bc77dbab80765233cddfdd4bbd9163b0d4af14bd
[WebKit.git] / Source / JavaScriptCore / ChangeLog
1 2011-02-04  Geoffrey Garen  <ggaren@apple.com>
2
3         Try to fix 32bit build.
4
5         * runtime/Heap.cpp:
6         (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings,
7         since 1.5 is double (64bit), and the result is size_t (32bit).
8
9 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
10
11         Reviewed by Cameron Zwarich.
12
13         Changed MarkedSpace to delegate grow/shrink decisions to Heap
14         https://bugs.webkit.org/show_bug.cgi?id=53759
15         
16         SunSpider reports no change.
17         
18         * runtime/Heap.cpp:
19         (JSC::Heap::Heap):
20         (JSC::Heap::reset):
21         * runtime/Heap.h: Reorganized a few data members for better cache locality.
22         Added a grow policy.
23         
24         * runtime/MarkedSpace.cpp:
25         (JSC::MarkedSpace::allocate):
26         (JSC::MarkedSpace::sweep):
27         (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for
28         the heap to make an explicit sweep call.
29
30         * runtime/MarkedSpace.h:
31         (JSC::MarkedSpace::highWaterMark):
32         (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how
33         many bytes to allocate before failing and giving the heap an opportunity
34         to collect garbage. This also means that we allocate blocks on demand,
35         instead of ahead of time.
36
37 2011-02-03  James Kozianski  <koz@chromium.org>
38
39         Reviewed by Dimitri Glazkov.
40
41         Add navigator.registerProtocolHandler behind a flag.
42         https://bugs.webkit.org/show_bug.cgi?id=52609
43
44         * Configurations/FeatureDefines.xcconfig:
45
46 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
47
48         Reviewed by Oliver Hunt.
49
50         Not all blocks are freed when the heap is freed (counting is hard!)
51         https://bugs.webkit.org/show_bug.cgi?id=53732
52
53         * runtime/MarkedSpace.cpp:
54         (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just
55         keep freeing block 0 until there are no blocks left.
56
57 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
58
59         Try to fix the Mac build.
60
61         * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header
62         needs to be private, not project, so other projects can include headers
63         that depend on it.
64
65 2011-02-03  Geoffrey Garen  <ggaren@apple.com>
66
67         Reviewed by Sam Weinig.
68
69         Start using MarkedBlock instead of CollectorBlock
70         https://bugs.webkit.org/show_bug.cgi?id=53693
71         
72         SunSpider reports no change.
73         
74         * runtime/MarkedBlock.h:
75         (JSC::MarkedBlock::blockFor):
76         (JSC::MarkedBlock::setMarked):
77         (JSC::MarkedBlock::isCellAligned):
78         (JSC::MarkedBlock::isPossibleCell): Updated for const-ness.
79
80         * runtime/MarkedSpace.cpp:
81         (JSC::MarkedSpace::allocateBlock):
82         (JSC::MarkedSpace::containsSlowCase):
83         (JSC::MarkedSpace::clearMarkBits): Updated for const-ness.
84
85         * runtime/MarkedSpace.h:
86         (JSC::CollectorHeap::collectorBlock):
87         (JSC::MarkedSpace::heap):
88         (JSC::MarkedSpace::isMarked):
89         (JSC::MarkedSpace::testAndSetMarked):
90         (JSC::MarkedSpace::setMarked):
91         (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock,
92         and deleted dead CollectorBlock-related code.
93
94 2011-02-03  Patrick Gansterer  <paroga@webkit.org>
95
96         Reviewed by Darin Adler.
97
98         Avoid strlen() in AtomicString::fromUTF8
99         https://bugs.webkit.org/show_bug.cgi?id=50516
100
101         Add an overload to calculateStringHashFromUTF8 to get
102         strlen() of the input data with only one call.
103
104         This change shows about 3% performance win on the xml-parser benchmark.
105
106         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
107         * wtf/text/AtomicString.cpp:
108         (WTF::AtomicString::fromUTF8):
109         * wtf/unicode/UTF8.cpp:
110         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
111         (WTF::Unicode::calculateStringHashFromUTF8):
112         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
113         * wtf/unicode/UTF8.h:
114
115 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
116
117         Windows build fix.
118
119         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
120
121 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
122
123         oops, build fix!
124
125         * wtf/Assertions.cpp:
126
127 2011-02-02  Gavin Barraclough  <barraclough@apple.com>
128
129         Reviewed by Sam Weinig.
130
131         Bug 53650 - Add a BACKTRACE macro to Assertions.h
132
133         Add a BACKTRACE macro to Assertions.h, which will print a backtrace on
134         debug Mac builds, make CRASH (and thus ASSERT) automatically call this.
135
136         * JavaScriptCore.exp:
137         * wtf/Assertions.cpp:
138         * wtf/Assertions.h:
139
140 2011-02-02  Michael Saboff  <msaboff@apple.com>
141
142         Reviewed by Gavin Barraclough.
143
144         Improper backtrack of nested non-capturing greedy paren to prior paren
145         https://bugs.webkit.org/show_bug.cgi?id=53261
146
147         A paren that follows a non-capturing greedy paren nested within a 
148         non-capturing fixed paren was back tracking to the last paren 
149         processed instead of the immediately prior paren.
150         Refactored default backtracking of parens to prior paren to work for
151         both nested (within) and immediately prior (after) parens.
152
153         * yarr/YarrJIT.cpp:
154         (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail):
155         (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState):
156         (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen):
157         (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen):
158         (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail):
159         (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode):
160         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction):
161         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
162         (JSC::Yarr::YarrGenerator::generateDisjunction):
163
164 2011-02-02  Jeff Miller  <jeffm@apple.com>
165
166         Reviewed by Darin Adler and Steve Falkenburg.
167
168         Add DerivedSources.make to some Visual Studio projects
169         https://bugs.webkit.org/show_bug.cgi?id=53607
170
171         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make.
172
173 2011-02-02  Steve Lacey  <sjl@chromium.org>
174
175         Reviewed by Eric Carlson.
176
177         Implement basic media statistics on media elements.
178         https://bugs.webkit.org/show_bug.cgi?id=53322
179
180         * Configurations/FeatureDefines.xcconfig:
181
182 2011-02-02  Kevin Ollivier  <kevino@theolliviers.com>
183
184         [wx] Build fixes for wxWebKit.
185
186         * wtf/wx/StringWx.cpp:
187         (WTF::String::String):
188
189 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
190
191         Reviewed by Sam Weinig.
192
193         A little more Heap refactoring
194         https://bugs.webkit.org/show_bug.cgi?id=53577
195         
196         SunSpider reports no change.
197         
198         Split out MarkedBlock into its own file / class.
199         
200         Did the following renames:
201             isCellMarked => isMarked
202             checkMarkCell => testAndSetMarked
203             markCell => setMarked
204             cellOffset => cellNumber
205             collectorBlock => blockFor
206
207         * Android.mk:
208         * CMakeLists.txt:
209         * GNUmakefile.am:
210         * JavaScriptCore.gypi:
211         * JavaScriptCore.pro:
212         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
213         * JavaScriptCore.xcodeproj/project.pbxproj:
214         * runtime/Heap.cpp:
215         (JSC::WeakGCHandlePool::update):
216         * runtime/Heap.h:
217         (JSC::Heap::isMarked):
218         (JSC::Heap::testAndSetMarked):
219         (JSC::Heap::setMarked):
220         * runtime/JSArray.h:
221         (JSC::MarkStack::markChildren):
222         (JSC::MarkStack::drain):
223         * runtime/JSCell.h:
224         (JSC::JSCell::MarkStack::internalAppend):
225         * runtime/MarkedBlock.cpp: Added.
226         * runtime/MarkedBlock.h: Added.
227         (JSC::MarkedBlock::blockFor):
228         (JSC::MarkedBlock::cellNumber):
229         (JSC::MarkedBlock::isMarked):
230         (JSC::MarkedBlock::testAndSetMarked):
231         (JSC::MarkedBlock::setMarked):
232         (JSC::MarkedBlock::isCellAligned):
233         (JSC::MarkedBlock::isPossibleCell):
234         * runtime/MarkedSpace.h:
235         (JSC::MarkedSpace::isMarked):
236         (JSC::MarkedSpace::testAndSetMarked):
237         (JSC::MarkedSpace::setMarked):
238         * runtime/SmallStrings.cpp:
239         (JSC::isMarked):
240         * runtime/WeakGCMap.h:
241         (JSC::WeakGCMap::isValid):
242         (JSC::::get):
243         (JSC::::take):
244         (JSC::::set):
245
246 2011-02-02  Sam Weinig  <sam@webkit.org>
247
248         Fix windows clean build.
249
250         * DerivedSources.make:
251
252 2011-02-02  Alejandro G. Castro  <alex@igalia.com>
253
254         Reviewed by Martin Robinson.
255
256         [GTK] Fix dist compilation
257         https://bugs.webkit.org/show_bug.cgi?id=53579
258
259         * GNUmakefile.am: Added WriteBarrier.h to the sources, it was
260         added in r77151
261
262 2011-02-01  Sheriff Bot  <webkit.review.bot@gmail.com>
263
264         Unreviewed, rolling out r77297.
265         http://trac.webkit.org/changeset/77297
266         https://bugs.webkit.org/show_bug.cgi?id=53538
267
268         caused leopard crashes (Requested by paroga on #webkit).
269
270         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
271         * wtf/text/AtomicString.cpp:
272         (WTF::AtomicString::fromUTF8):
273         * wtf/unicode/UTF8.cpp:
274         (WTF::Unicode::calculateStringHashFromUTF8):
275         * wtf/unicode/UTF8.h:
276
277 2011-02-01  Sam Weinig  <sam@webkit.org>
278
279         Fix Mac production builds.
280
281         * JavaScriptCore.xcodeproj/project.pbxproj:
282
283 2011-02-01  Sam Weinig  <sam@webkit.org>
284
285         Try to fix the windows build.
286
287         * DerivedSources.make:
288
289 2011-02-01  Patrick Gansterer  <paroga@webkit.org>
290
291         Reviewed by Darin Adler.
292
293         Avoid strlen() in AtomicString::fromUTF8
294         https://bugs.webkit.org/show_bug.cgi?id=50516
295
296         Add an overload to calculateStringHashFromUTF8 to get
297         strlen() of the input data with only one call.
298
299         This change shows about 3% performance win on the xml-parser benchmark.
300
301         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
302         * wtf/text/AtomicString.cpp:
303         (WTF::AtomicString::fromUTF8):
304         * wtf/unicode/UTF8.cpp:
305         (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal):
306         (WTF::Unicode::calculateStringHashFromUTF8):
307         (WTF::Unicode::calculateStringHashAndLengthFromUTF8):
308         * wtf/unicode/UTF8.h:
309
310 2011-02-01  Sam Weinig  <sam@webkit.org>
311
312         Reviewed by Beth Dakin.
313
314         Part 2 for <rdar://problem/8492788>
315         Adopt WKScrollbarPainterController
316
317         Use header detection to define scrollbar painting controller #define.
318
319         * DerivedSources.make:
320         * JavaScriptCore.xcodeproj/project.pbxproj:
321
322 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
323
324         Reviewed by Oliver Hunt.
325
326         Refactor JSGlobalObject-related tear-down
327         https://bugs.webkit.org/show_bug.cgi?id=53478
328         
329         While investigating crashes caused by r77082, I noticed some strange
330         destructor-time behaviors. This patch makes them less strange.
331
332         * bytecode/CodeBlock.cpp:
333         (JSC::CodeBlock::CodeBlock):
334         (JSC::CodeBlock::markAggregate):
335         * bytecode/CodeBlock.h:
336         (JSC::CodeBlock::globalObject):
337         (JSC::GlobalCodeBlock::GlobalCodeBlock):
338         (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code
339         blocks on the Heap, instead of on independent global objects. The heap
340         is guaranteed to outlast any GC-owned data structure. The heap is also
341         a natural place to store objects that needs out-of-band marking, since
342         the heap is responsible for marking all roots.
343
344         * runtime/Heap.cpp:
345         (JSC::Heap::markRoots):
346         (JSC::Heap::globalObjectCount):
347         (JSC::Heap::protectedGlobalObjectCount):
348         * runtime/Heap.h:
349         (JSC::Heap::codeBlocks):
350         * runtime/JSGlobalData.cpp:
351         (JSC::JSGlobalData::JSGlobalData):
352         * runtime/JSGlobalData.h:
353         * runtime/JSGlobalObject.cpp:
354         (JSC::JSGlobalObject::~JSGlobalObject):
355         (JSC::JSGlobalObject::init):
356         (JSC::JSGlobalObject::markChildren):
357         * runtime/JSGlobalObject.h:
358         * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map
359         owned by JSGlobalData, instead of an instrusive circular linked list.
360         This is simpler, and it avoids destructor-time access between garbage
361         collected objects, which is hard to get right.
362
363         (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing
364         everything down. Otherwise, weak data structures will incorrectly report
365         that objects pending destruction are still alive.
366
367 2011-02-01  Geoffrey Garen  <ggaren@apple.com>
368
369         Reviewed by Oliver Hunt.
370
371         REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit
372         bot; loading trac pages; typing in search field
373         https://bugs.webkit.org/show_bug.cgi?id=53519
374         
375         The crashes were all caused by failure to run an object's destructor.
376
377         * runtime/CollectorHeapIterator.h:
378         (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon
379         construction. The iterator class used to do that when it was designed
380         for prior-to-beginning initialization. I forgot to remove this line
381         of code when I changed the iterator to normal initialization.
382         
383         Skipping forward upon construction was causing the heap to skip running
384         the destructor for the very first object in a block when destroying the
385         block. This usually did not crash, since block destruction is rare and
386         most objects have pretty trivial destructors. However, in the rare case
387         when the heap would destroy a block whose first object was a global
388         object or a DOM node, BOOM.
389
390 2011-01-31  Oliver Hunt  <oliver@apple.com>
391
392         Reviewed by Geoffrey Garen.
393
394         Update JSObject storage for new marking API
395         https://bugs.webkit.org/show_bug.cgi?id=53467
396
397         JSObject no longer uses EncodedJSValue for its property storage.
398         This produces a stream of mechanical changes to PropertySlot and
399         anonymous storage APIs.
400
401         * JavaScriptCore.exp:
402         * runtime/ArrayPrototype.cpp:
403         (JSC::ArrayPrototype::ArrayPrototype):
404         * runtime/BooleanConstructor.cpp:
405         (JSC::constructBoolean):
406         (JSC::constructBooleanFromImmediateBoolean):
407         * runtime/BooleanObject.cpp:
408         (JSC::BooleanObject::BooleanObject):
409         * runtime/BooleanObject.h:
410         * runtime/BooleanPrototype.cpp:
411         (JSC::BooleanPrototype::BooleanPrototype):
412         * runtime/DateInstance.cpp:
413         (JSC::DateInstance::DateInstance):
414         * runtime/DatePrototype.cpp:
415         (JSC::DatePrototype::DatePrototype):
416         * runtime/JSActivation.cpp:
417         (JSC::JSActivation::getOwnPropertySlot):
418         * runtime/JSArray.cpp:
419         (JSC::JSArray::getOwnPropertySlot):
420         * runtime/JSFunction.cpp:
421         (JSC::JSFunction::getOwnPropertySlot):
422         * runtime/JSGlobalObject.h:
423         (JSC::JSGlobalObject::JSGlobalObject):
424         * runtime/JSObject.cpp:
425         (JSC::JSObject::fillGetterPropertySlot):
426         * runtime/JSObject.h:
427         (JSC::JSObject::getDirectLocation):
428         (JSC::JSObject::offsetForLocation):
429         (JSC::JSObject::putAnonymousValue):
430         (JSC::JSObject::clearAnonymousValue):
431         (JSC::JSObject::getAnonymousValue):
432         (JSC::JSObject::putThisToAnonymousValue):
433         (JSC::JSObject::locationForOffset):
434         (JSC::JSObject::inlineGetOwnPropertySlot):
435         * runtime/JSObjectWithGlobalObject.cpp:
436         (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
437         * runtime/JSWrapperObject.h:
438         (JSC::JSWrapperObject::JSWrapperObject):
439         (JSC::JSWrapperObject::setInternalValue):
440         * runtime/Lookup.cpp:
441         (JSC::setUpStaticFunctionSlot):
442         * runtime/NumberConstructor.cpp:
443         (JSC::constructWithNumberConstructor):
444         * runtime/NumberObject.cpp:
445         (JSC::NumberObject::NumberObject):
446         (JSC::constructNumber):
447         * runtime/NumberObject.h:
448         * runtime/NumberPrototype.cpp:
449         (JSC::NumberPrototype::NumberPrototype):
450         * runtime/PropertySlot.h:
451         (JSC::PropertySlot::getValue):
452         (JSC::PropertySlot::setValue):
453         (JSC::PropertySlot::setRegisterSlot):
454         * runtime/StringObject.cpp:
455         (JSC::StringObject::StringObject):
456         * runtime/StringPrototype.cpp:
457         (JSC::StringPrototype::StringPrototype):
458         * runtime/WriteBarrier.h:
459         (JSC::WriteBarrierBase::setWithoutWriteBarrier):
460
461 2011-02-01  Daniel Bates  <dbates@rim.com>
462
463         Reviewed by Antonio Gomes.
464
465         Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937)
466         https://bugs.webkit.org/show_bug.cgi?id=53506
467
468         Currently, use of the Mersenne Twister pseudorandom number generator
469         is hardcoded to the Windows CE port. With the passing of bug #53253,
470         we can generalize support for this PRNG to all ports that use srand(3)
471         and rand(3), including Windows CE.
472
473         * wtf/RandomNumberSeed.h:
474         (WTF::initializeRandomNumberGenerator):
475
476 2011-02-01  Dave Tapuska  <dtapuska@rim.com>
477
478         Reviewed by Gavin Barraclough.
479
480         MacroAssemblerARM would generate code that did 32bit loads
481         on addresses that were not aligned. More specifically it would
482         generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower.
483         The intended instruction really is ldrb r8,[r1, #7]; ensure we
484         call load8 instead of load32.
485
486         https://bugs.webkit.org/show_bug.cgi?id=46095
487
488         * assembler/MacroAssemblerARM.h:
489         (JSC::MacroAssemblerARM::set32Test32):
490         (JSC::MacroAssemblerARM::set32Test8):
491
492 2011-02-01  Darin Fisher  <darin@chromium.org>
493
494         Reviewed by Eric Seidel.
495
496         Fix some Visual Studio compiler warnings.
497         https://bugs.webkit.org/show_bug.cgi?id=53476
498
499         * wtf/MathExtras.h:
500         (clampToInteger):
501         (clampToPositiveInteger):
502         * wtf/ThreadingWin.cpp:
503         (WTF::absoluteTimeToWaitTimeoutInterval):
504
505 2011-01-31  Oliver Hunt  <oliver@apple.com>
506
507         Reviewed by Sam Weinig.
508
509         Bogus callframe during stack unwinding
510         https://bugs.webkit.org/show_bug.cgi?id=53454
511
512         Trying to access a callframe's globalData after destroying its
513         ScopeChain is not a good thing.  While we could access the
514         globalData directly through the (known valid) scopechain we're
515         holding on to, it feels fragile.  Instead we push the valid
516         ScopeChain onto the callframe again to ensure that the callframe
517         itself remains valid.
518
519         * interpreter/Interpreter.cpp:
520         (JSC::Interpreter::unwindCallFrame):
521
522 2011-01-31  Michael Saboff  <msaboff@apple.com>
523
524         Reviewed by Geoffrey Garen.
525
526         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
527         https://bugs.webkit.org/show_bug.cgi?id=53271
528
529         Reapplying this change again.
530         Changed isValid() to use .get() as a result of change r77151.
531
532         Added new isValid() methods to check if a contained object in
533         a WeakGCMap is valid when using an unchecked iterator.
534
535         * runtime/WeakGCMap.h:
536         (JSC::WeakGCMap::isValid):
537
538 2011-01-31  Oliver Hunt  <oliver@apple.com>
539
540         Convert markstack to a slot visitor API
541         https://bugs.webkit.org/show_bug.cgi?id=53219
542
543         rolling r77098, r77099, r77100, r77109, and
544         r77111 back in, along with a few more Qt fix attempts.
