9b9cc2f76fd470d286ee8009ae2558b7a5b04850
[WebKit.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-04  David Kilzer  <ddkilzer@apple.com>
2
3         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
4         <http://webkit.org/b/53779>
5
6         Reviewed by Darin Adler.
7
8         Support for JSVALUE32 was originaly removed in r70111.
9
10         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
11         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
12         JavaScriptCore.JSVALUE64.exp to match Platform.h.
13         * DerivedSources.make: Removed rule for
14         JavaScriptCore.JSVALUE32.exp.
15         * JavaScriptCore.JSVALUE32only.exp: Removed.
16         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
17         to JavaScriptCore.JSVALUE32only.exp.
18
19 2011-02-04  David Kilzer  <ddkilzer@apple.com>
20
21         Use static_cast and other style cleanup in YarrInterpreter.cpp
22         <http://webkit.org/b/53772>
23
24         Reviewed by John Sullivan.
25
26         * yarr/YarrInterpreter.cpp:
27         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
28         static_cast.
29         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
30         unnecessary else block.
31         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
32         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
33         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
34
35 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
36
37         Unreviewed, rolling out r77625 and r77626.
38         http://trac.webkit.org/changeset/77625
39         http://trac.webkit.org/changeset/77626
40         https://bugs.webkit.org/show_bug.cgi?id=53765
41
42         It broke Windows builds (Requested by Ossy_ on #webkit).
43
44         * JavaScriptCore.exp:
45         * JavaScriptCore.gyp/JavaScriptCore.gyp:
46         * JavaScriptCore.gypi:
47         * JavaScriptCore.pro:
48         * JavaScriptCore.xcodeproj/project.pbxproj:
49         * create_regex_tables:
50         * runtime/RegExp.cpp:
51         * wtf/Platform.h:
52         * yarr/Yarr.h:
53         * yarr/YarrJIT.cpp:
54         * yarr/YarrJIT.h:
55         * yarr/YarrParser.h:
56         * yarr/YarrPattern.h:
57         * yarr/YarrSyntaxChecker.h:
58         * yarr/yarr.pri: Removed.
59
60 2011-02-04  Jessie Berlin  <jberlin@apple.com>
61
62         Windows build fix. Unreviewed.
63
64         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
65
66 2011-02-04  Peter Varga  <pvarga@webkit.org>
67
68         Reviewed by Gavin Barraclough.
69
70         Replace PCRE with Yarr in WebCore
71         https://bugs.webkit.org/show_bug.cgi?id=53496
72
73         * JavaScriptCore.exp:
74         * JavaScriptCore.gyp/JavaScriptCore.gyp:
75         * JavaScriptCore.gypi:
76         * JavaScriptCore.pro:
77         * JavaScriptCore.xcodeproj/project.pbxproj:
78         * create_regex_tables:
79         * runtime/RegExp.cpp:
80         * wtf/Platform.h:
81         * yarr/Yarr.h:
82         * yarr/YarrJIT.cpp:
83         * yarr/YarrJIT.h:
84         * yarr/YarrParser.h:
85         * yarr/YarrPattern.h:
86         * yarr/YarrSyntaxChecker.h:
87         * yarr/yarr.pri: Added.
88
89 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
90
91         Unreviewed rollout two patches r77614 and r77612.
92
93         REGRESSION: Snow Leopard Intell Release anumber of failing tests.
94
95         * runtime/Heap.cpp:
96         (JSC::Heap::Heap):
97         (JSC::Heap::reset):
98         * runtime/Heap.h:
99         * runtime/MarkedSpace.cpp:
100         (JSC::MarkedSpace::allocate):
101         (JSC::MarkedSpace::sweep):
102         (JSC::MarkedSpace::reset):
103         * runtime/MarkedSpace.h:
104
105 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
106
107         Try to fix 32bit build.
108
109         * runtime/Heap.cpp:
110         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
111         since 1.5 is double (64bit), and the result is size_t (32bit).
112
113 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
114
115         Reviewed by Cameron Zwarich.
116
117         Changed MarkedSpace to delegate grow/shrink decisions to Heap
118         https://bugs.webkit.org/show_bug.cgi?id=53759
119         
120         SunSpider reports no change.
121         
122         * runtime/Heap.cpp:
123         (JSC::Heap::Heap):
124         (JSC::Heap::reset):
125         * runtime/Heap.h: Reorganized a few data members for better cache locality.
126         Added a grow policy.
127         
128         * runtime/MarkedSpace.cpp:
129         (JSC::MarkedSpace::allocate):
130         (JSC::MarkedSpace::sweep):
131         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
132         the heap to make an explicit sweep call.
133
134         * runtime/MarkedSpace.h:
135         (JSC::MarkedSpace::highWaterMark):
136         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
137         many bytes to allocate before failing and giving the heap an opportunity
138         to collect garbage. This also means that we allocate blocks on demand,
139         instead of ahead of time.
140
141 2011-02-03  James Kozianski  <koz@chromium.org>
142
143         Reviewed by Dimitri Glazkov.
144
145         Add navigator.registerProtocolHandler behind a flag.
146         https://bugs.webkit.org/show_bug.cgi?id=52609
147
148         * Configurations/FeatureDefines.xcconfig:
149
150 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
151
152         Reviewed by Oliver Hunt.
153
154         Not all blocks are freed when the heap is freed (counting is hard!)
155         https://bugs.webkit.org/show_bug.cgi?id=53732
156
157         * runtime/MarkedSpace.cpp:
158         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
159         keep freeing block 0 until there are no blocks left.
160
161 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
162
163         Try to fix the Mac build.
164
165         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
166         needs to be private, not project, so other projects can include headers
167         that depend on it.
168
169 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
170
171         Reviewed by Sam Weinig.
172
173         Start using MarkedBlock instead of CollectorBlock
174         https://bugs.webkit.org/show_bug.cgi?id=53693
175         
176         SunSpider reports no change.
177         
178         * runtime/MarkedBlock.h:
179         (JSC::MarkedBlock::blockFor):
180         (JSC::MarkedBlock::setMarked):
181         (JSC::MarkedBlock::isCellAligned):
182         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
183
184         * runtime/MarkedSpace.cpp:
185         (JSC::MarkedSpace::allocateBlock):
186         (JSC::MarkedSpace::containsSlowCase):
187         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
188
189         * runtime/MarkedSpace.h:
190         (JSC::CollectorHeap::collectorBlock):
191         (JSC::MarkedSpace::heap):
192         (JSC::MarkedSpace::isMarked):
193         (JSC::MarkedSpace::testAndSetMarked):
194         (JSC::MarkedSpace::setMarked):
195         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
196         and deleted dead CollectorBlock-related code.
197
198 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
199
200         Reviewed by Darin Adler.
201
202         Avoid strlen() in AtomicString::fromUTF8
203         https://bugs.webkit.org/show_bug.cgi?id=50516
204
205         Add an overload to calculateStringHashFromUTF8 to get
206         strlen() of the input data with only one call.
207
208         This change shows about 3% performance win on the xml-parser benchmark.
209
210         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
211         * wtf/text/AtomicString.cpp:
212         (WTF::AtomicString::fromUTF8):
213         * wtf/unicode/UTF8.cpp:
214         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
215         (WTF::Unicode::calculateStringHashFromUTF8):
216         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
217         * wtf/unicode/UTF8.h:
218
219 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
220
221         Windows build fix.
222
223         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
224
225 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
226
227         oops, build fix!
228
229         * wtf/Assertions.cpp:
230
231 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
232
233         Reviewed by Sam Weinig.
234
235         Bug 53650 - Add a BACKTRACE macro to Assertions.h
236
237         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
238         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
239
240         * JavaScriptCore.exp:
241         * wtf/Assertions.cpp:
242         * wtf/Assertions.h:
243
244 2011-02-02  Michael Saboff  <msaboff@apple.com>
245
246         Reviewed by Gavin Barraclough.
247
248         Improper backtrack of nested non-capturing greedy paren to prior paren
249         https://bugs.webkit.org/show_bug.cgi?id=53261
250
251         A paren that follows a non-capturing greedy paren nested within a 
252         non-capturing fixed paren was back tracking to the last paren 
253         processed instead of the immediately prior paren.
254         Refactored default backtracking of parens to prior paren to work for
255         both nested (within) and immediately prior (after) parens.
256
257         * yarr/YarrJIT.cpp:
258         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
259         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
260         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
261         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
262         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
263         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
264         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
265         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
266         (JSC::Yarr::YarrGenerator::generateDisjunction):
267
268 2011-02-02  Jeff Miller  <jeffm@apple.com>
269
270         Reviewed by Darin Adler and Steve Falkenburg.
271
272         Add DerivedSources.make to some Visual Studio projects
273         https://bugs.webkit.org/show_bug.cgi?id=53607
274
275         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
276
277 2011-02-02  Steve Lacey  <sjl@chromium.org>
278
279         Reviewed by Eric Carlson.
280
281         Implement basic media statistics on media elements.
282         https://bugs.webkit.org/show_bug.cgi?id=53322
283
284         * Configurations/FeatureDefines.xcconfig:
285
286 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
287
288         [wx] Build fixes for wxWebKit.
289
290         * wtf/wx/StringWx.cpp:
291         (WTF::String::String):
292
293 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
294
295         Reviewed by Sam Weinig.
296
297         A little more Heap refactoring
298         https://bugs.webkit.org/show_bug.cgi?id=53577
299         
300         SunSpider reports no change.
301         
302         Split out MarkedBlock into its own file / class.
303         
304         Did the following renames:
305             isCellMarked => isMarked
306             checkMarkCell => testAndSetMarked
307             markCell => setMarked
308             cellOffset => cellNumber
309             collectorBlock => blockFor
310
311         * Android.mk:
312         * CMakeLists.txt:
313         * GNUmakefile.am:
314         * JavaScriptCore.gypi:
315         * JavaScriptCore.pro:
316         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
317         * JavaScriptCore.xcodeproj/project.pbxproj:
318         * runtime/Heap.cpp:
319         (JSC::WeakGCHandlePool::update):
320         * runtime/Heap.h:
321         (JSC::Heap::isMarked):
322         (JSC::Heap::testAndSetMarked):
323         (JSC::Heap::setMarked):
324         * runtime/JSArray.h:
325         (JSC::MarkStack::markChildren):
326         (JSC::MarkStack::drain):
327         * runtime/JSCell.h:
328         (JSC::JSCell::MarkStack::internalAppend):
329         * runtime/MarkedBlock.cpp: Added.
330         * runtime/MarkedBlock.h: Added.
331         (JSC::MarkedBlock::blockFor):
332         (JSC::MarkedBlock::cellNumber):
333         (JSC::MarkedBlock::isMarked):
334         (JSC::MarkedBlock::testAndSetMarked):
335         (JSC::MarkedBlock::setMarked):
336         (JSC::MarkedBlock::isCellAligned):
337         (JSC::MarkedBlock::isPossibleCell):
338         * runtime/MarkedSpace.h:
339         (JSC::MarkedSpace::isMarked):
340         (JSC::MarkedSpace::testAndSetMarked):
341         (JSC::MarkedSpace::setMarked):
342         * runtime/SmallStrings.cpp:
343         (JSC::isMarked):
344         * runtime/WeakGCMap.h:
345         (JSC::WeakGCMap::isValid):
346         (JSC::::get):
347         (JSC::::take):
348         (JSC::::set):
349
350 2011-02-02  Sam Weinig  <sam@webkit.org>
351
352         Fix windows clean build.
353
354         * DerivedSources.make:
355
356 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
357
358         Reviewed by Martin Robinson.
359
360         [GTK] Fix dist compilation
361         https://bugs.webkit.org/show_bug.cgi?id=53579
362
363         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
364         added in r77151
365
366 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
367
368         Unreviewed, rolling out r77297.
369         http://trac.webkit.org/changeset/77297
370         https://bugs.webkit.org/show_bug.cgi?id=53538
371
372         caused leopard crashes (Requested by paroga on #webkit).
373
374         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
375         * wtf/text/AtomicString.cpp:
376         (WTF::AtomicString::fromUTF8):
377         * wtf/unicode/UTF8.cpp:
378         (WTF::Unicode::calculateStringHashFromUTF8):
379         * wtf/unicode/UTF8.h:
380
381 2011-02-01  Sam Weinig  <sam@webkit.org>
382
383         Fix Mac production builds.
384
385         * JavaScriptCore.xcodeproj/project.pbxproj:
386
387 2011-02-01  Sam Weinig  <sam@webkit.org>
388
389         Try to fix the windows build.
390
391         * DerivedSources.make:
392
393 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
394
395         Reviewed by Darin Adler.
396
397         Avoid strlen() in AtomicString::fromUTF8
398         https://bugs.webkit.org/show_bug.cgi?id=50516
399
400         Add an overload to calculateStringHashFromUTF8 to get
401         strlen() of the input data with only one call.
402
403         This change shows about 3% performance win on the xml-parser benchmark.
404
405         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
406         * wtf/text/AtomicString.cpp:
407         (WTF::AtomicString::fromUTF8):
408         * wtf/unicode/UTF8.cpp:
409         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
410         (WTF::Unicode::calculateStringHashFromUTF8):
411         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
412         * wtf/unicode/UTF8.h:
413
414 2011-02-01  Sam Weinig  <sam@webkit.org>
415
416         Reviewed by Beth Dakin.
417
418         Part 2 for <rdar://problem/8492788>
419         Adopt WKScrollbarPainterController
420
421         Use header detection to define scrollbar painting controller #define.
422
423         * DerivedSources.make:
424         * JavaScriptCore.xcodeproj/project.pbxproj:
425
426 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
427
428         Reviewed by Oliver Hunt.
429
430         Refactor JSGlobalObject-related tear-down
431         https://bugs.webkit.org/show_bug.cgi?id=53478
432         
433         While investigating crashes caused by r77082, I noticed some strange
434         destructor-time behaviors. This patch makes them less strange.
435
436         * bytecode/CodeBlock.cpp:
437         (JSC::CodeBlock::CodeBlock):
438         (JSC::CodeBlock::markAggregate):
439         * bytecode/CodeBlock.h:
440         (JSC::CodeBlock::globalObject):
441         (JSC::GlobalCodeBlock::GlobalCodeBlock):
442         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
443         blocks on the Heap, instead of on independent global objects. The heap
444         is guaranteed to outlast any GC-owned data structure. The heap is also
445         a natural place to store objects that needs out-of-band marking, since
446         the heap is responsible for marking all roots.
447
448         * runtime/Heap.cpp:
449         (JSC::Heap::markRoots):
450         (JSC::Heap::globalObjectCount):
451         (JSC::Heap::protectedGlobalObjectCount):
452         * runtime/Heap.h:
453         (JSC::Heap::codeBlocks):
454         * runtime/JSGlobalData.cpp:
455         (JSC::JSGlobalData::JSGlobalData):
456         * runtime/JSGlobalData.h:
457         * runtime/JSGlobalObject.cpp:
458         (JSC::JSGlobalObject::~JSGlobalObject):
459         (JSC::JSGlobalObject::init):
460         (JSC::JSGlobalObject::markChildren):
461         * runtime/JSGlobalObject.h:
462         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
463         owned by JSGlobalData, instead of an instrusive circular linked list.
464         This is simpler, and it avoids destructor-time access between garbage
465         collected objects, which is hard to get right.
466
467         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
468         everything down. Otherwise, weak data structures will incorrectly report
469         that objects pending destruction are still alive.
470
471 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
472
473         Reviewed by Oliver Hunt.
474
475         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
476         bot; loading trac pages; typing in search field
477         https://bugs.webkit.org/show_bug.cgi?id=53519
478         
479         The crashes were all caused by failure to run an object's destructor.
480
481         * runtime/CollectorHeapIterator.h:
482         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
483         construction. The iterator class used to do that when it was designed
484         for prior-to-beginning initialization. I forgot to remove this line
485         of code when I changed the iterator to normal initialization.
486         
487         Skipping forward upon construction was causing the heap to skip running
488         the destructor for the very first object in a block when destroying the
489         block. This usually did not crash, since block destruction is rare and
490         most objects have pretty trivial destructors. However, in the rare case
491         when the heap would destroy a block whose first object was a global
492         object or a DOM node, BOOM.
493
494 2011-01-31  Oliver Hunt  <oliver@apple.com>
495
496         Reviewed by Geoffrey Garen.
497
498         Update JSObject storage for new marking API
499         https://bugs.webkit.org/show_bug.cgi?id=53467
500
501         JSObject no longer uses EncodedJSValue for its property storage.
502         This produces a stream of mechanical changes to PropertySlot and
503         anonymous storage APIs.
504
505         * JavaScriptCore.exp:
506         * runtime/ArrayPrototype.cpp:
507         (JSC::ArrayPrototype::ArrayPrototype):
508         * runtime/BooleanConstructor.cpp:
509         (JSC::constructBoolean):
510         (JSC::constructBooleanFromImmediateBoolean):
511         * runtime/BooleanObject.cpp:
512         (JSC::BooleanObject::BooleanObject):
513         * runtime/BooleanObject.h:
514         * runtime/BooleanPrototype.cpp:
515         (JSC::BooleanPrototype::BooleanPrototype):
516         * runtime/DateInstance.cpp:
517         (JSC::DateInstance::DateInstance):
518         * runtime/DatePrototype.cpp:
519         (JSC::DatePrototype::DatePrototype):
520         * runtime/JSActivation.cpp:
521         (JSC::JSActivation::getOwnPropertySlot):
522         * runtime/JSArray.cpp:
523         (JSC::JSArray::getOwnPropertySlot):
524         * runtime/JSFunction.cpp:
525         (JSC::JSFunction::getOwnPropertySlot):
526         * runtime/JSGlobalObject.h:
527         (JSC::JSGlobalObject::JSGlobalObject):
528         * runtime/JSObject.cpp:
529         (JSC::JSObject::fillGetterPropertySlot):
530         * runtime/JSObject.h:
531         (JSC::JSObject::getDirectLocation):
532         (JSC::JSObject::offsetForLocation):
533         (JSC::JSObject::putAnonymousValue):
534         (JSC::JSObject::clearAnonymousValue):
535         (JSC::JSObject::getAnonymousValue):
536         (JSC::JSObject::putThisToAnonymousValue):
537         (JSC::JSObject::locationForOffset):
538         (JSC::JSObject::inlineGetOwnPropertySlot):
539         * runtime/JSObjectWithGlobalObject.cpp:
540         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
541         * runtime/JSWrapperObject.h:
542         (JSC::JSWrapperObject::JSWrapperObject):
543         (JSC::JSWrapperObject::setInternalValue):
544         * runtime/Lookup.cpp:
545         (JSC::setUpStaticFunctionSlot):
546         * runtime/NumberConstructor.cpp:
547         (JSC::constructWithNumberConstructor):
548         * runtime/NumberObject.cpp:
549         (JSC::NumberObject::NumberObject):
550         (JSC::constructNumber):
551         * runtime/NumberObject.h:
552         * runtime/NumberPrototype.cpp:
553         (JSC::NumberPrototype::NumberPrototype):
554         * runtime/PropertySlot.h:
555         (JSC::PropertySlot::getValue):
556         (JSC::PropertySlot::setValue):
557         (JSC::PropertySlot::setRegisterSlot):
558         * runtime/StringObject.cpp:
559         (JSC::StringObject::StringObject):
560         * runtime/StringPrototype.cpp:
561         (JSC::StringPrototype::StringPrototype):
562         * runtime/WriteBarrier.h:
563         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
564
565 2011-02-01  Daniel Bates  <dbates@rim.com>
566
567         Reviewed by Antonio Gomes.
568
569         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
570         https://bugs.webkit.org/show_bug.cgi?id=53506
571
572         Currently, use of the Mersenne Twister pseudorandom number generator
573         is hardcoded to the Windows CE port. With the passing of bug #53253,
574         we can generalize support for this PRNG to all ports that use srand(3)
575         and rand(3), including Windows CE.
576
577         * wtf/RandomNumberSeed.h:
578         (WTF::initializeRandomNumberGenerator):
579
580 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
581
582         Reviewed by Gavin Barraclough.
583
584         MacroAssemblerARM would generate code that did 32bit loads
585         on addresses that were not aligned. More specifically it would
586         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
587         The intended instruction really is ldrb r8,[r1, #7]; ensure we
588         call load8 instead of load32.
589
590         https://bugs.webkit.org/show_bug.cgi?id=46095
591
592         * assembler/MacroAssemblerARM.h:
593         (JSC::MacroAssemblerARM::set32Test32):
594         (JSC::MacroAssemblerARM::set32Test8):
595
596 2011-02-01  Darin Fisher  <darin@chromium.org>
597
598         Reviewed by Eric Seidel.
599
600         Fix some Visual Studio compiler warnings.
601         https://bugs.webkit.org/show_bug.cgi?id=53476
602
603         * wtf/MathExtras.h:
604         (clampToInteger):
605         (clampToPositiveInteger):
606         * wtf/ThreadingWin.cpp:
607         (WTF::absoluteTimeToWaitTimeoutInterval):
608
609 2011-01-31  Oliver Hunt  <oliver@apple.com>
610
611         Reviewed by Sam Weinig.
612
613         Bogus callframe during stack unwinding
614         https://bugs.webkit.org/show_bug.cgi?id=53454
615
616         Trying to access a callframe's globalData after destroying its
617         ScopeChain is not a good thing.  While we could access the
618         globalData directly through the (known valid) scopechain we're
619         holding on to, it feels fragile.  Instead we push the valid
620         ScopeChain onto the callframe again to ensure that the callframe
621         itself remains valid.
