1. 26 Aug, 2011 1 commit
    • commit-queue@webkit.org's avatar
      Unzip initialization lists and constructors in JSCell hierarchy (2/7) · 403bfdfa
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=66957
      
      Patch by Mark Hahnenberg <mhahnenberg@apple.com> on 2011-08-26
      Reviewed by Darin Adler.
      
      Completed the second level of the refactoring to add finishCreation()
      methods to all classes within the JSCell hierarchy with non-trivial
      constructor bodies.
      
      * runtime/Executable.h:
      (JSC::ExecutableBase::ExecutableBase):
      (JSC::ExecutableBase::create):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::finishCreation):
      (JSC::NativeExecutable::NativeExecutable):
      (JSC::ScriptExecutable::ScriptExecutable):
      (JSC::ScriptExecutable::finishCreation):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::GetterSetter):
      (JSC::GetterSetter::create):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::create):
      (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
      * runtime/JSObject.h:
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSC::JSFinalObject::create):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSObject::JSObject):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::create):
      * runtime/RegExp.cpp:
      (JSC::RegExp::RegExp):
      (JSC::RegExp::createWithoutCaching):
      * runtime/ScopeChain.h:
      (JSC::ScopeChainNode::ScopeChainNode):
      (JSC::ScopeChainNode::create):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      * runtime/Structure.h:
      (JSC::Structure::create):
      (JSC::Structure::finishCreation):
      (JSC::Structure::createStructure):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::StructureChain):
      * runtime/StructureChain.h:
      (JSC::StructureChain::create):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@93920 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      403bfdfa
  2. 25 Aug, 2011 1 commit
    • commit-queue@webkit.org's avatar
      Unzip initialization lists and constructors in JSCell hierarchy (1/7) · 214ac02e
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=66827
      
      Patch by Mark Hahnenberg <mhahnenberg@apple.com> on 2011-08-25
      Reviewed by Geoffrey Garen.
      
      Added finishCreation() methods to all immediately subclasses of JSCell with
      non-empty constructors.  Part of a larger refactoring to "unzip" initialization
      lists and constructor bodies.  Also renamed JSCell's constructorBody() method
      to finishCreation().
      
      * runtime/Executable.h:
      (JSC::ExecutableBase::ExecutableBase):
      (JSC::ExecutableBase::constructorBody):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::GetterSetter):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::constructorBody):
      (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
      * runtime/JSCell.h:
      (JSC::JSCell::JSCell::JSCell):
      (JSC::JSCell::JSCell::constructorBody):
      * runtime/JSObject.h:
      (JSC::JSObject::constructorBody):
      (JSC::JSObject::JSObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::constructorBody):
      * runtime/JSString.h:
      (JSC::RopeBuilder::JSString):
      (JSC::RopeBuilder::constructorBody):
      * runtime/RegExp.cpp:
      (JSC::RegExp::RegExp):
      (JSC::RegExp::constructorBody):
      * runtime/RegExp.h:
      * runtime/ScopeChain.h:
      (JSC::ScopeChainNode::ScopeChainNode):
      (JSC::ScopeChainNode::constructorBody):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::StructureChain):
      * runtime/StructureChain.h:
      (JSC::StructureChain::create):
      (JSC::StructureChain::constructorBody):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@93835 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      214ac02e
  3. 10 Aug, 2011 1 commit
  4. 26 May, 2011 1 commit
  5. 14 May, 2011 2 commits
    • oliver@apple.com's avatar
      2011-05-13 Oliver Hunt <oliver@apple.com> · 4103716d
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This patch makes the checks performed under GC_VALIDATION
              much more aggressive, and adds the checks to more places
              in order to allow us to catch GC bugs much closer to the
              point of failure.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedSpace.cpp:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSCell.cpp:
              (JSC::slowValidateCell):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::unvalidatedStructure):
              (JSC::JSCell::JSCell::JSCell):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::visitChildren):
              (JSC::slowValidateCell):
              * runtime/JSONObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyMapEntry::PropertyMapEntry):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              (JSC::JSCell::classInfo):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              * runtime/WriteBarrier.h:
              (JSC::validateCell):
              (JSC::JSCell):
              (JSC::JSGlobalObject):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::setMayBeNull):
              (JSC::WriteBarrierBase::setEarlyValue):
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::unvalidatedGet):
              (JSC::WriteBarrier::WriteBarrier):
              * wtf/Assertions.h:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This makes GC_VALIDATION much more aggressive in webcore,
              adding logic to every visitChildren method to ensure that
              the structure still has correct flags.
      
              Additionally every function generated for the dom bindings
              makes use of the new GC_VALIDATION object assertions to further
              ensure that the object appears to be sensible.
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioContextCustom.cpp:
              (WebCore::JSAudioContext::visitChildren):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSCanvasRenderingContextCustom.cpp:
              (WebCore::JSCanvasRenderingContext::visitChildren):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXPathResultCustom.cpp:
              (WebCore::JSXPathResult::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              Add GC_VALIDATION calls to all the JSNPObject methods.
      
              * WebProcess/Plugins/Netscape/JSNPObject.cpp:
              (WebKit::JSNPObject::invalidate):
              (WebKit::JSNPObject::callMethod):
              (WebKit::JSNPObject::callObject):
              (WebKit::JSNPObject::callConstructor):
              (WebKit::JSNPObject::getCallData):
              (WebKit::JSNPObject::getConstructData):
              (WebKit::JSNPObject::getOwnPropertySlot):
              (WebKit::JSNPObject::getOwnPropertyDescriptor):
              (WebKit::JSNPObject::put):
              (WebKit::JSNPObject::getOwnPropertyNames):
              (WebKit::JSNPObject::propertyGetter):
              (WebKit::JSNPObject::methodGetter):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86499 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4103716d
    • ossy@webkit.org's avatar
      Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt. · 8c10d800
      ossy@webkit.org authored
      Make GC validation more aggressive
      https://bugs.webkit.org/show_bug.cgi?id=60802
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.exp:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::visitChildren):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      * heap/MarkedSpace.cpp:
      * runtime/Arguments.cpp:
      (JSC::Arguments::visitChildren):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::visitChildren):
      (JSC::ProgramExecutable::visitChildren):
      (JSC::FunctionExecutable::visitChildren):
      * runtime/Executable.h:
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::createStructure):
      * runtime/GetterSetter.cpp:
      (JSC::GetterSetter::visitChildren):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::createStructure):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::visitChildren):
      * runtime/JSArray.cpp:
      (JSC::JSArray::visitChildren):
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      (JSC::JSCell::JSCell::JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::visitChildren):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitChildren):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::visitChildren):
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::visitChildren):
      * runtime/JSString.h:
      (JSC::RopeBuilder::createStructure):
      * runtime/JSWrapperObject.cpp:
      (JSC::JSWrapperObject::visitChildren):
      * runtime/NativeErrorConstructor.cpp:
      (JSC::NativeErrorConstructor::visitChildren):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyMapEntry::PropertyMapEntry):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::visitChildren):
      * runtime/ScopeChain.cpp:
      (JSC::ScopeChainNode::visitChildren):
      * runtime/ScopeChain.h:
      (JSC::ScopeChainNode::ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::visitChildren):
      * runtime/Structure.h:
      (JSC::Structure::createStructure):
      (JSC::JSCell::classInfo):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::visitChildren):
      * runtime/StructureChain.h:
      * runtime/WriteBarrier.h:
      (JSC::WriteBarrierBase::set):
      (JSC::WriteBarrierBase::get):
      (JSC::WriteBarrierBase::operator*):
      (JSC::WriteBarrierBase::operator->):
      (JSC::WriteBarrier::WriteBarrier):
      * wtf/Assertions.h:
      
      Source/WebCore:
      
      * bindings/js/JSAttrCustom.cpp:
      (WebCore::JSAttr::visitChildren):
      * bindings/js/JSAudioContextCustom.cpp:
      (WebCore::JSAudioContext::visitChildren):
      * bindings/js/JSCSSRuleCustom.cpp:
      (WebCore::JSCSSRule::visitChildren):
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::JSCSSStyleDeclaration::visitChildren):
      * bindings/js/JSCanvasRenderingContextCustom.cpp:
      (WebCore::JSCanvasRenderingContext::visitChildren):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::visitChildren):
      (WebCore::JSDOMGlobalObject::setInjectedScript):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::visitChildren):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::visitChildren):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::JSEventListener):
      * bindings/js/JSEventListener.h:
      (WebCore::JSEventListener::jsFunction):
      * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
      (WebCore::JSJavaScriptAudioNode::visitChildren):
      * bindings/js/JSMessageChannelCustom.cpp:
      (WebCore::JSMessageChannel::visitChildren):
      * bindings/js/JSMessagePortCustom.cpp:
      (WebCore::JSMessagePort::visitChildren):
      * bindings/js/JSNamedNodeMapCustom.cpp:
      (WebCore::JSNamedNodeMap::visitChildren):
      * bindings/js/JSNodeCustom.cpp:
      (WebCore::JSNode::visitChildren):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::JSNodeFilter::visitChildren):
      * bindings/js/JSNodeIteratorCustom.cpp:
      (WebCore::JSNodeIterator::visitChildren):
      * bindings/js/JSSVGElementInstanceCustom.cpp:
      (WebCore::JSSVGElementInstance::visitChildren):
      * bindings/js/JSSharedWorkerCustom.cpp:
      (WebCore::JSSharedWorker::visitChildren):
      * bindings/js/JSStyleSheetCustom.cpp:
      (WebCore::JSStyleSheet::visitChildren):
      * bindings/js/JSTreeWalkerCustom.cpp:
      (WebCore::JSTreeWalker::visitChildren):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::JSWebGLRenderingContext::visitChildren):
      * bindings/js/JSWorkerContextCustom.cpp:
      (WebCore::JSWorkerContext::visitChildren):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::visitChildren):
      * bindings/js/JSXPathResultCustom.cpp:
      (WebCore::JSXPathResult::visitChildren):
      * bindings/scripts/CodeGeneratorJS.pm:
      
      Source/WebKit2:
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::invalidate):
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::getCallData):
      (WebKit::JSNPObject::getConstructData):
      (WebKit::JSNPObject::getOwnPropertySlot):
      (WebKit::JSNPObject::getOwnPropertyDescriptor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      (WebKit::JSNPObject::methodGetter):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86482 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8c10d800
  6. 13 May, 2011 1 commit
    • oliver@apple.com's avatar
      2011-05-13 Oliver Hunt <oliver@apple.com> · d369c8cd
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This patch makes the checks performed under GC_VALIDATION
              much more aggressive, and adds the checks to more places
              in order to allow us to catch GC bugs much closer to the
              point of failure.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedSpace.cpp:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSCell.cpp:
              (JSC::slowValidateCell):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::unvalidatedStructure):
              (JSC::JSCell::JSCell::JSCell):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::visitChildren):
              (JSC::slowValidateCell):
              * runtime/JSONObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyMapEntry::PropertyMapEntry):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              (JSC::JSCell::classInfo):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              * runtime/WriteBarrier.h:
              (JSC::validateCell):
              (JSC::JSCell):
              (JSC::JSGlobalObject):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::setMayBeNull):
              (JSC::WriteBarrierBase::setEarlyValue):
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::unvalidatedGet):
              (JSC::WriteBarrier::WriteBarrier):
              * wtf/Assertions.h:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              This makes GC_VALIDATION much more aggressive in webcore,
              adding logic to every visitChildren method to ensure that
              the structure still has correct flags.
      
              Additionally every function generated for the dom bindings
              makes use of the new GC_VALIDATION object assertions to further
              ensure that the object appears to be sensible.
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioContextCustom.cpp:
              (WebCore::JSAudioContext::visitChildren):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSCanvasRenderingContextCustom.cpp:
              (WebCore::JSCanvasRenderingContext::visitChildren):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXPathResultCustom.cpp:
              (WebCore::JSXPathResult::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
      2011-05-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make GC validation more aggressive
              https://bugs.webkit.org/show_bug.cgi?id=60802
      
              Add GC_VALIDATION calls to all the JSNPObject methods.
      
              * WebProcess/Plugins/Netscape/JSNPObject.cpp:
              (WebKit::JSNPObject::invalidate):
              (WebKit::JSNPObject::callMethod):
              (WebKit::JSNPObject::callObject):
              (WebKit::JSNPObject::callConstructor):
              (WebKit::JSNPObject::getCallData):
              (WebKit::JSNPObject::getConstructData):
              (WebKit::JSNPObject::getOwnPropertySlot):
              (WebKit::JSNPObject::getOwnPropertyDescriptor):
              (WebKit::JSNPObject::put):
              (WebKit::JSNPObject::getOwnPropertyNames):
              (WebKit::JSNPObject::propertyGetter):
              (WebKit::JSNPObject::methodGetter):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86469 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d369c8cd
  7. 03 May, 2011 2 commits
    • alexis.menard@openbossa.org's avatar
      2011-05-03 Xan Lopez <xlopez@igalia.com> · c86e112e
      alexis.menard@openbossa.org authored
              Reviewed by Anders Carlsson.
      
              Compile error with GCC 4.6.0, tries to assign unsigned& to bitfield
              https://bugs.webkit.org/show_bug.cgi?id=59261
      
              Use unary '+' to force proper type detection in template arguments
              with GCC 4.6.0. See bug report for more details.
      
              * runtime/Structure.cpp:
              (JSC::StructureTransitionTable::remove): Use '+' to force precise type detection.
              (JSC::StructureTransitionTable::add): ditto.
              * runtime/Structure.h:
              (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer): ditto.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85621 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c86e112e
    • jberlin@webkit.org's avatar
      Revert r85550 and r85575. · 3d6b4681
      jberlin@webkit.org authored
      Rubber-stamped by Adam Roben.
      
      Variables cannot be exported via the .def file. Instead, they should be annotated with
      JS_EXPORTDATA.
      
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * runtime/Structure.cpp:
      (JSC::Structure::materializePropertyMap):
      * runtime/Structure.h:
      (JSC::Structure::typeInfo):
      (JSC::Structure::previousID):
      (JSC::Structure::propertyStorageCapacity):
      (JSC::Structure::propertyStorageSize):
      (JSC::Structure::get):
      (JSC::Structure::materializePropertyMapIfNecessary):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85605 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3d6b4681
  8. 02 May, 2011 2 commits
    • jberlin@webkit.org's avatar
      Remove an assertion that Windows was hitting on launch. · 43efb08f
      jberlin@webkit.org authored
      Rubber-stamped by Oliver Hunt.
      
      * runtime/Structure.cpp:
      (JSC::Structure::materializePropertyMap):
      * runtime/Structure.h:
      (JSC::Structure::typeInfo):
      (JSC::Structure::previousID):
      (JSC::Structure::propertyStorageCapacity):
      (JSC::Structure::propertyStorageSize):
      (JSC::Structure::get):
      (JSC::Structure::materializePropertyMapIfNecessary):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85575 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      43efb08f
    • oliver@apple.com's avatar
      2011-05-02 Oliver Hunt <oliver@apple.com> · 35b2b50e
      oliver@apple.com authored
              Reviewed by Gavin Barraclough.
      
              Correct marking of interpreter data in mixed mode builds
              https://bugs.webkit.org/show_bug.cgi?id=59962
      
              We had a few places in mixed mode builds where we would not
              track data used by the interpreter for marking.  This patch
              corrects the problem and adds a number of assertions to catch
              live Structures being collected.
      
              * JavaScriptCore.exp:
              * assembler/ARMv7Assembler.h:
              (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * bytecode/CodeBlock.h:
              (JSC::CodeBlock::addPropertyAccessInstruction):
              (JSC::CodeBlock::addGlobalResolveInstruction):
              (JSC::CodeBlock::addStructureStubInfo):
              (JSC::CodeBlock::addGlobalResolveInfo):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::emitResolve):
              (JSC::BytecodeGenerator::emitResolveWithBase):
              (JSC::BytecodeGenerator::emitGetById):
              (JSC::BytecodeGenerator::emitPutById):
              (JSC::BytecodeGenerator::emitDirectPutById):
              * runtime/Structure.cpp:
              (JSC::Structure::materializePropertyMap):
              * runtime/Structure.h:
              (JSC::Structure::typeInfo):
              (JSC::Structure::previousID):
              (JSC::Structure::propertyStorageCapacity):
              (JSC::Structure::propertyStorageSize):
              (JSC::Structure::get):
              (JSC::Structure::materializePropertyMapIfNecessary):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85523 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      35b2b50e
  9. 26 Apr, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-04-25 Geoffrey Garen <ggaren@apple.com> · 21daf646
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Custom prototypes on DOM objects don't persist after garbage collection
              https://bugs.webkit.org/show_bug.cgi?id=59412
              
              SunSpider reports no change.
              
              The hasCustomProperties() check didn't check for a custom prototype.
      
              * runtime/JSObject.h:
              (JSC::JSObject::hasCustomProperties): Changed to delegate to Structure
              because it is the "truth" about an object's pedigree.
      