545
546         * API/JSCallbackObject.h:
547         (JSC::JSCallbackObjectData::setPrivateProperty):
548         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
549         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
550         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
551         (JSC::JSCallbackObject::setPrivateProperty):
552         * API/JSCallbackObjectFunctions.h:
553         (JSC::::put):
554         (JSC::::staticFunctionGetter):
555         * API/JSObjectRef.cpp:
556         (JSObjectMakeConstructor):
557         (JSObjectSetPrivateProperty):
558         * API/JSWeakObjectMapRefInternal.h:
559         * JavaScriptCore.exp:
560         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
561         * JavaScriptCore.xcodeproj/project.pbxproj:
562         * bytecode/CodeBlock.cpp:
563         (JSC::CodeBlock::markAggregate):
564         * bytecode/CodeBlock.h:
565         (JSC::CodeBlock::globalObject):
566         * bytecompiler/BytecodeGenerator.cpp:
567         (JSC::BytecodeGenerator::BytecodeGenerator):
568         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
569         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
570         (JSC::BytecodeGenerator::findScopedProperty):
571         * debugger/Debugger.cpp:
572         (JSC::evaluateInGlobalCallFrame):
573         * debugger/DebuggerActivation.cpp:
574         (JSC::DebuggerActivation::DebuggerActivation):
575         (JSC::DebuggerActivation::markChildren):
576         * debugger/DebuggerActivation.h:
577         * debugger/DebuggerCallFrame.cpp:
578         (JSC::DebuggerCallFrame::evaluate):
579         * interpreter/CallFrame.h:
580         (JSC::ExecState::exception):
581         * interpreter/Interpreter.cpp:
582         (JSC::Interpreter::resolve):
583         (JSC::Interpreter::resolveSkip):
584         (JSC::Interpreter::resolveGlobal):
585         (JSC::Interpreter::resolveGlobalDynamic):
586         (JSC::Interpreter::resolveBaseAndProperty):
587         (JSC::Interpreter::unwindCallFrame):
588         (JSC::appendSourceToError):
589         (JSC::Interpreter::execute):
590         (JSC::Interpreter::tryCacheGetByID):
591         (JSC::Interpreter::privateExecute):
592         * jit/JITStubs.cpp:
593         (JSC::JITThunks::tryCacheGetByID):
594         (JSC::DEFINE_STUB_FUNCTION):
595         * jsc.cpp:
596         (GlobalObject::GlobalObject):
597         * runtime/ArgList.cpp:
598         (JSC::MarkedArgumentBuffer::markLists):
599         * runtime/Arguments.cpp:
600         (JSC::Arguments::markChildren):
601         (JSC::Arguments::getOwnPropertySlot):
602         (JSC::Arguments::getOwnPropertyDescriptor):
603         (JSC::Arguments::put):
604         * runtime/Arguments.h:
605         (JSC::Arguments::setActivation):
606         (JSC::Arguments::Arguments):
607         * runtime/ArrayConstructor.cpp:
608         (JSC::ArrayConstructor::ArrayConstructor):
609         (JSC::constructArrayWithSizeQuirk):
610         * runtime/ArrayPrototype.cpp:
611         (JSC::arrayProtoFuncSplice):
612         * runtime/BatchedTransitionOptimizer.h:
613         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
614         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
615         * runtime/BooleanConstructor.cpp:
616         (JSC::BooleanConstructor::BooleanConstructor):
617         (JSC::constructBoolean):
618         (JSC::constructBooleanFromImmediateBoolean):
619         * runtime/BooleanPrototype.cpp:
620         (JSC::BooleanPrototype::BooleanPrototype):
621         * runtime/ConservativeSet.cpp:
622         (JSC::ConservativeSet::grow):
623         * runtime/ConservativeSet.h:
624         (JSC::ConservativeSet::~ConservativeSet):
625         (JSC::ConservativeSet::mark):
626         * runtime/DateConstructor.cpp:
627         (JSC::DateConstructor::DateConstructor):
628         * runtime/DateInstance.cpp:
629         (JSC::DateInstance::DateInstance):
630         * runtime/DatePrototype.cpp:
631         (JSC::dateProtoFuncSetTime):
632         (JSC::setNewValueFromTimeArgs):
633         (JSC::setNewValueFromDateArgs):
634         (JSC::dateProtoFuncSetYear):
635         * runtime/ErrorConstructor.cpp:
636         (JSC::ErrorConstructor::ErrorConstructor):
637         * runtime/ErrorInstance.cpp:
638         (JSC::ErrorInstance::ErrorInstance):
639         * runtime/ErrorPrototype.cpp:
640         (JSC::ErrorPrototype::ErrorPrototype):
641         * runtime/FunctionConstructor.cpp:
642         (JSC::FunctionConstructor::FunctionConstructor):
643         * runtime/FunctionPrototype.cpp:
644         (JSC::FunctionPrototype::FunctionPrototype):
645         * runtime/GetterSetter.cpp:
646         (JSC::GetterSetter::markChildren):
647         * runtime/GetterSetter.h:
648         (JSC::GetterSetter::GetterSetter):
649         (JSC::GetterSetter::getter):
650         (JSC::GetterSetter::setGetter):
651         (JSC::GetterSetter::setter):
652         (JSC::GetterSetter::setSetter):
653         * runtime/GlobalEvalFunction.cpp:
654         (JSC::GlobalEvalFunction::GlobalEvalFunction):
655         (JSC::GlobalEvalFunction::markChildren):
656         * runtime/GlobalEvalFunction.h:
657         (JSC::GlobalEvalFunction::cachedGlobalObject):
658         * runtime/Heap.cpp:
659         (JSC::Heap::markProtectedObjects):
660         (JSC::Heap::markTempSortVectors):
661         (JSC::Heap::markRoots):
662         * runtime/InternalFunction.cpp:
663         (JSC::InternalFunction::InternalFunction):
664         * runtime/JSAPIValueWrapper.h:
665         (JSC::JSAPIValueWrapper::value):
666         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
667         * runtime/JSActivation.cpp:
668         (JSC::JSActivation::markChildren):
669         (JSC::JSActivation::put):
670         * runtime/JSArray.cpp:
671         (JSC::JSArray::JSArray):
672         (JSC::JSArray::getOwnPropertySlot):
673         (JSC::JSArray::getOwnPropertyDescriptor):
674         (JSC::JSArray::put):
675         (JSC::JSArray::putSlowCase):
676         (JSC::JSArray::deleteProperty):
677         (JSC::JSArray::increaseVectorLength):
678         (JSC::JSArray::setLength):
679         (JSC::JSArray::pop):
680         (JSC::JSArray::push):
681         (JSC::JSArray::unshiftCount):
682         (JSC::JSArray::sort):
683         (JSC::JSArray::fillArgList):
684         (JSC::JSArray::copyToRegisters):
685         (JSC::JSArray::compactForSorting):
686         * runtime/JSArray.h:
687         (JSC::JSArray::getIndex):
688         (JSC::JSArray::setIndex):
689         (JSC::JSArray::uncheckedSetIndex):
690         (JSC::JSArray::markChildrenDirect):
691         * runtime/JSByteArray.cpp:
692         (JSC::JSByteArray::JSByteArray):
693         * runtime/JSCell.h:
694         (JSC::JSCell::MarkStack::append):
695         (JSC::JSCell::MarkStack::internalAppend):
696         (JSC::JSCell::MarkStack::deprecatedAppend):
697         * runtime/JSFunction.cpp:
698         (JSC::JSFunction::JSFunction):
699         (JSC::JSFunction::getOwnPropertySlot):
700         * runtime/JSGlobalData.h:
701         * runtime/JSGlobalObject.cpp:
702         (JSC::markIfNeeded):
703         (JSC::JSGlobalObject::reset):
704         (JSC::JSGlobalObject::resetPrototype):
705         (JSC::JSGlobalObject::markChildren):
706         * runtime/JSGlobalObject.h:
707         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
708         (JSC::JSGlobalObject::regExpConstructor):
709         (JSC::JSGlobalObject::errorConstructor):
710         (JSC::JSGlobalObject::evalErrorConstructor):
711         (JSC::JSGlobalObject::rangeErrorConstructor):
712         (JSC::JSGlobalObject::referenceErrorConstructor):
713         (JSC::JSGlobalObject::syntaxErrorConstructor):
714         (JSC::JSGlobalObject::typeErrorConstructor):
715         (JSC::JSGlobalObject::URIErrorConstructor):
716         (JSC::JSGlobalObject::evalFunction):
717         (JSC::JSGlobalObject::objectPrototype):
718         (JSC::JSGlobalObject::functionPrototype):
719         (JSC::JSGlobalObject::arrayPrototype):
720         (JSC::JSGlobalObject::booleanPrototype):
721         (JSC::JSGlobalObject::stringPrototype):
722         (JSC::JSGlobalObject::numberPrototype):
723         (JSC::JSGlobalObject::datePrototype):
724         (JSC::JSGlobalObject::regExpPrototype):
725         (JSC::JSGlobalObject::methodCallDummy):
726         (JSC::Structure::prototypeForLookup):
727         (JSC::constructArray):
728         * runtime/JSONObject.cpp:
729         (JSC::Stringifier::Holder::object):
730         (JSC::Stringifier::Holder::objectSlot):
731         (JSC::Stringifier::markAggregate):
732         (JSC::Stringifier::stringify):
733         (JSC::Stringifier::Holder::appendNextProperty):
734         (JSC::Walker::callReviver):
735         (JSC::Walker::walk):
736         * runtime/JSObject.cpp:
737         (JSC::JSObject::defineGetter):
738         (JSC::JSObject::defineSetter):
739         (JSC::JSObject::removeDirect):
740         (JSC::JSObject::putDirectFunction):
741         (JSC::JSObject::putDirectFunctionWithoutTransition):
742         (JSC::putDescriptor):
743         (JSC::JSObject::defineOwnProperty):
744         * runtime/JSObject.h:
745         (JSC::JSObject::getDirectOffset):
746         (JSC::JSObject::putDirectOffset):
747         (JSC::JSObject::putUndefinedAtDirectOffset):
748         (JSC::JSObject::flattenDictionaryObject):
749         (JSC::JSObject::putDirectInternal):
750         (JSC::JSObject::putDirect):
751         (JSC::JSObject::putDirectFunction):
752         (JSC::JSObject::putDirectWithoutTransition):
753         (JSC::JSObject::putDirectFunctionWithoutTransition):
754         (JSC::JSValue::putDirect):
755         (JSC::JSObject::allocatePropertyStorageInline):
756         (JSC::JSObject::markChildrenDirect):
757         * runtime/JSPropertyNameIterator.cpp:
758         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
759         (JSC::JSPropertyNameIterator::get):
760         * runtime/JSPropertyNameIterator.h:
761         * runtime/JSStaticScopeObject.cpp:
762         (JSC::JSStaticScopeObject::markChildren):
763         * runtime/JSString.cpp:
764         (JSC::StringObject::create):
765         * runtime/JSValue.h:
766         * runtime/JSWrapperObject.cpp:
767         (JSC::JSWrapperObject::markChildren):
768         * runtime/JSWrapperObject.h:
769         (JSC::JSWrapperObject::internalValue):
770         (JSC::JSWrapperObject::setInternalValue):
771         * runtime/LiteralParser.cpp:
772         (JSC::LiteralParser::parse):
773         * runtime/Lookup.cpp:
774         (JSC::setUpStaticFunctionSlot):
775         * runtime/Lookup.h:
776         (JSC::lookupPut):
777         * runtime/MarkStack.h:
778         (JSC::MarkStack::MarkStack):
779         (JSC::MarkStack::deprecatedAppendValues):
780         (JSC::MarkStack::appendValues):
781         * runtime/MathObject.cpp:
782         (JSC::MathObject::MathObject):
783         * runtime/NativeErrorConstructor.cpp:
784         (JSC::NativeErrorConstructor::NativeErrorConstructor):
785         * runtime/NativeErrorPrototype.cpp:
786         (JSC::NativeErrorPrototype::NativeErrorPrototype):
787         * runtime/NumberConstructor.cpp:
788         (JSC::NumberConstructor::NumberConstructor):
789         (JSC::constructWithNumberConstructor):
790         * runtime/NumberObject.cpp:
791         (JSC::constructNumber):
792         * runtime/NumberPrototype.cpp:
793         (JSC::NumberPrototype::NumberPrototype):
794         * runtime/ObjectConstructor.cpp:
795         (JSC::ObjectConstructor::ObjectConstructor):
796         (JSC::objectConstructorGetOwnPropertyDescriptor):
797         * runtime/Operations.h:
798         (JSC::normalizePrototypeChain):
799         (JSC::resolveBase):
800         * runtime/PrototypeFunction.cpp:
801         (JSC::PrototypeFunction::PrototypeFunction):
802         * runtime/PutPropertySlot.h:
803         (JSC::PutPropertySlot::setExistingProperty):
804         (JSC::PutPropertySlot::setNewProperty):
805         (JSC::PutPropertySlot::base):
806         * runtime/RegExpConstructor.cpp:
807         (JSC::RegExpConstructor::RegExpConstructor):
808         * runtime/ScopeChain.cpp:
809         (JSC::ScopeChainNode::print):
810         * runtime/ScopeChain.h:
811         (JSC::ScopeChainNode::~ScopeChainNode):
812         (JSC::ScopeChainIterator::operator*):
813         (JSC::ScopeChainIterator::operator->):
814         (JSC::ScopeChain::top):
815         * runtime/ScopeChainMark.h:
816         (JSC::ScopeChain::markAggregate):
817         * runtime/SmallStrings.cpp:
818         (JSC::isMarked):
819         (JSC::SmallStrings::markChildren):
820         * runtime/SmallStrings.h:
821         (JSC::SmallStrings::emptyString):
822         (JSC::SmallStrings::singleCharacterString):
823         (JSC::SmallStrings::singleCharacterStrings):
824         * runtime/StringConstructor.cpp:
825         (JSC::StringConstructor::StringConstructor):
826         * runtime/StringObject.cpp:
827         (JSC::StringObject::StringObject):
828         * runtime/StringObject.h:
829         * runtime/StringPrototype.cpp:
830         (JSC::StringPrototype::StringPrototype):
831         * runtime/Structure.cpp:
832         (JSC::Structure::Structure):
833         (JSC::Structure::addPropertyTransition):
834         (JSC::Structure::toDictionaryTransition):
835         (JSC::Structure::flattenDictionaryStructure):
836         * runtime/Structure.h:
837         (JSC::Structure::storedPrototype):
838         (JSC::Structure::storedPrototypeSlot):
839         * runtime/WeakGCMap.h:
840         (JSC::WeakGCMap::uncheckedGet):
841         (JSC::WeakGCMap::uncheckedGetSlot):
842         (JSC::::get):
843         (JSC::::take):
844         (JSC::::set):
845         (JSC::::uncheckedRemove):
846         * runtime/WriteBarrier.h: Added.
847         (JSC::DeprecatedPtr::DeprecatedPtr):
848         (JSC::DeprecatedPtr::get):
849         (JSC::DeprecatedPtr::operator*):
850         (JSC::DeprecatedPtr::operator->):
851         (JSC::DeprecatedPtr::slot):
852         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
853         (JSC::DeprecatedPtr::operator!):
854         (JSC::WriteBarrierBase::set):
855         (JSC::WriteBarrierBase::get):
856         (JSC::WriteBarrierBase::operator*):
857         (JSC::WriteBarrierBase::operator->):
858         (JSC::WriteBarrierBase::clear):
859         (JSC::WriteBarrierBase::slot):
860         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
861         (JSC::WriteBarrierBase::operator!):
862         (JSC::WriteBarrier::WriteBarrier):
863         (JSC::operator==):
864
865 2011-01-31  Dan Winship  <danw@gnome.org>
866
867         Reviewed by Gustavo Noronha Silva.
868
869         wss (websockets ssl) support for gtk via new gio TLS support
870         https://bugs.webkit.org/show_bug.cgi?id=50344
871
872         Add a GPollableOutputStream typedef for TLS WebSockets support
873
874         * wtf/gobject/GTypedefs.h:
875
876 2011-01-31  Gavin Barraclough  <barraclough@apple.com>
877
878         Reviewed by Geoff Garen.
879
880         https://bugs.webkit.org/show_bug.cgi?id=53352
881         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
882
883         The FixedVMPoolAllocator currently uses a best fix policy -
884         switch to first fit, this is less prone to external fragmentation.
885
886         * jit/ExecutableAllocatorFixedVMPool.cpp:
887         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
888         (JSC::AllocationTableSizeClass::blockSize):
889         (JSC::AllocationTableSizeClass::blockCount):
890         (JSC::AllocationTableSizeClass::blockAlignment):
891         (JSC::AllocationTableSizeClass::size):
892         (JSC::AllocationTableLeaf::AllocationTableLeaf):
893         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
894         (JSC::AllocationTableLeaf::allocate):
895         (JSC::AllocationTableLeaf::free):
896         (JSC::AllocationTableLeaf::isEmpty):
897         (JSC::AllocationTableLeaf::isFull):
898         (JSC::AllocationTableLeaf::size):
899         (JSC::AllocationTableLeaf::classForSize):
900         (JSC::AllocationTableLeaf::dump):
901         (JSC::LazyAllocationTable::LazyAllocationTable):
902         (JSC::LazyAllocationTable::~LazyAllocationTable):
903         (JSC::LazyAllocationTable::allocate):
904         (JSC::LazyAllocationTable::free):
905         (JSC::LazyAllocationTable::isEmpty):
906         (JSC::LazyAllocationTable::isFull):
907         (JSC::LazyAllocationTable::size):
908         (JSC::LazyAllocationTable::dump):
909         (JSC::LazyAllocationTable::classForSize):
910         (JSC::AllocationTableDirectory::AllocationTableDirectory):
911         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
912         (JSC::AllocationTableDirectory::allocate):
913         (JSC::AllocationTableDirectory::free):
914         (JSC::AllocationTableDirectory::isEmpty):
915         (JSC::AllocationTableDirectory::isFull):
916         (JSC::AllocationTableDirectory::size):
917         (JSC::AllocationTableDirectory::classForSize):
918         (JSC::AllocationTableDirectory::dump):
919         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
920         (JSC::FixedVMPoolAllocator::alloc):
921         (JSC::FixedVMPoolAllocator::free):
922         (JSC::FixedVMPoolAllocator::allocated):
923         (JSC::FixedVMPoolAllocator::isValid):
924         (JSC::FixedVMPoolAllocator::classForSize):
925         (JSC::FixedVMPoolAllocator::offsetToPointer):
926         (JSC::FixedVMPoolAllocator::pointerToOffset):
927         (JSC::ExecutableAllocator::committedByteCount):
928         (JSC::ExecutableAllocator::isValid):
929         (JSC::ExecutableAllocator::underMemoryPressure):
930         (JSC::ExecutablePool::systemAlloc):
931         (JSC::ExecutablePool::systemRelease):
932         * wtf/PageReservation.h:
933         (WTF::PageReservation::PageReservation):
934         (WTF::PageReservation::commit):
935         (WTF::PageReservation::decommit):
936         (WTF::PageReservation::committed):
937
938 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
939
940         Unreviewed, rolling out r76969.
941         http://trac.webkit.org/changeset/76969
942         https://bugs.webkit.org/show_bug.cgi?id=53418
943
944         "It is causing crashes in GTK+ and Leopard bots" (Requested by
945         alexg__ on #webkit).
946
947         * runtime/WeakGCMap.h:
948
949 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
950
951         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
952         r77111.