622
623         * interpreter/Interpreter.cpp:
624         (JSC::Interpreter::unwindCallFrame):
625
626 2011-01-31  Michael Saboff  <msaboff@apple.com>
627
628         Reviewed by Geoffrey Garen.
629
630         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
631         https://bugs.webkit.org/show_bug.cgi?id=53271
632
633         Reapplying this change again.
634         Changed isValid() to use .get() as a result of change r77151.
635
636         Added new isValid() methods to check if a contained object in
637         a WeakGCMap is valid when using an unchecked iterator.
638
639         * runtime/WeakGCMap.h:
640         (JSC::WeakGCMap::isValid):
641
642 2011-01-31  Oliver Hunt  <oliver@apple.com>
643
644         Convert markstack to a slot visitor API
645         https://bugs.webkit.org/show_bug.cgi?id=53219
646
647         rolling r77098, r77099, r77100, r77109, and
648         r77111 back in, along with a few more Qt fix attempts.
649
650         * API/JSCallbackObject.h:
651         (JSC::JSCallbackObjectData::setPrivateProperty):
652         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
653         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
654         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
655         (JSC::JSCallbackObject::setPrivateProperty):
656         * API/JSCallbackObjectFunctions.h:
657         (JSC::::put):
658         (JSC::::staticFunctionGetter):
659         * API/JSObjectRef.cpp:
660         (JSObjectMakeConstructor):
661         (JSObjectSetPrivateProperty):
662         * API/JSWeakObjectMapRefInternal.h:
663         * JavaScriptCore.exp:
664         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
665         * JavaScriptCore.xcodeproj/project.pbxproj:
666         * bytecode/CodeBlock.cpp:
667         (JSC::CodeBlock::markAggregate):
668         * bytecode/CodeBlock.h:
669         (JSC::CodeBlock::globalObject):
670         * bytecompiler/BytecodeGenerator.cpp:
671         (JSC::BytecodeGenerator::BytecodeGenerator):
672         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
673         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
674         (JSC::BytecodeGenerator::findScopedProperty):
675         * debugger/Debugger.cpp:
676         (JSC::evaluateInGlobalCallFrame):
677         * debugger/DebuggerActivation.cpp:
678         (JSC::DebuggerActivation::DebuggerActivation):
679         (JSC::DebuggerActivation::markChildren):
680         * debugger/DebuggerActivation.h:
681         * debugger/DebuggerCallFrame.cpp:
682         (JSC::DebuggerCallFrame::evaluate):
683         * interpreter/CallFrame.h:
684         (JSC::ExecState::exception):
685         * interpreter/Interpreter.cpp:
686         (JSC::Interpreter::resolve):
687         (JSC::Interpreter::resolveSkip):
688         (JSC::Interpreter::resolveGlobal):
689         (JSC::Interpreter::resolveGlobalDynamic):
690         (JSC::Interpreter::resolveBaseAndProperty):
691         (JSC::Interpreter::unwindCallFrame):
692         (JSC::appendSourceToError):
693         (JSC::Interpreter::execute):
694         (JSC::Interpreter::tryCacheGetByID):
695         (JSC::Interpreter::privateExecute):
696         * jit/JITStubs.cpp:
697         (JSC::JITThunks::tryCacheGetByID):
698         (JSC::DEFINE_STUB_FUNCTION):
699         * jsc.cpp:
700         (GlobalObject::GlobalObject):
701         * runtime/ArgList.cpp:
702         (JSC::MarkedArgumentBuffer::markLists):
703         * runtime/Arguments.cpp:
704         (JSC::Arguments::markChildren):
705         (JSC::Arguments::getOwnPropertySlot):
706         (JSC::Arguments::getOwnPropertyDescriptor):
707         (JSC::Arguments::put):
708         * runtime/Arguments.h:
709         (JSC::Arguments::setActivation):
710         (JSC::Arguments::Arguments):
711         * runtime/ArrayConstructor.cpp:
712         (JSC::ArrayConstructor::ArrayConstructor):
713         (JSC::constructArrayWithSizeQuirk):
714         * runtime/ArrayPrototype.cpp:
715         (JSC::arrayProtoFuncSplice):
716         * runtime/BatchedTransitionOptimizer.h:
717         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
718         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
719         * runtime/BooleanConstructor.cpp:
720         (JSC::BooleanConstructor::BooleanConstructor):
721         (JSC::constructBoolean):
722         (JSC::constructBooleanFromImmediateBoolean):
723         * runtime/BooleanPrototype.cpp:
724         (JSC::BooleanPrototype::BooleanPrototype):
725         * runtime/ConservativeSet.cpp:
726         (JSC::ConservativeSet::grow):
727         * runtime/ConservativeSet.h:
728         (JSC::ConservativeSet::~ConservativeSet):
729         (JSC::ConservativeSet::mark):
730         * runtime/DateConstructor.cpp:
731         (JSC::DateConstructor::DateConstructor):
732         * runtime/DateInstance.cpp:
733         (JSC::DateInstance::DateInstance):
734         * runtime/DatePrototype.cpp:
735         (JSC::dateProtoFuncSetTime):
736         (JSC::setNewValueFromTimeArgs):
737         (JSC::setNewValueFromDateArgs):
738         (JSC::dateProtoFuncSetYear):
739         * runtime/ErrorConstructor.cpp:
740         (JSC::ErrorConstructor::ErrorConstructor):
741         * runtime/ErrorInstance.cpp:
742         (JSC::ErrorInstance::ErrorInstance):
743         * runtime/ErrorPrototype.cpp:
744         (JSC::ErrorPrototype::ErrorPrototype):
745         * runtime/FunctionConstructor.cpp:
746         (JSC::FunctionConstructor::FunctionConstructor):
747         * runtime/FunctionPrototype.cpp:
748         (JSC::FunctionPrototype::FunctionPrototype):
749         * runtime/GetterSetter.cpp:
750         (JSC::GetterSetter::markChildren):
751         * runtime/GetterSetter.h:
752         (JSC::GetterSetter::GetterSetter):
753         (JSC::GetterSetter::getter):
754         (JSC::GetterSetter::setGetter):
755         (JSC::GetterSetter::setter):
756         (JSC::GetterSetter::setSetter):
757         * runtime/GlobalEvalFunction.cpp:
758         (JSC::GlobalEvalFunction::GlobalEvalFunction):
759         (JSC::GlobalEvalFunction::markChildren):
760         * runtime/GlobalEvalFunction.h:
761         (JSC::GlobalEvalFunction::cachedGlobalObject):
762         * runtime/Heap.cpp:
763         (JSC::Heap::markProtectedObjects):
764         (JSC::Heap::markTempSortVectors):
765         (JSC::Heap::markRoots):
766         * runtime/InternalFunction.cpp:
767         (JSC::InternalFunction::InternalFunction):
768         * runtime/JSAPIValueWrapper.h:
769         (JSC::JSAPIValueWrapper::value):
770         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
771         * runtime/JSActivation.cpp:
772         (JSC::JSActivation::markChildren):
773         (JSC::JSActivation::put):
774         * runtime/JSArray.cpp:
775         (JSC::JSArray::JSArray):
776         (JSC::JSArray::getOwnPropertySlot):
777         (JSC::JSArray::getOwnPropertyDescriptor):
778         (JSC::JSArray::put):
779         (JSC::JSArray::putSlowCase):
780         (JSC::JSArray::deleteProperty):
781         (JSC::JSArray::increaseVectorLength):
782         (JSC::JSArray::setLength):
783         (JSC::JSArray::pop):
784         (JSC::JSArray::push):
785         (JSC::JSArray::unshiftCount):
786         (JSC::JSArray::sort):
787         (JSC::JSArray::fillArgList):
788         (JSC::JSArray::copyToRegisters):
789         (JSC::JSArray::compactForSorting):
790         * runtime/JSArray.h:
791         (JSC::JSArray::getIndex):
792         (JSC::JSArray::setIndex):
793         (JSC::JSArray::uncheckedSetIndex):
794         (JSC::JSArray::markChildrenDirect):
795         * runtime/JSByteArray.cpp:
796         (JSC::JSByteArray::JSByteArray):
797         * runtime/JSCell.h:
798         (JSC::JSCell::MarkStack::append):
799         (JSC::JSCell::MarkStack::internalAppend):
800         (JSC::JSCell::MarkStack::deprecatedAppend):
801         * runtime/JSFunction.cpp:
802         (JSC::JSFunction::JSFunction):
803         (JSC::JSFunction::getOwnPropertySlot):
804         * runtime/JSGlobalData.h:
805         * runtime/JSGlobalObject.cpp:
806         (JSC::markIfNeeded):
807         (JSC::JSGlobalObject::reset):
808         (JSC::JSGlobalObject::resetPrototype):
809         (JSC::JSGlobalObject::markChildren):
810         * runtime/JSGlobalObject.h:
811         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
812         (JSC::JSGlobalObject::regExpConstructor):
813         (JSC::JSGlobalObject::errorConstructor):
814         (JSC::JSGlobalObject::evalErrorConstructor):
815         (JSC::JSGlobalObject::rangeErrorConstructor):
816         (JSC::JSGlobalObject::referenceErrorConstructor):
817         (JSC::JSGlobalObject::syntaxErrorConstructor):
818         (JSC::JSGlobalObject::typeErrorConstructor):
819         (JSC::JSGlobalObject::URIErrorConstructor):
820         (JSC::JSGlobalObject::evalFunction):
821         (JSC::JSGlobalObject::objectPrototype):
822         (JSC::JSGlobalObject::functionPrototype):
823         (JSC::JSGlobalObject::arrayPrototype):
824         (JSC::JSGlobalObject::booleanPrototype):
825         (JSC::JSGlobalObject::stringPrototype):
826         (JSC::JSGlobalObject::numberPrototype):
827         (JSC::JSGlobalObject::datePrototype):
828         (JSC::JSGlobalObject::regExpPrototype):
829         (JSC::JSGlobalObject::methodCallDummy):
830         (JSC::Structure::prototypeForLookup):
831         (JSC::constructArray):
832         * runtime/JSONObject.cpp:
833         (JSC::Stringifier::Holder::object):
834         (JSC::Stringifier::Holder::objectSlot):
835         (JSC::Stringifier::markAggregate):
836         (JSC::Stringifier::stringify):
837         (JSC::Stringifier::Holder::appendNextProperty):
838         (JSC::Walker::callReviver):
839         (JSC::Walker::walk):
840         * runtime/JSObject.cpp:
841         (JSC::JSObject::defineGetter):
842         (JSC::JSObject::defineSetter):
843         (JSC::JSObject::removeDirect):
844         (JSC::JSObject::putDirectFunction):
845         (JSC::JSObject::putDirectFunctionWithoutTransition):
846         (JSC::putDescriptor):
847         (JSC::JSObject::defineOwnProperty):
848         * runtime/JSObject.h:
849         (JSC::JSObject::getDirectOffset):
850         (JSC::JSObject::putDirectOffset):
851         (JSC::JSObject::putUndefinedAtDirectOffset):
852         (JSC::JSObject::flattenDictionaryObject):
853         (JSC::JSObject::putDirectInternal):
854         (JSC::JSObject::putDirect):
855         (JSC::JSObject::putDirectFunction):
856         (JSC::JSObject::putDirectWithoutTransition):
857         (JSC::JSObject::putDirectFunctionWithoutTransition):
858         (JSC::JSValue::putDirect):
859         (JSC::JSObject::allocatePropertyStorageInline):
860         (JSC::JSObject::markChildrenDirect):
861         * runtime/JSPropertyNameIterator.cpp:
862         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
863         (JSC::JSPropertyNameIterator::get):
864         * runtime/JSPropertyNameIterator.h:
865         * runtime/JSStaticScopeObject.cpp:
866         (JSC::JSStaticScopeObject::markChildren):
867         * runtime/JSString.cpp:
868         (JSC::StringObject::create):
869         * runtime/JSValue.h:
870         * runtime/JSWrapperObject.cpp:
871         (JSC::JSWrapperObject::markChildren):
872         * runtime/JSWrapperObject.h:
873         (JSC::JSWrapperObject::internalValue):
874         (JSC::JSWrapperObject::setInternalValue):
875         * runtime/LiteralParser.cpp:
876         (JSC::LiteralParser::parse):
877         * runtime/Lookup.cpp:
878         (JSC::setUpStaticFunctionSlot):
879         * runtime/Lookup.h:
880         (JSC::lookupPut):
881         * runtime/MarkStack.h:
882         (JSC::MarkStack::MarkStack):
883         (JSC::MarkStack::deprecatedAppendValues):
884         (JSC::MarkStack::appendValues):
885         * runtime/MathObject.cpp:
886         (JSC::MathObject::MathObject):
887         * runtime/NativeErrorConstructor.cpp:
888         (JSC::NativeErrorConstructor::NativeErrorConstructor):
889         * runtime/NativeErrorPrototype.cpp:
890         (JSC::NativeErrorPrototype::NativeErrorPrototype):
891         * runtime/NumberConstructor.cpp:
892         (JSC::NumberConstructor::NumberConstructor):
893         (JSC::constructWithNumberConstructor):
894         * runtime/NumberObject.cpp:
895         (JSC::constructNumber):
896         * runtime/NumberPrototype.cpp:
897         (JSC::NumberPrototype::NumberPrototype):
898         * runtime/ObjectConstructor.cpp:
899         (JSC::ObjectConstructor::ObjectConstructor):
900         (JSC::objectConstructorGetOwnPropertyDescriptor):
901         * runtime/Operations.h:
902         (JSC::normalizePrototypeChain):
903         (JSC::resolveBase):
904         * runtime/PrototypeFunction.cpp:
905         (JSC::PrototypeFunction::PrototypeFunction):
906         * runtime/PutPropertySlot.h:
907         (JSC::PutPropertySlot::setExistingProperty):
908         (JSC::PutPropertySlot::setNewProperty):
909         (JSC::PutPropertySlot::base):
910         * runtime/RegExpConstructor.cpp:
911         (JSC::RegExpConstructor::RegExpConstructor):
912         * runtime/ScopeChain.cpp:
913         (JSC::ScopeChainNode::print):
914         * runtime/ScopeChain.h:
915         (JSC::ScopeChainNode::~ScopeChainNode):
916         (JSC::ScopeChainIterator::operator*):
917         (JSC::ScopeChainIterator::operator->):
918         (JSC::ScopeChain::top):
919         * runtime/ScopeChainMark.h:
920         (JSC::ScopeChain::markAggregate):
921         * runtime/SmallStrings.cpp:
922         (JSC::isMarked):
923         (JSC::SmallStrings::markChildren):
924         * runtime/SmallStrings.h:
925         (JSC::SmallStrings::emptyString):
926         (JSC::SmallStrings::singleCharacterString):
927         (JSC::SmallStrings::singleCharacterStrings):
928         * runtime/StringConstructor.cpp:
929         (JSC::StringConstructor::StringConstructor):
930         * runtime/StringObject.cpp:
931         (JSC::StringObject::StringObject):
932         * runtime/StringObject.h:
933         * runtime/StringPrototype.cpp:
934         (JSC::StringPrototype::StringPrototype):
935         * runtime/Structure.cpp:
936         (JSC::Structure::Structure):
937         (JSC::Structure::addPropertyTransition):
938         (JSC::Structure::toDictionaryTransition):
939         (JSC::Structure::flattenDictionaryStructure):
940         * runtime/Structure.h:
941         (JSC::Structure::storedPrototype):
942         (JSC::Structure::storedPrototypeSlot):
943         * runtime/WeakGCMap.h:
944         (JSC::WeakGCMap::uncheckedGet):
945         (JSC::WeakGCMap::uncheckedGetSlot):
946         (JSC::::get):
947         (JSC::::take):
948         (JSC::::set):
949         (JSC::::uncheckedRemove):
950         * runtime/WriteBarrier.h: Added.
951         (JSC::DeprecatedPtr::DeprecatedPtr):
952         (JSC::DeprecatedPtr::get):
953         (JSC::DeprecatedPtr::operator*):
954         (JSC::DeprecatedPtr::operator->):
955         (JSC::DeprecatedPtr::slot):
956         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
957         (JSC::DeprecatedPtr::operator!):
958         (JSC::WriteBarrierBase::set):
959         (JSC::WriteBarrierBase::get):
960         (JSC::WriteBarrierBase::operator*):
961         (JSC::WriteBarrierBase::operator->):
962         (JSC::WriteBarrierBase::clear):
963         (JSC::WriteBarrierBase::slot):
964         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
965         (JSC::WriteBarrierBase::operator!):
966         (JSC::WriteBarrier::WriteBarrier):
967         (JSC::operator==):
968
969 2011-01-31  Dan Winship  <danw@gnome.org>
970
971         Reviewed by Gustavo Noronha Silva.
972
973         wss (websockets ssl) support for gtk via new gio TLS support
974         https://bugs.webkit.org/show_bug.cgi?id=50344
975
976         Add a GPollableOutputStream typedef for TLS WebSockets support
977
978         * wtf/gobject/GTypedefs.h:
979
980 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
981
982         Reviewed by Geoff Garen.
983
984         https://bugs.webkit.org/show_bug.cgi?id=53352
985         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
986
987         The FixedVMPoolAllocator currently uses a best fix policy -
988         switch to first fit, this is less prone to external fragmentation.
989
990         * jit/ExecutableAllocatorFixedVMPool.cpp:
991         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
992         (JSC::AllocationTableSizeClass::blockSize):
993         (JSC::AllocationTableSizeClass::blockCount):
994         (JSC::AllocationTableSizeClass::blockAlignment):
995         (JSC::AllocationTableSizeClass::size):
996         (JSC::AllocationTableLeaf::AllocationTableLeaf):
997         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
998         (JSC::AllocationTableLeaf::allocate):
999         (JSC::AllocationTableLeaf::free):
1000         (JSC::AllocationTableLeaf::isEmpty):
1001         (JSC::AllocationTableLeaf::isFull):
1002         (JSC::AllocationTableLeaf::size):
1003         (JSC::AllocationTableLeaf::classForSize):
1004         (JSC::AllocationTableLeaf::dump):
1005         (JSC::LazyAllocationTable::LazyAllocationTable):
1006         (JSC::LazyAllocationTable::~LazyAllocationTable):
1007         (JSC::LazyAllocationTable::allocate):
1008         (JSC::LazyAllocationTable::free):
1009         (JSC::LazyAllocationTable::isEmpty):
1010         (JSC::LazyAllocationTable::isFull):
1011         (JSC::LazyAllocationTable::size):
1012         (JSC::LazyAllocationTable::dump):
1013         (JSC::LazyAllocationTable::classForSize):
1014         (JSC::AllocationTableDirectory::AllocationTableDirectory):
1015         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
1016         (JSC::AllocationTableDirectory::allocate):
1017         (JSC::AllocationTableDirectory::free):
1018         (JSC::AllocationTableDirectory::isEmpty):
1019         (JSC::AllocationTableDirectory::isFull):
1020         (JSC::AllocationTableDirectory::size):
1021         (JSC::AllocationTableDirectory::classForSize):
1022         (JSC::AllocationTableDirectory::dump):
1023         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1024         (JSC::FixedVMPoolAllocator::alloc):
1025         (JSC::FixedVMPoolAllocator::free):
1026         (JSC::FixedVMPoolAllocator::allocated):
1027         (JSC::FixedVMPoolAllocator::isValid):
1028         (JSC::FixedVMPoolAllocator::classForSize):
1029         (JSC::FixedVMPoolAllocator::offsetToPointer):
1030         (JSC::FixedVMPoolAllocator::pointerToOffset):
1031         (JSC::ExecutableAllocator::committedByteCount):
1032         (JSC::ExecutableAllocator::isValid):
1033         (JSC::ExecutableAllocator::underMemoryPressure):
1034         (JSC::ExecutablePool::systemAlloc):
1035         (JSC::ExecutablePool::systemRelease):
1036         * wtf/PageReservation.h:
1037         (WTF::PageReservation::PageReservation):
1038         (WTF::PageReservation::commit):
1039         (WTF::PageReservation::decommit):
1040         (WTF::PageReservation::committed):
1041
1042 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1043
1044         Unreviewed, rolling out r76969.
1045         http://trac.webkit.org/changeset/76969
1046         https://bugs.webkit.org/show_bug.cgi?id=53418
1047
1048         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1049         alexg__ on #webkit).
1050
1051         * runtime/WeakGCMap.h:
1052
1053 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1054
1055         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1056         r77111.