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              * runtime/Structure.h:
              (JSC::Structure::didTransition): Track whether a Structure has ever
              transitioned for any reason. If so, we have to assume that the object
              holding it is custom in some way.
      2011-04-25  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Custom prototypes on DOM objects don't persist after garbage collection
              https://bugs.webkit.org/show_bug.cgi?id=59412
      
              * fast/dom/gc-custom-prototype-expected.txt: Added.
              * fast/dom/gc-custom-prototype.html: Added.
              * fast/dom/script-tests/dataset-gc.js:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84882 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      21daf646
  10. 25 Apr, 2011 1 commit
  11. 21 Apr, 2011 1 commit
    • oliver@apple.com's avatar
      2011-04-21 Oliver Hunt <oliver@apple.com> · 433d02f9
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::visitChildren):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren):
              (JSC::JSCallbackObject::visitChildren):
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::visitStructures):
              (JSC::EvalCodeCache::visitAggregate):
              (JSC::CodeBlock::visitAggregate):
              * bytecode/CodeBlock.h:
              * bytecode/EvalCodeCache.h:
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::visitAggregate):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::visitAggregate):
              * bytecode/StructureStubInfo.h:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * debugger/DebuggerActivation.h:
              * heap/HandleHeap.cpp:
              (JSC::WeakHandleOwner::isReachableFromOpaqueRoots):
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              * heap/HandleHeap.h:
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              * heap/HandleStack.h:
              * heap/Heap.cpp:
              (JSC::Heap::markProtectedObjects):
              (JSC::Heap::markTempSortVectors):
              (JSC::Heap::markRoots):
              * heap/Heap.h:
              * heap/MarkStack.cpp:
              (JSC::MarkStack::visitChildren):
              (JSC::MarkStack::drain):
              * heap/MarkStack.h:
              (JSC::HeapRootVisitor::HeapRootVisitor):
              (JSC::HeapRootVisitor::mark):
              (JSC::HeapRootVisitor::visitor):
              * heap/MarkedSpace.h:
              * runtime/ArgList.cpp:
              (JSC::MarkedArgumentBuffer::markLists):
              * runtime/ArgList.h:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Arguments.h:
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSActivation.h:
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSArray.h:
              (JSC::JSArray::visitDirect):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::visitChildren):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSFunction.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::visitIfNeeded):
              (JSC::JSGlobalObject::visitChildren):
              * runtime/JSGlobalObject.h:
              * runtime/JSONObject.cpp:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSObject.h:
              (JSC::JSObject::visitDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSStaticScopeObject.h:
              * runtime/JSTypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              (JSC::TypeInfo::overridesVisitChildren):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/JSWrapperObject.h:
              * runtime/JSZombie.h:
              (JSC::JSZombie::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/NativeErrorConstructor.h:
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/RegExpObject.h:
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              * runtime/SmallStrings.cpp:
              (JSC::SmallStrings::visitChildren):
              * runtime/SmallStrings.h:
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::createStructure):
      2011-04-21  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * UserObjectImp.cpp:
              (UserObjectImp::visitChildren):
      2011-04-21  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::constructAudio):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::visitActiveObjectsForContext):
              (WebCore::markDOMObjectWrapper):
              * bindings/js/JSDOMBinding.h:
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              * bindings/js/JSDOMGlobalObject.h:
              * bindings/js/JSDOMImplementationCustom.cpp:
              (WebCore::JSDOMImplementation::visitChildren):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSDOMWindowShell.h:
              * bindings/js/JSDocumentCustom.cpp:
              (WebCore::JSDocument::visitChildren):
              * bindings/js/JSElementCustom.cpp:
              (WebCore::JSElement::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::markJSFunction):
              * bindings/js/JSEventListener.h:
              * bindings/js/JSHTMLCanvasElementCustom.cpp:
              (WebCore::JSHTMLCanvasElement::visitChildren):
              * bindings/js/JSHTMLLinkElementCustom.cpp:
              (WebCore::JSHTMLLinkElement::visitChildren):
              * bindings/js/JSHTMLStyleElementCustom.cpp:
              (WebCore::JSHTMLStyleElement::visitChildren):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::constructImage):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMapOwner::isReachableFromOpaqueRoots):
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNavigatorCustom.cpp:
              (WebCore::JSNavigator::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::isObservable):
              (WebCore::isReachableFromDOM):
              (WebCore::JSNodeOwner::isReachableFromOpaqueRoots):
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeCustom.h:
              * bindings/js/JSNodeFilterCondition.cpp:
              (WebCore::JSNodeFilterCondition::WeakOwner::isReachableFromOpaqueRoots):
              * bindings/js/JSNodeFilterCondition.h:
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSNodeListCustom.cpp:
              (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots):
              * bindings/js/JSProcessingInstructionCustom.cpp:
              (WebCore::JSProcessingInstruction::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWebKitAnimationListCustom.cpp:
              (WebCore::JSWebKitAnimationList::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
              (WebCore::JSXMLHttpRequestUpload::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/qt/qt_instance.cpp:
              (JSC::Bindings::QtRuntimeObject::visitChildren):
              (JSC::Bindings::QtInstance::markAggregate):
              * bridge/qt/qt_instance.h:
              * bridge/qt/qt_pixmapruntime.cpp:
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMetaMethod::visitChildren):
              * bridge/qt/qt_runtime.h:
              * dom/EventListener.h:
              (WebCore::EventListener::visitJSFunction):
              * dom/EventTarget.h:
              (WebCore::EventTarget::visitJSEventListeners):
              * dom/Node.h:
              * dom/NodeFilterCondition.h:
              (WebCore::NodeFilterCondition::visitAggregate):
              * page/DOMWindow.h:
              * workers/WorkerContext.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84556 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      433d02f9
  12. 17 Apr, 2011 1 commit
  13. 15 Apr, 2011 2 commits
  14. 13 Apr, 2011 2 commits
    • oliver@apple.com's avatar
      2011-04-13 Oliver Hunt <oliver@apple.com> · bb8da910
      oliver@apple.com authored
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Additional structures are allocated beyond the expected threshold
              so we preflight the test to get them allocated.
      
              * fast/dom/gc-10.html:
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Turn Structure into a GC allocated object.  Most of this patch
              is the mechanical change of replacing variations on RefPtr<Structure>
              with either Structure* (for arguments and locals), WriteBarrier<Structure>
              for the few cases where Structures are held by GC allocated objects
              and Strong<Structure> for the root structure objects in GlobalData.
      
              * API/JSCallbackConstructor.cpp:
              (JSC::JSCallbackConstructor::JSCallbackConstructor):
              * API/JSCallbackConstructor.h:
              (JSC::JSCallbackConstructor::createStructure):
              * API/JSCallbackFunction.h:
              (JSC::JSCallbackFunction::createStructure):
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObject::createStructure):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::JSCallbackObject):
              * API/JSContextRef.cpp:
              * JavaScriptCore.JSVALUE32_64only.exp:
              * JavaScriptCore.JSVALUE64only.exp:
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::~CodeBlock):
              (JSC::CodeBlock::markStructures):
              (JSC::CodeBlock::markAggregate):
              * bytecode/CodeBlock.h:
              (JSC::MethodCallLinkInfo::setSeen):
              (JSC::GlobalResolveInfo::GlobalResolveInfo):
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
              (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
              (JSC::PolymorphicAccessStructureList::markAggregate):
              (JSC::Instruction::Instruction):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::deref):
              (JSC::StructureStubInfo::markAggregate):
              * bytecode/StructureStubInfo.h:
              (JSC::StructureStubInfo::initGetByIdSelf):
              (JSC::StructureStubInfo::initGetByIdProto):
              (JSC::StructureStubInfo::initGetByIdChain):
              (JSC::StructureStubInfo::initPutByIdTransition):
              (JSC::StructureStubInfo::initPutByIdReplace):
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              * debugger/DebuggerActivation.h:
              (JSC::DebuggerActivation::createStructure):
              * heap/Handle.h:
              * heap/MarkStack.cpp:
              (JSC::MarkStack::markChildren):
              (JSC::MarkStack::drain):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep):
              * heap/Strong.h:
              (JSC::Strong::Strong):
              (JSC::Strong::set):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::resolveGlobal):
              (JSC::Interpreter::resolveGlobalDynamic):
              (JSC::Interpreter::tryCachePutByID):
              (JSC::Interpreter::uncachePutByID):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::uncacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JIT.h:
              * jit/JITPropertyAccess.cpp:
              (JSC::JIT::privateCompilePutByIdTransition):
              (JSC::JIT::patchMethodCallProto):
              (JSC::JIT::privateCompileGetByIdProto):
              (JSC::JIT::privateCompileGetByIdSelfList):
              (JSC::JIT::privateCompileGetByIdProtoList):
              (JSC::JIT::privateCompileGetByIdChainList):
              (JSC::JIT::privateCompileGetByIdChain):
              * jit/JITPropertyAccess32_64.cpp:
              (JSC::JIT::privateCompilePutByIdTransition):
              (JSC::JIT::patchMethodCallProto):
              (JSC::JIT::privateCompileGetByIdProto):
              (JSC::JIT::privateCompileGetByIdSelfList):
              (JSC::JIT::privateCompileGetByIdProtoList):
              (JSC::JIT::privateCompileGetByIdChainList):
              (JSC::JIT::privateCompileGetByIdChain):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCachePutByID):
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              (JSC::getPolymorphicAccessStructureListSlot):
              * jit/JSInterfaceJIT.h:
              (JSC::JSInterfaceJIT::storePtrWithWriteBarrier):
              * jsc.cpp:
              (cleanupGlobalData):
              * runtime/Arguments.h:
              (JSC::Arguments::createStructure):
              (JSC::Arguments::Arguments):
              (JSC::JSActivation::copyRegisters):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * runtime/ArrayConstructor.h:
              * runtime/ArrayPrototype.cpp:
              (JSC::ArrayPrototype::ArrayPrototype):
              (JSC::arrayProtoFuncSplice):
              * runtime/ArrayPrototype.h:
              (JSC::ArrayPrototype::createStructure):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              * runtime/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              * runtime/BooleanConstructor.h:
              * runtime/BooleanObject.cpp:
              (JSC::BooleanObject::BooleanObject):
              * runtime/BooleanObject.h:
              (JSC::BooleanObject::createStructure):
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/BooleanPrototype.h:
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateConstructor.h:
              * runtime/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * runtime/DateInstance.h:
              (JSC::DateInstance::createStructure):
              * runtime/DatePrototype.cpp:
              (JSC::DatePrototype::DatePrototype):
              * runtime/DatePrototype.h:
              (JSC::DatePrototype::createStructure):
              * runtime/Error.cpp:
              (JSC::StrictModeTypeErrorFunction::StrictModeTypeErrorFunction):
              * runtime/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * runtime/ErrorConstructor.h:
              * runtime/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              (JSC::ErrorInstance::create):
              * runtime/ErrorInstance.h:
              (JSC::ErrorInstance::createStructure):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/ErrorPrototype.h:
              * runtime/ExceptionHelpers.cpp:
              (JSC::InterruptedExecutionError::InterruptedExecutionError):
              (JSC::TerminatedExecutionError::TerminatedExecutionError):
              * runtime/Executable.cpp:
              * runtime/Executable.h:
              (JSC::ExecutableBase::ExecutableBase):
              (JSC::ExecutableBase::createStructure):
              (JSC::NativeExecutable::createStructure):
              (JSC::NativeExecutable::NativeExecutable):
              (JSC::ScriptExecutable::ScriptExecutable):
              (JSC::EvalExecutable::createStructure):
              (JSC::ProgramExecutable::createStructure):
              (JSC::FunctionExecutable::createStructure):
              * runtime/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * runtime/FunctionConstructor.h:
              * runtime/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * runtime/FunctionPrototype.h:
              (JSC::FunctionPrototype::createStructure):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::GetterSetter):
              (JSC::GetterSetter::createStructure):
              * runtime/InitializeThreading.cpp:
              (JSC::initializeThreadingOnce):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * runtime/InternalFunction.h:
              (JSC::InternalFunction::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::JSActivation):
              * runtime/JSActivation.h:
              (JSC::JSActivation::createStructure):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              * runtime/JSArray.h:
              (JSC::JSArray::createStructure):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::JSByteArray):
              (JSC::JSByteArray::createStructure):
              * runtime/JSByteArray.h:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.cpp:
              (JSC::isZombie):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::JSCell):
              (JSC::JSCell::JSCell::addressOfStructure):
              (JSC::JSCell::JSCell::structure):
              (JSC::JSCell::JSCell::markChildren):
              (JSC::JSCell::JSValue::isZombie):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              * runtime/JSFunction.h:
              (JSC::JSFunction::createStructure):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::storeVPtrs):
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::clearBuiltinStructures):
              (JSC::JSGlobalData::createLeaked):
              * runtime/JSGlobalData.h:
              (JSC::allocateGlobalHandle):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::markChildren):
              (JSC::JSGlobalObject::copyGlobalsFrom):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObject):
              (JSC::JSGlobalObject::createStructure):
              (JSC::Structure::prototypeChain):
              (JSC::Structure::isValid):
              (JSC::constructEmptyArray):
              * runtime/JSNotAnObject.h:
              (JSC::JSNotAnObject::JSNotAnObject):
              (JSC::JSNotAnObject::createStructure):
              * runtime/JSONObject.cpp:
              (JSC::JSONObject::JSONObject):
              * runtime/JSONObject.h:
              (JSC::JSONObject::createStructure):
              * runtime/JSObject.cpp:
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::seal):
              (JSC::JSObject::freeze):
              (JSC::JSObject::preventExtensions):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::createInheritorID):
              * runtime/JSObject.h:
              (JSC::JSObject::createStructure):
              (JSC::JSObject::JSObject):
              (JSC::JSNonFinalObject::createStructure):
              (JSC::JSNonFinalObject::JSNonFinalObject):
              (JSC::JSFinalObject::create):
              (JSC::JSFinalObject::createStructure):
              (JSC::JSFinalObject::JSFinalObject):
              (JSC::constructEmptyObject):
              (JSC::createEmptyObjectStructure):
              (JSC::JSObject::~JSObject):
              (JSC::JSObject::setPrototype):
              (JSC::JSObject::setStructure):
              (JSC::JSObject::inheritorID):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::transitionTo):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSObjectWithGlobalObject.cpp:
              (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
              * runtime/JSObjectWithGlobalObject.h:
              (JSC::JSObjectWithGlobalObject::createStructure):
              (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
              (JSC::JSPropertyNameIterator::create):
              (JSC::JSPropertyNameIterator::get):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              (JSC::JSPropertyNameIterator::setCachedStructure):
              (JSC::Structure::setEnumerationCache):
              * runtime/JSStaticScopeObject.h:
              (JSC::JSStaticScopeObject::JSStaticScopeObject):
              (JSC::JSStaticScopeObject::createStructure):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              (JSC::RopeBuilder::createStructure):
              * runtime/JSType.h:
              * runtime/JSTypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              * runtime/JSValue.h:
              * runtime/JSVariableObject.h:
              (JSC::JSVariableObject::createStructure):
              (JSC::JSVariableObject::JSVariableObject):
              (JSC::JSVariableObject::copyRegisterArray):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::createStructure):
              (JSC::JSWrapperObject::JSWrapperObject):
              * runtime/JSZombie.cpp:
              * runtime/JSZombie.h:
              (JSC::JSZombie::JSZombie):
              (JSC::JSZombie::createStructure):
              * runtime/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * runtime/MathObject.h:
              (JSC::MathObject::createStructure):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              (JSC::NativeErrorConstructor::markChildren):
              * runtime/NativeErrorConstructor.h:
              (JSC::NativeErrorConstructor::createStructure):
              * runtime/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * runtime/NativeErrorPrototype.h:
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              * runtime/NumberConstructor.h:
              (JSC::NumberConstructor::createStructure):
              * runtime/NumberObject.cpp:
              (JSC::NumberObject::NumberObject):
              * runtime/NumberObject.h:
              (JSC::NumberObject::createStructure):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/NumberPrototype.h:
              * runtime/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              * runtime/ObjectConstructor.h:
              (JSC::ObjectConstructor::createStructure):
              * runtime/ObjectPrototype.cpp:
              (JSC::ObjectPrototype::ObjectPrototype):
              * runtime/ObjectPrototype.h:
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyTable::PropertyTable):
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              (JSC::RegExpMatchesArray::RegExpMatchesArray):
              * runtime/RegExpConstructor.h:
              (JSC::RegExpConstructor::createStructure):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::RegExpObject):
              * runtime/RegExpObject.h:
              (JSC::RegExpObject::createStructure):
              * runtime/RegExpPrototype.cpp:
              (JSC::RegExpPrototype::RegExpPrototype):
              * runtime/RegExpPrototype.h:
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              (JSC::ScopeChainNode::createStructure):
              * runtime/StrictEvalActivation.cpp:
              (JSC::StrictEvalActivation::StrictEvalActivation):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringConstructor.h:
              * runtime/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * runtime/StringObject.h:
              (JSC::StringObject::createStructure):
              * runtime/StringObjectThatMasqueradesAsUndefined.h:
              (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
              (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
              * runtime/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * runtime/StringPrototype.h:
              (JSC::StringPrototype::createStructure):
              * runtime/Structure.cpp:
              (JSC::StructureTransitionTable::remove):
              (JSC::StructureTransitionTable::add):
              (JSC::Structure::Structure):
              (JSC::Structure::~Structure):
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::addPropertyTransitionToExistingStructure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::removePropertyTransition):
              (JSC::Structure::changePrototypeTransition):
              (JSC::Structure::despecifyFunctionTransition):
              (JSC::Structure::getterSetterTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::toCacheableDictionaryTransition):
              (JSC::Structure::toUncacheableDictionaryTransition):
              (JSC::Structure::sealTransition):
              (JSC::Structure::freezeTransition):
              (JSC::Structure::preventExtensionsTransition):
              (JSC::Structure::flattenDictionaryStructure):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::put):
              (JSC::Structure::markChildren):
              * runtime/Structure.h:
              (JSC::Structure::create):
              (JSC::Structure::setPrototypeWithoutTransition):
              (JSC::Structure::createStructure):
              (JSC::JSCell::createDummyStructure):
              (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::keyForFinalizer):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::StructureChain):
              (JSC::StructureChain::markChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::create):
              (JSC::StructureChain::head):
              (JSC::StructureChain::createStructure):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::finalizerContextFor):
              (JSC::StructureTransitionTable::~StructureTransitionTable):
              (JSC::StructureTransitionTable::slot):
              (JSC::StructureTransitionTable::setMap):
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::clearSingleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::DefaultWeakGCMapFinalizerCallback::finalizerContextFor):
              (JSC::DefaultWeakGCMapFinalizerCallback::keyForFinalizer):
              (JSC::WeakGCMap::contains):
              (JSC::WeakGCMap::find):
              (JSC::WeakGCMap::remove):
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              (JSC::WeakGCMap::finalize):
              * runtime/WriteBarrier.h:
              (JSC::writeBarrier):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::setWithoutWriteBarrier):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Fix up JSG to correctly mark Structure, et al.
      