953         http://trac.webkit.org/changeset/77098
954         http://trac.webkit.org/changeset/77099
955         http://trac.webkit.org/changeset/77100
956         http://trac.webkit.org/changeset/77109
957         http://trac.webkit.org/changeset/77111
958         https://bugs.webkit.org/show_bug.cgi?id=53219
959
960         Qt build is broken
961
962         * API/JSCallbackObject.h:
963         (JSC::JSCallbackObjectData::setPrivateProperty):
964         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
965         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
966         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
967         (JSC::JSCallbackObject::setPrivateProperty):
968         * API/JSCallbackObjectFunctions.h:
969         (JSC::::put):
970         (JSC::::staticFunctionGetter):
971         * API/JSObjectRef.cpp:
972         (JSObjectMakeConstructor):
973         (JSObjectSetPrivateProperty):
974         * API/JSWeakObjectMapRefInternal.h:
975         * JavaScriptCore.exp:
976         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
977         * JavaScriptCore.xcodeproj/project.pbxproj:
978         * bytecode/CodeBlock.cpp:
979         (JSC::CodeBlock::markAggregate):
980         * bytecode/CodeBlock.h:
981         (JSC::CodeBlock::globalObject):
982         * bytecompiler/BytecodeGenerator.cpp:
983         (JSC::BytecodeGenerator::BytecodeGenerator):
984         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
985         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
986         (JSC::BytecodeGenerator::findScopedProperty):
987         * debugger/Debugger.cpp:
988         (JSC::evaluateInGlobalCallFrame):
989         * debugger/DebuggerActivation.cpp:
990         (JSC::DebuggerActivation::DebuggerActivation):
991         (JSC::DebuggerActivation::markChildren):
992         * debugger/DebuggerActivation.h:
993         * debugger/DebuggerCallFrame.cpp:
994         (JSC::DebuggerCallFrame::evaluate):
995         * interpreter/CallFrame.h:
996         (JSC::ExecState::exception):
997         * interpreter/Interpreter.cpp:
998         (JSC::Interpreter::resolve):
999         (JSC::Interpreter::resolveSkip):
1000         (JSC::Interpreter::resolveGlobal):
1001         (JSC::Interpreter::resolveGlobalDynamic):
1002         (JSC::Interpreter::resolveBaseAndProperty):
1003         (JSC::Interpreter::unwindCallFrame):
1004         (JSC::appendSourceToError):
1005         (JSC::Interpreter::execute):
1006         (JSC::Interpreter::tryCacheGetByID):
1007         (JSC::Interpreter::privateExecute):
1008         * jit/JITStubs.cpp:
1009         (JSC::JITThunks::tryCacheGetByID):
1010         (JSC::DEFINE_STUB_FUNCTION):
1011         * jsc.cpp:
1012         (GlobalObject::GlobalObject):
1013         * runtime/ArgList.cpp:
1014         (JSC::MarkedArgumentBuffer::markLists):
1015         * runtime/Arguments.cpp:
1016         (JSC::Arguments::markChildren):
1017         (JSC::Arguments::getOwnPropertySlot):
1018         (JSC::Arguments::getOwnPropertyDescriptor):
1019         (JSC::Arguments::put):
1020         * runtime/Arguments.h:
1021         (JSC::Arguments::setActivation):
1022         (JSC::Arguments::Arguments):
1023         * runtime/ArrayConstructor.cpp:
1024         (JSC::ArrayConstructor::ArrayConstructor):
1025         (JSC::constructArrayWithSizeQuirk):
1026         * runtime/ArrayPrototype.cpp:
1027         (JSC::arrayProtoFuncSplice):
1028         * runtime/BatchedTransitionOptimizer.h:
1029         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1030         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1031         * runtime/BooleanConstructor.cpp:
1032         (JSC::BooleanConstructor::BooleanConstructor):
1033         (JSC::constructBoolean):
1034         (JSC::constructBooleanFromImmediateBoolean):
1035         * runtime/BooleanPrototype.cpp:
1036         (JSC::BooleanPrototype::BooleanPrototype):
1037         * runtime/ConservativeSet.cpp:
1038         (JSC::ConservativeSet::grow):
1039         * runtime/ConservativeSet.h:
1040         (JSC::ConservativeSet::~ConservativeSet):
1041         (JSC::ConservativeSet::mark):
1042         * runtime/DateConstructor.cpp:
1043         (JSC::DateConstructor::DateConstructor):
1044         * runtime/DateInstance.cpp:
1045         (JSC::DateInstance::DateInstance):
1046         * runtime/DatePrototype.cpp:
1047         (JSC::dateProtoFuncSetTime):
1048         (JSC::setNewValueFromTimeArgs):
1049         (JSC::setNewValueFromDateArgs):
1050         (JSC::dateProtoFuncSetYear):
1051         * runtime/ErrorConstructor.cpp:
1052         (JSC::ErrorConstructor::ErrorConstructor):
1053         * runtime/ErrorInstance.cpp:
1054         (JSC::ErrorInstance::ErrorInstance):
1055         * runtime/ErrorPrototype.cpp:
1056         (JSC::ErrorPrototype::ErrorPrototype):
1057         * runtime/FunctionConstructor.cpp:
1058         (JSC::FunctionConstructor::FunctionConstructor):
1059         * runtime/FunctionPrototype.cpp:
1060         (JSC::FunctionPrototype::FunctionPrototype):
1061         * runtime/GetterSetter.cpp:
1062         (JSC::GetterSetter::markChildren):
1063         * runtime/GetterSetter.h:
1064         (JSC::GetterSetter::GetterSetter):
1065         (JSC::GetterSetter::getter):
1066         (JSC::GetterSetter::setGetter):
1067         (JSC::GetterSetter::setter):
1068         (JSC::GetterSetter::setSetter):
1069         * runtime/GlobalEvalFunction.cpp:
1070         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1071         (JSC::GlobalEvalFunction::markChildren):
1072         * runtime/GlobalEvalFunction.h:
1073         (JSC::GlobalEvalFunction::cachedGlobalObject):
1074         * runtime/Heap.cpp:
1075         (JSC::Heap::markProtectedObjects):
1076         (JSC::Heap::markTempSortVectors):
1077         (JSC::Heap::markRoots):
1078         * runtime/InternalFunction.cpp:
1079         (JSC::InternalFunction::InternalFunction):
1080         * runtime/JSAPIValueWrapper.h:
1081         (JSC::JSAPIValueWrapper::value):
1082         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1083         * runtime/JSActivation.cpp:
1084         (JSC::JSActivation::markChildren):
1085         (JSC::JSActivation::put):
1086         * runtime/JSArray.cpp:
1087         (JSC::JSArray::JSArray):
1088         (JSC::JSArray::getOwnPropertySlot):
1089         (JSC::JSArray::getOwnPropertyDescriptor):
1090         (JSC::JSArray::put):
1091         (JSC::JSArray::putSlowCase):
1092         (JSC::JSArray::deleteProperty):
1093         (JSC::JSArray::increaseVectorLength):
1094         (JSC::JSArray::setLength):
1095         (JSC::JSArray::pop):
1096         (JSC::JSArray::push):
1097         (JSC::JSArray::unshiftCount):
1098         (JSC::JSArray::sort):
1099         (JSC::JSArray::fillArgList):
1100         (JSC::JSArray::copyToRegisters):
1101         (JSC::JSArray::compactForSorting):
1102         * runtime/JSArray.h:
1103         (JSC::JSArray::getIndex):
1104         (JSC::JSArray::setIndex):
1105         (JSC::JSArray::uncheckedSetIndex):
1106         (JSC::JSArray::markChildrenDirect):
1107         * runtime/JSByteArray.cpp:
1108         (JSC::JSByteArray::JSByteArray):
1109         * runtime/JSCell.h:
1110         (JSC::JSCell::JSValue::toThisObject):
1111         (JSC::JSCell::MarkStack::append):
1112         * runtime/JSFunction.cpp:
1113         (JSC::JSFunction::JSFunction):
1114         (JSC::JSFunction::getOwnPropertySlot):
1115         * runtime/JSGlobalData.h:
1116         * runtime/JSGlobalObject.cpp:
1117         (JSC::markIfNeeded):
1118         (JSC::JSGlobalObject::reset):
1119         (JSC::JSGlobalObject::resetPrototype):
1120         (JSC::JSGlobalObject::markChildren):
1121         * runtime/JSGlobalObject.h:
1122         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1123         (JSC::JSGlobalObject::regExpConstructor):
1124         (JSC::JSGlobalObject::errorConstructor):
1125         (JSC::JSGlobalObject::evalErrorConstructor):
1126         (JSC::JSGlobalObject::rangeErrorConstructor):
1127         (JSC::JSGlobalObject::referenceErrorConstructor):
1128         (JSC::JSGlobalObject::syntaxErrorConstructor):
1129         (JSC::JSGlobalObject::typeErrorConstructor):
1130         (JSC::JSGlobalObject::URIErrorConstructor):
1131         (JSC::JSGlobalObject::evalFunction):
1132         (JSC::JSGlobalObject::objectPrototype):
1133         (JSC::JSGlobalObject::functionPrototype):
1134         (JSC::JSGlobalObject::arrayPrototype):
1135         (JSC::JSGlobalObject::booleanPrototype):
1136         (JSC::JSGlobalObject::stringPrototype):
1137         (JSC::JSGlobalObject::numberPrototype):
1138         (JSC::JSGlobalObject::datePrototype):
1139         (JSC::JSGlobalObject::regExpPrototype):
1140         (JSC::JSGlobalObject::methodCallDummy):
1141         (JSC::Structure::prototypeForLookup):
1142         (JSC::constructArray):
1143         * runtime/JSONObject.cpp:
1144         (JSC::Stringifier::Holder::object):
1145         (JSC::Stringifier::markAggregate):
1146         (JSC::Stringifier::stringify):
1147         (JSC::Stringifier::Holder::appendNextProperty):
1148         (JSC::Walker::callReviver):
1149         (JSC::Walker::walk):
1150         * runtime/JSObject.cpp:
1151         (JSC::JSObject::defineGetter):
1152         (JSC::JSObject::defineSetter):
1153         (JSC::JSObject::removeDirect):
1154         (JSC::JSObject::putDirectFunction):
1155         (JSC::JSObject::putDirectFunctionWithoutTransition):
1156         (JSC::putDescriptor):
1157         (JSC::JSObject::defineOwnProperty):
1158         * runtime/JSObject.h:
1159         (JSC::JSObject::getDirectOffset):
1160         (JSC::JSObject::putDirectOffset):
1161         (JSC::JSObject::flattenDictionaryObject):
1162         (JSC::JSObject::putDirectInternal):
1163         (JSC::JSObject::putDirect):
1164         (JSC::JSObject::putDirectFunction):
1165         (JSC::JSObject::putDirectWithoutTransition):
1166         (JSC::JSObject::putDirectFunctionWithoutTransition):
1167         (JSC::JSValue::putDirect):
1168         (JSC::JSObject::allocatePropertyStorageInline):
1169         (JSC::JSObject::markChildrenDirect):
1170         * runtime/JSPropertyNameIterator.cpp:
1171         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1172         (JSC::JSPropertyNameIterator::get):
1173         * runtime/JSPropertyNameIterator.h:
1174         * runtime/JSStaticScopeObject.cpp:
1175         (JSC::JSStaticScopeObject::markChildren):
1176         * runtime/JSString.cpp:
1177         (JSC::StringObject::create):
1178         * runtime/JSValue.h:
1179         * runtime/JSWrapperObject.cpp:
1180         (JSC::JSWrapperObject::markChildren):
1181         * runtime/JSWrapperObject.h:
1182         (JSC::JSWrapperObject::internalValue):
1183         (JSC::JSWrapperObject::setInternalValue):
1184         * runtime/LiteralParser.cpp:
1185         (JSC::LiteralParser::parse):
1186         * runtime/Lookup.cpp:
1187         (JSC::setUpStaticFunctionSlot):
1188         * runtime/Lookup.h:
1189         (JSC::lookupPut):
1190         * runtime/MarkStack.h:
1191         (JSC::MarkStack::appendValues):
1192         * runtime/MathObject.cpp:
1193         (JSC::MathObject::MathObject):
1194         * runtime/NativeErrorConstructor.cpp:
1195         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1196         * runtime/NativeErrorPrototype.cpp:
1197         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1198         * runtime/NumberConstructor.cpp:
1199         (JSC::NumberConstructor::NumberConstructor):
1200         (JSC::constructWithNumberConstructor):
1201         * runtime/NumberObject.cpp:
1202         (JSC::constructNumber):
1203         * runtime/NumberPrototype.cpp:
1204         (JSC::NumberPrototype::NumberPrototype):
1205         * runtime/ObjectConstructor.cpp:
1206         (JSC::ObjectConstructor::ObjectConstructor):
1207         (JSC::objectConstructorGetOwnPropertyDescriptor):
1208         * runtime/Operations.h:
1209         (JSC::normalizePrototypeChain):
1210         (JSC::resolveBase):
1211         * runtime/PrototypeFunction.cpp:
1212         (JSC::PrototypeFunction::PrototypeFunction):
1213         * runtime/PutPropertySlot.h:
1214         (JSC::PutPropertySlot::setExistingProperty):
1215         (JSC::PutPropertySlot::setNewProperty):
1216         (JSC::PutPropertySlot::base):
1217         * runtime/RegExpConstructor.cpp:
1218         (JSC::RegExpConstructor::RegExpConstructor):
1219         * runtime/ScopeChain.cpp:
1220         (JSC::ScopeChainNode::print):
1221         * runtime/ScopeChain.h:
1222         (JSC::ScopeChainNode::~ScopeChainNode):
1223         (JSC::ScopeChainIterator::operator*):
1224         (JSC::ScopeChainIterator::operator->):
1225         (JSC::ScopeChain::top):
1226         * runtime/ScopeChainMark.h:
1227         (JSC::ScopeChain::markAggregate):
1228         * runtime/SmallStrings.cpp:
1229         (JSC::isMarked):
1230         (JSC::SmallStrings::markChildren):
1231         * runtime/SmallStrings.h:
1232         (JSC::SmallStrings::emptyString):
1233         (JSC::SmallStrings::singleCharacterString):
1234         (JSC::SmallStrings::singleCharacterStrings):
1235         * runtime/StringConstructor.cpp:
1236         (JSC::StringConstructor::StringConstructor):
1237         * runtime/StringObject.cpp:
1238         (JSC::StringObject::StringObject):
1239         * runtime/StringObject.h:
1240         * runtime/StringPrototype.cpp:
1241         (JSC::StringPrototype::StringPrototype):
1242         * runtime/Structure.cpp:
1243         (JSC::Structure::Structure):
1244         (JSC::Structure::addPropertyTransition):
1245         (JSC::Structure::toDictionaryTransition):
1246         (JSC::Structure::flattenDictionaryStructure):
1247         * runtime/Structure.h:
1248         (JSC::Structure::storedPrototype):
1249         * runtime/WeakGCMap.h:
1250         (JSC::WeakGCMap::uncheckedGet):
1251         (JSC::WeakGCMap::isValid):
1252         (JSC::::get):
1253         (JSC::::take):
1254         (JSC::::set):
1255         (JSC::::uncheckedRemove):
1256         * runtime/WriteBarrier.h: Removed.
1257
1258 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1259
1260         Build fix the build fix. I assume Oliver meant m_cell, not m_value.
1261
1262         * runtime/WriteBarrier.h:
1263         (JSC::WriteBarrierBase::clear):
1264
1265 2011-01-30  Oliver Hunt  <oliver@apple.com>
1266
1267         More Qt build fixes
1268
1269         * runtime/WriteBarrier.h:
1270         (JSC::WriteBarrierBase::clear):
1271
1272 2011-01-30  Oliver Hunt  <oliver@apple.com>
1273
1274         Convert markstack to a slot visitor API
1275         https://bugs.webkit.org/show_bug.cgi?id=53219
1276
1277         rolling r77006 and r77020 back in.
1278
1279         * API/JSCallbackObject.h:
1280         (JSC::JSCallbackObjectData::setPrivateProperty):
1281         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1282         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1283         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1284         (JSC::JSCallbackObject::setPrivateProperty):
1285         * API/JSCallbackObjectFunctions.h:
1286         (JSC::::put):
1287         (JSC::::staticFunctionGetter):
1288         * API/JSObjectRef.cpp:
1289         (JSObjectMakeConstructor):
1290         (JSObjectSetPrivateProperty):
1291         * API/JSWeakObjectMapRefInternal.h:
1292         * JavaScriptCore.exp:
1293         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1294         * JavaScriptCore.xcodeproj/project.pbxproj:
1295         * bytecode/CodeBlock.cpp:
1296         (JSC::CodeBlock::markAggregate):
1297         * bytecode/CodeBlock.h:
1298         (JSC::CodeBlock::globalObject):
1299         * bytecompiler/BytecodeGenerator.cpp:
1300         (JSC::BytecodeGenerator::BytecodeGenerator):
1301         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1302         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1303         (JSC::BytecodeGenerator::findScopedProperty):
1304         * debugger/Debugger.cpp:
1305         (JSC::evaluateInGlobalCallFrame):
1306         * debugger/DebuggerActivation.cpp:
1307         (JSC::DebuggerActivation::DebuggerActivation):
1308         (JSC::DebuggerActivation::markChildren):
1309         * debugger/DebuggerActivation.h:
1310         * debugger/DebuggerCallFrame.cpp:
1311         (JSC::DebuggerCallFrame::evaluate):
1312         * interpreter/CallFrame.h:
1313         (JSC::ExecState::exception):
1314         * interpreter/Interpreter.cpp:
1315         (JSC::Interpreter::resolve):
1316         (JSC::Interpreter::resolveSkip):
1317         (JSC::Interpreter::resolveGlobal):
1318         (JSC::Interpreter::resolveGlobalDynamic):
1319         (JSC::Interpreter::resolveBaseAndProperty):
1320         (JSC::Interpreter::unwindCallFrame):
1321         (JSC::appendSourceToError):
1322         (JSC::Interpreter::execute):
1323         (JSC::Interpreter::tryCacheGetByID):
1324         (JSC::Interpreter::privateExecute):
1325         * jit/JITStubs.cpp:
1326         (JSC::JITThunks::tryCacheGetByID):
1327         (JSC::DEFINE_STUB_FUNCTION):
1328         * jsc.cpp:
1329         (GlobalObject::GlobalObject):
1330         * runtime/ArgList.cpp:
1331         (JSC::MarkedArgumentBuffer::markLists):
1332         * runtime/Arguments.cpp:
1333         (JSC::Arguments::markChildren):
1334         (JSC::Arguments::getOwnPropertySlot):
1335         (JSC::Arguments::getOwnPropertyDescriptor):
1336         (JSC::Arguments::put):
1337         * runtime/Arguments.h:
1338         (JSC::Arguments::setActivation):
1339         (JSC::Arguments::Arguments):
1340         * runtime/ArrayConstructor.cpp:
1341         (JSC::ArrayConstructor::ArrayConstructor):
1342         (JSC::constructArrayWithSizeQuirk):
1343         * runtime/ArrayPrototype.cpp:
1344         (JSC::arrayProtoFuncSplice):
1345         * runtime/BatchedTransitionOptimizer.h:
1346         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1347         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1348         * runtime/BooleanConstructor.cpp:
1349         (JSC::BooleanConstructor::BooleanConstructor):
1350         (JSC::constructBoolean):
1351         (JSC::constructBooleanFromImmediateBoolean):
1352         * runtime/BooleanPrototype.cpp:
1353         (JSC::BooleanPrototype::BooleanPrototype):
1354         * runtime/ConservativeSet.cpp:
1355         (JSC::ConservativeSet::grow):
1356         * runtime/ConservativeSet.h:
1357         (JSC::ConservativeSet::~ConservativeSet):
1358         (JSC::ConservativeSet::mark):
1359         * runtime/DateConstructor.cpp:
1360         (JSC::DateConstructor::DateConstructor):
1361         * runtime/DateInstance.cpp:
1362         (JSC::DateInstance::DateInstance):
1363         * runtime/DatePrototype.cpp:
1364         (JSC::dateProtoFuncSetTime):
1365         (JSC::setNewValueFromTimeArgs):
1366         (JSC::setNewValueFromDateArgs):
1367         (JSC::dateProtoFuncSetYear):
1368         * runtime/ErrorConstructor.cpp:
1369         (JSC::ErrorConstructor::ErrorConstructor):
1370         * runtime/ErrorInstance.cpp:
1371         (JSC::ErrorInstance::ErrorInstance):
1372         * runtime/ErrorPrototype.cpp:
1373         (JSC::ErrorPrototype::ErrorPrototype):
1374         * runtime/FunctionConstructor.cpp:
1375         (JSC::FunctionConstructor::FunctionConstructor):
1376         * runtime/FunctionPrototype.cpp:
1377         (JSC::FunctionPrototype::FunctionPrototype):
1378         * runtime/GetterSetter.cpp:
1379         (JSC::GetterSetter::markChildren):
1380         * runtime/GetterSetter.h:
1381         (JSC::GetterSetter::GetterSetter):
1382         (JSC::GetterSetter::getter):
1383         (JSC::GetterSetter::setGetter):
1384         (JSC::GetterSetter::setter):
1385         (JSC::GetterSetter::setSetter):
1386         * runtime/GlobalEvalFunction.cpp:
1387         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1388         (JSC::GlobalEvalFunction::markChildren):
1389         * runtime/GlobalEvalFunction.h:
1390         (JSC::GlobalEvalFunction::cachedGlobalObject):
1391         * runtime/Heap.cpp:
1392         (JSC::Heap::markProtectedObjects):
1393         (JSC::Heap::markTempSortVectors):
1394         (JSC::Heap::markRoots):
1395         * runtime/InternalFunction.cpp:
1396         (JSC::InternalFunction::InternalFunction):
1397         * runtime/JSAPIValueWrapper.h:
1398         (JSC::JSAPIValueWrapper::value):
1399         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1400         * runtime/JSActivation.cpp:
1401         (JSC::JSActivation::markChildren):
1402         (JSC::JSActivation::put):
1403         * runtime/JSArray.cpp:
1404         (JSC::JSArray::JSArray):
1405         (JSC::JSArray::getOwnPropertySlot):
1406         (JSC::JSArray::getOwnPropertyDescriptor):
1407         (JSC::JSArray::put):
1408         (JSC::JSArray::putSlowCase):
1409         (JSC::JSArray::deleteProperty):
1410         (JSC::JSArray::increaseVectorLength):
1411         (JSC::JSArray::setLength):
1412         (JSC::JSArray::pop):
1413         (JSC::JSArray::push):
1414         (JSC::JSArray::unshiftCount):
1415         (JSC::JSArray::sort):
1416         (JSC::JSArray::fillArgList):
1417         (JSC::JSArray::copyToRegisters):
1418         (JSC::JSArray::compactForSorting):
1419         * runtime/JSArray.h:
1420         (JSC::JSArray::getIndex):
1421         (JSC::JSArray::setIndex):
1422         (JSC::JSArray::uncheckedSetIndex):
1423         (JSC::JSArray::markChildrenDirect):
1424         * runtime/JSByteArray.cpp:
1425         (JSC::JSByteArray::JSByteArray):
1426         * runtime/JSCell.h:
1427         (JSC::JSCell::MarkStack::append):
1428         (JSC::JSCell::MarkStack::internalAppend):
1429         (JSC::JSCell::MarkStack::deprecatedAppend):
1430         * runtime/JSFunction.cpp:
1431         (JSC::JSFunction::JSFunction):
1432         (JSC::JSFunction::getOwnPropertySlot):
1433         * runtime/JSGlobalData.h:
1434         * runtime/JSGlobalObject.cpp:
1435         (JSC::markIfNeeded):
1436         (JSC::JSGlobalObject::reset):
1437         (JSC::JSGlobalObject::resetPrototype):
1438         (JSC::JSGlobalObject::markChildren):
1439         * runtime/JSGlobalObject.h:
1440         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
1441         (JSC::JSGlobalObject::regExpConstructor):
1442         (JSC::JSGlobalObject::errorConstructor):
1443         (JSC::JSGlobalObject::evalErrorConstructor):
1444         (JSC::JSGlobalObject::rangeErrorConstructor):
1445         (JSC::JSGlobalObject::referenceErrorConstructor):
1446         (JSC::JSGlobalObject::syntaxErrorConstructor):
1447         (JSC::JSGlobalObject::typeErrorConstructor):
1448         (JSC::JSGlobalObject::URIErrorConstructor):
1449         (JSC::JSGlobalObject::evalFunction):
1450         (JSC::JSGlobalObject::objectPrototype):
1451         (JSC::JSGlobalObject::functionPrototype):
1452         (JSC::JSGlobalObject::arrayPrototype):
1453         (JSC::JSGlobalObject::booleanPrototype):
1454         (JSC::JSGlobalObject::stringPrototype):
1455         (JSC::JSGlobalObject::numberPrototype):
1456         (JSC::JSGlobalObject::datePrototype):
1457         (JSC::JSGlobalObject::regExpPrototype):
1458         (JSC::JSGlobalObject::methodCallDummy):
1459         (JSC::Structure::prototypeForLookup):
1460         (JSC::constructArray):
1461         * runtime/JSONObject.cpp:
1462         (JSC::Stringifier::Holder::object):
1463         (JSC::Stringifier::Holder::objectSlot):
1464         (JSC::Stringifier::markAggregate):
1465         (JSC::Stringifier::stringify):
1466         (JSC::Stringifier::Holder::appendNextProperty):
1467         (JSC::Walker::callReviver):
1468         (JSC::Walker::walk):
1469         * runtime/JSObject.cpp:
1470         (JSC::JSObject::defineGetter):
1471         (JSC::JSObject::defineSetter):
1472         (JSC::JSObject::removeDirect):
1473         (JSC::JSObject::putDirectFunction):
1474         (JSC::JSObject::putDirectFunctionWithoutTransition):
1475         (JSC::putDescriptor):
1476         (JSC::JSObject::defineOwnProperty):
1477         * runtime/JSObject.h:
1478         (JSC::JSObject::getDirectOffset):
1479         (JSC::JSObject::putDirectOffset):
1480         (JSC::JSObject::putUndefinedAtDirectOffset):
1481         (JSC::JSObject::flattenDictionaryObject):
1482         (JSC::JSObject::putDirectInternal):
1483         (JSC::JSObject::putDirect):
1484         (JSC::JSObject::putDirectFunction):
1485         (JSC::JSObject::putDirectWithoutTransition):
1486         (JSC::JSObject::putDirectFunctionWithoutTransition):
1487         (JSC::JSValue::putDirect):
1488         (JSC::JSObject::allocatePropertyStorageInline):
1489         (JSC::JSObject::markChildrenDirect):
1490         * runtime/JSPropertyNameIterator.cpp:
1491         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
1492         (JSC::JSPropertyNameIterator::get):
1493         * runtime/JSPropertyNameIterator.h:
1494         * runtime/JSStaticScopeObject.cpp:
1495         (JSC::JSStaticScopeObject::markChildren):
1496         * runtime/JSString.cpp:
1497         (JSC::StringObject::create):
1498         * runtime/JSValue.h:
1499         * runtime/JSWrapperObject.cpp:
1500         (JSC::JSWrapperObject::markChildren):
1501         * runtime/JSWrapperObject.h:
1502         (JSC::JSWrapperObject::internalValue):
1503         (JSC::JSWrapperObject::setInternalValue):
1504         * runtime/LiteralParser.cpp:
1505         (JSC::LiteralParser::parse):
1506         * runtime/Lookup.cpp:
1507         (JSC::setUpStaticFunctionSlot):
1508         * runtime/Lookup.h:
1509         (JSC::lookupPut):
1510         * runtime/MarkStack.h:
1511         (JSC::MarkStack::MarkStack):
1512         (JSC::MarkStack::deprecatedAppendValues):
1513         (JSC::MarkStack::appendValues):
1514         * runtime/MathObject.cpp:
1515         (JSC::MathObject::MathObject):
1516         * runtime/NativeErrorConstructor.cpp:
1517         (JSC::NativeErrorConstructor::NativeErrorConstructor):
1518         * runtime/NativeErrorPrototype.cpp:
1519         (JSC::NativeErrorPrototype::NativeErrorPrototype):
1520         * runtime/NumberConstructor.cpp:
1521         (JSC::NumberConstructor::NumberConstructor):
1522         (JSC::constructWithNumberConstructor):
1523         * runtime/NumberObject.cpp:
1524         (JSC::constructNumber):
1525         * runtime/NumberPrototype.cpp:
1526         (JSC::NumberPrototype::NumberPrototype):
1527         * runtime/ObjectConstructor.cpp:
1528         (JSC::ObjectConstructor::ObjectConstructor):
1529         (JSC::objectConstructorGetOwnPropertyDescriptor):
1530         * runtime/Operations.h:
1531         (JSC::normalizePrototypeChain):
1532         (JSC::resolveBase):
1533         * runtime/PrototypeFunction.cpp:
1534         (JSC::PrototypeFunction::PrototypeFunction):
1535         * runtime/PutPropertySlot.h:
1536         (JSC::PutPropertySlot::setExistingProperty):
1537         (JSC::PutPropertySlot::setNewProperty):
1538         (JSC::PutPropertySlot::base):
1539         * runtime/RegExpConstructor.cpp:
1540         (JSC::RegExpConstructor::RegExpConstructor):
1541         * runtime/ScopeChain.cpp:
1542         (JSC::ScopeChainNode::print):
1543         * runtime/ScopeChain.h:
1544         (JSC::ScopeChainNode::~ScopeChainNode):
1545         (JSC::ScopeChainIterator::operator*):
1546         (JSC::ScopeChainIterator::operator->):
1547         (JSC::ScopeChain::top):
1548         * runtime/ScopeChainMark.h:
1549         (JSC::ScopeChain::markAggregate):
1550         * runtime/SmallStrings.cpp:
1551         (JSC::isMarked):
1552         (JSC::SmallStrings::markChildren):
1553         * runtime/SmallStrings.h:
1554         (JSC::SmallStrings::emptyString):
1555         (JSC::SmallStrings::singleCharacterString):
1556         (JSC::SmallStrings::singleCharacterStrings):
1557         * runtime/StringConstructor.cpp:
1558         (JSC::StringConstructor::StringConstructor):
1559         * runtime/StringObject.cpp:
1560         (JSC::StringObject::StringObject):
1561         * runtime/StringObject.h:
1562         * runtime/StringPrototype.cpp:
1563         (JSC::StringPrototype::StringPrototype):
1564         * runtime/Structure.cpp:
1565         (JSC::Structure::Structure):
1566         (JSC::Structure::addPropertyTransition):
1567         (JSC::Structure::toDictionaryTransition):
1568         (JSC::Structure::flattenDictionaryStructure):
1569         * runtime/Structure.h:
1570         (JSC::Structure::storedPrototype):
1571         (JSC::Structure::storedPrototypeSlot):
1572         * runtime/WeakGCMap.h:
1573         (JSC::WeakGCMap::uncheckedGet):
1574         (JSC::WeakGCMap::uncheckedGetSlot):
1575         (JSC::WeakGCMap::isValid):
1576         (JSC::::get):
1577         (JSC::::take):
1578         (JSC::::set):
1579         (JSC::::uncheckedRemove):
1580         * runtime/WriteBarrier.h: Added.