1057         http://trac.webkit.org/changeset/77098
1058         http://trac.webkit.org/changeset/77099
1059         http://trac.webkit.org/changeset/77100
1060         http://trac.webkit.org/changeset/77109
1061         http://trac.webkit.org/changeset/77111
1062         https://bugs.webkit.org/show_bug.cgi?id=53219
1063
1064         Qt build is broken
1065
1066         * API/JSCallbackObject.h:
1067         (JSC::JSCallbackObjectData::setPrivateProperty):
1068         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1069         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1070         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1071         (JSC::JSCallbackObject::setPrivateProperty):
1072         * API/JSCallbackObjectFunctions.h:
1073         (JSC::::put):
1074         (JSC::::staticFunctionGetter):
1075         * API/JSObjectRef.cpp:
1076         (JSObjectMakeConstructor):
1077         (JSObjectSetPrivateProperty):
1078         * API/JSWeakObjectMapRefInternal.h:
1079         * JavaScriptCore.exp:
1080         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1081         * JavaScriptCore.xcodeproj/project.pbxproj:
1082         * bytecode/CodeBlock.cpp:
1083         (JSC::CodeBlock::markAggregate):
1084         * bytecode/CodeBlock.h:
1085         (JSC::CodeBlock::globalObject):
1086         * bytecompiler/BytecodeGenerator.cpp:
1087         (JSC::BytecodeGenerator::BytecodeGenerator):
1088         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1089         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1090         (JSC::BytecodeGenerator::findScopedProperty):
1091         * debugger/Debugger.cpp:
1092         (JSC::evaluateInGlobalCallFrame):
1093         * debugger/DebuggerActivation.cpp:
1094         (JSC::DebuggerActivation::DebuggerActivation):
1095         (JSC::DebuggerActivation::markChildren):
1096         * debugger/DebuggerActivation.h:
1097         * debugger/DebuggerCallFrame.cpp:
1098         (JSC::DebuggerCallFrame::evaluate):
1099         * interpreter/CallFrame.h:
1100         (JSC::ExecState::exception):
1101         * interpreter/Interpreter.cpp:
1102         (JSC::Interpreter::resolve):
1103         (JSC::Interpreter::resolveSkip):
1104         (JSC::Interpreter::resolveGlobal):
1105         (JSC::Interpreter::resolveGlobalDynamic):
1106         (JSC::Interpreter::resolveBaseAndProperty):
1107         (JSC::Interpreter::unwindCallFrame):
1108         (JSC::appendSourceToError):
1109         (JSC::Interpreter::execute):
1110         (JSC::Interpreter::tryCacheGetByID):
1111         (JSC::Interpreter::privateExecute):
1112         * jit/JITStubs.cpp:
1113         (JSC::JITThunks::tryCacheGetByID):
1114         (JSC::DEFINE_STUB_FUNCTION):
1115         * jsc.cpp:
1116         (GlobalObject::GlobalObject):
1117         * runtime/ArgList.cpp:
1118         (JSC::MarkedArgumentBuffer::markLists):
1119         * runtime/Arguments.cpp:
1120         (JSC::Arguments::markChildren):
1121         (JSC::Arguments::getOwnPropertySlot):
1122         (JSC::Arguments::getOwnPropertyDescriptor):
1123         (JSC::Arguments::put):
1124         * runtime/Arguments.h:
1125         (JSC::Arguments::setActivation):
1126         (JSC::Arguments::Arguments):
1127         * runtime/ArrayConstructor.cpp:
1128         (JSC::ArrayConstructor::ArrayConstructor):
1129         (JSC::constructArrayWithSizeQuirk):
1130         * runtime/ArrayPrototype.cpp:
1131         (JSC::arrayProtoFuncSplice):
1132         * runtime/BatchedTransitionOptimizer.h:
1133         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1134         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1135         * runtime/BooleanConstructor.cpp:
1136         (JSC::BooleanConstructor::BooleanConstructor):
1137         (JSC::constructBoolean):
1138         (JSC::constructBooleanFromImmediateBoolean):
1139         * runtime/BooleanPrototype.cpp:
1140         (JSC::BooleanPrototype::BooleanPrototype):
1141         * runtime/ConservativeSet.cpp:
1142         (JSC::ConservativeSet::grow):
1143         * runtime/ConservativeSet.h:
1144         (JSC::ConservativeSet::~ConservativeSet):
1145         (JSC::ConservativeSet::mark):
1146         * runtime/DateConstructor.cpp:
1147         (JSC::DateConstructor::DateConstructor):
1148         * runtime/DateInstance.cpp:
1149         (JSC::DateInstance::DateInstance):
1150         * runtime/DatePrototype.cpp:
1151         (JSC::dateProtoFuncSetTime):
1152         (JSC::setNewValueFromTimeArgs):
1153         (JSC::setNewValueFromDateArgs):
1154         (JSC::dateProtoFuncSetYear):
1155         * runtime/ErrorConstructor.cpp:
1156         (JSC::ErrorConstructor::ErrorConstructor):
1157         * runtime/ErrorInstance.cpp:
1158         (JSC::ErrorInstance::ErrorInstance):
1159         * runtime/ErrorPrototype.cpp:
1160         (JSC::ErrorPrototype::ErrorPrototype):
1161         * runtime/FunctionConstructor.cpp:
1162         (JSC::FunctionConstructor::FunctionConstructor):
1163         * runtime/FunctionPrototype.cpp:
1164         (JSC::FunctionPrototype::FunctionPrototype):
1165         * runtime/GetterSetter.cpp:
1166         (JSC::GetterSetter::markChildren):
1167         * runtime/GetterSetter.h:
1168         (JSC::GetterSetter::GetterSetter):
1169         (JSC::GetterSetter::getter):
1170         (JSC::GetterSetter::setGetter):
1171         (JSC::GetterSetter::setter):
1172         (JSC::GetterSetter::setSetter):
1173         * runtime/GlobalEvalFunction.cpp:
1174         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1175         (JSC::GlobalEvalFunction::markChildren):
1176         * runtime/GlobalEvalFunction.h:
1177         (JSC::GlobalEvalFunction::cachedGlobalObject):
1178         * runtime/Heap.cpp:
1179         (JSC::Heap::markProtectedObjects):
1180         (JSC::Heap::markTempSortVectors):
1181         (JSC::Heap::markRoots):
1182         * runtime/InternalFunction.cpp:
1183         (JSC::InternalFunction::InternalFunction):
1184         * runtime/JSAPIValueWrapper.h:
1185         (JSC::JSAPIValueWrapper::value):
1186         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1187         * runtime/JSActivation.cpp:
1188         (JSC::JSActivation::markChildren):
1189         (JSC::JSActivation::put):
1190         * runtime/JSArray.cpp:
1191         (JSC::JSArray::JSArray):
1192         (JSC::JSArray::getOwnPropertySlot):
1193         (JSC::JSArray::getOwnPropertyDescriptor):
1194         (JSC::JSArray::put):
1195         (JSC::JSArray::putSlowCase):
1196         (JSC::JSArray::deleteProperty):
1197         (JSC::JSArray::increaseVectorLength):
1198         (JSC::JSArray::setLength):
1199         (JSC::JSArray::pop):
1200         (JSC::JSArray::push):
1201         (JSC::JSArray::unshiftCount):
1202         (JSC::JSArray::sort):
1203         (JSC::JSArray::fillArgList):
1204         (JSC::JSArray::copyToRegisters):
1205         (JSC::JSArray::compactForSorting):
1206         * runtime/JSArray.h:
1207         (JSC::JSArray::getIndex):
1208         (JSC::JSArray::setIndex):
1209         (JSC::JSArray::uncheckedSetIndex):
1210         (JSC::JSArray::markChildrenDirect):
1211         * runtime/JSByteArray.cpp:
1212         (JSC::JSByteArray::JSByteArray):
1213         * runtime/JSCell.h:
1214         (JSC::JSCell::JSValue::toThisObject):
1215         (JSC::JSCell::MarkStack::append):
1216         * runtime/JSFunction.cpp:
1217         (JSC::JSFunction::JSFunction):
1218         (JSC::JSFunction::getOwnPropertySlot):
1219         * runtime/JSGlobalData.h:
1220         * runtime/JSGlobalObject.cpp:
1221         (JSC::markIfNeeded):
1222         (JSC::JSGlobalObject::reset):
1223         (JSC::JSGlobalObject::resetPrototype):
1224         (JSC::JSGlobalObject::markChildren):
1225         * runtime/JSGlobalObject.h:
1226         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1227         (JSC::JSGlobalObject::regExpConstructor):
1228         (JSC::JSGlobalObject::errorConstructor):
1229         (JSC::JSGlobalObject::evalErrorConstructor):
1230         (JSC::JSGlobalObject::rangeErrorConstructor):
1231         (JSC::JSGlobalObject::referenceErrorConstructor):
1232         (JSC::JSGlobalObject::syntaxErrorConstructor):
1233         (JSC::JSGlobalObject::typeErrorConstructor):
1234         (JSC::JSGlobalObject::URIErrorConstructor):
1235         (JSC::JSGlobalObject::evalFunction):
1236         (JSC::JSGlobalObject::objectPrototype):
1237         (JSC::JSGlobalObject::functionPrototype):
1238         (JSC::JSGlobalObject::arrayPrototype):
1239         (JSC::JSGlobalObject::booleanPrototype):
1240         (JSC::JSGlobalObject::stringPrototype):
1241         (JSC::JSGlobalObject::numberPrototype):
1242         (JSC::JSGlobalObject::datePrototype):
1243         (JSC::JSGlobalObject::regExpPrototype):
1244         (JSC::JSGlobalObject::methodCallDummy):
1245         (JSC::Structure::prototypeForLookup):
1246         (JSC::constructArray):
1247         * runtime/JSONObject.cpp:
1248         (JSC::Stringifier::Holder::object):
1249         (JSC::Stringifier::markAggregate):
1250         (JSC::Stringifier::stringify):
1251         (JSC::Stringifier::Holder::appendNextProperty):
1252         (JSC::Walker::callReviver):
1253         (JSC::Walker::walk):
1254         * runtime/JSObject.cpp:
1255         (JSC::JSObject::defineGetter):
1256         (JSC::JSObject::defineSetter):
1257         (JSC::JSObject::removeDirect):
1258         (JSC::JSObject::putDirectFunction):
1259         (JSC::JSObject::putDirectFunctionWithoutTransition):
1260         (JSC::putDescriptor):
1261         (JSC::JSObject::defineOwnProperty):
1262         * runtime/JSObject.h:
1263         (JSC::JSObject::getDirectOffset):
1264         (JSC::JSObject::putDirectOffset):
1265         (JSC::JSObject::flattenDictionaryObject):
1266         (JSC::JSObject::putDirectInternal):
1267         (JSC::JSObject::putDirect):
1268         (JSC::JSObject::putDirectFunction):
1269         (JSC::JSObject::putDirectWithoutTransition):
1270         (JSC::JSObject::putDirectFunctionWithoutTransition):
1271         (JSC::JSValue::putDirect):
1272         (JSC::JSObject::allocatePropertyStorageInline):
1273         (JSC::JSObject::markChildrenDirect):
1274         * runtime/JSPropertyNameIterator.cpp:
1275         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1276         (JSC::JSPropertyNameIterator::get):
1277         * runtime/JSPropertyNameIterator.h:
1278         * runtime/JSStaticScopeObject.cpp:
1279         (JSC::JSStaticScopeObject::markChildren):
1280         * runtime/JSString.cpp:
1281         (JSC::StringObject::create):
1282         * runtime/JSValue.h:
1283         * runtime/JSWrapperObject.cpp:
1284         (JSC::JSWrapperObject::markChildren):
1285         * runtime/JSWrapperObject.h:
1286         (JSC::JSWrapperObject::internalValue):
1287         (JSC::JSWrapperObject::setInternalValue):
1288         * runtime/LiteralParser.cpp:
1289         (JSC::LiteralParser::parse):
1290         * runtime/Lookup.cpp:
1291         (JSC::setUpStaticFunctionSlot):
1292         * runtime/Lookup.h:
1293         (JSC::lookupPut):
1294         * runtime/MarkStack.h:
1295         (JSC::MarkStack::appendValues):
1296         * runtime/MathObject.cpp:
1297         (JSC::MathObject::MathObject):
1298         * runtime/NativeErrorConstructor.cpp:
1299         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1300         * runtime/NativeErrorPrototype.cpp:
1301         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1302         * runtime/NumberConstructor.cpp:
1303         (JSC::NumberConstructor::NumberConstructor):
1304         (JSC::constructWithNumberConstructor):
1305         * runtime/NumberObject.cpp:
1306         (JSC::constructNumber):
1307         * runtime/NumberPrototype.cpp:
1308         (JSC::NumberPrototype::NumberPrototype):
1309         * runtime/ObjectConstructor.cpp:
1310         (JSC::ObjectConstructor::ObjectConstructor):
1311         (JSC::objectConstructorGetOwnPropertyDescriptor):
1312         * runtime/Operations.h:
1313         (JSC::normalizePrototypeChain):
1314         (JSC::resolveBase):
1315         * runtime/PrototypeFunction.cpp:
1316         (JSC::PrototypeFunction::PrototypeFunction):
1317         * runtime/PutPropertySlot.h:
1318         (JSC::PutPropertySlot::setExistingProperty):
1319         (JSC::PutPropertySlot::setNewProperty):
1320         (JSC::PutPropertySlot::base):
1321         * runtime/RegExpConstructor.cpp:
1322         (JSC::RegExpConstructor::RegExpConstructor):
1323         * runtime/ScopeChain.cpp:
1324         (JSC::ScopeChainNode::print):
1325         * runtime/ScopeChain.h:
1326         (JSC::ScopeChainNode::~ScopeChainNode):
1327         (JSC::ScopeChainIterator::operator*):
1328         (JSC::ScopeChainIterator::operator->):
1329         (JSC::ScopeChain::top):
1330         * runtime/ScopeChainMark.h:
1331         (JSC::ScopeChain::markAggregate):
1332         * runtime/SmallStrings.cpp:
1333         (JSC::isMarked):
1334         (JSC::SmallStrings::markChildren):
1335         * runtime/SmallStrings.h:
1336         (JSC::SmallStrings::emptyString):
1337         (JSC::SmallStrings::singleCharacterString):
1338         (JSC::SmallStrings::singleCharacterStrings):
1339         * runtime/StringConstructor.cpp:
1340         (JSC::StringConstructor::StringConstructor):
1341         * runtime/StringObject.cpp:
1342         (JSC::StringObject::StringObject):
1343         * runtime/StringObject.h:
1344         * runtime/StringPrototype.cpp:
1345         (JSC::StringPrototype::StringPrototype):
1346         * runtime/Structure.cpp:
1347         (JSC::Structure::Structure):
1348         (JSC::Structure::addPropertyTransition):
1349         (JSC::Structure::toDictionaryTransition):
1350         (JSC::Structure::flattenDictionaryStructure):
1351         * runtime/Structure.h:
1352         (JSC::Structure::storedPrototype):
1353         * runtime/WeakGCMap.h:
1354         (JSC::WeakGCMap::uncheckedGet):
1355         (JSC::WeakGCMap::isValid):
1356         (JSC::::get):
1357         (JSC::::take):
1358         (JSC::::set):
1359         (JSC::::uncheckedRemove):
1360         * runtime/WriteBarrier.h: Removed.
1361
1362 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1363
1364         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1365
1366         * runtime/WriteBarrier.h:
1367         (JSC::WriteBarrierBase::clear):
1368
1369 2011-01-30  Oliver Hunt  <oliver@apple.com>
1370
1371         More Qt build fixes
1372
1373         * runtime/WriteBarrier.h:
1374         (JSC::WriteBarrierBase::clear):
1375
1376 2011-01-30  Oliver Hunt  <oliver@apple.com>
1377
1378         Convert markstack to a slot visitor API
1379         https://bugs.webkit.org/show_bug.cgi?id=53219
1380
1381         rolling r77006 and r77020 back in.
1382
1383         * API/JSCallbackObject.h:
1384         (JSC::JSCallbackObjectData::setPrivateProperty):
1385         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1386         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1387         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1388         (JSC::JSCallbackObject::setPrivateProperty):
1389         * API/JSCallbackObjectFunctions.h:
1390         (JSC::::put):
1391         (JSC::::staticFunctionGetter):
1392         * API/JSObjectRef.cpp:
1393         (JSObjectMakeConstructor):
1394         (JSObjectSetPrivateProperty):
1395         * API/JSWeakObjectMapRefInternal.h:
1396         * JavaScriptCore.exp:
1397         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1398         * JavaScriptCore.xcodeproj/project.pbxproj:
1399         * bytecode/CodeBlock.cpp:
1400         (JSC::CodeBlock::markAggregate):
1401         * bytecode/CodeBlock.h:
1402         (JSC::CodeBlock::globalObject):
1403         * bytecompiler/BytecodeGenerator.cpp:
1404         (JSC::BytecodeGenerator::BytecodeGenerator):
1405         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1406         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1407         (JSC::BytecodeGenerator::findScopedProperty):
1408         * debugger/Debugger.cpp:
1409         (JSC::evaluateInGlobalCallFrame):
1410         * debugger/DebuggerActivation.cpp:
1411         (JSC::DebuggerActivation::DebuggerActivation):
1412         (JSC::DebuggerActivation::markChildren):
1413         * debugger/DebuggerActivation.h:
1414         * debugger/DebuggerCallFrame.cpp:
1415         (JSC::DebuggerCallFrame::evaluate):
1416         * interpreter/CallFrame.h:
1417         (JSC::ExecState::exception):
1418         * interpreter/Interpreter.cpp:
1419         (JSC::Interpreter::resolve):
1420         (JSC::Interpreter::resolveSkip):
1421         (JSC::Interpreter::resolveGlobal):
1422         (JSC::Interpreter::resolveGlobalDynamic):
1423         (JSC::Interpreter::resolveBaseAndProperty):
1424         (JSC::Interpreter::unwindCallFrame):
1425         (JSC::appendSourceToError):
1426         (JSC::Interpreter::execute):
1427         (JSC::Interpreter::tryCacheGetByID):
1428         (JSC::Interpreter::privateExecute):
1429         * jit/JITStubs.cpp:
1430         (JSC::JITThunks::tryCacheGetByID):
1431         (JSC::DEFINE_STUB_FUNCTION):
1432         * jsc.cpp:
1433         (GlobalObject::GlobalObject):
1434         * runtime/ArgList.cpp:
1435         (JSC::MarkedArgumentBuffer::markLists):
1436         * runtime/Arguments.cpp:
1437         (JSC::Arguments::markChildren):
1438         (JSC::Arguments::getOwnPropertySlot):
1439         (JSC::Arguments::getOwnPropertyDescriptor):
1440         (JSC::Arguments::put):
1441         * runtime/Arguments.h:
1442         (JSC::Arguments::setActivation):
1443         (JSC::Arguments::Arguments):
1444         * runtime/ArrayConstructor.cpp:
1445         (JSC::ArrayConstructor::ArrayConstructor):
1446         (JSC::constructArrayWithSizeQuirk):
1447         * runtime/ArrayPrototype.cpp:
1448         (JSC::arrayProtoFuncSplice):
1449         * runtime/BatchedTransitionOptimizer.h:
1450         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1451         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1452         * runtime/BooleanConstructor.cpp:
1453         (JSC::BooleanConstructor::BooleanConstructor):
1454         (JSC::constructBoolean):
1455         (JSC::constructBooleanFromImmediateBoolean):
1456         * runtime/BooleanPrototype.cpp:
1457         (JSC::BooleanPrototype::BooleanPrototype):
1458         * runtime/ConservativeSet.cpp:
1459         (JSC::ConservativeSet::grow):
1460         * runtime/ConservativeSet.h:
1461         (JSC::ConservativeSet::~ConservativeSet):
1462         (JSC::ConservativeSet::mark):
1463         * runtime/DateConstructor.cpp:
1464         (JSC::DateConstructor::DateConstructor):
1465         * runtime/DateInstance.cpp:
1466         (JSC::DateInstance::DateInstance):
1467         * runtime/DatePrototype.cpp:
1468         (JSC::dateProtoFuncSetTime):
1469         (JSC::setNewValueFromTimeArgs):
1470         (JSC::setNewValueFromDateArgs):
1471         (JSC::dateProtoFuncSetYear):
1472         * runtime/ErrorConstructor.cpp:
1473         (JSC::ErrorConstructor::ErrorConstructor):
1474         * runtime/ErrorInstance.cpp:
1475         (JSC::ErrorInstance::ErrorInstance):
1476         * runtime/ErrorPrototype.cpp:
1477         (JSC::ErrorPrototype::ErrorPrototype):
1478         * runtime/FunctionConstructor.cpp:
1479         (JSC::FunctionConstructor::FunctionConstructor):
1480         * runtime/FunctionPrototype.cpp:
1481         (JSC::FunctionPrototype::FunctionPrototype):
1482         * runtime/GetterSetter.cpp:
1483         (JSC::GetterSetter::markChildren):
1484         * runtime/GetterSetter.h:
1485         (JSC::GetterSetter::GetterSetter):
1486         (JSC::GetterSetter::getter):
1487         (JSC::GetterSetter::setGetter):
1488         (JSC::GetterSetter::setter):
1489         (JSC::GetterSetter::setSetter):
1490         * runtime/GlobalEvalFunction.cpp:
1491         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1492         (JSC::GlobalEvalFunction::markChildren):
1493         * runtime/GlobalEvalFunction.h:
1494         (JSC::GlobalEvalFunction::cachedGlobalObject):
1495         * runtime/Heap.cpp:
1496         (JSC::Heap::markProtectedObjects):
1497         (JSC::Heap::markTempSortVectors):
1498         (JSC::Heap::markRoots):
1499         * runtime/InternalFunction.cpp:
1500         (JSC::InternalFunction::InternalFunction):
1501         * runtime/JSAPIValueWrapper.h:
1502         (JSC::JSAPIValueWrapper::value):
1503         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1504         * runtime/JSActivation.cpp:
1505         (JSC::JSActivation::markChildren):
1506         (JSC::JSActivation::put):
1507         * runtime/JSArray.cpp:
1508         (JSC::JSArray::JSArray):
1509         (JSC::JSArray::getOwnPropertySlot):
1510         (JSC::JSArray::getOwnPropertyDescriptor):
1511         (JSC::JSArray::put):
