Commit 8c10d800 authored by ossy@webkit.org's avatar ossy@webkit.org

Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt.

Make GC validation more aggressive
https://bugs.webkit.org/show_bug.cgi?id=60802

Source/JavaScriptCore:

* JavaScriptCore.exp:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.xcodeproj/project.pbxproj:
* debugger/DebuggerActivation.cpp:
(JSC::DebuggerActivation::visitChildren):
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::MarkedBlock):
* heap/MarkedSpace.cpp:
* runtime/Arguments.cpp:
(JSC::Arguments::visitChildren):
* runtime/Executable.cpp:
(JSC::EvalExecutable::visitChildren):
(JSC::ProgramExecutable::visitChildren):
(JSC::FunctionExecutable::visitChildren):
* runtime/Executable.h:
(JSC::ProgramExecutable::createStructure):
(JSC::FunctionExecutable::createStructure):
* runtime/GetterSetter.cpp:
(JSC::GetterSetter::visitChildren):
* runtime/GetterSetter.h:
(JSC::GetterSetter::createStructure):
* runtime/JSAPIValueWrapper.h:
(JSC::JSAPIValueWrapper::createStructure):
* runtime/JSActivation.cpp:
(JSC::JSActivation::visitChildren):
* runtime/JSArray.cpp:
(JSC::JSArray::visitChildren):
* runtime/JSCell.cpp:
* runtime/JSCell.h:
(JSC::JSCell::JSCell::JSCell):
* runtime/JSFunction.cpp:
(JSC::JSFunction::visitChildren):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::visitChildren):
* runtime/JSONObject.h:
(JSC::JSONObject::createStructure):
* runtime/JSObject.cpp:
(JSC::JSObject::visitChildren):
* runtime/JSPropertyNameIterator.cpp:
(JSC::JSPropertyNameIterator::visitChildren):
* runtime/JSPropertyNameIterator.h:
* runtime/JSStaticScopeObject.cpp:
(JSC::JSStaticScopeObject::visitChildren):
* runtime/JSString.h:
(JSC::RopeBuilder::createStructure):
* runtime/JSWrapperObject.cpp:
(JSC::JSWrapperObject::visitChildren):
* runtime/NativeErrorConstructor.cpp:
(JSC::NativeErrorConstructor::visitChildren):
* runtime/PropertyMapHashTable.h:
(JSC::PropertyMapEntry::PropertyMapEntry):
* runtime/RegExpObject.cpp:
(JSC::RegExpObject::visitChildren):
* runtime/ScopeChain.cpp:
(JSC::ScopeChainNode::visitChildren):
* runtime/ScopeChain.h:
(JSC::ScopeChainNode::ScopeChainNode):
* runtime/Structure.cpp:
(JSC::Structure::Structure):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::visitChildren):
* runtime/Structure.h:
(JSC::Structure::createStructure):
(JSC::JSCell::classInfo):
* runtime/StructureChain.cpp:
(JSC::StructureChain::visitChildren):
* runtime/StructureChain.h:
* runtime/WriteBarrier.h:
(JSC::WriteBarrierBase::set):
(JSC::WriteBarrierBase::get):
(JSC::WriteBarrierBase::operator*):
(JSC::WriteBarrierBase::operator->):
(JSC::WriteBarrier::WriteBarrier):
* wtf/Assertions.h:

Source/WebCore:

* bindings/js/JSAttrCustom.cpp:
(WebCore::JSAttr::visitChildren):
* bindings/js/JSAudioContextCustom.cpp:
(WebCore::JSAudioContext::visitChildren):
* bindings/js/JSCSSRuleCustom.cpp:
(WebCore::JSCSSRule::visitChildren):
* bindings/js/JSCSSStyleDeclarationCustom.cpp:
(WebCore::JSCSSStyleDeclaration::visitChildren):
* bindings/js/JSCanvasRenderingContextCustom.cpp:
(WebCore::JSCanvasRenderingContext::visitChildren):
* bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::visitChildren):
(WebCore::JSDOMGlobalObject::setInjectedScript):
* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::JSDOMWindow::visitChildren):
* bindings/js/JSDOMWindowShell.cpp:
(WebCore::JSDOMWindowShell::visitChildren):
* bindings/js/JSEventListener.cpp:
(WebCore::JSEventListener::JSEventListener):
* bindings/js/JSEventListener.h:
(WebCore::JSEventListener::jsFunction):
* bindings/js/JSJavaScriptAudioNodeCustom.cpp:
(WebCore::JSJavaScriptAudioNode::visitChildren):
* bindings/js/JSMessageChannelCustom.cpp:
(WebCore::JSMessageChannel::visitChildren):
* bindings/js/JSMessagePortCustom.cpp:
(WebCore::JSMessagePort::visitChildren):
* bindings/js/JSNamedNodeMapCustom.cpp:
(WebCore::JSNamedNodeMap::visitChildren):
* bindings/js/JSNodeCustom.cpp:
(WebCore::JSNode::visitChildren):
* bindings/js/JSNodeFilterCustom.cpp:
(WebCore::JSNodeFilter::visitChildren):
* bindings/js/JSNodeIteratorCustom.cpp:
(WebCore::JSNodeIterator::visitChildren):
* bindings/js/JSSVGElementInstanceCustom.cpp:
(WebCore::JSSVGElementInstance::visitChildren):
* bindings/js/JSSharedWorkerCustom.cpp:
(WebCore::JSSharedWorker::visitChildren):
* bindings/js/JSStyleSheetCustom.cpp:
(WebCore::JSStyleSheet::visitChildren):
* bindings/js/JSTreeWalkerCustom.cpp:
(WebCore::JSTreeWalker::visitChildren):
* bindings/js/JSWebGLRenderingContextCustom.cpp:
(WebCore::JSWebGLRenderingContext::visitChildren):
* bindings/js/JSWorkerContextCustom.cpp:
(WebCore::JSWorkerContext::visitChildren):
* bindings/js/JSXMLHttpRequestCustom.cpp:
(WebCore::JSXMLHttpRequest::visitChildren):
* bindings/js/JSXPathResultCustom.cpp:
(WebCore::JSXPathResult::visitChildren):
* bindings/scripts/CodeGeneratorJS.pm:

Source/WebKit2:

* WebProcess/Plugins/Netscape/JSNPObject.cpp:
(WebKit::JSNPObject::invalidate):
(WebKit::JSNPObject::callMethod):
(WebKit::JSNPObject::callObject):
(WebKit::JSNPObject::callConstructor):
(WebKit::JSNPObject::getCallData):
(WebKit::JSNPObject::getConstructData):
(WebKit::JSNPObject::getOwnPropertySlot):
(WebKit::JSNPObject::getOwnPropertyDescriptor):
(WebKit::JSNPObject::put):
(WebKit::JSNPObject::getOwnPropertyNames):
(WebKit::JSNPObject::propertyGetter):
(WebKit::JSNPObject::methodGetter):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86482 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 6bf2006b
2011-05-13 Oliver Hunt <oliver@apple.com>
2011-05-14 Csaba Osztrogonác <ossy@webkit.org>
Build fix.
Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt.
Make GC validation more aggressive
https://bugs.webkit.org/show_bug.cgi?id=60802
* JavaScriptCore.exp:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* JavaScriptCore.xcodeproj/project.pbxproj:
* debugger/DebuggerActivation.cpp:
(JSC::DebuggerActivation::visitChildren):
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::MarkedBlock):
* heap/MarkedSpace.cpp:
* runtime/Arguments.cpp:
(JSC::Arguments::visitChildren):
* runtime/Executable.cpp:
(JSC::EvalExecutable::visitChildren):
(JSC::ProgramExecutable::visitChildren):
(JSC::FunctionExecutable::visitChildren):
* runtime/Executable.h:
(JSC::ProgramExecutable::createStructure):
(JSC::FunctionExecutable::createStructure):
* runtime/GetterSetter.cpp:
(JSC::GetterSetter::visitChildren):
* runtime/GetterSetter.h:
(JSC::GetterSetter::createStructure):