              * JSRun.cpp:
              (JSGlueGlobalObject::JSGlueGlobalObject):
              * JSRun.h:
              * JSUtils.cpp:
              (JSObjectKJSValue):
              * UserObjectImp.cpp:
              (UserObjectImp::UserObjectImp):
              * UserObjectImp.h:
              (UserObjectImp::createStructure):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WebCore for Structure being a GC allocated object
      
              * WebCore.exp.in:
              * bindings/js/JSAudioConstructor.h:
              (WebCore::JSAudioConstructor::createStructure):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::cacheDOMStructure):
              * bindings/js/JSDOMBinding.h:
              (WebCore::DOMObjectWithGlobalPointer::createStructure):
              (WebCore::DOMObjectWithGlobalPointer::DOMObjectWithGlobalPointer):
              (WebCore::DOMConstructorObject::createStructure):
              (WebCore::DOMConstructorObject::DOMConstructorObject):
              (WebCore::DOMConstructorWithDocument::DOMConstructorWithDocument):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
              (WebCore::JSDOMGlobalObject::markChildren):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::createStructure):
              * bindings/js/JSDOMWindowBase.cpp:
              (WebCore::JSDOMWindowBase::JSDOMWindowBase):
              * bindings/js/JSDOMWindowBase.h:
              (WebCore::JSDOMWindowBase::createStructure):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::createStructure):
              * bindings/js/JSDOMWrapper.h:
              (WebCore::DOMObject::DOMObject):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSImageConstructor.h:
              (WebCore::JSImageConstructor::createStructure):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSOptionConstructor.h:
              (WebCore::JSOptionConstructor::createStructure):
              * bindings/js/JSWorkerContextBase.cpp:
              (WebCore::JSWorkerContextBase::JSWorkerContextBase):
              * bindings/js/JSWorkerContextBase.h:
              (WebCore::JSWorkerContextBase::createStructure):
              * bindings/js/ScriptCachedFrameData.h:
              * bindings/js/SerializedScriptValue.h:
              * bindings/js/WorkerScriptController.cpp:
              (WebCore::WorkerScriptController::initScript):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/c/CRuntimeObject.h:
              (JSC::Bindings::CRuntimeObject::createStructure):
              * bridge/c/c_instance.cpp:
              (JSC::Bindings::CRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaInstanceJSC.cpp:
              (JavaRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaRuntimeObject.h:
              (JSC::Bindings::JavaRuntimeObject::createStructure):
              * bridge/objc/ObjCRuntimeObject.h:
              (JSC::Bindings::ObjCRuntimeObject::createStructure):
              * bridge/objc/objc_instance.mm:
              (ObjCRuntimeMethod::createStructure):
              * bridge/objc/objc_runtime.h:
              (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
              * bridge/runtime_array.cpp:
              (JSC::RuntimeArray::RuntimeArray):
              * bridge/runtime_array.h:
              (JSC::RuntimeArray::createStructure):
              * bridge/runtime_method.cpp:
              (JSC::RuntimeMethod::RuntimeMethod):
              * bridge/runtime_method.h:
              (JSC::RuntimeMethod::createStructure):
              * bridge/runtime_object.cpp:
              (JSC::Bindings::RuntimeObject::RuntimeObject):
              * bridge/runtime_object.h:
              (JSC::Bindings::RuntimeObject::createStructure):
              * history/HistoryItem.h:
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WebKit for the world of GC allocated Structure
      
              * Plugins/Hosted/NetscapePluginInstanceProxy.h:
              * Plugins/Hosted/ProxyInstance.mm:
              (WebKit::ProxyRuntimeMethod::createStructure):
              * Plugins/Hosted/ProxyRuntimeObject.h:
              (WebKit::ProxyRuntimeObject::createStructure):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WK2 for the world of GC allocated Structure
      
              * WebProcess/Plugins/Netscape/JSNPMethod.h:
              (WebKit::JSNPMethod::createStructure):
              * WebProcess/Plugins/Netscape/JSNPObject.h:
              (WebKit::JSNPObject::createStructure):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83808 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bb8da910
    • oliver@apple.com's avatar
      2011-04-13 Oliver Hunt <oliver@apple.com> · af134a79
      oliver@apple.com authored
              Reviewed by Gavin Barraclough.
      
              Make PropertyMapEntry use a WriteBarrier for specificValue
              https://bugs.webkit.org/show_bug.cgi?id=58407
      
              Make PropertyMapEntry use a WriteBarrier for specificValue, and then
              propagate the required JSGlobalData through all the methods it ends
              up being needed.
      
              * API/JSClassRef.cpp:
              (OpaqueJSClass::prototype):
              * API/JSContextRef.cpp:
              * API/JSObjectRef.cpp:
              (JSObjectMake):
              (JSObjectSetPrototype):
              * JavaScriptCore.exp:
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::BytecodeGenerator):
              * interpreter/Interpreter.cpp:
              (JSC::appendSourceToError):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::name):
              (JSC::InternalFunction::displayName):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::getOwnPropertySlot):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::name):
              (JSC::JSFunction::displayName):
              (JSC::JSFunction::getOwnPropertySlot):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::putWithAttributes):
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::resetPrototype):
              * runtime/JSGlobalObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::put):
              (JSC::JSObject::deleteProperty):
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::lookupGetter):
              (JSC::JSObject::lookupSetter):
              (JSC::JSObject::getPropertySpecificValue):
              (JSC::JSObject::getOwnPropertyNames):
              (JSC::JSObject::seal):
              (JSC::JSObject::freeze):
              (JSC::JSObject::preventExtensions):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::getOwnPropertyDescriptor):
              (JSC::JSObject::defineOwnProperty):
              * runtime/JSObject.h:
              (JSC::JSObject::getDirect):
              (JSC::JSObject::getDirectLocation):
              (JSC::JSObject::isSealed):
              (JSC::JSObject::isFrozen):
              (JSC::JSObject::setPrototypeWithCycleCheck):
              (JSC::JSObject::setPrototype):
              (JSC::JSObject::inlineGetOwnPropertySlot):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::putDirectWithoutTransition):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              * runtime/Lookup.cpp:
              (JSC::setUpStaticFunctionSlot):
              * runtime/ObjectConstructor.cpp:
              (JSC::objectConstructorCreate):
              (JSC::objectConstructorSeal):
              (JSC::objectConstructorFreeze):
              (JSC::objectConstructorPreventExtensions):
              (JSC::objectConstructorIsSealed):
              (JSC::objectConstructorIsFrozen):
              * runtime/Operations.h:
              (JSC::normalizePrototypeChain):
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyMapEntry::PropertyMapEntry):
              (JSC::PropertyTable::PropertyTable):
              (JSC::PropertyTable::copy):
              * runtime/Structure.cpp:
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::despecifyDictionaryFunction):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::removePropertyTransition):
              (JSC::Structure::changePrototypeTransition):
              (JSC::Structure::despecifyFunctionTransition):
              (JSC::Structure::getterSetterTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::toCacheableDictionaryTransition):
              (JSC::Structure::toUncacheableDictionaryTransition):
              (JSC::Structure::sealTransition):
              (JSC::Structure::freezeTransition):
              (JSC::Structure::preventExtensionsTransition):
              (JSC::Structure::isSealed):
              (JSC::Structure::isFrozen):
              (JSC::Structure::addPropertyWithoutTransition):
              (JSC::Structure::removePropertyWithoutTransition):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::get):
              (JSC::Structure::despecifyFunction):
              (JSC::Structure::despecifyAllFunctions):
              (JSC::Structure::put):
              (JSC::Structure::getPropertyNames):
              * runtime/Structure.h:
              (JSC::Structure::get):
              (JSC::Structure::materializePropertyMapIfNecessary):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough.
      
              Make PropertyMapEntry use a WriteBarrier for specificValue
              https://bugs.webkit.org/show_bug.cgi?id=58407
      
              Pass JSGlobalData reference on to APIs that now need them
      
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSHTMLDocumentCustom.cpp:
              (WebCore::JSHTMLDocument::all):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83751 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      af134a79
  15. 04 Apr, 2011 1 commit
    • oliver@apple.com's avatar
      2011-04-01 Oliver Hunt <oliver@apple.com> · 59144210
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make StructureChain GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=56695
      
              Make StructureChain GC allocated, and make the various owners
              mark it correctly.
      
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              (JSC::CodeBlock::derefStructures):
              (JSC::CodeBlock::refStructures):
              (JSC::CodeBlock::markAggregate):
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
              (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
              (JSC::PolymorphicAccessStructureList::derefStructures):
              (JSC::PolymorphicAccessStructureList::markAggregate):
              (JSC::Instruction::Instruction):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::deref):
              (JSC::StructureStubInfo::markAggregate):
              * bytecode/StructureStubInfo.h:
              (JSC::StructureStubInfo::initGetByIdChain):
              (JSC::StructureStubInfo::initPutByIdTransition):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
              * collector/handles/Handle.h:
              (JSC::HandleConverter::operator->):
              (JSC::HandleConverter::operator*):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::privateExecute):
              * jit/JITOpcodes.cpp:
              (JSC::JIT::emit_op_jneq_ptr):
              * jit/JITOpcodes32_64.cpp:
              (JSC::JIT::emit_op_jneq_ptr):
              * jit/JITPropertyAccess.cpp:
              (JSC::JIT::privateCompileGetByIdChainList):
              * jit/JITPropertyAccess32_64.cpp:
              (JSC::JIT::privateCompileGetByIdChainList):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCachePutByID):
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::getPolymorphicAccessStructureListSlot):
              (JSC::DEFINE_STUB_FUNCTION):
              * runtime/JSCell.h:
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              * runtime/JSGlobalData.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::markIfNeeded):
              * runtime/JSGlobalObject.h:
              (JSC::Structure::prototypeChain):
              * runtime/JSObject.h:
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::create):
              (JSC::JSPropertyNameIterator::get):
              (JSC::JSPropertyNameIterator::markChildren):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::setCachedPrototypeChain):
              * runtime/JSZombie.cpp:
              (JSC::JSZombie::leakedZombieStructure):
              * runtime/JSZombie.h:
              * runtime/MarkStack.h:
              (JSC::MarkStack::append):
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::sweep):
              * runtime/Structure.cpp:
              (JSC::Structure::addPropertyTransition):
              * runtime/Structure.h:
              (JSC::Structure::markAggregate):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::StructureChain):
              (JSC::StructureChain::~StructureChain):
              (JSC::StructureChain::markChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::create):
              (JSC::StructureChain::createStructure):
              * runtime/WriteBarrier.h:
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
      2011-04-01  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make StructureChain GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=56695
      
              Update for new Structure marking function
      
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::markChildren):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@82849 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      59144210
  16. 04 Mar, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 55736 - Implement seal/freeze/preventExtensions for normal object types. · dd993107
      barraclough@apple.com authored
      Provide basic functionallity from section 15.2.4 of ECMA-262.
      This support will need expanding to cover arrays, too.
      
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      Shows a 0.5% progression on SunSpidey, this seems to be due to changing
      ObjectConstructor to use a static table.
      
      * DerivedSources.make:
      * JavaScriptCore.exp:
      * interpreter/CallFrame.h:
      (JSC::ExecState::objectConstructorTable):
          Add a static table for ObjectConstructor.
      * runtime/CommonIdentifiers.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
          Add a static table for ObjectConstructor.
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
          Add a static table for ObjectConstructor.
      * runtime/JSObject.cpp:
      (JSC::JSObject::seal):
      (JSC::JSObject::freeze):
      (JSC::JSObject::preventExtensions):
          Transition the object's structure.
      (JSC::JSObject::defineOwnProperty):
          Check isExtensible.
      * runtime/JSObject.h:
      (JSC::JSObject::isSealed):
      (JSC::JSObject::isFrozen):
      (JSC::JSObject::isExtensible):
          These wrap method on structure.
      (JSC::JSObject::putDirectInternal):
          Check isExtensible.
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::ObjectConstructor):
      (JSC::ObjectConstructor::getOwnPropertySlot):
      (JSC::ObjectConstructor::getOwnPropertyDescriptor):
          Change ObjectConstructor to use a static table.
      (JSC::objectConstructorSeal):
      (JSC::objectConstructorFreeze):
      (JSC::objectConstructorPreventExtensions):
      (JSC::objectConstructorIsSealed):
      (JSC::objectConstructorIsFrozen):
      (JSC::objectConstructorIsExtensible):
          Add new methods on Object.
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
          init/propagate  m_preventExtensions
      (JSC::Structure::sealTransition):
      (JSC::Structure::freezeTransition):
      (JSC::Structure::preventExtensionsTransition):
          transition the structure, materializing the property map, setting m_preventExtensions & changing attributes.
      (JSC::Structure::isSealed):
      (JSC::Structure::isFrozen):
          check attributes to detect if object is sealed/frozen.
      * runtime/Structure.h:
      (JSC::Structure::isExtensible):
          checks the m_preventExtensions flag.
      
      LayoutTests: 
      
      Update results - many more tests PASS.
      Also adds a new testcase.
      
      * fast/js/Object-getOwnPropertyNames-expected.txt:
      * fast/js/script-tests/Object-getOwnPropertyNames.js:
      * ietestcenter/Javascript/15.2.3.10-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.10-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.10-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.10-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-10-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-11-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-12-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-13-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-14-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-15-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-16-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-17-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-18-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-19-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-22-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-23-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-24-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-25-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-26-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-27-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-7-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-8-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-9-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-10-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-11-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-12-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-13-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-14-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-15-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-16-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-17-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-18-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-19-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-22-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-23-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-24-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-25-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-26-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-27-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-7-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-8-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-9-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-0-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-10-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-11-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-12-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-13-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-14-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-15-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-16-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-17-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-18-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-19-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-7-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-8-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-9-expected.txt:
      * ietestcenter/Javascript/15.2.3.14-2-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.14-2-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.14-2-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-22-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-23-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-24-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-25-expected.txt:
      * ietestcenter/Javascript/15.2.3.4-4-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.6-4-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.8-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.8-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.8-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.9-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.9-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.9-1-expected.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80378 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      dd993107
  17. 28 Feb, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 55423 - Clean up property tables in Structure · 96cad9f4
      barraclough@apple.com authored
      Reviewed by Sam Weinig & Darin Adler.
      
      Encapsulate, reduce duplication of table search code,
      and reduce the size of the tables (remove the index,
      just maintain the tables in the correct order).
      
      Shows a 0.5% - 1% progression on sunspider.
      