1512         (JSC::JSArray::putSlowCase):
1513         (JSC::JSArray::deleteProperty):
1514         (JSC::JSArray::increaseVectorLength):
1515         (JSC::JSArray::setLength):
1516         (JSC::JSArray::pop):
1517         (JSC::JSArray::push):
1518         (JSC::JSArray::unshiftCount):
1519         (JSC::JSArray::sort):
1520         (JSC::JSArray::fillArgList):
1521         (JSC::JSArray::copyToRegisters):
1522         (JSC::JSArray::compactForSorting):
1523         * runtime/JSArray.h:
1524         (JSC::JSArray::getIndex):
1525         (JSC::JSArray::setIndex):
1526         (JSC::JSArray::uncheckedSetIndex):
1527         (JSC::JSArray::markChildrenDirect):
1528         * runtime/JSByteArray.cpp:
1529         (JSC::JSByteArray::JSByteArray):
1530         * runtime/JSCell.h:
1531         (JSC::JSCell::MarkStack::append):
1532         (JSC::JSCell::MarkStack::internalAppend):
1533         (JSC::JSCell::MarkStack::deprecatedAppend):
1534         * runtime/JSFunction.cpp:
1535         (JSC::JSFunction::JSFunction):
1536         (JSC::JSFunction::getOwnPropertySlot):
1537         * runtime/JSGlobalData.h:
1538         * runtime/JSGlobalObject.cpp:
1539         (JSC::markIfNeeded):
1540         (JSC::JSGlobalObject::reset):
1541         (JSC::JSGlobalObject::resetPrototype):
1542         (JSC::JSGlobalObject::markChildren):
1543         * runtime/JSGlobalObject.h:
1544         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1545         (JSC::JSGlobalObject::regExpConstructor):
1546         (JSC::JSGlobalObject::errorConstructor):
1547         (JSC::JSGlobalObject::evalErrorConstructor):
1548         (JSC::JSGlobalObject::rangeErrorConstructor):
1549         (JSC::JSGlobalObject::referenceErrorConstructor):
1550         (JSC::JSGlobalObject::syntaxErrorConstructor):
1551         (JSC::JSGlobalObject::typeErrorConstructor):
1552         (JSC::JSGlobalObject::URIErrorConstructor):
1553         (JSC::JSGlobalObject::evalFunction):
1554         (JSC::JSGlobalObject::objectPrototype):
1555         (JSC::JSGlobalObject::functionPrototype):
1556         (JSC::JSGlobalObject::arrayPrototype):
1557         (JSC::JSGlobalObject::booleanPrototype):
1558         (JSC::JSGlobalObject::stringPrototype):
1559         (JSC::JSGlobalObject::numberPrototype):
1560         (JSC::JSGlobalObject::datePrototype):
1561         (JSC::JSGlobalObject::regExpPrototype):
1562         (JSC::JSGlobalObject::methodCallDummy):
1563         (JSC::Structure::prototypeForLookup):
1564         (JSC::constructArray):
1565         * runtime/JSONObject.cpp:
1566         (JSC::Stringifier::Holder::object):
1567         (JSC::Stringifier::Holder::objectSlot):
1568         (JSC::Stringifier::markAggregate):
1569         (JSC::Stringifier::stringify):
1570         (JSC::Stringifier::Holder::appendNextProperty):
1571         (JSC::Walker::callReviver):
1572         (JSC::Walker::walk):
1573         * runtime/JSObject.cpp:
1574         (JSC::JSObject::defineGetter):
1575         (JSC::JSObject::defineSetter):
1576         (JSC::JSObject::removeDirect):
1577         (JSC::JSObject::putDirectFunction):
1578         (JSC::JSObject::putDirectFunctionWithoutTransition):
1579         (JSC::putDescriptor):
1580         (JSC::JSObject::defineOwnProperty):
1581         * runtime/JSObject.h:
1582         (JSC::JSObject::getDirectOffset):
1583         (JSC::JSObject::putDirectOffset):
1584         (JSC::JSObject::putUndefinedAtDirectOffset):
1585         (JSC::JSObject::flattenDictionaryObject):
1586         (JSC::JSObject::putDirectInternal):
1587         (JSC::JSObject::putDirect):
1588         (JSC::JSObject::putDirectFunction):
1589         (JSC::JSObject::putDirectWithoutTransition):
1590         (JSC::JSObject::putDirectFunctionWithoutTransition):
1591         (JSC::JSValue::putDirect):
1592         (JSC::JSObject::allocatePropertyStorageInline):
1593         (JSC::JSObject::markChildrenDirect):
1594         * runtime/JSPropertyNameIterator.cpp:
1595         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1596         (JSC::JSPropertyNameIterator::get):
1597         * runtime/JSPropertyNameIterator.h:
1598         * runtime/JSStaticScopeObject.cpp:
1599         (JSC::JSStaticScopeObject::markChildren):
1600         * runtime/JSString.cpp:
1601         (JSC::StringObject::create):
1602         * runtime/JSValue.h:
1603         * runtime/JSWrapperObject.cpp:
1604         (JSC::JSWrapperObject::markChildren):
1605         * runtime/JSWrapperObject.h:
1606         (JSC::JSWrapperObject::internalValue):
1607         (JSC::JSWrapperObject::setInternalValue):
1608         * runtime/LiteralParser.cpp:
1609         (JSC::LiteralParser::parse):
1610         * runtime/Lookup.cpp:
1611         (JSC::setUpStaticFunctionSlot):
1612         * runtime/Lookup.h:
1613         (JSC::lookupPut):
1614         * runtime/MarkStack.h:
1615         (JSC::MarkStack::MarkStack):
1616         (JSC::MarkStack::deprecatedAppendValues):
1617         (JSC::MarkStack::appendValues):
1618         * runtime/MathObject.cpp:
1619         (JSC::MathObject::MathObject):
1620         * runtime/NativeErrorConstructor.cpp:
1621         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1622         * runtime/NativeErrorPrototype.cpp:
1623         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1624         * runtime/NumberConstructor.cpp:
1625         (JSC::NumberConstructor::NumberConstructor):
1626         (JSC::constructWithNumberConstructor):
1627         * runtime/NumberObject.cpp:
1628         (JSC::constructNumber):
1629         * runtime/NumberPrototype.cpp:
1630         (JSC::NumberPrototype::NumberPrototype):
1631         * runtime/ObjectConstructor.cpp:
1632         (JSC::ObjectConstructor::ObjectConstructor):
1633         (JSC::objectConstructorGetOwnPropertyDescriptor):
1634         * runtime/Operations.h:
1635         (JSC::normalizePrototypeChain):
1636         (JSC::resolveBase):
1637         * runtime/PrototypeFunction.cpp:
1638         (JSC::PrototypeFunction::PrototypeFunction):
1639         * runtime/PutPropertySlot.h:
1640         (JSC::PutPropertySlot::setExistingProperty):
1641         (JSC::PutPropertySlot::setNewProperty):
1642         (JSC::PutPropertySlot::base):
1643         * runtime/RegExpConstructor.cpp:
1644         (JSC::RegExpConstructor::RegExpConstructor):
1645         * runtime/ScopeChain.cpp:
1646         (JSC::ScopeChainNode::print):
1647         * runtime/ScopeChain.h:
1648         (JSC::ScopeChainNode::~ScopeChainNode):
1649         (JSC::ScopeChainIterator::operator*):
1650         (JSC::ScopeChainIterator::operator->):
1651         (JSC::ScopeChain::top):
1652         * runtime/ScopeChainMark.h:
1653         (JSC::ScopeChain::markAggregate):
1654         * runtime/SmallStrings.cpp:
1655         (JSC::isMarked):
1656         (JSC::SmallStrings::markChildren):
1657         * runtime/SmallStrings.h:
1658         (JSC::SmallStrings::emptyString):
1659         (JSC::SmallStrings::singleCharacterString):
1660         (JSC::SmallStrings::singleCharacterStrings):
1661         * runtime/StringConstructor.cpp:
1662         (JSC::StringConstructor::StringConstructor):
1663         * runtime/StringObject.cpp:
1664         (JSC::StringObject::StringObject):
1665         * runtime/StringObject.h:
1666         * runtime/StringPrototype.cpp:
1667         (JSC::StringPrototype::StringPrototype):
1668         * runtime/Structure.cpp:
1669         (JSC::Structure::Structure):
1670         (JSC::Structure::addPropertyTransition):
1671         (JSC::Structure::toDictionaryTransition):
1672         (JSC::Structure::flattenDictionaryStructure):
1673         * runtime/Structure.h:
1674         (JSC::Structure::storedPrototype):
1675         (JSC::Structure::storedPrototypeSlot):
1676         * runtime/WeakGCMap.h:
1677         (JSC::WeakGCMap::uncheckedGet):
1678         (JSC::WeakGCMap::uncheckedGetSlot):
1679         (JSC::WeakGCMap::isValid):
1680         (JSC::::get):
1681         (JSC::::take):
1682         (JSC::::set):
1683         (JSC::::uncheckedRemove):
1684         * runtime/WriteBarrier.h: Added.
1685         (JSC::DeprecatedPtr::DeprecatedPtr):
1686         (JSC::DeprecatedPtr::get):
1687         (JSC::DeprecatedPtr::operator*):
1688         (JSC::DeprecatedPtr::operator->):
1689         (JSC::DeprecatedPtr::slot):
1690         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1691         (JSC::DeprecatedPtr::operator!):
1692         (JSC::WriteBarrierBase::set):
1693         (JSC::WriteBarrierBase::get):
1694         (JSC::WriteBarrierBase::operator*):
1695         (JSC::WriteBarrierBase::operator->):
1696         (JSC::WriteBarrierBase::slot):
1697         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1698         (JSC::WriteBarrierBase::operator!):
1699         (JSC::WriteBarrier::WriteBarrier):
1700         (JSC::operator==):
1701
1702 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
1703
1704         Reviewed by Oliver Hunt.
1705
1706         Filter all Heap collection through a common reset function, in
1707         preparation for adding features triggered by collection.
1708         https://bugs.webkit.org/show_bug.cgi?id=53396
1709         
1710         SunSpider reports no change.
1711
1712         * runtime/Heap.cpp:
1713         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
1714         limit, just call collectAllGarbage() instead of rolling our own special
1715         way of resetting the heap. In theory, this may be slower in some cases,
1716         but it also fixes cases of pathological heap growth that we've seen,
1717         where the only objects being allocated are temporary and huge
1718         (<rdar://problem/8885843>).
1719
1720         (JSC::Heap::allocate):
1721         (JSC::Heap::collectAllGarbage): Use the shared reset function.
1722
1723         (JSC::Heap::reset):
1724         * runtime/Heap.h: Carved a new shared reset function out of the old
1725         collectAllGarbage.
1726
1727 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1728
1729         Unreviewed, rolling out r77025.
1730         http://trac.webkit.org/changeset/77025
1731         https://bugs.webkit.org/show_bug.cgi?id=53401
1732
1733         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
1734         (Requested by Ossy on #webkit).
1735
1736         * jit/ExecutableAllocatorFixedVMPool.cpp:
1737         (JSC::FreeListEntry::FreeListEntry):
1738         (JSC::AVLTreeAbstractorForFreeList::get_less):
1739         (JSC::AVLTreeAbstractorForFreeList::set_less):
1740         (JSC::AVLTreeAbstractorForFreeList::get_greater):
1741         (JSC::AVLTreeAbstractorForFreeList::set_greater):
1742         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
1743         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
1744         (JSC::AVLTreeAbstractorForFreeList::null):
1745         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
1746         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
1747         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
1748         (JSC::reverseSortFreeListEntriesByPointer):
1749         (JSC::reverseSortCommonSizedAllocations):
1750         (JSC::FixedVMPoolAllocator::release):
1751         (JSC::FixedVMPoolAllocator::reuse):
1752         (JSC::FixedVMPoolAllocator::addToFreeList):
1753         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
1754         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1755         (JSC::FixedVMPoolAllocator::alloc):
1756         (JSC::FixedVMPoolAllocator::free):
1757         (JSC::FixedVMPoolAllocator::isValid):
1758         (JSC::FixedVMPoolAllocator::allocInternal):
1759         (JSC::FixedVMPoolAllocator::isWithinVMPool):
1760         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
1761         (JSC::ExecutableAllocator::committedByteCount):
1762         (JSC::maybeModifyVMPoolSize):
1763         (JSC::ExecutableAllocator::isValid):
1764         (JSC::ExecutableAllocator::underMemoryPressure):
1765         (JSC::ExecutablePool::systemAlloc):
1766         (JSC::ExecutablePool::systemRelease):
1767         * wtf/PageReservation.h:
1768         (WTF::PageReservation::PageReservation):
1769         (WTF::PageReservation::commit):
1770         (WTF::PageReservation::decommit):
1771
1772 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
1773
1774         Reviewed by Daniel Bates.
1775
1776         Code style issue in JavaScriptCore/wtf/CurrentTime.h
1777         https://bugs.webkit.org/show_bug.cgi?id=53394
1778
1779         According to rule #3 at http://webkit.org/coding/coding-style.html,
1780         This patch fix style issue in CurrentTime.h.
1781
1782         No functionality change, no new tests.
1783
1784         * wtf/CurrentTime.h:
1785         (WTF::currentTimeMS):
1786         (WTF::getLocalTime):
1787
1788 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
1789
1790         Reviewed by Kenneth Rohde Christiansen.
1791
1792         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
1793         https://bugs.webkit.org/show_bug.cgi?id=53377
1794
1795         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
1796         instead, we can use "-all_load" on Mac.
1797
1798         * JavaScriptCore.pri:
1799
1800 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1801
1802         Sorry Leopard bot -- I committed a change by accident.
1803
1804         * JavaScriptCore.exp: You may have your symbols back now.
1805
1806 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1807
1808         Reviewed by Cameron Zwarich.
1809
1810         Simplified Heap iteration
1811         https://bugs.webkit.org/show_bug.cgi?id=53393
1812
1813         * runtime/CollectorHeapIterator.h:
1814         (JSC::CollectorHeapIterator::isValid):
1815         (JSC::CollectorHeapIterator::isLive):
1816         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
1817         advance because it's a constant.
1818         (JSC::LiveObjectIterator::LiveObjectIterator):
1819         (JSC::LiveObjectIterator::operator++):
1820         (JSC::DeadObjectIterator::DeadObjectIterator):
1821         (JSC::DeadObjectIterator::operator++):
1822         (JSC::ObjectIterator::ObjectIterator):
1823         (JSC::ObjectIterator::operator++): Factored out common checks into
1824         two helper functions -- isValid() for "Am I past the end?" and isLive()
1825         for "Is the cell I'm pointing to live?".
1826
1827         * runtime/MarkedSpace.cpp:
1828         (JSC::MarkedSpace::freeBlock):
1829         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
1830         to the end, to avoid making sweep subtly reliant on internal Heap state.
1831         (JSC::MarkedSpace::primaryHeapBegin):
1832         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
1833         iteration begins.
1834
1835 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1836
1837         Reviewed by Cameron Zwarich.
1838
1839         Simplified heap destruction
1840         https://bugs.webkit.org/show_bug.cgi?id=53392
1841
1842         * JavaScriptCore.exp:
1843         * runtime/Heap.cpp:
1844         (JSC::Heap::destroy):
1845         * runtime/Heap.h:
1846         * runtime/MarkedSpace.cpp:
1847         (JSC::MarkedSpace::destroy):
1848         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
1849         cells last -- the difficult contortions required to do so just don't seem
1850         justified. We make no guarantees about GC protection after the client
1851         throws away JSGlobalData, and it doesn't seem like any meaningful
1852         guarantee is even possible.
1853
1854 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1855
1856         Reviewed by Maciej Stachowiak.
1857
1858         Switched heap to use the Bitmap class and removed CollectorBitmap
1859         https://bugs.webkit.org/show_bug.cgi?id=53391
1860         
1861         SunSpider says 1.005x as fast. Seems like a fluke.
1862
1863         * runtime/MarkedSpace.cpp:
1864         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
1865         rather than taking a value by reference.
1866
1867         * runtime/MarkedSpace.h: Code reuse is good.
1868
1869         * wtf/Bitmap.h:
1870         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
1871         which CollectorBitmap had. (Renamed from the less conventional "getset".)
1872
1873         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
1874         clarity. It's all the same with inlining.
1875
1876 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
1877
1878         Reviewed by Maciej Stachowiak.
1879
1880         Some more Heap cleanup.
1881         https://bugs.webkit.org/show_bug.cgi?id=53357
1882         
1883         * JavaScriptCore.exp:
1884         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
1885
1886         * runtime/Heap.cpp:
1887         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
1888         reportExtraMemoryCostSlowCase to match our naming conventions.
1889
1890         (JSC::Heap::capacity): Renamed size to capacity because this function
1891         returns the capacity of the heap, including unused portions.
1892
1893         * runtime/Heap.h:
1894         (JSC::Heap::globalData):
1895         (JSC::Heap::markedSpace):
1896         (JSC::Heap::machineStackMarker):
1897         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
1898         Moved ctor and dtor to the beginning of the class definition. Grouped
1899         functions by purpose.
1900
1901         * runtime/MarkedSpace.cpp:
1902         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
1903         function returns the capacity of the heap, including unused portions.
1904
1905         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
1906         the same information can be gotten just by calling size() and capacity().
1907
1908         * runtime/MemoryStatistics.cpp:
1909         * runtime/MemoryStatistics.h: Ditto.
1910
1911 2011-01-29  Daniel Bates  <dbates@rim.com>
1912
1913         Reviewed by Eric Seidel.
1914
1915         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
1916         https://bugs.webkit.org/show_bug.cgi?id=53253
1917
1918         Make inclusion of MT19937 a policy decision.
1919
1920         Currently, we hardcoded to  use MT19937 when building for
1921         Windows CE. Instead, we should make this a policy decision
1922         with the Windows CE port using this by default.
1923
1924         * JavaScriptCore.pri: Append Source/ThirdParty to the end
1925         of the list include directories.
1926         * wtf/CMakeLists.txt: Ditto.
1927         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
1928         building for Windows CE.
1929         * wtf/RandomNumber.cpp:
1930         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
1931
1932 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1933
1934         Reviewed by David Kilzer.
1935
1936         Bug 53374 - Remove uses of unsafe string functions in debugging code
1937         https://bugs.webkit.org/show_bug.cgi?id=53374
1938
1939         * runtime/RegExp.cpp:
1940         (JSC::RegExp::printTraceData):
1941
1942 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1943
1944         Reviewed by Oliver Hunt.
1945
1946         JavaScriptCoreUseJIT environment variable broken
1947         https://bugs.webkit.org/show_bug.cgi?id=53372
1948
1949         * runtime/JSGlobalData.cpp:
1950         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
1951         by getenv() rather than just doing a NULL check on the return value.
1952
1953 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
1954
1955         Reviewed by David Kilzer.
1956
1957         Move CharacterNames.h into WTF directory
1958         https://bugs.webkit.org/show_bug.cgi?id=49618
1959
1960         * GNUmakefile.am:
1961         * JavaScriptCore.gypi:
1962         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1963         * JavaScriptCore.xcodeproj/project.pbxproj:
1964         * wtf/CMakeLists.txt:
1965         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
1966         * wtf/unicode/UTF8.cpp:
1967
1968 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
1969
1970         Reviewed by Gavin Barraclough.
1971
1972         Add various clampToInt() methods to MathExtras.h
1973         https://bugs.webkit.org/show_bug.cgi?id=52910
1974         
1975         Add functions for clamping doubles and floats to valid int
1976         ranges, for signed and positive integers.
1977
1978         * wtf/MathExtras.h:
1979         (clampToInteger):
1980         (clampToPositiveInteger):
1981
1982 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1983
1984         Unreviewed, rolling out r77006 and r77020.
1985         http://trac.webkit.org/changeset/77006
1986         http://trac.webkit.org/changeset/77020
1987         https://bugs.webkit.org/show_bug.cgi?id=53360
1988
1989         "Broke Windows tests" (Requested by rniwa on #webkit).