1581         (JSC::DeprecatedPtr::DeprecatedPtr):
1582         (JSC::DeprecatedPtr::get):
1583         (JSC::DeprecatedPtr::operator*):
1584         (JSC::DeprecatedPtr::operator->):
1585         (JSC::DeprecatedPtr::slot):
1586         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
1587         (JSC::DeprecatedPtr::operator!):
1588         (JSC::WriteBarrierBase::set):
1589         (JSC::WriteBarrierBase::get):
1590         (JSC::WriteBarrierBase::operator*):
1591         (JSC::WriteBarrierBase::operator->):
1592         (JSC::WriteBarrierBase::slot):
1593         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
1594         (JSC::WriteBarrierBase::operator!):
1595         (JSC::WriteBarrier::WriteBarrier):
1596         (JSC::operator==):
1597
1598 2011-01-30  Geoffrey Garen  <ggaren@apple.com>
1599
1600         Reviewed by Oliver Hunt.
1601
1602         Filter all Heap collection through a common reset function, in
1603         preparation for adding features triggered by collection.
1604         https://bugs.webkit.org/show_bug.cgi?id=53396
1605         
1606         SunSpider reports no change.
1607
1608         * runtime/Heap.cpp:
1609         (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost
1610         limit, just call collectAllGarbage() instead of rolling our own special
1611         way of resetting the heap. In theory, this may be slower in some cases,
1612         but it also fixes cases of pathological heap growth that we've seen,
1613         where the only objects being allocated are temporary and huge
1614         (<rdar://problem/8885843>).
1615
1616         (JSC::Heap::allocate):
1617         (JSC::Heap::collectAllGarbage): Use the shared reset function.
1618
1619         (JSC::Heap::reset):
1620         * runtime/Heap.h: Carved a new shared reset function out of the old
1621         collectAllGarbage.
1622
1623 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1624
1625         Unreviewed, rolling out r77025.
1626         http://trac.webkit.org/changeset/77025
1627         https://bugs.webkit.org/show_bug.cgi?id=53401
1628
1629         It made js1_5/Regress/regress-159334.js fail on 64 bit Linux
1630         (Requested by Ossy on #webkit).
1631
1632         * jit/ExecutableAllocatorFixedVMPool.cpp:
1633         (JSC::FreeListEntry::FreeListEntry):
1634         (JSC::AVLTreeAbstractorForFreeList::get_less):
1635         (JSC::AVLTreeAbstractorForFreeList::set_less):
1636         (JSC::AVLTreeAbstractorForFreeList::get_greater):
1637         (JSC::AVLTreeAbstractorForFreeList::set_greater):
1638         (JSC::AVLTreeAbstractorForFreeList::get_balance_factor):
1639         (JSC::AVLTreeAbstractorForFreeList::set_balance_factor):
1640         (JSC::AVLTreeAbstractorForFreeList::null):
1641         (JSC::AVLTreeAbstractorForFreeList::compare_key_key):
1642         (JSC::AVLTreeAbstractorForFreeList::compare_key_node):
1643         (JSC::AVLTreeAbstractorForFreeList::compare_node_node):
1644         (JSC::reverseSortFreeListEntriesByPointer):
1645         (JSC::reverseSortCommonSizedAllocations):
1646         (JSC::FixedVMPoolAllocator::release):
1647         (JSC::FixedVMPoolAllocator::reuse):
1648         (JSC::FixedVMPoolAllocator::addToFreeList):
1649         (JSC::FixedVMPoolAllocator::coalesceFreeSpace):
1650         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1651         (JSC::FixedVMPoolAllocator::alloc):
1652         (JSC::FixedVMPoolAllocator::free):
1653         (JSC::FixedVMPoolAllocator::isValid):
1654         (JSC::FixedVMPoolAllocator::allocInternal):
1655         (JSC::FixedVMPoolAllocator::isWithinVMPool):
1656         (JSC::FixedVMPoolAllocator::addToCommittedByteCount):
1657         (JSC::ExecutableAllocator::committedByteCount):
1658         (JSC::maybeModifyVMPoolSize):
1659         (JSC::ExecutableAllocator::isValid):
1660         (JSC::ExecutableAllocator::underMemoryPressure):
1661         (JSC::ExecutablePool::systemAlloc):
1662         (JSC::ExecutablePool::systemRelease):
1663         * wtf/PageReservation.h:
1664         (WTF::PageReservation::PageReservation):
1665         (WTF::PageReservation::commit):
1666         (WTF::PageReservation::decommit):
1667
1668 2011-01-30  Leo Yang  <leo.yang@torchmobile.com.cn>
1669
1670         Reviewed by Daniel Bates.
1671
1672         Code style issue in JavaScriptCore/wtf/CurrentTime.h
1673         https://bugs.webkit.org/show_bug.cgi?id=53394
1674
1675         According to rule #3 at http://webkit.org/coding/coding-style.html,
1676         This patch fix style issue in CurrentTime.h.
1677
1678         No functionality change, no new tests.
1679
1680         * wtf/CurrentTime.h:
1681         (WTF::currentTimeMS):
1682         (WTF::getLocalTime):
1683
1684 2011-01-30  Benjamin Poulain  <ikipou@gmail.com>
1685
1686         Reviewed by Kenneth Rohde Christiansen.
1687
1688         [Qt] JavaScriptCore does not link on Mac if building WebKit 2
1689         https://bugs.webkit.org/show_bug.cgi?id=53377
1690
1691         The option "-whole-archive" is not availabe with the libtool of Mac OS X,
1692         instead, we can use "-all_load" on Mac.
1693
1694         * JavaScriptCore.pri:
1695
1696 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1697
1698         Sorry Leopard bot -- I committed a change by accident.
1699
1700         * JavaScriptCore.exp: You may have your symbols back now.
1701
1702 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1703
1704         Reviewed by Cameron Zwarich.
1705
1706         Simplified Heap iteration
1707         https://bugs.webkit.org/show_bug.cgi?id=53393
1708
1709         * runtime/CollectorHeapIterator.h:
1710         (JSC::CollectorHeapIterator::isValid):
1711         (JSC::CollectorHeapIterator::isLive):
1712         (JSC::CollectorHeapIterator::advance): Removed "max" argument to
1713         advance because it's a constant.
1714         (JSC::LiveObjectIterator::LiveObjectIterator):
1715         (JSC::LiveObjectIterator::operator++):
1716         (JSC::DeadObjectIterator::DeadObjectIterator):
1717         (JSC::DeadObjectIterator::operator++):
1718         (JSC::ObjectIterator::ObjectIterator):
1719         (JSC::ObjectIterator::operator++): Factored out common checks into
1720         two helper functions -- isValid() for "Am I past the end?" and isLive()
1721         for "Is the cell I'm pointing to live?".
1722
1723         * runtime/MarkedSpace.cpp:
1724         (JSC::MarkedSpace::freeBlock):
1725         (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap
1726         to the end, to avoid making sweep subtly reliant on internal Heap state.
1727         (JSC::MarkedSpace::primaryHeapBegin):
1728         (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where
1729         iteration begins.
1730
1731 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1732
1733         Reviewed by Cameron Zwarich.
1734
1735         Simplified heap destruction
1736         https://bugs.webkit.org/show_bug.cgi?id=53392
1737
1738         * JavaScriptCore.exp:
1739         * runtime/Heap.cpp:
1740         (JSC::Heap::destroy):
1741         * runtime/Heap.h:
1742         * runtime/MarkedSpace.cpp:
1743         (JSC::MarkedSpace::destroy):
1744         * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected
1745         cells last -- the difficult contortions required to do so just don't seem
1746         justified. We make no guarantees about GC protection after the client
1747         throws away JSGlobalData, and it doesn't seem like any meaningful
1748         guarantee is even possible.
1749
1750 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
1751
1752         Reviewed by Maciej Stachowiak.
1753
1754         Switched heap to use the Bitmap class and removed CollectorBitmap
1755         https://bugs.webkit.org/show_bug.cgi?id=53391
1756         
1757         SunSpider says 1.005x as fast. Seems like a fluke.
1758
1759         * runtime/MarkedSpace.cpp:
1760         (JSC::MarkedSpace::allocate): Updated for rename and returning a value
1761         rather than taking a value by reference.
1762
1763         * runtime/MarkedSpace.h: Code reuse is good.
1764
1765         * wtf/Bitmap.h:
1766         (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing
1767         which CollectorBitmap had. (Renamed from the less conventional "getset".)
1768
1769         (WTF::::nextPossiblyUnset): Renamed and changed to return a value for
1770         clarity. It's all the same with inlining.
1771
1772 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
1773
1774         Reviewed by Maciej Stachowiak.
1775
1776         Some more Heap cleanup.
1777         https://bugs.webkit.org/show_bug.cgi?id=53357
1778         
1779         * JavaScriptCore.exp:
1780         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols.
1781
1782         * runtime/Heap.cpp:
1783         (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to 
1784         reportExtraMemoryCostSlowCase to match our naming conventions.
1785
1786         (JSC::Heap::capacity): Renamed size to capacity because this function
1787         returns the capacity of the heap, including unused portions.
1788
1789         * runtime/Heap.h:
1790         (JSC::Heap::globalData):
1791         (JSC::Heap::markedSpace):
1792         (JSC::Heap::machineStackMarker):
1793         (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file.
1794         Moved ctor and dtor to the beginning of the class definition. Grouped
1795         functions by purpose.
1796
1797         * runtime/MarkedSpace.cpp:
1798         (JSC::MarkedSpace::capacity): Renamed size to capacity because this
1799         function returns the capacity of the heap, including unused portions.
1800
1801         * runtime/MarkedSpace.h: Removed statistics and the Statistics class because
1802         the same information can be gotten just by calling size() and capacity().
1803
1804         * runtime/MemoryStatistics.cpp:
1805         * runtime/MemoryStatistics.h: Ditto.
1806
1807 2011-01-29  Daniel Bates  <dbates@rim.com>
1808
1809         Reviewed by Eric Seidel.
1810
1811         Move wince/mt19937ar.c to ThirdParty and make it a policy choice
1812         https://bugs.webkit.org/show_bug.cgi?id=53253
1813
1814         Make inclusion of MT19937 a policy decision.
1815
1816         Currently, we hardcoded to  use MT19937 when building for
1817         Windows CE. Instead, we should make this a policy decision
1818         with the Windows CE port using this by default.
1819
1820         * JavaScriptCore.pri: Append Source/ThirdParty to the end
1821         of the list include directories.
1822         * wtf/CMakeLists.txt: Ditto.
1823         * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when
1824         building for Windows CE.
1825         * wtf/RandomNumber.cpp:
1826         (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE).
1827
1828 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1829
1830         Reviewed by David Kilzer.
1831
1832         Bug 53374 - Remove uses of unsafe string functions in debugging code
1833         https://bugs.webkit.org/show_bug.cgi?id=53374
1834
1835         * runtime/RegExp.cpp:
1836         (JSC::RegExp::printTraceData):
1837
1838 2011-01-29  Cameron Zwarich  <zwarich@apple.com>
1839
1840         Reviewed by Oliver Hunt.
1841
1842         JavaScriptCoreUseJIT environment variable broken
1843         https://bugs.webkit.org/show_bug.cgi?id=53372
1844
1845         * runtime/JSGlobalData.cpp:
1846         (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned
1847         by getenv() rather than just doing a NULL check on the return value.
1848
1849 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
1850
1851         Reviewed by David Kilzer.
1852
1853         Move CharacterNames.h into WTF directory
1854         https://bugs.webkit.org/show_bug.cgi?id=49618
1855
1856         * GNUmakefile.am:
1857         * JavaScriptCore.gypi:
1858         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1859         * JavaScriptCore.xcodeproj/project.pbxproj:
1860         * wtf/CMakeLists.txt:
1861         * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h.
1862         * wtf/unicode/UTF8.cpp:
1863
1864 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
1865
1866         Reviewed by Gavin Barraclough.
1867
1868         Add various clampToInt() methods to MathExtras.h
1869         https://bugs.webkit.org/show_bug.cgi?id=52910
1870         
1871         Add functions for clamping doubles and floats to valid int
1872         ranges, for signed and positive integers.
1873
1874         * wtf/MathExtras.h:
1875         (clampToInteger):
1876         (clampToPositiveInteger):
1877
1878 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1879
1880         Unreviewed, rolling out r77006 and r77020.
1881         http://trac.webkit.org/changeset/77006
1882         http://trac.webkit.org/changeset/77020
1883         https://bugs.webkit.org/show_bug.cgi?id=53360
1884
1885         "Broke Windows tests" (Requested by rniwa on #webkit).
1886
1887         * API/JSCallbackObject.h:
1888         (JSC::JSCallbackObjectData::setPrivateProperty):
1889         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
1890         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
1891         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
1892         (JSC::JSCallbackObject::setPrivateProperty):
1893         * API/JSCallbackObjectFunctions.h:
1894         (JSC::::put):
1895         (JSC::::staticFunctionGetter):
1896         * API/JSObjectRef.cpp:
1897         (JSObjectMakeConstructor):
1898         (JSObjectSetPrivateProperty):
1899         * API/JSWeakObjectMapRefInternal.h:
1900         * JavaScriptCore.exp:
1901         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1902         * JavaScriptCore.xcodeproj/project.pbxproj:
1903         * bytecode/CodeBlock.cpp:
1904         (JSC::CodeBlock::markAggregate):
1905         * bytecode/CodeBlock.h:
1906         (JSC::CodeBlock::globalObject):
1907         * bytecompiler/BytecodeGenerator.cpp:
1908         (JSC::BytecodeGenerator::BytecodeGenerator):
1909         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
1910         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
1911         (JSC::BytecodeGenerator::findScopedProperty):
1912         * debugger/Debugger.cpp:
1913         (JSC::evaluateInGlobalCallFrame):
1914         * debugger/DebuggerActivation.cpp:
1915         (JSC::DebuggerActivation::DebuggerActivation):
1916         (JSC::DebuggerActivation::markChildren):
1917         * debugger/DebuggerActivation.h:
1918         * debugger/DebuggerCallFrame.cpp:
1919         (JSC::DebuggerCallFrame::evaluate):
1920         * interpreter/CallFrame.h:
1921         (JSC::ExecState::exception):
1922         * interpreter/Interpreter.cpp:
1923         (JSC::Interpreter::resolve):
1924         (JSC::Interpreter::resolveSkip):
1925         (JSC::Interpreter::resolveGlobal):
1926         (JSC::Interpreter::resolveGlobalDynamic):
1927         (JSC::Interpreter::resolveBaseAndProperty):
1928         (JSC::Interpreter::unwindCallFrame):
1929         (JSC::appendSourceToError):
1930         (JSC::Interpreter::execute):
1931         (JSC::Interpreter::tryCacheGetByID):
1932         (JSC::Interpreter::privateExecute):
1933         * jit/JITStubs.cpp:
1934         (JSC::JITThunks::tryCacheGetByID):
1935         (JSC::DEFINE_STUB_FUNCTION):
1936         * jsc.cpp:
1937         (GlobalObject::GlobalObject):
1938         * runtime/ArgList.cpp:
1939         (JSC::MarkedArgumentBuffer::markLists):
1940         * runtime/Arguments.cpp:
1941         (JSC::Arguments::markChildren):
1942         (JSC::Arguments::getOwnPropertySlot):
1943         (JSC::Arguments::getOwnPropertyDescriptor):
1944         (JSC::Arguments::put):
1945         * runtime/Arguments.h:
1946         (JSC::Arguments::setActivation):
1947         (JSC::Arguments::Arguments):
1948         * runtime/ArrayConstructor.cpp:
1949         (JSC::ArrayConstructor::ArrayConstructor):
1950         (JSC::constructArrayWithSizeQuirk):
1951         * runtime/ArrayPrototype.cpp:
1952         (JSC::arrayProtoFuncSplice):
1953         * runtime/BatchedTransitionOptimizer.h:
1954         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
1955         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
1956         * runtime/BooleanConstructor.cpp:
1957         (JSC::BooleanConstructor::BooleanConstructor):
1958         (JSC::constructBoolean):
1959         (JSC::constructBooleanFromImmediateBoolean):
1960         * runtime/BooleanPrototype.cpp:
1961         (JSC::BooleanPrototype::BooleanPrototype):
1962         * runtime/ConservativeSet.cpp:
1963         (JSC::ConservativeSet::grow):
1964         * runtime/ConservativeSet.h:
1965         (JSC::ConservativeSet::~ConservativeSet):
1966         (JSC::ConservativeSet::mark):
1967         * runtime/DateConstructor.cpp:
1968         (JSC::DateConstructor::DateConstructor):
1969         * runtime/DateInstance.cpp:
1970         (JSC::DateInstance::DateInstance):
1971         * runtime/DatePrototype.cpp:
1972         (JSC::dateProtoFuncSetTime):
1973         (JSC::setNewValueFromTimeArgs):
1974         (JSC::setNewValueFromDateArgs):
1975         (JSC::dateProtoFuncSetYear):
1976         * runtime/ErrorConstructor.cpp:
1977         (JSC::ErrorConstructor::ErrorConstructor):
1978         * runtime/ErrorInstance.cpp:
1979         (JSC::ErrorInstance::ErrorInstance):
1980         * runtime/ErrorPrototype.cpp:
1981         (JSC::ErrorPrototype::ErrorPrototype):
1982         * runtime/FunctionConstructor.cpp:
1983         (JSC::FunctionConstructor::FunctionConstructor):
1984         * runtime/FunctionPrototype.cpp:
1985         (JSC::FunctionPrototype::FunctionPrototype):
1986         * runtime/GetterSetter.cpp:
1987         (JSC::GetterSetter::markChildren):
1988         * runtime/GetterSetter.h:
1989         (JSC::GetterSetter::GetterSetter):
1990         (JSC::GetterSetter::getter):
1991         (JSC::GetterSetter::setGetter):
1992         (JSC::GetterSetter::setter):
1993         (JSC::GetterSetter::setSetter):
1994         * runtime/GlobalEvalFunction.cpp:
1995         (JSC::GlobalEvalFunction::GlobalEvalFunction):
1996         (JSC::GlobalEvalFunction::markChildren):
1997         * runtime/GlobalEvalFunction.h:
1998         (JSC::GlobalEvalFunction::cachedGlobalObject):
1999         * runtime/Heap.cpp:
2000         (JSC::Heap::markProtectedObjects):
2001         (JSC::Heap::markTempSortVectors):
2002         (JSC::Heap::markRoots):
2003         * runtime/InternalFunction.cpp:
2004         (JSC::InternalFunction::InternalFunction):
2005         * runtime/JSAPIValueWrapper.h:
2006         (JSC::JSAPIValueWrapper::value):
2007         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2008         * runtime/JSActivation.cpp:
2009         (JSC::JSActivation::markChildren):
2010         (JSC::JSActivation::put):
2011         * runtime/JSArray.cpp:
2012         (JSC::JSArray::JSArray):
2013         (JSC::JSArray::getOwnPropertySlot):
2014         (JSC::JSArray::getOwnPropertyDescriptor):
2015         (JSC::JSArray::put):
2016         (JSC::JSArray::putSlowCase):
2017         (JSC::JSArray::deleteProperty):
2018         (JSC::JSArray::increaseVectorLength):
2019         (JSC::JSArray::setLength):
2020         (JSC::JSArray::pop):
2021         (JSC::JSArray::push):
2022         (JSC::JSArray::unshiftCount):
2023         (JSC::JSArray::sort):
2024         (JSC::JSArray::fillArgList):
2025         (JSC::JSArray::copyToRegisters):
2026         (JSC::JSArray::compactForSorting):
2027         * runtime/JSArray.h:
2028         (JSC::JSArray::getIndex):
2029         (JSC::JSArray::setIndex):
2030         (JSC::JSArray::uncheckedSetIndex):
2031         (JSC::JSArray::markChildrenDirect):
2032         * runtime/JSByteArray.cpp:
2033         (JSC::JSByteArray::JSByteArray):
2034         * runtime/JSCell.h:
2035         (JSC::JSCell::JSValue::toThisObject):
2036         (JSC::JSCell::MarkStack::append):
2037         * runtime/JSFunction.cpp:
2038         (JSC::JSFunction::JSFunction):
2039         (JSC::JSFunction::getOwnPropertySlot):
2040         * runtime/JSGlobalData.h:
2041         * runtime/JSGlobalObject.cpp:
2042         (JSC::markIfNeeded):
2043         (JSC::JSGlobalObject::reset):
2044         (JSC::JSGlobalObject::resetPrototype):
2045         (JSC::JSGlobalObject::markChildren):
2046         * runtime/JSGlobalObject.h:
2047         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2048         (JSC::JSGlobalObject::regExpConstructor):
2049         (JSC::JSGlobalObject::errorConstructor):
2050         (JSC::JSGlobalObject::evalErrorConstructor):
2051         (JSC::JSGlobalObject::rangeErrorConstructor):
2052         (JSC::JSGlobalObject::referenceErrorConstructor):
2053         (JSC::JSGlobalObject::syntaxErrorConstructor):
2054         (JSC::JSGlobalObject::typeErrorConstructor):
2055         (JSC::JSGlobalObject::URIErrorConstructor):
2056         (JSC::JSGlobalObject::evalFunction):
2057         (JSC::JSGlobalObject::objectPrototype):
2058         (JSC::JSGlobalObject::functionPrototype):
2059         (JSC::JSGlobalObject::arrayPrototype):
2060         (JSC::JSGlobalObject::booleanPrototype):
2061         (JSC::JSGlobalObject::stringPrototype):
2062         (JSC::JSGlobalObject::numberPrototype):
2063         (JSC::JSGlobalObject::datePrototype):
2064         (JSC::JSGlobalObject::regExpPrototype):
2065         (JSC::JSGlobalObject::methodCallDummy):
2066         (JSC::Structure::prototypeForLookup):
2067         (JSC::constructArray):
2068         * runtime/JSONObject.cpp:
2069         (JSC::Stringifier::Holder::object):
2070         (JSC::Stringifier::markAggregate):
2071         (JSC::Stringifier::stringify):
2072         (JSC::Stringifier::Holder::appendNextProperty):
2073         (JSC::Walker::callReviver):
