35d35528b1dc6253fa369c0f5dd8fa89449f0fbb
[WebKit.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-04  David Kilzer  <ddkilzer@apple.com>
2
3         BUILD FIX: REALLY remove the last vestiges of JSVALUE32!
4
5         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
6         <http://webkit.org/b/53779>
7
8         * DerivedSources.make: Removed dependency on
9         JavaScriptCore.JSVALUE32.exp.
10
11 2011-02-04  David Kilzer  <ddkilzer@apple.com>
12
13         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
14         <http://webkit.org/b/53779>
15
16         Reviewed by Darin Adler.
17
18         Support for JSVALUE32 was originaly removed in r70111.
19
20         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
21         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
22         JavaScriptCore.JSVALUE64.exp to match Platform.h.
23         * DerivedSources.make: Removed rule for
24         JavaScriptCore.JSVALUE32.exp.
25         * JavaScriptCore.JSVALUE32only.exp: Removed.
26         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
27         to JavaScriptCore.JSVALUE32only.exp.
28
29 2011-02-04  David Kilzer  <ddkilzer@apple.com>
30
31         Use static_cast and other style cleanup in YarrInterpreter.cpp
32         <http://webkit.org/b/53772>
33
34         Reviewed by John Sullivan.
35
36         * yarr/YarrInterpreter.cpp:
37         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
38         static_cast.
39         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
40         unnecessary else block.
41         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
42         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
43         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
44
45 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
46
47         Unreviewed, rolling out r77625 and r77626.
48         http://trac.webkit.org/changeset/77625
49         http://trac.webkit.org/changeset/77626
50         https://bugs.webkit.org/show_bug.cgi?id=53765
51
52         It broke Windows builds (Requested by Ossy_ on #webkit).
53
54         * JavaScriptCore.exp:
55         * JavaScriptCore.gyp/JavaScriptCore.gyp:
56         * JavaScriptCore.gypi:
57         * JavaScriptCore.pro:
58         * JavaScriptCore.xcodeproj/project.pbxproj:
59         * create_regex_tables:
60         * runtime/RegExp.cpp:
61         * wtf/Platform.h:
62         * yarr/Yarr.h:
63         * yarr/YarrJIT.cpp:
64         * yarr/YarrJIT.h:
65         * yarr/YarrParser.h:
66         * yarr/YarrPattern.h:
67         * yarr/YarrSyntaxChecker.h:
68         * yarr/yarr.pri: Removed.
69
70 2011-02-04  Jessie Berlin  <jberlin@apple.com>
71
72         Windows build fix. Unreviewed.
73
74         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
75
76 2011-02-04  Peter Varga  <pvarga@webkit.org>
77
78         Reviewed by Gavin Barraclough.
79
80         Replace PCRE with Yarr in WebCore
81         https://bugs.webkit.org/show_bug.cgi?id=53496
82
83         * JavaScriptCore.exp:
84         * JavaScriptCore.gyp/JavaScriptCore.gyp:
85         * JavaScriptCore.gypi:
86         * JavaScriptCore.pro:
87         * JavaScriptCore.xcodeproj/project.pbxproj:
88         * create_regex_tables:
89         * runtime/RegExp.cpp:
90         * wtf/Platform.h:
91         * yarr/Yarr.h:
92         * yarr/YarrJIT.cpp:
93         * yarr/YarrJIT.h:
94         * yarr/YarrParser.h:
95         * yarr/YarrPattern.h:
96         * yarr/YarrSyntaxChecker.h:
97         * yarr/yarr.pri: Added.
98
99 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
100
101         Unreviewed rollout two patches r77614 and r77612.
102
103         REGRESSION: Snow Leopard Intell Release anumber of failing tests.
104
105         * runtime/Heap.cpp:
106         (JSC::Heap::Heap):
107         (JSC::Heap::reset):
108         * runtime/Heap.h:
109         * runtime/MarkedSpace.cpp:
110         (JSC::MarkedSpace::allocate):
111         (JSC::MarkedSpace::sweep):
112         (JSC::MarkedSpace::reset):
113         * runtime/MarkedSpace.h:
114
115 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
116
117         Try to fix 32bit build.
118
119         * runtime/Heap.cpp:
120         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
121         since 1.5 is double (64bit), and the result is size_t (32bit).
122
123 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
124
125         Reviewed by Cameron Zwarich.
126
127         Changed MarkedSpace to delegate grow/shrink decisions to Heap
128         https://bugs.webkit.org/show_bug.cgi?id=53759
129         
130         SunSpider reports no change.
131         
132         * runtime/Heap.cpp:
133         (JSC::Heap::Heap):
134         (JSC::Heap::reset):
135         * runtime/Heap.h: Reorganized a few data members for better cache locality.
136         Added a grow policy.
137         
138         * runtime/MarkedSpace.cpp:
139         (JSC::MarkedSpace::allocate):
140         (JSC::MarkedSpace::sweep):
141         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
142         the heap to make an explicit sweep call.
143
144         * runtime/MarkedSpace.h:
145         (JSC::MarkedSpace::highWaterMark):
146         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
147         many bytes to allocate before failing and giving the heap an opportunity
148         to collect garbage. This also means that we allocate blocks on demand,
149         instead of ahead of time.
150
151 2011-02-03  James Kozianski  <koz@chromium.org>
152
153         Reviewed by Dimitri Glazkov.
154
155         Add navigator.registerProtocolHandler behind a flag.
156         https://bugs.webkit.org/show_bug.cgi?id=52609
157
158         * Configurations/FeatureDefines.xcconfig:
159
160 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
161
162         Reviewed by Oliver Hunt.
163
164         Not all blocks are freed when the heap is freed (counting is hard!)
165         https://bugs.webkit.org/show_bug.cgi?id=53732
166
167         * runtime/MarkedSpace.cpp:
168         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
169         keep freeing block 0 until there are no blocks left.
170
171 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
172
173         Try to fix the Mac build.
174
175         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
176         needs to be private, not project, so other projects can include headers
177         that depend on it.
178
179 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
180
181         Reviewed by Sam Weinig.
182
183         Start using MarkedBlock instead of CollectorBlock
184         https://bugs.webkit.org/show_bug.cgi?id=53693
185         
186         SunSpider reports no change.
187         
188         * runtime/MarkedBlock.h:
189         (JSC::MarkedBlock::blockFor):
190         (JSC::MarkedBlock::setMarked):
191         (JSC::MarkedBlock::isCellAligned):
192         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
193
194         * runtime/MarkedSpace.cpp:
195         (JSC::MarkedSpace::allocateBlock):
196         (JSC::MarkedSpace::containsSlowCase):
197         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
198
199         * runtime/MarkedSpace.h:
200         (JSC::CollectorHeap::collectorBlock):
201         (JSC::MarkedSpace::heap):
202         (JSC::MarkedSpace::isMarked):
203         (JSC::MarkedSpace::testAndSetMarked):
204         (JSC::MarkedSpace::setMarked):
205         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
206         and deleted dead CollectorBlock-related code.
207
208 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
209
210         Reviewed by Darin Adler.
211
212         Avoid strlen() in AtomicString::fromUTF8
213         https://bugs.webkit.org/show_bug.cgi?id=50516
214
215         Add an overload to calculateStringHashFromUTF8 to get
216         strlen() of the input data with only one call.
217
218         This change shows about 3% performance win on the xml-parser benchmark.
219
220         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
221         * wtf/text/AtomicString.cpp:
222         (WTF::AtomicString::fromUTF8):
223         * wtf/unicode/UTF8.cpp:
224         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
225         (WTF::Unicode::calculateStringHashFromUTF8):
226         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
227         * wtf/unicode/UTF8.h:
228
229 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
230
231         Windows build fix.
232
233         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
234
235 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
236
237         oops, build fix!
238
239         * wtf/Assertions.cpp:
240
241 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
242
243         Reviewed by Sam Weinig.
244
245         Bug 53650 - Add a BACKTRACE macro to Assertions.h
246
247         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
248         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
249
250         * JavaScriptCore.exp:
251         * wtf/Assertions.cpp:
252         * wtf/Assertions.h:
253
254 2011-02-02  Michael Saboff  <msaboff@apple.com>
255
256         Reviewed by Gavin Barraclough.
257
258         Improper backtrack of nested non-capturing greedy paren to prior paren
259         https://bugs.webkit.org/show_bug.cgi?id=53261
260
261         A paren that follows a non-capturing greedy paren nested within a 
262         non-capturing fixed paren was back tracking to the last paren 
263         processed instead of the immediately prior paren.
264         Refactored default backtracking of parens to prior paren to work for
265         both nested (within) and immediately prior (after) parens.
266
267         * yarr/YarrJIT.cpp:
268         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
269         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
270         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
271         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
272         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
273         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
274         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
275         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
276         (JSC::Yarr::YarrGenerator::generateDisjunction):
277
278 2011-02-02  Jeff Miller  <jeffm@apple.com>
279
280         Reviewed by Darin Adler and Steve Falkenburg.
281
282         Add DerivedSources.make to some Visual Studio projects
283         https://bugs.webkit.org/show_bug.cgi?id=53607
284
285         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
286
287 2011-02-02  Steve Lacey  <sjl@chromium.org>
288
289         Reviewed by Eric Carlson.
290
291         Implement basic media statistics on media elements.
292         https://bugs.webkit.org/show_bug.cgi?id=53322
293
294         * Configurations/FeatureDefines.xcconfig:
295
296 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
297
298         [wx] Build fixes for wxWebKit.
299
300         * wtf/wx/StringWx.cpp:
301         (WTF::String::String):
302
303 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
304
305         Reviewed by Sam Weinig.
306
307         A little more Heap refactoring
308         https://bugs.webkit.org/show_bug.cgi?id=53577
309         
310         SunSpider reports no change.
311         
312         Split out MarkedBlock into its own file / class.
313         
314         Did the following renames:
315             isCellMarked => isMarked
316             checkMarkCell => testAndSetMarked
317             markCell => setMarked
318             cellOffset => cellNumber
319             collectorBlock => blockFor
320
321         * Android.mk:
322         * CMakeLists.txt:
323         * GNUmakefile.am:
324         * JavaScriptCore.gypi:
325         * JavaScriptCore.pro:
326         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
327         * JavaScriptCore.xcodeproj/project.pbxproj:
328         * runtime/Heap.cpp:
329         (JSC::WeakGCHandlePool::update):
330         * runtime/Heap.h:
331         (JSC::Heap::isMarked):
332         (JSC::Heap::testAndSetMarked):
333         (JSC::Heap::setMarked):
334         * runtime/JSArray.h:
335         (JSC::MarkStack::markChildren):
336         (JSC::MarkStack::drain):
337         * runtime/JSCell.h:
338         (JSC::JSCell::MarkStack::internalAppend):
339         * runtime/MarkedBlock.cpp: Added.
340         * runtime/MarkedBlock.h: Added.
341         (JSC::MarkedBlock::blockFor):
342         (JSC::MarkedBlock::cellNumber):
343         (JSC::MarkedBlock::isMarked):
344         (JSC::MarkedBlock::testAndSetMarked):
345         (JSC::MarkedBlock::setMarked):
346         (JSC::MarkedBlock::isCellAligned):
347         (JSC::MarkedBlock::isPossibleCell):
348         * runtime/MarkedSpace.h:
349         (JSC::MarkedSpace::isMarked):
350         (JSC::MarkedSpace::testAndSetMarked):
351         (JSC::MarkedSpace::setMarked):
352         * runtime/SmallStrings.cpp:
353         (JSC::isMarked):
354         * runtime/WeakGCMap.h:
355         (JSC::WeakGCMap::isValid):
356         (JSC::::get):
357         (JSC::::take):
358         (JSC::::set):
359
360 2011-02-02  Sam Weinig  <sam@webkit.org>
361
362         Fix windows clean build.
363
364         * DerivedSources.make:
365
366 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
367
368         Reviewed by Martin Robinson.
369
370         [GTK] Fix dist compilation
371         https://bugs.webkit.org/show_bug.cgi?id=53579
372
373         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
374         added in r77151
375
376 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
377
378         Unreviewed, rolling out r77297.
379         http://trac.webkit.org/changeset/77297
380         https://bugs.webkit.org/show_bug.cgi?id=53538
381
382         caused leopard crashes (Requested by paroga on #webkit).
383
384         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
385         * wtf/text/AtomicString.cpp:
386         (WTF::AtomicString::fromUTF8):
387         * wtf/unicode/UTF8.cpp:
388         (WTF::Unicode::calculateStringHashFromUTF8):
389         * wtf/unicode/UTF8.h:
390
391 2011-02-01  Sam Weinig  <sam@webkit.org>
392
393         Fix Mac production builds.
394
395         * JavaScriptCore.xcodeproj/project.pbxproj:
396
397 2011-02-01  Sam Weinig  <sam@webkit.org>
398
399         Try to fix the windows build.
400
401         * DerivedSources.make:
402
403 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
404
405         Reviewed by Darin Adler.
406
407         Avoid strlen() in AtomicString::fromUTF8
408         https://bugs.webkit.org/show_bug.cgi?id=50516
409
410         Add an overload to calculateStringHashFromUTF8 to get
411         strlen() of the input data with only one call.
412
413         This change shows about 3% performance win on the xml-parser benchmark.
414
415         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
416         * wtf/text/AtomicString.cpp:
417         (WTF::AtomicString::fromUTF8):
418         * wtf/unicode/UTF8.cpp:
419         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
420         (WTF::Unicode::calculateStringHashFromUTF8):
421         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
422         * wtf/unicode/UTF8.h:
423
424 2011-02-01  Sam Weinig  <sam@webkit.org>
425
426         Reviewed by Beth Dakin.
427
428         Part 2 for <rdar://problem/8492788>
429         Adopt WKScrollbarPainterController
430
431         Use header detection to define scrollbar painting controller #define.
432
433         * DerivedSources.make:
434         * JavaScriptCore.xcodeproj/project.pbxproj:
435
436 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
437
438         Reviewed by Oliver Hunt.
439
440         Refactor JSGlobalObject-related tear-down
441         https://bugs.webkit.org/show_bug.cgi?id=53478
442         
443         While investigating crashes caused by r77082, I noticed some strange
444         destructor-time behaviors. This patch makes them less strange.
445
446         * bytecode/CodeBlock.cpp:
447         (JSC::CodeBlock::CodeBlock):
448         (JSC::CodeBlock::markAggregate):
449         * bytecode/CodeBlock.h:
450         (JSC::CodeBlock::globalObject):
451         (JSC::GlobalCodeBlock::GlobalCodeBlock):
452         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
453         blocks on the Heap, instead of on independent global objects. The heap
454         is guaranteed to outlast any GC-owned data structure. The heap is also
455         a natural place to store objects that needs out-of-band marking, since
456         the heap is responsible for marking all roots.
457
458         * runtime/Heap.cpp:
459         (JSC::Heap::markRoots):
460         (JSC::Heap::globalObjectCount):
461         (JSC::Heap::protectedGlobalObjectCount):
462         * runtime/Heap.h:
463         (JSC::Heap::codeBlocks):
464         * runtime/JSGlobalData.cpp:
465         (JSC::JSGlobalData::JSGlobalData):
466         * runtime/JSGlobalData.h:
467         * runtime/JSGlobalObject.cpp:
468         (JSC::JSGlobalObject::~JSGlobalObject):
469         (JSC::JSGlobalObject::init):
470         (JSC::JSGlobalObject::markChildren):
471         * runtime/JSGlobalObject.h:
472         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
473         owned by JSGlobalData, instead of an instrusive circular linked list.
474         This is simpler, and it avoids destructor-time access between garbage
475         collected objects, which is hard to get right.
476
477         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
478         everything down. Otherwise, weak data structures will incorrectly report
479         that objects pending destruction are still alive.
480
481 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
482
483         Reviewed by Oliver Hunt.
484
485         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
486         bot; loading trac pages; typing in search field
487         https://bugs.webkit.org/show_bug.cgi?id=53519
488         
489         The crashes were all caused by failure to run an object's destructor.
490
491         * runtime/CollectorHeapIterator.h:
492         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
493         construction. The iterator class used to do that when it was designed
494         for prior-to-beginning initialization. I forgot to remove this line
495         of code when I changed the iterator to normal initialization.
496         
497         Skipping forward upon construction was causing the heap to skip running
498         the destructor for the very first object in a block when destroying the
499         block. This usually did not crash, since block destruction is rare and
500         most objects have pretty trivial destructors. However, in the rare case
501         when the heap would destroy a block whose first object was a global
502         object or a DOM node, BOOM.
503
504 2011-01-31  Oliver Hunt  <oliver@apple.com>
505
506         Reviewed by Geoffrey Garen.
507
508         Update JSObject storage for new marking API
509         https://bugs.webkit.org/show_bug.cgi?id=53467
510
511         JSObject no longer uses EncodedJSValue for its property storage.
512         This produces a stream of mechanical changes to PropertySlot and
513         anonymous storage APIs.