1990
1991         * API/JSCallbackObject.h:
1992         (JSC::JSCallbackObjectData::setPrivateProperty):
1993         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1994         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1995         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1996         (JSC::JSCallbackObject::setPrivateProperty):
1997         * API/JSCallbackObjectFunctions.h:
1998         (JSC::::put):
1999         (JSC::::staticFunctionGetter):
2000         * API/JSObjectRef.cpp:
2001         (JSObjectMakeConstructor):
2002         (JSObjectSetPrivateProperty):
2003         * API/JSWeakObjectMapRefInternal.h:
2004         * JavaScriptCore.exp:
2005         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2006         * JavaScriptCore.xcodeproj/project.pbxproj:
2007         * bytecode/CodeBlock.cpp:
2008         (JSC::CodeBlock::markAggregate):
2009         * bytecode/CodeBlock.h:
2010         (JSC::CodeBlock::globalObject):
2011         * bytecompiler/BytecodeGenerator.cpp:
2012         (JSC::BytecodeGenerator::BytecodeGenerator):
2013         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2014         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2015         (JSC::BytecodeGenerator::findScopedProperty):
2016         * debugger/Debugger.cpp:
2017         (JSC::evaluateInGlobalCallFrame):
2018         * debugger/DebuggerActivation.cpp:
2019         (JSC::DebuggerActivation::DebuggerActivation):
2020         (JSC::DebuggerActivation::markChildren):
2021         * debugger/DebuggerActivation.h:
2022         * debugger/DebuggerCallFrame.cpp:
2023         (JSC::DebuggerCallFrame::evaluate):
2024         * interpreter/CallFrame.h:
2025         (JSC::ExecState::exception):
2026         * interpreter/Interpreter.cpp:
2027         (JSC::Interpreter::resolve):
2028         (JSC::Interpreter::resolveSkip):
2029         (JSC::Interpreter::resolveGlobal):
2030         (JSC::Interpreter::resolveGlobalDynamic):
2031         (JSC::Interpreter::resolveBaseAndProperty):
2032         (JSC::Interpreter::unwindCallFrame):
2033         (JSC::appendSourceToError):
2034         (JSC::Interpreter::execute):
2035         (JSC::Interpreter::tryCacheGetByID):
2036         (JSC::Interpreter::privateExecute):
2037         * jit/JITStubs.cpp:
2038         (JSC::JITThunks::tryCacheGetByID):
2039         (JSC::DEFINE_STUB_FUNCTION):
2040         * jsc.cpp:
2041         (GlobalObject::GlobalObject):
2042         * runtime/ArgList.cpp:
2043         (JSC::MarkedArgumentBuffer::markLists):
2044         * runtime/Arguments.cpp:
2045         (JSC::Arguments::markChildren):
2046         (JSC::Arguments::getOwnPropertySlot):
2047         (JSC::Arguments::getOwnPropertyDescriptor):
2048         (JSC::Arguments::put):
2049         * runtime/Arguments.h:
2050         (JSC::Arguments::setActivation):
2051         (JSC::Arguments::Arguments):
2052         * runtime/ArrayConstructor.cpp:
2053         (JSC::ArrayConstructor::ArrayConstructor):
2054         (JSC::constructArrayWithSizeQuirk):
2055         * runtime/ArrayPrototype.cpp:
2056         (JSC::arrayProtoFuncSplice):
2057         * runtime/BatchedTransitionOptimizer.h:
2058         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2059         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2060         * runtime/BooleanConstructor.cpp:
2061         (JSC::BooleanConstructor::BooleanConstructor):
2062         (JSC::constructBoolean):
2063         (JSC::constructBooleanFromImmediateBoolean):
2064         * runtime/BooleanPrototype.cpp:
2065         (JSC::BooleanPrototype::BooleanPrototype):
2066         * runtime/ConservativeSet.cpp:
2067         (JSC::ConservativeSet::grow):
2068         * runtime/ConservativeSet.h:
2069         (JSC::ConservativeSet::~ConservativeSet):
2070         (JSC::ConservativeSet::mark):
2071         * runtime/DateConstructor.cpp:
2072         (JSC::DateConstructor::DateConstructor):
2073         * runtime/DateInstance.cpp:
2074         (JSC::DateInstance::DateInstance):
2075         * runtime/DatePrototype.cpp:
2076         (JSC::dateProtoFuncSetTime):
2077         (JSC::setNewValueFromTimeArgs):
2078         (JSC::setNewValueFromDateArgs):
2079         (JSC::dateProtoFuncSetYear):
2080         * runtime/ErrorConstructor.cpp:
2081         (JSC::ErrorConstructor::ErrorConstructor):
2082         * runtime/ErrorInstance.cpp:
2083         (JSC::ErrorInstance::ErrorInstance):
2084         * runtime/ErrorPrototype.cpp:
2085         (JSC::ErrorPrototype::ErrorPrototype):
2086         * runtime/FunctionConstructor.cpp:
2087         (JSC::FunctionConstructor::FunctionConstructor):
2088         * runtime/FunctionPrototype.cpp:
2089         (JSC::FunctionPrototype::FunctionPrototype):
2090         * runtime/GetterSetter.cpp:
2091         (JSC::GetterSetter::markChildren):
2092         * runtime/GetterSetter.h:
2093         (JSC::GetterSetter::GetterSetter):
2094         (JSC::GetterSetter::getter):
2095         (JSC::GetterSetter::setGetter):
2096         (JSC::GetterSetter::setter):
2097         (JSC::GetterSetter::setSetter):
2098         * runtime/GlobalEvalFunction.cpp:
2099         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2100         (JSC::GlobalEvalFunction::markChildren):
2101         * runtime/GlobalEvalFunction.h:
2102         (JSC::GlobalEvalFunction::cachedGlobalObject):
2103         * runtime/Heap.cpp:
2104         (JSC::Heap::markProtectedObjects):
2105         (JSC::Heap::markTempSortVectors):
2106         (JSC::Heap::markRoots):
2107         * runtime/InternalFunction.cpp:
2108         (JSC::InternalFunction::InternalFunction):
2109         * runtime/JSAPIValueWrapper.h:
2110         (JSC::JSAPIValueWrapper::value):
2111         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2112         * runtime/JSActivation.cpp:
2113         (JSC::JSActivation::markChildren):
2114         (JSC::JSActivation::put):
2115         * runtime/JSArray.cpp:
2116         (JSC::JSArray::JSArray):
2117         (JSC::JSArray::getOwnPropertySlot):
2118         (JSC::JSArray::getOwnPropertyDescriptor):
2119         (JSC::JSArray::put):
2120         (JSC::JSArray::putSlowCase):
2121         (JSC::JSArray::deleteProperty):
2122         (JSC::JSArray::increaseVectorLength):
2123         (JSC::JSArray::setLength):
2124         (JSC::JSArray::pop):
2125         (JSC::JSArray::push):
2126         (JSC::JSArray::unshiftCount):
2127         (JSC::JSArray::sort):
2128         (JSC::JSArray::fillArgList):
2129         (JSC::JSArray::copyToRegisters):
2130         (JSC::JSArray::compactForSorting):
2131         * runtime/JSArray.h:
2132         (JSC::JSArray::getIndex):
2133         (JSC::JSArray::setIndex):
2134         (JSC::JSArray::uncheckedSetIndex):
2135         (JSC::JSArray::markChildrenDirect):
2136         * runtime/JSByteArray.cpp:
2137         (JSC::JSByteArray::JSByteArray):
2138         * runtime/JSCell.h:
2139         (JSC::JSCell::JSValue::toThisObject):
2140         (JSC::JSCell::MarkStack::append):
2141         * runtime/JSFunction.cpp:
2142         (JSC::JSFunction::JSFunction):
2143         (JSC::JSFunction::getOwnPropertySlot):
2144         * runtime/JSGlobalData.h:
2145         * runtime/JSGlobalObject.cpp:
2146         (JSC::markIfNeeded):
2147         (JSC::JSGlobalObject::reset):
2148         (JSC::JSGlobalObject::resetPrototype):
2149         (JSC::JSGlobalObject::markChildren):
2150         * runtime/JSGlobalObject.h:
2151         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2152         (JSC::JSGlobalObject::regExpConstructor):
2153         (JSC::JSGlobalObject::errorConstructor):
2154         (JSC::JSGlobalObject::evalErrorConstructor):
2155         (JSC::JSGlobalObject::rangeErrorConstructor):
2156         (JSC::JSGlobalObject::referenceErrorConstructor):
2157         (JSC::JSGlobalObject::syntaxErrorConstructor):
2158         (JSC::JSGlobalObject::typeErrorConstructor):
2159         (JSC::JSGlobalObject::URIErrorConstructor):
2160         (JSC::JSGlobalObject::evalFunction):
2161         (JSC::JSGlobalObject::objectPrototype):
2162         (JSC::JSGlobalObject::functionPrototype):
2163         (JSC::JSGlobalObject::arrayPrototype):
2164         (JSC::JSGlobalObject::booleanPrototype):
2165         (JSC::JSGlobalObject::stringPrototype):
2166         (JSC::JSGlobalObject::numberPrototype):
2167         (JSC::JSGlobalObject::datePrototype):
2168         (JSC::JSGlobalObject::regExpPrototype):
2169         (JSC::JSGlobalObject::methodCallDummy):
2170         (JSC::Structure::prototypeForLookup):
2171         (JSC::constructArray):
2172         * runtime/JSONObject.cpp:
2173         (JSC::Stringifier::Holder::object):
2174         (JSC::Stringifier::markAggregate):
2175         (JSC::Stringifier::stringify):
2176         (JSC::Stringifier::Holder::appendNextProperty):
2177         (JSC::Walker::callReviver):
2178         (JSC::Walker::walk):
2179         * runtime/JSObject.cpp:
2180         (JSC::JSObject::defineGetter):
2181         (JSC::JSObject::defineSetter):
2182         (JSC::JSObject::removeDirect):
2183         (JSC::JSObject::putDirectFunction):
2184         (JSC::JSObject::putDirectFunctionWithoutTransition):
2185         (JSC::putDescriptor):
2186         (JSC::JSObject::defineOwnProperty):
2187         * runtime/JSObject.h:
2188         (JSC::JSObject::getDirectOffset):
2189         (JSC::JSObject::putDirectOffset):
2190         (JSC::JSObject::flattenDictionaryObject):
2191         (JSC::JSObject::putDirectInternal):
2192         (JSC::JSObject::putDirect):
2193         (JSC::JSObject::putDirectFunction):
2194         (JSC::JSObject::putDirectWithoutTransition):
2195         (JSC::JSObject::putDirectFunctionWithoutTransition):
2196         (JSC::JSValue::putDirect):
2197         (JSC::JSObject::allocatePropertyStorageInline):
2198         (JSC::JSObject::markChildrenDirect):
2199         * runtime/JSPropertyNameIterator.cpp:
2200         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2201         (JSC::JSPropertyNameIterator::get):
2202         * runtime/JSPropertyNameIterator.h:
2203         * runtime/JSStaticScopeObject.cpp:
2204         (JSC::JSStaticScopeObject::markChildren):
2205         * runtime/JSString.cpp:
2206         (JSC::StringObject::create):
2207         * runtime/JSValue.h:
2208         * runtime/JSWrapperObject.cpp:
2209         (JSC::JSWrapperObject::markChildren):
2210         * runtime/JSWrapperObject.h:
2211         (JSC::JSWrapperObject::internalValue):
2212         (JSC::JSWrapperObject::setInternalValue):
2213         * runtime/LiteralParser.cpp:
2214         (JSC::LiteralParser::parse):
2215         * runtime/Lookup.cpp:
2216         (JSC::setUpStaticFunctionSlot):
2217         * runtime/Lookup.h:
2218         (JSC::lookupPut):
2219         * runtime/MarkStack.h:
2220         (JSC::MarkStack::appendValues):
2221         * runtime/MathObject.cpp:
2222         (JSC::MathObject::MathObject):
2223         * runtime/NativeErrorConstructor.cpp:
2224         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2225         * runtime/NativeErrorPrototype.cpp:
2226         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2227         * runtime/NumberConstructor.cpp:
2228         (JSC::NumberConstructor::NumberConstructor):
2229         (JSC::constructWithNumberConstructor):
2230         * runtime/NumberObject.cpp:
2231         (JSC::constructNumber):
2232         * runtime/NumberPrototype.cpp:
2233         (JSC::NumberPrototype::NumberPrototype):
2234         * runtime/ObjectConstructor.cpp:
2235         (JSC::ObjectConstructor::ObjectConstructor):
2236         (JSC::objectConstructorGetOwnPropertyDescriptor):
2237         * runtime/Operations.h:
2238         (JSC::normalizePrototypeChain):
2239         (JSC::resolveBase):
2240         * runtime/PrototypeFunction.cpp:
2241         (JSC::PrototypeFunction::PrototypeFunction):
2242         * runtime/PutPropertySlot.h:
2243         (JSC::PutPropertySlot::setExistingProperty):
2244         (JSC::PutPropertySlot::setNewProperty):
2245         (JSC::PutPropertySlot::base):
2246         * runtime/RegExpConstructor.cpp:
2247         (JSC::RegExpConstructor::RegExpConstructor):
2248         * runtime/ScopeChain.cpp:
2249         (JSC::ScopeChainNode::print):
2250         * runtime/ScopeChain.h:
2251         (JSC::ScopeChainNode::~ScopeChainNode):
2252         (JSC::ScopeChainIterator::operator*):
2253         (JSC::ScopeChainIterator::operator->):
2254         (JSC::ScopeChain::top):
2255         * runtime/ScopeChainMark.h:
2256         (JSC::ScopeChain::markAggregate):
2257         * runtime/SmallStrings.cpp:
2258         (JSC::isMarked):
2259         (JSC::SmallStrings::markChildren):
2260         * runtime/SmallStrings.h:
2261         (JSC::SmallStrings::emptyString):
2262         (JSC::SmallStrings::singleCharacterString):
2263         (JSC::SmallStrings::singleCharacterStrings):
2264         * runtime/StringConstructor.cpp:
2265         (JSC::StringConstructor::StringConstructor):
2266         * runtime/StringObject.cpp:
2267         (JSC::StringObject::StringObject):
2268         * runtime/StringObject.h:
2269         * runtime/StringPrototype.cpp:
2270         (JSC::StringPrototype::StringPrototype):
2271         * runtime/Structure.cpp:
2272         (JSC::Structure::Structure):
2273         (JSC::Structure::addPropertyTransition):
2274         (JSC::Structure::toDictionaryTransition):
2275         (JSC::Structure::flattenDictionaryStructure):
2276         * runtime/Structure.h:
2277         (JSC::Structure::storedPrototype):
2278         * runtime/WeakGCMap.h:
2279         (JSC::WeakGCMap::uncheckedGet):
2280         (JSC::WeakGCMap::isValid):
2281         (JSC::::get):
2282         (JSC::::take):
2283         (JSC::::set):
2284         (JSC::::uncheckedRemove):
2285         * runtime/WriteBarrier.h: Removed.
2286
2287 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2288
2289         Reviewed by Geoff Garen.
2290
2291         https://bugs.webkit.org/show_bug.cgi?id=53352
2292         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2293
2294         The FixedVMPoolAllocator currently uses a best fix policy -
2295         switch to first fit, this is less prone to external fragmentation.
2296
2297         * jit/ExecutableAllocatorFixedVMPool.cpp:
2298         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2299         (JSC::AllocationTableSizeClass::blockSize):
2300         (JSC::AllocationTableSizeClass::blockCount):
2301         (JSC::AllocationTableSizeClass::blockAlignment):
2302         (JSC::AllocationTableSizeClass::size):
2303         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2304         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2305         (JSC::AllocationTableLeaf::allocate):
2306         (JSC::AllocationTableLeaf::free):
2307         (JSC::AllocationTableLeaf::isEmpty):
2308         (JSC::AllocationTableLeaf::isFull):
2309         (JSC::AllocationTableLeaf::size):
2310         (JSC::AllocationTableLeaf::classForSize):
2311         (JSC::AllocationTableLeaf::dump):
2312         (JSC::LazyAllocationTable::LazyAllocationTable):
2313         (JSC::LazyAllocationTable::~LazyAllocationTable):
2314         (JSC::LazyAllocationTable::allocate):
2315         (JSC::LazyAllocationTable::free):
2316         (JSC::LazyAllocationTable::isEmpty):
2317         (JSC::LazyAllocationTable::isFull):
2318         (JSC::LazyAllocationTable::size):
2319         (JSC::LazyAllocationTable::dump):
2320         (JSC::LazyAllocationTable::classForSize):
2321         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2322         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2323         (JSC::AllocationTableDirectory::allocate):
2324         (JSC::AllocationTableDirectory::free):
2325         (JSC::AllocationTableDirectory::isEmpty):
2326         (JSC::AllocationTableDirectory::isFull):
2327         (JSC::AllocationTableDirectory::size):
2328         (JSC::AllocationTableDirectory::classForSize):
2329         (JSC::AllocationTableDirectory::dump):
2330         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2331         (JSC::FixedVMPoolAllocator::alloc):
2332         (JSC::FixedVMPoolAllocator::free):
2333         (JSC::FixedVMPoolAllocator::allocated):
2334         (JSC::FixedVMPoolAllocator::isValid):
2335         (JSC::FixedVMPoolAllocator::classForSize):
2336         (JSC::FixedVMPoolAllocator::offsetToPointer):
2337         (JSC::FixedVMPoolAllocator::pointerToOffset):
2338         (JSC::ExecutableAllocator::committedByteCount):
2339         (JSC::ExecutableAllocator::isValid):
2340         (JSC::ExecutableAllocator::underMemoryPressure):
2341         (JSC::ExecutablePool::systemAlloc):
2342         (JSC::ExecutablePool::systemRelease):
2343         * wtf/PageReservation.h:
2344         (WTF::PageReservation::PageReservation):
2345         (WTF::PageReservation::commit):
2346         (WTF::PageReservation::decommit):
2347         (WTF::PageReservation::committed):
2348
2349 2011-01-27  Oliver Hunt  <oliver@apple.com>
2350
2351         Reviewed by Geoffrey Garen.
2352
2353         Convert markstack to a slot visitor API
2354         https://bugs.webkit.org/show_bug.cgi?id=53219
2355
2356         Move the MarkStack over to a slot based marking API.
2357
2358         In order to avoiding aliasing concerns there are two new types
2359         that need to be used when holding on to JSValues and JSCell that
2360         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2361         is expected to be used for any JSValue or Cell that's lifetime and
2362         marking is controlled by another GC object.  DeprecatedPtr is used
2363         for any value that we need to rework ownership for.
2364
2365         The change over to this model has produced a large amount of
2366         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2367         etc).
