a54012a352616847427cb63c9c7ce914c04d3713
[WebKit.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
2
3         Reviewed by Oliver Hunt.
4
5         Rolled back in r77612 with ASSERT/crash fixed.
6         https://bugs.webkit.org/show_bug.cgi?id=53759
7         
8         Don't shrink the heap to 0 unconditionally. Instead, shrink to 1 if
9         necessary. For now, the heap assumes that it always has at least one
10         block live.
11
12         * runtime/Heap.cpp:
13         (JSC::Heap::Heap):
14         (JSC::Heap::reset):
15         * runtime/Heap.h:
16         * runtime/MarkedSpace.cpp:
17         (JSC::MarkedSpace::allocate):
18         (JSC::MarkedSpace::shrinkBlocks):
19         (JSC::MarkedSpace::sweep):
20         (JSC::MarkedSpace::reset):
21         * runtime/MarkedSpace.h:
22         (JSC::MarkedSpace::highWaterMark):
23         (JSC::MarkedSpace::setHighWaterMark):
24
25 2011-02-04  David Kilzer  <ddkilzer@apple.com>
26
27         BUILD FIX: REALLY remove the last vestiges of JSVALUE32!
28
29         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
30         <http://webkit.org/b/53779>
31
32         * DerivedSources.make: Removed dependency on
33         JavaScriptCore.JSVALUE32.exp.
34
35 2011-02-04  David Kilzer  <ddkilzer@apple.com>
36
37         <rdar://problem/8957409> Remove last vestiges of JSVALUE32
38         <http://webkit.org/b/53779>
39
40         Reviewed by Darin Adler.
41
42         Support for JSVALUE32 was originaly removed in r70111.
43
44         * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use
45         JavaScriptCore.JSVALUE32_64.exp and ppc64 to use
46         JavaScriptCore.JSVALUE64.exp to match Platform.h.
47         * DerivedSources.make: Removed rule for
48         JavaScriptCore.JSVALUE32.exp.
49         * JavaScriptCore.JSVALUE32only.exp: Removed.
50         * JavaScriptCore.xcodeproj/project.pbxproj: Removed references
51         to JavaScriptCore.JSVALUE32only.exp.
52
53 2011-02-04  David Kilzer  <ddkilzer@apple.com>
54
55         Use static_cast and other style cleanup in YarrInterpreter.cpp
56         <http://webkit.org/b/53772>
57
58         Reviewed by John Sullivan.
59
60         * yarr/YarrInterpreter.cpp:
61         (JSC::Yarr::Interpreter::InputStream::readChecked): Use
62         static_cast.
63         (JSC::Yarr::Interpreter::InputStream::checkInput): Remove
64         unnecessary else block.
65         (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto.
66         (JSC::Yarr::Interpreter::backtrackBackReference): Ditto.
67         (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast.
68
69 2011-02-04  Sheriff Bot  <webkit.review.bot@gmail.com>
70
71         Unreviewed, rolling out r77625 and r77626.
72         http://trac.webkit.org/changeset/77625
73         http://trac.webkit.org/changeset/77626
74         https://bugs.webkit.org/show_bug.cgi?id=53765
75
76         It broke Windows builds (Requested by Ossy_ on #webkit).
77
78         * JavaScriptCore.exp:
79         * JavaScriptCore.gyp/JavaScriptCore.gyp:
80         * JavaScriptCore.gypi:
81         * JavaScriptCore.pro:
82         * JavaScriptCore.xcodeproj/project.pbxproj:
83         * create_regex_tables:
84         * runtime/RegExp.cpp:
85         * wtf/Platform.h:
86         * yarr/Yarr.h:
87         * yarr/YarrJIT.cpp:
88         * yarr/YarrJIT.h:
89         * yarr/YarrParser.h:
90         * yarr/YarrPattern.h:
91         * yarr/YarrSyntaxChecker.h:
92         * yarr/yarr.pri: Removed.
93
94 2011-02-04  Jessie Berlin  <jberlin@apple.com>
95
96         Windows build fix. Unreviewed.
97
98         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
99
100 2011-02-04  Peter Varga  <pvarga@webkit.org>
101
102         Reviewed by Gavin Barraclough.
103
104         Replace PCRE with Yarr in WebCore
105         https://bugs.webkit.org/show_bug.cgi?id=53496
106
107         * JavaScriptCore.exp:
108         * JavaScriptCore.gyp/JavaScriptCore.gyp:
109         * JavaScriptCore.gypi:
110         * JavaScriptCore.pro:
111         * JavaScriptCore.xcodeproj/project.pbxproj:
112         * create_regex_tables:
113         * runtime/RegExp.cpp:
114         * wtf/Platform.h:
115         * yarr/Yarr.h:
116         * yarr/YarrJIT.cpp:
117         * yarr/YarrJIT.h:
118         * yarr/YarrParser.h:
119         * yarr/YarrPattern.h:
120         * yarr/YarrSyntaxChecker.h:
121         * yarr/yarr.pri: Added.
122
123 2011-02-04  Ilya Tikhonovsky  <loislo@chromium.org>
124
125         Unreviewed rollout two patches r77614 and r77612.
126
127         REGRESSION: Snow Leopard Intell Release anumber of failing tests.
128
129         * runtime/Heap.cpp:
130         (JSC::Heap::Heap):
131         (JSC::Heap::reset):
132         * runtime/Heap.h:
133         * runtime/MarkedSpace.cpp:
134         (JSC::MarkedSpace::allocate):
135         (JSC::MarkedSpace::sweep):
136         (JSC::MarkedSpace::reset):
137         * runtime/MarkedSpace.h:
138
139 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
140
141         Try to fix 32bit build.
142
143         * runtime/Heap.cpp:
144         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
145         since 1.5 is double (64bit), and the result is size_t (32bit).
146
147 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
148
149         Reviewed by Cameron Zwarich.
150
151         Changed MarkedSpace to delegate grow/shrink decisions to Heap
152         https://bugs.webkit.org/show_bug.cgi?id=53759
153         
154         SunSpider reports no change.
155         
156         * runtime/Heap.cpp:
157         (JSC::Heap::Heap):
158         (JSC::Heap::reset):
159         * runtime/Heap.h: Reorganized a few data members for better cache locality.
160         Added a grow policy.
161         
162         * runtime/MarkedSpace.cpp:
163         (JSC::MarkedSpace::allocate):
164         (JSC::MarkedSpace::sweep):
165         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
166         the heap to make an explicit sweep call.
167
168         * runtime/MarkedSpace.h:
169         (JSC::MarkedSpace::highWaterMark):
170         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
171         many bytes to allocate before failing and giving the heap an opportunity
172         to collect garbage. This also means that we allocate blocks on demand,
173         instead of ahead of time.
174
175 2011-02-03  James Kozianski  <koz@chromium.org>
176
177         Reviewed by Dimitri Glazkov.
178
179         Add navigator.registerProtocolHandler behind a flag.
180         https://bugs.webkit.org/show_bug.cgi?id=52609
181
182         * Configurations/FeatureDefines.xcconfig:
183
184 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
185
186         Reviewed by Oliver Hunt.
187
188         Not all blocks are freed when the heap is freed (counting is hard!)
189         https://bugs.webkit.org/show_bug.cgi?id=53732
190
191         * runtime/MarkedSpace.cpp:
192         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
193         keep freeing block 0 until there are no blocks left.
194
195 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
196
197         Try to fix the Mac build.
198
199         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
200         needs to be private, not project, so other projects can include headers
201         that depend on it.
202
203 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
204
205         Reviewed by Sam Weinig.
206
207         Start using MarkedBlock instead of CollectorBlock
208         https://bugs.webkit.org/show_bug.cgi?id=53693
209         
210         SunSpider reports no change.
211         
212         * runtime/MarkedBlock.h:
213         (JSC::MarkedBlock::blockFor):
214         (JSC::MarkedBlock::setMarked):
215         (JSC::MarkedBlock::isCellAligned):
216         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
217
218         * runtime/MarkedSpace.cpp:
219         (JSC::MarkedSpace::allocateBlock):
220         (JSC::MarkedSpace::containsSlowCase):
221         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
222
223         * runtime/MarkedSpace.h:
224         (JSC::CollectorHeap::collectorBlock):
225         (JSC::MarkedSpace::heap):
226         (JSC::MarkedSpace::isMarked):
227         (JSC::MarkedSpace::testAndSetMarked):
228         (JSC::MarkedSpace::setMarked):
229         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
230         and deleted dead CollectorBlock-related code.
231
232 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
233
234         Reviewed by Darin Adler.
235
236         Avoid strlen() in AtomicString::fromUTF8
237         https://bugs.webkit.org/show_bug.cgi?id=50516
238
239         Add an overload to calculateStringHashFromUTF8 to get
240         strlen() of the input data with only one call.
241
242         This change shows about 3% performance win on the xml-parser benchmark.
243
244         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
245         * wtf/text/AtomicString.cpp:
246         (WTF::AtomicString::fromUTF8):
247         * wtf/unicode/UTF8.cpp:
248         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
249         (WTF::Unicode::calculateStringHashFromUTF8):
250         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
251         * wtf/unicode/UTF8.h:
252
253 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
254
255         Windows build fix.
256
257         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
258
259 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
260
261         oops, build fix!
262
263         * wtf/Assertions.cpp:
264
265 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
266
267         Reviewed by Sam Weinig.
268
269         Bug 53650 - Add a BACKTRACE macro to Assertions.h
270
271         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
272         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
273
274         * JavaScriptCore.exp:
275         * wtf/Assertions.cpp:
276         * wtf/Assertions.h:
277
278 2011-02-02  Michael Saboff  <msaboff@apple.com>
279
280         Reviewed by Gavin Barraclough.
281
282         Improper backtrack of nested non-capturing greedy paren to prior paren
283         https://bugs.webkit.org/show_bug.cgi?id=53261
284
285         A paren that follows a non-capturing greedy paren nested within a 
286         non-capturing fixed paren was back tracking to the last paren 
287         processed instead of the immediately prior paren.
288         Refactored default backtracking of parens to prior paren to work for
289         both nested (within) and immediately prior (after) parens.
290
291         * yarr/YarrJIT.cpp:
292         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
293         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
294         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
295         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
296         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
297         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
298         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
299         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
300         (JSC::Yarr::YarrGenerator::generateDisjunction):
301
302 2011-02-02  Jeff Miller  <jeffm@apple.com>
303
304         Reviewed by Darin Adler and Steve Falkenburg.
305
306         Add DerivedSources.make to some Visual Studio projects
307         https://bugs.webkit.org/show_bug.cgi?id=53607
308
309         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
310
311 2011-02-02  Steve Lacey  <sjl@chromium.org>
312
313         Reviewed by Eric Carlson.
314
315         Implement basic media statistics on media elements.
316         https://bugs.webkit.org/show_bug.cgi?id=53322
317
318         * Configurations/FeatureDefines.xcconfig:
319
320 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
321
322         [wx] Build fixes for wxWebKit.
323
324         * wtf/wx/StringWx.cpp:
325         (WTF::String::String):
326
327 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
328
329         Reviewed by Sam Weinig.
330
331         A little more Heap refactoring
332         https://bugs.webkit.org/show_bug.cgi?id=53577
333         
334         SunSpider reports no change.
335         
336         Split out MarkedBlock into its own file / class.
337         
338         Did the following renames:
339             isCellMarked => isMarked
340             checkMarkCell => testAndSetMarked
341             markCell => setMarked
342             cellOffset => cellNumber
343             collectorBlock => blockFor
344
345         * Android.mk:
346         * CMakeLists.txt:
347         * GNUmakefile.am:
348         * JavaScriptCore.gypi:
349         * JavaScriptCore.pro:
350         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
351         * JavaScriptCore.xcodeproj/project.pbxproj:
352         * runtime/Heap.cpp:
353         (JSC::WeakGCHandlePool::update):
354         * runtime/Heap.h:
355         (JSC::Heap::isMarked):
356         (JSC::Heap::testAndSetMarked):
357         (JSC::Heap::setMarked):
358         * runtime/JSArray.h:
359         (JSC::MarkStack::markChildren):
360         (JSC::MarkStack::drain):
361         * runtime/JSCell.h:
362         (JSC::JSCell::MarkStack::internalAppend):
363         * runtime/MarkedBlock.cpp: Added.
364         * runtime/MarkedBlock.h: Added.
365         (JSC::MarkedBlock::blockFor):
366         (JSC::MarkedBlock::cellNumber):
367         (JSC::MarkedBlock::isMarked):
368         (JSC::MarkedBlock::testAndSetMarked):
369         (JSC::MarkedBlock::setMarked):
370         (JSC::MarkedBlock::isCellAligned):
371         (JSC::MarkedBlock::isPossibleCell):
372         * runtime/MarkedSpace.h:
373         (JSC::MarkedSpace::isMarked):
374         (JSC::MarkedSpace::testAndSetMarked):
375         (JSC::MarkedSpace::setMarked):
376         * runtime/SmallStrings.cpp:
377         (JSC::isMarked):
378         * runtime/WeakGCMap.h:
379         (JSC::WeakGCMap::isValid):
380         (JSC::::get):
381         (JSC::::take):
382         (JSC::::set):
383
384 2011-02-02  Sam Weinig  <sam@webkit.org>
385
386         Fix windows clean build.
387
388         * DerivedSources.make:
389
390 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
391
392         Reviewed by Martin Robinson.
393
394         [GTK] Fix dist compilation
395         https://bugs.webkit.org/show_bug.cgi?id=53579
396
397         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
398         added in r77151
399
400 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
401
402         Unreviewed, rolling out r77297.
403         http://trac.webkit.org/changeset/77297
404         https://bugs.webkit.org/show_bug.cgi?id=53538
405
406         caused leopard crashes (Requested by paroga on #webkit).
407
408         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
409         * wtf/text/AtomicString.cpp:
410         (WTF::AtomicString::fromUTF8):
411         * wtf/unicode/UTF8.cpp:
412         (WTF::Unicode::calculateStringHashFromUTF8):
413         * wtf/unicode/UTF8.h:
414
415 2011-02-01  Sam Weinig  <sam@webkit.org>
416
417         Fix Mac production builds.
418
419         * JavaScriptCore.xcodeproj/project.pbxproj:
420
421 2011-02-01  Sam Weinig  <sam@webkit.org>
422
423         Try to fix the windows build.
424
425         * DerivedSources.make:
426
427 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
428
429         Reviewed by Darin Adler.
430
431         Avoid strlen() in AtomicString::fromUTF8
432         https://bugs.webkit.org/show_bug.cgi?id=50516
433
434         Add an overload to calculateStringHashFromUTF8 to get
435         strlen() of the input data with only one call.
436
437         This change shows about 3% performance win on the xml-parser benchmark.
438
439         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
440         * wtf/text/AtomicString.cpp:
441         (WTF::AtomicString::fromUTF8):
442         * wtf/unicode/UTF8.cpp:
443         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
444         (WTF::Unicode::calculateStringHashFromUTF8):
445         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
446         * wtf/unicode/UTF8.h:
447
448 2011-02-01  Sam Weinig  <sam@webkit.org>
449
450         Reviewed by Beth Dakin.
451
452         Part 2 for <rdar://problem/8492788>
453         Adopt WKScrollbarPainterController
454
455         Use header detection to define scrollbar painting controller #define.
456
457         * DerivedSources.make:
458         * JavaScriptCore.xcodeproj/project.pbxproj:
459
460 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
461
462         Reviewed by Oliver Hunt.
463
464         Refactor JSGlobalObject-related tear-down
465         https://bugs.webkit.org/show_bug.cgi?id=53478
466         
467         While investigating crashes caused by r77082, I noticed some strange
468         destructor-time behaviors. This patch makes them less strange.
469
470         * bytecode/CodeBlock.cpp:
471         (JSC::CodeBlock::CodeBlock):
472         (JSC::CodeBlock::markAggregate):
473         * bytecode/CodeBlock.h:
474         (JSC::CodeBlock::globalObject):
475         (JSC::GlobalCodeBlock::GlobalCodeBlock):
476         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
477         blocks on the Heap, instead of on independent global objects. The heap
478         is guaranteed to outlast any GC-owned data structure. The heap is also
479         a natural place to store objects that needs out-of-band marking, since
480         the heap is responsible for marking all roots.
481
482         * runtime/Heap.cpp:
483         (JSC::Heap::markRoots):
484         (JSC::Heap::globalObjectCount):
485         (JSC::Heap::protectedGlobalObjectCount):
486         * runtime/Heap.h:
487         (JSC::Heap::codeBlocks):
488         * runtime/JSGlobalData.cpp:
489         (JSC::JSGlobalData::JSGlobalData):
490         * runtime/JSGlobalData.h:
491         * runtime/JSGlobalObject.cpp:
492         (JSC::JSGlobalObject::~JSGlobalObject):
493         (JSC::JSGlobalObject::init):
494         (JSC::JSGlobalObject::markChildren):
495         * runtime/JSGlobalObject.h:
496         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
497         owned by JSGlobalData, instead of an instrusive circular linked list.
498         This is simpler, and it avoids destructor-time access between garbage
499         collected objects, which is hard to get right.
500
501         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
502         everything down. Otherwise, weak data structures will incorrectly report
503         that objects pending destruction are still alive.
504
505 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
506
507         Reviewed by Oliver Hunt.
508
509         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
510         bot; loading trac pages; typing in search field
511         https://bugs.webkit.org/show_bug.cgi?id=53519
512         
513         The crashes were all caused by failure to run an object's destructor.
514
515         * runtime/CollectorHeapIterator.h:
516         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
517         construction. The iterator class used to do that when it was designed
518         for prior-to-beginning initialization. I forgot to remove this line
519         of code when I changed the iterator to normal initialization.
520         
521         Skipping forward upon construction was causing the heap to skip running
522         the destructor for the very first object in a block when destroying the
523         block. This usually did not crash, since block destruction is rare and
524         most objects have pretty trivial destructors. However, in the rare case
525         when the heap would destroy a block whose first object was a global
526         object or a DOM node, BOOM.
527
528 2011-01-31  Oliver Hunt  <oliver@apple.com>
529
530         Reviewed by Geoffrey Garen.
531
532         Update JSObject storage for new marking API
533         https://bugs.webkit.org/show_bug.cgi?id=53467
534
535         JSObject no longer uses EncodedJSValue for its property storage.
536         This produces a stream of mechanical changes to PropertySlot and
537         anonymous storage APIs.