514
515         * JavaScriptCore.exp:
516         * runtime/ArrayPrototype.cpp:
517         (JSC::ArrayPrototype::ArrayPrototype):
518         * runtime/BooleanConstructor.cpp:
519         (JSC::constructBoolean):
520         (JSC::constructBooleanFromImmediateBoolean):
521         * runtime/BooleanObject.cpp:
522         (JSC::BooleanObject::BooleanObject):
523         * runtime/BooleanObject.h:
524         * runtime/BooleanPrototype.cpp:
525         (JSC::BooleanPrototype::BooleanPrototype):
526         * runtime/DateInstance.cpp:
527         (JSC::DateInstance::DateInstance):
528         * runtime/DatePrototype.cpp:
529         (JSC::DatePrototype::DatePrototype):
530         * runtime/JSActivation.cpp:
531         (JSC::JSActivation::getOwnPropertySlot):
532         * runtime/JSArray.cpp:
533         (JSC::JSArray::getOwnPropertySlot):
534         * runtime/JSFunction.cpp:
535         (JSC::JSFunction::getOwnPropertySlot):
536         * runtime/JSGlobalObject.h:
537         (JSC::JSGlobalObject::JSGlobalObject):
538         * runtime/JSObject.cpp:
539         (JSC::JSObject::fillGetterPropertySlot):
540         * runtime/JSObject.h:
541         (JSC::JSObject::getDirectLocation):
542         (JSC::JSObject::offsetForLocation):
543         (JSC::JSObject::putAnonymousValue):
544         (JSC::JSObject::clearAnonymousValue):
545         (JSC::JSObject::getAnonymousValue):
546         (JSC::JSObject::putThisToAnonymousValue):
547         (JSC::JSObject::locationForOffset):
548         (JSC::JSObject::inlineGetOwnPropertySlot):
549         * runtime/JSObjectWithGlobalObject.cpp:
550         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
551         * runtime/JSWrapperObject.h:
552         (JSC::JSWrapperObject::JSWrapperObject):
553         (JSC::JSWrapperObject::setInternalValue):
554         * runtime/Lookup.cpp:
555         (JSC::setUpStaticFunctionSlot):
556         * runtime/NumberConstructor.cpp:
557         (JSC::constructWithNumberConstructor):
558         * runtime/NumberObject.cpp:
559         (JSC::NumberObject::NumberObject):
560         (JSC::constructNumber):
561         * runtime/NumberObject.h:
562         * runtime/NumberPrototype.cpp:
563         (JSC::NumberPrototype::NumberPrototype):
564         * runtime/PropertySlot.h:
565         (JSC::PropertySlot::getValue):
566         (JSC::PropertySlot::setValue):
567         (JSC::PropertySlot::setRegisterSlot):
568         * runtime/StringObject.cpp:
569         (JSC::StringObject::StringObject):
570         * runtime/StringPrototype.cpp:
571         (JSC::StringPrototype::StringPrototype):
572         * runtime/WriteBarrier.h:
573         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
574
575 2011-02-01  Daniel Bates  <dbates@rim.com>
576
577         Reviewed by Antonio Gomes.
578
579         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
580         https://bugs.webkit.org/show_bug.cgi?id=53506
581
582         Currently, use of the Mersenne Twister pseudorandom number generator
583         is hardcoded to the Windows CE port. With the passing of bug #53253,
584         we can generalize support for this PRNG to all ports that use srand(3)
585         and rand(3), including Windows CE.
586
587         * wtf/RandomNumberSeed.h:
588         (WTF::initializeRandomNumberGenerator):
589
590 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
591
592         Reviewed by Gavin Barraclough.
593
594         MacroAssemblerARM would generate code that did 32bit loads
595         on addresses that were not aligned. More specifically it would
596         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
597         The intended instruction really is ldrb r8,[r1, #7]; ensure we
598         call load8 instead of load32.
599
600         https://bugs.webkit.org/show_bug.cgi?id=46095
601
602         * assembler/MacroAssemblerARM.h:
603         (JSC::MacroAssemblerARM::set32Test32):
604         (JSC::MacroAssemblerARM::set32Test8):
605
606 2011-02-01  Darin Fisher  <darin@chromium.org>
607
608         Reviewed by Eric Seidel.
609
610         Fix some Visual Studio compiler warnings.
611         https://bugs.webkit.org/show_bug.cgi?id=53476
612
613         * wtf/MathExtras.h:
614         (clampToInteger):
615         (clampToPositiveInteger):
616         * wtf/ThreadingWin.cpp:
617         (WTF::absoluteTimeToWaitTimeoutInterval):
618
619 2011-01-31  Oliver Hunt  <oliver@apple.com>
620
621         Reviewed by Sam Weinig.
622
623         Bogus callframe during stack unwinding
624         https://bugs.webkit.org/show_bug.cgi?id=53454
625
626         Trying to access a callframe's globalData after destroying its
627         ScopeChain is not a good thing.  While we could access the
628         globalData directly through the (known valid) scopechain we're
629         holding on to, it feels fragile.  Instead we push the valid
630         ScopeChain onto the callframe again to ensure that the callframe
631         itself remains valid.
632
633         * interpreter/Interpreter.cpp:
634         (JSC::Interpreter::unwindCallFrame):
635
636 2011-01-31  Michael Saboff  <msaboff@apple.com>
637
638         Reviewed by Geoffrey Garen.
639
640         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
641         https://bugs.webkit.org/show_bug.cgi?id=53271
642
643         Reapplying this change again.
644         Changed isValid() to use .get() as a result of change r77151.
645
646         Added new isValid() methods to check if a contained object in
647         a WeakGCMap is valid when using an unchecked iterator.
648
649         * runtime/WeakGCMap.h:
650         (JSC::WeakGCMap::isValid):
651
652 2011-01-31  Oliver Hunt  <oliver@apple.com>
653
654         Convert markstack to a slot visitor API
655         https://bugs.webkit.org/show_bug.cgi?id=53219
656
657         rolling r77098, r77099, r77100, r77109, and
658         r77111 back in, along with a few more Qt fix attempts.
659
660         * API/JSCallbackObject.h:
661         (JSC::JSCallbackObjectData::setPrivateProperty):
662         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
663         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
664         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
665         (JSC::JSCallbackObject::setPrivateProperty):
666         * API/JSCallbackObjectFunctions.h:
667         (JSC::::put):
668         (JSC::::staticFunctionGetter):
669         * API/JSObjectRef.cpp:
670         (JSObjectMakeConstructor):
671         (JSObjectSetPrivateProperty):
672         * API/JSWeakObjectMapRefInternal.h:
673         * JavaScriptCore.exp:
674         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
675         * JavaScriptCore.xcodeproj/project.pbxproj:
676         * bytecode/CodeBlock.cpp:
677         (JSC::CodeBlock::markAggregate):
678         * bytecode/CodeBlock.h:
679         (JSC::CodeBlock::globalObject):
680         * bytecompiler/BytecodeGenerator.cpp:
681         (JSC::BytecodeGenerator::BytecodeGenerator):
682         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
683         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
684         (JSC::BytecodeGenerator::findScopedProperty):
685         * debugger/Debugger.cpp:
686         (JSC::evaluateInGlobalCallFrame):
687         * debugger/DebuggerActivation.cpp:
688         (JSC::DebuggerActivation::DebuggerActivation):
689         (JSC::DebuggerActivation::markChildren):
690         * debugger/DebuggerActivation.h:
691         * debugger/DebuggerCallFrame.cpp:
692         (JSC::DebuggerCallFrame::evaluate):
693         * interpreter/CallFrame.h:
694         (JSC::ExecState::exception):
695         * interpreter/Interpreter.cpp:
696         (JSC::Interpreter::resolve):
697         (JSC::Interpreter::resolveSkip):
698         (JSC::Interpreter::resolveGlobal):
699         (JSC::Interpreter::resolveGlobalDynamic):
700         (JSC::Interpreter::resolveBaseAndProperty):
701         (JSC::Interpreter::unwindCallFrame):
702         (JSC::appendSourceToError):
703         (JSC::Interpreter::execute):
704         (JSC::Interpreter::tryCacheGetByID):
705         (JSC::Interpreter::privateExecute):
706         * jit/JITStubs.cpp:
707         (JSC::JITThunks::tryCacheGetByID):
708         (JSC::DEFINE_STUB_FUNCTION):
709         * jsc.cpp:
710         (GlobalObject::GlobalObject):
711         * runtime/ArgList.cpp:
712         (JSC::MarkedArgumentBuffer::markLists):
713         * runtime/Arguments.cpp:
714         (JSC::Arguments::markChildren):
715         (JSC::Arguments::getOwnPropertySlot):
716         (JSC::Arguments::getOwnPropertyDescriptor):
717         (JSC::Arguments::put):
718         * runtime/Arguments.h:
719         (JSC::Arguments::setActivation):
720         (JSC::Arguments::Arguments):
721         * runtime/ArrayConstructor.cpp:
722         (JSC::ArrayConstructor::ArrayConstructor):
723         (JSC::constructArrayWithSizeQuirk):
724         * runtime/ArrayPrototype.cpp:
725         (JSC::arrayProtoFuncSplice):
726         * runtime/BatchedTransitionOptimizer.h:
727         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
728         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
729         * runtime/BooleanConstructor.cpp:
730         (JSC::BooleanConstructor::BooleanConstructor):
731         (JSC::constructBoolean):
732         (JSC::constructBooleanFromImmediateBoolean):
733         * runtime/BooleanPrototype.cpp:
734         (JSC::BooleanPrototype::BooleanPrototype):
735         * runtime/ConservativeSet.cpp:
736         (JSC::ConservativeSet::grow):
737         * runtime/ConservativeSet.h:
738         (JSC::ConservativeSet::~ConservativeSet):
739         (JSC::ConservativeSet::mark):
740         * runtime/DateConstructor.cpp:
741         (JSC::DateConstructor::DateConstructor):
742         * runtime/DateInstance.cpp:
743         (JSC::DateInstance::DateInstance):
744         * runtime/DatePrototype.cpp:
745         (JSC::dateProtoFuncSetTime):
746         (JSC::setNewValueFromTimeArgs):
747         (JSC::setNewValueFromDateArgs):
748         (JSC::dateProtoFuncSetYear):
749         * runtime/ErrorConstructor.cpp:
750         (JSC::ErrorConstructor::ErrorConstructor):
751         * runtime/ErrorInstance.cpp:
752         (JSC::ErrorInstance::ErrorInstance):
753         * runtime/ErrorPrototype.cpp:
754         (JSC::ErrorPrototype::ErrorPrototype):
755         * runtime/FunctionConstructor.cpp:
756         (JSC::FunctionConstructor::FunctionConstructor):
757         * runtime/FunctionPrototype.cpp:
758         (JSC::FunctionPrototype::FunctionPrototype):
759         * runtime/GetterSetter.cpp:
760         (JSC::GetterSetter::markChildren):
761         * runtime/GetterSetter.h:
762         (JSC::GetterSetter::GetterSetter):
763         (JSC::GetterSetter::getter):
764         (JSC::GetterSetter::setGetter):
765         (JSC::GetterSetter::setter):
766         (JSC::GetterSetter::setSetter):
767         * runtime/GlobalEvalFunction.cpp:
768         (JSC::GlobalEvalFunction::GlobalEvalFunction):
769         (JSC::GlobalEvalFunction::markChildren):
770         * runtime/GlobalEvalFunction.h:
771         (JSC::GlobalEvalFunction::cachedGlobalObject):
772         * runtime/Heap.cpp:
773         (JSC::Heap::markProtectedObjects):
774         (JSC::Heap::markTempSortVectors):
775         (JSC::Heap::markRoots):
776         * runtime/InternalFunction.cpp:
777         (JSC::InternalFunction::InternalFunction):
778         * runtime/JSAPIValueWrapper.h:
779         (JSC::JSAPIValueWrapper::value):
780         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
781         * runtime/JSActivation.cpp:
782         (JSC::JSActivation::markChildren):
783         (JSC::JSActivation::put):
784         * runtime/JSArray.cpp:
785         (JSC::JSArray::JSArray):
786         (JSC::JSArray::getOwnPropertySlot):
787         (JSC::JSArray::getOwnPropertyDescriptor):
788         (JSC::JSArray::put):
789         (JSC::JSArray::putSlowCase):
790         (JSC::JSArray::deleteProperty):
791         (JSC::JSArray::increaseVectorLength):
792         (JSC::JSArray::setLength):
793         (JSC::JSArray::pop):
794         (JSC::JSArray::push):
795         (JSC::JSArray::unshiftCount):
796         (JSC::JSArray::sort):
797         (JSC::JSArray::fillArgList):
798         (JSC::JSArray::copyToRegisters):
799         (JSC::JSArray::compactForSorting):
800         * runtime/JSArray.h:
801         (JSC::JSArray::getIndex):
802         (JSC::JSArray::setIndex):
803         (JSC::JSArray::uncheckedSetIndex):
804         (JSC::JSArray::markChildrenDirect):
805         * runtime/JSByteArray.cpp:
806         (JSC::JSByteArray::JSByteArray):
807         * runtime/JSCell.h:
808         (JSC::JSCell::MarkStack::append):
809         (JSC::JSCell::MarkStack::internalAppend):
810         (JSC::JSCell::MarkStack::deprecatedAppend):
811         * runtime/JSFunction.cpp:
812         (JSC::JSFunction::JSFunction):
813         (JSC::JSFunction::getOwnPropertySlot):
814         * runtime/JSGlobalData.h:
815         * runtime/JSGlobalObject.cpp:
816         (JSC::markIfNeeded):
817         (JSC::JSGlobalObject::reset):
818         (JSC::JSGlobalObject::resetPrototype):
819         (JSC::JSGlobalObject::markChildren):
820         * runtime/JSGlobalObject.h:
821         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
822         (JSC::JSGlobalObject::regExpConstructor):
823         (JSC::JSGlobalObject::errorConstructor):
824         (JSC::JSGlobalObject::evalErrorConstructor):
825         (JSC::JSGlobalObject::rangeErrorConstructor):
826         (JSC::JSGlobalObject::referenceErrorConstructor):
827         (JSC::JSGlobalObject::syntaxErrorConstructor):
828         (JSC::JSGlobalObject::typeErrorConstructor):
829         (JSC::JSGlobalObject::URIErrorConstructor):
830         (JSC::JSGlobalObject::evalFunction):
831         (JSC::JSGlobalObject::objectPrototype):
832         (JSC::JSGlobalObject::functionPrototype):
833         (JSC::JSGlobalObject::arrayPrototype):
834         (JSC::JSGlobalObject::booleanPrototype):
835         (JSC::JSGlobalObject::stringPrototype):
836         (JSC::JSGlobalObject::numberPrototype):
837         (JSC::JSGlobalObject::datePrototype):
838         (JSC::JSGlobalObject::regExpPrototype):
839         (JSC::JSGlobalObject::methodCallDummy):
840         (JSC::Structure::prototypeForLookup):
841         (JSC::constructArray):
842         * runtime/JSONObject.cpp:
843         (JSC::Stringifier::Holder::object):
844         (JSC::Stringifier::Holder::objectSlot):
845         (JSC::Stringifier::markAggregate):
846         (JSC::Stringifier::stringify):
847         (JSC::Stringifier::Holder::appendNextProperty):
848         (JSC::Walker::callReviver):
849         (JSC::Walker::walk):
850         * runtime/JSObject.cpp:
851         (JSC::JSObject::defineGetter):
852         (JSC::JSObject::defineSetter):
853         (JSC::JSObject::removeDirect):
854         (JSC::JSObject::putDirectFunction):
855         (JSC::JSObject::putDirectFunctionWithoutTransition):
856         (JSC::putDescriptor):
857         (JSC::JSObject::defineOwnProperty):
858         * runtime/JSObject.h:
859         (JSC::JSObject::getDirectOffset):
860         (JSC::JSObject::putDirectOffset):
861         (JSC::JSObject::putUndefinedAtDirectOffset):
862         (JSC::JSObject::flattenDictionaryObject):
863         (JSC::JSObject::putDirectInternal):
864         (JSC::JSObject::putDirect):
865         (JSC::JSObject::putDirectFunction):
866         (JSC::JSObject::putDirectWithoutTransition):
867         (JSC::JSObject::putDirectFunctionWithoutTransition):
868         (JSC::JSValue::putDirect):
869         (JSC::JSObject::allocatePropertyStorageInline):
870         (JSC::JSObject::markChildrenDirect):
871         * runtime/JSPropertyNameIterator.cpp:
872         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
873         (JSC::JSPropertyNameIterator::get):
874         * runtime/JSPropertyNameIterator.h:
875         * runtime/JSStaticScopeObject.cpp:
876         (JSC::JSStaticScopeObject::markChildren):
877         * runtime/JSString.cpp:
878         (JSC::StringObject::create):
879         * runtime/JSValue.h:
880         * runtime/JSWrapperObject.cpp:
881         (JSC::JSWrapperObject::markChildren):
882         * runtime/JSWrapperObject.h:
883         (JSC::JSWrapperObject::internalValue):
884         (JSC::JSWrapperObject::setInternalValue):
885         * runtime/LiteralParser.cpp:
886         (JSC::LiteralParser::parse):
887         * runtime/Lookup.cpp:
888         (JSC::setUpStaticFunctionSlot):
889         * runtime/Lookup.h:
890         (JSC::lookupPut):
891         * runtime/MarkStack.h:
892         (JSC::MarkStack::MarkStack):
893         (JSC::MarkStack::deprecatedAppendValues):
894         (JSC::MarkStack::appendValues):
895         * runtime/MathObject.cpp:
896         (JSC::MathObject::MathObject):
897         * runtime/NativeErrorConstructor.cpp:
898         (JSC::NativeErrorConstructor::NativeErrorConstructor):
899         * runtime/NativeErrorPrototype.cpp:
900         (JSC::NativeErrorPrototype::NativeErrorPrototype):
901         * runtime/NumberConstructor.cpp:
902         (JSC::NumberConstructor::NumberConstructor):
903         (JSC::constructWithNumberConstructor):
904         * runtime/NumberObject.cpp:
905         (JSC::constructNumber):
906         * runtime/NumberPrototype.cpp:
907         (JSC::NumberPrototype::NumberPrototype):
908         * runtime/ObjectConstructor.cpp:
909         (JSC::ObjectConstructor::ObjectConstructor):
910         (JSC::objectConstructorGetOwnPropertyDescriptor):
911         * runtime/Operations.h:
912         (JSC::normalizePrototypeChain):
913         (JSC::resolveBase):
914         * runtime/PrototypeFunction.cpp:
915         (JSC::PrototypeFunction::PrototypeFunction):
916         * runtime/PutPropertySlot.h:
917         (JSC::PutPropertySlot::setExistingProperty):
918         (JSC::PutPropertySlot::setNewProperty):
919         (JSC::PutPropertySlot::base):
920         * runtime/RegExpConstructor.cpp:
921         (JSC::RegExpConstructor::RegExpConstructor):
922         * runtime/ScopeChain.cpp:
923         (JSC::ScopeChainNode::print):
924         * runtime/ScopeChain.h:
925         (JSC::ScopeChainNode::~ScopeChainNode):
926         (JSC::ScopeChainIterator::operator*):
927         (JSC::ScopeChainIterator::operator->):
928         (JSC::ScopeChain::top):
929         * runtime/ScopeChainMark.h:
930         (JSC::ScopeChain::markAggregate):
931         * runtime/SmallStrings.cpp:
932         (JSC::isMarked):
933         (JSC::SmallStrings::markChildren):
934         * runtime/SmallStrings.h:
935         (JSC::SmallStrings::emptyString):
936         (JSC::SmallStrings::singleCharacterString):
937         (JSC::SmallStrings::singleCharacterStrings):
938         * runtime/StringConstructor.cpp:
939         (JSC::StringConstructor::StringConstructor):
940         * runtime/StringObject.cpp:
941         (JSC::StringObject::StringObject):
942         * runtime/StringObject.h:
943         * runtime/StringPrototype.cpp:
944         (JSC::StringPrototype::StringPrototype):
945         * runtime/Structure.cpp:
946         (JSC::Structure::Structure):
947         (JSC::Structure::addPropertyTransition):
948         (JSC::Structure::toDictionaryTransition):
949         (JSC::Structure::flattenDictionaryStructure):
950         * runtime/Structure.h:
951         (JSC::Structure::storedPrototype):
952         (JSC::Structure::storedPrototypeSlot):
953         * runtime/WeakGCMap.h:
954         (JSC::WeakGCMap::uncheckedGet):
955         (JSC::WeakGCMap::uncheckedGetSlot):
956         (JSC::::get):
957         (JSC::::take):
958         (JSC::::set):
959         (JSC::::uncheckedRemove):
960         * runtime/WriteBarrier.h: Added.
