1. 12 May, 2011 1 commit
    • zimmermann@webkit.org's avatar
      2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com> · 6da15387
      zimmermann@webkit.org authored
              Reviewed by Darin Adler.
      
              String operator+ reallocates unnecessarily when concatting > 2 strings
              https://bugs.webkit.org/show_bug.cgi?id=58420
      
              Provide a faster String append operator.
              Up until now, "String operator+(const String& a, const String& b)" copied String a into a temporary
              object, and used a.append(b), which reallocates a new buffer of aLength+bLength. When concatting
              N strings using operator+, this leads to N-1 reallocations.
      
              Replace this with a flexible operator+ implementation, that avoids these reallocations.
              When concatting a 'String' with any string type (char*, UChar, Vector<char>, String, AtomicString, etc..)
              a StringAppend<String, T> object is created, which holds the intermediate string objects, and delays
              creation of the final string, until operator String() is invoked.
      
              template<typename T>
              StringAppend<String, T> operator+(const String& string1, T string2)
              {
                  return StringAppend<String, T>(string1, string2);
              }
      
              template<typename U, typename V, typename W>
              StringAppend<U, StringAppend<V, W> > operator+(U string1, const StringAppend<V, W>& string2)
              {
                  return StringAppend<U, StringAppend<V, W> >(string1, string2);
              }
      
              When concatting three strings - "String a, b, c; String result = a + b + c;" following happens:
              first a StringAppend<String, String> object is created by operator+(const String& string1, String string2).
              Then operator+(String string1, const StringAppend<String, String>& string2) is invoked, which returns
              a StringAppend<String, StringAppend<String, String> > object.
              Then operator String() is invoked, which allocates a StringImpl object, once, large enough to hold the
              final string - it uses tryMakeString provided by StringConcatenate.h under the hoods, which guards us
              against too big string allocations, etc.
      
              Note that the second template, defines a recursive way to concat an arbitary number of strings
              into a single String with just one allocation.
      
              * GNUmakefile.list.am: Add StringOperators.h to build.
              * JavaScriptCore.exp: Export WTF::emptyString(). Remove no longer needed symbols.
              * JavaScriptCore.gypi: Add StringOperators.h to build.
              * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
              * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
              * wtf/text/AtomicString.h: Pull in StringConcatenate.h at the end of the file.
              * wtf/text/StringConcatenate.h: Conditionally include AtomicString.h to avoid a cyclic dependency. Pull in StringOperators.h at the end of the file.
              * wtf/text/StringOperators.h: Added. This is never meant to be included directly, including either WTFString.h or AtomicString.h automatically pulls in this file.
              (WTF::StringAppend::StringAppend):
              (WTF::StringAppend::operator String):
              (WTF::StringAppend::operator AtomicString):
              (WTF::StringAppend::writeTo):
              (WTF::StringAppend::length):
              (WTF::operator+):
              * wtf/text/WTFString.cpp: Remove operator+ implementations that use String::append(). 
              (WTF::emptyString): Add new shared empty string free function.
              * wtf/text/WTFString.h: Replace operator+ implementations by StringAppend template solution. Pull in AtomicString.h at the end of the file.
      
      2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
      
              Reviewed by Darin Adler.
      
              String operator+ reallocates unnecessary when concatting > 2 strings
              https://bugs.webkit.org/show_bug.cgi?id=58420
      
              Provide a faster String append operator. See Source/JavaScriptCore/ChangeLog for details.
      
              * dom/XMLDocumentParserLibxml2.cpp:
              (WebCore::handleElementAttributes):
              * editing/MarkupAccumulator.cpp:
              (WebCore::MarkupAccumulator::shouldAddNamespaceElement):
              * html/HTMLAnchorElement.cpp:
              (WebCore::HTMLAnchorElement::hash):
              (WebCore::HTMLAnchorElement::search):
              * html/ImageInputType.cpp:
              (WebCore::ImageInputType::appendFormData):
              * html/parser/HTMLTreeBuilder.cpp:
              * loader/CrossOriginAccessControl.cpp:
              (WebCore::passesAccessControlCheck):
              * page/Location.cpp:
              (WebCore::Location::search):
              (WebCore::Location::hash):
              * page/NavigatorBase.cpp:
              (WebCore::NavigatorBase::platform):
              * platform/chromium/ClipboardChromium.cpp:
              (WebCore::writeImageToDataObject):
              * platform/gtk/PasteboardHelper.cpp:
              (WebCore::PasteboardHelper::fillSelectionData):
              * platform/network/cf/ResourceHandleCFNet.cpp:
              (WebCore::encodeBasicAuthorization):
              * platform/network/cf/SocketStreamHandleCFNet.cpp:
              (WebCore::SocketStreamHandle::copyCFStreamDescription):
              * platform/network/mac/ResourceHandleMac.mm:
              (WebCore::encodeBasicAuthorization):
              * workers/WorkerLocation.cpp:
              (WebCore::WorkerLocation::search):
              (WebCore::WorkerLocation::hash):
      
      2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
      
              Reviewed by Darin Adler.
      
              String operator+ reallocates unnecessarily when concatting > 2 strings
              https://bugs.webkit.org/show_bug.cgi?id=58420
      
              Provide a faster String append operator. See Source/JavaScriptCore/ChangeLog for details.
      
              * src/WebAccessibilityObject.cpp:
              (WebKit::WebAccessibilityObject::keyboardShortcut): Cast to String first, before trying to convert to platform dependant type.
              * src/WebHTTPLoadInfo.cpp:
              (WebKit::addHeader): Don't pass WebString to makeString, explicit cast to String first.
              * tests/IDBLevelDBCodingTest.cpp: Cast to String first, to avoid conflicting with gtests global templatified operator+.
              (IDBLevelDBCoding::TEST):
      
      2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
      
              Reviewed by Darin Adler.
      
              String operator+ reallocates unnecessarily when concatting > 2 strings
              https://bugs.webkit.org/show_bug.cgi?id=58420
      
              Provide a faster String append operator. See Source/JavaScriptCore/ChangeLog for details.
      
              * WebView/WebFrame.mm: Explicitely cast to Strings first, so operator NSString*() can be invoked.
              (-[WebFrame _stringWithDocumentTypeStringAndMarkupString:]):
      
      2011-05-12  Nikolas Zimmermann  <nzimmermann@rim.com>
      
              Reviewed by Darin Adler.
      
              String operator+ reallocates unnecessarily when concatting > 2 strings
              https://bugs.webkit.org/show_bug.cgi?id=58420
      
              Provide a faster String append operator. See Source/JavaScriptCore/ChangeLog for details.
      
              * AccessibleBase.cpp:
              (AccessibleBase::get_accKeyboardShortcut): Explicitely cast to Strings first, so operator BString() can be invoked.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86330 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6da15387
  2. 11 May, 2011 1 commit
  3. 09 May, 2011 1 commit
    • abarth@webkit.org's avatar
      2011-05-09 Adam Barth <abarth@webkit.org> · 19733325
      abarth@webkit.org authored
              Reviewed by Eric Seidel.
      
              CSP should block Function constructor
              https://bugs.webkit.org/show_bug.cgi?id=60240
      
              Test that the function constructor is properly blocked.
      
              * http/tests/security/contentSecurityPolicy/function-constructor-allowed-expected.txt: Added.
              * http/tests/security/contentSecurityPolicy/function-constructor-allowed.html: Added.
              * http/tests/security/contentSecurityPolicy/function-constructor-blocked-expected.txt: Added.
              * http/tests/security/contentSecurityPolicy/function-constructor-blocked.html: Added.
              * platform/chromium/test_expectations.txt:
      2011-05-09  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Eric Seidel.
      
              CSP should block Function constructor
              https://bugs.webkit.org/show_bug.cgi?id=60240
      
              When eval is disabled, we need to block the use of the function
              constructor.  However, the WebCore JSC bindings call the function
              constructor directly to create inline event listeners.  To support that
              use, this patch adds an entrypoint that bypasses the check for whether
              eval is enabled.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * runtime/FunctionConstructor.cpp:
              (JSC::constructFunction):
              (JSC::constructFunctionSkippingEvalEnabledCheck):
              * runtime/FunctionConstructor.h:
      2011-05-09  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Eric Seidel.
      
              CSP should block Function constructor
              https://bugs.webkit.org/show_bug.cgi?id=60240
      
              Tests: http/tests/security/contentSecurityPolicy/function-constructor-allowed.html
                     http/tests/security/contentSecurityPolicy/function-constructor-blocked.html
      
              * bindings/js/JSLazyEventListener.cpp:
              (WebCore::JSLazyEventListener::initializeJSFunction):
                  - Update call site to the new entrypoint.
              * bindings/v8/V8LazyEventListener.cpp:
              (WebCore::V8LazyEventListener::prepareListenerObject):
                  - Add some comments about the rediculousness of this implementation.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86100 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      19733325
  4. 03 May, 2011 1 commit
    • oliver@apple.com's avatar
      2011-05-03 Oliver Hunt <oliver@apple.com> · 1d9763c2
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make malloc validation useful
              https://bugs.webkit.org/show_bug.cgi?id=57502
      
              Reland this patch (rolled out in 82905) without
              turning it on by default.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * wtf/FastMalloc.cpp:
              (WTF::tryFastMalloc):
              (WTF::fastMalloc):
              (WTF::tryFastCalloc):
              (WTF::fastCalloc):
              (WTF::fastFree):
              (WTF::tryFastRealloc):
              (WTF::fastRealloc):
              (WTF::fastMallocSize):
              (WTF::TCMalloc_PageHeap::isScavengerSuspended):
              (WTF::TCMalloc_PageHeap::scheduleScavenger):
              (WTF::TCMalloc_PageHeap::suspendScavenger):
              (WTF::TCMalloc_PageHeap::signalScavenger):
              (WTF::TCMallocStats::malloc):
              (WTF::TCMallocStats::free):
              (WTF::TCMallocStats::fastCalloc):
              (WTF::TCMallocStats::tryFastCalloc):
              (WTF::TCMallocStats::calloc):
              (WTF::TCMallocStats::fastRealloc):
              (WTF::TCMallocStats::tryFastRealloc):
              (WTF::TCMallocStats::realloc):
              (WTF::TCMallocStats::fastMallocSize):
              * wtf/FastMalloc.h:
              (WTF::Internal::fastMallocValidationHeader):
              (WTF::Internal::fastMallocValidationSuffix):
              (WTF::Internal::fastMallocMatchValidationType):
              (WTF::Internal::setFastMallocMatchValidationType):
              (WTF::fastMallocMatchValidateFree):
              (WTF::fastMallocValidate):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85700 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1d9763c2
  5. 02 May, 2011 1 commit
    • oliver@apple.com's avatar
      2011-05-02 Oliver Hunt <oliver@apple.com> · 35b2b50e
      oliver@apple.com authored
              Reviewed by Gavin Barraclough.
      
              Correct marking of interpreter data in mixed mode builds
              https://bugs.webkit.org/show_bug.cgi?id=59962
      
              We had a few places in mixed mode builds where we would not
              track data used by the interpreter for marking.  This patch
              corrects the problem and adds a number of assertions to catch
              live Structures being collected.
      
              * JavaScriptCore.exp:
              * assembler/ARMv7Assembler.h:
              (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              * bytecode/CodeBlock.h:
              (JSC::CodeBlock::addPropertyAccessInstruction):
              (JSC::CodeBlock::addGlobalResolveInstruction):
              (JSC::CodeBlock::addStructureStubInfo):
              (JSC::CodeBlock::addGlobalResolveInfo):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::emitResolve):
              (JSC::BytecodeGenerator::emitResolveWithBase):
              (JSC::BytecodeGenerator::emitGetById):
              (JSC::BytecodeGenerator::emitPutById):
              (JSC::BytecodeGenerator::emitDirectPutById):
              * runtime/Structure.cpp:
              (JSC::Structure::materializePropertyMap):
              * runtime/Structure.h:
              (JSC::Structure::typeInfo):
              (JSC::Structure::previousID):
              (JSC::Structure::propertyStorageCapacity):
              (JSC::Structure::propertyStorageSize):
              (JSC::Structure::get):
              (JSC::Structure::materializePropertyMapIfNecessary):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85523 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      35b2b50e
  6. 29 Apr, 2011 1 commit
    • abarth@webkit.org's avatar
      2011-04-29 Adam Barth <abarth@webkit.org> · 26a40f16
      abarth@webkit.org authored
              Reviewed by Eric Seidel.
      
              CSP script-src should block eval
              https://bugs.webkit.org/show_bug.cgi?id=59850
      
              Test that both function-eval and operator-eval are correctly blocked
              and allowed according to the policy.
      
              * http/tests/security/contentSecurityPolicy/eval-allowed-expected.txt: Added.
              * http/tests/security/contentSecurityPolicy/eval-allowed.html: Added.
              * http/tests/security/contentSecurityPolicy/eval-blocked-expected.txt: Added.
              * http/tests/security/contentSecurityPolicy/eval-blocked.html: Added.
      2011-04-29  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Eric Seidel.
      
              CSP script-src should block eval
              https://bugs.webkit.org/show_bug.cgi?id=59850
      
              ggaren recommend a different approach to this patch, essentially
              installing a new function for function-eval and changing the AST
              representation of operator-eval to call function-eval.  However, I'm
              not sure that approach is workable because the ASTBuilder doesn't know
              about global objects, and there is added complication due to the cache.
      
