2011-02-15 Gavin Barraclough Reviewed by Geoff Garen. Bug 54524 - Allow JSObject to fully utilize cell's capacity for inline storage. Currently JSObject is both directly instantiated for regular JS objects, and derived to implement subtypes. A consequence of this is that we need to ensure that sufficient space from the cell is left unused and available for any data members that will be introduced by subclasses of JSObject. By restructuring the internal storage array out of JSObject we can increase the size in the internal storage for regular objects. Add classes JSFinalObject and JSNonFinalObject. JSNonFinalObject retains as much additional capacity as is currently available to allow for data members in subclasses. JSFinalObject utilizes all available space for internal storage, and only allows construction through JSFinalObject::create(). The additional storage made available in the JSObject means that we need no longer rely on a union of the internal storage with a pointer to storage that is only valid for external storage. This means we can go back to always having a valid pointer to property storage, regardless of whether this is internal or external. This simplifies some cases of access to the array from C code, and significantly simplifies JIT access, since repatching no longer needs to be able to change between a load of the storage pointer / a LEA of the internal storage. * API/JSObjectRef.cpp: (JSObjectMake): * assembler/ARMAssembler.h: * assembler/ARMv7Assembler.h: * assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::repatchPointer): * assembler/MIPSAssembler.h: * assembler/MacroAssemblerARM.h: * assembler/MacroAssemblerARMv7.h: * assembler/MacroAssemblerMIPS.h: * assembler/MacroAssemblerX86.h: * assembler/MacroAssemblerX86_64.h: * assembler/RepatchBuffer.h: * assembler/X86Assembler.h: * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): * debugger/DebuggerActivation.h: * interpreter/Interpreter.cpp: (JSC::Interpreter::privateExecute): * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_resolve_global): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_resolve_global): * jit/JITPropertyAccess.cpp: (JSC::JIT::compileGetDirectOffset): (JSC::JIT::emit_op_get_by_pname): (JSC::JIT::compileGetByIdHotPath): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::compilePutDirectOffset): (JSC::JIT::patchGetByIdSelf): (JSC::JIT::patchPutByIdReplace): (JSC::JIT::privateCompileGetByIdProto): (JSC::JIT::privateCompileGetByIdSelfList): (JSC::JIT::privateCompileGetByIdProtoList): (JSC::JIT::privateCompileGetByIdChainList): (JSC::JIT::privateCompileGetByIdChain): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::compileGetByIdHotPath): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::compilePutDirectOffset): (JSC::JIT::compileGetDirectOffset): (JSC::JIT::patchGetByIdSelf): (JSC::JIT::patchPutByIdReplace): (JSC::JIT::privateCompileGetByIdProto): (JSC::JIT::privateCompileGetByIdSelfList): (JSC::JIT::privateCompileGetByIdProtoList): (JSC::JIT::privateCompileGetByIdChainList): (JSC::JIT::privateCompileGetByIdChain): (JSC::JIT::emit_op_get_by_pname): * jit/JITStubs.cpp: (JSC::DEFINE_STUB_FUNCTION): * runtime/Arguments.h: (JSC::Arguments::Arguments): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorInstance.h: * runtime/ExceptionHelpers.cpp: (JSC::InterruptedExecutionError::InterruptedExecutionError): (JSC::TerminatedExecutionError::TerminatedExecutionError): * runtime/JSArray.cpp: (JSC::JSArray::JSArray): * runtime/JSArray.h: * runtime/JSByteArray.cpp: (JSC::JSByteArray::JSByteArray): * runtime/JSByteArray.h: (JSC::JSByteArray::JSByteArray): * runtime/JSFunction.cpp: (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalObject.h: (JSC::constructEmptyObject): * runtime/JSNotAnObject.h: (JSC::JSNotAnObject::JSNotAnObject): * runtime/JSObject.cpp: (JSC::JSObject::createInheritorID): (JSC::JSObject::allocatePropertyStorage): * runtime/JSObject.h: (JSC::JSObject::propertyStorage): (JSC::JSNonFinalObject::JSNonFinalObject): (JSC::JSNonFinalObject::createStructure): (JSC::JSFinalObject::create): (JSC::JSFinalObject::createStructure): (JSC::JSFinalObject::JSFinalObject): (JSC::JSObject::offsetOfInlineStorage): (JSC::constructEmptyObject): (JSC::createEmptyObjectStructure): (JSC::JSObject::JSObject): (JSC::JSObject::~JSObject): (JSC::Structure::isUsingInlineStorage): * runtime/JSObjectWithGlobalObject.cpp: (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject): * runtime/JSObjectWithGlobalObject.h: (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject): * runtime/JSTypeInfo.h: (JSC::TypeInfo::TypeInfo): (JSC::TypeInfo::isVanilla): * runtime/JSVariableObject.h: (JSC::JSVariableObject::JSVariableObject): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::JSWrapperObject): * runtime/ObjectConstructor.cpp: (JSC::constructObject): * runtime/ObjectPrototype.cpp: (JSC::ObjectPrototype::ObjectPrototype): * runtime/ObjectPrototype.h: * runtime/StrictEvalActivation.cpp: (JSC::StrictEvalActivation::StrictEvalActivation): * runtime/StrictEvalActivation.h: * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::growPropertyStorageCapacity): 2011-02-16 Oliver Hunt Reviewed by Geoff Garen. Incorrect handling of global writes in dynamic contexts https://bugs.webkit.org/show_bug.cgi?id=49383 * interpreter/Interpreter.cpp: (JSC::Interpreter::privateExecute): Can't use the existing callframe to return an uncaught exception as by definition that callframe has already been torn down. * parser/ASTBuilder.h: (JSC::ASTBuilder::ASTBuilder): (JSC::ASTBuilder::varDeclarations): (JSC::ASTBuilder::funcDeclarations): (JSC::ASTBuilder::features): (JSC::ASTBuilder::numConstants): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::addVar): (JSC::ASTBuilder::incConstants): (JSC::ASTBuilder::usesThis): (JSC::ASTBuilder::usesCatch): (JSC::ASTBuilder::usesClosures): (JSC::ASTBuilder::usesArguments): (JSC::ASTBuilder::usesAssignment): (JSC::ASTBuilder::usesWith): (JSC::ASTBuilder::usesEval): Don't need a vector of scopes in the ASTBuilder * runtime/Operations.h: (JSC::resolveBase): In strict mode the optimisation that we use to skip a lookup on the global object is incorrect and lead to us always disallowing global writes when we needed to do a dynamic slot lookup. Now the strict mode path actually checks for the property. 2011-02-15 Jon Honeycutt Windows build fix for https://bugs.webkit.org/show_bug.cgi?id=54415 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Remove deleted files. 2011-02-15 Oliver Hunt Fix EFL build for https://bugs.webkit.org/show_bug.cgi?id=54415 * CMakeLists.txt: 2011-02-14 Oliver Hunt Reviewed by Gavin Barraclough and Geoff Garen. Refactor handles and weak pointers to become nicer and more automatic https://bugs.webkit.org/show_bug.cgi?id=54415 Move to a true handle based mechanism for GC value protection. This also allows us to switch to a more sensible behaviour for weak pointers in which weak pointers are automatically updated. This allows us to remove the old (and convoluted) that required all objects that may be held by a weak reference to be aware of the reference and manually clear them in their destructors. This also adds a few new data types to JSC that we use to efficiently allocate and return the underlying handle storage. This patch is largely renaming and removing now unnecessary destructors from objects. * API/JSClassRef.cpp: (OpaqueJSClass::create): (OpaqueJSClassContextData::OpaqueJSClassContextData): (OpaqueJSClass::contextData): (OpaqueJSClass::prototype): * API/JSClassRef.h: * CMakeLists.txt: * GNUmakefile.am: * JavaScriptCore.exp: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: * JavaScriptCore.vcproj/WTF/WTF.vcproj: * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: * JavaScriptCore.xcodeproj/project.pbxproj: * collector/handles/Global.h: Added. New Global handle type used to keep gc objects live, even if they're not marked. (JSC::Global::Global): (JSC::Global::~Global): (JSC::Global::set): We can only assign directly to a global from another global. In all other cases we need the JSGlobalData to be provided explicitly so we use a set function. (JSC::Global::operator=): (JSC::Global::clear): (JSC::Global::isHashTableDeletedValue): (JSC::Global::internalSet): * collector/handles/Handle.h: Added. Root "Handle" type used for immutable handles and to provide the basic APIs needed for pointer-like behaviour. (JSC::HandleBase::operator!): (JSC::HandleBase::operator UnspecifiedBoolType*): (JSC::HandleBase::isEmpty): (JSC::HandleBase::HandleBase): (JSC::HandleBase::slot): (JSC::HandleBase::invalidate): (JSC::HandleBase::setSlot): (JSC::HandleTypes::getFromSlot): (JSC::HandleTypes::toJSValue): (JSC::HandleTypes::validateUpcast): (JSC::HandleConverter::operator->): (JSC::HandleConverter::operator*): (JSC::Handle::Handle): (JSC::Handle::get): (JSC::Handle::wrapSlot): (JSC::operator==): (JSC::operator!=): * collector/handles/HandleHeap.cpp: Added. New heap for global handles. (JSC::HandleHeap::HandleHeap): (JSC::HandleHeap::grow): (JSC::HandleHeap::markStrongHandles): (JSC::HandleHeap::updateAfterMark): (JSC::HandleHeap::clearWeakPointers): (JSC::HandleHeap::writeBarrier): * collector/handles/HandleHeap.h: Added. (JSC::HandleHeap::heapFor): (JSC::HandleHeap::toHandle): (JSC::HandleHeap::toNode): (JSC::HandleHeap::allocate): (JSC::HandleHeap::deallocate): (JSC::HandleHeap::makeWeak): Convert a hard handle into weak handle that does not protect the object it points to. (JSC::HandleHeap::makeSelfDestroying): Converts a handle to a weak handle that will be returned to the free list when the referenced object dies. (JSC::HandleHeap::Node::Node): (JSC::HandleHeap::Node::slot): (JSC::HandleHeap::Node::handleHeap): (JSC::HandleHeap::Node::setFinalizer): (JSC::HandleHeap::Node::makeWeak): (JSC::HandleHeap::Node::isWeak): (JSC::HandleHeap::Node::makeSelfDestroying): (JSC::HandleHeap::Node::isSelfDestroying): (JSC::HandleHeap::Node::finalizer): (JSC::HandleHeap::Node::setPrev): (JSC::HandleHeap::Node::prev): (JSC::HandleHeap::Node::setNext): (JSC::HandleHeap::Node::next): * interpreter/Interpreter.cpp: (JSC::Interpreter::Interpreter): * interpreter/Interpreter.h: * interpreter/RegisterFile.cpp: (JSC::RegisterFile::globalObjectCollected): * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile): * runtime/GCHandle.cpp: Removed. * runtime/GCHandle.h: Removed. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::destroy): (JSC::Heap::markRoots): * runtime/Heap.h: (JSC::Heap::allocateGlobalHandle): (JSC::Heap::reportExtraMemoryCost): * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalData.h: (JSC::JSGlobalData::allocateGlobalHandle): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::~JSGlobalObject): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::create): (JSC::JSPropertyNameIterator::~JSPropertyNameIterator): * runtime/JSPropertyNameIterator.h: (JSC::JSPropertyNameIterator::createStructure): (JSC::Structure::setEnumerationCache): (JSC::Structure::clearEnumerationCache): * runtime/Protect.h: * runtime/Structure.cpp: (JSC::Structure::~Structure): * runtime/Structure.h: * runtime/WeakGCPtr.h: (JSC::WeakGCPtrBase::get): (JSC::WeakGCPtrBase::clear): (JSC::WeakGCPtrBase::operator!): (JSC::WeakGCPtrBase::operator UnspecifiedBoolType*): (JSC::WeakGCPtrBase::~WeakGCPtrBase): (JSC::WeakGCPtrBase::WeakGCPtrBase): (JSC::WeakGCPtrBase::internalSet): (JSC::LazyWeakGCPtr::LazyWeakGCPtr): (JSC::LazyWeakGCPtr::set): (JSC::WeakGCPtr::WeakGCPtr): (JSC::WeakGCPtr::operator=): * runtime/WriteBarrier.h: * wtf/BlockStack.h: Added. (WTF::::BlockStack): (WTF::::~BlockStack): (WTF::::blocks): (WTF::::grow): (WTF::::shrink): * wtf/SentinelLinkedList.h: Added. (WTF::::SentinelLinkedList): (WTF::::begin): (WTF::::end): (WTF::::push): (WTF::::remove): * wtf/SinglyLinkedList.h: Added. (WTF::::SinglyLinkedList): (WTF::::isEmpty): (WTF::::push): (WTF::::pop): 2011-02-15 Pratik Solanki Move WTF_USE_CFNETWORK to Platform.h https://bugs.webkit.org/show_bug.cgi?id=54168 Reviewed by Darin Adler. * wtf/Platform.h: Define WTF_USE_CFNETWORK for Windows builds. 2011-02-15 Geoffrey Garen Reviewed by Darin Adler. Moved MarkedBlock data members to the head of the block https://bugs.webkit.org/show_bug.cgi?id=54482 This allows for a variable-sized tail, to accommodate oversized blocks. SunSpider reports no change. * runtime/JSCell.h: (JSC::JSCell::MarkedBlock::allocate): * runtime/MarkedBlock.cpp: (JSC::MarkedBlock::destroy): (JSC::MarkedBlock::MarkedBlock): (JSC::MarkedBlock::sweep): * runtime/MarkedBlock.h: Added missing element to the CELLS_PER_BLOCK calculation. This kind of error is why we want to migrate to the system described below. (JSC::roundUpToMultipleOf): (JSC::MarkedBlock::firstCell): (JSC::MarkedBlock::cells): (JSC::MarkedBlock::cellNumber): Use subtraction instead of masking to calculate cell number. The mask is no longer correct because the first cell is not at the head of the block. (JSC::MarkedBlock::forEach): Replaced m_cells data member with a cells() accessor. We want to use sizeof(MarkedBlock) to calculate the size of the block header, so we can't have an explicit data member to represent the block tail. Also replaced iteration from zero with iteration from startCell(), since the first N cells are now occupied by the header. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::MarkedSpace): (JSC::MarkedSpace::reset): Replaced iteration from zero as above. 2011-02-15 Chris Rogers Reviewed by Alexey Proskuryakov. Fix Mutex::tryLock() on Windows to work properly with PlatformCondition::timedWait() https://bugs.webkit.org/show_bug.cgi?id=54408 * wtf/ThreadingWin.cpp: (WTF::PlatformCondition::timedWait): 2011-02-15 Xan Lopez Reviewed by Martin Robinson. Remove some dead code in ARMv7 https://bugs.webkit.org/show_bug.cgi?id=54461 * assembler/ARMv7Assembler.h: remove dead code. 2011-02-14 Geoffrey Garen Rubber-stamped by Gavin Barraclough. Some MarkedBlock refactoring. Made cells private. Renamed cells => m_cells marked => m_marks. * runtime/JSCell.h: (JSC::JSCell::MarkedBlock::allocate): * runtime/MarkedBlock.cpp: (JSC::MarkedBlock::destroy): (JSC::MarkedBlock::MarkedBlock): (JSC::MarkedBlock::sweep): * runtime/MarkedBlock.h: (JSC::MarkedBlock::isEmpty): (JSC::MarkedBlock::clearMarks): (JSC::MarkedBlock::markCount): (JSC::MarkedBlock::isMarked): (JSC::MarkedBlock::testAndSetMarked): (JSC::MarkedBlock::setMarked): (JSC::MarkedBlock::forEach): 2011-02-14 Adam Barth Reviewed by Eric Seidel. Add basic parser for Content Security Policy https://bugs.webkit.org/show_bug.cgi?id=54379 Add a constructor for copying a Vector into a String. I suspect there are a number of call sites that are doing this manually that would benefit from being moved to this API. * wtf/text/WTFString.h: (WTF::String::String): 2011-02-14 Pavel Podivilov Reviewed by Yury Semikhatsky. Web Inspector: use call frame column to determine execution line in source frame. https://bugs.webkit.org/show_bug.cgi?id=54001 * wtf/text/TextPosition.h: (WTF::ZeroBasedNumber::convertAsOneBasedInt): 2011-02-13 Jeremy Moskovich Reviewed by Adam Barth. Add a compile-time option to completely disable WebArchive support. https://bugs.webkit.org/show_bug.cgi?id=52712 Add an ENABLE(WEB_ARCHIVE) compile-time setting and use it for all WebArchive code. Ports Affected: WebArchive support is currently enabled for all ports that define PLATFORM(CF) apart from Qt. This patch preserves this behavior except that it also disables support in the Chromium port. * wtf/Platform.h: Add ENABLE_WEB_ARCHIVE definition and turn it off explicitly for Qt & Chromium ports. 2011-02-13 Cameron Zwarich Reviewed by Dan Bernstein. Bug 53760 - JSC fails to build with TOT Clang https://bugs.webkit.org/show_bug.cgi?id=53760 Fix -Woverloaded-virtual warnings. This is also a 6% speedup on the v8 raytrace benchmark; it is nothing-to-noise on everything else. * API/JSCallbackObject.h: Remove pointlessly overloaded method. * API/JSCallbackObjectFunctions.h: Ditto. * runtime/Arguments.cpp: (JSC::Arguments::put): Change signature to match the base class. This implementation was no longer being called by anyone. This wasn't noticed because it is merely an optimization of the base class' implementation. * runtime/Arguments.h: Ditto. 2011-02-12 Adam Barth Reviewed by Mark Rowe. Use /dev/urandom as the OSRandomSource on OS(DARWIN) https://bugs.webkit.org/show_bug.cgi?id=54279 I'm not sure it makes much of a difference whether we use arc4random or /dev/urandom on Mac. However, there's some aesthetic benefit to using the same underlying API on as many platforms as reasonable. * config.h: * wtf/OSRandomSource.cpp: (WTF::cryptographicallyRandomValuesFromOS): 2011-02-12 Adam Barth Reviewed by Kenneth Russell. Enable ArrayBuffers by default https://bugs.webkit.org/show_bug.cgi?id=54310 Export the required functions. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: 2011-02-11 Daniel Bates Reviewed by Geoffrey Garen. Remove explicit disable ENABLE_ASSEMBLER_WX_EXCLUSIVE on non-iOS ports https://bugs.webkit.org/show_bug.cgi?id=54107 It is unnecessary to explicitly disable ENABLE_ASSEMBLER_WX_EXCLUSIVE by the definition of ENABLE(). * wtf/Platform.h: 2011-02-11 Geoffrey Garen Not reviewed. Randomly touch some build files in the hopes of fixing the Qt build. * JavaScriptCore.gypi: * JavaScriptCore.pri: * JavaScriptCore.pro: 2011-02-11 Geoffrey Garen Reviewed by Sam Weinig. Garbage collection timer cycles forever, even when nothing is happening https://bugs.webkit.org/show_bug.cgi?id=54320 (Rolling back in r78386 with the build fixed.) * runtime/GCActivityCallbackCF.cpp: (JSC::DefaultGCActivityCallbackPlatformData::trigger): Be sure to make our timer inert after forcing a GC, to avoid GC'ing repeatedly. 2011-02-11 Geoffrey Garen Not reviewed. Used svn merge -r78386:78385 to roll out r78386 because it broke the build. * runtime/GCActivityCallbackCF.cpp: (JSC::DefaultGCActivityCallbackPlatformData::trigger): 2011-02-11 Geoffrey Garen Reviewed by Sam Weinig. Garbage collection timer cycles forever, even when nothing is happening https://bugs.webkit.org/show_bug.cgi?id=54320 * runtime/GCActivityCallbackCF.cpp: (JSC::DefaultGCActivityCallbackPlatformData::trigger): Be sure to make our timer inert after forcing a GC, to avoid GC'ing repeatedly. 2011-02-11 Geoffrey Garen Try to fix the Windows build: added an exported symbol. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: 2011-02-11 Geoffrey Garen Reviewed by Oliver Hunt. A little more encapsulation for the heap: Removed CollectorHeapIterator https://bugs.webkit.org/show_bug.cgi?id=54298 CollectorHeapIterator is a God object that knows the internals of each of the pieces of the heap. This undermines the encapsulation I'm trying to achieve by splitting concepts into different classes. As an alternative, I've given each class a forEach iteration function, which takes a functor as an argument. Now, each class just needs to know how to iterate the things it knows about. * GNUmakefile.am: * JavaScriptCore.exp: * JavaScriptCore.gypi: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Removed CollectorHeapIterator. * debugger/Debugger.cpp: (JSC::Recompiler::Recompiler): (JSC::Recompiler::~Recompiler): (JSC::Recompiler::operator()): (JSC::Debugger::recompileAllJSFunctions): Updated to use forEach interface instead of an iterator. * runtime/CollectorHeapIterator.h: Removed. * runtime/Heap.cpp: (JSC::TypeCounter::TypeCounter): (JSC::TypeCounter::typeName): (JSC::TypeCounter::operator()): (JSC::TypeCounter::take): (JSC::Heap::protectedObjectTypeCounts): (JSC::Heap::objectTypeCounts): Added forEach and removed iterator. * runtime/Heap.h: (JSC::Heap::forEach): * runtime/JSGlobalData.cpp: (JSC::Recompiler::operator()): (JSC::JSGlobalData::recompileAllJSFunctions): * runtime/MarkedBlock.h: (JSC::MarkedBlock::forEach): Added forEach. Removed friend declaration for CollectorHeapIterator. Now, we can make all our data private and change it without breaking any other classes. * runtime/MarkedSpace.cpp: * runtime/MarkedSpace.h: (JSC::MarkedSpace::forEach): Added forEach and removed iterator. 