538
539         * JavaScriptCore.exp:
540         * runtime/ArrayPrototype.cpp:
541         (JSC::ArrayPrototype::ArrayPrototype):
542         * runtime/BooleanConstructor.cpp:
543         (JSC::constructBoolean):
544         (JSC::constructBooleanFromImmediateBoolean):
545         * runtime/BooleanObject.cpp:
546         (JSC::BooleanObject::BooleanObject):
547         * runtime/BooleanObject.h:
548         * runtime/BooleanPrototype.cpp:
549         (JSC::BooleanPrototype::BooleanPrototype):
550         * runtime/DateInstance.cpp:
551         (JSC::DateInstance::DateInstance):
552         * runtime/DatePrototype.cpp:
553         (JSC::DatePrototype::DatePrototype):
554         * runtime/JSActivation.cpp:
555         (JSC::JSActivation::getOwnPropertySlot):
556         * runtime/JSArray.cpp:
557         (JSC::JSArray::getOwnPropertySlot):
558         * runtime/JSFunction.cpp:
559         (JSC::JSFunction::getOwnPropertySlot):
560         * runtime/JSGlobalObject.h:
561         (JSC::JSGlobalObject::JSGlobalObject):
562         * runtime/JSObject.cpp:
563         (JSC::JSObject::fillGetterPropertySlot):
564         * runtime/JSObject.h:
565         (JSC::JSObject::getDirectLocation):
566         (JSC::JSObject::offsetForLocation):
567         (JSC::JSObject::putAnonymousValue):
568         (JSC::JSObject::clearAnonymousValue):
569         (JSC::JSObject::getAnonymousValue):
570         (JSC::JSObject::putThisToAnonymousValue):
571         (JSC::JSObject::locationForOffset):
572         (JSC::JSObject::inlineGetOwnPropertySlot):
573         * runtime/JSObjectWithGlobalObject.cpp:
574         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
575         * runtime/JSWrapperObject.h:
576         (JSC::JSWrapperObject::JSWrapperObject):
577         (JSC::JSWrapperObject::setInternalValue):
578         * runtime/Lookup.cpp:
579         (JSC::setUpStaticFunctionSlot):
580         * runtime/NumberConstructor.cpp:
581         (JSC::constructWithNumberConstructor):
582         * runtime/NumberObject.cpp:
583         (JSC::NumberObject::NumberObject):
584         (JSC::constructNumber):
585         * runtime/NumberObject.h:
586         * runtime/NumberPrototype.cpp:
587         (JSC::NumberPrototype::NumberPrototype):
588         * runtime/PropertySlot.h:
589         (JSC::PropertySlot::getValue):
590         (JSC::PropertySlot::setValue):
591         (JSC::PropertySlot::setRegisterSlot):
592         * runtime/StringObject.cpp:
593         (JSC::StringObject::StringObject):
594         * runtime/StringPrototype.cpp:
595         (JSC::StringPrototype::StringPrototype):
596         * runtime/WriteBarrier.h:
597         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
598
599 2011-02-01  Daniel Bates  <dbates@rim.com>
600
601         Reviewed by Antonio Gomes.
602
603         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
604         https://bugs.webkit.org/show_bug.cgi?id=53506
605
606         Currently, use of the Mersenne Twister pseudorandom number generator
607         is hardcoded to the Windows CE port. With the passing of bug #53253,
608         we can generalize support for this PRNG to all ports that use srand(3)
609         and rand(3), including Windows CE.
610
611         * wtf/RandomNumberSeed.h:
612         (WTF::initializeRandomNumberGenerator):
613
614 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
615
616         Reviewed by Gavin Barraclough.
617
618         MacroAssemblerARM would generate code that did 32bit loads
619         on addresses that were not aligned. More specifically it would
620         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
621         The intended instruction really is ldrb r8,[r1, #7]; ensure we
622         call load8 instead of load32.
623
624         https://bugs.webkit.org/show_bug.cgi?id=46095
625
626         * assembler/MacroAssemblerARM.h:
627         (JSC::MacroAssemblerARM::set32Test32):
628         (JSC::MacroAssemblerARM::set32Test8):
629
630 2011-02-01  Darin Fisher  <darin@chromium.org>
631
632         Reviewed by Eric Seidel.
633
634         Fix some Visual Studio compiler warnings.
635         https://bugs.webkit.org/show_bug.cgi?id=53476
636
637         * wtf/MathExtras.h:
638         (clampToInteger):
639         (clampToPositiveInteger):
640         * wtf/ThreadingWin.cpp:
641         (WTF::absoluteTimeToWaitTimeoutInterval):
642
643 2011-01-31  Oliver Hunt  <oliver@apple.com>
644
645         Reviewed by Sam Weinig.
646
647         Bogus callframe during stack unwinding
648         https://bugs.webkit.org/show_bug.cgi?id=53454
649
650         Trying to access a callframe's globalData after destroying its
651         ScopeChain is not a good thing.  While we could access the
652         globalData directly through the (known valid) scopechain we're
653         holding on to, it feels fragile.  Instead we push the valid
654         ScopeChain onto the callframe again to ensure that the callframe
655         itself remains valid.
656
657         * interpreter/Interpreter.cpp:
658         (JSC::Interpreter::unwindCallFrame):
659
660 2011-01-31  Michael Saboff  <msaboff@apple.com>
661
662         Reviewed by Geoffrey Garen.
663
664         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
665         https://bugs.webkit.org/show_bug.cgi?id=53271
666
667         Reapplying this change again.
668         Changed isValid() to use .get() as a result of change r77151.
669
670         Added new isValid() methods to check if a contained object in
671         a WeakGCMap is valid when using an unchecked iterator.
672
673         * runtime/WeakGCMap.h:
674         (JSC::WeakGCMap::isValid):
675
676 2011-01-31  Oliver Hunt  <oliver@apple.com>
677
678         Convert markstack to a slot visitor API
679         https://bugs.webkit.org/show_bug.cgi?id=53219
680
681         rolling r77098, r77099, r77100, r77109, and
682         r77111 back in, along with a few more Qt fix attempts.
683
684         * API/JSCallbackObject.h:
685         (JSC::JSCallbackObjectData::setPrivateProperty):
686         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
687         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
688         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
689         (JSC::JSCallbackObject::setPrivateProperty):
690         * API/JSCallbackObjectFunctions.h:
691         (JSC::::put):
692         (JSC::::staticFunctionGetter):
693         * API/JSObjectRef.cpp:
694         (JSObjectMakeConstructor):
695         (JSObjectSetPrivateProperty):
696         * API/JSWeakObjectMapRefInternal.h:
697         * JavaScriptCore.exp:
698         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
699         * JavaScriptCore.xcodeproj/project.pbxproj:
700         * bytecode/CodeBlock.cpp:
701         (JSC::CodeBlock::markAggregate):
702         * bytecode/CodeBlock.h:
703         (JSC::CodeBlock::globalObject):
704         * bytecompiler/BytecodeGenerator.cpp:
705         (JSC::BytecodeGenerator::BytecodeGenerator):
706         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
707         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
708         (JSC::BytecodeGenerator::findScopedProperty):
709         * debugger/Debugger.cpp:
710         (JSC::evaluateInGlobalCallFrame):
711         * debugger/DebuggerActivation.cpp:
712         (JSC::DebuggerActivation::DebuggerActivation):
713         (JSC::DebuggerActivation::markChildren):
714         * debugger/DebuggerActivation.h:
715         * debugger/DebuggerCallFrame.cpp:
716         (JSC::DebuggerCallFrame::evaluate):
717         * interpreter/CallFrame.h:
718         (JSC::ExecState::exception):
719         * interpreter/Interpreter.cpp:
720         (JSC::Interpreter::resolve):
721         (JSC::Interpreter::resolveSkip):
722         (JSC::Interpreter::resolveGlobal):
723         (JSC::Interpreter::resolveGlobalDynamic):
724         (JSC::Interpreter::resolveBaseAndProperty):
725         (JSC::Interpreter::unwindCallFrame):
726         (JSC::appendSourceToError):
727         (JSC::Interpreter::execute):
728         (JSC::Interpreter::tryCacheGetByID):
729         (JSC::Interpreter::privateExecute):
730         * jit/JITStubs.cpp:
731         (JSC::JITThunks::tryCacheGetByID):
732         (JSC::DEFINE_STUB_FUNCTION):
733         * jsc.cpp:
734         (GlobalObject::GlobalObject):
735         * runtime/ArgList.cpp:
736         (JSC::MarkedArgumentBuffer::markLists):
737         * runtime/Arguments.cpp:
738         (JSC::Arguments::markChildren):
739         (JSC::Arguments::getOwnPropertySlot):
740         (JSC::Arguments::getOwnPropertyDescriptor):
741         (JSC::Arguments::put):
742         * runtime/Arguments.h:
743         (JSC::Arguments::setActivation):
744         (JSC::Arguments::Arguments):
745         * runtime/ArrayConstructor.cpp:
746         (JSC::ArrayConstructor::ArrayConstructor):
747         (JSC::constructArrayWithSizeQuirk):
748         * runtime/ArrayPrototype.cpp:
749         (JSC::arrayProtoFuncSplice):
750         * runtime/BatchedTransitionOptimizer.h:
751         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
752         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
753         * runtime/BooleanConstructor.cpp:
754         (JSC::BooleanConstructor::BooleanConstructor):
755         (JSC::constructBoolean):
756         (JSC::constructBooleanFromImmediateBoolean):
757         * runtime/BooleanPrototype.cpp:
758         (JSC::BooleanPrototype::BooleanPrototype):
759         * runtime/ConservativeSet.cpp:
760         (JSC::ConservativeSet::grow):
761         * runtime/ConservativeSet.h:
762         (JSC::ConservativeSet::~ConservativeSet):
763         (JSC::ConservativeSet::mark):
764         * runtime/DateConstructor.cpp:
765         (JSC::DateConstructor::DateConstructor):
766         * runtime/DateInstance.cpp:
767         (JSC::DateInstance::DateInstance):
768         * runtime/DatePrototype.cpp:
769         (JSC::dateProtoFuncSetTime):
770         (JSC::setNewValueFromTimeArgs):
771         (JSC::setNewValueFromDateArgs):
772         (JSC::dateProtoFuncSetYear):
773         * runtime/ErrorConstructor.cpp:
774         (JSC::ErrorConstructor::ErrorConstructor):
775         * runtime/ErrorInstance.cpp:
776         (JSC::ErrorInstance::ErrorInstance):
777         * runtime/ErrorPrototype.cpp:
778         (JSC::ErrorPrototype::ErrorPrototype):
779         * runtime/FunctionConstructor.cpp:
780         (JSC::FunctionConstructor::FunctionConstructor):
781         * runtime/FunctionPrototype.cpp:
782         (JSC::FunctionPrototype::FunctionPrototype):
783         * runtime/GetterSetter.cpp:
784         (JSC::GetterSetter::markChildren):
785         * runtime/GetterSetter.h:
786         (JSC::GetterSetter::GetterSetter):
787         (JSC::GetterSetter::getter):
788         (JSC::GetterSetter::setGetter):
789         (JSC::GetterSetter::setter):
790         (JSC::GetterSetter::setSetter):
791         * runtime/GlobalEvalFunction.cpp:
792         (JSC::GlobalEvalFunction::GlobalEvalFunction):
793         (JSC::GlobalEvalFunction::markChildren):
794         * runtime/GlobalEvalFunction.h:
795         (JSC::GlobalEvalFunction::cachedGlobalObject):
796         * runtime/Heap.cpp:
797         (JSC::Heap::markProtectedObjects):
798         (JSC::Heap::markTempSortVectors):
799         (JSC::Heap::markRoots):
800         * runtime/InternalFunction.cpp:
801         (JSC::InternalFunction::InternalFunction):
802         * runtime/JSAPIValueWrapper.h:
803         (JSC::JSAPIValueWrapper::value):
804         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
805         * runtime/JSActivation.cpp:
806         (JSC::JSActivation::markChildren):
807         (JSC::JSActivation::put):
808         * runtime/JSArray.cpp:
809         (JSC::JSArray::JSArray):
810         (JSC::JSArray::getOwnPropertySlot):
811         (JSC::JSArray::getOwnPropertyDescriptor):
812         (JSC::JSArray::put):
813         (JSC::JSArray::putSlowCase):
814         (JSC::JSArray::deleteProperty):
815         (JSC::JSArray::increaseVectorLength):
816         (JSC::JSArray::setLength):
817         (JSC::JSArray::pop):
818         (JSC::JSArray::push):
819         (JSC::JSArray::unshiftCount):
820         (JSC::JSArray::sort):
821         (JSC::JSArray::fillArgList):
822         (JSC::JSArray::copyToRegisters):
823         (JSC::JSArray::compactForSorting):
824         * runtime/JSArray.h:
825         (JSC::JSArray::getIndex):
826         (JSC::JSArray::setIndex):
827         (JSC::JSArray::uncheckedSetIndex):
828         (JSC::JSArray::markChildrenDirect):
829         * runtime/JSByteArray.cpp:
830         (JSC::JSByteArray::JSByteArray):
831         * runtime/JSCell.h:
832         (JSC::JSCell::MarkStack::append):
833         (JSC::JSCell::MarkStack::internalAppend):
834         (JSC::JSCell::MarkStack::deprecatedAppend):
835         * runtime/JSFunction.cpp:
836         (JSC::JSFunction::JSFunction):
837         (JSC::JSFunction::getOwnPropertySlot):
838         * runtime/JSGlobalData.h:
839         * runtime/JSGlobalObject.cpp:
840         (JSC::markIfNeeded):
841         (JSC::JSGlobalObject::reset):
842         (JSC::JSGlobalObject::resetPrototype):
843         (JSC::JSGlobalObject::markChildren):
844         * runtime/JSGlobalObject.h:
845         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
846         (JSC::JSGlobalObject::regExpConstructor):
847         (JSC::JSGlobalObject::errorConstructor):
848         (JSC::JSGlobalObject::evalErrorConstructor):
849         (JSC::JSGlobalObject::rangeErrorConstructor):
850         (JSC::JSGlobalObject::referenceErrorConstructor):
851         (JSC::JSGlobalObject::syntaxErrorConstructor):
852         (JSC::JSGlobalObject::typeErrorConstructor):
853         (JSC::JSGlobalObject::URIErrorConstructor):
854         (JSC::JSGlobalObject::evalFunction):
855         (JSC::JSGlobalObject::objectPrototype):
856         (JSC::JSGlobalObject::functionPrototype):
857         (JSC::JSGlobalObject::arrayPrototype):
858         (JSC::JSGlobalObject::booleanPrototype):
859         (JSC::JSGlobalObject::stringPrototype):
860         (JSC::JSGlobalObject::numberPrototype):
861         (JSC::JSGlobalObject::datePrototype):
862         (JSC::JSGlobalObject::regExpPrototype):
863         (JSC::JSGlobalObject::methodCallDummy):
864         (JSC::Structure::prototypeForLookup):
865         (JSC::constructArray):
866         * runtime/JSONObject.cpp:
867         (JSC::Stringifier::Holder::object):
868         (JSC::Stringifier::Holder::objectSlot):
869         (JSC::Stringifier::markAggregate):
870         (JSC::Stringifier::stringify):
871         (JSC::Stringifier::Holder::appendNextProperty):
872         (JSC::Walker::callReviver):
873         (JSC::Walker::walk):
874         * runtime/JSObject.cpp:
875         (JSC::JSObject::defineGetter):
876         (JSC::JSObject::defineSetter):
877         (JSC::JSObject::removeDirect):
878         (JSC::JSObject::putDirectFunction):
879         (JSC::JSObject::putDirectFunctionWithoutTransition):
880         (JSC::putDescriptor):
881         (JSC::JSObject::defineOwnProperty):
882         * runtime/JSObject.h:
883         (JSC::JSObject::getDirectOffset):
884         (JSC::JSObject::putDirectOffset):
885         (JSC::JSObject::putUndefinedAtDirectOffset):
886         (JSC::JSObject::flattenDictionaryObject):
887         (JSC::JSObject::putDirectInternal):
888         (JSC::JSObject::putDirect):
889         (JSC::JSObject::putDirectFunction):
890         (JSC::JSObject::putDirectWithoutTransition):
891         (JSC::JSObject::putDirectFunctionWithoutTransition):
892         (JSC::JSValue::putDirect):
893         (JSC::JSObject::allocatePropertyStorageInline):
894         (JSC::JSObject::markChildrenDirect):
895         * runtime/JSPropertyNameIterator.cpp:
896         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
897         (JSC::JSPropertyNameIterator::get):
898         * runtime/JSPropertyNameIterator.h:
899         * runtime/JSStaticScopeObject.cpp:
900         (JSC::JSStaticScopeObject::markChildren):
901         * runtime/JSString.cpp:
902         (JSC::StringObject::create):
903         * runtime/JSValue.h:
904         * runtime/JSWrapperObject.cpp:
905         (JSC::JSWrapperObject::markChildren):
906         * runtime/JSWrapperObject.h:
907         (JSC::JSWrapperObject::internalValue):
908         (JSC::JSWrapperObject::setInternalValue):
909         * runtime/LiteralParser.cpp:
910         (JSC::LiteralParser::parse):
911         * runtime/Lookup.cpp:
912         (JSC::setUpStaticFunctionSlot):
913         * runtime/Lookup.h:
914         (JSC::lookupPut):
915         * runtime/MarkStack.h:
916         (JSC::MarkStack::MarkStack):
917         (JSC::MarkStack::deprecatedAppendValues):
918         (JSC::MarkStack::appendValues):
919         * runtime/MathObject.cpp:
920         (JSC::MathObject::MathObject):
921         * runtime/NativeErrorConstructor.cpp:
922         (JSC::NativeErrorConstructor::NativeErrorConstructor):
923         * runtime/NativeErrorPrototype.cpp:
924         (JSC::NativeErrorPrototype::NativeErrorPrototype):
925         * runtime/NumberConstructor.cpp:
926         (JSC::NumberConstructor::NumberConstructor):
927         (JSC::constructWithNumberConstructor):
928         * runtime/NumberObject.cpp:
929         (JSC::constructNumber):
930         * runtime/NumberPrototype.cpp:
931         (JSC::NumberPrototype::NumberPrototype):
932         * runtime/ObjectConstructor.cpp:
933         (JSC::ObjectConstructor::ObjectConstructor):
934         (JSC::objectConstructorGetOwnPropertyDescriptor):
935         * runtime/Operations.h:
936         (JSC::normalizePrototypeChain):
937         (JSC::resolveBase):
938         * runtime/PrototypeFunction.cpp:
939         (JSC::PrototypeFunction::PrototypeFunction):
940         * runtime/PutPropertySlot.h:
941         (JSC::PutPropertySlot::setExistingProperty):
942         (JSC::PutPropertySlot::setNewProperty):
943         (JSC::PutPropertySlot::base):
944         * runtime/RegExpConstructor.cpp:
945         (JSC::RegExpConstructor::RegExpConstructor):
946         * runtime/ScopeChain.cpp:
947         (JSC::ScopeChainNode::print):
948         * runtime/ScopeChain.h:
949         (JSC::ScopeChainNode::~ScopeChainNode):
950         (JSC::ScopeChainIterator::operator*):
951         (JSC::ScopeChainIterator::operator->):
952         (JSC::ScopeChain::top):
953         * runtime/ScopeChainMark.h:
954         (JSC::ScopeChain::markAggregate):
955         * runtime/SmallStrings.cpp:
956         (JSC::isMarked):
957         (JSC::SmallStrings::markChildren):
958         * runtime/SmallStrings.h:
959         (JSC::SmallStrings::emptyString):
960         (JSC::SmallStrings::singleCharacterString):
961         (JSC::SmallStrings::singleCharacterStrings):
962         * runtime/StringConstructor.cpp:
963         (JSC::StringConstructor::StringConstructor):
964         * runtime/StringObject.cpp:
965         (JSC::StringObject::StringObject):
966         * runtime/StringObject.h:
967         * runtime/StringPrototype.cpp:
968         (JSC::StringPrototype::StringPrototype):
969         * runtime/Structure.cpp:
970         (JSC::Structure::Structure):
971         (JSC::Structure::addPropertyTransition):
972         (JSC::Structure::toDictionaryTransition):
973         (JSC::Structure::flattenDictionaryStructure):
974         * runtime/Structure.h:
975         (JSC::Structure::storedPrototype):
976         (JSC::Structure::storedPrototypeSlot):
977         * runtime/WeakGCMap.h:
978         (JSC::WeakGCMap::uncheckedGet):
979         (JSC::WeakGCMap::uncheckedGetSlot):
980         (JSC::::get):
981         (JSC::::take):
982         (JSC::::set):
983         (JSC::::uncheckedRemove):
984         * runtime/WriteBarrier.h: Added.