* runtime/JSAPIValueWrapper.h:
(JSC::JSAPIValueWrapper::createStructure):
* runtime/JSActivation.cpp:
(JSC::JSActivation::visitChildren):
* runtime/JSArray.cpp:
(JSC::JSArray::visitChildren):
* runtime/JSCell.cpp:
* runtime/JSCell.h:
(JSC::JSCell::JSCell::JSCell):
* runtime/JSFunction.cpp:
(JSC::JSFunction::visitChildren):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::visitChildren):
* runtime/JSONObject.h:
(JSC::JSONObject::createStructure):
* runtime/JSObject.cpp:
(JSC::JSObject::visitChildren):
* runtime/JSPropertyNameIterator.cpp:
(JSC::JSPropertyNameIterator::visitChildren):
* runtime/JSPropertyNameIterator.h:
* runtime/JSStaticScopeObject.cpp:
(JSC::JSStaticScopeObject::visitChildren):
* runtime/JSString.h:
(JSC::RopeBuilder::createStructure):
* runtime/JSWrapperObject.cpp:
(JSC::JSWrapperObject::visitChildren):
* runtime/NativeErrorConstructor.cpp:
(JSC::NativeErrorConstructor::visitChildren):
* runtime/PropertyMapHashTable.h:
(JSC::PropertyMapEntry::PropertyMapEntry):
* runtime/RegExpObject.cpp:
(JSC::RegExpObject::visitChildren):
* runtime/ScopeChain.cpp:
(JSC::ScopeChainNode::visitChildren):
* runtime/ScopeChain.h:
(JSC::ScopeChainNode::ScopeChainNode):
* runtime/Structure.cpp:
(JSC::Structure::Structure):
(JSC::Structure::addPropertyTransition):
(JSC::Structure::visitChildren):
* runtime/Structure.h:
(JSC::Structure::createStructure):
(JSC::JSCell::classInfo):
* runtime/StructureChain.cpp:
(JSC::StructureChain::visitChildren):
* runtime/StructureChain.h:
* runtime/WriteBarrier.h:
(JSC::validateCell):
(JSC::JSCell):
(JSC::JSGlobalObject):
(JSC::WriteBarrierBase::set):
(JSC::WriteBarrierBase::get):
(JSC::WriteBarrierBase::operator*):
(JSC::WriteBarrierBase::operator->):
(JSC::WriteBarrier::WriteBarrier):
* wtf/Assertions.h:
2011-05-13 Oliver Hunt <oliver@apple.com>
......
......@@ -167,7 +167,6 @@ __ZN3JSC14JSGlobalObjectnwEmPNS_12JSGlobalDataE
__ZN3JSC14MachineThreads16addCurrentThreadEv
__ZN3JSC14SamplingThread4stopEv
__ZN3JSC14SamplingThread5startEj
__ZN3JSC14ScopeChainNode6s_infoE
__ZN3JSC14TimeoutChecker10didTimeOutEPNS_9ExecStateE
__ZN3JSC14TimeoutChecker5resetEv
__ZN3JSC14throwTypeErrorEPNS_9ExecStateE
......@@ -184,8 +183,6 @@ __ZN3JSC16JSVariableObject14deletePropertyEPNS_9ExecStateERKNS_10IdentifierE
__ZN3JSC16JSVariableObject14symbolTableGetERKNS_10IdentifierERNS_18PropertyDescriptorE
__ZN3JSC16JSVariableObject19getOwnPropertyNamesEPNS_9ExecStateERNS_17PropertyNameArrayENS_15EnumerationModeE
__ZN3JSC16createRangeErrorEPNS_9ExecStateERKNS_7UStringE
__ZN3JSC16slowValidateCellEPNS_14JSGlobalObjectE
__ZN3JSC16slowValidateCellEPNS_6JSCellE
__ZN3JSC16throwSyntaxErrorEPNS_9ExecStateE
__ZN3JSC17BytecodeGenerator21setDumpsGeneratedCodeEb
__ZN3JSC17PropertyNameArray3addEPN3WTF10StringImplE
......
......@@ -317,8 +317,6 @@ EXPORTS
?signal@ThreadCondition@WTF@@QAEXXZ
?size@Heap@JSC@@QBEIXZ
?slowAppend@MarkedArgumentBuffer@JSC@@AAEXVJSValue@2@@Z
?slowValidateCell@JSC@@YAXPAVJSCell@1@@Z
?slowValidateCell@JSC@@YAXPAVJSGlobalObject@1@@Z
?startProfiling@Profiler@JSC@@QAEXPAVExecState@2@ABVUString@2@@Z
?startSampling@JSGlobalData@JSC@@QAEXXZ
?stopProfiling@Profiler@JSC@@QAE?AV?$PassRefPtr@VProfile@JSC@@@WTF@@PAVExecState@2@ABVUString@2@@Z
......