2011-02-11 Adam Barth Reviewed by Andreas Kling. CryptographicRandomNumber has its threading ifdefs backwards https://bugs.webkit.org/show_bug.cgi?id=54280 Turns out we want the mutex when thread is enabled. :) * wtf/CryptographicallyRandomNumber.cpp: (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber): (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues): 2011-02-10 Adam Barth Reviewed by Eric Seidel. WebKit should have a cryptographic RNG https://bugs.webkit.org/show_bug.cgi?id=22049 Teach JavaScriptCore how to export this function. * JavaScriptCore.exp: * JavaScriptCore.xcodeproj/project.pbxproj: 2011-02-10 Geoffrey Garen Reviewed by Sam Weinig. A little more encapsulation for MarkedBlock: Made all constants private so clients don't know whether allocations are fixed-sized or not https://bugs.webkit.org/show_bug.cgi?id=54270 SunSpider reports no change. * runtime/CollectorHeapIterator.h: (JSC::CollectorHeapIterator::advance): Updated for removal of HeapConstants. * runtime/Error.cpp: Switched to using ASSERT_CLASS_FITS_IN_CELL, like all other classes. * runtime/Heap.cpp: (JSC::Heap::allocate): Updated for removal of HeapConstants. (JSC::Heap::reset): Updated to use size(), instead of calculating size on our own. * runtime/Heap.h: Moved the ASSERT here to MarkedBlock, since it enforces on special knowledge of fixed-sizery, which only MarkedBlock is supposed to know about. * runtime/JSCell.h: (JSC::JSCell::MarkedBlock::allocate): Updated for removal of HeapConstants. Also changed to reset nextCell to 0 at the end of a block, since that seems more consistent. * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::storeVPtrs): Changed to use a fixed array of char. This hard-coded size is a little wonky, but the compiler will tell us if it's ever wrong, so I think it's OK. * runtime/MarkedBlock.cpp: (JSC::MarkedBlock::destroy): (JSC::MarkedBlock::MarkedBlock): (JSC::MarkedBlock::sweep): Updated for removal of HeapConstants. * runtime/MarkedBlock.h: (JSC::MarkedBlock::isEmpty): (JSC::MarkedBlock::clearMarks): (JSC::MarkedBlock::size): (JSC::MarkedBlock::capacity): Made constants private to this class. Removed HeapConstants. Added size() and capacity() functions. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::objectCount): (JSC::MarkedSpace::size): (JSC::MarkedSpace::capacity): * runtime/MarkedSpace.h: Use MarkedBlock helper functions instead of direct knowledge of MarkedBlock internals. 2011-02-10 Geoffrey Garen Reviewed by Sam Weinig. A little more encapsulation for MarkedBlock: Made mark bits private https://bugs.webkit.org/show_bug.cgi?id=54264 SunSpider reports no change. * runtime/Heap.cpp: (JSC::Heap::markRoots): (JSC::Heap::reset): Renamed clearMarkBits => clearMarks, since clients don't need to know that marks are represented as bits. Renamed markedCells => markCount, since clients don't need to know that blocks are split into cells. * runtime/MarkedBlock.h: (JSC::MarkedBlock::isEmpty): (JSC::MarkedBlock::clearMarks): (JSC::MarkedBlock::markCount): New helper functions for encapsulating the information clients actually need. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::destroy): (JSC::MarkedSpace::shrink): (JSC::MarkedSpace::clearMarks): (JSC::MarkedSpace::markCount): (JSC::MarkedSpace::objectCount): * runtime/MarkedSpace.h: Use new helper functions instead of accessing MarkedBlock data directly. 2011-02-10 Michael Saboff Reviewed by Geoffrey Garen. Cached JavaScript Parser Data Being Left in Memory Cache https://bugs.webkit.org/show_bug.cgi?id=54245 Added clear method which removes SourceProviderCache items. Cleaned up extraneous whitespace. * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * parser/SourceProviderCache.cpp: (JSC::SourceProviderCache::~SourceProviderCache): (JSC::SourceProviderCache::clear): (JSC::SourceProviderCache::byteSize): (JSC::SourceProviderCache::add): * parser/SourceProviderCache.h: 2011-02-10 Joseph Pecoraro Follow-up fix to r78291. I should pass (int) 0, not '0' to memset. * runtime/GCActivityCallbackCF.cpp: (JSC::DefaultGCActivityCallback::commonConstructor): fix mistaken post-review change. 2011-02-10 Joseph Pecoraro Reviewed by Geoffrey Garen. Make DefaultGCActivityCallback for PLATFORM(CF) Easier to Subclass https://bugs.webkit.org/show_bug.cgi?id=54257 A subclass may want to specify the CFRunLoop that the Garbage Collection will happen on. It was difficult to manipulate this in a subclass because the current DefaultGCActivityCallback class does this in its constructor. This patch generalizes things a bit more so that a specific run loop can be passed in to the constructor. This makes it so all run loop management can stay in DefaultGCActivityCallback and a subclass can specify any runloop. * runtime/GCActivityCallback.h: expose a PLATFORM(CF) constructor that can specify the runloop GC can be scheduled on. * runtime/GCActivityCallbackCF.cpp: (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback): two constructors, one that specifies the run loop and passes that on to commonConstructor and the old constructor defaults to the current run loop. (JSC::DefaultGCActivityCallback::commonConstructor): do normal construction, adding the timer to the given runloop. 2011-02-10 Geoffrey Garen Reviewed by Oliver Hunt. A little more encapsulation for MarkedBlock: Moved allocate() and sweep() into MarkedBlock https://bugs.webkit.org/show_bug.cgi?id=54253 SunSpider reports no change. * runtime/CollectorHeapIterator.h: Removed DeadObjectIterator, since it is now unused. * runtime/Heap.cpp: (JSC::Heap::reset): Moved the call to shrink() here, since it seems a little more clear for MarkedSpace's client to tell it explicitly when to shrink. * runtime/JSCell.h: (JSC::JSCell::MarkedBlock::allocate): Split out from MarkedSpace::allocate. * runtime/MarkedBlock.cpp: (JSC::MarkedBlock::sweep): Split out from MarkedSpace::sweep, and converted to more directly iterate a MarkedBlock based on knowing its internal structure. * runtime/MarkedBlock.h: * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::sweep): * runtime/MarkedSpace.h: Split out the code mentioned above. 2011-02-10 Patrick Gansterer Reviewed by Andreas Kling. Fix compilation error on OpenBSD https://bugs.webkit.org/show_bug.cgi?id=53766 Add a HAVE_STRNSTR in Platform.h and define it only on Darwin and FreeBSD. * wtf/Platform.h: * wtf/StringExtras.h: Use HAVE(STRNSTR) now. 2011-02-10 Adam Roben Print locations of assertions and logs in a way that Visual Studio understands With this change, double-clicking one of these locations in Visual Studio's Output Window will focus that line of code in the editor. Fixes Double-clicking locations of assertions/logs in Visual Studio's Output Window does nothing Reviewed by Alexey Proskuryakov. * wtf/Assertions.cpp: (printCallSite): Use OS(WINDOWS) instead of the meaningless OS(WIN). When we aren't using the debug CRT (and thus can't call _CrtDbgReport), print the file and line number using the same format that cl.exe uses when it prints compiler errors. 2011-02-10 Dan Bernstein LLVM Compiler build fix. * runtime/MarkedBlock.cpp: (JSC::MarkedBlock::create): 2011-02-10 Peter Varga Reviewed by Csaba Osztrogonác. Remove PCRE source from trunk https://bugs.webkit.org/show_bug.cgi?id=54188 * Android.mk: * Android.v8.wtf.mk: * CMakeLists.txt: * DerivedSources.make: * DerivedSources.pro: * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.order: * JavaScriptCore.pri: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: * JavaScriptCore.vcproj/WTF/WTFCommon.vsprops: * JavaScriptCore.vcproj/jsc/jscCommon.vsprops: * JavaScriptCore.xcodeproj/project.pbxproj: * pcre/AUTHORS: Removed. * pcre/COPYING: Removed. * pcre/dftables: Removed. * pcre/pcre.h: Removed. * pcre/pcre.pri: Removed. * pcre/pcre_compile.cpp: Removed. * pcre/pcre_exec.cpp: Removed. * pcre/pcre_internal.h: Removed. * pcre/pcre_tables.cpp: Removed. * pcre/pcre_ucp_searchfuncs.cpp: Removed. * pcre/pcre_xclass.cpp: Removed. * pcre/ucpinternal.h: Removed. * pcre/ucptable.cpp: Removed. * wscript: 2011-02-10 Patrick Gansterer Reviewed by Adam Barth. Add randomValuesFromOS for OS(WINDOWS) https://bugs.webkit.org/show_bug.cgi?id=54155 Use CryptGenRandom for generating cryptographically secure random numbers. This will work on WinCE and MinGW too. * config.h: * wtf/OSRandomSource.cpp: (WTF::randomValuesFromOS): 2011-02-10 Jarred Nicholls Reviewed by Adam Barth. REGRESSION(r78149): Return value of read() shouldn't be ignored. https://bugs.webkit.org/show_bug.cgi?id=54167 stdio read should have its return value handled. Build error in gcc 4.4.5. * wtf/OSRandomSource.cpp: (WTF::randomValuesFromOS): 2011-02-10 Patrick Gansterer Reviewed by Adam Barth. Rename randomValuesFromOS to cryptographicallyRandomValuesFromOS https://bugs.webkit.org/show_bug.cgi?id=54156 randomValuesFromOS generates random numbers of cryptographic quality. Make this clear by adding "cryptographically" to the function name. * wtf/CryptographicallyRandomNumber.cpp: (WTF::ARC4Stream::ARC4RandomNumberGenerator::stir): * wtf/OSRandomSource.cpp: (WTF::cryptographicallyRandomValuesFromOS): * wtf/OSRandomSource.h: 2011-02-09 Mark Rowe Reviewed by Sam Weinig. Malloc zone enumeration code should be safe in the face of errors from the memory reader. * wtf/FastMalloc.cpp: (WTF::PageHeapAllocator::recordAdministrativeRegions): Use the new helper function to walk the linked list safely. (WTF::TCMalloc_ThreadCache_FreeList::enumerateFreeObjects): Ditto. (WTF::TCMalloc_Central_FreeList::enumerateFreeObjects): Ditto. (WTF::TCMallocStats::PageMapFreeObjectFinder::visit): Bail out if the span could not be read. (WTF::TCMallocStats::PageMapMemoryUsageRecorder::visit): Ditto. * wtf/MallocZoneSupport.h: (WTF::RemoteMemoryReader::operator()): Remove an assert that is not valid. (WTF::RemoteMemoryReader::nextEntryInLinkedList): Add a helper function for retrieving the next entry in a linked list. It maps a failed read of the remote memory in to a null pointer, which all callers can handle gracefully. 2011-02-09 Gavin Barraclough Reviewed by Sam Weinig. Bug 54164 - Optimize global_var accesses on JSVALUE64 Directly embed the pointer to d->registers, optimize out the load from the variable object, as we do already in JSVALUE32_64. This is a ~1.5% win on sunspidey. * jit/JIT.cpp: * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_get_global_var): (JSC::JIT::emit_op_put_global_var): (JSC::JIT::emit_op_get_scoped_var): (JSC::JIT::emit_op_put_scoped_var): 2011-02-09 Geoffrey Garen Reviewed by Oliver Hunt. A little more encapsulation for MarkedBlock: Made MarkedBlock responsible for its own initialization and destruction https://bugs.webkit.org/show_bug.cgi?id=54137 * runtime/CollectorHeapIterator.h: Removed ObjectIterator since it is now unused. * runtime/JSCell.h: Maded MarkedBlock a friend so it can construct and destruct JSCells. * runtime/MarkedBlock.cpp: (JSC::MarkedBlock::create): (JSC::MarkedBlock::destroy): (JSC::MarkedBlock::MarkedBlock): Migrated initialization and destruction code from MarkedSpace, updating it not to use ObjectIterator. We don't want to use an abstract iterator since iteration will be unique to each block in the future. * runtime/MarkedBlock.h: Made the consructor private and moved it into the .cpp file because it's big now. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocateBlock): (JSC::MarkedSpace::freeBlock): Migrated code. * runtime/MarkedSpace.h: (JSC::CollectorHeap::collectorBlock): Keep a vector of MarkedBlock pointers instead of aligned allocations -- how MarkedBlocks are allocated is now an implementation detail of MarkedBlock. 2011-02-09 Adam Barth Another attempt to fix the Qt Windows build. * config.h: * wtf/OSRandomSource.cpp: (WTF::randomValuesFromOS): 2011-02-09 Adam Barth Attempt to fix the Qt Windows build. * wtf/OSRandomSource.cpp: (WTF::randomValuesFromOS): 2011-02-09 Adam Barth Reviewed by Eric Seidel. Add WTF::cryptographicallyRandomNumber https://bugs.webkit.org/show_bug.cgi?id=54083 Introduce a cryptographically strong random number generator to WTF. The random number generator is based on arc4random as found in: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c?rev=1.22 I've changed to source to WebKit style and abstracted the operating system interaction to OSRandomSource. We'll use this functionality to expose a cryptographically strong random number generator to JavaScript. * Android.mk: * Android.v8.wtf.mk: * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.vcproj/WTF/WTF.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * config.h: * wtf/CMakeLists.txt: * wtf/CryptographicallyRandomNumber.cpp: Added. (WTF::initMutexIfNeeded): (WTF::init): (WTF::addRandomData): (WTF::stir): (WTF::stirIfNeeded): (WTF::getByte): (WTF::getWord): (WTF::cryptographicallyRandomNumber): (WTF::cryptographicallyRandomValues): * wtf/CryptographicallyRandomNumber.h: Added. * wtf/OSRandomSource.cpp: Added. (WTF::randomValuesFromOS): * wtf/OSRandomSource.h: Added. * wtf/wtf.pri: 2011-02-09 Geoffrey Garen Try to fix the build. * wtf/Bitmap.h: Include string.h for memset. Not sure why this started failing now. 2011-02-09 Geoffrey Garen Reviewed by Sam Weinig. A tiny bit of encapsulation for MarkedBlock: made its heap data member private https://bugs.webkit.org/show_bug.cgi?id=54129 * runtime/MarkedBlock.h: (JSC::MarkedBlock::isCellAligned): (JSC::MarkedBlock::MarkedBlock): (JSC::MarkedBlock::heap): Made the heap data member private, and provided a constructor and an accessor. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocateBlock): * runtime/MarkedSpace.h: (JSC::MarkedSpace::heap): Use the constructor and accessor. 2011-02-09 Peter Varga Reviewed by Gavin Barraclough. Replace PCRE with Yarr in WebCore https://bugs.webkit.org/show_bug.cgi?id=53496 * JavaScriptCore.exp: * JavaScriptCore.gyp/JavaScriptCore.gyp: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.xcodeproj/project.pbxproj: * create_regex_tables: * runtime/RegExp.cpp: * wtf/Platform.h: * yarr/Yarr.h: * yarr/YarrJIT.cpp: * yarr/YarrJIT.h: * yarr/YarrParser.h: * yarr/YarrPattern.h: * yarr/YarrSyntaxChecker.h: * yarr/yarr.pri: Added. 2011-02-08 Geoffrey Garen Reviewed by Sam Weinig. Removed some dead code from Heap https://bugs.webkit.org/show_bug.cgi?id=54064 * runtime/MarkedSpace.cpp: Removed some now-unused constants and declarations. (JSC::MarkedSpace::allocate): Removed some ASSERTs that are also ASSERTed by our caller. Removed redundant typedefs. 2011-02-08 Geoffrey Garen Reviewed by Sam Weinig. Use a vector to track blocks in the Heap, instead of hand-rolled vector-like code https://bugs.webkit.org/show_bug.cgi?id=54062 SunSpider reports no change. * runtime/CollectorHeapIterator.h: (JSC::CollectorHeapIterator::isValid): (JSC::CollectorHeapIterator::isLive): Updated for new mark invariant: To know if an object is live, you just need to test its mark bit. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::MarkedSpace): Moved waterMark and highWaterMark from CollectorHeap into MarkedSpace, since they're global state. Removed call to memset since CollectorHeap is a true class with its own constructor now. (JSC::MarkedSpace::destroy): Change uses of m_heap.usedBlocks to m_heap.blocks.size(), and m_heap.numBlocks to m_heap.blocks.capacity(). (JSC::MarkedSpace::allocateBlock): (JSC::MarkedSpace::freeBlock): No need to manage our vector manually anymore. (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::shrink): (JSC::MarkedSpace::clearMarkBits): (JSC::MarkedSpace::markedCells): (JSC::MarkedSpace::sweep): (JSC::MarkedSpace::objectCount): (JSC::MarkedSpace::capacity): (JSC::MarkedSpace::reset): (JSC::MarkedSpace::primaryHeapEnd): * runtime/MarkedSpace.h: (JSC::CollectorHeap::CollectorHeap): (JSC::MarkedSpace::highWaterMark): (JSC::MarkedSpace::setHighWaterMark): (JSC::MarkedSpace::contains): Same as above. 2011-02-08 Geoffrey Garen Reviewed by Darin Adler. Give each MarkedBlock enough mark bits to cover the whole block https://bugs.webkit.org/show_bug.cgi?id=54029 SunSpider reports no change. This simplifies access to mark bits, since any cell-aligned pointer into a block now has a valid mark bit to test. * runtime/MarkedBlock.h: Changed CELLS_PER_BLOCK to account for the extra mark bits. This happens not to change its actual value. (JSC::MarkedBlock::cellNumber): (JSC::MarkedBlock::isMarked): (JSC::MarkedBlock::testAndSetMarked): (JSC::MarkedBlock::setMarked): Changed const JSCell* to const void* to remove a cast from our caller, and to more accurately reflect the fact that MarkedBlock is agnostic about the types pointed to by the pointers you pass to it. (JSC::MarkedBlock::isPossibleCell): Removed a null check. We now consider the null pointer to be a possible cell with a 0 (impossible) block. This removes a null check from marking. * runtime/MarkedSpace.cpp: * runtime/MarkedSpace.h: (JSC::MarkedSpace::contains): Simplified the contains check, and inlined the whole thing, now that it's so simple. 2011-02-08 Daniel Bates Rubber-stamped by Martin Robinson. Rename enum ProtectionSeting [sic] to ProtectionSetting. * jit/ExecutableAllocator.cpp: (JSC::ExecutableAllocator::reprotectRegion): * jit/ExecutableAllocator.h: 2011-02-08 Balazs Kelemen Reviewed by Andreas Kling. [Qt] Should not always define USE_SYSTEM_MALLOC https://bugs.webkit.org/show_bug.cgi?id=54007 * wtf/Platform.h: 2011-02-08 Dan Bernstein Reviewed by Maciej Stachowiak. LLVM Compiler build fix. * runtime/WriteBarrier.h: (JSC::WriteBarrier::WriteBarrier): 2011-02-07 Ryosuke Niwa Reviewed by Darin Adler. JSVariableObject::setRegisters should take PassOwnArrayPtr for registersArray. https://bugs.webkit.org/show_bug.cgi?id=53902 * runtime/Arguments.h: (JSC::JSActivation::copyRegisters): Uses OwnArrayPtr instead of Register*. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::copyGlobalsFrom): Ditto. * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::setRegisters): Takes PassOwnArrayPtr instead of Register* for registerArray. * runtime/JSVariableObject.h: (JSC::JSVariableObject::copyRegisterArray): Returns PassOwnArrayPtr instead of Register*. (JSC::JSVariableObject::setRegisters): Takes PassOwnArrayPtr instead of Register* for registerArray. 2011-02-07 Geoffrey Garen Reviewed by Sam Weinig. Removed some dead code from Heap https://bugs.webkit.org/show_bug.cgi?id=53969 SunSpider reports no change. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::shrink): (JSC::MarkedSpace::sweep): * runtime/MarkedSpace.h: Removed resizeBlocks and growBlocks, and renamed shrinkBlocks to shrink, making it unconditionally shrink as much as possible. 2011-02-07 Geoffrey Garen Reviewed by Oliver Hunt. Simplified the marked space's mark invariant https://bugs.webkit.org/show_bug.cgi?id=53968 SunSpider reports no change. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): Mark objects when allocating them. This means that, at all times other than the mark phase, an object is live if and only if it is marked. (JSC::MarkedSpace::containsSlowCase): Use the new mark invariant to simplify testing whether an object is live. 2011-02-07 Beth Dakin Reviewed by Eric Seidel. Fix for https://bugs.webkit.org/show_bug.cgi?id=53950 USE_WK_SCROLLBAR_PAINTER in ScrollbarThemeMac should be in Platform.h instead * wtf/Platform.h: 2011-02-07 Darin Adler Reviewed by Antti Koivisto. Add built-in decoder for UTF-8 for improved performance https://bugs.webkit.org/show_bug.cgi?id=53898 * wtf/unicode/UnicodeMacrosFromICU.h: Added U8_MAX_LENGTH and U8_APPEND_UNSAFE. Also fixed header. 2011-02-07 Adam Roben Delete precompiled headers whenever any .vsprops file changes Precompiled headers need to be rebuilt if, e.g., an ENABLE_* macro is changed in one of our .vsprops files. Unfortunately, Visual Studio isn't smart enough to figure this out, so we give it some assistance by deleting the precompiled headers whenever any .vsprops file changes. I also made some drive-by fixes while I was in the area. Fixes react-to-vsprops-changes.py doesn't force precompiled headers to be rebuilt, but should Reviewed by David Kilzer. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: Stop ignoring the return code from react-to-vsprops-changes.py so we will notice when errors are introduced. But skip the script entirely in production builds, where it is both unnecessary and can't function correctly (due to not having the entire source tree available to it). * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py: (main): Removed an extra '*' in the glob for finding manifest files. The extra '*' was leftover from before we rearranged WebKitBuild in r75138. Moved code to delete an old file to the new delete_if_older_than function. Added code to delete any precompiled headers older than the newest .vsprops file. (delete_if_older_than): Added. Code came from main. 2011-02-07 Antti Koivisto Not reviewed. ASSERTS_DISABLED -> ASSERT_DISABLED * wtf/BloomFilter.h: 2011-02-06 Ryosuke Niwa Unreviewed; speculative Qt build fix. * JavaScriptCore.pro: 2011-02-06 Ryosuke Niwa Reviewed by Darin Adler. OwnArraryPtr.h uses deleteOwnedPtr but doesn’t include OwnPtrCommon.h https://bugs.webkit.org/show_bug.cgi?id=52867 Removed LOOSE_OWN_ARRAY_PTR and OwnArrayPtr::set. Replaced all calls to OwnArrayPtr::set and loose instantiation of OwnArrayPtr by calls to operator= and adoptArrayPtr. Also removed OwnArrayPtrCommon.h since PassOwnArrayPtr.h needs to include OwnArrayPtr.h and there is no point in putting deleteOwnedArrayPtr into a separate header. Note: if this patch breaks build, the code is either instiantiating OwnArrayPtr without calling adoptArrayPtr or calling set on ArrayOwnPtr instead of operator=. No tests are added since this is a refactoring. * API/JSStringRefCF.cpp: (JSStringCreateWithCFString): Calls adoptArrayPtr. * GNUmakefile.am: Removed OwnArrayPtrCommon.h * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto. * JavaScriptCore.xcodeproj/project.pbxproj: Ditto. * runtime/Arguments.cpp: (JSC::Arguments::deleteProperty): Calls adoptArrayPtr. * runtime/Arguments.h: (JSC::Arguments::copyRegisters): Ditto. * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::JSPropertyNameIterator): Ditto. * runtime/JSVariableObject.h: (JSC::JSVariableObject::setRegisters): Calls operator= instead of set. * runtime/StructureChain.cpp: (JSC::StructureChain::StructureChain): Ditto. * wtf/CMakeLists.txt: * wtf/DateMath.h: (JSC::GregorianDateTime::GregorianDateTime): No longer instnatiates OwnArrayPtr with a null pointer. * wtf/OwnArrayPtr.h: * wtf/OwnArrayPtrCommon.h: Removed. * wtf/PassOwnArrayPtr.h: No longer includes OwnArrayCommon.h (WTF::deleteOwnedArrayPtr): Moved from OwnArrayPtrCommon.h 2011-02-06 Antti Koivisto Reviewed by Maciej Stachowiak. Use bloom filter for descendant selector filtering https://bugs.webkit.org/show_bug.cgi?id=53880 Implement a bloom filter with k=2 and 8 bit counting. * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.vcproj/WTF/WTF.