      ../JavaScriptCore: 
      
      * JavaScriptCore.exp:
      * runtime/PropertyMapHashTable.h:
      (JSC::isPowerOf2):
      (JSC::nextPowerOf2):
          bit ops used to calculate table size.
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (JSC::PropertyTable::ordered_iterator::operator++):
      (JSC::PropertyTable::ordered_iterator::operator==):
      (JSC::PropertyTable::ordered_iterator::operator!=):
      (JSC::PropertyTable::ordered_iterator::operator*):
      (JSC::PropertyTable::ordered_iterator::operator->):
      (JSC::PropertyTable::ordered_iterator::ordered_iterator):
          implementation of the iterator types
      (JSC::PropertyTable::PropertyTable):
      (JSC::PropertyTable::~PropertyTable):
          constructors take an initial capacity for the table,
          a table to copy, or both.
      (JSC::PropertyTable::begin):
      (JSC::PropertyTable::end):
          create in-order iterators.
      (JSC::PropertyTable::find):
          search the hash table
      (JSC::PropertyTable::add):
          add a value to the hash table
      (JSC::PropertyTable::remove):
          remove a value from the hash table
      (JSC::PropertyTable::size):
      (JSC::PropertyTable::isEmpty):
          accessors.
      (JSC::PropertyTable::propertyStorageSize):
      (JSC::PropertyTable::clearDeletedOffsets):
      (JSC::PropertyTable::hasDeletedOffset):
      (JSC::PropertyTable::getDeletedOffset):
      (JSC::PropertyTable::addDeletedOffset):
          cache deleted (available) offsets in the property storage array.
      (JSC::PropertyTable::copy):
          take a copy of the PropertyTable, potentially expanding the capacity.
      (JSC::PropertyTable::sizeInMemory):
          used for DEBUG build statistics
      (JSC::PropertyTable::reinsert):
      (JSC::PropertyTable::rehash):
      (JSC::PropertyTable::tableCapacity):
      (JSC::PropertyTable::deletedEntryIndex):
      (JSC::PropertyTable::skipDeletedEntries):
      (JSC::PropertyTable::table):
      (JSC::PropertyTable::usedCount):
      (JSC::PropertyTable::dataSize):
      (JSC::PropertyTable::sizeForCapacity):
      (JSC::PropertyTable::canInsert):
          these methods provide internal implementation.
      * runtime/Structure.cpp:
      (JSC::Structure::dumpStatistics):
      (JSC::Structure::~Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::copyPropertyTable):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::despecifyAllFunctions):
      (JSC::Structure::put):
      (JSC::Structure::remove):
      (JSC::Structure::createPropertyMap):
      (JSC::Structure::getPropertyNames):
      (JSC::PropertyTable::checkConsistency):
      (JSC::Structure::checkConsistency):
          factored out code to PropertyMapHashTable.h
      * runtime/Structure.h:
      (JSC::Structure::propertyStorageSize):
      (JSC::Structure::isEmpty):
      (JSC::Structure::get):
          factored out code to PropertyMapHashTable.h
      
      ../JavaScriptGlue: 
      
      * ForwardingHeaders/wtf/HashTable.h: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79963 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      96cad9f4
  18. 23 Feb, 2011 1 commit
  19. 22 Feb, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 54988 - Re-create StructureTransitionTable class, encapsulate transition table · 07be2aab
      barraclough@apple.com authored
      Reviewed by Sam Weinig.
      
      The Structure class keeps a table of transitions to derived Structure types. Since
      this table commonly contains a single entry we employ an optimization where instead
      of holding a map, we may hold a pointer directly to a single instance of the mapped
      type. We use an additional bit of data to flag whether the pointer is currently
      pointing to a table of transitions, or a singleton transition. Previously we had
      commonly used a pattern of storing data in the low bits of pointers, but had moved
      away from this since it causes false leaks to be reported by the leaks tool. However
      in this case, the entries in the map are weak links - this pointer will never be
      responsible for keeping an object alive.  As such we can use this approach provided
      that the bit is set when a table is not in use (otherwise the table would appear to
      be leaked).
      
      Additionally, the transition table currently allows two entries to exist for a given
      key - one specialized to a particular value, and one not specialized. This is
      unnecessary, wasteful, and a little inconsistent. (If you create an entry for a
      specialized value, then a non-specialized entry, both will exist.  If you create an
      entry for a non-specialized value, then try to create a specialized entry, only a
      non-specialized form will be allowed.)
      
      This shows a small progression on v8.
      
      * JavaScriptCore.exp:
      * runtime/JSObject.h:
      (JSC::JSObject::putDirectInternal):
      * runtime/Structure.cpp:
      (JSC::StructureTransitionTable::contains):
      (JSC::StructureTransitionTable::get):
      (JSC::StructureTransitionTable::remove):
      (JSC::StructureTransitionTable::add):
      (JSC::Structure::dumpStatistics):
      (JSC::Structure::Structure):
      (JSC::Structure::~Structure):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC::Structure::get):
      * runtime/StructureTransitionTable.h:
      (JSC::StructureTransitionTable::Hash::hash):
      (JSC::StructureTransitionTable::Hash::equal):
      (JSC::StructureTransitionTable::HashTraits::emptyValue):
      (JSC::StructureTransitionTable::HashTraits::constructDeletedValue):
      (JSC::StructureTransitionTable::HashTraits::isDeletedValue):
      (JSC::StructureTransitionTable::StructureTransitionTable):
      (JSC::StructureTransitionTable::~StructureTransitionTable):
      (JSC::StructureTransitionTable::isUsingSingleSlot):
      (JSC::StructureTransitionTable::map):
      (JSC::StructureTransitionTable::setMap):
      (JSC::StructureTransitionTable::singleTransition):
      (JSC::StructureTransitionTable::setSingleTransition):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79355 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      07be2aab
  20. 19 Feb, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 54786 - Devirtualize JSCell::classInfo() · a5540da1
      barraclough@apple.com authored
      Reviewed by Sam Weinig.
      
      Instead of making a virtual function call, add a pointer to the ClassInfo
      onto Structure.
      
      This removes a virtual function call, and paves the way towards removing all
      the createStructure methods, and StructureFlags/AnonymousSlotCount properties
      (these should be able to move onto ClassInfo).
      
      Calls to Structure::create must now pass a pointer to the ClassInfo for the
      structure. All objects now have a ClassInfo pointer, non-object cell types
      still do not.
      
      Changes are most mechanical, involving three steps:
          * Remove virtual classInfo() methods.
          * Add &s_info parameter to calls to Structure::create.
          * Rename ClassInfo static members on classes from 'info' to 's_info',
            for consistency.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackConstructor.cpp:
      * API/JSCallbackConstructor.h:
      * API/JSCallbackFunction.cpp:
      * API/JSCallbackFunction.h:
      * API/JSCallbackObject.cpp:
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      * API/JSObjectRef.cpp:
      * API/JSValueRef.cpp:
      * API/JSWeakObjectMapRefPrivate.cpp:
      * JavaScriptCore.exp:
      * debugger/Debugger.cpp:
      * debugger/DebuggerActivation.h:
      * debugger/DebuggerCallFrame.cpp:
      * interpreter/Interpreter.cpp:
      * jit/JITCall32_64.cpp:
      * jit/JITOpcodes.cpp:
      * jit/JITStubs.cpp:
      * profiler/Profiler.cpp:
      * runtime/Arguments.cpp:
      * runtime/Arguments.h:
      * runtime/ArrayConstructor.cpp:
      * runtime/ArrayPrototype.cpp:
      * runtime/ArrayPrototype.h:
      * runtime/BooleanObject.cpp:
      * runtime/BooleanObject.h:
      * runtime/BooleanPrototype.cpp:
      * runtime/DateConstructor.cpp:
      * runtime/DateInstance.cpp:
      * runtime/DateInstance.h:
      * runtime/DatePrototype.cpp:
      * runtime/DatePrototype.h:
      * runtime/ErrorInstance.cpp:
      * runtime/ErrorInstance.h:
      * runtime/ErrorPrototype.cpp:
      * runtime/FunctionPrototype.cpp:
      * runtime/FunctionPrototype.h:
      * runtime/GetterSetter.h:
      * runtime/GlobalEvalFunction.h:
      * runtime/InternalFunction.cpp:
      * runtime/InternalFunction.h:
      * runtime/JSAPIValueWrapper.h:
      * runtime/JSActivation.cpp:
      * runtime/JSActivation.h:
      * runtime/JSArray.cpp:
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      * runtime/JSByteArray.h:
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      * runtime/JSFunction.h:
      * runtime/JSGlobalData.cpp:
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h:
      * runtime/JSNotAnObject.h:
      * runtime/JSONObject.cpp:
      * runtime/JSONObject.h:
      * runtime/JSObject.cpp:
      * runtime/JSObject.h:
      * runtime/JSObjectWithGlobalObject.h:
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSStaticScopeObject.h:
      * runtime/JSString.h:
      * runtime/JSVariableObject.h:
      * runtime/JSWrapperObject.h:
      * runtime/JSZombie.cpp:
      * runtime/JSZombie.h:
      * runtime/Lookup.cpp:
      * runtime/MathObject.cpp:
      * runtime/MathObject.h:
      * runtime/NativeErrorConstructor.cpp:
      * runtime/NativeErrorConstructor.h:
      * runtime/NumberConstructor.cpp:
      * runtime/NumberConstructor.h:
      * runtime/NumberObject.cpp:
      * runtime/NumberObject.h:
      * runtime/NumberPrototype.cpp:
      * runtime/ObjectConstructor.cpp:
      * runtime/ObjectPrototype.cpp:
      * runtime/RegExpConstructor.cpp:
      * runtime/RegExpConstructor.h:
      * runtime/RegExpObject.cpp:
      * runtime/RegExpObject.h:
      * runtime/RegExpPrototype.cpp:
      * runtime/ScopeChain.cpp:
      * runtime/StringConstructor.cpp:
      * runtime/StringObject.cpp:
      * runtime/StringObject.h:
      * runtime/StringObjectThatMasqueradesAsUndefined.h:
      * runtime/StringPrototype.cpp:
      * runtime/StringPrototype.h:
      * runtime/Structure.cpp:
      * runtime/Structure.h:
      
      Source/JavaScriptGlue: 
      
      * JSUtils.cpp:
      (KJSValueToJSObject):
      (KJSValueToCFTypeInternal):
      * UserObjectImp.cpp:
      * UserObjectImp.h:
      (UserObjectImp::createStructure):
      
      Source/WebCore: 
      
      * WebCore.exp.in:
      * bindings/js/JSAudioConstructor.cpp:
      * bindings/js/JSAudioConstructor.h:
      * bindings/js/JSDOMBinding.cpp:
      * bindings/js/JSDOMBinding.h:
      * bindings/js/JSDOMGlobalObject.cpp:
      * bindings/js/JSDOMGlobalObject.h:
      * bindings/js/JSDOMWindowBase.cpp:
      * bindings/js/JSDOMWindowBase.h:
      * bindings/js/JSDOMWindowShell.cpp:
      * bindings/js/JSDOMWindowShell.h:
      * bindings/js/JSGeolocationCustom.cpp:
      * bindings/js/JSImageConstructor.cpp:
      * bindings/js/JSImageConstructor.h:
      * bindings/js/JSImageDataCustom.cpp:
      * bindings/js/JSOptionConstructor.cpp:
      * bindings/js/JSOptionConstructor.h:
      * bindings/js/JSWorkerContextBase.cpp:
      * bindings/js/JSWorkerContextBase.h:
      * bindings/js/SerializedScriptValue.cpp:
      * bindings/scripts/CodeGeneratorJS.pm:
      * bridge/c/CRuntimeObject.cpp:
      * bridge/c/CRuntimeObject.h:
      * bridge/c/c_instance.cpp:
      * bridge/jni/jsc/JNIUtilityPrivate.cpp:
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      * bridge/jni/jsc/JavaRuntimeObject.cpp:
      * bridge/jni/jsc/JavaRuntimeObject.h:
      * bridge/jsc/BridgeJSC.cpp:
      * bridge/objc/ObjCRuntimeObject.h:
      * bridge/objc/ObjCRuntimeObject.mm:
      * bridge/objc/objc_instance.mm:
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      * bridge/runtime_array.cpp:
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp:
      * bridge/runtime_method.h:
      * bridge/runtime_object.cpp:
      * bridge/runtime_object.h:
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::ProxyRuntimeMethod):
      (WebKit::ProxyRuntimeMethod::createStructure):
      * Plugins/Hosted/ProxyRuntimeObject.h:
      (WebKit::ProxyRuntimeObject::createStructure):
      * Plugins/Hosted/ProxyRuntimeObject.mm:
      (WebKit::ProxyRuntimeObject::ProxyRuntimeObject):
      * WebView/WebView.mm:
      (aeDescFromJSValue):
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::JSNPMethod):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::createStructure):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::JSNPObject):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (WebKit::JSNPObject::createStructure):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79132 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a5540da1
  21. 16 Feb, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 54524 - Allow JSObject to fully utilize cell's capacity for inline storage. · 77da1086
      barraclough@apple.com authored
      Reviewed by Geoff Garen.
      
      Currently JSObject is both directly instantiated for regular JS objects, and
      derived to implement subtypes. A consequence of this is that we need to ensure
      that sufficient space from the cell is left unused and available for any data
      members that will be introduced by subclasses of JSObject. By restructuring
      the internal storage array out of JSObject we can increase the size in the
      internal storage for regular objects.
      
      Add classes JSFinalObject and JSNonFinalObject. JSNonFinalObject retains as
      much additional capacity as is currently available to allow for data members
      in subclasses. JSFinalObject utilizes all available space for internal storage,
      and only allows construction through JSFinalObject::create().
      
      Source/JavaScriptCore: 
      
      The additional storage made available in the JSObject means that we need no
      longer rely on a union of the internal storage with a pointer to storage that
      is only valid for external storage. This means we can go back to always having
      a valid pointer to property storage, regardless of whether this is internal or
      external. This simplifies some cases of access to the array from C code, and
      significantly simplifies JIT access, since repatching no longer needs to be
      able to change between a load of the storage pointer / a LEA of the internal
      storage.
      
      * API/JSObjectRef.cpp:
      (JSObjectMake):
      * assembler/ARMAssembler.h:
      * assembler/ARMv7Assembler.h:
      * assembler/AbstractMacroAssembler.h:
      (JSC::AbstractMacroAssembler::repatchPointer):
      * assembler/MIPSAssembler.h:
      * assembler/MacroAssemblerARM.h:
      * assembler/MacroAssemblerARMv7.h:
      * assembler/MacroAssemblerMIPS.h:
      * assembler/MacroAssemblerX86.h:
      * assembler/MacroAssemblerX86_64.h:
      * assembler/RepatchBuffer.h:
      * assembler/X86Assembler.h:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::DebuggerActivation):
      * debugger/DebuggerActivation.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JIT.h:
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_get_by_pname):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::emit_op_get_by_pname):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/Arguments.h:
      (JSC::Arguments::Arguments):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      * runtime/ErrorInstance.h:
      * runtime/ExceptionHelpers.cpp:
      (JSC::InterruptedExecutionError::InterruptedExecutionError):
      (JSC::TerminatedExecutionError::TerminatedExecutionError):
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::JSByteArray):
      * runtime/JSByteArray.h:
      (JSC::JSByteArray::JSByteArray):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertySlot):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC::constructEmptyObject):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::JSNotAnObject):
      * runtime/JSObject.cpp:
      (JSC::JSObject::createInheritorID):
      (JSC::JSObject::allocatePropertyStorage):
      * runtime/JSObject.h:
      (JSC::JSObject::propertyStorage):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSFinalObject::create):
      (JSC::JSFinalObject::createStructure):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSObject::offsetOfInlineStorage):
      (JSC::constructEmptyObject):
      (JSC::createEmptyObjectStructure):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::~JSObject):
      (JSC::Structure::isUsingInlineStorage):
      * runtime/JSObjectWithGlobalObject.cpp:
      (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
      * runtime/JSObjectWithGlobalObject.h:
      (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
      * runtime/JSTypeInfo.h:
      (JSC::TypeInfo::TypeInfo):
      (JSC::TypeInfo::isVanilla):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/JSWrapperObject.h:
      (JSC::JSWrapperObject::JSWrapperObject):
      * runtime/ObjectConstructor.cpp:
      (JSC::constructObject):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      * runtime/ObjectPrototype.h:
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::StrictEvalActivation):
      * runtime/StrictEvalActivation.h:
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::growPropertyStorageCapacity):
      
      Source/JavaScriptGlue: 
      
      * UserObjectImp.cpp:
      * UserObjectImp.h:
          Update JSObject -> JSNonFinalObject.
      
      Source/WebCore: 
      
      * bindings/js/JSDOMWindowShell.h:
          Update JSObject -> JSNonFinalObject.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78732 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      77da1086
  22. 15 Feb, 2011 1 commit
    • oliver@apple.com's avatar
      2011-02-14 Oliver Hunt <oliver@apple.com> · 8d85705e
      oliver@apple.com authored
              Reviewed by Gavin Barraclough and Geoff Garen.
      
              Refactor handles and weak pointers to become nicer and more automatic
              https://bugs.webkit.org/show_bug.cgi?id=54415
      
              Move to a true handle based mechanism for GC value protection.  This
              also allows us to switch to a more sensible behaviour for weak pointers
              in which weak pointers are automatically updated.
      
              This allows us to remove the old (and convoluted) that required all
              objects that may be held by a weak reference to be aware of the reference
              and manually clear them in their destructors.
      
              This also adds a few new data types to JSC that we use to efficiently
              allocate and return the underlying handle storage.
      
              This patch is largely renaming and removing now unnecessary destructors
              from objects.
      