......@@ -2700,7 +2700,6 @@
isa = PBXProject;
attributes = {
BuildIndependentTargetsInParallel = YES;
LastUpgradeCheck = 0420;
};
buildConfigurationList = 149C277108902AFE008A9EFC /* Build configuration list for PBXProject "JavaScriptCore" */;
compatibilityVersion = "Xcode 3.1";
......
......@@ -40,9 +40,6 @@ DebuggerActivation::DebuggerActivation(JSGlobalData& globalData, JSObject* activ
void DebuggerActivation::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
JSObject::visitChildren(visitor);
if (m_activation)
......
......@@ -60,7 +60,7 @@ MarkedBlock::MarkedBlock(const PageAllocationAligned& allocation, JSGlobalData*
Structure* dummyMarkableCellStructure = globalData->dummyMarkableCellStructure.get();
for (size_t i = firstAtom(); i < m_endAtom; i += m_atomsPerCell)
new (&atoms()[i]) JSCell(*globalData, dummyMarkableCellStructure, JSCell::CreatingEarlyCell);
new (&atoms()[i]) JSCell(*globalData, dummyMarkableCellStructure);
}
void MarkedBlock::sweep()
......
......@@ -21,7 +21,6 @@
#include "config.h"
#include "MarkedSpace.h"
#include "JSGlobalObject.h"
#include "JSCell.h"
#include "JSGlobalData.h"
#include "JSLock.h"
......
......@@ -45,9 +45,6 @@ Arguments::~Arguments()
void Arguments::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
JSObject::visitChildren(visitor);
if (d->registerArray)
......
......@@ -145,9 +145,6 @@ JSObject* EvalExecutable::compileInternal(ExecState* exec, ScopeChainNode* scope
void EvalExecutable::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
ScriptExecutable::visitChildren(visitor);
if (m_evalCodeBlock)
m_evalCodeBlock->visitAggregate(visitor);
......@@ -240,9 +237,6 @@ static bool tryDFGCompile(JSGlobalData* globalData, CodeBlock* codeBlock, JITCod
void ProgramExecutable::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
ScriptExecutable::visitChildren(visitor);
if (m_programCodeBlock)
m_programCodeBlock->visitAggregate(visitor);
......@@ -355,9 +349,6 @@ JSObject* FunctionExecutable::compileForConstructInternal(ExecState* exec, Scope
void FunctionExecutable::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
ScriptExecutable::visitChildren(visitor);
if (m_codeBlockForCall)
m_codeBlockForCall->visitAggregate(visitor);
......
......@@ -66,11 +66,10 @@ namespace JSC {
}
static Structure* createStructure(JSGlobalData& globalData, JSValue proto) { return Structure::create(globalData, proto, TypeInfo(CompoundType, StructureFlags), AnonymousSlotCount, &s_info); }
static const ClassInfo s_info;
protected:
static const unsigned StructureFlags = 0;
static const ClassInfo s_info;
int m_numParametersForCall;
int m_numParametersForConstruct;
......@@ -118,9 +117,7 @@ namespace JSC {
NativeFunction function() { return m_function; }
static Structure* createStructure(JSGlobalData& globalData, JSValue proto) { return Structure::create(globalData, proto, TypeInfo(LeafType, StructureFlags), AnonymousSlotCount, &s_info); }
static const ClassInfo s_info;
private:
#if ENABLE(JIT)
NativeExecutable(JSGlobalData& globalData, JITCode callThunk, NativeFunction function, JITCode constructThunk, NativeFunction constructor)
......@@ -146,6 +143,7 @@ namespace JSC {
// Probably should be a NativeConstructor, but this will currently require rewriting the JIT
// trampoline. It may be easier to make NativeFunction be passed 'this' as a part of the ArgList.