2368
2369         * API/JSCallbackObject.h:
2370         (JSC::JSCallbackObjectData::setPrivateProperty):
2371         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2372         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2373         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2374         (JSC::JSCallbackObject::setPrivateProperty):
2375         * API/JSCallbackObjectFunctions.h:
2376         (JSC::::put):
2377         (JSC::::staticFunctionGetter):
2378         * API/JSObjectRef.cpp:
2379         (JSObjectMakeConstructor):
2380         (JSObjectSetPrivateProperty):
2381         * API/JSWeakObjectMapRefInternal.h:
2382         * JavaScriptCore.exp:
2383         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2384         * JavaScriptCore.xcodeproj/project.pbxproj:
2385         * bytecode/CodeBlock.cpp:
2386         (JSC::CodeBlock::markAggregate):
2387         * bytecode/CodeBlock.h:
2388         (JSC::CodeBlock::globalObject):
2389         * bytecompiler/BytecodeGenerator.cpp:
2390         (JSC::BytecodeGenerator::BytecodeGenerator):
2391         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2392         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2393         (JSC::BytecodeGenerator::findScopedProperty):
2394         * debugger/DebuggerActivation.cpp:
2395         (JSC::DebuggerActivation::DebuggerActivation):
2396         (JSC::DebuggerActivation::markChildren):
2397         * debugger/DebuggerActivation.h:
2398         * interpreter/Interpreter.cpp:
2399         (JSC::Interpreter::resolve):
2400         (JSC::Interpreter::resolveSkip):
2401         (JSC::Interpreter::resolveGlobalDynamic):
2402         (JSC::Interpreter::resolveBaseAndProperty):
2403         (JSC::Interpreter::unwindCallFrame):
2404         (JSC::appendSourceToError):
2405         (JSC::Interpreter::execute):
2406         (JSC::Interpreter::privateExecute):
2407         * interpreter/Register.h:
2408         (JSC::Register::jsValueSlot):
2409         * jit/JITStubs.cpp:
2410         (JSC::JITThunks::tryCacheGetByID):
2411         (JSC::DEFINE_STUB_FUNCTION):
2412         * jsc.cpp:
2413         (GlobalObject::GlobalObject):
2414         * runtime/Arguments.cpp:
2415         (JSC::Arguments::markChildren):
2416         (JSC::Arguments::getOwnPropertySlot):
2417         (JSC::Arguments::getOwnPropertyDescriptor):
2418         (JSC::Arguments::put):
2419         * runtime/Arguments.h:
2420         (JSC::Arguments::setActivation):
2421         (JSC::Arguments::Arguments):
2422         * runtime/ArrayConstructor.cpp:
2423         (JSC::ArrayConstructor::ArrayConstructor):
2424         (JSC::constructArrayWithSizeQuirk):
2425         * runtime/ArrayPrototype.cpp:
2426         (JSC::arrayProtoFuncSplice):
2427         * runtime/BatchedTransitionOptimizer.h:
2428         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2429         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2430         * runtime/BooleanConstructor.cpp:
2431         (JSC::BooleanConstructor::BooleanConstructor):
2432         (JSC::constructBoolean):
2433         (JSC::constructBooleanFromImmediateBoolean):
2434         * runtime/BooleanPrototype.cpp:
2435         (JSC::BooleanPrototype::BooleanPrototype):
2436         * runtime/ConservativeSet.h:
2437         (JSC::ConservativeSet::mark):
2438         * runtime/DateConstructor.cpp:
2439         (JSC::DateConstructor::DateConstructor):
2440         * runtime/DateInstance.cpp:
2441         (JSC::DateInstance::DateInstance):
2442         * runtime/DatePrototype.cpp:
2443         (JSC::dateProtoFuncSetTime):
2444         (JSC::setNewValueFromTimeArgs):
2445         (JSC::setNewValueFromDateArgs):
2446         (JSC::dateProtoFuncSetYear):
2447         * runtime/ErrorConstructor.cpp:
2448         (JSC::ErrorConstructor::ErrorConstructor):
2449         * runtime/ErrorInstance.cpp:
2450         (JSC::ErrorInstance::ErrorInstance):
2451         * runtime/ErrorPrototype.cpp:
2452         (JSC::ErrorPrototype::ErrorPrototype):
2453         * runtime/FunctionConstructor.cpp:
2454         (JSC::FunctionConstructor::FunctionConstructor):
2455         * runtime/FunctionPrototype.cpp:
2456         (JSC::FunctionPrototype::FunctionPrototype):
2457         * runtime/GetterSetter.cpp:
2458         (JSC::GetterSetter::markChildren):
2459         * runtime/GetterSetter.h:
2460         (JSC::GetterSetter::GetterSetter):
2461         (JSC::GetterSetter::getter):
2462         (JSC::GetterSetter::setGetter):
2463         (JSC::GetterSetter::setter):
2464         (JSC::GetterSetter::setSetter):
2465         * runtime/GlobalEvalFunction.cpp:
2466         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2467         (JSC::GlobalEvalFunction::markChildren):
2468         * runtime/GlobalEvalFunction.h:
2469         (JSC::GlobalEvalFunction::cachedGlobalObject):
2470         * runtime/Heap.cpp:
2471         (JSC::Heap::markProtectedObjects):
2472         (JSC::Heap::markTempSortVectors):
2473         (JSC::Heap::markRoots):
2474         * runtime/InternalFunction.cpp:
2475         (JSC::InternalFunction::InternalFunction):
2476         * runtime/JSAPIValueWrapper.h:
2477         (JSC::JSAPIValueWrapper::value):
2478         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2479         * runtime/JSActivation.cpp:
2480         (JSC::JSActivation::put):
2481         * runtime/JSArray.cpp:
2482         (JSC::JSArray::JSArray):
2483         (JSC::JSArray::getOwnPropertySlot):
2484         (JSC::JSArray::getOwnPropertyDescriptor):
2485         (JSC::JSArray::put):
2486         (JSC::JSArray::putSlowCase):
2487         (JSC::JSArray::deleteProperty):
2488         (JSC::JSArray::increaseVectorLength):
2489         (JSC::JSArray::setLength):
2490         (JSC::JSArray::pop):
2491         (JSC::JSArray::push):
2492         (JSC::JSArray::unshiftCount):
2493         (JSC::JSArray::sort):
2494         (JSC::JSArray::fillArgList):
2495         (JSC::JSArray::copyToRegisters):
2496         (JSC::JSArray::compactForSorting):
2497         * runtime/JSArray.h:
2498         (JSC::JSArray::getIndex):
2499         (JSC::JSArray::setIndex):
2500         (JSC::JSArray::uncheckedSetIndex):
2501         (JSC::JSArray::markChildrenDirect):
2502         * runtime/JSByteArray.cpp:
2503         (JSC::JSByteArray::JSByteArray):
2504         * runtime/JSCell.h:
2505         (JSC::JSCell::MarkStack::append):
2506         (JSC::JSCell::MarkStack::appendCell):
2507         * runtime/JSFunction.cpp:
2508         (JSC::JSFunction::JSFunction):
2509         (JSC::JSFunction::getOwnPropertySlot):
2510         * runtime/JSGlobalObject.cpp:
2511         (JSC::markIfNeeded):
2512         (JSC::JSGlobalObject::reset):
2513         (JSC::JSGlobalObject::resetPrototype):
2514         (JSC::JSGlobalObject::markChildren):
2515         * runtime/JSGlobalObject.h:
2516         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2517         (JSC::JSGlobalObject::regExpConstructor):
2518         (JSC::JSGlobalObject::errorConstructor):
2519         (JSC::JSGlobalObject::evalErrorConstructor):
2520         (JSC::JSGlobalObject::rangeErrorConstructor):
2521         (JSC::JSGlobalObject::referenceErrorConstructor):
2522         (JSC::JSGlobalObject::syntaxErrorConstructor):
2523         (JSC::JSGlobalObject::typeErrorConstructor):
2524         (JSC::JSGlobalObject::URIErrorConstructor):
2525         (JSC::JSGlobalObject::evalFunction):
2526         (JSC::JSGlobalObject::objectPrototype):
2527         (JSC::JSGlobalObject::functionPrototype):
2528         (JSC::JSGlobalObject::arrayPrototype):
2529         (JSC::JSGlobalObject::booleanPrototype):
2530         (JSC::JSGlobalObject::stringPrototype):
2531         (JSC::JSGlobalObject::numberPrototype):
2532         (JSC::JSGlobalObject::datePrototype):
2533         (JSC::JSGlobalObject::regExpPrototype):
2534         (JSC::JSGlobalObject::methodCallDummy):
2535         (JSC::constructArray):
2536         * runtime/JSONObject.cpp:
2537         (JSC::Stringifier::Holder::object):
2538         (JSC::Stringifier::Holder::objectSlot):
2539         (JSC::Stringifier::markAggregate):
2540         (JSC::Stringifier::stringify):
2541         (JSC::Stringifier::Holder::appendNextProperty):
2542         (JSC::Walker::callReviver):
2543         (JSC::Walker::walk):
2544         * runtime/JSObject.cpp:
2545         (JSC::JSObject::defineGetter):
2546         (JSC::JSObject::defineSetter):
2547         (JSC::JSObject::removeDirect):
2548         (JSC::JSObject::putDirectFunction):
2549         (JSC::JSObject::putDirectFunctionWithoutTransition):
2550         (JSC::putDescriptor):
2551         (JSC::JSObject::defineOwnProperty):
2552         * runtime/JSObject.h:
2553         (JSC::JSObject::putDirectOffset):
2554         (JSC::JSObject::putUndefinedAtDirectOffset):
2555         (JSC::JSObject::flattenDictionaryObject):
2556         (JSC::JSObject::putDirectInternal):
2557         (JSC::JSObject::putDirect):
2558         (JSC::JSObject::putDirectFunction):
2559         (JSC::JSObject::putDirectWithoutTransition):
2560         (JSC::JSObject::putDirectFunctionWithoutTransition):
2561         (JSC::JSValue::putDirect):
2562         (JSC::JSObject::allocatePropertyStorageInline):
2563         (JSC::JSObject::markChildrenDirect):
2564         * runtime/JSStaticScopeObject.cpp:
2565         (JSC::JSStaticScopeObject::markChildren):
2566         * runtime/JSString.cpp:
2567         (JSC::StringObject::create):
2568         * runtime/JSValue.h:
2569         * runtime/JSWrapperObject.cpp:
2570         (JSC::JSWrapperObject::markChildren):
2571         * runtime/JSWrapperObject.h:
2572         (JSC::JSWrapperObject::internalValue):
2573         (JSC::JSWrapperObject::setInternalValue):
2574         * runtime/LiteralParser.cpp:
2575         (JSC::LiteralParser::parse):
2576         * runtime/Lookup.cpp:
2577         (JSC::setUpStaticFunctionSlot):
2578         * runtime/Lookup.h:
2579         (JSC::lookupPut):
2580         * runtime/MarkStack.h:
2581         * runtime/MathObject.cpp:
2582         (JSC::MathObject::MathObject):
2583         * runtime/NativeErrorConstructor.cpp:
2584         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2585         * runtime/NativeErrorPrototype.cpp:
2586         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2587         * runtime/NumberConstructor.cpp:
2588         (JSC::NumberConstructor::NumberConstructor):
2589         (JSC::constructWithNumberConstructor):
2590         * runtime/NumberObject.cpp:
2591         (JSC::constructNumber):
2592         * runtime/NumberPrototype.cpp:
2593         (JSC::NumberPrototype::NumberPrototype):
2594         * runtime/ObjectConstructor.cpp:
2595         (JSC::ObjectConstructor::ObjectConstructor):
2596         (JSC::objectConstructorGetOwnPropertyDescriptor):
2597         * runtime/Operations.h:
2598         (JSC::normalizePrototypeChain):
2599         (JSC::resolveBase):
2600         * runtime/PrototypeFunction.cpp:
2601         (JSC::PrototypeFunction::PrototypeFunction):
2602         * runtime/PutPropertySlot.h:
2603         (JSC::PutPropertySlot::setExistingProperty):
2604         (JSC::PutPropertySlot::setNewProperty):
2605         (JSC::PutPropertySlot::base):
2606         * runtime/RegExpConstructor.cpp:
2607         (JSC::RegExpConstructor::RegExpConstructor):
2608         * runtime/ScopeChain.cpp:
2609         (JSC::ScopeChainNode::print):
2610         * runtime/ScopeChain.h:
2611         (JSC::ScopeChainNode::~ScopeChainNode):
2612         (JSC::ScopeChainIterator::operator*):
2613         (JSC::ScopeChainIterator::operator->):
2614         (JSC::ScopeChain::top):
2615         * runtime/ScopeChainMark.h:
2616         (JSC::ScopeChain::markAggregate):
2617         * runtime/SmallStrings.cpp:
2618         (JSC::isMarked):
2619         (JSC::SmallStrings::markChildren):
2620         * runtime/SmallStrings.h:
2621         (JSC::SmallStrings::emptyString):
2622         (JSC::SmallStrings::singleCharacterString):
2623         (JSC::SmallStrings::singleCharacterStrings):
2624         * runtime/StringConstructor.cpp:
2625         (JSC::StringConstructor::StringConstructor):
2626         * runtime/StringObject.cpp:
2627         (JSC::StringObject::StringObject):
2628         * runtime/StringObject.h:
2629         * runtime/StringPrototype.cpp:
2630         (JSC::StringPrototype::StringPrototype):
2631         * runtime/Structure.cpp:
2632         (JSC::Structure::flattenDictionaryStructure):
2633         * runtime/Structure.h:
2634         (JSC::Structure::storedPrototypeSlot):
2635         * runtime/WeakGCMap.h:
2636         (JSC::WeakGCMap::uncheckedGet):
2637         (JSC::WeakGCMap::uncheckedGetSlot):
2638         (JSC::::get):
2639         (JSC::::take):
2640         (JSC::::set):
2641         (JSC::::uncheckedRemove):
2642         * runtime/WriteBarrier.h: Added.
2643         (JSC::DeprecatedPtr::DeprecatedPtr):
2644         (JSC::DeprecatedPtr::get):
2645         (JSC::DeprecatedPtr::operator*):
2646         (JSC::DeprecatedPtr::operator->):
2647         (JSC::DeprecatedPtr::slot):
2648         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2649         (JSC::DeprecatedPtr::operator!):
2650         (JSC::WriteBarrierBase::set):
2651         (JSC::WriteBarrierBase::get):
2652         (JSC::WriteBarrierBase::operator*):
2653         (JSC::WriteBarrierBase::operator->):
2654         (JSC::WriteBarrierBase::slot):
2655         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2656         (JSC::WriteBarrierBase::operator!):
2657         (JSC::WriteBarrier::WriteBarrier):
2658         (JSC::operator==):
2659
2660 2011-01-28  Adam Roben  <aroben@apple.com>
2661
2662         Chromium build fix after r76967
2663
2664         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
2665         similar macros in this file.
2666
2667 2011-01-28  Michael Saboff  <msaboff@apple.com>
2668
2669         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2670         https://bugs.webkit.org/show_bug.cgi?id=53271
2671
2672         Reapplying this this change.  No change from prior patch in
2673         JavaScriptCore.
2674
2675         Added new isValid() methods to check if a contained object in
2676         a WeakGCMap is valid when using an unchecked iterator.
2677
2678         * runtime/WeakGCMap.h:
2679         (JSC::WeakGCMap::isValid):
2680
2681 2011-01-27  Adam Roben  <aroben@apple.com>
2682
2683         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
2684         function
2685
2686         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
2687         Win32 event
2688
2689         Reviewed by Dave Hyatt.
2690
2691         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
2692
2693         * wtf/ThreadingPrimitives.h: Declare the new function.
2694
2695         * wtf/ThreadingWin.cpp:
2696         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
2697         interval from here...
2698         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
2699
2700 2011-01-28  Sam Weinig  <sam@webkit.org>
2701
2702         Reviewed by Maciej Stachowiak.
2703
2704         Add basic rubber banding support
2705         <rdar://problem/8219429>
2706         https://bugs.webkit.org/show_bug.cgi?id=53277
2707
2708         * wtf/Platform.h: Add ENABLE for rubber banding.
2709
2710 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2711
2712         Unreviewed, rolling out r76893.
2713         http://trac.webkit.org/changeset/76893
2714         https://bugs.webkit.org/show_bug.cgi?id=53287
2715
2716         It made some tests crash on GTK and Qt debug bots (Requested
2717         by Ossy on #webkit).
2718
2719         * runtime/WeakGCMap.h:
2720
2721 2011-01-27  Adam Barth  <abarth@webkit.org>
2722
2723         Reviewed by Eric Seidel.
2724
2725         Add WTFString method to compare equality with Vector<UChar>
2726         https://bugs.webkit.org/show_bug.cgi?id=53266
2727
2728         I'm planning to use this method in the new XSS filter implementation,
2729         but it seems generally useful.
2730
2731         * wtf/text/StringImpl.h:
2732         (WTF::equalIgnoringNullity):
2733         * wtf/text/WTFString.h:
2734         (WTF::equalIgnoringNullity):
2735
2736 2011-01-27  Michael Saboff  <msaboff@apple.com>
2737
2738         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2739         https://bugs.webkit.org/show_bug.cgi?id=53271
2740
2741         Added new isValid() methods to check if a contained object in
2742         a WeakGCMap is valid when using an unchecked iterator.
2743
2744         * runtime/WeakGCMap.h:
2745         (JSC::WeakGCMap::isValid):
2746
2747 2011-01-26  Sam Weinig  <sam@webkit.org>
2748
2749         Reviewed by Maciej Stachowiak.
2750
2751         Add events to represent the start/end of a gesture scroll
2752         https://bugs.webkit.org/show_bug.cgi?id=53215
2753
2754         * wtf/Platform.h: Add ENABLE for gesture events. 
2755
2756 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
2757
2758         Reviewed by Laszlo Gombos.
2759
2760         [Qt][Symbian] Fix --minimal build
2761         https://bugs.webkit.org/show_bug.cgi?id=52839
2762
2763         Move definition of USE_SYSTEM_MALLOC out of pri file.
2764         Put it in platform.h instead.
2765
2766         * wtf/Platform.h:
2767         * wtf/TCSystemAlloc.cpp:
2768         * wtf/wtf.pri:
2769
2770 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
2771
2772         Reviewed by Andreas Kling.
2773
2774         [WINCE] Add JIT support to build system
2775         https://bugs.webkit.org/show_bug.cgi?id=53079
2776
2777         * CMakeListsWinCE.txt:
2778
2779 2011-01-25  Adam Roben  <aroben@apple.com>
2780
2781         Windows Production build fix
2782
2783         Reviewed by Steve Falkenburg.
2784
2785         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
2786         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
2787         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
2788
2789 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
2790
2791         Rubber-stamped by Adam Roben.
2792
2793         Windows production build fix.
2794         Use correct environment variable escaping
2795
2796         * JavaScriptCore.vcproj/JavaScriptCore.make:
2797         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2798
2799 2011-01-25  Oliver Hunt  <oliver@apple.com>
2800
2801         Reviewed by Gavin Barraclough.
2802
2803         JSON.stringify processing time exponentially grows with size of object
2804         https://bugs.webkit.org/show_bug.cgi?id=51922
2805
2806         Remove last use of reserveCapacity from JSON stringification, as it results
2807         in appalling append behaviour when there are a large number of property names
2808         and nothing else.
2809
2810         * runtime/JSONObject.cpp:
2811         (JSC::Stringifier::appendQuotedString):
2812
2813 2011-01-25  Antti Koivisto  <antti@apple.com>
2814
2815         Not reviewed.
2816         
2817         Try to fix windows build.
2818
2819         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2820
2821 2011-01-25  Antti Koivisto  <antti@apple.com>
2822
2823         Reviewed by Oliver Hunt.
2824
2825         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
2826         https://bugs.webkit.org/show_bug.cgi?id=53061
2827          
2828         Cache did not know about the subclass so failed to fully delete the items. 
2829         Got rid of the subclass and moved the classes to separate files.
2830
2831         * CMakeLists.txt:
2832         * GNUmakefile.am:
2833         * JavaScriptCore.exp:
2834         * JavaScriptCore.gypi:
2835         * JavaScriptCore.pro:
2836         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2837         * JavaScriptCore.xcodeproj/project.pbxproj:
2838         * parser/JSParser.cpp:
2839         (JSC::JSParser::Scope::saveFunctionInfo):
2840         (JSC::JSParser::Scope::restoreFunctionInfo):
2841         (JSC::JSParser::findCachedFunctionInfo):
2842         (JSC::JSParser::parseFunctionInfo):
2843         * parser/SourceProvider.h:
2844         * parser/SourceProviderCache.cpp: Added.
2845         (JSC::SourceProviderCache::~SourceProviderCache):
2846         (JSC::SourceProviderCache::byteSize):
2847         * parser/SourceProviderCache.h: Added.
2848         (JSC::SourceProviderCache::SourceProviderCache):
2849         (JSC::SourceProviderCache::add):
2850         (JSC::SourceProviderCache::get):
2851         * parser/SourceProviderCacheItem.h: Added.
2852         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
2853         (JSC::SourceProviderCacheItem::approximateByteSize):
2854         (JSC::SourceProviderCacheItem::closeBraceToken):
2855
2856 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
2857
2858         Reviewed by Darin Adler.
2859
2860         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
2861         statement
2862         https://bugs.webkit.org/show_bug.cgi?id=53087.
2863
2864         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
2865         with a "return" so that the code is more readable and less error pro
2866         (e.g., "else" doesn't use braces so adding extra lines to the else
2867         block won't have any effect; even worse, code still compiles
2868         successfully.
2869
2870         * wtf/Assertions.cpp:
2871
2872 2011-01-24  Chris Marrin  <cmarrin@apple.com>
2873
2874         Reviewed by Eric Seidel.
2875
2876         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
2877         https://bugs.webkit.org/show_bug.cgi?id=53041
2878
2879         * Configurations/FeatureDefines.xcconfig:
2880
2881 2011-01-25  Adam Roben  <aroben@apple.com>
2882
2883         Windows Production build fix
2884
2885         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
2886
2887 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
2888
2889         Reviewed by Eric Seidel.
2890
2891         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
2892         https://bugs.webkit.org/show_bug.cgi?id=52949
2893
2894         * jit/JITStubs.cpp:
2895
2896 2011-01-24  Adam Roben  <aroben@apple.com>
2897
2898         Windows Production build fix
2899
2900         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
2901
2902 2011-01-24  Peter Varga  <pvarga@webkit.org>
2903
2904         Reviewed by Oliver Hunt.
2905
2906         Optimize regex patterns which contain empty alternatives
2907         https://bugs.webkit.org/show_bug.cgi?id=51395
2908
2909         Eliminate the empty alternatives from the regex pattern and convert it to do
2910         the matching in an easier way.
2911
2912         * yarr/YarrPattern.cpp:
2913         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2914
2915 2011-01-24  Andras Becsi  <abecsi@webkit.org>
2916
2917         Reviewed by Csaba Osztrogonác.
2918
2919         [Qt] Move project files into Source
2920         https://bugs.webkit.org/show_bug.cgi?id=52891
2921
2922         * JavaScriptCore.pri:
2923         * JavaScriptCore.pro:
2924         * jsc.pro:
2925
2926 2011-01-23  Mark Rowe  <mrowe@apple.com>
2927
2928         Follow-up to r76477.
2929
2930         Fix the scripts that detect problematic code such as static initializers
2931         and destructors, weak vtables, inappropriate files in the framework wrappers,
2932         and public headers including private headers. These had all been broken
2933         since the projects were moved in to the Source directory as the paths to the
2934         scripts were not updated at that time.
2935
2936         * JavaScriptCore.xcodeproj/project.pbxproj:
2937
2938 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2939
2940         Reviewed by Darin Adler.
2941
2942         Use WTF::StringHasher in WebCore
2943         https://bugs.webkit.org/show_bug.cgi?id=52934
2944
2945         Add an additional function to calculate the hash
2946         of data with a runtimedependent size.
2947
2948         * wtf/StringHasher.h:
2949         (WTF::StringHasher::createBlobHash):
2950
2951 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2952
2953         Reviewed by David Kilzer.
2954
2955         Fix comment in String::ascii()
2956         https://bugs.webkit.org/show_bug.cgi?id=52980
2957
2958         * wtf/text/WTFString.cpp:
2959         (WTF::String::ascii):
2960
2961 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2962
2963         Reviewed by David Kilzer.
2964
2965         Add String::containsOnlyLatin1()
2966         https://bugs.webkit.org/show_bug.cgi?id=52979
2967
2968         * wtf/text/WTFString.h:
2969         (WTF::String::containsOnlyLatin1):
2970         (WTF::charactersAreAllLatin1):
2971
2972 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2973
2974         Reviewed by Oliver Hunt.
2975
2976         Remove obsolete JSVALUE32 code
2977         https://bugs.webkit.org/show_bug.cgi?id=52948
2978
2979         r70111 removed support for JSVALUE32.
2980         ARM, MIPS and X86 support JSVALUE32_64 only.
2981
2982         * jit/JITStubs.cpp:
2983
2984 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2985
2986         Reviewed by Dan Bernstein.
2987
2988         ASSERT running run-webkit-tests --threaded.
2989         https://bugs.webkit.org/show_bug.cgi?id=52971
2990         
2991         SunSpider and v8 report no change.
2992
2993         * runtime/ConservativeSet.cpp:
2994         (JSC::ConservativeSet::grow):
2995         (JSC::ConservativeSet::add):
2996         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
2997         the growth policy to 2X, to make SunSpider and v8 happy.
2998         (JSC::ConservativeSet::ConservativeSet):
2999         (JSC::ConservativeSet::~ConservativeSet):
3000         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
3001         Malloc is forbidden during a multi-threaded mark phase because it can
3002         cause deadlock.
3003
3004 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3005
3006         Reviewed by Geoffrey Garen.
3007
3008         Rubber-stamped by Maciej Stachowiak.
3009
3010         A few of Maciej's review suggestions for my last patch.
3011         https://bugs.webkit.org/show_bug.cgi?id=52946        
3012
3013         SunSpider reports no change.
3014
3015         * Android.mk:
3016         * CMakeLists.txt:
3017         * GNUmakefile.am:
3018         * JavaScriptCore.gypi:
3019         * JavaScriptCore.pro:
3020         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3021         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
3022
3023         * runtime/ConservativeSet.cpp: Added.
3024         (JSC::isPointerAligned):
3025         (JSC::ConservativeSet::add):
3026         * runtime/ConservativeSet.h: Added.
3027         (JSC::ConservativeSet::ConservativeSet):
3028         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
3029         file, and moved the conservative check into ConservativeSet::add, making
3030         ConservativeSet's responsibility clearer.
3031
3032         * runtime/Heap.cpp:
3033         (JSC::Heap::markRoots):
3034         * runtime/MachineStackMarker.cpp:
3035         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3036         (JSC::MachineStackMarker::markOtherThreadConservatively):
3037         * runtime/MachineStackMarker.h:
3038         * runtime/MarkStack.h: Updated for changes above.