985         (JSC::DeprecatedPtr::DeprecatedPtr):
986         (JSC::DeprecatedPtr::get):
987         (JSC::DeprecatedPtr::operator*):
988         (JSC::DeprecatedPtr::operator->):
989         (JSC::DeprecatedPtr::slot):
990         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
991         (JSC::DeprecatedPtr::operator!):
992         (JSC::WriteBarrierBase::set):
993         (JSC::WriteBarrierBase::get):
994         (JSC::WriteBarrierBase::operator*):
995         (JSC::WriteBarrierBase::operator->):
996         (JSC::WriteBarrierBase::clear):
997         (JSC::WriteBarrierBase::slot):
998         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
999         (JSC::WriteBarrierBase::operator!):
1000         (JSC::WriteBarrier::WriteBarrier):
1001         (JSC::operator==):
1002
1003 2011-01-31  Dan Winship  <danw@gnome.org>
1004
1005         Reviewed by Gustavo Noronha Silva.
1006
1007         wss (websockets ssl) support for gtk via new gio TLS support
1008         https://bugs.webkit.org/show_bug.cgi?id=50344
1009
1010         Add a GPollableOutputStream typedef for TLS WebSockets support
1011
1012         * wtf/gobject/GTypedefs.h:
1013
1014 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
1015
1016         Reviewed by Geoff Garen.
1017
1018         https://bugs.webkit.org/show_bug.cgi?id=53352
1019         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
1020
1021         The FixedVMPoolAllocator currently uses a best fix policy -
1022         switch to first fit, this is less prone to external fragmentation.
1023
1024         * jit/ExecutableAllocatorFixedVMPool.cpp:
1025         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
1026         (JSC::AllocationTableSizeClass::blockSize):
1027         (JSC::AllocationTableSizeClass::blockCount):
1028         (JSC::AllocationTableSizeClass::blockAlignment):
1029         (JSC::AllocationTableSizeClass::size):
1030         (JSC::AllocationTableLeaf::AllocationTableLeaf):
1031         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
1032         (JSC::AllocationTableLeaf::allocate):
1033         (JSC::AllocationTableLeaf::free):
1034         (JSC::AllocationTableLeaf::isEmpty):
1035         (JSC::AllocationTableLeaf::isFull):
1036         (JSC::AllocationTableLeaf::size):
1037         (JSC::AllocationTableLeaf::classForSize):
1038         (JSC::AllocationTableLeaf::dump):
1039         (JSC::LazyAllocationTable::LazyAllocationTable):
1040         (JSC::LazyAllocationTable::~LazyAllocationTable):
1041         (JSC::LazyAllocationTable::allocate):
1042         (JSC::LazyAllocationTable::free):
1043         (JSC::LazyAllocationTable::isEmpty):
1044         (JSC::LazyAllocationTable::isFull):
1045         (JSC::LazyAllocationTable::size):
1046         (JSC::LazyAllocationTable::dump):
1047         (JSC::LazyAllocationTable::classForSize):
1048         (JSC::AllocationTableDirectory::AllocationTableDirectory):
1049         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
1050         (JSC::AllocationTableDirectory::allocate):
1051         (JSC::AllocationTableDirectory::free):
1052         (JSC::AllocationTableDirectory::isEmpty):
1053         (JSC::AllocationTableDirectory::isFull):
1054         (JSC::AllocationTableDirectory::size):
1055         (JSC::AllocationTableDirectory::classForSize):
1056         (JSC::AllocationTableDirectory::dump):
1057         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1058         (JSC::FixedVMPoolAllocator::alloc):
1059         (JSC::FixedVMPoolAllocator::free):
1060         (JSC::FixedVMPoolAllocator::allocated):
1061         (JSC::FixedVMPoolAllocator::isValid):
1062         (JSC::FixedVMPoolAllocator::classForSize):
1063         (JSC::FixedVMPoolAllocator::offsetToPointer):
1064         (JSC::FixedVMPoolAllocator::pointerToOffset):
1065         (JSC::ExecutableAllocator::committedByteCount):
1066         (JSC::ExecutableAllocator::isValid):
1067         (JSC::ExecutableAllocator::underMemoryPressure):
1068         (JSC::ExecutablePool::systemAlloc):
1069         (JSC::ExecutablePool::systemRelease):
1070         * wtf/PageReservation.h:
1071         (WTF::PageReservation::PageReservation):
1072         (WTF::PageReservation::commit):
1073         (WTF::PageReservation::decommit):
1074         (WTF::PageReservation::committed):
1075
1076 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1077
1078         Unreviewed, rolling out r76969.
1079         http://trac.webkit.org/changeset/76969
1080         https://bugs.webkit.org/show_bug.cgi?id=53418
1081
1082         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1083         alexg__ on #webkit).
1084
1085         * runtime/WeakGCMap.h:
1086
1087 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1088
1089         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1090         r77111.
1091         http://trac.webkit.org/changeset/77098
1092         http://trac.webkit.org/changeset/77099
1093         http://trac.webkit.org/changeset/77100
1094         http://trac.webkit.org/changeset/77109
1095         http://trac.webkit.org/changeset/77111
1096         https://bugs.webkit.org/show_bug.cgi?id=53219
1097
1098         Qt build is broken
1099
1100         * API/JSCallbackObject.h:
1101         (JSC::JSCallbackObjectData::setPrivateProperty):
1102         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1103         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1104         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1105         (JSC::JSCallbackObject::setPrivateProperty):
1106         * API/JSCallbackObjectFunctions.h:
1107         (JSC::::put):
1108         (JSC::::staticFunctionGetter):
1109         * API/JSObjectRef.cpp:
1110         (JSObjectMakeConstructor):
1111         (JSObjectSetPrivateProperty):
1112         * API/JSWeakObjectMapRefInternal.h:
1113         * JavaScriptCore.exp:
1114         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1115         * JavaScriptCore.xcodeproj/project.pbxproj:
1116         * bytecode/CodeBlock.cpp:
1117         (JSC::CodeBlock::markAggregate):
1118         * bytecode/CodeBlock.h:
1119         (JSC::CodeBlock::globalObject):
1120         * bytecompiler/BytecodeGenerator.cpp:
1121         (JSC::BytecodeGenerator::BytecodeGenerator):
1122         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1123         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1124         (JSC::BytecodeGenerator::findScopedProperty):
1125         * debugger/Debugger.cpp:
1126         (JSC::evaluateInGlobalCallFrame):
1127         * debugger/DebuggerActivation.cpp:
1128         (JSC::DebuggerActivation::DebuggerActivation):
1129         (JSC::DebuggerActivation::markChildren):
1130         * debugger/DebuggerActivation.h:
1131         * debugger/DebuggerCallFrame.cpp:
1132         (JSC::DebuggerCallFrame::evaluate):
1133         * interpreter/CallFrame.h:
1134         (JSC::ExecState::exception):
1135         * interpreter/Interpreter.cpp:
1136         (JSC::Interpreter::resolve):
1137         (JSC::Interpreter::resolveSkip):
1138         (JSC::Interpreter::resolveGlobal):
1139         (JSC::Interpreter::resolveGlobalDynamic):
1140         (JSC::Interpreter::resolveBaseAndProperty):
1141         (JSC::Interpreter::unwindCallFrame):
1142         (JSC::appendSourceToError):
1143         (JSC::Interpreter::execute):
1144         (JSC::Interpreter::tryCacheGetByID):
1145         (JSC::Interpreter::privateExecute):
1146         * jit/JITStubs.cpp:
1147         (JSC::JITThunks::tryCacheGetByID):
1148         (JSC::DEFINE_STUB_FUNCTION):
1149         * jsc.cpp:
1150         (GlobalObject::GlobalObject):
1151         * runtime/ArgList.cpp:
1152         (JSC::MarkedArgumentBuffer::markLists):
1153         * runtime/Arguments.cpp:
1154         (JSC::Arguments::markChildren):
1155         (JSC::Arguments::getOwnPropertySlot):
1156         (JSC::Arguments::getOwnPropertyDescriptor):
1157         (JSC::Arguments::put):
1158         * runtime/Arguments.h:
1159         (JSC::Arguments::setActivation):
1160         (JSC::Arguments::Arguments):
1161         * runtime/ArrayConstructor.cpp:
1162         (JSC::ArrayConstructor::ArrayConstructor):
1163         (JSC::constructArrayWithSizeQuirk):
1164         * runtime/ArrayPrototype.cpp:
1165         (JSC::arrayProtoFuncSplice):
1166         * runtime/BatchedTransitionOptimizer.h:
1167         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1168         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1169         * runtime/BooleanConstructor.cpp:
1170         (JSC::BooleanConstructor::BooleanConstructor):
1171         (JSC::constructBoolean):
1172         (JSC::constructBooleanFromImmediateBoolean):
1173         * runtime/BooleanPrototype.cpp:
1174         (JSC::BooleanPrototype::BooleanPrototype):
1175         * runtime/ConservativeSet.cpp:
1176         (JSC::ConservativeSet::grow):
1177         * runtime/ConservativeSet.h:
1178         (JSC::ConservativeSet::~ConservativeSet):
1179         (JSC::ConservativeSet::mark):
1180         * runtime/DateConstructor.cpp:
1181         (JSC::DateConstructor::DateConstructor):
1182         * runtime/DateInstance.cpp:
1183         (JSC::DateInstance::DateInstance):
1184         * runtime/DatePrototype.cpp:
1185         (JSC::dateProtoFuncSetTime):
1186         (JSC::setNewValueFromTimeArgs):
1187         (JSC::setNewValueFromDateArgs):
1188         (JSC::dateProtoFuncSetYear):
1189         * runtime/ErrorConstructor.cpp:
1190         (JSC::ErrorConstructor::ErrorConstructor):
1191         * runtime/ErrorInstance.cpp:
1192         (JSC::ErrorInstance::ErrorInstance):
1193         * runtime/ErrorPrototype.cpp:
1194         (JSC::ErrorPrototype::ErrorPrototype):
1195         * runtime/FunctionConstructor.cpp:
1196         (JSC::FunctionConstructor::FunctionConstructor):
1197         * runtime/FunctionPrototype.cpp:
1198         (JSC::FunctionPrototype::FunctionPrototype):
1199         * runtime/GetterSetter.cpp:
1200         (JSC::GetterSetter::markChildren):
1201         * runtime/GetterSetter.h:
1202         (JSC::GetterSetter::GetterSetter):
1203         (JSC::GetterSetter::getter):
1204         (JSC::GetterSetter::setGetter):
1205         (JSC::GetterSetter::setter):
1206         (JSC::GetterSetter::setSetter):
1207         * runtime/GlobalEvalFunction.cpp:
1208         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1209         (JSC::GlobalEvalFunction::markChildren):
1210         * runtime/GlobalEvalFunction.h:
1211         (JSC::GlobalEvalFunction::cachedGlobalObject):
1212         * runtime/Heap.cpp:
1213         (JSC::Heap::markProtectedObjects):
1214         (JSC::Heap::markTempSortVectors):
1215         (JSC::Heap::markRoots):
1216         * runtime/InternalFunction.cpp:
1217         (JSC::InternalFunction::InternalFunction):
1218         * runtime/JSAPIValueWrapper.h:
1219         (JSC::JSAPIValueWrapper::value):
1220         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1221         * runtime/JSActivation.cpp:
1222         (JSC::JSActivation::markChildren):
1223         (JSC::JSActivation::put):
1224         * runtime/JSArray.cpp:
1225         (JSC::JSArray::JSArray):
1226         (JSC::JSArray::getOwnPropertySlot):
1227         (JSC::JSArray::getOwnPropertyDescriptor):
1228         (JSC::JSArray::put):
1229         (JSC::JSArray::putSlowCase):
1230         (JSC::JSArray::deleteProperty):
1231         (JSC::JSArray::increaseVectorLength):
1232         (JSC::JSArray::setLength):
1233         (JSC::JSArray::pop):
1234         (JSC::JSArray::push):
1235         (JSC::JSArray::unshiftCount):
1236         (JSC::JSArray::sort):
1237         (JSC::JSArray::fillArgList):
1238         (JSC::JSArray::copyToRegisters):
1239         (JSC::JSArray::compactForSorting):
1240         * runtime/JSArray.h:
1241         (JSC::JSArray::getIndex):
1242         (JSC::JSArray::setIndex):
1243         (JSC::JSArray::uncheckedSetIndex):
1244         (JSC::JSArray::markChildrenDirect):
1245         * runtime/JSByteArray.cpp:
1246         (JSC::JSByteArray::JSByteArray):
1247         * runtime/JSCell.h:
1248         (JSC::JSCell::JSValue::toThisObject):
1249         (JSC::JSCell::MarkStack::append):
1250         * runtime/JSFunction.cpp:
1251         (JSC::JSFunction::JSFunction):
1252         (JSC::JSFunction::getOwnPropertySlot):
1253         * runtime/JSGlobalData.h:
1254         * runtime/JSGlobalObject.cpp:
1255         (JSC::markIfNeeded):
1256         (JSC::JSGlobalObject::reset):
1257         (JSC::JSGlobalObject::resetPrototype):
1258         (JSC::JSGlobalObject::markChildren):
1259         * runtime/JSGlobalObject.h:
1260         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1261         (JSC::JSGlobalObject::regExpConstructor):
1262         (JSC::JSGlobalObject::errorConstructor):
1263         (JSC::JSGlobalObject::evalErrorConstructor):
1264         (JSC::JSGlobalObject::rangeErrorConstructor):
1265         (JSC::JSGlobalObject::referenceErrorConstructor):
1266         (JSC::JSGlobalObject::syntaxErrorConstructor):
1267         (JSC::JSGlobalObject::typeErrorConstructor):
1268         (JSC::JSGlobalObject::URIErrorConstructor):
1269         (JSC::JSGlobalObject::evalFunction):
1270         (JSC::JSGlobalObject::objectPrototype):
1271         (JSC::JSGlobalObject::functionPrototype):
1272         (JSC::JSGlobalObject::arrayPrototype):
1273         (JSC::JSGlobalObject::booleanPrototype):
1274         (JSC::JSGlobalObject::stringPrototype):
1275         (JSC::JSGlobalObject::numberPrototype):
1276         (JSC::JSGlobalObject::datePrototype):
1277         (JSC::JSGlobalObject::regExpPrototype):
1278         (JSC::JSGlobalObject::methodCallDummy):
1279         (JSC::Structure::prototypeForLookup):
1280         (JSC::constructArray):
1281         * runtime/JSONObject.cpp:
1282         (JSC::Stringifier::Holder::object):
1283         (JSC::Stringifier::markAggregate):
1284         (JSC::Stringifier::stringify):
1285         (JSC::Stringifier::Holder::appendNextProperty):
1286         (JSC::Walker::callReviver):
1287         (JSC::Walker::walk):
1288         * runtime/JSObject.cpp:
1289         (JSC::JSObject::defineGetter):
1290         (JSC::JSObject::defineSetter):
1291         (JSC::JSObject::removeDirect):
1292         (JSC::JSObject::putDirectFunction):
1293         (JSC::JSObject::putDirectFunctionWithoutTransition):
1294         (JSC::putDescriptor):
1295         (JSC::JSObject::defineOwnProperty):
1296         * runtime/JSObject.h:
1297         (JSC::JSObject::getDirectOffset):
1298         (JSC::JSObject::putDirectOffset):
1299         (JSC::JSObject::flattenDictionaryObject):
1300         (JSC::JSObject::putDirectInternal):
1301         (JSC::JSObject::putDirect):
1302         (JSC::JSObject::putDirectFunction):
1303         (JSC::JSObject::putDirectWithoutTransition):
1304         (JSC::JSObject::putDirectFunctionWithoutTransition):
1305         (JSC::JSValue::putDirect):
1306         (JSC::JSObject::allocatePropertyStorageInline):
1307         (JSC::JSObject::markChildrenDirect):
1308         * runtime/JSPropertyNameIterator.cpp:
1309         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1310         (JSC::JSPropertyNameIterator::get):
1311         * runtime/JSPropertyNameIterator.h:
1312         * runtime/JSStaticScopeObject.cpp:
1313         (JSC::JSStaticScopeObject::markChildren):
1314         * runtime/JSString.cpp:
1315         (JSC::StringObject::create):
1316         * runtime/JSValue.h:
1317         * runtime/JSWrapperObject.cpp:
1318         (JSC::JSWrapperObject::markChildren):
1319         * runtime/JSWrapperObject.h:
1320         (JSC::JSWrapperObject::internalValue):
1321         (JSC::JSWrapperObject::setInternalValue):
1322         * runtime/LiteralParser.cpp:
1323         (JSC::LiteralParser::parse):
1324         * runtime/Lookup.cpp:
1325         (JSC::setUpStaticFunctionSlot):
1326         * runtime/Lookup.h:
1327         (JSC::lookupPut):
1328         * runtime/MarkStack.h:
1329         (JSC::MarkStack::appendValues):
1330         * runtime/MathObject.cpp:
1331         (JSC::MathObject::MathObject):
1332         * runtime/NativeErrorConstructor.cpp:
1333         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1334         * runtime/NativeErrorPrototype.cpp:
1335         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1336         * runtime/NumberConstructor.cpp:
1337         (JSC::NumberConstructor::NumberConstructor):
1338         (JSC::constructWithNumberConstructor):
1339         * runtime/NumberObject.cpp:
1340         (JSC::constructNumber):
1341         * runtime/NumberPrototype.cpp:
1342         (JSC::NumberPrototype::NumberPrototype):
1343         * runtime/ObjectConstructor.cpp:
1344         (JSC::ObjectConstructor::ObjectConstructor):
1345         (JSC::objectConstructorGetOwnPropertyDescriptor):
1346         * runtime/Operations.h:
1347         (JSC::normalizePrototypeChain):
1348         (JSC::resolveBase):
1349         * runtime/PrototypeFunction.cpp:
1350         (JSC::PrototypeFunction::PrototypeFunction):
1351         * runtime/PutPropertySlot.h:
1352         (JSC::PutPropertySlot::setExistingProperty):
1353         (JSC::PutPropertySlot::setNewProperty):
1354         (JSC::PutPropertySlot::base):
1355         * runtime/RegExpConstructor.cpp:
1356         (JSC::RegExpConstructor::RegExpConstructor):
1357         * runtime/ScopeChain.cpp:
1358         (JSC::ScopeChainNode::print):
1359         * runtime/ScopeChain.h:
1360         (JSC::ScopeChainNode::~ScopeChainNode):
1361         (JSC::ScopeChainIterator::operator*):
1362         (JSC::ScopeChainIterator::operator->):
1363         (JSC::ScopeChain::top):
1364         * runtime/ScopeChainMark.h:
1365         (JSC::ScopeChain::markAggregate):
1366         * runtime/SmallStrings.cpp:
1367         (JSC::isMarked):
1368         (JSC::SmallStrings::markChildren):
1369         * runtime/SmallStrings.h:
1370         (JSC::SmallStrings::emptyString):
1371         (JSC::SmallStrings::singleCharacterString):
1372         (JSC::SmallStrings::singleCharacterStrings):
1373         * runtime/StringConstructor.cpp:
1374         (JSC::StringConstructor::StringConstructor):
1375         * runtime/StringObject.cpp:
1376         (JSC::StringObject::StringObject):
1377         * runtime/StringObject.h:
1378         * runtime/StringPrototype.cpp:
1379         (JSC::StringPrototype::StringPrototype):
1380         * runtime/Structure.cpp:
1381         (JSC::Structure::Structure):
1382         (JSC::Structure::addPropertyTransition):
1383         (JSC::Structure::toDictionaryTransition):
1384         (JSC::Structure::flattenDictionaryStructure):
1385         * runtime/Structure.h:
1386         (JSC::Structure::storedPrototype):
1387         * runtime/WeakGCMap.h:
1388         (JSC::WeakGCMap::uncheckedGet):
1389         (JSC::WeakGCMap::isValid):
1390         (JSC::::get):
1391         (JSC::::take):
1392         (JSC::::set):
1393         (JSC::::uncheckedRemove):
1394         * runtime/WriteBarrier.h: Removed.