2074         (JSC::Walker::walk):
2075         * runtime/JSObject.cpp:
2076         (JSC::JSObject::defineGetter):
2077         (JSC::JSObject::defineSetter):
2078         (JSC::JSObject::removeDirect):
2079         (JSC::JSObject::putDirectFunction):
2080         (JSC::JSObject::putDirectFunctionWithoutTransition):
2081         (JSC::putDescriptor):
2082         (JSC::JSObject::defineOwnProperty):
2083         * runtime/JSObject.h:
2084         (JSC::JSObject::getDirectOffset):
2085         (JSC::JSObject::putDirectOffset):
2086         (JSC::JSObject::flattenDictionaryObject):
2087         (JSC::JSObject::putDirectInternal):
2088         (JSC::JSObject::putDirect):
2089         (JSC::JSObject::putDirectFunction):
2090         (JSC::JSObject::putDirectWithoutTransition):
2091         (JSC::JSObject::putDirectFunctionWithoutTransition):
2092         (JSC::JSValue::putDirect):
2093         (JSC::JSObject::allocatePropertyStorageInline):
2094         (JSC::JSObject::markChildrenDirect):
2095         * runtime/JSPropertyNameIterator.cpp:
2096         (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
2097         (JSC::JSPropertyNameIterator::get):
2098         * runtime/JSPropertyNameIterator.h:
2099         * runtime/JSStaticScopeObject.cpp:
2100         (JSC::JSStaticScopeObject::markChildren):
2101         * runtime/JSString.cpp:
2102         (JSC::StringObject::create):
2103         * runtime/JSValue.h:
2104         * runtime/JSWrapperObject.cpp:
2105         (JSC::JSWrapperObject::markChildren):
2106         * runtime/JSWrapperObject.h:
2107         (JSC::JSWrapperObject::internalValue):
2108         (JSC::JSWrapperObject::setInternalValue):
2109         * runtime/LiteralParser.cpp:
2110         (JSC::LiteralParser::parse):
2111         * runtime/Lookup.cpp:
2112         (JSC::setUpStaticFunctionSlot):
2113         * runtime/Lookup.h:
2114         (JSC::lookupPut):
2115         * runtime/MarkStack.h:
2116         (JSC::MarkStack::appendValues):
2117         * runtime/MathObject.cpp:
2118         (JSC::MathObject::MathObject):
2119         * runtime/NativeErrorConstructor.cpp:
2120         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2121         * runtime/NativeErrorPrototype.cpp:
2122         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2123         * runtime/NumberConstructor.cpp:
2124         (JSC::NumberConstructor::NumberConstructor):
2125         (JSC::constructWithNumberConstructor):
2126         * runtime/NumberObject.cpp:
2127         (JSC::constructNumber):
2128         * runtime/NumberPrototype.cpp:
2129         (JSC::NumberPrototype::NumberPrototype):
2130         * runtime/ObjectConstructor.cpp:
2131         (JSC::ObjectConstructor::ObjectConstructor):
2132         (JSC::objectConstructorGetOwnPropertyDescriptor):
2133         * runtime/Operations.h:
2134         (JSC::normalizePrototypeChain):
2135         (JSC::resolveBase):
2136         * runtime/PrototypeFunction.cpp:
2137         (JSC::PrototypeFunction::PrototypeFunction):
2138         * runtime/PutPropertySlot.h:
2139         (JSC::PutPropertySlot::setExistingProperty):
2140         (JSC::PutPropertySlot::setNewProperty):
2141         (JSC::PutPropertySlot::base):
2142         * runtime/RegExpConstructor.cpp:
2143         (JSC::RegExpConstructor::RegExpConstructor):
2144         * runtime/ScopeChain.cpp:
2145         (JSC::ScopeChainNode::print):
2146         * runtime/ScopeChain.h:
2147         (JSC::ScopeChainNode::~ScopeChainNode):
2148         (JSC::ScopeChainIterator::operator*):
2149         (JSC::ScopeChainIterator::operator->):
2150         (JSC::ScopeChain::top):
2151         * runtime/ScopeChainMark.h:
2152         (JSC::ScopeChain::markAggregate):
2153         * runtime/SmallStrings.cpp:
2154         (JSC::isMarked):
2155         (JSC::SmallStrings::markChildren):
2156         * runtime/SmallStrings.h:
2157         (JSC::SmallStrings::emptyString):
2158         (JSC::SmallStrings::singleCharacterString):
2159         (JSC::SmallStrings::singleCharacterStrings):
2160         * runtime/StringConstructor.cpp:
2161         (JSC::StringConstructor::StringConstructor):
2162         * runtime/StringObject.cpp:
2163         (JSC::StringObject::StringObject):
2164         * runtime/StringObject.h:
2165         * runtime/StringPrototype.cpp:
2166         (JSC::StringPrototype::StringPrototype):
2167         * runtime/Structure.cpp:
2168         (JSC::Structure::Structure):
2169         (JSC::Structure::addPropertyTransition):
2170         (JSC::Structure::toDictionaryTransition):
2171         (JSC::Structure::flattenDictionaryStructure):
2172         * runtime/Structure.h:
2173         (JSC::Structure::storedPrototype):
2174         * runtime/WeakGCMap.h:
2175         (JSC::WeakGCMap::uncheckedGet):
2176         (JSC::WeakGCMap::isValid):
2177         (JSC::::get):
2178         (JSC::::take):
2179         (JSC::::set):
2180         (JSC::::uncheckedRemove):
2181         * runtime/WriteBarrier.h: Removed.
2182
2183 2011-01-28  Gavin Barraclough  <barraclough@apple.com>
2184
2185         Reviewed by Geoff Garen.
2186
2187         https://bugs.webkit.org/show_bug.cgi?id=53352
2188         Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH().
2189
2190         The FixedVMPoolAllocator currently uses a best fix policy -
2191         switch to first fit, this is less prone to external fragmentation.
2192
2193         * jit/ExecutableAllocatorFixedVMPool.cpp:
2194         (JSC::AllocationTableSizeClass::AllocationTableSizeClass):
2195         (JSC::AllocationTableSizeClass::blockSize):
2196         (JSC::AllocationTableSizeClass::blockCount):
2197         (JSC::AllocationTableSizeClass::blockAlignment):
2198         (JSC::AllocationTableSizeClass::size):
2199         (JSC::AllocationTableLeaf::AllocationTableLeaf):
2200         (JSC::AllocationTableLeaf::~AllocationTableLeaf):
2201         (JSC::AllocationTableLeaf::allocate):
2202         (JSC::AllocationTableLeaf::free):
2203         (JSC::AllocationTableLeaf::isEmpty):
2204         (JSC::AllocationTableLeaf::isFull):
2205         (JSC::AllocationTableLeaf::size):
2206         (JSC::AllocationTableLeaf::classForSize):
2207         (JSC::AllocationTableLeaf::dump):
2208         (JSC::LazyAllocationTable::LazyAllocationTable):
2209         (JSC::LazyAllocationTable::~LazyAllocationTable):
2210         (JSC::LazyAllocationTable::allocate):
2211         (JSC::LazyAllocationTable::free):
2212         (JSC::LazyAllocationTable::isEmpty):
2213         (JSC::LazyAllocationTable::isFull):
2214         (JSC::LazyAllocationTable::size):
2215         (JSC::LazyAllocationTable::dump):
2216         (JSC::LazyAllocationTable::classForSize):
2217         (JSC::AllocationTableDirectory::AllocationTableDirectory):
2218         (JSC::AllocationTableDirectory::~AllocationTableDirectory):
2219         (JSC::AllocationTableDirectory::allocate):
2220         (JSC::AllocationTableDirectory::free):
2221         (JSC::AllocationTableDirectory::isEmpty):
2222         (JSC::AllocationTableDirectory::isFull):
2223         (JSC::AllocationTableDirectory::size):
2224         (JSC::AllocationTableDirectory::classForSize):
2225         (JSC::AllocationTableDirectory::dump):
2226         (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
2227         (JSC::FixedVMPoolAllocator::alloc):
2228         (JSC::FixedVMPoolAllocator::free):
2229         (JSC::FixedVMPoolAllocator::allocated):
2230         (JSC::FixedVMPoolAllocator::isValid):
2231         (JSC::FixedVMPoolAllocator::classForSize):
2232         (JSC::FixedVMPoolAllocator::offsetToPointer):
2233         (JSC::FixedVMPoolAllocator::pointerToOffset):
2234         (JSC::ExecutableAllocator::committedByteCount):
2235         (JSC::ExecutableAllocator::isValid):
2236         (JSC::ExecutableAllocator::underMemoryPressure):
2237         (JSC::ExecutablePool::systemAlloc):
2238         (JSC::ExecutablePool::systemRelease):
2239         * wtf/PageReservation.h:
2240         (WTF::PageReservation::PageReservation):
2241         (WTF::PageReservation::commit):
2242         (WTF::PageReservation::decommit):
2243         (WTF::PageReservation::committed):
2244
2245 2011-01-27  Oliver Hunt  <oliver@apple.com>
2246
2247         Reviewed by Geoffrey Garen.
2248
2249         Convert markstack to a slot visitor API
2250         https://bugs.webkit.org/show_bug.cgi?id=53219
2251
2252         Move the MarkStack over to a slot based marking API.
2253
2254         In order to avoiding aliasing concerns there are two new types
2255         that need to be used when holding on to JSValues and JSCell that
2256         need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
2257         is expected to be used for any JSValue or Cell that's lifetime and
2258         marking is controlled by another GC object.  DeprecatedPtr is used
2259         for any value that we need to rework ownership for.
2260
2261         The change over to this model has produced a large amount of
2262         code changes, but they are mostly mechanical (forwarding JSGlobalData,
2263         etc).
2264
2265         * API/JSCallbackObject.h:
2266         (JSC::JSCallbackObjectData::setPrivateProperty):
2267         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
2268         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
2269         (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
2270         (JSC::JSCallbackObject::setPrivateProperty):
2271         * API/JSCallbackObjectFunctions.h:
2272         (JSC::::put):
2273         (JSC::::staticFunctionGetter):
2274         * API/JSObjectRef.cpp:
2275         (JSObjectMakeConstructor):
2276         (JSObjectSetPrivateProperty):
2277         * API/JSWeakObjectMapRefInternal.h:
2278         * JavaScriptCore.exp:
2279         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2280         * JavaScriptCore.xcodeproj/project.pbxproj:
2281         * bytecode/CodeBlock.cpp:
2282         (JSC::CodeBlock::markAggregate):
2283         * bytecode/CodeBlock.h:
2284         (JSC::CodeBlock::globalObject):
2285         * bytecompiler/BytecodeGenerator.cpp:
2286         (JSC::BytecodeGenerator::BytecodeGenerator):
2287         (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
2288         (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
2289         (JSC::BytecodeGenerator::findScopedProperty):
2290         * debugger/DebuggerActivation.cpp:
2291         (JSC::DebuggerActivation::DebuggerActivation):
2292         (JSC::DebuggerActivation::markChildren):
2293         * debugger/DebuggerActivation.h:
2294         * interpreter/Interpreter.cpp:
2295         (JSC::Interpreter::resolve):
2296         (JSC::Interpreter::resolveSkip):
2297         (JSC::Interpreter::resolveGlobalDynamic):
2298         (JSC::Interpreter::resolveBaseAndProperty):
2299         (JSC::Interpreter::unwindCallFrame):
2300         (JSC::appendSourceToError):
2301         (JSC::Interpreter::execute):
2302         (JSC::Interpreter::privateExecute):
2303         * interpreter/Register.h:
2304         (JSC::Register::jsValueSlot):
2305         * jit/JITStubs.cpp:
2306         (JSC::JITThunks::tryCacheGetByID):
2307         (JSC::DEFINE_STUB_FUNCTION):
2308         * jsc.cpp:
2309         (GlobalObject::GlobalObject):
2310         * runtime/Arguments.cpp:
2311         (JSC::Arguments::markChildren):
2312         (JSC::Arguments::getOwnPropertySlot):
2313         (JSC::Arguments::getOwnPropertyDescriptor):
2314         (JSC::Arguments::put):
2315         * runtime/Arguments.h:
2316         (JSC::Arguments::setActivation):
2317         (JSC::Arguments::Arguments):
2318         * runtime/ArrayConstructor.cpp:
2319         (JSC::ArrayConstructor::ArrayConstructor):
2320         (JSC::constructArrayWithSizeQuirk):
2321         * runtime/ArrayPrototype.cpp:
2322         (JSC::arrayProtoFuncSplice):
2323         * runtime/BatchedTransitionOptimizer.h:
2324         (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
2325         (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
2326         * runtime/BooleanConstructor.cpp:
2327         (JSC::BooleanConstructor::BooleanConstructor):
2328         (JSC::constructBoolean):
2329         (JSC::constructBooleanFromImmediateBoolean):
2330         * runtime/BooleanPrototype.cpp:
2331         (JSC::BooleanPrototype::BooleanPrototype):
2332         * runtime/ConservativeSet.h:
2333         (JSC::ConservativeSet::mark):
2334         * runtime/DateConstructor.cpp:
2335         (JSC::DateConstructor::DateConstructor):
2336         * runtime/DateInstance.cpp:
2337         (JSC::DateInstance::DateInstance):
2338         * runtime/DatePrototype.cpp:
2339         (JSC::dateProtoFuncSetTime):
2340         (JSC::setNewValueFromTimeArgs):
2341         (JSC::setNewValueFromDateArgs):
2342         (JSC::dateProtoFuncSetYear):
2343         * runtime/ErrorConstructor.cpp:
2344         (JSC::ErrorConstructor::ErrorConstructor):
2345         * runtime/ErrorInstance.cpp:
2346         (JSC::ErrorInstance::ErrorInstance):
2347         * runtime/ErrorPrototype.cpp:
2348         (JSC::ErrorPrototype::ErrorPrototype):
2349         * runtime/FunctionConstructor.cpp:
2350         (JSC::FunctionConstructor::FunctionConstructor):
2351         * runtime/FunctionPrototype.cpp:
2352         (JSC::FunctionPrototype::FunctionPrototype):
2353         * runtime/GetterSetter.cpp:
2354         (JSC::GetterSetter::markChildren):
2355         * runtime/GetterSetter.h:
2356         (JSC::GetterSetter::GetterSetter):
2357         (JSC::GetterSetter::getter):
2358         (JSC::GetterSetter::setGetter):
2359         (JSC::GetterSetter::setter):
2360         (JSC::GetterSetter::setSetter):
2361         * runtime/GlobalEvalFunction.cpp:
2362         (JSC::GlobalEvalFunction::GlobalEvalFunction):
2363         (JSC::GlobalEvalFunction::markChildren):
2364         * runtime/GlobalEvalFunction.h:
2365         (JSC::GlobalEvalFunction::cachedGlobalObject):
2366         * runtime/Heap.cpp:
2367         (JSC::Heap::markProtectedObjects):
2368         (JSC::Heap::markTempSortVectors):
2369         (JSC::Heap::markRoots):
2370         * runtime/InternalFunction.cpp:
2371         (JSC::InternalFunction::InternalFunction):
2372         * runtime/JSAPIValueWrapper.h:
2373         (JSC::JSAPIValueWrapper::value):
2374         (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2375         * runtime/JSActivation.cpp:
2376         (JSC::JSActivation::put):
2377         * runtime/JSArray.cpp:
2378         (JSC::JSArray::JSArray):
2379         (JSC::JSArray::getOwnPropertySlot):
2380         (JSC::JSArray::getOwnPropertyDescriptor):
2381         (JSC::JSArray::put):
2382         (JSC::JSArray::putSlowCase):
2383         (JSC::JSArray::deleteProperty):
2384         (JSC::JSArray::increaseVectorLength):
2385         (JSC::JSArray::setLength):
2386         (JSC::JSArray::pop):
2387         (JSC::JSArray::push):
2388         (JSC::JSArray::unshiftCount):
2389         (JSC::JSArray::sort):
2390         (JSC::JSArray::fillArgList):
2391         (JSC::JSArray::copyToRegisters):
2392         (JSC::JSArray::compactForSorting):
2393         * runtime/JSArray.h:
2394         (JSC::JSArray::getIndex):
2395         (JSC::JSArray::setIndex):
2396         (JSC::JSArray::uncheckedSetIndex):
2397         (JSC::JSArray::markChildrenDirect):
2398         * runtime/JSByteArray.cpp:
2399         (JSC::JSByteArray::JSByteArray):
2400         * runtime/JSCell.h:
2401         (JSC::JSCell::MarkStack::append):
2402         (JSC::JSCell::MarkStack::appendCell):
2403         * runtime/JSFunction.cpp:
2404         (JSC::JSFunction::JSFunction):
2405         (JSC::JSFunction::getOwnPropertySlot):
2406         * runtime/JSGlobalObject.cpp:
2407         (JSC::markIfNeeded):
2408         (JSC::JSGlobalObject::reset):
2409         (JSC::JSGlobalObject::resetPrototype):
2410         (JSC::JSGlobalObject::markChildren):
2411         * runtime/JSGlobalObject.h:
2412         (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
2413         (JSC::JSGlobalObject::regExpConstructor):
2414         (JSC::JSGlobalObject::errorConstructor):
2415         (JSC::JSGlobalObject::evalErrorConstructor):
2416         (JSC::JSGlobalObject::rangeErrorConstructor):
2417         (JSC::JSGlobalObject::referenceErrorConstructor):
2418         (JSC::JSGlobalObject::syntaxErrorConstructor):
2419         (JSC::JSGlobalObject::typeErrorConstructor):
2420         (JSC::JSGlobalObject::URIErrorConstructor):
2421         (JSC::JSGlobalObject::evalFunction):
2422         (JSC::JSGlobalObject::objectPrototype):
2423         (JSC::JSGlobalObject::functionPrototype):
2424         (JSC::JSGlobalObject::arrayPrototype):
2425         (JSC::JSGlobalObject::booleanPrototype):
2426         (JSC::JSGlobalObject::stringPrototype):
2427         (JSC::JSGlobalObject::numberPrototype):
2428         (JSC::JSGlobalObject::datePrototype):
2429         (JSC::JSGlobalObject::regExpPrototype):
2430         (JSC::JSGlobalObject::methodCallDummy):
2431         (JSC::constructArray):
2432         * runtime/JSONObject.cpp:
2433         (JSC::Stringifier::Holder::object):
2434         (JSC::Stringifier::Holder::objectSlot):
2435         (JSC::Stringifier::markAggregate):
2436         (JSC::Stringifier::stringify):
2437         (JSC::Stringifier::Holder::appendNextProperty):
2438         (JSC::Walker::callReviver):
2439         (JSC::Walker::walk):
2440         * runtime/JSObject.cpp:
2441         (JSC::JSObject::defineGetter):
2442         (JSC::JSObject::defineSetter):
2443         (JSC::JSObject::removeDirect):
2444         (JSC::JSObject::putDirectFunction):
2445         (JSC::JSObject::putDirectFunctionWithoutTransition):
2446         (JSC::putDescriptor):
2447         (JSC::JSObject::defineOwnProperty):
2448         * runtime/JSObject.h:
2449         (JSC::JSObject::putDirectOffset):
2450         (JSC::JSObject::putUndefinedAtDirectOffset):
2451         (JSC::JSObject::flattenDictionaryObject):
2452         (JSC::JSObject::putDirectInternal):
2453         (JSC::JSObject::putDirect):
2454         (JSC::JSObject::putDirectFunction):
2455         (JSC::JSObject::putDirectWithoutTransition):
2456         (JSC::JSObject::putDirectFunctionWithoutTransition):
2457         (JSC::JSValue::putDirect):
2458         (JSC::JSObject::allocatePropertyStorageInline):
2459         (JSC::JSObject::markChildrenDirect):
2460         * runtime/JSStaticScopeObject.cpp:
2461         (JSC::JSStaticScopeObject::markChildren):
2462         * runtime/JSString.cpp:
2463         (JSC::StringObject::create):
2464         * runtime/JSValue.h:
2465         * runtime/JSWrapperObject.cpp:
2466         (JSC::JSWrapperObject::markChildren):
2467         * runtime/JSWrapperObject.h:
2468         (JSC::JSWrapperObject::internalValue):
2469         (JSC::JSWrapperObject::setInternalValue):
2470         * runtime/LiteralParser.cpp:
2471         (JSC::LiteralParser::parse):
2472         * runtime/Lookup.cpp:
2473         (JSC::setUpStaticFunctionSlot):
2474         * runtime/Lookup.h:
2475         (JSC::lookupPut):
2476         * runtime/MarkStack.h:
2477         * runtime/MathObject.cpp:
2478         (JSC::MathObject::MathObject):
2479         * runtime/NativeErrorConstructor.cpp:
2480         (JSC::NativeErrorConstructor::NativeErrorConstructor):
2481         * runtime/NativeErrorPrototype.cpp:
2482         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2483         * runtime/NumberConstructor.cpp:
2484         (JSC::NumberConstructor::NumberConstructor):
2485         (JSC::constructWithNumberConstructor):
2486         * runtime/NumberObject.cpp:
2487         (JSC::constructNumber):
2488         * runtime/NumberPrototype.cpp:
2489         (JSC::NumberPrototype::NumberPrototype):
2490         * runtime/ObjectConstructor.cpp:
2491         (JSC::ObjectConstructor::ObjectConstructor):
2492         (JSC::objectConstructorGetOwnPropertyDescriptor):
2493         * runtime/Operations.h:
2494         (JSC::normalizePrototypeChain):
2495         (JSC::resolveBase):
2496         * runtime/PrototypeFunction.cpp:
2497         (JSC::PrototypeFunction::PrototypeFunction):
2498         * runtime/PutPropertySlot.h:
2499         (JSC::PutPropertySlot::setExistingProperty):
2500         (JSC::PutPropertySlot::setNewProperty):
2501         (JSC::PutPropertySlot::base):
2502         * runtime/RegExpConstructor.cpp:
2503         (JSC::RegExpConstructor::RegExpConstructor):
2504         * runtime/ScopeChain.cpp:
2505         (JSC::ScopeChainNode::print):
2506         * runtime/ScopeChain.h:
2507         (JSC::ScopeChainNode::~ScopeChainNode):
2508         (JSC::ScopeChainIterator::operator*):
2509         (JSC::ScopeChainIterator::operator->):
2510         (JSC::ScopeChain::top):
2511         * runtime/ScopeChainMark.h:
2512         (JSC::ScopeChain::markAggregate):
2513         * runtime/SmallStrings.cpp:
2514         (JSC::isMarked):
2515         (JSC::SmallStrings::markChildren):
2516         * runtime/SmallStrings.h:
2517         (JSC::SmallStrings::emptyString):
2518         (JSC::SmallStrings::singleCharacterString):
2519         (JSC::SmallStrings::singleCharacterStrings):
2520         * runtime/StringConstructor.cpp:
2521         (JSC::StringConstructor::StringConstructor):
2522         * runtime/StringObject.cpp:
2523         (JSC::StringObject::StringObject):
2524         * runtime/StringObject.h:
2525         * runtime/StringPrototype.cpp:
2526         (JSC::StringPrototype::StringPrototype):
2527         * runtime/Structure.cpp:
2528         (JSC::Structure::flattenDictionaryStructure):
2529         * runtime/Structure.h:
2530         (JSC::Structure::storedPrototypeSlot):
2531         * runtime/WeakGCMap.h:
2532         (JSC::WeakGCMap::uncheckedGet):
2533         (JSC::WeakGCMap::uncheckedGetSlot):
2534         (JSC::::get):
2535         (JSC::::take):
2536         (JSC::::set):
2537         (JSC::::uncheckedRemove):
2538         * runtime/WriteBarrier.h: Added.