961         (JSC::DeprecatedPtr::DeprecatedPtr):
962         (JSC::DeprecatedPtr::get):
963         (JSC::DeprecatedPtr::operator*):
964         (JSC::DeprecatedPtr::operator->):
965         (JSC::DeprecatedPtr::slot):
966         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
967         (JSC::DeprecatedPtr::operator!):
968         (JSC::WriteBarrierBase::set):
969         (JSC::WriteBarrierBase::get):
970         (JSC::WriteBarrierBase::operator*):
971         (JSC::WriteBarrierBase::operator->):
972         (JSC::WriteBarrierBase::clear):
973         (JSC::WriteBarrierBase::slot):
974         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
975         (JSC::WriteBarrierBase::operator!):
976         (JSC::WriteBarrier::WriteBarrier):
977         (JSC::operator==):
978
979 2011-01-31  Dan Winship  <danw@gnome.org>
980
981         Reviewed by Gustavo Noronha Silva.
982
983         wss (websockets ssl) support for gtk via new gio TLS support
984         https://bugs.webkit.org/show_bug.cgi?id=50344
985
986         Add a GPollableOutputStream typedef for TLS WebSockets support
987
988         * wtf/gobject/GTypedefs.h:
989
990 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
991
992         Reviewed by Geoff Garen.
993
994         https://bugs.webkit.org/show_bug.cgi?id=53352
995         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
996
997         The FixedVMPoolAllocator currently uses a best fix policy -
998         switch to first fit, this is less prone to external fragmentation.
999
1000         * jit/ExecutableAllocatorFixedVMPool.cpp:
1001         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
1002         (JSC::AllocationTableSizeClass::blockSize):
1003         (JSC::AllocationTableSizeClass::blockCount):
1004         (JSC::AllocationTableSizeClass::blockAlignment):
1005         (JSC::AllocationTableSizeClass::size):
1006         (JSC::AllocationTableLeaf::AllocationTableLeaf):
1007         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
1008         (JSC::AllocationTableLeaf::allocate):
1009         (JSC::AllocationTableLeaf::free):
1010         (JSC::AllocationTableLeaf::isEmpty):
1011         (JSC::AllocationTableLeaf::isFull):
1012         (JSC::AllocationTableLeaf::size):
1013         (JSC::AllocationTableLeaf::classForSize):
1014         (JSC::AllocationTableLeaf::dump):
1015         (JSC::LazyAllocationTable::LazyAllocationTable):
1016         (JSC::LazyAllocationTable::~LazyAllocationTable):
1017         (JSC::LazyAllocationTable::allocate):
1018         (JSC::LazyAllocationTable::free):
1019         (JSC::LazyAllocationTable::isEmpty):
1020         (JSC::LazyAllocationTable::isFull):
1021         (JSC::LazyAllocationTable::size):
1022         (JSC::LazyAllocationTable::dump):
1023         (JSC::LazyAllocationTable::classForSize):
1024         (JSC::AllocationTableDirectory::AllocationTableDirectory):
1025         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
1026         (JSC::AllocationTableDirectory::allocate):
1027         (JSC::AllocationTableDirectory::free):
1028         (JSC::AllocationTableDirectory::isEmpty):
1029         (JSC::AllocationTableDirectory::isFull):
1030         (JSC::AllocationTableDirectory::size):
1031         (JSC::AllocationTableDirectory::classForSize):
1032         (JSC::AllocationTableDirectory::dump):
1033         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1034         (JSC::FixedVMPoolAllocator::alloc):
1035         (JSC::FixedVMPoolAllocator::free):
1036         (JSC::FixedVMPoolAllocator::allocated):
1037         (JSC::FixedVMPoolAllocator::isValid):
1038         (JSC::FixedVMPoolAllocator::classForSize):
1039         (JSC::FixedVMPoolAllocator::offsetToPointer):
1040         (JSC::FixedVMPoolAllocator::pointerToOffset):
1041         (JSC::ExecutableAllocator::committedByteCount):
1042         (JSC::ExecutableAllocator::isValid):
1043         (JSC::ExecutableAllocator::underMemoryPressure):
1044         (JSC::ExecutablePool::systemAlloc):
1045         (JSC::ExecutablePool::systemRelease):
1046         * wtf/PageReservation.h:
1047         (WTF::PageReservation::PageReservation):
1048         (WTF::PageReservation::commit):
1049         (WTF::PageReservation::decommit):
1050         (WTF::PageReservation::committed):
1051
1052 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1053
1054         Unreviewed, rolling out r76969.
1055         http://trac.webkit.org/changeset/76969
1056         https://bugs.webkit.org/show_bug.cgi?id=53418
1057
1058         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1059         alexg__ on #webkit).
1060
1061         * runtime/WeakGCMap.h:
1062
1063 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1064
1065         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1066         r77111.
1067         http://trac.webkit.org/changeset/77098
1068         http://trac.webkit.org/changeset/77099
1069         http://trac.webkit.org/changeset/77100
1070         http://trac.webkit.org/changeset/77109
1071         http://trac.webkit.org/changeset/77111
1072         https://bugs.webkit.org/show_bug.cgi?id=53219
1073
1074         Qt build is broken
1075
1076         * API/JSCallbackObject.h:
1077         (JSC::JSCallbackObjectData::setPrivateProperty):
1078         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1079         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1080         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1081         (JSC::JSCallbackObject::setPrivateProperty):
1082         * API/JSCallbackObjectFunctions.h:
1083         (JSC::::put):
1084         (JSC::::staticFunctionGetter):
1085         * API/JSObjectRef.cpp:
1086         (JSObjectMakeConstructor):
1087         (JSObjectSetPrivateProperty):
1088         * API/JSWeakObjectMapRefInternal.h:
1089         * JavaScriptCore.exp:
1090         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1091         * JavaScriptCore.xcodeproj/project.pbxproj:
1092         * bytecode/CodeBlock.cpp:
1093         (JSC::CodeBlock::markAggregate):
1094         * bytecode/CodeBlock.h:
1095         (JSC::CodeBlock::globalObject):
1096         * bytecompiler/BytecodeGenerator.cpp:
1097         (JSC::BytecodeGenerator::BytecodeGenerator):
1098         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1099         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1100         (JSC::BytecodeGenerator::findScopedProperty):
1101         * debugger/Debugger.cpp:
1102         (JSC::evaluateInGlobalCallFrame):
1103         * debugger/DebuggerActivation.cpp:
1104         (JSC::DebuggerActivation::DebuggerActivation):
1105         (JSC::DebuggerActivation::markChildren):
1106         * debugger/DebuggerActivation.h:
1107         * debugger/DebuggerCallFrame.cpp:
1108         (JSC::DebuggerCallFrame::evaluate):
1109         * interpreter/CallFrame.h:
1110         (JSC::ExecState::exception):
1111         * interpreter/Interpreter.cpp:
1112         (JSC::Interpreter::resolve):
1113         (JSC::Interpreter::resolveSkip):
1114         (JSC::Interpreter::resolveGlobal):
1115         (JSC::Interpreter::resolveGlobalDynamic):
1116         (JSC::Interpreter::resolveBaseAndProperty):
1117         (JSC::Interpreter::unwindCallFrame):
1118         (JSC::appendSourceToError):
1119         (JSC::Interpreter::execute):
1120         (JSC::Interpreter::tryCacheGetByID):
1121         (JSC::Interpreter::privateExecute):
1122         * jit/JITStubs.cpp:
1123         (JSC::JITThunks::tryCacheGetByID):
1124         (JSC::DEFINE_STUB_FUNCTION):
1125         * jsc.cpp:
1126         (GlobalObject::GlobalObject):
1127         * runtime/ArgList.cpp:
1128         (JSC::MarkedArgumentBuffer::markLists):
1129         * runtime/Arguments.cpp:
1130         (JSC::Arguments::markChildren):
1131         (JSC::Arguments::getOwnPropertySlot):
1132         (JSC::Arguments::getOwnPropertyDescriptor):
1133         (JSC::Arguments::put):
1134         * runtime/Arguments.h:
1135         (JSC::Arguments::setActivation):
1136         (JSC::Arguments::Arguments):
1137         * runtime/ArrayConstructor.cpp:
1138         (JSC::ArrayConstructor::ArrayConstructor):
1139         (JSC::constructArrayWithSizeQuirk):
1140         * runtime/ArrayPrototype.cpp:
1141         (JSC::arrayProtoFuncSplice):
1142         * runtime/BatchedTransitionOptimizer.h:
1143         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1144         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1145         * runtime/BooleanConstructor.cpp:
1146         (JSC::BooleanConstructor::BooleanConstructor):
1147         (JSC::constructBoolean):
1148         (JSC::constructBooleanFromImmediateBoolean):
1149         * runtime/BooleanPrototype.cpp:
1150         (JSC::BooleanPrototype::BooleanPrototype):
1151         * runtime/ConservativeSet.cpp:
1152         (JSC::ConservativeSet::grow):
1153         * runtime/ConservativeSet.h:
1154         (JSC::ConservativeSet::~ConservativeSet):
1155         (JSC::ConservativeSet::mark):
1156         * runtime/DateConstructor.cpp:
1157         (JSC::DateConstructor::DateConstructor):
1158         * runtime/DateInstance.cpp:
1159         (JSC::DateInstance::DateInstance):
1160         * runtime/DatePrototype.cpp:
1161         (JSC::dateProtoFuncSetTime):
1162         (JSC::setNewValueFromTimeArgs):
1163         (JSC::setNewValueFromDateArgs):
1164         (JSC::dateProtoFuncSetYear):
1165         * runtime/ErrorConstructor.cpp:
1166         (JSC::ErrorConstructor::ErrorConstructor):
1167         * runtime/ErrorInstance.cpp:
1168         (JSC::ErrorInstance::ErrorInstance):
1169         * runtime/ErrorPrototype.cpp:
1170         (JSC::ErrorPrototype::ErrorPrototype):
1171         * runtime/FunctionConstructor.cpp:
1172         (JSC::FunctionConstructor::FunctionConstructor):
1173         * runtime/FunctionPrototype.cpp:
1174         (JSC::FunctionPrototype::FunctionPrototype):
1175         * runtime/GetterSetter.cpp:
1176         (JSC::GetterSetter::markChildren):
1177         * runtime/GetterSetter.h:
1178         (JSC::GetterSetter::GetterSetter):
1179         (JSC::GetterSetter::getter):
1180         (JSC::GetterSetter::setGetter):
1181         (JSC::GetterSetter::setter):
1182         (JSC::GetterSetter::setSetter):
1183         * runtime/GlobalEvalFunction.cpp:
1184         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1185         (JSC::GlobalEvalFunction::markChildren):
1186         * runtime/GlobalEvalFunction.h:
1187         (JSC::GlobalEvalFunction::cachedGlobalObject):
1188         * runtime/Heap.cpp:
1189         (JSC::Heap::markProtectedObjects):
1190         (JSC::Heap::markTempSortVectors):
1191         (JSC::Heap::markRoots):
1192         * runtime/InternalFunction.cpp:
1193         (JSC::InternalFunction::InternalFunction):
1194         * runtime/JSAPIValueWrapper.h:
1195         (JSC::JSAPIValueWrapper::value):
1196         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1197         * runtime/JSActivation.cpp:
1198         (JSC::JSActivation::markChildren):
1199         (JSC::JSActivation::put):
1200         * runtime/JSArray.cpp:
1201         (JSC::JSArray::JSArray):
1202         (JSC::JSArray::getOwnPropertySlot):
1203         (JSC::JSArray::getOwnPropertyDescriptor):
1204         (JSC::JSArray::put):
1205         (JSC::JSArray::putSlowCase):
1206         (JSC::JSArray::deleteProperty):
1207         (JSC::JSArray::increaseVectorLength):
1208         (JSC::JSArray::setLength):
1209         (JSC::JSArray::pop):
1210         (JSC::JSArray::push):
1211         (JSC::JSArray::unshiftCount):
1212         (JSC::JSArray::sort):
1213         (JSC::JSArray::fillArgList):
1214         (JSC::JSArray::copyToRegisters):
1215         (JSC::JSArray::compactForSorting):
1216         * runtime/JSArray.h:
1217         (JSC::JSArray::getIndex):
1218         (JSC::JSArray::setIndex):
1219         (JSC::JSArray::uncheckedSetIndex):
1220         (JSC::JSArray::markChildrenDirect):
1221         * runtime/JSByteArray.cpp:
1222         (JSC::JSByteArray::JSByteArray):
1223         * runtime/JSCell.h:
1224         (JSC::JSCell::JSValue::toThisObject):
1225         (JSC::JSCell::MarkStack::append):
1226         * runtime/JSFunction.cpp:
1227         (JSC::JSFunction::JSFunction):
1228         (JSC::JSFunction::getOwnPropertySlot):
1229         * runtime/JSGlobalData.h:
1230         * runtime/JSGlobalObject.cpp:
1231         (JSC::markIfNeeded):
1232         (JSC::JSGlobalObject::reset):
1233         (JSC::JSGlobalObject::resetPrototype):
1234         (JSC::JSGlobalObject::markChildren):
1235         * runtime/JSGlobalObject.h:
1236         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1237         (JSC::JSGlobalObject::regExpConstructor):
1238         (JSC::JSGlobalObject::errorConstructor):
1239         (JSC::JSGlobalObject::evalErrorConstructor):
1240         (JSC::JSGlobalObject::rangeErrorConstructor):
1241         (JSC::JSGlobalObject::referenceErrorConstructor):
1242         (JSC::JSGlobalObject::syntaxErrorConstructor):
1243         (JSC::JSGlobalObject::typeErrorConstructor):
1244         (JSC::JSGlobalObject::URIErrorConstructor):
1245         (JSC::JSGlobalObject::evalFunction):
1246         (JSC::JSGlobalObject::objectPrototype):
1247         (JSC::JSGlobalObject::functionPrototype):
1248         (JSC::JSGlobalObject::arrayPrototype):
1249         (JSC::JSGlobalObject::booleanPrototype):
1250         (JSC::JSGlobalObject::stringPrototype):
1251         (JSC::JSGlobalObject::numberPrototype):
1252         (JSC::JSGlobalObject::datePrototype):
1253         (JSC::JSGlobalObject::regExpPrototype):
1254         (JSC::JSGlobalObject::methodCallDummy):
1255         (JSC::Structure::prototypeForLookup):
1256         (JSC::constructArray):
1257         * runtime/JSONObject.cpp:
1258         (JSC::Stringifier::Holder::object):
1259         (JSC::Stringifier::markAggregate):
1260         (JSC::Stringifier::stringify):
1261         (JSC::Stringifier::Holder::appendNextProperty):
1262         (JSC::Walker::callReviver):
1263         (JSC::Walker::walk):
1264         * runtime/JSObject.cpp:
1265         (JSC::JSObject::defineGetter):
1266         (JSC::JSObject::defineSetter):
1267         (JSC::JSObject::removeDirect):
1268         (JSC::JSObject::putDirectFunction):
1269         (JSC::JSObject::putDirectFunctionWithoutTransition):
1270         (JSC::putDescriptor):
1271         (JSC::JSObject::defineOwnProperty):
1272         * runtime/JSObject.h:
1273         (JSC::JSObject::getDirectOffset):
1274         (JSC::JSObject::putDirectOffset):
1275         (JSC::JSObject::flattenDictionaryObject):
1276         (JSC::JSObject::putDirectInternal):
1277         (JSC::JSObject::putDirect):
1278         (JSC::JSObject::putDirectFunction):
1279         (JSC::JSObject::putDirectWithoutTransition):
1280         (JSC::JSObject::putDirectFunctionWithoutTransition):
1281         (JSC::JSValue::putDirect):
1282         (JSC::JSObject::allocatePropertyStorageInline):
1283         (JSC::JSObject::markChildrenDirect):
1284         * runtime/JSPropertyNameIterator.cpp:
1285         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1286         (JSC::JSPropertyNameIterator::get):
1287         * runtime/JSPropertyNameIterator.h:
1288         * runtime/JSStaticScopeObject.cpp:
1289         (JSC::JSStaticScopeObject::markChildren):
1290         * runtime/JSString.cpp:
1291         (JSC::StringObject::create):
1292         * runtime/JSValue.h:
1293         * runtime/JSWrapperObject.cpp:
1294         (JSC::JSWrapperObject::markChildren):
1295         * runtime/JSWrapperObject.h:
1296         (JSC::JSWrapperObject::internalValue):
1297         (JSC::JSWrapperObject::setInternalValue):
1298         * runtime/LiteralParser.cpp:
1299         (JSC::LiteralParser::parse):
1300         * runtime/Lookup.cpp:
1301         (JSC::setUpStaticFunctionSlot):
1302         * runtime/Lookup.h:
1303         (JSC::lookupPut):
1304         * runtime/MarkStack.h:
1305         (JSC::MarkStack::appendValues):
1306         * runtime/MathObject.cpp:
1307         (JSC::MathObject::MathObject):
1308         * runtime/NativeErrorConstructor.cpp:
1309         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1310         * runtime/NativeErrorPrototype.cpp:
1311         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1312         * runtime/NumberConstructor.cpp:
1313         (JSC::NumberConstructor::NumberConstructor):
1314         (JSC::constructWithNumberConstructor):
1315         * runtime/NumberObject.cpp:
1316         (JSC::constructNumber):
1317         * runtime/NumberPrototype.cpp:
1318         (JSC::NumberPrototype::NumberPrototype):
1319         * runtime/ObjectConstructor.cpp:
1320         (JSC::ObjectConstructor::ObjectConstructor):
1321         (JSC::objectConstructorGetOwnPropertyDescriptor):
1322         * runtime/Operations.h:
1323         (JSC::normalizePrototypeChain):
1324         (JSC::resolveBase):
1325         * runtime/PrototypeFunction.cpp:
1326         (JSC::PrototypeFunction::PrototypeFunction):
1327         * runtime/PutPropertySlot.h:
1328         (JSC::PutPropertySlot::setExistingProperty):
1329         (JSC::PutPropertySlot::setNewProperty):
1330         (JSC::PutPropertySlot::base):
1331         * runtime/RegExpConstructor.cpp:
1332         (JSC::RegExpConstructor::RegExpConstructor):
1333         * runtime/ScopeChain.cpp:
1334         (JSC::ScopeChainNode::print):
1335         * runtime/ScopeChain.h:
1336         (JSC::ScopeChainNode::~ScopeChainNode):
1337         (JSC::ScopeChainIterator::operator*):
1338         (JSC::ScopeChainIterator::operator->):
1339         (JSC::ScopeChain::top):
1340         * runtime/ScopeChainMark.h:
1341         (JSC::ScopeChain::markAggregate):
1342         * runtime/SmallStrings.cpp:
1343         (JSC::isMarked):
1344         (JSC::SmallStrings::markChildren):
1345         * runtime/SmallStrings.h:
1346         (JSC::SmallStrings::emptyString):
1347         (JSC::SmallStrings::singleCharacterString):
1348         (JSC::SmallStrings::singleCharacterStrings):
1349         * runtime/StringConstructor.cpp:
1350         (JSC::StringConstructor::StringConstructor):
1351         * runtime/StringObject.cpp:
1352         (JSC::StringObject::StringObject):
1353         * runtime/StringObject.h:
1354         * runtime/StringPrototype.cpp:
1355         (JSC::StringPrototype::StringPrototype):
1356         * runtime/Structure.cpp:
1357         (JSC::Structure::Structure):
1358         (JSC::Structure::addPropertyTransition):
1359         (JSC::Structure::toDictionaryTransition):
1360         (JSC::Structure::flattenDictionaryStructure):
1361         * runtime/Structure.h:
1362         (JSC::Structure::storedPrototype):
1363         * runtime/WeakGCMap.h:
1364         (JSC::WeakGCMap::uncheckedGet):
1365         (JSC::WeakGCMap::isValid):
1366         (JSC::::get):
1367         (JSC::::take):
1368         (JSC::::set):
1369         (JSC::::uncheckedRemove):
1370         * runtime/WriteBarrier.h: Removed.