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * wtf/BloomFilter.h: Added. (WTF::BloomFilter::maximumCount): (WTF::BloomFilter::BloomFilter): (WTF::BloomFilter::mayContain): (WTF::BloomFilter::add): (WTF::BloomFilter::remove): (WTF::BloomFilter::firstSlot): (WTF::BloomFilter::secondSlot): (WTF::::add): (WTF::::remove): (WTF::::clear): (WTF::::likelyEmpty): (WTF::::isClear): 2011-02-04 Geoffrey Garen Reviewed by Oliver Hunt. Rolled back in r77612 with ASSERT/crash fixed. https://bugs.webkit.org/show_bug.cgi?id=53759 Don't shrink the heap to 0 unconditionally. Instead, shrink to 1 if necessary. For now, the heap assumes that it always has at least one block live. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::reset): * runtime/Heap.h: * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::shrinkBlocks): (JSC::MarkedSpace::sweep): (JSC::MarkedSpace::reset): * runtime/MarkedSpace.h: (JSC::MarkedSpace::highWaterMark): (JSC::MarkedSpace::setHighWaterMark): 2011-02-04 David Kilzer BUILD FIX: REALLY remove the last vestiges of JSVALUE32! Remove last vestiges of JSVALUE32 * DerivedSources.make: Removed dependency on JavaScriptCore.JSVALUE32.exp. 2011-02-04 David Kilzer Remove last vestiges of JSVALUE32 Reviewed by Darin Adler. Support for JSVALUE32 was originaly removed in r70111. * Configurations/JavaScriptCore.xcconfig: Changed armv6 to use JavaScriptCore.JSVALUE32_64.exp and ppc64 to use JavaScriptCore.JSVALUE64.exp to match Platform.h. * DerivedSources.make: Removed rule for JavaScriptCore.JSVALUE32.exp. * JavaScriptCore.JSVALUE32only.exp: Removed. * JavaScriptCore.xcodeproj/project.pbxproj: Removed references to JavaScriptCore.JSVALUE32only.exp. 2011-02-04 David Kilzer Use static_cast and other style cleanup in YarrInterpreter.cpp Reviewed by John Sullivan. * yarr/YarrInterpreter.cpp: (JSC::Yarr::Interpreter::InputStream::readChecked): Use static_cast. (JSC::Yarr::Interpreter::InputStream::checkInput): Remove unnecessary else block. (JSC::Yarr::Interpreter::matchAssertionEOL): Ditto. (JSC::Yarr::Interpreter::backtrackBackReference): Ditto. (JSC::Yarr::ByteCompiler::emitDisjunction): Use static_cast. 2011-02-04 Sheriff Bot Unreviewed, rolling out r77625 and r77626. http://trac.webkit.org/changeset/77625 http://trac.webkit.org/changeset/77626 https://bugs.webkit.org/show_bug.cgi?id=53765 It broke Windows builds (Requested by Ossy_ on #webkit). * JavaScriptCore.exp: * JavaScriptCore.gyp/JavaScriptCore.gyp: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.xcodeproj/project.pbxproj: * create_regex_tables: * runtime/RegExp.cpp: * wtf/Platform.h: * yarr/Yarr.h: * yarr/YarrJIT.cpp: * yarr/YarrJIT.h: * yarr/YarrParser.h: * yarr/YarrPattern.h: * yarr/YarrSyntaxChecker.h: * yarr/yarr.pri: Removed. 2011-02-04 Jessie Berlin Windows build fix. Unreviewed. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: 2011-02-04 Peter Varga Reviewed by Gavin Barraclough. Replace PCRE with Yarr in WebCore https://bugs.webkit.org/show_bug.cgi?id=53496 * JavaScriptCore.exp: * JavaScriptCore.gyp/JavaScriptCore.gyp: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.xcodeproj/project.pbxproj: * create_regex_tables: * runtime/RegExp.cpp: * wtf/Platform.h: * yarr/Yarr.h: * yarr/YarrJIT.cpp: * yarr/YarrJIT.h: * yarr/YarrParser.h: * yarr/YarrPattern.h: * yarr/YarrSyntaxChecker.h: * yarr/yarr.pri: Added. 2011-02-04 Ilya Tikhonovsky Unreviewed rollout two patches r77614 and r77612. REGRESSION: Snow Leopard Intel Release anumber of failing tests. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::reset): * runtime/Heap.h: * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::sweep): (JSC::MarkedSpace::reset): * runtime/MarkedSpace.h: 2011-02-04 Geoffrey Garen Try to fix 32bit build. * runtime/Heap.cpp: (JSC::Heap::reset): Use an explicit cast to avoid shortening warnings, since 1.5 is double (64bit), and the result is size_t (32bit). 2011-02-03 Geoffrey Garen Reviewed by Cameron Zwarich. Changed MarkedSpace to delegate grow/shrink decisions to Heap https://bugs.webkit.org/show_bug.cgi?id=53759 SunSpider reports no change. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::reset): * runtime/Heap.h: Reorganized a few data members for better cache locality. Added a grow policy. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::sweep): (JSC::MarkedSpace::reset): Don't shrink automatically. Instead, wait for the heap to make an explicit sweep call. * runtime/MarkedSpace.h: (JSC::MarkedSpace::highWaterMark): (JSC::MarkedSpace::setHighWaterMark): Use a watermark to determine how many bytes to allocate before failing and giving the heap an opportunity to collect garbage. This also means that we allocate blocks on demand, instead of ahead of time. 2011-02-03 James Kozianski Reviewed by Dimitri Glazkov. Add navigator.registerProtocolHandler behind a flag. https://bugs.webkit.org/show_bug.cgi?id=52609 * Configurations/FeatureDefines.xcconfig: 2011-02-03 Geoffrey Garen Reviewed by Oliver Hunt. Not all blocks are freed when the heap is freed (counting is hard!) https://bugs.webkit.org/show_bug.cgi?id=53732 * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::destroy): Freeing a block compacts the list, so just keep freeing block 0 until there are no blocks left. 2011-02-03 Geoffrey Garen Try to fix the Mac build. * JavaScriptCore.xcodeproj/project.pbxproj: The new MarkedBlock.h header needs to be private, not project, so other projects can include headers that depend on it. 2011-02-03 Geoffrey Garen Reviewed by Sam Weinig. Start using MarkedBlock instead of CollectorBlock https://bugs.webkit.org/show_bug.cgi?id=53693 SunSpider reports no change. * runtime/MarkedBlock.h: (JSC::MarkedBlock::blockFor): (JSC::MarkedBlock::setMarked): (JSC::MarkedBlock::isCellAligned): (JSC::MarkedBlock::isPossibleCell): Updated for const-ness. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocateBlock): (JSC::MarkedSpace::containsSlowCase): (JSC::MarkedSpace::clearMarkBits): Updated for const-ness. * runtime/MarkedSpace.h: (JSC::CollectorHeap::collectorBlock): (JSC::MarkedSpace::heap): (JSC::MarkedSpace::isMarked): (JSC::MarkedSpace::testAndSetMarked): (JSC::MarkedSpace::setMarked): (JSC::MarkedSpace::contains): Switched from CollectorBlock to MarkedBlock, and deleted dead CollectorBlock-related code. 2011-02-03 Patrick Gansterer Reviewed by Darin Adler. Avoid strlen() in AtomicString::fromUTF8 https://bugs.webkit.org/show_bug.cgi?id=50516 Add an overload to calculateStringHashFromUTF8 to get strlen() of the input data with only one call. This change shows about 3% performance win on the xml-parser benchmark. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * wtf/text/AtomicString.cpp: (WTF::AtomicString::fromUTF8): * wtf/unicode/UTF8.cpp: (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal): (WTF::Unicode::calculateStringHashFromUTF8): (WTF::Unicode::calculateStringHashAndLengthFromUTF8): * wtf/unicode/UTF8.h: 2011-02-02 Gavin Barraclough Windows build fix. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: 2011-02-02 Gavin Barraclough oops, build fix! * wtf/Assertions.cpp: 2011-02-02 Gavin Barraclough Reviewed by Sam Weinig. Bug 53650 - Add a BACKTRACE macro to Assertions.h Add a BACKTRACE macro to Assertions.h, which will print a backtrace on debug Mac builds, make CRASH (and thus ASSERT) automatically call this. * JavaScriptCore.exp: * wtf/Assertions.cpp: * wtf/Assertions.h: 2011-02-02 Michael Saboff Reviewed by Gavin Barraclough. Improper backtrack of nested non-capturing greedy paren to prior paren https://bugs.webkit.org/show_bug.cgi?id=53261 A paren that follows a non-capturing greedy paren nested within a non-capturing fixed paren was back tracking to the last paren processed instead of the immediately prior paren. Refactored default backtracking of parens to prior paren to work for both nested (within) and immediately prior (after) parens. * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::GenerationState::addParenthesesTail): (JSC::Yarr::YarrGenerator::TermGenerationState::TermGenerationState): (JSC::Yarr::YarrGenerator::TermGenerationState::setJumpListToPriorParen): (JSC::Yarr::YarrGenerator::TermGenerationState::getJumpListToPriorParen): (JSC::Yarr::YarrGenerator::ParenthesesTail::ParenthesesTail): (JSC::Yarr::YarrGenerator::ParenthesesTail::generateCode): (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction): (JSC::Yarr::YarrGenerator::generateParenthesesSingle): (JSC::Yarr::YarrGenerator::generateDisjunction): 2011-02-02 Jeff Miller Reviewed by Darin Adler and Steve Falkenburg. Add DerivedSources.make to some Visual Studio projects https://bugs.webkit.org/show_bug.cgi?id=53607 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj: Add DerivedSources.make. 2011-02-02 Steve Lacey Reviewed by Eric Carlson. Implement basic media statistics on media elements. https://bugs.webkit.org/show_bug.cgi?id=53322 * Configurations/FeatureDefines.xcconfig: 2011-02-02 Kevin Ollivier [wx] Build fixes for wxWebKit. * wtf/wx/StringWx.cpp: (WTF::String::String): 2011-02-01 Geoffrey Garen Reviewed by Sam Weinig. A little more Heap refactoring https://bugs.webkit.org/show_bug.cgi?id=53577 SunSpider reports no change. Split out MarkedBlock into its own file / class. Did the following renames: isCellMarked => isMarked checkMarkCell => testAndSetMarked markCell => setMarked cellOffset => cellNumber collectorBlock => blockFor * Android.mk: * CMakeLists.txt: * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/Heap.cpp: (JSC::WeakGCHandlePool::update): * runtime/Heap.h: (JSC::Heap::isMarked): (JSC::Heap::testAndSetMarked): (JSC::Heap::setMarked): * runtime/JSArray.h: (JSC::MarkStack::markChildren): (JSC::MarkStack::drain): * runtime/JSCell.h: (JSC::JSCell::MarkStack::internalAppend): * runtime/MarkedBlock.cpp: Added. * runtime/MarkedBlock.h: Added. (JSC::MarkedBlock::blockFor): (JSC::MarkedBlock::cellNumber): (JSC::MarkedBlock::isMarked): (JSC::MarkedBlock::testAndSetMarked): (JSC::MarkedBlock::setMarked): (JSC::MarkedBlock::isCellAligned): (JSC::MarkedBlock::isPossibleCell): * runtime/MarkedSpace.h: (JSC::MarkedSpace::isMarked): (JSC::MarkedSpace::testAndSetMarked): (JSC::MarkedSpace::setMarked): * runtime/SmallStrings.cpp: (JSC::isMarked): * runtime/WeakGCMap.h: (JSC::WeakGCMap::isValid): (JSC::::get): (JSC::::take): (JSC::::set): 2011-02-02 Sam Weinig Fix windows clean build. * DerivedSources.make: 2011-02-02 Alejandro G. Castro Reviewed by Martin Robinson. [GTK] Fix dist compilation https://bugs.webkit.org/show_bug.cgi?id=53579 * GNUmakefile.am: Added WriteBarrier.h to the sources, it was added in r77151 2011-02-01 Sheriff Bot Unreviewed, rolling out r77297. http://trac.webkit.org/changeset/77297 https://bugs.webkit.org/show_bug.cgi?id=53538 caused leopard crashes (Requested by paroga on #webkit). * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * wtf/text/AtomicString.cpp: (WTF::AtomicString::fromUTF8): * wtf/unicode/UTF8.cpp: (WTF::Unicode::calculateStringHashFromUTF8): * wtf/unicode/UTF8.h: 2011-02-01 Sam Weinig Fix Mac production builds. * JavaScriptCore.xcodeproj/project.pbxproj: 2011-02-01 Sam Weinig Try to fix the windows build. * DerivedSources.make: 2011-02-01 Patrick Gansterer Reviewed by Darin Adler. Avoid strlen() in AtomicString::fromUTF8 https://bugs.webkit.org/show_bug.cgi?id=50516 Add an overload to calculateStringHashFromUTF8 to get strlen() of the input data with only one call. This change shows about 3% performance win on the xml-parser benchmark. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * wtf/text/AtomicString.cpp: (WTF::AtomicString::fromUTF8): * wtf/unicode/UTF8.cpp: (WTF::Unicode::calculateStringHashAndLengthFromUTF8Internal): (WTF::Unicode::calculateStringHashFromUTF8): (WTF::Unicode::calculateStringHashAndLengthFromUTF8): * wtf/unicode/UTF8.h: 2011-02-01 Sam Weinig Reviewed by Beth Dakin. Part 2 for Adopt WKScrollbarPainterController Use header detection to define scrollbar painting controller #define. * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: 2011-02-01 Geoffrey Garen Reviewed by Oliver Hunt. Refactor JSGlobalObject-related tear-down https://bugs.webkit.org/show_bug.cgi?id=53478 While investigating crashes caused by r77082, I noticed some strange destructor-time behaviors. This patch makes them less strange. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::markAggregate): * bytecode/CodeBlock.h: (JSC::CodeBlock::globalObject): (JSC::GlobalCodeBlock::GlobalCodeBlock): (JSC::GlobalCodeBlock::~GlobalCodeBlock): Store the set of global code blocks on the Heap, instead of on independent global objects. The heap is guaranteed to outlast any GC-owned data structure. The heap is also a natural place to store objects that needs out-of-band marking, since the heap is responsible for marking all roots. * runtime/Heap.cpp: (JSC::Heap::markRoots): (JSC::Heap::globalObjectCount): (JSC::Heap::protectedGlobalObjectCount): * runtime/Heap.h: (JSC::Heap::codeBlocks): * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalData.h: * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::~JSGlobalObject): (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::markChildren): * runtime/JSGlobalObject.h: * runtime/MarkedSpace.cpp: Store the set of global objects in a weak map owned by JSGlobalData, instead of an instrusive circular linked list. This is simpler, and it avoids destructor-time access between garbage collected objects, which is hard to get right. (JSC::MarkedSpace::destroy): Make sure to clear mark bits before tearing everything down. Otherwise, weak data structures will incorrectly report that objects pending destruction are still alive. 2011-02-01 Geoffrey Garen Reviewed by Oliver Hunt. REGRESSION(77082): GC-related crashes seen: on WebKit2 bot; on GTK 32bit bot; loading trac pages; typing in search field https://bugs.webkit.org/show_bug.cgi?id=53519 The crashes were all caused by failure to run an object's destructor. * runtime/CollectorHeapIterator.h: (JSC::ObjectIterator::ObjectIterator): Don't skip forward upon construction. The iterator class used to do that when it was designed for prior-to-beginning initialization. I forgot to remove this line of code when I changed the iterator to normal initialization. Skipping forward upon construction was causing the heap to skip running the destructor for the very first object in a block when destroying the block. This usually did not crash, since block destruction is rare and most objects have pretty trivial destructors. However, in the rare case when the heap would destroy a block whose first object was a global object or a DOM node, BOOM. 2011-01-31 Oliver Hunt Reviewed by Geoffrey Garen. Update JSObject storage for new marking API https://bugs.webkit.org/show_bug.cgi?id=53467 JSObject no longer uses EncodedJSValue for its property storage. This produces a stream of mechanical changes to PropertySlot and anonymous storage APIs. * JavaScriptCore.exp: * runtime/ArrayPrototype.cpp: (JSC::ArrayPrototype::ArrayPrototype): * runtime/BooleanConstructor.cpp: (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanObject.cpp: (JSC::BooleanObject::BooleanObject): * runtime/BooleanObject.h: * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): * runtime/DatePrototype.cpp: (JSC::DatePrototype::DatePrototype): * runtime/JSActivation.cpp: (JSC::JSActivation::getOwnPropertySlot): * runtime/JSArray.cpp: (JSC::JSArray::getOwnPropertySlot): * runtime/JSFunction.cpp: (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::JSGlobalObject): * runtime/JSObject.cpp: (JSC::JSObject::fillGetterPropertySlot): * runtime/JSObject.h: (JSC::JSObject::getDirectLocation): (JSC::JSObject::offsetForLocation): (JSC::JSObject::putAnonymousValue): (JSC::JSObject::clearAnonymousValue): (JSC::JSObject::getAnonymousValue): (JSC::JSObject::putThisToAnonymousValue): (JSC::JSObject::locationForOffset): (JSC::JSObject::inlineGetOwnPropertySlot): * runtime/JSObjectWithGlobalObject.cpp: (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::JSWrapperObject): (JSC::JSWrapperObject::setInternalValue): * runtime/Lookup.cpp: (JSC::setUpStaticFunctionSlot): * runtime/NumberConstructor.cpp: (JSC::constructWithNumberConstructor): * runtime/NumberObject.cpp: (JSC::NumberObject::NumberObject): (JSC::constructNumber): * runtime/NumberObject.h: * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): * runtime/PropertySlot.h: (JSC::PropertySlot::getValue): (JSC::PropertySlot::setValue): (JSC::PropertySlot::setRegisterSlot): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): * runtime/WriteBarrier.h: (JSC::WriteBarrierBase::setWithoutWriteBarrier): 2011-02-01 Daniel Bates Reviewed by Antonio Gomes. Modify RandomNumberSeed.h to use USE(MERSENNE_TWISTER_19937) https://bugs.webkit.org/show_bug.cgi?id=53506 Currently, use of the Mersenne Twister pseudorandom number generator is hardcoded to the Windows CE port. With the passing of bug #53253, we can generalize support for this PRNG to all ports that use srand(3) and rand(3), including Windows CE. * wtf/RandomNumberSeed.h: (WTF::initializeRandomNumberGenerator): 2011-02-01 Dave Tapuska Reviewed by Gavin Barraclough. MacroAssemblerARM would generate code that did 32bit loads on addresses that were not aligned. More specifically it would generate a ldr r8,[r1, #7] which isn't valid on ARMv5 and lower. The intended instruction really is ldrb r8,[r1, #7]; ensure we call load8 instead of load32. https://bugs.webkit.org/show_bug.cgi?id=46095 * assembler/MacroAssemblerARM.h: (JSC::MacroAssemblerARM::set32Test32): (JSC::MacroAssemblerARM::set32Test8): 2011-02-01 Darin Fisher Reviewed by Eric Seidel. Fix some Visual Studio compiler warnings. https://bugs.webkit.org/show_bug.cgi?id=53476 * wtf/MathExtras.h: (clampToInteger): (clampToPositiveInteger): * wtf/ThreadingWin.cpp: (WTF::absoluteTimeToWaitTimeoutInterval): 2011-01-31 Oliver Hunt Reviewed by Sam Weinig. Bogus callframe during stack unwinding https://bugs.webkit.org/show_bug.cgi?id=53454 Trying to access a callframe's globalData after destroying its ScopeChain is not a good thing. While we could access the globalData directly through the (known valid) scopechain we're holding on to, it feels fragile. Instead we push the valid ScopeChain onto the callframe again to ensure that the callframe itself remains valid. * interpreter/Interpreter.cpp: (JSC::Interpreter::unwindCallFrame): 2011-01-31 Michael Saboff Reviewed by Geoffrey Garen. Potentially Unsafe HashSet of RuntimeObject* in RootObject definition https://bugs.webkit.org/show_bug.cgi?id=53271 Reapplying this change again. Changed isValid() to use .get() as a result of change r77151. Added new isValid() methods to check if a contained object in a WeakGCMap is valid when using an unchecked iterator. * runtime/WeakGCMap.h: (JSC::WeakGCMap::isValid): 2011-01-31 Oliver Hunt Convert markstack to a slot visitor API https://bugs.webkit.org/show_bug.cgi?id=53219 rolling r77098, r77099, r77100, r77109, and r77111 back in, along with a few more Qt fix attempts. * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren): (JSC::JSCallbackObject::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::::put): (JSC::::staticFunctionGetter): * API/JSObjectRef.cpp: (JSObjectMakeConstructor): (JSObjectSetPrivateProperty): * API/JSWeakObjectMapRefInternal.h: * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::markAggregate): * bytecode/CodeBlock.h: (JSC::CodeBlock::globalObject): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::findScopedProperty): * debugger/Debugger.cpp: (JSC::evaluateInGlobalCallFrame): * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): (JSC::DebuggerActivation::markChildren): * debugger/DebuggerActivation.