2539         (JSC::DeprecatedPtr::DeprecatedPtr):
2540         (JSC::DeprecatedPtr::get):
2541         (JSC::DeprecatedPtr::operator*):
2542         (JSC::DeprecatedPtr::operator->):
2543         (JSC::DeprecatedPtr::slot):
2544         (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
2545         (JSC::DeprecatedPtr::operator!):
2546         (JSC::WriteBarrierBase::set):
2547         (JSC::WriteBarrierBase::get):
2548         (JSC::WriteBarrierBase::operator*):
2549         (JSC::WriteBarrierBase::operator->):
2550         (JSC::WriteBarrierBase::slot):
2551         (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
2552         (JSC::WriteBarrierBase::operator!):
2553         (JSC::WriteBarrier::WriteBarrier):
2554         (JSC::operator==):
2555
2556 2011-01-28  Adam Roben  <aroben@apple.com>
2557
2558         Chromium build fix after r76967
2559
2560         * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other
2561         similar macros in this file.
2562
2563 2011-01-28  Michael Saboff  <msaboff@apple.com>
2564
2565         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2566         https://bugs.webkit.org/show_bug.cgi?id=53271
2567
2568         Reapplying this this change.  No change from prior patch in
2569         JavaScriptCore.
2570
2571         Added new isValid() methods to check if a contained object in
2572         a WeakGCMap is valid when using an unchecked iterator.
2573
2574         * runtime/WeakGCMap.h:
2575         (JSC::WeakGCMap::isValid):
2576
2577 2011-01-27  Adam Roben  <aroben@apple.com>
2578
2579         Extract code to convert a WTF absolute time to a Win32 wait interval into a separate
2580         function
2581
2582         Fixes <http://webkit.org/b/53208> <rdar://problem/8922490> BinarySemaphore should wrap a
2583         Win32 event
2584
2585         Reviewed by Dave Hyatt.
2586
2587         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function.
2588
2589         * wtf/ThreadingPrimitives.h: Declare the new function.
2590
2591         * wtf/ThreadingWin.cpp:
2592         (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait
2593         interval from here...
2594         (WTF::absoluteTimeToWaitTimeoutInterval): ...to here.
2595
2596 2011-01-28  Sam Weinig  <sam@webkit.org>
2597
2598         Reviewed by Maciej Stachowiak.
2599
2600         Add basic rubber banding support
2601         <rdar://problem/8219429>
2602         https://bugs.webkit.org/show_bug.cgi?id=53277
2603
2604         * wtf/Platform.h: Add ENABLE for rubber banding.
2605
2606 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2607
2608         Unreviewed, rolling out r76893.
2609         http://trac.webkit.org/changeset/76893
2610         https://bugs.webkit.org/show_bug.cgi?id=53287
2611
2612         It made some tests crash on GTK and Qt debug bots (Requested
2613         by Ossy on #webkit).
2614
2615         * runtime/WeakGCMap.h:
2616
2617 2011-01-27  Adam Barth  <abarth@webkit.org>
2618
2619         Reviewed by Eric Seidel.
2620
2621         Add WTFString method to compare equality with Vector<UChar>
2622         https://bugs.webkit.org/show_bug.cgi?id=53266
2623
2624         I'm planning to use this method in the new XSS filter implementation,
2625         but it seems generally useful.
2626
2627         * wtf/text/StringImpl.h:
2628         (WTF::equalIgnoringNullity):
2629         * wtf/text/WTFString.h:
2630         (WTF::equalIgnoringNullity):
2631
2632 2011-01-27  Michael Saboff  <msaboff@apple.com>
2633
2634         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2635         https://bugs.webkit.org/show_bug.cgi?id=53271
2636
2637         Added new isValid() methods to check if a contained object in
2638         a WeakGCMap is valid when using an unchecked iterator.
2639
2640         * runtime/WeakGCMap.h:
2641         (JSC::WeakGCMap::isValid):
2642
2643 2011-01-26  Sam Weinig  <sam@webkit.org>
2644
2645         Reviewed by Maciej Stachowiak.
2646
2647         Add events to represent the start/end of a gesture scroll
2648         https://bugs.webkit.org/show_bug.cgi?id=53215
2649
2650         * wtf/Platform.h: Add ENABLE for gesture events. 
2651
2652 2011-01-26  Yael Aharon  <yael.aharon@nokia.com>
2653
2654         Reviewed by Laszlo Gombos.
2655
2656         [Qt][Symbian] Fix --minimal build
2657         https://bugs.webkit.org/show_bug.cgi?id=52839
2658
2659         Move definition of USE_SYSTEM_MALLOC out of pri file.
2660         Put it in platform.h instead.
2661
2662         * wtf/Platform.h:
2663         * wtf/TCSystemAlloc.cpp:
2664         * wtf/wtf.pri:
2665
2666 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
2667
2668         Reviewed by Andreas Kling.
2669
2670         [WINCE] Add JIT support to build system
2671         https://bugs.webkit.org/show_bug.cgi?id=53079
2672
2673         * CMakeListsWinCE.txt:
2674
2675 2011-01-25  Adam Roben  <aroben@apple.com>
2676
2677         Windows Production build fix
2678
2679         Reviewed by Steve Falkenburg.
2680
2681         * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start
2682         of the file so that ConfigurationBuildDir takes that into account. Also set it the right way
2683         (by redefining the macro) rather than the wrong way (by modifying the environment variable).
2684
2685 2011-01-25  Steve Falkenburg  <sfalken@apple.com>
2686
2687         Rubber-stamped by Adam Roben.
2688
2689         Windows production build fix.
2690         Use correct environment variable escaping
2691
2692         * JavaScriptCore.vcproj/JavaScriptCore.make:
2693         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2694
2695 2011-01-25  Oliver Hunt  <oliver@apple.com>
2696
2697         Reviewed by Gavin Barraclough.
2698
2699         JSON.stringify processing time exponentially grows with size of object
2700         https://bugs.webkit.org/show_bug.cgi?id=51922
2701
2702         Remove last use of reserveCapacity from JSON stringification, as it results
2703         in appalling append behaviour when there are a large number of property names
2704         and nothing else.
2705
2706         * runtime/JSONObject.cpp:
2707         (JSC::Stringifier::appendQuotedString):
2708
2709 2011-01-25  Antti Koivisto  <antti@apple.com>
2710
2711         Not reviewed.
2712         
2713         Try to fix windows build.
2714
2715         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2716
2717 2011-01-25  Antti Koivisto  <antti@apple.com>
2718
2719         Reviewed by Oliver Hunt.
2720
2721         REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector()
2722         https://bugs.webkit.org/show_bug.cgi?id=53061
2723          
2724         Cache did not know about the subclass so failed to fully delete the items. 
2725         Got rid of the subclass and moved the classes to separate files.
2726
2727         * CMakeLists.txt:
2728         * GNUmakefile.am:
2729         * JavaScriptCore.exp:
2730         * JavaScriptCore.gypi:
2731         * JavaScriptCore.pro:
2732         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2733         * JavaScriptCore.xcodeproj/project.pbxproj:
2734         * parser/JSParser.cpp:
2735         (JSC::JSParser::Scope::saveFunctionInfo):
2736         (JSC::JSParser::Scope::restoreFunctionInfo):
2737         (JSC::JSParser::findCachedFunctionInfo):
2738         (JSC::JSParser::parseFunctionInfo):
2739         * parser/SourceProvider.h:
2740         * parser/SourceProviderCache.cpp: Added.
2741         (JSC::SourceProviderCache::~SourceProviderCache):
2742         (JSC::SourceProviderCache::byteSize):
2743         * parser/SourceProviderCache.h: Added.
2744         (JSC::SourceProviderCache::SourceProviderCache):
2745         (JSC::SourceProviderCache::add):
2746         (JSC::SourceProviderCache::get):
2747         * parser/SourceProviderCacheItem.h: Added.
2748         (JSC::SourceProviderCacheItem::SourceProviderCacheItem):
2749         (JSC::SourceProviderCacheItem::approximateByteSize):
2750         (JSC::SourceProviderCacheItem::closeBraceToken):
2751
2752 2011-01-25  Marcilio Mendonca  <mamendonca@rim.com>
2753
2754         Reviewed by Darin Adler.
2755
2756         Bug 53087: Refactoring: replaced a hanging "else" with a "return"
2757         statement
2758         https://bugs.webkit.org/show_bug.cgi?id=53087.
2759
2760         Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M
2761         with a "return" so that the code is more readable and less error pro
2762         (e.g., "else" doesn't use braces so adding extra lines to the else
2763         block won't have any effect; even worse, code still compiles
2764         successfully.
2765
2766         * wtf/Assertions.cpp:
2767
2768 2011-01-24  Chris Marrin  <cmarrin@apple.com>
2769
2770         Reviewed by Eric Seidel.
2771
2772         Change ENABLE_3D_CANVAS to ENABLE_WEBGL
2773         https://bugs.webkit.org/show_bug.cgi?id=53041
2774
2775         * Configurations/FeatureDefines.xcconfig:
2776
2777 2011-01-25  Adam Roben  <aroben@apple.com>
2778
2779         Windows Production build fix
2780
2781         * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set".
2782
2783 2011-01-25  Patrick Gansterer  <paroga@webkit.org>
2784
2785         Reviewed by Eric Seidel.
2786
2787         Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2)
2788         https://bugs.webkit.org/show_bug.cgi?id=52949
2789
2790         * jit/JITStubs.cpp:
2791
2792 2011-01-24  Adam Roben  <aroben@apple.com>
2793
2794         Windows Production build fix
2795
2796         * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source.
2797
2798 2011-01-24  Peter Varga  <pvarga@webkit.org>
2799
2800         Reviewed by Oliver Hunt.
2801
2802         Optimize regex patterns which contain empty alternatives
2803         https://bugs.webkit.org/show_bug.cgi?id=51395
2804
2805         Eliminate the empty alternatives from the regex pattern and convert it to do
2806         the matching in an easier way.
2807
2808         * yarr/YarrPattern.cpp:
2809         (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
2810
2811 2011-01-24  Andras Becsi  <abecsi@webkit.org>
2812
2813         Reviewed by Csaba Osztrogonác.
2814
2815         [Qt] Move project files into Source
2816         https://bugs.webkit.org/show_bug.cgi?id=52891
2817
2818         * JavaScriptCore.pri:
2819         * JavaScriptCore.pro:
2820         * jsc.pro:
2821
2822 2011-01-23  Mark Rowe  <mrowe@apple.com>
2823
2824         Follow-up to r76477.
2825
2826         Fix the scripts that detect problematic code such as static initializers
2827         and destructors, weak vtables, inappropriate files in the framework wrappers,
2828         and public headers including private headers. These had all been broken
2829         since the projects were moved in to the Source directory as the paths to the
2830         scripts were not updated at that time.
2831
2832         * JavaScriptCore.xcodeproj/project.pbxproj:
2833
2834 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2835
2836         Reviewed by Darin Adler.
2837
2838         Use WTF::StringHasher in WebCore
2839         https://bugs.webkit.org/show_bug.cgi?id=52934
2840
2841         Add an additional function to calculate the hash
2842         of data with a runtimedependent size.
2843
2844         * wtf/StringHasher.h:
2845         (WTF::StringHasher::createBlobHash):
2846
2847 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2848
2849         Reviewed by David Kilzer.
2850
2851         Fix comment in String::ascii()
2852         https://bugs.webkit.org/show_bug.cgi?id=52980
2853
2854         * wtf/text/WTFString.cpp:
2855         (WTF::String::ascii):
2856
2857 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2858
2859         Reviewed by David Kilzer.
2860
2861         Add String::containsOnlyLatin1()
2862         https://bugs.webkit.org/show_bug.cgi?id=52979
2863
2864         * wtf/text/WTFString.h:
2865         (WTF::String::containsOnlyLatin1):
2866         (WTF::charactersAreAllLatin1):
2867
2868 2011-01-23  Patrick Gansterer  <paroga@webkit.org>
2869
2870         Reviewed by Oliver Hunt.
2871
2872         Remove obsolete JSVALUE32 code
2873         https://bugs.webkit.org/show_bug.cgi?id=52948
2874
2875         r70111 removed support for JSVALUE32.
2876         ARM, MIPS and X86 support JSVALUE32_64 only.
2877
2878         * jit/JITStubs.cpp:
2879
2880 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2881
2882         Reviewed by Dan Bernstein.
2883
2884         ASSERT running run-webkit-tests --threaded.
2885         https://bugs.webkit.org/show_bug.cgi?id=52971
2886         
2887         SunSpider and v8 report no change.
2888
2889         * runtime/ConservativeSet.cpp:
2890         (JSC::ConservativeSet::grow):
2891         (JSC::ConservativeSet::add):
2892         * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and
2893         the growth policy to 2X, to make SunSpider and v8 happy.
2894         (JSC::ConservativeSet::ConservativeSet):
2895         (JSC::ConservativeSet::~ConservativeSet):
2896         (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc.
2897         Malloc is forbidden during a multi-threaded mark phase because it can
2898         cause deadlock.
2899
2900 2011-01-22  Geoffrey Garen  <ggaren@apple.com>
2901
2902         Reviewed by Geoffrey Garen.
2903
2904         Rubber-stamped by Maciej Stachowiak.
2905
2906         A few of Maciej's review suggestions for my last patch.
2907         https://bugs.webkit.org/show_bug.cgi?id=52946        
2908
2909         SunSpider reports no change.
2910
2911         * Android.mk:
2912         * CMakeLists.txt:
2913         * GNUmakefile.am:
2914         * JavaScriptCore.gypi:
2915         * JavaScriptCore.pro:
2916         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2917         * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems.
2918
2919         * runtime/ConservativeSet.cpp: Added.
2920         (JSC::isPointerAligned):
2921         (JSC::ConservativeSet::add):
2922         * runtime/ConservativeSet.h: Added.
2923         (JSC::ConservativeSet::ConservativeSet):
2924         (JSC::ConservativeSet::mark): Split ConservativeSet out into its own
2925         file, and moved the conservative check into ConservativeSet::add, making
2926         ConservativeSet's responsibility clearer.
2927
2928         * runtime/Heap.cpp:
2929         (JSC::Heap::markRoots):
2930         * runtime/MachineStackMarker.cpp:
2931         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2932         (JSC::MachineStackMarker::markOtherThreadConservatively):
2933         * runtime/MachineStackMarker.h:
2934         * runtime/MarkStack.h: Updated for changes above.
2935
2936 2011-01-22  Patrick Gansterer  <paroga@webkit.org>
2937
2938         Unreviewed WinCE build fix for r76430.
2939
2940         * runtime/MachineStackMarker.cpp:
2941         (JSC::swapIfBackwards):
2942
2943 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2944
2945         Reviewed by Beth Dakin.
2946
2947         Reorganized MarkedSpace, making many of its functions private.
2948
2949         * runtime/JSCell.h:
2950         (JSC::JSCell::Heap::heap):
2951         * runtime/MarkedSpace.h:
2952         (JSC::MarkedSpace::globalData):
2953         (JSC::MarkedSpace::heap):
2954
2955 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2956
2957         Try to fix build: moved helper function out of #ifdef.
2958
2959         * runtime/MachineStackMarker.cpp:
2960         (JSC::swapIfBackwards):
2961
2962 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2963
2964         Rubber-stamped by Maciej Stachowiak.
2965
2966         A few of Maciej's review suggestions for my last patch.
2967         https://bugs.webkit.org/show_bug.cgi?id=52946        
2968
2969         SunSpider reports no change.
2970
2971         * runtime/MachineStackMarker.cpp:
2972         (JSC::swapIfBackwards): Added a helper function for handling platforms
2973         where the stack can grow in any direction.
2974
2975         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
2976         (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper
2977         function.
2978
2979         (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to.
2980
2981         (JSC::MachineStackMarker::markConservatively): Changed to use a more
2982         standard looping idiom, and to use the helper function above.
2983
2984         * runtime/MarkedSpace.h:
2985         (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to.
2986
2987 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
2988
2989         Reviewed by Maciej Stachowiak.
2990
2991         Cleaned up some conservative marking code.
2992         https://bugs.webkit.org/show_bug.cgi?id=52946
2993         
2994         SunSpider reports no change.
2995
2996         * interpreter/RegisterFile.h: No need for a special marking function,
2997         since we already expose a start() and end().
2998
2999         * runtime/Heap.cpp:
3000         (JSC::Heap::registerFile):
3001         (JSC::Heap::markRoots):
3002         * runtime/Heap.h:
3003         (JSC::Heap::contains): Migrated markConservatively() to the machine stack
3004         marker class. Now, Heap just provides a contains() function, which the
3005         machine stack marker uses for checking whether a pointer points into the heap.
3006
3007         * runtime/MachineStackMarker.cpp:
3008         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3009         (JSC::MachineStackMarker::markOtherThreadConservatively):
3010         (JSC::isPointerAligned):
3011         (JSC::MachineStackMarker::markConservatively):
3012         * runtime/MachineStackMarker.h: Move the conservative marking code here.
3013
3014         * runtime/MarkStack.h:
3015         (JSC::ConservativeSet::add):
3016         (JSC::ConservativeSet::mark): Changed to using a vector instead of hash
3017         set. Vector seems to be a bit faster, and it generates smaller code.
3018
3019         * runtime/MarkedSpace.cpp:
3020         (JSC::MarkedSpace::containsSlowCase):
3021         * runtime/MarkedSpace.h:
3022         (JSC::MarkedSpace::isCellAligned):
3023         (JSC::MarkedSpace::isPossibleCell):
3024         (JSC::MarkedSpace::contains): Kept the code for determining whether a
3025         pointer pointed into marked space, and moved the code for marking
3026         a set of conservative pointers into the machine stack marker.
3027
3028         * wtf/HashSet.h:
3029         (WTF::::add): Added two missing inlines that I noticed while testing
3030         vector vs hash set.
3031
3032 2011-01-21  Mark Rowe  <mrowe@apple.com>
3033
3034         Reviewed by Sam Weinig.
3035
3036         Work around a Clang bug <rdar://problem/8876150> that leads to it incorrectly emitting an access
3037         control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool".
3038
3039         * wtf/PageAllocation.h:
3040         (WTF::PageAllocation::operator bool):
3041         * wtf/PageReservation.h:
3042         (WTF::PageReservation::operator bool):
3043
3044 2011-01-21  Michael Saboff  <msaboff@apple.com>
3045
3046         Reviewed by Oliver Hunt.
3047
3048         [RegexFuzz] Hang with forward assertion
3049         https://bugs.webkit.org/show_bug.cgi?id=52825
3050         <rdar://problem/8894332>
3051
3052         The backtrackTo label from the first term in a list of terms is
3053         being overwritten by processing of subsequent terms.  Changed
3054         copyBacktrackToLabel() to check for an existing bcaktrackTo label
3055         before copying and renamed it to propagateBacktrackToLabel() since
3056         it no longer copies.
3057
3058         * yarr/YarrJIT.cpp:
3059         (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel):
3060         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3061
3062 2011-01-21  Geoffrey Garen  <ggaren@apple.com>
3063
3064         Reviewed by Sam Weinig.
3065
3066         Moved the mark stack from global data to the heap, since it pertains
3067         to the heap, and not the virtual machine as a whole.
3068         https://bugs.webkit.org/show_bug.cgi?id=52930
3069         
3070         SunSpider reports no change.
3071
3072         * runtime/Heap.cpp:
3073         (JSC::Heap::Heap):
3074         (JSC::Heap::markRoots):
3075         * runtime/Heap.h:
3076         * runtime/JSGlobalData.cpp:
3077         (JSC::JSGlobalData::JSGlobalData):
3078         * runtime/JSGlobalData.h:
3079
3080 2011-01-21  Peter Gal  <galpeter@inf.u-szeged.hu>
3081
3082         Reviewed by Darin Adler.
3083
3084         REGRESSION(r76177): All JavaScriptCore tests fail on ARM
3085         https://bugs.webkit.org/show_bug.cgi?id=52814
3086
3087         Get the approximateByteSize value before releasing the OwnPtr.
3088
3089         * parser/JSParser.cpp:
3090         (JSC::JSParser::parseFunctionInfo):
3091
3092 2011-01-21  Xan Lopez  <xlopez@igalia.com>
3093
3094         Reviewed by Martin Robinson.
3095
3096         Remove unnecessary <stdio.h> include
3097         https://bugs.webkit.org/show_bug.cgi?id=52884
3098
3099         * jit/JIT.cpp: remove unnecessary include.