1371
1372 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1373
1374         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1375
1376         * runtime/WriteBarrier.h:
1377         (JSC::WriteBarrierBase::clear):
1378
1379 2011-01-30  Oliver Hunt  <oliver@apple.com>
1380
1381         More Qt build fixes
1382
1383         * runtime/WriteBarrier.h:
1384         (JSC::WriteBarrierBase::clear):
1385
1386 2011-01-30  Oliver Hunt  <oliver@apple.com>
1387
1388         Convert markstack to a slot visitor API
1389         https://bugs.webkit.org/show_bug.cgi?id=53219
1390
1391         rolling r77006 and r77020 back in.
1392
1393         * API/JSCallbackObject.h:
1394         (JSC::JSCallbackObjectData::setPrivateProperty):
1395         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1396         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1397         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1398         (JSC::JSCallbackObject::setPrivateProperty):
1399         * API/JSCallbackObjectFunctions.h:
1400         (JSC::::put):
1401         (JSC::::staticFunctionGetter):
1402         * API/JSObjectRef.cpp:
1403         (JSObjectMakeConstructor):
1404         (JSObjectSetPrivateProperty):
1405         * API/JSWeakObjectMapRefInternal.h:
1406         * JavaScriptCore.exp:
1407         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1408         * JavaScriptCore.xcodeproj/project.pbxproj:
1409         * bytecode/CodeBlock.cpp:
1410         (JSC::CodeBlock::markAggregate):
1411         * bytecode/CodeBlock.h:
1412         (JSC::CodeBlock::globalObject):
1413         * bytecompiler/BytecodeGenerator.cpp:
1414         (JSC::BytecodeGenerator::BytecodeGenerator):
1415         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1416         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1417         (JSC::BytecodeGenerator::findScopedProperty):
1418         * debugger/Debugger.cpp:
1419         (JSC::evaluateInGlobalCallFrame):
1420         * debugger/DebuggerActivation.cpp:
1421         (JSC::DebuggerActivation::DebuggerActivation):
1422         (JSC::DebuggerActivation::markChildren):
1423         * debugger/DebuggerActivation.h:
1424         * debugger/DebuggerCallFrame.cpp:
1425         (JSC::DebuggerCallFrame::evaluate):
1426         * interpreter/CallFrame.h:
1427         (JSC::ExecState::exception):
1428         * interpreter/Interpreter.cpp:
1429         (JSC::Interpreter::resolve):
1430         (JSC::Interpreter::resolveSkip):
1431         (JSC::Interpreter::resolveGlobal):
1432         (JSC::Interpreter::resolveGlobalDynamic):
1433         (JSC::Interpreter::resolveBaseAndProperty):
1434         (JSC::Interpreter::unwindCallFrame):
1435         (JSC::appendSourceToError):
1436         (JSC::Interpreter::execute):
1437         (JSC::Interpreter::tryCacheGetByID):
1438         (JSC::Interpreter::privateExecute):
1439         * jit/JITStubs.cpp:
1440         (JSC::JITThunks::tryCacheGetByID):
1441         (JSC::DEFINE_STUB_FUNCTION):
1442         * jsc.cpp:
1443         (GlobalObject::GlobalObject):
1444         * runtime/ArgList.cpp:
1445         (JSC::MarkedArgumentBuffer::markLists):
1446         * runtime/Arguments.cpp:
1447         (JSC::Arguments::markChildren):
1448         (JSC::Arguments::getOwnPropertySlot):
1449         (JSC::Arguments::getOwnPropertyDescriptor):
1450         (JSC::Arguments::put):
1451         * runtime/Arguments.h:
1452         (JSC::Arguments::setActivation):
1453         (JSC::Arguments::Arguments):
1454         * runtime/ArrayConstructor.cpp:
1455         (JSC::ArrayConstructor::ArrayConstructor):
1456         (JSC::constructArrayWithSizeQuirk):
1457         * runtime/ArrayPrototype.cpp:
1458         (JSC::arrayProtoFuncSplice):
1459         * runtime/BatchedTransitionOptimizer.h:
1460         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1461         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1462         * runtime/BooleanConstructor.cpp:
1463         (JSC::BooleanConstructor::BooleanConstructor):
1464         (JSC::constructBoolean):
1465         (JSC::constructBooleanFromImmediateBoolean):
1466         * runtime/BooleanPrototype.cpp:
1467         (JSC::BooleanPrototype::BooleanPrototype):
1468         * runtime/ConservativeSet.cpp:
1469         (JSC::ConservativeSet::grow):
1470         * runtime/ConservativeSet.h:
1471         (JSC::ConservativeSet::~ConservativeSet):
1472         (JSC::ConservativeSet::mark):
1473         * runtime/DateConstructor.cpp:
1474         (JSC::DateConstructor::DateConstructor):
1475         * runtime/DateInstance.cpp:
1476         (JSC::DateInstance::DateInstance):
1477         * runtime/DatePrototype.cpp:
1478         (JSC::dateProtoFuncSetTime):
1479         (JSC::setNewValueFromTimeArgs):
1480         (JSC::setNewValueFromDateArgs):
1481         (JSC::dateProtoFuncSetYear):
1482         * runtime/ErrorConstructor.cpp:
1483         (JSC::ErrorConstructor::ErrorConstructor):
1484         * runtime/ErrorInstance.cpp:
1485         (JSC::ErrorInstance::ErrorInstance):
1486         * runtime/ErrorPrototype.cpp:
1487         (JSC::ErrorPrototype::ErrorPrototype):
1488         * runtime/FunctionConstructor.cpp:
1489         (JSC::FunctionConstructor::FunctionConstructor):
1490         * runtime/FunctionPrototype.cpp:
1491         (JSC::FunctionPrototype::FunctionPrototype):
1492         * runtime/GetterSetter.cpp:
1493         (JSC::GetterSetter::markChildren):
1494         * runtime/GetterSetter.h:
1495         (JSC::GetterSetter::GetterSetter):
1496         (JSC::GetterSetter::getter):
1497         (JSC::GetterSetter::setGetter):
1498         (JSC::GetterSetter::setter):
1499         (JSC::GetterSetter::setSetter):
1500         * runtime/GlobalEvalFunction.cpp:
1501         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1502         (JSC::GlobalEvalFunction::markChildren):
1503         * runtime/GlobalEvalFunction.h:
1504         (JSC::GlobalEvalFunction::cachedGlobalObject):
1505         * runtime/Heap.cpp:
1506         (JSC::Heap::markProtectedObjects):
1507         (JSC::Heap::markTempSortVectors):
1508         (JSC::Heap::markRoots):
1509         * runtime/InternalFunction.cpp:
1510         (JSC::InternalFunction::InternalFunction):
1511         * runtime/JSAPIValueWrapper.h:
1512         (JSC::JSAPIValueWrapper::value):
1513         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1514         * runtime/JSActivation.cpp:
1515         (JSC::JSActivation::markChildren):
1516         (JSC::JSActivation::put):
1517         * runtime/JSArray.cpp:
1518         (JSC::JSArray::JSArray):
1519         (JSC::JSArray::getOwnPropertySlot):
1520         (JSC::JSArray::getOwnPropertyDescriptor):
1521         (JSC::JSArray::put):
1522         (JSC::JSArray::putSlowCase):
1523         (JSC::JSArray::deleteProperty):
1524         (JSC::JSArray::increaseVectorLength):
1525         (JSC::JSArray::setLength):
1526         (JSC::JSArray::pop):
1527         (JSC::JSArray::push):
1528         (JSC::JSArray::unshiftCount):
1529         (JSC::JSArray::sort):
1530         (JSC::JSArray::fillArgList):
1531         (JSC::JSArray::copyToRegisters):
1532         (JSC::JSArray::compactForSorting):
1533         * runtime/JSArray.h:
1534         (JSC::JSArray::getIndex):
1535         (JSC::JSArray::setIndex):
1536         (JSC::JSArray::uncheckedSetIndex):
1537         (JSC::JSArray::markChildrenDirect):
1538         * runtime/JSByteArray.cpp:
1539         (JSC::JSByteArray::JSByteArray):
1540         * runtime/JSCell.h:
1541         (JSC::JSCell::MarkStack::append):
1542         (JSC::JSCell::MarkStack::internalAppend):
1543         (JSC::JSCell::MarkStack::deprecatedAppend):
1544         * runtime/JSFunction.cpp:
1545         (JSC::JSFunction::JSFunction):
1546         (JSC::JSFunction::getOwnPropertySlot):
1547         * runtime/JSGlobalData.h:
1548         * runtime/JSGlobalObject.cpp:
1549         (JSC::markIfNeeded):
1550         (JSC::JSGlobalObject::reset):
1551         (JSC::JSGlobalObject::resetPrototype):
1552         (JSC::JSGlobalObject::markChildren):
1553         * runtime/JSGlobalObject.h:
1554         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1555         (JSC::JSGlobalObject::regExpConstructor):
1556         (JSC::JSGlobalObject::errorConstructor):
1557         (JSC::JSGlobalObject::evalErrorConstructor):
1558         (JSC::JSGlobalObject::rangeErrorConstructor):
1559         (JSC::JSGlobalObject::referenceErrorConstructor):
1560         (JSC::JSGlobalObject::syntaxErrorConstructor):
1561         (JSC::JSGlobalObject::typeErrorConstructor):
1562         (JSC::JSGlobalObject::URIErrorConstructor):
1563         (JSC::JSGlobalObject::evalFunction):
1564         (JSC::JSGlobalObject::objectPrototype):
1565         (JSC::JSGlobalObject::functionPrototype):
1566         (JSC::JSGlobalObject::arrayPrototype):
1567         (JSC::JSGlobalObject::booleanPrototype):
1568         (JSC::JSGlobalObject::stringPrototype):
1569         (JSC::JSGlobalObject::numberPrototype):
1570         (JSC::JSGlobalObject::datePrototype):
1571         (JSC::JSGlobalObject::regExpPrototype):
1572         (JSC::JSGlobalObject::methodCallDummy):
1573         (JSC::Structure::prototypeForLookup):
1574         (JSC::constructArray):
1575         * runtime/JSONObject.cpp:
1576         (JSC::Stringifier::Holder::object):
1577         (JSC::Stringifier::Holder::objectSlot):
1578         (JSC::Stringifier::markAggregate):
1579         (JSC::Stringifier::stringify):
1580         (JSC::Stringifier::Holder::appendNextProperty):
1581         (JSC::Walker::callReviver):
1582         (JSC::Walker::walk):
1583         * runtime/JSObject.cpp:
1584         (JSC::JSObject::defineGetter):
1585         (JSC::JSObject::defineSetter):
1586         (JSC::JSObject::removeDirect):
1587         (JSC::JSObject::putDirectFunction):
1588         (JSC::JSObject::putDirectFunctionWithoutTransition):
1589         (JSC::putDescriptor):
1590         (JSC::JSObject::defineOwnProperty):
1591         * runtime/JSObject.h:
1592         (JSC::JSObject::getDirectOffset):
1593         (JSC::JSObject::putDirectOffset):
1594         (JSC::JSObject::putUndefinedAtDirectOffset):
1595         (JSC::JSObject::flattenDictionaryObject):
1596         (JSC::JSObject::putDirectInternal):
1597         (JSC::JSObject::putDirect):
1598         (JSC::JSObject::putDirectFunction):
1599         (JSC::JSObject::putDirectWithoutTransition):
1600         (JSC::JSObject::putDirectFunctionWithoutTransition):
1601         (JSC::JSValue::putDirect):
1602         (JSC::JSObject::allocatePropertyStorageInline):
1603         (JSC::JSObject::markChildrenDirect):
1604         * runtime/JSPropertyNameIterator.cpp:
1605         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1606         (JSC::JSPropertyNameIterator::get):
1607         * runtime/JSPropertyNameIterator.h:
1608         * runtime/JSStaticScopeObject.cpp:
1609         (JSC::JSStaticScopeObject::markChildren):
1610         * runtime/JSString.cpp:
1611         (JSC::StringObject::create):
1612         * runtime/JSValue.h:
1613         * runtime/JSWrapperObject.cpp:
1614         (JSC::JSWrapperObject::markChildren):
1615         * runtime/JSWrapperObject.h:
1616         (JSC::JSWrapperObject::internalValue):
1617         (JSC::JSWrapperObject::setInternalValue):
1618         * runtime/LiteralParser.cpp:
1619         (JSC::LiteralParser::parse):
1620         * runtime/Lookup.cpp:
1621         (JSC::setUpStaticFunctionSlot):
1622         * runtime/Lookup.h:
1623         (JSC::lookupPut):
1624         * runtime/MarkStack.h:
1625         (JSC::MarkStack::MarkStack):
1626         (JSC::MarkStack::deprecatedAppendValues):
1627         (JSC::MarkStack::appendValues):
1628         * runtime/MathObject.cpp:
1629         (JSC::MathObject::MathObject):
1630         * runtime/NativeErrorConstructor.cpp:
1631         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1632         * runtime/NativeErrorPrototype.cpp:
1633         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1634         * runtime/NumberConstructor.cpp:
1635         (JSC::NumberConstructor::NumberConstructor):
1636         (JSC::constructWithNumberConstructor):
1637         * runtime/NumberObject.cpp:
1638         (JSC::constructNumber):
1639         * runtime/NumberPrototype.cpp:
1640         (JSC::NumberPrototype::NumberPrototype):
1641         * runtime/ObjectConstructor.cpp:
1642         (JSC::ObjectConstructor::ObjectConstructor):
1643         (JSC::objectConstructorGetOwnPropertyDescriptor):
1644         * runtime/Operations.h:
1645         (JSC::normalizePrototypeChain):
1646         (JSC::resolveBase):
1647         * runtime/PrototypeFunction.cpp:
1648         (JSC::PrototypeFunction::PrototypeFunction):
1649         * runtime/PutPropertySlot.h:
1650         (JSC::PutPropertySlot::setExistingProperty):
1651         (JSC::PutPropertySlot::setNewProperty):
1652         (JSC::PutPropertySlot::base):
1653         * runtime/RegExpConstructor.cpp:
1654         (JSC::RegExpConstructor::RegExpConstructor):
1655         * runtime/ScopeChain.cpp:
1656         (JSC::ScopeChainNode::print):
1657         * runtime/ScopeChain.h:
1658         (JSC::ScopeChainNode::~ScopeChainNode):
1659         (JSC::ScopeChainIterator::operator*):
1660         (JSC::ScopeChainIterator::operator->):
1661         (JSC::ScopeChain::top):
1662         * runtime/ScopeChainMark.h:
1663         (JSC::ScopeChain::markAggregate):
1664         * runtime/SmallStrings.cpp:
1665         (JSC::isMarked):
1666         (JSC::SmallStrings::markChildren):
1667         * runtime/SmallStrings.h:
1668         (JSC::SmallStrings::emptyString):
1669         (JSC::SmallStrings::singleCharacterString):
1670         (JSC::SmallStrings::singleCharacterStrings):
1671         * runtime/StringConstructor.cpp:
1672         (JSC::StringConstructor::StringConstructor):
1673         * runtime/StringObject.cpp:
1674         (JSC::StringObject::StringObject):
1675         * runtime/StringObject.h:
1676         * runtime/StringPrototype.cpp:
1677         (JSC::StringPrototype::StringPrototype):
1678         * runtime/Structure.cpp:
1679         (JSC::Structure::Structure):
1680         (JSC::Structure::addPropertyTransition):
1681         (JSC::Structure::toDictionaryTransition):
1682         (JSC::Structure::flattenDictionaryStructure):
1683         * runtime/Structure.h:
1684         (JSC::Structure::storedPrototype):
1685         (JSC::Structure::storedPrototypeSlot):
1686         * runtime/WeakGCMap.h:
1687         (JSC::WeakGCMap::uncheckedGet):
1688         (JSC::WeakGCMap::uncheckedGetSlot):
1689         (JSC::WeakGCMap::isValid):
1690         (JSC::::get):
1691         (JSC::::take):
1692         (JSC::::set):
1693         (JSC::::uncheckedRemove):
1694         * runtime/WriteBarrier.h: Added.