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * interpreter/CallFrame.h: (JSC::ExecState::exception): * interpreter/Interpreter.cpp: (JSC::Interpreter::resolve): (JSC::Interpreter::resolveSkip): (JSC::Interpreter::resolveGlobal): (JSC::Interpreter::resolveGlobalDynamic): (JSC::Interpreter::resolveBaseAndProperty): (JSC::Interpreter::unwindCallFrame): (JSC::appendSourceToError): (JSC::Interpreter::execute): (JSC::Interpreter::tryCacheGetByID): (JSC::Interpreter::privateExecute): * jit/JITStubs.cpp: (JSC::JITThunks::tryCacheGetByID): (JSC::DEFINE_STUB_FUNCTION): * jsc.cpp: (GlobalObject::GlobalObject): * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/Arguments.cpp: (JSC::Arguments::markChildren): (JSC::Arguments::getOwnPropertySlot): (JSC::Arguments::getOwnPropertyDescriptor): (JSC::Arguments::put): * runtime/Arguments.h: (JSC::Arguments::setActivation): (JSC::Arguments::Arguments): * runtime/ArrayConstructor.cpp: (JSC::ArrayConstructor::ArrayConstructor): (JSC::constructArrayWithSizeQuirk): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): * runtime/BatchedTransitionOptimizer.h: (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer): * runtime/BooleanConstructor.cpp: (JSC::BooleanConstructor::BooleanConstructor): (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): * runtime/ConservativeSet.cpp: (JSC::ConservativeSet::grow): * runtime/ConservativeSet.h: (JSC::ConservativeSet::~ConservativeSet): (JSC::ConservativeSet::mark): * runtime/DateConstructor.cpp: (JSC::DateConstructor::DateConstructor): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): * runtime/DatePrototype.cpp: (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): * runtime/ErrorConstructor.cpp: (JSC::ErrorConstructor::ErrorConstructor): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::ErrorPrototype): * runtime/FunctionConstructor.cpp: (JSC::FunctionConstructor::FunctionConstructor): * runtime/FunctionPrototype.cpp: (JSC::FunctionPrototype::FunctionPrototype): * runtime/GetterSetter.cpp: (JSC::GetterSetter::markChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::GetterSetter): (JSC::GetterSetter::getter): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setter): (JSC::GetterSetter::setSetter): * runtime/GlobalEvalFunction.cpp: (JSC::GlobalEvalFunction::GlobalEvalFunction): (JSC::GlobalEvalFunction::markChildren): * runtime/GlobalEvalFunction.h: (JSC::GlobalEvalFunction::cachedGlobalObject): * runtime/Heap.cpp: (JSC::Heap::markProtectedObjects): (JSC::Heap::markTempSortVectors): (JSC::Heap::markRoots): * runtime/InternalFunction.cpp: (JSC::InternalFunction::InternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::value): (JSC::JSAPIValueWrapper::JSAPIValueWrapper): * runtime/JSActivation.cpp: (JSC::JSActivation::markChildren): (JSC::JSActivation::put): * runtime/JSArray.cpp: (JSC::JSArray::JSArray): (JSC::JSArray::getOwnPropertySlot): (JSC::JSArray::getOwnPropertyDescriptor): (JSC::JSArray::put): (JSC::JSArray::putSlowCase): (JSC::JSArray::deleteProperty): (JSC::JSArray::increaseVectorLength): (JSC::JSArray::setLength): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::unshiftCount): (JSC::JSArray::sort): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToRegisters): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSC::JSArray::getIndex): (JSC::JSArray::setIndex): (JSC::JSArray::uncheckedSetIndex): (JSC::JSArray::markChildrenDirect): * runtime/JSByteArray.cpp: (JSC::JSByteArray::JSByteArray): * runtime/JSCell.h: (JSC::JSCell::MarkStack::append): (JSC::JSCell::MarkStack::internalAppend): (JSC::JSCell::MarkStack::deprecatedAppend): * runtime/JSFunction.cpp: (JSC::JSFunction::JSFunction): (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalData.h: * runtime/JSGlobalObject.cpp: (JSC::markIfNeeded): (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::resetPrototype): (JSC::JSGlobalObject::markChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): (JSC::JSGlobalObject::regExpConstructor): (JSC::JSGlobalObject::errorConstructor): (JSC::JSGlobalObject::evalErrorConstructor): (JSC::JSGlobalObject::rangeErrorConstructor): (JSC::JSGlobalObject::referenceErrorConstructor): (JSC::JSGlobalObject::syntaxErrorConstructor): (JSC::JSGlobalObject::typeErrorConstructor): (JSC::JSGlobalObject::URIErrorConstructor): (JSC::JSGlobalObject::evalFunction): (JSC::JSGlobalObject::objectPrototype): (JSC::JSGlobalObject::functionPrototype): (JSC::JSGlobalObject::arrayPrototype): (JSC::JSGlobalObject::booleanPrototype): (JSC::JSGlobalObject::stringPrototype): (JSC::JSGlobalObject::numberPrototype): (JSC::JSGlobalObject::datePrototype): (JSC::JSGlobalObject::regExpPrototype): (JSC::JSGlobalObject::methodCallDummy): (JSC::Structure::prototypeForLookup): (JSC::constructArray): * runtime/JSONObject.cpp: (JSC::Stringifier::Holder::object): (JSC::Stringifier::Holder::objectSlot): (JSC::Stringifier::markAggregate): (JSC::Stringifier::stringify): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::callReviver): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::JSObject::defineGetter): (JSC::JSObject::defineSetter): (JSC::JSObject::removeDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::putDescriptor): (JSC::JSObject::defineOwnProperty): * runtime/JSObject.h: (JSC::JSObject::getDirectOffset): (JSC::JSObject::putDirectOffset): (JSC::JSObject::putUndefinedAtDirectOffset): (JSC::JSObject::flattenDictionaryObject): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectWithoutTransition): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::JSValue::putDirect): (JSC::JSObject::allocatePropertyStorageInline): (JSC::JSObject::markChildrenDirect): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::JSPropertyNameIterator): (JSC::JSPropertyNameIterator::get): * runtime/JSPropertyNameIterator.h: * runtime/JSStaticScopeObject.cpp: (JSC::JSStaticScopeObject::markChildren): * runtime/JSString.cpp: (JSC::StringObject::create): * runtime/JSValue.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::markChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::internalValue): (JSC::JSWrapperObject::setInternalValue): * runtime/LiteralParser.cpp: (JSC::LiteralParser::parse): * runtime/Lookup.cpp: (JSC::setUpStaticFunctionSlot): * runtime/Lookup.h: (JSC::lookupPut): * runtime/MarkStack.h: (JSC::MarkStack::MarkStack): (JSC::MarkStack::deprecatedAppendValues): (JSC::MarkStack::appendValues): * runtime/MathObject.cpp: (JSC::MathObject::MathObject): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::NativeErrorConstructor): * runtime/NativeErrorPrototype.cpp: (JSC::NativeErrorPrototype::NativeErrorPrototype): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::NumberConstructor): (JSC::constructWithNumberConstructor): * runtime/NumberObject.cpp: (JSC::constructNumber): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): * runtime/ObjectConstructor.cpp: (JSC::ObjectConstructor::ObjectConstructor): (JSC::objectConstructorGetOwnPropertyDescriptor): * runtime/Operations.h: (JSC::normalizePrototypeChain): (JSC::resolveBase): * runtime/PrototypeFunction.cpp: (JSC::PrototypeFunction::PrototypeFunction): * runtime/PutPropertySlot.h: (JSC::PutPropertySlot::setExistingProperty): (JSC::PutPropertySlot::setNewProperty): (JSC::PutPropertySlot::base): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::RegExpConstructor): * runtime/ScopeChain.cpp: (JSC::ScopeChainNode::print): * runtime/ScopeChain.h: (JSC::ScopeChainNode::~ScopeChainNode): (JSC::ScopeChainIterator::operator*): (JSC::ScopeChainIterator::operator->): (JSC::ScopeChain::top): * runtime/ScopeChainMark.h: (JSC::ScopeChain::markAggregate): * runtime/SmallStrings.cpp: (JSC::isMarked): (JSC::SmallStrings::markChildren): * runtime/SmallStrings.h: (JSC::SmallStrings::emptyString): (JSC::SmallStrings::singleCharacterString): (JSC::SmallStrings::singleCharacterStrings): * runtime/StringConstructor.cpp: (JSC::StringConstructor::StringConstructor): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): * runtime/StringObject.h: * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::addPropertyTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::flattenDictionaryStructure): * runtime/Structure.h: (JSC::Structure::storedPrototype): (JSC::Structure::storedPrototypeSlot): * runtime/WeakGCMap.h: (JSC::WeakGCMap::uncheckedGet): (JSC::WeakGCMap::uncheckedGetSlot): (JSC::::get): (JSC::::take): (JSC::::set): (JSC::::uncheckedRemove): * runtime/WriteBarrier.h: Added. (JSC::DeprecatedPtr::DeprecatedPtr): (JSC::DeprecatedPtr::get): (JSC::DeprecatedPtr::operator*): (JSC::DeprecatedPtr::operator->): (JSC::DeprecatedPtr::slot): (JSC::DeprecatedPtr::operator UnspecifiedBoolType*): (JSC::DeprecatedPtr::operator!): (JSC::WriteBarrierBase::set): (JSC::WriteBarrierBase::get): (JSC::WriteBarrierBase::operator*): (JSC::WriteBarrierBase::operator->): (JSC::WriteBarrierBase::clear): (JSC::WriteBarrierBase::slot): (JSC::WriteBarrierBase::operator UnspecifiedBoolType*): (JSC::WriteBarrierBase::operator!): (JSC::WriteBarrier::WriteBarrier): (JSC::operator==): 2011-01-31 Dan Winship Reviewed by Gustavo Noronha Silva. wss (websockets ssl) support for gtk via new gio TLS support https://bugs.webkit.org/show_bug.cgi?id=50344 Add a GPollableOutputStream typedef for TLS WebSockets support * wtf/gobject/GTypedefs.h: 2011-01-31 Gavin Barraclough Reviewed by Geoff Garen. https://bugs.webkit.org/show_bug.cgi?id=53352 Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH(). The FixedVMPoolAllocator currently uses a best fix policy - switch to first fit, this is less prone to external fragmentation. * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::AllocationTableSizeClass::AllocationTableSizeClass): (JSC::AllocationTableSizeClass::blockSize): (JSC::AllocationTableSizeClass::blockCount): (JSC::AllocationTableSizeClass::blockAlignment): (JSC::AllocationTableSizeClass::size): (JSC::AllocationTableLeaf::AllocationTableLeaf): (JSC::AllocationTableLeaf::~AllocationTableLeaf): (JSC::AllocationTableLeaf::allocate): (JSC::AllocationTableLeaf::free): (JSC::AllocationTableLeaf::isEmpty): (JSC::AllocationTableLeaf::isFull): (JSC::AllocationTableLeaf::size): (JSC::AllocationTableLeaf::classForSize): (JSC::AllocationTableLeaf::dump): (JSC::LazyAllocationTable::LazyAllocationTable): (JSC::LazyAllocationTable::~LazyAllocationTable): (JSC::LazyAllocationTable::allocate): (JSC::LazyAllocationTable::free): (JSC::LazyAllocationTable::isEmpty): (JSC::LazyAllocationTable::isFull): (JSC::LazyAllocationTable::size): (JSC::LazyAllocationTable::dump): (JSC::LazyAllocationTable::classForSize): (JSC::AllocationTableDirectory::AllocationTableDirectory): (JSC::AllocationTableDirectory::~AllocationTableDirectory): (JSC::AllocationTableDirectory::allocate): (JSC::AllocationTableDirectory::free): (JSC::AllocationTableDirectory::isEmpty): (JSC::AllocationTableDirectory::isFull): (JSC::AllocationTableDirectory::size): (JSC::AllocationTableDirectory::classForSize): (JSC::AllocationTableDirectory::dump): (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator): (JSC::FixedVMPoolAllocator::alloc): (JSC::FixedVMPoolAllocator::free): (JSC::FixedVMPoolAllocator::allocated): (JSC::FixedVMPoolAllocator::isValid): (JSC::FixedVMPoolAllocator::classForSize): (JSC::FixedVMPoolAllocator::offsetToPointer): (JSC::FixedVMPoolAllocator::pointerToOffset): (JSC::ExecutableAllocator::committedByteCount): (JSC::ExecutableAllocator::isValid): (JSC::ExecutableAllocator::underMemoryPressure): (JSC::ExecutablePool::systemAlloc): (JSC::ExecutablePool::systemRelease): * wtf/PageReservation.h: (WTF::PageReservation::PageReservation): (WTF::PageReservation::commit): (WTF::PageReservation::decommit): (WTF::PageReservation::committed): 2011-01-31 Sheriff Bot Unreviewed, rolling out r76969. http://trac.webkit.org/changeset/76969 https://bugs.webkit.org/show_bug.cgi?id=53418 "It is causing crashes in GTK+ and Leopard bots" (Requested by alexg__ on #webkit). * runtime/WeakGCMap.h: 2011-01-30 Csaba Osztrogonác Unreviewed, rolling out r77098, r77099, r77100, r77109, and r77111. http://trac.webkit.org/changeset/77098 http://trac.webkit.org/changeset/77099 http://trac.webkit.org/changeset/77100 http://trac.webkit.org/changeset/77109 http://trac.webkit.org/changeset/77111 https://bugs.webkit.org/show_bug.cgi?id=53219 Qt build is broken * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren): (JSC::JSCallbackObject::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::::put): (JSC::::staticFunctionGetter): * API/JSObjectRef.cpp: (JSObjectMakeConstructor): (JSObjectSetPrivateProperty): * API/JSWeakObjectMapRefInternal.h: * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::markAggregate): * bytecode/CodeBlock.h: (JSC::CodeBlock::globalObject): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::findScopedProperty): * debugger/Debugger.cpp: (JSC::evaluateInGlobalCallFrame): * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): (JSC::DebuggerActivation::markChildren): * debugger/DebuggerActivation.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * interpreter/CallFrame.h: (JSC::ExecState::exception): * interpreter/Interpreter.cpp: (JSC::Interpreter::resolve): (JSC::Interpreter::resolveSkip): (JSC::Interpreter::resolveGlobal): (JSC::Interpreter::resolveGlobalDynamic): (JSC::Interpreter::resolveBaseAndProperty): (JSC::Interpreter::unwindCallFrame): (JSC::appendSourceToError): (JSC::Interpreter::execute): (JSC::Interpreter::tryCacheGetByID): (JSC::Interpreter::privateExecute): * jit/JITStubs.cpp: (JSC::JITThunks::tryCacheGetByID): (JSC::DEFINE_STUB_FUNCTION): * jsc.cpp: (GlobalObject::GlobalObject): * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/Arguments.cpp: (JSC::Arguments::markChildren): (JSC::Arguments::getOwnPropertySlot): (JSC::Arguments::getOwnPropertyDescriptor): (JSC::Arguments::put): * runtime/Arguments.h: (JSC::Arguments::setActivation): (JSC::Arguments::Arguments): * runtime/ArrayConstructor.cpp: (JSC::ArrayConstructor::ArrayConstructor): (JSC::constructArrayWithSizeQuirk): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): * runtime/BatchedTransitionOptimizer.h: (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer): * runtime/BooleanConstructor.cpp: (JSC::BooleanConstructor::BooleanConstructor): (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): * runtime/ConservativeSet.cpp: (JSC::ConservativeSet::grow): * runtime/ConservativeSet.h: (JSC::ConservativeSet::~ConservativeSet): (JSC::ConservativeSet::mark): * runtime/DateConstructor.cpp: (JSC::DateConstructor::DateConstructor): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): * runtime/DatePrototype.cpp: (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): * runtime/ErrorConstructor.cpp: (JSC::ErrorConstructor::ErrorConstructor): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::ErrorPrototype): * runtime/FunctionConstructor.cpp: (JSC::FunctionConstructor::FunctionConstructor): * runtime/FunctionPrototype.cpp: (JSC::FunctionPrototype::FunctionPrototype): * runtime/GetterSetter.cpp: (JSC::GetterSetter::markChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::GetterSetter): (JSC::GetterSetter::getter): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setter): (JSC::GetterSetter::setSetter): * runtime/GlobalEvalFunction.cpp: (JSC::GlobalEvalFunction::GlobalEvalFunction): (JSC::GlobalEvalFunction::markChildren): * runtime/GlobalEvalFunction.h: (JSC::GlobalEvalFunction::cachedGlobalObject): * runtime/Heap.cpp: (JSC::Heap::markProtectedObjects): (JSC::Heap::markTempSortVectors): (JSC::Heap::markRoots): * runtime/InternalFunction.cpp: (JSC::InternalFunction::InternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::value): (JSC::JSAPIValueWrapper::JSAPIValueWrapper): * runtime/JSActivation.cpp: (JSC::JSActivation::markChildren): (JSC::JSActivation::put): * runtime/JSArray.cpp: (JSC::JSArray::JSArray): (JSC::JSArray::getOwnPropertySlot): (JSC::JSArray::getOwnPropertyDescriptor): (JSC::JSArray::put): (JSC::JSArray::putSlowCase): (JSC::JSArray::deleteProperty): (JSC::JSArray::increaseVectorLength): (JSC::JSArray::setLength): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::unshiftCount): (JSC::JSArray::sort): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToRegisters): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSC::JSArray::getIndex): (JSC::JSArray::setIndex): (JSC::JSArray::uncheckedSetIndex): (JSC::JSArray::markChildrenDirect): * runtime/JSByteArray.cpp: (JSC::JSByteArray::JSByteArray): * runtime/JSCell.h: (JSC::JSCell::JSValue::toThisObject): (JSC::JSCell::MarkStack::append): * runtime/JSFunction.cpp: (JSC::JSFunction::JSFunction): (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalData.h: * runtime/JSGlobalObject.cpp: (JSC::markIfNeeded): (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::resetPrototype): (JSC::JSGlobalObject::markChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): (JSC::JSGlobalObject::regExpConstructor): (JSC::JSGlobalObject::errorConstructor): (JSC::JSGlobalObject::evalErrorConstructor): (JSC::JSGlobalObject::rangeErrorConstructor): (JSC::JSGlobalObject::referenceErrorConstructor): (JSC::JSGlobalObject::syntaxErrorConstructor): (JSC::JSGlobalObject::typeErrorConstructor): (JSC::JSGlobalObject::URIErrorConstructor): (JSC::JSGlobalObject::evalFunction): (JSC::JSGlobalObject::objectPrototype): (JSC::JSGlobalObject::functionPrototype): (JSC::JSGlobalObject::arrayPrototype): (JSC::JSGlobalObject::booleanPrototype): (JSC::JSGlobalObject::stringPrototype): (JSC::JSGlobalObject::numberPrototype): (JSC::JSGlobalObject::datePrototype): (JSC::JSGlobalObject::regExpPrototype): (JSC::JSGlobalObject::methodCallDummy): (JSC::Structure::prototypeForLookup): (JSC::constructArray): * runtime/JSONObject.cpp: (JSC::Stringifier::Holder::object): (JSC::Stringifier::markAggregate): (JSC::Stringifier::stringify): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::callReviver): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::JSObject::defineGetter): (JSC::JSObject::defineSetter): (JSC::JSObject::removeDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::putDescriptor): (JSC::JSObject::defineOwnProperty): * runtime/JSObject.h: (JSC::JSObject::getDirectOffset): (JSC::JSObject::putDirectOffset): (JSC::JSObject::flattenDictionaryObject): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectWithoutTransition): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::JSValue::putDirect): (JSC::JSObject::allocatePropertyStorageInline): (JSC::JSObject::markChildrenDirect): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::JSPropertyNameIterator): (JSC::JSPropertyNameIterator::get): * runtime/JSPropertyNameIterator.h: * runtime/JSStaticScopeObject.cpp: (JSC::JSStaticScopeObject::markChildren): * runtime/JSString.cpp: (JSC::StringObject::create): * runtime/JSValue.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::markChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::internalValue): (JSC::JSWrapperObject::setInternalValue): * runtime/LiteralParser.cpp: (JSC::LiteralParser::parse): * runtime/Lookup.cpp: (JSC::setUpStaticFunctionSlot): * runtime/Lookup.h: (JSC::lookupPut): * runtime/MarkStack.h: (JSC::MarkStack::appendValues): * runtime/MathObject.cpp: (JSC::MathObject::MathObject): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::NativeErrorConstructor): * runtime/NativeErrorPrototype.cpp: (JSC::NativeErrorPrototype::NativeErrorPrototype): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::NumberConstructor): (JSC::constructWithNumberConstructor): * runtime/NumberObject.cpp: (JSC::constructNumber): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): * runtime/ObjectConstructor.cpp: (JSC::ObjectConstructor::ObjectConstructor): (JSC::objectConstructorGetOwnPropertyDescriptor): * runtime/Operations.h: (JSC::normalizePrototypeChain): (JSC::resolveBase): * runtime/PrototypeFunction.cpp: (JSC::PrototypeFunction::PrototypeFunction): * runtime/PutPropertySlot.h: (JSC::PutPropertySlot::setExistingProperty): (JSC::PutPropertySlot::setNewProperty): (JSC::PutPropertySlot::base): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::RegExpConstructor): * runtime/ScopeChain.cpp: (JSC::ScopeChainNode::print): * runtime/ScopeChain.h: (JSC::ScopeChainNode::~ScopeChainNode): (JSC::ScopeChainIterator::operator*): (JSC::ScopeChainIterator::operator->): (JSC::ScopeChain::top): * runtime/ScopeChainMark.h: (JSC::ScopeChain::markAggregate): * runtime/SmallStrings.cpp: (JSC::isMarked): (JSC::SmallStrings::markChildren): * runtime/SmallStrings.h: (JSC::SmallStrings::emptyString): (JSC::SmallStrings::singleCharacterString): (JSC::SmallStrings::singleCharacterStrings): * runtime/StringConstructor.cpp: (JSC::StringConstructor::StringConstructor): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): * runtime/StringObject.h: * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::addPropertyTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::flattenDictionaryStructure): * runtime/Structure.h: (JSC::Structure::storedPrototype): * runtime/WeakGCMap.h: (JSC::WeakGCMap::uncheckedGet): (JSC::WeakGCMap::isValid): (JSC::::get): (JSC::::take): (JSC::::set): (JSC::::uncheckedRemove): * runtime/WriteBarrier.h: Removed. 