3100
3101 2011-01-20  Ryosuke Niwa  <rniwa@webkit.org>
3102
3103         Reviewed by Maciej Stachowiak.
3104
3105         Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr.
3106
3107         * wtf/OwnArrayPtr.h:
3108
3109 2011-01-20  Patrick Gansterer  <paroga@webkit.org>
3110
3111         Reviewed by Oliver Hunt.
3112
3113         [WINCE] Remove obsolete JSVALUE32 code
3114         https://bugs.webkit.org/show_bug.cgi?id=52450
3115
3116         Remove the "offset hack" in create_jit_stubs, since we
3117         only support JSVALUE32_64 in the meantime.
3118
3119         * create_jit_stubs: Removed offset argument
3120         * jit/JITStubs.cpp:
3121
3122 2011-01-20  Geoffrey Garen  <ggaren@apple.com>
3123
3124         Reviewed by Oliver Hunt.
3125
3126         When marking conservatively, guard against reviving dead objects.
3127         https://bugs.webkit.org/show_bug.cgi?id=52840
3128         
3129         SunSpider and v8 say no change.
3130
3131         * interpreter/RegisterFile.h:
3132         (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API.
3133
3134         * runtime/Heap.cpp:
3135         (JSC::Heap::recordExtraCost): No need to guard against conservative
3136         marking reviving dead objects anymore, since the conservative marking
3137         mechanism guards against this now.
3138
3139         (JSC::Heap::markConservatively):
3140         (JSC::Heap::markProtectedObjects):
3141         (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a
3142         marking function. We want to establish a separation of concerns between
3143         visiting roots and draining the mark stack.
3144
3145         (JSC::Heap::markRoots): Gather the set of conservative references before
3146         clearning mark bits, because conservative marking now uses the mark bits
3147         to determine if a reference is valid, and avoid reviving dead objects.
3148
3149         (JSC::Heap::collectAllGarbage): No need to guard against conservative
3150         marking reviving dead objects anymore, since the conservative marking
3151         mechanism guards against this now.
3152
3153         * runtime/Heap.h: Updated to use the ConservativeSet API.
3154
3155         * runtime/MachineStackMarker.cpp:
3156         (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal):
3157         (JSC::MachineStackMarker::markCurrentThreadConservatively):
3158         (JSC::MachineStackMarker::markOtherThreadConservatively):
3159         (JSC::MachineStackMarker::markMachineStackConservatively):
3160         * runtime/MachineStackMarker.h: Ditto.
3161
3162         * runtime/MarkStack.h:
3163         (JSC::ConservativeSet::add):
3164         (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the
3165         set of conservative references. This is different from MarkStack, since
3166         we don't mark the set until it is completely gathered.
3167
3168         * runtime/MarkedSpace.cpp:
3169         (JSC::MarkedSpace::freeBlock):
3170         (JSC::MarkedSpace::resizeBlocks):
3171         (JSC::MarkedSpace::markConservatively):
3172         * runtime/MarkedSpace.h: When marking conservatively, guard against
3173         reviving dead objects.
3174
3175 2011-01-20  Siddharth Mathur  <siddharth.mathur@nokia.com>
3176
3177         Reviewed by Geoffrey Garen.
3178
3179         [Symbian] Fix StackBounds::initialize()
3180         https://bugs.webkit.org/show_bug.cgi?id=52842
3181
3182         * wtf/StackBounds.cpp:
3183         (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit
3184
3185 2011-01-20  Michael Saboff  <msaboff@apple.com>
3186
3187         Reviewed by Oliver Hunt.
3188
3189         <rdar://problem/8890203> [RegexFuzz] Crash in generated code (52773)
3190         https://bugs.webkit.org/show_bug.cgi?id=52773
3191
3192         Fixed case where an existing DataLabelPtr is overwritten.  The
3193         replacing DataLabelPtr is now resolved immediately in
3194         linkDataLabelToBacktrackIfExists().  Cleanup - eliminated bool
3195         return value for the routine as it was never used.
3196
3197         * yarr/YarrJIT.cpp:
3198         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
3199
3200 2011-01-20  Andras Becsi  <abecsi@webkit.org>
3201
3202         Reviewed by Csaba Osztrogonác.
3203
3204         [Qt][WK2] WebKit2 enabled build fails to link
3205
3206         Work around undefined reference linking issues until the buildsystem gets redesigned.
3207         These issues first occured in minimal builds (see BUG 50519).
3208
3209         * JavaScriptCore.pri: link as whole-archive for WebKit2 builds
3210
3211 2011-01-20  Zoltan Horvath  <zoltan@webkit.org>
3212
3213         Reviewed by Csaba Osztrogonác.
3214
3215         Refactoring of the custom allocation framework
3216         https://bugs.webkit.org/show_bug.cgi?id=49897
3217
3218         Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589).
3219         The modification replaces Noncopyable and FastAllocBase classes and these inherits with their
3220         equivalent macro implementation at the necessary places.
3221
3222         * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro.
3223
3224 2011-01-20  Mark Rowe  <mrowe@apple.com>
3225
3226         Reviewed by Maciej Stachowiak.
3227
3228         Follow-up to r75766 / <rdar://problem/5469576>.
3229
3230         We were failing to initialize the key, causing all sorts of unexpected behavior.
3231
3232         * wtf/FastMalloc.cpp:
3233         (WTF::setThreadHeap):
3234         (WTF::TCMalloc_ThreadCache::GetThreadHeap):
3235         (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized.
3236
3237 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3238
3239         Reviewed by Darin Adler.
3240
3241         Rolled back in r76078, with crash fixed.
3242         https://bugs.webkit.org/show_bug.cgi?id=52668
3243         
3244         * runtime/JSGlobalObject.cpp:
3245         (JSC::JSGlobalObject::markChildren): Account for the fact that the global
3246         object moves its variables into and out of the register file. While out
3247         of the register file, the symbol table's size is not an accurate count
3248         for the size of the register array, since the BytecodeGenerator might
3249         be compiling, adding items to the symbol table.
3250         
3251 2011-01-18  Darin Adler  <darin@apple.com>
3252
3253         Reviewed by Geoffrey Garen.
3254
3255         Stack overflow when converting an Error object to string
3256         https://bugs.webkit.org/show_bug.cgi?id=46410
3257
3258         * Android.mk: Added StringRecursionChecker.cpp and
3259         StringRecursionChecker.h.
3260         * CMakeLists.txt: Ditto.
3261         * GNUmakefile.am: Ditto.
3262         * JavaScriptCore.gypi: Ditto.
3263         * JavaScriptCore.pro: Ditto.
3264         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto.
3265         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
3266
3267         * runtime/ArrayPrototype.cpp:
3268         (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead
3269         of the older hand-written code to do the same thing.
3270         (JSC::arrayProtoFuncToLocaleString): Ditto.
3271         (JSC::arrayProtoFuncJoin): Ditto.
3272
3273         * runtime/ErrorPrototype.cpp:
3274         (JSC::errorProtoFuncToString): Use StringRecursionChecker.
3275
3276         * runtime/JSGlobalData.h: Renamed arrayVisitedElements to
3277         stringRecursionCheckVisitedObjects.
3278
3279         * runtime/RegExpPrototype.cpp:
3280         (JSC::regExpProtoFuncToString): Use StringRecursionChecker.
3281
3282         * runtime/StringRecursionChecker.cpp: Added.
3283         * runtime/StringRecursionChecker.h: Added.
3284
3285 2011-01-19  Oliver Hunt  <oliver@apple.com>
3286
3287         Reviewed by Gavin Barraclough.
3288
3289         Remove non-spec support for callable RegExp
3290         https://bugs.webkit.org/show_bug.cgi?id=28285
3291
3292         Remove support for callable regexps.  If it breaks sites we can
3293         just roll this out.
3294
3295         * runtime/RegExpObject.cpp:
3296         * runtime/RegExpObject.h:
3297         * tests/mozilla/expected.html: update results.
3298
3299 2011-01-19  Antti Koivisto  <antti@apple.com>
3300
3301         Reviewed by Oliver Hunt.
3302
3303         Cache function offsets to speed up javascript parsing
3304         https://bugs.webkit.org/show_bug.cgi?id=52622
3305         
3306         Use cache to save function offsets and some other info.
3307         This avoids quite a bit of work when reparsing the source.
3308
3309         * parser/ASTBuilder.h:
3310         * parser/JSParser.cpp:
3311         (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo):
3312         (JSC::JSParser::CachedFunctionInfo::approximateByteSize):
3313         (JSC::JSParser::CachedFunctionInfo::closeBraceToken):
3314         (JSC::JSParser::Scope::copyCapturedVariablesToVector):
3315         (JSC::JSParser::Scope::saveFunctionInfo):
3316         (JSC::JSParser::Scope::restoreFunctionInfo):
3317         (JSC::JSParser::findCachedFunctionInfo):
3318         (JSC::JSParser::JSParser):
3319         (JSC::JSParser::parseProgram):
3320         (JSC::JSParser::parseFunctionInfo):
3321         * parser/Lexer.h:
3322         (JSC::Lexer::setOffset):
3323         (JSC::Lexer::setLineNumber):
3324         (JSC::Lexer::sourceProvider):
3325         * parser/SourceProvider.h:
3326         (JSC::SourceProviderCache::SourceProviderCache):
3327         (JSC::SourceProviderCache::~SourceProviderCache):
3328         (JSC::SourceProviderCache::byteSize):
3329         (JSC::SourceProviderCache::add):
3330         (JSC::SourceProviderCache::get):
3331         (JSC::SourceProvider::SourceProvider):
3332         (JSC::SourceProvider::~SourceProvider):
3333         (JSC::SourceProvider::cache):
3334         (JSC::SourceProvider::notifyCacheSizeChanged):
3335         (JSC::SourceProvider::cacheSizeChanged):
3336         * parser/SyntaxChecker.h:
3337
3338 2011-01-19  Mark Rowe  <mrowe@apple.com>
3339
3340         Reviewed by Darin Adler.
3341
3342         Follow-up to r75766 / <rdar://problem/5469576>.
3343
3344         * DerivedSources.make: Evaluate the SDKROOT variable correctly.
3345
3346 2011-01-19  Oliver Hunt  <oliver@apple.com>
3347
3348         Reviewed by Gavin Barraclough.
3349
3350         [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion
3351         https://bugs.webkit.org/show_bug.cgi?id=52672
3352
3353         Rather than coming up with a somewhat convoluted mechanism to ensure that
3354         developers can override the global objects prototype with a function named
3355         __proto__ and expect it to work, we just disallow it at the syntax level.
3356
3357         * parser/JSParser.cpp:
3358         (JSC::JSParser::parseFunctionInfo):
3359
3360 2011-01-19  Michael Saboff  <msaboff@apple.com>
3361
3362         Reviewed by Darin Adler.
3363
3364         <rdar://problem/8882994> Regression: Simple nested backtrack hangs
3365         https://bugs.webkit.org/show_bug.cgi?id=52675
3366
3367         The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540
3368         broke simple backtracking in some cases.  Reworked that change to 
3369         link both jumps and labels.
3370
3371         * yarr/YarrJIT.cpp:
3372         (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel):
3373         (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom):
3374         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3375
3376 2011-01-19  Pavel Podivilov  <podivilov@chromium.org>
3377
3378         Reviewed by Yury Semikhatsky.
3379
3380         Web Inspector: [JSC] scripts have incorrect starting line (always 1).
3381         https://bugs.webkit.org/show_bug.cgi?id=52721
3382
3383         * debugger/Debugger.cpp:
3384         (JSC::Debugger::recompileAllJSFunctions):
3385         * debugger/Debugger.h:
3386         * parser/Parser.h:
3387         (JSC::Parser::parse):
3388         * parser/SourceCode.h:
3389         (JSC::SourceCode::SourceCode):
3390         * parser/SourceProvider.h:
3391         (JSC::SourceProvider::startPosition):
3392
3393 2011-01-19  Csaba Osztrogonác  <ossy@webkit.org>
3394
3395         Reviewed by Laszlo Gombos and Tor Arne Vestbø.
3396
3397         [Qt] Remove unnecessary "../Source" from paths
3398         after moving source files into Source is finished.
3399
3400         * JavaScriptCore.pri:
3401
3402 2011-01-19  Benjamin Kalman  <kalman@chromium.org>
3403
3404         Reviewed by Darin Adler.
3405
3406         Don't return void from void function String::split
3407         https://bugs.webkit.org/show_bug.cgi?id=52684
3408
3409         * wtf/text/WTFString.cpp:
3410         (WTF::String::split):
3411
3412 2011-01-18  Kenneth Russell  <kbr@google.com>
3413
3414         Unreviewed, rolling out r76078.
3415         http://trac.webkit.org/changeset/76078
3416         https://bugs.webkit.org/show_bug.cgi?id=52668
3417
3418         Caused crashes of fast/canvas/webgl/constants.html,
3419         fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
3420         test crashes in Release mode. WebGL crashes were observed with
3421         "run-webkit-tests fast/canvas/webgl". It was necessary to run
3422         multiple tests to provoke the crash.
3423
3424         * interpreter/RegisterFile.h:
3425         (JSC::RegisterFile::markGlobals):
3426         * runtime/JSActivation.cpp:
3427         (JSC::JSActivation::markChildren):
3428         * runtime/JSGlobalObject.cpp:
3429         (JSC::JSGlobalObject::markChildren):
3430
3431 2011-01-18  Oliver Hunt  <oliver@apple.com>
3432
3433         Reviewed by Gavin Barraclough.
3434
3435         [jsfunfuzz] Assertion asking activation for arguments when arguments is overridden
3436         https://bugs.webkit.org/show_bug.cgi?id=52690
3437
3438         Clean up code to retrieve arguments from activation and function objects.
3439         Remove the incorrect assertion from JSActivation's argumentsGetter.
3440
3441         * interpreter/Interpreter.cpp:
3442         (JSC::Interpreter::retrieveArguments):
3443         * runtime/JSActivation.cpp:
3444         (JSC::JSActivation::argumentsGetter):
3445
3446 2011-01-18  Geoffrey Garen  <ggaren@apple.com>
3447
3448         Reviewed by Darin Adler.
3449
3450         Removed RegisterFile::markGlobals because it was obtuse, and it
3451         unnecessarily relied on conservative marking.
3452         https://bugs.webkit.org/show_bug.cgi?id=52668
3453
3454         * interpreter/RegisterFile.h: Removed markGlobals.
3455
3456         * runtime/JSActivation.cpp:
3457         (JSC::JSActivation::markChildren): Added a comment explaning why some
3458         JSActivations don't always mark their registers arrays.
3459
3460         * runtime/JSGlobalObject.cpp:
3461         (JSC::JSGlobalObject::markChildren): Instead of calling markGlobals, mark
3462         the registers array directly.
3463
3464 2011-01-18  Michael Saboff  <msaboff@apple.com>
3465
3466         Reviewed by Oliver Hunt.
3467
3468         <rdar://problem/8875432> Regression: Some text-only e-mails cause hang beneath RegExp::match (52540)
3469         https://bugs.webkit.org/show_bug.cgi?id=52540
3470         https://bugs.webkit.org/show_bug.cgi?id=52662
3471
3472         Directly use backtrack label with parentheses nested under a
3473         non-capturing parentheses.  Also linked current parentheses
3474         tail code object for possible parens nested within a non-capturing
3475         parentheses.
3476
3477         * yarr/YarrJIT.cpp:
3478         (JSC::Yarr::YarrGenerator::BacktrackDestination::linkBacktrackToLabel):
3479         (JSC::Yarr::YarrGenerator::generateParenthesesSingle):
3480
3481 2011-01-18  Daniel Bates  <dbates@rim.com>
3482
3483         Reviewed by Gavin Barraclough.
3484
3485         Only use moving memory model assumption in ExecutableAllocator::intializePageSize() for Symbian OS
3486         https://bugs.webkit.org/show_bug.cgi?id=52517
3487
3488         Patch by David Tapuska
3489
3490         Currently, we compile code with respect to the Symbian-specific moving memory model
3491         assumption for all ARMv5 or lower architectures. Instead, we should only compile
3492         such code when building for Symbian OS on those architectures because this model
3493         is Symbian-specific.
3494
3495         * jit/ExecutableAllocator.cpp:
3496         (JSC::ExecutableAllocator::intializePageSize):
3497
3498 2011-01-18  Dimitry Andric  <dim@freebsd.org>
3499
3500         Reviewed by Andreas Kling.
3501
3502         Fix linking JavaScriptCore on FreeBSD/amd64
3503         https://bugs.webkit.org/show_bug.cgi?id=52591
3504
3505         Linking of JavaScriptCore on FreeBSD/amd64 fails, for the same reason as
3506         in bug 28422: cti_vm_throw needs a "@plt" suffix, otherwise the linker
3507         complains about the relocation type.
3508
3509         * jit/JITStubs.cpp: use @plt suffix on x86_64 platforms, for both Linux
3510         and FreeBSD.
3511
3512 2011-01-18  Oliver Hunt  <oliver@apple.com>
3513
3514         Reviewed by Antti Koivisto.
3515
3516         [jsfunfuzz] Assertion in codegen for array of NaN constants
3517         https://bugs.webkit.org/show_bug.cgi?id=52643
3518
3519         Don't cache NaN literals in the code generator, as NaN doesn't compare
3520         as equal to itself it causes problems when rehashing the number cache.
3521
3522         * bytecompiler/BytecodeGenerator.cpp:
3523         (JSC::BytecodeGenerator::emitLoad):
3524
3525 2011-01-17  Jarred Nicholls  <jarred@sencha.com>
3526
3527         Reviewed by Csaba Osztrogonác.
3528
3529         REGRESSION(r75709): Return value of fscanf() shouldn't be ignored.
3530         https://bugs.webkit.org/show_bug.cgi?id=52585
3531         
3532         gcc 4.4.4+ has warn_unused_value attribute on fscanf, so we should check
3533         the return value to get around the gcc warning
3534
3535         * jit/ExecutableAllocatorFixedVMPool.cpp:
3536         (JSC::maybeModifyVMPoolSize):
3537
3538 2011-01-17  Michael Saboff  <msaboff@apple.com>
3539
3540         Reviewed by Oliver Hunt.
3541
3542         [regexfuzz] Crash running regex with lookahead
3543         https://bugs.webkit.org/show_bug.cgi?id=52548
3544
3545         Eliminated agressive chaining of backtracks.  This code was overwriting
3546         already valid backtrack information.
3547
3548         * yarr/YarrJIT.cpp:
3549         (JSC::Yarr::YarrGenerator::ParenthesesTail::processBacktracks):
3550
3551 2011-01-17  Tony Gentilcore  <tonyg@chromium.org>
3552
3553         Reviewed by Alexey Proskuryakov.
3554
3555         Fix some headers with missing or misspelled #ifndef guards
3556         https://bugs.webkit.org/show_bug.cgi?id=52545
3557
3558         * wtf/RefPtrHashMap.h:
3559
3560 2011-01-17  Dan Bernstein  <mitz@apple.com>
3561
3562         Rubber-stamped by Mark Rowe.
3563
3564         Update xcodeproj svn:ignore to include xcuserdata.
3565
3566         * JavaScriptCore.xcodeproj: Modified property svn:ignore.
3567
3568 2011-01-16  Adam Barth  <abarth@webkit.org>
3569
3570         Rubber-stamped by Eric Seidel.
3571
3572         Move WebKit into Source
3573         https://bugs.webkit.org/show_bug.cgi?id=52530
3574
3575         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3576
3577 2011-01-16  Oliver Hunt  <oliver@apple.com>
3578
3579         Reviewed by Sam Weinig.
3580
3581         [jsfunfuzz] Parser doesn't correctly validate for-loop syntax
3582         https://bugs.webkit.org/show_bug.cgi?id=52516
3583
3584         Ensure that we always check for a semicolon after encountering
3585         multiple declarations in the initialiser portion of a for-loop.
3586
3587         * parser/JSParser.cpp:
3588         (JSC::JSParser::parseForStatement):
3589
3590 2011-01-16  Oliver Hunt  <oliver@apple.com>
3591
3592         Reviewed by Geoffrey Garen.
3593
3594         Strict mode restrictions on arguments and eval usage aren't complete
3595         https://bugs.webkit.org/show_bug.cgi?id=52528
3596
3597         Fix a few bugs in strict mode where we incorrect allow mutation of
3598         arguments and eval in the parser.
3599
3600         Alas the "optimisation" used by the syntax checker for validating
3601         binary and unary expressions was too aggressive: we do actually need
3602         a stack for operations and operands although it needn't be as complete
3603         as that used for the full AST builder.
3604
3605         Also disallow assignment to arguments in all cases as allowing arguments
3606         to be assignable is always an error in strict mode, regardless of context.
3607
3608         * parser/ASTBuilder.h:
3609         (JSC::ASTBuilder::BinaryExprContext::BinaryExprContext):
3610         (JSC::ASTBuilder::UnaryExprContext::UnaryExprContext):
3611         * parser/JSParser.cpp:
3612         (JSC::JSParser::parseAssignmentExpression):
3613         (JSC::JSParser::parseBinaryExpression):
3614         (JSC::JSParser::parseUnaryExpression):
3615         * parser/SyntaxChecker.h:
3616         (JSC::SyntaxChecker::BinaryExprContext::BinaryExprContext):
3617         (JSC::SyntaxChecker::BinaryExprContext::~BinaryExprContext):
3618         (JSC::SyntaxChecker::UnaryExprContext::UnaryExprContext):
3619         (JSC::SyntaxChecker::UnaryExprContext::~UnaryExprContext):
3620         (JSC::SyntaxChecker::appendBinaryExpressionInfo):
3621         (JSC::SyntaxChecker::operatorStackPop):
3622
3623 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3624
3625         Reviewed by Oliver Hunt.
3626
3627         Rolled back in r75886.
3628         https://bugs.webkit.org/show_bug.cgi?id=52527
3629         
3630         r75886 broke the GTK Linux bot because Linux was -- quite surprisingly --
3631         set up to use the constants for embedded devices.
3632
3633         * jit/ExecutableAllocatorFixedVMPool.cpp:
3634         (JSC::maybeModifyVMPoolSize): Separated Linux constants from embedded
3635         constants.