              This approach is more dynamic, adding a branch in EvalExecutable to
              detect whether eval is current disabled in the lexical scope.  The spec
              is slightly unclear about whether we should return undefined or throw
              an exception.  I've asked Brandon to clarify the spec, but throwing an
              exception seems natural.
      
              * JavaScriptCore.exp:
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::compileInternal):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::disableEval):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObject):
              (JSC::JSGlobalObject::isEvalEnabled):
      2011-04-29  Adam Barth  <abarth@webkit.org>
      
              Reviewed by Eric Seidel.
      
              CSP script-src should block eval
              https://bugs.webkit.org/show_bug.cgi?id=59850
      
              Rather than have JavaScriptCore call back into WebCore to learn whether
              eval is enabled, we push that bit of the policy into JavaScriptCore.
      
              Tests: http/tests/security/contentSecurityPolicy/eval-allowed.html
                     http/tests/security/contentSecurityPolicy/eval-blocked.html
      
              * bindings/js/ScriptController.cpp:
              (WebCore::ScriptController::disableEval):
              * bindings/js/ScriptController.h:
              * page/ContentSecurityPolicy.cpp:
              (WebCore::ContentSecurityPolicy::didReceiveHeader):
              (WebCore::ContentSecurityPolicy::internalAllowEval):
              (WebCore::ContentSecurityPolicy::allowEval):
              * page/ContentSecurityPolicy.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85388 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      26a40f16
  7. 27 Apr, 2011 1 commit
  8. 22 Apr, 2011 2 commits
    • commit-queue@webkit.org's avatar
      2011-04-22 Sheriff Bot <webkit.review.bot@gmail.com> · 2dba4a48
      commit-queue@webkit.org authored
              Unreviewed, rolling out r84650 and r84654.
              http://trac.webkit.org/changeset/84650
              http://trac.webkit.org/changeset/84654
              https://bugs.webkit.org/show_bug.cgi?id=59218
      
              Broke Windows build (Requested by bweinstein on #webkit).
      
              * API/JSCallbackObjectFunctions.h:
              (JSC::::init):
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * heap/Handle.h:
              (JSC::HandleBase::operator!):
              (JSC::HandleBase::operator UnspecifiedBoolType*):
              (JSC::HandleTypes::getFromSlot):
              * heap/HandleHeap.cpp:
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              (JSC::HandleHeap::finalizeWeakHandles):
              (JSC::HandleHeap::writeBarrier):
              (JSC::HandleHeap::protectedGlobalObjectCount):
              (JSC::HandleHeap::isValidWeakNode):
              * heap/HandleHeap.h:
              (JSC::HandleHeap::copyWeak):
              (JSC::HandleHeap::makeWeak):
              (JSC::HandleHeap::Node::slot):
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              (JSC::HandleStack::grow):
              * heap/HandleStack.h:
              (JSC::HandleStack::zapTo):
              (JSC::HandleStack::push):
              * heap/Heap.cpp:
              (JSC::HandleHeap::protectedObjectTypeCounts):
              * heap/Local.h:
              (JSC::::set):
              * heap/Strong.h:
              (JSC::Strong::set):
              * heap/Weak.h:
              (JSC::Weak::set):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              * runtime/WriteBarrier.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84660 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2dba4a48
    • oliver@apple.com's avatar
      2011-04-22 Oliver Hunt <oliver@apple.com> · 4b66844e
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make it harder to use HandleSlot incorrectly
              https://bugs.webkit.org/show_bug.cgi?id=59205
      
              Just add a little type fudging to make it harder to
              incorrectly assign through a HandleSlot.
      
              * API/JSCallbackObjectFunctions.h:
              (JSC::::init):
              * JavaScriptCore.exp:
              * heap/Handle.h:
              (JSC::HandleBase::operator!):
              (JSC::HandleBase::operator UnspecifiedBoolType*):
              (JSC::HandleTypes::getFromSlot):
              * heap/HandleHeap.cpp:
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              (JSC::HandleHeap::finalizeWeakHandles):
              (JSC::HandleHeap::writeBarrier):
              (JSC::HandleHeap::protectedGlobalObjectCount):
              (JSC::HandleHeap::isValidWeakNode):
              * heap/HandleHeap.h:
              (JSC::HandleHeap::copyWeak):
              (JSC::HandleHeap::makeWeak):
              (JSC::HandleHeap::Node::slot):
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              (JSC::HandleStack::grow):
              * heap/HandleStack.h:
              (JSC::HandleStack::zapTo):
              (JSC::HandleStack::push):
              * heap/Heap.cpp:
              (JSC::HandleHeap::protectedObjectTypeCounts):
              * heap/Local.h:
              (JSC::::set):
              * heap/Strong.h:
              (JSC::Strong::set):
              * heap/Weak.h:
              (JSC::Weak::set):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              * runtime/WriteBarrier.h:
              (JSC::OpaqueJSValue::toJSValue):
              (JSC::OpaqueJSValue::toJSValueRef):
              (JSC::OpaqueJSValue::fromJSValue):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84650 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4b66844e
  9. 21 Apr, 2011 1 commit
    • oliver@apple.com's avatar
      2011-04-21 Oliver Hunt <oliver@apple.com> · 433d02f9
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::visitChildren):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren):
              (JSC::JSCallbackObject::visitChildren):
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::visitStructures):
              (JSC::EvalCodeCache::visitAggregate):
              (JSC::CodeBlock::visitAggregate):
              * bytecode/CodeBlock.h:
              * bytecode/EvalCodeCache.h:
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::visitAggregate):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::visitAggregate):
              * bytecode/StructureStubInfo.h:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * debugger/DebuggerActivation.h:
              * heap/HandleHeap.cpp:
              (JSC::WeakHandleOwner::isReachableFromOpaqueRoots):
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              * heap/HandleHeap.h:
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              * heap/HandleStack.h:
              * heap/Heap.cpp:
              (JSC::Heap::markProtectedObjects):
              (JSC::Heap::markTempSortVectors):
              (JSC::Heap::markRoots):
              * heap/Heap.h:
              * heap/MarkStack.cpp:
              (JSC::MarkStack::visitChildren):
              (JSC::MarkStack::drain):
              * heap/MarkStack.h:
              (JSC::HeapRootVisitor::HeapRootVisitor):
              (JSC::HeapRootVisitor::mark):
              (JSC::HeapRootVisitor::visitor):
              * heap/MarkedSpace.h:
              * runtime/ArgList.cpp:
              (JSC::MarkedArgumentBuffer::markLists):
              * runtime/ArgList.h:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Arguments.h:
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSActivation.h:
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSArray.h:
              (JSC::JSArray::visitDirect):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::visitChildren):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSFunction.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::visitIfNeeded):
              (JSC::JSGlobalObject::visitChildren):
              * runtime/JSGlobalObject.h:
              * runtime/JSONObject.cpp:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSObject.h:
              (JSC::JSObject::visitDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSStaticScopeObject.h:
              * runtime/JSTypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              (JSC::TypeInfo::overridesVisitChildren):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/JSWrapperObject.h:
              * runtime/JSZombie.h:
              (JSC::JSZombie::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/NativeErrorConstructor.h:
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/RegExpObject.h:
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              * runtime/SmallStrings.cpp:
              (JSC::SmallStrings::visitChildren):
              * runtime/SmallStrings.h:
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::createStructure):
      2011-04-21  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * UserObjectImp.cpp:
              (UserObjectImp::visitChildren):
      2011-04-21  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::constructAudio):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::visitActiveObjectsForContext):
              (WebCore::markDOMObjectWrapper):
              * bindings/js/JSDOMBinding.h:
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              * bindings/js/JSDOMGlobalObject.h:
              * bindings/js/JSDOMImplementationCustom.cpp:
              (WebCore::JSDOMImplementation::visitChildren):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSDOMWindowShell.h:
              * bindings/js/JSDocumentCustom.cpp:
              (WebCore::JSDocument::visitChildren):
              * bindings/js/JSElementCustom.cpp:
              (WebCore::JSElement::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::markJSFunction):
              * bindings/js/JSEventListener.h:
              * bindings/js/JSHTMLCanvasElementCustom.cpp:
              (WebCore::JSHTMLCanvasElement::visitChildren):
              * bindings/js/JSHTMLLinkElementCustom.cpp:
              (WebCore::JSHTMLLinkElement::visitChildren):
              * bindings/js/JSHTMLStyleElementCustom.cpp:
              (WebCore::JSHTMLStyleElement::visitChildren):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::constructImage):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMapOwner::isReachableFromOpaqueRoots):
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNavigatorCustom.cpp:
              (WebCore::JSNavigator::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::isObservable):
              (WebCore::isReachableFromDOM):
              (WebCore::JSNodeOwner::isReachableFromOpaqueRoots):
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeCustom.h:
              * bindings/js/JSNodeFilterCondition.cpp:
              (WebCore::JSNodeFilterCondition::WeakOwner::isReachableFromOpaqueRoots):
              * bindings/js/JSNodeFilterCondition.h:
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSNodeListCustom.cpp:
              (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots):
              * bindings/js/JSProcessingInstructionCustom.cpp:
              (WebCore::JSProcessingInstruction::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWebKitAnimationListCustom.cpp:
              (WebCore::JSWebKitAnimationList::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
              (WebCore::JSXMLHttpRequestUpload::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/qt/qt_instance.cpp:
              (JSC::Bindings::QtRuntimeObject::visitChildren):
              (JSC::Bindings::QtInstance::markAggregate):
              * bridge/qt/qt_instance.h:
              * bridge/qt/qt_pixmapruntime.cpp:
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMetaMethod::visitChildren):
              * bridge/qt/qt_runtime.h:
              * dom/EventListener.h:
              (WebCore::EventListener::visitJSFunction):
              * dom/EventTarget.h:
              (WebCore::EventTarget::visitJSEventListeners):
              * dom/Node.h:
              * dom/NodeFilterCondition.h:
              (WebCore::NodeFilterCondition::visitAggregate):
              * page/DOMWindow.h:
              * workers/WorkerContext.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84556 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      433d02f9
  10. 15 Apr, 2011 4 commits
  11. 13 Apr, 2011 2 commits
    • oliver@apple.com's avatar
      2011-04-13 Oliver Hunt <oliver@apple.com> · bb8da910
      oliver@apple.com authored
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Additional structures are allocated beyond the expected threshold
              so we preflight the test to get them allocated.
      
              * fast/dom/gc-10.html:
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Turn Structure into a GC allocated object.  Most of this patch
              is the mechanical change of replacing variations on RefPtr<Structure>
              with either Structure* (for arguments and locals), WriteBarrier<Structure>
              for the few cases where Structures are held by GC allocated objects
              and Strong<Structure> for the root structure objects in GlobalData.
      