1395
1396 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1397
1398         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1399
1400         * runtime/WriteBarrier.h:
1401         (JSC::WriteBarrierBase::clear):
1402
1403 2011-01-30  Oliver Hunt  <oliver@apple.com>
1404
1405         More Qt build fixes
1406
1407         * runtime/WriteBarrier.h:
1408         (JSC::WriteBarrierBase::clear):
1409
1410 2011-01-30  Oliver Hunt  <oliver@apple.com>
1411
1412         Convert markstack to a slot visitor API
1413         https://bugs.webkit.org/show_bug.cgi?id=53219
1414
1415         rolling r77006 and r77020 back in.
1416
1417         * API/JSCallbackObject.h:
1418         (JSC::JSCallbackObjectData::setPrivateProperty):
1419         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1420         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1421         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1422         (JSC::JSCallbackObject::setPrivateProperty):
1423         * API/JSCallbackObjectFunctions.h:
1424         (JSC::::put):
1425         (JSC::::staticFunctionGetter):
1426         * API/JSObjectRef.cpp:
1427         (JSObjectMakeConstructor):
1428         (JSObjectSetPrivateProperty):
1429         * API/JSWeakObjectMapRefInternal.h:
1430         * JavaScriptCore.exp:
1431         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1432         * JavaScriptCore.xcodeproj/project.pbxproj:
1433         * bytecode/CodeBlock.cpp:
1434         (JSC::CodeBlock::markAggregate):
1435         * bytecode/CodeBlock.h:
1436         (JSC::CodeBlock::globalObject):
1437         * bytecompiler/BytecodeGenerator.cpp:
1438         (JSC::BytecodeGenerator::BytecodeGenerator):
1439         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1440         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1441         (JSC::BytecodeGenerator::findScopedProperty):
1442         * debugger/Debugger.cpp:
1443         (JSC::evaluateInGlobalCallFrame):
1444         * debugger/DebuggerActivation.cpp:
1445         (JSC::DebuggerActivation::DebuggerActivation):
1446         (JSC::DebuggerActivation::markChildren):
1447         * debugger/DebuggerActivation.h:
1448         * debugger/DebuggerCallFrame.cpp:
1449         (JSC::DebuggerCallFrame::evaluate):
1450         * interpreter/CallFrame.h:
1451         (JSC::ExecState::exception):
1452         * interpreter/Interpreter.cpp:
1453         (JSC::Interpreter::resolve):
1454         (JSC::Interpreter::resolveSkip):
1455         (JSC::Interpreter::resolveGlobal):
1456         (JSC::Interpreter::resolveGlobalDynamic):
1457         (JSC::Interpreter::resolveBaseAndProperty):
1458         (JSC::Interpreter::unwindCallFrame):
1459         (JSC::appendSourceToError):
1460         (JSC::Interpreter::execute):
1461         (JSC::Interpreter::tryCacheGetByID):
1462         (JSC::Interpreter::privateExecute):
1463         * jit/JITStubs.cpp:
1464         (JSC::JITThunks::tryCacheGetByID):
1465         (JSC::DEFINE_STUB_FUNCTION):
1466         * jsc.cpp:
1467         (GlobalObject::GlobalObject):
1468         * runtime/ArgList.cpp:
1469         (JSC::MarkedArgumentBuffer::markLists):
1470         * runtime/Arguments.cpp:
1471         (JSC::Arguments::markChildren):
1472         (JSC::Arguments::getOwnPropertySlot):
1473         (JSC::Arguments::getOwnPropertyDescriptor):
1474         (JSC::Arguments::put):
1475         * runtime/Arguments.h:
1476         (JSC::Arguments::setActivation):
1477         (JSC::Arguments::Arguments):
1478         * runtime/ArrayConstructor.cpp:
1479         (JSC::ArrayConstructor::ArrayConstructor):
1480         (JSC::constructArrayWithSizeQuirk):
1481         * runtime/ArrayPrototype.cpp:
1482         (JSC::arrayProtoFuncSplice):
1483         * runtime/BatchedTransitionOptimizer.h:
1484         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1485         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1486         * runtime/BooleanConstructor.cpp:
1487         (JSC::BooleanConstructor::BooleanConstructor):
1488         (JSC::constructBoolean):
1489         (JSC::constructBooleanFromImmediateBoolean):
1490         * runtime/BooleanPrototype.cpp:
1491         (JSC::BooleanPrototype::BooleanPrototype):
1492         * runtime/ConservativeSet.cpp:
1493         (JSC::ConservativeSet::grow):
1494         * runtime/ConservativeSet.h:
1495         (JSC::ConservativeSet::~ConservativeSet):
1496         (JSC::ConservativeSet::mark):
1497         * runtime/DateConstructor.cpp:
1498         (JSC::DateConstructor::DateConstructor):
1499         * runtime/DateInstance.cpp:
1500         (JSC::DateInstance::DateInstance):
1501         * runtime/DatePrototype.cpp:
1502         (JSC::dateProtoFuncSetTime):
1503         (JSC::setNewValueFromTimeArgs):
1504         (JSC::setNewValueFromDateArgs):
1505         (JSC::dateProtoFuncSetYear):
1506         * runtime/ErrorConstructor.cpp:
1507         (JSC::ErrorConstructor::ErrorConstructor):
1508         * runtime/ErrorInstance.cpp:
1509         (JSC::ErrorInstance::ErrorInstance):
1510         * runtime/ErrorPrototype.cpp:
1511         (JSC::ErrorPrototype::ErrorPrototype):
1512         * runtime/FunctionConstructor.cpp:
1513         (JSC::FunctionConstructor::FunctionConstructor):
1514         * runtime/FunctionPrototype.cpp:
1515         (JSC::FunctionPrototype::FunctionPrototype):
1516         * runtime/GetterSetter.cpp:
1517         (JSC::GetterSetter::markChildren):
1518         * runtime/GetterSetter.h:
1519         (JSC::GetterSetter::GetterSetter):
1520         (JSC::GetterSetter::getter):
1521         (JSC::GetterSetter::setGetter):
1522         (JSC::GetterSetter::setter):
1523         (JSC::GetterSetter::setSetter):
1524         * runtime/GlobalEvalFunction.cpp:
1525         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1526         (JSC::GlobalEvalFunction::markChildren):
1527         * runtime/GlobalEvalFunction.h:
1528         (JSC::GlobalEvalFunction::cachedGlobalObject):
1529         * runtime/Heap.cpp:
1530         (JSC::Heap::markProtectedObjects):
1531         (JSC::Heap::markTempSortVectors):
1532         (JSC::Heap::markRoots):
1533         * runtime/InternalFunction.cpp:
1534         (JSC::InternalFunction::InternalFunction):
1535         * runtime/JSAPIValueWrapper.h:
1536         (JSC::JSAPIValueWrapper::value):
1537         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1538         * runtime/JSActivation.cpp:
1539         (JSC::JSActivation::markChildren):
1540         (JSC::JSActivation::put):
1541         * runtime/JSArray.cpp:
1542         (JSC::JSArray::JSArray):
1543         (JSC::JSArray::getOwnPropertySlot):
1544         (JSC::JSArray::getOwnPropertyDescriptor):
1545         (JSC::JSArray::put):
1546         (JSC::JSArray::putSlowCase):
1547         (JSC::JSArray::deleteProperty):
1548         (JSC::JSArray::increaseVectorLength):
1549         (JSC::JSArray::setLength):
1550         (JSC::JSArray::pop):
1551         (JSC::JSArray::push):
1552         (JSC::JSArray::unshiftCount):
1553         (JSC::JSArray::sort):
1554         (JSC::JSArray::fillArgList):
1555         (JSC::JSArray::copyToRegisters):
1556         (JSC::JSArray::compactForSorting):
1557         * runtime/JSArray.h:
1558         (JSC::JSArray::getIndex):
1559         (JSC::JSArray::setIndex):
1560         (JSC::JSArray::uncheckedSetIndex):
1561         (JSC::JSArray::markChildrenDirect):
1562         * runtime/JSByteArray.cpp:
1563         (JSC::JSByteArray::JSByteArray):
1564         * runtime/JSCell.h:
1565         (JSC::JSCell::MarkStack::append):
1566         (JSC::JSCell::MarkStack::internalAppend):
1567         (JSC::JSCell::MarkStack::deprecatedAppend):
1568         * runtime/JSFunction.cpp:
1569         (JSC::JSFunction::JSFunction):
1570         (JSC::JSFunction::getOwnPropertySlot):
1571         * runtime/JSGlobalData.h:
1572         * runtime/JSGlobalObject.cpp:
1573         (JSC::markIfNeeded):
1574         (JSC::JSGlobalObject::reset):
1575         (JSC::JSGlobalObject::resetPrototype):
1576         (JSC::JSGlobalObject::markChildren):
1577         * runtime/JSGlobalObject.h:
1578         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1579         (JSC::JSGlobalObject::regExpConstructor):
1580         (JSC::JSGlobalObject::errorConstructor):
1581         (JSC::JSGlobalObject::evalErrorConstructor):
1582         (JSC::JSGlobalObject::rangeErrorConstructor):
1583         (JSC::JSGlobalObject::referenceErrorConstructor):
1584         (JSC::JSGlobalObject::syntaxErrorConstructor):
1585         (JSC::JSGlobalObject::typeErrorConstructor):
1586         (JSC::JSGlobalObject::URIErrorConstructor):
1587         (JSC::JSGlobalObject::evalFunction):
1588         (JSC::JSGlobalObject::objectPrototype):
1589         (JSC::JSGlobalObject::functionPrototype):
1590         (JSC::JSGlobalObject::arrayPrototype):
1591         (JSC::JSGlobalObject::booleanPrototype):
1592         (JSC::JSGlobalObject::stringPrototype):
1593         (JSC::JSGlobalObject::numberPrototype):
1594         (JSC::JSGlobalObject::datePrototype):
1595         (JSC::JSGlobalObject::regExpPrototype):
1596         (JSC::JSGlobalObject::methodCallDummy):
1597         (JSC::Structure::prototypeForLookup):
1598         (JSC::constructArray):
1599         * runtime/JSONObject.cpp:
1600         (JSC::Stringifier::Holder::object):
1601         (JSC::Stringifier::Holder::objectSlot):
1602         (JSC::Stringifier::markAggregate):
1603         (JSC::Stringifier::stringify):
1604         (JSC::Stringifier::Holder::appendNextProperty):
1605         (JSC::Walker::callReviver):
1606         (JSC::Walker::walk):
1607         * runtime/JSObject.cpp:
1608         (JSC::JSObject::defineGetter):
1609         (JSC::JSObject::defineSetter):
1610         (JSC::JSObject::removeDirect):
1611         (JSC::JSObject::putDirectFunction):
1612         (JSC::JSObject::putDirectFunctionWithoutTransition):
1613         (JSC::putDescriptor):
1614         (JSC::JSObject::defineOwnProperty):
1615         * runtime/JSObject.h:
1616         (JSC::JSObject::getDirectOffset):
1617         (JSC::JSObject::putDirectOffset):
1618         (JSC::JSObject::putUndefinedAtDirectOffset):
1619         (JSC::JSObject::flattenDictionaryObject):
1620         (JSC::JSObject::putDirectInternal):
1621         (JSC::JSObject::putDirect):
1622         (JSC::JSObject::putDirectFunction):
1623         (JSC::JSObject::putDirectWithoutTransition):
1624         (JSC::JSObject::putDirectFunctionWithoutTransition):
1625         (JSC::JSValue::putDirect):
1626         (JSC::JSObject::allocatePropertyStorageInline):
1627         (JSC::JSObject::markChildrenDirect):
1628         * runtime/JSPropertyNameIterator.cpp:
1629         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1630         (JSC::JSPropertyNameIterator::get):
1631         * runtime/JSPropertyNameIterator.h:
1632         * runtime/JSStaticScopeObject.cpp:
1633         (JSC::JSStaticScopeObject::markChildren):
1634         * runtime/JSString.cpp:
1635         (JSC::StringObject::create):
1636         * runtime/JSValue.h:
1637         * runtime/JSWrapperObject.cpp:
1638         (JSC::JSWrapperObject::markChildren):
1639         * runtime/JSWrapperObject.h:
1640         (JSC::JSWrapperObject::internalValue):
1641         (JSC::JSWrapperObject::setInternalValue):
1642         * runtime/LiteralParser.cpp:
1643         (JSC::LiteralParser::parse):
1644         * runtime/Lookup.cpp:
1645         (JSC::setUpStaticFunctionSlot):
1646         * runtime/Lookup.h:
1647         (JSC::lookupPut):
1648         * runtime/MarkStack.h:
1649         (JSC::MarkStack::MarkStack):
1650         (JSC::MarkStack::deprecatedAppendValues):
1651         (JSC::MarkStack::appendValues):
1652         * runtime/MathObject.cpp:
1653         (JSC::MathObject::MathObject):
1654         * runtime/NativeErrorConstructor.cpp:
1655         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1656         * runtime/NativeErrorPrototype.cpp:
1657         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1658         * runtime/NumberConstructor.cpp:
1659         (JSC::NumberConstructor::NumberConstructor):
1660         (JSC::constructWithNumberConstructor):
1661         * runtime/NumberObject.cpp:
1662         (JSC::constructNumber):
1663         * runtime/NumberPrototype.cpp:
1664         (JSC::NumberPrototype::NumberPrototype):
1665         * runtime/ObjectConstructor.cpp:
1666         (JSC::ObjectConstructor::ObjectConstructor):
1667         (JSC::objectConstructorGetOwnPropertyDescriptor):
1668         * runtime/Operations.h:
1669         (JSC::normalizePrototypeChain):
1670         (JSC::resolveBase):
1671         * runtime/PrototypeFunction.cpp:
1672         (JSC::PrototypeFunction::PrototypeFunction):
1673         * runtime/PutPropertySlot.h:
1674         (JSC::PutPropertySlot::setExistingProperty):
1675         (JSC::PutPropertySlot::setNewProperty):
1676         (JSC::PutPropertySlot::base):
1677         * runtime/RegExpConstructor.cpp:
1678         (JSC::RegExpConstructor::RegExpConstructor):
1679         * runtime/ScopeChain.cpp:
1680         (JSC::ScopeChainNode::print):
1681         * runtime/ScopeChain.h:
1682         (JSC::ScopeChainNode::~ScopeChainNode):
1683         (JSC::ScopeChainIterator::operator*):
1684         (JSC::ScopeChainIterator::operator->):
1685         (JSC::ScopeChain::top):
1686         * runtime/ScopeChainMark.h:
1687         (JSC::ScopeChain::markAggregate):
1688         * runtime/SmallStrings.cpp:
1689         (JSC::isMarked):
1690         (JSC::SmallStrings::markChildren):
1691         * runtime/SmallStrings.h:
1692         (JSC::SmallStrings::emptyString):
1693         (JSC::SmallStrings::singleCharacterString):
1694         (JSC::SmallStrings::singleCharacterStrings):
1695         * runtime/StringConstructor.cpp:
1696         (JSC::StringConstructor::StringConstructor):
1697         * runtime/StringObject.cpp:
1698         (JSC::StringObject::StringObject):
1699         * runtime/StringObject.h:
1700         * runtime/StringPrototype.cpp:
1701         (JSC::StringPrototype::StringPrototype):
1702         * runtime/Structure.cpp:
1703         (JSC::Structure::Structure):
1704         (JSC::Structure::addPropertyTransition):
1705         (JSC::Structure::toDictionaryTransition):
1706         (JSC::Structure::flattenDictionaryStructure):
1707         * runtime/Structure.h:
1708         (JSC::Structure::storedPrototype):
1709         (JSC::Structure::storedPrototypeSlot):
1710         * runtime/WeakGCMap.h:
1711         (JSC::WeakGCMap::uncheckedGet):
1712         (JSC::WeakGCMap::uncheckedGetSlot):
1713         (JSC::WeakGCMap::isValid):
1714         (JSC::::get):
1715         (JSC::::take):
1716         (JSC::::set):
1717         (JSC::::uncheckedRemove):
1718         * runtime/WriteBarrier.h: Added.