3636
3637 2011-01-15  Sheriff Bot  <webkit.review.bot@gmail.com>
3638
3639         Unreviewed, rolling out r75886.
3640         http://trac.webkit.org/changeset/75886
3641         https://bugs.webkit.org/show_bug.cgi?id=52526
3642
3643         "Broke GTK+ 64bit" (Requested by xan_ on #webkit).
3644
3645         * jit/ExecutableAllocatorFixedVMPool.cpp:
3646
3647 2011-01-15  Geoffrey Garen  <ggaren@apple.com>
3648
3649         Reviewed by Sam Weinig.
3650
3651         <rdar://problem/8870429> Shrink the executable pool on embedded devices
3652
3653         * jit/ExecutableAllocatorFixedVMPool.cpp: Dropped the pool size from 32MB
3654         to 16MB.
3655
3656 2011-01-15  Oliver Hunt  <oliver@apple.com>
3657
3658         Reviewed by Maciej Stachowiak.
3659
3660         Incorrect behavior changing attributes of an accessor
3661         https://bugs.webkit.org/show_bug.cgi?id=52515
3662
3663         defineProperty doesn't correctly handle changing attributes of an accessor
3664         property.  This is because we don't pass the full descriptor to the 
3665         putDescriptor helper function, which means we have insufficient information
3666         to do the right thing. Once that's passed the correct behavior is relatively
3667         simple to implement.
3668
3669         * runtime/JSObject.cpp:
3670         (JSC::putDescriptor):
3671         (JSC::JSObject::defineOwnProperty):
3672
3673 2011-01-14  Oliver Hunt  <oliver@apple.com>
3674
3675         Reviewed by Maciej Stachowiak.
3676
3677         [jsfunfuzz] Incorrect handling of consecutive duplicate labels
3678         https://bugs.webkit.org/show_bug.cgi?id=52505
3679
3680         Compare StringImpl*'s instead of Identifier*'s when looking for duplicate
3681         labels.
3682
3683         * parser/JSParser.cpp:
3684         (JSC::JSParser::parseExpressionOrLabelStatement):
3685
3686 2011-01-14  Simon Fraser  <simon.fraser@apple.com>
3687
3688         No review.
3689         
3690         Initialize m_operationInProgress after r75855.
3691
3692         * runtime/Heap.cpp:
3693         (JSC::Heap::Heap):
3694
3695 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3696
3697         Reverted accidentally committed code from my last checkin.
3698
3699         * runtime/Heap.cpp:
3700         (JSC::Heap::markRoots):
3701
3702 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3703
3704         Reviewed by Sam Weinig.
3705         
3706         Try to fix the GTK bot.
3707
3708         * runtime/Heap.cpp:
3709         (JSC::Heap::Heap):
3710         (JSC::Heap::markRoots): Kids, remember to initialize your data members.
3711         Knowing is half the battle.
3712
3713 2011-01-14  Oliver Hunt  <oliver@apple.com>
3714
3715         Reviewed by Stephanie Lewis.
3716
3717         [jsfunfuzz] We should be clearing the lexers temporary character buffers when switching to strict mode
3718         https://bugs.webkit.org/show_bug.cgi?id=52501
3719
3720         Clear the temporary character buffers used for reading escaped characters and
3721         numbers.
3722
3723         * parser/Lexer.h:
3724         (JSC::Lexer::setOffset):
3725
3726 2011-01-14  Geoffrey Garen  <ggaren@apple.com>
3727
3728         Try to fix non-Dtrace builds: #include Tracing.h instead of TracingDtrace.h.
3729
3730         * runtime/Heap.cpp:
3731
3732 2011-01-13  Geoffrey Garen  <ggaren@apple.com>
3733
3734         Reviewed by Oliver Hunt.
3735
3736         Split out a MarkedSpace strategy object from Heap.
3737         https://bugs.webkit.org/show_bug.cgi?id=52421
3738         
3739         SunSpider reports no change.
3740
3741         * Android.mk:
3742         * CMakeLists.txt:
3743         * GNUmakefile.am:
3744         * JavaScriptCore.gypi:
3745         * JavaScriptCore.pro:
3746         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3747         * JavaScriptCore.xcodeproj/project.pbxproj: Updated our 7 build systems. Which is cool.
3748
3749         * runtime/Heap.cpp:
3750         (JSC::Heap::Heap):
3751         (JSC::Heap::destroy):
3752         (JSC::Heap::recordExtraCost):
3753         (JSC::Heap::allocate):
3754         (JSC::Heap::markConservatively):
3755         (JSC::Heap::markRoots):
3756         (JSC::Heap::objectCount):
3757         (JSC::Heap::statistics):
3758         (JSC::Heap::size):
3759         (JSC::Heap::isBusy):
3760         (JSC::Heap::collectAllGarbage):
3761         (JSC::Heap::primaryHeapBegin):
3762         (JSC::Heap::primaryHeapEnd):
3763         * runtime/Heap.h:
3764         (JSC::Heap::globalData):
3765         (JSC::Heap::markedSpace):
3766         (JSC::Heap::isCellMarked):
3767         (JSC::Heap::checkMarkCell):
3768         (JSC::Heap::markCell): Moved all code pertaining to managing chunks of
3769         collector memory out of this class. Heap now just delegates to MarkedSpace.
3770
3771         * runtime/JSCell.h:
3772         (JSC::JSCell::Heap::heap): Updated for MarkedSpace delegation.
3773
3774         * runtime/JSValue.h: Moved the ValueStringPair typedef to help with #includes.
3775
3776         * runtime/MarkedSpace.cpp: Copied from runtime/Heap.cpp.
3777         (JSC::MarkedSpace::MarkedSpace):
3778         (JSC::MarkedSpace::destroy):
3779         (JSC::MarkedSpace::allocateBlock):
3780         (JSC::MarkedSpace::freeBlock):
3781         (JSC::MarkedSpace::allocate):
3782         (JSC::MarkedSpace::resizeBlocks):
3783         (JSC::MarkedSpace::growBlocks):
3784         (JSC::MarkedSpace::shrinkBlocks):
3785         (JSC::MarkedSpace::markConservatively):
3786         (JSC::MarkedSpace::clearMarkBits):
3787         (JSC::MarkedSpace::markedCells):
3788         (JSC::MarkedSpace::sweep):
3789         (JSC::MarkedSpace::objectCount):
3790         (JSC::MarkedSpace::addToStatistics):
3791         (JSC::MarkedSpace::statistics):
3792         (JSC::MarkedSpace::size):
3793         (JSC::MarkedSpace::reset):
3794         (JSC::MarkedSpace::primaryHeapBegin):
3795         (JSC::MarkedSpace::primaryHeapEnd):
3796         * runtime/MarkedSpace.h: Copied from runtime/Heap.h.
3797         (JSC::MarkedSpace::globalData):
3798         (JSC::MarkedSpace::didShrink):
3799         (JSC::MarkedSpace::cellBlock):
3800         (JSC::MarkedSpace::cellOffset):
3801         (JSC::MarkedSpace::isCellMarked):
3802         (JSC::MarkedSpace::checkMarkCell):
3803         (JSC::MarkedSpace::markCell): Moved all code pertaining to managing chunks of
3804         collector memory into this class.
3805
3806         * runtime/MemoryStatistics.cpp:
3807         (JSC::heapStatistics):
3808         * runtime/MemoryStatistics.h: Updated for MarkedSpace delegation.
3809
3810 2011-01-14  Oliver Hunt  <oliver@apple.com>
3811
3812         Reviewed by Gavin Barraclough.
3813
3814         [jsfunfuzz] parser doesn't enforce continue restrictions correctly.
3815         https://bugs.webkit.org/show_bug.cgi?id=52493
3816
3817         This patch reworks handling of break, continue and label statements
3818         to correctly handle all the valid and invalid cases.  Previously certain
3819         errors would be missed by the parser in strict mode, but the bytecode 
3820         generator needed to handle those cases for non-strict code so nothing
3821         failed, it simply became non-standard behaviour.
3822
3823         Now that we treat break and continue errors as early faults in non-strict
3824         mode as well that safety net has been removed so the parser bugs result in
3825         crashes at codegen time.
3826
3827         * parser/JSParser.cpp:
3828         (JSC::JSParser::ScopeLabelInfo::ScopeLabelInfo):
3829         (JSC::JSParser::next):
3830         (JSC::JSParser::nextTokenIsColon):
3831         (JSC::JSParser::continueIsValid):
3832             Continue is only valid in loops so we can't use breakIsValid()
3833         (JSC::JSParser::pushLabel):
3834             We now track whether the label is for a loop (and is therefore a
3835             valid target for continue.
3836         (JSC::JSParser::popLabel):
3837         (JSC::JSParser::getLabel):
3838             Replace hasLabel with getLabel so that we can validate the target
3839             when parsing continue statements.
3840         (JSC::JSParser::Scope::continueIsValid):
3841         (JSC::JSParser::Scope::pushLabel):
3842         (JSC::JSParser::Scope::getLabel):
3843         (JSC::JSParser::JSParser):
3844         (JSC::JSParser::parseBreakStatement):
3845         (JSC::JSParser::parseContinueStatement):
3846         (JSC::LabelInfo::LabelInfo):
3847         (JSC::JSParser::parseExpressionOrLabelStatement):
3848             Consecutive labels now get handled iteratively so that we can determine
3849             whether they're valid targets for continue.
3850         * parser/Lexer.cpp:
3851         (JSC::Lexer::nextTokenIsColon):
3852         * parser/Lexer.h:
3853         (JSC::Lexer::setOffset):
3854
3855 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3856
3857         Reviewed by Adam Roben.
3858
3859         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3860         https://bugs.webkit.org/show_bug.cgi?id=45186
3861
3862         * wtf/FastMalloc.cpp:
3863         (WTF::TCMalloc_PageHeap::scheduleScavenger): Added missing this pointer to CreateTimerQueueTimer().
3864
3865 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3866
3867         Reviewed by Adam Roben.
3868
3869         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3870         https://bugs.webkit.org/show_bug.cgi?id=45186
3871
3872         r75819 accidentally changed the initial state of the scavenge timer.
3873
3874         * wtf/FastMalloc.cpp:
3875         (WTF::TCMalloc_PageHeap::initializeScavenger): Changed initial state of m_scavengingSuspended to true.
3876
3877 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3878
3879         Unreviewed Windows Release build fix.
3880
3881         * wtf/FastMalloc.cpp:
3882         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3883
3884 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3885
3886         Unreviewed Windows Release build fix.
3887
3888         * wtf/FastMalloc.cpp:
3889         (WTF::TCMalloc_PageHeap::scavengerTimerFired):
3890
3891 2011-01-14  Patrick Gansterer  <paroga@webkit.org>
3892
3893         Reviewed by Adam Roben.
3894
3895         Use the Windows thread pool instead of an extra thread for FastMalloc scavenging
3896         https://bugs.webkit.org/show_bug.cgi?id=45186
3897
3898         Use CreateTimerQueueTimer() to start periodicScavenge() and stop it with DeleteTimerQueueTimer().
3899
3900         * wtf/FastMalloc.cpp:
3901         (WTF::TCMalloc_PageHeap::initializeScavenger):
3902         (WTF::TCMalloc_PageHeap::isScavengerSuspended):
3903         (WTF::TCMalloc_PageHeap::scheduleScavenger):
3904         (WTF::TCMalloc_PageHeap::rescheduleScavenger):
3905         (WTF::TCMalloc_PageHeap::suspendScavenger):
3906         (WTF::scavengerTimerFired):
3907         (WTF::TCMalloc_PageHeap::periodicScavenge):
3908         (WTF::TCMalloc_PageHeap::signalScavenger):
3909
3910 2011-01-14  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
3911
3912         Reviewed by Kenneth Rohde Christiansen.
3913
3914         Align import/export directives
3915         https://bugs.webkit.org/show_bug.cgi?id=52208
3916
3917         * API/JSBase.h: Align import/export directives with
3918         WebKit2/Shared/API/c/WKBase.h
3919
3920 2011-01-14  Michael Saboff  <msaboff@apple.com>
3921
3922         Reviewed by Oliver Hunt.
3923
3924         Incorrect backtracking for nested alternatives
3925         https://bugs.webkit.org/show_bug.cgi?id=52387
3926
3927         In the process of propigating a datalabel it wasn't getting connected
3928         to a destination when the destination was an indirect jump.  Added
3929         code to recognize a direct backtrack destination that was an indirect
3930         jump and added mechanism to associate DataLabelPtrs with indirect
3931         jump entries.
3932         Removed dead method
3933         BacktrackDestination::linkDataLabelToHereIfExists()
3934
3935         * yarr/YarrJIT.cpp:
3936         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::IndirectJumpEntry):
3937         (JSC::Yarr::YarrGenerator::IndirectJumpEntry::addDataLabel):
3938         (JSC::Yarr::YarrGenerator::GenerationState::addIndirectJumpEntry):
3939         (JSC::Yarr::YarrGenerator::GenerationState::emitIndirectJumpTable):
3940         Changes to link indirect jumps with DataLabelPtr's.
3941         (JSC::Yarr::YarrGenerator::BacktrackDestination::clearSubDataLabelPtr):
3942         (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists): 
3943         Updated to handle immediate linking of indirect jumps to
3944         DataLabelPtr.
3945         (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction): Changed to
3946         reflect updated linkDataLabelToBacktrackIfExists().
3947
3948 2011-01-14  Pavel Podivilov  <podivilov@chromium.org>
3949
3950         Reviewed by Yury Semikhatsky.
3951
3952         Web Inspector: provide script column offset to frontend.
3953         https://bugs.webkit.org/show_bug.cgi?id=52377
3954
3955         * parser/SourceCode.h:
3956         (JSC::SourceCode::SourceCode):
3957         (JSC::SourceCode::firstColumn):
3958
3959 2011-01-13  Darin Adler  <darin@apple.com>
3960
3961         Reviewed by Geoff Garen.
3962
3963         <rdar://problem/5469576> Use __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 if available.
3964
3965         * DerivedSources.make: Create a header file, HeaderDetection.h, that tells
3966         us whether pthread_machdep.h is available.
3967         * wtf/FastMalloc.cpp: If __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 is available, then
3968         don't do the pthread_getspecific_function_pointer trick.
3969         (WTF::setThreadHeap): Ditto, but set thread-specific data.
3970         (WTF::TCMalloc_ThreadCache::GetThreadHeap): Ditto, but get rather than set.
3971
3972 2011-01-13  Xan Lopez  <xlopez@igalia.com>
3973
3974         Reviewed by Gavin Barraclough.
3975
3976         JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
3977         https://bugs.webkit.org/show_bug.cgi?id=42756
3978
3979         The FixedVMPool Allocator does not work well on systems where
3980         allocating very large amounts of memory upfront is not reasonable,
3981         like Linux without overcommit enabled. As a workaround, on Linux,
3982         default to the values used in embedded environments (in the MB
3983         range), and only jump to the GB range if we detect at runtime that
3984         overcommit is enabled. Should fix crashes on Linux/x86_64 with
3985         less than 3 or 4GB of RAM.
3986
3987         * jit/ExecutableAllocatorFixedVMPool.cpp:
3988         (JSC::FixedVMPoolAllocator::free): use new variables for VM pool
3989         size and coalesce limit.
3990         (JSC::ExecutableAllocator::isValid): swap the variables from
3991         embedded to generic values at runtime, on linux, if overcommit is
3992         enabled.
3993         (JSC::ExecutableAllocator::underMemoryPressure): use new variables
3994         for VM pool size and coalesce limit.
3995
3996 2011-01-12  Xan Lopez  <xlopez@igalia.com>
3997
3998         Reviewed by Martin Robinson.
3999
4000         Add new Yarr.h header to the list file.
4001
4002         * GNUmakefile.am: ditto.
4003
4004 2011-01-12  Martin Robinson  <mrobinson@igalia.com>
4005
4006         Missing Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h in WebKitGtk tarball
4007         https://bugs.webkit.org/show_bug.cgi?id=52299
4008
4009         * GNUmakefile.am: Fix the GTK+ build on ARMv7 by including missing source
4010         files in the source list.
4011
4012 2011-01-12  Peter Varga  <pvarga@webkit.org>
4013
4014         Reviewed by Gavin Barraclough.
4015
4016         Add Yarr.h to YARR
4017         https://bugs.webkit.org/show_bug.cgi?id=51021
4018
4019         Move other common constants and functions from YARR's different files
4020         to Yarr.h.
4021         Use Yarr.h header instead of including other YARR headers where it
4022         is possible.
4023
4024         * JavaScriptCore.gypi:
4025         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4026         * JavaScriptCore.xcodeproj/project.pbxproj:
4027         * runtime/RegExp.cpp:
4028         * yarr/Yarr.h: Added.
4029         * yarr/YarrInterpreter.cpp:
4030         * yarr/YarrInterpreter.h:
4031         * yarr/YarrJIT.cpp:
4032         (JSC::Yarr::jitCompile):
4033         (JSC::Yarr::execute):
4034         * yarr/YarrJIT.h:
4035         * yarr/YarrParser.h:
4036         * yarr/YarrPattern.cpp:
4037         (JSC::Yarr::YarrPattern::compile):
4038         (JSC::Yarr::YarrPattern::YarrPattern):
4039         * yarr/YarrPattern.h:
4040
4041 2011-01-12  Sheriff Bot  <webkit.review.bot@gmail.com>
4042
4043         Unreviewed, rolling out r75595.
4044         http://trac.webkit.org/changeset/75595
4045         https://bugs.webkit.org/show_bug.cgi?id=52286
4046
4047         It broke fast/regex/pcre-test-1.html (Requested by Ossy on
4048         #webkit).
4049
4050         * JavaScriptCore.gypi:
4051         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4052         * JavaScriptCore.xcodeproj/project.pbxproj:
4053         * runtime/RegExp.cpp:
4054         * yarr/Yarr.h: Removed.
4055         * yarr/YarrInterpreter.cpp:
4056         * yarr/YarrInterpreter.h:
4057         * yarr/YarrJIT.cpp:
4058         (JSC::Yarr::jitCompile):
4059         * yarr/YarrJIT.h:
4060         (JSC::Yarr::execute):
4061         * yarr/YarrParser.h:
4062         * yarr/YarrPattern.cpp:
4063         (JSC::Yarr::compile):
4064         (JSC::Yarr::YarrPattern::YarrPattern):
4065         * yarr/YarrPattern.h:
4066
4067 2011-01-12  Peter Varga  <pvarga@webkit.org>
4068
4069         Reviewed by Gavin Barraclough.
4070
4071         Add Yarr.h to YARR
4072         https://bugs.webkit.org/show_bug.cgi?id=51021
4073
4074         Move other common constants and functions from YARR's different files
4075         to Yarr.h.
4076         Use Yarr.h header instead of including other YARR headers where it
4077         is possible.
4078
4079         * JavaScriptCore.gypi:
4080         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
4081         * JavaScriptCore.xcodeproj/project.pbxproj:
4082         * runtime/RegExp.cpp:
4083         * yarr/Yarr.h: Added.
4084         * yarr/YarrInterpreter.cpp:
4085         * yarr/YarrInterpreter.h:
4086         * yarr/YarrJIT.cpp:
4087         (JSC::Yarr::jitCompile):
4088         (JSC::Yarr::execute):
4089         * yarr/YarrJIT.h:
4090         * yarr/YarrParser.h:
4091         * yarr/YarrPattern.cpp:
4092         (JSC::Yarr::YarrPattern::compile):
4093         (JSC::Yarr::YarrPattern::YarrPattern):
4094         * yarr/YarrPattern.h:
4095
4096 2011-01-11  Michael Saboff  <msaboff@apple.com>
4097
4098         Reviewed by Geoffrey Garen.
4099
4100         Missing call to popTempSortVector() for exception case in JSArray::sort.
4101         https://bugs.webkit.org/show_bug.cgi?id=50718
4102
4103         Fix to patch of 50718 that added pushTempSortVector() and 
4104         popTempSortVector() to JSArray::sort() to mark elements during sort.
4105         Need to add popTempSortVector() for the return case if toString()
4106         had an exception.
4107
4108         * runtime/JSArray.cpp:
4109         (JSC::JSArray::sort): Added popTempSortVector()
4110
4111 2011-01-11  Xan Lopez  <xlopez@igalia.com>
4112
4113         Reviewed by Darin Adler.
4114
4115         Microoptimization in ~JSString
4116         https://bugs.webkit.org/show_bug.cgi?id=52222
4117
4118         The case where m_fibers is 0 seems to be the most common one
4119         (almost 1/2 of the time, followed at some distance by m_fibers = 1
4120         in 1/4 of the cases in a typical SunSpider execution). We can save
4121         one comparison in this common case by doing a bit of refactoring
4122         in the JSString destructor; overall a 0.3% progression, but only
4123         the string tests show improvement.
4124
4125         * runtime/JSString.h:
4126         (JSC::RopeBuilder::~JSString):
4127
4128 2011-01-10  Michael Saboff  <msaboff@apple.com>
4129
4130         Reviewed by Geoffrey Garen.
4131
4132         ASSERTION Failure in JSC::binaryChop
4133         https://bugs.webkit.org/show_bug.cgi?id=25614
4134
4135         Changed JITStubs::cti_register_file_check() to use the current stack's
4136         return PC to find the bytecode for handling the exception in the prior
4137         frame.  Also added the appropriate arrity check routine call to the
4138         JIT to bytecode vector (m_callReturnIndexVector) in the CodeBlock.
4139
4140         * jit/JIT.cpp:
4141         (JSC::JIT::privateCompile): Changed the arrity check call location
4142         so that it gets added to the m_calls list so that it's included in
4143         CodeBlock::m_callReturnIndexVector.
4144         * jit/JITStubs.cpp:
4145         (JSC::DEFINE_STUB_FUNCTION): Use the current call frame's return PC.
4146
4147 2011-01-10  Daniel Bates  <dbates@rim.com>
4148
4149         Reviewed by Martin Robinson.
4150
4151         Remove extraneous COMPILER(GCC) condition when checking GCC_VERSION_AT_LEAST()
4152         https://bugs.webkit.org/show_bug.cgi?id=52178
4153
4154         It is sufficient to test GCC_VERSION_AT_LEAST() instead of both COMPILER(GCC) and
4155         GCC_VERSION_AT_LEAST(). Notice GCC_VERSION_AT_LEAST() is defined to be 0 when we
4156         are not compiling with GCC.
4157
4158         Fixes style issues at the callsites (i.e. replace comma with comma-space in
4159         macro function argument list). Also, makes a spelling correction in a comment.
4160
4161         * jit/ExecutableAllocator.h:
4162         (JSC::ExecutableAllocator::cacheFlush):
4163         * wtf/Platform.h:
4164
4165 2011-01-10  Geoffrey Garen  <ggaren@apple.com>
4166
4167         Build fix: removed some uses of nextNumber that I missed last time.