              * API/JSClassRef.cpp:
              (OpaqueJSClass::create):
              (OpaqueJSClassContextData::OpaqueJSClassContextData):
              (OpaqueJSClass::contextData):
              (OpaqueJSClass::prototype):
              * API/JSClassRef.h:
              * CMakeLists.txt:
              * GNUmakefile.am:
              * JavaScriptCore.exp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.pro:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
              * JavaScriptCore.vcproj/WTF/WTF.vcproj:
              * JavaScriptCore.vcproj/jsc/jscCommon.vsprops:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * collector/handles/Global.h: Added.
                  New Global handle type used to keep gc objects live, even if they're not
                  marked.
              (JSC::Global::Global):
              (JSC::Global::~Global):
              (JSC::Global::set):
                  We can only assign directly to a global from another global.
                  In all other cases we need the JSGlobalData to be provided
                  explicitly so we use a set function.
              (JSC::Global::operator=):
              (JSC::Global::clear):
              (JSC::Global::isHashTableDeletedValue):
              (JSC::Global::internalSet):
              * collector/handles/Handle.h: Added.
                  Root "Handle" type used for immutable handles and to provide the basic
                  APIs needed for pointer-like behaviour.
              (JSC::HandleBase::operator!):
              (JSC::HandleBase::operator UnspecifiedBoolType*):
              (JSC::HandleBase::isEmpty):
              (JSC::HandleBase::HandleBase):
              (JSC::HandleBase::slot):
              (JSC::HandleBase::invalidate):
              (JSC::HandleBase::setSlot):
              (JSC::HandleTypes::getFromSlot):
              (JSC::HandleTypes::toJSValue):
              (JSC::HandleTypes::validateUpcast):
              (JSC::HandleConverter::operator->):
              (JSC::HandleConverter::operator*):
              (JSC::Handle::Handle):
              (JSC::Handle::get):
              (JSC::Handle::wrapSlot):
              (JSC::operator==):
              (JSC::operator!=):
              * collector/handles/HandleHeap.cpp: Added.
                  New heap for global handles.
              (JSC::HandleHeap::HandleHeap):
              (JSC::HandleHeap::grow):
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::updateAfterMark):
              (JSC::HandleHeap::clearWeakPointers):
              (JSC::HandleHeap::writeBarrier):
              * collector/handles/HandleHeap.h: Added.
              (JSC::HandleHeap::heapFor):
              (JSC::HandleHeap::toHandle):
              (JSC::HandleHeap::toNode):
              (JSC::HandleHeap::allocate):
              (JSC::HandleHeap::deallocate):
              (JSC::HandleHeap::makeWeak):
                  Convert a hard handle into weak handle that does not
                  protect the object it points to.
              (JSC::HandleHeap::makeSelfDestroying):
                  Converts a handle to a weak handle that will be returned
                  to the free list when the referenced object dies.
              (JSC::HandleHeap::Node::Node):
              (JSC::HandleHeap::Node::slot):
              (JSC::HandleHeap::Node::handleHeap):
              (JSC::HandleHeap::Node::setFinalizer):
              (JSC::HandleHeap::Node::makeWeak):
              (JSC::HandleHeap::Node::isWeak):
              (JSC::HandleHeap::Node::makeSelfDestroying):
              (JSC::HandleHeap::Node::isSelfDestroying):
              (JSC::HandleHeap::Node::finalizer):
              (JSC::HandleHeap::Node::setPrev):
              (JSC::HandleHeap::Node::prev):
              (JSC::HandleHeap::Node::setNext):
              (JSC::HandleHeap::Node::next):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::Interpreter):
              * interpreter/Interpreter.h:
              * interpreter/RegisterFile.cpp:
              (JSC::RegisterFile::globalObjectCollected):
              * interpreter/RegisterFile.h:
              (JSC::RegisterFile::RegisterFile):
              * runtime/GCHandle.cpp: Removed.
              * runtime/GCHandle.h: Removed.
              * runtime/Heap.cpp:
              (JSC::Heap::Heap):
              (JSC::Heap::destroy):
              (JSC::Heap::markRoots):
              * runtime/Heap.h:
              (JSC::Heap::allocateGlobalHandle):
              (JSC::Heap::reportExtraMemoryCost):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              * runtime/JSGlobalData.h:
              (JSC::JSGlobalData::allocateGlobalHandle):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::~JSGlobalObject):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::create):
              (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              (JSC::Structure::setEnumerationCache):
              (JSC::Structure::clearEnumerationCache):
              * runtime/Protect.h:
              * runtime/Structure.cpp:
              (JSC::Structure::~Structure):
              * runtime/Structure.h:
              * runtime/WeakGCPtr.h:
              (JSC::WeakGCPtrBase::get):
              (JSC::WeakGCPtrBase::clear):
              (JSC::WeakGCPtrBase::operator!):
              (JSC::WeakGCPtrBase::operator UnspecifiedBoolType*):
              (JSC::WeakGCPtrBase::~WeakGCPtrBase):
              (JSC::WeakGCPtrBase::WeakGCPtrBase):
              (JSC::WeakGCPtrBase::internalSet):
              (JSC::LazyWeakGCPtr::LazyWeakGCPtr):
              (JSC::LazyWeakGCPtr::set):
              (JSC::WeakGCPtr::WeakGCPtr):
              (JSC::WeakGCPtr::operator=):
              * runtime/WriteBarrier.h:
              * wtf/BlockStack.h: Added.
              (WTF::::BlockStack):
              (WTF::::~BlockStack):
              (WTF::::blocks):
              (WTF::::grow):
              (WTF::::shrink):
              * wtf/SentinelLinkedList.h: Added.
              (WTF::::SentinelLinkedList):
              (WTF::::begin):
              (WTF::::end):
              (WTF::::push):
              (WTF::::remove):
              * wtf/SinglyLinkedList.h: Added.
              (WTF::::SinglyLinkedList):
              (WTF::::isEmpty):
              (WTF::::push):
              (WTF::::pop):
      2011-02-14  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough and Geoff Garen.
      
              Refactor handles and weak pointers to become nicer and more automatic
              https://bugs.webkit.org/show_bug.cgi?id=54415
      
              Update to use new Global<> type
      
              * JSRun.cpp:
              (JSRun::JSRun):
              (JSRun::GlobalObject):
              * JSRun.h:
              * JSValueWrapper.cpp:
              (JSValueWrapper::JSValueWrapper):
              * JSValueWrapper.h:
      2011-02-14  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough and Geoff Garen.
      
              Refactor handles and weak pointers to become nicer and more automatic
              https://bugs.webkit.org/show_bug.cgi?id=54415
      
              Update WebCore to use the new Global<> type rather than ProtectedJSValue
              and gc[Un]Protect.  Also update to use new WeakGCPtr APIs, and remove now
              unnecessary destructors.
      
              * ForwardingHeaders/collector/handles/Global.h: Added.
              * WebCore.vcproj/WebCore.vcproj:
              * WebCore.vcproj/copyForwardingHeaders.cmd:
              * bindings/js/JSCallbackData.h:
              (WebCore::JSCallbackData::JSCallbackData):
              * bindings/js/JSCustomVoidCallback.h:
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::forgetDOMNode):
              (WebCore::cacheDOMNodeWrapper):
              * bindings/js/JSDOMWindowBase.h:
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDataGridDataSource.h:
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::setWrapper):
              * bindings/js/JSLazyEventListener.cpp:
              (WebCore::JSLazyEventListener::initializeJSFunction):
              * bindings/js/ScheduledAction.cpp:
              (WebCore::ScheduledAction::ScheduledAction):
              (WebCore::ScheduledAction::executeFunctionInContext):
              * bindings/js/ScheduledAction.h:
              (WebCore::ScheduledAction::ScheduledAction):
              * bindings/js/ScriptCachedFrameData.cpp:
              (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
              (WebCore::ScriptCachedFrameData::restore):
              * bindings/js/ScriptCachedFrameData.h:
              * bindings/js/ScriptCallStackFactory.cpp:
              (WebCore::createScriptArguments):
              * bindings/js/ScriptController.cpp:
              (WebCore::ScriptController::createWindowShell):
              (WebCore::ScriptController::evaluateInWorld):
              (WebCore::ScriptController::clearWindowShell):
              (WebCore::ScriptController::attachDebugger):
              * bindings/js/ScriptController.h:
              * bindings/js/ScriptFunctionCall.cpp:
              (WebCore::ScriptFunctionCall::call):
              (WebCore::ScriptCallback::call):
              * bindings/js/ScriptObject.cpp:
              (WebCore::ScriptObject::ScriptObject):
              * bindings/js/ScriptObject.h:
              * bindings/js/ScriptState.cpp:
              (WebCore::ScriptStateProtectedPtr::ScriptStateProtectedPtr):
              (WebCore::ScriptStateProtectedPtr::get):
              * bindings/js/ScriptState.h:
              * bindings/js/ScriptValue.cpp:
              (WebCore::ScriptValue::isFunction):
              (WebCore::ScriptValue::deserialize):
              * bindings/js/ScriptValue.h:
              (WebCore::ScriptValue::ScriptValue):
              (WebCore::ScriptValue::hasNoValue):
              * bindings/js/ScriptWrappable.h:
              (WebCore::ScriptWrappable::ScriptWrappable):
              (WebCore::ScriptWrappable::setWrapper):
              * bindings/js/WorkerScriptController.cpp:
              (WebCore::WorkerScriptController::WorkerScriptController):
              (WebCore::WorkerScriptController::~WorkerScriptController):
              (WebCore::WorkerScriptController::initScript):
              (WebCore::WorkerScriptController::evaluate):
              * bindings/js/WorkerScriptController.h:
              (WebCore::WorkerScriptController::workerContextWrapper):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/NP_jsobject.cpp:
              (_NPN_InvokeDefault):
              (_NPN_Invoke):
              (_NPN_Evaluate):
              (_NPN_Construct):
              * bridge/jsc/BridgeJSC.cpp:
              (JSC::Bindings::Instance::Instance):
              (JSC::Bindings::Instance::~Instance):
              (JSC::Bindings::Instance::willDestroyRuntimeObject):
              (JSC::Bindings::Instance::willInvalidateRuntimeObject):
              * bridge/jsc/BridgeJSC.h:
              * bridge/runtime_object.cpp:
              (JSC::Bindings::RuntimeObject::invalidate):
              * bridge/runtime_root.cpp:
              (JSC::Bindings::RootObject::RootObject):
              (JSC::Bindings::RootObject::invalidate):
              (JSC::Bindings::RootObject::globalObject):
              (JSC::Bindings::RootObject::updateGlobalObject):
              * bridge/runtime_root.h:
              * dom/EventListener.h:
              * dom/EventTarget.h:
              (WebCore::EventTarget::markJSEventListeners):
              * xml/XMLHttpRequest.cpp:
      
              Qt bindings courtesy of Csaba Osztrogonác
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeConnectionMethod::call):
              (JSC::Bindings::QtConnectionObject::QtConnectionObject):
              (JSC::Bindings::QtConnectionObject::execute):
              (JSC::Bindings::QtConnectionObject::match):
              * bridge/qt/qt_runtime.h:
      2011-02-14  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough and Geoff Garen.
      
              Refactor handles and weak pointers to become nicer and more automatic
              https://bugs.webkit.org/show_bug.cgi?id=54415
      
              Update to use Global<> instead of ProtectedPtr, and refactored slightly
              to get global data to places it's needed for when we're assigning to
              Global<>s
      
              * ForwardingHeaders/collector/handles/Global.h: Added.
              * Plugins/Hosted/NetscapePluginInstanceProxy.h:
              * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
              (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::get):
              (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::idForObject):
              (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::forget):
              (WebKit::NetscapePluginInstanceProxy::getWindowNPObject):
              (WebKit::NetscapePluginInstanceProxy::getPluginElementNPObject):
              (WebKit::NetscapePluginInstanceProxy::evaluate):
              (WebKit::NetscapePluginInstanceProxy::invoke):
              (WebKit::NetscapePluginInstanceProxy::invokeDefault):
              (WebKit::NetscapePluginInstanceProxy::construct):
              (WebKit::NetscapePluginInstanceProxy::addValueToArray):
              * WebView/WebScriptDebugger.h:
              * WebView/WebScriptDebugger.mm:
              (WebScriptDebugger::WebScriptDebugger):
      2011-02-14  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough and Geoff Garen.
      
              Refactor handles and weak pointers to become nicer and more automatic
              https://bugs.webkit.org/show_bug.cgi?id=54415
      
              Update code to new Global<> API, and refactor to get global data to
              necessary points.
      
              * WebProcess/Plugins/Netscape/NPJSObject.cpp:
              (WebKit::NPJSObject::create):
              (WebKit::NPJSObject::NPJSObject):
              (WebKit::NPJSObject::initialize):
              (WebKit::NPJSObject::invokeDefault):
              (WebKit::NPJSObject::construct):
              (WebKit::NPJSObject::invoke):
              * WebProcess/Plugins/Netscape/NPJSObject.h:
              * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
              (WebKit::NPRuntimeObjectMap::getOrCreateNPObject):
              (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
              (WebKit::NPRuntimeObjectMap::evaluate):
              * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.h:
              * WebProcess/Plugins/PluginView.cpp:
              (WebKit::PluginView::windowScriptNPObject):
              (WebKit::PluginView::pluginElementNPObject):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78634 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8d85705e
  23. 31 Jan, 2011 1 commit
  24. 30 Jan, 2011 2 commits
    • ossy@webkit.org's avatar
      2011-01-30 Csaba Osztrogonác <ossy@webkit.org> · ad0e9df1
      ossy@webkit.org authored
              Unreviewed, rolling out r77098, r77099, r77100, r77109, and
              r77111.
              http://trac.webkit.org/changeset/77098
              http://trac.webkit.org/changeset/77099
              http://trac.webkit.org/changeset/77100
              http://trac.webkit.org/changeset/77109
              http://trac.webkit.org/changeset/77111
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Qt build is broken
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::setPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
              (JSC::JSCallbackObject::setPrivateProperty):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::put):
              (JSC::::staticFunctionGetter):
              * API/JSObjectRef.cpp:
              (JSObjectMakeConstructor):
              (JSObjectSetPrivateProperty):
              * API/JSWeakObjectMapRefInternal.h:
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::markAggregate):
              * bytecode/CodeBlock.h:
              (JSC::CodeBlock::globalObject):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::BytecodeGenerator):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
              (JSC::BytecodeGenerator::findScopedProperty):
              * debugger/Debugger.cpp:
              (JSC::evaluateInGlobalCallFrame):
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              (JSC::DebuggerActivation::markChildren):
              * debugger/DebuggerActivation.h:
              * debugger/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::evaluate):
              * interpreter/CallFrame.h:
              (JSC::ExecState::exception):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::resolve):
              (JSC::Interpreter::resolveSkip):
              (JSC::Interpreter::resolveGlobal):
              (JSC::Interpreter::resolveGlobalDynamic):
              (JSC::Interpreter::resolveBaseAndProperty):
              (JSC::Interpreter::unwindCallFrame):
              (JSC::appendSourceToError):
              (JSC::Interpreter::execute):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              * jsc.cpp:
              (GlobalObject::GlobalObject):
              * runtime/ArgList.cpp:
              (JSC::MarkedArgumentBuffer::markLists):
              * runtime/Arguments.cpp:
              (JSC::Arguments::markChildren):
              (JSC::Arguments::getOwnPropertySlot):
              (JSC::Arguments::getOwnPropertyDescriptor):
              (JSC::Arguments::put):
              * runtime/Arguments.h:
              (JSC::Arguments::setActivation):
              (JSC::Arguments::Arguments):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * runtime/ArrayPrototype.cpp:
              (JSC::arrayProtoFuncSplice):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
              * runtime/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              (JSC::constructBoolean):
              (JSC::constructBooleanFromImmediateBoolean):
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/ConservativeSet.cpp:
              (JSC::ConservativeSet::grow):
              * runtime/ConservativeSet.h:
              (JSC::ConservativeSet::~ConservativeSet):
              (JSC::ConservativeSet::mark):
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * runtime/DatePrototype.cpp:
              (JSC::dateProtoFuncSetTime):
              (JSC::setNewValueFromTimeArgs):
              (JSC::setNewValueFromDateArgs):
              (JSC::dateProtoFuncSetYear):
              * runtime/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * runtime/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * runtime/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::markChildren):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::GetterSetter):
              (JSC::GetterSetter::getter):
              (JSC::GetterSetter::setGetter):
              (JSC::GetterSetter::setter):
              (JSC::GetterSetter::setSetter):
              * runtime/GlobalEvalFunction.cpp:
              (JSC::GlobalEvalFunction::GlobalEvalFunction):
              (JSC::GlobalEvalFunction::markChildren):
              * runtime/GlobalEvalFunction.h:
              (JSC::GlobalEvalFunction::cachedGlobalObject):
              * runtime/Heap.cpp:
              (JSC::Heap::markProtectedObjects):
              (JSC::Heap::markTempSortVectors):
              (JSC::Heap::markRoots):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::value):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::markChildren):
              (JSC::JSActivation::put):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              (JSC::JSArray::getOwnPropertySlot):
              (JSC::JSArray::getOwnPropertyDescriptor):
              (JSC::JSArray::put):
              (JSC::JSArray::putSlowCase):
              (JSC::JSArray::deleteProperty):
              (JSC::JSArray::increaseVectorLength):
              (JSC::JSArray::setLength):
              (JSC::JSArray::pop):
              (JSC::JSArray::push):
              (JSC::JSArray::unshiftCount):
              (JSC::JSArray::sort):
              (JSC::JSArray::fillArgList):
              (JSC::JSArray::copyToRegisters):
              (JSC::JSArray::compactForSorting):
              * runtime/JSArray.h:
              (JSC::JSArray::getIndex):
              (JSC::JSArray::setIndex):
              (JSC::JSArray::uncheckedSetIndex):
              (JSC::JSArray::markChildrenDirect):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.h:
              (JSC::JSCell::JSValue::toThisObject):
              (JSC::JSCell::MarkStack::append):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              (JSC::JSFunction::getOwnPropertySlot):
              * runtime/JSGlobalData.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::markIfNeeded):
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::resetPrototype):
              (JSC::JSGlobalObject::markChildren):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
              (JSC::JSGlobalObject::regExpConstructor):
              (JSC::JSGlobalObject::errorConstructor):
              (JSC::JSGlobalObject::evalErrorConstructor):
              (JSC::JSGlobalObject::rangeErrorConstructor):
              (JSC::JSGlobalObject::referenceErrorConstructor):
              (JSC::JSGlobalObject::syntaxErrorConstructor):
              (JSC::JSGlobalObject::typeErrorConstructor):
              (JSC::JSGlobalObject::URIErrorConstructor):
              (JSC::JSGlobalObject::evalFunction):
              (JSC::JSGlobalObject::objectPrototype):
              (JSC::JSGlobalObject::functionPrototype):
              (JSC::JSGlobalObject::arrayPrototype):
              (JSC::JSGlobalObject::booleanPrototype):
              (JSC::JSGlobalObject::stringPrototype):
              (JSC::JSGlobalObject::numberPrototype):
              (JSC::JSGlobalObject::datePrototype):
              (JSC::JSGlobalObject::regExpPrototype):
              (JSC::JSGlobalObject::methodCallDummy):
              (JSC::Structure::prototypeForLookup):
              (JSC::constructArray):
              * runtime/JSONObject.cpp:
              (JSC::Stringifier::Holder::object):
              (JSC::Stringifier::markAggregate):
              (JSC::Stringifier::stringify):
              (JSC::Stringifier::Holder::appendNextProperty):
              (JSC::Walker::callReviver):
              (JSC::Walker::walk):
              * runtime/JSObject.cpp:
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::putDirectFunction):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              (JSC::putDescriptor):
              (JSC::JSObject::defineOwnProperty):
              * runtime/JSObject.h:
              (JSC::JSObject::getDirectOffset):
              (JSC::JSObject::putDirectOffset):
              (JSC::JSObject::flattenDictionaryObject):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::putDirect):
              (JSC::JSObject::putDirectFunction):
              (JSC::JSObject::putDirectWithoutTransition):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              (JSC::JSValue::putDirect):
              (JSC::JSObject::allocatePropertyStorageInline):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
              (JSC::JSPropertyNameIterator::get):
              * runtime/JSPropertyNameIterator.h:
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::markChildren):
              * runtime/JSString.cpp:
              (JSC::StringObject::create):
              * runtime/JSValue.h:
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::markChildren):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::internalValue):
              (JSC::JSWrapperObject::setInternalValue):
              * runtime/LiteralParser.cpp:
              (JSC::LiteralParser::parse):
              * runtime/Lookup.cpp:
              (JSC::setUpStaticFunctionSlot):
              * runtime/Lookup.h:
              (JSC::lookupPut):
              * runtime/MarkStack.h:
              (JSC::MarkStack::appendValues):
              * runtime/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              * runtime/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              (JSC::constructWithNumberConstructor):
              * runtime/NumberObject.cpp:
              (JSC::constructNumber):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              (JSC::objectConstructorGetOwnPropertyDescriptor):
              * runtime/Operations.h:
              (JSC::normalizePrototypeChain):
              (JSC::resolveBase):
              * runtime/PrototypeFunction.cpp:
              (JSC::PrototypeFunction::PrototypeFunction):
              * runtime/PutPropertySlot.h:
              (JSC::PutPropertySlot::setExistingProperty):
              (JSC::PutPropertySlot::setNewProperty):
              (JSC::PutPropertySlot::base):
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::print):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::~ScopeChainNode):
              (JSC::ScopeChainIterator::operator*):
              (JSC::ScopeChainIterator::operator->):
              (JSC::ScopeChain::top):
              * runtime/ScopeChainMark.h:
              (JSC::ScopeChain::markAggregate):
              * runtime/SmallStrings.cpp:
              (JSC::isMarked):
              (JSC::SmallStrings::markChildren):
              * runtime/SmallStrings.h:
              (JSC::SmallStrings::emptyString):
              (JSC::SmallStrings::singleCharacterString):
              (JSC::SmallStrings::singleCharacterStrings):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * runtime/StringObject.h:
              * runtime/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::flattenDictionaryStructure):
              * runtime/Structure.h:
              (JSC::Structure::storedPrototype):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::uncheckedGet):
              (JSC::WeakGCMap::isValid):
              (JSC::::get):
              (JSC::::take):
              (JSC::::set):
              (JSC::::uncheckedRemove):
              * runtime/WriteBarrier.h: Removed.
      2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
      