NativeFunction m_constructor;
static const ClassInfo s_info;
};
class ScriptExecutable : public ExecutableBase {
......@@ -238,10 +236,10 @@ namespace JSC {
{
return Structure::create(globalData, proto, TypeInfo(CompoundType, StructureFlags), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
private:
static const unsigned StructureFlags = OverridesVisitChildren | ScriptExecutable::StructureFlags;
static const ClassInfo s_info;
EvalExecutable(ExecState*, const SourceCode&, bool);
JSObject* compileInternal(ExecState*, ScopeChainNode*);
......@@ -288,11 +286,10 @@ namespace JSC {
{
return Structure::create(globalData, proto, TypeInfo(CompoundType, StructureFlags), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
private:
static const unsigned StructureFlags = OverridesVisitChildren | ScriptExecutable::StructureFlags;
static const ClassInfo s_info;
ProgramExecutable(ExecState*, const SourceCode&);
JSObject* compileInternal(ExecState*, ScopeChainNode*);
......@@ -385,8 +382,6 @@ namespace JSC {
{
return Structure::create(globalData, proto, TypeInfo(CompoundType, StructureFlags), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
private:
FunctionExecutable(JSGlobalData*, const Identifier& name, const SourceCode&, bool forceUsesArguments, FunctionParameters*, bool, int firstLine, int lastLine);
......@@ -396,6 +391,7 @@ namespace JSC {
JSObject* compileForConstructInternal(ExecState*, ScopeChainNode*);
static const unsigned StructureFlags = OverridesVisitChildren | ScriptExecutable::StructureFlags;
static const ClassInfo s_info;
unsigned m_numCapturedVariables : 31;
bool m_forceUsesArguments : 1;
......
......@@ -32,8 +32,6 @@ const ClassInfo GetterSetter::s_info = { "GetterSetter", 0, 0, 0 };
void GetterSetter::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
ASSERT(structure()->typeInfo().overridesVisitChildren());
JSCell::visitChildren(visitor);
if (m_getter)
......
......@@ -52,11 +52,9 @@ namespace JSC {
{
return Structure::create(globalData, prototype, TypeInfo(GetterSetterType, OverridesVisitChildren), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
private:
virtual bool isGetterSetter() const;
static const ClassInfo s_info;
WriteBarrier<JSObject> m_getter;
WriteBarrier<JSObject> m_setter;
......
......@@ -40,9 +40,8 @@ namespace JSC {
{
return Structure::create(globalData, prototype, TypeInfo(CompoundType, OverridesVisitChildren | OverridesGetPropertyNames), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
private:
JSAPIValueWrapper(ExecState* exec, JSValue value)
: JSCell(exec->globalData(), exec->globalData().apiWrapperStructure.get())
......@@ -50,6 +49,7 @@ namespace JSC {
m_value.set(exec->globalData(), this, value);
ASSERT(!value.isCell());
}
static const ClassInfo s_info;
WriteBarrier<Unknown> m_value;
};
......
......@@ -60,9 +60,6 @@ JSActivation::~JSActivation()
void JSActivation::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
Base::visitChildren(visitor);
// No need to mark our registers if they're still in the RegisterFile.
......
......@@ -859,9 +859,6 @@ void JSArray::unshiftCount(ExecState* exec, int count)
void JSArray::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
visitChildrenDirect(visitor);
}
......
......@@ -221,9 +221,4 @@ bool isZombie(const JSCell* cell)
#endif
}
void slowValidateCell(JSCell* cell)
{
ASSERT_GC_OBJECT_LOOKS_VALID(cell);
}
} // namespace JSC
......@@ -71,7 +71,6 @@ namespace JSC {
friend class ScopeChainNode;
friend class Structure;
friend class StructureChain;
enum CreatingEarlyCellTag { CreatingEarlyCell };
protected:
enum VPtrStealingHackType { VPtrStealingHack };
......@@ -79,7 +78,6 @@ namespace JSC {
private:
explicit JSCell(VPtrStealingHackType) { }
JSCell(JSGlobalData&, Structure*);
JSCell(JSGlobalData&, Structure*, CreatingEarlyCellTag);
virtual ~JSCell();
static const ClassInfo s_dummyCellInfo;
......@@ -150,10 +148,6 @@ namespace JSC {
return OBJECT_OFFSETOF(JSCell, m_structure);
}
#if ENABLE(GC_VALIDATION)
Structure* unvalidatedStructure() { return m_structure.unvalidatedGet(); }
#endif
protected:
static const unsigned AnonymousSlotCount = 0;
......@@ -168,15 +162,6 @@ namespace JSC {
inline JSCell::JSCell(JSGlobalData& globalData, Structure* structure)
: m_structure(globalData, this, structure)
{
ASSERT(m_structure);
}
inline JSCell::JSCell(JSGlobalData& globalData, Structure* structure, CreatingEarlyCellTag)
{
#if ENABLE(GC_VALIDATION)
if (structure)
#endif
m_structure.setEarlyValue(globalData, this, structure);
// Very first set of allocations won't have a real structure.
