarr/YarrJIT.cpp:
4126         (JSC::Yarr::jitCompile):
4127         (JSC::Yarr::execute):
4128         * yarr/YarrJIT.h:
4129         * yarr/YarrParser.h:
4130         * yarr/YarrPattern.cpp:
4131         (JSC::Yarr::YarrPattern::compile):
4132         (JSC::Yarr::YarrPattern::YarrPattern):
4133         * yarr/YarrPattern.h:
4134
4135 2011-01-11  Michael Saboff  <msaboff@apple.com>
4136
4137         Reviewed by Geoffrey Garen.
4138
4139         Missing call to popTempSortVector() for exception case in JSArray::sort.
4140         https://bugs.webkit.org/show_bug.cgi?id=50718
4141
4142         Fix to patch of 50718 that added pushTempSortVector() and 
4143         popTempSortVector() to JSArray::sort() to mark elements during sort.
4144         Need to add popTempSortVector() for the return case if toString()
4145         had an exception.
4146
4147         * runtime/JSArray.cpp:
4148         (JSC::JSArray::sort): Added popTempSortVector()
4149
4150 2011-01-11  Xan Lopez  <xlopez@igalia.com>
4151
4152         Reviewed by Darin Adler.
4153
4154         Microoptimization in ~JSString
4155         https://bugs.webkit.org/show_bug.cgi?id=52222
4156
4157         The case where m_fibers is 0 seems to be the most common one
4158         (almost 1/2 of the time, followed at some distance by m_fibers = 1
4159         in 1/4 of the cases in a typical SunSpider execution). We can save
4160         one comparison in this common case by doing a bit of refactoring
4161         in the JSString destructor; overall a 0.3% progression, but only
4162         the string tests show improvement.
4163
4164         * runtime/JSString.h:
4165         (JSC::RopeBuilder::~JSString):
4166
4167 2011-01-10  Michael Saboff  <msaboff@apple.com>
4168
4169         Reviewed by Geoffrey Garen.
4170
4171         ASSERTION Failure in JSC