1695         (JSC::DeprecatedPtr::DeprecatedPtr):
1696         (JSC::DeprecatedPtr::get):
1697         (JSC::DeprecatedPtr::operator*):
1698         (JSC::DeprecatedPtr::operator->):
1699         (JSC::DeprecatedPtr::slot):
1700         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1701         (JSC::DeprecatedPtr::operator!):
1702         (JSC::WriteBarrierBase::set):
1703         (JSC::WriteBarrierBase::get):
1704         (JSC::WriteBarrierBase::operator*):
1705         (JSC::WriteBarrierBase::operator->):
1706         (JSC::WriteBarrierBase::slot):
1707         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1708         (JSC::WriteBarrierBase::operator!):
1709         (JSC::WriteBarrier::WriteBarrier):
1710         (JSC::operator==):
1711
1712 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
1713
1714         Reviewed by Oliver Hunt.
1715
1716         Filter all Heap collection through a common reset function, in
1717         preparation for adding features triggered by collection.
1718         https://bugs.webkit.org/show_bug.cgi?id=53396
1719         
1720         SunSpider reports no change.
1721
1722         * runtime/Heap.cpp:
1723         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
1724         limit, just call collectAllGarbage() instead of rolling our own special
1725         way of resetting the heap. In theory, this may be slower in some cases,
1726         but it also fixes cases of pathological heap growth that we've seen,
1727         where the only objects being allocated are temporary and huge
1728         (<rdar://problem/8885843>).
1729
1730         (JSC::Heap::allocate):
1731         (JSC::Heap::collectAllGarbage): Use the shared reset function.
1732
1733         (JSC::Heap::reset):
1734         * runtime/Heap.h: Carved a new shared reset function out of the old
1735         collectAllGarbage.
1736
1737 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1738
1739         Unreviewed, rolling out r77025.
1740         http://trac.webkit.org/changeset/77025
1741         https://bugs.webkit.org/show_bug.cgi?id=53401
1742
1743         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
1744         (Requested by Ossy on #webkit).
1745
1746         * jit/ExecutableAllocatorFixedVMPool.cpp:
1747         (JSC::FreeListEntry::FreeListEntry):
1748         (JSC::AVLTreeAbstractorForFreeList::get_less):
1749         (JSC::AVLTreeAbstractorForFreeList::set_less):
1750         (JSC::AVLTreeAbstractorForFreeList::get_greater):
1751         (JSC::AVLTreeAbstractorForFreeList::set_greater):
1752         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
1753         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
1754         (JSC::AVLTreeAbstractorForFreeList::null):
1755         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
1756         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
1757         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
1758         (JSC::reverseSortFreeListEntriesByPointer):
1759         (JSC::reverseSortCommonSizedAllocations):
1760         (JSC::FixedVMPoolAllocator::release):
1761         (JSC::FixedVMPoolAllocator::reuse):
1762         (JSC::FixedVMPoolAllocator::addToFreeList):
1763         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
1764         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1765         (JSC::FixedVMPoolAllocator::alloc):
1766         (JSC::FixedVMPoolAllocator::free):
1767         (JSC::FixedVMPoolAllocator::isValid):
1768         (JSC::FixedVMPoolAllocator::allocInternal):
1769         (JSC::FixedVMPoolAllocator::isWithinVMPool):
1770         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
1771         (JSC::ExecutableAllocator::committedByteCount):
1772         (JSC::maybeModifyVMPoolSize):
1773         (JSC::ExecutableAllocator::isValid):
1774         (JSC::ExecutableAllocator::underMemoryPressure):
1775         (JSC::ExecutablePool::systemAlloc):
1776         (JSC::ExecutablePool::systemRelease):
1777         * wtf/PageReservation.h:
1778         (WTF::PageReservation::PageReservation):
1779         (WTF::PageReservation::commit):
1780         (WTF::PageReservation::decommit):
1781
1782 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
1783
1784         Reviewed by Daniel Bates.
1785
1786         Code style issue in JavaScriptCore/wtf/CurrentTime.h
1787         https://bugs.webkit.org/show_bug.cgi?id=53394
1788
1789         According to rule #3 at http://webkit.org/coding/coding-style.html,
1790         This patch fix style issue in CurrentTime.h.
1791
1792         No functionality change, no new tests.
1793
1794         * wtf/CurrentTime.h:
1795         (WTF::currentTimeMS):
1796         (WTF::getLocalTime):
1797
1798 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
1799
1800         Reviewed by Kenneth Rohde Christiansen.
1801
1802         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
1803         https://bugs.webkit.org/show_bug.cgi?id=53377
1804
1805         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
1806         instead, we can use "-all_load" on Mac.
1807
1808         * JavaScriptCore.pri:
1809
1810 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1811
1812         Sorry Leopard bot -- I committed a change by accident.
1813
1814         * JavaScriptCore.exp: You may have your symbols back now.
1815
1816 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1817
1818         Reviewed by Cameron Zwarich.
1819
1820         Simplified Heap iteration
1821         https://bugs.webkit.org/show_bug.cgi?id=53393
1822
1823         * runtime/CollectorHeapIterator.h:
1824         (JSC::CollectorHeapIterator::isValid):
1825         (JSC::CollectorHeapIterator::isLive):
1826         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
1827         advance because it's a constant.
1828         (JSC::LiveObjectIterator::LiveObjectIterator):
1829         (JSC::LiveObjectIterator::operator++):
1830         (JSC::DeadObjectIterator::DeadObjectIterator):
1831         (JSC::DeadObjectIterator::operator++):
1832         (JSC::ObjectIterator::ObjectIterator):
1833         (JSC::ObjectIterator::operator++): Factored out common checks into
1834         two helper functions -- isValid() for "Am I past the end?" and isLive()
1835         for "Is the cell I'm pointing to live?".
1836
1837         * runtime/MarkedSpace.cpp:
1838         (JSC::MarkedSpace::freeBlock):
1839         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
1840         to the end, to avoid making sweep subtly reliant on internal Heap state.
1841         (JSC::MarkedSpace::primaryHeapBegin):
1842         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
1843         iteration begins.
1844
1845 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1846
1847         Reviewed by Cameron Zwarich.
1848
1849         Simplified heap destruction
1850         https://bugs.webkit.org/show_bug.cgi?id=53392
1851
1852         * JavaScriptCore.exp:
1853         * runtime/Heap.cpp:
1854         (JSC::Heap::destroy):
1855         * runtime/Heap.h:
1856         * runtime/MarkedSpace.cpp:
1857         (JSC::MarkedSpace::destroy):
1858         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
1859         cells last -- the difficult contortions required to do so just don't seem
1860         justified. We make no guarantees about GC protection after the client
1861         throws away JSGlobalData, and it doesn't seem like any meaningful
1862         guarantee is even possible.
1863
1864 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1865
1866         Reviewed by Maciej Stachowiak.
1867
1868         Switched heap to use the Bitmap class and removed CollectorBitmap
1869         https://bugs.webkit.org/show_bug.cgi?id=53391
1870         
1871         SunSpider says 1.005x as fast. Seems like a fluke.
1872
1873         * runtime/MarkedSpace.cpp:
1874         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
1875         rather than taking a value by reference.
1876
1877         * runtime/MarkedSpace.h: Code reuse is good.
1878
1879         * wtf/Bitmap.h:
1880         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
1881         which CollectorBitmap had. (Renamed from the less conventional "getset".)
1882
1883         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
1884         clarity. It's all the same with inlining.
1885
1886 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
1887
1888         Reviewed by Maciej Stachowiak.
1889
1890         Some more Heap cleanup.
1891         https://bugs.webkit.org/show_bug.cgi?id=53357
1892         
1893         * JavaScriptCore.exp:
1894         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
1895
1896         * runtime/Heap.cpp:
1897         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
1898         reportExtraMemoryCostSlowCase to match our naming conventions.
1899
1900         (JSC::Heap::capacity): Renamed size to capacity because this function
1901         returns the capacity of the heap, including unused portions.
1902
1903         * runtime/Heap.h:
1904         (JSC::Heap::globalData):
1905         (JSC::Heap::markedSpace):
1906         (JSC::Heap::machineStackMarker):
1907         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
1908         Moved ctor and dtor to the beginning of the class definition. Grouped
1909         functions by purpose.
1910
1911         * runtime/MarkedSpace.cpp:
1912         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
1913         function returns the capacity of the heap, including unused portions.
1914
1915         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
1916         the same information can be gotten just by calling size() and capacity().
1917
1918         * runtime/MemoryStatistics.cpp:
1919         * runtime/MemoryStatistics.h: Ditto.
1920
1921 2011-01-29  Daniel Bates  <dbates@rim.com>
1922
1923         Reviewed by Eric Seidel.
1924
1925         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
1926         https://bugs.webkit.org/show_bug.cgi?id=53253
1927
1928         Make inclusion of MT19937 a policy decision.
1929
1930         Currently, we hardcoded to  use MT19937 when building for
1931         Windows CE. Instead, we should make this a policy decision
1932         with the Windows CE port using this by default.
1933
1934         * JavaScriptCore.pri: Append Source/ThirdParty to the end
1935         of the list include directories.
1936         * wtf/CMakeLists.txt: Ditto.
1937         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
1938         building for Windows CE.
1939         * wtf/RandomNumber.cpp:
1940         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
1941
1942 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1943
1944         Reviewed by David Kilzer.
1945
1946         Bug 53374 - Remove uses of unsafe string functions in debugging code
1947         https://bugs.webkit.org/show_bug.cgi?id=53374
1948
1949         * runtime/RegExp.cpp:
1950         (JSC::RegExp::printTraceData):
1951
1952 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1953
1954         Reviewed by Oliver Hunt.
1955
1956         JavaScriptCoreUseJIT environment variable broken
1957         https://bugs.webkit.org/show_bug.cgi?id=53372
1958
1959         * runtime/JSGlobalData.cpp:
1960         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
1961         by getenv() rather than just doing a NULL check on the return value.
1962
1963 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
1964
1965         Reviewed by David Kilzer.
1966
1967         Move CharacterNames.h into WTF directory
1968         https://bugs.webkit.org/show_bug.cgi?id=49618
1969
1970         * GNUmakefile.am:
1971         * JavaScriptCore.gypi:
1972         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1973         * JavaScriptCore.xcodeproj/project.pbxproj:
1974         * wtf/CMakeLists.txt:
1975         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
1976         * wtf/unicode/UTF8.cpp:
1977
1978 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
1979
1980         Reviewed by Gavin Barraclough.
1981
1982         Add various clampToInt() methods to MathExtras.h
1983         https://bugs.webkit.org/show_bug.cgi?id=52910
1984         
1985         Add functions for clamping doubles and floats to valid int
1986         ranges, for signed and positive integers.
1987
1988         * wtf/MathExtras.h:
1989         (clampToInteger):
1990         (clampToPositiveInteger):
1991
1992 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1993
1994         Unreviewed, rolling out r77006 and r77020.
1995         http://trac.webkit.org/changeset/77006
1996         http://trac.webkit.org/changeset/77020
1997         https://bugs.webkit.org/show_bug.cgi?id=53360
1998
1999         "Broke Windows tests" (Requested by rniwa on #webkit).
2000
2001         * API/JSCallbackObject.h:
2002         (JSC::JSCallbackObjectData::setPrivateProperty):
2003         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2004         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2005         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2006         (JSC::JSCallbackObject::setPrivateProperty):
2007         * API/JSCallbackObjectFunctions.h:
2008         (JSC::::put):
2009         (JSC::::staticFunctionGetter):
2010         * API/JSObjectRef.cpp:
2011         (JSObjectMakeConstructor):
2012         (JSObjectSetPrivateProperty):
2013         * API/JSWeakObjectMapRefInternal.h:
2014         * JavaScriptCore.exp:
2015         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2016         * JavaScriptCore.xcodeproj/project.pbxproj:
2017         * bytecode/CodeBlock.cpp:
2018         (JSC::CodeBlock::markAggregate):
2019         * bytecode/CodeBlock.h:
2020         (JSC::CodeBlock::globalObject):
2021         * bytecompiler/BytecodeGenerator.cpp:
2022         (JSC::BytecodeGenerator::BytecodeGenerator):
2023         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2024         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2025         (JSC::BytecodeGenerator::findScopedProperty):
2026         * debugger/Debugger.cpp:
2027         (JSC::evaluateInGlobalCallFrame):
2028         * debugger/DebuggerActivation.cpp:
2029         (JSC::DebuggerActivation::DebuggerActivation):
2030         (JSC::DebuggerActivation::markChildren):
2031         * debugger/DebuggerActivation.h:
2032         * debugger/DebuggerCallFrame.cpp:
2033         (JSC::DebuggerCallFrame::evaluate):
2034         * interpreter/CallFrame.h:
2035         (JSC::ExecState::exception):
2036         * interpreter/Interpreter.cpp:
2037         (JSC::Interpreter::resolve):
2038         (JSC::Interpreter::resolveSkip):
2039         (JSC::Interpreter::resolveGlobal):
2040         (JSC::Interpreter::resolveGlobalDynamic):
2041         (JSC::Interpreter::resolveBaseAndProperty):
2042         (JSC::Interpreter::unwindCallFrame):
2043         (JSC::appendSourceToError):
2044         (JSC::Interpreter::execute):
2045         (JSC::Interpreter::tryCacheGetByID):
2046         (JSC::Interpreter::privateExecute):
2047         * jit/JITStubs.cpp:
2048         (JSC::JITThunks::tryCacheGetByID):
2049         (JSC::DEFINE_STUB_FUNCTION):
2050         * jsc.cpp:
2051         (GlobalObject::GlobalObject):
2052         * runtime/ArgList.cpp:
2053         (JSC::MarkedArgumentBuffer::markLists):
2054         * runtime/Arguments.cpp:
2055         (JSC::Arguments::markChildren):
2056         (JSC::Arguments::getOwnPropertySlot):
2057         (JSC::Arguments::getOwnPropertyDescriptor):
2058         (JSC::Arguments::put):
2059         * runtime/Arguments.h:
2060         (JSC::Arguments::setActivation):
2061         (JSC::Arguments::Arguments):
2062         * runtime/ArrayConstructor.cpp:
2063         (JSC::ArrayConstructor::ArrayConstructor):
2064         (JSC::constructArrayWithSizeQuirk):
2065         * runtime/ArrayPrototype.cpp:
2066         (JSC::arrayProtoFuncSplice):
2067         * runtime/BatchedTransitionOptimizer.h:
2068         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2069         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2070         * runtime/BooleanConstructor.cpp:
2071         (JSC::BooleanConstructor::BooleanConstructor):
2072         (JSC::constructBoolean):
2073         (JSC::constructBooleanFromImmediateBoolean):
2074         * runtime/BooleanPrototype.cpp:
2075         (JSC::BooleanPrototype::BooleanPrototype):
2076         * runtime/ConservativeSet.cpp:
2077         (JSC::ConservativeSet::grow):
2078         * runtime/ConservativeSet.h:
2079         (JSC::ConservativeSet::~ConservativeSet):
2080         (JSC::ConservativeSet::mark):
2081         * runtime/DateConstructor.cpp:
2082         (JSC::DateConstructor::DateConstructor):
2083         * runtime/DateInstance.cpp:
2084         (JSC::DateInstance::DateInstance):
2085         * runtime/DatePrototype.cpp:
2086         (JSC::dateProtoFuncSetTime):
2087         (JSC::setNewValueFromTimeArgs):
2088         (JSC::setNewValueFromDateArgs):
2089         (JSC::dateProtoFuncSetYear):
2090         * runtime/ErrorConstructor.cpp:
2091         (JSC::ErrorConstructor::ErrorConstructor):
2092         * runtime/ErrorInstance.cpp:
2093         (JSC::ErrorInstance::ErrorInstance):
2094         * runtime/ErrorPrototype.cpp:
2095         (JSC::ErrorPrototype::ErrorPrototype):
2096         * runtime/FunctionConstructor.cpp:
2097         (JSC::FunctionConstructor::FunctionConstructor):
2098         * runtime/FunctionPrototype.cpp:
2099         (JSC::FunctionPrototype::FunctionPrototype):
2100         * runtime/GetterSetter.cpp:
2101         (JSC::GetterSetter::markChildren):
2102         * runtime/GetterSetter.h:
2103         (JSC::GetterSetter::GetterSetter):
2104         (JSC::GetterSetter::getter):
2105         (JSC::GetterSetter::setGetter):
2106         (JSC::GetterSetter::setter):
2107         (JSC::GetterSetter::setSetter):
2108         * runtime/GlobalEvalFunction.cpp:
2109         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2110         (JSC::GlobalEvalFunction::markChildren):
2111         * runtime/GlobalEvalFunction.h:
2112         (JSC::GlobalEvalFunction::cachedGlobalObject):
2113         * runtime/Heap.cpp:
2114         (JSC::Heap::markProtectedObjects):
2115         (JSC::Heap::markTempSortVectors):
2116         (JSC::Heap::markRoots):
2117         * runtime/InternalFunction.cpp:
2118         (JSC::InternalFunction::InternalFunction):
2119         * runtime/JSAPIValueWrapper.h:
2120         (JSC::JSAPIValueWrapper::value):
2121         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2122         * runtime/JSActivation.cpp:
2123         (JSC::JSActivation::markChildren):
2124         (JSC::JSActivation::put):
2125         * runtime/JSArray.cpp:
2126         (JSC::JSArray::JSArray):
2127         (JSC::JSArray::getOwnPropertySlot):
2128         (JSC::JSArray::getOwnPropertyDescriptor):
2129         (JSC::JSArray::put):
2130         (JSC::JSArray::putSlowCase):
2131         (JSC::JSArray::deleteProperty):
2132         (JSC::JSArray::increaseVectorLength):
2133         (JSC::JSArray::setLength):
2134         (JSC::JSArray::pop):
2135         (JSC::JSArray::push):
2136         (JSC::JSArray::unshiftCount):
2137         (JSC::JSArray::sort):
2138         (JSC::JSArray::fillArgList):
2139         (JSC::JSArray::copyToRegisters):
2140         (JSC::JSArray::compactForSorting):
2141         * runtime/JSArray.h:
2142         (JSC::JSArray::getIndex):
2143         (JSC::JSArray::setIndex):
2144         (JSC::JSArray::uncheckedSetIndex):
2145         (JSC::JSArray::markChildrenDirect):
2146         * runtime/JSByteArray.cpp:
2147         (JSC::JSByteArray::JSByteArray):
2148         * runtime/JSCell.h:
2149         (JSC::JSCell::JSValue::toThisObject):
2150         (JSC::JSCell::MarkStack::append):
2151         * runtime/JSFunction.cpp:
2152         (JSC::JSFunction::JSFunction):
2153         (JSC::JSFunction::getOwnPropertySlot):
2154         * runtime/JSGlobalData.h:
2155         * runtime/JSGlobalObject.cpp:
2156         (JSC::markIfNeeded):
2157         (JSC::JSGlobalObject::reset):
2158         (JSC::JSGlobalObject::resetPrototype):
2159         (JSC::JSGlobalObject::markChildren):
2160         * runtime/JSGlobalObject.h:
2161         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2162         (JSC::JSGlobalObject::regExpConstructor):
2163         (JSC::JSGlobalObject::errorConstructor):
2164         (JSC::JSGlobalObject::evalErrorConstructor):
2165         (JSC::JSGlobalObject::rangeErrorConstructor):
2166         (JSC::JSGlobalObject::referenceErrorConstructor):
2167         (JSC::JSGlobalObject::syntaxErrorConstructor):
2168         (JSC::JSGlobalObject::typeErrorConstructor):
2169         (JSC::JSGlobalObject::URIErrorConstructor):
2170         (JSC::JSGlobalObject::evalFunction):
2171         (JSC::JSGlobalObject::objectPrototype):
2172         (JSC::JSGlobalObject::functionPrototype):
2173         (JSC::JSGlobalObject::arrayPrototype):
2174         (JSC::JSGlobalObject::booleanPrototype):
2175         (JSC::JSGlobalObject::stringPrototype):
2176         (JSC::JSGlobalObject::numberPrototype):
2177         (JSC::JSGlobalObject::datePrototype):
2178         (JSC::JSGlobalObject::regExpPrototype):
2179         (JSC::JSGlobalObject::methodCallDummy):
2180         (JSC::Structure::prototypeForLookup):
2181         (JSC::constructArray):
2182         * runtime/JSONObject.cpp:
2183         (JSC::Stringifier::Holder::object):
2184         (JSC::Stringifier::markAggregate):
2185         (JSC::Stringifier::stringify):
2186         (JSC::Stringifier::Holder::appendNextProperty):
2187         (JSC::Walker::callReviver):
2188         (JSC::Walker::walk):
2189         * runtime/JSObject.cpp:
2190         (JSC::JSObject::defineGetter):
2191         (JSC::JSObject::defineSetter):
2192         (JSC::JSObject::removeDirect):
2193         (JSC::JSObject::putDirectFunction):
2194         (JSC::JSObject::putDirectFunctionWithoutTransition):
2195         (JSC::putDescriptor):
2196         (JSC::JSObject::defineOwnProperty):
2197         * runtime/JSObject.h:
2198         (JSC::JSObject::getDirectOffset):
2199         (JSC::JSObject::putDirectOffset):
2200         (JSC::JSObject::flattenDictionaryObject):
2201         (JSC::JSObject::putDirectInternal):
2202         (JSC::JSObject::putDirect):
2203         (JSC::JSObject::putDirectFunction):
2204         (JSC::JSObject::putDirectWithoutTransition):
2205         (JSC::JSObject::putDirectFunctionWithoutTransition):
2206         (JSC::JSValue::putDirect):
2207         (JSC::JSObject::allocatePropertyStorageInline):
2208         (JSC::JSObject::markChildrenDirect):
2209         * runtime/JSPropertyNameIterator.cpp:
2210         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2211         (JSC::JSPropertyNameIterator::get):
2212         * runtime/JSPropertyNameIterator.h:
2213         * runtime/JSStaticScopeObject.cpp:
2214         (JSC::JSStaticScopeObject::markChildren):
2215         * runtime/JSString.cpp:
2216         (JSC::StringObject::create):
2217         * runtime/JSValue.h:
2218         * runtime/JSWrapperObject.cpp:
2219         (JSC::JSWrapperObject::markChildren):
2220         * runtime/JSWrapperObject.h:
2221         (JSC::JSWrapperObject::internalValue):
2222         (JSC::JSWrapperObject::setInternalValue):
2223         * runtime/LiteralParser.cpp:
2224         (JSC::LiteralParser::parse):
2225         * runtime/Lookup.cpp:
2226         (JSC::setUpStaticFunctionSlot):
2227         * runtime/Lookup.h:
2228         (JSC::lookupPut):
2229         * runtime/MarkStack.h:
2230         (JSC::MarkStack::appendValues):
2231         * runtime/MathObject.cpp:
2232         (JSC::MathObject::MathObject):
2233         * runtime/NativeErrorConstructor.cpp:
2234         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2235         * runtime/NativeErrorPrototype.cpp:
2236         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2237         * runtime/NumberConstructor.cpp:
2238         (JSC::NumberConstructor::NumberConstructor):
2239         (JSC::constructWithNumberConstructor):
2240         * runtime/NumberObject.cpp:
2241         (JSC::constructNumber):
2242         * runtime/NumberPrototype.cpp:
2243         (JSC::NumberPrototype::NumberPrototype):
2244         * runtime/ObjectConstructor.cpp:
2245         (JSC::ObjectConstructor::ObjectConstructor):
2246         (JSC::objectConstructorGetOwnPropertyDescriptor):
2247         * runtime/Operations.h:
2248         (JSC::normalizePrototypeChain):
2249         (JSC::resolveBase):
2250         * runtime/PrototypeFunction.cpp:
2251         (JSC::PrototypeFunction::PrototypeFunction):
2252         * runtime/PutPropertySlot.h:
2253         (JSC::PutPropertySlot::setExistingProperty):
2254         (JSC::PutPropertySlot::setNewProperty):
2255         (JSC::PutPropertySlot::base):
2256         * runtime/RegExpConstructor.cpp:
2257         (JSC::RegExpConstructor::RegExpConstructor):
2258         * runtime/ScopeChain.cpp:
2259         (JSC::ScopeChainNode::print):
2260         * runtime/ScopeChain.h:
2261         (JSC::ScopeChainNode::~ScopeChainNode):
2262         (JSC::ScopeChainIterator::operator*):
2263         (JSC::ScopeChainIterator::operator->):
2264         (JSC::ScopeChain::top):
2265         * runtime/ScopeChainMark.h:
2266         (JSC::ScopeChain::markAggregate):
2267         * runtime/SmallStrings.cpp:
2268         (JSC::isMarked):
2269         (JSC::SmallStrings::markChildren):
2270         * runtime/SmallStrings.h:
2271         (JSC::SmallStrings::emptyString):
2272         (JSC::SmallStrings::singleCharacterString):
2273         (JSC::SmallStrings::singleCharacterStrings):
2274         * runtime/StringConstructor.cpp:
2275         (JSC::StringConstructor::StringConstructor):
2276         * runtime/StringObject.cpp:
2277         (JSC::StringObject::StringObject):
2278         * runtime/StringObject.h:
2279         * runtime/StringPrototype.cpp:
2280         (JSC::StringPrototype::StringPrototype):
2281         * runtime/Structure.cpp:
2282         (JSC::Structure::Structure):
2283         (JSC::Structure::addPropertyTransition):
2284         (JSC::Structure::toDictionaryTransition):
2285         (JSC::Structure::flattenDictionaryStructure):
2286         * runtime/Structure.h:
2287         (JSC::Structure::storedPrototype):
2288         * runtime/WeakGCMap.h:
2289         (JSC::WeakGCMap::uncheckedGet):
2290         (JSC::WeakGCMap::isValid):
2291         (JSC::::get):
2292         (JSC::::take):
2293         (JSC::::set):
2294         (JSC::::uncheckedRemove):
2295         * runtime/WriteBarrier.h: Removed.
2296
2297 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2298
2299         Reviewed by Geoff Garen.
2300
2301         https://bugs.webkit.org/show_bug.cgi?id=53352
2302         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2303
2304         The FixedVMPoolAllocator currently uses a best fix policy -
2305         switch to first fit, this is less prone to external fragmentation.
2306
2307         * jit/ExecutableAllocatorFixedVMPool.cpp:
2308         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2309         (JSC::AllocationTableSizeClass::blockSize):
2310         (JSC::AllocationTableSizeClass::blockCount):
2311         (JSC::AllocationTableSizeClass::blockAlignment):
2312         (JSC::AllocationTableSizeClass::size):
2313         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2314         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2315         (JSC::AllocationTableLeaf::allocate):
2316         (JSC::AllocationTableLeaf::free):
2317         (JSC::AllocationTableLeaf::isEmpty):
2318         (JSC::AllocationTableLeaf::isFull):
2319         (JSC::AllocationTableLeaf::size):
2320         (JSC::AllocationTableLeaf::classForSize):
2321         (JSC::AllocationTableLeaf::dump):
2322         (JSC::LazyAllocationTable::LazyAllocationTable):
2323         (JSC::LazyAllocationTable::~LazyAllocationTable):
2324         (JSC::LazyAllocationTable::allocate):
2325         (JSC::LazyAllocationTable::free):
2326         (JSC::LazyAllocationTable::isEmpty):
2327         (JSC::LazyAllocationTable::isFull):
2328         (JSC::LazyAllocationTable::size):
2329         (JSC::LazyAllocationTable::dump):
2330         (JSC::LazyAllocationTable::classForSize):
2331         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2332         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2333         (JSC::AllocationTableDirectory::allocate):
2334         (JSC::AllocationTableDirectory::free):
2335         (JSC::AllocationTableDirectory::isEmpty):
2336         (JSC::AllocationTableDirectory::isFull):
2337         (JSC::AllocationTableDirectory::size):
2338         (JSC::AllocationTableDirectory::classForSize):
2339         (JSC::AllocationTableDirectory::dump):
2340         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2341         (JSC::FixedVMPoolAllocator::alloc):
2342         (JSC::FixedVMPoolAllocator::free):
2343         (JSC::FixedVMPoolAllocator::allocated):
2344         (JSC::FixedVMPoolAllocator::isValid):
2345         (JSC::FixedVMPoolAllocator::classForSize):
2346         (JSC::FixedVMPoolAllocator::offsetToPointer):
2347         (JSC::FixedVMPoolAllocator::pointerToOffset):
2348         (JSC::ExecutableAllocator::committedByteCount):
2349         (JSC::ExecutableAllocator::isValid):
2350         (JSC::ExecutableAllocator::underMemoryPressure):
2351         (JSC::ExecutablePool::systemAlloc):
2352         (JSC::ExecutablePool::systemRelease):
2353         * wtf/PageReservation.h:
2354         (WTF::PageReservation::PageReservation):
2355         (WTF::PageReservation::commit):
2356         (WTF::PageReservation::decommit):
2357         (WTF::PageReservation::committed):
2358
2359 2011-01-27  Oliver Hunt  <oliver@apple.com>
2360
2361         Reviewed by Geoffrey Garen.
2362
2363         Convert markstack to a slot visitor API
2364         https://bugs.webkit.org/show_bug.cgi?id=53219
2365
2366         Move the MarkStack over to a slot based marking API.
2367
2368         In order to avoiding aliasing concerns there are two new types
2369         that need to be used when holding on to JSValues and JSCell that
2370         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2371         is expected to be used for any JSValue or Cell that's lifetime and
2372         marking is controlled by another GC object.  DeprecatedPtr is used
2373         for any value that we need to rework ownership for.
2374
2375         The change over to this model has produced a large amount of
2376         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2377         etc).
2378
2379         * API/JSCallbackObject.h:
2380         (JSC::JSCallbackObjectData::setPrivateProperty):
2381         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2382         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2383         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2384         (JSC::JSCallbackObject::setPrivateProperty):
2385         * API/JSCallbackObjectFunctions.h:
2386         (JSC::::put):
2387         (JSC::::staticFunctionGetter):
2388         * API/JSObjectRef.cpp:
2389         (JSObjectMakeConstructor):
2390         (JSObjectSetPrivateProperty):
2391         * API/JSWeakObjectMapRefInternal.h:
2392         * JavaScriptCore.exp:
2393         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2394         * JavaScriptCore.xcodeproj/project.pbxproj:
2395         * bytecode/CodeBlock.cpp:
2396         (JSC::CodeBlock::markAggregate):
2397         * bytecode/CodeBlock.h:
2398         (JSC::CodeBlock::globalObject):
2399         * bytecompiler/BytecodeGenerator.cpp:
2400         (JSC::BytecodeGenerator::BytecodeGenerator):
2401         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2402         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2403         (JSC::BytecodeGenerator::findScopedProperty):
2404         * debugger/DebuggerActivation.cpp:
2405         (JSC::DebuggerActivation::DebuggerActivation):
2406         (JSC::DebuggerActivation::markChildren):
2407         * debugger/DebuggerActivation.h:
2408         * interpreter/Interpreter.cpp:
2409         (JSC::Interpreter::resolve):
2410         (JSC::Interpreter::resolveSkip):
2411         (JSC::Interpreter::resolveGlobalDynamic):
2412         (JSC::Interpreter::resolveBaseAndProperty):
2413         (JSC::Interpreter::unwindCallFrame):
2414         (JSC::appendSourceToError):
2415         (JSC::Interpreter::execute):
2416         (JSC::Interpreter::privateExecute):
2417         * interpreter/Register.h:
2418         (JSC::Register::jsValueSlot):
2419         * jit/JITStubs.cpp:
2420         (JSC::JITThunks::tryCacheGetByID):
2421         (JSC::DEFINE_STUB_FUNCTION):
2422         * jsc.cpp:
2423         (GlobalObject::GlobalObject):
2424         * runtime/Arguments.cpp:
2425         (JSC::Arguments::markChildren):
2426         (JSC::Arguments::getOwnPropertySlot):
2427         (JSC::Arguments::getOwnPropertyDescriptor):
2428         (JSC::Arguments::put):
2429         * runtime/Arguments.h:
2430         (JSC::Arguments::setActivation):
2431         (JSC::Arguments::Arguments):
2432         * runtime/ArrayConstructor.cpp:
2433         (JSC::ArrayConstructor::ArrayConstructor):
2434         (JSC::constructArrayWithSizeQuirk):
2435         * runtime/ArrayPrototype.cpp:
2436         (JSC::arrayProtoFuncSplice):
2437         * runtime/BatchedTransitionOptimizer.h:
2438         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2439         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2440         * runtime/BooleanConstructor.cpp:
2441         (JSC::BooleanConstructor::BooleanConstructor):
2442         (JSC::constructBoolean):
2443         (JSC::constructBooleanFromImmediateBoolean):
2444         * runtime/BooleanPrototype.cpp:
2445         (JSC::BooleanPrototype::BooleanPrototype):
2446         * runtime/ConservativeSet.h:
2447         (JSC::ConservativeSet::mark):
2448         * runtime/DateConstructor.cpp:
2449         (JSC::DateConstructor::DateConstructor):
2450         * runtime/DateInstance.cpp:
2451         (JSC::DateInstance::DateInstance):
2452         * runtime/DatePrototype.cpp:
2453         (JSC::dateProtoFuncSetTime):
2454         (JSC::setNewValueFromTimeArgs):
2455         (JSC::setNewValueFromDateArgs):
2456         (JSC::dateProtoFuncSetYear):
2457         * runtime/ErrorConstructor.cpp:
2458         (JSC::ErrorConstructor::ErrorConstructor):
2459         * runtime/ErrorInstance.cpp:
2460         (JSC::ErrorInstance::ErrorInstance):
2461         * runtime/ErrorPrototype.cpp:
2462         (JSC::ErrorPrototype::ErrorPrototype):
2463         * runtime/FunctionConstructor.cpp:
2464         (JSC::FunctionConstructor::FunctionConstructor):
2465         * runtime/FunctionPrototype.cpp:
2466         (JSC::FunctionPrototype::FunctionPrototype):
2467         * runtime/GetterSetter.cpp:
2468         (JSC::GetterSetter::markChildren):
2469         * runtime/GetterSetter.h:
2470         (JSC::GetterSetter::GetterSetter):
2471         (JSC::GetterSetter::getter):
2472         (JSC::GetterSetter::setGetter):
2473         (JSC::GetterSetter::setter):
2474         (JSC::GetterSetter::setSetter):
2475         * runtime/GlobalEvalFunction.cpp:
2476         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2477         (JSC::GlobalEvalFunction::markChildren):
2478         * runtime/GlobalEvalFunction.h:
2479         (JSC::GlobalEvalFunction::cachedGlobalObject):
2480         * runtime/Heap.cpp:
2481         (JSC::Heap::markProtectedObjects):
2482         (JSC::Heap::markTempSortVectors):
2483         (JSC::Heap::markRoots):
2484         * runtime/InternalFunction.cpp:
2485         (JSC::InternalFunction::InternalFunction):
2486         * runtime/JSAPIValueWrapper.h:
2487         (JSC::JSAPIValueWrapper::value):
2488         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2489         * runtime/JSActivation.cpp:
2490         (JSC::JSActivation::put):
2491         * runtime/JSArray.cpp:
2492         (JSC::JSArray::JSArray):
2493         (JSC::JSArray::getOwnPropertySlot):
2494         (JSC::JSArray::getOwnPropertyDescriptor):
2495         (JSC::JSArray::put):
2496         (JSC::JSArray::putSlowCase):
2497         (JSC::JSArray::deleteProperty):
2498         (JSC::JSArray::increaseVectorLength):
2499         (JSC::JSArray::setLength):
2500         (JSC::JSArray::pop):
2501         (JSC::JSArray::push):
2502         (JSC::JSArray::unshiftCount):
2503         (JSC::JSArray::sort):
2504         (JSC::JSArray::fillArgList):
2505         (JSC::JSArray::copyToRegisters):
2506         (JSC::JSArray::compactForSorting):
2507         * runtime/JSArray.h:
2508         (JSC::JSArray::getIndex):
2509         (JSC::JSArray::setIndex):
2510         (JSC::JSArray::uncheckedSetIndex):
2511         (JSC::JSArray::markChildrenDirect):
2512         * runtime/JSByteArray.cpp:
2513         (JSC::JSByteArray::JSByteArray):
2514         * runtime/JSCell.h:
2515         (JSC::JSCell::MarkStack::append):