              Unreviewed, rolling out r77098, r77099, r77100, r77109, and
              r77111.
              http://trac.webkit.org/changeset/77098
              http://trac.webkit.org/changeset/77099
              http://trac.webkit.org/changeset/77100
              http://trac.webkit.org/changeset/77109
              http://trac.webkit.org/changeset/77111
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Qt build is broken
      
              * JSValueWrapper.cpp:
              (JSValueWrapper::JSObjectMark):
      2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
      
              Unreviewed, rolling out r77098, r77099, r77100, r77109, and
              r77111.
              http://trac.webkit.org/changeset/77098
              http://trac.webkit.org/changeset/77099
              http://trac.webkit.org/changeset/77100
              http://trac.webkit.org/changeset/77109
              http://trac.webkit.org/changeset/77111
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Qt build is broken
      
              * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
              * WebCore.exp.in:
              * bindings/js/DOMWrapperWorld.h:
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::JSAudioConstructor::JSAudioConstructor):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::markDOMNodesForDocument):
              (WebCore::markDOMObjectWrapper):
              (WebCore::markDOMNodeWrapper):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::markChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              (WebCore::JSDOMGlobalObject::injectedScript):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
              (WebCore::getDOMConstructor):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::setLocation):
              (WebCore::DialogHandler::dialogCreated):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              (WebCore::JSDOMWindowShell::markChildren):
              (WebCore::JSDOMWindowShell::unwrappedObject):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::window):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDeviceMotionEventCustom.cpp:
              (WebCore::createAccelerationObject):
              (WebCore::createRotationRateObject):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              (WebCore::JSEventListener::markJSFunction):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSHTMLDocumentCustom.cpp:
              (WebCore::JSHTMLDocument::setAll):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::JSImageConstructor::JSImageConstructor):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSJavaScriptCallFrameCustom.cpp:
              (WebCore::JSJavaScriptCallFrame::scopeChain):
              (WebCore::JSJavaScriptCallFrame::scopeType):
              * bindings/js/JSNodeFilterCondition.cpp:
              (WebCore::JSNodeFilterCondition::markAggregate):
              (WebCore::JSNodeFilterCondition::acceptNode):
              * bindings/js/JSNodeFilterCondition.h:
              * bindings/js/JSNodeFilterCustom.cpp:
              * bindings/js/JSOptionConstructor.cpp:
              (WebCore::JSOptionConstructor::JSOptionConstructor):
              * bindings/js/JSSQLResultSetRowListCustom.cpp:
              (WebCore::JSSQLResultSetRowList::item):
              * bindings/js/ScriptCachedFrameData.cpp:
              (WebCore::ScriptCachedFrameData::restore):
              * bindings/js/ScriptObject.cpp:
              (WebCore::ScriptGlobalObject::set):
              * bindings/js/SerializedScriptValue.cpp:
              (WebCore::CloneDeserializer::putProperty):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/qt/qt_instance.cpp:
              (JSC::Bindings::QtInstance::QtInstance):
              (JSC::Bindings::QtInstance::removeCachedMethod):
              (JSC::Bindings::QtInstance::markAggregate):
              * bridge/qt/qt_instance.h:
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
              (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
              (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
              (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
              * bridge/qt/qt_runtime.h:
              * bridge/runtime_root.cpp:
              (JSC::Bindings::RootObject::invalidate):
              * bridge/runtime_root.h:
              * dom/Document.h:
      2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
      
              Unreviewed, rolling out r77098, r77099, r77100, r77109, and
              r77111.
              http://trac.webkit.org/changeset/77098
              http://trac.webkit.org/changeset/77099
              http://trac.webkit.org/changeset/77100
              http://trac.webkit.org/changeset/77109
              http://trac.webkit.org/changeset/77111
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Qt build is broken
      
              * WebView/WebScriptDebugDelegate.mm:
              (-[WebScriptCallFrame scopeChain]):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77113 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ad0e9df1
    • oliver@apple.com's avatar
      Convert markstack to a slot visitor API · ba805bee
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=53219
      
      rolling r77006 and r77020 back in.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77098 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ba805bee
  25. 28 Jan, 2011 2 commits
    • rniwa@webkit.org's avatar
      2011-01-28 Sheriff Bot <webkit.review.bot@gmail.com> · 3857b1ea
      rniwa@webkit.org authored
              Unreviewed, rolling out r77006 and r77020.
              http://trac.webkit.org/changeset/77006
              http://trac.webkit.org/changeset/77020
              https://bugs.webkit.org/show_bug.cgi?id=53360
      
              "Broke Windows tests" (Requested by rniwa on #webkit).
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::setPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
              (JSC::JSCallbackObject::setPrivateProperty):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::put):
              (JSC::::staticFunctionGetter):
              * API/JSObjectRef.cpp:
              (JSObjectMakeConstructor):
              (JSObjectSetPrivateProperty):
              * API/JSWeakObjectMapRefInternal.h:
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::markAggregate):
              * bytecode/CodeBlock.h:
              (JSC::CodeBlock::globalObject):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::BytecodeGenerator):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
              (JSC::BytecodeGenerator::findScopedProperty):
              * debugger/Debugger.cpp:
              (JSC::evaluateInGlobalCallFrame):
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              (JSC::DebuggerActivation::markChildren):
              * debugger/DebuggerActivation.h:
              * debugger/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::evaluate):
              * interpreter/CallFrame.h:
              (JSC::ExecState::exception):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::resolve):
              (JSC::Interpreter::resolveSkip):
              (JSC::Interpreter::resolveGlobal):
              (JSC::Interpreter::resolveGlobalDynamic):
              (JSC::Interpreter::resolveBaseAndProperty):
              (JSC::Interpreter::unwindCallFrame):
              (JSC::appendSourceToError):
              (JSC::Interpreter::execute):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              * jsc.cpp:
              (GlobalObject::GlobalObject):
              * runtime/ArgList.cpp:
              (JSC::MarkedArgumentBuffer::markLists):
              * runtime/Arguments.cpp:
              (JSC::Arguments::markChildren):
              (JSC::Arguments::getOwnPropertySlot):
              (JSC::Arguments::getOwnPropertyDescriptor):
              (JSC::Arguments::put):
              * runtime/Arguments.h:
              (JSC::Arguments::setActivation):
              (JSC::Arguments::Arguments):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * runtime/ArrayPrototype.cpp:
              (JSC::arrayProtoFuncSplice):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
              * runtime/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              (JSC::constructBoolean):
              (JSC::constructBooleanFromImmediateBoolean):
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/ConservativeSet.cpp:
              (JSC::ConservativeSet::grow):
              * runtime/ConservativeSet.h:
              (JSC::ConservativeSet::~ConservativeSet):
              (JSC::ConservativeSet::mark):
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * runtime/DatePrototype.cpp:
              (JSC::dateProtoFuncSetTime):
              (JSC::setNewValueFromTimeArgs):
              (JSC::setNewValueFromDateArgs):
              (JSC::dateProtoFuncSetYear):
              * runtime/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * runtime/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * runtime/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::markChildren):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::GetterSetter):
              (JSC::GetterSetter::getter):
              (JSC::GetterSetter::setGetter):
              (JSC::GetterSetter::setter):
              (JSC::GetterSetter::setSetter):
              * runtime/GlobalEvalFunction.cpp:
              (JSC::GlobalEvalFunction::GlobalEvalFunction):
              (JSC::GlobalEvalFunction::markChildren):
              * runtime/GlobalEvalFunction.h:
              (JSC::GlobalEvalFunction::cachedGlobalObject):
              * runtime/Heap.cpp:
              (JSC::Heap::markProtectedObjects):
              (JSC::Heap::markTempSortVectors):
              (JSC::Heap::markRoots):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::value):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::markChildren):
              (JSC::JSActivation::put):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              (JSC::JSArray::getOwnPropertySlot):
              (JSC::JSArray::getOwnPropertyDescriptor):
              (JSC::JSArray::put):
              (JSC::JSArray::putSlowCase):
              (JSC::JSArray::deleteProperty):
              (JSC::JSArray::increaseVectorLength):
              (JSC::JSArray::setLength):
              (JSC::JSArray::pop):
              (JSC::JSArray::push):
              (JSC::JSArray::unshiftCount):
              (JSC::JSArray::sort):
              (JSC::JSArray::fillArgList):
              (JSC::JSArray::copyToRegisters):
              (JSC::JSArray::compactForSorting):
              * runtime/JSArray.h:
              (JSC::JSArray::getIndex):
              (JSC::JSArray::setIndex):
              (JSC::JSArray::uncheckedSetIndex):
              (JSC::JSArray::markChildrenDirect):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.h:
              (JSC::JSCell::JSValue::toThisObject):
              (JSC::JSCell::MarkStack::append):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              (JSC::JSFunction::getOwnPropertySlot):
              * runtime/JSGlobalData.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::markIfNeeded):
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::resetPrototype):
              (JSC::JSGlobalObject::markChildren):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
              (JSC::JSGlobalObject::regExpConstructor):
              (JSC::JSGlobalObject::errorConstructor):
              (JSC::JSGlobalObject::evalErrorConstructor):
              (JSC::JSGlobalObject::rangeErrorConstructor):
              (JSC::JSGlobalObject::referenceErrorConstructor):
              (JSC::JSGlobalObject::syntaxErrorConstructor):
              (JSC::JSGlobalObject::typeErrorConstructor):
              (JSC::JSGlobalObject::URIErrorConstructor):
              (JSC::JSGlobalObject::evalFunction):
              (JSC::JSGlobalObject::objectPrototype):
              (JSC::JSGlobalObject::functionPrototype):
              (JSC::JSGlobalObject::arrayPrototype):
              (JSC::JSGlobalObject::booleanPrototype):
              (JSC::JSGlobalObject::stringPrototype):
              (JSC::JSGlobalObject::numberPrototype):
              (JSC::JSGlobalObject::datePrototype):
              (JSC::JSGlobalObject::regExpPrototype):
              (JSC::JSGlobalObject::methodCallDummy):
              (JSC::Structure::prototypeForLookup):
              (JSC::constructArray):
              * runtime/JSONObject.cpp:
              (JSC::Stringifier::Holder::object):
              (JSC::Stringifier::markAggregate):
              (JSC::Stringifier::stringify):
              (JSC::Stringifier::Holder::appendNextProperty):
              (JSC::Walker::callReviver):
              (JSC::Walker::walk):
              * runtime/JSObject.cpp:
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::putDirectFunction):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              (JSC::putDescriptor):
              (JSC::JSObject::defineOwnProperty):
              * runtime/JSObject.h:
              (JSC::JSObject::getDirectOffset):
              (JSC::JSObject::putDirectOffset):
              (JSC::JSObject::flattenDictionaryObject):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::putDirect):
              (JSC::JSObject::putDirectFunction):
              (JSC::JSObject::putDirectWithoutTransition):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              (JSC::JSValue::putDirect):
              (JSC::JSObject::allocatePropertyStorageInline):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
              (JSC::JSPropertyNameIterator::get):
              * runtime/JSPropertyNameIterator.h:
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::markChildren):
              * runtime/JSString.cpp:
              (JSC::StringObject::create):
              * runtime/JSValue.h:
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::markChildren):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::internalValue):
              (JSC::JSWrapperObject::setInternalValue):
              * runtime/LiteralParser.cpp:
              (JSC::LiteralParser::parse):
              * runtime/Lookup.cpp:
              (JSC::setUpStaticFunctionSlot):
              * runtime/Lookup.h:
              (JSC::lookupPut):
              * runtime/MarkStack.h:
              (JSC::MarkStack::appendValues):
              * runtime/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              * runtime/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              (JSC::constructWithNumberConstructor):
              * runtime/NumberObject.cpp:
              (JSC::constructNumber):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              (JSC::objectConstructorGetOwnPropertyDescriptor):
              * runtime/Operations.h:
              (JSC::normalizePrototypeChain):
              (JSC::resolveBase):
              * runtime/PrototypeFunction.cpp:
              (JSC::PrototypeFunction::PrototypeFunction):
              * runtime/PutPropertySlot.h:
              (JSC::PutPropertySlot::setExistingProperty):
              (JSC::PutPropertySlot::setNewProperty):
              (JSC::PutPropertySlot::base):
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::print):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::~ScopeChainNode):
              (JSC::ScopeChainIterator::operator*):
              (JSC::ScopeChainIterator::operator->):
              (JSC::ScopeChain::top):
              * runtime/ScopeChainMark.h:
              (JSC::ScopeChain::markAggregate):
              * runtime/SmallStrings.cpp:
              (JSC::isMarked):
              (JSC::SmallStrings::markChildren):
              * runtime/SmallStrings.h:
              (JSC::SmallStrings::emptyString):
              (JSC::SmallStrings::singleCharacterString):
              (JSC::SmallStrings::singleCharacterStrings):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * runtime/StringObject.h:
              * runtime/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::flattenDictionaryStructure):
              * runtime/Structure.h:
              (JSC::Structure::storedPrototype):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::uncheckedGet):
              (JSC::WeakGCMap::isValid):
              (JSC::::get):
              (JSC::::take):
              (JSC::::set):
              (JSC::::uncheckedRemove):
              * runtime/WriteBarrier.h: Removed.
      2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r77006 and r77020.
              http://trac.webkit.org/changeset/77006
              http://trac.webkit.org/changeset/77020
              https://bugs.webkit.org/show_bug.cgi?id=53360
      
              "Broke Windows tests" (Requested by rniwa on #webkit).
      