ASSERT(m_structure || !globalData.dummyMarkableCellStructure);
}
......
......@@ -135,9 +135,6 @@ const UString JSFunction::calculatedDisplayName(ExecState* exec)
void JSFunction::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
Base::visitChildren(visitor);
visitor.append(&m_scopeChain);
......
......@@ -310,9 +310,6 @@ void JSGlobalObject::resetPrototype(JSGlobalData& globalData, JSValue prototype)
void JSGlobalObject::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
JSVariableObject::visitChildren(visitor);
visitIfNeeded(visitor, &m_globalScopeChain);
......@@ -462,11 +459,4 @@ DynamicGlobalObjectScope::DynamicGlobalObjectScope(JSGlobalData& globalData, JSG
}
}
void slowValidateCell(JSGlobalObject* globalObject)
{
if (!globalObject->isGlobalObject())
CRASH();
ASSERT_GC_OBJECT_INHERITS(globalObject, &JSGlobalObject::s_info);
}
} // namespace JSC
......@@ -40,8 +40,6 @@ namespace JSC {
{
return Structure::create(globalData, prototype, TypeInfo(ObjectType, StructureFlags), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
protected:
static const unsigned StructureFlags = OverridesGetOwnPropertySlot | JSObject::StructureFlags;
......@@ -50,6 +48,7 @@ namespace JSC {
virtual bool getOwnPropertySlot(ExecState*, const Identifier&, PropertySlot&);
virtual bool getOwnPropertyDescriptor(ExecState*, const Identifier&, PropertyDescriptor&);
static const ClassInfo s_info;
};
UString JSONStringify(ExecState* exec, JSValue value, unsigned indent);
......
......@@ -70,7 +70,6 @@ static inline void getClassPropertyNames(ExecState* exec, const ClassInfo* class
void JSObject::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
#ifndef NDEBUG
bool wasCheckingForDefaultMarkViolation = visitor.m_isCheckingForDefaultMarkViolation;
visitor.m_isCheckingForDefaultMarkViolation = false;
......
......@@ -97,8 +97,6 @@ JSValue JSPropertyNameIterator::get(ExecState* exec, JSObject* base, size_t i)
void JSPropertyNameIterator::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
ASSERT(structure()->typeInfo().overridesVisitChildren());
visitor.appendValues(m_jsStrings.get(), m_jsStringsSize, MayContainNullValues);
if (m_cachedPrototypeChain)
visitor.append(&m_cachedPrototypeChain);
......
......@@ -75,10 +75,9 @@ namespace JSC {
void setCachedPrototypeChain(JSGlobalData& globalData, StructureChain* cachedPrototypeChain) { m_cachedPrototypeChain.set(globalData, this, cachedPrototypeChain); }
StructureChain* cachedPrototypeChain() { return m_cachedPrototypeChain.get(); }
static const ClassInfo s_info;
private:
static const ClassInfo s_info;
JSPropertyNameIterator(ExecState*, PropertyNameArrayData* propertyNameArrayData, size_t numCacheableSlot);
WriteBarrier<Structure> m_cachedStructure;
......
......@@ -34,9 +34,6 @@ ASSERT_CLASS_FITS_IN_CELL(JSStaticScopeObject);
void JSStaticScopeObject::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
JSVariableObject::visitChildren(visitor);
visitor.append(&m_registerStore);
}
......
......@@ -330,8 +330,6 @@ namespace JSC {
{
return Structure::create(globalData, proto, TypeInfo(StringType, OverridesGetOwnPropertySlot | NeedsThisConversion), AnonymousSlotCount, &s_info);
}
static const ClassInfo s_info;
private:
JSString(VPtrStealingHackType)
......@@ -339,6 +337,7 @@ namespace JSC {
, m_fiberCount(0)
{
}
static const ClassInfo s_info;
void resolveRope(ExecState*) const;
void resolveRopeSlowCase(ExecState*, UChar*) const;
......