3039
3040 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
3041
3042         Unreviewed WinCE build fix for r76430.
3043
3044         * runtime/MachineStackMarker.cpp:
3045         (JSC::swapIfBackwards):
3046
3047 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3048
3049         Reviewed by Beth Dakin.
3050
3051         Reorganized MarkedSpace, making many of its functions private.
3052
3053         * runtime/JSCell.h:
3054         (JSC::JSCell::Heap::heap):
3055         * runtime/MarkedSpace.h:
3056         (JSC::MarkedSpace::globalData):
3057         (JSC::MarkedSpace::heap):
3058
3059 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3060
3061         Try to fix build: moved helper function out of #ifdef.
3062
3063         * runtime/MachineStackMarker.cpp:
3064         (JSC::swapIfBackwards):
3065
3066 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3067
3068         Rubber-stamped by Maciej Stachowiak.
3069
3070         A few of Maciej's review suggestions for my last patch.
3071         https://bugs.webkit.org/show_bug.cgi?id=52946        
3072
3073         SunSpider reports no change.
3074
3075         * runtime/MachineStackMarker.cpp:
3076         (JSC::swapIfBackwards): Added a helper function for handling platforms
3077         where the stack can grow in any direction.
3078
3079         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3080         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
3081         function.
3082
3083         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
3084
3085         (JSC::MachineStackMarker::markConservatively): Changed to use a more
3086         standard looping idiom, and to use the helper function above.
3087
3088         * runtime/MarkedSpace.h:
3089         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
3090
3091 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3092
3093         Reviewed by Maciej Stachowiak.
3094
3095         Cleaned up some conservative marking code.
3096         https://bugs.webkit.org/show_bug.cgi?id=52946
3097         
3098         SunSpider reports no change.
3099
3100         * interpreter/RegisterFile.h: No need for a special marking function,
3101         since we already expose a start() and end().
3102
3103         * runtime/Heap.cpp:
3104         (JSC::Heap::registerFile):
3105         (JSC::Heap::markRoots):
3106         * runtime/Heap.h:
3107         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3108         marker class. Now, Heap just provides a contains() function, which the
3109         machine stack marker uses for checking whether a pointer points into the heap.
3110
3111         * runtime/MachineStackMarker.cpp:
3112         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3113         (JSC::MachineStackMarker::markOtherThreadConservatively):
3114         (JSC::isPointerAligned):
3115         (JSC::MachineStackMarker::markConservatively):
3116         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3117
3118         * runtime/MarkStack.h:
3119         (JSC::ConservativeSet::add):
3120         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3121         set. Vector seems to be a bit faster, and it generates smaller code.
3122
3123         * runtime/MarkedSpace.cpp:
3124         (JSC::MarkedSpace::containsSlowCase):
3125         * runtime/MarkedSpace.h:
3126         (JSC::MarkedSpace::isCellAligned):
3127         (JSC::MarkedSpace::isPossibleCell):
3128         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3129         pointer pointed into marked space, and moved the code for marking
3130         a set of conservative pointers into the machine stack marker.
3131
3132         * wtf/HashSet.h:
3133         (WTF::::add): Added two missing inlines that I noticed while testing
3134         vector vs hash set.
3135
3136 2011-01-21  Mark Rowe  <mrowe@apple.com>
3137
3138         Reviewed by Sam Weinig.
3139
3140         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3141         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3142
3143         * wtf/PageAllocation.h:
3144         (WTF::PageAllocation::operator bool):
3145         * wtf/PageReservation.h:
3146         (WTF::PageReservation::operator bool):
3147
3148 2011-01-21  Michael Saboff  <msaboff@apple.com>
3149
3150         Reviewed by Oliver Hunt.
3151
3152         [RegexFuzz] Hang with forward assertion
3153         https://bugs.webkit.org/show_bug.cgi?id=52825
3154         <rdar://problem/8894332>
3155
3156         The backtrackTo label from the first term in a list of terms is
3157         being overwritten by processing of subsequent terms.  Changed
3158         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3159         before copying and renamed it to propagateBacktrackToLabel() since
3160         it no longer copies.
3161
3162         * yarr/YarrJIT.cpp:
3163         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3164         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3165
3166 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3167
3168         Reviewed by Sam Weinig.
3169
3170         Moved the mark stack from global data to the heap, since it pertains
3171         to the heap, and not the virtual machine as a whole.
3172         https://bugs.webkit.org/show_bug.cgi?id=52930
3173         
3174         SunSpider reports no change.
3175
3176         * runtime/Heap.cpp:
3177         (JSC::Heap::Heap):
3178         (JSC::Heap::markRoots):
3179         * runtime/Heap.h:
3180         * runtime/JSGlobalData.cpp:
3181         (JSC::JSGlobalData::JSGlobalData):
3182         * runtime/JSGlobalData.h:
3183
3184 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3185
3186         Reviewed by Darin Adler.
3187
3188         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3189         https://bugs.webkit.org/show_bug.cgi?id=52814
3190
3191         Get the approximateByteSize value before releasing the OwnPtr.
3192
3193         * parser/JSParser.cpp:
3194         (JSC::JSParser::parseFunctionInfo):
3195
3196 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3197
3198         Reviewed by Martin Robinson.
3199
3200         Remove unnecessary <stdio.h> include
3201         https://bugs.webkit.org/show_bug.cgi?id=52884
3202
3203         * jit/JIT.cpp: remove unnecessary include.
3204
3205 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3206
3207         Reviewed by Maciej Stachowiak.
3208
3209         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3210
3211         * wtf/OwnArrayPtr.h:
3212
3213 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3214
3215         Reviewed by Oliver Hunt.
3216
3217         [WINCE] Remove obsolete JSVALUE32 code
3218         https://bugs.webkit.org/show_bug.cgi?id=52450
3219
3220         Remove the "offset hack" in create_jit_stubs, since we
3221         only support JSVALUE32_64 in the meantime.
3222
3223         * create_jit_stubs: Removed offset argument
3224         * jit/JITStubs.cpp:
3225
3226 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3227
3228         Reviewed by Oliver Hunt.
3229
3230         When marking conservatively, guard against reviving dead objects.
3231         https://bugs.webkit.org/show_bug.cgi?id=52840
3232         
3233         SunSpider and v8 say no change.
3234
3235         * interpreter/RegisterFile.h:
3236         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3237
3238         * runtime/Heap.cpp:
3239         (JSC::Heap::recordExtraCost): No need to guard against conservative
3240         marking reviving dead objects anymore, since the conservative marking
3241         mechanism guards against this now.
3242
3243         (JSC::Heap::markConservatively):
3244         (JSC::Heap::markProtectedObjects):
3245         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3246         marking function. We want to establish a separation of concerns between
3247         visiting roots and draining the mark stack.
3248
3249         (JSC::Heap::markRoots): Gather the set of conservative references before
3250         clearning mark bits, because conservative marking now uses the mark bits
3251         to determine if a reference is valid, and avoid reviving dead objects.
3252
3253         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3254         marking reviving dead objects anymore, since the conservative marking
3255         mechanism guards against this now.
3256
3257         * runtime/Heap.h: Updated to use the ConservativeSet API.
3258
3259         * runtime/MachineStackMarker.cpp:
3260         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3261         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3262         (JSC::MachineStackMarker::markOtherThreadConservatively):
3263         (JSC::MachineStackMarker::markMachineStackConservatively):
3264         * runtime/MachineStackMarker.h: Ditto.
3265
3266         * runtime/MarkStack.h:
3267         (JSC::ConservativeSet::add):
3268         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3269         set of conservative references. This is different from MarkStack, since
3270         we don't mark the set until it is completely gathered.
3271
3272         * runtime/MarkedSpace.cpp:
3273         (JSC::MarkedSpace::freeBlock):
3274         (JSC::MarkedSpace::resizeBlocks):
3275         (JSC::MarkedSpace::markConservatively):
3276         * runtime/MarkedSpace.h: When marking conservatively, guard against
3277         reviving dead objects.
3278
3279 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3280
3281         Reviewed by Geoffrey Garen.
3282
3283         [Symbian] Fix StackBounds::initialize()
3284         https://bugs.webkit.org/show_bug.cgi?id=52842
3285
3286         * wtf/StackBounds.cpp:
3287         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3288
3289 2011-01-20  Michael Saboff  <msaboff@apple.com>
3290
3291         Reviewed by Oliver Hunt.
3292
3293         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3294         https://bugs.webkit.org/show_bug.cgi?id=52773
3295
3296         Fixed case where an existing DataLabelPtr is overwritten.  The
3297         replacing DataLabelPtr is now resolved immediately in
3298         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3299         return value for the routine as it was never used.
3300
3301         * yarr/YarrJIT.cpp:
3302         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3303
3304 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3305
3306         Reviewed by Csaba Osztrogonác.
3307
3308         [Qt][WK2] WebKit2 enabled build fails to link
3309
3310         Work around undefined reference linking issues until the buildsystem gets redesigned.
3311         These issues first occured in minimal builds (see BUG 50519).
3312
3313         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3314
3315 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3316
3317         Reviewed by Csaba Osztrogonác.
3318
3319         Refactoring of the custom allocation framework
3320         https://bugs.webkit.org/show_bug.cgi?id=49897
3321
3322         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3323         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3324         equivalent macro implementation at the necessary places.
3325
3326         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3327
3328 2011-01-20  Mark Rowe  <mrowe@apple.com>
3329
3330         Reviewed by Maciej Stachowiak.
3331
3332         Follow-up to r75766 / <rdar://problem/5469576>.
3333
3334         We were failing to initialize the key, causing all sorts of unexpected behavior.
3335
3336         * wtf/FastMalloc.cpp:
3337         (WTF::setThreadHeap):
3338         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3339         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3340
3341 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3342
3343         Reviewed by Darin Adler.
3344
3345         Rolled back in r76078, with crash fixed.
3346         https://bugs.webkit.org/show_bug.cgi?id=52668
3347         
3348         * runtime/JSGlobalObject.cpp:
3349         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3350         object moves its variables into and out of the register file. While out
3351         of the register file, the symbol table's size is not an accurate count
3352         for the size of the register array, since the BytecodeGenerator might
3353         be compiling, adding items to the symbol table.
3354         
3355 2011-01-18  Darin Adler  <darin@apple.com>
3356
3357         Reviewed by Geoffrey Garen.
3358
3359         Stack overflow when converting an Error object to string
3360         https://bugs.webkit.org/show_bug.cgi?id=46410
3361
3362         * Android.mk: Added StringRecursionChecker.cpp and
3363         StringRecursionChecker.h.
3364         * CMakeLists.txt: Ditto.
3365         * GNUmakefile.am: Ditto.
3366         * JavaScriptCore.gypi: Ditto.
3367         * JavaScriptCore.pro: Ditto.
3368         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3369         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3370
3371         * runtime/ArrayPrototype.cpp:
3372         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3373         of the older hand-written code to do the same thing.
3374         (JSC::arrayProtoFuncToLocaleString): Ditto.
3375         (JSC::arrayProtoFuncJoin): Ditto.
3376
3377         * runtime/ErrorPrototype.cpp:
3378         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3379
3380         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3381         stringRecursionCheckVisitedObjects.
3382
3383         * runtime/RegExpPrototype.cpp:
3384         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3385
3386         * runtime/StringRecursionChecker.cpp: Added.
3387         * runtime/StringRecursionChecker.h: Added.
3388
3389 2011-01-19  Oliver Hunt  <oliver@apple.com>
3390
3391         Reviewed by Gavin Barraclough.
3392
3393         Remove non-spec support for callable RegExp
3394         https://bugs.webkit.org/show_bug.cgi?id=28285
3395
3396         Remove support for callable regexps.  If it breaks sites we can
3397         just roll this out.
3398
3399         * runtime/RegExpObject.cpp:
3400         * runtime/RegExpObject.h:
3401         * tests/mozilla/expected.html: update results.
3402
3403 2011-01-19  Antti Koivisto  <antti@apple.com>
3404
3405         Reviewed by Oliver Hunt.
3406
3407         Cache function offsets to speed up javascript parsing
3408         https://bugs.webkit.org/show_bug.cgi?id=52622
3409         
3410         Use cache to save function offsets and some other info.
3411         This avoids quite a bit of work when reparsing the source.
3412
3413         * parser/ASTBuilder.h:
3414         * parser/JSParser.cpp:
3415         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3416         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3417         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3418         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3419         (JSC::JSParser::Scope::saveFunctionInfo):
3420         (JSC::JSParser::Scope::restoreFunctionInfo):
3421         (JSC::JSParser::findCachedFunctionInfo):
3422         (JSC::JSParser::JSParser):
3423         (JSC::JSParser::parseProgram):
3424         (JSC::JSParser::parseFunctionInfo):
3425         * parser/Lexer.h:
3426         (JSC::Lexer::setOffset):
3427         (JSC::Lexer::setLineNumber):
3428         (JSC::Lexer::sourceProvider):
3429         * parser/SourceProvider.h:
3430         (JSC::SourceProviderCache::SourceProviderCache):
3431         (JSC::SourceProviderCache::~SourceProviderCache):
3432         (JSC::SourceProviderCache::byteSize):
3433         (JSC::SourceProviderCache::add):
3434         (JSC::SourceProviderCache::get):
3435         (JSC::SourceProvider::SourceProvider):
3436         (JSC::SourceProvider::~SourceProvider):
3437         (JSC::SourceProvider::cache):
3438         (JSC::SourceProvider::notifyCacheSizeChanged):
3439         (JSC::SourceProvider::cacheSizeChanged):
3440         * parser/SyntaxChecker.h:
3441
3442 2011-01-19  Mark Rowe  <mrowe@apple.com>
3443
3444         Reviewed by Darin Adler.
3445
3446         Follow-up to r75766 / <rdar://problem/5469576>.
3447
3448         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3449
3450 2011-01-19  Oliver Hunt  <oliver@apple.com>
3451
3452         Reviewed by Gavin Barraclough.
3453
3454         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3455         https://bugs.webkit.org/show_bug.cgi?id=52672
3456
3457         Rather than coming up with a somewhat convoluted mechanism to ensure that
3458         developers can override the global objects prototype with a function named
3459         __proto__ and expect it to work, we just disallow it at the syntax level.
3460
3461         * parser/JSParser.cpp:
3462         (JSC::JSParser::parseFunctionInfo):
3463
3464 2011-01-19  Michael Saboff  <msaboff@apple.com>
3465
3466         Reviewed by Darin Adler.
3467
3468         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
3469         https://bugs.webkit.org/show_bug.cgi?id=52675
3470
3471         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3472         broke simple backtracking in some cases.  Reworked that change to 
3473         link both jumps and labels.
3474
3475         * yarr/YarrJIT.cpp:
3476         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3477         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3478         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3479
3480 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3481
3482         Reviewed by Yury Semikhatsky.
3483
3484         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3485         https://bugs.webkit.org/show_bug.cgi?id=52721
3486
3487         * debugger/Debugger.cpp:
3488         (JSC::Debugger::recompileAllJSFunctions):
3489         * debugger/Debugger.h:
3490         * parser/Parser.h:
3491         (JSC::Parser::parse):
3492         * parser/SourceCode.h:
3493         (JSC::SourceCode::SourceCode):
3494         * parser/SourceProvider.h:
3495         (JSC::SourceProvider::startPosition):
3496
3497 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3498
3499         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3500
3501         [Qt] Remove unnecessary "../Source" from paths
3502         after moving source files into Source is finished.
3503
3504         * JavaScriptCore.pri:
3505
3506 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3507
3508         Reviewed by Darin Adler.
3509
3510         Don't return void from void function String::split
3511         https://bugs.webkit.org/show_bug.cgi?id=52684
3512
3513         * wtf/text/WTFString.cpp:
3514         (WTF::String::split):
3515
3516 2011-01-18  Kenneth Russell  <kbr@google.com>
3517
3518         Unreviewed, rolling out r76078.
3519         http://trac.webkit.org/changeset/76078
3520         https://bugs.webkit.org/show_bug.cgi?id=52668
3521
3522         Caused crashes of fast/canvas/webgl/constants.html,
3523         fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
3524         test crashes in Release mode. WebGL crashes were observed with
3525         "run-webkit-tests fast/canvas/webgl". It was necessary to run
3526         multiple tests to provoke the crash.
3527
3528         * interpreter/RegisterFile.h:
3529         (JSC::RegisterFile::markGlobals):
3530         * runtime/JSActivation.cpp:
3531         (JSC::JSActivation::markChildren):
3532         * runtime/JSGlobalObject.cpp:
3533         (JSC::JSGlobalObject::markChildren):
3534
3535 2011-01-18  Oliver Hunt  <oliver@apple.com>
3536
3537         Reviewed by Gavin Barraclough.
3538
3539         [jsfunfuzz] Assertion asking activation for arguments when arguments is overridden
3540         https://bugs.webkit.org/show_bug.cgi?id=52690
3541
3542         Clean up code to retrieve arguments from activation and function objects.
3543         Remove the incorrect assertion from JSActivation's argumentsGetter.
3544
3545         * interpreter/Interpreter.cpp:
3546         (JSC::Interpreter::retrieveArguments):
3547         * runtime/JSActivation.cpp:
3548         (JSC::JSActivation::argumentsGetter):
3549
3550 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3551
3552         Reviewed by Darin Adler.
3553
3554         Removed RegisterFile::markGlobals because it was obtuse, and it
3555         unnecessarily relied on conservative marking.
3556         https://bugs.webkit.org/show_bug.cgi?id=52668
3557
3558         * interpreter/RegisterFile.h: Removed markGlobals.
3559
3560         * runtime/JSActivation.cpp:
3561         (JSC::JSActivation::markChildren): Added a comment explaning why some
3562         JSActivations don't always mark their registers arrays.
3563
3564         * runtime/JSGlobalObject.cpp:
3565         (JSC::JSGlobalObject::markChildren): Instead of calling markGlobals, mark
3566         the registers array directly.
3567
3568 2011-01-18  Michael Saboff  <msaboff@apple.com>
3569
3570         Reviewed by Oliver Hunt.
3571
3572         <rdar://problem/8875432> Regression: Some text-only e-mails cause hang beneath RegExp::match (52540)
3573         https://bugs.webkit.org/show_bug.cgi?id=52540
3574         https://bugs.webkit.org/show_bug.cgi?id=52662
3575
3576         Directly use backtrack label with parentheses nested under a
3577         non-capturing parentheses.  Also linked current parentheses
3578         tail code object for possible parens nested within a non-capturing
3579         parentheses.
3580
3581         * yarr/YarrJIT.cpp:
3582         (JSC::Yarr::YarrGenerator::BacktrackDestination::linkBacktrackToLabel):
3583         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3584
3585 2011-01-18  Daniel Bates  <dbates@rim.com>
3586
3587         Reviewed by Gavin Barraclough.
3588
3589         Only use moving memory model assumption in ExecutableAllocator::intializePageSize() for Symbian OS
3590         https://bugs.webkit.org/show_bug.cgi?id=52517
3591
3592         Patch by David Tapuska
3593
3594         Currently, we compile code with respect to the Symbian-specific moving memory model
3595         assumption for all ARMv5 or lower architectures. Instead, we should only compile
3596         such code when building for Symbian OS on those architectures because this model
3597         is Symbian-specific.
3598
3599         * jit/ExecutableAllocator.cpp:
3600         (JSC::ExecutableAllocator::intializePageSize):
3601
3602 2011-01-18  Dimitry Andric  <dim@freebsd.org>
3603
3604         Reviewed by Andreas Kling.
3605
3606         Fix linking JavaScriptCore on FreeBSD/amd64
3607         https://bugs.webkit.org/show_bug.cgi?id=52591
3608
3609         Linking of JavaScriptCore on FreeBSD/amd64 fails, for the same reason as
3610         in bug 28422: cti_vm_throw needs a "@plt" suffix, otherwise the linker
3611         complains about the relocation type.
3612
3613         * jit/JITStubs.cpp: use @plt suffix on x86_64 platforms, for both Linux
3614         and FreeBSD.
3615
3616 2011-01-18  Oliver Hunt  <oliver@apple.com>
3617
3618         Reviewed by Antti Koivisto.
3619
3620         [jsfunfuzz] Assertion in codegen for array of NaN constants
3621         https://bugs.webkit.org/show_bug.cgi?id=52643
3622
3623         Don't cache NaN literals in the code generator, as NaN doesn't compare
3624         as equal to itself it causes problems when rehashing the number cache.
3625
3626         * bytecompiler/BytecodeGenerator.cpp:
3627         (JSC::BytecodeGenerator::emitLoad):
3628
3629 2011-01-17  Jarred Nicholls  <jarred@sencha.com>
3630
3631         Reviewed by Csaba Osztrogonác.
3632
3633         REGRESSION(r75709): Return value of fscanf() shouldn't be ignored.
3634         https://bugs.webkit.org/show_bug.cgi?id=52585
3635         
3636         gcc 4.4.4+ has warn_unused_value attribute on fscanf, so we should check
3637         the return value to get around the gcc warning
3638
3639         * jit/ExecutableAllocatorFixedVMPool.cpp:
3640         (JSC::maybeModifyVMPoolSize):
3641
3642 2011-01-17  Michael Saboff  <msaboff@apple.com>
3643
3644         Reviewed by Oliver Hunt.
3645
3646         [regexfuzz] Crash running regex with lookahead
3647         https://bugs.webkit.org/show_bug.cgi?id=52548
3648
3649         Eliminated agressive chaining of backtracks.  This code was overwriting
3650         already valid backtrack information.