1719         (JSC::DeprecatedPtr::DeprecatedPtr):
1720         (JSC::DeprecatedPtr::get):
1721         (JSC::DeprecatedPtr::operator*):
1722         (JSC::DeprecatedPtr::operator->):
1723         (JSC::DeprecatedPtr::slot):
1724         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1725         (JSC::DeprecatedPtr::operator!):
1726         (JSC::WriteBarrierBase::set):
1727         (JSC::WriteBarrierBase::get):
1728         (JSC::WriteBarrierBase::operator*):
1729         (JSC::WriteBarrierBase::operator->):
1730         (JSC::WriteBarrierBase::slot):
1731         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1732         (JSC::WriteBarrierBase::operator!):
1733         (JSC::WriteBarrier::WriteBarrier):
1734         (JSC::operator==):
1735
1736 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
1737
1738         Reviewed by Oliver Hunt.
1739
1740         Filter all Heap collection through a common reset function, in
1741         preparation for adding features triggered by collection.
1742         https://bugs.webkit.org/show_bug.cgi?id=53396
1743         
1744         SunSpider reports no change.
1745
1746         * runtime/Heap.cpp:
1747         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
1748         limit, just call collectAllGarbage() instead of rolling our own special
1749         way of resetting the heap. In theory, this may be slower in some cases,
1750         but it also fixes cases of pathological heap growth that we've seen,
1751         where the only objects being allocated are temporary and huge
1752         (<rdar://problem/8885843>).
1753
1754         (JSC::Heap::allocate):
1755         (JSC::Heap::collectAllGarbage): Use the shared reset function.
1756
1757         (JSC::Heap::reset):
1758         * runtime/Heap.h: Carved a new shared reset function out of the old
1759         collectAllGarbage.
1760
1761 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1762
1763         Unreviewed, rolling out r77025.
1764         http://trac.webkit.org/changeset/77025
1765         https://bugs.webkit.org/show_bug.cgi?id=53401
1766
1767         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
1768         (Requested by Ossy on #webkit).
1769
1770         * jit/ExecutableAllocatorFixedVMPool.cpp:
1771         (JSC::FreeListEntry::FreeListEntry):
1772         (JSC::AVLTreeAbstractorForFreeList::get_less):
1773         (JSC::AVLTreeAbstractorForFreeList::set_less):
1774         (JSC::AVLTreeAbstractorForFreeList::get_greater):
1775         (JSC::AVLTreeAbstractorForFreeList::set_greater):
1776         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
1777         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
1778         (JSC::AVLTreeAbstractorForFreeList::null):
1779         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
1780         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
1781         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
1782         (JSC::reverseSortFreeListEntriesByPointer):
1783         (JSC::reverseSortCommonSizedAllocations):
1784         (JSC::FixedVMPoolAllocator::release):
1785         (JSC::FixedVMPoolAllocator::reuse):
1786         (JSC::FixedVMPoolAllocator::addToFreeList):
1787         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
1788         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1789         (JSC::FixedVMPoolAllocator::alloc):
1790         (JSC::FixedVMPoolAllocator::free):
1791         (JSC::FixedVMPoolAllocator::isValid):
1792         (JSC::FixedVMPoolAllocator::allocInternal):
1793         (JSC::FixedVMPoolAllocator::isWithinVMPool):
1794         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
1795         (JSC::ExecutableAllocator::committedByteCount):
1796         (JSC::maybeModifyVMPoolSize):
1797         (JSC::ExecutableAllocator::isValid):
1798         (JSC::ExecutableAllocator::underMemoryPressure):
1799         (JSC::ExecutablePool::systemAlloc):
1800         (JSC::ExecutablePool::systemRelease):
1801         * wtf/PageReservation.h:
1802         (WTF::PageReservation::PageReservation):
1803         (WTF::PageReservation::commit):
1804         (WTF::PageReservation::decommit):
1805
1806 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
1807
1808         Reviewed by Daniel Bates.
1809
1810         Code style issue in JavaScriptCore/wtf/CurrentTime.h
1811         https://bugs.webkit.org/show_bug.cgi?id=53394
1812
1813         According to rule #3 at http://webkit.org/coding/coding-style.html,
1814         This patch fix style issue in CurrentTime.h.
1815
1816         No functionality change, no new tests.
1817
1818         * wtf/CurrentTime.h:
1819         (WTF::currentTimeMS):
1820         (WTF::getLocalTime):
1821
1822 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
1823
1824         Reviewed by Kenneth Rohde Christiansen.
1825
1826         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
1827         https://bugs.webkit.org/show_bug.cgi?id=53377
1828
1829         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
1830         instead, we can use "-all_load" on Mac.
1831
1832         * JavaScriptCore.pri:
1833
1834 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1835
1836         Sorry Leopard bot -- I committed a change by accident.
1837
1838         * JavaScriptCore.exp: You may have your symbols back now.
1839
1840 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1841
1842         Reviewed by Cameron Zwarich.
1843
1844         Simplified Heap iteration
1845         https://bugs.webkit.org/show_bug.cgi?id=53393
1846
1847         * runtime/CollectorHeapIterator.h:
1848         (JSC::CollectorHeapIterator::isValid):
1849         (JSC::CollectorHeapIterator::isLive):
1850         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
1851         advance because it's a constant.
1852         (JSC::LiveObjectIterator::LiveObjectIterator):
1853         (JSC::LiveObjectIterator::operator++):
1854         (JSC::DeadObjectIterator::DeadObjectIterator):
1855         (JSC::DeadObjectIterator::operator++):
1856         (JSC::ObjectIterator::ObjectIterator):
1857         (JSC::ObjectIterator::operator++): Factored out common checks into
1858         two helper functions -- isValid() for "Am I past the end?" and isLive()
1859         for "Is the cell I'm pointing to live?".
1860
1861         * runtime/MarkedSpace.cpp:
1862         (JSC::MarkedSpace::freeBlock):
1863         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
1864         to the end, to avoid making sweep subtly reliant on internal Heap state.
1865         (JSC::MarkedSpace::primaryHeapBegin):
1866         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
1867         iteration begins.
1868
1869 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1870
1871         Reviewed by Cameron Zwarich.
1872
1873         Simplified heap destruction
1874         https://bugs.webkit.org/show_bug.cgi?id=53392
1875
1876         * JavaScriptCore.exp:
1877         * runtime/Heap.cpp:
1878         (JSC::Heap::destroy):
1879         * runtime/Heap.h:
1880         * runtime/MarkedSpace.cpp:
1881         (JSC::MarkedSpace::destroy):
1882         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
1883         cells last -- the difficult contortions required to do so just don't seem
1884         justified. We make no guarantees about GC protection after the client
1885         throws away JSGlobalData, and it doesn't seem like any meaningful
1886         guarantee is even possible.
1887
1888 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1889
1890         Reviewed by Maciej Stachowiak.
1891
1892         Switched heap to use the Bitmap class and removed CollectorBitmap
1893         https://bugs.webkit.org/show_bug.cgi?id=53391
1894         
1895         SunSpider says 1.005x as fast. Seems like a fluke.
1896
1897         * runtime/MarkedSpace.cpp:
1898         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
1899         rather than taking a value by reference.
1900
1901         * runtime/MarkedSpace.h: Code reuse is good.
1902
1903         * wtf/Bitmap.h:
1904         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
1905         which CollectorBitmap had. (Renamed from the less conventional "getset".)
1906
1907         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
1908         clarity. It's all the same with inlining.
1909
1910 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
1911
1912         Reviewed by Maciej Stachowiak.
1913
1914         Some more Heap cleanup.
1915         https://bugs.webkit.org/show_bug.cgi?id=53357
1916         
1917         * JavaScriptCore.exp:
1918         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
1919
1920         * runtime/Heap.cpp:
1921         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
1922         reportExtraMemoryCostSlowCase to match our naming conventions.
1923
1924         (JSC::Heap::capacity): Renamed size to capacity because this function
1925         returns the capacity of the heap, including unused portions.
1926
1927         * runtime/Heap.h:
1928         (JSC::Heap::globalData):
1929         (JSC::Heap::markedSpace):
1930         (JSC::Heap::machineStackMarker):
1931         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
1932         Moved ctor and dtor to the beginning of the class definition. Grouped
1933         functions by purpose.
1934
1935         * runtime/MarkedSpace.cpp:
1936         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
1937         function returns the capacity of the heap, including unused portions.
1938
1939         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
1940         the same information can be gotten just by calling size() and capacity().
1941
1942         * runtime/MemoryStatistics.cpp:
1943         * runtime/MemoryStatistics.h: Ditto.
1944
1945 2011-01-29  Daniel Bates  <dbates@rim.com>
1946
1947         Reviewed by Eric Seidel.
1948
1949         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
1950         https://bugs.webkit.org/show_bug.cgi?id=53253
1951
1952         Make inclusion of MT19937 a policy decision.
1953
1954         Currently, we hardcoded to  use MT19937 when building for
1955         Windows CE. Instead, we should make this a policy decision
1956         with the Windows CE port using this by default.
1957
1958         * JavaScriptCore.pri: Append Source/ThirdParty to the end
1959         of the list include directories.
1960         * wtf/CMakeLists.txt: Ditto.
1961         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
1962         building for Windows CE.
1963         * wtf/RandomNumber.cpp:
1964         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
1965
1966 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1967
1968         Reviewed by David Kilzer.
1969
1970         Bug 53374 - Remove uses of unsafe string functions in debugging code
1971         https://bugs.webkit.org/show_bug.cgi?id=53374
1972
1973         * runtime/RegExp.cpp:
1974         (JSC::RegExp::printTraceData):
1975
1976 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1977
1978         Reviewed by Oliver Hunt.
1979
1980         JavaScriptCoreUseJIT environment variable broken
1981         https://bugs.webkit.org/show_bug.cgi?id=53372
1982
1983         * runtime/JSGlobalData.cpp:
1984         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
1985         by getenv() rather than just doing a NULL check on the return value.
1986
1987 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
1988
1989         Reviewed by David Kilzer.
1990
1991         Move CharacterNames.h into WTF directory
1992         https://bugs.webkit.org/show_bug.cgi?id=49618
1993
1994         * GNUmakefile.am:
1995         * JavaScriptCore.gypi:
1996         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1997         * JavaScriptCore.xcodeproj/project.pbxproj:
1998         * wtf/CMakeLists.txt:
1999         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
2000         * wtf/unicode/UTF8.cpp:
2001
2002 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
2003
2004         Reviewed by Gavin Barraclough.
2005
2006         Add various clampToInt() methods to MathExtras.h
2007         https://bugs.webkit.org/show_bug.cgi?id=52910
2008         
2009         Add functions for clamping doubles and floats to valid int
2010         ranges, for signed and positive integers.
2011
2012         * wtf/MathExtras.h:
2013         (clampToInteger):
2014         (clampToPositiveInteger):
2015
2016 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2017
2018         Unreviewed, rolling out r77006 and r77020.
2019         http://trac.webkit.org/changeset/77006
2020         http://trac.webkit.org/changeset/77020
2021         https://bugs.webkit.org/show_bug.cgi?id=53360
2022
2023         "Broke Windows tests" (Requested by rniwa on #webkit).
2024
2025         * API/JSCallbackObject.h:
2026         (JSC::JSCallbackObjectData::setPrivateProperty):
2027         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2028         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2029         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2030         (JSC::JSCallbackObject::setPrivateProperty):
2031         * API/JSCallbackObjectFunctions.h:
2032         (JSC::::put):
2033         (JSC::::staticFunctionGetter):
2034         * API/JSObjectRef.cpp:
2035         (JSObjectMakeConstructor):
2036         (JSObjectSetPrivateProperty):
2037         * API/JSWeakObjectMapRefInternal.h:
2038         * JavaScriptCore.exp:
2039         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2040         * JavaScriptCore.xcodeproj/project.pbxproj:
2041         * bytecode/CodeBlock.cpp:
2042         (JSC::CodeBlock::markAggregate):
2043         * bytecode/CodeBlock.h:
2044         (JSC::CodeBlock::globalObject):
2045         * bytecompiler/BytecodeGenerator.cpp:
2046         (JSC::BytecodeGenerator::BytecodeGenerator):
2047         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2048         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2049         (JSC::BytecodeGenerator::findScopedProperty):
2050         * debugger/Debugger.cpp:
2051         (JSC::evaluateInGlobalCallFrame):
2052         * debugger/DebuggerActivation.cpp:
2053         (JSC::DebuggerActivation::DebuggerActivation):
2054         (JSC::DebuggerActivation::markChildren):
2055         * debugger/DebuggerActivation.h:
2056         * debugger/DebuggerCallFrame.cpp:
2057         (JSC::DebuggerCallFrame::evaluate):
2058         * interpreter/CallFrame.h:
2059         (JSC::ExecState::exception):
2060         * interpreter/Interpreter.cpp:
2061         (JSC::Interpreter::resolve):
2062         (JSC::Interpreter::resolveSkip):
2063         (JSC::Interpreter::resolveGlobal):
2064         (JSC::Interpreter::resolveGlobalDynamic):
2065         (JSC::Interpreter::resolveBaseAndProperty):
2066         (JSC::Interpreter::unwindCallFrame):
2067         (JSC::appendSourceToError):
2068         (JSC::Interpreter::execute):
2069         (JSC::Interpreter::tryCacheGetByID):
2070         (JSC::Interpreter::privateExecute):
2071         * jit/JITStubs.cpp:
2072         (JSC::JITThunks::tryCacheGetByID):
2073         (JSC::DEFINE_STUB_FUNCTION):
2074         * jsc.cpp:
2075         (GlobalObject::GlobalObject):
2076         * runtime/ArgList.cpp:
2077         (JSC::MarkedArgumentBuffer::markLists):
2078         * runtime/Arguments.cpp:
2079         (JSC::Arguments::markChildren):
2080         (JSC::Arguments::getOwnPropertySlot):
2081         (JSC::Arguments::getOwnPropertyDescriptor):
2082         (JSC::Arguments::put):
2083         * runtime/Arguments.h:
2084         (JSC::Arguments::setActivation):
2085         (JSC::Arguments::Arguments):
2086         * runtime/ArrayConstructor.cpp:
2087         (JSC::ArrayConstructor::ArrayConstructor):
2088         (JSC::constructArrayWithSizeQuirk):
2089         * runtime/ArrayPrototype.cpp:
2090         (JSC::arrayProtoFuncSplice):
2091         * runtime/BatchedTransitionOptimizer.h:
2092         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2093         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2094         * runtime/BooleanConstructor.cpp:
2095         (JSC::BooleanConstructor::BooleanConstructor):
2096         (JSC::constructBoolean):
2097         (JSC::constructBooleanFromImmediateBoolean):
2098         * runtime/BooleanPrototype.cpp:
2099         (JSC::BooleanPrototype::BooleanPrototype):
2100         * runtime/ConservativeSet.cpp:
2101         (JSC::ConservativeSet::grow):
2102         * runtime/ConservativeSet.h:
2103         (JSC::ConservativeSet::~ConservativeSet):
2104         (JSC::ConservativeSet::mark):
2105         * runtime/DateConstructor.cpp:
2106         (JSC::DateConstructor::DateConstructor):
2107         * runtime/DateInstance.cpp:
2108         (JSC::DateInstance::DateInstance):
2109         * runtime/DatePrototype.cpp:
2110         (JSC::dateProtoFuncSetTime):
2111         (JSC::setNewValueFromTimeArgs):
2112         (JSC::setNewValueFromDateArgs):
2113         (JSC::dateProtoFuncSetYear):
2114         * runtime/ErrorConstructor.cpp:
2115         (JSC::ErrorConstructor::ErrorConstructor):
2116         * runtime/ErrorInstance.cpp:
2117         (JSC::ErrorInstance::ErrorInstance):
2118         * runtime/ErrorPrototype.cpp:
2119         (JSC::ErrorPrototype::ErrorPrototype):
2120         * runtime/FunctionConstructor.cpp:
2121         (JSC::FunctionConstructor::FunctionConstructor):
2122         * runtime/FunctionPrototype.cpp:
2123         (JSC::FunctionPrototype::FunctionPrototype):
2124         * runtime/GetterSetter.cpp:
2125         (JSC::GetterSetter::markChildren):
2126         * runtime/GetterSetter.h:
2127         (JSC::GetterSetter::GetterSetter):
2128         (JSC::GetterSetter::getter):
2129         (JSC::GetterSetter::setGetter):
2130         (JSC::GetterSetter::setter):
2131         (JSC::GetterSetter::setSetter):
2132         * runtime/GlobalEvalFunction.cpp:
2133         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2134         (JSC::GlobalEvalFunction::markChildren):
2135         * runtime/GlobalEvalFunction.h:
2136         (JSC::GlobalEvalFunction::cachedGlobalObject):