......@@ -28,9 +28,6 @@ ASSERT_CLASS_FITS_IN_CELL(JSWrapperObject);
void JSWrapperObject::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
JSObject::visitChildren(visitor);
if (m_internalValue)
visitor.append(&m_internalValue);
......
......@@ -48,9 +48,6 @@ NativeErrorConstructor::NativeErrorConstructor(ExecState* exec, JSGlobalObject*
void NativeErrorConstructor::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
InternalFunction::visitChildren(visitor);
if (m_errorStructure)
visitor.append(&m_errorStructure);
......
......@@ -80,7 +80,7 @@ struct PropertyMapEntry {
: key(key)
, offset(offset)
, attributes(attributes)
, specificValue(globalData, owner, specificValue, WriteBarrier<JSCell>::MayBeNull)
, specificValue(globalData, owner, specificValue)
{
}
};
......
......@@ -74,9 +74,6 @@ RegExpObject::~RegExpObject()
void RegExpObject::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
Base::visitChildren(visitor);
if (UNLIKELY(!d->lastIndex.get().isInt32()))
visitor.append(&d->lastIndex);
......
......@@ -69,9 +69,6 @@ int ScopeChainNode::localDepth()
void ScopeChainNode::visitChildren(SlotVisitor& visitor)
{
ASSERT_GC_OBJECT_INHERITS(this, &s_info);
COMPILE_ASSERT(StructureFlags & OverridesVisitChildren, OverridesVisitChildrenWithoutSettingFlag);
ASSERT(structure()->typeInfo().overridesVisitChildren());
if (next)
visitor.append(&next);
visitor.append(&object);
......
......@@ -39,7 +39,7 @@ namespace JSC {
ScopeChainNode(ScopeChainNode* next, JSObject* object, JSGlobalData* globalData, JSGlobalObject* globalObject, JSObject* globalThis)
: JSCell(*globalData, globalData->scopeChainNodeStructure.get())
, globalData(globalData)
, next(*globalData, this, next, WriteBarrier<ScopeChainNode>::MayBeNull)
, next(*globalData, this, next)
, object(*globalData, this, object)
, globalObject(*globalData, this, globalObject)
, globalThis(*globalData, this, globalThis)
......@@ -68,10 +68,9 @@ namespace JSC {
static Structure* createStructure(JSGlobalData& globalData, JSValue proto) { return Structure::create(globalData, proto, TypeInfo(CompoundType, StructureFlags), AnonymousSlotCount, &s_info); }
virtual void visitChildren(SlotVisitor&);
static JS_EXPORTDATA const ClassInfo s_info;
private:
static const unsigned StructureFlags = OverridesVisitChildren;
static const ClassInfo s_info;
};
inline ScopeChainNode* ScopeChainNode::push(JSObject* o)
......
......@@ -206,7 +206,7 @@ Structure::Structure(JSGlobalData& globalData, JSValue prototype, const TypeInfo
const ClassInfo Structure::s_info = { "Structure", 0, 0, 0 };
Structure::Structure(JSGlobalData& globalData)
: JSCell(globalData, this, CreatingEarlyCell)
: JSCell(globalData, this)
, m_typeInfo(CompoundType, OverridesVisitChildren)
, m_prototype(globalData, this, jsNull())
, m_classInfo(&s_info)
......@@ -358,11 +358,11 @@ Structure* Structure::addPropertyTransition(JSGlobalData& globalData, Structure*
Structure* transition = create(globalData, structure);
transition->m_cachedPrototypeChain.setMayBeNull(globalData, transition, structure->m_cachedPrototypeChain.get());
transition->m_cachedPrototypeChain.set(globalData, transition, structure->m_cachedPrototypeChain.get());
transition->m_previous.set(globalData, transition, structure);
transition->m_nameInPrevious = propertyName.impl();
transition->m_attributesInPrevious = attributes;
transition->m_specificValueInPrevious.setMayBeNull(globalData, transition, specificValue);
transition->m_specificValueInPrevious.set(globalData, transition, specificValue);
if (structure->m_propertyTable) {
if (structure->m_isPinnedPropertyTable)
......@@ -779,8 +779,6 @@ void Structure::getPropertyNames(JSGlobalData& globalData, PropertyNameArray& pr