2011-01-30 Simon Fraser Build fix the build fix. I assume Oliver meant m_cell, not m_value. * runtime/WriteBarrier.h: (JSC::WriteBarrierBase::clear): 2011-01-30 Oliver Hunt More Qt build fixes * runtime/WriteBarrier.h: (JSC::WriteBarrierBase::clear): 2011-01-30 Oliver Hunt Convert markstack to a slot visitor API https://bugs.webkit.org/show_bug.cgi?id=53219 rolling r77006 and r77020 back in. * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren): (JSC::JSCallbackObject::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::::put): (JSC::::staticFunctionGetter): * API/JSObjectRef.cpp: (JSObjectMakeConstructor): (JSObjectSetPrivateProperty): * API/JSWeakObjectMapRefInternal.h: * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::markAggregate): * bytecode/CodeBlock.h: (JSC::CodeBlock::globalObject): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::findScopedProperty): * debugger/Debugger.cpp: (JSC::evaluateInGlobalCallFrame): * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): (JSC::DebuggerActivation::markChildren): * debugger/DebuggerActivation.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * interpreter/CallFrame.h: (JSC::ExecState::exception): * interpreter/Interpreter.cpp: (JSC::Interpreter::resolve): (JSC::Interpreter::resolveSkip): (JSC::Interpreter::resolveGlobal): (JSC::Interpreter::resolveGlobalDynamic): (JSC::Interpreter::resolveBaseAndProperty): (JSC::Interpreter::unwindCallFrame): (JSC::appendSourceToError): (JSC::Interpreter::execute): (JSC::Interpreter::tryCacheGetByID): (JSC::Interpreter::privateExecute): * jit/JITStubs.cpp: (JSC::JITThunks::tryCacheGetByID): (JSC::DEFINE_STUB_FUNCTION): * jsc.cpp: (GlobalObject::GlobalObject): * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/Arguments.cpp: (JSC::Arguments::markChildren): (JSC::Arguments::getOwnPropertySlot): (JSC::Arguments::getOwnPropertyDescriptor): (JSC::Arguments::put): * runtime/Arguments.h: (JSC::Arguments::setActivation): (JSC::Arguments::Arguments): * runtime/ArrayConstructor.cpp: (JSC::ArrayConstructor::ArrayConstructor): (JSC::constructArrayWithSizeQuirk): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): * runtime/BatchedTransitionOptimizer.h: (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer): * runtime/BooleanConstructor.cpp: (JSC::BooleanConstructor::BooleanConstructor): (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): * runtime/ConservativeSet.cpp: (JSC::ConservativeSet::grow): * runtime/ConservativeSet.h: (JSC::ConservativeSet::~ConservativeSet): (JSC::ConservativeSet::mark): * runtime/DateConstructor.cpp: (JSC::DateConstructor::DateConstructor): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): * runtime/DatePrototype.cpp: (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): * runtime/ErrorConstructor.cpp: (JSC::ErrorConstructor::ErrorConstructor): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::ErrorPrototype): * runtime/FunctionConstructor.cpp: (JSC::FunctionConstructor::FunctionConstructor): * runtime/FunctionPrototype.cpp: (JSC::FunctionPrototype::FunctionPrototype): * runtime/GetterSetter.cpp: (JSC::GetterSetter::markChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::GetterSetter): (JSC::GetterSetter::getter): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setter): (JSC::GetterSetter::setSetter): * runtime/GlobalEvalFunction.cpp: (JSC::GlobalEvalFunction::GlobalEvalFunction): (JSC::GlobalEvalFunction::markChildren): * runtime/GlobalEvalFunction.h: (JSC::GlobalEvalFunction::cachedGlobalObject): * runtime/Heap.cpp: (JSC::Heap::markProtectedObjects): (JSC::Heap::markTempSortVectors): (JSC::Heap::markRoots): * runtime/InternalFunction.cpp: (JSC::InternalFunction::InternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::value): (JSC::JSAPIValueWrapper::JSAPIValueWrapper): * runtime/JSActivation.cpp: (JSC::JSActivation::markChildren): (JSC::JSActivation::put): * runtime/JSArray.cpp: (JSC::JSArray::JSArray): (JSC::JSArray::getOwnPropertySlot): (JSC::JSArray::getOwnPropertyDescriptor): (JSC::JSArray::put): (JSC::JSArray::putSlowCase): (JSC::JSArray::deleteProperty): (JSC::JSArray::increaseVectorLength): (JSC::JSArray::setLength): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::unshiftCount): (JSC::JSArray::sort): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToRegisters): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSC::JSArray::getIndex): (JSC::JSArray::setIndex): (JSC::JSArray::uncheckedSetIndex): (JSC::JSArray::markChildrenDirect): * runtime/JSByteArray.cpp: (JSC::JSByteArray::JSByteArray): * runtime/JSCell.h: (JSC::JSCell::MarkStack::append): (JSC::JSCell::MarkStack::internalAppend): (JSC::JSCell::MarkStack::deprecatedAppend): * runtime/JSFunction.cpp: (JSC::JSFunction::JSFunction): (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalData.h: * runtime/JSGlobalObject.cpp: (JSC::markIfNeeded): (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::resetPrototype): (JSC::JSGlobalObject::markChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): (JSC::JSGlobalObject::regExpConstructor): (JSC::JSGlobalObject::errorConstructor): (JSC::JSGlobalObject::evalErrorConstructor): (JSC::JSGlobalObject::rangeErrorConstructor): (JSC::JSGlobalObject::referenceErrorConstructor): (JSC::JSGlobalObject::syntaxErrorConstructor): (JSC::JSGlobalObject::typeErrorConstructor): (JSC::JSGlobalObject::URIErrorConstructor): (JSC::JSGlobalObject::evalFunction): (JSC::JSGlobalObject::objectPrototype): (JSC::JSGlobalObject::functionPrototype): (JSC::JSGlobalObject::arrayPrototype): (JSC::JSGlobalObject::booleanPrototype): (JSC::JSGlobalObject::stringPrototype): (JSC::JSGlobalObject::numberPrototype): (JSC::JSGlobalObject::datePrototype): (JSC::JSGlobalObject::regExpPrototype): (JSC::JSGlobalObject::methodCallDummy): (JSC::Structure::prototypeForLookup): (JSC::constructArray): * runtime/JSONObject.cpp: (JSC::Stringifier::Holder::object): (JSC::Stringifier::Holder::objectSlot): (JSC::Stringifier::markAggregate): (JSC::Stringifier::stringify): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::callReviver): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::JSObject::defineGetter): (JSC::JSObject::defineSetter): (JSC::JSObject::removeDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::putDescriptor): (JSC::JSObject::defineOwnProperty): * runtime/JSObject.h: (JSC::JSObject::getDirectOffset): (JSC::JSObject::putDirectOffset): (JSC::JSObject::putUndefinedAtDirectOffset): (JSC::JSObject::flattenDictionaryObject): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectWithoutTransition): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::JSValue::putDirect): (JSC::JSObject::allocatePropertyStorageInline): (JSC::JSObject::markChildrenDirect): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::JSPropertyNameIterator): (JSC::JSPropertyNameIterator::get): * runtime/JSPropertyNameIterator.h: * runtime/JSStaticScopeObject.cpp: (JSC::JSStaticScopeObject::markChildren): * runtime/JSString.cpp: (JSC::StringObject::create): * runtime/JSValue.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::markChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::internalValue): (JSC::JSWrapperObject::setInternalValue): * runtime/LiteralParser.cpp: (JSC::LiteralParser::parse): * runtime/Lookup.cpp: (JSC::setUpStaticFunctionSlot): * runtime/Lookup.h: (JSC::lookupPut): * runtime/MarkStack.h: (JSC::MarkStack::MarkStack): (JSC::MarkStack::deprecatedAppendValues): (JSC::MarkStack::appendValues): * runtime/MathObject.cpp: (JSC::MathObject::MathObject): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::NativeErrorConstructor): * runtime/NativeErrorPrototype.cpp: (JSC::NativeErrorPrototype::NativeErrorPrototype): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::NumberConstructor): (JSC::constructWithNumberConstructor): * runtime/NumberObject.cpp: (JSC::constructNumber): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): * runtime/ObjectConstructor.cpp: (JSC::ObjectConstructor::ObjectConstructor): (JSC::objectConstructorGetOwnPropertyDescriptor): * runtime/Operations.h: (JSC::normalizePrototypeChain): (JSC::resolveBase): * runtime/PrototypeFunction.cpp: (JSC::PrototypeFunction::PrototypeFunction): * runtime/PutPropertySlot.h: (JSC::PutPropertySlot::setExistingProperty): (JSC::PutPropertySlot::setNewProperty): (JSC::PutPropertySlot::base): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::RegExpConstructor): * runtime/ScopeChain.cpp: (JSC::ScopeChainNode::print): * runtime/ScopeChain.h: (JSC::ScopeChainNode::~ScopeChainNode): (JSC::ScopeChainIterator::operator*): (JSC::ScopeChainIterator::operator->): (JSC::ScopeChain::top): * runtime/ScopeChainMark.h: (JSC::ScopeChain::markAggregate): * runtime/SmallStrings.cpp: (JSC::isMarked): (JSC::SmallStrings::markChildren): * runtime/SmallStrings.h: (JSC::SmallStrings::emptyString): (JSC::SmallStrings::singleCharacterString): (JSC::SmallStrings::singleCharacterStrings): * runtime/StringConstructor.cpp: (JSC::StringConstructor::StringConstructor): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): * runtime/StringObject.h: * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::addPropertyTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::flattenDictionaryStructure): * runtime/Structure.h: (JSC::Structure::storedPrototype): (JSC::Structure::storedPrototypeSlot): * runtime/WeakGCMap.h: (JSC::WeakGCMap::uncheckedGet): (JSC::WeakGCMap::uncheckedGetSlot): (JSC::WeakGCMap::isValid): (JSC::::get): (JSC::::take): (JSC::::set): (JSC::::uncheckedRemove): * runtime/WriteBarrier.h: Added. (JSC::DeprecatedPtr::DeprecatedPtr): (JSC::DeprecatedPtr::get): (JSC::DeprecatedPtr::operator*): (JSC::DeprecatedPtr::operator->): (JSC::DeprecatedPtr::slot): (JSC::DeprecatedPtr::operator UnspecifiedBoolType*): (JSC::DeprecatedPtr::operator!): (JSC::WriteBarrierBase::set): (JSC::WriteBarrierBase::get): (JSC::WriteBarrierBase::operator*): (JSC::WriteBarrierBase::operator->): (JSC::WriteBarrierBase::slot): (JSC::WriteBarrierBase::operator UnspecifiedBoolType*): (JSC::WriteBarrierBase::operator!): (JSC::WriteBarrier::WriteBarrier): (JSC::operator==): 2011-01-30 Geoffrey Garen Reviewed by Oliver Hunt. Filter all Heap collection through a common reset function, in preparation for adding features triggered by collection. https://bugs.webkit.org/show_bug.cgi?id=53396 SunSpider reports no change. * runtime/Heap.cpp: (JSC::Heap::reportExtraMemoryCostSlowCase): When we're over the extraCost limit, just call collectAllGarbage() instead of rolling our own special way of resetting the heap. In theory, this may be slower in some cases, but it also fixes cases of pathological heap growth that we've seen, where the only objects being allocated are temporary and huge (). (JSC::Heap::allocate): (JSC::Heap::collectAllGarbage): Use the shared reset function. (JSC::Heap::reset): * runtime/Heap.h: Carved a new shared reset function out of the old collectAllGarbage. 2011-01-30 Sheriff Bot Unreviewed, rolling out r77025. http://trac.webkit.org/changeset/77025 https://bugs.webkit.org/show_bug.cgi?id=53401 It made js1_5/Regress/regress-159334.js fail on 64 bit Linux (Requested by Ossy on #webkit). * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::FreeListEntry::FreeListEntry): (JSC::AVLTreeAbstractorForFreeList::get_less): (JSC::AVLTreeAbstractorForFreeList::set_less): (JSC::AVLTreeAbstractorForFreeList::get_greater): (JSC::AVLTreeAbstractorForFreeList::set_greater): (JSC::AVLTreeAbstractorForFreeList::get_balance_factor): (JSC::AVLTreeAbstractorForFreeList::set_balance_factor): (JSC::AVLTreeAbstractorForFreeList::null): (JSC::AVLTreeAbstractorForFreeList::compare_key_key): (JSC::AVLTreeAbstractorForFreeList::compare_key_node): (JSC::AVLTreeAbstractorForFreeList::compare_node_node): (JSC::reverseSortFreeListEntriesByPointer): (JSC::reverseSortCommonSizedAllocations): (JSC::FixedVMPoolAllocator::release): (JSC::FixedVMPoolAllocator::reuse): (JSC::FixedVMPoolAllocator::addToFreeList): (JSC::FixedVMPoolAllocator::coalesceFreeSpace): (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator): (JSC::FixedVMPoolAllocator::alloc): (JSC::FixedVMPoolAllocator::free): (JSC::FixedVMPoolAllocator::isValid): (JSC::FixedVMPoolAllocator::allocInternal): (JSC::FixedVMPoolAllocator::isWithinVMPool): (JSC::FixedVMPoolAllocator::addToCommittedByteCount): (JSC::ExecutableAllocator::committedByteCount): (JSC::maybeModifyVMPoolSize): (JSC::ExecutableAllocator::isValid): (JSC::ExecutableAllocator::underMemoryPressure): (JSC::ExecutablePool::systemAlloc): (JSC::ExecutablePool::systemRelease): * wtf/PageReservation.h: (WTF::PageReservation::PageReservation): (WTF::PageReservation::commit): (WTF::PageReservation::decommit): 2011-01-30 Leo Yang Reviewed by Daniel Bates. Code style issue in JavaScriptCore/wtf/CurrentTime.h https://bugs.webkit.org/show_bug.cgi?id=53394 According to rule #3 at http://webkit.org/coding/coding-style.html, This patch fix style issue in CurrentTime.h. No functionality change, no new tests. * wtf/CurrentTime.h: (WTF::currentTimeMS): (WTF::getLocalTime): 2011-01-30 Benjamin Poulain Reviewed by Kenneth Rohde Christiansen. [Qt] JavaScriptCore does not link on Mac if building WebKit 2 https://bugs.webkit.org/show_bug.cgi?id=53377 The option "-whole-archive" is not availabe with the libtool of Mac OS X, instead, we can use "-all_load" on Mac. * JavaScriptCore.pri: 2011-01-29 Geoffrey Garen Sorry Leopard bot -- I committed a change by accident. * JavaScriptCore.exp: You may have your symbols back now. 2011-01-29 Geoffrey Garen Reviewed by Cameron Zwarich. Simplified Heap iteration https://bugs.webkit.org/show_bug.cgi?id=53393 * runtime/CollectorHeapIterator.h: (JSC::CollectorHeapIterator::isValid): (JSC::CollectorHeapIterator::isLive): (JSC::CollectorHeapIterator::advance): Removed "max" argument to advance because it's a constant. (JSC::LiveObjectIterator::LiveObjectIterator): (JSC::LiveObjectIterator::operator++): (JSC::DeadObjectIterator::DeadObjectIterator): (JSC::DeadObjectIterator::operator++): (JSC::ObjectIterator::ObjectIterator): (JSC::ObjectIterator::operator++): Factored out common checks into two helper functions -- isValid() for "Am I past the end?" and isLive() for "Is the cell I'm pointing to live?". * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::freeBlock): (JSC::MarkedSpace::sweep): Always sweep from the beginning of the heap to the end, to avoid making sweep subtly reliant on internal Heap state. (JSC::MarkedSpace::primaryHeapBegin): (JSC::MarkedSpace::primaryHeapEnd): Always be explicit about where iteration begins. 2011-01-29 Geoffrey Garen Reviewed by Cameron Zwarich. Simplified heap destruction https://bugs.webkit.org/show_bug.cgi?id=53392 * JavaScriptCore.exp: * runtime/Heap.cpp: (JSC::Heap::destroy): * runtime/Heap.h: * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::destroy): * runtime/MarkedSpace.h: Don't go out of our way to destroy GC-protected cells last -- the difficult contortions required to do so just don't seem justified. We make no guarantees about GC protection after the client throws away JSGlobalData, and it doesn't seem like any meaningful guarantee is even possible. 2011-01-29 Geoffrey Garen Reviewed by Maciej Stachowiak. Switched heap to use the Bitmap class and removed CollectorBitmap https://bugs.webkit.org/show_bug.cgi?id=53391 SunSpider says 1.005x as fast. Seems like a fluke. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::allocate): Updated for rename and returning a value rather than taking a value by reference. * runtime/MarkedSpace.h: Code reuse is good. * wtf/Bitmap.h: (WTF::::testAndSet): Added, since this is the one thing Bitmap was missing which CollectorBitmap had. (Renamed from the less conventional "getset".) (WTF::::nextPossiblyUnset): Renamed and changed to return a value for clarity. It's all the same with inlining. 2011-01-28 Geoffrey Garen Reviewed by Maciej Stachowiak. Some more Heap cleanup. https://bugs.webkit.org/show_bug.cgi?id=53357 * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Updated exported symbols. * runtime/Heap.cpp: (JSC::Heap::reportExtraMemoryCostSlowCase): Renamed recordExtraCost to reportExtraMemoryCostSlowCase to match our naming conventions. (JSC::Heap::capacity): Renamed size to capacity because this function returns the capacity of the heap, including unused portions. * runtime/Heap.h: (JSC::Heap::globalData): (JSC::Heap::markedSpace): (JSC::Heap::machineStackMarker): (JSC::Heap::reportExtraMemoryCost): Moved statics to the top of the file. Moved ctor and dtor to the beginning of the class definition. Grouped functions by purpose. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::capacity): Renamed size to capacity because this function returns the capacity of the heap, including unused portions. * runtime/MarkedSpace.h: Removed statistics and the Statistics class because the same information can be gotten just by calling size() and capacity(). * runtime/MemoryStatistics.cpp: * runtime/MemoryStatistics.h: Ditto. 2011-01-29 Daniel Bates Reviewed by Eric Seidel. Move wince/mt19937ar.c to ThirdParty and make it a policy choice https://bugs.webkit.org/show_bug.cgi?id=53253 Make inclusion of MT19937 a policy decision. Currently, we hardcoded to use MT19937 when building for Windows CE. Instead, we should make this a policy decision with the Windows CE port using this by default. * JavaScriptCore.pri: Append Source/ThirdParty to the end of the list include directories. * wtf/CMakeLists.txt: Ditto. * wtf/Platform.h: Defined WTF_USE_MERSENNE_TWISTER_19937 when building for Windows CE. * wtf/RandomNumber.cpp: (WTF::randomNumber): Substituted USE(MERSENNE_TWISTER_19937) for OS(WINCE). 2011-01-29 Cameron Zwarich Reviewed by David Kilzer. Bug 53374 - Remove uses of unsafe string functions in debugging code https://bugs.webkit.org/show_bug.cgi?id=53374 * runtime/RegExp.cpp: (JSC::RegExp::printTraceData): 2011-01-29 Cameron Zwarich Reviewed by Oliver Hunt. JavaScriptCoreUseJIT environment variable broken https://bugs.webkit.org/show_bug.cgi?id=53372 * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): Check the actual value in the string returned by getenv() rather than just doing a NULL check on the return value. 2011-01-29 Patrick Gansterer Reviewed by David Kilzer. Move CharacterNames.h into WTF directory https://bugs.webkit.org/show_bug.cgi?id=49618 * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.vcproj/WTF/WTF.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * wtf/CMakeLists.txt: * wtf/unicode/CharacterNames.h: Renamed from WebCore/platform/text/CharacterNames.h. * wtf/unicode/UTF8.cpp: 2011-01-28 Simon Fraser Reviewed by Gavin Barraclough. Add various clampToInt() methods to MathExtras.h https://bugs.webkit.org/show_bug.cgi?id=52910 Add functions for clamping doubles and floats to valid int ranges, for signed and positive integers. * wtf/MathExtras.h: (clampToInteger): (clampToPositiveInteger): 2011-01-28 Sheriff Bot Unreviewed, rolling out r77006 and r77020. http://trac.webkit.org/changeset/77006 http://trac.webkit.org/changeset/77020 https://bugs.webkit.org/show_bug.cgi?id=53360 "Broke Windows tests" (Requested by rniwa on #webkit). * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren): (JSC::JSCallbackObject::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::::put): (JSC::::staticFunctionGetter): * API/JSObjectRef.cpp: (JSObjectMakeConstructor): (JSObjectSetPrivateProperty): * API/JSWeakObjectMapRefInternal.h: * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::markAggregate): * bytecode/CodeBlock.h: (JSC::CodeBlock::globalObject): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::findScopedProperty): * debugger/Debugger.cpp: (JSC::evaluateInGlobalCallFrame): * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): (JSC::DebuggerActivation::markChildren): * debugger/DebuggerActivation.