              * API/JSCallbackConstructor.cpp:
              (JSC::JSCallbackConstructor::JSCallbackConstructor):
              * API/JSCallbackConstructor.h:
              (JSC::JSCallbackConstructor::createStructure):
              * API/JSCallbackFunction.h:
              (JSC::JSCallbackFunction::createStructure):
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObject::createStructure):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::JSCallbackObject):
              * API/JSContextRef.cpp:
              * JavaScriptCore.JSVALUE32_64only.exp:
              * JavaScriptCore.JSVALUE64only.exp:
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::~CodeBlock):
              (JSC::CodeBlock::markStructures):
              (JSC::CodeBlock::markAggregate):
              * bytecode/CodeBlock.h:
              (JSC::MethodCallLinkInfo::setSeen):
              (JSC::GlobalResolveInfo::GlobalResolveInfo):
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
              (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
              (JSC::PolymorphicAccessStructureList::markAggregate):
              (JSC::Instruction::Instruction):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::deref):
              (JSC::StructureStubInfo::markAggregate):
              * bytecode/StructureStubInfo.h:
              (JSC::StructureStubInfo::initGetByIdSelf):
              (JSC::StructureStubInfo::initGetByIdProto):
              (JSC::StructureStubInfo::initGetByIdChain):
              (JSC::StructureStubInfo::initPutByIdTransition):
              (JSC::StructureStubInfo::initPutByIdReplace):
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              * debugger/DebuggerActivation.h:
              (JSC::DebuggerActivation::createStructure):
              * heap/Handle.h:
              * heap/MarkStack.cpp:
              (JSC::MarkStack::markChildren):
              (JSC::MarkStack::drain):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep):
              * heap/Strong.h:
              (JSC::Strong::Strong):
              (JSC::Strong::set):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::resolveGlobal):
              (JSC::Interpreter::resolveGlobalDynamic):
              (JSC::Interpreter::tryCachePutByID):
              (JSC::Interpreter::uncachePutByID):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::uncacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JIT.h:
              * jit/JITPropertyAccess.cpp:
              (JSC::JIT::privateCompilePutByIdTransition):
              (JSC::JIT::patchMethodCallProto):
              (JSC::JIT::privateCompileGetByIdProto):
              (JSC::JIT::privateCompileGetByIdSelfList):
              (JSC::JIT::privateCompileGetByIdProtoList):
              (JSC::JIT::privateCompileGetByIdChainList):
              (JSC::JIT::privateCompileGetByIdChain):
              * jit/JITPropertyAccess32_64.cpp:
              (JSC::JIT::privateCompilePutByIdTransition):
              (JSC::JIT::patchMethodCallProto):
              (JSC::JIT::privateCompileGetByIdProto):
              (JSC::JIT::privateCompileGetByIdSelfList):
              (JSC::JIT::privateCompileGetByIdProtoList):
              (JSC::JIT::privateCompileGetByIdChainList):
              (JSC::JIT::privateCompileGetByIdChain):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCachePutByID):
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              (JSC::getPolymorphicAccessStructureListSlot):
              * jit/JSInterfaceJIT.h:
              (JSC::JSInterfaceJIT::storePtrWithWriteBarrier):
              * jsc.cpp:
              (cleanupGlobalData):
              * runtime/Arguments.h:
              (JSC::Arguments::createStructure):
              (JSC::Arguments::Arguments):
              (JSC::JSActivation::copyRegisters):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * runtime/ArrayConstructor.h:
              * runtime/ArrayPrototype.cpp:
              (JSC::ArrayPrototype::ArrayPrototype):
              (JSC::arrayProtoFuncSplice):
              * runtime/ArrayPrototype.h:
              (JSC::ArrayPrototype::createStructure):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              * runtime/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              * runtime/BooleanConstructor.h:
              * runtime/BooleanObject.cpp:
              (JSC::BooleanObject::BooleanObject):
              * runtime/BooleanObject.h:
              (JSC::BooleanObject::createStructure):
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/BooleanPrototype.h:
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateConstructor.h:
              * runtime/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * runtime/DateInstance.h:
              (JSC::DateInstance::createStructure):
              * runtime/DatePrototype.cpp:
              (JSC::DatePrototype::DatePrototype):
              * runtime/DatePrototype.h:
              (JSC::DatePrototype::createStructure):
              * runtime/Error.cpp:
              (JSC::StrictModeTypeErrorFunction::StrictModeTypeErrorFunction):
              * runtime/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * runtime/ErrorConstructor.h:
              * runtime/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              (JSC::ErrorInstance::create):
              * runtime/ErrorInstance.h:
              (JSC::ErrorInstance::createStructure):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/ErrorPrototype.h:
              * runtime/ExceptionHelpers.cpp:
              (JSC::InterruptedExecutionError::InterruptedExecutionError):
              (JSC::TerminatedExecutionError::TerminatedExecutionError):
              * runtime/Executable.cpp:
              * runtime/Executable.h:
              (JSC::ExecutableBase::ExecutableBase):
              (JSC::ExecutableBase::createStructure):
              (JSC::NativeExecutable::createStructure):
              (JSC::NativeExecutable::NativeExecutable):
              (JSC::ScriptExecutable::ScriptExecutable):
              (JSC::EvalExecutable::createStructure):
              (JSC::ProgramExecutable::createStructure):
              (JSC::FunctionExecutable::createStructure):
              * runtime/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * runtime/FunctionConstructor.h:
              * runtime/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * runtime/FunctionPrototype.h:
              (JSC::FunctionPrototype::createStructure):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::GetterSetter):
              (JSC::GetterSetter::createStructure):
              * runtime/InitializeThreading.cpp:
              (JSC::initializeThreadingOnce):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * runtime/InternalFunction.h:
              (JSC::InternalFunction::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::JSActivation):
              * runtime/JSActivation.h:
              (JSC::JSActivation::createStructure):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              * runtime/JSArray.h:
              (JSC::JSArray::createStructure):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::JSByteArray):
              (JSC::JSByteArray::createStructure):
              * runtime/JSByteArray.h:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.cpp:
              (JSC::isZombie):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::JSCell):
              (JSC::JSCell::JSCell::addressOfStructure):
              (JSC::JSCell::JSCell::structure):
              (JSC::JSCell::JSCell::markChildren):
              (JSC::JSCell::JSValue::isZombie):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              * runtime/JSFunction.h:
              (JSC::JSFunction::createStructure):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::storeVPtrs):
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::clearBuiltinStructures):
              (JSC::JSGlobalData::createLeaked):
              * runtime/JSGlobalData.h:
              (JSC::allocateGlobalHandle):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::markChildren):
              (JSC::JSGlobalObject::copyGlobalsFrom):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObject):
              (JSC::JSGlobalObject::createStructure):
              (JSC::Structure::prototypeChain):
              (JSC::Structure::isValid):
              (JSC::constructEmptyArray):
              * runtime/JSNotAnObject.h:
              (JSC::JSNotAnObject::JSNotAnObject):
              (JSC::JSNotAnObject::createStructure):
              * runtime/JSONObject.cpp:
              (JSC::JSONObject::JSONObject):
              * runtime/JSONObject.h:
              (JSC::JSONObject::createStructure):
              * runtime/JSObject.cpp:
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::seal):
              (JSC::JSObject::freeze):
              (JSC::JSObject::preventExtensions):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::createInheritorID):
              * runtime/JSObject.h:
              (JSC::JSObject::createStructure):
              (JSC::JSObject::JSObject):
              (JSC::JSNonFinalObject::createStructure):
              (JSC::JSNonFinalObject::JSNonFinalObject):
              (JSC::JSFinalObject::create):
              (JSC::JSFinalObject::createStructure):
              (JSC::JSFinalObject::JSFinalObject):
              (JSC::constructEmptyObject):
              (JSC::createEmptyObjectStructure):
              (JSC::JSObject::~JSObject):
              (JSC::JSObject::setPrototype):
              (JSC::JSObject::setStructure):
              (JSC::JSObject::inheritorID):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::transitionTo):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSObjectWithGlobalObject.cpp:
              (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
              * runtime/JSObjectWithGlobalObject.h:
              (JSC::JSObjectWithGlobalObject::createStructure):
              (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
              (JSC::JSPropertyNameIterator::create):
              (JSC::JSPropertyNameIterator::get):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              (JSC::JSPropertyNameIterator::setCachedStructure):
              (JSC::Structure::setEnumerationCache):
              * runtime/JSStaticScopeObject.h:
              (JSC::JSStaticScopeObject::JSStaticScopeObject):
              (JSC::JSStaticScopeObject::createStructure):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              (JSC::RopeBuilder::createStructure):
              * runtime/JSType.h:
              * runtime/JSTypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              * runtime/JSValue.h:
              * runtime/JSVariableObject.h:
              (JSC::JSVariableObject::createStructure):
              (JSC::JSVariableObject::JSVariableObject):
              (JSC::JSVariableObject::copyRegisterArray):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::createStructure):
              (JSC::JSWrapperObject::JSWrapperObject):
              * runtime/JSZombie.cpp:
              * runtime/JSZombie.h:
              (JSC::JSZombie::JSZombie):
              (JSC::JSZombie::createStructure):
              * runtime/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * runtime/MathObject.h:
              (JSC::MathObject::createStructure):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              (JSC::NativeErrorConstructor::markChildren):
              * runtime/NativeErrorConstructor.h:
              (JSC::NativeErrorConstructor::createStructure):
              * runtime/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * runtime/NativeErrorPrototype.h:
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              * runtime/NumberConstructor.h:
              (JSC::NumberConstructor::createStructure):
              * runtime/NumberObject.cpp:
              (JSC::NumberObject::NumberObject):
              * runtime/NumberObject.h:
              (JSC::NumberObject::createStructure):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/NumberPrototype.h:
              * runtime/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              * runtime/ObjectConstructor.h:
              (JSC::ObjectConstructor::createStructure):
              * runtime/ObjectPrototype.cpp:
              (JSC::ObjectPrototype::ObjectPrototype):
              * runtime/ObjectPrototype.h:
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyTable::PropertyTable):
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              (JSC::RegExpMatchesArray::RegExpMatchesArray):
              * runtime/RegExpConstructor.h:
              (JSC::RegExpConstructor::createStructure):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::RegExpObject):
              * runtime/RegExpObject.h:
              (JSC::RegExpObject::createStructure):
              * runtime/RegExpPrototype.cpp:
              (JSC::RegExpPrototype::RegExpPrototype):
              * runtime/RegExpPrototype.h:
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              (JSC::ScopeChainNode::createStructure):
              * runtime/StrictEvalActivation.cpp:
              (JSC::StrictEvalActivation::StrictEvalActivation):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringConstructor.h:
              * runtime/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * runtime/StringObject.h:
              (JSC::StringObject::createStructure):
              * runtime/StringObjectThatMasqueradesAsUndefined.h:
              (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
              (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
              * runtime/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * runtime/StringPrototype.h:
              (JSC::StringPrototype::createStructure):
              * runtime/Structure.cpp:
              (JSC::StructureTransitionTable::remove):
              (JSC::StructureTransitionTable::add):
              (JSC::Structure::Structure):
              (JSC::Structure::~Structure):
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::addPropertyTransitionToExistingStructure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::removePropertyTransition):
              (JSC::Structure::changePrototypeTransition):
              (JSC::Structure::despecifyFunctionTransition):
              (JSC::Structure::getterSetterTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::toCacheableDictionaryTransition):
              (JSC::Structure::toUncacheableDictionaryTransition):
              (JSC::Structure::sealTransition):
              (JSC::Structure::freezeTransition):
              (JSC::Structure::preventExtensionsTransition):
              (JSC::Structure::flattenDictionaryStructure):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::put):
              (JSC::Structure::markChildren):
              * runtime/Structure.h:
              (JSC::Structure::create):
              (JSC::Structure::setPrototypeWithoutTransition):
              (JSC::Structure::createStructure):
              (JSC::JSCell::createDummyStructure):
              (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::keyForFinalizer):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::StructureChain):
              (JSC::StructureChain::markChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::create):
              (JSC::StructureChain::head):
              (JSC::StructureChain::createStructure):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::finalizerContextFor):
              (JSC::StructureTransitionTable::~StructureTransitionTable):
              (JSC::StructureTransitionTable::slot):
              (JSC::StructureTransitionTable::setMap):
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::clearSingleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::DefaultWeakGCMapFinalizerCallback::finalizerContextFor):
              (JSC::DefaultWeakGCMapFinalizerCallback::keyForFinalizer):
              (JSC::WeakGCMap::contains):
              (JSC::WeakGCMap::find):
              (JSC::WeakGCMap::remove):
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              (JSC::WeakGCMap::finalize):
              * runtime/WriteBarrier.h:
              (JSC::writeBarrier):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::setWithoutWriteBarrier):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Fix up JSG to correctly mark Structure, et al.
      
              * JSRun.cpp:
              (JSGlueGlobalObject::JSGlueGlobalObject):
              * JSRun.h:
              * JSUtils.cpp:
              (JSObjectKJSValue):
              * UserObjectImp.cpp:
              (UserObjectImp::UserObjectImp):
              * UserObjectImp.h:
              (UserObjectImp::createStructure):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WebCore for Structure being a GC allocated object
      
              * WebCore.exp.in:
              * bindings/js/JSAudioConstructor.h:
              (WebCore::JSAudioConstructor::createStructure):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::cacheDOMStructure):
              * bindings/js/JSDOMBinding.h:
              (WebCore::DOMObjectWithGlobalPointer::createStructure):
              (WebCore::DOMObjectWithGlobalPointer::DOMObjectWithGlobalPointer):
              (WebCore::DOMConstructorObject::createStructure):
              (WebCore::DOMConstructorObject::DOMConstructorObject):
              (WebCore::DOMConstructorWithDocument::DOMConstructorWithDocument):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
              (WebCore::JSDOMGlobalObject::markChildren):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::createStructure):
              * bindings/js/JSDOMWindowBase.cpp:
              (WebCore::JSDOMWindowBase::JSDOMWindowBase):
              * bindings/js/JSDOMWindowBase.h:
              (WebCore::JSDOMWindowBase::createStructure):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::createStructure):
              * bindings/js/JSDOMWrapper.h:
              (WebCore::DOMObject::DOMObject):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSImageConstructor.h:
              (WebCore::JSImageConstructor::createStructure):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSOptionConstructor.h:
              (WebCore::JSOptionConstructor::createStructure):
              * bindings/js/JSWorkerContextBase.cpp:
              (WebCore::JSWorkerContextBase::JSWorkerContextBase):
              * bindings/js/JSWorkerContextBase.h:
              (WebCore::JSWorkerContextBase::createStructure):
              * bindings/js/ScriptCachedFrameData.h:
              * bindings/js/SerializedScriptValue.h:
              * bindings/js/WorkerScriptController.cpp:
              (WebCore::WorkerScriptController::initScript):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/c/CRuntimeObject.h:
              (JSC::Bindings::CRuntimeObject::createStructure):
              * bridge/c/c_instance.cpp:
              (JSC::Bindings::CRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaInstanceJSC.cpp:
              (JavaRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaRuntimeObject.h:
              (JSC::Bindings::JavaRuntimeObject::createStructure):
              * bridge/objc/ObjCRuntimeObject.h:
              (JSC::Bindings::ObjCRuntimeObject::createStructure):
              * bridge/objc/objc_instance.mm:
              (ObjCRuntimeMethod::createStructure):
              * bridge/objc/objc_runtime.h:
              (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
              * bridge/runtime_array.cpp:
              (JSC::RuntimeArray::RuntimeArray):
              * bridge/runtime_array.h:
              (JSC::RuntimeArray::createStructure):
              * bridge/runtime_method.cpp:
              (JSC::RuntimeMethod::RuntimeMethod):
              * bridge/runtime_method.h:
              (JSC::RuntimeMethod::createStructure):
              * bridge/runtime_object.cpp:
              (JSC::Bindings::RuntimeObject::RuntimeObject):
              * bridge/runtime_object.h:
              (JSC::Bindings::RuntimeObject::createStructure):
              * history/HistoryItem.h:
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WebKit for the world of GC allocated Structure
      
              * Plugins/Hosted/NetscapePluginInstanceProxy.h:
              * Plugins/Hosted/ProxyInstance.mm:
              (WebKit::ProxyRuntimeMethod::createStructure):
              * Plugins/Hosted/ProxyRuntimeObject.h:
              (WebKit::ProxyRuntimeObject::createStructure):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WK2 for the world of GC allocated Structure
      
              * WebProcess/Plugins/Netscape/JSNPMethod.h:
              (WebKit::JSNPMethod::createStructure):
              * WebProcess/Plugins/Netscape/JSNPObject.h:
              (WebKit::JSNPObject::createStructure):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83808 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bb8da910
    • oliver@apple.com's avatar
      2011-04-13 Oliver Hunt <oliver@apple.com> · af134a79
      oliver@apple.com authored
              Reviewed by Gavin Barraclough.
      