2137         * runtime/Heap.cpp:
2138         (JSC::Heap::markProtectedObjects):
2139         (JSC::Heap::markTempSortVectors):
2140         (JSC::Heap::markRoots):
2141         * runtime/InternalFunction.cpp:
2142         (JSC::InternalFunction::InternalFunction):
2143         * runtime/JSAPIValueWrapper.h:
2144         (JSC::JSAPIValueWrapper::value):
2145         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2146         * runtime/JSActivation.cpp:
2147         (JSC::JSActivation::markChildren):
2148         (JSC::JSActivation::put):
2149         * runtime/JSArray.cpp:
2150         (JSC::JSArray::JSArray):
2151         (JSC::JSArray::getOwnPropertySlot):
2152         (JSC::JSArray::getOwnPropertyDescriptor):
2153         (JSC::JSArray::put):
2154         (JSC::JSArray::putSlowCase):
2155         (JSC::JSArray::deleteProperty):
2156         (JSC::JSArray::increaseVectorLength):
2157         (JSC::JSArray::setLength):
2158         (JSC::JSArray::pop):
2159         (JSC::JSArray::push):
2160         (JSC::JSArray::unshiftCount):
2161         (JSC::JSArray::sort):
2162         (JSC::JSArray::fillArgList):
2163         (JSC::JSArray::copyToRegisters):
2164         (JSC::JSArray::compactForSorting):
2165         * runtime/JSArray.h:
2166         (JSC::JSArray::getIndex):
2167         (JSC::JSArray::setIndex):
2168         (JSC::JSArray::uncheckedSetIndex):
2169         (JSC::JSArray::markChildrenDirect):
2170         * runtime/JSByteArray.cpp:
2171         (JSC::JSByteArray::JSByteArray):
2172         * runtime/JSCell.h:
2173         (JSC::JSCell::JSValue::toThisObject):
2174         (JSC::JSCell::MarkStack::append):
2175         * runtime/JSFunction.cpp:
2176         (JSC::JSFunction::JSFunction):
2177         (JSC::JSFunction::getOwnPropertySlot):
2178         * runtime/JSGlobalData.h:
2179         * runtime/JSGlobalObject.cpp:
2180         (JSC::markIfNeeded):
2181         (JSC::JSGlobalObject::reset):
2182         (JSC::JSGlobalObject::resetPrototype):
2183         (JSC::JSGlobalObject::markChildren):
2184         * runtime/JSGlobalObject.h:
2185         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2186         (JSC::JSGlobalObject::regExpConstructor):
2187         (JSC::JSGlobalObject::errorConstructor):
2188         (JSC::JSGlobalObject::evalErrorConstructor):
2189         (JSC::JSGlobalObject::rangeErrorConstructor):
2190         (JSC::JSGlobalObject::referenceErrorConstructor):
2191         (JSC::JSGlobalObject::syntaxErrorConstructor):
2192         (JSC::JSGlobalObject::typeErrorConstructor):
2193         (JSC::JSGlobalObject::URIErrorConstructor):
2194         (JSC::JSGlobalObject::evalFunction):
2195         (JSC::JSGlobalObject::objectPrototype):
2196         (JSC::JSGlobalObject::functionPrototype):
2197         (JSC::JSGlobalObject::arrayPrototype):
2198         (JSC::JSGlobalObject::booleanPrototype):
2199         (JSC::JSGlobalObject::stringPrototype):
2200         (JSC::JSGlobalObject::numberPrototype):
2201         (JSC::JSGlobalObject::datePrototype):
2202         (JSC::JSGlobalObject::regExpPrototype):
2203         (JSC::JSGlobalObject::methodCallDummy):
2204         (JSC::Structure::prototypeForLookup):
2205         (JSC::constructArray):
2206         * runtime/JSONObject.cpp:
2207         (JSC::Stringifier::Holder::object):
2208         (JSC::Stringifier::markAggregate):
2209         (JSC::Stringifier::stringify):
2210         (JSC::Stringifier::Holder::appendNextProperty):
2211         (JSC::Walker::callReviver):
2212         (JSC::Walker::walk):
2213         * runtime/JSObject.cpp:
2214         (JSC::JSObject::defineGetter):
2215         (JSC::JSObject::defineSetter):
2216         (JSC::JSObject::removeDirect):
2217         (JSC::JSObject::putDirectFunction):
2218         (JSC::JSObject::putDirectFunctionWithoutTransition):
2219         (JSC::putDescriptor):
2220         (JSC::JSObject::defineOwnProperty):
2221         * runtime/JSObject.h:
2222         (JSC::JSObject::getDirectOffset):
2223         (JSC::JSObject::putDirectOffset):
2224         (JSC::JSObject::flattenDictionaryObject):
2225         (JSC::JSObject::putDirectInternal):
2226         (JSC::JSObject::putDirect):
2227         (JSC::JSObject::putDirectFunction):
2228         (JSC::JSObject::putDirectWithoutTransition):
2229         (JSC::JSObject::putDirectFunctionWithoutTransition):
2230         (JSC::JSValue::putDirect):
2231         (JSC::JSObject::allocatePropertyStorageInline):
2232         (JSC::JSObject::markChildrenDirect):
2233         * runtime/JSPropertyNameIterator.cpp:
2234         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2235         (JSC::JSPropertyNameIterator::get):
2236         * runtime/JSPropertyNameIterator.h:
2237         * runtime/JSStaticScopeObject.cpp:
2238         (JSC::JSStaticScopeObject::markChildren):
2239         * runtime/JSString.cpp:
2240         (JSC::StringObject::create):
2241         * runtime/JSValue.h:
2242         * runtime/JSWrapperObject.cpp:
2243         (JSC::JSWrapperObject::markChildren):
2244         * runtime/JSWrapperObject.h:
2245         (JSC::JSWrapperObject::internalValue):
2246         (JSC::JSWrapperObject::setInternalValue):
2247         * runtime/LiteralParser.cpp:
2248         (JSC::LiteralParser::parse):
2249         * runtime/Lookup.cpp:
2250         (JSC::setUpStaticFunctionSlot):
2251         * runtime/Lookup.h:
2252         (JSC::lookupPut):
2253         * runtime/MarkStack.h:
2254         (JSC::MarkStack::appendValues):
2255         * runtime/MathObject.cpp:
2256         (JSC::MathObject::MathObject):
2257         * runtime/NativeErrorConstructor.cpp:
2258         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2259         * runtime/NativeErrorPrototype.cpp:
2260         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2261         * runtime/NumberConstructor.cpp:
2262         (JSC::NumberConstructor::NumberConstructor):
2263         (JSC::constructWithNumberConstructor):
2264         * runtime/NumberObject.cpp:
2265         (JSC::constructNumber):
2266         * runtime/NumberPrototype.cpp:
2267         (JSC::NumberPrototype::NumberPrototype):
2268         * runtime/ObjectConstructor.cpp:
2269         (JSC::ObjectConstructor::ObjectConstructor):
2270         (JSC::objectConstructorGetOwnPropertyDescriptor):
2271         * runtime/Operations.h:
2272         (JSC::normalizePrototypeChain):
2273         (JSC::resolveBase):
2274         * runtime/PrototypeFunction.cpp:
2275         (JSC::PrototypeFunction::PrototypeFunction):
2276         * runtime/PutPropertySlot.h:
2277         (JSC::PutPropertySlot::setExistingProperty):
2278         (JSC::PutPropertySlot::setNewProperty):
2279         (JSC::PutPropertySlot::base):
2280         * runtime/RegExpConstructor.cpp:
2281         (JSC::RegExpConstructor::RegExpConstructor):
2282         * runtime/ScopeChain.cpp:
2283         (JSC::ScopeChainNode::print):
2284         * runtime/ScopeChain.h:
2285         (JSC::ScopeChainNode::~ScopeChainNode):
2286         (JSC::ScopeChainIterator::operator*):
2287         (JSC::ScopeChainIterator::operator->):
2288         (JSC::ScopeChain::top):
2289         * runtime/ScopeChainMark.h:
2290         (JSC::ScopeChain::markAggregate):
2291         * runtime/SmallStrings.cpp:
2292         (JSC::isMarked):
2293         (JSC::SmallStrings::markChildren):
2294         * runtime/SmallStrings.h:
2295         (JSC::SmallStrings::emptyString):
2296         (JSC::SmallStrings::singleCharacterString):
2297         (JSC::SmallStrings::singleCharacterStrings):
2298         * runtime/StringConstructor.cpp:
2299         (JSC::StringConstructor::StringConstructor):
2300         * runtime/StringObject.cpp:
2301         (JSC::StringObject::StringObject):
2302         * runtime/StringObject.h:
2303         * runtime/StringPrototype.cpp:
2304         (JSC::StringPrototype::StringPrototype):
2305         * runtime/Structure.cpp:
2306         (JSC::Structure::Structure):
2307         (JSC::Structure::addPropertyTransition):
2308         (JSC::Structure::toDictionaryTransition):
2309         (JSC::Structure::flattenDictionaryStructure):
2310         * runtime/Structure.h:
2311         (JSC::Structure::storedPrototype):
2312         * runtime/WeakGCMap.h:
2313         (JSC::WeakGCMap::uncheckedGet):
2314         (JSC::WeakGCMap::isValid):
2315         (JSC::::get):
2316         (JSC::::take):
2317         (JSC::::set):
2318         (JSC::::uncheckedRemove):
2319         * runtime/WriteBarrier.h: Removed.
2320
2321 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2322
2323         Reviewed by Geoff Garen.
2324
2325         https://bugs.webkit.org/show_bug.cgi?id=53352
2326         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2327
2328         The FixedVMPoolAllocator currently uses a best fix policy -
2329         switch to first fit, this is less prone to external fragmentation.
2330
2331         * jit/ExecutableAllocatorFixedVMPool.cpp:
2332         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2333         (JSC::AllocationTableSizeClass::blockSize):
2334         (JSC::AllocationTableSizeClass::blockCount):
2335         (JSC::AllocationTableSizeClass::blockAlignment):
2336         (JSC::AllocationTableSizeClass::size):
2337         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2338         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2339         (JSC::AllocationTableLeaf::allocate):
2340         (JSC::AllocationTableLeaf::free):
2341         (JSC::AllocationTableLeaf::isEmpty):
2342         (JSC::AllocationTableLeaf::isFull):
2343         (JSC::AllocationTableLeaf::size):
2344         (JSC::AllocationTableLeaf::classForSize):
2345         (JSC::AllocationTableLeaf::dump):
2346         (JSC::LazyAllocationTable::LazyAllocationTable):
2347         (JSC::LazyAllocationTable::~LazyAllocationTable):
2348         (JSC::LazyAllocationTable::allocate):
2349         (JSC::LazyAllocationTable::free):
2350         (JSC::LazyAllocationTable::isEmpty):
2351         (JSC::LazyAllocationTable::isFull):
2352         (JSC::LazyAllocationTable::size):
2353         (JSC::LazyAllocationTable::dump):
2354         (JSC::LazyAllocationTable::classForSize):
2355         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2356         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2357         (JSC::AllocationTableDirectory::allocate):
2358         (JSC::AllocationTableDirectory::free):
2359         (JSC::AllocationTableDirectory::isEmpty):
2360         (JSC::AllocationTableDirectory::isFull):
2361         (JSC::AllocationTableDirectory::size):
2362         (JSC::AllocationTableDirectory::classForSize):
2363         (JSC::AllocationTableDirectory::dump):
2364         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2365         (JSC::FixedVMPoolAllocator::alloc):
2366         (JSC::FixedVMPoolAllocator::free):
2367         (JSC::FixedVMPoolAllocator::allocated):
2368         (JSC::FixedVMPoolAllocator::isValid):
2369         (JSC::FixedVMPoolAllocator::classForSize):
2370         (JSC::FixedVMPoolAllocator::offsetToPointer):
2371         (JSC::FixedVMPoolAllocator::pointerToOffset):
2372         (JSC::ExecutableAllocator::committedByteCount):
2373         (JSC::ExecutableAllocator::isValid):
2374         (JSC::ExecutableAllocator::underMemoryPressure):
2375         (JSC::ExecutablePool::systemAlloc):
2376         (JSC::ExecutablePool::systemRelease):
2377         * wtf/PageReservation.h:
2378         (WTF::PageReservation::PageReservation):
2379         (WTF::PageReservation::commit):
2380         (WTF::PageReservation::decommit):
2381         (WTF::PageReservation::committed):
2382
2383 2011-01-27  Oliver Hunt  <oliver@apple.com>
2384
2385         Reviewed by Geoffrey Garen.
2386
2387         Convert markstack to a slot visitor API
2388         https://bugs.webkit.org/show_bug.cgi?id=53219
2389
2390         Move the MarkStack over to a slot based marking API.
2391
2392         In order to avoiding aliasing concerns there are two new types
2393         that need to be used when holding on to JSValues and JSCell that
2394         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2395         is expected to be used for any JSValue or Cell that's lifetime and
2396         marking is controlled by another GC object.  DeprecatedPtr is used
2397         for any value that we need to rework ownership for.
2398
2399         The change over to this model has produced a large amount of
2400         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2401         etc).
2402
2403         * API/JSCallbackObject.h:
2404         (JSC::JSCallbackObjectData::setPrivateProperty):
2405         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2406         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2407         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2408         (JSC::JSCallbackObject::setPrivateProperty):
2409         * API/JSCallbackObjectFunctions.h:
2410         (JSC::::put):
2411         (JSC::::staticFunctionGetter):
2412         * API/JSObjectRef.cpp:
2413         (JSObjectMakeConstructor):
2414         (JSObjectSetPrivateProperty):
2415         * API/JSWeakObjectMapRefInternal.h:
2416         * JavaScriptCore.exp:
2417         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2418         * JavaScriptCore.xcodeproj/project.pbxproj:
2419         * bytecode/CodeBlock.cpp:
2420         (JSC::CodeBlock::markAggregate):
2421         * bytecode/CodeBlock.h:
2422         (JSC::CodeBlock::globalObject):
2423         * bytecompiler/BytecodeGenerator.cpp:
2424         (JSC::BytecodeGenerator::BytecodeGenerator):
2425         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2426         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2427         (JSC::BytecodeGenerator::findScopedProperty):
2428         * debugger/DebuggerActivation.cpp:
2429         (JSC::DebuggerActivation::DebuggerActivation):
2430         (JSC::DebuggerActivation::markChildren):
2431         * debugger/DebuggerActivation.h:
2432         * interpreter/Interpreter.cpp:
2433         (JSC::Interpreter::resolve):
2434         (JSC::Interpreter::resolveSkip):
2435         (JSC::Interpreter::resolveGlobalDynamic):
2436         (JSC::Interpreter::resolveBaseAndProperty):
2437         (JSC::Interpreter::unwindCallFrame):
2438         (JSC::appendSourceToError):
2439         (JSC::Interpreter::execute):
2440         (JSC::Interpreter::privateExecute):
2441         * interpreter/Register.h:
2442         (JSC::Register::jsValueSlot):
2443         * jit/JITStubs.cpp:
2444         (JSC::JITThunks::tryCacheGetByID):
2445         (JSC::DEFINE_STUB_FUNCTION):
2446         * jsc.cpp:
2447         (GlobalObject::GlobalObject):
2448         * runtime/Arguments.cpp:
2449         (JSC::Arguments::markChildren):
2450         (JSC::Arguments::getOwnPropertySlot):
2451         (JSC::Arguments::getOwnPropertyDescriptor):
2452         (JSC::Arguments::put):
2453         * runtime/Arguments.h:
2454         (JSC::Arguments::setActivation):
2455         (JSC::Arguments::Arguments):
2456         * runtime/ArrayConstructor.cpp:
2457         (JSC::ArrayConstructor::ArrayConstructor):
2458         (JSC::constructArrayWithSizeQuirk):
2459         * runtime/ArrayPrototype.cpp:
2460         (JSC::arrayProtoFuncSplice):
2461         * runtime/BatchedTransitionOptimizer.h:
2462         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2463         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2464         * runtime/BooleanConstructor.cpp:
2465         (JSC::BooleanConstructor::BooleanConstructor):
2466         (JSC::constructBoolean):
2467         (JSC::constructBooleanFromImmediateBoolean):
2468         * runtime/BooleanPrototype.cpp:
2469         (JSC::BooleanPrototype::BooleanPrototype):
2470         * runtime/ConservativeSet.h:
2471         (JSC::ConservativeSet::mark):
2472         * runtime/DateConstructor.cpp:
2473         (JSC::DateConstructor::DateConstructor):
2474         * runtime/DateInstance.cpp:
2475         (JSC::DateInstance::DateInstance):
2476         * runtime/DatePrototype.cpp:
2477         (JSC::dateProtoFuncSetTime):
2478         (JSC::setNewValueFromTimeArgs):
2479         (JSC::setNewValueFromDateArgs):
2480         (JSC::dateProtoFuncSetYear):
2481         * runtime/ErrorConstructor.cpp:
2482         (JSC::ErrorConstructor::ErrorConstructor):
2483         * runtime/ErrorInstance.cpp:
2484         (JSC::ErrorInstance::ErrorInstance):
2485         * runtime/ErrorPrototype.cpp:
2486         (JSC::ErrorPrototype::ErrorPrototype):
2487         * runtime/FunctionConstructor.cpp:
2488         (JSC::FunctionConstructor::FunctionConstructor):
2489         * runtime/FunctionPrototype.cpp:
2490         (JSC::FunctionPrototype::FunctionPrototype):
2491         * runtime/GetterSetter.cpp:
2492         (JSC::GetterSetter::markChildren):
2493         * runtime/GetterSetter.h:
2494         (JSC::GetterSetter::GetterSetter):
2495         (JSC::GetterSetter::getter):
2496         (JSC::GetterSetter::setGetter):
2497         (JSC::GetterSetter::setter):
2498         (JSC::GetterSetter::setSetter):
2499         * runtime/GlobalEvalFunction.cpp:
2500         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2501         (JSC::GlobalEvalFunction::markChildren):
2502         * runtime/GlobalEvalFunction.h:
2503         (JSC::GlobalEvalFunction::cachedGlobalObject):
2504         * runtime/Heap.cpp:
2505         (JSC::Heap::markProtectedObjects):
2506         (JSC::Heap::markTempSortVectors):
2507         (JSC::Heap::markRoots):
2508         * runtime/InternalFunction.cpp:
2509         (JSC::InternalFunction::InternalFunction):
2510         * runtime/JSAPIValueWrapper.h:
2511         (JSC::JSAPIValueWrapper::value):
2512         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2513         * runtime/JSActivation.cpp:
2514         (JSC::JSActivation::put):
2515         * runtime/JSArray.cpp:
2516         (JSC::JSArray::JSArray):
2517         (JSC::JSArray::getOwnPropertySlot):
2518         (JSC::JSArray::getOwnPropertyDescriptor):
2519         (JSC::JSArray::put):
2520         (JSC::JSArray::putSlowCase):
2521         (JSC::JSArray::deleteProperty):
2522         (JSC::JSArray::increaseVectorLength):