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * interpreter/CallFrame.h: (JSC::ExecState::exception): * interpreter/Interpreter.cpp: (JSC::Interpreter::resolve): (JSC::Interpreter::resolveSkip): (JSC::Interpreter::resolveGlobal): (JSC::Interpreter::resolveGlobalDynamic): (JSC::Interpreter::resolveBaseAndProperty): (JSC::Interpreter::unwindCallFrame): (JSC::appendSourceToError): (JSC::Interpreter::execute): (JSC::Interpreter::tryCacheGetByID): (JSC::Interpreter::privateExecute): * jit/JITStubs.cpp: (JSC::JITThunks::tryCacheGetByID): (JSC::DEFINE_STUB_FUNCTION): * jsc.cpp: (GlobalObject::GlobalObject): * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/Arguments.cpp: (JSC::Arguments::markChildren): (JSC::Arguments::getOwnPropertySlot): (JSC::Arguments::getOwnPropertyDescriptor): (JSC::Arguments::put): * runtime/Arguments.h: (JSC::Arguments::setActivation): (JSC::Arguments::Arguments): * runtime/ArrayConstructor.cpp: (JSC::ArrayConstructor::ArrayConstructor): (JSC::constructArrayWithSizeQuirk): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): * runtime/BatchedTransitionOptimizer.h: (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer): * runtime/BooleanConstructor.cpp: (JSC::BooleanConstructor::BooleanConstructor): (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): * runtime/ConservativeSet.cpp: (JSC::ConservativeSet::grow): * runtime/ConservativeSet.h: (JSC::ConservativeSet::~ConservativeSet): (JSC::ConservativeSet::mark): * runtime/DateConstructor.cpp: (JSC::DateConstructor::DateConstructor): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): * runtime/DatePrototype.cpp: (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): * runtime/ErrorConstructor.cpp: (JSC::ErrorConstructor::ErrorConstructor): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::ErrorPrototype): * runtime/FunctionConstructor.cpp: (JSC::FunctionConstructor::FunctionConstructor): * runtime/FunctionPrototype.cpp: (JSC::FunctionPrototype::FunctionPrototype): * runtime/GetterSetter.cpp: (JSC::GetterSetter::markChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::GetterSetter): (JSC::GetterSetter::getter): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setter): (JSC::GetterSetter::setSetter): * runtime/GlobalEvalFunction.cpp: (JSC::GlobalEvalFunction::GlobalEvalFunction): (JSC::GlobalEvalFunction::markChildren): * runtime/GlobalEvalFunction.h: (JSC::GlobalEvalFunction::cachedGlobalObject): * runtime/Heap.cpp: (JSC::Heap::markProtectedObjects): (JSC::Heap::markTempSortVectors): (JSC::Heap::markRoots): * runtime/InternalFunction.cpp: (JSC::InternalFunction::InternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::value): (JSC::JSAPIValueWrapper::JSAPIValueWrapper): * runtime/JSActivation.cpp: (JSC::JSActivation::markChildren): (JSC::JSActivation::put): * runtime/JSArray.cpp: (JSC::JSArray::JSArray): (JSC::JSArray::getOwnPropertySlot): (JSC::JSArray::getOwnPropertyDescriptor): (JSC::JSArray::put): (JSC::JSArray::putSlowCase): (JSC::JSArray::deleteProperty): (JSC::JSArray::increaseVectorLength): (JSC::JSArray::setLength): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::unshiftCount): (JSC::JSArray::sort): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToRegisters): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSC::JSArray::getIndex): (JSC::JSArray::setIndex): (JSC::JSArray::uncheckedSetIndex): (JSC::JSArray::markChildrenDirect): * runtime/JSByteArray.cpp: (JSC::JSByteArray::JSByteArray): * runtime/JSCell.h: (JSC::JSCell::JSValue::toThisObject): (JSC::JSCell::MarkStack::append): * runtime/JSFunction.cpp: (JSC::JSFunction::JSFunction): (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalData.h: * runtime/JSGlobalObject.cpp: (JSC::markIfNeeded): (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::resetPrototype): (JSC::JSGlobalObject::markChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): (JSC::JSGlobalObject::regExpConstructor): (JSC::JSGlobalObject::errorConstructor): (JSC::JSGlobalObject::evalErrorConstructor): (JSC::JSGlobalObject::rangeErrorConstructor): (JSC::JSGlobalObject::referenceErrorConstructor): (JSC::JSGlobalObject::syntaxErrorConstructor): (JSC::JSGlobalObject::typeErrorConstructor): (JSC::JSGlobalObject::URIErrorConstructor): (JSC::JSGlobalObject::evalFunction): (JSC::JSGlobalObject::objectPrototype): (JSC::JSGlobalObject::functionPrototype): (JSC::JSGlobalObject::arrayPrototype): (JSC::JSGlobalObject::booleanPrototype): (JSC::JSGlobalObject::stringPrototype): (JSC::JSGlobalObject::numberPrototype): (JSC::JSGlobalObject::datePrototype): (JSC::JSGlobalObject::regExpPrototype): (JSC::JSGlobalObject::methodCallDummy): (JSC::Structure::prototypeForLookup): (JSC::constructArray): * runtime/JSONObject.cpp: (JSC::Stringifier::Holder::object): (JSC::Stringifier::markAggregate): (JSC::Stringifier::stringify): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::callReviver): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::JSObject::defineGetter): (JSC::JSObject::defineSetter): (JSC::JSObject::removeDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::putDescriptor): (JSC::JSObject::defineOwnProperty): * runtime/JSObject.h: (JSC::JSObject::getDirectOffset): (JSC::JSObject::putDirectOffset): (JSC::JSObject::flattenDictionaryObject): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectWithoutTransition): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::JSValue::putDirect): (JSC::JSObject::allocatePropertyStorageInline): (JSC::JSObject::markChildrenDirect): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::JSPropertyNameIterator): (JSC::JSPropertyNameIterator::get): * runtime/JSPropertyNameIterator.h: * runtime/JSStaticScopeObject.cpp: (JSC::JSStaticScopeObject::markChildren): * runtime/JSString.cpp: (JSC::StringObject::create): * runtime/JSValue.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::markChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::internalValue): (JSC::JSWrapperObject::setInternalValue): * runtime/LiteralParser.cpp: (JSC::LiteralParser::parse): * runtime/Lookup.cpp: (JSC::setUpStaticFunctionSlot): * runtime/Lookup.h: (JSC::lookupPut): * runtime/MarkStack.h: (JSC::MarkStack::appendValues): * runtime/MathObject.cpp: (JSC::MathObject::MathObject): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::NativeErrorConstructor): * runtime/NativeErrorPrototype.cpp: (JSC::NativeErrorPrototype::NativeErrorPrototype): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::NumberConstructor): (JSC::constructWithNumberConstructor): * runtime/NumberObject.cpp: (JSC::constructNumber): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): * runtime/ObjectConstructor.cpp: (JSC::ObjectConstructor::ObjectConstructor): (JSC::objectConstructorGetOwnPropertyDescriptor): * runtime/Operations.h: (JSC::normalizePrototypeChain): (JSC::resolveBase): * runtime/PrototypeFunction.cpp: (JSC::PrototypeFunction::PrototypeFunction): * runtime/PutPropertySlot.h: (JSC::PutPropertySlot::setExistingProperty): (JSC::PutPropertySlot::setNewProperty): (JSC::PutPropertySlot::base): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::RegExpConstructor): * runtime/ScopeChain.cpp: (JSC::ScopeChainNode::print): * runtime/ScopeChain.h: (JSC::ScopeChainNode::~ScopeChainNode): (JSC::ScopeChainIterator::operator*): (JSC::ScopeChainIterator::operator->): (JSC::ScopeChain::top): * runtime/ScopeChainMark.h: (JSC::ScopeChain::markAggregate): * runtime/SmallStrings.cpp: (JSC::isMarked): (JSC::SmallStrings::markChildren): * runtime/SmallStrings.h: (JSC::SmallStrings::emptyString): (JSC::SmallStrings::singleCharacterString): (JSC::SmallStrings::singleCharacterStrings): * runtime/StringConstructor.cpp: (JSC::StringConstructor::StringConstructor): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): * runtime/StringObject.h: * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::addPropertyTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::flattenDictionaryStructure): * runtime/Structure.h: (JSC::Structure::storedPrototype): * runtime/WeakGCMap.h: (JSC::WeakGCMap::uncheckedGet): (JSC::WeakGCMap::isValid): (JSC::::get): (JSC::::take): (JSC::::set): (JSC::::uncheckedRemove): * runtime/WriteBarrier.h: Removed. 2011-01-28 Gavin Barraclough Reviewed by Geoff Garen. https://bugs.webkit.org/show_bug.cgi?id=53352 Heavy external fragmentation in FixedVMPoolAllocator can lead to a CRASH(). The FixedVMPoolAllocator currently uses a best fix policy - switch to first fit, this is less prone to external fragmentation. * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::AllocationTableSizeClass::AllocationTableSizeClass): (JSC::AllocationTableSizeClass::blockSize): (JSC::AllocationTableSizeClass::blockCount): (JSC::AllocationTableSizeClass::blockAlignment): (JSC::AllocationTableSizeClass::size): (JSC::AllocationTableLeaf::AllocationTableLeaf): (JSC::AllocationTableLeaf::~AllocationTableLeaf): (JSC::AllocationTableLeaf::allocate): (JSC::AllocationTableLeaf::free): (JSC::AllocationTableLeaf::isEmpty): (JSC::AllocationTableLeaf::isFull): (JSC::AllocationTableLeaf::size): (JSC::AllocationTableLeaf::classForSize): (JSC::AllocationTableLeaf::dump): (JSC::LazyAllocationTable::LazyAllocationTable): (JSC::LazyAllocationTable::~LazyAllocationTable): (JSC::LazyAllocationTable::allocate): (JSC::LazyAllocationTable::free): (JSC::LazyAllocationTable::isEmpty): (JSC::LazyAllocationTable::isFull): (JSC::LazyAllocationTable::size): (JSC::LazyAllocationTable::dump): (JSC::LazyAllocationTable::classForSize): (JSC::AllocationTableDirectory::AllocationTableDirectory): (JSC::AllocationTableDirectory::~AllocationTableDirectory): (JSC::AllocationTableDirectory::allocate): (JSC::AllocationTableDirectory::free): (JSC::AllocationTableDirectory::isEmpty): (JSC::AllocationTableDirectory::isFull): (JSC::AllocationTableDirectory::size): (JSC::AllocationTableDirectory::classForSize): (JSC::AllocationTableDirectory::dump): (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator): (JSC::FixedVMPoolAllocator::alloc): (JSC::FixedVMPoolAllocator::free): (JSC::FixedVMPoolAllocator::allocated): (JSC::FixedVMPoolAllocator::isValid): (JSC::FixedVMPoolAllocator::classForSize): (JSC::FixedVMPoolAllocator::offsetToPointer): (JSC::FixedVMPoolAllocator::pointerToOffset): (JSC::ExecutableAllocator::committedByteCount): (JSC::ExecutableAllocator::isValid): (JSC::ExecutableAllocator::underMemoryPressure): (JSC::ExecutablePool::systemAlloc): (JSC::ExecutablePool::systemRelease): * wtf/PageReservation.h: (WTF::PageReservation::PageReservation): (WTF::PageReservation::commit): (WTF::PageReservation::decommit): (WTF::PageReservation::committed): 2011-01-27 Oliver Hunt Reviewed by Geoffrey Garen. Convert markstack to a slot visitor API https://bugs.webkit.org/show_bug.cgi?id=53219 Move the MarkStack over to a slot based marking API. In order to avoiding aliasing concerns there are two new types that need to be used when holding on to JSValues and JSCell that need to be marked: WriteBarrier and DeprecatedPtr. WriteBarrier is expected to be used for any JSValue or Cell that's lifetime and marking is controlled by another GC object. DeprecatedPtr is used for any value that we need to rework ownership for. The change over to this model has produced a large amount of code changes, but they are mostly mechanical (forwarding JSGlobalData, etc). * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren): (JSC::JSCallbackObject::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::::put): (JSC::::staticFunctionGetter): * API/JSObjectRef.cpp: (JSObjectMakeConstructor): (JSObjectSetPrivateProperty): * API/JSWeakObjectMapRefInternal.h: * JavaScriptCore.exp: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::markAggregate): * bytecode/CodeBlock.h: (JSC::CodeBlock::globalObject): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::findScopedProperty): * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::DebuggerActivation): (JSC::DebuggerActivation::markChildren): * debugger/DebuggerActivation.h: * interpreter/Interpreter.cpp: (JSC::Interpreter::resolve): (JSC::Interpreter::resolveSkip): (JSC::Interpreter::resolveGlobalDynamic): (JSC::Interpreter::resolveBaseAndProperty): (JSC::Interpreter::unwindCallFrame): (JSC::appendSourceToError): (JSC::Interpreter::execute): (JSC::Interpreter::privateExecute): * interpreter/Register.h: (JSC::Register::jsValueSlot): * jit/JITStubs.cpp: (JSC::JITThunks::tryCacheGetByID): (JSC::DEFINE_STUB_FUNCTION): * jsc.cpp: (GlobalObject::GlobalObject): * runtime/Arguments.cpp: (JSC::Arguments::markChildren): (JSC::Arguments::getOwnPropertySlot): (JSC::Arguments::getOwnPropertyDescriptor): (JSC::Arguments::put): * runtime/Arguments.h: (JSC::Arguments::setActivation): (JSC::Arguments::Arguments): * runtime/ArrayConstructor.cpp: (JSC::ArrayConstructor::ArrayConstructor): (JSC::constructArrayWithSizeQuirk): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncSplice): * runtime/BatchedTransitionOptimizer.h: (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer): * runtime/BooleanConstructor.cpp: (JSC::BooleanConstructor::BooleanConstructor): (JSC::constructBoolean): (JSC::constructBooleanFromImmediateBoolean): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::BooleanPrototype): * runtime/ConservativeSet.h: (JSC::ConservativeSet::mark): * runtime/DateConstructor.cpp: (JSC::DateConstructor::DateConstructor): * runtime/DateInstance.cpp: (JSC::DateInstance::DateInstance): * runtime/DatePrototype.cpp: (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): * runtime/ErrorConstructor.cpp: (JSC::ErrorConstructor::ErrorConstructor): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::ErrorInstance): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::ErrorPrototype): * runtime/FunctionConstructor.cpp: (JSC::FunctionConstructor::FunctionConstructor): * runtime/FunctionPrototype.cpp: (JSC::FunctionPrototype::FunctionPrototype): * runtime/GetterSetter.cpp: (JSC::GetterSetter::markChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::GetterSetter): (JSC::GetterSetter::getter): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setter): (JSC::GetterSetter::setSetter): * runtime/GlobalEvalFunction.cpp: (JSC::GlobalEvalFunction::GlobalEvalFunction): (JSC::GlobalEvalFunction::markChildren): * runtime/GlobalEvalFunction.h: (JSC::GlobalEvalFunction::cachedGlobalObject): * runtime/Heap.cpp: (JSC::Heap::markProtectedObjects): (JSC::Heap::markTempSortVectors): (JSC::Heap::markRoots): * runtime/InternalFunction.cpp: (JSC::InternalFunction::InternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::value): (JSC::JSAPIValueWrapper::JSAPIValueWrapper): * runtime/JSActivation.cpp: (JSC::JSActivation::put): * runtime/JSArray.cpp: (JSC::JSArray::JSArray): (JSC::JSArray::getOwnPropertySlot): (JSC::JSArray::getOwnPropertyDescriptor): (JSC::JSArray::put): (JSC::JSArray::putSlowCase): (JSC::JSArray::deleteProperty): (JSC::JSArray::increaseVectorLength): (JSC::JSArray::setLength): (JSC::JSArray::pop): (JSC::JSArray::push): (JSC::JSArray::unshiftCount): (JSC::JSArray::sort): (JSC::JSArray::fillArgList): (JSC::JSArray::copyToRegisters): (JSC::JSArray::compactForSorting): * runtime/JSArray.h: (JSC::JSArray::getIndex): (JSC::JSArray::setIndex): (JSC::JSArray::uncheckedSetIndex): (JSC::JSArray::markChildrenDirect): * runtime/JSByteArray.cpp: (JSC::JSByteArray::JSByteArray): * runtime/JSCell.h: (JSC::JSCell::MarkStack::append): (JSC::JSCell::MarkStack::appendCell): * runtime/JSFunction.cpp: (JSC::JSFunction::JSFunction): (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGlobalObject.cpp: (JSC::markIfNeeded): (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::resetPrototype): (JSC::JSGlobalObject::markChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData): (JSC::JSGlobalObject::regExpConstructor): (JSC::JSGlobalObject::errorConstructor): (JSC::JSGlobalObject::evalErrorConstructor): (JSC::JSGlobalObject::rangeErrorConstructor): (JSC::JSGlobalObject::referenceErrorConstructor): (JSC::JSGlobalObject::syntaxErrorConstructor): (JSC::JSGlobalObject::typeErrorConstructor): (JSC::JSGlobalObject::URIErrorConstructor): (JSC::JSGlobalObject::evalFunction): (JSC::JSGlobalObject::objectPrototype): (JSC::JSGlobalObject::functionPrototype): (JSC::JSGlobalObject::arrayPrototype): (JSC::JSGlobalObject::booleanPrototype): (JSC::JSGlobalObject::stringPrototype): (JSC::JSGlobalObject::numberPrototype): (JSC::JSGlobalObject::datePrototype): (JSC::JSGlobalObject::regExpPrototype): (JSC::JSGlobalObject::methodCallDummy): (JSC::constructArray): * runtime/JSONObject.cpp: (JSC::Stringifier::Holder::object): (JSC::Stringifier::Holder::objectSlot): (JSC::Stringifier::markAggregate): (JSC::Stringifier::stringify): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::callReviver): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::JSObject::defineGetter): (JSC::JSObject::defineSetter): (JSC::JSObject::removeDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::putDescriptor): (JSC::JSObject::defineOwnProperty): * runtime/JSObject.h: (JSC::JSObject::putDirectOffset): (JSC::JSObject::putUndefinedAtDirectOffset): (JSC::JSObject::flattenDictionaryObject): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectFunction): (JSC::JSObject::putDirectWithoutTransition): (JSC::JSObject::putDirectFunctionWithoutTransition): (JSC::JSValue::putDirect): (JSC::JSObject::allocatePropertyStorageInline): (JSC::JSObject::markChildrenDirect): * runtime/JSStaticScopeObject.cpp: (JSC::JSStaticScopeObject::markChildren): * runtime/JSString.cpp: (JSC::StringObject::create): * runtime/JSValue.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::markChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::internalValue): (JSC::JSWrapperObject::setInternalValue): * runtime/LiteralParser.cpp: (JSC::LiteralParser::parse): * runtime/Lookup.cpp: (JSC::setUpStaticFunctionSlot): * runtime/Lookup.h: (JSC::lookupPut): * runtime/MarkStack.h: * runtime/MathObject.cpp: (JSC::MathObject::MathObject): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::NativeErrorConstructor): * runtime/NativeErrorPrototype.cpp: (JSC::NativeErrorPrototype::NativeErrorPrototype): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::NumberConstructor): (JSC::constructWithNumberConstructor): * runtime/NumberObject.cpp: (JSC::constructNumber): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::NumberPrototype): * runtime/ObjectConstructor.cpp: (JSC::ObjectConstructor::ObjectConstructor): (JSC::objectConstructorGetOwnPropertyDescriptor): * runtime/Operations.h: (JSC::normalizePrototypeChain): (JSC::resolveBase): * runtime/PrototypeFunction.cpp: (JSC::PrototypeFunction::PrototypeFunction): * runtime/PutPropertySlot.h: (JSC::PutPropertySlot::setExistingProperty): (JSC::PutPropertySlot::setNewProperty): (JSC::PutPropertySlot::base): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::RegExpConstructor): * runtime/ScopeChain.cpp: (JSC::ScopeChainNode::print): * runtime/ScopeChain.h: (JSC::ScopeChainNode::~ScopeChainNode): (JSC::ScopeChainIterator::operator*): (JSC::ScopeChainIterator::operator->): (JSC::ScopeChain::top): * runtime/ScopeChainMark.h: (JSC::ScopeChain::markAggregate): * runtime/SmallStrings.cpp: (JSC::isMarked): (JSC::SmallStrings::markChildren): * runtime/SmallStrings.h: (JSC::SmallStrings::emptyString): (JSC::SmallStrings::singleCharacterString): (JSC::SmallStrings::singleCharacterStrings): * runtime/StringConstructor.cpp: (JSC::StringConstructor::StringConstructor): * runtime/StringObject.cpp: (JSC::StringObject::StringObject): * runtime/StringObject.h: * runtime/StringPrototype.cpp: (JSC::StringPrototype::StringPrototype): * runtime/Structure.cpp: (JSC::Structure::flattenDictionaryStructure): * runtime/Structure.h: (JSC::Structure::storedPrototypeSlot): * runtime/WeakGCMap.h: (JSC::WeakGCMap::uncheckedGet): (JSC::WeakGCMap::uncheckedGetSlot): (JSC::::get): (JSC::::take): (JSC::::set): (JSC::::uncheckedRemove): * runtime/WriteBarrier.h: Added. (JSC::DeprecatedPtr::DeprecatedPtr): (JSC::DeprecatedPtr::get): (JSC::DeprecatedPtr::operator*): (JSC::DeprecatedPtr::operator->): (JSC::DeprecatedPtr::slot): (JSC::DeprecatedPtr::operator UnspecifiedBoolType*): (JSC::DeprecatedPtr::operator!): (JSC::WriteBarrierBase::set): (JSC::WriteBarrierBase::get): (JSC::WriteBarrierBase::operator*): (JSC::WriteBarrierBase::operator->): (JSC::WriteBarrierBase::slot): (JSC::WriteBarrierBase::operator UnspecifiedBoolType*): (JSC::WriteBarrierBase::operator!): (JSC::WriteBarrier::WriteBarrier): (JSC::operator==): 2011-01-28 Adam Roben Chromium build fix after r76967 * wtf/ThreadingPrimitives.h: Use OS(WINDOWS) instead of PLATFORM(WIN), to match other similar macros in this file. 2011-01-28 Michael Saboff Potentially Unsafe HashSet of RuntimeObject* in RootObject definition https://bugs.webkit.org/show_bug.cgi?id=53271 Reapplying this this change. No change from prior patch in JavaScriptCore. Added new isValid() methods to check if a contained object in a WeakGCMap is valid when using an unchecked iterator. * runtime/WeakGCMap.h: (JSC::WeakGCMap::isValid): 2011-01-27 Adam Roben Extract code to convert a WTF absolute time to a Win32 wait interval into a separate function Fixes BinarySemaphore should wrap a Win32 event Reviewed by Dave Hyatt. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export the new function. * wtf/ThreadingPrimitives.h: Declare the new function. * wtf/ThreadingWin.cpp: (WTF::ThreadCondition::timedWait): Moved code to convert the absolute time to a wait interval from here... (WTF::absoluteTimeToWaitTimeoutInterval): ...to here. 2011-01-28 Sam Weinig Reviewed by Maciej Stachowiak. Add basic rubber banding support https://bugs.webkit.org/show_bug.cgi?id=53277 * wtf/Platform.h: Add ENABLE for rubber banding. 2011-01-28 Sheriff Bot Unreviewed, rolling out r76893. http://trac.webkit.org/changeset/76893 https://bugs.webkit.org/show_bug.cgi?id=53287 It made some tests crash on GTK and Qt debug bots (Requested by Ossy on #webkit). * runtime/WeakGCMap.h: 2011-01-27 Adam Barth Reviewed by Eric Seidel. Add WTFString method to compare equality with Vector https://bugs.webkit.org/show_bug.cgi?id=53266 I'm planning to use this method in the new XSS filter implementation, but it seems generally useful. * wtf/text/StringImpl.h: (WTF::equalIgnoringNullity): * wtf/text/WTFString.h: (WTF::equalIgnoringNullity): 2011-01-27 Michael Saboff Potentially Unsafe HashSet of RuntimeObject* in RootObject definition https://bugs.webkit.org/show_bug.cgi?id=53271 Added new isValid() methods to check if a contained object in a WeakGCMap is valid when using an unchecked iterator. * runtime/WeakGCMap.h: (JSC::WeakGCMap::isValid): 2011-01-26 Sam Weinig Reviewed by Maciej Stachowiak. Add events to represent the start/end of a gesture scroll https://bugs.webkit.org/show_bug.cgi?id=53215 * wtf/Platform.h: Add ENABLE for gesture events. 