3651
3652         * yarr/YarrJIT.cpp:
3653         (JSC::Yarr::YarrGenerator::ParenthesesTail::processBacktracks):
3654
3655 2011-01-17  Tony Gentilcore  <tonyg@chromium.org>
3656
3657         Reviewed by Alexey Proskuryakov.
3658
3659         Fix some headers with missing or misspelled #ifndef guards
3660         https://bugs.webkit.org/show_bug.cgi?id=52545
3661
3662         * wtf/RefPtrHashMap.h:
3663
3664 2011-01-17  Dan Bernstein  <mitz@apple.com>
3665
3666         Rubber-stamped by Mark Rowe.
3667
3668         Update xcodeproj svn:ignore to include xcuserdata.
3669
3670         * JavaScriptCore.xcodeproj: Modified property svn:ignore.
3671
3672 2011-01-16  Adam Barth  <abarth@webkit.org>
3673
3674         Rubber-stamped by Eric Seidel.
3675
3676         Move WebKit into Source
3677         https://bugs.webkit.org/show_bug.cgi?id=52530
3678
3679         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3680
3681 2011-01-16  Oliver Hunt  <oliver@apple.com>
3682
3683         Reviewed by Sam Weinig.
3684
3685         [jsfunfuzz] Parser doesn't correctly validate for-loop syntax
3686         https://bugs.webkit.org/show_bug.cgi?id=52516
3687
3688         Ensure that we always check for a semicolon after encountering
3689         multiple declarations in the initialiser portion of a for-loop.
3690
3691         * parser/JSParser.cpp:
3692         (JSC::JSParser::parseForStatement):
3693
3694 2011-01-16  Oliver Hunt  <oliver@apple.com>
3695
3696         Reviewed by Geoffrey Garen.
3697
3698         Strict mode restrictions on arguments and eval usage aren't complete
3699         https://bugs.webkit.org/show_bug.cgi?id=52528
3700
3701         Fix a few bugs in strict mode where we incorrect allow mutation of
3702         arguments and eval in the parser.
3703
3704         Alas the "optimisation" used by the syntax checker for validating
3705         binary and unary expressions was too aggressive: we do actually need
3706         a stack for operations and operands although it needn't be as complete
3707         as that used for the full AST builder.
3708
3709         Also disallow assignment to arguments in all cases as allowing arguments
3710         to be assignable is always an error in strict mode, regardless of context.
3711
3712         * parser/ASTBuilder.h:
3713         (JSC::ASTBuilder::BinaryExprContext::BinaryExprContext):
3714         (JSC::ASTBuilder::UnaryExprContext::UnaryExprContext):
3715         * parser/JSParser.cpp:
3716         (JSC::JSParser::parseAssignmentExpression):
3717         (JSC::JSParser::parseBinaryExpression):
3718         (JSC::JSParser::parseUnaryExpression):
3719         * parser/SyntaxChecker.h:
3720         (JSC::SyntaxChecker::BinaryExprContext::BinaryExprContext):
3721         (JSC::SyntaxChecker::BinaryExprContext::~BinaryExprContext):
3722         (JSC::SyntaxChecker::UnaryExprContext::UnaryExprContext):
3723         (JSC::SyntaxChecker::UnaryExprContext::~UnaryExprContext):
3724         (JSC::SyntaxChecker::appendBinaryExpressionInfo):
3725         (JSC::SyntaxChecker::operatorStackPop):
3726
3727 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3728
3729         Reviewed by Oliver Hunt.
3730
3731         Rolled back in r75886.
3732         https://bugs.webkit.org/show_bug.cgi?id=52527
3733         
3734         r75886 broke the GTK Linux bot because Linux was -- quite surprisingly --
3735         set up to use the constants for embedded devices.
3736
3737         * jit/ExecutableAllocatorFixedVMPool.cpp:
3738         (JSC::maybeModifyVMPoolSize): Separated Linux constants from embedded
3739         constants.
3740
3741 2011-01-15  Sheriff Bot  <webkit.review.bot@gmail.com>
3742
3743         Unreviewed, rolling out r75886.
3744         http://trac.webkit.org/changeset/75886
3745         https://bugs.webkit.org/show_bug.cgi?id=52526
3746
3747         "Broke GTK+ 64bit" (Requested by xan_ on #webkit).
3748
3749         * jit/ExecutableAllocatorFixedVMPool.cpp:
3750
3751 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3752
3753         Reviewed by Sam Weinig.
3754
3755         <rdar://problem/8870429> Shrink the executable pool on embedded devices
3756
3757         * jit/ExecutableAllocatorFixedVMPool.cpp: Dropped the pool size from 32MB
3758         to 16MB.
3759
3760 2011-01-15  Oliver Hunt  <oliver@apple.com>
3761
3762         Reviewed by Maciej Stachowiak.
3763
3764         Incorrect behavior changing attributes of an accessor
3765         https://bugs.webkit.org/show_bug.cgi?id=52515
3766
3767         defineProperty doesn't correctly handle changing attributes of an accessor
3768         property.  This is because we don't pass the full descriptor to the 
3769         putDescriptor helper function, which means we have insufficient information
3770         to do the right thing. Once that's passed the correct behavior is relatively
3771         simple to implement.
3772
3773         * runtime/JSObject.cpp:
3774         (JSC::putDescriptor):
3775         (JSC::JSObject::defineOwnProperty):
3776
3777 2011-01-14  Oliver Hunt  <oliver@apple.com>
3778
3779         Reviewed by Maciej Stachowiak.
3780
3781         [jsfunfuzz] Incorrect handling of consecutive duplicate labels
3782         https://bugs.webkit.org/show_bug.cgi?id=52505
3783
3784         Compare StringImpl*'s instead of Identifier*'s when looking for duplicate
3785         labels.
3786
3787         * parser/JSParser.cpp:
3788         (JSC::JSParser::parseExpressionOrLabelStatement):
3789
3790 2011-01-14  Simon Fraser  <simon.fraser@apple.com>
3791
3792         No review.
3793         
3794         Initialize m_operationInProgress after r75855.
3795
3796         * runtime/Heap.cpp:
3797         (JSC::Heap::Heap):
3798
3799 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3800
3801         Reverted accidentally committed code from my last checkin.
3802
3803         * runtime/Heap.cpp:
3804         (JSC::Heap::markRoots):
3805
3806 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3807
3808         Reviewed by Sam Weinig.
3809         
3810         Try to fix the GTK bot.
3811
3812         * runtime/Heap.cpp:
3813         (JSC::Heap::Heap):
3814         (JSC::Heap::markRoots): Kids, remember to initialize your data members.
3815         Knowing is half the battle.
3816
3817 2011-01-14  Oliver Hunt  <oliver@apple.com>
3818
3819         Reviewed by Stephanie Lewis.
3820
3821         [jsfunfuzz] We should be clearing the lexers temporary character buffers when switching to strict mode
3822         https://bugs.webkit.org/show_bug.cgi?id=52501
3823
3824         Clear the temporary character buffers used for reading escaped characters and
3825         numbers.
3826
3827         * parser/Lexer.h:
3828         (JSC::Lexer::setOffset):
3829
3830 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3831
3832         Try to fix non-Dtrace builds: #include Tracing.h instead of TracingDtrace.h.
3833
3834         * runtime/Heap.cpp:
3835
3836 2011-01-13  Geoffrey Garen  <ggaren@apple.com>
3837
3838         Reviewed by Oliver Hunt.
3839
3840         Split out a MarkedSpace strategy object from Heap.
3841         https://bugs.webkit.org/show_bug.cgi?id=52421
3842         
3843         SunSpider reports no change.
3844
3845         * Android.mk:
3846         * CMakeLists.txt:
3847         * GNUmakefile.am:
3848         * JavaScriptCore.gypi:
3849         * JavaScriptCore.pro:
3850         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3851         * JavaScriptCore.xcodeproj/project.pbxproj: Updated our 7 build systems. Which is cool.
3852
3853         * runtime/Heap.cpp:
3854         (JSC::Heap::Heap):
3855         (JSC::Heap::destroy):
3856         (JSC::Heap::recordExtraCost):
3857         (JSC::Heap::allocate):
3858         (JSC::Heap::markConservatively):
3859         (JSC::Heap::markRoots):
3860         (JSC::Heap::objectCount):
3861         (JSC::Heap::statistics):
3862         (JSC::Heap::size):
3863         (JSC::Heap::isBusy):
3864         (JSC::Heap::collectAllGarbage):
3865         (JSC::Heap::primaryHeapBegin):
3866         (JSC::Heap::primaryHeapEnd):
3867         * runtime/Heap.h:
3868         (JSC::Heap::globalData):
3869         (JSC::Heap::markedSpace):
3870         (JSC::Heap::isCellMarked):
3871         (JSC::Heap::checkMarkCell):
3872         (JSC::Heap::markCell): Moved all code pertaining to managing chunks of
3873         collector memory out of this class. Heap now just delegates to MarkedSpace.
3874
3875         * runtime/JSCell.h:
3876         (JSC::JSCell::Heap::heap): Updated for MarkedSpace delegation.
3877
3878         * runtime/JSValue.h: Moved the ValueStringPair typedef to help with #includes.
3879
3880         * runtime/MarkedSpace.cpp: Copied from runtime/Heap.cpp.
3881         (JSC::MarkedSpace::MarkedSpace):
3882         (JSC::MarkedSpace::destroy):
3883         (JSC::MarkedSpace::allocateBlock):
3884         (JSC::MarkedSpace::freeBlock):
3885         (JSC::MarkedSpace::allocate):
3886         (JSC::MarkedSpace::resizeBlocks):
3887         (JSC::MarkedSpace::growBlocks):
3888         (JSC::MarkedSpace::shrinkBlocks):
3889         (JSC::MarkedSpace::markConservatively):
3890         (JSC::MarkedSpace::clearMarkBits):
3891         (JSC::MarkedSpace::markedCells):
3892         (JSC::MarkedSpace::sweep):
3893         (JSC::MarkedSpace::objectCount):
3894         (JSC::MarkedSpace::addToStatistics):
3895         (JSC::MarkedSpace::statistics):
3896         (JSC::MarkedSpace::size):
3897         (JSC::MarkedSpace::reset):
3898         (JSC::MarkedSpace::primaryHeapBegin):
3899         (JSC::MarkedSpace::primaryHeapEnd):
3900         * runtime/MarkedSpace.h: Copied from runtime/Heap.h.
3901         (JSC::MarkedSpace::globalData):
3902         (JSC::MarkedSpace::didShrink):
3903         (JSC::MarkedSpace::cellBlock):
3904         (JSC::MarkedSpace::cellOffset):
3905         (JSC::MarkedSpace::isCellMarked):
3906         (JSC::MarkedSpace::checkMarkCell):
3907         (JSC::MarkedSpace::markCell): Moved all code pertaining to managing chunks of
3908         collector memory into this class.
3909
3910         * runtime/MemoryStatistics.cpp:
3911         (JSC::heapStatistics):
3912         * runtime/MemoryStatistics.h: Updated for MarkedSpace delegation.
3913
3914 2011-01-14  Oliver Hunt  <oliver@apple.com>
3915
3916         Reviewed by Gavin Barraclough.
3917
3918         [jsfunfuzz] parser doesn't enforce continue restrictions correctly.
3919         https://bugs.webkit.org/show_bug.cgi?id=52493
3920
3921         This patch reworks handling of break, continue and label statements
3922         to correctly handle all the valid and invalid cases.  Previously certain
3923         errors would be missed by the parser in strict mode, but the bytecode 
3924         generator needed to handle those cases for non-strict code so nothing
3925         failed, it simply became non-standard behaviour.
3926
3927         Now that we treat break and continue errors as early faults in non-strict
3928         mode as well that safety net has been removed so the parser bugs result in
3929         crashes at codegen time.
3930
3931         * parser/JSParser.cpp:
3932         (JSC::JSParser::ScopeLabelInfo::ScopeLabelInfo):
3933         (JSC::JSParser::next):
3934         (JSC::JSParser::nextTokenIsColon):
3935         (JSC::JSParser::continueIsValid):
3936             Continue is only valid in loops so we can't use breakIsValid()
3937         (JSC::JSParser::pushLabel):
3938             We now track whether the label is for a loop (and is therefore a
3939             valid target for continue.
3940         (JSC::JSParser::popLabel):
3941         (JSC::JSParser::getLabel):
3942             Replace hasLabel with getLabel so that we can validate the target
3943             when parsing continue statements.
3944         (JSC::JSParser::Scope::continueIsValid):
3945         (JSC::JSParser::Scope::pushLabel):
3946         (JSC::JSParser::Scope::getLabel):
3947         (JSC::JSParser::JSParser):
3948         (JSC::JSParser::parseBreakStatement):
3949         (JSC::JSParser::parseContinueStatement):
3950         (JSC::LabelInfo::LabelInfo):
3951         (JSC::JSParser::parseExpressionOrLabelStatement):
3952             Consecutive labels now get handled iteratively so that we can determine
3953             whether they're valid targets for continue.
3954         * parser/Lexer.cpp:
3955         (JSC::Lexer::nextTokenIsColon):
3956         * parser/Lexer.h:
3957         (JSC::Lexer::setOffset):
3958
3959 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3960
3961         Reviewed by Adam Roben.
3962
3963         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3964         https://bugs.webkit.org/show_bug.cgi?id=45186
3965
3966         * wtf/FastMalloc.cpp:
3967         (WTF::TCMalloc_PageHeap::scheduleScavenger): Added missing this pointer to CreateTimerQueueTimer().
3968
3969 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3970
3971         Reviewed by Adam Roben.
3972
3973         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3974         https://bugs.webkit.org/show_bug.cgi?id=45186
3975
3976         r75819 accidentally changed the initial state of the scavenge timer.
3977
3978         * wtf/FastMalloc.cpp:
3979         (WTF::TCMalloc_PageHeap::initializeScavenger): Changed initial state of m_scavengingSuspended to true.
3980
3981 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3982
3983         Unreviewed Windows Release build fix.
3984
3985         * wtf/FastMalloc.cpp:
3986         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3987
3988 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3989
3990         Unreviewed Windows Release build fix.
3991
3992         * wtf/FastMalloc.cpp:
3993         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3994
3995 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3996
3997         Reviewed by Adam Roben.
3998
3999         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
4000         https://bugs.webkit.org/show_bug.cgi?id=45186
4001
4002         Use CreateTimerQueueTimer() to start periodicScavenge() and stop it with DeleteTimerQueueTimer().
4003
4004         * wtf/FastMalloc.cpp:
4005         (WTF::TCMalloc_PageHeap::initializeScavenger):
4006         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
4007         (WTF::TCMalloc_PageHeap::scheduleScavenger):
4008         (WTF::TCMalloc_PageHeap::rescheduleScavenger):
4009         (WTF::TCMalloc_PageHeap::suspendScavenger):
4010         (WTF::scavengerTimerFired):
4011         (WTF::TCMalloc_PageHeap::periodicScavenge):
4012         (WTF::TCMalloc_PageHeap::signalScavenger):
4013
4014 2011-01-14  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
4015
4016         Reviewed by Kenneth Rohde Christiansen.
4017
4018         Align import/export directives
4019         https://bugs.webkit.org/show_bug.cgi?id=52208
4020
4021         * API/JSBase.h: Align import/export directives with
4022         WebKit2/Shared/API/c/WKBase.h
4023
4024 2011-01-14  Michael Saboff  <msaboff@apple.com>
4025
4026         Reviewed by Oliver Hunt.
4027
4028         Incorrect backtracking for nested alternatives
4029         https://bugs.webkit.org/show_bug.cgi?id=52387
4030
4031         In the process of propigating a datalabel it wasn't getting connected
4032         to a destination when the destination was an indirect jump.  Added
4033         code to recognize a direct backtrack destination that was an indirect
4034         jump and added mechanism to associate DataLabelPtrs with indirect
4035         jump entries.
4036         Removed dead method
4037         BacktrackDestination::linkDataLabelToHereIfExists()
4038
4039         * yarr/YarrJIT.cpp:
4040         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::IndirectJumpEntry):
4041         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::addDataLabel):
4042         (JSC::Yarr::YarrGenerator::GenerationState::addIndirectJumpEntry):
4043         (JSC::Yarr::YarrGenerator::GenerationState::emitIndirectJumpTable):
4044         Changes to link indirect jumps with DataLabelPtr's.
4045         (JSC::Yarr::YarrGenerator::BacktrackDestination::clearSubDataLabelPtr):
4046         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists): 
4047         Updated to handle immediate linking of indirect jumps to
4048         DataLabelPtr.
4049         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction): Changed to
4050         reflect updated linkDataLabelToBacktrackIfExists().
4051
4052 2011-01-14  Pavel Podivilov  <podivilov@chromium.org>
4053
4054         Reviewed by Yury Semikhatsky.
4055
4056         Web Inspector: provide script column offset to frontend.
4057         https://bugs.webkit.org/show_bug.cgi?id=52377
4058
4059         * parser/SourceCode.h:
4060         (JSC::SourceCode::SourceCode):
4061         (JSC::SourceCode::firstColumn):
4062
4063 2011-01-13  Darin Adler  <darin@apple.com>
4064
4065         Reviewed by Geoff Garen.
4066
4067         <rdar://problem/5469576> Use __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 if available.
4068
4069         * DerivedSources.make: Create a header file, HeaderDetection.h, that tells
4070         us whether pthread_machdep.h is available.
4071         * wtf/FastMalloc.cpp: If __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 is available, then
4072         don't do the pthread_getspecific_function_pointer trick.
4073         (WTF::setThreadHeap): Ditto, but set thread-specific data.
4074         (WTF::TCMalloc_ThreadCache::GetThreadHeap): Ditto, but get rather than set.
4075
4076 2011-01-13  Xan Lopez  <xlopez@igalia.com>
4077
4078         Reviewed by Gavin Barraclough.
4079
4080         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
4081         https://bugs.webkit.org/show_bug.cgi?id=42756
4082
4083         The FixedVMPool Allocator does not work well on systems where
4084         allocating very large amounts of memory upfront is not reasonable,
4085         like Linux without overcommit enabled. As a workaround, on Linux,
4086         default to the values used in embedded environments (in the MB
4087         range), and only jump to the GB range if we detect at runtime that
4088         overcommit is enabled. Should fix crashes on Linux/x86_64 with
4089         less than 3 or 4GB of RAM.
4090
4091         * jit/ExecutableAllocatorFixedVMPool.cpp:
4092         (JSC::FixedVMPoolAllocator::free): use new variables for VM pool
4093         size and coalesce limit.
4094         (JSC::ExecutableAllocator::isValid): swap the variables from
4095         embedded to generic values at runtime, on linux, if overcommit is
4096         enabled.
4097         (JSC::ExecutableAllocator::underMemoryPressure): use new variables
4098         for VM pool size and coalesce limit.
4099
4100 2011-01-12  Xan Lopez  <xlopez@igalia.com>
4101
4102         Reviewed by Martin Robinson.
4103
4104         Add new Yarr.h header to the list file.
4105
4106         * GNUmakefile.am: ditto.
4107
4108 2011-01-12  Martin Robinson  <mrobinson@igalia.com>
4109
4110         Missing Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h in WebKitGtk tarball
4111         https://bugs.webkit.org/show_bug.cgi?id=52299
4112
4113         * GNUmakefile.am: Fix the GTK+ build on ARMv7 by including missing source
4114         files in the source list.
4115
4116 2011-01-12  Peter Varga  <pvarga@webkit.org>
4117
4118         Reviewed by Gavin Barraclough.
4119
4120         Add Yarr.h to YARR
4121         https://bugs.webkit.org/show_bug.cgi?id=51021
4122
4123         Move other common constants and functions from YARR's different files
4124         to Yarr.h.
4125         Use Yarr.h header instead of including other YARR headers where it
4126         is possible.
4127
4128         * JavaScriptCore.gypi:
4129         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4130         * JavaScriptCore.xcodeproj/project.pbxproj:
4131         * runtime/RegExp.cpp:
4132         * yarr/Yarr.h: Added.
4133         * yarr/YarrInterpreter.cpp:
4134         * yarr/YarrInterpreter.h:
4135         * yarr/YarrJIT.cpp:
4136         (JSC::Yarr::jitCompile):
4137         (JSC::Yarr::execute):
4138         * yarr/YarrJIT.h:
4139         * yarr/YarrParser.h:
4140         * yarr/YarrPattern.cpp:
4141         (JSC::Yarr::YarrPattern::compile):
4142         (JSC::Yarr::YarrPattern::YarrPattern):
4143         * yarr/YarrPattern.h:
4144
4145 2011-01-12  Sheriff Bot  <webkit.review.bot@gmail.com>
4146
4147         Unreviewed, rolling out r75595.
4148         http://trac.webkit.org/changeset/75595
4149         https://bugs.webkit.org/show_bug.cgi?id=52286
4150
4151         It broke fast/regex/pcre-test-1.html (Requested by Ossy on
4152         #webkit).
4153
4154         * JavaScriptCore.gypi:
4155         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4156         * JavaScriptCore.xcodeproj/project.pbxproj:
4157         * runtime/RegExp.cpp:
4158         * yarr/Yarr.h: Removed.
4159         * yarr/YarrInterpreter.cpp:
4160         * yarr/YarrInterpreter.h:
4161         * yarr/YarrJIT.cpp:
4162         (JSC::Yarr::jitCompile):
4163         * yarr/YarrJIT.h:
4164         (JSC::Yarr::execute):
4165         * yarr/YarrParser.h:
4166         * yarr/YarrPattern.cpp:
4167         (JSC::Yarr::compile):
4168         (JSC::Yarr::YarrPattern::YarrPattern):
4169         * yarr/YarrPattern.h:
4170
4171 2011-01-12  Peter Varga  <pvarga@webkit.org>
4172