              * JSValueWrapper.cpp:
              (JSValueWrapper::JSObjectMark):
      2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r77006 and r77020.
              http://trac.webkit.org/changeset/77006
              http://trac.webkit.org/changeset/77020
              https://bugs.webkit.org/show_bug.cgi?id=53360
      
              "Broke Windows tests" (Requested by rniwa on #webkit).
      
              * WebView/WebScriptDebugDelegate.mm:
              (-[WebScriptCallFrame scopeChain]):
      2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r77006 and r77020.
              http://trac.webkit.org/changeset/77006
              http://trac.webkit.org/changeset/77020
              https://bugs.webkit.org/show_bug.cgi?id=53360
      
              "Broke Windows tests" (Requested by rniwa on #webkit).
      
              * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
              * WebCore.exp.in:
              * bindings/js/DOMWrapperWorld.h:
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::JSAudioConstructor::JSAudioConstructor):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::markDOMNodesForDocument):
              (WebCore::markDOMObjectWrapper):
              (WebCore::markDOMNodeWrapper):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::markChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              (WebCore::JSDOMGlobalObject::injectedScript):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
              (WebCore::getDOMConstructor):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::setLocation):
              (WebCore::DialogHandler::dialogCreated):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              (WebCore::JSDOMWindowShell::markChildren):
              (WebCore::JSDOMWindowShell::unwrappedObject):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::window):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDeviceMotionEventCustom.cpp:
              (WebCore::createAccelerationObject):
              (WebCore::createRotationRateObject):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              (WebCore::JSEventListener::markJSFunction):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSHTMLDocumentCustom.cpp:
              (WebCore::JSHTMLDocument::setAll):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::JSImageConstructor::JSImageConstructor):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSJavaScriptCallFrameCustom.cpp:
              (WebCore::JSJavaScriptCallFrame::scopeChain):
              (WebCore::JSJavaScriptCallFrame::scopeType):
              * bindings/js/JSNodeFilterCondition.cpp:
              (WebCore::JSNodeFilterCondition::markAggregate):
              (WebCore::JSNodeFilterCondition::acceptNode):
              * bindings/js/JSNodeFilterCondition.h:
              * bindings/js/JSNodeFilterCustom.cpp:
              * bindings/js/JSOptionConstructor.cpp:
              (WebCore::JSOptionConstructor::JSOptionConstructor):
              * bindings/js/JSSQLResultSetRowListCustom.cpp:
              (WebCore::JSSQLResultSetRowList::item):
              * bindings/js/ScriptCachedFrameData.cpp:
              (WebCore::ScriptCachedFrameData::restore):
              * bindings/js/ScriptObject.cpp:
              (WebCore::ScriptGlobalObject::set):
              * bindings/js/SerializedScriptValue.cpp:
              (WebCore::CloneDeserializer::putProperty):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
              (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
              (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
              (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
              * bridge/qt/qt_runtime.h:
              * bridge/runtime_root.cpp:
              (JSC::Bindings::RootObject::invalidate):
              * bridge/runtime_root.h:
              * dom/Document.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77044 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3857b1ea
    • oliver@apple.com's avatar
      2011-01-27 Oliver Hunt <oliver@apple.com> · c975423a
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Convert markstack to a slot visitor API
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Move the MarkStack over to a slot based marking API.
      
              In order to avoiding aliasing concerns there are two new types
              that need to be used when holding on to JSValues and JSCell that
              need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
              is expected to be used for any JSValue or Cell that's lifetime and
              marking is controlled by another GC object.  DeprecatedPtr is used
              for any value that we need to rework ownership for.
      
              The change over to this model has produced a large amount of
              code changes, but they are mostly mechanical (forwarding JSGlobalData,
              etc).
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::setPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
              (JSC::JSCallbackObject::setPrivateProperty):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::put):
              (JSC::::staticFunctionGetter):
              * API/JSObjectRef.cpp:
              (JSObjectMakeConstructor):
              (JSObjectSetPrivateProperty):
              * API/JSWeakObjectMapRefInternal.h:
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::markAggregate):
              * bytecode/CodeBlock.h:
              (JSC::CodeBlock::globalObject):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::BytecodeGenerator):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
              (JSC::BytecodeGenerator::findScopedProperty):
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              (JSC::DebuggerActivation::markChildren):
              * debugger/DebuggerActivation.h:
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::resolve):
              (JSC::Interpreter::resolveSkip):
              (JSC::Interpreter::resolveGlobalDynamic):
              (JSC::Interpreter::resolveBaseAndProperty):
              (JSC::Interpreter::unwindCallFrame):
              (JSC::appendSourceToError):
              (JSC::Interpreter::execute):
              (JSC::Interpreter::privateExecute):
              * interpreter/Register.h:
              (JSC::Register::jsValueSlot):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              * jsc.cpp:
              (GlobalObject::GlobalObject):
              * runtime/Arguments.cpp:
              (JSC::Arguments::markChildren):
              (JSC::Arguments::getOwnPropertySlot):
              (JSC::Arguments::getOwnPropertyDescriptor):
              (JSC::Arguments::put):
              * runtime/Arguments.h:
              (JSC::Arguments::setActivation):
              (JSC::Arguments::Arguments):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * runtime/ArrayPrototype.cpp:
              (JSC::arrayProtoFuncSplice):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
              * runtime/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              (JSC::constructBoolean):
              (JSC::constructBooleanFromImmediateBoolean):
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/ConservativeSet.h:
              (JSC::ConservativeSet::mark):
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * runtime/DatePrototype.cpp:
              (JSC::dateProtoFuncSetTime):
              (JSC::setNewValueFromTimeArgs):
              (JSC::setNewValueFromDateArgs):
              (JSC::dateProtoFuncSetYear):
              * runtime/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * runtime/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * runtime/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::markChildren):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::GetterSetter):
              (JSC::GetterSetter::getter):
              (JSC::GetterSetter::setGetter):
              (JSC::GetterSetter::setter):
              (JSC::GetterSetter::setSetter):
              * runtime/GlobalEvalFunction.cpp:
              (JSC::GlobalEvalFunction::GlobalEvalFunction):
              (JSC::GlobalEvalFunction::markChildren):
              * runtime/GlobalEvalFunction.h:
              (JSC::GlobalEvalFunction::cachedGlobalObject):
              * runtime/Heap.cpp:
              (JSC::Heap::markProtectedObjects):
              (JSC::Heap::markTempSortVectors):
              (JSC::Heap::markRoots):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::value):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::put):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              (JSC::JSArray::getOwnPropertySlot):
              (JSC::JSArray::getOwnPropertyDescriptor):
              (JSC::JSArray::put):
              (JSC::JSArray::putSlowCase):
              (JSC::JSArray::deleteProperty):
              (JSC::JSArray::increaseVectorLength):
              (JSC::JSArray::setLength):
              (JSC::JSArray::pop):
              (JSC::JSArray::push):
              (JSC::JSArray::unshiftCount):
              (JSC::JSArray::sort):
              (JSC::JSArray::fillArgList):
              (JSC::JSArray::copyToRegisters):
              (JSC::JSArray::compactForSorting):
              * runtime/JSArray.h:
              (JSC::JSArray::getIndex):
              (JSC::JSArray::setIndex):
              (JSC::JSArray::uncheckedSetIndex):
              (JSC::JSArray::markChildrenDirect):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.h:
              (JSC::JSCell::MarkStack::append):
              (JSC::JSCell::MarkStack::appendCell):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              (JSC::JSFunction::getOwnPropertySlot):
              * runtime/JSGlobalObject.cpp:
              (JSC::markIfNeeded):
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::resetPrototype):
              (JSC::JSGlobalObject::markChildren):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
              (JSC::JSGlobalObject::regExpConstructor):
              (JSC::JSGlobalObject::errorConstructor):
              (JSC::JSGlobalObject::evalErrorConstructor):
              (JSC::JSGlobalObject::rangeErrorConstructor):
              (JSC::JSGlobalObject::referenceErrorConstructor):
              (JSC::JSGlobalObject::syntaxErrorConstructor):
              (JSC::JSGlobalObject::typeErrorConstructor):
              (JSC::JSGlobalObject::URIErrorConstructor):
              (JSC::JSGlobalObject::evalFunction):
              (JSC::JSGlobalObject::objectPrototype):
              (JSC::JSGlobalObject::functionPrototype):
              (JSC::JSGlobalObject::arrayPrototype):
              (JSC::JSGlobalObject::booleanPrototype):
              (JSC::JSGlobalObject::stringPrototype):
              (JSC::JSGlobalObject::numberPrototype):
              (JSC::JSGlobalObject::datePrototype):
              (JSC::JSGlobalObject::regExpPrototype):
              (JSC::JSGlobalObject::methodCallDummy):
              (JSC::constructArray):
              * runtime/JSONObject.cpp:
              (JSC::Stringifier::Holder::object):
              (JSC::Stringifier::Holder::objectSlot):
              (JSC::Stringifier::markAggregate):
              (JSC::Stringifier::stringify):
              (JSC::Stringifier::Holder::appendNextProperty):
              (JSC::Walker::callReviver):
              (JSC::Walker::walk):
              * runtime/JSObject.cpp:
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::putDirectFunction):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              (JSC::putDescriptor):
              (JSC::JSObject::defineOwnProperty):
              * runtime/JSObject.h:
              (JSC::JSObject::putDirectOffset):
              (JSC::JSObject::putUndefinedAtDirectOffset):
              (JSC::JSObject::flattenDictionaryObject):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::putDirect):
              (JSC::JSObject::putDirectFunction):
              (JSC::JSObject::putDirectWithoutTransition):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              (JSC::JSValue::putDirect):
              (JSC::JSObject::allocatePropertyStorageInline):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::markChildren):
              * runtime/JSString.cpp:
              (JSC::StringObject::create):
              * runtime/JSValue.h:
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::markChildren):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::internalValue):
              (JSC::JSWrapperObject::setInternalValue):
              * runtime/LiteralParser.cpp:
              (JSC::LiteralParser::parse):
              * runtime/Lookup.cpp:
              (JSC::setUpStaticFunctionSlot):
              * runtime/Lookup.h:
              (JSC::lookupPut):
              * runtime/MarkStack.h:
              * runtime/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              * runtime/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              (JSC::constructWithNumberConstructor):
              * runtime/NumberObject.cpp:
              (JSC::constructNumber):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              (JSC::objectConstructorGetOwnPropertyDescriptor):
              * runtime/Operations.h:
              (JSC::normalizePrototypeChain):
              (JSC::resolveBase):
              * runtime/PrototypeFunction.cpp:
              (JSC::PrototypeFunction::PrototypeFunction):
              * runtime/PutPropertySlot.h:
              (JSC::PutPropertySlot::setExistingProperty):
              (JSC::PutPropertySlot::setNewProperty):
              (JSC::PutPropertySlot::base):
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::print):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::~ScopeChainNode):
              (JSC::ScopeChainIterator::operator*):
              (JSC::ScopeChainIterator::operator->):
              (JSC::ScopeChain::top):
              * runtime/ScopeChainMark.h:
              (JSC::ScopeChain::markAggregate):
              * runtime/SmallStrings.cpp:
              (JSC::isMarked):
              (JSC::SmallStrings::markChildren):
              * runtime/SmallStrings.h:
              (JSC::SmallStrings::emptyString):
              (JSC::SmallStrings::singleCharacterString):
              (JSC::SmallStrings::singleCharacterStrings):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * runtime/StringObject.h:
              * runtime/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * runtime/Structure.cpp:
              (JSC::Structure::flattenDictionaryStructure):
              * runtime/Structure.h:
              (JSC::Structure::storedPrototypeSlot):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::uncheckedGet):
              (JSC::WeakGCMap::uncheckedGetSlot):
              (JSC::::get):
              (JSC::::take):
              (JSC::::set):
              (JSC::::uncheckedRemove):
              * runtime/WriteBarrier.h: Added.
              (JSC::DeprecatedPtr::DeprecatedPtr):
              (JSC::DeprecatedPtr::get):
              (JSC::DeprecatedPtr::operator*):
              (JSC::DeprecatedPtr::operator->):
              (JSC::DeprecatedPtr::slot):
              (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
              (JSC::DeprecatedPtr::operator!):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::slot):
              (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
              (JSC::WriteBarrierBase::operator!):
              (JSC::WriteBarrier::WriteBarrier):
              (JSC::operator==):
      2011-01-27  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Convert markstack to a slot visitor API
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              There's no reason to recurse here, the value we
              were marking was protected.
      
              * JSValueWrapper.cpp:
              (JSValueWrapper::JSObjectMark):
      2011-01-27  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Convert markstack to a slot visitor API
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Update WebCore to the new marking apis, correct bindings
              codegen.
      
              * ForwardingHeaders/runtime/WriteBarrier.h: Added.
              * WebCore.exp.in:
              * bindings/js/DOMWrapperWorld.h:
              (WebCore::DOMWrapperWorld::globalData):
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::JSAudioConstructor::JSAudioConstructor):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::markDOMNodesForDocument):
              (WebCore::markDOMObjectWrapper):
              (WebCore::markDOMNodeWrapper):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::markChildren):
              (WebCore::JSDOMGlobalObject::setInjectedScript):
              (WebCore::JSDOMGlobalObject::injectedScript):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
              (WebCore::getDOMConstructor):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::setLocation):
              (WebCore::DialogHandler::dialogCreated):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              (WebCore::JSDOMWindowShell::markChildren):
              (WebCore::JSDOMWindowShell::unwrappedObject):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::window):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              (WebCore::JSEventListener::markJSFunction):
              * bindings/js/JSEventListener.h:
              (WebCore::JSEventListener::jsFunction):
              * bindings/js/JSHTMLDocumentCustom.cpp:
              (WebCore::JSHTMLDocument::setAll):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::JSImageConstructor::JSImageConstructor):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSJavaScriptCallFrameCustom.cpp:
              (WebCore::JSJavaScriptCallFrame::scopeChain):
              (WebCore::JSJavaScriptCallFrame::scopeType):
              * bindings/js/JSNodeFilterCondition.cpp:
              (WebCore::JSNodeFilterCondition::markAggregate):
              (WebCore::JSNodeFilterCondition::acceptNode):
              * bindings/js/JSNodeFilterCondition.h:
              * bindings/js/JSNodeFilterCustom.cpp:
              * bindings/js/JSOptionConstructor.cpp:
              (WebCore::JSOptionConstructor::JSOptionConstructor):
              * bindings/js/JSSQLResultSetRowListCustom.cpp:
              (WebCore::JSSQLResultSetRowList::item):
              * bindings/js/ScriptCachedFrameData.cpp:
              (WebCore::ScriptCachedFrameData::restore):
              * bindings/js/ScriptObject.cpp:
              (WebCore::ScriptGlobalObject::set):
              * bindings/js/SerializedScriptValue.cpp:
              (WebCore::CloneDeserializer::putProperty):
              * bindings/scripts/CodeGeneratorJS.pm:
              * dom/Document.h:
      2011-01-27  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Convert markstack to a slot visitor API
              https://bugs.webkit.org/show_bug.cgi?id=53219
      
              Update to new marking api
      
              * WebView/WebScriptDebugDelegate.mm:
              (-[WebScriptCallFrame scopeChain]):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77006 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c975423a
  26. 01 Jan, 2011 1 commit
    • abarth@webkit.org's avatar
      Move JavaScriptCore to Source · 76da8fc1
      abarth@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=51604
      
      Reviewed by Eric Seidel.
      
      Update references to JavaScriptCore to point to the new location.
      
      * Android.mk:
      * CMakeLists.txt:
      * DerivedSources.pro:
      * GNUmakefile.am:
      * Makefile:
      * WebKit.pri:
      * WebKit.pro:
      * wscript:
      
      Tools: 
      
      Update references to JavaScriptCore to point to the new location.
      