2011-01-26 Yael Aharon Reviewed by Laszlo Gombos. [Qt][Symbian] Fix --minimal build https://bugs.webkit.org/show_bug.cgi?id=52839 Move definition of USE_SYSTEM_MALLOC out of pri file. Put it in platform.h instead. * wtf/Platform.h: * wtf/TCSystemAlloc.cpp: * wtf/wtf.pri: 2011-01-26 Patrick Gansterer Reviewed by Andreas Kling. [WINCE] Add JIT support to build system https://bugs.webkit.org/show_bug.cgi?id=53079 * CMakeListsWinCE.txt: 2011-01-25 Adam Roben Windows Production build fix Reviewed by Steve Falkenburg. * JavaScriptCore.vcproj/JavaScriptCore.make: Set BUILDSTYLE to Release_PGO at the very start of the file so that ConfigurationBuildDir takes that into account. Also set it the right way (by redefining the macro) rather than the wrong way (by modifying the environment variable). 2011-01-25 Steve Falkenburg Rubber-stamped by Adam Roben. Windows production build fix. Use correct environment variable escaping * JavaScriptCore.vcproj/JavaScriptCore.make: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make: 2011-01-25 Oliver Hunt Reviewed by Gavin Barraclough. JSON.stringify processing time exponentially grows with size of object https://bugs.webkit.org/show_bug.cgi?id=51922 Remove last use of reserveCapacity from JSON stringification, as it results in appalling append behaviour when there are a large number of property names and nothing else. * runtime/JSONObject.cpp: (JSC::Stringifier::appendQuotedString): 2011-01-25 Antti Koivisto Not reviewed. Try to fix windows build. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: 2011-01-25 Antti Koivisto Reviewed by Oliver Hunt. REGRESSION: Leak in JSParser::Scope::copyCapturedVariablesToVector() https://bugs.webkit.org/show_bug.cgi?id=53061 Cache did not know about the subclass so failed to fully delete the items. Got rid of the subclass and moved the classes to separate files. * CMakeLists.txt: * GNUmakefile.am: * JavaScriptCore.exp: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * parser/JSParser.cpp: (JSC::JSParser::Scope::saveFunctionInfo): (JSC::JSParser::Scope::restoreFunctionInfo): (JSC::JSParser::findCachedFunctionInfo): (JSC::JSParser::parseFunctionInfo): * parser/SourceProvider.h: * parser/SourceProviderCache.cpp: Added. (JSC::SourceProviderCache::~SourceProviderCache): (JSC::SourceProviderCache::byteSize): * parser/SourceProviderCache.h: Added. (JSC::SourceProviderCache::SourceProviderCache): (JSC::SourceProviderCache::add): (JSC::SourceProviderCache::get): * parser/SourceProviderCacheItem.h: Added. (JSC::SourceProviderCacheItem::SourceProviderCacheItem): (JSC::SourceProviderCacheItem::approximateByteSize): (JSC::SourceProviderCacheItem::closeBraceToken): 2011-01-25 Marcilio Mendonca Reviewed by Darin Adler. Bug 53087: Refactoring: replaced a hanging "else" with a "return" statement https://bugs.webkit.org/show_bug.cgi?id=53087. Refactoring work: Replaced a hanging "else" within an #if PLATFORM(M with a "return" so that the code is more readable and less error pro (e.g., "else" doesn't use braces so adding extra lines to the else block won't have any effect; even worse, code still compiles successfully. * wtf/Assertions.cpp: 2011-01-24 Chris Marrin Reviewed by Eric Seidel. Change ENABLE_3D_CANVAS to ENABLE_WEBGL https://bugs.webkit.org/show_bug.cgi?id=53041 * Configurations/FeatureDefines.xcconfig: 2011-01-25 Adam Roben Windows Production build fix * JavaScriptCore.vcproj/JavaScriptCore.make: Added a missing "set". 2011-01-25 Patrick Gansterer Reviewed by Eric Seidel. Add missing defines for COMPILER(RVCT) && CPU(ARM_THUMB2) https://bugs.webkit.org/show_bug.cgi?id=52949 * jit/JITStubs.cpp: 2011-01-24 Adam Roben Windows Production build fix * JavaScriptCore.vcproj/JavaScriptCore.make: Update for move of JavaScriptCore into Source. 2011-01-24 Peter Varga Reviewed by Oliver Hunt. Optimize regex patterns which contain empty alternatives https://bugs.webkit.org/show_bug.cgi?id=51395 Eliminate the empty alternatives from the regex pattern and convert it to do the matching in an easier way. * yarr/YarrPattern.cpp: (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd): 2011-01-24 Andras Becsi Reviewed by Csaba Osztrogonác. [Qt] Move project files into Source https://bugs.webkit.org/show_bug.cgi?id=52891 * JavaScriptCore.pri: * JavaScriptCore.pro: * jsc.pro: 2011-01-23 Mark Rowe Follow-up to r76477. Fix the scripts that detect problematic code such as static initializers and destructors, weak vtables, inappropriate files in the framework wrappers, and public headers including private headers. These had all been broken since the projects were moved in to the Source directory as the paths to the scripts were not updated at that time. * JavaScriptCore.xcodeproj/project.pbxproj: 2011-01-23 Patrick Gansterer Reviewed by Darin Adler. Use WTF::StringHasher in WebCore https://bugs.webkit.org/show_bug.cgi?id=52934 Add an additional function to calculate the hash of data with a runtimedependent size. * wtf/StringHasher.h: (WTF::StringHasher::createBlobHash): 2011-01-23 Patrick Gansterer Reviewed by David Kilzer. Fix comment in String::ascii() https://bugs.webkit.org/show_bug.cgi?id=52980 * wtf/text/WTFString.cpp: (WTF::String::ascii): 2011-01-23 Patrick Gansterer Reviewed by David Kilzer. Add String::containsOnlyLatin1() https://bugs.webkit.org/show_bug.cgi?id=52979 * wtf/text/WTFString.h: (WTF::String::containsOnlyLatin1): (WTF::charactersAreAllLatin1): 2011-01-23 Patrick Gansterer Reviewed by Oliver Hunt. Remove obsolete JSVALUE32 code https://bugs.webkit.org/show_bug.cgi?id=52948 r70111 removed support for JSVALUE32. ARM, MIPS and X86 support JSVALUE32_64 only. * jit/JITStubs.cpp: 2011-01-22 Geoffrey Garen Reviewed by Dan Bernstein. ASSERT running run-webkit-tests --threaded. https://bugs.webkit.org/show_bug.cgi?id=52971 SunSpider and v8 report no change. * runtime/ConservativeSet.cpp: (JSC::ConservativeSet::grow): (JSC::ConservativeSet::add): * runtime/ConservativeSet.h: Tweaked the inline capacity to 128, and the growth policy to 2X, to make SunSpider and v8 happy. (JSC::ConservativeSet::ConservativeSet): (JSC::ConservativeSet::~ConservativeSet): (JSC::ConservativeSet::mark): Use OSAllocator directly, instead of malloc. Malloc is forbidden during a multi-threaded mark phase because it can cause deadlock. 2011-01-22 Geoffrey Garen Reviewed by Geoffrey Garen. Rubber-stamped by Maciej Stachowiak. A few of Maciej's review suggestions for my last patch. https://bugs.webkit.org/show_bug.cgi?id=52946 SunSpider reports no change. * Android.mk: * CMakeLists.txt: * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: Updated build systems. * runtime/ConservativeSet.cpp: Added. (JSC::isPointerAligned): (JSC::ConservativeSet::add): * runtime/ConservativeSet.h: Added. (JSC::ConservativeSet::ConservativeSet): (JSC::ConservativeSet::mark): Split ConservativeSet out into its own file, and moved the conservative check into ConservativeSet::add, making ConservativeSet's responsibility clearer. * runtime/Heap.cpp: (JSC::Heap::markRoots): * runtime/MachineStackMarker.cpp: (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal): (JSC::MachineStackMarker::markOtherThreadConservatively): * runtime/MachineStackMarker.h: * runtime/MarkStack.h: Updated for changes above. 2011-01-22 Patrick Gansterer Unreviewed WinCE build fix for r76430. * runtime/MachineStackMarker.cpp: (JSC::swapIfBackwards): 2011-01-21 Geoffrey Garen Reviewed by Beth Dakin. Reorganized MarkedSpace, making many of its functions private. * runtime/JSCell.h: (JSC::JSCell::Heap::heap): * runtime/MarkedSpace.h: (JSC::MarkedSpace::globalData): (JSC::MarkedSpace::heap): 2011-01-21 Geoffrey Garen Try to fix build: moved helper function out of #ifdef. * runtime/MachineStackMarker.cpp: (JSC::swapIfBackwards): 2011-01-21 Geoffrey Garen Rubber-stamped by Maciej Stachowiak. A few of Maciej's review suggestions for my last patch. https://bugs.webkit.org/show_bug.cgi?id=52946 SunSpider reports no change. * runtime/MachineStackMarker.cpp: (JSC::swapIfBackwards): Added a helper function for handling platforms where the stack can grow in any direction. (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal): (JSC::MachineStackMarker::markOtherThreadConservatively): Use the helper function. (JSC::isPointerAligned): Use "!" instead of "==0" because a robot told me to. (JSC::MachineStackMarker::markConservatively): Changed to use a more standard looping idiom, and to use the helper function above. * runtime/MarkedSpace.h: (JSC::MarkedSpace::isCellAligned): Use "!" instead of "==0" because a robot told me to. 2011-01-21 Geoffrey Garen Reviewed by Maciej Stachowiak. Cleaned up some conservative marking code. https://bugs.webkit.org/show_bug.cgi?id=52946 SunSpider reports no change. * interpreter/RegisterFile.h: No need for a special marking function, since we already expose a start() and end(). * runtime/Heap.cpp: (JSC::Heap::registerFile): (JSC::Heap::markRoots): * runtime/Heap.h: (JSC::Heap::contains): Migrated markConservatively() to the machine stack marker class. Now, Heap just provides a contains() function, which the machine stack marker uses for checking whether a pointer points into the heap. * runtime/MachineStackMarker.cpp: (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal): (JSC::MachineStackMarker::markOtherThreadConservatively): (JSC::isPointerAligned): (JSC::MachineStackMarker::markConservatively): * runtime/MachineStackMarker.h: Move the conservative marking code here. * runtime/MarkStack.h: (JSC::ConservativeSet::add): (JSC::ConservativeSet::mark): Changed to using a vector instead of hash set. Vector seems to be a bit faster, and it generates smaller code. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::containsSlowCase): * runtime/MarkedSpace.h: (JSC::MarkedSpace::isCellAligned): (JSC::MarkedSpace::isPossibleCell): (JSC::MarkedSpace::contains): Kept the code for determining whether a pointer pointed into marked space, and moved the code for marking a set of conservative pointers into the machine stack marker. * wtf/HashSet.h: (WTF::::add): Added two missing inlines that I noticed while testing vector vs hash set. 2011-01-21 Mark Rowe Reviewed by Sam Weinig. Work around a Clang bug that leads to it incorrectly emitting an access control warning when a client tries to use operator bool exposed above via "using PageBlock::operator bool". * wtf/PageAllocation.h: (WTF::PageAllocation::operator bool): * wtf/PageReservation.h: (WTF::PageReservation::operator bool): 2011-01-21 Michael Saboff Reviewed by Oliver Hunt. [RegexFuzz] Hang with forward assertion https://bugs.webkit.org/show_bug.cgi?id=52825 The backtrackTo label from the first term in a list of terms is being overwritten by processing of subsequent terms. Changed copyBacktrackToLabel() to check for an existing bcaktrackTo label before copying and renamed it to propagateBacktrackToLabel() since it no longer copies. * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::BacktrackDestination::propagateBacktrackToLabel): (JSC::Yarr::YarrGenerator::generateParenthesesSingle): 2011-01-21 Geoffrey Garen Reviewed by Sam Weinig. Moved the mark stack from global data to the heap, since it pertains to the heap, and not the virtual machine as a whole. https://bugs.webkit.org/show_bug.cgi?id=52930 SunSpider reports no change. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::markRoots): * runtime/Heap.h: * runtime/JSGlobalData.cpp: (JSC::JSGlobalData::JSGlobalData): * runtime/JSGlobalData.h: 2011-01-21 Peter Gal Reviewed by Darin Adler. REGRESSION(r76177): All JavaScriptCore tests fail on ARM https://bugs.webkit.org/show_bug.cgi?id=52814 Get the approximateByteSize value before releasing the OwnPtr. * parser/JSParser.cpp: (JSC::JSParser::parseFunctionInfo): 2011-01-21 Xan Lopez Reviewed by Martin Robinson. Remove unnecessary include https://bugs.webkit.org/show_bug.cgi?id=52884 * jit/JIT.cpp: remove unnecessary include. 2011-01-20 Ryosuke Niwa Reviewed by Maciej Stachowiak. Added OwnPtrCommon.h because OwnArrayPtr::set calls deleteOwnedPtr. * wtf/OwnArrayPtr.h: 2011-01-20 Patrick Gansterer Reviewed by Oliver Hunt. [WINCE] Remove obsolete JSVALUE32 code https://bugs.webkit.org/show_bug.cgi?id=52450 Remove the "offset hack" in create_jit_stubs, since we only support JSVALUE32_64 in the meantime. * create_jit_stubs: Removed offset argument * jit/JITStubs.cpp: 2011-01-20 Geoffrey Garen Reviewed by Oliver Hunt. When marking conservatively, guard against reviving dead objects. https://bugs.webkit.org/show_bug.cgi?id=52840 SunSpider and v8 say no change. * interpreter/RegisterFile.h: (JSC::RegisterFile::markCallFrames): Updated to use the ConservativeSet API. * runtime/Heap.cpp: (JSC::Heap::recordExtraCost): No need to guard against conservative marking reviving dead objects anymore, since the conservative marking mechanism guards against this now. (JSC::Heap::markConservatively): (JSC::Heap::markProtectedObjects): (JSC::Heap::markTempSortVectors): Don't drain the mark stack inside a marking function. We want to establish a separation of concerns between visiting roots and draining the mark stack. (JSC::Heap::markRoots): Gather the set of conservative references before clearning mark bits, because conservative marking now uses the mark bits to determine if a reference is valid, and avoid reviving dead objects. (JSC::Heap::collectAllGarbage): No need to guard against conservative marking reviving dead objects anymore, since the conservative marking mechanism guards against this now. * runtime/Heap.h: Updated to use the ConservativeSet API. * runtime/MachineStackMarker.cpp: (JSC::MachineStackMarker::markCurrentThreadConservativelyInternal): (JSC::MachineStackMarker::markCurrentThreadConservatively): (JSC::MachineStackMarker::markOtherThreadConservatively): (JSC::MachineStackMarker::markMachineStackConservatively): * runtime/MachineStackMarker.h: Ditto. * runtime/MarkStack.h: (JSC::ConservativeSet::add): (JSC::ConservativeSet::mark): Added ConservativeSet, for gathering the set of conservative references. This is different from MarkStack, since we don't mark the set until it is completely gathered. * runtime/MarkedSpace.cpp: (JSC::MarkedSpace::freeBlock): (JSC::MarkedSpace::resizeBlocks): (JSC::MarkedSpace::markConservatively): * runtime/MarkedSpace.h: When marking conservatively, guard against reviving dead objects. 2011-01-20 Siddharth Mathur Reviewed by Geoffrey Garen. [Symbian] Fix StackBounds::initialize() https://bugs.webkit.org/show_bug.cgi?id=52842 * wtf/StackBounds.cpp: (WTF::StackBounds::initialize): Use TThreadStackInfo.iLimit for stack limit 2011-01-20 Michael Saboff Reviewed by Oliver Hunt. [RegexFuzz] Crash in generated code (52773) https://bugs.webkit.org/show_bug.cgi?id=52773 Fixed case where an existing DataLabelPtr is overwritten. The replacing DataLabelPtr is now resolved immediately in linkDataLabelToBacktrackIfExists(). Cleanup - eliminated bool return value for the routine as it was never used. * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists): 2011-01-20 Andras Becsi Reviewed by Csaba Osztrogonác. [Qt][WK2] WebKit2 enabled build fails to link Work around undefined reference linking issues until the buildsystem gets redesigned. These issues first occured in minimal builds (see BUG 50519). * JavaScriptCore.pri: link as whole-archive for WebKit2 builds 2011-01-20 Zoltan Horvath Reviewed by Csaba Osztrogonác. Refactoring of the custom allocation framework https://bugs.webkit.org/show_bug.cgi?id=49897 Inheriting from FastAllocBase can result in objects getting larger (bug #33896, #46589). The modification replaces Noncopyable and FastAllocBase classes and these inherits with their equivalent macro implementation at the necessary places. * wtf/FastAllocBase.h: Turn FastAllocBase's implementation into a macro. 2011-01-20 Mark Rowe Reviewed by Maciej Stachowiak. Follow-up to r75766 / . We were failing to initialize the key, causing all sorts of unexpected behavior. * wtf/FastMalloc.cpp: (WTF::setThreadHeap): (WTF::TCMalloc_ThreadCache::GetThreadHeap): (WTF::TCMalloc_ThreadCache::InitTSD): Ensure that the key is initialized. 2011-01-18 Geoffrey Garen Reviewed by Darin Adler. Rolled back in r76078, with crash fixed. https://bugs.webkit.org/show_bug.cgi?id=52668 * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::markChildren): Account for the fact that the global object moves its variables into and out of the register file. While out of the register file, the symbol table's size is not an accurate count for the size of the register array, since the BytecodeGenerator might be compiling, adding items to the symbol table. 2011-01-18 Darin Adler Reviewed by Geoffrey Garen. Stack overflow when converting an Error object to string https://bugs.webkit.org/show_bug.cgi?id=46410 * Android.mk: Added StringRecursionChecker.cpp and StringRecursionChecker.h. * CMakeLists.txt: Ditto. * GNUmakefile.am: Ditto. * JavaScriptCore.gypi: Ditto. * JavaScriptCore.pro: Ditto. * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Ditto. * JavaScriptCore.xcodeproj/project.pbxproj: Ditto. * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncToString): Use StringRecursionChecker instead of the older hand-written code to do the same thing. (JSC::arrayProtoFuncToLocaleString): Ditto. (JSC::arrayProtoFuncJoin): Ditto. * runtime/ErrorPrototype.cpp: (JSC::errorProtoFuncToString): Use StringRecursionChecker. * runtime/JSGlobalData.h: Renamed arrayVisitedElements to stringRecursionCheckVisitedObjects. * runtime/RegExpPrototype.cpp: (JSC::regExpProtoFuncToString): Use StringRecursionChecker. * runtime/StringRecursionChecker.cpp: Added. * runtime/StringRecursionChecker.h: Added. 2011-01-19 Oliver Hunt Reviewed by Gavin Barraclough. Remove non-spec support for callable RegExp https://bugs.webkit.org/show_bug.cgi?id=28285 Remove support for callable regexps. If it breaks sites we can just roll this out. * runtime/RegExpObject.cpp: * runtime/RegExpObject.h: * tests/mozilla/expected.html: update results. 2011-01-19 Antti Koivisto Reviewed by Oliver Hunt. Cache function offsets to speed up javascript parsing https://bugs.webkit.org/show_bug.cgi?id=52622 Use cache to save function offsets and some other info. This avoids quite a bit of work when reparsing the source. * parser/ASTBuilder.h: * parser/JSParser.cpp: (JSC::JSParser::CachedFunctionInfo::CachedFunctionInfo): (JSC::JSParser::CachedFunctionInfo::approximateByteSize): (JSC::JSParser::CachedFunctionInfo::closeBraceToken): (JSC::JSParser::Scope::copyCapturedVariablesToVector): (JSC::JSParser::Scope::saveFunctionInfo): (JSC::JSParser::Scope::restoreFunctionInfo): (JSC::JSParser::findCachedFunctionInfo): (JSC::JSParser::JSParser): (JSC::JSParser::parseProgram): (JSC::JSParser::parseFunctionInfo): * parser/Lexer.h: (JSC::Lexer::setOffset): (JSC::Lexer::setLineNumber): (JSC::Lexer::sourceProvider): * parser/SourceProvider.h: (JSC::SourceProviderCache::SourceProviderCache): (JSC::SourceProviderCache::~SourceProviderCache): (JSC::SourceProviderCache::byteSize): (JSC::SourceProviderCache::add): (JSC::SourceProviderCache::get): (JSC::SourceProvider::SourceProvider): (JSC::SourceProvider::~SourceProvider): (JSC::SourceProvider::cache): (JSC::SourceProvider::notifyCacheSizeChanged): (JSC::SourceProvider::cacheSizeChanged): * parser/SyntaxChecker.h: 2011-01-19 Mark Rowe Reviewed by Darin Adler. Follow-up to r75766 / . * DerivedSources.make: Evaluate the SDKROOT variable correctly. 