              Make PropertyMapEntry use a WriteBarrier for specificValue
              https://bugs.webkit.org/show_bug.cgi?id=58407
      
              Make PropertyMapEntry use a WriteBarrier for specificValue, and then
              propagate the required JSGlobalData through all the methods it ends
              up being needed.
      
              * API/JSClassRef.cpp:
              (OpaqueJSClass::prototype):
              * API/JSContextRef.cpp:
              * API/JSObjectRef.cpp:
              (JSObjectMake):
              (JSObjectSetPrototype):
              * JavaScriptCore.exp:
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::BytecodeGenerator):
              * interpreter/Interpreter.cpp:
              (JSC::appendSourceToError):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::name):
              (JSC::InternalFunction::displayName):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::getOwnPropertySlot):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::name):
              (JSC::JSFunction::displayName):
              (JSC::JSFunction::getOwnPropertySlot):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::putWithAttributes):
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::resetPrototype):
              * runtime/JSGlobalObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::put):
              (JSC::JSObject::deleteProperty):
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::lookupGetter):
              (JSC::JSObject::lookupSetter):
              (JSC::JSObject::getPropertySpecificValue):
              (JSC::JSObject::getOwnPropertyNames):
              (JSC::JSObject::seal):
              (JSC::JSObject::freeze):
              (JSC::JSObject::preventExtensions):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::getOwnPropertyDescriptor):
              (JSC::JSObject::defineOwnProperty):
              * runtime/JSObject.h:
              (JSC::JSObject::getDirect):
              (JSC::JSObject::getDirectLocation):
              (JSC::JSObject::isSealed):
              (JSC::JSObject::isFrozen):
              (JSC::JSObject::setPrototypeWithCycleCheck):
              (JSC::JSObject::setPrototype):
              (JSC::JSObject::inlineGetOwnPropertySlot):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::putDirectWithoutTransition):
              (JSC::JSObject::putDirectFunctionWithoutTransition):
              * runtime/Lookup.cpp:
              (JSC::setUpStaticFunctionSlot):
              * runtime/ObjectConstructor.cpp:
              (JSC::objectConstructorCreate):
              (JSC::objectConstructorSeal):
              (JSC::objectConstructorFreeze):
              (JSC::objectConstructorPreventExtensions):
              (JSC::objectConstructorIsSealed):
              (JSC::objectConstructorIsFrozen):
              * runtime/Operations.h:
              (JSC::normalizePrototypeChain):
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyMapEntry::PropertyMapEntry):
              (JSC::PropertyTable::PropertyTable):
              (JSC::PropertyTable::copy):
              * runtime/Structure.cpp:
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::despecifyDictionaryFunction):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::removePropertyTransition):
              (JSC::Structure::changePrototypeTransition):
              (JSC::Structure::despecifyFunctionTransition):
              (JSC::Structure::getterSetterTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::toCacheableDictionaryTransition):
              (JSC::Structure::toUncacheableDictionaryTransition):
              (JSC::Structure::sealTransition):
              (JSC::Structure::freezeTransition):
              (JSC::Structure::preventExtensionsTransition):
              (JSC::Structure::isSealed):
              (JSC::Structure::isFrozen):
              (JSC::Structure::addPropertyWithoutTransition):
              (JSC::Structure::removePropertyWithoutTransition):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::get):
              (JSC::Structure::despecifyFunction):
              (JSC::Structure::despecifyAllFunctions):
              (JSC::Structure::put):
              (JSC::Structure::getPropertyNames):
              * runtime/Structure.h:
              (JSC::Structure::get):
              (JSC::Structure::materializePropertyMapIfNecessary):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough.
      
              Make PropertyMapEntry use a WriteBarrier for specificValue
              https://bugs.webkit.org/show_bug.cgi?id=58407
      
              Pass JSGlobalData reference on to APIs that now need them
      
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSHTMLDocumentCustom.cpp:
              (WebCore::JSHTMLDocument::all):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83751 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      af134a79
  12. 11 Apr, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 58198 - Clean up JSValue implementation for JSVALUE64 · c6441e68
      barraclough@apple.com authored
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      Remove JSNumberCell, JSImmediate, unify some methods between JSVALUE32_64/JSVALUE64
      
      JSNumberCell.h largely just contained the constructors for JSValue on JSVALUE64,
      which should not have been here.  JSImmediate mostly contained uncalled methods,
      along with the internal implementation of the JSValue constructors split unnecessarily
      across a number of layers of function calls. These could largely be merged back
      together. Many methods and constructors from JSVALUE32_64 and JSVALUE64 can by unified.
      
      The .cpp files were empty.
      
      Moving all these methods into JSValue.h seems to be a repro measurable regression, so
      I have kept these methods in a separate JSValueInlineMethods.h. Adding the 64-bit tag
      values as static const members of JSValue also measures as a repro regression, so I
      have made these #defines.
      
      * Android.mk:
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.exp:
      * JavaScriptCore.gypi:
      * JavaScriptCore.pro:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
          - Removed JSImmediate.h, JSNumberCell.h.
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitLoad):
          - Removed class JSImmediate.
      * dfg/DFGNonSpeculativeJIT.cpp:
      (JSC::DFG::NonSpeculativeJIT::compile):
          - Removed class JSImmediate.
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
          - Removed class JSImmediate.
      * jit/JITArithmetic.cpp:
      (JSC::JIT::compileBinaryArithOpSlowCase):
          - Removed class JSImmediate.
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitJumpIfJSCell):
      (JSC::JIT::emitJumpIfNotJSCell):
      (JSC::JIT::emitJumpIfImmediateInteger):
      (JSC::JIT::emitJumpIfNotImmediateInteger):
      (JSC::JIT::emitFastArithDeTagImmediate):
      (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
      (JSC::JIT::emitFastArithReTagImmediate):
      (JSC::JIT::emitTagAsBoolImmediate):
          - Removed class JSImmediate.
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_not):
      (JSC::JIT::emit_op_jeq_null):
      (JSC::JIT::emit_op_jneq_null):
      (JSC::JIT::emit_op_get_pnames):
      (JSC::JIT::emit_op_eq_null):
      (JSC::JIT::emit_op_neq_null):
      (JSC::JIT::emitSlow_op_not):
          - Removed class JSImmediate.
      * jit/JSInterfaceJIT.h:
          - Removed class JSImmediate.
      * runtime/JSCell.h:
          - Removed JSImmediate.h, JSNumberCell.h.
      * runtime/JSImmediate.cpp: Removed.
      * runtime/JSImmediate.h: Removed.
      * runtime/JSNumberCell.cpp: Removed.
      * runtime/JSNumberCell.h: Removed.
          - Removed.
      * runtime/JSObject.h:
          - Removed JSImmediate.h, JSNumberCell.h.
      * runtime/JSString.h:
          - Removed JSImmediate.h, JSNumberCell.h.
      * runtime/JSValue.h:
          - Added tags for JSVALUE64, moved out some JSVALUE32_64 methods, unified with JSVALUE64.
      * runtime/JSValueInlineMethods.h: Added.
      (JSC::JSValue::toInt32):
      (JSC::JSValue::toUInt32):
      (JSC::JSValue::isUInt32):
      (JSC::JSValue::asUInt32):
      (JSC::JSValue::uncheckedGetNumber):
      (JSC::JSValue::toJSNumber):
      (JSC::jsNaN):
      (JSC::JSValue::getNumber):
      (JSC::JSValue::getBoolean):
      (JSC::JSValue::JSValue):
      (JSC::JSValue::encode):
      (JSC::JSValue::decode):
      (JSC::JSValue::operator bool):
      (JSC::JSValue::operator==):
      (JSC::JSValue::operator!=):
      (JSC::JSValue::isUndefined):
      (JSC::JSValue::isNull):
      (JSC::JSValue::isUndefinedOrNull):
      (JSC::JSValue::isCell):
      (JSC::JSValue::isInt32):
      (JSC::JSValue::isDouble):
      (JSC::JSValue::isTrue):
      (JSC::JSValue::isFalse):
      (JSC::JSValue::tag):
      (JSC::JSValue::payload):
      (JSC::JSValue::asInt32):
      (JSC::JSValue::asDouble):
      (JSC::JSValue::asCell):
      (JSC::JSValue::isNumber):
      (JSC::JSValue::isBoolean):
      (JSC::JSValue::makeImmediate):
      (JSC::JSValue::immediateValue):
      (JSC::reinterpretDoubleToIntptr):
      (JSC::reinterpretIntptrToDouble):
          - Methods moved here from JSImmediate.h/JSNumberCell.h/JSValue.h.
      * runtime/Operations.h:
          - Removed JSImmediate.h, JSNumberCell.h.
      * wtf/StdLibExtras.h:
          - Export bitwise_cast.
      
      Source/WebCore: 
      
      JSNumberCell.h has been deprecated.
      
      * ForwardingHeaders/runtime/JSNumberCell.h: Removed.
      * bindings/scripts/CodeGeneratorJS.pm:
      * bridge/c/c_instance.cpp:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83459 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c6441e68
  13. 10 Apr, 2011 1 commit
  14. 05 Apr, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-04-05 Geoffrey Garen <ggaren@apple.com> · 21ef0ea6
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Introduced the concept of opaque roots, in preparation for marking the DOM with them
              https://bugs.webkit.org/show_bug.cgi?id=57903
      
              * JavaScriptCore.exp: Who likes export files? I do!
      
              * collector/handles/HandleHeap.cpp:
              (JSC::isValidWeakHandle): Factored out a helper function for ASSERTs.
      
              (JSC::WeakHandleOwner::~WeakHandleOwner): Moved from header to avoid
              weak linkage problems.
      
              (JSC::WeakHandleOwner::isReachableFromOpaqueRoots): New callback.
              Currently unused.
      
              (JSC::WeakHandleOwner::finalize): Switched from pure virtual to a
              default empty implementation, since not all clients necessarily want
              or need non-trivial finalizers.
      
              (JSC::HandleHeap::markWeakHandles): Split updateWeakHandles into two
              passes. The first pass marks all reachable weak handles. The second pass
              finalizes all unreachable weak handles. This must be two passes because
              we don't know the set of finalizable weak handles until we're done
              marking all weak handles.
      
              (JSC::HandleHeap::finalizeWeakHandles): Use new helper function.
      
              * collector/handles/HandleHeap.h: Ditto.
      
              * runtime/Heap.cpp: 
              (JSC::Heap::destroy):
              (JSC::Heap::markRoots):
              (JSC::Heap::reset): Split out handle marking from handle finalization.
      
              * runtime/MarkStack.cpp:
              (JSC::MarkStack::reset):
              * runtime/MarkStack.h:
              (JSC::MarkStack::addOpaqueRoot):
              (JSC::MarkStack::containsOpaqueRoot):
              (JSC::MarkStack::opaqueRootCount):
              (JSC::HeapRootMarker::markStack): New helper functions for managing the
              set of opaque roots.
      
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::finalize): Renamed to match parent class declaration.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83011 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      21ef0ea6
  15. 04 Apr, 2011 3 commits
    • commit-queue@webkit.org's avatar
      2011-04-04 Sheriff Bot <webkit.review.bot@gmail.com> · 606d6913
      commit-queue@webkit.org authored
              Unreviewed, rolling out r82876.
              http://trac.webkit.org/changeset/82876
              https://bugs.webkit.org/show_bug.cgi?id=57816
      
              Caused a lot of test crashes (Requested by tkent on #webkit).
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * wtf/FastMalloc.cpp:
              (WTF::tryFastMalloc):
              (WTF::fastMalloc):
              (WTF::tryFastCalloc):
              (WTF::fastCalloc):
              (WTF::fastFree):
              (WTF::tryFastRealloc):
              (WTF::fastRealloc):
              (WTF::fastMallocSize):
              (WTF::TCMalloc_PageHeap::isScavengerSuspended):
              (WTF::TCMalloc_PageHeap::scheduleScavenger):
              (WTF::TCMalloc_PageHeap::suspendScavenger):
              (WTF::TCMalloc_PageHeap::signalScavenger):
              (WTF::TCMallocStats::malloc):
              (WTF::TCMallocStats::free):
              (WTF::TCMallocStats::fastCalloc):
              (WTF::TCMallocStats::tryFastCalloc):
              (WTF::TCMallocStats::calloc):
              (WTF::TCMallocStats::fastRealloc):
              (WTF::TCMallocStats::tryFastRealloc):
              (WTF::TCMallocStats::realloc):
              (WTF::TCMallocStats::fastMallocSize):
              * wtf/FastMalloc.h:
              (WTF::Internal::fastMallocMatchValidationType):
              (WTF::Internal::fastMallocMatchValidationValue):
              (WTF::Internal::setFastMallocMatchValidationType):
              (WTF::fastMallocMatchValidateFree):
              * wtf/Platform.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@82905 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      606d6913
    • oliver@apple.com's avatar
      2011-04-04 Oliver Hunt <oliver@apple.com> · 0e5b03cf
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make malloc validation useful
              https://bugs.webkit.org/show_bug.cgi?id=57502
      
              This patch changes FAST_MALLOC_MATCH_VALIDATION with a general
              corruption check that tags the beginning and end of all allocations
              to check for write overflows and overwrites the contents of
              memory on free in order to (hopefully) show up use-after-free issues
              sooner.
      