2523         (JSC::JSArray::setLength):
2524         (JSC::JSArray::pop):
2525         (JSC::JSArray::push):
2526         (JSC::JSArray::unshiftCount):
2527         (JSC::JSArray::sort):
2528         (JSC::JSArray::fillArgList):
2529         (JSC::JSArray::copyToRegisters):
2530         (JSC::JSArray::compactForSorting):
2531         * runtime/JSArray.h:
2532         (JSC::JSArray::getIndex):
2533         (JSC::JSArray::setIndex):
2534         (JSC::JSArray::uncheckedSetIndex):
2535         (JSC::JSArray::markChildrenDirect):
2536         * runtime/JSByteArray.cpp:
2537         (JSC::JSByteArray::JSByteArray):
2538         * runtime/JSCell.h:
2539         (JSC::JSCell::MarkStack::append):
2540         (JSC::JSCell::MarkStack::appendCell):
2541         * runtime/JSFunction.cpp:
2542         (JSC::JSFunction::JSFunction):
2543         (JSC::JSFunction::getOwnPropertySlot):
2544         * runtime/JSGlobalObject.cpp:
2545         (JSC::markIfNeeded):
2546         (JSC::JSGlobalObject::reset):
2547         (JSC::JSGlobalObject::resetPrototype):
2548         (JSC::JSGlobalObject::markChildren):
2549         * runtime/JSGlobalObject.h:
2550         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2551         (JSC::JSGlobalObject::regExpConstructor):
2552         (JSC::JSGlobalObject::errorConstructor):
2553         (JSC::JSGlobalObject::evalErrorConstructor):
2554         (JSC::JSGlobalObject::rangeErrorConstructor):
2555         (JSC::JSGlobalObject::referenceErrorConstructor):
2556         (JSC::JSGlobalObject::syntaxErrorConstructor):
2557         (JSC::JSGlobalObject::typeErrorConstructor):
2558         (JSC::JSGlobalObject::URIErrorConstructor):
2559         (JSC::JSGlobalObject::evalFunction):
2560         (JSC::JSGlobalObject::objectPrototype):
2561         (JSC::JSGlobalObject::functionPrototype):
2562         (JSC::JSGlobalObject::arrayPrototype):
2563         (JSC::JSGlobalObject::booleanPrototype):
2564         (JSC::JSGlobalObject::stringPrototype):
2565         (JSC::JSGlobalObject::numberPrototype):
2566         (JSC::JSGlobalObject::datePrototype):
2567         (JSC::JSGlobalObject::regExpPrototype):
2568         (JSC::JSGlobalObject::methodCallDummy):
2569         (JSC::constructArray):
2570         * runtime/JSONObject.cpp:
2571         (JSC::Stringifier::Holder::object):
2572         (JSC::Stringifier::Holder::objectSlot):
2573         (JSC::Stringifier::markAggregate):
2574         (JSC::Stringifier::stringify):
2575         (JSC::Stringifier::Holder::appendNextProperty):
2576         (JSC::Walker::callReviver):
2577         (JSC::Walker::walk):
2578         * runtime/JSObject.cpp:
2579         (JSC::JSObject::defineGetter):
2580         (JSC::JSObject::defineSetter):
2581         (JSC::JSObject::removeDirect):
2582         (JSC::JSObject::putDirectFunction):
2583         (JSC::JSObject::putDirectFunctionWithoutTransition):
2584         (JSC::putDescriptor):
2585         (JSC::JSObject::defineOwnProperty):
2586         * runtime/JSObject.h:
2587         (JSC::JSObject::putDirectOffset):
2588         (JSC::JSObject::putUndefinedAtDirectOffset):
2589         (JSC::JSObject::flattenDictionaryObject):
2590         (JSC::JSObject::putDirectInternal):
2591         (JSC::JSObject::putDirect):
2592         (JSC::JSObject::putDirectFunction):
2593         (JSC::JSObject::putDirectWithoutTransition):
2594         (JSC::JSObject::putDirectFunctionWithoutTransition):
2595         (JSC::JSValue::putDirect):
2596         (JSC::JSObject::allocatePropertyStorageInline):
2597         (JSC::JSObject::markChildrenDirect):
2598         * runtime/JSStaticScopeObject.cpp:
2599         (JSC::JSStaticScopeObject::markChildren):
2600         * runtime/JSString.cpp:
2601         (JSC::StringObject::create):
2602         * runtime/JSValue.h:
2603         * runtime/JSWrapperObject.cpp:
2604         (JSC::JSWrapperObject::markChildren):
2605         * runtime/JSWrapperObject.h:
2606         (JSC::JSWrapperObject::internalValue):
2607         (JSC::JSWrapperObject::setInternalValue):
2608         * runtime/LiteralParser.cpp:
2609         (JSC::LiteralParser::parse):
2610         * runtime/Lookup.cpp:
2611         (JSC::setUpStaticFunctionSlot):
2612         * runtime/Lookup.h:
2613         (JSC::lookupPut):
2614         * runtime/MarkStack.h:
2615         * runtime/MathObject.cpp:
2616         (JSC::MathObject::MathObject):
2617         * runtime/NativeErrorConstructor.cpp:
2618         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2619         * runtime/NativeErrorPrototype.cpp:
2620         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2621         * runtime/NumberConstructor.cpp:
2622         (JSC::NumberConstructor::NumberConstructor):
2623         (JSC::constructWithNumberConstructor):
2624         * runtime/NumberObject.cpp:
2625         (JSC::constructNumber):
2626         * runtime/NumberPrototype.cpp:
2627         (JSC::NumberPrototype::NumberPrototype):
2628         * runtime/ObjectConstructor.cpp:
2629         (JSC::ObjectConstructor::ObjectConstructor):
2630         (JSC::objectConstructorGetOwnPropertyDescriptor):
2631         * runtime/Operations.h:
2632         (JSC::normalizePrototypeChain):
2633         (JSC::resolveBase):
2634         * runtime/PrototypeFunction.cpp:
2635         (JSC::PrototypeFunction::PrototypeFunction):
2636         * runtime/PutPropertySlot.h:
2637         (JSC::PutPropertySlot::setExistingProperty):
2638         (JSC::PutPropertySlot::setNewProperty):
2639         (JSC::PutPropertySlot::base):
2640         * runtime/RegExpConstructor.cpp:
2641         (JSC::RegExpConstructor::RegExpConstructor):
2642         * runtime/ScopeChain.cpp:
2643         (JSC::ScopeChainNode::print):
2644         * runtime/ScopeChain.h:
2645         (JSC::ScopeChainNode::~ScopeChainNode):
2646         (JSC::ScopeChainIterator::operator*):
2647         (JSC::ScopeChainIterator::operator->):
2648         (JSC::ScopeChain::top):
2649         * runtime/ScopeChainMark.h:
2650         (JSC::ScopeChain::markAggregate):
2651         * runtime/SmallStrings.cpp:
2652         (JSC::isMarked):
2653         (JSC::SmallStrings::markChildren):
2654         * runtime/SmallStrings.h:
2655         (JSC::SmallStrings::emptyString):
2656         (JSC::SmallStrings::singleCharacterString):
2657         (JSC::SmallStrings::singleCharacterStrings):
2658         * runtime/StringConstructor.cpp:
2659         (JSC::StringConstructor::StringConstructor):
2660         * runtime/StringObject.cpp:
2661         (JSC::StringObject::StringObject):
2662         * runtime/StringObject.h:
2663         * runtime/StringPrototype.cpp:
2664         (JSC::StringPrototype::StringPrototype):
2665         * runtime/Structure.cpp:
2666         (JSC::Structure::flattenDictionaryStructure):
2667         * runtime/Structure.h:
2668         (JSC::Structure::storedPrototypeSlot):
2669         * runtime/WeakGCMap.h:
2670         (JSC::WeakGCMap::uncheckedGet):
2671         (JSC::WeakGCMap::uncheckedGetSlot):
2672         (JSC::::get):
2673         (JSC::::take):
2674         (JSC::::set):
2675         (JSC::::uncheckedRemove):
2676         * runtime/WriteBarrier.h: Added.
2677         (JSC::DeprecatedPtr::DeprecatedPtr):
2678         (JSC::DeprecatedPtr::get):
2679         (JSC::DeprecatedPtr::operator*):
2680         (JSC::DeprecatedPtr::operator->):
2681         (JSC::DeprecatedPtr::slot):
2682         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2683         (JSC::DeprecatedPtr::operator!):
2684         (JSC::WriteBarrierBase::set):
2685         (JSC::WriteBarrierBase::get):
2686         (JSC::WriteBarrierBase::operator*):
2687         (JSC::WriteBarrierBase::operator->):
2688         (JSC::WriteBarrierBase::slot):
2689         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2690         (JSC::WriteBarrierBase::operator!):
2691         (JSC::WriteBarrier::WriteBarrier):
2692         (JSC::operator==):
2693
2694 2011-01-28  Adam Roben  <aroben@apple.com>
2695
2696         Chromium build fix after r76967
2697
2698         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
2699         similar macros in this file.
2700
2701 2011-01-28  Michael Saboff  <msaboff@apple.com>
2702
2703         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2704         https://bugs.webkit.org/show_bug.cgi?id=53271
2705
2706         Reapplying this this change.  No change from prior patch in
2707         JavaScriptCore.
2708
2709         Added new isValid() methods to check if a contained object in
2710         a WeakGCMap is valid when using an unchecked iterator.
2711
2712         * runtime/WeakGCMap.h:
2713         (JSC::WeakGCMap::isValid):
2714
2715 2011-01-27  Adam Roben  <aroben@apple.com>
2716
2717         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
2718         function
2719
2720         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
2721         Win32 event
2722
2723         Reviewed by Dave Hyatt.
2724
2725         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
2726
2727         * wtf/ThreadingPrimitives.h: Declare the new function.
2728
2729         * wtf/ThreadingWin.cpp:
2730         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
2731         interval from here...
2732         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
2733
2734 2011-01-28  Sam Weinig  <sam@webkit.org>
2735
2736         Reviewed by Maciej Stachowiak.
2737
2738         Add basic rubber banding support
2739         <rdar://problem/8219429>
2740         https://bugs.webkit.org/show_bug.cgi?id=53277
2741
2742         * wtf/Platform.h: Add ENABLE for rubber banding.
2743
2744 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2745
2746         Unreviewed, rolling out r76893.
2747         http://trac.webkit.org/changeset/76893
2748         https://bugs.webkit.org/show_bug.cgi?id=53287
2749
2750         It made some tests crash on GTK and Qt debug bots (Requested
2751         by Ossy on #webkit).
2752
2753         * runtime/WeakGCMap.h:
2754
2755 2011-01-27  Adam Barth  <abarth@webkit.org>
2756
2757         Reviewed by Eric Seidel.
2758
2759         Add WTFString method to compare equality with Vector<UChar>
2760         https://bugs.webkit.org/show_bug.cgi?id=53266
2761
2762         I'm planning to use this method in the new XSS filter implementation,
2763         but it seems generally useful.
2764
2765         * wtf/text/StringImpl.h:
2766         (WTF::equalIgnoringNullity):
2767         * wtf/text/WTFString.h:
2768         (WTF::equalIgnoringNullity):
2769
2770 2011-01-27  Michael Saboff  <msaboff@apple.com>
2771
2772         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2773         https://bugs.webkit.org/show_bug.cgi?id=53271
2774
2775         Added new isValid() methods to check if a contained object in
2776         a WeakGCMap is valid when using an unchecked iterator.
2777
2778         * runtime/WeakGCMap.h:
2779         (JSC::WeakGCMap::isValid):
2780
2781 2011-01-26  Sam Weinig  <sam@webkit.org>
2782
2783         Reviewed by Maciej Stachowiak.
2784
2785         Add events to represent the start/end of a gesture scroll
2786         https://bugs.webkit.org/show_bug.cgi?id=53215
2787
2788         * wtf/Platform.h: Add ENABLE for gesture events. 
2789
2790 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
2791
2792         Reviewed by Laszlo Gombos.
2793
2794         [Qt][Symbian] Fix --minimal build
2795         https://bugs.webkit.org/show_bug.cgi?id=52839
2796
2797         Move definition of USE_SYSTEM_MALLOC out of pri file.
2798         Put it in platform.h instead.
2799
2800         * wtf/Platform.h:
2801         * wtf/TCSystemAlloc.cpp:
2802         * wtf/wtf.pri:
2803
2804 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
2805
2806         Reviewed by Andreas Kling.
2807
2808         [WINCE] Add JIT support to build system
2809         https://bugs.webkit.org/show_bug.cgi?id=53079
2810
2811         * CMakeListsWinCE.txt:
2812
2813 2011-01-25  Adam Roben  <aroben@apple.com>
2814
2815         Windows Production build fix
2816
2817         Reviewed by Steve Falkenburg.
2818
2819         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
2820         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
2821         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
2822
2823 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
2824
2825         Rubber-stamped by Adam Roben.
2826
2827         Windows production build fix.
2828         Use correct environment variable escaping
2829
2830         * JavaScriptCore.vcproj/JavaScriptCore.make:
2831         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2832
2833 2011-01-25  Oliver Hunt  <oliver@apple.com>
2834
2835         Reviewed by Gavin Barraclough.
2836
2837         JSON.stringify processing time exponentially grows with size of object
2838         https://bugs.webkit.org/show_bug.cgi?id=51922
2839
2840         Remove last use of reserveCapacity from JSON stringification, as it results
2841         in appalling append behaviour when there are a large number of property names
2842         and nothing else.
2843
2844         * runtime/JSONObject.cpp:
2845         (JSC::Stringifier::appendQuotedString):
2846
2847 2011-01-25  Antti Koivisto  <antti@apple.com>
2848
2849         Not reviewed.
2850         
2851         Try to fix windows build.
2852
2853         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2854
2855 2011-01-25  Antti Koivisto  <antti@apple.com>
2856
2857         Reviewed by Oliver Hunt.
2858
2859         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
2860         https://bugs.webkit.org/show_bug.cgi?id=53061
2861          
2862         Cache did not know about the subclass so failed to fully delete the items. 
2863         Got rid of the subclass and moved the classes to separate files.
2864
2865         * CMakeLists.txt:
2866         * GNUmakefile.am:
2867         * JavaScriptCore.exp:
2868         * JavaScriptCore.gypi:
2869         * JavaScriptCore.pro:
2870         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2871         * JavaScriptCore.xcodeproj/project.pbxproj:
2872         * parser/JSParser.cpp:
2873         (JSC::JSParser::Scope::saveFunctionInfo):
2874         (JSC::JSParser::Scope::restoreFunctionInfo):
2875         (JSC::JSParser::findCachedFunctionInfo):
2876         (JSC::JSParser::parseFunctionInfo):
2877         * parser/SourceProvider.h:
2878         * parser/SourceProviderCache.cpp: Added.
2879         (JSC::SourceProviderCache::~SourceProviderCache):
2880         (JSC::SourceProviderCache::byteSize):
2881         * parser/SourceProviderCache.h: Added.
2882         (JSC::SourceProviderCache::SourceProviderCache):
2883         (JSC::SourceProviderCache::add):
2884         (JSC::SourceProviderCache::get):
2885         * parser/SourceProviderCacheItem.h: Added.
2886         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
2887         (JSC::SourceProviderCacheItem::approximateByteSize):
2888         (JSC::SourceProviderCacheItem::closeBraceToken):
2889
2890 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
2891
2892         Reviewed by Darin Adler.
2893
2894         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
2895         statement
2896         https://bugs.webkit.org/show_bug.cgi?id=53087.
2897
2898         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
2899         with a "return" so that the code is more readable and less error pro
2900         (e.g., "else" doesn't use braces so adding extra lines to the else
2901         block won't have any effect; even worse, code still compiles
2902         successfully.
2903
2904         * wtf/Assertions.cpp:
2905
2906 2011-01-24  Chris Marrin  <cmarrin@apple.com>
2907
2908         Reviewed by Eric Seidel.
2909
2910         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
2911         https://bugs.webkit.org/show_bug.cgi?id=53041
2912
2913         * Configurations/FeatureDefines.xcconfig:
2914
2915 2011-01-25  Adam Roben  <aroben@apple.com>
2916
2917         Windows Production build fix
2918
2919         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
2920
2921 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
2922
2923         Reviewed by Eric Seidel.
2924
2925         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
2926         https://bugs.webkit.org/show_bug.cgi?id=52949
2927
2928         * jit/JITStubs.cpp:
2929
2930 2011-01-24  Adam Roben  <aroben@apple.com>
2931
2932         Windows Production build fix
2933
2934         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
2935
2936 2011-01-24  Peter Varga  <pvarga@webkit.org>
2937
2938         Reviewed by Oliver Hunt.
2939
2940         Optimize regex patterns which contain empty alternatives
2941         https://bugs.webkit.org/show_bug.cgi?id=51395
2942
2943         Eliminate the empty alternatives from the regex pattern and convert it to do
2944         the matching in an easier way.
2945
2946         * yarr/YarrPattern.cpp:
2947         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2948
2949 2011-01-24  Andras Becsi  <abecsi@webkit.org>
2950
2951         Reviewed by Csaba Osztrogonác.
2952
2953         [Qt] Move project files into Source
2954         https://bugs.webkit.org/show_bug.cgi?id=52891
2955
2956         * JavaScriptCore.pri:
2957         * JavaScriptCore.pro:
2958         * jsc.pro:
2959
2960 2011-01-23  Mark Rowe  <mrowe@apple.com>
2961
2962         Follow-up to r76477.
2963
2964         Fix the scripts that detect problematic code such as static initializers
2965         and destructors, weak vtables, inappropriate files in the framework wrappers,
2966         and public headers including private headers. These had all been broken
2967         since the projects were moved in to the Source directory as the paths to the
2968         scripts were not updated at that time.
2969
2970         * JavaScriptCore.xcodeproj/project.pbxproj:
2971
2972 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2973
2974         Reviewed by Darin Adler.
2975
2976         Use WTF::StringHasher in WebCore
2977         https://bugs.webkit.org/show_bug.cgi?id=52934
2978
2979         Add an additional function to calculate the hash
2980         of data with a runtimedependent size.