2516         (JSC::JSCell::MarkStack::appendCell):
2517         * runtime/JSFunction.cpp:
2518         (JSC::JSFunction::JSFunction):
2519         (JSC::JSFunction::getOwnPropertySlot):
2520         * runtime/JSGlobalObject.cpp:
2521         (JSC::markIfNeeded):
2522         (JSC::JSGlobalObject::reset):
2523         (JSC::JSGlobalObject::resetPrototype):
2524         (JSC::JSGlobalObject::markChildren):
2525         * runtime/JSGlobalObject.h:
2526         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2527         (JSC::JSGlobalObject::regExpConstructor):
2528         (JSC::JSGlobalObject::errorConstructor):
2529         (JSC::JSGlobalObject::evalErrorConstructor):
2530         (JSC::JSGlobalObject::rangeErrorConstructor):
2531         (JSC::JSGlobalObject::referenceErrorConstructor):
2532         (JSC::JSGlobalObject::syntaxErrorConstructor):
2533         (JSC::JSGlobalObject::typeErrorConstructor):
2534         (JSC::JSGlobalObject::URIErrorConstructor):
2535         (JSC::JSGlobalObject::evalFunction):
2536         (JSC::JSGlobalObject::objectPrototype):
2537         (JSC::JSGlobalObject::functionPrototype):
2538         (JSC::JSGlobalObject::arrayPrototype):
2539         (JSC::JSGlobalObject::booleanPrototype):
2540         (JSC::JSGlobalObject::stringPrototype):
2541         (JSC::JSGlobalObject::numberPrototype):
2542         (JSC::JSGlobalObject::datePrototype):
2543         (JSC::JSGlobalObject::regExpPrototype):
2544         (JSC::JSGlobalObject::methodCallDummy):
2545         (JSC::constructArray):
2546         * runtime/JSONObject.cpp:
2547         (JSC::Stringifier::Holder::object):
2548         (JSC::Stringifier::Holder::objectSlot):
2549         (JSC::Stringifier::markAggregate):
2550         (JSC::Stringifier::stringify):
2551         (JSC::Stringifier::Holder::appendNextProperty):
2552         (JSC::Walker::callReviver):
2553         (JSC::Walker::walk):
2554         * runtime/JSObject.cpp:
2555         (JSC::JSObject::defineGetter):
2556         (JSC::JSObject::defineSetter):
2557         (JSC::JSObject::removeDirect):
2558         (JSC::JSObject::putDirectFunction):
2559         (JSC::JSObject::putDirectFunctionWithoutTransition):
2560         (JSC::putDescriptor):
2561         (JSC::JSObject::defineOwnProperty):
2562         * runtime/JSObject.h:
2563         (JSC::JSObject::putDirectOffset):
2564         (JSC::JSObject::putUndefinedAtDirectOffset):
2565         (JSC::JSObject::flattenDictionaryObject):
2566         (JSC::JSObject::putDirectInternal):
2567         (JSC::JSObject::putDirect):
2568         (JSC::JSObject::putDirectFunction):
2569         (JSC::JSObject::putDirectWithoutTransition):
2570         (JSC::JSObject::putDirectFunctionWithoutTransition):
2571         (JSC::JSValue::putDirect):
2572         (JSC::JSObject::allocatePropertyStorageInline):
2573         (JSC::JSObject::markChildrenDirect):
2574         * runtime/JSStaticScopeObject.cpp:
2575         (JSC::JSStaticScopeObject::markChildren):
2576         * runtime/JSString.cpp:
2577         (JSC::StringObject::create):
2578         * runtime/JSValue.h:
2579         * runtime/JSWrapperObject.cpp:
2580         (JSC::JSWrapperObject::markChildren):
2581         * runtime/JSWrapperObject.h:
2582         (JSC::JSWrapperObject::internalValue):
2583         (JSC::JSWrapperObject::setInternalValue):
2584         * runtime/LiteralParser.cpp:
2585         (JSC::LiteralParser::parse):
2586         * runtime/Lookup.cpp:
2587         (JSC::setUpStaticFunctionSlot):
2588         * runtime/Lookup.h:
2589         (JSC::lookupPut):
2590         * runtime/MarkStack.h:
2591         * runtime/MathObject.cpp:
2592         (JSC::MathObject::MathObject):
2593         * runtime/NativeErrorConstructor.cpp:
2594         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2595         * runtime/NativeErrorPrototype.cpp:
2596         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2597         * runtime/NumberConstructor.cpp:
2598         (JSC::NumberConstructor::NumberConstructor):
2599         (JSC::constructWithNumberConstructor):
2600         * runtime/NumberObject.cpp:
2601         (JSC::constructNumber):
2602         * runtime/NumberPrototype.cpp:
2603         (JSC::NumberPrototype::NumberPrototype):
2604         * runtime/ObjectConstructor.cpp:
2605         (JSC::ObjectConstructor::ObjectConstructor):
2606         (JSC::objectConstructorGetOwnPropertyDescriptor):
2607         * runtime/Operations.h:
2608         (JSC::normalizePrototypeChain):
2609         (JSC::resolveBase):
2610         * runtime/PrototypeFunction.cpp:
2611         (JSC::PrototypeFunction::PrototypeFunction):
2612         * runtime/PutPropertySlot.h:
2613         (JSC::PutPropertySlot::setExistingProperty):
2614         (JSC::PutPropertySlot::setNewProperty):
2615         (JSC::PutPropertySlot::base):
2616         * runtime/RegExpConstructor.cpp:
2617         (JSC::RegExpConstructor::RegExpConstructor):
2618         * runtime/ScopeChain.cpp:
2619         (JSC::ScopeChainNode::print):
2620         * runtime/ScopeChain.h:
2621         (JSC::ScopeChainNode::~ScopeChainNode):
2622         (JSC::ScopeChainIterator::operator*):
2623         (JSC::ScopeChainIterator::operator->):
2624         (JSC::ScopeChain::top):
2625         * runtime/ScopeChainMark.h:
2626         (JSC::ScopeChain::markAggregate):
2627         * runtime/SmallStrings.cpp:
2628         (JSC::isMarked):
2629         (JSC::SmallStrings::markChildren):
2630         * runtime/SmallStrings.h:
2631         (JSC::SmallStrings::emptyString):
2632         (JSC::SmallStrings::singleCharacterString):
2633         (JSC::SmallStrings::singleCharacterStrings):
2634         * runtime/StringConstructor.cpp:
2635         (JSC::StringConstructor::StringConstructor):
2636         * runtime/StringObject.cpp:
2637         (JSC::StringObject::StringObject):
2638         * runtime/StringObject.h:
2639         * runtime/StringPrototype.cpp:
2640         (JSC::StringPrototype::StringPrototype):
2641         * runtime/Structure.cpp:
2642         (JSC::Structure::flattenDictionaryStructure):
2643         * runtime/Structure.h:
2644         (JSC::Structure::storedPrototypeSlot):
2645         * runtime/WeakGCMap.h:
2646         (JSC::WeakGCMap::uncheckedGet):
2647         (JSC::WeakGCMap::uncheckedGetSlot):
2648         (JSC::::get):
2649         (JSC::::take):
2650         (JSC::::set):
2651         (JSC::::uncheckedRemove):
2652         * runtime/WriteBarrier.h: Added.
2653         (JSC::DeprecatedPtr::DeprecatedPtr):
2654         (JSC::DeprecatedPtr::get):
2655         (JSC::DeprecatedPtr::operator*):
2656         (JSC::DeprecatedPtr::operator->):
2657         (JSC::DeprecatedPtr::slot):
2658         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2659         (JSC::DeprecatedPtr::operator!):
2660         (JSC::WriteBarrierBase::set):
2661         (JSC::WriteBarrierBase::get):
2662         (JSC::WriteBarrierBase::operator*):
2663         (JSC::WriteBarrierBase::operator->):
2664         (JSC::WriteBarrierBase::slot):
2665         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2666         (JSC::WriteBarrierBase::operator!):
2667         (JSC::WriteBarrier::WriteBarrier):
2668         (JSC::operator==):
2669
2670 2011-01-28  Adam Roben  <aroben@apple.com>
2671
2672         Chromium build fix after r76967
2673
2674         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
2675         similar macros in this file.
2676
2677 2011-01-28  Michael Saboff  <msaboff@apple.com>
2678
2679         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2680         https://bugs.webkit.org/show_bug.cgi?id=53271
2681
2682         Reapplying this this change.  No change from prior patch in
2683         JavaScriptCore.
2684
2685         Added new isValid() methods to check if a contained object in
2686         a WeakGCMap is valid when using an unchecked iterator.
2687
2688         * runtime/WeakGCMap.h:
2689         (JSC::WeakGCMap::isValid):
2690
2691 2011-01-27  Adam Roben  <aroben@apple.com>
2692
2693         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
2694         function
2695
2696         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
2697         Win32 event
2698
2699         Reviewed by Dave Hyatt.
2700
2701         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
2702
2703         * wtf/ThreadingPrimitives.h: Declare the new function.
2704
2705         * wtf/ThreadingWin.cpp:
2706         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
2707         interval from here...
2708         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
2709
2710 2011-01-28  Sam Weinig  <sam@webkit.org>
2711
2712         Reviewed by Maciej Stachowiak.
2713
2714         Add basic rubber banding support
2715         <rdar://problem/8219429>
2716         https://bugs.webkit.org/show_bug.cgi?id=53277
2717
2718         * wtf/Platform.h: Add ENABLE for rubber banding.
2719
2720 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2721
2722         Unreviewed, rolling out r76893.
2723         http://trac.webkit.org/changeset/76893
2724         https://bugs.webkit.org/show_bug.cgi?id=53287
2725
2726         It made some tests crash on GTK and Qt debug bots (Requested
2727         by Ossy on #webkit).
2728
2729         * runtime/WeakGCMap.h:
2730
2731 2011-01-27  Adam Barth  <abarth@webkit.org>
2732
2733         Reviewed by Eric Seidel.
2734
2735         Add WTFString method to compare equality with Vector<UChar>
2736         https://bugs.webkit.org/show_bug.cgi?id=53266
2737
2738         I'm planning to use this method in the new XSS filter implementation,
2739         but it seems generally useful.
2740
2741         * wtf/text/StringImpl.h:
2742         (WTF::equalIgnoringNullity):
2743         * wtf/text/WTFString.h:
2744         (WTF::equalIgnoringNullity):
2745
2746 2011-01-27  Michael Saboff  <msaboff@apple.com>
2747
2748         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2749         https://bugs.webkit.org/show_bug.cgi?id=53271
2750
2751         Added new isValid() methods to check if a contained object in
2752         a WeakGCMap is valid when using an unchecked iterator.
2753
2754         * runtime/WeakGCMap.h:
2755         (JSC::WeakGCMap::isValid):
2756
2757 2011-01-26  Sam Weinig  <sam@webkit.org>
2758
2759         Reviewed by Maciej Stachowiak.
2760
2761         Add events to represent the start/end of a gesture scroll
2762         https://bugs.webkit.org/show_bug.cgi?id=53215
2763
2764         * wtf/Platform.h: Add ENABLE for gesture events. 
2765
2766 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
2767
2768         Reviewed by Laszlo Gombos.
2769
2770         [Qt][Symbian] Fix --minimal build
2771         https://bugs.webkit.org/show_bug.cgi?id=52839
2772
2773         Move definition of USE_SYSTEM_MALLOC out of pri file.
2774         Put it in platform.h instead.
2775
2776         * wtf/Platform.h:
2777         * wtf/TCSystemAlloc.cpp:
2778         * wtf/wtf.pri:
2779
2780 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
2781
2782         Reviewed by Andreas Kling.
2783
2784         [WINCE] Add JIT support to build system
2785         https://bugs.webkit.org/show_bug.cgi?id=53079
2786
2787         * CMakeListsWinCE.txt:
2788
2789 2011-01-25  Adam Roben  <aroben@apple.com>
2790
2791         Windows Production build fix
2792
2793         Reviewed by Steve Falkenburg.
2794
2795         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
2796         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
2797         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
2798
2799 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
2800
2801         Rubber-stamped by Adam Roben.
2802
2803         Windows production build fix.
2804         Use correct environment variable escaping
2805
2806         * JavaScriptCore.vcproj/JavaScriptCore.make:
2807         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2808
2809 2011-01-25  Oliver Hunt  <oliver@apple.com>
2810
2811         Reviewed by Gavin Barraclough.
2812
2813         JSON.stringify processing time exponentially grows with size of object
2814         https://bugs.webkit.org/show_bug.cgi?id=51922
2815
2816         Remove last use of reserveCapacity from JSON stringification, as it results
2817         in appalling append behaviour when there are a large number of property names
2818         and nothing else.
2819
2820         * runtime/JSONObject.cpp:
2821         (JSC::Stringifier::appendQuotedString):
2822
2823 2011-01-25  Antti Koivisto  <antti@apple.com>
2824
2825         Not reviewed.
2826         
2827         Try to fix windows build.
2828
2829         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2830
2831 2011-01-25  Antti Koivisto  <antti@apple.com>
2832
2833         Reviewed by Oliver Hunt.
2834
2835         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
2836         https://bugs.webkit.org/show_bug.cgi?id=53061
2837          
2838         Cache did not know about the subclass so failed to fully delete the items. 
2839         Got rid of the subclass and moved the classes to separate files.
2840
2841         * CMakeLists.txt:
2842         * GNUmakefile.am:
2843         * JavaScriptCore.exp:
2844         * JavaScriptCore.gypi:
2845         * JavaScriptCore.pro:
2846         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2847         * JavaScriptCore.xcodeproj/project.pbxproj:
2848         * parser/JSParser.cpp:
2849         (JSC::JSParser::Scope::saveFunctionInfo):
2850         (JSC::JSParser::Scope::restoreFunctionInfo):
2851         (JSC::JSParser::findCachedFunctionInfo):
2852         (JSC::JSParser::parseFunctionInfo):
2853         * parser/SourceProvider.h:
2854         * parser/SourceProviderCache.cpp: Added.
2855         (JSC::SourceProviderCache::~SourceProviderCache):
2856         (JSC::SourceProviderCache::byteSize):
2857         * parser/SourceProviderCache.h: Added.
2858         (JSC::SourceProviderCache::SourceProviderCache):
2859         (JSC::SourceProviderCache::add):
2860         (JSC::SourceProviderCache::get):
2861         * parser/SourceProviderCacheItem.h: Added.
2862         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
2863         (JSC::SourceProviderCacheItem::approximateByteSize):
2864         (JSC::SourceProviderCacheItem::closeBraceToken):
2865
2866 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
2867
2868         Reviewed by Darin Adler.
2869
2870         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
2871         statement
2872         https://bugs.webkit.org/show_bug.cgi?id=53087.
2873
2874         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
2875         with a "return" so that the code is more readable and less error pro
2876         (e.g., "else" doesn't use braces so adding extra lines to the else
2877         block won't have any effect; even worse, code still compiles
2878         successfully.
2879
2880         * wtf/Assertions.cpp:
2881
2882 2011-01-24  Chris Marrin  <cmarrin@apple.com>
2883
2884         Reviewed by Eric Seidel.
2885
2886         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
2887         https://bugs.webkit.org/show_bug.cgi?id=53041
2888
2889         * Configurations/FeatureDefines.xcconfig:
2890
2891 2011-01-25  Adam Roben  <aroben@apple.com>
2892
2893         Windows Production build fix
2894
2895         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
2896
2897 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
2898
2899         Reviewed by Eric Seidel.
2900
2901         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
2902         https://bugs.webkit.org/show_bug.cgi?id=52949
2903
2904         * jit/JITStubs.cpp:
2905
2906 2011-01-24  Adam Roben  <aroben@apple.com>
2907
2908         Windows Production build fix
2909
2910         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
2911
2912 2011-01-24  Peter Varga  <pvarga@webkit.org>
2913
2914         Reviewed by Oliver Hunt.
2915
2916         Optimize regex patterns which contain empty alternatives
2917         https://bugs.webkit.org/show_bug.cgi?id=51395
2918
2919         Eliminate the empty alternatives from the regex pattern and convert it to do
2920         the matching in an easier way.
2921
2922         * yarr/YarrPattern.cpp:
2923         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2924
2925 2011-01-24  Andras Becsi  <abecsi@webkit.org>
2926
2927         Reviewed by Csaba Osztrogonác.
2928
2929         [Qt] Move project files into Source
2930         https://bugs.webkit.org/show_bug.cgi?id=52891
2931
2932         * JavaScriptCore.pri:
2933         * JavaScriptCore.pro:
2934         * jsc.pro:
2935
2936 2011-01-23  Mark Rowe  <mrowe@apple.com>
2937
2938         Follow-up to r76477.
2939
2940         Fix the scripts that detect problematic code such as static initializers
2941         and destructors, weak vtables, inappropriate files in the framework wrappers,
2942         and public headers including private headers. These had all been broken
2943         since the projects were moved in to the Source directory as the paths to the
2944         scripts were not updated at that time.
2945
2946         * JavaScriptCore.xcodeproj/project.pbxproj:
2947
2948 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2949
2950         Reviewed by Darin Adler.
2951
2952         Use WTF::StringHasher in WebCore
2953         https://bugs.webkit.org/show_bug.cgi?id=52934
2954
2955         Add an additional function to calculate the hash
2956         of data with a runtimedependent size.
2957
2958         * wtf/StringHasher.h:
2959         (WTF::StringHasher::createBlobHash):
2960
2961 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2962
2963         Reviewed by David Kilzer.
2964
2965         Fix comment in String::ascii()
2966         https://bugs.webkit.org/show_bug.cgi?id=52980
2967
2968         * wtf/text/WTFString.cpp:
2969         (WTF::String::ascii):
2970
2971 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2972
2973         Reviewed by David Kilzer.
2974
2975         Add String::containsOnlyLatin1()
2976         https://bugs.webkit.org/show_bug.cgi?id=52979
2977
2978         * wtf/text/WTFString.h:
2979         (WTF::String::containsOnlyLatin1):
2980         (WTF::charactersAreAllLatin1):
2981
2982 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2983
2984         Reviewed by Oliver Hunt.
2985
2986         Remove obsolete JSVALUE32 code
2987         https://bugs.webkit.org/show_bug.cgi?id=52948
2988
2989         r70111 removed support for JSVALUE32.