              We also turn it on by default for debug builds.
      
              * JavaScriptCore.exp:
              * wtf/FastMalloc.cpp:
              (WTF::tryFastMalloc):
              (WTF::fastMalloc):
              (WTF::tryFastCalloc):
              (WTF::fastCalloc):
              (WTF::fastFree):
              (WTF::tryFastRealloc):
              (WTF::fastRealloc):
              (WTF::TCMalloc_PageHeap::isScavengerSuspended):
              (WTF::TCMalloc_PageHeap::scheduleScavenger):
              (WTF::TCMalloc_PageHeap::suspendScavenger):
              (WTF::TCMalloc_PageHeap::signalScavenger):
              (WTF::TCMallocStats::malloc):
              (WTF::TCMallocStats::free):
              (WTF::TCMallocStats::fastCalloc):
              (WTF::TCMallocStats::tryFastCalloc):
              (WTF::TCMallocStats::calloc):
              (WTF::TCMallocStats::fastRealloc):
              (WTF::TCMallocStats::tryFastRealloc):
              (WTF::TCMallocStats::realloc):
              * wtf/FastMalloc.h:
              (WTF::Internal::fastMallocValidationHeader):
              (WTF::Internal::fastMallocValidationSuffix):
              (WTF::Internal::fastMallocMatchValidationType):
              (WTF::Internal::setFastMallocMatchValidationType):
              (WTF::fastMallocMatchValidateFree):
              (WTF::fastMallocValidate):
              * wtf/Platform.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@82876 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0e5b03cf
    • oliver@apple.com's avatar
      2011-04-01 Oliver Hunt <oliver@apple.com> · 59144210
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make StructureChain GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=56695
      
              Make StructureChain GC allocated, and make the various owners
              mark it correctly.
      
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::dump):
              (JSC::CodeBlock::derefStructures):
              (JSC::CodeBlock::refStructures):
              (JSC::CodeBlock::markAggregate):
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
              (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
              (JSC::PolymorphicAccessStructureList::derefStructures):
              (JSC::PolymorphicAccessStructureList::markAggregate):
              (JSC::Instruction::Instruction):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::deref):
              (JSC::StructureStubInfo::markAggregate):
              * bytecode/StructureStubInfo.h:
              (JSC::StructureStubInfo::initGetByIdChain):
              (JSC::StructureStubInfo::initPutByIdTransition):
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
              * collector/handles/Handle.h:
              (JSC::HandleConverter::operator->):
              (JSC::HandleConverter::operator*):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::privateExecute):
              * jit/JITOpcodes.cpp:
              (JSC::JIT::emit_op_jneq_ptr):
              * jit/JITOpcodes32_64.cpp:
              (JSC::JIT::emit_op_jneq_ptr):
              * jit/JITPropertyAccess.cpp:
              (JSC::JIT::privateCompileGetByIdChainList):
              * jit/JITPropertyAccess32_64.cpp:
              (JSC::JIT::privateCompileGetByIdChainList):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCachePutByID):
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::getPolymorphicAccessStructureListSlot):
              (JSC::DEFINE_STUB_FUNCTION):
              * runtime/JSCell.h:
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              * runtime/JSGlobalData.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::markIfNeeded):
              * runtime/JSGlobalObject.h:
              (JSC::Structure::prototypeChain):
              * runtime/JSObject.h:
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::create):
              (JSC::JSPropertyNameIterator::get):
              (JSC::JSPropertyNameIterator::markChildren):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::setCachedPrototypeChain):
              * runtime/JSZombie.cpp:
              (JSC::JSZombie::leakedZombieStructure):
              * runtime/JSZombie.h:
              * runtime/MarkStack.h:
              (JSC::MarkStack::append):
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::sweep):
              * runtime/Structure.cpp:
              (JSC::Structure::addPropertyTransition):
              * runtime/Structure.h:
              (JSC::Structure::markAggregate):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::StructureChain):
              (JSC::StructureChain::~StructureChain):
              (JSC::StructureChain::markChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::create):
              (JSC::StructureChain::createStructure):
              * runtime/WriteBarrier.h:
              (JSC::WriteBarrierBase::get):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
      2011-04-01  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make StructureChain GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=56695
      
              Update for new Structure marking function
      
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::markChildren):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@82849 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      59144210
  16. 28 Mar, 2011 1 commit
    • oliver@apple.com's avatar
      2011-03-28 Oliver Hunt <oliver@apple.com> · 3b6dc575
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              instanceof Array test fails when using iframes
              https://bugs.webkit.org/show_bug.cgi?id=17250
      
              Add test cases for correct behaviour
      
              * fast/js/js-constructors-use-correct-global-expected.txt: Added.
              * fast/js/js-constructors-use-correct-global.html: Added.
              * fast/js/resources/js-constructors-use-correct-global.js: Added.
      2011-03-28  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              instanceof Array test fails when using iframes
              https://bugs.webkit.org/show_bug.cgi?id=17250
      
              This is a problem with all built in constructors, the use of
              lexicalGlobalObject rather than the constructors own
              global object reference means that a builtin will always use
              the prototype from the lexical global object rather than that
              of the constructors origin.
      
              * API/JSObjectRef.cpp:
              (JSObjectMakeFunction):
              (JSObjectMakeRegExp):
              * JavaScriptCore.exp:
              * runtime/ArrayConstructor.cpp:
              (JSC::constructArrayWithSizeQuirk):
              * runtime/BooleanConstructor.cpp:
              (JSC::constructBoolean):
              (JSC::constructBooleanFromImmediateBoolean):
              * runtime/BooleanConstructor.h:
              * runtime/DateConstructor.cpp:
              (JSC::constructDate):
              * runtime/DateInstance.cpp:
              * runtime/DateInstance.h:
              * runtime/ErrorConstructor.cpp:
              (JSC::constructWithErrorConstructor):
              (JSC::callErrorConstructor):
              * runtime/FunctionConstructor.cpp:
              (JSC::constructWithFunctionConstructor):
              (JSC::callFunctionConstructor):
              (JSC::constructFunction):
              * runtime/FunctionConstructor.h:
              * runtime/JSCell.cpp:
              (JSC::JSCell::getOwnPropertySlot):
              (JSC::JSCell::put):
              (JSC::JSCell::deleteProperty):
              (JSC::JSCell::toThisObject):
              (JSC::JSCell::toObject):
              * runtime/JSCell.h:
              (JSC::JSCell::JSValue::toObject):
              * runtime/JSNotAnObject.cpp:
              (JSC::JSNotAnObject::toObject):
              * runtime/JSNotAnObject.h:
              * runtime/JSObject.cpp:
              (JSC::JSObject::toObject):
              * runtime/JSObject.h:
              * runtime/JSString.cpp:
              (JSC::StringObject::create):
              (JSC::JSString::toObject):
              (JSC::JSString::toThisObject):
              * runtime/JSString.h:
              * runtime/JSValue.cpp:
              (JSC::JSValue::toObjectSlowCase):
              (JSC::JSValue::toThisObjectSlowCase):
              (JSC::JSValue::synthesizeObject):
              * runtime/JSValue.h:
              * runtime/NumberConstructor.cpp:
              (JSC::constructWithNumberConstructor):
              * runtime/NumberObject.cpp:
              (JSC::constructNumber):
              * runtime/NumberObject.h:
              * runtime/ObjectConstructor.cpp:
              (JSC::constructObject):
              (JSC::constructWithObjectConstructor):
              (JSC::callObjectConstructor):
              * runtime/RegExpConstructor.cpp:
              (JSC::constructRegExp):
              (JSC::constructWithRegExpConstructor):
              (JSC::callRegExpConstructor):
              * runtime/RegExpConstructor.h:
              * runtime/StringConstructor.cpp:
              (JSC::constructWithStringConstructor):
              * runtime/StringObject.h:
      2011-03-25  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              instanceof Array test fails when using iframes
              https://bugs.webkit.org/show_bug.cgi?id=17250
      
              Up date for new toObject api
      
              * UserObjectImp.cpp:
              (UserObjectImp::toPrimitive):
              (UserObjectImp::toBoolean):
              (UserObjectImp::toNumber):
              (UserObjectImp::toString):
      2011-03-28  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              instanceof Array test fails when using iframes
              https://bugs.webkit.org/show_bug.cgi?id=17250
      
              Update for new function and date apis
      
              Test: fast/js/js-constructors-use-correct-global.html
      
              * WebCore.xcodeproj/project.pbxproj:
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::jsDateOrNull):
              * bindings/js/JSLazyEventListener.cpp:
              (WebCore::JSLazyEventListener::initializeJSFunction):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@82173 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3b6dc575
  17. 25 Mar, 2011 2 commits
    • ddkilzer@apple.com's avatar
      Remove duplicate entry from JavaScriptCore.exp · fede50dd
      ddkilzer@apple.com authored
      JSC::createStackOverflowError(JSC::ExecState*) was originally
      exported in r60057, then duplicated in r60392.
      
      * JavaScriptCore.exp: Removed duplicate entry.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81969 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fede50dd
    • zimmermann@webkit.org's avatar
      2011-03-24 Nikolas Zimmermann <nzimmermann@rim.com> · 2fd3903b
      zimmermann@webkit.org authored
              Reviewed by Darin Adler.
      
              Introduce WTF HexNumber.h
              https://bugs.webkit.org/show_bug.cgi?id=56099
      
              Introduce a set of functions that ease converting from a bye or a number to a hex string,
              replacing several of these conversions and String::format("%x") usages all over WebCore.
      
              * GNUmakefile.am: Add HexNumber.h to build.
              * JavaScriptCore.exp: Export StringBuilder::reserveCapacity.
              * JavaScriptCore.gypi: Add HexNumber.h to build.
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export StringBuilder::reserveCapacity.
              * JavaScriptCore.vcproj/WTF/WTF.vcproj: Add HexNumber.h to build.
              * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
              * wtf/CMakeLists.txt: Ditto.
              * wtf/HexNumber.h: Added.
              (WTF::Internal::hexDigitsForMode): Internal helper.
              (WTF::appendByteAsHex): Free function, that appends a byte as hex string into a destination.
              (WTF::placeByteAsHex): Ditto, but places the result using *foo++ = '..' or foo[index++] = '..'
              (WTF::appendUnsignedAsHex): Free function, that appends a number as hex string into a destination.
      2011-03-24  Nikolas Zimmermann  <nzimmermann@rim.com>
      
              Reviewed by Darin Adler.
      
              Introduce WTF HexNumber.h
              https://bugs.webkit.org/show_bug.cgi?id=56099
      
              Introduce a set of functions that ease converting from a bye or a number to a hex string,
              replacing several of these conversions and String::format("%x") usages all over WebCore.
      
              * ForwardingHeaders/wtf/HexNumber.h: Added.
              * css/CSSOMUtils.cpp:
              (WebCore::serializeCharacterAsCodePoint):
              * css/CSSParser.cpp:
              (WebCore::quoteCSSString):
              * inspector/InspectorResourceAgent.cpp:
              (WebCore::createReadableStringFromBinary):
              * platform/FileSystem.cpp:
              (WebCore::encodeForFileName):
              * platform/KURL.cpp:
              (WebCore::appendEscapedChar):
              * platform/UUID.cpp:
              (WebCore::createCanonicalUUIDString):
              * platform/graphics/Color.cpp:
              (WebCore::Color::serialized):
              * platform/network/FormDataBuilder.cpp:
              (WebCore::FormDataBuilder::encodeStringAsFormData):
              * rendering/RenderTreeAsText.cpp:
              (WebCore::quoteAndEscapeNonPrintables):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81943 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2fd3903b
  18. 24 Mar, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-03-24 Geoffrey Garen <ggaren@apple.com> · e5695425
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Ensure that all compilation takes place within a dynamic global object scope
              https://bugs.webkit.org/show_bug.cgi?id=57054
              <rdar://problem/9083011>        
      
              Otherwise, entry to the global object scope might throw away the code
              we just compiled, causing a crash.
      
              * JavaScriptCore.exp: Updated for signature change.
      
              * debugger/Debugger.cpp:
              (JSC::evaluateInGlobalCallFrame):
              * debugger/DebuggerCallFrame.cpp:
              (JSC::DebuggerCallFrame::evaluate): Removed explicit compilation calls
              here because (a) they took place outside a dynamic global object scope
              and (b) they were redundant.
      
              * interpreter/CachedCall.h:
              (JSC::CachedCall::CachedCall): Updated for signature change.
      
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::execute):
              (JSC::Interpreter::executeCall):
              (JSC::Interpreter::executeConstruct): Declare our dynamic global object
              scope earlier, to ensure that compilation takes place within it.
      
              * runtime/Completion.cpp:
              (JSC::evaluate): Removed explicit compilation calls here because (a)
              they took place outside a dynamic global object scope and (b) they were
              redundant.
      