2981
2982         * wtf/StringHasher.h:
2983         (WTF::StringHasher::createBlobHash):
2984
2985 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2986
2987         Reviewed by David Kilzer.
2988
2989         Fix comment in String::ascii()
2990         https://bugs.webkit.org/show_bug.cgi?id=52980
2991
2992         * wtf/text/WTFString.cpp:
2993         (WTF::String::ascii):
2994
2995 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2996
2997         Reviewed by David Kilzer.
2998
2999         Add String::containsOnlyLatin1()
3000         https://bugs.webkit.org/show_bug.cgi?id=52979
3001
3002         * wtf/text/WTFString.h:
3003         (WTF::String::containsOnlyLatin1):
3004         (WTF::charactersAreAllLatin1):
3005
3006 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
3007
3008         Reviewed by Oliver Hunt.
3009
3010         Remove obsolete JSVALUE32 code
3011         https://bugs.webkit.org/show_bug.cgi?id=52948
3012
3013         r70111 removed support for JSVALUE32.
3014         ARM, MIPS and X86 support JSVALUE32_64 only.
3015
3016         * jit/JITStubs.cpp:
3017
3018 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3019
3020         Reviewed by Dan Bernstein.
3021
3022         ASSERT running run-webkit-tests --threaded.
3023         https://bugs.webkit.org/show_bug.cgi?id=52971
3024         
3025         SunSpider and v8 report no change.
3026
3027         * runtime/ConservativeSet.cpp:
3028         (JSC::ConservativeSet::grow):
3029         (JSC::ConservativeSet::add):
3030         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
3031         the growth policy to 2X, to make SunSpider and v8 happy.
3032         (JSC::ConservativeSet::ConservativeSet):
3033         (JSC::ConservativeSet::~ConservativeSet):
3034         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
3035         Malloc is forbidden during a multi-threaded mark phase because it can
3036         cause deadlock.
3037
3038 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
3039
3040         Reviewed by Geoffrey Garen.
3041
3042         Rubber-stamped by Maciej Stachowiak.
3043
3044         A few of Maciej's review suggestions for my last patch.
3045         https://bugs.webkit.org/show_bug.cgi?id=52946        
3046
3047         SunSpider reports no change.
3048
3049         * Android.mk:
3050         * CMakeLists.txt:
3051         * GNUmakefile.am:
3052         * JavaScriptCore.gypi:
3053         * JavaScriptCore.pro:
3054         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3055         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
3056
3057         * runtime/ConservativeSet.cpp: Added.
3058         (JSC::isPointerAligned):
3059         (JSC::ConservativeSet::add):
3060         * runtime/ConservativeSet.h: Added.
3061         (JSC::ConservativeSet::ConservativeSet):
3062         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
3063         file, and moved the conservative check into ConservativeSet::add, making
3064         ConservativeSet's responsibility clearer.
3065
3066         * runtime/Heap.cpp:
3067         (JSC::Heap::markRoots):
3068         * runtime/MachineStackMarker.cpp:
3069         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3070         (JSC::MachineStackMarker::markOtherThreadConservatively):
3071         * runtime/MachineStackMarker.h:
3072         * runtime/MarkStack.h: Updated for changes above.
3073
3074 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
3075
3076         Unreviewed WinCE build fix for r76430.
3077
3078         * runtime/MachineStackMarker.cpp:
3079         (JSC::swapIfBackwards):
3080
3081 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3082
3083         Reviewed by Beth Dakin.
3084
3085         Reorganized MarkedSpace, making many of its functions private.
3086
3087         * runtime/JSCell.h:
3088         (JSC::JSCell::Heap::heap):
3089         * runtime/MarkedSpace.h:
3090         (JSC::MarkedSpace::globalData):
3091         (JSC::MarkedSpace::heap):
3092
3093 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3094
3095         Try to fix build: moved helper function out of #ifdef.
3096
3097         * runtime/MachineStackMarker.cpp:
3098         (JSC::swapIfBackwards):
3099
3100 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3101
3102         Rubber-stamped by Maciej Stachowiak.
3103
3104         A few of Maciej's review suggestions for my last patch.
3105         https://bugs.webkit.org/show_bug.cgi?id=52946        
3106
3107         SunSpider reports no change.
3108
3109         * runtime/MachineStackMarker.cpp:
3110         (JSC::swapIfBackwards): Added a helper function for handling platforms
3111         where the stack can grow in any direction.
3112
3113         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3114         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
3115         function.
3116
3117         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
3118
3119         (JSC::MachineStackMarker::markConservatively): Changed to use a more
3120         standard looping idiom, and to use the helper function above.
3121
3122         * runtime/MarkedSpace.h:
3123         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
3124
3125 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3126
3127         Reviewed by Maciej Stachowiak.
3128
3129         Cleaned up some conservative marking code.
3130         https://bugs.webkit.org/show_bug.cgi?id=52946
3131         
3132         SunSpider reports no change.
3133
3134         * interpreter/RegisterFile.h: No need for a special marking function,
3135         since we already expose a start() and end().
3136
3137         * runtime/Heap.cpp:
3138         (JSC::Heap::registerFile):
3139         (JSC::Heap::markRoots):
3140         * runtime/Heap.h:
3141         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3142         marker class. Now, Heap just provides a contains() function, which the
3143         machine stack marker uses for checking whether a pointer points into the heap.
3144
3145         * runtime/MachineStackMarker.cpp:
3146         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3147         (JSC::MachineStackMarker::markOtherThreadConservatively):
3148         (JSC::isPointerAligned):
3149         (JSC::MachineStackMarker::markConservatively):
3150         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3151
3152         * runtime/MarkStack.h:
3153         (JSC::ConservativeSet::add):
3154         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3155         set. Vector seems to be a bit faster, and it generates smaller code.
3156
3157         * runtime/MarkedSpace.cpp:
3158         (JSC::MarkedSpace::containsSlowCase):
3159         * runtime/MarkedSpace.h:
3160         (JSC::MarkedSpace::isCellAligned):
3161         (JSC::MarkedSpace::isPossibleCell):
3162         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3163         pointer pointed into marked space, and moved the code for marking
3164         a set of conservative pointers into the machine stack marker.
3165
3166         * wtf/HashSet.h:
3167         (WTF::::add): Added two missing inlines that I noticed while testing
3168         vector vs hash set.
3169
3170 2011-01-21  Mark Rowe  <mrowe@apple.com>
3171
3172         Reviewed by Sam Weinig.
3173
3174         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3175         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3176
3177         * wtf/PageAllocation.h:
3178         (WTF::PageAllocation::operator bool):
3179         * wtf/PageReservation.h:
3180         (WTF::PageReservation::operator bool):
3181
3182 2011-01-21  Michael Saboff  <msaboff@apple.com>
3183
3184         Reviewed by Oliver Hunt.
3185
3186         [RegexFuzz] Hang with forward assertion
3187         https://bugs.webkit.org/show_bug.cgi?id=52825
3188         <rdar://problem/8894332>
3189
3190         The backtrackTo label from the first term in a list of terms is
3191         being overwritten by processing of subsequent terms.  Changed
3192         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3193         before copying and renamed it to propagateBacktrackToLabel() since
3194         it no longer copies.
3195
3196         * yarr/YarrJIT.cpp:
3197         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3198         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3199
3200 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3201
3202         Reviewed by Sam Weinig.
3203
3204         Moved the mark stack from global data to the heap, since it pertains
3205         to the heap, and not the virtual machine as a whole.
3206         https://bugs.webkit.org/show_bug.cgi?id=52930
3207         
3208         SunSpider reports no change.
3209
3210         * runtime/Heap.cpp:
3211         (JSC::Heap::Heap):
3212         (JSC::Heap::markRoots):
3213         * runtime/Heap.h:
3214         * runtime/JSGlobalData.cpp:
3215         (JSC::JSGlobalData::JSGlobalData):
3216         * runtime/JSGlobalData.h:
3217
3218 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3219
3220         Reviewed by Darin Adler.
3221
3222         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3223         https://bugs.webkit.org/show_bug.cgi?id=52814
3224
3225         Get the approximateByteSize value before releasing the OwnPtr.
3226
3227         * parser/JSParser.cpp:
3228         (JSC::JSParser::parseFunctionInfo):
3229
3230 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3231
3232         Reviewed by Martin Robinson.
3233
3234         Remove unnecessary <stdio.h> include
3235         https://bugs.webkit.org/show_bug.cgi?id=52884
3236
3237         * jit/JIT.cpp: remove unnecessary include.
3238
3239 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3240
3241         Reviewed by Maciej Stachowiak.
3242
3243         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3244
3245         * wtf/OwnArrayPtr.h:
3246
3247 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3248
3249         Reviewed by Oliver Hunt.
3250
3251         [WINCE] Remove obsolete JSVALUE32 code
3252         https://bugs.webkit.org/show_bug.cgi?id=52450
3253
3254         Remove the "offset hack" in create_jit_stubs, since we
3255         only support JSVALUE32_64 in the meantime.
3256
3257         * create_jit_stubs: Removed offset argument
3258         * jit/JITStubs.cpp:
3259
3260 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3261
3262         Reviewed by Oliver Hunt.
3263
3264         When marking conservatively, guard against reviving dead objects.
3265         https://bugs.webkit.org/show_bug.cgi?id=52840
3266         
3267         SunSpider and v8 say no change.
3268
3269         * interpreter/RegisterFile.h:
3270         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3271
3272         * runtime/Heap.cpp:
3273         (JSC::Heap::recordExtraCost): No need to guard against conservative
3274         marking reviving dead objects anymore, since the conservative marking
3275         mechanism guards against this now.
3276
3277         (JSC::Heap::markConservatively):
3278         (JSC::Heap::markProtectedObjects):
3279         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3280         marking function. We want to establish a separation of concerns between
3281         visiting roots and draining the mark stack.
3282
3283         (JSC::Heap::markRoots): Gather the set of conservative references before
3284         clearning mark bits, because conservative marking now uses the mark bits
3285         to determine if a reference is valid, and avoid reviving dead objects.
3286
3287         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3288         marking reviving dead objects anymore, since the conservative marking
3289         mechanism guards against this now.
3290
3291         * runtime/Heap.h: Updated to use the ConservativeSet API.
3292
3293         * runtime/MachineStackMarker.cpp:
3294         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3295         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3296         (JSC::MachineStackMarker::markOtherThreadConservatively):
3297         (JSC::MachineStackMarker::markMachineStackConservatively):
3298         * runtime/MachineStackMarker.h: Ditto.
3299
3300         * runtime/MarkStack.h:
3301         (JSC::ConservativeSet::add):
3302         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3303         set of conservative references. This is different from MarkStack, since
3304         we don't mark the set until it is completely gathered.
3305
3306         * runtime/MarkedSpace.cpp:
3307         (JSC::MarkedSpace::freeBlock):
3308         (JSC::MarkedSpace::resizeBlocks):
3309         (JSC::MarkedSpace::markConservatively):
3310         * runtime/MarkedSpace.h: When marking conservatively, guard against
3311         reviving dead objects.
3312
3313 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3314
3315         Reviewed by Geoffrey Garen.
3316
3317         [Symbian] Fix StackBounds::initialize()
3318         https://bugs.webkit.org/show_bug.cgi?id=52842
3319
3320         * wtf/StackBounds.cpp:
3321         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3322
3323 2011-01-20  Michael Saboff  <msaboff@apple.com>
3324
3325         Reviewed by Oliver Hunt.
3326
3327         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3328         https://bugs.webkit.org/show_bug.cgi?id=52773
3329
3330         Fixed case where an existing DataLabelPtr is overwritten.  The
3331         replacing DataLabelPtr is now resolved immediately in
3332         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3333         return value for the routine as it was never used.
3334
3335         * yarr/YarrJIT.cpp:
3336         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3337
3338 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3339
3340         Reviewed by Csaba Osztrogonác.
3341
3342         [Qt][WK2] WebKit2 enabled build fails to link
3343
3344         Work around undefined reference linking issues until the buildsystem gets redesigned.
3345         These issues first occured in minimal builds (see BUG 50519).
3346
3347         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3348
3349 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3350
3351         Reviewed by Csaba Osztrogonác.
3352
3353         Refactoring of the custom allocation framework
3354         https://bugs.webkit.org/show_bug.cgi?id=49897
3355
3356         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3357         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3358         equivalent macro implementation at the necessary places.
3359
3360         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3361
3362 2011-01-20  Mark Rowe  <mrowe@apple.com>
3363
3364         Reviewed by Maciej Stachowiak.
3365
3366         Follow-up to r75766 / <rdar://problem/5469576>.
3367
3368         We were failing to initialize the key, causing all sorts of unexpected behavior.
3369
3370         * wtf/FastMalloc.cpp:
3371         (WTF::setThreadHeap):
3372         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3373         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3374
3375 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3376
3377         Reviewed by Darin Adler.
3378
3379         Rolled back in r76078, with crash fixed.
3380         https://bugs.webkit.org/show_bug.cgi?id=52668
3381         
3382         * runtime/JSGlobalObject.cpp:
3383         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3384         object moves its variables into and out of the register file. While out
3385         of the register file, the symbol table's size is not an accurate count
3386         for the size of the register array, since the BytecodeGenerator might
3387         be compiling, adding items to the symbol table.
3388         
3389 2011-01-18  Darin Adler  <darin@apple.com>
3390
3391         Reviewed by Geoffrey Garen.
3392
3393         Stack overflow when converting an Error object to string
3394         https://bugs.webkit.org/show_bug.cgi?id=46410
3395
3396         * Android.mk: Added StringRecursionChecker.cpp and
3397         StringRecursionChecker.h.
3398         * CMakeLists.txt: Ditto.
3399         * GNUmakefile.am: Ditto.
3400         * JavaScriptCore.gypi: Ditto.
3401         * JavaScriptCore.pro: Ditto.
3402         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3403         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3404
3405         * runtime/ArrayPrototype.cpp:
3406         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3407         of the older hand-written code to do the same thing.
3408         (JSC::arrayProtoFuncToLocaleString): Ditto.
3409         (JSC::arrayProtoFuncJoin): Ditto.
3410
3411         * runtime/ErrorPrototype.cpp:
3412         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3413
3414         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3415         stringRecursionCheckVisitedObjects.
3416
3417         * runtime/RegExpPrototype.cpp:
3418         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3419
3420         * runtime/StringRecursionChecker.cpp: Added.
3421         * runtime/StringRecursionChecker.h: Added.
3422
3423 2011-01-19  Oliver Hunt  <oliver@apple.com>
3424
3425         Reviewed by Gavin Barraclough.
3426
3427         Remove non-spec support for callable RegExp
3428         https://bugs.webkit.org/show_bug.cgi?id=28285
3429
3430         Remove support for callable regexps.  If it breaks sites we can
3431         just roll this out.
3432
3433         * runtime/RegExpObject.cpp:
3434         * runtime/RegExpObject.h:
3435         * tests/mozilla/expected.html: update results.
3436
3437 2011-01-19  Antti Koivisto  <antti@apple.com>
3438
3439         Reviewed by Oliver Hunt.
3440
3441         Cache function offsets to speed up javascript parsing
3442         https://bugs.webkit.org/show_bug.cgi?id=52622
3443         
3444         Use cache to save function offsets and some other info.
3445         This avoids quite a bit of work when reparsing the source.
3446
3447         * parser/ASTBuilder.h:
3448         * parser/JSParser.cpp:
3449         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3450         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3451         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3452         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3453         (JSC::JSParser::Scope::saveFunctionInfo):
3454         (JSC::JSParser::Scope::restoreFunctionInfo):
3455         (JSC::JSParser::findCachedFunctionInfo):
3456         (JSC::JSParser::JSParser):
3457         (JSC::JSParser::parseProgram):
3458         (JSC::JSParser::parseFunctionInfo):
3459         * parser/Lexer.h:
3460         (JSC::Lexer::setOffset):
3461         (JSC::Lexer::setLineNumber):
3462         (JSC::Lexer::sourceProvider):
3463         * parser/SourceProvider.h:
3464         (JSC::SourceProviderCache::SourceProviderCache):
3465         (JSC::SourceProviderCache::~SourceProviderCache):
3466         (JSC::SourceProviderCache::byteSize):
3467         (JSC::SourceProviderCache::add):
3468         (JSC::SourceProviderCache::get):
3469         (JSC::SourceProvider::SourceProvider):
3470         (JSC::SourceProvider::~SourceProvider):
3471         (JSC::SourceProvider::cache):
3472         (JSC::SourceProvider::notifyCacheSizeChanged):
3473         (JSC::SourceProvider::cacheSizeChanged):
3474         * parser/SyntaxChecker.h:
3475
3476 2011-01-19  Mark Rowe  <mrowe@apple.com>
3477
3478         Reviewed by Darin Adler.
3479
3480         Follow-up to r75766 / <rdar://problem/5469576>.
3481
3482         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3483
3484 2011-01-19  Oliver Hunt  <oliver@apple.com>
3485
3486         Reviewed by Gavin Barraclough.
3487
3488         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3489         https://bugs.webkit.org/show_bug.cgi?id=52672
3490
3491         Rather than coming up with a somewhat convoluted mechanism to ensure that
3492         developers can override the global objects prototype with a function named
3493         __proto__ and expect it to work, we just disallow it at the syntax level.
3494
3495         * parser/JSParser.cpp:
3496         (JSC::JSParser::parseFunctionInfo):
3497
3498 2011-01-19  Michael Saboff  <msaboff@apple.com>
3499
3500         Reviewed by Darin Adler.
3501
3502         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
3503         https://bugs.webkit.org/show_bug.cgi?id=52675
3504
3505         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3506         broke simple backtracking in some cases.  Reworked that change to 
3507         link both jumps and labels.
3508
3509         * yarr/YarrJIT.cpp:
3510         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3511         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3512         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3513
3514 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3515
3516         Reviewed by Yury Semikhatsky.
3517
3518         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3519         https://bugs.webkit.org/show_bug.cgi?id=52721
3520
3521         * debugger/Debugger.cpp:
3522         (JSC::Debugger::recompileAllJSFunctions):
3523         * debugger/Debugger.h:
3524         * parser/Parser.h:
3525         (JSC::Parser::parse):
3526         * parser/SourceCode.h:
3527         (JSC::SourceCode::SourceCode):
3528         * parser/SourceProvider.h:
3529         (JSC::SourceProvider::startPosition):
3530
3531 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3532
3533         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3534
3535         [Qt] Remove unnecessary "../Source" from paths
3536         after moving source files into Source is finished.
3537
3538         * JavaScriptCore.pri:
3539
3540 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3541
3542         Reviewed by Darin Adler.
3543
3544         Don't return void from void function String::split