2990         ARM, MIPS and X86 support JSVALUE32_64 only.
2991
2992         * jit/JITStubs.cpp:
2993
2994 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2995
2996         Reviewed by Dan Bernstein.
2997
2998         ASSERT running run-webkit-tests --threaded.
2999         https://bugs.webkit.org/show_bug.cgi?id=52971
3000         
3001         SunSpider and v8 report no change.
3002
3003         * runtime/ConservativeSet.cpp:
3004         (JSC::ConservativeSet::grow):
3005         (JSC::ConservativeSet::add):
3006         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
3007         the growth policy to 2X, to make SunSpider and v8 happy.
3008         (JSC::ConservativeSet::ConservativeSet):
3009         (JSC::ConservativeSet::~ConservativeSet):
3010         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
3011         Malloc is forbidden during a multi-threaded mark phase because it can
3012         cause deadlock.
3013
3014 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3015
3016         Reviewed by Geoffrey Garen.
3017
3018         Rubber-stamped by Maciej Stachowiak.
3019
3020         A few of Maciej's review suggestions for my last patch.
3021         https://bugs.webkit.org/show_bug.cgi?id=52946        
3022
3023         SunSpider reports no change.
3024
3025         * Android.mk:
3026         * CMakeLists.txt:
3027         * GNUmakefile.am:
3028         * JavaScriptCore.gypi:
3029         * JavaScriptCore.pro:
3030         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3031         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
3032
3033         * runtime/ConservativeSet.cpp: Added.
3034         (JSC::isPointerAligned):
3035         (JSC::ConservativeSet::add):
3036         * runtime/ConservativeSet.h: Added.
3037         (JSC::ConservativeSet::ConservativeSet):
3038         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
3039         file, and moved the conservative check into ConservativeSet::add, making
3040         ConservativeSet's responsibility clearer.
3041
3042         * runtime/Heap.cpp:
3043         (JSC::Heap::markRoots):
3044         * runtime/MachineStackMarker.cpp:
3045         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3046         (JSC::MachineStackMarker::markOtherThreadConservatively):
3047         * runtime/MachineStackMarker.h:
3048         * runtime/MarkStack.h: Updated for changes above.
3049
3050 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
3051
3052         Unreviewed WinCE build fix for r76430.
3053
3054         * runtime/MachineStackMarker.cpp:
3055         (JSC::swapIfBackwards):
3056
3057 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3058
3059         Reviewed by Beth Dakin.
3060
3061         Reorganized MarkedSpace, making many of its functions private.
3062
3063         * runtime/JSCell.h:
3064         (JSC::JSCell::Heap::heap):
3065         * runtime/MarkedSpace.h:
3066         (JSC::MarkedSpace::globalData):
3067         (JSC::MarkedSpace::heap):
3068
3069 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3070
3071         Try to fix build: moved helper function out of #ifdef.
3072
3073         * runtime/MachineStackMarker.cpp:
3074         (JSC::swapIfBackwards):
3075
3076 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3077
3078         Rubber-stamped by Maciej Stachowiak.
3079
3080         A few of Maciej's review suggestions for my last patch.
3081         https://bugs.webkit.org/show_bug.cgi?id=52946        
3082
3083         SunSpider reports no change.
3084
3085         * runtime/MachineStackMarker.cpp:
3086         (JSC::swapIfBackwards): Added a helper function for handling platforms
3087         where the stack can grow in any direction.
3088
3089         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3090         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
3091         function.
3092
3093         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
3094
3095         (JSC::MachineStackMarker::markConservatively): Changed to use a more
3096         standard looping idiom, and to use the helper function above.
3097
3098         * runtime/MarkedSpace.h:
3099         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
3100
3101 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3102
3103         Reviewed by Maciej Stachowiak.
3104
3105         Cleaned up some conservative marking code.
3106         https://bugs.webkit.org/show_bug.cgi?id=52946
3107         
3108         SunSpider reports no change.
3109
3110         * interpreter/RegisterFile.h: No need for a special marking function,
3111         since we already expose a start() and end().
3112
3113         * runtime/Heap.cpp:
3114         (JSC::Heap::registerFile):
3115         (JSC::Heap::markRoots):
3116         * runtime/Heap.h:
3117         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3118         marker class. Now, Heap just provides a contains() function, which the
3119         machine stack marker uses for checking whether a pointer points into the heap.
3120
3121         * runtime/MachineStackMarker.cpp:
3122         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3123         (JSC::MachineStackMarker::markOtherThreadConservatively):
3124         (JSC::isPointerAligned):
3125         (JSC::MachineStackMarker::markConservatively):
3126         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3127
3128         * runtime/MarkStack.h:
3129         (JSC::ConservativeSet::add):
3130         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3131         set. Vector seems to be a bit faster, and it generates smaller code.
3132
3133         * runtime/MarkedSpace.cpp:
3134         (JSC::MarkedSpace::containsSlowCase):
3135         * runtime/MarkedSpace.h:
3136         (JSC::MarkedSpace::isCellAligned):
3137         (JSC::MarkedSpace::isPossibleCell):
3138         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3139         pointer pointed into marked space, and moved the code for marking
3140         a set of conservative pointers into the machine stack marker.
3141
3142         * wtf/HashSet.h:
3143         (WTF::::add): Added two missing inlines that I noticed while testing
3144         vector vs hash set.
3145
3146 2011-01-21  Mark Rowe  <mrowe@apple.com>
3147
3148         Reviewed by Sam Weinig.
3149
3150         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3151         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3152
3153         * wtf/PageAllocation.h:
3154         (WTF::PageAllocation::operator bool):
3155         * wtf/PageReservation.h:
3156         (WTF::PageReservation::operator bool):
3157
3158 2011-01-21  Michael Saboff  <msaboff@apple.com>
3159
3160         Reviewed by Oliver Hunt.
3161
3162         [RegexFuzz] Hang with forward assertion
3163         https://bugs.webkit.org/show_bug.cgi?id=52825
3164         <rdar://problem/8894332>
3165
3166         The backtrackTo label from the first term in a list of terms is
3167         being overwritten by processing of subsequent terms.  Changed
3168         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3169         before copying and renamed it to propagateBacktrackToLabel() since
3170         it no longer copies.
3171
3172         * yarr/YarrJIT.cpp:
3173         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3174         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3175
3176 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3177
3178         Reviewed by Sam Weinig.
3179
3180         Moved the mark stack from global data to the heap, since it pertains
3181         to the heap, and not the virtual machine as a whole.
3182         https://bugs.webkit.org/show_bug.cgi?id=52930
3183         
3184         SunSpider reports no change.
3185
3186         * runtime/Heap.cpp:
3187         (JSC::Heap::Heap):
3188         (JSC::Heap::markRoots):
3189         * runtime/Heap.h:
3190         * runtime/JSGlobalData.cpp:
3191         (JSC::JSGlobalData::JSGlobalData):
3192         * runtime/JSGlobalData.h:
3193
3194 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3195
3196         Reviewed by Darin Adler.
3197
3198         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3199         https://bugs.webkit.org/show_bug.cgi?id=52814
3200
3201         Get the approximateByteSize value before releasing the OwnPtr.
3202
3203         * parser/JSParser.cpp:
3204         (JSC::JSParser::parseFunctionInfo):
3205
3206 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3207
3208         Reviewed by Martin Robinson.
3209
3210         Remove unnecessary <stdio.h> include
3211         https://bugs.webkit.org/show_bug.cgi?id=52884
3212
3213         * jit/JIT.cpp: remove unnecessary include.
3214
3215 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3216
3217         Reviewed by Maciej Stachowiak.
3218
3219         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3220
3221         * wtf/OwnArrayPtr.h:
3222
3223 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3224
3225         Reviewed by Oliver Hunt.
3226
3227         [WINCE] Remove obsolete JSVALUE32 code
3228         https://bugs.webkit.org/show_bug.cgi?id=52450
3229
3230         Remove the "offset hack" in create_jit_stubs, since we
3231         only support JSVALUE32_64 in the meantime.
3232
3233         * create_jit_stubs: Removed offset argument
3234         * jit/JITStubs.cpp:
3235
3236 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3237
3238         Reviewed by Oliver Hunt.
3239
3240         When marking conservatively, guard against reviving dead objects.
3241         https://bugs.webkit.org/show_bug.cgi?id=52840
3242         
3243         SunSpider and v8 say no change.
3244
3245         * interpreter/RegisterFile.h:
3246         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3247
3248         * runtime/Heap.cpp:
3249         (JSC::Heap::recordExtraCost): No need to guard against conservative
3250         marking reviving dead objects anymore, since the conservative marking
3251         mechanism guards against this now.
3252
3253         (JSC::Heap::markConservatively):
3254         (JSC::Heap::markProtectedObjects):
3255         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3256         marking function. We want to establish a separation of concerns between
3257         visiting roots and draining the mark stack.
3258
3259         (JSC::Heap::markRoots): Gather the set of conservative references before
3260         clearning mark bits, because conservative marking now uses the mark bits
3261         to determine if a reference is valid, and avoid reviving dead objects.
3262
3263         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3264         marking reviving dead objects anymore, since the conservative marking
3265         mechanism guards against this now.
3266
3267         * runtime/Heap.h: Updated to use the ConservativeSet API.
3268
3269         * runtime/MachineStackMarker.cpp:
3270         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3271         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3272         (JSC::MachineStackMarker::markOtherThreadConservatively):
3273         (JSC::MachineStackMarker::markMachineStackConservatively):
3274         * runtime/MachineStackMarker.h: Ditto.
3275
3276         * runtime/MarkStack.h:
3277         (JSC::ConservativeSet::add):
3278         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3279         set of conservative references. This is different from MarkStack, since
3280         we don't mark the set until it is completely gathered.
3281
3282         * runtime/MarkedSpace.cpp:
3283         (JSC::MarkedSpace::freeBlock):
3284         (JSC::MarkedSpace::resizeBlocks):
3285         (JSC::MarkedSpace::markConservatively):
3286         * runtime/MarkedSpace.h: When marking conservatively, guard against
3287         reviving dead objects.
3288
3289 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3290
3291         Reviewed by Geoffrey Garen.
3292
3293         [Symbian] Fix StackBounds::initialize()
3294         https://bugs.webkit.org/show_bug.cgi?id=52842
3295
3296         * wtf/StackBounds.cpp:
3297         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3298
3299 2011-01-20  Michael Saboff  <msaboff@apple.com>
3300
3301         Reviewed by Oliver Hunt.
3302
3303         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3304         https://bugs.webkit.org/show_bug.cgi?id=52773
3305
3306         Fixed case where an existing DataLabelPtr is overwritten.  The
3307         replacing DataLabelPtr is now resolved immediately in
3308         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3309         return value for the routine as it was never used.
3310
3311         * yarr/YarrJIT.cpp:
3312         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3313
3314 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3315
3316         Reviewed by Csaba Osztrogonác.
3317
3318         [Qt][WK2] WebKit2 enabled build fails to link
3319
3320         Work around undefined reference linking issues until the buildsystem gets redesigned.
3321         These issues first occured in minimal builds (see BUG 50519).
3322
3323         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3324
3325 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3326
3327         Reviewed by Csaba Osztrogonác.
3328
3329         Refactoring of the custom allocation framework
3330         https://bugs.webkit.org/show_bug.cgi?id=49897
3331
3332         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3333         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3334         equivalent macro implementation at the necessary places.
3335
3336         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3337
3338 2011-01-20  Mark Rowe  <mrowe@apple.com>
3339
3340         Reviewed by Maciej Stachowiak.
3341
3342         Follow-up to r75766 / <rdar://problem/5469576>.
3343
3344         We were failing to initialize the key, causing all sorts of unexpected behavior.
3345
3346         * wtf/FastMalloc.cpp:
3347         (WTF::setThreadHeap):
3348         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3349         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3350
3351 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3352
3353         Reviewed by Darin Adler.
3354
3355         Rolled back in r76078, with crash fixed.
3356         https://bugs.webkit.org/show_bug.cgi?id=52668
3357         
3358         * runtime/JSGlobalObject.cpp:
3359         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3360         object moves its variables into and out of the register file. While out
3361         of the register file, the symbol table's size is not an accurate count
3362         for the size of the register array, since the BytecodeGenerator might
3363         be compiling, adding items to the symbol table.
3364         
3365 2011-01-18  Darin Adler  <darin@apple.com>
3366
3367         Reviewed by Geoffrey Garen.
3368
3369         Stack overflow when converting an Error object to string
3370         https://bugs.webkit.org/show_bug.cgi?id=46410
3371
3372         * Android.mk: Added StringRecursionChecker.cpp and
3373         StringRecursionChecker.h.
3374         * CMakeLists.txt: Ditto.
3375         * GNUmakefile.am: Ditto.
3376         * JavaScriptCore.gypi: Ditto.
3377         * JavaScriptCore.pro: Ditto.
3378         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3379         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3380
3381         * runtime/ArrayPrototype.cpp:
3382         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3383         of the older hand-written code to do the same thing.
3384         (JSC::arrayProtoFuncToLocaleString): Ditto.
3385         (JSC::arrayProtoFuncJoin): Ditto.
3386
3387         * runtime/ErrorPrototype.cpp:
3388         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3389
3390         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3391         stringRecursionCheckVisitedObjects.
3392
3393         * runtime/RegExpPrototype.cpp:
3394         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3395
3396         * runtime/StringRecursionChecker.cpp: Added.
3397         * runtime/StringRecursionChecker.h: Added.
3398
3399 2011-01-19  Oliver Hunt  <oliver@apple.com>
3400
3401         Reviewed by Gavin Barraclough.
3402
3403         Remove non-spec support for callable RegExp
3404         https://bugs.webkit.org/show_bug.cgi?id=28285
3405
3406         Remove support for callable regexps.  If it breaks sites we can
3407         just roll this out.
3408
3409         * runtime/RegExpObject.cpp:
3410         * runtime/RegExpObject.h:
3411         * tests/mozilla/expected.html: update results.
3412
3413 2011-01-19  Antti Koivisto  <antti@apple.com>
3414
3415         Reviewed by Oliver Hunt.
3416
3417         Cache function offsets to speed up javascript parsing
3418         https://bugs.webkit.org/show_bug.cgi?id=52622
3419         
3420         Use cache to save function offsets and some other info.
3421         This avoids quite a bit of work when reparsing the source.
3422
3423         * parser/ASTBuilder.h:
3424         * parser/JSParser.cpp:
3425         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3426         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3427         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3428         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3429         (JSC::JSParser::Scope::saveFunctionInfo):
3430         (JSC::JSParser::Scope::restoreFunctionInfo):
3431         (JSC::JSParser::findCachedFunctionInfo):
3432         (JSC::JSParser::JSParser):
3433         (JSC::JSParser::parseProgram):
3434         (JSC::JSParser::parseFunctionInfo):
3435         * parser/Lexer.h:
3436         (JSC::Lexer::setOffset):
3437         (JSC::Lexer::setLineNumber):
3438         (JSC::Lexer::sourceProvider):
3439         * parser/SourceProvider.h:
3440         (JSC::SourceProviderCache::SourceProviderCache):
3441         (JSC::SourceProviderCache::~SourceProviderCache):
3442         (JSC::SourceProviderCache::byteSize):
3443         (JSC::SourceProviderCache::add):
3444         (JSC::SourceProviderCache::get):
3445         (JSC::SourceProvider::SourceProvider):
3446         (JSC::SourceProvider::~SourceProvider):
3447         (JSC::SourceProvider::cache):
3448         (JSC::SourceProvider::notifyCacheSizeChanged):
3449         (JSC::SourceProvider::cacheSizeChanged):
3450         * parser/SyntaxChecker.h:
3451
3452 2011-01-19  Mark Rowe  <mrowe@apple.com>
3453
3454         Reviewed by Darin Adler.
3455
3456         Follow-up to r75766 / <rdar://problem/5469576>.
3457
3458         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3459
3460 2011-01-19  Oliver Hunt  <oliver@apple.com>
3461
3462         Reviewed by Gavin Barraclough.
3463
3464         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3465         https://bugs.webkit.org/show_bug.cgi?id=52672
3466
3467         Rather than coming up with a somewhat convoluted mechanism to ensure that
3468         developers can override the global objects prototype with a function named
3469         __proto__ and expect it to work, we just disallow it at the syntax level.
3470
3471         * parser/JSParser.cpp:
3472         (JSC::JSParser::parseFunctionInfo):
3473
3474 2011-01-19  Michael Saboff  <msaboff@apple.com>
3475
3476         Reviewed by Darin Adler.
3477
3478         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
3479         https://bugs.webkit.org/show_bug.cgi?id=52675
3480
3481         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3482         broke simple backtracking in some cases.  Reworked that change to 
3483         link both jumps and labels.
3484
3485         * yarr/YarrJIT.cpp:
3486         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3487         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3488         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3489
3490 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3491
3492         Reviewed by Yury Semikhatsky.
3493
3494         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3495         https://bugs.webkit.org/show_bug.cgi?id=52721
3496
3497         * debugger/Debugger.cpp:
3498         (JSC::Debugger::recompileAllJSFunctions):
3499         * debugger/Debugger.h:
3500         * parser/Parser.h:
3501         (JSC::Parser::parse):
3502         * parser/SourceCode.h:
3503         (JSC::SourceCode::SourceCode):
3504         * parser/SourceProvider.h:
3505         (JSC::SourceProvider::startPosition):
3506
3507 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3508
3509         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3510
3511         [Qt] Remove unnecessary "../Source" from paths
3512         after moving source files into Source is finished.
3513
3514         * JavaScriptCore.pri:
3515
3516 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3517
3518         Reviewed by Darin Adler.
3519
3520         Don't return void from void function String::split
3521         https://bugs.webkit.org/show_bug.cgi?id=52684
3522
3523         * wtf/text/WTFString.cpp:
3524         (WTF::String::split):
3525
3526 2011-01-18  Kenneth Russell  <kbr@google.com>
3527
3528         Unreviewed, rolling out r76078.
3529         http://trac.webkit.org/changeset/76078
3530         https://bugs.webkit.org/show_bug.cgi?id=52668
3531
3532         Caused crashes of fast/canvas/webgl/constants.html,
3533         fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
3534         test crashes in Release mode. WebGL crashes were observed with
3535         "run-webkit-tests fast/canvas/webgl". It was necessary to run
3536         multiple tests to provoke the crash.
3537
3538         * interpreter/RegisterFile.h:
3539         (JSC::RegisterFile::markGlobals):
3540         * runtime/JSActivation.cpp:
3541         (JSC::JSActivation::markChildren):
3542         * runtime/JSGlobalObject.cpp:
3543         (JSC::JSGlobalObject::markChildren):
3544