              * runtime/Executable.h:
              (JSC::EvalExecutable::compile):
              (JSC::ProgramExecutable::compile):
              (JSC::FunctionExecutable::compileForCall):
              (JSC::FunctionExecutable::compileForConstruct): Added an ASSERT to
              verify our new invariant that all compilation takes place within a
              dynamic global object scope.
      
              * runtime/JSGlobalObject.cpp:
              (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
              * runtime/JSGlobalObject.h: Changed the signature of DynamicGlobalObjectScope
              to require a JSGlobalData instead of an ExecState* since it is often
              easier to provide the former, and the latter was not necessary.
      2011-03-24  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Ensure that all compilation takes place within a dynamic global object scope
              https://bugs.webkit.org/show_bug.cgi?id=57054
      
              * WebView/WebScriptDebugDelegate.mm:
              (-[WebScriptCallFrame evaluateWebScript:]): Updated for signature change.
      2011-03-24  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Ensure that all compilation takes place within a dynamic global object scope
              https://bugs.webkit.org/show_bug.cgi?id=57054
      
              * bindings/js/JSErrorHandler.cpp:
              (WebCore::JSErrorHandler::handleEvent):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::handleEvent): Updated for signature change.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81904 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e5695425
  19. 16 Mar, 2011 1 commit
    • oliver@apple.com's avatar
      2011-03-15 Oliver Hunt <oliver@apple.com> · 90cf7d51
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make Structure creation require a JSGlobalData
              https://bugs.webkit.org/show_bug.cgi?id=56438
      
              Mechanical change to make Structure::create require JSGlobalData&, and
              require all users to provide the globalData.
      
              * API/JSCallbackConstructor.h:
              (JSC::JSCallbackConstructor::createStructure):
              * API/JSCallbackFunction.h:
              (JSC::JSCallbackFunction::createStructure):
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObject::createStructure):
              * API/JSContextRef.cpp:
              * JavaScriptCore.exp:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              * debugger/DebuggerActivation.h:
              (JSC::DebuggerActivation::createStructure):
              * jit/JITStubs.cpp:
              (JSC::DEFINE_STUB_FUNCTION):
              * jsc.cpp:
              (GlobalObject::GlobalObject):
              (functionRun):
              (jscmain):
              * runtime/Arguments.h:
              (JSC::Arguments::createStructure):
              * runtime/ArrayPrototype.h:
              (JSC::ArrayPrototype::createStructure):
              * runtime/BooleanObject.h:
              (JSC::BooleanObject::createStructure):
              * runtime/DateInstance.h:
              (JSC::DateInstance::createStructure):
              * runtime/DatePrototype.h:
              (JSC::DatePrototype::createStructure):
              * runtime/ErrorInstance.h:
              (JSC::ErrorInstance::createStructure):
              * runtime/Executable.h:
              (JSC::ExecutableBase::createStructure):
              (JSC::EvalExecutable::createStructure):
              (JSC::ProgramExecutable::createStructure):
              (JSC::FunctionExecutable::createStructure):
              * runtime/FunctionPrototype.h:
              (JSC::FunctionPrototype::createStructure):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::createStructure):
              * runtime/InternalFunction.h:
              (JSC::InternalFunction::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              * runtime/JSActivation.h:
              (JSC::JSActivation::createStructure):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              * runtime/JSArray.h:
              (JSC::JSArray::createStructure):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::createStructure):
              * runtime/JSByteArray.h:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::createDummyStructure):
              * runtime/JSFunction.h:
              (JSC::JSFunction::createStructure):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::storeVPtrs):
              (JSC::JSGlobalData::JSGlobalData):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObject):
              (JSC::JSGlobalObject::createStructure):
              * runtime/JSNotAnObject.h:
              (JSC::JSNotAnObject::createStructure):
              * runtime/JSONObject.h:
              (JSC::JSONObject::createStructure):
              * runtime/JSObject.cpp:
              (JSC::JSObject::createInheritorID):
              * runtime/JSObject.h:
              (JSC::JSObject::createStructure):
              (JSC::JSNonFinalObject::createStructure):
              (JSC::JSFinalObject::createStructure):
              (JSC::createEmptyObjectStructure):
              (JSC::JSObject::inheritorID):
              * runtime/JSObjectWithGlobalObject.h:
              (JSC::JSObjectWithGlobalObject::createStructure):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              * runtime/JSStaticScopeObject.h:
              (JSC::JSStaticScopeObject::createStructure):
              * runtime/JSString.h:
              (JSC::RopeBuilder::createStructure):
              * runtime/JSVariableObject.h:
              (JSC::JSVariableObject::createStructure):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::createStructure):
              * runtime/JSZombie.h:
              (JSC::JSZombie::createStructure):
              * runtime/MathObject.h:
              (JSC::MathObject::createStructure):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              * runtime/NativeErrorConstructor.h:
              (JSC::NativeErrorConstructor::createStructure):
              * runtime/NumberConstructor.h:
              (JSC::NumberConstructor::createStructure):
              * runtime/NumberObject.h:
              (JSC::NumberObject::createStructure):
              * runtime/ObjectConstructor.h:
              (JSC::ObjectConstructor::createStructure):
              * runtime/RegExpConstructor.h:
              (JSC::RegExpConstructor::createStructure):
              * runtime/RegExpObject.h:
              (JSC::RegExpObject::createStructure):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::createStructure):
              * runtime/StringObject.h:
              (JSC::StringObject::createStructure):
              * runtime/StringObjectThatMasqueradesAsUndefined.h:
              (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
              * runtime/StringPrototype.h:
              (JSC::StringPrototype::createStructure):
              * runtime/Structure.h:
              (JSC::Structure::create):
      2011-03-15  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make Structure creation require a JSGlobalData
              https://bugs.webkit.org/show_bug.cgi?id=56438
      
              Mechanical change to make all structure creation pass a JSGlobalData&.
      
              * JSRun.cpp:
              (JSGlueGlobalObject::JSGlueGlobalObject):
              (JSRun::JSRun):
              * JSRun.h:
              * JSUtils.cpp:
              (getThreadGlobalObject):
              * UserObjectImp.h:
              (UserObjectImp::createStructure):
      2011-03-15  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make Structure creation require a JSGlobalData
              https://bugs.webkit.org/show_bug.cgi?id=56438
      
              Mechanical change to make all structure creation use GlobalData
      
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::JSAudioConstructor::JSAudioConstructor):
              * bindings/js/JSAudioConstructor.h:
              (WebCore::JSAudioConstructor::createStructure):
              * bindings/js/JSDOMBinding.h:
              (WebCore::DOMObjectWithGlobalPointer::createStructure):
              (WebCore::DOMConstructorObject::createStructure):
              (WebCore::getDOMStructure):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::createStructure):
              * bindings/js/JSDOMWindowBase.h:
              (WebCore::JSDOMWindowBase::createStructure):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::createStructure):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::JSImageConstructor::JSImageConstructor):
              * bindings/js/JSImageConstructor.h:
              (WebCore::JSImageConstructor::createStructure):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSOptionConstructor.cpp:
              (WebCore::JSOptionConstructor::JSOptionConstructor):
              * bindings/js/JSOptionConstructor.h:
              (WebCore::JSOptionConstructor::createStructure):
              * bindings/js/JSWorkerContextBase.h:
              (WebCore::JSWorkerContextBase::createStructure):
              * bindings/js/WorkerScriptController.cpp:
              (WebCore::WorkerScriptController::initScript):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/c/CRuntimeObject.h:
              (JSC::Bindings::CRuntimeObject::createStructure):
              * bridge/c/c_instance.cpp:
              (JSC::Bindings::CRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaInstanceJSC.cpp:
              (JavaRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaRuntimeObject.h:
              (JSC::Bindings::JavaRuntimeObject::createStructure):
              * bridge/objc/ObjCRuntimeObject.h:
              (JSC::Bindings::ObjCRuntimeObject::createStructure):
              * bridge/objc/objc_instance.mm:
              (ObjCRuntimeMethod::createStructure):
              * bridge/objc/objc_runtime.h:
              (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
              * bridge/runtime_array.h:
              (JSC::RuntimeArray::createStructure):
              * bridge/runtime_method.h:
              (JSC::RuntimeMethod::createStructure):
              * bridge/runtime_object.h:
              (JSC::Bindings::RuntimeObject::createStructure):
      2011-03-15  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make Structure creation require a JSGlobalData
              https://bugs.webkit.org/show_bug.cgi?id=56438
      
              Mechanical change to make all Structure creation use a JSGlobalData&
      
              * Plugins/Hosted/ProxyInstance.mm:
              (WebKit::ProxyRuntimeMethod::createStructure):
              * Plugins/Hosted/ProxyRuntimeObject.h:
              (WebKit::ProxyRuntimeObject::createStructure):
      2011-03-15  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Make Structure creation require a JSGlobalData
              https://bugs.webkit.org/show_bug.cgi?id=56438
      
              Mechanical change to make all Structure creation use a JSGlobalData&.
      
              * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
              (WebKit::JSNPMethod::JSNPMethod):
              * WebProcess/Plugins/Netscape/JSNPMethod.h:
              (WebKit::JSNPMethod::createStructure):
              * WebProcess/Plugins/Netscape/JSNPObject.cpp:
              (WebKit::JSNPObject::JSNPObject):
              * WebProcess/Plugins/Netscape/JSNPObject.h:
              (WebKit::JSNPObject::createStructure):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81272 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      90cf7d51
  20. 13 Mar, 2011 1 commit
    • ggaren@apple.com's avatar
      A few Heap-related renames (sans file moves, which should come next) · 123f685d
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=56283
              
      Reviewed by Sam Weinig.
      
      ConservativeSet => ConservativeRoots. "Set" was misleading, since items
      are not uniqued. Also, "Roots" is more specific about what's in the set.
              
      MachineStackMarker => MachineThreads. "Threads" is more descriptive of
      the fact that this class maintains a set of all threads using JSC.
      "Stack" was misleading, since this class traverses stacks and registers.
      "Mark" was misleading, since this class doesn't mark anything anymore.
              
      registerThread => addCurrentThread. "Current" is more specific.
      unregisterThread => removeCurrentThread. "Current" is more specific.
              
      "currentThreadRegistrar" => threadSpecific. The only point of this data
      structure is to register a thread-specific destructor with a pointer to
      this.
              
      "mark...Conservatively" => "gather". "Mark" is not true, since these
      functions don't mark anything. "Conservatively" is redundant, since they
      take "ConservativeRoots" as an argument.
      
      * API/APIShims.h:
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
      * JavaScriptCore.exp:
      * runtime/ConservativeSet.cpp:
      (JSC::ConservativeRoots::grow):
      (JSC::ConservativeRoots::add):
      * runtime/ConservativeSet.h:
      (JSC::ConservativeRoots::ConservativeRoots):
      (JSC::ConservativeRoots::~ConservativeRoots):
      (JSC::ConservativeRoots::size):
      (JSC::ConservativeRoots::roots):
      * runtime/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC::Heap::markRoots):
      * runtime/Heap.h:
      (JSC::Heap::machineThreads):
      * runtime/JSGlobalData.h:
      (JSC::JSGlobalData::makeUsableFromMultipleThreads):
      * runtime/MachineStackMarker.cpp:
      (JSC::MachineThreads::MachineThreads):
      (JSC::MachineThreads::~MachineThreads):
      (JSC::MachineThreads::makeUsableFromMultipleThreads):
      (JSC::MachineThreads::addCurrentThread):
      (JSC::MachineThreads::removeThread):
      (JSC::MachineThreads::removeCurrentThread):
      (JSC::MachineThreads::gatherFromCurrentThreadInternal):
      (JSC::MachineThreads::gatherFromCurrentThread):
      (JSC::MachineThreads::gatherFromOtherThread):
      (JSC::MachineThreads::gatherConservativeRoots):
      * runtime/MachineStackMarker.h:
      * runtime/MarkStack.h:
      (JSC::MarkStack::append):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80995 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      123f685d
  21. 11 Mar, 2011 1 commit
    • eric.carlson@apple.com's avatar
      2011-03-11 Eric Carlson <eric.carlson@apple.com> · 16c0d7dc
      eric.carlson@apple.com authored
              Reviewed by Sam Weinig.
      
              <rdar://problem/8955589> Adopt AVFoundation media back end on Lion.
      
              No new tests, existing media tests cover this.
      
              * WebCore.xcodeproj/project.pbxproj:
              * platform/graphics/MediaPlayer.cpp:
              (WebCore::installedMediaEngines): Register MediaPlayerPrivateAVFoundationObjC.
              (WebCore::bestMediaEngineForTypeAndCodecs): Kill some whitespace.
              (WebCore::MediaPlayer::loadWithNextMediaEngine): Ditto.
              (WebCore::MediaPlayer::inMediaDocument): Ditto.
              * platform/graphics/MediaPlayer.h:
      
              * platform/graphics/avfoundation: Added.
              * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: Added.
              * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: Added.
      
              * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.h: Added.
              * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundationObjC.mm: Added.
      
      2011-03-11  Eric Carlson  <eric.carlson@apple.com>
      
              Reviewed by Sam Weinig.
      
              <rdar://problem/8955589> Adopt AVFoundation media back end on Lion.
      
              No new tests, existing media tests cover this.
      