      * BuildSlaveSupport/build.webkit.org-config/master.cfg:
      * DumpRenderTree/qt/DumpRenderTree.pro:
      * DumpRenderTree/qt/ImageDiff.pro:
      * DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro:
      * DumpRenderTree/wscript:
      * Scripts/build-jsc:
      * Scripts/build-webkit:
      * Scripts/do-file-rename:
      * Scripts/do-webcore-rename:
      * Scripts/run-javascriptcore-tests:
      * Scripts/update-javascriptcore-test-results:
      * Scripts/webkitdirs.pm:
      * Scripts/webkitpy/common/config/build_unittest.py:
      * Scripts/webkitpy/style/checker.py:
      * Scripts/webkitpy/style/checker_unittest.py:
      * Scripts/webkitpy/style/checkers/cpp_unittest.py:
      * WebKitTestRunner/InjectedBundle/qt/InjectedBundle.pro:
      * WebKitTestRunner/qt/WebKitTestRunner.pro:
      * wx/build/settings.py:
      
      WebCore: 
      
      Update references to JavaScriptCore.
      
      * Android.derived.jscbindings.mk:
      * Android.v8bindings.mk:
      * CMakeLists.txt:
      * WebCore.gyp/WebCore.gyp:
      * WebCore.pro:
        - These changes are subtle and might not be 100% correct.
      * move-js-headers.sh:
      
      WebKit/chromium: 
      
      * WebKit.gyp:
        - Point to JavaScriptCore in its new location.
      
      WebKit/gtk: 
      
      * GNUmakefile.am:
      * docs/GNUmakefile.am:
        - Point to JavaScriptCore in its new location.
      
      WebKit/qt: 
      
      * WebKit_pch.h:
      * docs/qtwebkit.qdocconf:
        - Point to JavaScriptCore in its new location.
      
      WebKit/win: 
      
      * WebKit.vcproj/WebKit.sln:
        - Point to JavaScriptCore in its new location.
      
      WebKit/wx: 
      
      * bindings/python/wscript:
      * wscript:
        - Point to JavaScriptCore in its new location.
      
      WebKit2: 
      
      * WebKit2.pro:
        - Point to JavaScriptCore in its new location.
      
      Websites/bugs.webkit.org: 
      
      * PrettyPatch/PrettyPatch.rb:
        - Remove reference to JavaScriptCore as a source directory.
      
      Websites/webkit.org: 
      
      * coding/assertion-guidelines.html:
        - Update documentation to point to the new location of
          JavaScriptCore.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@74855 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      76da8fc1
  27. 30 Nov, 2010 1 commit
  28. 10 Aug, 2010 1 commit
    • barraclough@apple.com's avatar
      Bug 43817 - Remove UString::Rep · ee2085b2
      barraclough@apple.com authored
      UString::Rep has for a long time been replaced by UStringImpl (Rep
      remaining as a typedef).  UStringImpl has since been removed too
      (unified with StringImpl). Remove Rep, rename rep() to impl() and
      m_rep to m_impl.  Also add impl() method to Identifier, and rename
      its UString member from _ustring to m_string.
      
      Rubber stamped by Sam Weinig
      
      JavaScriptCore: 
      
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::deletePrivateProperty):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlot):
      (JSC::::put):
      (JSC::::deleteProperty):
      (JSC::::getOwnPropertyNames):
      (JSC::::staticValueGetter):
      (JSC::::staticFunctionGetter):
      * API/JSClassRef.cpp:
      (tryCreateStringFromUTF8):
      (OpaqueJSClass::OpaqueJSClass):
      (OpaqueJSClass::~OpaqueJSClass):
      (OpaqueJSClassContextData::OpaqueJSClassContextData):
      * API/JSClassRef.h:
      * API/OpaqueJSString.cpp:
      (OpaqueJSString::ustring):
      * bytecode/EvalCodeCache.h:
      (JSC::EvalCodeCache::get):
      * bytecode/JumpTable.h:
      (JSC::StringJumpTable::offsetForValue):
      (JSC::StringJumpTable::ctiForValue):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::addVar):
      (JSC::BytecodeGenerator::addGlobalVar):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::addParameter):
      (JSC::BytecodeGenerator::registerFor):
      (JSC::BytecodeGenerator::willResolveToArguments):
      (JSC::BytecodeGenerator::uncheckedRegisterForArguments):
      (JSC::BytecodeGenerator::constRegisterFor):
      (JSC::BytecodeGenerator::isLocal):
      (JSC::BytecodeGenerator::isLocalConstant):
      (JSC::BytecodeGenerator::addConstant):
      (JSC::BytecodeGenerator::emitLoad):
      (JSC::BytecodeGenerator::findScopedProperty):
      (JSC::keyForCharacterSwitch):
      (JSC::prepareJumpTableForStringSwitch):
      * bytecompiler/BytecodeGenerator.h:
      * bytecompiler/NodesCodegen.cpp:
      (JSC::processClauseList):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * parser/JSParser.cpp:
      (JSC::JSParser::parseStrictObjectLiteral):
      * pcre/pcre_exec.cpp:
      (Histogram::add):
      * profiler/CallIdentifier.h:
      (JSC::CallIdentifier::Hash::hash):
      * profiler/Profile.cpp:
      * profiler/ProfileNode.cpp:
      (JSC::ProfileNode::debugPrintDataSampleStyle):
      * profiler/ProfileNode.h:
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncToString):
      * runtime/Identifier.cpp:
      (JSC::Identifier::equal):
      (JSC::IdentifierCStringTranslator::hash):
      (JSC::IdentifierCStringTranslator::equal):
      (JSC::IdentifierCStringTranslator::translate):
      (JSC::Identifier::add):
      (JSC::IdentifierUCharBufferTranslator::hash):
      (JSC::IdentifierUCharBufferTranslator::equal):
      (JSC::IdentifierUCharBufferTranslator::translate):
      (JSC::Identifier::addSlowCase):
      * runtime/Identifier.h:
      (JSC::Identifier::Identifier):
      (JSC::Identifier::ustring):
      (JSC::Identifier::impl):
      (JSC::Identifier::data):
      (JSC::Identifier::size):
      (JSC::Identifier::ascii):
      (JSC::Identifier::isNull):
      (JSC::Identifier::isEmpty):
      (JSC::Identifier::toUInt32):
      (JSC::Identifier::toStrictUInt32):
      (JSC::Identifier::toArrayIndex):
      (JSC::Identifier::toDouble):
      (JSC::Identifier::equal):
      (JSC::Identifier::add):
      * runtime/InitializeThreading.cpp:
      (JSC::initializeThreadingOnce):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::displayName):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::displayName):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::addStaticGlobals):
      * runtime/JSStaticScopeObject.h:
      (JSC::JSStaticScopeObject::JSStaticScopeObject):
      * runtime/JSString.h:
      (JSC::):
      (JSC::RopeBuilder::appendStringInConstruct):
      (JSC::RopeBuilder::appendValueInConstructAndIncrementLength):
      (JSC::jsSingleCharacterSubstring):
      (JSC::jsSubstring):
      * runtime/JSVariableObject.cpp:
      (JSC::JSVariableObject::deleteProperty):
      (JSC::JSVariableObject::symbolTableGet):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::symbolTableGet):
      (JSC::JSVariableObject::symbolTablePut):
      (JSC::JSVariableObject::symbolTablePutWithAttributes):
      * runtime/Lookup.cpp:
      (JSC::HashTable::createTable):
      (JSC::HashTable::deleteTable):
      * runtime/Lookup.h:
      (JSC::HashEntry::initialize):
      (JSC::HashEntry::setKey):
      (JSC::HashEntry::key):
      (JSC::HashTable::entry):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyMapEntry::PropertyMapEntry):
      * runtime/PropertyNameArray.cpp:
      (JSC::PropertyNameArray::add):
      * runtime/PropertyNameArray.h:
      (JSC::PropertyNameArray::add):
      (JSC::PropertyNameArray::addKnownUnique):
      * runtime/RegExp.cpp:
      (JSC::RegExp::match):
      * runtime/RegExpCache.cpp:
      (JSC::RegExpCache::create):
      * runtime/RegExpKey.h:
      (JSC::RegExpKey::RegExpKey):
      * runtime/SmallStrings.cpp:
      (JSC::SmallStringsStorage::rep):
      (JSC::SmallStrings::singleCharacterStringRep):
      * runtime/SmallStrings.h:
      * runtime/StringPrototype.cpp:
      (JSC::jsSpliceSubstringsWithSeparators):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      * runtime/Structure.cpp:
      (JSC::Structure::~Structure):
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::copyPropertyTable):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::put):
      (JSC::Structure::hasTransition):
      (JSC::Structure::remove):
      (JSC::Structure::checkConsistency):
      * runtime/Structure.h:
      (JSC::Structure::get):
      (JSC::Structure::hasTransition):
      * runtime/StructureTransitionTable.h:
      * runtime/SymbolTable.h:
      * runtime/UString.cpp:
      (JSC::UString::UString):
      (JSC::UString::toStrictUInt32):
      (JSC::UString::substr):
      * runtime/UString.h:
      (JSC::UString::UString):
      (JSC::UString::adopt):
      (JSC::UString::data):
      (JSC::UString::size):
      (JSC::UString::isNull):
      (JSC::UString::isEmpty):
      (JSC::UString::impl):
      (JSC::UString::cost):
      (JSC::operator==):
      (JSC::codePointCompare):
      (JSC::IdentifierRepHash::hash):
      (WTF::):
      
      WebCore: 
      
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::findAtomicString):
      * bindings/js/JSDOMBinding.h:
      (WebCore::ustringToString):
      (WebCore::identifierToString):
      (WebCore::ustringToAtomicString):
      (WebCore::identifierToAtomicString):
      * bindings/js/SerializedScriptValue.h:
      (WebCore::SerializedScriptValueData::SerializedScriptValueData):
      * bridge/IdentifierRep.cpp:
      (WebCore::IdentifierRep::get):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::JavaClass):
      (JavaClass::methodsNamed):
      (JavaClass::fieldNamed):
      * bridge/jni/jsc/JavaStringJSC.h:
      (JSC::Bindings::JavaStringImpl::~JavaStringImpl):
      (JSC::Bindings::JavaStringImpl::init):
      (JSC::Bindings::JavaStringImpl::UTF8String):
      (JSC::Bindings::JavaStringImpl::uchars):
      (JSC::Bindings::JavaStringImpl::length):
      (JSC::Bindings::JavaStringImpl::uString):
      * bridge/jsc/BridgeJSC.h:
      
      WebKit/mac: 
      
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyInstance::methodsNamed):
      (WebKit::ProxyInstance::fieldNamed):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@65104 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ee2085b2
  29. 27 Apr, 2010 1 commit
  30. 25 Feb, 2010 1 commit
    • oliver@apple.com's avatar
      2010-02-25 Oliver Hunt <oliver@apple.com> · 43b309bf
      oliver@apple.com authored
              Reviewed by Maciej Stachowiak.
      
              Race condition in JSPropertyNameIterator and Structure destruction
              https://bugs.webkit.org/show_bug.cgi?id=35398
      
              JSPropertyNameIterator and Structure have a cyclic dependency that they
              manage by clearing the appropriate reference in each other during their
              destruction.  However if the Structure is destroyed while the
              JSPropertyNameIterator is dead but not yet finalized the Structures
              WeakGCPtr will return null, and so prevent Structure from clearing
              the m_cachedStructure pointer of the iterator.  When the iterator is
              then finalised the m_cachedStructure is invalid, and the attempt to
              clear the structures back reference fails.
      
              To fix this we simply make JSPropertyNameIterator keep the Structure
              alive, using the weak pointer to break the ref cycle.
      
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::~JSPropertyNameIterator):
                The iterator now keeps m_cachedStructure alive itself, so no longer needs
                to check for it being cleared
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::setCachedStructure):
                Add an assertion to ensure correct usage
              (JSC::JSPropertyNameIterator::cachedStructure):
                Add .get()
              * runtime/Structure.cpp:
              (JSC::Structure::~Structure):
                Add an assertion that our iterator isn't already dead, and remove
                the now unnecessary attempt to clear the ref in the iterator
              * runtime/WeakGCPtr.h:
              (JSC::WeakGCPtr::hasDeadObject):
                An assert-only function to allow us to assert correct behaviour
                in the Structure destructor
      2010-02-25  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Maciej Stachowiak.
      
              Race condition in JSPropertyNameIterator and Structure destruction
              https://bugs.webkit.org/show_bug.cgi?id=35398
      
              Add test to ensure that this race condition doesn't occur.
      
              * fast/js/script-tests/for-in-cached.js:
              (cacheClearing):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@55256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      43b309bf
  31. 15 Feb, 2010 1 commit
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=33731 · 39724b86
      barraclough@apple.com authored
      Many false leaks in release builds due to PtrAndFlags
      
      Reviewed by Darin Adler.
      
      JavaScriptCore: 
      
      StructureTransitionTable was effectively a smart pointer type,
      one machine word in size and wholly contained as a member of
      of Structure.  It either pointed to an actual table, or could
      be used to describe a single transtion entry without use of a
      table.
      
      This, however, worked by using a PtrAndFlags, which is not
      compatible with the leaks tool.  Since there is no clear way to
      obtain another bit for 'free' here, and since there are bits
      available up in Structure, merge this functionality back up into
      Structure.  Having this in a separate class was quite clean
      from an enacapsulation perspective, but this solution doesn't
      seem to bad - all table access is now intermediated through the
      Structure::structureTransitionTableFoo methods, keeping the
      optimization fairly well contained.
      
      This was the last use of PtrAndFlags, so removing the file too.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.h:
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::~Structure):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::hasTransition):
      * runtime/Structure.h:
      (JSC::Structure::):
      (JSC::Structure::structureTransitionTableContains):
      (JSC::Structure::structureTransitionTableGet):
      (JSC::Structure::structureTransitionTableHasTransition):
      (JSC::Structure::structureTransitionTableRemove):
      (JSC::Structure::structureTransitionTableAdd):
      (JSC::Structure::structureTransitionTable):
      (JSC::Structure::setStructureTransitionTable):
      (JSC::Structure::singleTransition):
      (JSC::Structure::setSingleTransition):
      * runtime/StructureTransitionTable.h:
      * wtf/PtrAndFlags.h: Removed.
      
      WebCore: 
      
      PtrAndFlags has now been removed; remove forwarding header.
      
      * ForwardingHeaders/wtf/PtrAndFlags.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54798 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      39724b86
  32. 02 Feb, 2010 1 commit
    • oliver@apple.com's avatar
      2010-02-02 Oliver Hunt <oliver@apple.com> · 6c9bdeb2
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Crash in CollectorBitmap::get at nbcolympics.com
              https://bugs.webkit.org/show_bug.cgi?id=34504
      
              This was caused by the use of m_offset to determine the offset of
              a new property into the property storage.  This patch corrects
              the effected cases by incorporating the anonymous slot count. It
              also removes the duplicate copy of anonymous slot count from the
              property table as keeping this up to date merely increased the
              chance of a mismatch.  Finally I've added a large number of
              assertions in an attempt to prevent such a bug from happening
              again.
      
              With the new assertions in place the existing anonymous slot tests
              all fail without the m_offset fixes.
      
              * runtime/PropertyMapHashTable.h:
              * runtime/Structure.cpp:
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::addPropertyTransitionToExistingStructure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::removePropertyTransition):
              (JSC::Structure::flattenDictionaryStructure):
              (JSC::Structure::addPropertyWithoutTransition):
              (JSC::Structure::removePropertyWithoutTransition):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::get):
              (JSC::Structure::put):
              (JSC::Structure::remove):
              (JSC::Structure::insertIntoPropertyMapHashTable):
              (JSC::Structure::createPropertyMapHashTable):
              (JSC::Structure::rehashPropertyMapHashTable):
              (JSC::Structure::checkConsistency):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54265 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c9bdeb2
  33. 01 Feb, 2010 1 commit
    • oliver@apple.com's avatar
      2010-01-31 Oliver Hunt <oliver@apple.com> · c47a6ba0
      oliver@apple.com authored
              Reviewed by Maciej Stachowiak.
      
              JSC is failing to propagate anonymous slot count on some transitions
              https://bugs.webkit.org/show_bug.cgi?id=34321
      
              Remove secondary Structure constructor, and make Structure store a copy
              of the number of anonymous slots directly so saving an immediate allocation
              of a property map for all structures with anonymous storage, which also
              avoids the leaked property map on new property transition in the original
              version of this patch.
      
              We need to propagate the the anonymous slot count otherwise we can end up
              with a structure recording incorrect information about the available and
              needed space for property storage, or alternatively incorrectly reusing
              some slots.
      
              * JavaScriptCore.exp:
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::changePrototypeTransition):
              (JSC::Structure::despecifyFunctionTransition):
              (JSC::Structure::getterSetterTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::flattenDictionaryStructure):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::put):
              (JSC::Structure::remove):
              (JSC::Structure::insertIntoPropertyMapHashTable):
              (JSC::Structure::createPropertyMapHashTable):
              * runtime/Structure.h:
              (JSC::Structure::create):
              (JSC::Structure::hasAnonymousSlots):
              (JSC::Structure::anonymousSlotCount):
      2010-02-01  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Maciej Stachowiak.
      
              JSC is failing to propagate anonymous slot count on some transitions
              https://bugs.webkit.org/show_bug.cgi?id=34321
      
              Add test case for modifying DOM objects with anonymous storage.
      
              * fast/dom/Window/anonymous-slot-with-changes-expected.txt: Added.
              * fast/dom/Window/anonymous-slot-with-changes.html: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54129 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c47a6ba0