2011-01-19 Oliver Hunt Reviewed by Gavin Barraclough. [jsfunfuzz] Defining a function called __proto__ inside an eval triggers an assertion https://bugs.webkit.org/show_bug.cgi?id=52672 Rather than coming up with a somewhat convoluted mechanism to ensure that developers can override the global objects prototype with a function named __proto__ and expect it to work, we just disallow it at the syntax level. * parser/JSParser.cpp: (JSC::JSParser::parseFunctionInfo): 2011-01-19 Michael Saboff Reviewed by Darin Adler. Regression: Simple nested backtrack hangs https://bugs.webkit.org/show_bug.cgi?id=52675 The changeset (r76076) for https://bugs.webkit.org/show_bug.cgi?id=52540 broke simple backtracking in some cases. Reworked that change to link both jumps and labels. * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::BacktrackDestination::hasBacktrackToLabel): (JSC::Yarr::YarrGenerator::TermGenerationState::propagateBacktrackingFrom): (JSC::Yarr::YarrGenerator::generateParenthesesSingle): 2011-01-19 Pavel Podivilov Reviewed by Yury Semikhatsky. Web Inspector: [JSC] scripts have incorrect starting line (always 1). https://bugs.webkit.org/show_bug.cgi?id=52721 * debugger/Debugger.cpp: (JSC::Debugger::recompileAllJSFunctions): * debugger/Debugger.h: * parser/Parser.h: (JSC::Parser::parse): * parser/SourceCode.h: (JSC::SourceCode::SourceCode): * parser/SourceProvider.h: (JSC::SourceProvider::startPosition): 2011-01-19 Csaba Osztrogonác Reviewed by Laszlo Gombos and Tor Arne Vestbø. [Qt] Remove unnecessary "../Source" from paths after moving source files into Source is finished. * JavaScriptCore.pri: 2011-01-19 Benjamin Kalman Reviewed by Darin Adler. Don't return void from void function String::split https://bugs.webkit.org/show_bug.cgi?id=52684 * wtf/text/WTFString.cpp: (WTF::String::split): 2011-01-18 Kenneth Russell Unreviewed, rolling out r76078. http://trac.webkit.org/changeset/76078 https://bugs.webkit.org/show_bug.cgi?id=52668 Caused crashes of fast/canvas/webgl/constants.html, fast/canvas/webgl/gl-enum-tests.html, and possibly other layout test crashes in Release mode. WebGL crashes were observed with "run-webkit-tests fast/canvas/webgl". It was necessary to run multiple tests to provoke the crash. * interpreter/RegisterFile.h: (JSC::RegisterFile::markGlobals): * runtime/JSActivation.cpp: (JSC::JSActivation::markChildren): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::markChildren): 2011-01-18 Oliver Hunt Reviewed by Gavin Barraclough. [jsfunfuzz] Assertion asking activation for arguments when arguments is overridden https://bugs.webkit.org/show_bug.cgi?id=52690 Clean up code to retrieve arguments from activation and function objects. Remove the incorrect assertion from JSActivation's argumentsGetter. * interpreter/Interpreter.cpp: (JSC::Interpreter::retrieveArguments): * runtime/JSActivation.cpp: (JSC::JSActivation::argumentsGetter): 2011-01-18 Geoffrey Garen Reviewed by Darin Adler. Removed RegisterFile::markGlobals because it was obtuse, and it unnecessarily relied on conservative marking. https://bugs.webkit.org/show_bug.cgi?id=52668 * interpreter/RegisterFile.h: Removed markGlobals. * runtime/JSActivation.cpp: (JSC::JSActivation::markChildren): Added a comment explaning why some JSActivations don't always mark their registers arrays. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::markChildren): Instead of calling markGlobals, mark the registers array directly. 2011-01-18 Michael Saboff Reviewed by Oliver Hunt. Regression: Some text-only e-mails cause hang beneath RegExp::match (52540) https://bugs.webkit.org/show_bug.cgi?id=52540 https://bugs.webkit.org/show_bug.cgi?id=52662 Directly use backtrack label with parentheses nested under a non-capturing parentheses. Also linked current parentheses tail code object for possible parens nested within a non-capturing parentheses. * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::BacktrackDestination::linkBacktrackToLabel): (JSC::Yarr::YarrGenerator::generateParenthesesSingle): 2011-01-18 Daniel Bates Reviewed by Gavin Barraclough. Only use moving memory model assumption in ExecutableAllocator::intializePageSize() for Symbian OS https://bugs.webkit.org/show_bug.cgi?id=52517 Patch by David Tapuska Currently, we compile code with respect to the Symbian-specific moving memory model assumption for all ARMv5 or lower architectures. Instead, we should only compile such code when building for Symbian OS on those architectures because this model is Symbian-specific. * jit/ExecutableAllocator.cpp: (JSC::ExecutableAllocator::intializePageSize): 2011-01-18 Dimitry Andric Reviewed by Andreas Kling. Fix linking JavaScriptCore on FreeBSD/amd64 https://bugs.webkit.org/show_bug.cgi?id=52591 Linking of JavaScriptCore on FreeBSD/amd64 fails, for the same reason as in bug 28422: cti_vm_throw needs a "@plt" suffix, otherwise the linker complains about the relocation type. * jit/JITStubs.cpp: use @plt suffix on x86_64 platforms, for both Linux and FreeBSD. 2011-01-18 Oliver Hunt Reviewed by Antti Koivisto. [jsfunfuzz] Assertion in codegen for array of NaN constants https://bugs.webkit.org/show_bug.cgi?id=52643 Don't cache NaN literals in the code generator, as NaN doesn't compare as equal to itself it causes problems when rehashing the number cache. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitLoad): 2011-01-17 Jarred Nicholls Reviewed by Csaba Osztrogonác. REGRESSION(r75709): Return value of fscanf() shouldn't be ignored. https://bugs.webkit.org/show_bug.cgi?id=52585 gcc 4.4.4+ has warn_unused_value attribute on fscanf, so we should check the return value to get around the gcc warning * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::maybeModifyVMPoolSize): 2011-01-17 Michael Saboff Reviewed by Oliver Hunt. [regexfuzz] Crash running regex with lookahead https://bugs.webkit.org/show_bug.cgi?id=52548 Eliminated agressive chaining of backtracks. This code was overwriting already valid backtrack information. * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::ParenthesesTail::processBacktracks): 2011-01-17 Tony Gentilcore Reviewed by Alexey Proskuryakov. Fix some headers with missing or misspelled #ifndef guards https://bugs.webkit.org/show_bug.cgi?id=52545 * wtf/RefPtrHashMap.h: 2011-01-17 Dan Bernstein Rubber-stamped by Mark Rowe. Update xcodeproj svn:ignore to include xcuserdata. * JavaScriptCore.xcodeproj: Modified property svn:ignore. 2011-01-16 Adam Barth Rubber-stamped by Eric Seidel. Move WebKit into Source https://bugs.webkit.org/show_bug.cgi?id=52530 * JavaScriptCore.gyp/JavaScriptCore.gyp: 2011-01-16 Oliver Hunt Reviewed by Sam Weinig. [jsfunfuzz] Parser doesn't correctly validate for-loop syntax https://bugs.webkit.org/show_bug.cgi?id=52516 Ensure that we always check for a semicolon after encountering multiple declarations in the initialiser portion of a for-loop. * parser/JSParser.cpp: (JSC::JSParser::parseForStatement): 2011-01-16 Oliver Hunt Reviewed by Geoffrey Garen. Strict mode restrictions on arguments and eval usage aren't complete https://bugs.webkit.org/show_bug.cgi?id=52528 Fix a few bugs in strict mode where we incorrect allow mutation of arguments and eval in the parser. Alas the "optimisation" used by the syntax checker for validating binary and unary expressions was too aggressive: we do actually need a stack for operations and operands although it needn't be as complete as that used for the full AST builder. Also disallow assignment to arguments in all cases as allowing arguments to be assignable is always an error in strict mode, regardless of context. * parser/ASTBuilder.h: (JSC::ASTBuilder::BinaryExprContext::BinaryExprContext): (JSC::ASTBuilder::UnaryExprContext::UnaryExprContext): * parser/JSParser.cpp: (JSC::JSParser::parseAssignmentExpression): (JSC::JSParser::parseBinaryExpression): (JSC::JSParser::parseUnaryExpression): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::BinaryExprContext::BinaryExprContext): (JSC::SyntaxChecker::BinaryExprContext::~BinaryExprContext): (JSC::SyntaxChecker::UnaryExprContext::UnaryExprContext): (JSC::SyntaxChecker::UnaryExprContext::~UnaryExprContext): (JSC::SyntaxChecker::appendBinaryExpressionInfo): (JSC::SyntaxChecker::operatorStackPop): 2011-01-15 Geoffrey Garen Reviewed by Oliver Hunt. Rolled back in r75886. https://bugs.webkit.org/show_bug.cgi?id=52527 r75886 broke the GTK Linux bot because Linux was -- quite surprisingly -- set up to use the constants for embedded devices. * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::maybeModifyVMPoolSize): Separated Linux constants from embedded constants. 2011-01-15 Sheriff Bot Unreviewed, rolling out r75886. http://trac.webkit.org/changeset/75886 https://bugs.webkit.org/show_bug.cgi?id=52526 "Broke GTK+ 64bit" (Requested by xan_ on #webkit). * jit/ExecutableAllocatorFixedVMPool.cpp: 2011-01-15 Geoffrey Garen Reviewed by Sam Weinig. Shrink the executable pool on embedded devices * jit/ExecutableAllocatorFixedVMPool.cpp: Dropped the pool size from 32MB to 16MB. 2011-01-15 Oliver Hunt Reviewed by Maciej Stachowiak. Incorrect behavior changing attributes of an accessor https://bugs.webkit.org/show_bug.cgi?id=52515 defineProperty doesn't correctly handle changing attributes of an accessor property. This is because we don't pass the full descriptor to the putDescriptor helper function, which means we have insufficient information to do the right thing. Once that's passed the correct behavior is relatively simple to implement. * runtime/JSObject.cpp: (JSC::putDescriptor): (JSC::JSObject::defineOwnProperty): 2011-01-14 Oliver Hunt Reviewed by Maciej Stachowiak. [jsfunfuzz] Incorrect handling of consecutive duplicate labels https://bugs.webkit.org/show_bug.cgi?id=52505 Compare StringImpl*'s instead of Identifier*'s when looking for duplicate labels. * parser/JSParser.cpp: (JSC::JSParser::parseExpressionOrLabelStatement): 2011-01-14 Simon Fraser No review. Initialize m_operationInProgress after r75855. * runtime/Heap.cpp: (JSC::Heap::Heap): 2011-01-14 Geoffrey Garen Reverted accidentally committed code from my last checkin. * runtime/Heap.cpp: (JSC::Heap::markRoots): 2011-01-14 Geoffrey Garen Reviewed by Sam Weinig. Try to fix the GTK bot. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::markRoots): Kids, remember to initialize your data members. Knowing is half the battle. 2011-01-14 Oliver Hunt Reviewed by Stephanie Lewis. [jsfunfuzz] We should be clearing the lexers temporary character buffers when switching to strict mode https://bugs.webkit.org/show_bug.cgi?id=52501 Clear the temporary character buffers used for reading escaped characters and numbers. * parser/Lexer.h: (JSC::Lexer::setOffset): 2011-01-14 Geoffrey Garen Try to fix non-Dtrace builds: #include Tracing.h instead of TracingDtrace.h. * runtime/Heap.cpp: 2011-01-13 Geoffrey Garen Reviewed by Oliver Hunt. Split out a MarkedSpace strategy object from Heap. https://bugs.webkit.org/show_bug.cgi?id=52421 SunSpider reports no change. * Android.mk: * CMakeLists.txt: * GNUmakefile.am: * JavaScriptCore.gypi: * JavaScriptCore.pro: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: Updated our 7 build systems. Which is cool. * runtime/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::destroy): (JSC::Heap::recordExtraCost): (JSC::Heap::allocate): (JSC::Heap::markConservatively): (JSC::Heap::markRoots): (JSC::Heap::objectCount): (JSC::Heap::statistics): (JSC::Heap::size): (JSC::Heap::isBusy): (JSC::Heap::collectAllGarbage): (JSC::Heap::primaryHeapBegin): (JSC::Heap::primaryHeapEnd): * runtime/Heap.h: (JSC::Heap::globalData): (JSC::Heap::markedSpace): (JSC::Heap::isCellMarked): (JSC::Heap::checkMarkCell): (JSC::Heap::markCell): Moved all code pertaining to managing chunks of collector memory out of this class. Heap now just delegates to MarkedSpace. * runtime/JSCell.h: (JSC::JSCell::Heap::heap): Updated for MarkedSpace delegation. * runtime/JSValue.h: Moved the ValueStringPair typedef to help with #includes. * runtime/MarkedSpace.cpp: Copied from runtime/Heap.cpp. (JSC::MarkedSpace::MarkedSpace): (JSC::MarkedSpace::destroy): (JSC::MarkedSpace::allocateBlock): (JSC::MarkedSpace::freeBlock): (JSC::MarkedSpace::allocate): (JSC::MarkedSpace::resizeBlocks): (JSC::MarkedSpace::growBlocks): (JSC::MarkedSpace::shrinkBlocks): (JSC::MarkedSpace::markConservatively): (JSC::MarkedSpace::clearMarkBits): (JSC::MarkedSpace::markedCells): (JSC::MarkedSpace::sweep): (JSC::MarkedSpace::objectCount): (JSC::MarkedSpace::addToStatistics): (JSC::MarkedSpace::statistics): (JSC::MarkedSpace::size): (JSC::MarkedSpace::reset): (JSC::MarkedSpace::primaryHeapBegin): (JSC::MarkedSpace::primaryHeapEnd): * runtime/MarkedSpace.h: Copied from runtime/Heap.h. (JSC::MarkedSpace::globalData): (JSC::MarkedSpace::didShrink): (JSC::MarkedSpace::cellBlock): (JSC::MarkedSpace::cellOffset): (JSC::MarkedSpace::isCellMarked): (JSC::MarkedSpace::checkMarkCell): (JSC::MarkedSpace::markCell): Moved all code pertaining to managing chunks of collector memory into this class. * runtime/MemoryStatistics.cpp: (JSC::heapStatistics): * runtime/MemoryStatistics.h: Updated for MarkedSpace delegation. 2011-01-14 Oliver Hunt Reviewed by Gavin Barraclough. [jsfunfuzz] parser doesn't enforce continue restrictions correctly. https://bugs.webkit.org/show_bug.cgi?id=52493 This patch reworks handling of break, continue and label statements to correctly handle all the valid and invalid cases. Previously certain errors would be missed by the parser in strict mode, but the bytecode generator needed to handle those cases for non-strict code so nothing failed, it simply became non-standard behaviour. Now that we treat break and continue errors as early faults in non-strict mode as well that safety net has been removed so the parser bugs result in crashes at codegen time. * parser/JSParser.cpp: (JSC::JSParser::ScopeLabelInfo::ScopeLabelInfo): (JSC::JSParser::next): (JSC::JSParser::nextTokenIsColon): (JSC::JSParser::continueIsValid): Continue is only valid in loops so we can't use breakIsValid() (JSC::JSParser::pushLabel): We now track whether the label is for a loop (and is therefore a valid target for continue. (JSC::JSParser::popLabel): (JSC::JSParser::getLabel): Replace hasLabel with getLabel so that we can validate the target when parsing continue statements. (JSC::JSParser::Scope::continueIsValid): (JSC::JSParser::Scope::pushLabel): (JSC::JSParser::Scope::getLabel): (JSC::JSParser::JSParser): (JSC::JSParser::parseBreakStatement): (JSC::JSParser::parseContinueStatement): (JSC::LabelInfo::LabelInfo): (JSC::JSParser::parseExpressionOrLabelStatement): Consecutive labels now get handled iteratively so that we can determine whether they're valid targets for continue. * parser/Lexer.cpp: (JSC::Lexer::nextTokenIsColon): * parser/Lexer.h: (JSC::Lexer::setOffset): 2011-01-14 Patrick Gansterer Reviewed by Adam Roben. Use the Windows thread pool instead of an extra thread for FastMalloc scavenging https://bugs.webkit.org/show_bug.cgi?id=45186 * wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::scheduleScavenger): Added missing this pointer to CreateTimerQueueTimer(). 2011-01-14 Patrick Gansterer Reviewed by Adam Roben. Use the Windows thread pool instead of an extra thread for FastMalloc scavenging https://bugs.webkit.org/show_bug.cgi?id=45186 r75819 accidentally changed the initial state of the scavenge timer. * wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::initializeScavenger): Changed initial state of m_scavengingSuspended to true. 2011-01-14 Patrick Gansterer Unreviewed Windows Release build fix. * wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::scavengerTimerFired): 2011-01-14 Patrick Gansterer Unreviewed Windows Release build fix. * wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::scavengerTimerFired): 2011-01-14 Patrick Gansterer Reviewed by Adam Roben. Use the Windows thread pool instead of an extra thread for FastMalloc scavenging https://bugs.webkit.org/show_bug.cgi?id=45186 Use CreateTimerQueueTimer() to start periodicScavenge() and stop it with DeleteTimerQueueTimer(). * wtf/FastMalloc.cpp: (WTF::TCMalloc_PageHeap::initializeScavenger): (WTF::TCMalloc_PageHeap::isScavengerSuspended): (WTF::TCMalloc_PageHeap::scheduleScavenger): (WTF::TCMalloc_PageHeap::rescheduleScavenger): (WTF::TCMalloc_PageHeap::suspendScavenger): (WTF::scavengerTimerFired): (WTF::TCMalloc_PageHeap::periodicScavenge): (WTF::TCMalloc_PageHeap::signalScavenger): 2011-01-14 Laszlo Gombos Reviewed by Kenneth Rohde Christiansen. Align import/export directives https://bugs.webkit.org/show_bug.cgi?id=52208 * API/JSBase.h: Align import/export directives with WebKit2/Shared/API/c/WKBase.h 2011-01-14 Michael Saboff Reviewed by Oliver Hunt. Incorrect backtracking for nested alternatives https://bugs.webkit.org/show_bug.cgi?id=52387 In the process of propigating a datalabel it wasn't getting connected to a destination when the destination was an indirect jump. Added code to recognize a direct backtrack destination that was an indirect jump and added mechanism to associate DataLabelPtrs with indirect jump entries. Removed dead method BacktrackDestination::linkDataLabelToHereIfExists() * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::IndirectJumpEntry::IndirectJumpEntry): (JSC::Yarr::YarrGenerator::IndirectJumpEntry::addDataLabel): (JSC::Yarr::YarrGenerator::GenerationState::addIndirectJumpEntry): (JSC::Yarr::YarrGenerator::GenerationState::emitIndirectJumpTable): Changes to link indirect jumps with DataLabelPtr's. (JSC::Yarr::YarrGenerator::BacktrackDestination::clearSubDataLabelPtr): (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists): Updated to handle immediate linking of indirect jumps to DataLabelPtr. (JSC::Yarr::YarrGenerator::generateParenthesesDisjunction): Changed to reflect updated linkDataLabelToBacktrackIfExists(). 2011-01-14 Pavel Podivilov Reviewed by Yury Semikhatsky. Web Inspector: provide script column offset to frontend. https://bugs.webkit.org/show_bug.cgi?id=52377 * parser/SourceCode.h: (JSC::SourceCode::SourceCode): (JSC::SourceCode::firstColumn): 2011-01-13 Darin Adler Reviewed by Geoff Garen. Use __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 if available. * DerivedSources.make: Create a header file, HeaderDetection.h, that tells us whether pthread_machdep.h is available. * wtf/FastMalloc.cpp: If __PTK_FRAMEWORK_JAVASCRIPTCORE_KEY0 is available, then don't do the pthread_getspecific_function_pointer trick. (WTF::setThreadHeap): Ditto, but set thread-specific data. (WTF::TCMalloc_ThreadCache::GetThreadHeap): Ditto, but get rather than set. 2011-01-13 Xan Lopez Reviewed by Gavin Barraclough. JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap? https://bugs.webkit.org/show_bug.cgi?id=42756 The FixedVMPool Allocator does not work well on systems where allocating very large amounts of memory upfront is not reasonable, like Linux without overcommit enabled. As a workaround, on Linux, default to the values used in embedded environments (in the MB range), and only jump to the GB range if we detect at runtime that overcommit is enabled. Should fix crashes on Linux/x86_64 with less than 3 or 4GB of RAM. * jit/ExecutableAllocatorFixedVMPool.cpp: (JSC::FixedVMPoolAllocator::free): use new variables for VM pool size and coalesce limit. (JSC::ExecutableAllocator::isValid): swap the variables from embedded to generic values at runtime, on linux, if overcommit is enabled. (JSC::ExecutableAllocator::underMemoryPressure): use new variables for VM pool size and coalesce limit. 2011-01-12 Xan Lopez Reviewed by Martin Robinson. Add new Yarr.h header to the list file. * GNUmakefile.am: ditto. 2011-01-12 Martin Robinson Missing Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h in WebKitGtk tarball https://bugs.webkit.org/show_bug.cgi?id=52299 * GNUmakefile.am: Fix the GTK+ build on ARMv7 by including missing source files in the source list. 2011-01-12 Peter Varga Reviewed by Gavin Barraclough. Add Yarr.h to YARR https://bugs.webkit.org/show_bug.cgi?id=51021 Move other common constants and functions from YARR's different files to Yarr.h. Use Yarr.h header instead of including other YARR headers where it is possible. * JavaScriptCore.gypi: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/RegExp.cpp: * yarr/Yarr.h: Added. * yarr/YarrInterpreter.cpp: * yarr/YarrInterpreter.h: * yarr/YarrJIT.cpp: (JSC::Yarr::jitCompile): (JSC::Yarr::execute): * yarr/YarrJIT.h: * yarr/YarrParser.h: * yarr/YarrPattern.cpp: (JSC::Yarr::YarrPattern::compile): (JSC::Yarr::YarrPattern::YarrPattern): * yarr/YarrPattern.h: 2011-01-12 Sheriff Bot Unreviewed, rolling out r75595. http://trac.webkit.org/changeset/75595 https://bugs.webkit.org/show_bug.cgi?id=52286 It broke fast/regex/pcre-test-1.html (Requested by Ossy on #webkit). * JavaScriptCore.gypi: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/RegExp.cpp: * yarr/Yarr.h: Removed. * yarr/YarrInterpreter.cpp: * yarr/YarrInterpreter.h: * yarr/YarrJIT.cpp: (JSC::Yarr::jitCompile): * yarr/YarrJIT.h: (JSC::Yarr::execute): * yarr/YarrParser.h: * yarr/YarrPattern.cpp: (JSC::Yarr::compile): (JSC::Yarr::YarrPattern::YarrPattern): * yarr/YarrPattern.h: 2011-01-12 Peter Varga Reviewed by Gavin Barraclough. Add Yarr.h to YARR https://bugs.webkit.org/show_bug.cgi?id=51021 Move other common constants and functions from YARR's different files to Yarr.h. Use Yarr.h header instead of including other YARR headers where it is possible. * JavaScriptCore.gypi: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * runtime/RegExp.cpp: * yarr/Yarr.h: Added. * yarr/YarrInterpreter.cpp: * yarr/YarrInterpreter.h: * yarr/YarrJIT.cpp: (JSC::Yarr::jitCompile): (JSC::Yarr::execute): * yarr/YarrJIT.h: * yarr/YarrParser.h: * yarr/YarrPattern.cpp: (JSC::Yarr::YarrPattern::compile): (JSC::Yarr::YarrPattern::YarrPattern): * yarr/YarrPattern.h: 2011-01-11 Michael Saboff Reviewed by Geoffrey Garen. Missing call to popTempSortVector() for exception case in JSArray::sort. https://bugs.webkit.org/show_bug.cgi?id=50718 Fix to patch of 50718 that added pushTempSortVector() and popTempSortVector() to JSArray::sort() to mark elements during sort. Need to add popTempSortVector() for the return case if toString() had an exception. * runtime/JSArray.cpp: (JSC::JSArray::sort): Added popTempSortVector() 2011-01-11 Xan Lopez