              * JavaScriptCore.exp: Export cancelCallOnMainThread
              * wtf/Platform.h: Define WTF_USE_AVFOUNDATION.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80874 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      16c0d7dc
  22. 10 Mar, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-03-10 Geoffrey Garen <ggaren@apple.com> · 58274d20
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Rolled back in 80277 and 80280 with event handler layout test failures fixed.
              https://bugs.webkit.org/show_bug.cgi?id=55653        
      
              The failures were caused by a last minute typo: assigning to currentEvent
              instead of m_currentEvent.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * bytecompiler/BytecodeGenerator.cpp:
              * jit/JITOpcodes.cpp:
              * jit/JITOpcodes32_64.cpp:
              * runtime/Arguments.h:
              * runtime/JSActivation.cpp:
              * runtime/JSActivation.h:
              * runtime/JSCell.h:
              * runtime/JSGlobalObject.cpp:
              * runtime/JSGlobalObject.h:
              * runtime/JSObject.cpp:
              * runtime/JSStaticScopeObject.cpp:
              * runtime/JSStaticScopeObject.h:
              * runtime/JSVariableObject.h:
              * runtime/MarkedSpace.cpp:
              * runtime/MarkedSpace.h:
      2011-03-10  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Rolled back in 80277 and 80280 with event handler layout test failures fixed.
              https://bugs.webkit.org/show_bug.cgi?id=55653        
      
              The failures were caused by a last minute typo: assigning to currentEvent
              instead of m_currentEvent.
      
              * JSRun.cpp:
              * JSRun.h:
      2011-03-10  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Rolled back in 80277 and 80280 with event handler layout test failures fixed.
              https://bugs.webkit.org/show_bug.cgi?id=55653
      
              The failures were caused by a last minute typo: assigning to currentEvent
              instead of m_currentEvent.
      
              * WebCore.xcodeproj/project.pbxproj:
              * bindings/js/JSDOMGlobalObject.cpp:
              * bindings/js/JSDOMGlobalObject.h:
              * bindings/js/JSDOMWindowBase.cpp:
              * bindings/js/JSDOMWindowBase.h:
              * bindings/js/JSDOMWindowCustom.h:
              * bindings/js/JSWorkerContextBase.cpp:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80742 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      58274d20
  23. 09 Mar, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 56041 - RexExp constructor should only accept flags "gim" · 1281293b
      barraclough@apple.com authored
      We also should be passing the flags around as a bitfield rather than a string,
      and should not have redundant, incompatible code for converting the string to a bitfield!
      
      Reviewed by Darin Adler.
      
      Source/JavaScriptCore: 
      
      * JavaScriptCore.exp:
      * bytecompiler/NodesCodegen.cpp:
      (JSC::RegExpNode::emitBytecode):
          - Need to parse flags string to enum.
      * runtime/RegExp.cpp:
      (JSC::regExpFlags):
      (JSC::RegExp::RegExp):
      (JSC::RegExp::create):
          - Add method to parse flags string to enum, change constructor/create args to take enum.
      * runtime/RegExp.h:
      (JSC::RegExp::global):
      (JSC::RegExp::ignoreCase):
      (JSC::RegExp::multiline):
          - Change to use new enum values.
      * runtime/RegExpCache.cpp:
      (JSC::RegExpCache::lookupOrCreate):
      (JSC::RegExpCache::create):
      * runtime/RegExpCache.h:
          - Changed to use regExpFlags enum instead of int/const UString&.
      * runtime/RegExpConstructor.cpp:
      (JSC::constructRegExp):
          - Add use new enum parsing, check for error.
      * runtime/RegExpKey.h:
      (JSC::RegExpKey::RegExpKey):
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::RegExpPrototype):
          - Pass NoFlags value instead of empty string.
      (JSC::regExpProtoFuncCompile):
          - Add use new enum parsing, check for error.
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
          - Pass NoFlags value instead of empty string.
      
      Source/WebCore: 
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::readTerminal):
          - Need to parse flags string back to enum.
      
      LayoutTests: 
      
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T2-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T3-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T4-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T5-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T6-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T7-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T8-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.10_RegExp/15.10.4/S15.10.4.1_A5_T9-expected.txt:
          - Check in passing results!
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80667 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1281293b
  24. 06 Mar, 2011 1 commit
    • yutak@chromium.org's avatar
      2011-03-06 Yuta Kitamura <yutak@chromium.org> · d22c012a
      yutak@chromium.org authored
              Reviewed by Kent Tamura.
      
              Add SHA-1 for new WebSocket protocol
              https://bugs.webkit.org/show_bug.cgi?id=55039
      
              The code is based on Chromium's portable SHA-1 implementation
              (src/base/sha1_portable.cc). Modifications were made in order
              to make the code comply with WebKit coding style.
      
              * GNUmakefile.am:
              * JavaScriptCore.exp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.vcproj/WTF/WTF.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * wtf/CMakeLists.txt:
              * wtf/MD5.cpp:
              (WTF::MD5::MD5):
              * wtf/SHA1.cpp: Added.
              (WTF::testSHA1): This function will be run the first time SHA1
              constructor is called. This function computes a few hash values
              and checks the results in debug builds. However, constructor is
              probably not a good place to run these tests, so we need to find
              a good place for it (bug 55853).
              (WTF::expectSHA1):
              (WTF::f):
              (WTF::k):
              (WTF::rotateLeft):
              (WTF::SHA1::SHA1):
              (WTF::SHA1::addBytes):
              (WTF::SHA1::computeHash):
              (WTF::SHA1::finalize):
              (WTF::SHA1::processBlock):
              (WTF::SHA1::reset):
              * wtf/SHA1.h: Added.
              (WTF::SHA1::addBytes):
              * wtf/wtf.pri:
      2011-03-06  Yuta Kitamura  <yutak@chromium.org>
      
              Reviewed by Kent Tamura.
      
              Add SHA-1 for new WebSocket protocol
              https://bugs.webkit.org/show_bug.cgi?id=55039
      
              * ForwardingHeaders/wtf/SHA1.h: Added.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80446 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d22c012a
  25. 04 Mar, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 55736 - Implement seal/freeze/preventExtensions for normal object types. · dd993107
      barraclough@apple.com authored
      Provide basic functionallity from section 15.2.4 of ECMA-262.
      This support will need expanding to cover arrays, too.
      
      Reviewed by Sam Weinig.
      
      Source/JavaScriptCore: 
      
      Shows a 0.5% progression on SunSpidey, this seems to be due to changing
      ObjectConstructor to use a static table.
      
      * DerivedSources.make:
      * JavaScriptCore.exp:
      * interpreter/CallFrame.h:
      (JSC::ExecState::objectConstructorTable):
          Add a static table for ObjectConstructor.
      * runtime/CommonIdentifiers.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
          Add a static table for ObjectConstructor.
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
          Add a static table for ObjectConstructor.
      * runtime/JSObject.cpp:
      (JSC::JSObject::seal):
      (JSC::JSObject::freeze):
      (JSC::JSObject::preventExtensions):
          Transition the object's structure.
      (JSC::JSObject::defineOwnProperty):
          Check isExtensible.
      * runtime/JSObject.h:
      (JSC::JSObject::isSealed):
      (JSC::JSObject::isFrozen):
      (JSC::JSObject::isExtensible):
          These wrap method on structure.
      (JSC::JSObject::putDirectInternal):
          Check isExtensible.
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::ObjectConstructor):
      (JSC::ObjectConstructor::getOwnPropertySlot):
      (JSC::ObjectConstructor::getOwnPropertyDescriptor):
          Change ObjectConstructor to use a static table.
      (JSC::objectConstructorSeal):
      (JSC::objectConstructorFreeze):
      (JSC::objectConstructorPreventExtensions):
      (JSC::objectConstructorIsSealed):
      (JSC::objectConstructorIsFrozen):
      (JSC::objectConstructorIsExtensible):
          Add new methods on Object.
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
          init/propagate  m_preventExtensions
      (JSC::Structure::sealTransition):
      (JSC::Structure::freezeTransition):
      (JSC::Structure::preventExtensionsTransition):
          transition the structure, materializing the property map, setting m_preventExtensions & changing attributes.
      (JSC::Structure::isSealed):
      (JSC::Structure::isFrozen):
          check attributes to detect if object is sealed/frozen.
      * runtime/Structure.h:
      (JSC::Structure::isExtensible):
          checks the m_preventExtensions flag.
      
      LayoutTests: 
      
      Update results - many more tests PASS.
      Also adds a new testcase.
      
      * fast/js/Object-getOwnPropertyNames-expected.txt:
      * fast/js/script-tests/Object-getOwnPropertyNames.js:
      * ietestcenter/Javascript/15.2.3.10-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.10-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.10-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.10-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-10-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-11-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-12-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-13-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-14-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-15-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-16-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-17-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-18-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-19-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-22-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-23-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-24-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-25-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-26-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-27-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-7-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-8-expected.txt:
      * ietestcenter/Javascript/15.2.3.11-4-9-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-10-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-11-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-12-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-13-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-14-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-15-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-16-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-17-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-18-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-19-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-22-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-23-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-24-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-25-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-26-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-27-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-7-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-8-expected.txt:
      * ietestcenter/Javascript/15.2.3.12-3-9-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-0-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-10-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-11-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-12-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-13-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-14-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-15-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-16-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-17-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-18-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-19-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-3-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-7-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-8-expected.txt:
      * ietestcenter/Javascript/15.2.3.13-2-9-expected.txt:
      * ietestcenter/Javascript/15.2.3.14-2-4-expected.txt:
      * ietestcenter/Javascript/15.2.3.14-2-5-expected.txt:
      * ietestcenter/Javascript/15.2.3.14-2-6-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-20-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-21-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-22-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-23-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-24-expected.txt:
      * ietestcenter/Javascript/15.2.3.3-4-25-expected.txt:
      * ietestcenter/Javascript/15.2.3.4-4-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.6-4-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.8-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.8-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.8-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.9-0-1-expected.txt:
      * ietestcenter/Javascript/15.2.3.9-0-2-expected.txt:
      * ietestcenter/Javascript/15.2.3.9-1-expected.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80378 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      dd993107
  26. 03 Mar, 2011 3 commits
    • ggaren@apple.com's avatar
      2011-03-03 Geoffrey Garen <ggaren@apple.com> · 078f4539
      ggaren@apple.com authored
              Rolled out 80277 and 80280 because they caused event handler layout test
              failures.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      078f4539
    • ggaren@apple.com's avatar
      2011-03-02 Geoffrey Garen <ggaren@apple.com> · 1fe136c0
      ggaren@apple.com authored
              Reviewed by Darin Adler.
      
              Moved all variable object storage inline -- upping the object size limit to 1K
              https://bugs.webkit.org/show_bug.cgi?id=55653
      
              * JavaScriptCore.exp:
              * bytecompiler/BytecodeGenerator.cpp:
              * jit/JITOpcodes.cpp:
              * runtime/Arguments.h:
              * runtime/JSActivation.h: Removed out-of-line storage. Changed d-> to m_.
      
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedSpace::sizeClassFor): Added an imprecise size class
              to accomodate objects up to 1K.
      
              * runtime/JSGlobalObject.cpp:
              * runtime/JSGlobalObject.h: Removed out-of-line storage. Changed d-> to m_.
      
              * runtime/JSObject.cpp: Don't ASSERT that JSFinalObject fills the maximum
              object size, since it doesn't anymore.
      
              * runtime/JSStaticScopeObject.cpp:
              * runtime/JSStaticScopeObject.h:
              * runtime/JSVariableObject.h: Removed out-of-line storage. Changed d-> to m_.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h: Added an imprecise size class to accomodate objects up to 1K.
      2011-03-02  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler.
      
              Moved all variable object storage inline -- upping the object size limit to 1K
              https://bugs.webkit.org/show_bug.cgi?id=55653
      
              * JSRun.cpp:
              (JSGlueGlobalObject::JSGlueGlobalObject):
              * JSRun.h:
              (JSGlueGlobalObject::Flags):
              (JSGlueGlobalObject::userObjectStructure): Removed out-of-line storage. Changed d-> to m_.
      2011-03-02  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler.
      
              Moved all variable object storage inline -- upping the object size limit to 1K
              https://bugs.webkit.org/show_bug.cgi?id=55653
      
              * bindings/js/JSDOMGlobalObject.cpp:
              * bindings/js/JSDOMGlobalObject.h:
              * bindings/js/JSDOMWindowBase.cpp:
              * bindings/js/JSDOMWindowBase.h:
              * bindings/js/JSDOMWindowCustom.h:
              * bindings/js/JSWorkerContextBase.cpp: Removed out-of-line storage. Changed d-> to m_.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80277 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1fe136c0
    • timothy@apple.com's avatar
      Use APIEntryShim instead of JSLock in SerializedScriptValue. · f5a07a92
      timothy@apple.com authored
      Source/JavaScriptCore: Make APIShims usable from WebCore.
      
      Reviewed by Oliver Hunt.
      
      * ForwardingHeaders/JavaScriptCore/APIShims.h: Added.
      * GNUmakefile.am:
      * JavaScriptCore.exp:
      * JavaScriptCore.gypi:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      
      Source/WebCore: Use APIEntryShim instead of JSLock in SerializedScriptValue to allow it to be used
      by contexts not created by WebCore.
      
      https://webkit.org/b/55642
      
      Reviewed by Oliver Hunt.
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::SerializedScriptValue::create): Use APIEntryShim instead of JSLock.
      (WebCore::SerializedScriptValue::deserialize): Ditto.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80254 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f5a07a92
  27. 01 Mar, 2011 2 commits
    • ggaren@apple.com's avatar
      2011-03-01 Geoffrey Garen <ggaren@apple.com> · 2006beef
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Rolled back in r79627 now that the underlying cause for it crashing is fixed.
              https://bugs.webkit.org/show_bug.cgi?id=55159
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * runtime/Heap.cpp:
              (JSC::Heap::allocateSlowCase):
              * runtime/Heap.h:
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedSpace::sizeClassFor):
              (JSC::JSCell::Heap::allocate):
              (JSC::JSCell::JSCell::operator new):
              * runtime/MarkedBlock.h:
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h:
              (JSC::MarkedSpace::SizeClass::SizeClass):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80052 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2006beef
    • joepeck@webkit.org's avatar
      Viewport parsing no longer accepts "1.0;" value as valid. · b6b3e77f
      joepeck@webkit.org authored
      Reviewed by Kenneth Rohde Christiansen.
      
      LayoutTests:
      
          2011-02-23  Joseph Pecoraro  <joepeck@webkit.org>
      
                  Viewport parsing no longer accepts "1.0;" value as valid.
                  https://bugs.webkit.org/show_bug.cgi?id=53705
      
                  Add a new test to check viewport argument parsing of
                  value "123x456", which although not completely a number
                  should return the numeric prefix "123" as the value.
                  Note that this affects "semicolons as separators" even
                  though semicolons are not valid separators.
      
                  * fast/viewport/viewport-129.html: Added.
      
      Source/JavaScriptCore:
      
          2011-02-23  Joseph Pecoraro  <joepeck@webkit.org>
      
                  Viewport parsing no longer accepts "1.0;" value as valid.
                  https://bugs.webkit.org/show_bug.cgi?id=53705
      
                  Include a didReadNumber parameter to String -> float / double
                  conversion functions. This way, if the "ok" boolean out
                  parameter is false, you can check to see if there in fact
                  was a valid number parsed with garbage at the end. Examples
                  of that would be parsing "123x456" would have ok = false,
                  but didReadNumber = true.
      
                  * JavaScriptCore.exp:
                  * wtf/text/StringImpl.cpp:
                  (WTF::StringImpl::toDouble):
                  (WTF::StringImpl::toFloat):
                  * wtf/text/StringImpl.h:
                  * wtf/text/WTFString.cpp:
                  (WTF::String::toDouble):
                  (WTF::String::toFloat):
                  (WTF::charactersToDouble):
                  (WTF::charactersToFloat):
                  * wtf/text/WTFString.h:
      
      Source/WebCore:
      
          2011-02-23  Joseph Pecoraro  <joepeck@webkit.org>
      
                  Viewport parsing no longer accepts "1.0;" value as valid.
                  https://bugs.webkit.org/show_bug.cgi?id=53705
      
                  When parsing numeric values, the "css-viewport" spec says
                  to use the number prefix, and the non numeric part of the
                  string can be ignored. This matches our behavior before
                  r67376. The change was that checking the error out condition
                  of String::toFloat doesn't necessarily mean that there
                  was a non-numeric prefix. This patch checks if there was
                  or wasn't a non-numeric prefix.
      
                  There is a console warning in any case where a numeric
                  value is not parsed cleanly. There is an error warning
                  when it is not a number at all, and a tip warning when
                  it has been truncated.
      
                  Error messages are slightly improved to provide more
                  context, both the key and value, when an error happens.
      
                  Test: fast/viewport/viewport-129.html
      
                  * dom/ViewportArguments.cpp:
                  (WebCore::numericPrefix):
                  (WebCore::findSizeValue):
                  (WebCore::findScaleValue):
                  (WebCore::findUserScalableValue):
                  (WebCore::findTargetDensityDPIValue):
                  (WebCore::viewportErrorMessageTemplate):
                  (WebCore::viewportErrorMessageLevel):
                  (WebCore::reportViewportWarning):
                  * dom/ViewportArguments.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80012 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b6b3e77f
  28. 28 Feb, 2011 2 commits
    • barraclough@apple.com's avatar
      Bug 55423 - Clean up property tables in Structure · 96cad9f4
      barraclough@apple.com authored
      Reviewed by Sam Weinig & Darin Adler.
      
      Encapsulate, reduce duplication of table search code,
      and reduce the size of the tables (remove the index,
      just maintain the tables in the correct order).
      
      Shows a 0.5% - 1% progression on sunspider.
      
      ../JavaScriptCore: 
      
      * JavaScriptCore.exp:
      * runtime/PropertyMapHashTable.h:
      (JSC::isPowerOf2):
      (JSC::nextPowerOf2):
          bit ops used to calculate table size.
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (JSC::PropertyTable::ordered_iterator::operator++):
      (JSC::PropertyTable::ordered_iterator::operator==):
      (JSC::PropertyTable::ordered_iterator::operator!=):
      (JSC::PropertyTable::ordered_iterator::operator*):
      (JSC::PropertyTable::ordered_iterator::operator->):
      (JSC::PropertyTable::ordered_iterator::ordered_iterator):
          implementation of the iterator types
      (JSC::PropertyTable::PropertyTable):
      (JSC::PropertyTable::~PropertyTable):
          constructors take an initial capacity for the table,
          a table to copy, or both.
      (JSC::PropertyTable::begin):
      (JSC::PropertyTable::end):
          create in-order iterators.
      (JSC::PropertyTable::find):
          search the hash table
      (JSC::PropertyTable::add):
          add a value to the hash table
      (JSC::PropertyTable::remove):
          remove a value from the hash table
      (JSC::PropertyTable::size):
      (JSC::PropertyTable::isEmpty):
          accessors.
      (JSC::PropertyTable::propertyStorageSize):
      (JSC::PropertyTable::clearDeletedOffsets):
      (JSC::PropertyTable::hasDeletedOffset):
      (JSC::PropertyTable::getDeletedOffset):
      (JSC::PropertyTable::addDeletedOffset):
          cache deleted (available) offsets in the property storage array.
      (JSC::PropertyTable::copy):
          take a copy of the PropertyTable, potentially expanding the capacity.
      (JSC::PropertyTable::sizeInMemory):
          used for DEBUG build statistics
      (JSC::PropertyTable::reinsert):
      (JSC::PropertyTable::rehash):
      (JSC::PropertyTable::tableCapacity):
      (JSC::PropertyTable::deletedEntryIndex):
      (JSC::PropertyTable::skipDeletedEntries):
      (JSC::PropertyTable::table):
      (JSC::PropertyTable::usedCount):
      (JSC::PropertyTable::dataSize):
      (JSC::PropertyTable::sizeForCapacity):
      (JSC::PropertyTable::canInsert):
          these methods provide internal implementation.
      * runtime/Structure.cpp:
      (JSC::Structure::dumpStatistics):
      (JSC::Structure::~Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::copyPropertyTable):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::despecifyAllFunctions):
      (JSC::Structure::put):
      (JSC::Structure::remove):
      (JSC::Structure::createPropertyMap):
      (JSC::Structure::getPropertyNames):
      (JSC::PropertyTable::checkConsistency):
      (JSC::Structure::checkConsistency):
          factored out code to PropertyMapHashTable.h
      * runtime/Structure.h:
      (JSC::Structure::propertyStorageSize):
      (JSC::Structure::isEmpty):
      (JSC::Structure::get):
          factored out code to PropertyMapHashTable.h
      
      ../JavaScriptGlue: 
      
      * ForwardingHeaders/wtf/HashTable.h: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79963 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      96cad9f4
    • oliver@apple.com's avatar
      2011-02-28 Oliver Hunt <oliver@apple.com> · 97cdbd4c
      oliver@apple.com authored
              Reviewed by Gavin Barraclough.
      
              Make ScopeChainNode GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=55283
      
              Simplify lifetime and other issues with the scopechain
              by making it gc allocated.  This allows us to simplify
              function exit and unwinding, as well as making the
              current iterative refcounting go away.
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::createActivation):
              * bytecode/StructureStubInfo.cpp:
              * bytecompiler/BytecodeGenerator.cpp:
              (JSC::BytecodeGenerator::generate):
              (JSC::BytecodeGenerator::BytecodeGenerator):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
              (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
              * bytecompiler/BytecodeGenerator.h:
              * debugger/Debugger.cpp:
              (JSC::Recompiler::operator()):
              * debugger/DebuggerCallFrame.h:
              (JSC::DebuggerCallFrame::scopeChain):
              * interpreter/CachedCall.h:
              (JSC::CachedCall::CachedCall):
              * interpreter/CallFrame.h:
              * interpreter/Interpreter.cpp:
              (JSC::depth):
              (JSC::Interpreter::unwindCallFrame):
              (JSC::Interpreter::throwException):
              (JSC::Interpreter::execute):
              (JSC::Interpreter::executeCall):
              (JSC::Interpreter::executeConstruct):
              (JSC::Interpreter::privateExecute):
              * jit/JITCall.cpp:
              (JSC::JIT::compileOpCallInitializeCallFrame):
              (JSC::JIT::compileOpCall):
              * jit/JITCall32_64.cpp:
              (JSC::JIT::compileOpCallInitializeCallFrame):
              (JSC::JIT::emit_op_ret):
              (JSC::JIT::emit_op_ret_object_or_this):
              (JSC::JIT::compileOpCall):
              * jit/JITOpcodes.cpp:
              (JSC::JIT::emit_op_end):
              (JSC::JIT::emit_op_ret):
              (JSC::JIT::emit_op_ret_object_or_this):
              * jit/JITOpcodes32_64.cpp:
              (JSC::JIT::emit_op_end):
              * jit/JITStubs.cpp:
              (JSC::DEFINE_STUB_FUNCTION):
              * jit/JITStubs.h:
              * runtime/ArgList.cpp:
              * runtime/Completion.cpp:
              (JSC::evaluate):
              * runtime/Completion.h:
              * runtime/DateConversion.cpp:
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::compileInternal):
              (JSC::ProgramExecutable::compileInternal):
              (JSC::FunctionExecutable::compileForCallInternal):
              (JSC::FunctionExecutable::compileForConstructInternal):
              * runtime/FunctionConstructor.cpp:
              (JSC::constructFunction):
              * runtime/GCActivityCallbackCF.cpp:
              * runtime/Identifier.cpp:
              * runtime/JSCell.h:
              * runtime/JSChunk.cpp: Added.
              * runtime/JSChunk.h: Added.
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              (JSC::JSFunction::markChildren):
              (JSC::JSFunction::getCallData):
              (JSC::JSFunction::getOwnPropertySlot):
              (JSC::JSFunction::getConstructData):
              * runtime/JSFunction.h:
              (JSC::JSFunction::scope):
              (JSC::JSFunction::setScope):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              * runtime/JSGlobalData.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::init):
              (JSC::JSGlobalObject::markChildren):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
              (JSC::JSGlobalObject::globalScopeChain):
              * runtime/JSGlobalObjectFunctions.cpp:
              (JSC::globalFuncEval):
              * runtime/JSLock.cpp:
              * runtime/JSNumberCell.cpp:
              * runtime/JSZombie.cpp:
              * runtime/MarkedBlock.cpp:
              * runtime/MarkedSpace.cpp:
              * runtime/PropertyNameArray.cpp:
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::print):
              (JSC::ScopeChainNode::localDepth):
              (JSC::ScopeChainNode::markChildren):
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              (JSC::ScopeChainNode::createStructure):
              (JSC::ScopeChainNode::push):
              (JSC::ScopeChainNode::pop):
              (JSC::ScopeChainIterator::ScopeChainIterator):
              (JSC::ScopeChainIterator::operator*):
              (JSC::ScopeChainIterator::operator->):
              (JSC::ScopeChainIterator::operator++):
              (JSC::ScopeChainNode::begin):
              (JSC::ScopeChainNode::end):
              (JSC::ExecState::globalData):
              (JSC::ExecState::lexicalGlobalObject):
              (JSC::ExecState::globalThisValue):
              * runtime/ScopeChainMark.h:
              * wtf/DateMath.cpp:
      2011-02-28  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough.
      
              Make ScopeChainNode GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=55283
      
              Update WebCore to deal with the absence of the ScopeChain
              class.
      
              * ForwardingHeaders/runtime/ScopeChain.h: Added.
              * bindings/js/JSHTMLElementCustom.cpp:
              (WebCore::JSHTMLElement::pushEventHandlerScope):
              * bindings/js/JSJavaScriptCallFrameCustom.cpp:
              (WebCore::JSJavaScriptCallFrame::scopeChain):
              (WebCore::JSJavaScriptCallFrame::scopeType):
              * bindings/js/JSLazyEventListener.cpp:
              (WebCore::JSLazyEventListener::initializeJSFunction):
              * bindings/js/JSMainThreadExecState.h:
              (WebCore::JSMainThreadExecState::evaluate):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::JSNode::pushEventHandlerScope):
              * bindings/js/JavaScriptCallFrame.cpp:
              (WebCore::JavaScriptCallFrame::scopeChain):
              * bindings/js/JavaScriptCallFrame.h:
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/c/c_class.cpp:
              * bridge/c/c_runtime.cpp:
              * bridge/jni/JNIBridge.cpp:
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtConnectionObject::execute):
              * plugins/PluginViewNone.cpp:
      2011-02-28  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Gavin Barraclough.
      
              Make ScopeChainNode GC allocated
              https://bugs.webkit.org/show_bug.cgi?id=55283
      
              More updates for the absence of the ScopeChain class
      
              * WebView/WebScriptDebugDelegate.mm:
              (-[WebScriptCallFrame scopeChain]):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79904 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      97cdbd4c